Wednesday, 2019-03-06

*** henriqueof has quit IRC00:01
*** abaindur has joined #openstack-lbaas00:01
*** henriqueof has joined #openstack-lbaas00:02
*** dmellado has quit IRC00:03
*** dmellado has joined #openstack-lbaas00:04
*** celebdor has joined #openstack-lbaas00:04
*** celebdor has quit IRC00:10
*** sapd1 has quit IRC00:16
*** fnaval_ has quit IRC00:25
*** luksky has quit IRC00:35
*** fnaval has joined #openstack-lbaas00:35
*** openstackgerrit has joined #openstack-lbaas00:44
openstackgerritKen'ichi Ohmichi proposed openstack/octavia master: Trivial: Remove unused OCTAVIA_AMP_SUBNET_ID
openstackgerritMichael Johnson proposed openstack/octavia master: Support Host header inject for healthmonitor HTTP 1.1 health check
openstackgerritKen'ichi Ohmichi proposed openstack/octavia master: Trivial: Remove unused OCTAVIA_AMP_SUBNET_ID
openstackgerritMichael Johnson proposed openstack/python-octaviaclient master: Add new options to HealthMonitor CLI
openstackgerritMichael Johnson proposed openstack/octavia-tempest-plugin master: Add octavia-lib to required projects
*** oanson has quit IRC01:13
openstackgerritMichael Johnson proposed openstack/octavia master: DNM: Testing bionic on legacy tempest
openstackgerritMichael Johnson proposed openstack/neutron-lbaas master: DNM: Testing legacy tempest on bionic
openstackgerritMichael Johnson proposed openstack/octavia master: Support Host header inject for healthmonitor HTTP 1.1 health check
*** abaindur_ has joined #openstack-lbaas02:04
*** abaindur has quit IRC02:06
*** abaindur has joined #openstack-lbaas02:11
*** abaindur_ has quit IRC02:12
*** abaindur_ has joined #openstack-lbaas02:13
openstackgerritMerged openstack/octavia master: Support L7policy redirect http code
*** abaindur has quit IRC02:15
*** abaindur has joined #openstack-lbaas02:17
*** abaindur_ has quit IRC02:20
*** abaindur_ has joined #openstack-lbaas02:24
*** hongbin has joined #openstack-lbaas02:26
*** abaindu__ has joined #openstack-lbaas02:26
*** abaindu__ is now known as abaindur__02:26
*** abaindur has quit IRC02:27
*** abaindur_ has quit IRC02:29
*** abaindur has joined #openstack-lbaas02:29
*** abaindur__ has quit IRC02:31
*** abaindur_ has joined #openstack-lbaas02:36
openstackgerritMerged openstack/octavia master: Encrypt certs and keys
*** abaindur has quit IRC02:38
*** abaindur has joined #openstack-lbaas02:41
*** psachin has joined #openstack-lbaas02:43
*** abaindu__ has joined #openstack-lbaas02:44
*** abaindur_ has quit IRC02:44
*** abaindu__ is now known as abaindur__02:44
*** abaindur has quit IRC02:45
*** abaindur has joined #openstack-lbaas02:48
*** abaindur__ has quit IRC02:50
*** abaindur_ has joined #openstack-lbaas02:50
*** abaindur has quit IRC02:53
*** abaindur_ has quit IRC02:57
*** abaindur has joined #openstack-lbaas02:58
*** yamamoto has joined #openstack-lbaas03:00
*** ramishra has joined #openstack-lbaas04:14
*** hongbin has quit IRC04:42
*** bzhao__ has quit IRC04:59
*** ianychoi_ has joined #openstack-lbaas05:24
*** ianychoi has quit IRC05:28
*** yboaron has joined #openstack-lbaas05:29
*** gcheresh_ has joined #openstack-lbaas05:32
*** gcheresh_ has quit IRC05:37
*** abaindur has quit IRC05:49
*** abaindur has joined #openstack-lbaas05:50
*** gcheresh_ has joined #openstack-lbaas06:07
*** abaindur has quit IRC06:19
*** abaindur has joined #openstack-lbaas06:20
*** ccamposr has joined #openstack-lbaas06:59
*** ivve has joined #openstack-lbaas07:00
openstackgerritMerged openstack/python-octaviaclient master: Add a new option '--redirect-http-code' into L7Policy CLI
