Monday, 2020-08-24

openstackgerrit	Jacob Anders proposed openstack/ironic master: Generic way to configure clean step priorites https://review.opendev.org/744117	00:18
*** jamesdenton has quit IRC		01:46
*** jamesden_ has joined #openstack-ironic		01:47
janders	has anyone recently observed instance deployment issues on bifrost related to 403 errors from Nginx while attempting to fetch images?	01:58
janders	I think I remember dtantsur\|afk mentioning something along SELinux lines (can't find it in IRC history ATM though) so I first thought it was that, but it might have been just permissions: http://paste.openstack.org/show/797074/	02:02
janders	I haven't hit this for a while as my bifrost "uninstaller" wasn't deleting /httpboot which I will add now for better coverage :)	02:02
*** Lucas_Gray has joined #openstack-ironic		02:37
*** uzumaki has joined #openstack-ironic		02:57
*** tkajinam has quit IRC		04:03
*** tkajinam has joined #openstack-ironic		04:03
*** abdysn has joined #openstack-ironic		05:02
*** hjensas_ has joined #openstack-ironic		05:18
*** Lucas_Gray has quit IRC		05:21
*** chenhaw has quit IRC		06:04
arne_wiebalck	Good morning, ironic!	06:12
*** mnasiadka has quit IRC		06:16
*** mnasiadka has joined #openstack-ironic		06:19
*** rcernin has quit IRC		06:23
*** seongsoocho has quit IRC		06:24
*** seongsoocho has joined #openstack-ironic		06:25
*** rcernin has joined #openstack-ironic		06:32
*** dtantsur\|afk is now known as dtantsur		06:35
dtantsur	morning ironic, happy Monday	06:35
*** rcernin has quit IRC		06:36
*** rcernin has joined #openstack-ironic		06:36
dtantsur	janders: it feels like "just" permissions (and why on earth aren't we fixing them??)	06:38
dtantsur	a patch is welcome	06:38
*** jhesketh_ has quit IRC		06:39
*** jhesketh has joined #openstack-ironic		06:41
*** hjensas__ has joined #openstack-ironic		06:48
iurygregory	good morning janders arne_wiebalck dtantsur and Ironic o/	06:49
*** hjensas_ has quit IRC		06:51
arne_wiebalck	hey iurygregory dtantsur o/	06:52
*** mkrai has joined #openstack-ironic		06:54
*** chenhaw has joined #openstack-ironic		06:55
*** SuiongNg\|ITRI_TW has joined #openstack-ironic		06:58
*** sshnaidm\|afk is now known as sshnaidm		07:03
openstackgerrit	Merged openstack/ironic master: Documentation update for ilo hardware type https://review.opendev.org/746453	07:06
*** Qianbiao has joined #openstack-ironic		07:09
rpittau	good morning ironic! o/	07:12
dtantsur	folks, please review https://review.opendev.org/747437 it fixes a pretty serious bug	07:19
patchbot	patch 747437 - bifrost - Explicitly enable DHCP services on baremetal CentO... - 2 patch sets	07:19
rpittau	dtantsur, TheJulia, sorry I didn't have IRC connection on Friday afternoon/evening, I saw the "chicken-n-egg" issue later, but seems all good now	07:20
dtantsur	yeah, TheJulia has solved it in the end	07:22
dtantsur	rpittau: I wonder if we need the RAM bump backported..	07:22
rpittau	dtantsur: I was considering that, we probably do	07:23
rpittau	dtantsur: TheJulia already backport to 15.2, but I think we should do it for ussuri too	07:24
rpittau	same for ironic-python-agent	07:25
iurygregory	morning rpittau o/	07:25
rpittau	hey iurygregory :)	07:25
dtantsur	also looking for reviews on this bug fix https://review.opendev.org/#/c/747389/	07:28
patchbot	patch 747389 - ironic - Ensure in-band deploy steps are present in time fo... - 3 patch sets	07:28
dtantsur	and on https://review.opendev.org/#/c/747413/	07:28
patchbot	patch 747413 - metalsmith - CI: use the direct deploy by default - 2 patch sets	07:28
openstackgerrit	Dmitry Tantsur proposed openstack/ironic-python-agent master: [PoC] A deploy step to update /etc/default/grub https://review.opendev.org/743771	07:30
openstackgerrit	Riccardo Pittau proposed openstack/ironic stable/ussuri: Increase memory of tinyipa vms https://review.opendev.org/747633	07:33
openstackgerrit	Riccardo Pittau proposed openstack/ironic-python-agent stable/ussuri: Increase memory for tinyipa jobs https://review.opendev.org/747634	07:38
openstackgerrit	Merged openstack/ironic stable/rocky: Retries and timeout for IPA command https://review.opendev.org/747265	07:51
*** lucasagomes has joined #openstack-ironic		07:58
*** akahat\|rover is now known as akahat\|lunch		07:58
openstackgerrit	vinay kumar muddu proposed openstack/ironic master: [WIP]: Adds ilo-uefi-https boot interface to ilo5 https://review.opendev.org/745501	08:03
*** yolanda has quit IRC		08:03
*** dougsz has joined #openstack-ironic		08:04
*** livelace has joined #openstack-ironic		08:05
openstackgerrit	vinay kumar muddu proposed openstack/ironic master: [WIP]: Adds ilo-uefi-https boot interface to ilo5 https://review.opendev.org/745501	08:11
Qianbiao	hello ironic.	08:16
Qianbiao	Hi, when combine ironic with openstack-services, should dhcp still be provided by ironic in provisioning network?	08:17
Qianbiao	should i still install a dnsmasq to provide dhcp for first pxe network	08:17
openstackgerrit	Dmitry Tantsur proposed openstack/ironic-lib master: Move some generic functions from IPA https://review.opendev.org/747641	08:26
openstackgerrit	Merged openstack/bifrost master: Explicitly enable DHCP services on baremetal CentOS/RHEL https://review.opendev.org/747437	08:26
dtantsur	Qianbiao: when using ironic with neutron, dhcp is usually provided by neutron-dhcp-agent	08:27
Qianbiao	dtantsur hmm, should provisioning network be a subnet created by neutron?	08:31
Qianbiao	in our test env, our nodes are connected directly(including SDN device)	08:32
dtantsur	Qianbiao: usually the provisioning network is handled by neutron, yes. Your case may be different, of course.	08:35
openstackgerrit	Dmitry Tantsur proposed openstack/bifrost bugfix/8.3: Explicitly enable DHCP services on baremetal CentOS/RHEL https://review.opendev.org/747644	08:35
*** livelace has quit IRC		08:36
Qianbiao	ok thanks dtantsur	08:36
openstackgerrit	Dmitry Tantsur proposed openstack/bifrost stable/ussuri: Use firewalld to open ports on CentOS and RHEL. https://review.opendev.org/747645	08:36
openstackgerrit	Dmitry Tantsur proposed openstack/bifrost stable/ussuri: Explicitly enable DHCP services on baremetal CentOS/RHEL https://review.opendev.org/747646	08:37
openstackgerrit	Riccardo Pittau proposed openstack/ironic-python-agent-builder master: Leave kbd installed https://review.opendev.org/747647	08:38
*** derekh has joined #openstack-ironic		08:43
janders	g'day arne_wiebalck dtantsur iurygregory rpittau o/	08:51
rpittau	hey janders :)	08:51
iurygregory	o/	08:52
janders	dtantsur noted regarding permissions, happy to look into that when I'm done with the initial part of the FIPS work	08:52
arne_wiebalck	hey janders o/	08:52
*** k_mouza has joined #openstack-ironic		08:52
*** rcernin has quit IRC		09:03
openstackgerrit	Dmitry Tantsur proposed openstack/ironic-lib master: Move some generic functions from IPA https://review.opendev.org/747641	09:12
rpittau	hey arne_wiebalck, welcome back :)	09:24
arne_wiebalck	hey rpittau o/ thanks!	09:24
*** priteau has joined #openstack-ironic		09:24
*** mkrai has quit IRC		09:31
openstackgerrit	Dmitry Tantsur proposed openstack/bifrost master: Remove env-vars https://review.opendev.org/747668	09:39
