#openstack-meeting-4 log

15:00:24 <egonzalez> #startmeeting kolla
15:00:24 <openstack> Meeting started Wed Feb  6 15:00:24 2019 UTC and is due to finish in 60 minutes.  The chair is egonzalez. Information about MeetBot at http://wiki.debian.org/MeetBot.
15:00:25 <openstack> Useful Commands: #action #agreed #help #info #idea #link #topic #startvote.
15:00:28 <openstack> The meeting name has been set to 'kolla'
15:00:37 <egonzalez> #topic rollcall
15:02:19 <mandre> o/
15:03:43 <spsurya> o/
15:04:57 <egonzalez> Hi, meeting agenda havent changed in a few weeks, no progress has been made since then
15:05:05 <egonzalez> #topic announcements
15:05:39 <egonzalez> Vote for summit talks is open, be sure to vote your favourite talks
15:05:49 <egonzalez> thats all from me, any other update?
15:07:38 <mandre> hi, is it the right time for general discussion?
15:07:44 <egonzalez> yep
15:07:49 <egonzalez> #topic open discussion
15:08:07 <hrw> hi
15:08:11 <hrw> managed
15:08:20 <mandre> I wanted to chat a little bit about the patch series I've pushed recently
15:08:24 <mandre> https://review.openstack.org/#/q/status:open+project:openstack/kolla+branch:master+topic:restrict-pkg-binary-distro
15:09:38 <egonzalez> sure, what about?
15:09:49 <mandre> we've been a bit lax about what goes inside our "binary" image templates, I wanted to fix it by checking in the gate for forbidden instructions, such as gem install, pip install etc
15:10:38 <mandre> the rational being that binary image should only install software packaged for the distribution
15:10:56 <hrw> if all required items exist in distro in needed versions
15:11:15 <egonzalez> that will make many of our supported services unsupported the next day
15:11:27 <egonzalez> like promethus only will be available for source
15:12:25 <mandre> yeah, right... some of our images labeled as "binary" are really "source" images
15:12:42 <mandre> for example prometheus
15:12:45 <hrw> I like the idea but as Debian/stretch maintainerkindof I know that many things we may lack
15:13:17 <mandre> so I consider that our prometheus "binary" image is a bug
15:13:59 <hrw> or we may reconsider old idea of getting rid of binary/source from image names etc
15:14:08 <egonzalez> whats considered a binary package? only rpms or debs or something doesnt need to be compiled
15:14:35 <mandre> anyway, I've pushed the script to check for what's inside the binary templates, and pushed also a few patch to correct the mistakes I've found along the way
15:14:41 <mandre> please take a look
15:15:00 <hrw> ok, will look
15:15:49 <mandre> egonzalez: I'm including everything that's packaged for the distro, so packaged in deb or rpm
15:16:13 <hrw> mandre: so none of arm64 images are binary
15:16:16 <mandre> everything else don't belong to binary distro IMO
15:16:20 <hrw> we build dumb-init
15:16:55 <mandre> hrw: dumb-init was the only thing I wasn't able to get rid of :)
15:16:59 <hrw> not that I care much about binary images
15:17:10 <hrw> mandre: grab package from Debian, extract, use dumb-init binary
15:17:28 <hrw> mandre: I saw that idea somewhere in ohter container project
15:18:06 <mandre> hrw: there's a package for rhel actually, we should be able to have it in centos without too much difficulty
15:18:09 <hrw> but then it is no longer 1.1.3
15:18:19 <hrw> or whichever ancient we use
15:18:48 <mandre> thanks, that's all for me
15:19:14 <egonzalez> what im more worried about is backwards compatibility
15:19:29 <hrw> mandre: are you close to my burger place? you ended right when I got burger...
15:19:30 <mandre> oh, almost forgot, egonzalez I've seen you posted a comment about depecation cycle
15:19:57 <egonzalez> and current users needed to build both source and binary, in that case if i were an operator i'd just move to source everything
15:20:23 <mandre> I think deprecation doesn't apply here
15:20:41 <egonzalez> mandre yep, probably k8s images can be removed if nobody else are using them (we may need to ask first)
15:20:58 <hrw> mandre: if I deploy debian-binary-prometheus* images now then on upgrade I will not get updates
15:21:14 <mandre> unless someone does the work the package the apps
15:21:42 <mandre> I've added release notes about the image being source only
15:21:46 <hrw> with nowadays ops culture I highly doubt ;(
15:22:59 <mandre> if I deployed debian-binary-prometheus* images and later realized it pulled binaries from github, I would feel cheated
15:23:21 <hrw> can we talk about debian/arm64 CI job?
15:23:26 <hrw> https://review.openstack.org/#/c/557659/ one
15:23:58 <egonzalez> sure
15:24:15 <egonzalez> mandre thanks, anything else on this topic?
15:24:32 <mandre> egonzalez: no, I'm good this time
15:24:41 <hrw> developer who was behind it got moved to other stuff so looks like it may land on my plate
15:25:20 <hrw> I would like to get some opinions can we get that merged or should it get abandoned or sth
15:26:00 <mandre> hrw: how much work is needed to polish the job?
15:26:46 <hrw> mandre: have to dig in it as had other issues to handle
15:27:42 <mandre> more CI is good, let's not abandon the patch if we can get it to work
15:27:50 <hrw> ok, will continue
15:28:07 <mandre> I assume you'll maintain that CI job?
