Tuesday, 2025-09-30

« Monday, 2025-09-29 Index Wednesday, 2025-10-01 »
*** ykarel__ is now known as ykarel04:42
jssfrdansmith, thanks for the review!05:34
opendevreviewRajesh Tailor proposed openstack/nova master: Fixing the 500 HTTP code in the metadata service for incorrect queries  https://review.opendev.org/c/openstack/nova/+/91424906:02
opendevreviewTaketani Ryo proposed openstack/nova-specs master: Add a spec for 2026.1 for libvirt launching Arm CCA instances  https://review.opendev.org/c/openstack/nova-specs/+/96077709:20
*** bauzas0 is now known as bauzas10:43
*** mhen_ is now known as mhen10:44
opendevreviewTaketani Ryo proposed openstack/nova-specs master: Adjust the SEV/SEV-ES code for multiple cc support  https://review.opendev.org/c/openstack/nova-specs/+/96257810:52
aravindhhello folks, I see some specs for detaching boot cinder volumes from a VM, but most of them are abandoned. What is the offical stance on this feature? We had some usecase where we had to restore boot disks from snapshots. I want to understand what the current consenses about this feature in the community.10:58
bauzasdansmith: back to our discussion yesterday, I found the bug (this was in fill_metadata). I'll provide a functional test for testing the weigher in the fix change14:22
bauzashopefully tomorrow given all the today meetings14:23
dansmithbauzas: you said that the fake instances had blank sysmeta in them, which will (intentionally) be skipped by fill_metadata14:23
dansmiththat's not a bug, if that's what you're describing14:23
bauzasdansmith: https://github.com/openstack/nova/blob/master/nova/objects/instance.py#L1608 there we need to pass the dict value14:25
bauzasie.inst.system_metadata = utils.instance_sys_meta(updated[inst.uuid)14:25
bauzasanyway, working now on a functional test14:25
dansmithbauzas: um14:29
dansmithif that's wrong, seems like the image props weigher can't be working?14:30
bauzasyeah, that's why I'm creating a functional test 14:31
bauzaswe were only having tests that were checking that the weigher was running14:31
bauzasand we were having unittests for checking the results 14:31
dansmithwell, I was definitely testing that locally, but perhaps a refactor before merge broke it.. it was QAd downstream though, I'm pretty sure14:32
bauzashonestly, that's my fault here14:33
bauzasthe whole one14:34
bauzasI was thinking this was simple to create a weigher but the fact is that this specific weigher needs to get some values not from the host state, and we didn't really tested it, just myself by testing once 14:34
dansmiththe unit test for fill_metadata uses the db and seems solid to me, but I'll wait for your patch14:36
opendevreviewBalazs Gibizer proposed openstack/placement master: Reproduce GET a_c slowness  https://review.opendev.org/c/openstack/placement/+/96259615:06
UgglaNova upstream meeting in ~30mn15:31
bauzastic toc16:01
Uggla#startmeeting nova16:01
opendevmeetMeeting started Tue Sep 30 16:01:57 2025 UTC and is due to finish in 60 minutes.  The chair is Uggla. Information about MeetBot at http://wiki.debian.org/MeetBot.16:01
opendevmeetUseful Commands: #action #agreed #help #info #idea #link #topic #startvote.16:01
opendevmeetThe meeting name has been set to 'nova'16:01
UgglaHello everyone16:02
bauzas\o16:02
r-taketnHello16:02
elodilleso/16:02
tkajinamo/16:03
Ugglaawaiting a couple of minutes, so people can join16:03
UgglaI know some of them are already in another meeting16:03
gibi_o/16:03
UgglaLet's start16:04
Uggla#topic Bugs (stuck/critical)16:04
Uggla#info No Critical bug16:04
Uggla#topic Gate status 16:04
Uggla#link https://bugs.launchpad.net/nova/+bugs?field.tag=gate-failure Nova gate bugs 16:04
fwieselo/16:04
Uggla#link https://etherpad.opendev.org/p/nova-ci-failures-minimal16:04
Uggla#link https://zuul.openstack.org/builds?project=openstack%2Fnova&project=openstack%2Fplacement&branch=stable%2F*&branch=master&pipeline=periodic-weekly&skip=0 Nova&Placement periodic jobs status16:05
Uggla#info Please look at the gate failures and file a bug report with the gate-failure tag.16:05
Uggla#info Please try to provide a meaningful comment when you recheck16:05
