#openstack-kolla log

15:01:25 <mnasiadka> #startmeeting kolla
15:01:26 <opendevmeet> Meeting started Wed Dec  1 15:01:25 2021 UTC and is due to finish in 60 minutes.  The chair is mnasiadka. Information about MeetBot at http://wiki.debian.org/MeetBot.
15:01:26 <opendevmeet> Useful Commands: #action #agreed #help #info #idea #link #topic #startvote.
15:01:26 <opendevmeet> The meeting name has been set to 'kolla'
15:01:49 <mnasiadka> mgoddard mnasiadka hrw egonzalez yoctozepto rafaelweingartne cosmicsound osmanlicilegi bbezak parallax Fl1nt frickler adrian-a meeting now
15:01:53 <mnasiadka> #topic rollcall
15:02:01 <adrian-a> o/
15:02:26 <mnasiadka> o/
15:02:47 <yoctozepto-clone> o/
15:03:30 <yoctozepto-clone> (had to use a different nick because of issues with my webclient)
15:03:58 <mnasiadka> clones welcome
15:05:02 <mnasiadka> #topic agenda
15:05:02 <mnasiadka> * Review action items from the last meeting
15:05:02 <mnasiadka> * CI status
15:05:02 <mnasiadka> * Release tasks
15:05:02 <mnasiadka> * Yoga cycle planning
15:05:03 <mnasiadka> * Python3.6 support removal in Yoga
15:05:03 <mnasiadka> * Open discussion
15:05:09 <mnasiadka> #topic Review action items from the last meeting
15:06:40 <mnasiadka> mnasiadka to triage security bugs and update them with resolution plan (if needed)
15:06:40 <mnasiadka> yoctozepto hide properly init-runonce
15:06:40 <mnasiadka> not forget to go through backports for stable branches (L248 on Whiteboard) and do stable releases afterwards.
15:06:40 <mnasiadka> mnasiadka post a patch for docs - standard topics that should be discussed over PTG and then revisited in mid-cycle
15:06:40 <mnasiadka> mnasiadka Add ansible-core 2.12 to the list of Yoga priorities
15:06:41 <mnasiadka> mnasiadka Add rabbitmq 3.9 to the list of Yoga priorities
15:06:52 <mnasiadka> I didn't do triage
15:07:01 <mnasiadka> I didn't post a patch for docs as recurring PTG topic
15:07:08 <mnasiadka> I added ansible and rmq to priorities
15:07:21 <mnasiadka> I guess nobody did go through backports for stable branches
15:07:36 <mnasiadka> and yoctozepto-clone hasn't hidden init-runonce
15:07:42 <mnasiadka> #action mnasiadka to triage security bugs and update them with resolution plan (if needed)
15:07:44 <yoctozepto-clone> yeah, sadly
15:07:48 <mnasiadka> #action yoctozepto hide properly init-runonce
15:07:51 <yoctozepto-clone> tough times
15:07:59 <mnasiadka> #action anybody not forget to go through backports for stable branches (L248 on Whiteboard) and do stable releases afterwards.
15:08:05 <yoctozepto-clone> I think we need to prioritise the deprecations
15:08:06 <mnasiadka> #action mnasiadka post a patch for docs - standard topics that should be discussed over PTG and then revisited in mid-cycle
15:08:36 <mnasiadka> yoctozepto-clone: probably
15:08:45 <mnasiadka> #topic CI status
15:09:00 <mnasiadka> Anybody wants to say that something is not green?
15:09:27 <mnasiadka> so everything green on the whiteboard
15:09:28 <mnasiadka> let's move on
15:09:35 <mnasiadka> #topic Release tasks
15:09:57 <mnasiadka> It's R-17 now
15:10:24 <mnasiadka> R-17: Switch source images to current release¶
15:10:34 <mnasiadka> I think mgoddard (absent) did post some changes
15:10:40 <mnasiadka> We just need to move them forward
15:11:11 <yoctozepto-clone> links please
15:11:44 <mnasiadka> (looking for them)
15:12:58 <mnasiadka> Seems I'm blind
15:13:51 <kevko_> hi, sorry, I had a meeting in 15 :/
15:14:39 <mnasiadka> Ok, I'll find them offline - no logical sense to wait now.
15:14:55 <mnasiadka> #topic Yoga cycle planning
15:15:14 <mnasiadka> I started to populate the whiteboard with Yoga priorities, need to be extended but there's a list
15:15:29 <mnasiadka> I agree with yoctozepto we should start deprecating binary
15:15:51 <yoctozepto-clone> and multidistros
15:15:58 <yoctozepto-clone> well, going forward there
15:16:09 <mnasiadka> around single distro - I updated https://etherpad.opendev.org/p/kolla-only-on-debian - to reflect replies I did get from various MLs and commercial customers
15:16:22 <yoctozepto-clone> we know debian images currently work universally
15:16:38 <yoctozepto-clone> hmm
15:16:42 <mnasiadka> But lacking mgoddard and hrw here - I don't know if we shouldn't discuss those next week.
