TheJulia | Any thoughts on injecting the agent_secret_token into ISO images with HTTP URL booting? It is close enough/similar enough to virtual media that I suspect it is likely safe/okay to do, and the security is sort of identical with the bmc being the driver | 00:59 |
---|---|---|
stevebaker[m] | TheJulia: that seems no worse than the vmedia case | 01:39 |
opendevreview | likui proposed openstack/ironic master: Fix Reopen Web Console Duplicate Sol Session https://review.opendev.org/c/openstack/ironic/+/900846 | 02:08 |
opendevreview | Boushra Sondos Bettir proposed openstack/ironic master: [WIP] Currently working on adding support for OVN type switches which Neutron already supports. https://review.opendev.org/c/openstack/ironic/+/900568 | 03:17 |
JayF | Does [S] matter to us in those cases? | 05:29 |
opendevreview | likui proposed openstack/ironic master: Fix Reopen Web Console Duplicate Sol Session https://review.opendev.org/c/openstack/ironic/+/900846 | 06:16 |
rpittau | good morning ironic! o/ | 08:09 |
opendevreview | Merged openstack/metalsmith master: Document LP as official bugtracker https://review.opendev.org/c/openstack/metalsmith/+/900452 | 08:42 |
dtantsur | TheJulia: I'm definitely for injecting tokens into ISO images. I think we can potentially influence TLS certificates via Redfish, making it robust. | 09:14 |
opendevreview | Merged openstack/sushy master: Fix missing ETag when patching Redfish resource https://review.opendev.org/c/openstack/sushy/+/892113 | 09:21 |
opendevreview | Merged openstack/networking-generic-switch stable/2023.1: Fix regression plugging 802.3ad port group https://review.opendev.org/c/openstack/networking-generic-switch/+/900318 | 10:11 |
opendevreview | Merged openstack/networking-generic-switch stable/2023.2: Fix regression plugging 802.3ad port group https://review.opendev.org/c/openstack/networking-generic-switch/+/900316 | 10:12 |
iurygregory | good morning | 11:19 |
opendevreview | Mark Goddard proposed openstack/networking-generic-switch stable/2023.1: Honor ngs_save_configuration setting when using batch commands https://review.opendev.org/c/openstack/networking-generic-switch/+/900884 | 11:20 |
opendevreview | Merged openstack/ironic-inspector stable/2023.2: Update TOX_CONSTRAINTS_FILE for stable/2023.2 https://review.opendev.org/c/openstack/ironic-inspector/+/896044 | 12:30 |
opendevreview | Merged openstack/networking-generic-switch stable/2023.2: Honor ngs_save_configuration setting when using batch commands https://review.opendev.org/c/openstack/networking-generic-switch/+/896111 | 13:23 |
*** dtantsur_ is now known as dtantsur | 14:51 | |
TheJulia | JayF: I think we would always prefer https, but if someone sets it to HTTP explicitly, then there is really not much we can do other than a scary sounding warning message. | 14:53 |
TheJulia | whoa https://review.opendev.org/c/openstack/networking-generic-switch/+/897047/ | 15:40 |
JayF | stuff like that is always borderline scary/cool, but tips hard over to "cool" when one of the biggest users of it is the submitter | 15:42 |
TheJulia | ... That wouldn't be awful to plug jsonrpc into either | 15:59 |
TheJulia | dtantsur: ^ | 15:59 |
dtantsur | +2075 -1279 not bad | 15:59 |
dtantsur | is it the chance we kill eventlet before we commit to another project that uses it? | 16:00 |
TheJulia | Copyright 2022, heh | 16:00 |
* dtantsur suspects the answer is no | 16:00 | |
TheJulia | unlikely | 16:01 |
JayF | You'd also be taking a huge risk | 16:01 |
JayF | trying to guess what the endpoint we land on is | 16:01 |
JayF | you write something in asyncio or trio and then we end up using gevent | 16:01 |
JayF | whoopsie | 16:01 |
dtantsur | Short of rewriting Ironic in Go or Rust, asyncio is the only reasonable way forward IMO | 16:02 |
dtantsur | I've rewritten my dashboard in it, and it's just great. | 16:02 |
JayF | There is only one response to the issue on the list; and that suggestion is gevent. | 16:02 |
JayF | (with a specific suggestion, I mean) | 16:02 |
TheJulia | more specific suggestions would be good, dtantsur you might just want to chime on the thread as well. | 16:03 |
JayF | (FWIW I agree with you dtantsur but don't want that thread to turn into Jay talking to Jay, that tends to worry people) | 16:03 |
dtantsur | I'm not even aware of the thread | 16:04 |
* JayF dies | 16:04 | |
TheJulia | https://lists.openstack.org/archives/list/openstack-discuss@lists.openstack.org/message/YO5CZDVAJ6QSF734ALWSGNOQDDAIOXKI/ | 16:05 |
TheJulia | Threaded view https://lists.openstack.org/archives/list/openstack-discuss@lists.openstack.org/thread/YO5CZDVAJ6QSF734ALWSGNOQDDAIOXKI/#YO5CZDVAJ6QSF734ALWSGNOQDDAIOXKI | 16:05 |
JayF | https://lists.openstack.org/archives/list/openstack-discuss@lists.openstack.org/message/YO5CZDVAJ6QSF734ALWSGNOQDDAIOXKI/ | 16:05 |
