15:02:10 <mgoddard> #startmeeting kolla
15:02:11 <opendevmeet> Meeting started Wed Jun  9 15:02:10 2021 UTC and is due to finish in 60 minutes.  The chair is mgoddard. Information about MeetBot at http://wiki.debian.org/MeetBot.
15:02:12 <opendevmeet> Useful Commands: #action #agreed #help #info #idea #link #topic #startvote.
15:02:15 <opendevmeet> The meeting name has been set to 'kolla'
15:02:18 <mgoddard> #topic rollcall
15:02:33 <mgoddard> \o
15:03:05 <yoctozepto> o/
15:03:24 <headphoneJames> o/
15:04:24 <priteau> ~o~
15:06:11 <mgoddard> #topic agenda
15:06:17 <mgoddard> * Roll-call
15:06:19 <mgoddard> * Agenda
15:06:21 <mgoddard> * Announcements
15:06:23 <mgoddard> ** Kolla release process has changed
15:06:25 <mgoddard> * Review action items from the last meeting
15:06:27 <mgoddard> * CI status
15:06:29 <mgoddard> * Wallaby release planning
15:06:31 <mgoddard> ** libvirt/OVMF bug
15:06:33 <mgoddard> ** default kolla-build to network_mode == host (https://review.opendev.org/c/openstack/kolla/+/795089)
15:06:35 <mgoddard> * Xena cycle planning
15:06:37 <mgoddard> ** master branch life cycle https://review.opendev.org/c/openstack/kolla/+/795320
15:06:39 <mgoddard> * Open discussion
15:06:41 <mgoddard> #topic announcements
15:06:43 <mgoddard> #info Kolla release process has changed
15:06:46 <mgoddard> #link https://review.opendev.org/c/openstack/kolla/+/795320
15:06:58 <mgoddard> ^ proposed documentation for new release process
15:07:14 <mgoddard> Any other announcements?
15:07:43 <yoctozepto> nope
15:08:02 <mgoddard> #topic Review action items from the last meeting
15:08:22 <mgoddard> mgoddard email openstack-discuss about quay.io credentials
15:08:24 <mgoddard> mgoddard document new release process
15:08:26 <mgoddard> start following new release process
15:08:28 <mgoddard> mgoddard follow up about documentation improvements
15:08:33 <mgoddard> 1. nope
15:08:36 <mgoddard> 2. yep
15:08:48 <mgoddard> 3. not yet, still time
15:08:55 <mgoddard> 4. yep
15:09:05 <mgoddard> #action mgoddard email openstack-discuss about quay.io credentials
15:09:05 <yoctozepto> congrats
15:09:23 <mgoddard> #topic CI status
15:10:17 <mgoddard> Kolla broken
15:10:36 <mgoddard> We need https://review.opendev.org/c/openstack/bifrost/+/795508 (and a backport of it) to land before tomorrow
15:10:58 <mgoddard> I just pinged again in #openstack-ironic
15:11:54 <mgoddard> everything else happy I think
15:12:18 <priteau> I am seeing some failures on kayobe stable/ussuri, need to confirm if it random or repeatable
15:12:29 <mgoddard> hmm
15:12:33 <mgoddard> what kind of failures?
15:13:26 <priteau> While installing bifrost: Could not find the requested service mariadb: host
15:13:44 <mgoddard> hmm
15:13:50 <priteau> The other one was out of disk space
15:13:57 <mgoddard> haven't seen that
15:14:03 <mgoddard> keep us posted!
15:14:06 <priteau> recheck currently running, with errors again, will investigate
15:14:20 <mgoddard> #topic Wallaby release planning / libvirt/OVMF bug
15:14:35 <mgoddard> I think this is currently the only Wallaby release blocker
15:14:48 <mgoddard> which is good and bad
15:15:12 <yoctozepto> we are expecting a bump to libvirt 7.0
15:15:16 <yoctozepto> it's going to be fun ride
15:15:17 <priteau> The latest update is that the centos-release-advanced-virtualization package in c8s is likely going to be updated later today
15:15:27 <yoctozepto> that indeed
15:16:06 <mgoddard> so why did we hit this before if we had an older version?
