| cardoe | clarkb: https://review.opendev.org/c/openstack/openstack-helm/+/970997/1 yolo? | 03:57 |
|---|---|---|
| *** ralonsoh_ is now known as ralonsoh | 13:43 | |
| *** ykarel__ is now known as ykarel | 14:09 | |
| clarkb | cardoe: that looks about right, the one question I have is what does the transition from the old setup to the new setup look like. I think your change will only build updated charts so we'll leave the old data in place? I think we need to move the old data too in order to get benefits from reducing dir entries | 15:44 |
| cardoe | I don't know how to transition the old data to new layout. | 15:45 |
| clarkb | cardoe: maybe that step is manual with one of us with backend access helping out (for example if there is some prescribed set of moves and an updates index.yaml to match | 15:45 |
| cardoe | Yeah I think it'd be a manual step. I can write a script to do it (or detail out the steps). | 15:45 |
| clarkb | then yall agree on a day to stop making changes, we update, then land the new structure publishing change | 15:45 |
| clarkb | cardoe: ya I think that works then its just a matter of coordinating when it happens to avoid republishing old data | 15:45 |
| cardoe | I was gonna rsync / curl down the directory locally and tinker with it. | 15:45 |
| opendevreview | Dmitriy Rabotyagov proposed opendev/irc-meetings master: Re-establish Freezer teem meetings https://review.opendev.org/c/opendev/irc-meetings/+/971074 | 15:46 |
| clarkb | you can also access it directly via afs (but that means installing kernel drivers and learning some basic afs stuff could be fun or too much effort) | 15:46 |
| cardoe | I'm not against that. | 15:55 |
| fungi | the other possible concern to consider is whether moving the existing data will invalidate old references to those direct urls, and whether that poses a problem if so | 15:57 |
| clarkb | that is a good point. You'd hope that helm would refetch the index but maybe it won't | 15:59 |
| opendevreview | Merged opendev/irc-meetings master: Re-establish Freezer teem meetings https://review.opendev.org/c/opendev/irc-meetings/+/971074 | 16:05 |
| fungi | it's possible for us to install a redirect map to cover those cases, probably? but only if it becomes necessary | 16:06 |
| clarkb | and theortically you'd delete whatever cache helm has if that even is a problem and force it to refetch so nto a bit deal | 16:18 |
| clarkb | the location of the index.yaml doesn't move | 16:19 |
| opendevreview | Dmitriy Rabotyagov proposed openstack/project-config master: Add privilegtes to #openstack-freezer https://review.opendev.org/c/openstack/project-config/+/971083 | 16:19 |
| clarkb | infra-root I'm looking at meeting agenda topics (possibly our last one for 2025) and the two things I've got on my radar right now are the Gerrit Java 21/Trixe container update and whether or not we want ot proceed with the web crawler honeypot poc | 16:21 |
| clarkb | I'm happy to discuss those tomorrow and make a plan or tackle them sooner if we'd prefer. Let me know if you have any agenda updates you'd like to see reflected in tomorrow's meeting agenda | 16:21 |
| opendevreview | Dmitriy Chubinidze proposed openstack/diskimage-builder master: Drop remaining reference to TripleO https://review.opendev.org/c/openstack/diskimage-builder/+/970927 | 16:34 |
| opendevreview | Merged openstack/project-config master: Add privilegtes to #openstack-freezer https://review.opendev.org/c/openstack/project-config/+/971083 | 16:42 |
| fungi | noonedeadpunk: the deploy job for ^ just finished, so you can try setting the channel topic any time you like now | 17:01 |
| fungi | e.g. /msg chanserv set #openstack-freezer topic this is the new topic | 17:02 |
| fungi | let us know if it's not working | 17:02 |
| noonedeadpunk | thanks, that worked nicely ! | 17:03 |
| fungi | excellent. we made some container changes recently and i think this is the first access list change we've merged since, so it's good to get confirmation | 17:03 |
| clarkb | fungi: given the packages here: https://download.docker.com/linux/ubuntu/dists/noble/pool/stable/amd64/ do you know why https://review.opendev.org/c/zuul/zuul-registry/+/970896/2/.zuul.yaml says "no available installation candidate for docker-ce=28.5.2-1~ubuntu.24.04~noble" ? | 17:50 |
| clarkb | fungi: I wonder if this is just a name parsing thing and ansible isnt' treating the version as a version but instaed the entire thing is treated as a package name/ | 17:50 |
| fungi | that wouldn't surprise me. we could try holding a node and manually feeding that to apt install | 17:55 |
| clarkb | ya holding a node may be simplest | 17:57 |
| clarkb | I think there is a held node already on an old change/patchset that I could do a package listing against | 17:57 |