openstackgerrit	Dmitry Tantsur proposed openstack/bifrost master: Remove support for non-venv deployments https://review.opendev.org/747434	09:40
janders	dtantsur looks like the image-creation playbook already does the right thing with permissions: https://opendev.org/openstack/bifrost/src/branch/master/playbooks/roles/bifrost-create-dib-image/tasks/main.yml#L167 the only question remains why didn't it work for me... I'll raze my bifrost install, start fresh and see if I hit this issue again	09:52
janders	the only thing that comes to mind is some weird race condition... maybe the node is still traumatised after the dev-scripts driven IO starvation episode on Friday LOL (I'm now using it for bifrost)	09:54
*** livelace has joined #openstack-ironic		09:55
*** Qianbiao has quit IRC		09:55
*** Qianbiao has joined #openstack-ironic		09:58
openstackgerrit	Merged openstack/bifrost bugfix/8.3: Explicitly enable DHCP services on baremetal CentOS/RHEL https://review.opendev.org/747644	09:59
openstackgerrit	Merged openstack/bifrost stable/ussuri: Use firewalld to open ports on CentOS and RHEL. https://review.opendev.org/747645	09:59
openstackgerrit	Merged openstack/bifrost stable/ussuri: Explicitly enable DHCP services on baremetal CentOS/RHEL https://review.opendev.org/747646	09:59
dtantsur	janders: if running with --testenv, your image is a cirros image downloaded from the internet, not DIB-built	10:01
*** mkrai has joined #openstack-ironic		10:01
janders	aha! will look into that codepath, too. Thanks heaps dtantsur!	10:01
dtantsur	janders: https://opendev.org/openstack/bifrost/src/branch/master/playbooks/roles/bifrost-ironic-install/tasks/bootstrap.yml#L330	10:02
janders	dtantsur I see how things might get wrong there	10:02
dtantsur	janders: the reason it suddenly stopped working is https://github.com/ansible/ansible/issues/71200	10:02
dtantsur	i.e. an upstream defaults change	10:02
dtantsur	I do think we should be explicit about ownership and ACL for all downloaded/built files	10:03
dtantsur	so a patch is welcome :)	10:03
janders	dtantsur very well spotted, I haven't hit this elsewhere yet	10:04
janders	dtantsur will do	10:04
dtantsur	janders: get_url seems to have a mode/owner, so it must be an easy fix	10:14
*** rcernin has joined #openstack-ironic		10:17
* dtantsur is looking into running ansible-lint on bifrost		10:17
*** rcernin has quit IRC		10:22
*** ijw has joined #openstack-ironic		10:23
*** ijw has quit IRC		10:27
*** akahat\|lunch is now known as akahat\|rover		10:27
openstackgerrit	vinay kumar muddu proposed openstack/ironic master: Decouple the ISO creation logic from redfish https://review.opendev.org/739174	10:36
janders	dtantsur exactly my plan. Do you think we should parameterise permissions or is hardcoding okay? (I see a fair bit of hardcoded 644s around the code)	10:38
*** Lucas_Gray has joined #openstack-ironic		10:41
openstackgerrit	vinay kumar muddu proposed openstack/ironic master: Allow HttpImageService to accept custom certificate https://review.opendev.org/742936	10:50
*** rh-jelabarre has joined #openstack-ironic		10:53
openstackgerrit	Dmitry Tantsur proposed openstack/bifrost master: [WIP] Add a CI job with ansible-lint https://review.opendev.org/747686	11:07
dtantsur	janders: hardcoding is pretty okay	11:07
janders	dtantsur ACK, thank you	11:08
janders	wrapping up for the day, see you tomorrow Ironic o/	11:08
janders	will finish up and submit that patch first thing in the morning	11:09
iurygregory	bye janders	11:09
janders	cheers iurygregory	11:09
dtantsur	g'night janders	11:11
*** mkrai has quit IRC		11:13
openstackgerrit	Dmitry Tantsur proposed openstack/bifrost master: Add a CI job with ansible-lint https://review.opendev.org/747686	11:14
dtantsur	rpittau gotta like ^^^ probably :)	11:14
* dtantsur will fix a few errors in a new patch		11:14
openstackgerrit	Dmitry Tantsur proposed openstack/bifrost master: Add a CI job with ansible-lint https://review.opendev.org/747686	11:15
* iurygregory brb lunch		11:25
openstackgerrit	Dmitry Tantsur proposed openstack/bifrost master: ansible-lint: fix error 204 (Lines should be no longer than 160 chars) https://review.opendev.org/747692	11:42
*** hjensas__ is now known as hjensas\|lunch		11:57
rpittau	dtantsur: you were faster than me as usual, I was actually looking at that :)	12:06
dtantsur	rpittau: oh sorry. what exactly are you looking at?	12:06
dtantsur	I'm trying to fix 3xx atm	12:06
rpittau	dtantsur: the ansible-lint :)	12:06
* dtantsur should have asked, sorry again		12:06
rpittau	dtantsur: no worries! :)	12:07
openstackgerrit	Dmitry Tantsur proposed openstack/bifrost master: ansible-lint: fix errors 303, 305, 306 https://review.opendev.org/747694	12:07
openstackgerrit	Kaifeng Wang proposed openstack/ironic-specs master: Snapshot support https://review.opendev.org/746935	12:07
dtantsur	I'll stop fixing lints for today after ^^^	12:07
dtantsur	any remaining are up for taking	12:07
rpittau	:D	12:07
rpittau	ok!	12:07
*** mkrai__ has joined #openstack-ironic		12:08
*** mkrai__ has quit IRC		12:08
*** livelace has quit IRC		12:13
Qianbiao	hello dtantsur	12:18
Qianbiao	when deploy interface is ramdisk, bm will pxe twice right?	12:18
openstackgerrit	Dmitry Tantsur proposed openstack/metalsmith master: CI: use the direct deploy by default https://review.opendev.org/747413	12:19
dtantsur	Qianbiao: no, I think only once	12:19
Qianbiao	deploy directly? without coreos loading>	12:19
Qianbiao	then when will network changes from provision network to tenant network.	12:20
Qianbiao	when pxe happen, server is in provisioning network or tenant	12:20
*** mkrai has joined #openstack-ironic		12:21
dtantsur	Qianbiao: unless I'm mistaken, the first and only boot happens on the tenant network	12:21
rpittau	dtantsur: what's the reason of limiting ansible-lint to <5 ?	12:22
dtantsur	rpittau: I assume the next major version will have more lints by default	12:22
dtantsur	breaking us	12:22
rpittau	ok, I see, makes sense, thanks	12:22
Qianbiao	dtantsur got thanks.	12:23
Qianbiao	it there any method can void the pxe expose security issue.	12:24
dtantsur	Qianbiao: if your hardware supports virtual media, you can use it	12:27
dtantsur	otherwise, I'm afraid, it's unavoidable with the ramdisk deploy	12:27
Qianbiao	<dtantsur> yes we support it.	12:27
Qianbiao	should i add virtual media implementation	12:27
dtantsur	that would be really good	12:28
dtantsur	TheJulia: https://review.opendev.org/#/c/743771/ works, do you think it's worth turning into a real optional feature?	12:32
patchbot	patch 743771 - ironic-python-agent - [PoC] A deploy step to update /etc/default/grub - 4 patch sets	12:32
dtantsur	(there should be more work around whole-disk images)	12:32
dtantsur	other opinions also welcome ^^^	12:32
*** livelace has joined #openstack-ironic		12:33
openstackgerrit	Merged openstack/bifrost master: Add a CI job with ansible-lint https://review.opendev.org/747686	12:59
openstackgerrit	Dmitry Tantsur proposed openstack/ironic-python-agent master: documentation: clean up and expand the landing page https://review.opendev.org/747723	13:12
*** bnemec has joined #openstack-ironic		13:22
*** tosky has joined #openstack-ironic		13:22
*** Goneri has joined #openstack-ironic		13:25
TheJulia	good morning everyone	13:26
