15:00:44 #startmeeting kolla 15:00:45 Meeting started Wed Oct 7 15:00:44 2020 UTC and is due to finish in 60 minutes. The chair is mgoddard. Information about MeetBot at http://wiki.debian.org/MeetBot. 15:00:46 Useful Commands: #action #agreed #help #info #idea #link #topic #startvote. 15:00:49 The meeting name has been set to 'kolla' 15:00:54 #topic rollcall 15:00:57 \o 15:01:44 o! 15:01:47 o/ 15:03:43 #topic agenda 15:03:51 * Roll-call 15:03:53 * Announcements 15:03:55 ** Kolla now in feature freeze 15:03:57 ** Submit Virtual PTG topic proposals: https://etherpad.opendev.org/p/kolla-wallaby-ptg 15:03:59 * Review action items from the last meeting 15:04:01 * CI status 15:04:03 * Victoria release planning 15:04:05 * Wallaby PTG planning 15:04:07 #topic announcements 15:04:09 #info Kolla now in feature freeze 15:04:44 o/ 15:04:46 Please do not merge feature patches until the freeze has been lifted, or we have granted a Feature Freeze Exception (FFE) 15:05:04 #info Submit Virtual PTG topic proposals 15:05:10 #link https://etherpad.opendev.org/p/kolla-wallaby-ptg 15:05:19 Any other announcements? 15:05:44 TC elections 15:05:51 (shameless plug) 15:06:03 * yoctozepto <- vote for this folk 15:06:12 :-) 15:06:19 +1 15:06:35 #topic Review action items from the last meeting 15:06:44 mgoddard to email openstack-discuss about debian CI issues 15:06:46 mgoddard to switch images to victoria stable branches 15:06:48 yoctozepto to help headphoneJames with neutron backend TLS 15:07:02 * yoctozepto kinda did 15:07:08 I did not need to email about debian CI, because it was fixed. AARCH64 still failing 15:07:17 hrw knows 15:07:37 o/ 15:07:38 late again 15:07:49 I proposed https://review.opendev.org/755339 for victoria branch switch. Failed until recently because requirements hadn't branched 15:07:49 patch 755339 - kolla - Switch to Victoria stable branches - 4 patch sets 15:07:57 this one will hopefully pas 15:08:06 yoctozepto did his 15:08:12 #topic CI status 15:09:05 aarch64 issue was reported to Debian. if nothing change then I will build fixed package and put into Linaro repo 15:10:15 thanks hrw 15:10:25 I tried pushing on the bifrost stein fix 15:10:51 will see where it goes 15:12:09 I think otherwise we are GREEN 15:12:13 anyone disagree? 15:12:36 Kayobe CI is green but in practice there are some issues 15:12:47 on master and ussuri, caused by changes in bifrost 15:12:50 working on it 15:13:30 thanks priteau 15:14:11 #topic Victoria release planning 15:14:23 Feature freeze is here 15:14:40 Whiteboard says: Kolla RC1: Oct 19 - Oct 23 15:14:55 so we stay frozen until at least then 15:15:23 are we merging neutron tls and octavia stacks? 15:15:24 giving us 2 weeks to stabilise, and focus on testing and bug fixes 15:15:30 unclear on what ffe is now 15:15:36 well 15:15:42 that is the next question 15:15:46 are there any FFEs? 15:16:03 1. octavia 15:16:05 I would like to try and get neutron tls in :) 15:16:08 if someone else will reciew 15:16:12 *review 15:16:32 mgoddard: did you get it to pass? 15:16:34 (not checked) 15:16:45 no 15:16:55 chicken and egg problem 15:17:13 can we mark what needs to be reviewed ASAP with priority +1/+2? 