Friday, 2025-10-31

« Thursday, 2025-10-30 Index Saturday, 2025-11-01 »
*** mhen_ is now known as mhen02:57
opendevreviewBalazs Gibizer proposed openstack/nova master: Rally job for eventlet-removal  https://review.opendev.org/c/openstack/nova/+/96013009:13
opendevreviewBalazs Gibizer proposed openstack/nova master: Rally job for eventlet-removal  https://review.opendev.org/c/openstack/nova/+/96013009:27
opendevreviewBalazs Gibizer proposed openstack/nova master: Do not fork compute workers in native threading mode  https://review.opendev.org/c/openstack/nova/+/96546610:39
opendevreviewBalazs Gibizer proposed openstack/nova master: Run nova-compute in native threading mode  https://review.opendev.org/c/openstack/nova/+/96546710:39
gibisean-k-mooney: dansmith: sambork: ^^ I had first light with nova-compute in threading mode. I was able to boot and delete VMs in a local devstack. Let see how this fails on the gate with more complex operations10:40
sean-k-mooneygibi: cool10:42
samborkgibi, nice! change looks less impressive than I think it would :)10:42
sean-k-mooneygibi: i have not looked yet but did you just make spawn a noop10:43
gibiI made the Tpools running the calls on the caller thread, and basically swiched all our executors to ThreadPools (already in tree) with the env variable. I needed to convince oslo.service not to fork a worker process for compute. And that is it. Compute just started working :)10:45
gibiprobably fails in edge cases10:45
gibibut it boots and deletes VMs for me locally10:46
sean-k-mooneyyep im reviweing th echange now i pushed qution to https://review.opendev.org/c/openstack/nova/+/96546610:46
gibiI will dig a bit into the libvirt direct greenthread usage as that might only work just by luck10:47
gibibut the tpools are neutered10:47
gibiwhen running with native threading10:47
sean-k-mooneyi dont see wehre you did that by the way10:47
sean-k-mooneyoh10:47
sean-k-mooneyits in earlier pathces10:48
gibiyepp earlier patches10:48
sean-k-mooneyhttps://review.opendev.org/c/openstack/nova/+/956089/12 and https://review.opendev.org/c/openstack/nova/+/956090/1210:48
sean-k-mooneyya ok10:48
gibione for the vfs and one for the libvirt tpool10:48
sean-k-mooneyVFs?10:48
gibihm10:49
sean-k-mooneydo you mean rbd?10:49
gibithen I missed one10:49
gibiI did the rbd10:49
gibibut there is on in nova/virt/disk/vfs/guestfs.py:from eventlet import tpool10:49
sean-k-mooneyoh virtual file systems10:49
sean-k-mooneynot Virutal fucntions10:49
sean-k-mooneyi was like how does sriov come into this10:49
gibi:)10:50
gibianyhow there are more work to do 10:50
gibibut I'm happy with this for now :)10:50
sean-k-mooneyhave you considerd putting a dnm with an eventlet poison on calls to monkey patch10:51
sean-k-mooneybasiclly to prove that no one calls it in the job via a lib ectra10:51
sean-k-mooneyimporting eventlet is kind of ok provide its not monkey patch but tha twoudl be a nice addtion even if we dont watn to ship that10:52
gibiyeah I want to do that. I cannot do it right now as we still import it. But we are close to get rid of those imports. 10:52
sean-k-mooneywell im not saying poison the import10:52
sean-k-mooneyim saying poison the eventlet.monkey_patch function10:53
gibiahh OK10:53
gibididn't we do that already?10:53
opendevreviewRajesh Tailor proposed openstack/nova master: Update the api-ref for unshelve  https://review.opendev.org/c/openstack/nova/+/93805410:53
sean-k-mooneywe coudl also https://opendev.org/openstack/nova/src/commit/7712e9193a2fc02454d73a43949a056b977076dd/nova/monkey_patch.py10:53
gibihttps://github.com/openstack/nova/blob/30bf8c1025ea24823ebde3eacede4ea34ec6be8c/nova/monkey_patch.py#L115-L13110:54
sean-k-mooneyso that you first patch10:54
sean-k-mooneyya so your right10:54
sean-k-mooneywe did10:54
sean-k-mooneyso ok that good10:54
sean-k-mooneyso it possibe a lib is doing eventlet.spawn10:54
sean-k-mooneywe know that if you dont monkey patch and you call the restul object that cause the eventlet to run 10:55
sean-k-mooneyblockign the caller until complete10:55
gibiyeah10:55
sean-k-mooneyi wonder if we could also poison eventlet.spawn?10:55
gibiso if the libvirt event handling works it works bec;se of that10:56
sean-k-mooneyhonestly this is probaly overkill10:56
sean-k-mooneylets see how ci fairs but this is great progress10:56