rpittau	good morning TheJulia :)	13:26
openstackgerrit	Dmitry Tantsur proposed openstack/ironic-python-agent master: Refactor and fix documentation https://review.opendev.org/747723	13:27
openstackgerrit	Merged openstack/ironic-python-agent master: Clarify connection error on heartbeats https://review.opendev.org/747210	13:29
dtantsur	morning TheJulia	13:29
*** rloo has joined #openstack-ironic		13:32
TheJulia	What is the assessment of the gate status this morning?	13:34
TheJulia	line 55 from the etherpad seems really out of date	13:34
rpittau	better than Friday :)	13:34
rpittau	tinyipa jobs are fixed	13:34
TheJulia	\o/	13:35
rpittau	TheJulia: I can add a couple of lines there to ezplain	13:35
rpittau	or explain even	13:35
*** tzumainn has joined #openstack-ironic		13:37
rpittau	TheJulia: btw, if you have a minute, we should pin pip version https://review.opendev.org/747218	13:41
patchbot	patch 747218 - ironic-python-agent-builder - Pin pip version to install in tinyipa images - 2 patch sets	13:41
TheJulia	Hey, stable cores, can I get quick review on https://review.opendev.org/#/c/744053/ ?	13:43
patchbot	patch 744053 - ironic-python-agent (stable/rocky) - improve error messages during node lookup failures - 1 patch set	13:43
TheJulia	It is blocking another fix from merging	13:43
rpittau	done	13:43
openstackgerrit	Aija Jaunteva proposed openstack/ironic-specs master: System configuration within whole clean or deploy step https://review.opendev.org/740721	13:44
openstackgerrit	Julia Kreger proposed openstack/ironic bugfix/15.2: Ansible deploy - Ignore invalid devices https://review.opendev.org/747729	13:47
openstackgerrit	Julia Kreger proposed openstack/ironic bugfix/15.1: Ansible deploy - Ignore invalid devices https://review.opendev.org/747730	13:47
dtantsur	TheJulia: oh, by the way, this Monday is sponsored by https://github.com/ansible/ansible/issues/71200	13:51
dtantsur	(that's the cause of one of the bifrost issues trandles experienced)	13:51
TheJulia	no wonder	13:52
TheJulia	jeeze	13:53
* TheJulia wonders who is the current pinkish-purple on the etherpad this morning		13:53
rpittau	I think they reverted the change ?	13:53
rpittau	TheJulia: maybe me ? on line 56 ?	13:54
TheJulia	yes!	13:54
dtantsur	they did revert it. but there is also an ansible-lint for missing mode, so we'll have to fix it anyway :)	13:54
rpittau	ah snap	13:54
*** abdysn has quit IRC		13:55
*** mjturek has joined #openstack-ironic		13:58
TheJulia	stevebaker: For when your up, what is the deal with https://review.opendev.org/#/c/742795/7 ?	14:07
patchbot	patch 742795 - ironic - New argument validate decorator - 7 patch sets	14:07
openstackgerrit	Merged openstack/ironic master: Ensure in-band deploy steps are present in time for fast-track deployments https://review.opendev.org/747389	14:09
openstackgerrit	Dmitry Tantsur proposed openstack/ironic bugfix/15.2: Ensure in-band deploy steps are present in time for fast-track deployments https://review.opendev.org/747737	14:10
dtantsur	TheJulia: I think we can release 15.2.1 after this ^^ and the ansible fix	14:11
TheJulia	++	14:11
TheJulia	we likely need to do a release of some of the older branches too	14:12
*** hjensas\|lunch is now known as hjensas		14:13
TheJulia	I wonder if someone needs to revise https://review.opendev.org/#/c/557051/	14:14
patchbot	patch 557051 - networking-generic-switch - Support multiple links in link_local_information d... - 12 patch sets	14:14
JayF	What's the deal with lower constraints? What determines them, are are the flexible?	14:19
JayF	> eventlet==0.18.2	14:19
TheJulia	lower-constraints.txt and yes they can be changed	14:19
JayF	is scary old and buggy -- I'm amazed we have that old of a version there	14:19
TheJulia	minimum versions things _should_ work with	14:19
JayF	my what determines them is more philosophical, I know about the file	14:19
JayF	e.g. are there certain use cases targetted	14:20
TheJulia	humans do, so they can be out of date	14:20
JayF	compatability with something, etx	14:20
JayF	OK, so if the answer to IPA eventlet patch failures is "update lower-constraints", we're OK with that? Especially in IPA?	14:20
TheJulia	it is fine to increment the minimum version upward on master branch	14:20
JayF	(since IPA is not co-installed)	14:20
JayF	ack; that'll likely be the action I take for my PR	14:21
TheJulia	k	14:21
JayF	I've read over 9000 bugs in old eventlet around wsgi+ssl; I don't think even if unit tests passed I'd be willing to suggest someone run on eventlet that old :D	14:21
*** Lucas_Gray has quit IRC		14:22
dtantsur	JayF: please read my comments on your patch, updating eventlet won't simply help	14:29
dtantsur	(at least it does not help when tried locally)	14:29
JayF	0.25.1 is what we run against in master?	14:29
JayF	that was the missing piece for me	14:29
dtantsur	yep, tried that	14:29
JayF	ack; I'm sure I can track it down	14:30
JayF	[knocks on wood]	14:30
JayF	Did you see my replies abuot moving the __init__.py stuff around?	14:30
dtantsur	probably not yet	14:30
JayF	If we're OK with breaking mod_wsgi support, I'm happy to move it around	14:30
JayF	but I wanted to make sure you read the commit and were making that suggestion with the explicit knowledge it breaks mod_wsgi	14:30
JayF	although TBH, it's likely it didn't work under mod_wsgi anyway b/c of how we handle heartbeats	14:31
dtantsur	JayF: I don't see how it would break mod_wsgi	14:33
dtantsur	without actually calling eventlet, the environment variable won't affect anything, will it?	14:33
JayF	see https://review.opendev.org/#/c/440292/	14:33
patchbot	patch 440292 - ironic - Move eventlet monkey patch code (MERGED) - 2 patch sets	14:33
dtantsur	well, ignoring the fact that IPA is unlikely to work under mod_wsgi :)	14:33
dtantsur	TheJulia: we need to get used to updating the CI of bugfix branches every time after the release	14:34
*** mkrai has quit IRC		14:34
JayF	yeah; I'll re-centralize it and add to my release notes that it absolutely will not worj	14:35
JayF	*work	14:35
dtantsur	JayF: not because of your patch	14:36
dtantsur	note that https://review.opendev.org/#/c/440292/2/ironic/__init__.py actually had monkey_patch in __init__ unlike IPA	14:36
patchbot	patch 440292 - ironic - Move eventlet monkey patch code (MERGED) - 2 patch sets	14:36
dtantsur	I agree that it's bad	14:37
JayF	Yeah; which is why I moved it to cmd/ when I added the monkey_patch	14:37
JayF	but I still think it's exceedingly unlikely that, for instance, ussuri IPA works under mod_wsgi	14:37
JayF	so just take the guaranteed hard breakage, document it, and move on	14:37
openstackgerrit	wu.chunyang proposed openstack/python-ironicclient master: Remove Babel requirement https://review.opendev.org/747581	14:37
JayF	that's what reverse proxying is for :D	14:37
dtantsur	it's an option, although that's not exactly what I asked for	14:37
dtantsur	(I was only pointing out a copy-paste of the environment code)	14:38
JayF	Ooooh! I got it, you want the environment stuff at root level, the monkey patch at cmd/ level	14:38
dtantsur	but yeah, I don't see how IPA would work under any WSGI server. half of its initialization is in agent.py which hardcodes using oslo.service	14:38
JayF	All my previous comments are still valid though, because I don't think ^^^ exactly	14:38
