15:00:43 #startmeeting kolla 15:00:43 Meeting started Wed Aug 28 15:00:43 2019 UTC and is due to finish in 60 minutes. The chair is mgoddard. Information about MeetBot at http://wiki.debian.org/MeetBot. 15:00:44 Useful Commands: #action #agreed #help #info #idea #link #topic #startvote. 15:00:46 #topic rollcall 15:00:47 The meeting name has been set to 'kolla' 15:00:50 \o 15:01:44 o/ 15:01:48 o/ 15:01:56 \o 15:02:03 Lo 15:03:18 dougsz: rectangular arms? 15:03:33 o/ 15:03:34 good posture 15:04:24 bod 15:04:35 biceps? 15:04:51 #topic agenda 15:04:51 https://www.urbandictionary.com/define.php?term=bod 15:04:54 definition 2? 15:04:56 ;o 15:05:01 * Roll-call 15:05:01 * Announcements 15:05:01 ** PTL and TC nominations open for U cycle http://lists.openstack.org/pipermail/openstack-discuss/2019-August/008832.html 15:05:02 * Review action items from last meeting 15:05:02 * Kolla whiteboard https://etherpad.openstack.org/p/KollaWhiteBoard 15:05:04 * Kayobe Stein release status 15:05:06 * Train release planning 15:05:08 * Testing TLS 15:05:09 #topic announcements 15:05:16 #info PTL and TC nominations open for U cycle 15:05:22 #link http://lists.openstack.org/pipermail/openstack-discuss/2019-August/008832.html 15:06:09 I will be running for kolla PTL again, but it is an election so please do feel free to run 15:06:20 Any other announcements? 15:07:38 #topic Review action items from last meeting 15:07:45 There was one item last time 15:07:54 mgoddard to release stable branches 15:07:59 I did not 15:08:03 #action mgoddard to release stable branches 15:08:17 #topic Kolla whiteboard https://etherpad.openstack.org/p/KollaWhiteBoard 15:08:50 How is CI looking? We had an issue with ubuntu earlier 15:09:34 is it gone now? 15:11:12 zuul is being slwo 15:11:56 I'm not sure from looking at builds page, but there are quite a few failures recently 15:12:06 hard to tell if they are just broken patches though 15:12:30 I think we just need to keep an eye out for those jobs 15:13:05 all kolla-ansible-ubuntu-source jobs since 2019-08-28T07:39:52 have failed 15:14:44 #topic Kayobe Stein release status 15:15:13 I think there is just one more patch left that I'd like to land: https://review.opendev.org/676907 15:15:57 Mark Goddard proposed x/kayobe master: Set provisioning and cleaning networks as non-shared https://review.opendev.org/676907 15:16:11 ^ just fixed up a comment, hopefully it can now land 15:16:19 then backport and we're god 15:16:23 *good 15:16:32 any other patches we're missing? 15:17:19 #topic Train release planning 15:17:41 #info About 1 month until kolla feature freeze 15:18:41 so let's try to focus on those priorities that have been started 15:19:21 In priority order: 15:19:26 * Nova cells v2 15:19:43 * support matrix (actually this is above cells) 15:19:55 * support new ansible versions 15:21:05 For support matrix is anybody volunteering to help me fill out the content for kolla? 15:21:15 good question 15:21:20 can it be automated? 15:22:15 * TLS everywhere 15:23:02 I guess we can easily generate the list of images 15:23:19 and maybe using the skip list we can generate lists of N/A? 15:23:29 others might be harder 15:23:40 mgoddard: good idea 15:23:50 then all not unbuildabe are at least C 15:23:55 yeah 15:23:57 and we promote others 15:23:59 as we see fit 15:24:02 +1 15:24:42 I’ll start populating from skip lists 15:24:48 And the rest is easy 15:24:59 yoctozepto: working on k-a part?:) 15:25:55 this seems to work 15:25:58 tools/build.py --list-images -t source -b ubuntu 15:26:14 at least I get different answers for ubuntu & centos 15:26:24 hopefully due to skip list 15:26:49 mnasiadka: nope, sorry 15:27:07 anyway, I'll take an action to mark priority patches with RP+1 15:27:27 #action mgoddard to mark Train priority patches ready for review with RP+1 15:27:55 Anything else for Train? 