15:16:59 <yoctozepto-clone> i guess these are moot points as we only ever wished to have them
15:17:03 <admin1> is there a way to deploy docker + databases before deploying kolla ansible ?
15:17:04 <yoctozepto-clone> never had
15:18:39 <admin1> test case .. to check if controller nodes can be re-created with just the database backup in event of a complete filesystem corrupt/crash
15:18:42 <mnasiadka> yoctozepto: well, the FIPS one is something we'll need to support soon.
15:18:57 <mnasiadka> admin1: we have a meeting now, please wait until it ends - and then ask questions :)
15:19:01 <admin1> oh .. sorry
15:19:07 <mnasiadka> yoctozepto: as in our company ;)
15:19:09 <hrw> o\
15:19:27 <mnasiadka> and the selinux/apparmor case is also interesting, because that's what customers are asking
15:19:41 <mnasiadka> I wouldn't like to maintain a complete downstream fork of Kolla
15:19:53 <hrw> let me read what was in meeting
15:20:25 <mnasiadka> hrw: basically https://etherpad.opendev.org/p/kolla-only-on-debian is a list of roadblocks from ML and some other sources feedback around single distro
15:20:33 <hrw> ok let me look
15:21:28 <yoctozepto-clone> is debian not compatible with fips somehow?
15:21:58 <mnasiadka> FIPS compliant, but not certified
15:22:18 <mnasiadka> IIRC
15:22:19 <yoctozepto-clone> ah
15:22:42 <yoctozepto-clone> well, it would be hard to get our images certified anyhow
15:22:49 <yoctozepto-clone> if not simply impossible
15:23:05 <mnasiadka> Probably yes, just mentioning what is on our employers radar.
15:23:14 <mnasiadka> I mean hard, not impossible.
15:23:45 <yoctozepto-clone> ok
15:23:47 <hrw> yoctozepto-clone: RHEL is FIPS certified so people were happy with CentOS
15:24:08 <mnasiadka> And I think Ubuntu is FIPS certified as well
15:24:32 <yoctozepto-clone> yeah, but centos is gone unless we go rocky and then again we need to provide openstack ourselves
15:24:43 <yoctozepto-clone> choices, choices...
15:24:54 <hrw> whatever RHEL8 based is no go for us
15:24:55 <mnasiadka> what does it mean provide openstack ourselves?
15:25:11 <hrw> does not matter is it CS8, RockyLinux, AlmaLinux
15:25:22 <hrw> Yoga is last py3.6 cycle
15:25:24 <yoctozepto-clone> mnasiadka: no packages for rocky
15:25:35 <hrw> please s/rocky/rockylinux
15:25:36 <mnasiadka> Yes, there's the python3.6 drop that TC has... dropped on us.
15:25:56 <mnasiadka> yoctozepto-clone: yeah well, we're dropping binary anyway, so that's only a couple of packages.
15:25:58 <adrian-a> I guess wouldn't be hard to support Debian+Ubuntu based images, where Ubuntu would be FIPS certified?
15:26:00 <hrw> we need to depracate CentOS in Yoga
15:26:10 <kevko> Ubuntu is FIPS certified ..and ubuntu is ..you know ..just debian :D
15:26:14 <kevko> adrian-a: +1
15:26:49 <yoctozepto-clone> +1 hrw and adrian-a
15:26:51 <yoctozepto-clone> works for me
15:26:56 <yoctozepto-clone> centos is the biggest pain point
15:27:08 <yoctozepto-clone> I mean - currently
15:28:32 <mnasiadka> Currently the biggest pain point is OpenStack forcing us to go cs9 in Yoga, or drop CentOS at all.
15:29:05 <mnasiadka> But let's see how tomorrows TC meeting will play out.
15:29:17 <jingvar> I 'm working on ISO image builder that will provision  baremetal kayobe control host
15:29:21 <yoctozepto-clone> I think we will revert this one
15:29:33 <kevko> mnasiadka: why "openstack forcing us" ?
15:29:34 <yoctozepto-clone> as there is no certain win to drop py3.6 in yoga
15:29:53 <mnasiadka> kevko: do you read the openstack ML sometimes?
15:29:56 <hrw> kevko: drop of py3.6
15:30:37 * frickler waves late and tries to catch up
15:31:14 <frickler> and also admits that possibly the suggestion to drop py36 might have initiated from me
15:31:45 * hrw waves finger at frickler. bad, bad boy!
15:32:10 <yoctozepto-clone> well, I guess I was overly optimistic there as well
15:32:28 <yoctozepto-clone> always forgetting non-default python version on centos in nerfed
15:32:54 <mnasiadka> Ok then, let's assume it gets reverted or worry if it is not for now.
15:33:58 <mnasiadka> What about deprecating binary? We have some TODOs related with it.
