Wednesday, 2024-02-28

*** jph6 is now known as jph		00:21
opendevreview	Merged openstack/nova master: block_device: Add encryption attributes to swap disks https://review.opendev.org/c/openstack/nova/+/884312	00:41
opendevreview	Takashi Kajinami proposed openstack/nova master: Override new KeyManager interfaces https://review.opendev.org/c/openstack/nova/+/910459	02:18
opendevreview	Merged openstack/nova master: libvirt: Support maxphysaddr. https://review.opendev.org/c/openstack/nova/+/907516	06:18
opendevreview	Steven Blatzheim proposed openstack/nova master: fixed nova-metadata-api for ovn dhcp native networks https://review.opendev.org/c/openstack/nova/+/910466	06:26
opendevreview	Takashi Kajinami proposed openstack/nova master: Override new KeyManager interfaces https://review.opendev.org/c/openstack/nova/+/910459	07:00
tkajinam	o/ I'd like to ask for some attention to https://review.opendev.org/c/openstack/nova/+/896100 to unblock u-c update to pull in the new castellan release for Caracal.	07:10
tkajinam	(thanks stephenfin for that patch, by the way	07:13
opendevreview	Rajesh Tailor proposed openstack/nova master: Add support for showing requested az in output https://review.opendev.org/c/openstack/nova/+/904568	08:13
*** mklejn__ is now known as mklejn		08:15
opendevreview	ribaudr proposed openstack/nova master: Amend ShareMappingStatus due to asynchronous call https://review.opendev.org/c/openstack/nova/+/908864	08:22
opendevreview	ribaudr proposed openstack/nova master: Attach Manila shares via virtiofs (manila abstraction) https://review.opendev.org/c/openstack/nova/+/831194	08:22
opendevreview	ribaudr proposed openstack/nova master: Attach Manila shares via virtiofs (drivers and compute manager part) https://review.opendev.org/c/openstack/nova/+/833090	08:22
opendevreview	ribaudr proposed openstack/nova master: Mounting the shares as part of the initialization process https://review.opendev.org/c/openstack/nova/+/880075	08:23
opendevreview	ribaudr proposed openstack/nova master: Deletion of associated share mappings on instance deletion https://review.opendev.org/c/openstack/nova/+/881472	08:23
opendevreview	ribaudr proposed openstack/nova master: Add metadata for shares https://review.opendev.org/c/openstack/nova/+/850500	08:23
opendevreview	ribaudr proposed openstack/nova master: Add share_info parameter to reboot method for each driver (driver part) https://review.opendev.org/c/openstack/nova/+/854823	08:23
opendevreview	ribaudr proposed openstack/nova master: Support rebooting an instance with shares (compute manager part) https://review.opendev.org/c/openstack/nova/+/854824	08:23
opendevreview	ribaudr proposed openstack/nova master: Add share_info parameter to resume method for each driver (driver part) https://review.opendev.org/c/openstack/nova/+/860284	08:23
opendevreview	ribaudr proposed openstack/nova master: Support resuming an instance with shares (compute manager part) https://review.opendev.org/c/openstack/nova/+/860285	08:23
opendevreview	ribaudr proposed openstack/nova master: Add helper methods to rescue/unrescue shares https://review.opendev.org/c/openstack/nova/+/860286	08:23
opendevreview	ribaudr proposed openstack/nova master: Support rescuing an instance with shares (driver part) https://review.opendev.org/c/openstack/nova/+/860287	08:23
opendevreview	ribaudr proposed openstack/nova master: Support rescuing an instance with shares (compute manager part) https://review.opendev.org/c/openstack/nova/+/860288	08:23
opendevreview	ribaudr proposed openstack/nova master: Allow to mount manila share using Cephfs protocol https://review.opendev.org/c/openstack/nova/+/883862	08:23
opendevreview	ribaudr proposed openstack/nova master: Check shares support (compute manager) https://review.opendev.org/c/openstack/nova/+/885751	08:23
opendevreview	ribaudr proposed openstack/nova master: Add share lock/unlock and restrict visibility https://review.opendev.org/c/openstack/nova/+/890340	08:23
opendevreview	ribaudr proposed openstack/nova master: Check shares support (only API exception) https://review.opendev.org/c/openstack/nova/+/885752	08:23