sean-k-mooneyif we do what dan suggested for spliting the venvs into one with eventlet and one without10:57
sean-k-mooneywe could slithgly update our code to do condtional imports10:57
sean-k-mooneyand when eventlet is not there use the threaded mode even if no env var is set10:58
nicolairuckelCan anyone help me explaining the issue here? https://gitlab.com/libvirt/libvirt/-/issues/828  i was under the assumption that libvirt should take care of any permissions but either that's not the case or I'm not able to explain the problem well enough.10:58
nicolairuckelmaybe jkulik?10:59
sean-k-mooneynicolairuckel: so honestly i need to trace the code for your orgianl patch and make sure we are not changing anything along the way10:59
sean-k-mooneyi parlly wonder if this is an edge case with libvirt dynmaic ownership feature11:00
sean-k-mooneywhen you start a domain that is manage by libvirt libvier changes the ownwership of the root disk for example to be owned by qemu11:00
sean-k-mooneyand then reverts it back when the domain is stopped11:00
sean-k-mooneyi dont knwo if tis is doing something similar fo ht nvram file11:01
sean-k-mooneythe nvram file as far as i am aware shoudl nto be owned by nova11:01
sean-k-mooneyi shoudl be owned by either swtpm user or qemu11:01
nicolairuckelYou mean those could still be issues caused by the first version of my patch?11:01
sean-k-mooneyim unsure but that or soemthign else nova is doing that predates your patch11:02
nicolairuckelI understand.11:02
nicolairuckelThe owner and group of the file are the same as for the disk (libvirt-qemu and kvm respectively) if that helps.11:03
nicolairuckelSo at least that looks correct to me.11:04
sean-k-mooneyif you dont change this how does it break11:13
sean-k-mooneyi.e. if you dont update form 600 to 64411:13
sean-k-mooneyi assume the swtpm cant acess it11:13
sean-k-mooneywhat i think we need to do is test this on a clean env11:14
sean-k-mooneyill see if i can set up a devstack today on a clean vm and look at the owner ship after the inial spawn in some detail11:14
sean-k-mooneyi think 640 woudl make sense assuming the swtpm user and qemu user and in the same group11:14
jkulikbut we got some information that we were looking for, right?11:17
jkulik> When shutting down the VM libvirt also ought to return the permissions the file had before the VM was started.11:17
jkulikso trying to figure out if we change the permissions somewhere, would be a good next step11:17
sean-k-mooneyjkulik: nicolairuckel  i have been talkign to the libvirt maintainer interlly and they dont see a clear way that this could be a libvirt bug but also 600 should be ok11:20
sean-k-mooneyprovide the libvirt dynmaic ownership feature is enabeld11:20
sean-k-mooneynicolairuckel: do you have that disabeld in your env11:20
sean-k-mooneyjkulik: 600 shoudl be valid provided the file si chown'd to be owned by qemu before qemu starts11:21
jkuliksean-k-mooney: I get that. I thought the point was, that it doesn't get re-chowned after the VM is shut down.11:26
sean-k-mooneyjkulik: we need to confirm the behvior and who is creatign the nvram file11:26
sean-k-mooneyand with what permisson11:27
jkulikyes. I agree with that.11:27
jkulik> If the NVRAM image is created by libvirt on first start of the VM it will have 600 permissions and will (originally) be owned by root; which will be restored after the VM is turned off.11:29
jkulik^ from the ticket. sounds plausible to me. when are we creating the NVRAM - do we rely on libvirt?11:29
nicolairuckelI have a stacktrace of the error message in the libvirt issue, sean-k-mooney 11:30
nicolairuckelI need to look into the dynamic ownership since my colleague set up the Dev Stack.11:31
sean-k-mooneynicolairuckel: lookign at the env its not supproted anymore11:33
sean-k-mooneypython 3.10 is 11:33
sean-k-mooneybut your using ubuntu 22.0411:33
sean-k-mooneywhich is not part of the testign runtimes11:33
sean-k-mooneyyou are using libvirt 8.0.0 which is our current min version https://github.com/openstack/nova/blob/master/nova/virt/libvirt/driver.py#L22011:34
sean-k-mooneybut its possible that there is some odd interaction here happeing with the version11:35
sean-k-mooneyim goign to try and replciate this on ubuntu 24.04 and see what happens11:35
