19:01:47 #startmeeting infra 19:01:48 Meeting started Tue Jul 31 19:01:47 2018 UTC and is due to finish in 60 minutes. The chair is clarkb. Information about MeetBot at http://wiki.debian.org/MeetBot. 19:01:49 Useful Commands: #action #agreed #help #info #idea #link #topic #startvote. 19:01:52 The meeting name has been set to 'infra' 19:02:00 #link https://wiki.openstack.org/wiki/Meetings/InfraTeamMeeting#Agenda_for_next_meeting 19:02:15 I trimmed items off the agenda that I think were just leftovers from last week. 19:02:26 mmm. leftovers are tasty 19:02:36 #topic Announcements 19:03:39 There are just over 4 hours left to submit nominations for PTL positions. I have done so for the Infra PTL spot, but others should feel free to if they want as well. Or for any othe rproject 19:04:29 #topic Actions from last meeting 19:04:41 #link http://eavesdrop.openstack.org/meetings/infra/2018/infra.2018-07-24-19.01.txt Minutes from last meeting 19:05:18 It doesn't look like we reupped the letsencypt and ansible config management base actions last meeting however it appears that progress has been made on both 19:05:48 ianw has letsencrypt on the agenda for later, mordred anything you want to say about the ansible config management stuff? 19:06:07 #link https://review.openstack.org/587540 Base server configuration using ansible 19:06:16 I'm working on spinning up a new puppetmaster/bastion host without puppet at the moment 19:07:13 working hostname "bridge.openstack.org" - but currently it's just a pile of fail 19:07:34 something about python2 not being on base images anymore :) 19:07:55 yeah. and the python3 on puppetmaster is python 3.4 19:08:14 and complications and wailing and gnashing of teeth - but it's getting somewhere :) 19:08:22 what's the conflict? 19:08:38 corvus: we run python2 code in bootstrapping scripts, just need to port to 3 I think 19:08:40 like, what thing doesn't work under py3? 19:08:47 oh i see 19:08:52 oh - well, the launch-node scripts are very un-py3 compat 19:09:05 oh so that, and things like the swap stuff from earlier. got it. 19:09:05 but yeah - I'm hammering on that a bit right now 19:09:11 yah 19:09:17 nothing substantive 19:09:23 but yes progress in any case. Thank you ianw and mordred for pushing on those items 19:09:26 just a bunch of moles to whack 19:09:33 corvus: yup 19:09:53 TypeError: write() argument must be str, not bytes 19:09:55 YAY! 19:10:05 I think I will skip specs approval today as ianw has the specs I wanted to talk about listed later in the agenda. 19:10:23 #topic Priority Efforts 19:10:41 #topic Update Config Management 19:11:04 #link https://review.openstack.org/585514 Make Update Config Management a priority effort (officially) 19:11:32 There hasn't been any disagreement on ^ yet I'll probably give it the rest of the day before approving it assuming no one shows up to disagree 19:12:08 I'm also going to continue to approve changes to run more puppet under the future puppet 4 parser today as soon as the meeting is done 19:12:17 ++ 19:12:18 trying to keep that moving while cmurphy|vacation is on vacation 19:12:26 and mordred is pushing things from the ansible side 19:12:54 mordred: anything else worth bringing up here before we move on to storyboard? 19:13:00 not a thing 19:13:28 #topic Storyboard 19:14:01 I'll admit I wasn't able to follow Storyboard too closely over the last week. OpenStack feature freeze rush and keeping zuul and clouds happy and fed consumed the bulk of my time 19:14:17 Looks like we are continuing to get feedback from new (potential) users which is useful 19:15:27 #topic General Topics 19:15:43 ianw: want to start with Read the Docs? 19:15:56 sure 19:16:14 a review request for https://review.openstack.org/#/c/583449/ 19:16:17 oh, to recap 19:16:37 #link https://review.openstack.org/#/c/583449/ -- initial job 19:16:48 their api changed from "anyone POST to this URL" to rebuild docs, to requiring the project to create a webhook endpoint and authenticate 19:16:54 #link https://review.openstack.org/583834 -- swaps template to new job 19:17:06 so my question is 19:17:42 for the swapping of the template -- that's a breaking change. projects need to manually add openstack infra user to their project, and provide a unique id in their project 19:18:08 are we ok with notifying via openstack-dev and then making that change, or 19:18:33 i could make a totally new thing that people need to opt in to. the only problem is, their existing publishing is broken anyway 19:18:57 <+SP9002_@efnet> so, he wants the win. so we're just gonna get lunch or something, then hes gonna push me to the ground and tap my ass with his foot so he can claim he "kicked my ass" tbh im going along with it becase I dont wanna lose any teeth 19:19:00 considering that the existing jobs don't work anyway I think it is probably fine to swap out the template which won't work until projects make updates 19:19:16 they wll continue to be broken but hvae an easy path to be unbroken 19:19:19 yah 19:19:21 I agree with that 19:19:45 these changes also rely on the new project level vars in zuul? we need to make sure that lands and is deployed? or did that happen with the recent restart? 