14:06:40 #startmeeting kolla 14:06:41 Meeting started Wed Mar 6 14:06:40 2024 UTC and is due to finish in 60 minutes. The chair is mnasiadka. Information about MeetBot at http://wiki.debian.org/MeetBot. 14:06:41 Useful Commands: #action #agreed #help #info #idea #link #topic #startvote. 14:06:41 The meeting name has been set to 'kolla' 14:06:50 train is EOL *scnr* 14:07:06 mgoddard mnasiadka bbezak frickler kevko SvenKieske mmalchuk gkoper jangutter jsuazo jovial osmanlicilegi mattcrees dougszu - meeting now 14:07:09 #topic rollcall 14:07:10 o/ 14:07:13 \o 14:07:14 \o 14:07:18 o/ 14:07:20 o/ 14:07:27 o/ 14:07:31 o/ 14:07:38 |o 14:07:57 o/ 14:08:06 0/ 14:09:24 #topic agenda 14:09:24 * CI status 14:09:24 * Release tasks 14:09:24 * Regular stable releases (first meeting in a month) 14:09:24 * Current cycle planning 14:09:25 * Additional agenda (from whiteboard) 14:09:25 * Open discussion 14:09:25 \o/ 14:09:29 #topic CI status 14:10:01 I think it's green-ish, there was some breakage due to switch from etcd to redis in cephadm jobs (kolla side image build regex was not updated) - but should be good now 14:10:28 Kayobe is green again this week 14:10:52 aarch jobs got broken with sha256 checking of sources.py, I'll have a look 14:10:55 otherwise looks good 14:11:00 #topic Release tasks 14:11:22 This week is R-4 - Cycle highlights 14:11:34 Any volunteer to propose cycle highlights? 14:11:37 bbezak: ? 14:12:30 Ok, I'll do that ;-) 14:12:36 jovial: can you do that for Kayobe? 14:12:43 Sure 14:13:01 #topic Current cycle planning 14:13:03 Is there an example patch from last time? 14:13:10 jovial: let me find it 14:13:37 it is in the deliverables file in the release repo 14:13:49 #link https://review.opendev.org/c/openstack/releases/+/902420 14:14:09 mnasiadka: well it's greenish ...but ovs is not creating second bridge if defines :) 14:14:35 Anyone know why 2023.1 containers have been removed from Docker? Or if there is a archive somewhere? 14:14:43 kevko: well, we can't test that in CI - I can have a look 14:14:59 mnasiadka: will be fixed in minutes i think 14:15:01 WJeffs7508: we mainly publish to quay.io/openstack.kolla 14:15:13 thanks 14:15:15 kevko: sure, if you need me to have a look in that just let me know 14:15:16 okay, fixed .. I will added you to review 14:15:27 kevko: thats sound more like a bug than a CI issue 14:15:38 I guess s/mainly/only/ with regards to quay.io? 14:15:52 frickler: mmm...yes it's ...sorry bad interpretation 14:15:57 SvenKieske: not only, we still have docker publish jobs, but I really don't look at them ;-) 14:16:01 docker weekly I think 14:16:03 quay daily 14:16:04 mnasiadka: Just found them there :) Just wondered if there was a reason it wasn't on docker mostly. 14:16:21 Wasn't sure if there was some major reason they got pulled I had missed. 14:16:27 WJeffs7508: the reason is Docker in the past tried to screw all open source projects and required to move to paid teams 14:16:37 they backed off that later - but the stench remains 14:16:50 WJeffs7508: also note those images are only meant for testing, build your own for production use 14:17:00 that's another thing :) 14:17:03 Yea agreed. We are :) 14:17:14 ok then, back to the topic - current cycle planning 14:17:28 #link https://etherpad.opendev.org/p/KollaWhiteBoard#L222 14:17:58 I added RMQ 3.13 14:18:19 Although it's only 3.13.0 now - I prefer to bump it now, than next cycle 14:18:23 we still have some months to release 14:18:34 yes 14:18:42 and as promised on the PTG, we'll (SHPC) work on getting 3.13 to older stable releases 14:18:47 did anybody look at some of the TLS patches? 14:19:13 which ones? 14:19:32 best link them in the etherpad, using a common topic 14:19:44 mattcrees: how is the Quorum queues in Antelope? 14:20:07 #link https://review.opendev.org/c/openstack/kolla-ansible/+/909188 14:20:37 but the "redis-cache" topic doesn't have all afaik 14:20:53 There's some backports in a chain here: https://review.opendev.org/c/openstack/kolla-ansible/+/909967 and I've also changed Caracal to only migrate queues in SLURP: https://review.opendev.org/c/openstack/kolla-ansible/+/909971 14:21:39 where exactly should I put caracal PTG links in the whiteboard? 14:21:50 ah I see, line 222ff 14:22:48 put the link to the redis-cache topic there, but it's only a fraction of all the internal TLS stuff 14:23:12 frickler, you promised to review last week afaik ;) 14:23:22 promises, promises ;) 14:23:44 yes, sorry, I'll leave that page open now until I review 14:23:56 frickler: are you going to work on split-glance this cycle? 