20:00:04 <johnsom> #startmeeting Octavia
20:00:05 <openstack> Meeting started Wed Sep 19 20:00:04 2018 UTC and is due to finish in 60 minutes.  The chair is johnsom. Information about MeetBot at http://wiki.debian.org/MeetBot.
20:00:06 <openstack> Useful Commands: #action #agreed #help #info #idea #link #topic #startvote.
20:00:08 <openstack> The meeting name has been set to 'octavia'
20:00:15 <johnsom> Hi folks!
20:00:16 <xgerman_> O/
20:00:22 <rm_work> o/
20:00:42 <johnsom> #topic Announcements
20:00:59 <johnsom> Might be a light meeting as I know some folks are on vacation (again, grin)
20:01:25 <johnsom> Your lowly PTL took notes during the PTG, please see the etherpad
20:01:30 <johnsom> #link https://etherpad.openstack.org/p/octavia-stein-ptg
20:01:49 <johnsom> Also TC elections have started, so check your e-mail for a ballot
20:01:52 <xgerman_> Is the vacation a Redhat or Europe thing?
20:02:14 <johnsom> I think it's a Europe thing, but I don't know.
20:02:30 <johnsom> Certainly not a "johnsom" thing sadly
20:02:39 <johnsom> His vacation was the PTG... lol
20:02:43 <xgerman_> nor xgerman
20:02:52 <nmagnezi> O/
20:03:33 <johnsom> There is also an email about the zuul backlog today.  Summary is one of the providers is doing upgrades, so the pool of instances is lower than normal.
20:03:44 <johnsom> Any other announcements today?
20:04:02 <johnsom> Ah, we did cut a stable/Pike release this week as well.
20:04:33 <johnsom> #topic Brief progress reports / bugs needing review
20:04:40 <xgerman_> Yep, promoted cgoncalves  to release manager!!
20:05:17 <johnsom> Ha, yeah, cgoncalves is now empowered to cut releases. Hopefully he can help get stable releases out at a better pace than I did in Rocky
20:06:19 <johnsom> Well, other than taking notes at the PTG I focused on fixing the Octavia v2 API "list" performance regression that a few folks have mentioned.
20:06:29 <johnsom> #link https://review.openstack.org/603242
20:06:40 <johnsom> Other than a release note I think this is good to go.
20:07:02 <johnsom> It dropped an LB list from 2:30 to a few seconds on my test setup.
20:07:14 <johnsom> This is a backport candidate too IMO
20:07:16 <xgerman_> I have been looking into the AAP driver and see if I can implement one of our self-healing ideas (octavia shadow port)
20:07:50 <johnsom> I have some gate work to address, then likely will start on the IPv6 Act/Stdby bug.
20:08:35 <johnsom> nmagnezi I think I will need to do something similar to what you started here:
20:08:38 <johnsom> #link https://review.openstack.org/589292
20:08:57 <johnsom> Mind if I expand on that for the IPv6 fix?
20:09:39 <nmagnezi> johnsom, sure. But I have been putting out internal fires so had to shift my focus :< last I check that didn't actually work for me but I do plan to get back to this
20:10:26 <johnsom> nmagnezi Ok, I may pick up that patch and run with it for the IPv6 patch. I think they are related.
20:10:49 <johnsom> Also, evgenyf from Radware added a few stories to the agenda looking for feedback:
20:10:55 <johnsom> #link https://storyboard.openstack.org/#!/story/2003738
20:11:04 <johnsom> #link https://storyboard.openstack.org/#!/story/2003737
20:11:09 <johnsom> #link https://storyboard.openstack.org/#!/story/2003733
20:11:29 <johnsom> If you have time, please provide feedback on those. (I haven't yet, sigh)
20:12:30 <johnsom> Ah, they look like potential provider driver related bugs. I will have to dig into those
20:12:54 <johnsom> Any other updates?