JayF	So I'm going to just move it all to the base level __init__.py, and document it won't work with it	14:39
dtantsur	wfm	14:39
JayF	*IPA won't work with mod_wsgi	14:39
JayF	and then play requirements-bingo until I get CI to pass under lower-constraints :\|	14:39
openstackgerrit	Julia Kreger proposed openstack/ironic-python-agent master: Update the cache if we don't have a root device hint https://review.opendev.org/747072	14:41
*** mkrai has joined #openstack-ironic		14:42
dtantsur	JayF: could you please read https://storyboard.openstack.org/#!/story/2007214 before the meeting to make sure I'm not saying anything contradicting your plans?	14:43
JayF	looking	14:44
dtantsur	This RFE now tries to cover both static and automatic TLS configuration	14:44
openstackgerrit	Merged openstack/ironic-python-agent stable/rocky: improve error messages during node lookup failures https://review.opendev.org/744053	14:44
JayF	The option as I have it written is ``listen_ssl``, you have it listed as ``listel_tls`` -- I don't mind tls vs ssl, we should just be consistent	14:45
dtantsur	JayF: is it too late to change the option to tls in your code?	14:45
dtantsur	ssl is an ancient thing	14:45
JayF	the other thing, you may want to be specific it's ssl.cert_file / ssl.key_file not default.{}	14:45
JayF	absolutely, I can change it	14:45
*** cdearborn has joined #openstack-ironic		14:46
JayF	[agent]api_key_file is not required for client cert verification.	14:46
JayF	You only need the CA file.	14:47
brtknr	hey folks, after adding a new conductor, how do i rebalance the nodes across the conductors?	14:47
JayF	Oh, you're talking about the other side, in the ironic.conf?	14:47
dtantsur	yep	14:47
JayF	That section 2.1 I think is missing something?	14:47
brtknr	i have tried restarting the conductors but that doesnt seem to be enough	14:47
JayF	Oh, nevermind, this is a little confusing, I keep losing track of who the client and who the server is	14:48
JayF	dtantsur: LGTM. I'll make my config variable compatible, and edited your RFE just now to fix a typo	14:48
*** kaifeng has joined #openstack-ironic		14:49
dtantsur	JayF: we might have had an editing collision, could you check again please?	14:50
JayF	my typo fix (``listel_tls`` -> ``listen_tls``) still appears in the change	14:50
dtantsur	and of course storyboard takes forever to refresh..	14:51
dtantsur	JayF: I don't see it anymore, could you also refresh?	14:52
* dtantsur shakes fist at storyboard		14:52
JayF	lgtm after refresh?	14:52
brtknr	how do you rebalance nodes across conductor groups in general?	14:56
brtknr	i have seen it happen when a conductor fails	14:56
brtknr	is there a way to trigger rebalance on demand?	14:56
JayF	I believe a rolling restart should do it.	14:56
openstackgerrit	Merged openstack/ironic-python-agent stable/rocky: Fix TypeError on agent lookup failure https://review.opendev.org/745426	14:57
brtknr	i dont want to resort to assigning nodes to conductor groups	14:57
brtknr	JayF: is that in response to my questions?	14:57
brtknr	i tried restarting	14:57
brtknr	didnt help	14:57
dtantsur	I believe the nodes balance out automatically, but not when they have instances already	14:59
JayF	Yeah, that's the only way I know to do it. This is a little bit of an X/Y question -- you shouldn't need to worry about what nodes are managed by what conductor in general usage	14:59
dtantsur	but that's a bit of an untested area, to be honest	14:59
*** tkajinam_ has joined #openstack-ironic		14:59
JayF	So I'm wondering what the symptoms are you're trying to resolve	14:59
TheJulia	They should balance out evenly, the conundrum is it can still be weighted on one side	14:59
TheJulia	or on to a node	14:59
TheJulia	Arne had some graphs a while back that showed an extra 200-400 nodes on one conductor for some reason	15:00
TheJulia	Anyway, it is meeting time!	15:00
TheJulia	#startmeeting ironic	15:00
openstack	Meeting started Mon Aug 24 15:00:17 2020 UTC and is due to finish in 60 minutes. The chair is TheJulia. Information about MeetBot at http://wiki.debian.org/MeetBot.	15:00
TheJulia	o/	15:00
openstack	Useful Commands: #action #agreed #help #info #idea #link #topic #startvote.	15:00
*** openstack changes topic to " (Meeting topic: ironic)"		15:00
*** another_larsks is now known as larsks		15:00
rpittau	o/	15:00
openstack	The meeting name has been set to 'ironic'	15:00
JayF	o/	15:00
rajinir	o/	15:00
rpioso	\o	15:00
kaifeng	o/	15:00
ajya	o/	15:00
TheJulia	Good morning ironic!	15:00
erbarr	o/	15:00
bfournie	o/	15:00
bdodd	o/	15:00
arne_wiebalck	o/	15:00
brtknr	o/	15:00
iurygregory	o/	15:01
*** seongsoocho_ has joined #openstack-ironic		15:01
TheJulia	Our agenda can be found on the wiki, as always.	15:01
TheJulia	#link https://wiki.openstack.org/wiki/Meetings/Ironic#Agenda_for_next_meeting	15:01
cdearborn	o/	15:01
TheJulia	#topic Annoucements/Reminders	15:01
*** openstack changes topic to "Annoucements/Reminders (Meeting topic: ironic)"		15:01
TheJulia	A midcycle topic etherpad has been setup	15:01
TheJulia	#link https://etherpad.opendev.org/p/Ironic-Victoria-midcycle	15:01
TheJulia	I believe September 2nd and 3rd are the best looking dates when I last glanced at the doodle	15:02
dtantsur	o/	15:02
TheJulia	rpittau: when are we closing that out?	15:02
rpittau	TheJulia: on wednesday	15:02
rpittau	wanted to give some more time as I know some people were on vacation until today	15:02
TheJulia	Additionally: If there is any update required for non-client libraries, we need to have it in before next week to meet the OpenStack release schedule	15:03
*** stendulker has joined #openstack-ironic		15:03
TheJulia	#link https://releases.openstack.org/victoria/schedule.html	15:03
*** seongsoocho has quit IRC		15:03
stendulker	o/	15:03
*** uzumaki has quit IRC		15:03
*** tkajinam has quit IRC		15:03
rloo	meeting?	15:03
*** dougsz has quit IRC		15:03
*** seongsoocho_ is now known as seongsoocho		15:03
TheJulia	#link https://doodle.com/poll/pi4x3kuxamf4nnpu	15:03
TheJulia	Is the link for the doodle	15:03
TheJulia	Does anyone have anything else to announce or remind us of?	15:04
*** SuiongNg\|ITRI_TW has quit IRC		15:04
* TheJulia expects one day for someone to announce a gif of pixie boots on the moon or something		15:04
dtantsur	the PTG registration has opened, I think	15:04
TheJulia	Looks like we had no action items last week, so we should be able skip that part of the meeting.	15:05
TheJulia	Oh!	15:05
*** ildikov has quit IRC		15:06
TheJulia	It is Forum brainstorming time! If there are items to be dsicussed or items that shoudl be held as forum topics, please add them to the victoria midcycle etherpad and we can further refine and bring those forward.	15:06
TheJulia	I guess we'll be there as a team, the PTG that is?	15:07
* TheJulia assumes yes		15:08
TheJulia	Anyway! Onward!	15:08
*** ildikov has joined #openstack-ironic		15:09
dtantsur	yep	15:09
iurygregory	++	15:09
rpittau	yeah	15:09
TheJulia	Moving to subteam status reports	15:09
TheJulia	#topic Review subteam status reports	15:09
*** openstack changes topic to "Review subteam status reports (Meeting topic: ironic)"		15:09
TheJulia	#link https://etherpad.openstack.org/p/IronicWhiteBoard	15:09
TheJulia	Starting at line 327	15:10