15:28:21 <hrw> unless gema assigns someone else
15:28:23 <egonzalez> seems to work but randomly failing with timeouts of 3h
15:28:36 <hrw> it is in china so maybe networking issues again
15:29:04 <hrw> there are plans to move it to uk to get stability
15:29:13 <egonzalez> hrm, maybe in that case is better not use infra mirrors and have your own in linaro cloud?
15:29:35 <hrw> we will move it to uk and there is normal network access
15:29:44 <hrw> and then we will decide to official or infra mirrors
15:29:50 <hrw> sounds good?
15:29:53 <egonzalez> nice
15:30:06 <egonzalez> lgtm, patch looks ok
15:30:07 <mandre> sounds like a plan
15:30:25 <hrw> thanks
15:30:27 <egonzalez> once is stable the job we may move to regular job from experimental
15:31:08 <hrw> and do like nova has - several CI running separatelly? so will not block other jobs
15:31:55 <egonzalez> yep, is 3rd party and cannot be voting iirc
15:32:03 <hrw> yep
15:32:24 <hrw> thx
15:33:04 <egonzalez> thanks for the work
15:33:08 <hrw> and burger is gone.
15:33:18 <hrw> egonzalez: it simplfies work for us
15:33:41 <hrw> as now I get fail/pass info once per week
15:33:54 <hrw> which now means fail due to pip being pip
15:35:30 <egonzalez> hrw a periodical job may help too, so dont have to check experimental every day to see if still working
15:36:11 <hrw> egonzalez: zuul knows how to do periodic
15:36:18 <hrw> iirc
15:36:46 <mandre> tbh, experimental job doesn't provide much value unless you're creating a new CI job
15:36:53 <egonzalez> yep, but need to add it to the list https://github.com/openstack/kolla/blob/master/.zuul.d/centos.yaml#L19
15:37:11 <mandre> it has to run in the check pipeline non-voting to be a little useful
15:37:11 <hrw> ok
15:37:59 <mgoddard> hi folks, I'm here but in a workshop at the moment
15:38:15 <egonzalez> yep, what we've been doing in k-a is add job which only runs on files changes and run allways as periodical, just to not over use infra resources
15:39:28 <hrw> that's all from me
15:39:49 <egonzalez> cool, thanks hrw
15:39:59 <egonzalez> any other topic to discuss today?
15:41:20 <mgoddard> any core team changes planned?
15:41:55 <egonzalez> i'm thinking on one, if have some suggestions?
15:42:03 <hrw> mgoddard: want to promote someone?
15:42:53 <mgoddard> I mentioned someone to egonzalez a while ago, I think they have been more involved since
15:43:20 <egonzalez> yep, i need to talk with him, been busy with $job recently
15:43:39 <mgoddard> $life :(
15:43:53 <hrw> spaking of life...
15:43:59 * hrw moves to next place
15:44:06 <hrw> thanks for discussion guys
15:44:08 <mgoddard> +1
15:45:26 <mandre> egonzalez: this makes me think, we need to update kolla-coresec group
15:45:59 <mandre> lots of people no longer in the core team in it
15:46:12 <egonzalez> kolla-coresec group?
15:46:18 <egonzalez> i'm not even in that group
15:46:24 <mgoddard> there was a clean up a while ago. Were those people removed?
15:46:57 <egonzalez> kolla-core was cleaned yes
15:47:01 <mgoddard> maybe mandre meant kolla-core?
15:47:05 <egonzalez> people in there still involved
15:47:20 <mandre> mgoddard: https://launchpad.net/~kolla-coresec/+members
15:47:31 <mgoddard> TIL
15:47:33 <mandre> the people who get notified about CVE and
15:47:50 <mgoddard> should probably have PTL in there :)
15:48:07 <mgoddard> 3 ex-PTLs
15:48:08 <mandre> yep would be a good idea :)
15:48:21 <egonzalez> will need to ask steven about that
15:48:26 <mgoddard> mandre: do you have the ability to update that group?
15:48:35 <mgoddard> or egonzalez?
15:48:40 <egonzalez> no idea of the existence of the group
15:48:46 <egonzalez> sdake is the admin
15:49:02 <sdake> hi
15:49:04 <mandre> I can't edit the group
15:49:08 <sdake> which group
15:49:29 <mgoddard> kolla-coresec
15:49:31 <egonzalez> sdake  https://launchpad.net/~kolla-coresec/+members
15:49:36 <mandre> hey sdake, could you add egonzalez as admin on https://launchpad.net/~kolla-coresec/ ?
15:50:04 <sdake> wahtis your launchpad id egonzalez
15:50:25 <egonzalez> sdake egonzalez90
15:52:11 <mandre> alright, need to go, thx guys
15:52:20 <egonzalez> anyway, this expands outside the meeting discussion
15:52:25 <sdake> fixed - anjoy
15:52:26 <sdake> sorry
15:52:28 <egonzalez> mandre thanks for comming
15:52:32 <egonzalez> sdake thanks
15:52:33 <sdake> I thought this was the channel, not the meeting :)
15:53:16 <egonzalez> sdake no problem
15:53:23 <egonzalez> any other thing to talk today?
15:57:35 <egonzalez> lets end the meeting
15:57:41 <egonzalez> thanks for comming today
15:57:44 <egonzalez> #endmeeting