15:00:06 #startmeeting kolla 15:00:06 Meeting started Wed Apr 29 15:00:06 2020 UTC and is due to finish in 60 minutes. The chair is hrw. Information about MeetBot at http://wiki.debian.org/MeetBot. 15:00:07 Useful Commands: #action #agreed #help #info #idea #link #topic #startvote. 15:00:09 The meeting name has been set to 'kolla' 15:00:09 #chair mgoddard 15:00:16 #topic rollcall 15:00:17 Current chairs: hrw mgoddard 15:00:32 ~o~ 15:00:42 o/ 15:01:15 we know mnasiadka is out 15:01:23 yoctozepto: ? 15:01:32 mgoddard was planning to be at meeting 15:02:13 o/ 15:03:02 #topic agenda 15:03:08 * Roll-call 15:03:08 * Announcements 15:03:08 * Review action items from last meeting 15:03:08 * CI status 15:03:08 * Kolla Klub https://etherpad.openstack.org/p/kolla-sig 15:03:10 * Ussuri release planning (kayobe) 15:03:13 * Ussuri release planning (kolla & kolla ansible) 15:03:16 #topic Announcements 15:03:20 anyone? 15:03:53 nope 15:04:01 nope 15:04:02 o/ 15:04:04 #topic Review action items from last meeting 15:04:08 * hrw hrw mark rabbitmq and kolla-toolbox unbuildable for c8/aarch64 (mgoddard, 15:15:02) 15:04:11 done 15:04:15 also disabled fluentd 15:04:18 o/ 15:04:32 * hrw mgoddard to sign up for PTG slots (mgoddard, 15:11:54) 15:04:39 mgoddard: done? 15:04:41 done 15:04:52 #topic CI status 15:05:05 rocky needs patch to land 15:05:23 what causes exceptions? 15:05:46 Zuul issues, they should be fixed 15:06:00 ntplib upstream removed all wheels from pypi but it was done so now https://review.opendev.org/724117 passed zuul 15:06:00 patch 724117 - kolla (stable/rocky) - Fix multiple issues - 2 patch sets 15:06:03 vote please 15:06:03 "NOTICE: Zuul had to be restarted, all changes submitted or approved between 14:00 UTC to 14:30 need to be rechecked, we queued already those running at 14:00" 15:06:16 ah ok 15:06:26 priteau: and that's at least second time in last two days 15:06:48 mgoddard: can you continue chairing? I hurted my left hand today and typing suxx 15:07:08 :) was enjoying the passenger seat 15:07:15 thanks for kicking off hrw 15:07:18 get well soon hrw 15:07:28 get well 15:07:38 +1 15:07:40 https://review.opendev.org/#/c/723354/ is supposed to fix aarch64 CI. but mirror issues needs checking first 15:07:40 patch 723354 - kolla - CI: Fix Debian aarch64 jobs - 8 patch sets 15:08:35 #topic Kolla Klub https://etherpad.openstack.org/p/kolla-sig 15:09:01 #link https://docs.google.com/document/d/1EwQs2GXF-EvJZamEx9vQAOSDB5tCjsDCJyHQN5_4_Sw/edit#heading=h.u784zrqsv2k1 15:09:22 Meeting recording: 15:09:23 I vote to move it to last entry in agenda for next meetings. to make sure that release stuff is discussed ;D 15:09:24 #link https://drive.google.com/open?id=1TLabWeOK65nTrZ278qN4fWLt0Az_zUFT 15:09:31 sure 15:09:43 we probably don't need to discuss it every time 15:10:19 we have two case studies for the next meeting, from Fl1nt and suxx 15:10:37 If you have ideas for meeting topics, please add them to the docs 15:10:53 #topic Ussuri release planning (kayobe) 15:11:15 priteau, jovial[m] 15:11:29 Feature freeze this week 15:11:33 o/ 15:11:45 when is the cut off? 15:12:02 end of the week 15:12:10 https://review.opendev.org/#/q/project:openstack/kayobe+status:open+branch:master 15:12:33 lots of patches merged recently, thanks for review efforts 15:13:18 jovial[m]: encryption patch needs a rev 15:13:42 ok, I'll rebase that one shortly 15:13:44 jovial[m]: are you going to work on https://review.opendev.org/711504 ? 15:13:44 patch 711504 - kayobe - Add a method to prevent an ip being set on an inte... - 1 patch set 15:14:05 did you work out if it was useful? :) 15:15:33 jovial[m1: 15:16:03 mgoddard: It did seem to be necessary 15:16:38 seems a bit weird to me. Probably need to discuss in the review 15:17:21 mgoddard: OK, sounds good. Thos 0.0.0.0 IPs can be problematic. 