*** mkuf has joined #openstack-lbaas07:35
*** luksky has joined #openstack-lbaas07:35
*** mkuf has quit IRC07:39
*** luksky has quit IRC07:39
openstackgerritNir Magnezi proposed openstack/octavia stable/rocky: Encrypt certs and keys
*** rpittau|afk is now known as rpittau08:02
*** mkuf has joined #openstack-lbaas08:17
openstackgerritNir Magnezi proposed openstack/octavia stable/queens: Encrypt certs and keys
*** pcaruana has joined #openstack-lbaas08:29
*** yboaron_ has joined #openstack-lbaas08:32
*** yboaron has quit IRC08:34
*** yboaron_ has quit IRC09:06
*** yboaron_ has joined #openstack-lbaas09:07
*** numans has joined #openstack-lbaas09:13
*** celebdor has joined #openstack-lbaas09:15
*** andrein has joined #openstack-lbaas09:17
*** abaindur has quit IRC09:22
*** lemko has joined #openstack-lbaas09:48
*** salmankhan has joined #openstack-lbaas09:52
openstackgerritOpenStack Proposal Bot proposed openstack/octavia-dashboard master: Imported Translations from Zanata
*** yamamoto has quit IRC10:34
*** ramishra has quit IRC10:40
*** ramishra has joined #openstack-lbaas10:59
*** pcaruana has quit IRC11:04
*** yamamoto has joined #openstack-lbaas11:10
*** yamamoto has quit IRC11:18
*** ianychoi_ is now known as ianychoi11:20
*** yamamoto has joined #openstack-lbaas11:27
*** pcaruana has joined #openstack-lbaas11:32
*** mkuf has quit IRC11:39
*** mkuf has joined #openstack-lbaas11:39
openstackgerritMerged openstack/octavia-dashboard master: Imported Translations from Zanata
*** henriqueof has quit IRC12:16
*** andrein has quit IRC12:37
*** andrein has joined #openstack-lbaas12:37
*** andrein has quit IRC13:02
*** lemko has quit IRC13:15
*** salmankhan has quit IRC13:44
*** yamamoto has quit IRC13:47
*** yamamoto has joined #openstack-lbaas13:48
*** pcaruana has quit IRC13:51
*** ataraday_ has joined #openstack-lbaas13:58
*** pcaruana has joined #openstack-lbaas14:01
*** gthiemonge has joined #openstack-lbaas14:21
*** fnaval has quit IRC14:31
*** fnaval has joined #openstack-lbaas14:46
*** ivve has quit IRC14:57
dulekcgoncalves: Lame question. Two listeners, port 53, different protocols - UDP and TCP.15:03
dulekcgoncalves: Does this not work at all or not work for some providers?15:03
*** salmankhan has joined #openstack-lbaas15:30
nmagnezidulek, for the Octavia Amphora driver it should work15:30
nmagnezidulek, other providers I don't know15:31
duleknmagnezi: I think we tracked this down to networking-ovn not being able to do it, so you're right. :)15:31
nmagnezidulek, For networking-ovn reedip would probably also know15:32
*** pcaruana has quit IRC15:53
*** yboaron_ has quit IRC16:04
*** pcaruana has joined #openstack-lbaas16:06
*** amuller has joined #openstack-lbaas16:23
colin-anyone have a link handy to the sequence/app logic diagram that i know exists for the project?16:46
johnsomcolin- This one?
