#openstack-meeting-alt log

14:03:36 <jbernard> #startmeeting cinder
14:03:36 <opendevmeet> Meeting started Wed Aug 21 14:03:36 2024 UTC and is due to finish in 60 minutes.  The chair is jbernard. Information about MeetBot at http://wiki.debian.org/MeetBot.
14:03:36 <opendevmeet> Useful Commands: #action #agreed #help #info #idea #link #topic #startvote.
14:03:36 <opendevmeet> The meeting name has been set to 'cinder'
14:03:40 <jbernard> #topic roll call
14:03:43 <whoami-rajat> hi
14:03:45 <simondodsley> o/
14:03:45 <Luzi> o/
14:03:46 <jbernard> o/ hello everyeone
14:03:47 <rosmaita> o/
14:03:50 <akawai> o/
14:03:51 <eharney> hi
14:03:53 <msaravan> Hi
14:04:04 <mhen> o/
14:04:04 <jbernard> #link https://etherpad.opendev.org/p/cinder-dalmatian-meetings
14:04:24 <jbernard> #link https://releases.openstack.org/dalmatian/schedule.html
14:04:32 <yuval> 0/
14:05:58 <yuval> whats the meaning: "roll call"
14:06:29 <Sai> o/
14:06:30 <whoami-rajat> i think it means attendance
14:08:33 <jbernard> yuval: yes, just who's here
14:08:35 <rosmaita> yes, traditionally the names of members of an organization are kept on a "roll", and the "roll call" is just asking each member to identify as present
14:09:05 <simondodsley> ah - the good old days
14:09:30 <jbernard> alright, welcome everyone
14:09:41 <jbernard> thanks for filling out the adgenda
14:09:50 <jbernard> before we get started,
14:10:18 <jbernard> the cycle is winding down, and reviews are one of my highest priority right now
14:10:18 <yuval> the roll is virtual
14:10:25 <yuval> is it powered by nova?
14:10:40 <jbernard> im aware of the dell powerstore and lightbits review series
14:10:42 <rosmaita> probably!!!  :D
14:11:06 <jbernard> there are a few others, i just wanted to say that I/We are aware and working on it :)
14:11:31 <yuval> Thank you jbernard more mentioning - yes we do need your review - I am available for anyone that need my review
14:12:24 <jbernard> simondodsley: your summary for the dell powerstore series (specifically the NVMe work) will be helpful, I'll ask about that in a bit
14:12:31 <jbernard> ok
14:12:33 <whoami-rajat> I haven't been active in reviews recently but can help if we have a list of priority items somewhere
14:12:58 <yuval> I will also review nvme related
14:13:12 <jbernard> whoami-rajat: ill make one, the requests in today's adgena are a starting point
14:13:24 <jbernard> whoami-rajat: thanks
14:13:30 <whoami-rajat> okay, will take a look, thanks
14:13:36 <jbernard> #topic dalmatian os-brick release
14:13:57 <jbernard> im not sure who added this, rosmaita maybe?
14:14:07 <rosmaita> yeah, forgot to put my nick
14:14:25 <jbernard> tl;dr we need a few patches merged asap for the upcoming brick release
14:15:19 <rosmaita> basically, release is supposed to happen tomorrow
14:15:36 <rosmaita> though we can sometimes stretch it by a day
14:15:37 <jbernard> yes, libraries is tomorrow, clients are next week I believe
14:16:38 <rosmaita> basically, what we need to do is have people commit to reviews right now if we are going to get them into the release
14:17:59 <jbernard> rosmaita: does updating requirements fix anything, or is it just something we do before a release?
14:18:12 <jbernard> rosmaita: wondering if/how to prioritize
14:18:57 <rosmaita> hard to say ... what happens is that we are testing in the gate with whatever upper constraints are set to, which may be quite different from what's in requirements.txt
14:19:30 <eharney> i think we only have one open brick requirements change?
14:19:33 <rosmaita> it's probably not a big deal unless we are relying on a feature of a req that's not present in the minimum
14:22:07 <rosmaita> so jbernard, basically up to you
14:23:20 <jbernard> ok, if we can get the patches that need landing reviewed, then I'm happy to submit a patch for requirements
14:23:46 <jbernard> we can circle back post-lunch and see where we're at
14:24:13 <jbernard> how does that sound?
