#openstack-kolla log

15:00:10 <mgoddard> #startmeeting kolla
15:00:11 <openstack> Meeting started Wed Aug 12 15:00:10 2020 UTC and is due to finish in 60 minutes.  The chair is mgoddard. Information about MeetBot at http://wiki.debian.org/MeetBot.
15:00:12 <openstack> Useful Commands: #action #agreed #help #info #idea #link #topic #startvote.
15:00:14 <openstack> The meeting name has been set to 'kolla'
15:00:17 <mgoddard> #topic rollcall
15:00:20 <mgoddard> o/
15:01:01 <jovial[m]> hi everybody
15:01:09 <yoctozepto> o/
15:01:13 <yoctozepto> hi jovial[m]
15:01:15 <hrw> \o
15:03:25 <mgoddard> #topic agenda
15:03:34 <mgoddard> * Roll-call
15:03:35 <priteau> o/
15:03:36 <mgoddard> * Announcements
15:03:38 <mgoddard> ** Kolla klub tomorrow
15:03:40 <mgoddard> * Review action items from last meeting
15:03:42 <mgoddard> * CI status
15:03:44 <mgoddard> * Victoria release planning (kayobe)
15:03:46 <mgoddard> * Victoria release planning (kolla & kolla ansible)
15:03:48 <mgoddard> * Kolla klub and kall
15:03:50 <mgoddard> #topic announcements
15:04:23 <bbezak> o/
15:04:35 <mgoddard> #info Taking a break from Kolla Klub meetings for a while. The next meeting will be 10th September
15:04:42 <mgoddard> Any others?
15:05:41 <hrw> nope
15:05:57 <mgoddard> #info PTL away next week Tuesday - Thursday
15:06:16 <mgoddard> Looking for someone to chair the meeting, and kolla kall
15:06:57 <yoctozepto> \o/
15:07:04 <yoctozepto> two hands
15:07:09 <mgoddard> thanks yoctozepto
15:07:22 <mgoddard> #topic Review action items from last meeting
15:07:43 <mgoddard> mnasiadka to look into kolla stein ironic-conductor failure
15:07:45 <mgoddard> mgoddard to message openstack-discuss about focal & victoria upgrade
15:08:26 <mgoddard> I didn't see anything from mnasiadka about it
15:08:42 <mgoddard> I started an email but didn't hit send....
15:08:50 <mgoddard> #action mgoddard to message openstack-discuss about focal & victoria upgrade
15:08:54 <mgoddard> #topic CI status
15:09:13 <mgoddard> We had a few issues recently
15:09:19 <mgoddard> Ansible breaking changes
15:09:38 <mgoddard> Looks like the whiteboard needs updating
15:09:41 <yoctozepto> handled for ci
15:09:48 <mgoddard> yoctozepto: I think master and ussuri are fixed?
15:09:56 <yoctozepto> yes, these
15:10:02 <yoctozepto> the rest are red
15:10:12 <yoctozepto> the wb is up-to-dat
15:10:16 <yoctozepto> e
15:10:46 <yoctozepto> haha, true that
15:12:25 <mgoddard> I think that bifrost on train issue is still present
15:13:44 <mgoddard> any other CI issues we should discuss?
15:13:51 <yoctozepto> yeah, i haven't looked into it, left ironic to ironic experts :-)
15:14:02 <yoctozepto> nah, etcd3gw being handled right now
15:14:19 <yoctozepto> we could discuss the non-ci approach to new ansible behaviour
15:14:36 <yoctozepto> but I guess they will be reverting it for now, so only need for future versions
15:15:01 <yoctozepto> ansible-lint might start alerting soon
15:16:33 <mgoddard> #topic Victoria release planning (kayobe)
15:16:49 <mgoddard> priteau jovial[m] dougsz
15:17:07 <priteau> o/
15:17:13 <mgoddard> anything happening in kayobe land?
15:17:31 <priteau> Not much at the moment :(
15:17:44 <jovial[m]> sorry, been on holiday, so no updates from me
15:17:52 <mgoddard> ok
15:18:17 <mgoddard> #topic Victoria release planning (kolla & kolla ansbile)
15:18:37 <mgoddard> nice to see focal merge
15:18:44 <yoctozepto> ++
15:18:46 <mgoddard> is there more we need to do there?
15:18:54 <yoctozepto> I turned to optimisations and refactoring
15:19:06 <yoctozepto> I guess clean up after the workaround
15:19:10 <yoctozepto> but it's included
15:19:16 <yoctozepto> otherwise focal seems focally working
15:19:18 <hrw> infra images are boring
15:19:32 <hrw> I rebased them and iirc they even passed zuul
15:20:03 <hrw> have to sit one day and take a look what needs to be done
15:20:09 <mgoddard> that's good, we should aim to focus on those soon
15:20:56 <hrw> as I am losing track
15:22:13 <mgoddard> Any other things to discuss?
15:22:26 <mgoddard> we should try to look at wuchunyang's octavia patch too
15:22:49 <hrw> and recheck victoria 'priorities'
15:23:05 <hrw> which ones will go and which postpone
15:23:51 <wuchunyang> now ,  neutron plugin linuxbridge has some problem with multi nodes
15:23:58 <mgoddard> I am operating at 1/2 speed. It is 33C here
15:24:44 <yoctozepto> mgoddard: similar issues here :-(
15:24:45 <wuchunyang> is anyone good at  neutron ?