Uggla#info I have seen (last week) "nova-tox-py312-threading fails intermittently" https://bugs.launchpad.net/nova/+bug/2125185 from gibi16:05
Ugglagibi is it something you want to discuss here or later in the eventlet part ?16:06
gibi_I will recheck the fix there as it failed on the gate 16:06
gibi_96178116:06
gibi_https://review.opendev.org/c/openstack/nova/+/96178116:06
gibi_my point here is just if you see nova-tox-py312-threading failing on your patch16:06
gibi_but the other py312 job does not16:06
gibi_then please let me know16:06
Uggla๐Ÿ‘16:07
gibi_I monitor the nova-tox-py312-threading job but I might miss things16:07
gibi_that is it here16:07
*** sambork_ is now known as sambork16:07
*** gibi_ is now known as gibi16:07
UgglaAnything else to discuss about the gate ? I have not seen anything special but... ?16:07
gibimaybe one 16:08
gibiif you see strange failures in nova-next regarding scheduling then let me no too :) nova-next uses threading mode for n-sch n-api n-metadata 16:08
gibi /let me no/ let me know/16:09
gibiI spotted some strange failurs there and even filed a bug 16:09
gibibut I lost the link :)16:09
gibihttps://bugs.launchpad.net/nova/+bug/212559816:10
gibihere it is16:10
gibiI need to get back to this and look deeper16:10
gibithat is it really for me now :)16:10
Ugglaok*16:11
UgglaMoving on to next topic skipping gmann's one due to PTO.16:11
Uggla#topic Release Planning 16:11
Uggla#link https://releases.openstack.org/flamingo/schedule.html16:11
Uggla#info Nova deadlines are set in the above schedule16:11
Uggla#info release in progress.16:11
Uggla#info PTG etherpad for 2026.1 is available: https://etherpad.opendev.org/p/nova-2026.1-ptg16:11
Uggla#info Please add the topics you would like to discuss in the above document.16:12
Uggla#info PTG meetings (to be confirmed) will happen room grizzly 15:00UTC -> 17:00UTC from Tuesday to Friday16:12
opendevreviewBalazs Gibizer proposed openstack/placement master: Reproduce GET a_c slowness  https://review.opendev.org/c/openstack/placement/+/96259616:12
Uggla^ I have booked the timeslots, but that could change.16:13
tkajinammaybe we need deadilines for G added to https://releases.openstack.org/gazpacho/schedule.html16:13
bauzastkajinam: we usually discuss it at the PTG16:13
tkajinamah, yes. ok16:14
Ugglatkajinam, this is something that will be added after PTG16:14
bauzasUggla: fwiw, we could need to leave the Tuesday slots for cross-project discussions... or booking x-p topics into our own slots16:14
bauzasmoderators should get proper information about x-p needs soon16:15
Ugglabauzas, yep sure. We will fine tune the schedule based on cross session projects and constraints.16:15
UgglaI guess for now the most important thing is to add topics to the etherpad.16:16
Ugglamoving on16:16
Uggla#topic OpenAPI 16:17
Uggla#link: https://review.opendev.org/q/topic:%22openapi%22+(project:openstack/nova+OR+project:openstack/placement)+-status:merged+-status:abandoned16:17
Uggla#info still 28 remaining atm.16:17
Uggla#topic Stable Branches 16:17
* Uggla giving the mic to elodilles16:17
elodillesthanks o/16:17
elodilles#info stable branches (stable/2025.* and stable/2024.*) seem to be in OK state16:18
elodillesa couple of stable backports landed on old stable branches but we haven't merged anythin to stable/2025.2 yet,16:18
elodillesmaybe the day after tomorrow, if the 2025.2 Flamingo release will be successful :)16:19
elodillesi think that's it from me about stable branches for now16:19
Uggla๐Ÿคžfor thursday.16:19
Ugglathanks elodilles16:20
elodillesnp16:20
Uggla#topic vmwareapi 3rd-party CI efforts Highlights16:20
Ugglafwiesel anything from you16:20
fwieselHi, sorry for the last time. I was on a company workshop.16:20
Ugglano worries16:21
fwieselThis week, I am working on fixing a problem in the pipeline. A Neutron update conflicts with our agent.16:21
fwieselSo, the agent won't even start up anymore.16:21
fwieselI hope to fix that soon.16:21
fwieselThat's from my side.16:21
fwieselUggla: Back to you16:21
Ugglathx fwiesel16:22
Uggla#topic Gibi's news about eventlet removal. 16:22