opendevreview	ribaudr proposed openstack/nova master: Attach Manila shares via virtiofs (API) https://review.opendev.org/c/openstack/nova/+/836830	08:23
opendevreview	ribaudr proposed openstack/nova master: Check shares support (API) https://review.opendev.org/c/openstack/nova/+/850499	08:23
opendevreview	ribaudr proposed openstack/nova master: Add helper methods to attach/detach shares https://review.opendev.org/c/openstack/nova/+/885753	08:23
opendevreview	ribaudr proposed openstack/nova master: Add instance.share_attach notification https://review.opendev.org/c/openstack/nova/+/850501	08:23
opendevreview	ribaudr proposed openstack/nova master: Add instance.share_detach notification https://review.opendev.org/c/openstack/nova/+/851028	08:23
opendevreview	ribaudr proposed openstack/nova master: Add shares to InstancePayload https://review.opendev.org/c/openstack/nova/+/851029	08:23
opendevreview	ribaudr proposed openstack/nova master: Add instance.share_attach_error notification https://review.opendev.org/c/openstack/nova/+/860282	08:23
opendevreview	ribaudr proposed openstack/nova master: Add instance.share_detach_error notification https://review.opendev.org/c/openstack/nova/+/860283	08:23
opendevreview	ribaudr proposed openstack/nova master: Add libvirt test to ensure metadata are working. https://review.opendev.org/c/openstack/nova/+/852086	08:23
opendevreview	ribaudr proposed openstack/nova master: Add virt/libvirt error test cases https://review.opendev.org/c/openstack/nova/+/852087	08:23
opendevreview	ribaudr proposed openstack/nova master: Docs about Manila shares API usage https://review.opendev.org/c/openstack/nova/+/871642	08:23
Uggla	gibi, bauzas , new update of virtiofs ^ please note that I have not fully tested it yet with devstack. I'm gonna do it now. The doc may need a review as well. However this is a new round to show you the new code.	08:25
stblatzheim	Can someone have a look at https://bugs.launchpad.net/nova/+bug/2055245 ? I already posted a suitable solution for this behaviour.	08:36
bauzas	Uggla: ack, and thanks all for the fish :)	09:15
opendevreview	melanie witt proposed openstack/nova master: libvirt: Configure and teardown ephemeral encryption secrets https://review.opendev.org/c/openstack/nova/+/826754	09:20
opendevreview	melanie witt proposed openstack/nova master: imagebackend: Add support to libvirt_info for LUKS based encryption https://review.opendev.org/c/openstack/nova/+/826755	09:20
opendevreview	melanie witt proposed openstack/nova master: Add encryption support to convert_image https://review.opendev.org/c/openstack/nova/+/870934	09:20
opendevreview	melanie witt proposed openstack/nova master: Add hw_ephemeral_encryption_secret_uuid image property https://review.opendev.org/c/openstack/nova/+/870935	09:20
opendevreview	melanie witt proposed openstack/nova master: libvirt: make <encryption> a sub element of <source> https://review.opendev.org/c/openstack/nova/+/905515	09:20
opendevreview	melanie witt proposed openstack/nova master: Support create with ephemeral encryption for qcow2 https://review.opendev.org/c/openstack/nova/+/870932	09:20
opendevreview	melanie witt proposed openstack/nova master: Support (resize\|cold migration) with ephemeral encryption for qcow2 https://review.opendev.org/c/openstack/nova/+/870933	09:20
opendevreview	melanie witt proposed openstack/nova master: Support live migration with ephemeral encryption for qcow2 https://review.opendev.org/c/openstack/nova/+/905512	09:20
opendevreview	melanie witt proposed openstack/nova master: Support rebuild with ephemeral encryption for qcow2 https://review.opendev.org/c/openstack/nova/+/870939	09:20
opendevreview	melanie witt proposed openstack/nova master: Support rescue with ephemeral encryption for qcow2 https://review.opendev.org/c/openstack/nova/+/873675	09:20
opendevreview	melanie witt proposed openstack/nova master: Add encryption support to qemu-img rebase https://review.opendev.org/c/openstack/nova/+/870936	09:20
