#openstack-kolla log

15:00:43 <mgoddard> #startmeeting kolla
15:00:43 <openstack> Meeting started Wed Aug 28 15:00:43 2019 UTC and is due to finish in 60 minutes.  The chair is mgoddard. Information about MeetBot at http://wiki.debian.org/MeetBot.
15:00:44 <openstack> Useful Commands: #action #agreed #help #info #idea #link #topic #startvote.
15:00:46 <mgoddard> #topic rollcall
15:00:47 <openstack> The meeting name has been set to 'kolla'
15:00:50 <mgoddard> \o
15:01:44 <yoctozepto> o/
15:01:48 <scottsol> o/
15:01:56 <priteau> \o
15:02:03 <dougsz> Lo
15:03:18 <yoctozepto> dougsz: rectangular arms?
15:03:33 <chason> o/
15:03:34 <dougsz> good posture
15:04:24 <mgoddard> bod
15:04:35 <mgoddard> biceps?
15:04:51 <mgoddard> #topic agenda
15:04:51 <yoctozepto> https://www.urbandictionary.com/define.php?term=bod
15:04:54 <yoctozepto> definition 2?
15:04:56 <yoctozepto> ;o
15:05:01 <mgoddard> * Roll-call
15:05:01 <mgoddard> * Announcements
15:05:01 <mgoddard> ** PTL and TC nominations open for U cycle http://lists.openstack.org/pipermail/openstack-discuss/2019-August/008832.html
15:05:02 <mgoddard> * Review action items from last meeting
15:05:02 <mgoddard> * Kolla whiteboard https://etherpad.openstack.org/p/KollaWhiteBoard
15:05:04 <mgoddard> * Kayobe Stein release status
15:05:06 <mgoddard> * Train release planning
15:05:08 <mgoddard> * Testing TLS
15:05:09 <mgoddard> #topic announcements
15:05:16 <mgoddard> #info PTL and TC nominations open for U cycle
15:05:22 <mgoddard> #link http://lists.openstack.org/pipermail/openstack-discuss/2019-August/008832.html
15:06:09 <mgoddard> I will be running for kolla PTL again, but it is an election so please do feel free to run
15:06:20 <mgoddard> Any other announcements?
15:07:38 <mgoddard> #topic Review action items from last meeting
15:07:45 <mgoddard> There was one item last time
15:07:54 <mgoddard> mgoddard to release stable branches
15:07:59 <mgoddard> I did not
15:08:03 <mgoddard> #action mgoddard to release stable branches
15:08:17 <mgoddard> #topic Kolla whiteboard https://etherpad.openstack.org/p/KollaWhiteBoard
15:08:50 <mgoddard> How is CI looking? We had an issue with ubuntu earlier
15:09:34 <yoctozepto> is it gone now?
15:11:12 <mgoddard> zuul is being slwo
15:11:56 <mgoddard> I'm not sure from looking at builds page, but there are quite a few failures recently
15:12:06 <mgoddard> hard to tell if they are just broken patches though
15:12:30 <mgoddard> I think we just need to keep an eye out for those jobs
15:13:05 <mgoddard> all kolla-ansible-ubuntu-source jobs since  2019-08-28T07:39:52 have failed
15:14:44 <mgoddard> #topic Kayobe Stein release status
15:15:13 <mgoddard> I think there is just one more patch left that I'd like to land: https://review.opendev.org/676907
15:15:57 <openstackgerrit> Mark Goddard proposed x/kayobe master: Set provisioning and cleaning networks as non-shared  https://review.opendev.org/676907
15:16:11 <mgoddard> ^ just fixed up a comment, hopefully it can now land
15:16:19 <mgoddard> then backport and we're god
15:16:23 <mgoddard> *good
15:16:32 <mgoddard> any other patches we're missing?
15:17:19 <mgoddard> #topic Train release planning
15:17:41 <mgoddard> #info About 1 month until kolla feature freeze
15:18:41 <mgoddard> so let's try to focus on those priorities that have been started
15:19:21 <mgoddard> In priority order:
15:19:26 <mgoddard> * Nova cells v2
15:19:43 <mgoddard> * support matrix (actually this is above cells)
15:19:55 <mgoddard> * support new ansible versions
15:21:05 <mnasiadka> For support matrix is anybody volunteering to help me fill out the content for kolla?
15:21:15 <mgoddard> good question
15:21:20 <mgoddard> can it be automated?
15:22:15 <mgoddard> * TLS everywhere
15:23:02 <mgoddard> I guess we can easily generate the list of images
15:23:19 <mgoddard> and maybe using the skip list we can generate lists of N/A?
15:23:29 <mgoddard> others might be harder
15:23:40 <yoctozepto> mgoddard: good idea
15:23:50 <yoctozepto> then all not unbuildabe are at least C
15:23:55 <mgoddard> yeah
15:23:57 <yoctozepto> and we promote others
15:23:59 <yoctozepto> as we see fit
15:24:02 <mgoddard> +1
15:24:42 <mnasiadka> I’ll start populating from skip lists
15:24:48 <mnasiadka> And the rest is easy
15:24:59 <mnasiadka> yoctozepto: working on k-a part?:)
15:25:55 <mgoddard> this seems to work
15:25:58 <mgoddard> tools/build.py --list-images -t source -b ubuntu
15:26:14 <mgoddard> at least I get different answers for ubuntu & centos
15:26:24 <mgoddard> hopefully due to skip list
15:26:49 <yoctozepto> mnasiadka: nope, sorry
15:27:07 <mgoddard> anyway, I'll take an action to mark priority patches with RP+1
15:27:27 <mgoddard> #action mgoddard to mark Train priority patches ready for review with RP+1
15:27:55 <mgoddard> Anything else for Train?