colin-perfect, thank you16:48
colin-could i have found this from the left-hand menu somehow?16:48
johnsomIt's in the "contributor documentation" section16:49
*** pcaruana has quit IRC16:55
*** Baggypants12000 has joined #openstack-lbaas16:56
colin-got it. unrelated, what other options does amphora_udp_driver support if any?16:58
johnsomAside from the health monitors?16:59
*** ivve has joined #openstack-lbaas17:00
johnsomThere are two open patches we haven't merged, one is the one-packet option, the other is re-enabling HTTP health monitors on UDP pools.17:01
colin-alternative to keepalived_lvs i mean17:01
johnsomOh, none, it's LVS based only right now17:02
colin-got it17:02
*** kenaz has joined #openstack-lbaas17:02
johnsomWe just added UDP in Rocky, there is still some work to do there with documentation updates and tempest tests.17:02
*** henriqueof has joined #openstack-lbaas17:03
*** gthiemonge has quit IRC17:06
*** ramishra has quit IRC17:14
*** yamamoto has quit IRC17:15
*** kenaz is now known as kenaz_17:22
*** cbrumm_ has quit IRC17:26
*** yamamoto has joined #openstack-lbaas17:28
*** gcheresh_ has quit IRC17:32
*** cbrumm_ has joined #openstack-lbaas17:33
*** yamamoto has quit IRC17:34
*** celebdor has quit IRC18:02
*** psachin has quit IRC18:05
*** yamamoto has joined #openstack-lbaas18:09
*** kenaz_ has quit IRC18:11
*** amuller has quit IRC18:13
*** yamamoto has quit IRC18:14
openstackgerritCarlos Goncalves proposed openstack/octavia-lib master: Sync data models and import new constants from Octavia
openstackgerritMichael Johnson proposed openstack/octavia master: Fix updates to the provider driver guide.
*** ccamposr has quit IRC18:35
openstackgerritMerged openstack/octavia master: Support Host header inject for healthmonitor HTTP 1.1 health check
johnsomAh yes, ext4 is much better than btrfs:18:53
cgoncalvesoffline=true, reclone=false?18:54
johnsomonline, reclone false, with horizon added18:55
johnsomThe COW in btrfs was killing my performance18:57
*** ivve has quit IRC18:57
cgoncalveshow did it perform on btrfs?18:59
johnsomAnd got worse over time18:59
xgermanI run all my (non OS-X) stuff on ext-4. Got my kid a cheap Chromebook they are pretty nice, too. Even come with some containerized (?) Debian they call Penguin..19:02
xgermanwill defintely try devstack on it one day for science...19:03
johnsomOuch, horizon might not be python3 ready... I'm getting a ton of issues...19:06
*** salmankhan has quit IRC19:11
*** salmankhan1 has joined #openstack-lbaas19:11
*** salmankhan1 has quit IRC19:15
*** kosa777777 has quit IRC19:22
nmagnezicgoncalves, o/19:57
cgoncalvesnmagnezi, o/^219:57
nmagnezicgoncalves, any luck with
nmagneziI see a new patch set19:58
nmagneziLemme know if ready for review19:58
cgoncalvesnmagnezi, see my comment19:58
nmagnezicgoncalves, ack19:58
nmagnezijohnsom, o/20:00
johnsom#startmeeting octavia20:00
openstackMeeting started Wed Mar  6 20:00:49 2019 UTC and is due to finish in 60 minutes.  The chair is johnsom. Information about MeetBot at
openstackUseful Commands: #action #agreed #help #info #idea #link #topic #startvote.20:00
*** openstack changes topic to " (Meeting topic: octavia)"20:00
openstackThe meeting name has been set to 'octavia'20:00
cgoncalveshi folks20:01
johnsomSorry folks, got distracted working on a dashboard patch20:01
xgermanexciting week20:01
johnsom#topic Announcements20:01
*** openstack changes topic to "Announcements (Meeting topic: octavia)"20:02
xgermanTC election results20:02
johnsomYep, the TC election is complete20:02
johnsomSorry, took me a minute to find the link20:03
xgermancongrats to friends of LBaaS mnaser mugsie dewsday20:04
johnsomYeah, looks like a great TC20:04
xgermanbig disturbance in the force20:05
johnsomAlso of note, the PTL election cycle for Train is now open.20:05
xgerman4 more years!!20:05
johnsomHa, well, we will get to that later in the agenda20:05
johnsomThe big item of note this week:20:06
johnsomIt is feature freeze week. No new features will be merged until the open of Train. (Tempest tests and documentation are exempt)20:06
johnsomWe will talk a bit later in the agenda about where we are and what items we can get into Stein.20:07
johnsomWell, yeah, ^^^^ that20:07
johnsomWe can talk more about that later in the meeting20:07
johnsomAlso, there is call to review the two potential community goals for Train:20:08
