15:02:19 #startmeeting kolla 15:02:20 Meeting started Wed Sep 16 15:02:19 2020 UTC and is due to finish in 60 minutes. The chair is yoctozepto. Information about MeetBot at http://wiki.debian.org/MeetBot. 15:02:21 Useful Commands: #action #agreed #help #info #idea #link #topic #startvote. 15:02:24 The meeting name has been set to 'kolla' 15:02:26 #chair mgoddard 15:02:27 Current chairs: mgoddard yoctozepto 15:02:28 the keystone container just keep crashing with following error http://paste.openstack.org/show/wAUq2YLHPyefomvU8AAr/ 15:02:33 #topic Roll-call 15:02:35 o/ 15:02:38 o/ 15:02:40 o/ 15:03:00 \o 15:03:37 \o 15:03:56 #topic agenda 15:03:58 * Roll-call 15:04:00 * Announcements 15:04:02 ** Kolla feature freeze fast approaching: Sep 28 - Oct 02 15:04:04 ** Submit Virtual PTG topic proposals: https://etherpad.opendev.org/p/kolla-wallaby-ptg 15:04:06 ** TC & PTL elections coming up: http://lists.openstack.org/pipermail/openstack-discuss/2020-September/017306.html 15:04:08 * Review action items from the last meeting 15:04:10 * CI status 15:04:12 * Victoria release planning 15:04:14 * Bump ansible? 15:04:24 #topic announcements 15:04:34 #info Kolla feature freeze fast approaching: Sep 28 - Oct 02 15:05:00 Now would be a good time to review outstanding priority patches 15:05:30 #info Submit Virtual PTG topic proposals 15:05:36 #link https://etherpad.opendev.org/p/kolla-wallaby-ptg 15:05:42 I created ^ 15:05:47 I fixed 15:06:28 we can submit topics on this page right? 15:06:47 Yes. Please add discussion topic proposals under 'Discussion Topic Proposals' 15:07:03 And if you would like to attend, please add your name to the list 15:07:18 and register https://october2020ptg.eventbrite.com 15:07:47 #info TC & PTL elections coming up 15:07:59 #link http://lists.openstack.org/pipermail/openstack-discuss/2020-September/017306.html 15:09:08 Now is a good time to think about if you are interested in running for the technical committee (TC) or a Project Team Lead (PTL) 15:09:33 Nominations start next week 15:10:26 Anyone is able to nominate themselves for PTL, including Kolla PTL 15:10:42 Any other announcements? 15:11:31 #topic Review action items from the last meeting 15:11:34 There were none 15:11:37 For now, I'm still learning the whole process but sure 15:11:48 #topic CI status 15:12:24 Looks like we have some issues in kolla with influx repos 15:12:32 Has anyone looked? yoctozepto? 15:12:45 mgoddard: fails from ovh 15:12:54 must be east coast having broken cdn endpoint 15:14:08 ok 15:14:38 hopefully it will sort itself out 15:15:04 if still broken tomorrow let's pursue 15:15:51 ok 15:16:00 we have neutron pinned still. Any ideas if they've fixed it? 15:16:18 it's not pin, we don't run some migrations 15:16:20 not pinned 15:16:22 right 15:16:34 I'll pick it up later this week 15:16:38 is there a bug? 15:16:48 yup, there is a report 15:17:15 https://bugs.launchpad.net/bgpvpn/+bug/1894056 15:17:16 Launchpad bug 1894056 in networking-bgpvpn "DB migration broken" [Undecided,In progress] - Assigned to Rodolfo Alonso (rodolfo-alonso-hernandez) 15:17:38 it seems neutron hanging on it 15:19:00 ok 15:19:13 we also have no bifrost in stein and rocky 15:19:30 Isn't rocky freezed and EOL ? 15:19:33 can someone confirm I have this right 15:19:36 well, we have no new bifrost, there are some old builds that work 15:19:50 mnasiadka: ++ 15:19:51 we need to get a fix into bifrost for LANG 15:20:04 but bifrost CI is broken due to http://lists.openstack.org/pipermail/openstack-discuss/2020-September/016999.html 15:20:05 but bifrost CI seems fried per Dmitry 15:20:10 indeed 15:20:18 ok, updating whiteboard 15:20:45 Merged openstack/kayobe master: Update shebang for Python 3 script https://review.opendev.org/752241 15:21:01 hmm, actually its merged to stein 15:21:08 https://review.opendev.org/748599 15:21:08 patch 748599 - kolla (stable/stein) - Fix ironic build issues - LANG related (MERGED) - 3 patch sets 15:21:30 for what it is worth, I built a stein centos7 based bifrost container by applying https://review.opendev.org/#/c/749014/ 15:21:30 and rocky 15:21:30 patch 749014 - bifrost (stable/stein) - [Train and older] Fix several CI problems - 2 patch sets 15:21:44 mgoddard: at least ironic works thanks to that, but not bifrost 15:21:51 Pierre Riteau proposed openstack/kayobe stable/ussuri: Update shebang for Python 3 script https://review.opendev.org/752261 