15:17:31 still a few patches left to merge, let's keep going 15:17:47 I've seen issues when restarting the network with duplicate IPs being detected 15:17:52 Are there any feature patches that have not been proposed yet? 15:18:01 I'll try to review a few more by end of week. I don't think I own any patch that I would like to ship. 15:18:10 custom extension points 15:18:19 think you'll get it in? 15:18:55 https://storyboard.openstack.org/#!/story/2001663 15:19:05 It might be a complex one to review… 15:19:05 might have something by the end of the week 15:19:20 mgoddard: Do you accept FFEs? 15:19:21 does it have to be in a finsihed state by friday? 15:19:33 priteau: FFEs? 15:19:34 FFE sounds expensive 15:19:38 £££ 15:19:51 jovial[m1: Feature Freeze Exceptions 15:19:57 thanks 15:20:24 if it looks like it won't take too much extra time we can usually make an exception 15:20:55 if you have a design you want to discuss, that might cut out some iteration 15:21:54 ok, let's move on 15:22:04 #topic Ussuri release planning (kolla & kolla ansible) 15:22:06 o yes 15:22:19 Debian/binary for x86 is close 15:22:20 let's rock 15:22:40 I have a couple patches of relevance 15:22:44 we wait for vitrage-dashboard and then I post updated patch and we are free to go 15:22:58 C8/binary will be next to follow 15:23:16 I moved most of my patches to Vicky 15:23:47 backend tls for heat - https://review.opendev.org/#/c/722028/ and https://review.opendev.org/#/c/722355/ 15:23:48 patch 722028 - kolla - Modify Heat container to execute httpd setup - 3 patch sets 15:23:49 patch 722355 - kolla-ansible - Add support for encrypting heat api - 3 patch sets 15:25:39 kolla-ansible is approved. I just +2'd the kolla patch 15:25:51 Since we there is no native tls terminiation support in glance, I have one which creates a proxy tls termination using an additional HAProxy container for glance - https://review.opendev.org/#/c/723051/ 15:25:52 patch 723051 - kolla-ansible - Add support for encrypting Glance api - 5 patch sets 15:26:16 FFE for zun-cni 15:26:34 promised and almost there 15:27:16 we could also leverage the role that creates the tls proxy to have a initial solution for end-to-end encryption for all apis. We could then backfill them with native tls if the service supports it 15:27:21 headphoneJames: would be good to get glance in, but seems it might need a bit of work still 15:27:47 yes - almost there, needs some work 15:28:33 there are various services that already use apache. We may as well use that approach for those 15:29:02 it would probably be a reasonable amount of work to get this haproxy solution across all APIs 15:29:18 and feature freeze is this week 15:29:46 one its in for glance, it would be trivial to add to any other service 15:30:32 I was hoping we'd make a reusable role for apache config, which we could have done the same with 15:31:00 so far, it seems there needs to a kolla and kolla+ansible change for most services 15:31:16 for kolla we discussed putting it in the base image 15:31:32 there is still a change to run the script, but it's tiny 15:31:33 apache? 15:31:40 httpd 15:31:54 so we need non-infra-base image with it? 15:32:04 or put it into openstack-base 15:32:11 openstack-base 15:32:32 I'm reluctant to change the plan at this stage 15:32:41 anyone else have thoughts? 15:33:29 U or V feature? 15:33:35 U 15:35:24 yoctozepto: you asked about FFE for zun 15:35:47 the patch seems quite close, can't it be updated this week? 15:36:29 mgoddard: i'll try but please consider also ffe if not 15:36:40 ok 15:38:41 I think the main things were just the timezone volume and a when: inventory_hostname in groups['zun-cni-daemon'] condition 15:39:54 Do we have other things we want to merge in the next few days? 15:40:07 mgoddard: should I remove the haproxy tlsproxy role from the glance change and keep the changes integrated to the glance role? 15:40:31 mgoddard: I would like to at least get glance in 15:41:09 