| *** dasm|bbl is now known as dasm | 03:06 | |
| *** dasm is now known as dasm|off | 04:08 | |
| *** abhishekk is now known as akekane|home | 04:56 | |
| *** akekane|home is now known as abhishekk | 04:56 | |
| *** soniya29 is now known as soniya29|ruck | 08:11 | |
| abhishekk | #startmeeting glance | 14:00 |
|---|---|---|
| opendevmeet | Meeting started Thu Mar 10 14:00:01 2022 UTC and is due to finish in 60 minutes. The chair is abhishekk. Information about MeetBot at http://wiki.debian.org/MeetBot. | 14:00 |
| opendevmeet | Useful Commands: #action #agreed #help #info #idea #link #topic #startvote. | 14:00 |
| opendevmeet | The meeting name has been set to 'glance' | 14:00 |
| abhishekk | #topic roll call | 14:00 |
| *** dasm|off is now known as dasm | 14:00 | |
| abhishekk | #link https://etherpad.openstack.org/p/glance-team-meeting-agenda | 14:00 |
| abhishekk | o/ | 14:00 |
| pdeore | o/ | 14:00 |
| abhishekk | lets wait few minutes for others to join | 14:00 |
| pdeore | yeah | 14:01 |
| mrjoshi | o/ | 14:01 |
| abhishekk | I don't see anyone else around, lets start and others can join us in between | 14:02 |
| abhishekk | We have small agenda today as well, with some review requests | 14:03 |
| abhishekk | lets start | 14:03 |
| abhishekk | #topic Updates | 14:03 |
| abhishekk | Zed PTG planning etherpad is up | 14:03 |
| abhishekk | if you haven't added your name to the list of attendees, kindly do it earliest | 14:03 |
| abhishekk | #link https://etherpad.opendev.org/p/zed-ptg-glance-planning | 14:04 |
| abhishekk | moving ahead | 14:04 |
| abhishekk | #topic release/periodic jobs update | 14:04 |
| abhishekk | We are done with the Yoga cycle with the rc1 release, so nothing is pending from our side | 14:04 |
| rosmaita | o/ | 14:05 |
| abhishekk | periodic jobs all green \o/ | 14:05 |
| pdeore | \o/ | 14:05 |
| abhishekk | next one is rosmaita | 14:05 |
| abhishekk | #topic lock_path required for glance_store cinder driver | 14:06 |
| rosmaita | hello | 14:06 |
| abhishekk | floor is yours | 14:06 |
| rosmaita | doing a context switch - hope i put info in the etherpad, because i don't remember what this was about | 14:07 |
| abhishekk | related to lock_path config option | 14:07 |
| rosmaita | oh yeah, it's an issue that applies to the glance_store cinder driver | 14:07 |
| abhishekk | #link https://docs.openstack.org/glance/latest/configuration/configuring.html#configuring-the-cinder-storage-backend | 14:08 |
| jokke_ | I thought Eajat already implemented that, no? | 14:08 |
| jokke_ | Rajat even | 14:08 |
| abhishekk | I think rosmaita is talking about documenting the option | 14:09 |
| rosmaita | probably not, it was fixed in koll-ansible, though | 14:09 |
| rosmaita | yeah | 14:09 |
| rosmaita | silly me, i looked at the glance_store docs and didn't see anything | 14:09 |
| abhishekk | :D | 14:09 |
| rosmaita | we can just add something to this page | 14:09 |
| rosmaita | by "we" i mean i will put up a patch | 14:09 |
| jokke_ | ;) | 14:09 |
| abhishekk | yes, this is the right place to mention | 14:10 |
| rosmaita | that was really my question, how/where to doc this | 14:10 |
| rosmaita | thanks! | 14:10 |
| rosmaita | related, though | 14:10 |
| rosmaita | the glance_store docs are out of date, still mention that it's used for Glare | 14:10 |
| abhishekk | I will have a look at those and clean it up | 14:10 |
| rosmaita | cool, that's all from me | 14:11 |
| abhishekk | great, thank you | 14:11 |
| abhishekk | moving ahead | 14:11 |
| abhishekk | #topic Fips backports | 14:11 |
| abhishekk | There are some backports posted for fips | 14:11 |
| abhishekk | and owner wants our opinion about them | 14:12 |