opendevreview	melanie witt proposed openstack/nova master: Support snapshot with ephemeral encryption for qcow2 https://review.opendev.org/c/openstack/nova/+/870937	09:20
opendevreview	melanie witt proposed openstack/nova master: Add backing_encryption_secret_uuid to BlockDeviceMapping https://review.opendev.org/c/openstack/nova/+/907960	09:20
opendevreview	melanie witt proposed openstack/nova master: Support encrypted backing files for qcow2 https://review.opendev.org/c/openstack/nova/+/907961	09:20
opendevreview	melanie witt proposed openstack/nova master: Support cross cell resize with ephemeral encryption for qcow2 https://review.opendev.org/c/openstack/nova/+/909595	09:20
opendevreview	melanie witt proposed openstack/nova master: libvirt: Introduce support for raw with LUKS https://review.opendev.org/c/openstack/nova/+/884313	09:20
opendevreview	melanie witt proposed openstack/nova master: libvirt: Introduce support for rbd with LUKS https://review.opendev.org/c/openstack/nova/+/889912	09:20
opendevreview	melanie witt proposed openstack/nova master: Report ephemeral disk encryption in the metadata API https://review.opendev.org/c/openstack/nova/+/909945	09:20
opendevreview	melanie witt proposed openstack/nova master: Deprecate legacy ephemeral storage encryption using dm-crypt https://review.opendev.org/c/openstack/nova/+/909947	09:20
opendevreview	melanie witt proposed openstack/nova master: Documentation for ephemeral encryption https://review.opendev.org/c/openstack/nova/+/910034	09:20
Uggla	bauzas, for the fish ? You lost me ?	09:26
bauzas	Uggla: no, just a famous H2G2 sentence :)	09:28
bauzas	so long and thanks all for the fish :)	09:29
bauzas	thanks for all the fish (btw.)	09:30
Uggla	Uggla, I was not on that page. :)	09:30
opendevreview	Steven Blatzheim proposed openstack/nova master: Fix nova-metadata-api for ovn dhcp native networks https://review.opendev.org/c/openstack/nova/+/910466	09:51
gibi	Uggla: ack, start looking...	09:52
Uggla	gibi, thx	09:52
opendevreview	Steven Blatzheim proposed openstack/nova master: Fix nova-metadata-api for ovn dhcp native networks https://review.opendev.org/c/openstack/nova/+/910466	09:53
opendevreview	Steven Blatzheim proposed openstack/nova master: Fix nova-metadata-api for ovn dhcp native networks https://review.opendev.org/c/openstack/nova/+/910466	09:59
Uggla	gibi, fyi https://review.opendev.org/c/openstack/openstacksdk/+/889519 is merged	10:02
Uggla	so no need to cherry pick it	10:02
opendevreview	Steven Blatzheim proposed openstack/nova master: fix indention https://review.opendev.org/c/openstack/nova/+/910479	10:24
opendevreview	Steven Blatzheim proposed openstack/nova master: Fix nova-metadata-api for ovn dhcp native networks https://review.opendev.org/c/openstack/nova/+/910466	10:29
opendevreview	Sylvain Bauza proposed openstack/nova master: Modify the mdevs in the migrate XML https://review.opendev.org/c/openstack/nova/+/904258	11:21
opendevreview	Sylvain Bauza proposed openstack/nova master: WIP: add a periodic check for migrations https://review.opendev.org/c/openstack/nova/+/909598	11:21
sean-k-mooney[m]	tkajinam: i had a look at the castellan pathch. i have +2’d it but form my perspective you missed the non-clinet lib freeze so im treating this as an expcetion because its small but i dont think its in line wiht our normal release process	11:36
sean-k-mooney[m]	bauzas: i was holding off on comeitng on the docs change because i didnt want you to repsin it but since you have im going to ask you to correct some other issues	11:38
frickler	sean-k-mooney[m]: the lib was released in time last week, it is just the reqs update that got stuck because of test failures. technically there's time for that until friday without an exception	11:56
sean-k-mooney[m]	frickler that not how i managed this when i was the release leasion for nova and i was asked ot get an excption in the past	11:57
sean-k-mooney[m]	for libs in the same situration	11:57
sean-k-mooney[m]	as i said im not blockign this but i dont really like late breakign chnages like this espcially when the lib in question could have added the new api witout breaking the existing users	11:58