| fungi | clarkb: any idea if we're using stable, test or nightly indices for that? | 17:58 |
| fungi | though even https://download.docker.com/linux/ubuntu/dists/noble/stable/binary-amd64/Packages has an entry for Package: docker-ce Architecture: amd64 Version: 5:28.5.2-1~ubuntu.24.04~noble so it should be included | 18:01 |
| clarkb | fungi: should be stable | 18:04 |
| fungi | yeah, comparing what's in the package repository index to what's in our job var, i think that string should be accepted by apt/apt-get install commands just fine as a package=version pair | 18:07 |
| fungi | i expect the command to work if we test in the shell, so probably ansible needs this turned into a multi-dimensional array/matrix | 18:08 |
| clarkb | ack thanks. I'll try to test on the held node ina bit once I run down this other thing | 18:09 |
| clarkb | fungi: the problem is that we don't appear to mirror the entire docker hub upstream repo | 18:41 |
| clarkb | http://mirror.dfw3.raxflex.opendev.org/deb-docker/noble/pool/stable/d/docker-ce/ we only have these packages in our mirror | 18:41 |
| fungi | ah, we're mirroring it with reprepro? | 18:41 |
| fungi | there's probably a config option to only keep the latest version listed in the upstream index | 18:42 |
| fungi | and we're trying to install an older one | 18:42 |
| clarkb | ya that must be what is going on. I'm trying to determine if I can just override our use of the opendev mirrors temporarily since this is mostly to rule in or out a regression in docker 29 | 18:43 |
| fungi | i see | 18:43 |
| fungi | heading out to lunch, bbiab | 19:09 |
| opendevreview | Merged openstack/diskimage-builder master: Drop remaining reference to TripleO https://review.opendev.org/c/openstack/diskimage-builder/+/970927 | 19:19 |
| fungi | doesn't look like i missed much | 20:28 |
| clarkb | fungi: should I drop the project rename agenda item or keep it to talk about updating the manage-projects log capture and gerrit2 homedir perms? | 22:13 |
| clarkb | I'll go aheaad and keep it since these changes appear open | 22:14 |
| fungi | ah, yeah i guess they've been positively reviewed but not approved yet, so we need someone to do that still | 22:15 |
| fungi | if both of them get approved before the meeting, then it'll be a pretty brief topic | 22:15 |
| fungi | "we ran into a couple of non-show-stopping concerns, both of which are now solved" | 22:16 |
| corvus | regardless of whether the changes merge, i look forward to a quick recap in the meeting just to maintain operational awareness, so i vote keep it :) | 22:22 |
| clarkb | ++ | 22:22 |
| fungi | agreed, as a matter of process, having a meeting topic for any maintenance activity we scheduled after the prior meeting makes sense, just for a quick recap if nothing else | 22:24 |
| clarkb | ok my first pass on an agenda update is posted | 22:27 |
| cardoe | clarkb: so my patch doesn't work cause the roles in zuul-jobs are busted. https://opendev.org/zuul/zuul-jobs/src/branch/master/roles/ensure-chart-testing/tasks/main.yaml#L6-L11 | 22:27 |
| cardoe | There's actually a number that are installing stuff via pip and they just don't work | 22:28 |
| clarkb | right this is the error we were talking about previously where you can no longer install to the root location with pip by default | 22:28 |
| clarkb | those usages will either need to be updated to pass the "its ok i know what I'm doing" flag or to use a virtualenv | 22:29 |
| cardoe | yep my dep tree is just getting bigly | 22:30 |
| clarkb | sure, but this is what happens when people stop caring and feeding for the tools | 22:30 |
| clarkb | which is unfortunately evident when it takes 200 seconds to open the index.html... | 22:30 |
| clarkb | the best thing is usually to fix the problems that are known and take it from there. The failure with pip is an independent unrelated issue so we should fix that first. Then followup with the index.yaml reorg | 23:06 |
| clarkb | https://community.letsencrypt.org/t/upcoming-changes-to-let-s-encrypt-certificates/243873 I don't expect this will affect us since we aren't using LE certs for client auth and the cross signing from the root for the new intermediate certs should ensure they are accepted everywhere the current roots are? | 23:31 |
| clarkb | I think we could theoretically opt into the new stuff early via the acme profile stuff if we want, but otherwise we just need to be aware and possibly reduce our cert renewal pattern and checks for expirations in the near future (as the lifetimes will be shorted to 45 days eventuallchecking after 30 days may not make sense) | 23:32 |
Generated by irclog2html.py 4.0.0 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!