19:19:57 is the ID going to be the same? 19:19:59 for all projects? 19:20:06 that should have happened just recently. i think 583449 will be the first thing to test it 19:20:33 pabelanger: no, AFAICT, even time you create a webhook endpoint, you get an increasing ID integer as the last part of the URL 19:20:34 ianw: the recent 3.2.0 release of zuul is what we deployed so if the change is included in that we are set 19:20:44 yeah it's in production 19:20:50 ianw: boo 19:21:35 I think we should probably send an email explaining what projects need to set up on their end to make this work then make the switch 19:21:36 pabelanger: anyway, projects need to add openstackci as an admin user, which I can't do for them (or, write their own jobs, if they don't want to do that) 19:22:02 yes, will do. just wanted to note because i'm sure it will come up in review it's breaking change. /eot thanks :) 19:22:03 possibly test it all with a willing test subject first 19:22:23 Next on the list was the letsencrypt spec 19:22:24 yep gerrit-dash-creator is a good low impact tester 19:22:35 #link https://review.openstack.org/#/c/587283/ Letsencrypt spec 19:22:35 i like the idea of breaking it, testing it, then just sending out one email saying "here's how to fix this" 19:22:44 corvus: ++ 19:22:47 ianw, clarkb: pbrx would be more than happy to be a willing test subject for rtd 19:23:28 on letsencrypt spec ... really just an FYI 19:23:39 <+SP9002_@efnet> so, he wants the win. so we're just gonna get lunch or something, then hes gonna push me to the ground and tap my ass with his foot so he can claim he "kicked my ass" tbh im going along with it becase I dont wanna lose any teeth 19:23:39 With our IRC ad service you can reach a global audience of entrepreneurs and fentanyl addicts with extraordinary engagement rates! https://williampitcock.com/ 19:23:45 i went through a bunch of previous discussions in meetings and some irc logs 19:23:53 and tried to distill it into the spec 19:24:15 i fiddled with DNS based updates with RAX but I don't think it's right, per the spec 19:24:43 so i've proposed a "proxy well-known value URL to central host model" for reasons outlined also in the spec 19:25:00 (the whole *.openstack.org thing makes me think we need a new domain yesterday) 19:26:10 corvus: ++ fwiw I pinged jbryce yesterday and am told a followup is still imminent :/ 19:26:25 *followup on the renaming/domain stuff 19:26:27 the proxy dv thing is interesting 19:28:21 i guess the question is whether we think we need the keys stored centrally, or if we're okay just regenerating them? 19:28:38 corvus: regenerating them on individual service nodes you mean? 19:28:54 I kind of like the simplicity and redundancy of that, but haven't yet read through the proposal in the spec 19:28:55 yeah 19:29:54 the other thing to consider is how this affects our ability to deploy foo-server02 after foo-server01 for foo-service.o.o (or similar) 19:30:16 I think ianw's proposal may be designed to handle ^ a bit directly but centrally managing the cert management 19:30:26 i suspect the dv proxy wins that one 19:30:28 anyway we can followup on the spec in review 19:30:52 yep, there are *plenty* of options :) thanks 19:31:00 ianw: ^ other than gathering feedback via review anything we should be on the lookout for on this topic? 19:31:18 nope, was just to notify it was out there :) 19:31:55 ok lets keep going then and loop back around using gerrit 19:32:06 #link https://review.openstack.org/563849 third party CI spec 19:32:32 Looks like this was updated incorporating feedback 19:33:17 ianw: is the big question now whether we want to set something in stone or hold off unitl we learn more about ansible + containers? 19:33:27 mordred: pabelanger ^ you probably have thoughts on this 19:33:45 <+SP9002_@efnet> so, he wants the win. so we're just gonna get lunch or something, then hes gonna push me to the ground and tap my ass with his foot so he can claim he "kicked my ass" tbh im going along with it becase I dont wanna lose any teeth 19:33:45 With our IRC ad service you can reach a global audience of entrepreneurs and fentanyl addicts with extraordinary engagement rates! https://williampitcock.com/ 19:33:57 i think it does boil down to that 19:34:20 it seemed like windmill was getting some consensus 19:34:36 <+SP9002_@efnet> so, he wants the win. so we're just gonna get lunch or something, then hes gonna push me to the ground and tap my ass with his foot so he can claim he "kicked my ass" tbh im going along with it becase I dont wanna lose any teeth 19:34:41 yeah - my hunch is that windmill with container support is probably the nicest thing 19:34:44 but that had/has an incomplete container story 19:35:05 pabelanger: is container support in windmill in scope? (re mordreds ideal) 19:35:45 (not pabelanger but in the