* Uggla giving the mic to gibi16:22
gibio/16:23
gibi#link Gazpacho plans are collected in the PTG etherpad: https://etherpad.opendev.org/p/nova-2026.1-ptg16:23
gibi#link We need a formal approval of the new BP: https://blueprints.launchpad.net/nova/+spec/eventlet-removal-gazpacho16:23
gibi#link We are going to restart our weekly eventlet sync every Wednesday 16:30 CEST, 14:30 UTC (during the summer) on meet.google.com/bcy-uqoz-hje16:23
gibiactually we restarted last week16:24
sean-k-mooneyack so the next wone is tomorow correct16:24
gibinext thing to land is nova-conductor https://review.opendev.org/c/openstack/nova/+/958575 please help me reviewing it16:24
gibisean-k-mooney: yepp next one is tomorrow 14:30 UTC16:25
gibithat is all from me. Uggla lets try to approve the bp :)16:25
Ugglaok16:26
gibiis there any questions or objections against that bp? 16:26
sean-k-mooneyUggla: one admin thing can you create teh 2026.1 seriese tomorrow and set it as the current devlopemnt cycle and upstea the 2025.2 serise and 2025.1 serose to reflect the current stable and supproted status reflecitvly16:27
sean-k-mooneyi.e. once 2025.2 is offically released tomorow16:27
sean-k-mooneyan no no objections to the blueprint form me :)16:28
bauzassean-k-mooney: I'll help Uggla about how to do this for launchpad but sure16:28
Ugglasean-k-mooney you mean in launchpad right ?16:28
sean-k-mooneycool16:28
sean-k-mooneyyep in launchpad16:28
bauzasand yeah, +1 on accepting the gazpacho eventlet bp as a specless one16:28
sean-k-mooneywe will need to creat the serise in launchpadc before we can target theh bp to it16:29
sean-k-mooneythat why i was bringin it up16:29
Ugglasean-k-mooney, sure as soon as F will be released, I'll update LP.16:29
Uggla#topic Open discussion 16:30
gibithanks folks16:30
Uggla(Uggla) I'm going to send a poll with new schedules proposal.16:30
Ugglafor the upstream meetings.16:31
UgglaLast week I managed to collect some trends, so I can narrow a bit the choices.16:32
UgglaThat's all 4 me.16:33
UgglaDoes anyone whant to discuss about something ?16:33
r-taketnUggla: I've just added one more topic to the agenda right before the meeting. Can I share it now?16:33
UgglaSure, sorry I missed it because my mage was not refreshed.16:34
Ugglaplease go ahead r-taketn16:34
r-taketnThank you16:34
r-taketn#link https://review.opendev.org/c/openstack/nova-specs/+/96257816:34
r-taketnWe proposed to adjust the existing SEV/SEV-ES code.16:34
r-taketnWe think there is the need to generalize the existing SEV/SEV-ES code a bit to support other confidential computing features (e.g. Intel TDX, Arm CCA).16:35
r-taketnWe would like to discuss the timing of this introduction. Specifically, we propose this as a standalone enhancement in advance to accept other features. Could we consider this approach?16:35
gibiI feel like this needs a spec and a PTG discussion and we need tkajinam present :)16:36
sean-k-mooney+1 to ^ 16:37
Ugglagibi spec link above, but I agree to with ^16:37
tkajinam:-)16:37
sean-k-mooneybut the overall intent is to generalise teh code now so that it can be extended in teh future correct for more usecase and or vendors/plathforms16:37
tkajinamyeah like CCA and even TDX16:37
r-taketnsean-k-mooney: yes16:38
sean-k-mooneywe have talked about TDX in the past as soemting that shoule eventually be supproted16:38
Ugglathat sounds a reasonable "refactoring"16:38
tkajinamI'll check the spec and try to leave some feedback there for the discussion16:38
gibiUggla: I blame the clock for not noticing the spec link :)16:38
r-taketntkajinami: Thank you.16:39
tkajinammy quick suggestion at my first glance is that if you can put more focus on describing the expected problems of the current code, rather than how you update codes in details, that would help us understand the direction.16:39
UgglaI can say that my employer is interested in TDX and CCA support at some point.16:40
Ugglatkajinam +116:40
sean-k-mooneyon thing i will say just glancing at it16:41
sean-k-mooneyMemEncryptionConfig16:41
r-taketntkajinami: Thank you for your feedbacks. I will clarify the purpose and merit to merge this refactoring in advance more.16:41