sean-k-mooneywe will or likely shoudl move to libvirt 10.0.0 as our min version this cycle11:36
sean-k-mooneytaht or current NEXT_MIN_LIBVIRT_VERSION11:36
opendevreviewOpenStack Release Bot proposed openstack/nova master: reno: Update master for unmaintained/2024.1  https://review.opendev.org/c/openstack/nova/+/96549111:38
opendevreviewOpenStack Release Bot proposed openstack/os-vif master: reno: Update master for unmaintained/2024.1  https://review.opendev.org/c/openstack/os-vif/+/96549311:38
opendevreviewOpenStack Release Bot proposed openstack/osc-placement master: reno: Update master for unmaintained/2024.1  https://review.opendev.org/c/openstack/osc-placement/+/96549511:38
opendevreviewOpenStack Release Bot proposed openstack/placement master: reno: Update master for unmaintained/2024.1  https://review.opendev.org/c/openstack/placement/+/96549711:39
nicolairuckelsean-k-mooney, thank you!11:39
sean-k-mooneythat raises the minum to the minium we test with i.e. what ship in the disto with the oldest livbirt cover by the testing runtimes which siubuntu 24.0411:39
opendevreviewOpenStack Release Bot proposed openstack/python-novaclient master: reno: Update master for unmaintained/2024.1  https://review.opendev.org/c/openstack/python-novaclient/+/96550011:39
opendevreviewMasanori Kuroha proposed openstack/nova master: Copy applied provider config  https://review.opendev.org/c/openstack/nova/+/94830411:45
gibibauzas: dansmith: can I get a second set of eyes on this to readd +2 https://review.opendev.org/c/openstack/nova/+/937275 The devstack dependency is merged12:15
gibithis is also a pretty simple test only change around the same topic https://review.opendev.org/c/openstack/nova/+/96303612:16
bauzasUggla: fwiw the slot is not booked for nova14:01
bauzasgrizzly-FriB1 is empty14:01
dansmithlooks like it is to me14:01
Ugglabauzas sounds good to me14:02
bauzasoh doh, my maths14:02
bauzasthis is 2pm UTC now14:03
UgglaI have not booked grizzly-FriB5  because I have the secret expectation we will manage to finish early.14:03
* bauzas ragesquits about daylight savings14:03
bauzasUggla: I'll need to skip the last hour then for us due to the tc meeting14:03
Ugglaok14:04
gibisean-k-mooney: we have some tempest results with threaded compute. It is not good but not terrible https://review.opendev.org/c/openstack/nova/+/965467/1#message-518b76afc6b252d2f42c48d65f69f6570d9ecb8e  14:19
gibie.g. we have passing complex tests14:20
gibi2025-10-31 13:07:09.576696 | controller | {2} tempest.scenario.test_instances_with_cinder_volumes.TestInstancesWithCinderVolumes.test_instances_with_cinder_volumes_on_all_compute_nodes [348.575935s] ... ok14:20
nicolairuckelsean-k-mooney, does https://gitlab.com/libvirt/libvirt/-/issues/828#note_2858916854 mean it works with a more recent Ubuntu version?14:30
sean-k-mooneynicolairuckel: i have not tried your patch yet14:33
sean-k-mooneybut that confirm it shoudl not need to be 64414:33
sean-k-mooney600 shoudl be enough14:33
sean-k-mooneynicolairuckel: ill pull in your patch a bit later today when i get time14:33
nicolairuckelI see14:34
sean-k-mooneywhat this is telling me is your patch should not need to chown or chmod the file14:34
nicolairuckelThat's something.14:50
opendevreviewDmitriy Rabotyagov proposed openstack/nova master: Allow to perform parallel live migrations  https://review.opendev.org/c/openstack/nova/+/95578415:27
bauzasoh doh, the TC session is also very interesting15:55
* bauzas feels stuck in between walls15:55
sean-k-mooneybauzas:oh the crypto stuff16:01
sean-k-mooneybauzas: not very impornat16:01
sean-k-mooneywe will need to adress post quantum crypto eventually16:01
sean-k-mooneybut not in 2026.116:01
sean-k-mooneymy take is we finish the eventlet removal work first then we can think about how to adapt the minimal part of nova that will be impacted16:02
opendevreviewBalazs Gibizer proposed openstack/nova master: Make libvirt Tpool proxying conditional  https://review.opendev.org/c/openstack/nova/+/95609016:03
opendevreviewBalazs Gibizer proposed openstack/nova master: Fix ProviderTree copying with threading Lock  https://review.opendev.org/c/openstack/nova/+/95609116:03
opendevreviewBalazs Gibizer proposed openstack/nova master: [test]Further categorization of disabled unit tests  https://review.opendev.org/c/openstack/nova/+/95609216:03