TheJulia	dtantsur: you mentioned bug fix branch changes, can you write down something under breaking the cycle so we know to do it?	15:10
TheJulia	I'm also not entirely sure what you were saying, so more $words is likely better	15:11
TheJulia	iurygregory: any luck with grenade?	15:11
*** chenhaw has quit IRC		15:11
dtantsur	TheJulia: I'll probably propose a documentation patch instead	15:11
iurygregory	TheJulia, nope =( -P didn't help	15:11
*** chenhaw has joined #openstack-ironic		15:11
TheJulia	dtantsur: awesome	15:11
iurygregory	maybe worth to discuss during the next midcycle	15:12
TheJulia	iurygregory: sounds like a great topic for the etherpad!	15:12
*** johnhaan has quit IRC		15:12
*** johnhaan_ has joined #openstack-ironic		15:12
iurygregory	TheJulia, yeah I will add	15:12
iurygregory	and we would probably need to merge broken so we would switch to zuulv3	15:13
iurygregory	and help the goal	15:13
TheJulia	sigh	15:14
TheJulia	well, on the plus side it would help more people see what is going on	15:15
iurygregory	yeah	15:15
iurygregory	compared to before, we can see some problems..	15:15
TheJulia	iurygregory: any news on privsep?	15:15
TheJulia	being able to see the problems is a much better situation!	15:15
iurygregory	I was able to chat with ralonsoh today (he was on PTO)	15:16
iurygregory	the failure we see only in one job is a bit weird, since ironic should have access to all folders we are running the os.link	15:16
rpittau	iurygregory: for privsep I think adding some more logging on the permissions of the dirs/files might help, at least for debugging	15:16
iurygregory	rpittau, yeah	15:16
TheJulia	To me, it seems likely that privsep will slip to next cycle? Any thoughts/concerns around this?	15:17
rpittau	no concerns	15:17
TheJulia	rpioso: thanks for the update on the redfish compatability profile stuffs	15:17
TheJulia	arne_wiebalck: I guess we should talk about next steps for the sig. That could also be a midcycle topic I guess?	15:17
iurygregory	no concerns also, but I will keep updating =)	15:17
arne_wiebalck	TheJulia: yes	15:18
arne_wiebalck	TheJulia: I need to pick this up	15:18
rpioso	TheJulia: You're welcome. And done :)	15:18
arne_wiebalck	TheJulia: I think we wanted to send out a mail re SIG meetings	15:18
TheJulia	Yeah, I think that was the consensus before you went on PTO	15:19
arne_wiebalck	TheJulia: And a first topic would be what to focus on after the white paper	15:19
arne_wiebalck	TheJulia: There was some input from the opendev event	15:19
arne_wiebalck	TheJulia: I will send out the mail to find a regular slot	15:19
TheJulia	Indeed!	15:19
TheJulia	Awesome!	15:19
*** gyee has joined #openstack-ironic		15:20
TheJulia	Well, is everyone good to proceed to reviewing priorities for the coming week?	15:20
rpittau	let's	15:20
TheJulia	#topic Deciding priorities for the coming week	15:20
*** openstack changes topic to "Deciding priorities for the coming week (Meeting topic: ironic)"		15:20
TheJulia	#link https://etherpad.openstack.org/p/IronicWhiteBoard	15:20
TheJulia	Starting at line 156	15:20
TheJulia	Any thoughts on droppign the WSME removal changes/refactoring patches for now, they are blocked and we don't have clarity	15:21
TheJulia	dropping them from the list for the next week or two, that is	15:21
rpittau	sounds good, they need revision/rebase anyway	15:21
*** rloo has quit IRC		15:22
TheJulia	Okay, removing merged items	15:22
*** zaneb has quit IRC		15:22
*** andrein has quit IRC		15:22
*** donnyd has quit IRC		15:22
*** priteau has quit IRC		15:22
*** buhman has quit IRC		15:22
*** vkmc has quit IRC		15:22
*** mnaser has quit IRC		15:22
*** guilhermesp has quit IRC		15:22
TheJulia	just what we need during our weekly meeting, a netsplit	15:23
dtantsur	\o/	15:23
rpittau	yay	15:23
TheJulia	Looks like it was a small one anyway	15:23
TheJulia	Okay, new items staring at line 230, any objection to adding these?	15:24
iurygregory	I've updated the dhcp-less section	15:25
TheJulia	Oh, that is awesome	15:25
iurygregory	good thing is that we won't need changes on ipa etc	15:25
iurygregory	glean just works	15:25
TheJulia	impressive	15:25
* TheJulia hears the lack of objections as agreement to add all the items after line 230		15:26
iurygregory	the only fix we needed is merged https://review.opendev.org/#/c/747144/ (Vinay did some tests and reported this issue)	15:26
patchbot	patch 747144 - ironic - Fix network_data path for dhcpless deployments (MERGED) - 1 patch set	15:26
TheJulia	Okay list updated, Does that work for everyone?	15:29
rpittau	yep	15:30
stendulker	https://review.opendev.org/#/c/742936/	15:30
patchbot	patch 742936 - ironic - Allow HttpImageService to accept custom certificate - 6 patch sets	15:30
TheJulia	Well, then I think it is time to move forward to discussion	15:30
stendulker	Can this be added?	15:30
TheJulia	stendulker: already in the list	15:30
TheJulia	line 189	15:30
stendulker	TheJulia: oh, ok, Thanks	15:31
TheJulia	No worries!	15:31
*** weshay\|ruck has quit IRC		15:31
TheJulia	#topic Discussion	15:32
*** openstack changes topic to "Discussion (Meeting topic: ironic)"		15:32
*** weshay has joined #openstack-ironic		15:32
TheJulia	We have one discussion topic this morning.	15:32
*** rloo has joined #openstack-ironic		15:32
*** tepper.freenode.net changes topic to "Bare Metal Provisioning \| Status: http://bit.ly/ironic-whiteboard \| Docs: http://docs.openstack.org/ironic/ \| Bugs: https://storyboard.openstack.org/#!/project_group/75 \| Contributors are generally present between 6 AM and 12 AM UTC, If we do not answer, please feel free to pose questions to openstack-discuss mailing list."		15:32
TheJulia	dtantsur: would you like the microphone?	15:32
dtantsur	yep	15:32
dtantsur	#link http://lists.openstack.org/pipermail/openstack-discuss/2020-August/016681.html	15:32
dtantsur	this is a proposal to deprecate and eventually remove the iscsi deploy interface	15:32
dtantsur	with the introduction of the image_download_source option we no longer seem to have use cases that are covered by iscsi but not by direct	15:33
dtantsur	when working on deploy steps, the presence of a similar but not quite same interface implementation was a huge impediment	15:33
*** zaneb has joined #openstack-ironic		15:33
*** donnyd has joined #openstack-ironic		15:33
*** andrein has joined #openstack-ironic		15:33
TheJulia	I can second the pain of the similar but fundamentally different interfaces causing headaches.	15:34
dtantsur	with a goal of reducing the code base and substantially reducing the testing matrix, I'd like to remove it	15:34
*** priteau has joined #openstack-ironic		15:34
*** buhman has joined #openstack-ironic		15:34
*** guilhermesp has joined #openstack-ironic		15:34
*** vkmc has joined #openstack-ironic		15:34
*** mnaser has joined #openstack-ironic		15:34
TheJulia	I'm pretty much for this proposal, I'm wondering if anyone is really objecting?	15:35
* arne_wiebalck thinks that image_download_source=http for direct should be called indirect		15:35
kaifeng	how about moving it to x-stagging-drivers after removal from ironic?	15:35
JayF	No objection from me. Maybe even a minor squeal of gleeful victory for the agent :D	15:35
TheJulia	arne_wiebalck: propose a patch? :)	15:35
iurygregory	arne_wiebalck, ++	15:35