sean-k-mooneyis currently a named touple or inhertied form it16:41
sean-k-mooneywe may actully want to formmalise that inot a real class if we intend to build out more functionality with it16:41
sean-k-mooneyi.e. have properties/functions assocated with it16:42
sean-k-mooneyespcially if this woudl ever be inlcuded in any rpc object16:42
sean-k-mooneybut we can reviw that as part of the spec16:42
tkajinamyeah16:43
Ugglasean-k-mooney +1, tuple is evil. :)16:43
tkajinamI'm guessing we may need to convert it to a class and create sub class per mechanisms.16:43
sean-k-mooneynamed tupples are less so but if we ever thing that class will be part fo an rpc call16:44
sean-k-mooneythen it need to be an ovo16:44
sean-k-mooneyffor now its not so its fine so again lets look at that when we think about the generalisation16:44
tkajinamyeah16:44
sean-k-mooneyit may not be relevent but nova.virt.hardware is used in the schdler and the computes already and maybe the conductor16:44
sean-k-mooneyanyway i dont really ahve anythign else on that16:45
r-taketnThank you for some feedbacks. My intent is the same to the above discussion(Specifically, MemEncryptionConfig)16:47
r-taketnAnyway, I need to write the spec in detail more. 16:48
r-taketnI will improve the spec constantly. It would be helpful if we could discuss this at PTG or on Gerrit.16:49
r-taketnThat's all from me today. thanks all.16:49
gibisounds like a plan 16:49
Ugglar-taketn ๐Ÿ‘16:50
UgglaAnything else to discuss.16:50
gibi-16:50
tkajinamnothing from me16:50
bauzas-16:52
Uggla#topic Bug scrubbing 16:52
Uggla#info up to 186 (+9 from previous week :( )16:52
Uggla^ just providing the info that it increases a lot compare to last week.16:53
UgglaI know gibi is contributing to it. ;)16:53
UgglaI will try to look at them tomorrow, if I can answer/close some of them.16:54
UgglaAnyway I think that's all for today.16:54
gibihey, I saw bugs, I open trackers :)16:55
UgglaThank you for participating in this meeting. Iโ€™ll keep you posted if the next meeting is rescheduled.16:56
Uggla#endmeeting16:57
opendevmeetMeeting ended Tue Sep 30 16:57:12 2025 UTC.  Information about MeetBot at http://wiki.debian.org/MeetBot . (v 0.1.4)16:57
opendevmeetMinutes:        https://meetings.opendev.org/meetings/nova/2025/nova.2025-09-30-16.01.html16:57
opendevmeetMinutes (text): https://meetings.opendev.org/meetings/nova/2025/nova.2025-09-30-16.01.txt16:57
opendevmeetLog:            https://meetings.opendev.org/meetings/nova/2025/nova.2025-09-30-16.01.log.html16:57
r-taketnThank you16:57
elodillesthanks o/16:57
gibio/16:58
sean-k-mooneyUggla: im triaging https://bugs.launchpad.net/nova/+bug/2125738 as low but its valid just an fyi16:58
elodillesUggla: fyi, the nova ptg etherpad link is not updated on the ptg page: https://ptg.opendev.org/etherpads.html16:58
opendevreviewLajos Katona proposed openstack/nova master: Use SDK for Neutron floating IPs  https://review.opendev.org/c/openstack/nova/+/96260416:59
elodillesUggla: i think it can be updated via the openinfraptg bot in #openinfra-events channel16:59
sean-k-mooneyits a fairly simpel fix in out bindep.txt to account for the package change 16:59
lajoskatonaUggla: Hi, just a quick note that I slowly progress with the migration to SDK from neutronclient hell: https://review.opendev.org/q/topic:%22sdk_for_neutron%22 , after we are over the release week we can discuss how should it be consumed the easiest way :-)17:00
sean-k-mooneyits not actully a bug requriing nova code change really beyond bindeps.txt to just document the relevent dep17:00
sean-k-mooneylajoskatona: ya you have broken it up that helps17:01
sean-k-mooneyi likmed the orginal patch and saw you were updating it but i have not looked at it in any detial17:02
sean-k-mooneys/likmed/skimed/17:02
sean-k-mooneylajoskatona: we have a related topic for the wtacher ptg about how/wen to start the convertion tothe sdk there. there is a depency on the neutron client in watcher too https://github.com/openstack/watcher/blob/master/requirements.txt#L3817:04