15:22:04 also had to re-enable the bifrost base image in build.py 15:22:24 mnasiadka: ah, I see 15:22:35 I'm not sure if there is a warning printed, but to me it was very unobvious what was going on 15:22:48 this is the bifrost one: https://review.opendev.org/#/c/748646/ 15:22:49 patch 748646 - bifrost - Change LANG in install-deps.sh to en_US.UTF-8 (MERGED) - 1 patch set 15:23:56 I suppose a nasty workaround would be to modify the script from our dockerfile 15:24:24 would be much better to fix bifrost CI though 15:24:30 jovial[m]: I'm pretty sure kolla-build does print out UNBUILDABLE at some point 15:25:18 not near the bottom - that is for sure! 15:25:37 it may have been buried in there somewhere 15:25:52 jovial[m] probably talking about that ugly json that prints out 15:25:59 with everything summarised 15:26:04 "summarised" 15:26:08 ;-) 15:26:41 anyone want to try fixing bifrost stable CI? 15:27:27 guess not 15:27:31 ok, onto kolla-ansible 15:27:55 ubuntu binary still broken IIRC, let's see if it fixes itself as it often does 15:28:35 Ubuntu binary can't retrieve the package from CDN 15:28:42 CDN/REPO mirror 15:28:43 o\ 15:29:14 Looks like the bifrost issue is now resolved 15:29:36 kayobe 15:30:07 I think the inspector API issue is resolved now priteau & jovial[m]? 15:30:22 It is 15:30:36 good 15:30:47 At least while the ironic TLS patch is reverted 15:31:24 I saw James submitted it again: https://review.opendev.org/#/c/751543/ 15:31:25 patch 751543 - kolla-ansible - Add support for encrypting Ironic API - 3 patch sets 15:31:40 Careful, Zuul says +1 but the ironic jobs are red 15:31:49 yes, this time without wsgi for inspector 15:31:57 not working yet 15:32:17 Still working on it 15:32:20 cool 15:32:23 #topic Bump ansible? 15:32:29 Changing the running order a bit here 15:32:49 It occurred to me we might want to bump supported ansible versions before release 15:32:59 2.8-2.9 -> 2.9-2.10 15:33:10 yeah in order to get the deprecation message at least ^^ 15:33:16 mnasiadka was tentative 15:33:55 well, I was just pessimistic, that it might cause some work 15:33:59 2.9 supports the throttle keyword, which could some in handy 15:34:19 I would like to see 2.9 minimum, that would be nice 15:34:20 it could cause work. hopefully we would find out sooner rather than later 15:34:20 I vote for it 15:34:22 @mnasiadka, why that? 2.8 and 2.9 are that much appart? 15:34:27 2.10 is a bit fresh thoguh 15:34:37 let's test 2.10 on all jobs once 15:34:37 I vote for it too ^^ 15:34:38 Fl1nt: Ansible is extremely good at introducing new bugs 15:34:43 and see how it goes 15:34:51 mnasiadka: they perfected the art of it 15:35:04 and they be reluctant about fixing any existing 15:35:09 yeah 15:35:09 mgoddard's fix still laying there 15:35:12 so let's test 15:35:14 mnasiadka: they do it on stable branches too, so we might as well get new features ;-) 15:35:17 and see what comes out of it 15:35:25 priteau: "features" 15:35:27 @mnasiadka, I suppose that I too used to for being surprised anymore ^^ 15:35:30 priteau: "security features" 15:35:37 by obscurity 15:35:39 :) 15:35:53 ansible 2.10 not works now for kolla-ansible . i have encountered a probelm that gather facts failed. 15:36:15 wuchunyang: good to know. Do you know what the problem is? 15:37:13 does anyone want to pick up this task? 15:37:15 i remember that use --limit will take the mistake 15:37:21 ok 15:37:23 mgoddard: bumping ansible? 15:37:26 yes 15:37:28 my pleasure 15:37:31 What is the rationale for supporting two minor Ansible versions? if there were issues with 2.10, could we still require >2.9,<2.10? 15:37:38 LET THE ENGINES FALL 15:37:51 priteau: that's what we would do I guees 15:37:54 guess* 15:38:10 priteau: I suppose it gives a bit of flexibility in case one breaks 15:38:14 xD 15:38:23 or doesn't work for a particular use case 15:38:53 #action yoctozepto to try bumping ansible to 2.9-2.10 15:38:54 the fact that we come up with these ideas means there is something wrong about ansible in the first place 15:39:06 software breaks 15:39:21 you could say there is something wrong about software 15:39:32 this one likes it too much though 15:39:34 ;d 15:39:38 fall back to 2.9-2.9 15:39:41 could be just popularity 15:39:43 ansible not being the only software to breaks and software being horrible to get stable, ansible remains the better alternative to nothing for now ^^ 