TheJulia	I actually like that idea and deprecating/removing iscsi does open the door to that	15:36
TheJulia	And it wouldn't need to be a separate interface, just an option	15:36
dtantsur	arne_wiebalck: indirect is how we call it in the CI :)	15:36
TheJulia	well, a separate interface of code	15:36
TheJulia	So I'm not hearing objections, maybe we bring up one more time at the midcycle and if nobody screams by then go ahead and approve the deprecation?	15:37
arne_wiebalck	I think this provides a very smooth transition for iscsi deployments	15:37
arne_wiebalck	We should just be clear it does not address scalability issues	15:37
TheJulia	it might be even easier for it to be an optional upgrade step or logic in the ugprade checker	15:37
TheJulia	time for RFE Review?!?	15:38
TheJulia	arne_wiebalck: ++	15:38
openstackgerrit	Ankit Kumar proposed openstack/ironic master: Enhance certificate verification for ilo harware type https://review.opendev.org/743490	15:39
TheJulia	#topic RFE Review	15:40
*** openstack changes topic to "RFE Review (Meeting topic: ironic)"		15:40
TheJulia	dtantsur: are these all yours? :)	15:40
dtantsur	at least added by me :)	15:40
TheJulia	I need to step away for a moment, if you wouldn't mind :)	15:40
dtantsur	#link https://storyboard.openstack.org/#!/story/2007214 Pass TLS certificate file from ironic to IPA via virtual media	15:40
dtantsur	oops, I scared TheJulia :)	15:40
iurygregory	hahaha	15:40
dtantsur	anyway, the first one addresses the well known problem of TLS between ironic and the agent	15:40
dtantsur	JayF helped me shape it so that it covers both static and automatic TLS	15:41
dtantsur	(thanks!)	15:41
JayF	One thing that on further consideration I wonder if you wanna add to that RFE	15:41
dtantsur	my personal goal is to have the TLS pretty much automatically set up and enabled	15:41
JayF	is the Ironic conductor presenting a client certificate to IPA	15:41
*** k_mouza has quit IRC		15:42
JayF	and using the same mechanism for passing cert/key to IPA to also pass a ca file through to IPA	15:42
dtantsur	yep, I haven't thought about this bit yet	15:42
openstackgerrit	Dmitry Tantsur proposed openstack/ironic-python-agent master: Document in-band deploy steps and add more docs for custom steps https://review.opendev.org/747753	15:42
* TheJulia returns		15:43
dtantsur	JayF: should be easy to add, even later on	15:43
JayF	++	15:43
dtantsur	any thoughts on the overall RFE? especially if anybody understands TLS better than me?	15:44
JayF	My only concern is that by design, sending a private key over to the agent over and over makes it unlikely to remain secure	15:44
JayF	I think in a perfect world, we'd have Ironic generate a fresh, rapidly-expiring cert/key that's signed by a longer-lived cert	15:45
dtantsur	JayF: I don't think we send the private key, do we?	15:45
JayF	but there's nothing that would prevent that from being done as a later step	15:45
TheJulia	as long as it seems like nothing blocks us in from doign that later, I'm good with it.	15:45
dtantsur	the current proposal offers to generate the key on the agent side and send ironic its public part	15:45
JayF	2.1 bullet #2: If these are provided, embed them into the virtual media ISO and populate the oslo.service [ssl]cert_file and [ssl]key_file option in /etc/ironic-python-agent/ironic-python-agent.conf.	15:45
dtantsur	ah, the client certificate part	15:46
dtantsur	JayF: what if we split away the client certificates into a new RFE?	15:46
dtantsur	the number of combinations here already gives me a headache	15:46
JayF	but again, it can be a later enhancement so I don't view it as a blocker. It just makes it difficult to see deployers with strong preexisting certificate infrastructure being wiling to ship around private keys like that.	15:46
JayF	dtantsur: +++	15:47
TheJulia	I like that idea	15:47
TheJulia	(split them into two rfes	15:47
TheJulia	)	15:47
dtantsur	okay, I'll split 2.1 and further improvements into a new RFE	15:47
TheJulia	awesome	15:47
TheJulia	next!	15:47
dtantsur	how is everything else looking?	15:47
* dtantsur gives people 1 more minute to add their comments		15:47
TheJulia	I already approved 2008043	15:47
TheJulia	Given it was always the intent for us to support that case	15:48
dtantsur	okay, good :)	15:48
TheJulia	it is just a logical progression at this point	15:48
dtantsur	I'd not mind to have a volunteer for that	15:48
dtantsur	#link https://storyboard.openstack.org/#!/story/2008043 (deploy steps via API) is looking for a volunteer since dtantsur is pretty busy	15:48
TheJulia	++	15:49
dtantsur	okay, moving to the last one (which is not mind, but I've put it here)	15:49
dtantsur	s/mind/mine/	15:49
dtantsur	#link https://storyboard.openstack.org/#!/story/2008047 Add a feature discovery API to Ironic	15:49
dtantsur	idea by dhellmann based on metal3 experience with ironic	15:49
* dtantsur gives people time to read the text		15:49
openstackgerrit	Merged openstack/python-ironicclient master: Allow to pass global request id for remaining objects https://review.opendev.org/725941	15:50
TheJulia	I generally like the idea, but that seems like it could sprawl into a lot of ocde	15:51
openstackgerrit	Merged openstack/python-ironicclient master: Add release note regarding global_request_id https://review.opendev.org/732590	15:51
TheJulia	code	15:51
dtantsur	yep. I suspect this is something that would require a spec	15:51
JayF	That API seems like it would be great. It also seems like it would be incredibly complex and a large amount of maintenance.	15:51
*** Qianbiao has quit IRC		15:51
TheJulia	because it comes down to providing a concrete answer to the capability matrix of a driver, which means some of that has to be coded in with a union of what can be identified about the node	15:51
JayF	I also suspect there are some capabilities which might be driver-capable but not environment-capable in a way Ironic can't identify	15:52
TheJulia	dtantsur: I concur, JayF: I'm thinking the same	15:52
dtantsur	well, to the best of our knowledge :)	15:52
dhellmann	you could definitely build it incrementally	15:52
dtantsur	dhellmann: o/	15:52
dhellmann	it doesn't have to be able to answer every possible question before it would be useful	15:53
TheJulia	dhellmann: We love incrementalism here in ironic :)	15:53
TheJulia	I'd love a spec that details basic mechanics, maybe an idea of how we would wire the basic internals together, and what the api response should be	15:53
dhellmann	it also doesn't have to give perfect answers, if there are things ironic can't figure out	15:53
*** k_mouza has joined #openstack-ironic		15:53
dhellmann	I could work with someone on that, but couldn't commit to doing the whole thing	15:54
JayF	Having an oracle that's only sometimes-correct can be worse than having no answer at all. I'm not sure I agree this is a useful item to do incrementally.	15:54
dtantsur	dhellmann: if it ends up being what we want downstream, somebody from our team will pair with you	15:54
dhellmann	JayF: what features could we not answer definitively?	15:54
dhellmann	dtantsur : ++	15:55
dtantsur	(it may be even me, given my experience with adding large stuff to ironic)	15:55
JayF	dhellmann: that'd be something I'd need to think more on, but I think the matrix gets quite a few dimensions around some features	15:55