dtantsur | to eventually move to asincio | 16:05 |
dtantsur | via gevent as a bridge. | 16:05 |
JayF | ahh | 16:06 |
JayF | Itamar had a suggestion based on how they bridged twisted into asyncio | 16:06 |
dtantsur | This is not a terrible proposal if gevent actually helps | 16:06 |
JayF | but I suggested he let openstack folks get in that thread before going too crazy with suggestions :) | 16:06 |
dtantsur | Twisted is cool but it's age is over | 16:06 |
JayF | apparently they just added a call to the asyncio event loop from the twisted event loop | 16:06 |
JayF | well yeah; they wrote a migration path to asyncio | 16:06 |
JayF | that we can mimic for eventlet | 16:06 |
JayF | that itamar worked on | 16:06 |
dtantsur | Unlike eventlet, Twisted is not all-or-nothing | 16:07 |
dtantsur | Our problem is that the second we disable monkey patching, everything bursts in flames | 16:07 |
JayF | dtantsur: https://etherpad.opendev.org/p/nov-2023-eventlet-gross | 16:07 |
dtantsur | And if we try to use asyncio with monkey patching, everything also bursts in flames | 16:07 |
JayF | dtantsur: that has sorta the rough notes we've taken, including some of the migration ideas | 16:07 |
dtantsur | These are all good ideas, I wonder how far we are from even a proof of concept of any | 16:08 |
JayF | Right now, none, primarily because we wanted to get it in front of the community and get some form of consnsus and attention before investing too much time | 16:09 |
TheJulia | I think we need a "victim" project | 16:09 |
* TheJulia volunteers IPA as victim | 16:10 | |
JayF | Itamar's big focus has been on eventlet itself and unit tests | 16:10 |
TheJulia | s/victim/tribute/ | 16:10 |
JayF | and he has found a *lot* of test failures, especially in python 3.11, around reentrant locks | 16:10 |
JayF | to the point where I'd be a bit surprised, given the way sqlalchemy uses those kinds of locks for connections, if a busy openstack cluster worked IRL on py3.11 | 16:10 |
dtantsur | that's a huge problem | 16:37 |
dtantsur | TheJulia: IPA could be our case study indeed, the key problem is to replace oslo.service | 16:38 |
TheJulia | indeed | 16:38 |
rpittau | good night! o/ | 17:25 |
JayF | o/ | 17:26 |
JayF | https://review.opendev.org/c/openstack/ironic/+/900568 for the OVN switch support | 17:40 |
JayF | I think that's pretty on the right track | 17:40 |
JayF | needs some tests and linting fixes, but in terms of the shape of the change that looks pretty good | 17:41 |
JayF | TheJulia: ^ I think that's what you were talking about in DM, about reusing fields, yeah | 17:41 |
JayF | Heh, coding is wrong but I mean more like, the schema | 17:42 |
TheJulia | heh | 17:42 |
TheJulia | I'm glad you clarified that because I was like "what?!" | 17:42 |
TheJulia | but yeah, I suspect so, just need to actually find a time slice where I can context switch to it | 17:43 |
JayF | I think it's one of those things where, I'll try to work with her today/tomorrow get her started writing unit tests for it | 17:43 |
JayF | which should help with understanding of the shape of the data | 17:43 |
TheJulia | ++ | 17:47 |
JayF | https://uefi.org/blog/firmware-sbom-proposal :-O | 18:50 |
TheJulia | Interesting! | 19:33 |
JayF | dtantsur: summary of opendev-sysadmin meeting is; they'd prefer not host a service that only serves a single openstack project and not a whole top-level opendev project. I will look at downstream resources to see if I can get our devops team to run it | 20:02 |
JayF | dtantsur: basically either we take ownership of "consensus for bug dashboarding for all of openstack" or BYOInfra; I am BYOInfra | 20:03 |
clarkb | fwiw I don't think you need consensus for bug dashboard for all of openstack | 20:09 |
clarkb | I don't think ttx had that for bugday | 20:09 |
JayF | Well, we need to have a tool designed in that direction, with some sort of authority to feel like it's the direction everyone is going | 20:09 |
JayF | I couldn't even get basic agreement on simple tooling on an LP migration; there's no way I'm going to revisit that topic | 20:09 |
JayF | it's exhausting | 20:09 |
clarkb | but bugday was built for all of the openstack projects at the time even if it was probably biased through the ttx lens | 20:09 |
clarkb | and then tripleo and ironic apparently wrote replacements for bugday and bugday died | 20:10 |
JayF | this ironic-bug-dashboard was created after bugday died aiui | 20:10 |
clarkb | anyway I think there is a difference between consensus and usage. If the tool is generically useful and works for more than ironic thats fine even if all of openstack doesn't necessarily agree with the sort orders or fields etc | 20:11 |
JayF | but that's all history now; I'm oriented to the future, and right now I see little/no bug triage happening in Ironic, and a working tool in front of me to go plug in and help solve tha tproblem | 20:11 |