headphoneJames: I don't mind too much. It seemed ok in the glance role but if there is a possibility we will need it elsewhere then I suppose it makes sense to split 15:41:36 mgoddard: fix-wise this wip would be good https://review.opendev.org/723342 15:41:36 patch 723342 - kolla-ansible - [WIP] Coordinate haproxy and keepalived restarts - 4 patch sets 15:42:16 still analyzing but seems to improve what happens on upgrade or reconfig 15:44:04 headphoneJames: in terms of core services that already use httpd, there is horizon, and placement. We also added httpd to the nova image, but it's not yet used by k-a 15:44:40 ok - I will target horizon and placement next. Then nova 15:44:47 yoctozepto: yeah, seems worthwhile. Less pressure on fixes though 15:45:16 headphoneJames: I think that would be an easy-ish win 15:45:51 #link 15:45:53 https://review.opendev.org/#/dashboard/?foreach=project%3Aopenstack%2Fkolla+status%3Aopen+NOT+label%3AWorkflow%3C%3D%2D1+NOT+label%3ACode%2DReview%3C%3D%2D2&title=Kolla+Review+Dashboard&My+Patches+Requiring+Attention=owner%3Aself+%28label%3AVerified%2D1%2Czuul+OR+label%3ACode%2DReview%2D1+OR+label%3AWorkflow%3C%3D%2D1%29&High+priority+changes=label%3AReview%2DPriority%3D2&Priority+changes=label%3ARev 15:45:55 iew%2DPriority%3D1&Feature+freeze=label%3AReview%2DPriority%3D%2D1&Stable+branch+backports=branch%3A%5Estable%2F.%2A+status%3Aopen+NOT+label%3AReview%2DPriority%3D%2D1&Needs+Reverify=label%3AWorkflow%3E%3D1+NOT+label%3AWorkflow%3C%3D%2D1+label%3AVerified%3C%3D%2D1%2Czuul+NOT+label%3AReview%2DPriority%3D%2D1&Needs+Final+Approval+%28to+land+on+master%29=NOT+label%3AWorkflow%3E%3D1+NOT+label%3AWorkflow% 15:45:57 3C%3D%2D1+NOT+owner%3Aself+label%3ACode%2DReview%3E%3D2+label%3AVerified%3E%3D1%2Czuul+branch%3Amaster+NOT+label%3AReview%2DPriority%3D%2D1&Newer+%28%3C1wk%29+Open+Patches+%28limit+100%29=%2Dage%3A1week+limit%3A100+branch%3Amaster+NOT+label%3AWorkflow%3E%3D1+label%3AVerified%3E%3D1%2Czuul+NOT+label%3ACode%2DReview%3E%3D2+NOT+label%3AReview%2DPriority%3D%2D1&Older+%28%3E1wk%29+Open+Patches+Passing+Zuu 15:45:59 l+Tests+%28limit+100%29=age%3A1week+limit%3A50+NOT+label%3AWorkflow%3E%3D1+NOT+label%3ACode%2DReview%3C%3D%2D1+NOT+label%3ACode%2DReview%3E%3D1+age%3A1week+NOT+label%3AVerified%3E%3D1%2Czuul+NOT+label%3AReview%2DPriority%3D%2D1 15:46:01 ouch 15:46:03 #undo 15:46:04 Removing item from minutes: #link https://review.opendev.org/#/dashboard/?foreach=project%3Aopenstack%2Fkolla+status%3Aopen+NOT+label%3AWorkflow%3C%3D%2D1+NOT+label%3ACode%2DReview%3C%3D%2D2&title=Kolla+Review+Dashboard&My+Patches+Requiring+Attention=owner%3Aself+%28label%3AVerified%2D1%2Czuul+OR+label%3ACode%2DReview%2D1+OR+label%3AWorkflow%3C%3D%2D1%29&High+priority+changes=label%3AReview%2DPriority%3D2&Priority+changes=label%3ARev 15:46:11 #link https://tiny.cc/kolla-dashboard 15:46:19 #link https://tiny.cc/kolla-ansible-dashboard 15:49:13 would be good to get this one merged: https://review.opendev.org/#/c/710213/ 15:49:13 patch 710213 - kolla-ansible - Custom haproxy script for monitoring galera - 40 patch sets 15:50:27 ++ 15:51:20 and this 15:51:22 https://review.opendev.org/#/c/723021/ 15:51:22 patch 723021 - kolla-ansible - Check that used Ansible can see Kolla Ansible - 6 patch sets 15:52:10 maybe come to an agreement about https://review.opendev.org/#/c/723374/ 15:52:11 patch 723374 - kolla-ansible - Reduce Rabbit busy waiting, lowering CPU load - 2 patch sets 15:52:45 #topic Open discussion 15:52:56 Who has some discussion? 15:54:10 I have updated the sheet for survey tools 15:54:36 I got the answer from user committee, the tool they use is a custom tool named silverstripe 15:54:49 they advised us surveymonkey :] 15:55:51 thanks osmanlicilegi 15:56:05 yw 15:56:41 we can pick up survey work when the release process calms down 15:56:50 +1 15:57:53 Let's leave it there then 15:57:55 Thanks all 15:57:57 #endmeeting