stblatzheim	sean-k-mooney[m]: Regarding https://review.opendev.org/c/openstack/nova/+/910466 i don't get why this should be solved in neutron. It's just a changed behaviour which wasn't adapted in the decision making of dhcp in nova-api. Can you clarify this?	11:59
sean-k-mooney[m]	this should have been a castalan 5.0 bump not 4.4 by the way as its an api breakage	11:59
sean-k-mooney[m]	it should not have been a minor version bump	11:59
frickler	I don't want to defend that change, but I also note that the nova patch has gone unreviewed for 5 months or so	11:59
sean-k-mooney[m]	because its not additive	11:59
sean-k-mooney[m]	stblatzheim: this behavior should not vary based on the neutron backend	12:01
sean-k-mooney[m]	if the subnet has dhcp enabled in any form	12:01
sean-k-mooney[m]	the subnet should have a port with network:dhcp	12:02
stblatzheim	But then the whole decision making is not valid anymore. You could just get the enable_dhcp option and not search for any port with the tenant then	12:02
sean-k-mooney[m]	as the owner	12:02
stblatzheim	As there are no dedicated dhcp ports anymore this descision can't be done like this in ovn context	12:03
stblatzheim	Otherwise you would have to fake the device owner in neutron api	12:04
frickler	sean-k-mooney[m]: is "the subnet should have a port with network:dhcp" defined in some nova-neutron contract? or is that just the way it used to work with earlier backends?	12:04
sean-k-mooney[m]	no what im saying is neutron is not implementing the api correctly the ovn dhcp interface should be network:dhcp_port as the owner	12:04
frickler	but iiuc there is no specific interface for dhcp	12:05
sean-k-mooney[m]	frickler: that is the way its used in other backend so we should not be special casing for ovn	12:05
sean-k-mooney[m]	and if we are then thats reallly a feature not a bug	12:05
frickler	sean-k-mooney[m]: maybe nova relying on undocumented things is the bug	12:06
sean-k-mooney[m]	the implict contract is that the ip used for dhcp is held by a port with network:dhcp	12:06
sean-k-mooney[m]	or ovn doing it differntly is a bug	12:06
sean-k-mooney[m]	i dont like adding yet another fallback here	12:08
sean-k-mooney[m]	like if a diffent backend decided to use somethign difffent again we should not have to keep extiding nova for this	12:09
stblatzheim	The fallback to the gateway ip seems worse for me	12:09
stblatzheim	Why do we even need an ip in dhcp context?	12:09
sean-k-mooney[m]	well what is broekn for you now when dhcp is not in the metadata	12:11
stblatzheim	The instance get's a static configuration for the network interfaces instead of a dhcp configuration	12:11
sean-k-mooney[m]	oh you dont want static ips	12:12
stblatzheim	Thats why we use dhcp :) In the specific case we have vms that may get additional routes via dhcp	12:13
sean-k-mooney[m]	i would be ok with a nova change to the metadata to make this work based on if dhcpu is enabled and not based on finding a port ip for that server	12:13
sean-k-mooney[m]	like i think we should just be using subnet.get(‘enable_dhcp’) to set the type in the metadata to ipv4_dhcp	12:14
stblatzheim	Would be fine for me, do we even need a real ip in the dhcp_server field subnet_dict['dhcp_server']?	12:15
sean-k-mooney[m]	likely not but i am not sure you should be fixing this in _get_subnets_from_port	12:15
sean-k-mooney[m]	if you are trying to fix this for metadata i think a fix in the generatio would make more sense	12:16
stblatzheim	Let me just check. My first work on openstack code itself ...	12:17
sean-k-mooney[m]	https://github.com/openstack/nova/blob/7fa1859576ac577da89cb817f93b1c54d3a937ce/nova/virt/netutils.py#L168	12:23
sean-k-mooney[m]	my inclination is it should be adressed in ^ or related code	12:23
sean-k-mooney[m]	in either case we will need at least unit test coverage for this	12:23
sean-k-mooney[m]	stblatzheim: you should be fixing this here https://github.com/openstack/nova/blob/7fa1859576ac577da89cb817f93b1c54d3a937ce/nova/virt/netutils.py#L292	12:28
