19:03:38 <fungi> #startmeeting infra
19:03:38 <openstack> Meeting started Tue Dec 15 19:03:38 2015 UTC and is due to finish in 60 minutes.  The chair is fungi. Information about MeetBot at http://wiki.debian.org/MeetBot.
19:03:39 <openstack> Useful Commands: #action #agreed #help #info #idea #link #topic #startvote.
19:03:41 <openstack> The meeting name has been set to 'infra'
19:03:42 <olaph> o/
19:03:47 <fungi> #link https://wiki.openstack.org/wiki/Meetings/InfraTeamMeeting#Agenda_for_next_meeting
19:03:58 <fungi> unlike last week, we have a very _light_ agenda, so we can take our time
19:04:10 <fungi> #topic Announcements
19:04:25 <fungi> #info Reminder: Gerrit 2.11 upgrade is tomorrow (Wednesday, December 16), starting at 17:00 UTC.
19:04:26 <ruagair> o/
19:04:41 <fungi> #link http://lists.openstack.org/pipermail/openstack-dev/2015-December/081037.html
19:05:02 <fungi> #topic Actions from last meeting
19:05:12 <fungi> #link http://eavesdrop.openstack.org/meetings/infra/2015/infra.2015-12-08-19.00.html
19:05:20 <fungi> #info DONE: jhesketh finalize infra-cloud sprint planning details on the infra ml
19:05:24 <nibalizer> ohai
19:05:27 <fungi> #link http://lists.openstack.org/pipermail/openstack-infra/2015-December/003554.html
19:05:34 <pleia2> thanks jhesketh
19:05:40 <fungi> #info DONE: fungi get gerrit maintenance included in thingee's dev digest
19:05:48 <fungi> #link http://lists.openstack.org/pipermail/openstack-dev/2015-December/082077.html
19:05:50 <jhesketh> pleia2: thanks to you too
19:05:54 <anteaya> yes nicely communicataed jhesketh
19:06:00 <fungi> #info DONE: nibalizer send follow-up gerrit maintenance reminder
19:06:07 <fungi> #link http://lists.openstack.org/pipermail/openstack-dev/2015-December/082247.html
19:06:21 <fungi> #info DONE: anteaya plan an infra virtual sprint for knowledge transfer and holiday festivity, friday, december 18th
19:06:28 <fungi> #link https://wiki.openstack.org/wiki/VirtualSprints#Infra_.22holiday_party.22_knowledge_transfer_virtual_sprint
19:06:35 <jeblair> o/
19:06:36 <fungi> #link https://etherpad.openstack.org/p/infra-holiday-party-2015
19:06:57 <fungi> all action items completed!
19:07:00 <fungi> #topic Specs approval
19:07:09 <fungi> #info APPROVED: Complete the reviewable release automation work
19:07:17 <fungi> #link http://specs.openstack.org/openstack-infra/infra-specs/specs/complete-reviewable-release-automation.html
19:07:32 <fungi> there are no new specs on the proposed list for this week
19:07:45 <fungi> at least not according to our agenda
19:07:48 <fungi> #topic Priority Efforts: Gerrit 2.11 Upgrade
19:07:57 <fungi> zaro: are we still in good shape for tomorrow?
19:08:04 <nibalizer> it sounds liket here will be a spec omming in the near term to host limesurvey
19:08:06 <zaro> #link https://etherpad.openstack.org/p/gerrit-2.11-upgrade
19:08:21 <zaro> yes, i believe so. nothing really new to report.
19:08:36 <fungi> any remaining blocking reviews we need to hurry and finish?
19:08:46 <zaro> i just pushed up a change to make cleanup a little easier, https://review.openstack.org/#/c/258088/
19:08:54 <fungi> and everything we identified to test on review-dev is in place?
19:08:55 <clarkb> I think we flushed out most of the review queue over the last few days
19:08:59 <zaro> nothing blockin the upgrade though.
19:09:02 <fungi> that was my impression as well
19:09:12 <fungi> #link https://review.openstack.org/258088
19:09:14 <fungi> awesome
19:09:33 <fungi> anybody hanging around with questions about the upgrade maintenance coming tomorrow?
19:09:47 <clarkb> for the actual process do we have volunteers?