johnsomOne is about cleaning up all of the resources a project owned in the whole cloud.20:09
johnsomThe other is about OpenStack client migration.20:09
johnsomI suspect the client goal may be a no-op for us as we are already 100% OpenStack client20:10
johnsomWe might need to play whack a mole on any neutron-lbaas patches that show up, but otherwise should be good.20:10
johnsomAny other announcements today?20:10
*** yamamoto has joined #openstack-lbaas20:11
johnsom#topic Brief progress reports / bugs needing review20:11
*** openstack changes topic to "Brief progress reports / bugs needing review (Meeting topic: octavia)"20:11
johnsomI have been heads down, aside from some other distractions, getting patches ready and merged for the feature freeze.20:11
johnsomTLS is all done and in. Some other enhancements are close.20:12
johnsomI'm working on the dashboard patch for flavors now.20:12
cgoncalvesgreat work, you and Zhao!20:12
xgerman“full stack engineer"20:12
xgermancgoncalves: +1020:12
nmagnezicgoncalves, totally agree20:12
johnsomMost of the credit goes to Zhao.  It is awesome that he could get backend re-encrypt in as well. That was a special ask we had from the PTG.20:13
johnsomIt also sets us up to support TLS for non-HTTP protocols, so good stuff there.20:13
johnsomBonus on the TLS stuff, you don't need to roll the amp image to get it. (though other patches will likely make you want to.20:14
johnsomOnce we declare feature freeze, I plan to pivot to looking at bugs. I think we have a few we should address in Stein.20:15
*** yamamoto has quit IRC20:16
johnsomRC1 will be the week of the 18th.20:16
xgermanhappy to help - now as I have some time on my hands20:16
johnsomAny other updates from folks?20:16
nmagneziRHEL8 amphora support is on the way20:17
xgermanARM, too?20:17
nmagnezicgoncalves, made some additions to Octavia. I work on other places as well20:17
cgoncalveswell, yet to be seen20:17
johnsomCool. I assume that DIB patch did not land?20:17
colin-sorry i'm late20:17
nmagneziIncluding dib, SELinux and other stuff20:17
nmagneziSadly no but we will keep pushing it20:18
cgoncalvesno. my idea is to create a rhel8 element and have it merged in DIB20:18
johnsomOk. Just checking if we could land the 8 support patch20:18
cgoncalvesthe rhel-minimal is for rhel 8 and uses the beta repos20:18
nmagneziAlso nice to see 'Encrypt certs and keys' in20:19
nmagneziNot a "feature" but still a good one20:19
xgermanyeah, that seemed nice...20:19
johnsom+1, yeah, that was important to get in.20:19
johnsomIt also will help when we do persistent flow storage for the sub-flow recovery work.20:20
cgoncalvesthere has been some work in octavia-lib to sync data models that still exist in octavia. hopefully we can merge the open patch and make a release asap20:20
xgermanwe probably can :-)20:20
johnsomYeah, that is my plan. We can talk about the in/out here in a minute.20:20
johnsomOk, let's move on to the next topic.....20:20
nmagnezicgoncalves, +1. I'll look at it after the meeting20:21
cgoncalvesI also worked on a patch to fix creation of TLS-terminated listeners via horizon20:21
johnsomAh, yeah, thanks for that bug fix. I plan to test it right after I finish up the flavor dashboard patch review20:21
johnsom#topic PTL role update/discussion20:21
*** openstack changes topic to "PTL role update/discussion (Meeting topic: octavia)"20:21
johnsomSo, if you have not yet heard, Rackspace had a layoff and halted work on some projects.20:22
johnsomThis has impacted my employment, so I am now looking for a new job.20:22
xgermanI am also impacted :-(20:23
johnsomOthers here have also been impacted20:23
colin-sorry to hear that you guys, that's really unfortunate :(20:23
johnsomMy plan is to of course, look for a new job....20:23
johnsomBut I will also try to fulfill my PTL commitment through the end of my term.20:23
johnsomThis means I will continue to work on patches and reviews, lead meetings, and generally be the PTL while I hunt for what is next.20:24
cgoncalvesthat is very generous of you. thank you very much, Michael20:24
colin-hear hear20:24
johnsomAt this time, since I do not know if I will find an OpenStack related job, I do not plan to run for PTL for the Train release.20:25
johnsomIt would be unfair to run and then need to resign right away.20:25
nmagneziBest of luck with finding your next jobs guys!20:25