stblatzheim	I'll check if i find a suitable solution there.	12:29
sean-k-mooney[m]	you might be able to just check subnet.get_meta(enable_dhcp)	12:30
stblatzheim	I think there would be an additional change to make enable_dhcp available there	12:31
stblatzheim	But i'm sure i can make this	12:31
stblatzheim	subnet_dict (which is returned) is defined here: https://github.com/openstack/nova/blob/7fa1859576ac577da89cb817f93b1c54d3a937ce/nova/network/neutron.py#L3608 Would need to add the enable_dhcp conditionaly here also i suppose. Should i make a new review for this?	12:34
opendevreview	Pavlo Shchelokovskyy proposed openstack/nova master: Auto set heartbeat_in_pthread for wsgi services https://review.opendev.org/c/openstack/nova/+/909880	12:35
sean-k-mooney	stblatzheim adding the enable_dhcp there is fine	13:02
sean-k-mooney	stblatzheim: so yes feel free to update your exixting reivew	13:02
sean-k-mooney	so just add enable_dhcp there adn then make the if check for either enable_dhcp or dhcp_server	13:03
opendevreview	ribaudr proposed openstack/nova master: Allow to mount manila share using Cephfs protocol https://review.opendev.org/c/openstack/nova/+/883862	13:05
opendevreview	ribaudr proposed openstack/nova master: Check shares support (compute manager) https://review.opendev.org/c/openstack/nova/+/885751	13:05
opendevreview	ribaudr proposed openstack/nova master: Add share lock/unlock and restrict visibility https://review.opendev.org/c/openstack/nova/+/890340	13:05
opendevreview	ribaudr proposed openstack/nova master: Check shares support (only API exception) https://review.opendev.org/c/openstack/nova/+/885752	13:05
opendevreview	ribaudr proposed openstack/nova master: Attach Manila shares via virtiofs (API) https://review.opendev.org/c/openstack/nova/+/836830	13:05
opendevreview	ribaudr proposed openstack/nova master: Check shares support (API) https://review.opendev.org/c/openstack/nova/+/850499	13:05
opendevreview	ribaudr proposed openstack/nova master: Add helper methods to attach/detach shares https://review.opendev.org/c/openstack/nova/+/885753	13:05
opendevreview	ribaudr proposed openstack/nova master: Add instance.share_attach notification https://review.opendev.org/c/openstack/nova/+/850501	13:05
opendevreview	ribaudr proposed openstack/nova master: Add instance.share_detach notification https://review.opendev.org/c/openstack/nova/+/851028	13:05
opendevreview	ribaudr proposed openstack/nova master: Add shares to InstancePayload https://review.opendev.org/c/openstack/nova/+/851029	13:05
opendevreview	ribaudr proposed openstack/nova master: Add instance.share_attach_error notification https://review.opendev.org/c/openstack/nova/+/860282	13:05
opendevreview	ribaudr proposed openstack/nova master: Add instance.share_detach_error notification https://review.opendev.org/c/openstack/nova/+/860283	13:05
opendevreview	ribaudr proposed openstack/nova master: Add libvirt test to ensure metadata are working. https://review.opendev.org/c/openstack/nova/+/852086	13:05
opendevreview	ribaudr proposed openstack/nova master: Add virt/libvirt error test cases https://review.opendev.org/c/openstack/nova/+/852087	13:05
opendevreview	ribaudr proposed openstack/nova master: Docs about Manila shares API usage https://review.opendev.org/c/openstack/nova/+/871642	13:05
auniyal	hi melwitt, dansmith any ideas on this fail no test really failed but job failed with TIMEOUT - https://zuul.opendev.org/t/openstack/build/0e88ede030024fcbb16405750614fb2f	13:12
auniyal	do you think its a deployment issue ?	13:14
opendevreview	Steven Blatzheim proposed openstack/nova master: Fix nova-metadata-api for ovn dhcp native networks https://review.opendev.org/c/openstack/nova/+/910466	13:14
opendevreview	Steven Blatzheim proposed openstack/nova master: Fix nova-metadata-api for ovn dhcp native networks https://review.opendev.org/c/openstack/nova/+/910466	13:20
stblatzheim	sean-k-mooney: Updated the review like you suggested and reused existing unit test with the adaption of the new behaviour.	13:22