14:24:51 <rosmaita> so how do people feel about the image encryption password handling patch: https://review.opendev.org/c/openstack/os-brick/+/926293
14:25:04 <rosmaita> i am willing to look at that right after this meeting
14:26:10 <jbernard> i can too
14:26:16 <rosmaita> ok, cool
14:26:55 <mhen> nice :)
14:26:58 <rosmaita> the other one i identified is a small change in a privsep function, but will require a careful look:
14:27:05 <rosmaita> https://review.opendev.org/c/openstack/os-brick/+/922298
14:27:16 <rosmaita> but we could always hold off and backport it as a bugfix
14:27:47 <rosmaita> i didn't see anything else that looks key to the release
14:27:58 <rosmaita> so if anyone has a favorite os-brick patch, speak up now!
14:28:39 <whoami-rajat> I'm taking a look at that change
14:29:08 <Nilesh_Thathagar> Hi can we get review this os-brick patch https://review.opendev.org/c/openstack/os-brick/+/916062 ?
14:30:10 <rosmaita> it's isolated to a single connector, so kind of low risk ... i am willing to look at it for the release
14:30:26 <jbernard> me too
14:30:33 <jbernard> i added it to the list
14:30:49 <yuval> me too
14:30:54 <Nilesh_Thathagar> thanks
14:32:30 <rosmaita> ok, so eharney please respond to whoami-rajat's comment on https://review.opendev.org/c/openstack/os-brick/+/916737 and we can get that one moving along
14:32:36 <jbernard> simondodsley: re os-brick patches,
14:32:44 <simondodsley> yes
14:33:02 <jbernard> simondodsley: dell have a couple, i belive you've looked at
14:33:09 <jbernard> let me get the urls, one sec
14:33:18 <jbernard> https://review.opendev.org/c/openstack/cinder/+/907133
14:33:27 <jbernard> and https://review.opendev.org/c/openstack/os-brick/+/923345
14:33:31 <jbernard> i believe
14:33:39 <simondodsley> yes - we discussed this last week on the call. Neither Gorka or I are happy with the lack of FCZM support
14:34:24 <jbernard> simondodsley: ok, i just wanted to make sure that's still the case, I believe the cinder patches rely on the brick patch
14:34:26 <simondodsley> I actually have an NVMe-FC test system up right now and am going to look at the os-brick side of it
14:35:14 <jbernard> i might be wrong about that though, Yian was asking earlier and I want to make sure I make a accurate statement
14:35:31 <simondodsley> yes - its a pre-req
14:35:36 <jbernard> simondodsley: that's good news \o/
14:35:45 <jbernard> simondodsley: ok, thank you!
14:36:44 <jbernard> whoami-rajat: do we have a url naming standard for review priority etherpads?
14:37:45 <jbernard> whoami-rajat: i think getting the list out of the meeting minutes will help folks to focus, certainly myself
14:38:42 <jbernard> #topic review requests
14:38:56 <jbernard> as i mentioned, this is the current priority
14:39:06 <jbernard> ill make an isolated etherpad
14:39:07 <whoami-rajat> jbernard, sorry got distracted with reviews, which milestone are we referring to? I think i created one for os-brick, another for M1/M2 etc
14:39:26 <jbernard> whoami-rajat: im just wondering if we have a convention, before I just make one up :)
14:39:50 <whoami-rajat> oh i don't think we have one, they are temporary and just useful until the milestone
14:40:01 <whoami-rajat> so anything should be good
14:40:42 <jbernard> ok
14:40:45 <jbernard> #link https://etherpad.opendev.org/p/cinder-dalmatian-reviews
14:40:51 <jbernard> ^ that will be it
14:40:59 <jbernard> ill move our adgenda requests there
14:41:11 <jbernard> plus a few others on my dashboard
14:41:35 <yuval> can we add the etherpad to the cinder header?
14:41:45 <yuval> The Block Storage Project | https://wiki.openstack.org/wiki/Cinder | https://tiny.cc/CinderPriorities
14:42:13 <jbernard> yuval: that's a good question, i think a channel operator must do this
14:42:29 <jbernard> yuval: and im am not one of those, to the best of my knowledge
14:42:33 <jbernard> does anyone know?