spec review comments it was expressed it was) 19:35:54 clarkb: yup, plan to add it 19:36:07 does virtualenv today, so don't see it being hard to do docker things 19:36:40 in that case can we sort of hand wave around that as something windmill would abstract for us and suggest windmill as a tool? 19:36:51 has anyone asked for feedback from anyone currently running a ci? 19:37:14 anteaya: I blieve many of the comments incorporated into most recent patchset came from people running third party CIs 19:37:24 wonderful 19:37:37 at least one individual 19:37:56 oh 19:38:26 ianw: I think I would be comfortable pushing towards windmill knowing that it will grow desired features as well as being useable as an option today 19:38:37 ++ 19:39:10 ianw: if that seems reasonable do you think we should put this spec up for approval next week? 19:39:37 ok, well i can re-write the spec to reflect that 19:39:57 clarkb: maybe let me rewrite, and we can get a few reviews and then discuss approval? 19:40:08 ianw: ++ would be good if javier can rerevie as well 19:40:25 looks like javier has been reviewing it so I expect that will happen 19:41:46 The last General agenda item we have is project renaming 19:42:09 A couple weeks ago we discussed doing renames on August 3rd at 1600UTC. I ran that by smcginnis and the release team seemed to be happy with it 19:42:55 fungi has volunteered to help and assuming he confirms he can still do it on the 3rd (he returns tomorrow) are we happy to continue with renames on friday? I expect I will drive the process 19:43:51 sounds good to me, i should be around to support 19:44:19 ok I'll announce it to the -dev list tomorrow once fungi confirms 19:44:25 The total downtime should be very short right? 19:44:44 I expect just the ~5 minutes it takes gerrit to restart as well as a minute or two to update db and disk contents 19:45:02 and Zuul should handle it fairly gracefully at this point 19:45:15 it is a lot more forgiving about broken configs should we end up in a spot with them 19:45:49 I'll follow up with the projects and write out a etherpad with a plan tomorrow as well 19:46:08 #topic Open Discussion 19:46:13 yep. and as long as the projects aren't, say, "nova", the "damage" from any broken configs should be limited. 19:46:29 "++" 19:46:48 corvus: yup chef and api-wg to api-sig should be easy (because api-wg isn't cross testing with people and because scas is around and involved to work through chef things) 19:47:01 and now we have ~14 minutes for any other topics we would like to bring up 19:47:05 mordred: "\"indeed\"" 19:47:46 i'm probably a day or two away from having swift logs ready for actual consideration (knock on wood) 19:48:05 My parents are visiting during the Month of august. Rather than take a summe rvacation and go somewhere I'm going to instead try to be flexible and spend time with them and family. TL;DR my scheduling may be weird next month 19:48:15 corvus: '"\"this\"" could get "\"silly\""' 19:48:16 o/ 19:48:23 corvus: this is quite exciting 19:48:26 here's the latest test: https://object-storage-ca-ymq-1.vexxhost.net/swift/v1/86bbbcfa8ad043109d2d7af530225c72/logs_78/587178/1/check/tox-py35/014bc85/ 19:48:27 corvus: ++ 19:48:42 <+SP9002_@efnet> so, he wants the win. so we're just gonna get lunch or something, then hes gonna push me to the ground and tap my ass with his foot so he can claim he "kicked my ass" tbh im going along with it becase I dont wanna lose any teeth 19:48:42 With our IRC ad service you can reach a global audience of entrepreneurs and fentanyl addicts with extraordinary engagement rates! https://williampitcock.com/ 19:49:05 scas: I'll try to follow up with you tomorrow sometime on the renaming stuff and make sure we are all set to do that on friday 19:49:33 clarkb: sounds good 19:51:03 Next week it may be good to start thinking about PTG planning 19:51:15 something to keep in mind as we work thorugh the config management updates 19:52:09 also assuming the weather is good I'll probably go the easy route and suggest we go back to that beer garden next to the air museum for team dinner thing while there 19:52:16 I think that worked really well last time 19:52:43 Requirements team would like to join you if it works out. 19:53:12 i was really hoping the last part of that sentence was going to be "for our sessions" rather than "team dinner" 19:53:27 smcginnis: the venue was great for large groups I think we can accomodate any and all that want t ogo as long as we show up early enough to grab tables 19:53:38 it is mostly outdoor though so need reasonably good ewather 19:53:43 ++ it worked well last time 19:54:05 clarkb: ++ 19:54:25 corvus: sessions at the beer garden is tempting. I wonder how early they open 19:55:10 11am, we could totally do an afternoon session there then transition to dinner :) 19:56:06 I'll go ahead and call the meeting early since we seem to have transitioned to food and beer (and its lunchtime and I am hungry) 19:56:09 thank you everyone 19:56:17 #endmeeting