19:09:50 <zaro> the javamelody plugin doesn't get automatically updated, but that's minor thing we can fix later
19:09:55 <clarkb> I have to pop out early afternoon but can be around in the morning
19:10:02 * ruagair is happy to help however he can.
19:10:07 <zaro> DavidO says he'll attend the party
19:10:09 <jeblair> i will be here
19:10:22 <anteaya> I'll be here, not sure what I can do besides answer questions in channel
19:10:29 <fungi> i'll be around the entire time and am happy to drive root-requiring tasks especially
19:10:31 <pleia2> I'll be around as well
19:10:32 <anteaya> I'm expected a flood of is gerrit down?
19:10:40 <pleia2> anteaya: yeah
19:10:48 <fungi> anteaya: yes, running interference in channel is probably helpful
19:10:49 <anteaya> so I can work on those
19:10:59 * anteaya will run interference
19:11:08 <fungi> do we want to use our incident channel to do actual maintenance coordination, so as to keep clear of the noise in our usual channel?
19:11:16 <AJaeger> anteaya: just say every five minutes "Yes, gerrit is down, see #topic" in a friendly way ;)
19:11:16 <anteaya> zaro: yay DavidO will be here!
19:11:20 <clarkb> sounds like we are well staffed
19:11:35 <pleia2> fungi: I think that makes sense
19:11:40 <jeblair> fungi: maybe a good idea?  i sort of suspect we'll end up there anyway eventually :)
19:11:43 <anteaya> AJaeger: only stays friendly the first few times
19:11:51 <fungi> jeblair: oh, so pessimistic!
19:11:51 <anteaya> AJaeger: you want to tag team? :)
19:12:04 <anteaya> yeah -incident is fine with me
19:12:20 <anteaya> I'll stay in -infra and monitor
19:12:21 <jeblair> fungi: i have no idea how you typo'd "real" that way
19:12:36 <AJaeger> anteaya: I might come an hour later, 17:00 UTC is dinner time here...
19:12:36 <fungi> bwahaha
19:12:51 <anteaya> AJaeger: happy to have your support whenever the time is right for you
19:13:36 <AJaeger> anteaya: ok, I try to be there...
19:13:46 <fungi> #agreed Gerrit upgrade maintenance coordination will happen in #openstack-infra-incident to keep the channel clear and improve efficacy
19:13:48 <anteaya> AJaeger: thanks, I'm grateful
19:13:50 * olaph can help run interference as well
19:14:04 <anteaya> olaph: wonderful, thank you olaph
19:14:06 <fungi> a reminder, for those who want to follow along but forget to /join the channel initially, it _is_ logged
19:14:11 <fungi> #link http://eavesdrop.openstack.org/irclogs/%23openstack-infra-incident/
19:14:17 <AJaeger> thanks, fungi!
19:14:51 <fungi> anything else we need to decide or questions we need to answer about the gerrit upgrade before we move on to the next topic?
19:15:18 <anteaya> I'm good
19:15:20 <mordred> o/
19:15:27 <jeblair> fungi: did you get your question answered about the project rename fixes?
19:15:29 <anteaya> hey mordred
19:15:42 <fungi> jeblair: yep, zaro worked the commands needed into the maintenance plan
19:15:45 <anteaya> fungi: I think they are in zaro db script
19:15:49 <jeblair> woot
19:15:50 <anteaya> 's
19:15:51 <fungi> and tested them as well
19:15:57 <mordred> The wifi, it is bad in far southern Quebec
19:16:01 <jeblair> ah.  fix_project_rename()
19:16:06 <fungi> with an updated sanitized dump of our production database
19:16:09 <anteaya> mordred: ah but the wine is good
19:16:46 <fungi> #topic Priority Efforts: maniphest migration
19:16:47 * jeblair watches morderd attempt to use wine instead of wifi to participate in the meeting
19:16:53 <fungi> ruagair said something in the agenda about a dev instance
19:17:05 <mordred> yah
19:17:14 <fungi> jeblair: i feel like i've seen that happen before too
19:17:17 <clarkb> ruagair: I saw a chnange go by last night that implied mod auth openid mostly just works (tm) ?