JayF | heh dtantsur we should just tell the bug deputy to run it locally; we're all python devs and it's a trivial app | 20:12 |
JayF | that's almost a serious suggestion | 20:12 |
JayF | I'll also note, I wasn't very active in projects using bugday when it was used; so I'm also being told "don't use this tool that exists, go dig up an older general purpose tool you've never used and make it exist again"; just frustrating when I'm trying to solve a thing, it' | 20:14 |
JayF | it's okay though I'll just do it out of band and not have the discussion anymore | 20:14 |
clarkb | no one is saying dig up the old tool | 20:14 |
clarkb | I explicitly said I don't mean that. I said what OpenDev would be open to hosting is something that fit in the same space even if the code base is different | 20:14 |
clarkb | We can't be in the business of doing one off for everoyne. But we can host generic tools that work for others | 20:15 |
JayF | I'd have you consider the optics of the TC Chair doing such a thing without getting community consensus | 20:15 |
JayF | No is a fine answer. Go do something way harder instead is a frustrating answer :D | 20:15 |
clarkb | I mean thats the only way OpenDev manages to keep the lights on. What we do is harder to bootstrap absolutely. Beucase the early investment allows for longer term sustainability | 20:17 |
clarkb | I'm sorry that is frustrating | 20:17 |
clarkb | but I'm not sure I have a solution for that | 20:17 |
JayF | I'm saying "No" is not frustrating. You all saying no is smart, and I appreciate that from an infra standpoint. | 20:17 |
JayF | "Why don't we try to build consensus?" as an implied question when, at least as best as I know how, I'm always trying to, and not getting a lot of uptake, is the frustrating part | 20:18 |
JayF | at some point I have to stop trying to get things done in a committee and start getting things done; that's where I am with this item and many others | 20:18 |
JayF | (I mean that in the colloquial sense; ala Princess Leia, not in the TC sense; shoudl've picked a better metaphor) | 20:19 |
clarkb | sure. I guess my feedback to that is to stop trying to get things done in committee. Within OpenDev we send announcements and solicit feedback but when there is none we move forward with the decisions we think work broadly | 20:19 |
clarkb | for example we upgraded etherpad recently. But we waited until after the PTG | 20:19 |
clarkb | that wasn't a committee decision that was us doing our best to avoid stepping on toes | 20:19 |
clarkb | When we upgraded Gerrit to 3.2 we basically said this is happening and we have to move forward because 2.13 isn't viable. We knew it would be different for our users (new ui etc) and we knew it would require a long downtime. But we made the decision | 20:20 |
clarkb | When setting policy for OpenStack you need to follow the governance structure of the project | 20:20 |
clarkb | when making useful tools that people may choose to or not choose to use you don't have to follow the same consensus driven ruleset | 20:21 |
clarkb | and to be clear sometimes that fails. An example of middling success is meetpad. We deployed that without consensus prior to the first virtual PTG and useage has been low | 20:22 |
JayF | That is an interesting line to draw I had not considered before now. | 20:22 |
JayF | I do not often separate technology from the community. | 20:22 |
clarkb | fwiw I don't think meetpad is a complete failure. We use it as a team (opendev) regularly and some teams do use it for the PTG. More of a "we expected this to get far more usage than it gets" | 20:23 |
JayF | Just because they are codependent in so many ways, postively and negatively. | 20:23 |
JayF | Meetpad is a good tool; I'm glad it exists as an option. I feel bad everytime I don't use it; but I also think there are compelling reasons to use/don't use it on both sides. | 20:25 |
opendevreview | Verification of a change to openstack/ironic master failed: [api-ref] Complete port name and shard documentation https://review.opendev.org/c/openstack/ironic/+/899097 | 22:12 |
opendevreview | Verification of a change to openstack/ironic master failed: [api-ref] Add firmware fields to driver API https://review.opendev.org/c/openstack/ironic/+/898862 | 22:12 |
opendevreview | Jay Faulkner proposed openstack/ironic master: DNM Testing nova change https://review.opendev.org/c/openstack/ironic/+/900958 | 23:35 |
opendevreview | Jay Faulkner proposed openstack/ironic master: DNM Testing nova change https://review.opendev.org/c/openstack/ironic/+/900958 | 23:41 |
JayF | apparently bumping the timeout up 1 second is not wise as we are at max(timeout) hehe | 23:41 |
Generated by irclog2html.py 2.17.3 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!