dtantsur	JayF: agreed about sometimes, but there are things that we can figure out but currently don't	15:55
dtantsur	like, we can look at a node and see if it has any chances of supporting virtual media at all	15:56
dhellmann	I would wait to add features like that to the response set, then.	15:56
TheJulia	Yeah, it could easily become a 3d matrix :\	15:56
dtantsur	by going to its redfish endpoint and seeing if the VirtualMedia resource is there	15:56
dtantsur	and supports a Cd type	15:56
dtantsur	and Manager-to-System mapping is 1-to-1	15:56
TheJulia	well, then there likely also needs otbe license checking	15:56
TheJulia	"it is present" "And it is licensed" and "we can map it properly"	15:56
dtantsur	if it can be checked - awesome!	15:56
TheJulia	yeah	15:57
dtantsur	then we go from "it may or may not support it" to "it's very likely to support it"	15:57
TheJulia	lets focus on a single slice	15:57
TheJulia	at least in terms of a spec and then see how that can be iterated upon in other areas	15:57
dhellmann	sure. a first version may respond based on what ironic supports. a later version might add the license check	15:57
* dtantsur adds needs-spec tag		15:57
TheJulia	Well, we seem to only have two minutes left and didn't get to Open Dsicussion	15:58
TheJulia	#topic Open Discussion	15:58
*** openstack changes topic to "Open Discussion (Meeting topic: ironic)"		15:58
TheJulia	Are there any other items to be discussed/raised?	15:59
JayF	I wanted to toss out if we'd ever considered having an interface specifically for in-band cleaning.	15:59
dtantsur	not sure I get it	15:59
JayF	We have a few drivers which mix-in AgentBase to get agent cleaning support, even if agent isn't used for deployment. Just wondering if that's a good pattern to continue or if there'd be interest in making that a more clean split.	15:59
dtantsur	that makes some sense at first glance; it also gives me a huge headache	16:00
JayF	Right now, DeployInterface handles both deployment and cleaning. There are drivers, such as ramdisk driver, which mix-in agent for cleaning, along with another method for deployment	16:00
TheJulia	JayF: is the thought to be able to have drivers that don't support cleaning?	16:00
TheJulia	or nodes in configurations?	16:00
*** ijw has joined #openstack-ironic		16:00
JayF	TheJulia: I'm thinking stuff like ramdisk driver, a potential future anaconda/kickstart driver, not having to worry about cleaning at all, but just handle the deployment half	16:00
rloo	(also, soon-to-present rfe for an anaconda deploy driver -- not for cleaning...)	16:01
TheJulia	hmm	16:01
rloo	(yeah, what JayF said :))	16:01
JayF	TheJulia: since they mainly are about alternative ways to deploy, and are mostly ambivalent about cleaning -- although today that's implemented as mixing in AgentBase to get agent cleaning	16:01
TheJulia	There is a knob over cleaning on the node	16:01
JayF	I could see someone even wanting to, for instance, use a ramdisk driver with ansible cleaning, perhqps.	16:01
TheJulia	And a long time ago there was discussion of splitting it, but in multitanant environments I suspect it would always be needed, so I'm not sure where the happy medium is at this moment	16:02
dtantsur	we don't need to have no-clean implementation	16:02
JayF	I just can't figure out why in our model deployment and cleaning should be unified.	16:02
JayF	dtantsur: ++	16:02
TheJulia	JayF: I could see that case	16:02
dtantsur	we can have a data migration that'll populate the new field based on the current deploy_interface	16:02
*** lucasagomes has quit IRC		16:02
JayF	I'm not even proposing it for sure right now, I'm just curious if it passes the smell test.	16:02
dtantsur	I fully agree, I wonder who can dedicate so much time to make it work	16:02
JayF	Seems like it might be time for it, though.	16:02
JayF	dtantsur: /me would try to volunteer zer0c00l to do it as part of the anaconda work	16:03
JayF	lol	16:03
TheJulia	seems like one of those 50/50 items. It might pass the smell test	16:03
dtantsur	poor zer0c00l	16:03
dtantsur	as somebody who's recently dived into the guts of our agent code...	16:03
TheJulia	heh	16:03
dtantsur	... I don't want to do it again for such a big refactoring	16:03
dtantsur	:)	16:03
* TheJulia lives in that code...		16:03
rloo	it is ok to volunteeer zer0c00l with JayF as backup :D	16:03
JayF	Oh no! A reversal!	16:03
dtantsur	a well detailed RFE would be a good first step	16:04
TheJulia	++	16:04
TheJulia	Anyway, I guess we're done for today. Thanks everyone!	16:04
JayF	ack; just wanted to make sure the answer wasn't "absolutely not" before taking more effort than a conversation	16:04
JayF	o/	16:04
dtantsur	thanks!	16:04
TheJulia	#endmeeting	16:05
*** openstack changes topic to "Bare Metal Provisioning \| Status: http://bit.ly/ironic-whiteboard \| Docs: http://docs.openstack.org/ironic/ \| Bugs: https://storyboard.openstack.org/#!/project_group/75 \| Contributors are generally present between 6 AM and 12 AM UTC, If we do not answer, please feel free to pose questions to openstack-discuss mailing list."		16:05
*** ijw has quit IRC		16:05
openstack	Meeting ended Mon Aug 24 16:05:10 2020 UTC. Information about MeetBot at http://wiki.debian.org/MeetBot . (v 0.1.4)	16:05
openstack	Minutes: http://eavesdrop.openstack.org/meetings/ironic/2020/ironic.2020-08-24-15.00.html	16:05
openstack	Minutes (text): http://eavesdrop.openstack.org/meetings/ironic/2020/ironic.2020-08-24-15.00.txt	16:05
openstack	Log: http://eavesdrop.openstack.org/meetings/ironic/2020/ironic.2020-08-24-15.00.log.html	16:05
dtantsur	something that did not fit into the meeting: what do you all think about developing https://review.opendev.org/#/c/743771/ into a new feature (an optional deploy step)?	16:05
patchbot	patch 743771 - ironic-python-agent - [PoC] A deploy step to update /etc/default/grub - 4 patch sets	16:05
*** weshay has quit IRC		16:05
*** weshay has joined #openstack-ironic		16:05
rpittau	dtantsur: I think it makes sense	16:07
TheJulia	dtantsur: feasible, will we be mounting/unmounting the same image multiple times	16:07
dtantsur	seems to	16:07
TheJulia	also, what about running grub config with whole disk images	16:07
dtantsur	run grub-install, no way around it	16:07
TheJulia	well, that invalidates signed files	16:08
dtantsur	assume that people who enable this step know what they are doing	16:08
TheJulia	I've been thinking about doing something similar for /etc/fstab	16:08
TheJulia	so I think it is reasonable	16:08
JayF	I'm not super familiar with that code in particular	16:08
JayF	but how does that work with Windows images?	16:08
JayF	priority: 0 means it's non-default, so you just don't run that step, right?	16:08
TheJulia	it would likely need to identify and run only on linux machines	16:09
dtantsur	yep (the PoC has it enabled for CI testing purposes)	16:09
TheJulia	we likely need a qualification helper	16:09
* JayF puts on windows hat		16:09
dtantsur	it will be enabled via a deploy template, so don't use this template if your image does not support it?	16:09
JayF	would we accept a similar step in the future to modify boot.ini for $windowsReasons?	16:09
dtantsur	no objections from me	16:10
TheJulia	JayF: I suspect so if we do it for linux	16:10