15:28:22 <mgoddard> #topic Testing TLS
15:29:34 <mgoddard> In https://review.opendev.org/#/c/664517 there is a new CI test being added with TLS enabled
15:29:38 <mgoddard> #link https://review.opendev.org/#/c/664517/8
15:29:59 <mgoddard> ping generalfuzz
15:30:19 <mgoddard> I was thinking maybe it would be better to enable TLS in one of our existing tests
15:30:44 <mgoddard> e.g. kolla-ansible-*-* or kolla-ansible-*-*-ceph
15:31:09 <mgoddard> maybe single node would make sense
15:31:34 <mgoddard> so TLS for single node jobs, no TLS for multinode
15:31:39 <mgoddard> what do people think?
15:33:59 <mgoddard> don't care?
15:35:58 <dougsz> just wondering - why not TLS on multi-node?
15:36:11 <dougsz> Isn't that where it would be most useful?
15:36:41 <mgoddard> could do. Just thinking it's a longer job already, and TLS might make it even longer*
15:36:43 <mgoddard> *untested
15:37:34 <dougsz> fair point
15:38:02 <mgoddard> I could be convinced either way
15:38:39 <mgoddard> ok, let's move on
15:38:42 <mgoddard> #topic open discussion
15:39:45 <mgoddard> Does anyone have anything to discuss today?
15:39:58 <dougsz> Quick one on the upgrade process:
15:40:18 <dougsz> We have rolling upgrade, nova_safety_upgrade, legacy upgrade, and possibly fast forward upgrade
15:40:45 <dougsz> Should we simplify it and just support one?
15:41:12 <dougsz> (this is for Nova)
15:41:35 <mgoddard> default is rolling upgrade
15:41:58 <dougsz> yeah - that is the one that makes most sense to me, and should quite possibly have nova_safety_upgrade turned on as part of that
15:42:00 <mgoddard> I'm not sure what legacy upgrade would be used for now
15:42:33 <mgoddard> safety upgrade is a tradeoff
15:42:51 <dougsz> as you say, it could be transformed into the fast upgrade method, but then, do we want so many upgrade paths which we don't test?
15:43:16 <mgoddard> it gives you control plane downtime in exchange for no failed requests
15:44:14 <mgoddard> I'm not sure about legacy upgrade. It was never quite clear to me why it was kept
15:45:11 <mgoddard> fast forward upgrades aren't supported yet, but I do wonder whether we'd use the legacy upgrade code for that
15:45:50 <openstackgerrit> Ondrej Duchon proposed openstack/kolla-ansible master: Corrected notificaions for auditing.  https://review.opendev.org/678544
15:45:53 <mgoddard> however, given we don't support FFU now and have no one working on it it's not much of an argument
15:46:45 <mgoddard> I'd like to keep the safety upgrade default, it's more in the spirit of a rolling upgrade
15:46:45 <dougsz> yeah, was wondering if we actually *want* to support FFU. I like the idea of one upgrade path for Nova, which is the one we test.
15:47:11 <mgoddard> FFU is useful if you're stuck on an old release
15:47:22 <dougsz> as in safety upgrade off?
15:47:27 <mgoddard> yes
15:48:05 <mgoddard> it's not really unsafe without it, you just might get some API request failures if they use new features
15:48:37 <mgoddard> but if you turn your API off then you can't service any requests, which is kind of like a failure
15:49:20 <mgoddard> I guess I'm up for removing the legacy upgrade path in kolla-ansible
15:49:37 <dougsz> ok, thanks, that would be one path gone at least
15:50:49 <mgoddard> any other topics?
15:51:00 <generalfuzz> sorry - just joined
15:51:24 <mgoddard> hi generalfuzz
15:51:44 <mgoddard> we 'discussed' the TLS job but didn't really get any comments
15:51:45 <generalfuzz> regarding TLS - We can re-org the test suite whatever way makes most sense
15:52:39 <mgoddard> sure. I think just getting something to pass would be a good first step
15:52:51 <generalfuzz> yes, and we are a bit off from that still
15:53:49 <mgoddard> my comment about using upstream ansible modules, I don't think we'll get to that this cycle so I'd suggest fixing the ones we have. They're bundled in the kolla_toolbox image in the kolla repo
15:55:00 <mgoddard> anything else on TLS?
15:55:08 <generalfuzz> I am running into issues enabling TLS internally, and  believe that the "validate_certs: "{{ kolla_verify_tls | bool}}" isn't fully propegated to openstack python libraries
15:55:37 <mgoddard> yes, I think that's the issue
15:56:28 <mgoddard> you could compare the modules in kolla_toolbox with those in upstream ansible. I think they now use openstacksdk directly rather than shade
15:57:25 <mgoddard> ok, let's leave it there
15:57:28 <mgoddard> #endmeeting