sean-k-mooneybut really not much of one today so i was sugesting we start with movaing the novaclinet and perhaps other over to the sdk next cycle17:05
Ugglasean-k-mooney, elodilles I will look at above later.17:06
lajoskatonasean-k-mooney: The thing that I run into and have to think about is that in n-client there are plenty of exotic exceptions like overquota and similar, but SDK has only basic exceptions like conflict17:09
lajoskatonaat the moment I am not sure if using the simple conflict, notfound etc is enough or there is a need for cover the neutronclient exotic exceptions in SDK for example17:10
sean-k-mooneylajoskatona: ah so we may need to add some more detailed excption n nova for those diffent usecases to make the rest of the logic continue to work the same17:11
sean-k-mooneyand your tryign to understand if that is the correct approch or if the nova code should be adapted to the geneirc expctions?17:12
sean-k-mooneyit that the crux of the disucssion you want to have17:12
sean-k-mooneyi.e. adtapt the generic excption to specific ones locally at the callsite or not?17:13
sean-k-mooneylajoskatona: for the most part as you have seen here https://review.opendev.org/c/openstack/nova/+/928022/12/nova/network/neutron.py#2933 we have tired to convert the neutron client excption into nova specific ones rather then propagate them outside ot the nova.network.neutron module17:16
sean-k-mooneyso ideally code outside of nova/network/neutron.py shoudl not need to deal with sdk or neutron client excptions17:16
sean-k-mooneylajoskatona: alhtough i dont know if that is actully what you are asking17:17
lajoskatonasean-k-mooney: yes that is my problem now, I think the fresh patch for FIPs has some of these cases17:19
sean-k-mooneyhttps://review.opendev.org/c/openstack/nova/+/962604/1/nova/network/neutron.py#b294917:19
sean-k-mooneythis is perhaps a good example17:19
sean-k-mooneybefore if it was not a client excption we loged the ecetpion and reaised17:19
lajoskatonaor some real exotic ones: https://review.opendev.org/c/openstack/nova/+/962604/1/nova/network/neutron.py#3100 :-)17:20
sean-k-mooneywe still proably shoudl actch other clent excptions and log them and then raise them again17:20
sean-k-mooneyah 17:21
sean-k-mooney        except (neutron_client_exc.IpAddressGenerationFailureClient, neutron_client_exc.ExternalIpAddressExhaustedClient17:21
lajoskatonaSDK has general httpException, that can be used for such17:21
opendevreviewTakashi Kajinami proposed openstack/nova master: AMD SEV: omit iommu='on' for virtio devices  https://review.opendev.org/c/openstack/nova/+/90963517:22
sean-k-mooneyso neutron_client_exc.OverQuotaClient apars ot be the oen that is missing17:22
sean-k-mooneyright we are nologner rasign FloatingIpLimitExceeded17:22
sean-k-mooneyso for partity we would need to disambiuage the sdk_exc.ConflictException 17:23
sean-k-mooneyand look at the message to know if its a quota issue or if we are out of ips17:23
sean-k-mooneyi think in both case we would expect the allocation to fail and we would want to return a 40917:25
sean-k-mooneyso merging those together while it makes debuging hard does not seam to alter the api behavior17:25
sean-k-mooneylajoskatona: are you wonderign if nova shoudl do that disambiguation ro if it shoudl be in the sdk17:26
sean-k-mooneyor are you wonderign if its required to treat them differently vs merging them into a singel expction17:27
lajoskatonasean-k-mooney: +1, I check it tomorrow to look inside the message17:27
lajoskatonasean-k-mooney: My first idea was to merge them17:27
sean-k-mooneyi think as long as the end result at the api/externally does nto change i.e. 40917:28
sean-k-mooneyadn we have somethign reasonable in the debug logs17:28
lajoskatonasean-k-mooney: for tomorrow I will have more test results from zuul, so I will see if this aproach can work :-)17:28
sean-k-mooneyso we can tell which it actully was its proably oke to merge them17:28
sean-k-mooneyack17:28
sean-k-mooneyso for th ecase like this you could consider doing the merge in a seperate refactor first17:29
sean-k-mooneythen the adopt sdk patch is just doing that17:29