opendevreviewBalazs Gibizer proposed openstack/nova master: [vncproxy]Handle ssl.wrap_socket removal in py312  https://review.opendev.org/c/openstack/nova/+/95591516:03
opendevreviewBalazs Gibizer proposed openstack/nova master: Do not fork compute workers in native threading mode  https://review.opendev.org/c/openstack/nova/+/96546616:03
opendevreviewBalazs Gibizer proposed openstack/nova master: Run nova-compute in native threading mode  https://review.opendev.org/c/openstack/nova/+/96546716:03
opendevreviewBalazs Gibizer proposed openstack/nova master: Make guestfs' Tpool usage optional  https://review.opendev.org/c/openstack/nova/+/96582116:03
opendevreviewMerged openstack/nova master: [CI][nova-next]test with placement ac optimizations  https://review.opendev.org/c/openstack/nova/+/93727516:29
opendevreviewMerged openstack/nova master: [func]Test with optimize_for_wide_provider_trees  https://review.opendev.org/c/openstack/nova/+/96303616:30
dansmithUggla: is the kid noise coming from you?17:29
Uggladansmith, I apologize, forget to mute...17:30
Uggladansmith thanks for letting me know17:30
bauzasUggla: still in the TC meeting, but I see nova done for the PTG, I guess I won't need to join once the session ends at 5:40pm UTC ?17:33
UgglaI next still cyborg.17:34
Ugglas/I/in/17:34
UgglaI mean, I have set next to end. But we are still discussing cyborg17:34
UgglaI guess we are not far from the end.17:35
bauzasack, I'll try to join as soon as the TC session stops17:38
bauzasUggla: well, false promise I made :) Happy Halloween everyone :)18:03
Ugglaoh yes, Happy Halloween !18:13
cardoeUggla: I hear you're trying to get bauzas to drink the Rust Kool-aid. :-D18:59
Ugglacardoe, yes I'm a rust big fan, so trying to communicate the love.19:04
opendevreviewmelanie witt proposed openstack/nova master: Add hw:tpm_secret_security extra spec validation  https://review.opendev.org/c/openstack/nova/+/94019721:13
opendevreviewmelanie witt proposed openstack/nova master: Add handling for vTPM secret permission error  https://review.opendev.org/c/openstack/nova/+/96364821:14
opendevreviewmelanie witt proposed openstack/nova master: TPM: support instances with `user` secret security  https://review.opendev.org/c/openstack/nova/+/94250221:14
opendevreviewmelanie witt proposed openstack/nova master: TPM: support instances with `host` secret security  https://review.opendev.org/c/openstack/nova/+/94179521:14
opendevreviewmelanie witt proposed openstack/nova master: Add vtpm_secret_(uuid|value) to LibvirtLiveMigrateData  https://review.opendev.org/c/openstack/nova/+/95262821:14
opendevreviewmelanie witt proposed openstack/nova master: TPM: support live migration of `host` secret security  https://review.opendev.org/c/openstack/nova/+/94148321:14
opendevreviewmelanie witt proposed openstack/nova master: TPM: bump service version and require it for live migration  https://review.opendev.org/c/openstack/nova/+/96205121:14
opendevreviewmelanie witt proposed openstack/nova master: TPM: support instances with `deployment` secret security  https://review.opendev.org/c/openstack/nova/+/94202121:14
opendevreviewmelanie witt proposed openstack/nova master: TPM: support live migration of `deployment` secret security  https://review.opendev.org/c/openstack/nova/+/92577121:14
opendevreviewmelanie witt proposed openstack/nova master: TPM: test live migration between hosts with different security  https://review.opendev.org/c/openstack/nova/+/95262921:14
opendevreviewmelanie witt proposed openstack/nova master: TPM: add late check for supported TPM secret security  https://review.opendev.org/c/openstack/nova/+/95697521:14
opendevreviewmelanie witt proposed openstack/nova master: TPM: opt-in to new TPM secret security via resize  https://review.opendev.org/c/openstack/nova/+/96205221:14
opendevreviewmelanie witt proposed openstack/nova master: TPM: add documentation and reno for live migration  https://review.opendev.org/c/openstack/nova/+/96288921:14
opendevreviewmelanie witt proposed openstack/nova master: DNM vtpm tempest  https://review.opendev.org/c/openstack/nova/+/95747721:14
« Thursday, 2025-10-30 Index Saturday, 2025-11-01 »

Generated by irclog2html.py 4.0.0 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!