15:17:15 br-ex does not exist at the time of fact gathering 15:17:32 mnasiadka: we can, and should 15:17:37 we just need to agree on it 15:17:50 and mark other features with RP-1 15:18:12 I spent three days this week on dancing with mod_auth_mellon and keystone federation, but I should have more time from tomorrow to look at review queue 15:18:13 it would be nice to see https://review.opendev.org/#/c/754285/ passing before merging the rest of octavia 15:18:14 patch 754285 - kolla-ansible - CI: octavia: create and test a load balancer - 20 patch sets 15:18:40 mnasiadka: mellon dance you say 15:18:49 yoctozepto: don't even ask 15:19:04 * yoctozepto not asking 15:19:13 * yoctozepto still curious 15:20:21 yoctozepto: had to federate with multiple sources using mod_auth_mellon, started drafting a change adding that feature to k-a, so we'll probably be able to merge it in W :) 15:20:54 hopefully it is compatible with https://review.opendev.org/695432 15:20:54 patch 695432 - kolla-ansible - Add support to OpenID Connect Authentication flow - 37 patch sets 15:21:19 or at least not conflicting 15:22:32 #action mgoddard get octavia CI job passing in order to merge patches 15:22:58 tempted to insert the tenant networking patch in the chain to verify the certs patch works 15:23:10 since we know it can pass with that 15:23:12 anyway 15:23:15 other FFEs 15:23:15 I'm not opposing 15:23:22 neutron backend TLS 15:23:37 happy to review this, if someone else will also 15:23:44 I will 15:23:46 ok 15:23:55 mgoddard: yeah, that one looks good, needs some updates, and I have no clue why shibboleth usage is in there, since it's not in the image 15:23:56 any other FFEs? 15:24:27 lemme see 15:25:20 Not a feature, but this one cleans up some ironic config: https://review.opendev.org/#/c/754997/ 15:25:21 patch 754997 - kolla-ansible - Update ironic iPXE configuration - 2 patch sets 15:25:30 I have 3 waiting for mnasiadka: 15:25:30 https://review.opendev.org/752907 15:25:31 patch 752907 - kolla-ansible - Add support for changing sysctl.conf path - 1 patch set 15:25:42 https://review.opendev.org/752917 15:25:42 patch 752917 - kolla-ansible - Allow to skip and unset sysctl vars - 1 patch set 15:25:48 https://review.opendev.org/752917 15:25:48 patch 752917 - kolla-ansible - Allow to skip and unset sysctl vars - 1 patch set 15:25:56 oopsie 15:25:56 https://review.opendev.org/753380 15:25:57 patch 753380 - kolla-ansible - Add support for with_frontend and with_backend - 2 patch sets 15:26:31 actually 4 15:26:31 https://review.opendev.org/723342 15:26:32 patch 723342 - kolla-ansible - Coordinate haproxy and keepalived restarts - 12 patch sets 15:26:45 and one release critical also for mnasiadka: https://review.opendev.org/755328 15:26:45 patch 755328 - kolla-ansible - Control Neutron migrations - 4 patch sets 15:26:54 (or any other hero core) 15:27:33 mgoddard: +2 on ironic 15:27:38 thx 15:29:26 added some RP+1s 15:30:37 yoctozepto: done 15:31:21 mnasiadka: thanks, missed: https://review.opendev.org/752917 15:31:21 patch 752917 - kolla-ansible - Allow to skip and unset sysctl vars - 1 patch set 15:32:15 yoctozepto: done :) 15:32:21 mnasiadka: thx 15:32:23 Not seeing any FFE candidates for kayobe 15:32:24 mnasiadka: any from you? 15:32:57 yoctozepto: not today, but I'll look into my backlog and come back tomorrow :D 15:33:05 mnasiadka: ok 15:34:08 I guess we should look at bugs too 15:34:43 https://bugs.launchpad.net/kolla 15:34:52 are there any that we need in the release? 