sean-k-mooneyi have not reviewd this in detail but in most cases i tlooks like you have found 1:1 mappings17:30
sean-k-mooneybut sure let me know what you find after zuul reports17:30
sean-k-mooneylajoskatona: as an aside i think https://github.com/openstack/watcher/blob/master/watcher/common/nova_helper.py#L729-L744 is the only useage of neutronclient in watcher17:31
sean-k-mooneyand i dont think we actully need that info really any more17:31
sean-k-mooneyits part of the create_instance helper https://github.com/openstack/watcher/blob/master/watcher/common/nova_helper.py#L64117:31
sean-k-mooneyand that on my todolist to see fi we can entrily delete17:31
sean-k-mooneylajoskatona: so if nothing else im goign to see if we can remove the neutronclient dep entirly one way or another in 2026.117:32
sean-k-mooneywatcher used ot have its onw impleation of evacuate/coldmigrate where it woudl snapshot a vm, delete it and create a new one17:34
sean-k-mooneyi belive this is mostly dead code now17:34
lajoskatonasean-k-mooney: thanks I add watcher to my todolist, I have anyway some pending patches waiting for the release to not bother people (like in manila-ui)17:41
melwittdansmith, bauzas: just some fyi, I have been realizing some issues while working on tempest tests for this series. I have added a few comments about it on the spec re-proposal here https://review.opendev.org/c/openstack/nova-specs/+/961564/1/specs/2026.1/approved/vtpm-live-migration.rst18:29
melwitt(about [libvirt]supported_tpm_secret_security valid values and overloading of the image_hw_tpm_secret_security instance sysmeta key)18:30
dansmithmelwitt: I mostly gave up reviewing the spec re-proposal because it isn't easy to see the changes. So I've just been using the commit message to remind myself of the changes while looking at the code18:30
dansmithI figure it's better to spend my time on the code anyway18:30
melwittdansmith: that's a reasonable approach, that was my thinking in enumerating the changes in the commit message. just saying I have noticed some things while doing tempest stuff and thought that might be the best place to note my findings18:31
dansmithack18:32
melwittit's all about the "opt in via resize" part of it. I have been writing tempest tests that do resize-confirm, resize-revert, and now I'm doing a rebuild-with-image-property one to see what happens18:33
melwittI am unsure how comprehensive we will want to be with the ability for a user to change their TPM secret security policy18:34
melwittdansmith: do you think that we should support a user _changing_ their secret security policy via a resize? or do you think the resize should be limited to legacy instances that don't have a policy set? because the former becomes a problem with us overloading the sysmeta key for it18:48
melwitt*the image property sysmeta key for it18:49
sean-k-mooneymelwitt: interesting i had assumed the later that you would be able change via resize18:56
melwittsean-k-mooney: you mean the former I think :) but yes I also went in with that assumption but I want to pause and make sure that's what we want, bc if we want that, I think we need to not use "image_hw_tpm_secret_security" as the key to stash in the instance sysmeta. bc it makes flavor/resize conflict errors18:57
melwitt(I have been finding things while adding more func tests and tempest tests)18:58
melwitt*flavor/image conflict errors18:59
sean-k-mooneywell the flavor image conflcit check shoudl be checkign the glance image keys18:59
sean-k-mooneyare we using the stashed copy18:59
melwitt, when the user may not have ever used an image prop18:59
sean-k-mooneyi guess we might be to ensure that out of band glance changes dont creap in18:59
sean-k-mooneyso we do not need ot use the same key19:00
melwittwe are yeah. for the check virt.hardware.get_tpm_secret_security_constraint() for example19:00
sean-k-mooneythat was suggested just to minimise the number of places we have to check19:00
melwittyeah. using the same key becomes a problem if the user never used an image with that key in it and we have set it internally for other reasons19:01