15:25:19 <yoctozepto> wuchunyang: I guess me and mnasiadka
15:25:49 <wuchunyang> i will message you after meeting.
15:25:55 <yoctozepto> I just never really touched octavia
15:26:11 <yoctozepto> I will be out but yeah, give me a ping about it
15:26:15 <mgoddard> I haven't really used linuxbridge
15:26:33 <wuchunyang> yes ,i have not use linuxbridge.. but we support it
15:26:41 <yoctozepto> we do
15:26:51 <wuchunyang> ovs  tests well ..
15:27:05 <wuchunyang> i  works  with multi nodes .
15:28:49 <wuchunyang> mgoddard  what about we don't support linxubridge neutron plugin agent  when network type is tenant ?
15:29:06 <mgoddard> wuchunyang: that would be fine for me
15:29:42 <mgoddard> we can document it, if someone wants to improve, they can
15:30:13 <wuchunyang> ok,  i will remove the linuxbridge network code .i someone needed ,  use provider network instead..
15:30:21 <mgoddard> has anyone looked at the lets encrypt patches yet?
15:30:29 <headphoneJames> started to
15:31:01 <yoctozepto> wuchunyang: and what about ovn?
15:31:42 <dougsz> sorry - working on a deployment atm
15:31:49 <wuchunyang> now i only work on  openvswitch. ..
15:33:28 <yoctozepto> ok
15:33:35 <wuchunyang> # Valid options are [ openvswitch, linuxbridge, vmware_nsxv, vmware_nsxv3, vmware_dvs ]
15:33:36 <wuchunyang> # if vmware_nsxv3 is selected, enable_openvswitch MUST be set to "no" (default is yes)
15:33:36 <wuchunyang> neutron_plugin_agent: "linuxbridge"
15:33:50 <wuchunyang> do we support ovn ?
15:35:17 <mgoddard> Looks like globals.yml needs updating
15:35:36 <wuchunyang> add ovn to Valid options ?
15:35:48 <mgoddard> yes
15:36:07 <wuchunyang> ok, i add it now ..
15:36:47 <mgoddard> thanks
15:37:08 <mgoddard> Any other Victoria features to discuss?
15:37:37 <headphoneJames> I will look more into letsencrypt this week
15:38:11 <headphoneJames> we will likely need a new command to generate certs from letsencrypt
15:38:23 <mgoddard> headphoneJames: a new command?
15:39:13 <headphoneJames> the command needs to first deploy containers (including web server to respond to certbot), then execute certbot
15:39:28 <headphoneJames> assuming this happens prior to openstack deploy
15:39:56 <mgoddard> is this not something we can just integrate into the existing flow?
15:40:04 <mgoddard> I might be missing something
15:40:14 <headphoneJames> or I might be :)
15:40:40 <headphoneJames> the "certificates" command does not execute any deployment
15:41:03 <mgoddard> I thought that you could just deploy certbot and have it request and rotate certs in the background?
15:41:19 <mgoddard> or perhaps under cron
15:41:23 <mgoddard> haven't used it directly
15:41:29 <headphoneJames> I believe there needs to be a webserver component as well
15:41:37 <mgoddard> yes
15:41:43 <mgoddard> for the challenge
15:41:49 <hrw> certbot can listen on it's own for challenge
15:41:52 <headphoneJames> that letsencrypt uses to validate the challenge
15:42:21 <headphoneJames> hrw: ok, I'll look into that
15:42:38 <mgoddard> we should probably read the patch and then discuss
15:42:58 <headphoneJames> however, certbot needs to run on the server that the domain name is pointing to
15:43:08 <headphoneJames> that still required a container running certbot
15:43:34 <mgoddard> right, I think it needs to run wherever haproxy runs?
15:43:46 <headphoneJames> yes
15:43:59 <mgoddard> and we would have a haproxy rule to forward a certain path to certbot
15:44:56 <headphoneJames> so, how would this integrate into our "certificates" role, which is execute before deployment?
15:44:56 <mgoddard> I'm sure we aren't the first people to try this. We should look for other examples of good practise
15:45:39 <mgoddard> does this need to integrate with the certificates role?
15:45:59 <headphoneJames> no, but thats what the patch indicates
15:46:04 <mgoddard> ok
15:46:31 <mgoddard> let's move on as I don't know what I'm talking about
15:46:39 <mgoddard> Any other V topics?
15:48:51 <mgoddard> #topic Open discussion
15:49:08 <headphoneJames> https://review.opendev.org/#/c/745214/
15:49:08 <patchbot> patch 745214 - kolla-ansible - Add Keep Alive Timeout for httpd - 2 patch sets
15:49:31 <headphoneJames> anything left to do in this patch?
15:49:57 <mgoddard> headphoneJames: it has my +2...
15:51:03 * hrw off
15:52:05 <mgoddard> ok, let's end it there
15:52:07 <mgoddard> thanks everyone
15:52:09 <mgoddard> #endmeeting