14:42:57 <rosmaita> i think we will have to ask the openstack-infra team
14:43:22 <yuval> the tiny.cc goes to:
14:43:24 <yuval> foreach=%28project%3Aopenstack%2Fcinder+OR%0Aproject%3Aopenstack%2Fpython-cinderclient+OR%0Aproject%3Aopenstack%2Fpython-brick-cinderclient-ext+OR%0Aproject%3Aopenstack%2Fos-brick+OR%0Aproject%3Aopenstack%2Fcinderlib+OR%0Aproject%3Aopenstack%2Frbd-iscsi-client+OR%0Aopenstack%2Fcinder-tempest-plugin%29+status%3Aopen&title=Cinder+Priorities+Dashboard&High+Priority+Changes=label%3AReview-Priority%3D2&Priority+Changes=labe
14:43:24 <yuval> l%3AReview-Priority%3D1&Blocked+Reviews=label%3AReview-Priority%3D-1
14:43:40 <yuval> https://review.opendev.org/dashboard/?
14:44:01 <simondodsley> If you add the meeting URL to the header it will have to be changed every cycle
14:44:25 <yuval> yes - well if its a big deal leave it
14:45:18 <jbernard> #topic open discussion
14:46:01 <jbernard> reviews aside, any issues or things that need to be raised, please do so
14:48:18 <yuval> I have something to say but not related to current release
14:48:24 <jbernard> shoot
14:48:50 <yuval> in os-brick, file: os-brick/os_brick/privileged/__init__.py
14:48:55 <yuval> have these 2 lines:
14:48:55 <yuval> os-brick
14:48:56 <yuval> os_brick
14:48:56 <yuval> privileged
14:48:56 <yuval> __init__.py
14:49:05 <yuval> if os.environ.get('VIRTUAL_ENV'):
14:49:06 <yuval> capabilities.append(c.CAP_DAC_READ_SEARCH)
14:49:23 <yuval> I am working with kolla and its making my life hell
14:49:52 <simondodsley> lol - kolla can do that
14:50:52 <yuval> I have to change the privsep section in the kolla-ansible files for cinder and nova to add "sudo -E..." and add the "VIRTUAL_ENV" variable
14:50:59 <yuval> to all dockers
14:51:46 <eharney> it seems weird to allow DAC_READ_SEARCH in that context but not others, i wonder why we can't just generalize it
14:52:11 <yuval> adding this capability regardless to the fact that I am using a virtual env or not - is a big risk?
14:52:13 <eharney> we already give SYS_ADMIN so there's probably a good argument for just saying that we need DAC_READ_SEARCH for things to work
14:52:59 <rosmaita> check the blame on that ... i seem to remember it being added specifically for virtual envs, maybe the commit message explains
14:53:24 <yuval> there is acomment above:
14:53:24 <yuval> # On virtual environments libraries are not owned by the Daemon user (root), so
14:53:25 <yuval> # the Daemon needs the capability to bypass file read permission checks in
14:53:25 <yuval> # order to dynamically load the code to run.
14:53:55 <eharney> it was added to let privsep work in a venv
14:54:18 <eharney> the implication there is that production services wouldn't be running in a venv equivalent
14:54:27 <eharney> but if you are running in kolla and it runs the service that way...
14:55:44 <yuval> kolla - running in a docker. but sometimes it will run inside the docker a venv (on dev mode) adding the variable to kolla using kolla-ansible is really not trivial
14:56:38 <yuval> anyway - next release I would be happy to dig in the issue and understand what can be done (maybe the change need to be in the kolla side)
14:57:55 <eharney> rosmaita: whoami-rajat: i left a thought for you to chew on on https://review.opendev.org/c/openstack/os-brick/+/916737  -- probably doesn't taste too good though
14:58:07 <yuval> gorka is still around?
14:59:32 <rosmaita> don't see him around today
14:59:45 <jbernard> yuval: he will repond to email as well, i dont' think he's online right now
14:59:52 <jbernard> that's our time
14:59:59 <jbernard> thank you everyone, happy reviewing! :)
15:00:04 <jbernard> #endmeeting