15:40:05 Fl1nt: you are an ubuntu folk, y u no use charms? :D 15:40:17 the juju magic :-) 15:40:35 #topic Victoria release planning 15:40:42 I'm not an ubuntu folk at all ^^ rather the opposite and charms fails everytime ^^ 15:40:45 Final push now 15:41:01 :-( 15:41:04 ~2 weeks until feature freeze 15:41:30 let's go through priorities on the whiteboard 15:41:32 #link https://etherpad.opendev.org/p/KollaWhiteBoard 15:41:41 L203 15:41:46 well, if it's any consolation, masakari just got its first and last feature this cycle 15:41:50 so we ain't that bad 15:41:53 lol 15:42:11 hrw: infra images 15:42:25 can we land it? 15:42:52 I gave my +2 to the big one 15:43:33 :O 15:43:34 we need to do a zuul CI dance to land the others 15:44:08 and I'm fixing the kolla_docker updates to support healthchecks 15:44:23 ok 15:44:36 would appreciate a review on the big change to playbooks to add this feature 15:44:48 https://review.opendev.org/#/c/676389/ 15:44:49 patch 676389 - kolla-ansible - Use Docker healthchecks for core services - 67 patch sets 15:44:51 I've started looking into adding pull-retag-push to kolla-build 15:45:31 wuchunyang: thanks for comments on octavia patch 15:46:11 wuchunyang: do you think you will have time to get it merged? 15:46:34 yes, i have time 15:46:48 great 15:46:57 there is a CI test for magnum & octavia here: https://review.opendev.org/652030 15:46:58 patch 652030 - kolla-ansible - CI: add magnum scenario, also covering octavia - 8 patch sets 15:47:11 would like to merge that first so that we have some test coverage of octavia 15:48:02 ideally it would be updated to actually create and test a load balancer, but that may be a stretch for Victoria 15:48:43 well, once zuul says +1 ;) 15:48:53 @mnasiadka, really nice feature about Docker healthcheck, same thing with the infra image @hrw 15:48:57 I did a big review of keystone federation https://review.opendev.org/695432 15:48:58 patch 695432 - kolla-ansible - Add support to OpenID Connect Authentication flow - 34 patch sets 15:49:17 maybe we can not create a lb for test ,because it needs amphora image. 15:49:22 Fl1nt: I'm sure mnasiadka would appreciate your review on it :) 15:49:34 I'm doing it ^^ 15:49:42 wuchunyang: correct. octavia must test their own code though? 15:49:58 And I'd like to get a quick review on this minor pip patch so it can be merged and backported to train at some point ^^ 15:50:04 it would be nice if they published amphora images, but I don't think they do 15:50:17 they don't and it's better 15:50:40 yes , there is no amphora image for downloading . 15:50:47 https://tarballs.opendev.org/openstack/octavia/test-images/ 15:50:51 Fl1nt: want to continue work on it? 15:50:53 would this help? 15:50:54 amphora images should be considered as "customer images" as you have so many way to tweak it ^^ 15:51:06 @hrw, on what? image? 15:51:06 nice find Fl1nt 15:51:10 sorry, priteau 15:51:21 I haven't tried them, no idea if they work 15:51:32 Fl1nt: infra stuff 15:51:33 priteau looks good . 15:51:39 We created those images for OSA testing. They are fine for gate tests, but should not be used in deployments 15:51:56 @hrw, depends on which timeline do we have 15:52:02 ;D 15:52:13 let's focus on getting the ansible running first, then we can do an integration test 15:52:16 It's used in some other services: http://codesearch.openstack.org/?q=test-only-amphora&i=nope&files=&repos= 15:52:16 johnsom: ack 15:52:45 mgoddard it seems that we can create a lb for gate now . 15:52:51 yes 15:53:21 I have some runes to make a backend with a cirros image somewhere 15:53:33 anyone familiar with keystone federation? 15:53:49 if so, https://review.opendev.org/695432 awaits 15:53:49 patch 695432 - kolla-ansible - Add support to OpenID Connect Authentication flow - 34 patch sets 15:53:54 A bit yes, depends on your backend @mgoddard 15:54:32 mgoddard: unfortunately, federation/octavia are tough for me because I'd have to base reviews off the common/other knowledge only 15:55:01 hence why everything usually gets higher priority :-( 15:55:26 mgoddard: not yet familiar, but it might change in coming weeks ;-) 15:55:28 Fl1nt: I'm sure they would appreciate your experience 15:55:40 that patch has been around for a while, would be nice to land it 15:55:43 I'm looking into, but I'm more experienced on ADFS 15:55:54 any comments welcome, Fl1nt 15:56:16 tempting to merge it as experimental, if we can confirm it does not break anything 15:56:32 @yoctozepto, oki doo, I'll do it. 15:56:43 leaves room to change the interface if necessary e.g. for other protocols 15:56:59 yeah, there's an option to fix in a bugfix post-release - and if we don't merge it, then it's Wallaby content... 