15:16:59 <yoctozepto> that version had a bug
15:17:03 <yoctozepto> well, has
15:17:08 <priteau> All versions of libvirt are impacted, it's only fixed in 7.4.0 or older versions which include a backport
15:17:15 <mgoddard> ok
15:17:15 <yoctozepto> ++
15:17:27 <priteau> Currently, only 6.0.0 in AppStream has the backport
15:17:36 <priteau> But not 6.6.0 from advanced-virt
15:17:50 <yoctozepto> btw
15:17:57 <yoctozepto> it's interesting we will get libvirt 7
15:18:02 <yoctozepto> while still on wallaby
15:18:05 <yoctozepto> just due to using stream
15:18:18 <yoctozepto> centos *scream*
15:18:43 <priteau> I wonder if it will affect TripleO in the same way?
15:19:02 <yoctozepto> no idea, tripleo is switching to an entirely independent model of release
15:19:31 <yoctozepto> (which I kinda like because it means they autobackport features to stable release of openstack)
15:19:44 <mgoddard> are we expecting any specific issues from the upgrade to libvirt 7?
15:19:52 <yoctozepto> we don't know really
15:21:04 <mgoddard> well, seems that we just need to sit tight for a little longer
15:21:06 <priteau> If we want to be proactive we could set up the c8s adv-virt repo and test
15:21:46 <yoctozepto> well, i'm guessing we will find out tomorrow, no?
15:21:46 <mgoddard> or we just let the stream wash over us
15:22:12 <priteau> probably soon enough
15:22:14 <mgoddard> s/stream/firehose/
15:23:12 <mgoddard> let's move on, mere fish cannot stop the stream
15:23:28 <mgoddard> #topic Wallaby / default kolla-build to network_mode == host (https://review.opendev.org/c/openstack/kolla/+/795089)
15:23:35 <mgoddard> this one is mnasiadka
15:23:45 <mgoddard> but I think he's away
15:23:56 <mgoddard> still, should we do it?
15:24:12 <yoctozepto> +2
15:24:18 <yoctozepto> w8ing for mgoddard
15:24:39 <mgoddard> it kind of makes sense from a practical perspective, but should we make assumptions about the build host?
15:24:47 <yoctozepto> it will also fix for ipv6-only folks
15:24:53 <mgoddard> it may not even have had the bootstrap-servers treatment
15:25:06 <yoctozepto> host networking should always work
15:25:11 <yoctozepto> everything else is host networking
15:25:15 <yoctozepto> why make kolla different
15:26:48 <mgoddard> fine
15:27:38 <mgoddard> approved
15:27:48 <mgoddard> backport to W
15:27:53 <yoctozepto> ++
15:28:12 <mgoddard> #topic Xena cycle planning /  master branch life cycle
15:28:17 <mgoddard> #link https://review.opendev.org/c/openstack/kolla/+/795320
15:28:57 <mgoddard> That is the proposed new release process which should capture all the undocumented steps and now includes kayobe
15:29:27 <mgoddard> https://storage.bhs.cloud.ovh.net/v1/AUTH_dcaab5e32b234d56b626f72581e3644c/zuul_opendev_logs_207/795320/1/check/openstack-tox-docs/20719e5/docs/contributor/release-management.html
15:29:29 <yoctozepto> I have yet to review it, but will
15:29:56 <mgoddard> it makes it quite obvious why we take a long time to release
15:30:27 <yoctozepto> kind of
15:30:29 <mgoddard> if anyone has ideas to simplify it, come forward
15:32:11 <mgoddard> Anyway, comments are welcome
15:32:25 <mgoddard> #topic Open discussion
15:32:33 <mgoddard> Does anyone have anything else to cover?
15:32:57 <yoctozepto> not really
15:33:03 <yoctozepto> need to mention we should release train em
15:33:06 <yoctozepto> and have it off us
15:33:53 <headphoneJames> At what point do we discuss new features proposals for Xena?
