*** ministry is now known as __ministry | 03:07 | |
opendevreview | Amit Uniyal proposed openstack/nova master: Allow swap resize from non-zero to zero https://review.opendev.org/c/openstack/nova/+/857339 | 05:54 |
---|---|---|
*** ministry is now known as __ministry | 06:53 | |
opendevreview | Amit Uniyal proposed openstack/nova master: WIP: Reproducer for dangling volumes https://review.opendev.org/c/openstack/nova/+/881457 | 07:38 |
opendevreview | Amit Uniyal proposed openstack/nova master: WIP: Delete dangling bdms https://review.opendev.org/c/openstack/nova/+/882284 | 07:38 |
opendevreview | Sahid Orentino Ferdjaoui proposed openstack/nova master: [wip]network: convert usage of neutronclient to openstacksdk https://review.opendev.org/c/openstack/nova/+/882714 | 08:54 |
opendevreview | Sahid Orentino Ferdjaoui proposed openstack/nova master: [wip]network: convert usage of neutronclient to openstacksdk https://review.opendev.org/c/openstack/nova/+/882714 | 11:10 |
sean-k-mooney | sahid: when you have time can you take a look at https://review.opendev.org/c/openstack/os-vif/+/881751 and https://review.opendev.org/c/openstack/os-vif/+/882755 | 13:20 |
sahid | sean-k-mooney: sure, sorry I just have noticed your message | 14:19 |
sean-k-mooney | sahid: no rush | 14:23 |
*** iurygregory_ is now known as iurygregory | 14:25 | |
opendevreview | Dan Smith proposed openstack/nova master: Use force=True for os-brick disconnect during delete https://review.opendev.org/c/openstack/nova/+/882847 | 14:40 |
opendevreview | melanie witt proposed openstack/nova master: Enable use of service user token with admin context https://review.opendev.org/c/openstack/nova/+/882852 | 14:53 |
opendevreview | melanie witt proposed openstack/nova stable/2023.1: Use force=True for os-brick disconnect during delete https://review.opendev.org/c/openstack/nova/+/882858 | 14:57 |
opendevreview | melanie witt proposed openstack/nova stable/2023.1: Enable use of service user token with admin context https://review.opendev.org/c/openstack/nova/+/882859 | 14:57 |
opendevreview | melanie witt proposed openstack/nova stable/zed: Use force=True for os-brick disconnect during delete https://review.opendev.org/c/openstack/nova/+/882860 | 14:59 |
opendevreview | melanie witt proposed openstack/nova stable/zed: Enable use of service user token with admin context https://review.opendev.org/c/openstack/nova/+/882861 | 14:59 |
opendevreview | melanie witt proposed openstack/nova stable/yoga: Use force=True for os-brick disconnect during delete https://review.opendev.org/c/openstack/nova/+/882863 | 15:00 |
opendevreview | melanie witt proposed openstack/nova stable/yoga: Enable use of service user token with admin context https://review.opendev.org/c/openstack/nova/+/882864 | 15:00 |
opendevreview | melanie witt proposed openstack/nova stable/xena: Use force=True for os-brick disconnect during delete https://review.opendev.org/c/openstack/nova/+/882867 | 15:03 |
opendevreview | melanie witt proposed openstack/nova stable/xena: Enable use of service user token with admin context https://review.opendev.org/c/openstack/nova/+/882868 | 15:03 |
opendevreview | melanie witt proposed openstack/nova stable/wallaby: Use force=True for os-brick disconnect during delete https://review.opendev.org/c/openstack/nova/+/882869 | 15:05 |
opendevreview | melanie witt proposed openstack/nova stable/wallaby: Enable use of service user token with admin context https://review.opendev.org/c/openstack/nova/+/882870 | 15:05 |
dansmith | need another quick +W on this to avoid a regression introduced in the CVE fix: https://review.opendev.org/c/openstack/nova/+/882852/1 | 17:01 |
dansmith | sean-k-mooney: ^ | 17:01 |
dansmith | gmann: ^ | 17:02 |
gmann | dansmith: sure, checking | 17:05 |
gmann | dansmith: so this is not that CVE fix regression but before also this exist right? I mean admin token was not made as service token ? | 17:23 |