15:34:07 <mnasiadka> L322 on https://etherpad.opendev.org/p/KollaWhiteBoard
15:35:25 <yoctozepto-clone> need to work on them
15:35:37 <hrw> added links to my patches there
15:35:50 <mnasiadka> Great, added your name in TODO
15:36:02 <mnasiadka> So - are there any volunteers for the rest of unassigned tasks?
15:38:04 <mnasiadka> ok then, no volunteers, I'll ask again next week ;-)
15:38:14 <frickler> I can start looking into "How to locally patch source images"
15:38:50 <yoctozepto-clone> great
15:39:03 <mnasiadka> Sure, add it in the whiteboard that you'll be working on it
15:39:17 <kevko> frickler: add me to cc if you will have something ..
15:39:47 <frickler> kevko: sure
15:40:10 <hrw> took over 2 entries
15:40:46 <mnasiadka> ok, something is moving, nice - thanks )
15:40:47 <mnasiadka> :)
15:41:00 <hrw> btw - until nova gets rid of powervm dependency we are ...ed with source builds
15:41:09 <hrw> INFO:kolla.common.utils.nova-base:The conflict is caused by:
15:41:09 <hrw> INFO:kolla.common.utils.nova-base:    pypowervm 1.1.26 depends on futures>=3.0; python_version == "3.6"
15:41:12 <hrw> INFO:kolla.common.utils.nova-base:    The user requested (constraint) futures===3.0.5
15:41:34 <yoctozepto-clone> argh
15:41:53 <mnasiadka> So nova enforces everybody to install pypowervm, although less than 1% of users use that functionality?
15:42:29 <frickler> wasn't that cleaned up already? maybe not backported
15:42:35 <hrw> you are overoptimistic with that 1%
15:43:09 <frickler> also this is hidden in upstream CI due to cached wheels sadly.
15:44:03 <yoctozepto-clone> indeed
15:44:13 <yoctozepto-clone> we have experimental jobs that ignore the wheels
15:44:22 <yoctozepto-clone> we can run them less experimentally
15:44:34 <mnasiadka> Are we also trying to get rid of RDO/UCA during deprecating binary?
15:44:55 <hrw> they both provide missing deps
15:45:03 <hrw> and/or updates
15:45:07 <mnasiadka> well true
15:45:07 <yoctozepto-clone> yeah, we neede some deps I think
15:45:10 <yoctozepto-clone> like ceph libs
15:45:40 <mnasiadka> I think Ceph libs should follow RabbitMQ/MariaDB (use vendor repos)
15:45:47 <mnasiadka> Now that they build Debian as well
15:45:59 <hrw> mnasiadka: with aarch64 ones?
15:46:37 <mnasiadka> at least Debian has arm64 packages on download.ceph.com
15:47:08 <hrw> o! things changed
15:47:29 <hrw> RUN ln -s nova-base-source/* nova \
15:47:30 <hrw> +    && sed -i -e "/^pypowervm/d" nova/requirements.txt \
15:47:35 <hrw> and nova builds ;D
15:48:43 <yoctozepto-clone> hrw, mnasiadka: re ceph: wonderful!
15:48:55 <yoctozepto-clone> hrw: I guess we can do this with a reno and be good
15:49:38 <mnasiadka> Added that to Yoga priorities list
15:50:10 <mnasiadka> Ok then, I think the binary deprecation is pretty well covered.
15:50:19 <yoctozepto-clone> indeed
15:51:19 <mnasiadka> Let's discuss the single distro again next week, we should have some more insight from py36 drop and I'll investigate the FIPS/SELinux/AppArmor things, if this is really something we want to do next year (as a company).
15:52:02 <mnasiadka> I think we already covered the py36 drop topic that was the next one
15:52:23 <mnasiadka> So unless anybody has any additional topics around Yoga priorities - let's move to Open Discussion.
15:52:25 <opendevreview> Marcin Juszkiewicz proposed openstack/kolla master: nova: drop pypowervm dependency  https://review.opendev.org/c/openstack/kolla/+/820042
15:53:50 <mnasiadka> #topic Open discussion
15:54:14 <opendevreview> Marcin Juszkiewicz proposed openstack/kolla master: switch source images to follow master branches  https://review.opendev.org/c/openstack/kolla/+/820043
15:54:25 <ohorecny2> Hi, my team proposed change for refactoring of kolla_docker, can you please review guys? We would like to move forward. Change is here: https://review.opendev.org/c/openstack/kolla-ansible/+/817954
15:54:27 <hrw> mnasiadka: please take care of 820043 patch - it may need better commit message
15:55:06 <mnasiadka> sure, I'll check previous similar changes and adapt if needed.
15:55:31 <hrw> mnasiadka: thx
15:55:38 * hrw on sick leave this week
15:56:01 <yoctozepto-clone> get well hrw!
15:56:57 <mnasiadka> ok, I see we're done for today
15:57:00 <mnasiadka> #endmeeting