15:34:49 <yoctozepto> you can now
15:34:50 <mgoddard> headphoneJames: anyone can add to the meeting agenda
15:34:59 <mgoddard> headphoneJames: or open discussion is fine
15:35:24 <yoctozepto> open discussion is really: first come, first served
15:36:44 <headphoneJames> A feature I would like to explore is having a streamlined way to setup and enable secure RBAC for services in Xena that support it
15:37:06 <mgoddard> Sounds like a good idea
15:37:15 <mgoddard> What does it entail for each service?
15:37:23 <yoctozepto> I agree
15:37:46 <mgoddard> is it the enforce_scope setting?
15:38:13 <headphoneJames> I'm not sure yet. I've started looking at what being implemented in tripleo
15:38:35 <mgoddard> good plan
15:39:29 <mgoddard> there is this one for keystone: https://review.opendev.org/c/openstack/kolla-ansible/+/692179/
15:39:34 <headphoneJames> but yes, things like keystone::policy::enforce_scope: True
15:40:18 <mgoddard> at the moment we get a lot of warnings in keystone about scope
15:40:43 <mgoddard> a good first step would be to change to use scoped tokens, without necessarily enforcing them
15:41:08 <mgoddard> the above patch does both
15:41:25 <headphoneJames> that is an excellent patch to know about
15:41:34 <opendevreview> Pierre Riteau proposed openstack/kayobe-config-dev stable/train: Synchronise with latest kayobe for Train  https://review.opendev.org/c/openstack/kayobe-config-dev/+/795578
15:42:52 <headphoneJames> I will probably pick it up
15:43:04 <mgoddard> great
15:44:03 <headphoneJames> also, the first half of the let's encrypt patch is ready for review: https://review.opendev.org/c/openstack/kolla-ansible/+/741340
15:44:30 <mgoddard> I would also suggest starting a thread on openstack-discuss, inviting other deployment projects and the secure RBAC team to collaborate
15:44:57 <headphoneJames> mgoddard: good idea
15:45:00 <opendevreview> Pierre Riteau proposed openstack/kayobe-config-dev stable/victoria: Sync configs with kayobe @ 0a8f1fb67fb4cab7029cdf615f3280e975bcd1bf  https://review.opendev.org/c/openstack/kayobe-config-dev/+/795580
15:46:18 <mgoddard> you might tag as [kolla][keystone][tripleo][openstack-ansible]
15:47:21 <priteau> puppet?
15:47:31 <yoctozepto> and charms
15:47:40 <priteau> need a [deploy] tag
15:47:44 <yoctozepto> indeed
15:49:21 <mnasiadka> sorry for being late
15:49:25 <mnasiadka> thanks for approving my patch :)
15:50:00 <mgoddard> you are lucky we didn't abandon it :p
15:50:21 <yoctozepto> LIKE YOU DID US
15:50:28 <yoctozepto> ;d
15:51:01 <mgoddard> anything else to cover today?
15:51:34 <mgoddard> oh, hold on
15:51:52 <mgoddard> we didn't discuss the release activities for this week
15:51:52 <opendevreview> Merged openstack/kayobe stable/wallaby: Add kayobe overcloud service prechecks command  https://review.opendev.org/c/openstack/kayobe/+/795462
15:52:00 <opendevreview> Merged openstack/kayobe stable/wallaby: docs: improve automated seed development info  https://review.opendev.org/c/openstack/kayobe/+/795463
15:52:27 <mgoddard> R-17: Switch source images to current release
15:53:23 <mgoddard> would anyone like to do this week's release tasks?
15:54:33 <mnasiadka> I can do that
15:55:26 <mgoddard> thanks
15:55:38 <mgoddard> #action mnasiadka perform R-17 release tasks
15:55:59 <mgoddard> the kayobe one merged already
15:56:10 <mgoddard> let's wrap up then
15:56:13 <mgoddard> Thanks all
15:56:18 <mgoddard> #endmeeting