johnsomIf magic happens and I have an offer by the PTL deadline, and the employer would like me to run, I would. However there are a lot of "if"s in that sentence.... lol20:26
johnsomAny questions/comments?20:27
johnsomOk, thanks folks for understanding.20:27
nmagnezijohnsom, first, thank you for keep doing this even now. Secondly, I'm really sad that this is the situation but fully get what you meant20:28
johnsom#topic Stein feature freeze20:28
*** openstack changes topic to "Stein feature freeze (Meeting topic: octavia)"20:28
johnsomSo, looking at the priority list20:28
*** lemko has joined #openstack-lbaas20:29
johnsomI have put a blank line in the list where I think we are going to be able to get things in.20:29
johnsomStuff below the line seems like a long shot. They either fail tests or have other issues to address.20:29
johnsomAny comments or concerns about that list?20:30
colin-none here20:30
johnsomI had really hoped we could get volume backed amps in, but in light of my reduced time, I wasn't able to get into it and fix the bugs.20:30
johnsomAgain, this is feature freeze. We can still add tempest tests and documentation. We can also continue to work on bug fixes.20:31
johnsomThe idea here is to stabilize and focus on bug fix/stability for the Stein release.20:31
xgermanalso FFE20:31
cgoncalvesI added (octavia-lib), a dependency of
johnsomTrue, if there was a critical feature, we can go through the FFE process, but that has a pretty high bar and I don't see anything on the horizon that would need/meet that.20:32
johnsomcgoncalves yes, good call20:32
johnsomI have to say, congratulations team on a pretty nice release for Stein. Though I haven't polished the release notes yet, it's a pretty nice list of new capabilities:20:33
cgoncalvesa list that is only made possible when folks include release notes in their patches ;-)20:34
johnsomHa, true. I try to make sure patches have them.  They really are useful for folks.20:35
johnsomOk, it sounds like we are all aligned on the Stein features list.20:35
johnsom#topic Open Discussion20:36
*** openstack changes topic to "Open Discussion (Meeting topic: octavia)"20:36
johnsomOther topics this week?20:37
cgoncalvesagain, apologies for not have been successful thus far in fixing rocky grenade job. there are 11 open backport requests20:38
colin-have ever considered value in a "please update the whole fleet" style operation against our amphorae?20:39
cgoncalvesI gave it a try last week (or two). I couldn't reproduce the issue seen in upstream CI20:39
johnsomNo worries, sometimes these things are hard to file20:39
colin-adding new HMs to my config over the weekend caused me to wonder20:39
colin-what i'm imagining would likely leverage failovers to perform it gracefully or something20:40
johnsomcgoncalves After we feature freeze today/tomorrow remind me and I will focus on that for a bit.20:40
cgoncalvesjohnsom, thank you, much appreciated20:40
johnsomcolin- Short answer is yes. Though there is a longer answer20:40
johnsomThe use case of adding HMs will be an API call per amp now in Stein, where it now pushes out a new config and adopts it without requiring a failover.20:41
colin-i saw that, that's going to be nice20:41
colin-it also made me wonder if we ever considered having the amps periodically pull config from a centralized location?20:41
colin-maybe when they go to do their heartbeats, for example20:42
johnsomWe have put "bulk" actions on the back burner and have gone down the path of enabling that via the API and leaving the exercise to the operator and their favor automation tool. This is for a few reasons:20:42
*** abaindur has joined #openstack-lbaas20:42
johnsom1. Bulk operations can be dangerous. If the process hasn't been tested well (i.e. the operator loaded a bad custom image), we don't want to be responsible for runway breakage.20:43
colin-yeah that would be horrifying, good point20:43
johnsom2. We don't have mechanisms built in to "cancel/abort" these actions after they start.20:43
johnsom3. We don't have a good way to track/monitor success/failure/progress.20:44
colin-yeah that is a fairly stateful job20:44
johnsom4. We haven't had anyone that had time to go after that problem....20:44
johnsomMostly #420:44
xgermanfor me #1-3 are also problematic20:44
xgermanbut I can see us to have a controb flder with common “scripts"20:45