| abhishekk | Problem is the job which we converted to fips on master was non-voting during wallaby | 14:12 |
| abhishekk | So I think that is not a valid backport (as per our policy) | 14:13 |
| abhishekk | what is your opinion about it? | 14:13 |
| jokke_ | I don't think I have seen that job passing either so I'm pretty much against running it in stable branches just wasting infra resources | 14:13 |
| abhishekk | https://review.opendev.org/q/project:openstack/glance+-branch:master+owner:afariasa | 14:14 |
| jokke_ | If we are talking just the testing job definitions to stable | 14:14 |
| rosmaita | the owner wants to backport some changes, or just running the job in stable/wallaby | 14:14 |
| rosmaita | ? | 14:14 |
| abhishekk | rosmaita, above is the list of patches we have | 14:14 |
| abhishekk | it has some changes to correct the old behavior in tests | 14:14 |
| abhishekk | I think other option we can have is periodic job running against the stable/wallaby and stable/xena branch | 14:15 |
| rosmaita | i agree with jokke_ that the first step is to have the fips jobs actually green on these patches | 14:15 |
| rosmaita | in fact, i suggest we ask them to make the job voting in the patch so the zuul result is relevant | 14:16 |
| rosmaita | and once it is good, they can revise the patch to make the job non-voting | 14:17 |
| rosmaita | right now, zuul gives +1 and there's still a failure | 14:17 |
| abhishekk | I also told the same, will convey the decision to him | 14:17 |
| abhishekk | They are still debugging the issue for the job | 14:17 |
| jokke_ | I kind of disagree seeing how unstable that test run has been. Like it's fine for non-woting until it actually passes more than fails on it's own. Lets get it blocking the gate only after the job is stable | 14:17 |
| abhishekk | agree | 14:18 |
| rosmaita | jokke_: it will only vote on the patch that contains the change | 14:18 |
| rosmaita | we won't make it actually voting | 14:18 |
| rosmaita | i entirely agree that this job is too unstable to run in the stable branches | 14:19 |
| abhishekk | ack, will discuss this with the owner | 14:19 |
| jokke_ | rosmaita: well the thing is it's flaky ... so if it's marked voting there, DNM needs to be flagged for now | 14:19 |
| rosmaita | jokke_: right | 14:19 |
| abhishekk | +1 | 14:19 |
| jokke_ | and that really won't get him anywhere closer to merge them :P | 14:20 |
| rosmaita | well, it helps us | 14:20 |
| rosmaita | right now , it looks like we are the blocker, because this green patch is sitting there | 14:20 |
| rosmaita | so let' make zuul give it a -1 | 14:20 |
| jokke_ | but yeah I'd say to get the test stable and perhaps voting in master is good start before worrying bringing it to stable | 14:20 |
| jokke_ | rosmaita: fail | 14:21 |
| rosmaita | well, that too | 14:21 |
| jokke_ | fair even | 14:21 |
| abhishekk | ok | 14:21 |
| abhishekk | that's all, moving to Open discussion | 14:21 |
| abhishekk | #topic Open discussion | 14:21 |
| abhishekk | I think croelandt and pdeore added some patches for review requests | 14:22 |
| abhishekk | 1st one is merged | 14:22 |
| abhishekk | I will just add the others for reference here | 14:22 |
| abhishekk | https://review.opendev.org/c/openstack/python-glanceclient/+/821409 Remove lower-constraints.txt (If4881229) - Agreed on during the review party | 14:22 |
| abhishekk | https://review.opendev.org/c/openstack/python-glanceclient/+/797779 glance help <subcommand>: Clearly specify which options are mandatory (I51ea4c43) | 14:22 |
| abhishekk | https://review.opendev.org/c/openstack/glance-tempest-plugin/+/802792 Implement API protection testing for metadef resource types ( Removed the lock as per suggestions) | 14:22 |