sean-k-mooneyare you thinking we woudl add a new instance system metadata key ?19:01
sean-k-mooneyor were you leanign to only allowing resize if its not a confilct19:01
sean-k-mooneymeaning we shoudl not set it on update but treat it not being set as the old user policy19:01
melwittif we want to be able to convert via resize, yes. like convert from host => deployment, etc. unless someone has a different idea19:01
sean-k-mooneyi.e. defaulting in code instead of in the db19:01
sean-k-mooneyif we dont use a new key then the simplest thing to do is treat key not in data as the USER policy19:02
melwittbecause if we set image_hw_tpm_secret_security NOT from an image, it will get locked into the instance as if it had the image property, and it will reject any flavor hw:tpm_secret_security that does not agree with it19:02
sean-k-mooneythen the key will only be set if it actully comes form the image19:03
melwitteverything currently works fine for legacy => host and legacy => deployment19:03
melwittthe problem comes when you have user => host, user => deployment, host => deployment, etc. new instances basically19:03
sean-k-mooneyya19:04
melwittbut yeah I see what you are saying19:04
melwittthat would work also19:04
sean-k-mooneybasicly image_metadata.get("image_hw_tpm_secret_security", "user") in virt.hardware.get_tpm_secret_security_constraint()19:05
sean-k-mooneywell19:05
sean-k-mooneyhum19:05
sean-k-mooneyhtat does not quite work19:05
sean-k-mooneyin the resize case we still need to know if its set or not set19:06
sean-k-mooneybut for most other case it wil work19:06
sean-k-mooneyi think you can still do it pretty cleanly19:08
sean-k-mooneybut i dont know are we giving up anything else by doing it that way19:08
melwittyeah. it's hard to know ahead of time19:08
melwittwhat I'm doing now is writing up some more func tests and tempest tests to sort of demonstrate where the series is at the moment with regard to resize and rebuild behaviors19:09
melwittI was thinking looking at those would make it easier to reason about how it's working at the moment and help us decide what to do next. at least it helps for me19:10
sean-k-mooneyya that sound like a good approch19:30
sean-k-mooneyhum so this is the curretn defintion https://review.opendev.org/c/openstack/nova/+/942502/17/nova/virt/hardware.py19:33
sean-k-mooneyand like the ohter get_*_constraint19:33
sean-k-mooneyfunctions it only thake the flavor/image and does not know if it is a resize ectra19:34
sean-k-mooneyso if we leave it as it it will work the way we want19:34
sean-k-mooneybut it means we will need to do the defaulting diffently19:35
sean-k-mooneywhich isnot great19:35
sean-k-mooneymelwitt: there is another option actully19:35
sean-k-mooneymelwitt: instead of defaulting the value to "user" for the exiting vms19:36
sean-k-mooneywe could defautl it to "legacy"19:36
sean-k-mooneywhich for all intents woudl be the same as user excpt it allows you to cange to a diffent policy19:36
sean-k-mooneyin other words we would asdd a new value to the enum just for upgrades19:37
sean-k-mooneyim not sure if that is a good idea or not but its an option to consider i guess19:37
melwittsean-k-mooney: hm yeah I hadn't considered that19:45
sean-k-mooneywe did somethign similar for pci neuma affinity. we added a "legacy" value for the old default when we added new policies19:45
sean-k-mooneywe intened to eventually change the default but that never happened19:46
sean-k-mooneyhttps://docs.openstack.org/nova/latest/configuration/config.html#pci.alias19:46
melwittah, good to know19:46
sean-k-mooneynuma_policy19:46
sean-k-mooney    Required NUMA affinity of device. Valid values are: legacy, preferred, required, and socket.19:46
sean-k-mooneyi belive we intened to make preferred the default but we never got around to it19:47
* sean-k-mooney ignores the fact that we really shoudl docuemnt what those mean in the doc..19:47
melwitthaha19:47
sean-k-mooneyok im wrapping for today, enjoy your evening19:48
melwittttyl o/19:50
« Monday, 2025-09-29 Index Wednesday, 2025-10-01 »

Generated by irclog2html.py 4.0.0 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!