gmann | or cinder had put the check about service token instead of just admin | 17:23 |
dansmith | gmann: we didn't need service token for these admins contexts before.. there was literally no reason, | 17:24 |
dansmith | so it's not a regression without the CVE fix (from cinder) | 17:24 |
dansmith | however now we *do* need service users for things other than long-running user activities | 17:24 |
gmann | I see, so now cinder API check service token or not. | 17:24 |
dansmith | right | 17:24 |
gmann | got it | 17:24 |
gmann | +W | 17:26 |
dansmith | gmann: thanks :) | 17:26 |
sean-k-mooney | dansmith: sorry distracted but i was starting to review those now too | 17:29 |
dansmith | ack, I think we're good now | 17:29 |
dansmith | sailed through zuul first time.. probably because some awesome guy did a bunch of volume test hardening the last few weeks :P | 17:30 |
dansmith | or luck. yeah, it's probably luck :) | 17:30 |
sean-k-mooney | :) | 17:30 |
sean-k-mooney | there is a serprising amouth of doc updates in the previos patch | 17:31 |
gmann | I am sure its a special treatment given for volume test fixes :) | 17:31 |
dansmith | sean-k-mooney: yeah it's a pretty big change required for deployers | 17:31 |
sean-k-mooney | not that im complaing really but i was expecing ti to be more targeted | 17:31 |
sean-k-mooney | ack i have not read it all yet but that was just my intial reaction | 17:31 |
dansmith | no real option to be targeted unfortunately | 17:31 |
dansmith | a bunch of smart people spent the last 90 days trying to figure out a better way to do it | 17:32 |
sean-k-mooney | ok so the service user is now required | 17:33 |
sean-k-mooney | ok | 17:33 |
dansmith | the ossa went to the ML with more summary which might be good reading | 17:34 |
sean-k-mooney | ill read that after | 17:35 |
sean-k-mooney | we debated making the service user required in the past | 17:35 |
sean-k-mooney | not that it is we can use that for other usecases going forward | 17:35 |
dansmith | yup | 17:35 |
sean-k-mooney | like the manila stuff | 17:35 |
dansmith | yup, it was hard not to mention this during that discussion :) | 17:35 |
dansmith | seems like we could extend that to neutron and avoid nova having to be admin too | 17:36 |
sean-k-mooney | or any other interaction with other service where we need service to service interaction | 17:36 |
dansmith | yup | 17:36 |
sean-k-mooney | yep | 17:36 |
sean-k-mooney | we could simply nova config ot just need service user and no other sections for other services | 17:36 |
sean-k-mooney | at least by defualt | 17:36 |
dansmith | it's unfortunate to have to force that on a bunch of old deployments without a grace period, but.. not much choice | 17:36 |
sean-k-mooney | for what its worth i think many installer tools started using the service user a few years ago by default | 17:37 |
dansmith | yeah tripleo did | 17:37 |
sean-k-mooney | i think downstream its on by default in 17/train | 17:37 |
dansmith | and 16 | 17:37 |
dansmith | but it's not just the service user that is required, but also the role on that user | 17:37 |
sean-k-mooney | sorry 16/train ya | 17:38 |
sean-k-mooney | OSA and kolla have supprot but i dont know if its on by default | 17:38 |
dansmith | s'gonna be soon :) | 17:38 |
sean-k-mooney | unfortunetly it looks like no but looking at there config | 17:39 |
melwitt | oh huh, is stable/wallaby ci known to not work? | 17:40 |
sean-k-mooney | when the service user is not configred it may have been possibel to fallback to the info form the keystone authtoken section | 17:40 |
gmann | melwitt: what is failing, it should be green | 17:40 |
sean-k-mooney | melwitt: no but devstack might not have service users configred htere | 17:40 |