19:17:21 <ruagair> Yep, so I've sorted openID: People can start playing with a dev instance here: http://os03.mcwhirter.io/
19:17:22 <clarkb> ruagair: if so neat!
19:17:49 <ruagair> I'm currently generating unique usernames with a random string.
19:17:53 <fungi> #link http://os03.mcwhirter.io/
19:17:57 <jeblair> i have logged in!
19:17:59 <pleia2> nice
19:18:00 <ruagair> We'll need to consider if this is th ebes approach.
19:18:08 <yolanda> ruagair, cool
19:18:26 <clarkb> ruagair: for openstackid I think we can use the email addr and treat it as unique
19:18:31 <fungi> it's certainly _a_ way forward, so you're not blocked on the missing usernames question
19:18:33 <pleia2> woo, I'm 39oywejia82h1zzspxr8bsva
19:18:34 <clarkb> I want to say that is true of lp too
19:18:34 <anteaya> I can sign in
19:18:38 <ruagair> There's still more migration issues to be sorted but we need to start playing with it and considering what changes we need to make.
19:18:46 <pleia2> but I can log in :)
19:18:50 <jeblair> what's the usernames question?
19:18:52 <ruagair> Phab does not like that clarkb :-)
19:18:59 <clarkb> ruagair: huh interesting
19:19:00 <ruagair> That's where I started but it barfs.
19:19:11 <jeblair> (i am uludwh7i7wh5lqi5ed6epeq.)
19:19:13 <fungi> jeblair: storyboard did not have usernames, phabricator wants usernames, lp does not by default provide usernames
19:19:31 <pleia2> so you get your ip id token
19:19:31 <fungi> openstackid also does not have usernames
19:19:32 <ruagair> but you can change you uisername, so we could leave that up to people or scrape launchpad.
19:19:34 <pleia2> s/ip/lp
19:19:48 <clarkb> ruagair: is that something maybe we can patch?
19:19:48 <jeblair> where can you change your username?
19:19:57 <clarkb> liek is it just mad that there is an @ inthe username?
19:20:07 <fungi> i'd love to see openstackid grow a preferred username
19:20:08 <pleia2> jeblair: "change username" :)
19:20:27 <pleia2> jeblair: on the right hand side of the profile screen
19:20:27 <jeblair> pleia2: still not seeing it :(
19:20:34 <fungi> i should say, an option to fill in a preferred username
19:20:36 <clarkb> fungi: I just want to avoid adding on features to that service until it is standard compliant
19:20:42 <ruagair> Perhaps clarkb. I've not looked that deeply yet.
19:20:45 <pleia2> jeblair: click on the head at the top right of the screen
19:20:45 <jeblair> oh, it's a profile setting, not a setting setting.
19:20:46 <clarkb> fungi: since right now it doesn't really do openid :(
19:20:50 <pleia2> jeblair: yep!
19:20:52 <jeblair> pleia2: i clicked on the wrench.
19:20:57 <pleia2> ah :)
19:20:57 <ruagair> Yes, the '@' is th eissue clarkb
19:20:59 <fungi> clarkb: true, though we'll likely want usernames for wiki, gerrit, et cetera
19:21:21 <pleia2> fungi: good point
19:21:41 <Zara> do users have to be logged in to see tasks etc? (or is that just because this instance demos the auth?)
19:21:43 <persia> For purposes of unique, could one just s/@/a/ to create an identifying string (assuming we don't need to convert the other way)?
19:21:44 <clarkb> yup and email addrs change so are a bad unique identifier
19:21:51 <jeblair> is change username an admin priv?
19:21:54 <ruagair> and using LP because I can't use openstackID at present.
19:21:57 <jeblair> because the dialog is sort of written that way.
19:21:57 <mordred> ruagair: we can request a username from launchpad in the openid request, no?
19:22:01 <anteaya> persia: I don't see change username
19:22:03 <ruagair> It may be jeblair
19:22:05 <fungi> i mean, phab is the first thing we've tried to use it with that really wants a username, but other things we want to switch to openstackid will also need that
19:22:06 <anteaya> pleia2: ^^
19:22:16 <anteaya> persia: sorry wrong number, meant pleia2
19:22:23 <ruagair> I hope so mordred. I will be looking into that.