sean-k-mooney	stblatzheim: ack im in a meeting but ill take a look when done.	13:31
opendevreview	Pavlo Shchelokovskyy proposed openstack/nova master: Auto set heartbeat_in_pthread for wsgi services https://review.opendev.org/c/openstack/nova/+/909880	13:39
opendevreview	Konrad Gube proposed openstack/nova master: Use Cinder's os-extend_volume_completion volume action. https://review.opendev.org/c/openstack/nova/+/873560	13:57
opendevreview	Sylvain Bauza proposed openstack/nova master: Modify the mdevs in the migrate XML https://review.opendev.org/c/openstack/nova/+/904258	14:54
opendevreview	Sylvain Bauza proposed openstack/nova master: WIP: add a periodic check for migrations https://review.opendev.org/c/openstack/nova/+/909598	14:54
bauzas	sean-k-mooney: did a respin ^ was simplier	14:54
tkajinam	sean-k-mooney, I totally agree there are multiple things we can improve, but for this specific case tbvh this was out of our control from oslo side (at least it was out of my own control) because castellan is maintained between barbican and oslo and all the changes were merged by barbican side without any consultation to oslo side...	15:04
tkajinam	and they don't really care about anything they are not actually interested in. /me sighs	15:04
tkajinam	we probably should try creating a mid-cycle release of some oslo libraries to detect such problems early, so that we can more smoothly complete requirement bumps, instead of finding multiple problems at last minutes	15:07
sean-k-mooney	bauzas: thanks +2w on the non WIP patch	15:18
bauzas	tks	15:18
sean-k-mooney	ill review the perodic after you decdid it ready	15:18
bauzas	I need to test it	15:18
bauzas	not sure I'll have time until Friday	15:18
bauzas	ETOOMANYTHINGS	15:18
sean-k-mooney	tkajinam: or we just need to have something mroe visiable in our meetings ectra	15:19
sean-k-mooney	to ensure we have better comuncitation	15:19
sean-k-mooney	tkajinam: we have beenb usign a etherpad this cycle	15:19
sean-k-mooney	in past cycle wee used review priority	15:19
sean-k-mooney	so we just need a way to signal this work will be needed eiarlr so ti does not come as a surpise at the end.	15:20
tkajinam	I'll try	15:23
kgube	sean-k-mooney, bauzas: regarding yesterdays discussion of my patch, would it also be acceptable to just check for the supported cinder microversion in the code, so the patch is compatible with older cinderclient versions?	15:34
dansmith	sean-k-mooney: so I'm a bit confused about how this encryption stuff works with ceph	15:35
dansmith	sean-k-mooney: the key we're using to access a given disk is known really only to libvirt and qemu on the host, right? It's really qemu's integrated rbd client that's doing the luks on top, AFAK	15:36
dansmith	so what I don't understand is how something that does not know about those things do image operations like flatten when it doesn't know those details	15:36
dansmith	like, let's say we have an unencrypted base image, encrypted root disk on top. we haven't read or written block 10,	15:37
dansmith	we call librbd to flatten the image (detach from parent), we have to copy any un-CoW'd blocks into the detached disk to make it whole	15:38
dansmith	but we don't have the key, or even know that there's an encryption scheme going on in the child disk	15:38
dansmith	melwitt: ^ when you're around	15:50
mnaser	https://review.opendev.org/c/openstack/nova/+/909098 + https://review.opendev.org/c/openstack/nova/+/909541 is finally passing thanks	15:59
opendevreview	Steven Blatzheim proposed openstack/nova master: Fix nova-metadata-api for ovn dhcp native networks https://review.opendev.org/c/openstack/nova/+/910466	16:20
opendevreview	Steven Blatzheim proposed openstack/nova master: Fix nova-metadata-api for ovn dhcp native networks https://review.opendev.org/c/openstack/nova/+/910466	16:24
opendevreview	Merged openstack/nova master: enforce remote console shutdown https://review.opendev.org/c/openstack/nova/+/901824	16:33

Generated by irclog2html.py 2.17.3 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!