dtantsur	as long as I'm not the one who writes and supports it :)	16:10
JayF	Ack, WFM then :D I thought it'd be good just playing the advocate	16:10
JayF	lol	16:10
TheJulia	Zero objections here... and I'm with dtantsur on that one	16:10
* JayF imagines the horror of a dib element to install ntfs support into an ipa ramdisk		16:10
TheJulia	file should be able to tell us if it is ntfs	16:10
TheJulia	or ext[x] or xfs or jfs or whatever	16:11
TheJulia	and file is a requirement	16:11
dtantsur	somebody HAS asked me about software RAID for windows	16:12
dtantsur	JayF: one day we may want to support btrfs as a partitioning schema :)	16:12
TheJulia	I mean... if someone has the code ready I'd be happy to review and merge it if it is doable	16:12
JayF	dtantsur: I don't want to take responsibility for users who want to subject their data to ritual sacrifice :D	16:13
dtantsur	they say btrfs is better (heh) these days	16:13
dtantsur	fedora wants to switch to it by default for desktops	16:13
TheJulia	seriously?	16:13
TheJulia	again?!?	16:13
dtantsur	not sure about again, but for F33 :)	16:14
TheJulia	JayF: would that be a ritual sacrafice of a stick of butter?	16:14
JayF	you butter believe it	16:14
dtantsur	https://fedoraproject.org/wiki/Changes/BtrfsByDefault	16:14
TheJulia	And would that actually be more like butter being melted in a blisteringly hot cast iron pan?	16:14
* TheJulia feels the need to cook with a whole stick of butter soon		16:14
* TheJulia should have a camera ready		16:15
* TheJulia goes and finds something to nom		16:16
dtantsur	I had an early start today, so bailing out now. c u	16:16
JayF	o/	16:17
*** iurygregory has quit IRC		16:18
*** dtantsur is now known as dtantsur\|afk		16:19
*** stendulker has quit IRC		16:23
openstackgerrit	Riccardo Pittau proposed openstack/ironic master: Enforce autospec in common tests https://review.opendev.org/747767	16:24
rpittau	goodnight o/	16:24
*** iurygregory has joined #openstack-ironic		16:27
*** ijw has joined #openstack-ironic		16:39
*** ijw_ has joined #openstack-ironic		16:42
*** k_mouza has quit IRC		16:43
*** ijw has quit IRC		16:44
*** ijw has joined #openstack-ironic		16:48
*** tosky has quit IRC		16:49
*** ijw_ has quit IRC		16:51
*** derekh has quit IRC		17:02
*** mkrai has quit IRC		17:10
*** k_mouza has joined #openstack-ironic		17:18
*** k_mouza has quit IRC		17:23
*** thiagop has joined #openstack-ironic		17:36
*** livelace has quit IRC		17:44
*** dking has joined #openstack-ironic		17:56
*** jtomasek has joined #openstack-ironic		18:07
*** kaifeng has quit IRC		18:08
*** thiagop is now known as outbrito		18:25
*** jtomasek has quit IRC		18:27
guilhermesp	hey there! im looking for a way to build my own initrd and kernel with a custom ironic-python-agent, so our user can set up those images to the nodes and have their own inspection parameters ... which would be the best way to do it?	18:29
guilhermesp	in other words, we would like to customize the inspection, which i believe we can achieve that by build our ironic python agent	18:32
*** outbrito is now known as thiagop		18:34
TheJulia	So you can do that. You can use ironic-python-agent-builder and set a environment variable to the appropriate path. I believe it is documented (if not, I can help you figure it out)	18:37
*** jtomasek has joined #openstack-ironic		18:37
*** jtomasek has quit IRC		18:48
guilhermesp	TheJulia: hiiii thanks for the reply. I guess you mentioned https://docs.openstack.org/ironic-python-agent-builder/latest/ ... yeah i have a customer that is trying to create those images and run their own inspection process... im trying to figure out/understand what they did that resulted in a bad image, which breaks as soon as ironic loads it	19:02
guilhermesp	and their steps was like	19:02
guilhermesp	https://www.irccloud.com/pastebin/gRRn6fuF/	19:02
iurygregory	any logs you can share?	19:08
*** lmcgann__ has joined #openstack-ironic		19:11
guilhermesp	nope unfortunately... actually it seems that the image is breaking somehow, im getting a screenshot o the console lol	19:11
guilhermesp	https://usercontent.irccloud-cdn.com/file/GY1C38mZ/Untitled.png	19:12
guilhermesp	that could mean a lot of stuff, but as im not seeing any issues in ironic logs, i believe that somehow their process to create those custom images is missing something	19:13
* TheJulia files rebooting desktop under bad idea		19:22
*** priteau has quit IRC		19:31
*** jamesden_ has quit IRC		20:02
*** uzumaki has joined #openstack-ironic		20:08
*** dking has quit IRC		20:08
*** jamesdenton has joined #openstack-ironic		20:09
TheJulia	okay, and I'm back :(	20:37
stevebaker	TheJulia: regarding https://review.opendev.org/#/c/742795 I'll refresh the series some time today regardless of where I'm at with node.py	20:50
patchbot	patch 742795 - ironic - New argument validate decorator - 7 patch sets	20:50
TheJulia	stevebaker: thanks	20:50
*** lmcgann__ has quit IRC		20:52
*** livelace has joined #openstack-ironic		21:14
*** janders has quit IRC		21:39
openstackgerrit	Jay Faulkner proposed openstack/ironic-python-agent master: Eventlet should be monkey patched as early as possible https://review.opendev.org/746774	21:44
*** thiagop has quit IRC		21:47
*** bnemec has quit IRC		21:50
JayF	TheJulia: if you have a sec -- re: lower-constraints; is that held in a separate repo, e.g. openstack/requirements, or do I just edit it directly in our repo	22:08
JayF	for IPA specifically	22:08
JayF	https://gist.github.com/jayofdoom/c0fbf31bcd0964ed4b73aa0ad15b7d6a is the lower-constraints changes that appears to fix tests	22:09
JayF	although I haven't version-bisected yet, the tests run with only those changes	22:10
TheJulia	JayF: edit the one in our repo	22:12
JayF	that sounds ezpz then. I'll find the maximally minimal change and commit it in \o/	22:13
JayF	IDK, I think I'll actually keep the changes as-is. It makes sense to depend on newer oslo.service	22:13
JayF	newer oslo, newer eventlet	22:14
openstackgerrit	Jay Faulkner proposed openstack/ironic-python-agent master: Eventlet should be monkey patched as early as possible https://review.opendev.org/746774	22:15
openstackgerrit	Jay Faulkner proposed openstack/ironic-python-agent master: If listen_tls is true, enable TLS on wsgi server https://review.opendev.org/747193	22:20
*** bfournie has quit IRC		22:24
openstackgerrit	Jay Faulkner proposed openstack/ironic-python-agent master: Eventlet should be monkey patched as early as possible https://review.opendev.org/746774	22:24
*** ijw has quit IRC		22:25
*** k_mouza has joined #openstack-ironic		22:42
*** ijw has joined #openstack-ironic		22:46
*** k_mouza has quit IRC		22:47
*** rloo has quit IRC		22:48
*** ijw has quit IRC		22:51
openstackgerrit	Jay Faulkner proposed openstack/ironic-python-agent-builder master: Add element to configure IPA with TLS, use configdir https://review.opendev.org/747309	23:07
*** ijw has joined #openstack-ironic		23:08
*** uzumaki has quit IRC		23:09
*** janders has joined #openstack-ironic		23:18
*** iurygregory has quit IRC		23:21
janders	good morning Ironic o/	23:32
*** rcernin has joined #openstack-ironic		23:37
TheJulia	good morning janders	23:42

Generated by irclog2html.py 2.17.2 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!