19:22:32 <clarkb> mordred: I would have to go and reread the spec but yes you can request differnet attributes
19:22:44 <ruagair> The random number was merely just to unbock usage.
19:22:48 <pleia2> anteaya: if you click on the head graphic on the top right it'll take you to a profile screen, profile screen has change username option in the menu on the right
19:22:49 <mordred> ruagair: ++
19:22:53 <clarkb> and mod auth openid lets you map an arbitrary attribute onto the username it passes to the app
19:23:02 <jeblair> jenkins requests username from lp
19:23:05 <anteaya> pleia2: not for me it doesn't
19:23:28 <pleia2> :\
19:23:35 <clarkb> jeblair: should be possible then
19:23:42 <ruagair> So far everyone who has been able to change names are admins, so that's clearly going to be an issue.
19:23:55 <jeblair> pleia2, ruagair: anteaya is not an administrator
19:23:56 <anteaya> pleia2: I have "Edit Profile", "Edit Profile Picture", "Flag For Later"
19:23:58 <pleia2> ah
19:24:06 <ruagair> Thanks clarkb. I'll follow up on that.
19:24:08 <jeblair> so i think that confirms the earlier supposition change username is only for admins
19:24:09 * AJaeger is neither an admin
19:24:12 <jeblair> anteaya is http://os03.mcwhirter.io/p/2ctl83esnfk2k41dmkf2vb7/
19:24:15 <fungi> ruagair: well, at any rate, it's a start, and has helped us to define one need without blocking on it
19:24:22 <anteaya> I am indeed
19:24:26 <pleia2> ruagair: nice work
19:24:51 <ruagair> Yep. That instance will remain up and stable so people can prod it and I'll be doing dev elsewhere.
19:25:02 <fungi> thanks ruagair!
19:25:04 <jeblair> do we need someone to ask for a username field in openstackid?
19:25:06 <anteaya> ruagair: thanks
19:25:07 <ruagair> I'm also going to need a spirit guide make getting this work into puppet./
19:25:24 <ruagair> and an English coach.
19:25:27 <clarkb> ruagair: opening a random bug that should have comments I don't see comments just the title and header stuff
19:25:36 <clarkb> not sure if that is known problem with migration
19:25:54 <yolanda> ruagair, i can give you a hand with puppet
19:25:58 <ruagair> I've not used Manufest yet clarkb, so I'll look into.
19:26:07 <ruagair> Thanksd yolanda.
19:26:17 <fungi> jeblair: yeah, and i'd prefer it not be me to ask since i've been dragging my heels on working through the openstackid platform upgrade so already probably on their list of not so favorite people
19:26:32 * fungi makes a note to up the priority on that
19:26:51 <clarkb> fungi: in fairness we semi stalled out on npm related things
19:26:56 <clarkb> because npm
19:27:37 <fungi> maybe if i hurry up and get openstackid.org onto ubuntu trusty then i can turn that around into a feature request for usernames ;)
19:27:54 <ruagair> I would rather use openstackid too.
19:28:13 <pabelanger> fungi: what is needed to do that?
19:28:44 <ruagair> I see review migrating comments clarkb. thanks for the heads up.
19:28:45 <fungi> pabelanger: the puppet-openstackid module needs to become smarter about installing the right things depending on whether it's precise or trusty
19:29:00 <pabelanger> fungi: I might be able to help with that
19:29:07 <fungi> so that we can confirm an openstackid-dev.openstack.org upgrade to trusty while leaving openstackid.org on precise temporarily
19:29:20 <fungi> pabelanger: great! get up with me after the meeting and i can point you at the current reviews
19:29:34 <pabelanger> fungi: ack
19:29:36 <jeblair> i bet the request 'add a username to openstackid' is going to explode in complexity -- because what's the point of at authn system storing a username and _not_ using it as the login identifier...