15:28:22 #topic Testing TLS 15:29:34 In https://review.opendev.org/#/c/664517 there is a new CI test being added with TLS enabled 15:29:38 #link https://review.opendev.org/#/c/664517/8 15:29:59 ping generalfuzz 15:30:19 I was thinking maybe it would be better to enable TLS in one of our existing tests 15:30:44 e.g. kolla-ansible-*-* or kolla-ansible-*-*-ceph 15:31:09 maybe single node would make sense 15:31:34 so TLS for single node jobs, no TLS for multinode 15:31:39 what do people think? 15:33:59 don't care? 15:35:58 just wondering - why not TLS on multi-node? 15:36:11 Isn't that where it would be most useful? 15:36:41 could do. Just thinking it's a longer job already, and TLS might make it even longer* 15:36:43 *untested 15:37:34 fair point 15:38:02 I could be convinced either way 15:38:39 ok, let's move on 15:38:42 #topic open discussion 15:39:45 Does anyone have anything to discuss today? 15:39:58 Quick one on the upgrade process: 15:40:18 We have rolling upgrade, nova_safety_upgrade, legacy upgrade, and possibly fast forward upgrade 15:40:45 Should we simplify it and just support one? 15:41:12 (this is for Nova) 15:41:35 default is rolling upgrade 15:41:58 yeah - that is the one that makes most sense to me, and should quite possibly have nova_safety_upgrade turned on as part of that 15:42:00 I'm not sure what legacy upgrade would be used for now 15:42:33 safety upgrade is a tradeoff 15:42:51 as you say, it could be transformed into the fast upgrade method, but then, do we want so many upgrade paths which we don't test? 15:43:16 it gives you control plane downtime in exchange for no failed requests 15:44:14 I'm not sure about legacy upgrade. It was never quite clear to me why it was kept 15:45:11 fast forward upgrades aren't supported yet, but I do wonder whether we'd use the legacy upgrade code for that 15:45:50 Ondrej Duchon proposed openstack/kolla-ansible master: Corrected notificaions for auditing. https://review.opendev.org/678544 15:45:53 however, given we don't support FFU now and have no one working on it it's not much of an argument 15:46:45 I'd like to keep the safety upgrade default, it's more in the spirit of a rolling upgrade 15:46:45 yeah, was wondering if we actually *want* to support FFU. I like the idea of one upgrade path for Nova, which is the one we test. 15:47:11 FFU is useful if you're stuck on an old release 15:47:22 as in safety upgrade off? 15:47:27 yes 15:48:05 it's not really unsafe without it, you just might get some API request failures if they use new features 15:48:37 but if you turn your API off then you can't service any requests, which is kind of like a failure 15:49:20 I guess I'm up for removing the legacy upgrade path in kolla-ansible 15:49:37 ok, thanks, that would be one path gone at least 15:50:49 any other topics? 15:51:00 sorry - just joined 15:51:24 hi generalfuzz 15:51:44 we 'discussed' the TLS job but didn't really get any comments 15:51:45 regarding TLS - We can re-org the test suite whatever way makes most sense 15:52:39 sure. I think just getting something to pass would be a good first step 15:52:51 yes, and we are a bit off from that still 15:53:49 my comment about using upstream ansible modules, I don't think we'll get to that this cycle so I'd suggest fixing the ones we have. They're bundled in the kolla_toolbox image in the kolla repo 15:55:00 anything else on TLS? 15:55:08 I am running into issues enabling TLS internally, and believe that the "validate_certs: "{{ kolla_verify_tls | bool}}" isn't fully propegated to openstack python libraries 15:55:37 yes, I think that's the issue 15:56:28 you could compare the modules in kolla_toolbox with those in upstream ansible. I think they now use openstacksdk directly rather than shade 15:57:25 ok, let's leave it there 15:57:28 #endmeeting