melwitt | gmann: ERROR: Could not find a version that satisfies the requirement tempest>=30.0.0 (from cinder-tempest-plugin) https://zuul.opendev.org/t/openstack/build/4c8a3d86710a4d50871613e2e578831a | 17:41 |
gmann | melwitt: oh, we did recent change there, let me check if cinder-tempest-pluing is not pinned there. we did pin the tempest. its incompatible tempest and c-t-p | 17:41 |
dansmith | incompatible because of me | 17:42 |
gmann | dansmith: no, you just exposed that but we should pin all plugin along with tempest to have such issue coming in future. | 17:43 |
dansmith | \o/ | 17:43 |
gmann | melwitt: dansmith: ah I pushed change while pinning tempest but did not realize it is not merged https://review.opendev.org/c/openstack/devstack-plugin-ceph/+/871920 | 17:44 |
gmann | and that was the only change left for tempest pin on wallaby, :( https://review.opendev.org/q/topic:wallaby-pin-tempest | 17:44 |
melwitt | ah ok | 17:45 |
melwitt | I shan't recheck those then :) | 17:46 |
gmann | melwitt: yeah, it will fail until 871920 is merged, I will check it but not sure if ceph testing on wallaby is all working or not. | 17:48 |
melwitt | the plugin patch failed 25 tests ... not sure if they're unrelated fails | 17:49 |
gmann | melwitt: if urgent as CVE fix then we can make ceph job as n-v in wallaby for now to merge your fix | 17:49 |
gmann | yeah, I am not very positive of everything on ceph will work in wallaby | 17:49 |
melwitt | gmann: wallaby is nice-to-have I think, I just proposed it bc there was no change needed from the xena patch | 17:50 |
gmann | k | 17:51 |
dansmith | so I just noticed we're running a n-v job in the gate queue.. the ceph migration one | 18:42 |
dansmith | sean-k-mooney: so I've seen something that looks like this a number of times recently: https://92f377bbda976b6da17f-b08d635a9941444d91f5e0463ea7a01d.ssl.cf2.rackcdn.com/882852/1/gate/nova-grenade-multinode/b8a7af9/testr_results.html | 19:04 |
sean-k-mooney | test_list_migrations_in_flavor_resize_situation thats an interesting testname... | 19:05 |
dansmith | melwitt: dammit, ceph job timed out | 19:06 |
sean-k-mooney | hum binding failed | 19:06 |
dansmith | thought we were going to win the lottery | 19:06 |
melwitt | aw man | 19:06 |
sean-k-mooney | dansmith: the nv one or the working one. i guess the later | 19:06 |
melwitt | I've seen the port binding fail one a lot recently | 19:06 |
dansmith | the important one | 19:06 |
dansmith | we might want to up the timeout on the ceph job because it definitely takes legitimately longer with all the validations | 19:07 |
sean-k-mooney | so binding_failed is generally a rare thing so if its happen alto recently that concerning | 19:07 |
dansmith | and it's still steaming along when it is getting close to its timeout | 19:07 |
dansmith | I've seen it a number of times lately | 19:07 |
sean-k-mooney | whats it at currenlty | 19:08 |
sean-k-mooney | the timeout | 19:08 |
sean-k-mooney | 2 hours? | 19:08 |
dansmith | just over two hours | 19:08 |
sean-k-mooney | we can bump it to 150 mins i guess | 19:08 |
sean-k-mooney | i like it when test fail and give you the requst id | 19:09 |
sean-k-mooney | im going to see why that failed on the neutron side and ill let you know if i find anyting | 19:09 |
opendevreview | Dan Smith proposed openstack/nova master: Bump nova-ceph-multstore timeout https://review.opendev.org/c/openstack/nova/+/882890 | 19:12 |
sean-k-mooney | oh that is in seconds https://zuul-ci.org/docs/zuul/latest/job-content.html#var-zuul.timeout | 19:13 |
dansmith | here we go | 23:02 |
opendevreview | Merged openstack/nova master: Use force=True for os-brick disconnect during delete https://review.opendev.org/c/openstack/nova/+/882847 | 23:05 |
opendevreview | Merged openstack/nova master: Enable use of service user token with admin context https://review.opendev.org/c/openstack/nova/+/882852 | 23:05 |
Generated by irclog2html.py 2.17.3 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!