19:30:01 <jeblair> (probably needs to accept both username and email as identifiers at least)
19:30:12 <fungi> yeah, i can see it being nontrivial
19:30:24 <clarkb> actually hrm
19:30:26 <jeblair> any other field is just data, but this touches a lot
19:30:28 <clarkb> I think it may already do first.lastname
19:30:31 <clarkb> as your id
19:30:45 <mordred> yah - but that's going to be wonky when we migrate gerrit
19:30:52 <mordred> because my user id on gerrit is "mordred"
19:30:54 <mordred> not "monty.taylor"
19:31:01 <clarkb> right
19:31:07 <mordred> (actually, my id is 2 - my name is mordred)
19:31:09 <fungi> but, for example, mediawiki uses it to decide what to display for your edit citations and where your userpage lives, gerrit uses it to bootstrap non-openid authentication (rest, ssh)
19:31:33 <fungi> so they're not really using it as part of the openid authentication, just requesting it as additional details about the account they're creating for you
19:31:43 <mordred> I'd love to be able to claim a username in openstackid, as well as tell it what my IRC nick is
19:31:52 <pleia2> mordred: ++
19:31:59 <fungi> however it does need to be unique, or else you introduce new vulnerabilities in the consuming services
19:32:08 <mordred> so that we could conceivably write bots that query irc nick from openstaciid so that they can ping people by them
19:32:10 <mordred> but now I'm getting greedy
19:32:10 <clarkb> but the existing thing may work for ruagir once it does acutal openid
19:32:15 <pleia2> one of the benefits of launchpad is the irc nick field, I use it a lot when looking for people
19:32:16 <mordred> clarkb: ++
19:32:17 <clarkb> since it doesn't have an @ and is unique
19:32:17 <anteaya> I see many troubles if we don't allow for that, irc nick as username that is
19:32:20 <zaro> maybe wikimedia can help with migration? since they've probably already done it.
19:32:35 <fungi> pleia2: and also ssh keys and pgp keys
19:32:40 <pleia2> fungi: yeah
19:32:41 <clarkb> though I bet individuals could have a fullname of clark@ boylan
19:32:44 <clarkb> because lol
19:34:29 <fungi> okay, seems we've burned down this topic
19:34:37 <ruagair> Do you have an manifest task id for th etask that should have comments, clarkb? That would be useful to track.
19:34:45 <ruagair> Thanks everyone :-)
19:34:47 <clarkb> ruagair: http://os03.mcwhirter.io/T1010621
19:35:56 <fungi> zaro: mediawiki didn't migrate from storyboard to maniphest, they migrated from gerrit to phabricator
19:36:04 <ruagair> Got clarkb. Thanks.
19:36:11 <fungi> zaro: assuming that's the migration you're talking about
19:36:11 * persia is reminded of a discussion last year about a daemon that used nickserv to get an authentication countertoken from the data fields
19:36:20 <ruagair> I suspect the LP -> Maniphest will be much more graceful.
19:37:01 <fungi> #topic Holiday meeting schedule: Are we meeting on December 22nd and 29th? (pleia2)
19:37:06 <mordred> fungi: they did neither thing - they're still using gerrit - but iirc, they use LDAP auth on the backend or something
19:37:17 <fungi> mordred: oh, even more interesting
19:37:19 <pleia2> I'll be around both days, but a lot of teams have already rolled up the carpets for meetings in 2015
19:37:44 <fungi> i'm around both dates as well, and happy to chair a meeting if people want/see benefit in having one
19:37:44 * ruagair is around for the 22nd
19:37:52 <anteaya> I expect I'll be around those days, fine chatting in here if we have items, fine not chatting in here if we don't
19:38:13 * zaro is around both days
19:38:21 <fungi> how about we plan for informal meetings that may be entirely open discussion and/or end pretty quickly
19:38:30 <anteaya> wfm
19:38:30 <pabelanger> Likely around too
19:38:31 <jesusaurus> ++
19:38:36 <pleia2> fungi: should I still send out meeting announcements?
19:38:39 <jeblair> i probably won't be around for the 29 but will for 22.
19:39:05 <fungi> pleia2: entirely optional, but if you feel compelled to send announcements then that would still be perfectly accurate
19:39:13 <pleia2> ok, great
19:39:41 <fungi> if someone throws something on the agenda we can discuss, but we should also plan for the possibility of not having many people around to reach consensus on important opics at short notice
19:39:47 <fungi> topics too
19:40:02 <anteaya> fair
19:40:20 <mordred> I'm just going to say things to the empty channel and assume silence means assent
19:40:30 <fungi> mordred: don't you do that anyway
19:40:31 <fungi> ?