15:57:59 mnasiadka: just need to mark 'experimental' / 'subject to change' as mgoddard said 15:58:03 health checks we covered 15:58:42 scalability still has a few patches open 15:59:06 https://review.opendev.org/739122 and https://review.opendev.org/739112 would be good to land 15:59:06 patch 739122 - kolla-ansible - Performance: use a single config file for fluentd - 3 patch sets 15:59:08 patch 739112 - kolla-ansible - Performance: use a single config file for logrotate - 5 patch sets 15:59:20 as common tasks run on all nodes 15:59:25 it's a big win 15:59:49 and anything in https://review.opendev.org/#/q/topic:bp/performance-improvements+branch:master+status:open 16:00:09 TLS we have neutron and ironic in progress 16:00:21 argh, one has merge conflict 16:00:26 and it was mgoddard+2 16:00:31 https://review.opendev.org/#/c/728448/ did have a yoctozepto +2 16:00:31 patch 728448 - kolla-ansible - Support TLS encryption of RabbitMQ client-server t... - 9 patch sets 16:00:33 I'll try to dig it up 16:00:44 maybe if he adds it back it will tempt someone to approve 16:01:10 kayobe 16:01:24 mgoddard: might be 16:01:35 I will look at https://review.opendev.org/#/c/734867/ today or tomorrow 16:01:35 patch 734867 - kayobe - Support multiple environments from a single config... - 1 patch set 16:02:06 would be nice to get agreement on https://review.opendev.org/#/c/748582/ 16:02:07 patch 748582 - kayobe - docs: Add skeleton for scenario docs - 1 patch set 16:02:23 then we can start adding scenarios 16:02:37 and I think that's all 16:03:23 If there are other patches you will like to land in the release, please make it known, and we can assess 16:03:36 #topic Open discussion 16:03:37 yes I do ^^ 16:03:50 Kolla kall tomorrow. Do we have an agenda? 16:04:02 mgoddard: continue bugs 16:04:11 @mgoddard, I would like to get this one included https://review.opendev.org/#/c/751787/ 16:04:11 patch 751787 - kolla - Improve pip install process for offline deployment. - 1 patch set 16:04:14 I'm open to using the time more effectively though 16:04:35 we might also agree to spend it on doing reviews 16:04:38 yoctozepto: ok. Do we need to do anything more to hand out tasks for those docs improvements? 16:04:39 (self-paced) 16:05:08 mgoddard: we should do something about them but due to time constraints I doubt they have high enough priority to look at 16:05:13 Fl1nt: added to review queue 16:05:21 \o/ THX 16:05:33 yoctozepto: there may be some easy wins 16:05:38 https://blueprints.launchpad.net/kolla-ansible/+spec/add-hosts-command 16:06:12 is there anyone work on this bp? 16:06:32 mgoddard: well, we can discuss just that then 16:06:32 wuchunyang: not that I am aware of 16:06:33 you can already do it @wuchunyang using deploy with limit 16:06:40 and spend rest of time on other reviews 16:06:43 or actually doing docs 16:07:03 wuchunyang: we do lack documentation in this area though 16:07:12 I think priteau has some notes on it 16:07:32 Fl1nt at the bootstrap we will change hosts and need restart some docker 16:08:05 i want to add-host without reboot docker. 16:08:31 I don't think I have notes specifically on the /etc/hosts issue 16:08:39 I'd be good to have this option 16:08:49 I'm just using dns to solve these issues 16:09:06 dns is a good way, for now 16:09:29 DNS is the only real way actually ^^ 16:09:38 there is another way 16:09:41 well, it adds a pain point 16:09:52 i tested on vm ,, we can create kolla-toolbox with host network 16:09:53 yeah, but DNS is an infra requirement that anyone should have. 16:09:53 we no longer need hostnames for computes 16:10:08 libvirt migration by IP was fixed 16:10:13 so rabbitmq is the last issue 16:10:23 and create other containers with net: container:kolla-toolbox 16:10:28 rmq is able to use gethostbyname() now 16:10:30 so only hosts running rabbitmq need hostnames 16:10:31 Fl1nt: you'd be surprised but there are company-wide /etc/hosts 16:10:52 Don't tell me such things @yoctozepto my day was so bright so far! 16:11:05 ok, we are over time 16:11:10 Thanks everyone 16:11:14 Back to your reviews! 16:11:17 #endmeeting