| abhishekk | https://review.opendev.org/c/openstack/glance-tempest-plugin/+/802794/14 Implement API protection testing for metadef properties ( Removed the lock as per suggestions) | 14:22 |
| croelandt | yes, only the first 3 | 14:22 |
| abhishekk | https://review.opendev.org/c/openstack/glance-tempest-plugin/+/802795/12 Implement API protection testing for metadef tags ( Removed the lock as per suggestions) | 14:22 |
| abhishekk | Last 3 are from glance-tempest-plugin and related to s-rbac function tests | 14:23 |
| croelandt | 2) and 3) we agreed on during the party but never re-reviewed iirc | 14:23 |
| abhishekk | I did :D | 14:23 |
| croelandt | :D | 14:23 |
| abhishekk | If you guys have some time, please review these patches | 14:23 |
| abhishekk | 2 and 3 is trivial | 14:24 |
| abhishekk | last 3 are functional and related to metadef s-rbac tests | 14:24 |
| pdeore | So, as per Dan's suggestion about removing the lock and namespacing the namespace, I've updated these patches... | 14:24 |
| jokke_ | ack | 14:25 |
| abhishekk | anything else guys? | 14:26 |
| alistarle | Yep, I have a question about a new glance import method to match multi-region use-case | 14:27 |
| alistarle | I have prepared a patch about a "glance-download" (instead of web-download) import method, to allow a glance image to be download directly from another glance, what do you think about that ? | 14:27 |
| abhishekk | another glance deployment? | 14:28 |
| alistarle | Yes my use-case is more about a glance in other region | 14:28 |
| alistarle | Let's say you uploaded an image in RegionOne (VM snaphshot by example), and you want this image to be present in RegionTwo (as a backup), currently I need to download locally and use glance-direct, or use web-download | 14:29 |
| abhishekk | do you know we have copy-imge import method? | 14:29 |
| alistarle | Yes but copy-image is to copy an image between backends of the same glance | 14:30 |
| jokke_ | alistarle: are you using glanceclient for it or requests directly? | 14:30 |
| alistarle | Here it is to copy image between multiple region, so multiple glance deployments | 14:30 |
| jokke_ | I kind of like the idea as long as we're not adding p-gc as requirement | 14:30 |
| alistarle | jokke_: good question, I POC it with glanceclient, but it add a lot of mess (and maybe a circular dependency to add glanceclient as a glance requirements), maybe requests is better | 14:31 |
| abhishekk | and also it will be better if we have this discussion in PTG with a proposal/spec up for reference | 14:32 |
| jokke_ | alistarle: specially as I assume it's just one API call, it probably is fairly simple case | 14:32 |
| alistarle | True | 14:32 |
| alistarle | Only thing is we need to forward the RequestContext into the tasks API, to use client keystone token to call the remote glance, otherwise we can have a security issue if using admin credentials here | 14:32 |
| alistarle | That was my only concern in my patch, that's why I wanted to get your opinion before going further | 14:33 |
| jokke_ | alistarle: yeah I was just going to say, what you need to pass as the import call body is the auth uri for the target deployment and token | 14:33 |
| jokke_ | So bit more json parsing there which is annoyance for testing but very trivial to do in client | 14:34 |
| alistarle | Hmmm I would say image ID and region is enough, as the token will be valid in all regions | 14:34 |
| alistarle | so we can rely on the token the user give use by calling the /import route | 14:34 |