19:40:43 <mordred> yup
19:40:49 <anteaya> he is having trouble finding an empty channel these days
19:40:51 <mordred> that's why I'm certain that I'll do it then too
19:40:56 <fungi> heh
19:41:13 <clarkb> both days wfm
19:42:02 <nibalizer> i think i can make the 22nd and I can make the 29th
19:42:33 <pleia2> cool, sounds like we'll have pretty well populated meetings then
19:42:48 <yolanda> ++
19:43:13 <fungi> well then, without further ado, i give you...
19:43:15 <fungi> #topic Open discussion
19:43:44 <anteaya> so much time today
19:43:48 <fungi> don't all talk at once
19:43:57 <ianw> i can give a quick update on f23
19:44:02 <fungi> please!
19:44:08 <greghaynes> I have a bit on builders I'd like to mention, too
19:44:11 <greghaynes> but I will wait for ianw
19:44:28 * fungi was kidding, feel free to all talk at once if you want
19:44:29 <ianw> glean is almost working, i think all reviews there are processed
19:44:51 <ianw> there is one more dib workaround for a systemd feature -> https://review.openstack.org/#/c/257173/
19:45:10 <mordred> \o/
19:45:14 <ianw> but after that, i'm fairly sure they'll come up with networking ...
19:45:24 <ianw> that's in.  basically, in progress and close
19:45:28 <ianw> s/in/it
19:45:32 <mordred> fungi: I'm on bad network - but I can try an update on puppet apply
19:45:34 <greghaynes> The builders are cleaned up after the last round of reviews and I think they are ready to go. I would like to get some plan started on when/how we can do that...
19:45:37 <clarkb> ianw: have you been able to test the networking config in json thing?
19:45:44 <clarkb> ianw: if not thats fine, just curious
19:45:58 <mordred> fungi: there are two issues blocking moving fowrad - one is getting the inventory to use hostnames where possible instead of uuids so that our logs are readable
19:46:02 <ianw> clarkb: not live on rax, but faking it
19:46:05 <fungi> greghaynes: meaning the nodepool image build workers?
19:46:09 <greghaynes> fungi: yes
19:46:18 <mordred> fungi: I've gotten that change landed upstream ansible, now working on getting occ and shade support patches landed
19:46:27 <greghaynes> https://review.openstack.org/#/q/status:open+project:openstack-infra/nodepool+branch:master+topic:nodepool-workers,n,z
19:46:30 <greghaynes> for context
19:46:32 <mordred> so that should be done soon
19:46:36 <pabelanger> So, apache::vhost::custom landed in puppetlabs-apache today: https://github.com/puppetlabs/puppetlabs-apache/commit/b9f630a60811694916ecf8758103d4bca2ac6038 I've already gone ahead an update puppet-nodepool to use it: https://review.openstack.org/#/c/205596/
19:46:49 <fungi> mordred: oh cool--so it was outside bugs/missing features we were stuck on?
19:46:49 <pabelanger> so, we can start the process of porting to puppetlabs-apache
19:46:56 <mordred> the second is a mismatch in ansible and puppet groups - and for that I'm going to write a simple thing to exapand a yaml group expressions into generated static inventory files
19:47:09 <mordred> fungi: yah - well, 'outside' except I'm the author of that too :)
19:47:11 <mordred> fungi: but yes
19:47:19 <fungi> you're on the outside looking out
19:47:29 <mordred> yah
19:47:29 <clarkb> greghaynes: I may be able to do it tuesday ( a week from today)
19:47:39 <clarkb> with reviews happening again between now and then
19:47:46 <mordred> anywho - we're CLOSE - byt I still need to get the group expanded written and tested before we can finish throwing the switch
19:47:51 <clarkb> s/to do it/to help deploy it/
19:48:01 <greghaynes> clarkb: That works for me if it is earlier in the PST day
19:48:16 <greghaynes> Doesn't have to be crazy early, I just am occupied that evening
19:48:55 <fungi> i've picked the bindep stuff back up off the floor. working through getting a functional test of our fallback list which project-config and bindep can both gate on, implementation of that necessitated moving forward with solidifying the bindep use in our jobs a bit so some of that has already landed
19:49:03 <jesusaurus> I've split log_processor into its own project, and the new python project boilerplate could use some review: https://review.openstack.org/248868
19:49:48 <fungi> after fallback tests are running on relevant platforms (possibly voting for our required platforms and non-voting for optional platforms) i've got a couple alterations to bindep i want to finish so i can tag a 1.0.0 release
19:50:14 <yolanda> from infra cloud, not much progress on our side this week. We've been fixing several problems with bifrost and dhcp, and some problem on glean and hostnames.