14:24:14 my promised doc patch also took 2 weeks until I got around to it.. 14:24:35 mnasiadka: I still intend to do so, yes 14:25:05 good, if you change your mind - I might want to find somebody else to pick it up, it would be good security-wise to do that this cycle 14:25:48 well if someone else wants to work on that, I certainly wouldn't object 14:25:49 let's go to next topic 14:25:58 frickler: I didn't say that :) 14:26:01 #topic Additional agenda (from whiteboard) 14:26:20 SvenKieske: your TLS topic I assume was already mentioned 14:26:32 (mhiner) Please review: 14:26:32 Pointers on where and how to create documentation for ce migration? 14:26:32 action option introduction to kolla_container_facts: https://review.opendev.org/c/openstack/kolla-ansible/+/911417 14:26:32 docker-py version bump: https://review.opendev.org/c/openstack/ansible-collection-kolla/+/910751 14:26:32 transition to high-level docker api: https://review.opendev.org/c/openstack/kolla-ansible/+/908295 14:27:21 Specifically, I would like to know how I can create that documentation page 14:28:03 ah "ce migration" referse to container engine migration, that took me a while to parse. 14:28:05 all the docs are under doc/source/ 14:28:48 I see, I thought it was supposed to be a page on the docs.openstack.org site 14:28:56 sorry ..i need to go ..i will be around ..but i need to go to another VDI ..we have some incident ... 14:29:12 mhiner: a new page is just a new file. it will get pushed to the docs site automatically 14:29:17 mhiner: it's in sphinx format, it gets generated in the docs job in CI - and then when merged published to docs.openstack.org 14:30:13 mhiner: commented on the docker-py version bump, will have a look in the rest later 14:30:18 Also, you can use `tox -e docs` to generate locally 14:30:32 ok, let's go forward 14:30:35 #topic Open discussion 14:30:39 Anybody anything? 14:31:31 mhiner: did that answer your question? 14:31:39 yes, thank you 14:31:47 mhiner: of course in any doubt - ask questions here :) 14:31:47 just my small doc patch regarding --limit: https://review.opendev.org/c/openstack/kolla-ansible/+/911082 14:31:53 Hi I would like to ask about my patch. It has been inactive for a while. Is there anything else I need to do? https://review.opendev.org/c/openstack/kolla-ansible/+/905831 14:32:41 and if anyone has any insight in ovs socket sharing across containers and how to make this sane I would appreciate any feedback, details are in the comments here: https://review.opendev.org/c/openstack/kolla-ansible/+/855498 14:33:48 I'm still working on it myself of course, but maybe need a different perspective to look at it. the CI fails at creating ovs-bridge. need also to rework how we mount /run/ so it works in podman (currently we just ignore this in podman) 14:34:19 (followup to my previous comment) SvenKieske mentioned backporting. Would that also be my responsibility to facilitate as part of the patch? 14:34:20 SvenKieske: iirc you can only mount explicit subdirs of /run with podman? 14:34:53 I think that's how it's currently done for podman 14:37:00 yeah, the problem, as I understood, is that the "share" option means sharing the "/run" dir with the complete host, which only makes sense if you do it once, not twice.. so we need basically a singleton mechanism that ensures this is only run once and then not again. or mount countless subdirs, but I doubt that is a solution because multiple containers need to mount the ovs.socket run dir, namely: kolla_ 14:37:02 toolbox, prometheus-ovn-exporter, ovn(?) itself, probably more 14:37:27 but r-krcek asked before I did and is possibly easier to answer as well :) 14:37:37 I don't think a patch introducing a new role would be backportable 14:38:25 Yeah, if you want to backport that, then fix it without introducing a role 14:38:58 currently it's not a role, so imho should be fine :) we can maybe move it later to a dedicated role. 14:39:56 yeah, refactor to a separate role afterwards 14:41:06 Okay, so in this patch I should fix it without introducing a new role, which will be backported to stable releases and open a new patch that would break it out to separate role. 14:41:47 correct. I think the patch is also in a decent shape, at least I don't see anything preventing a merge, but the core reviewers have the ultimate decision :) 14:42:39 okay, thank you :) 14:43:45 ok then 14:43:48 seems we're done 14:43:54 thanks for coming! 14:43:55 #endmeeting