15:36:31 hmm, good question Mark 15:37:12 the 2nd one on that page is easy but burdensome 15:37:37 drop root on wsgi? 15:37:44 nope 15:38:05 so which is the 2nd one? :) 15:38:15 https://bugs.launchpad.net/kolla/+bug/1874298 15:38:17 yoctozepto: Error: malone bug 1874298 not found 15:38:27 it's a sec bug 15:38:32 it's not found 15:38:36 but minor, we can probably open it up 15:38:42 mgoddard: wdyt? 15:39:07 or I can grant mnasiadka access to sec bugs 15:39:16 please ensure you are logged in 15:39:21 and let me check how that was done 15:39:24 ah, great, you need special permissions to see a sec bug? 15:39:25 lol 15:40:06 given now 15:40:07 I suppose we could give mnasiadka access :) 15:40:11 refresh the listing 15:40:15 mgoddard: I did 15:40:43 yeah 15:40:47 if you think it worthy of pushing, I can 15:40:50 yoctozepto: well, you raised it, you fix it :) 15:41:05 sure, the question is whether we want that for this release 15:41:20 or any better candidates I can spend my time on for now 15:42:03 Pierre Riteau proposed openstack/kayobe master: Configure bifrost to use firewalld trusted zone https://review.opendev.org/756541 15:42:10 it could be a good one to fix 15:43:52 what about kolla-ansible? 15:44:00 https://bugs.launchpad.net/kolla-ansible 15:44:09 (or https://bugs.launchpad.net/kolla-ansible/+bugs?orderby=-id&start=0) 15:45:05 more fernet issues: https://bugs.launchpad.net/kolla-ansible/+bug/1898765 15:45:07 Launchpad bug 1898765 in kolla-ansible "keystone-fernet cron job not triggering, results in keys not rotating" [Undecided,New] 15:46:18 mgoddard: yeah, I added more logging in one deployment and testing 15:46:46 fernet sad 15:48:34 cron broken :) 15:48:53 cron never breaks! :D 15:48:58 any others? 15:50:47 headphoneJames: how is neutron tls going with the new approach? 15:50:47 https://bugs.launchpad.net/kolla-ansible/+bug/1894056 15:50:48 Launchpad bug 1894056 in kolla-ansible "DB migration broken" [Critical,Triaged] 15:51:55 mgoddard: invalid, undecided 15:51:57 just switched 15:52:06 neutron problem, not affecting us atm 15:53:07 Could we fix https://bugs.launchpad.net/kolla-ansible/+bug/1891469 by using throttle=1? 15:53:08 Launchpad bug 1891469 in kolla-ansible "Neutron: Stopping neutron L3 agent containers breaks data plane" [High,Triaged] 15:53:32 now that we have ansible 2.9 (throttle is a good reason to use 2.9) 15:54:17 I guess it's unlikely to completely fix it, but rolling restarts could reduce downtime 15:55:48 mgoddard: it won't help much 15:55:59 the torn down containers are the reason 15:57:46 ok 15:58:00 is https://bugs.launchpad.net/kolla-ansible/+bug/1891145 a dup of https://bugs.launchpad.net/kolla-ansible/+bug/1891704 ? 15:58:03 Launchpad bug 1891145 in kolla-ansible victoria "post-deploy different behaviour with new ansible versions" [Critical,Triaged] - Assigned to Radosław Piliszek (yoctozepto) 15:58:04 Launchpad bug 1891704 in kolla-ansible ussuri "admin-openrc.sh is world readable" [High,Fix committed] - Assigned to Radosław Piliszek (yoctozepto) 15:59:39 mgoddard: kinda; actually the other way around but fine 15:59:43 :D 15:59:52 better just tick it as dup 16:00:39 done 16:01:11 and we're done 16:01:16 #topic Open discussion 16:01:20 One last thing 16:01:26 yoctozepto: this ansible meeting 16:01:34 shall we send a representative? 16:01:52 I didn't want to cancel the klub at late notice 16:02:25 (representative being yoctozepto :D) 16:02:45 or me if yoctozepto handles klub 16:05:29 well let's end it there 16:05:33 Thanks 16:05:35 #endmeeting