xgermanI also know that having systems get their config from an API endpoint is quite modern those days (envoy)20:45
johnsomAs for amps, pulling configs is something that breaks our trust model.  Amps are un-trusted in our model. We try to push from "more trusted" to "less trusted" and never rely on the amp being what it says it is.20:45
xgermanyep, that was my next point how to make that secure20:46
colin-cool, that's a really succinct way to phrase it ty20:46
johnsomSo, for example, we don't want a rogue amp asking for the certs and keys  from another tenant's load balancer.20:46
xgermanbut there are a ton of startups working in the zero trust idendity space20:47
johnsomSo, maybe that would be something to consider in the future, but right now we are in keep it simple mode.20:47
johnsomWe have discussed using something like etcd, consul, etc. but there were a bunch of trade offs and extra deployment overhead.20:48
xgermanyeah, and you still have the trust problem20:49
johnsomAgain, if someone has a use case, need, and willing to work on it, please feel free to post a spec.20:49
xgermanyep, happy to review it. There is exciting stuff out there and our CA inside the worker is just a baby step ;-)20:49
johnsomRight, I agree. The certs model we put in place is a good start for this.20:50
colin-Adds an administrator API to access per-amphora statistics.20:50
colin-connection stats?20:50
colin-like data plane20:50
johnsomThis is actually one of the problems in Trove. One DB instance can shutdown another by sending commands back up to the control plane.  (Maybe they have since fixed this)20:51
johnsomcolin- No, it' exposes the listener traffic stats "per-amphora".20:51
colin-ah ok20:52
johnsomJust another way to query the data, which happens to help us with testing.20:52
johnsomThe driver for that was testing active/standby VRRP failover. However cgoncalves has posted an alternative option too.20:52
colin-thanks for humoring my wandering attention :)20:53
johnsomSince VRRP failover occurs autonomously inside the amphorae it's hard to track which amp is passing traffic at any one time.20:53
johnsomSure, no problem.20:53
johnsomAny other topics in the last few minutes today?20:54
cgoncalves#lin k
xgermanyeah, we have a lot of ideas but no time...20:54
johnsomYeah, it was a lot easier to do things when the active team was 20+ people20:54
johnsomOk then. Thanks again for all of the hard work for Stein, we are in the home stretch.20:56
johnsomHave a great week!20:56
cgoncalveslet's do it!! :D20:56
*** openstack changes topic to "Discussions for Octavia | Stein priority review list:"20:56
openstackMeeting ended Wed Mar  6 20:56:36 2019 UTC.  Information about MeetBot at . (v 0.1.4)20:56
openstackMinutes (text):
nmagnezicgoncalves, so20:56
nmagnezicgoncalves, just looking at
nmagnezicgoncalves, I see also some new additions like redirect_http_code and http_version20:57
nmagnezicgoncalves, related to the tests we spoke about or just another thing you synced between octavia and octavia-lib?20:57
cgoncalvesnmagnezi, new bits from and
openstackgerritMerged openstack/octavia master: Trivial: Remove unused OCTAVIA_AMP_SUBNET_ID
cgoncalvesAFK until tomorrow morning21:02
*** celebdor has joined #openstack-lbaas21:05
*** irclogbot_1 has joined #openstack-lbaas21:09
*** irclogbot_1 has quit IRC21:28
openstackgerritMerged openstack/octavia-lib master: Sync data models and import new constants from Octavia
*** celebdor has quit IRC21:50
openstackgerritMichael Johnson proposed openstack/octavia-dashboard master: Add load balancer flavor support
*** celebdor has joined #openstack-lbaas21:57
*** henriqueof has quit IRC21:57
*** celebdor has quit IRC22:02
johnsomAnyone able to do the final review on the dashboard patch?
openstackgerritMerged openstack/python-octaviaclient master: Add new options to HealthMonitor CLI
*** lemko has quit IRC22:38
*** rcernin has joined #openstack-lbaas22:52
*** abaindur has quit IRC23:02
*** abaindur has joined #openstack-lbaas23:03
openstackgerritAdam Harwell proposed openstack/octavia master: Remove outdated/incorrect certificate advice
*** abaindur has quit IRC23:42
*** abaindur has joined #openstack-lbaas23:44
*** celebdor has joined #openstack-lbaas23:46
*** abaindur has quit IRC23:50
openstackgerritMichael Johnson proposed openstack/octavia master: Updates Octavia to support octavia-lib

Generated by 2.15.3 by Marius Gedminas - find it at!