20:13:23 <johnsom> I saw there was a fix to the neutron-lbaas namespace driver memory leak, so that is cool
20:14:14 <johnsom> Ok, moving on
20:14:22 <johnsom> #topic Talk about VIP security groups
20:14:23 <nmagnezi> Yes, Carlos submitted that while I was away so still looking at it
20:14:25 <nmagnezi> But looks good
20:14:25 <nmagnezi> :)
20:14:36 <johnsom> #link https://review.openstack.org/#/c/602564/
20:14:50 <johnsom> This patch was proposed and discussed a bit earlier in the week in the IRC channel
20:15:20 <johnsom> It is proposing moving the VIP security group into the tenant project so they can change it to only allow certain source IPs
20:15:41 <johnsom> I added this to the agenda to raise awareness and open the floor to discussion on it.
20:15:58 <xgerman_> this has been a long standing ask and some tools (gopher cloud) hacked soemthing to make that happen to some degree
20:16:08 <johnsom> Personally I'm not in favor as we already see bad things happening once we added the VIP port to the tenant.
20:16:46 <johnsom> Mostly from runaway "cleanup" scripts users write that delete anything in their projects.
20:16:50 <xgerman_> Yeah, some people think tenants will own their bad decisions but in relaity they just blame Octavia
20:17:04 <johnsom> Right, and raise support calls
20:17:35 <johnsom> At the PTG we discussed folks researching options for "stacking" SGs on a port.  Did anyone get time to look at this?
20:18:09 <xgerman_> Sorry, got side tracked…
20:18:33 <xgerman_> well, they own te port so they can stack whatever they want ;-)
20:18:35 <johnsom> Yeah, I haven't either. Just got caught up on e-mail today.
20:19:27 <johnsom> Yeah, my understanding for the discussion was that the SG on the VIP doesn't actually impact traffic, that it is only the "VRRP" or base port that matters. The tenant doesn't own that port
20:20:09 <xgerman_> mmh, really depends on how the rules are implemented (e.g. if they are ip based)
20:20:41 <johnsom> Ok, maybe we should table this until next week.
20:21:02 <xgerman_> I know they resolve remote ports to its but not sure about local ones
20:21:12 <xgerman_> its=ips
20:21:17 <xgerman_> johnsom: +1
20:21:18 <johnsom> Other ideas were: accepting an SG and stacking it via the Octavia worker. Adding an ACL API to the LB.
20:21:38 <xgerman_> or giving them control of SG and using FWaaS for our stuff
20:22:26 <johnsom> Yeah, FWaaS was another proposal
20:22:42 <johnsom> Ok, tabling for next week for more research time
20:22:54 <johnsom> #topic Storyboard meeting to discuss "priority" metadata
20:23:11 <johnsom> nmagnezi I met with the storyboard folks last week.
20:23:23 * nmagnezi listens
20:23:24 <johnsom> I thanked them for some of the enhancements they have provided.
20:23:49 <johnsom> I also raised the "we should have a priority/severity" metadata field.
20:24:03 <johnsom> Which of course I got back "you are doing it wrong".
20:24:19 <nmagnezi> They proposed we simply use tags?
20:24:58 <johnsom> So, if you folks would like to have a discussion with the storyboard team about this, I offered to setup a meeting time (via the dev mailing list) where we can have an IRC discussion about this topic.
20:25:08 <johnsom> Why it is needed, how it would be used, etc.
20:25:36 <johnsom> nmagnezi are you guys interested in that and willing to provide the details for a larger discussion on the topic?
20:26:03 <johnsom> We could do IRC or just start an e-mail list chain
20:26:19 <nmagnezi> sure, I'll follow up on that. Can't we simply discuss this as an agenda item in their weekly meeting?
20:26:33 <johnsom> I think you folks workflow is the driver for the discussion, so kind of want you on point if we are doing it
20:27:00 <johnsom> We could, but we want to announce on the mailing list the time so we could get bigger participation
20:27:25 <nmagnezi> ack.
20:28:01 <nmagnezi> We have some PTOs next week, but I'll follow up on that. I can possibly join the discussion from my PTO anyways
20:28:16 <johnsom> Ok, we can do it the week after, no rush
20:28:27 <nmagnezi> Even better
20:28:42 <johnsom> Ok
20:28:48 <johnsom> #topic Open Discussion
20:28:51 <nmagnezi> Is there any preferred day for you? (In case you would want to participate)
20:28:55 <johnsom> Any other topics for today?
20:31:12 <johnsom> Ok then, thanks folks!  Have a great week going forward!
20:31:21 <johnsom> #endmeeting