19:50:56 <fungi> yolanda: that sounds like progress to me. saw at least one related change fly by in channel earlier and some discussion
19:51:41 <pabelanger> fungi: do you have any updates about the trystack.org SSL certs? or what needs to be done to help move that along?
19:51:52 <pabelanger> have some people ping me about that internally
19:52:02 <yolanda> fungi, well yes, slow but solid progress :)
19:53:10 <jeblair> i'm making progress on the fairly radical config changes for zuulv3
19:53:20 <anteaya> jeblair: yay
19:53:43 * mordred hands jeblair a cookie
19:53:50 <fungi> pabelanger: i meant to look into replacing our certs with an account at startssl.com which seems like the least expensive way out, though increasing complexity of the openstack_project::static class is another option
19:54:22 <fungi> pabelanger: the current maintainers of the trystack.org server aren't keen on maintaining a redirect for a little while?
19:54:22 <mordred> yolanda: oh - I might need your help to track down an issue with an occ patch and bifrost
19:54:23 <jeblair> i think if someone wanted to start on the nodepool side of things, that can probably proceed in parallel, but it's not super urgent
19:54:33 <yolanda> mordred sure
19:54:40 <yolanda> what's going on?
19:54:46 <mordred> jeblair: I'd like to hack on the nodepool side of things
19:54:49 <ruagair> What about Let's Encrypt certs fungi?
19:54:59 * ruagair has been using those for a few weeks, quite happily.
19:55:07 <fungi> ruagair: that discussion would take a lot more than 5 minutes
19:55:14 <ruagair> Fair enough :-)
19:55:16 <jeblair> mordred: ooh
19:55:28 <mordred> yolanda: this https://review.openstack.org/#/c/254399/ causes things to blow up for TheJulia and I haven't gotten a chance to diagnose yet
19:55:30 <jeblair> fungi: can you tell us why it would take longer than 5 minutes in less than 5 minutes? ;)
19:55:38 <clarkb> can we get image builders in before we add any more featuers to nodepool?
19:55:42 <fungi> ruagair: philosophical objections to letsencrypt aside, i haven't seen much discussion yet about how to handle the automated cert rotation
19:55:42 <mordred> jeblair: but I cannot start thinking about it in earnest until next week
19:55:58 <jeblair> clarkb: yeah, i think we all agree image builders go in first
19:56:04 <mordred> clarkb: I'd like to get image builders in and the shade patch landed, actually
19:56:10 <pleia2> it's also technically still in beta, which I'm not sure we want to rely upon for our production infrastructure
19:56:20 <clarkb> ok, just making sure we don't add more rebase churn to it
19:56:25 <mordred> because juggling two sets of cloud interaction codebase is not awesome
19:56:34 <mordred> clarkb: ++
19:56:38 <pabelanger> fungi: Ya, I've been trying to figure out a good approach for that too.  Don't like doing crontab
19:56:48 <yolanda> mordred, i can take a look
19:56:49 <ruagair> Yes, that's an additional complication to be considered fungi.
19:57:13 <fungi> ruagair: especially how to make it robust against failure to update/rotate
19:57:26 <mordred> yolanda: thanks! the last error she showed was unrelated, so I'm worried something else is broken in master of occ that we're not testing right that will break bifrost if we release
19:57:35 <mordred> but I just don't know
19:57:46 <fungi> we don't want to rely on cert replacement automation which could cause critical services to grow new failure modes
19:58:08 <ruagair> Wher's your sense of adventure ;-)
19:58:46 <fungi> left it in my other pants
19:58:59 <ruagair> That's a safe place.
19:59:49 <yolanda> mordred, yep, region doesn't seem to be related
19:59:56 <fungi> okay, well, we're out of time now--thanks everyone!
19:59:59 <fungi> #endmeeting