| jokke_ | alistarle: that's only if you have federated keystone though ... does exclude your second usecase of separate deployments out | 14:35 |
| jokke_ | so maybe poc it like that to have the mechanics in place and then add the parsing of the body for optional keystone auth uri and token in case the source is actual separate deployment | 14:36 |
| alistarle | jokke_: Yep it require ferederated keystone, but do you think it is ok to send a token and auth information in the JSON body of import ? | 14:36 |
| jokke_ | alistarle: sure, why not. Just need to make sure we don't log it | 14:37 |
| abhishekk | alistarle, can you build/submit a proposal for the same with actual solution you are using | 14:37 |
| abhishekk | we dont log import body anywhere | 14:37 |
| jokke_ | no different than sending your token as header on the request itself security wise | 14:37 |
| alistarle | Hmm true | 14:38 |
| jokke_ | that said, I'd implement it only accepting token, not username & password | 14:39 |
| jokke_ | at least that's timelimited exposure | 14:39 |
| alistarle | Ok so I will make a POC and a spec for that, at least it sound good to you :) | 14:39 |
| abhishekk | yeah, interesting feature | 14:39 |
| alistarle | jokke_: I agree yes | 14:39 |
| jokke_ | for me, can't speak for abhishekk & rest :P | 14:39 |
| abhishekk | :D | 14:40 |
| jokke_ | but I like the idea | 14:40 |
| abhishekk | ++ | 14:40 |
| abhishekk | thank you alistarle | 14:40 |
| abhishekk | anything else guys | 14:41 |
| jokke_ | not from me | 14:41 |
| abhishekk | croelandt, pdeore ? | 14:41 |
| alistarle | That's ok for me too, thanks :) | 14:41 |
| pdeore | no, nothing from me too | 14:41 |
| abhishekk | One more thing I almost forget to mention | 14:41 |
| abhishekk | pdeore, has volunteered to chair the weekly meeting from next week | 14:42 |
| abhishekk | thank you very much pdeore | 14:42 |
| rosmaita | nice, thank you | 14:42 |
| jokke_ | \\o \o/ o// o/7 | 14:42 |
| croelandt | goo for me | 14:42 |
| abhishekk | :D | 14:42 |
| croelandt | pdeore: congrats! | 14:43 |
| rosmaita | croelandt: "goo"? do you mean "goulash"? | 14:43 |
| abhishekk | thank you all | 14:43 |
| pdeore | Thanks to you abhishekk for believing on me :) | 14:43 |
| croelandt | rosmaita: I always want goulash | 14:43 |
| jokke_ | croelandt: I'm sure she will let you chair one every once in a while if you ask nicely | 14:43 |
| abhishekk | haha | 14:43 |
| croelandt | jokke_: what if I don't ask? | 14:43 |
| jokke_ | croelandt: then you better not miss one ... we're good at voluntolding people :P | 14:44 |
| abhishekk | then we have different role for you :D | 14:44 |
| pdeore | :D :D | 14:44 |
| croelandt | there is no escaping the pain | 14:44 |
| abhishekk | absolutely not :P | 14:45 |
| abhishekk | lets wrap up for the day, thank you again | 14:45 |
| abhishekk | have a nice weekend ahead | 14:45 |
| jokke_ | thanks all | 14:45 |
| abhishekk | #endmeeting | 14:45 |
| opendevmeet | Meeting ended Thu Mar 10 14:45:35 2022 UTC. Information about MeetBot at http://wiki.debian.org/MeetBot . (v 0.1.4) | 14:45 |
| opendevmeet | Minutes: https://meetings.opendev.org/meetings/glance/2022/glance.2022-03-10-14.00.html | 14:45 |
| opendevmeet | Minutes (text): https://meetings.opendev.org/meetings/glance/2022/glance.2022-03-10-14.00.txt | 14:45 |
| opendevmeet | Log: https://meetings.opendev.org/meetings/glance/2022/glance.2022-03-10-14.00.log.html | 14:45 |
| pdeore | Thank you all !! | 14:45 |
| *** gmann is now known as gmann_afk | 16:13 | |
| *** gmann_afk is now known as gmann | 16:29 | |
| *** dasm is now known as dasm|off | 23:58 | |
Generated by irclog2html.py 2.17.3 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!