16:01:46 #startmeeting openstack_ansible_meeting 16:01:47 #link https://wiki.openstack.org/wiki/Meetings/openstack-ansible#Agenda_for_next_meeting 16:01:47 #topic Roll Call 16:01:48 Meeting started Thu Jul 27 16:01:46 2017 UTC and is due to finish in 60 minutes. The chair is spotz. Information about MeetBot at http://wiki.debian.org/MeetBot. 16:01:49 Useful Commands: #action #agreed #help #info #idea #link #topic #startvote. 16:01:51 The meeting name has been set to 'openstack_ansible_meeting' 16:02:35 o/ 16:02:38 yay :D 16:02:40 o/ 16:02:58 o/ 16:03:09 That's better 16:03:49 Looks like today is the evrardjp and andymccr show:) 16:03:53 o/ 16:03:57 o/ 16:04:02 #topic Previous Items 16:04:12 #topic evrardjp opinion bugs according to schedule 16:04:14 yay evrardjp is here :P 16:04:28 \o 16:04:36 * mhayden woots 16:04:40 yeah, so I looked into that, and we don't have this schedule written into our docs 16:04:58 evrardjp: Bad docs! Bad bad! 16:05:03 I will add this into our docs, because right now I am following nova practices for triage 16:05:15 spotz: ahah 16:05:44 So I'll keep that as an action 16:05:49 when it will be accepted, I fill phase out these bugs according to our approved schedule 16:06:23 you can transform that into write docs for phasing out bugs as opinions :) 16:07:01 #action evrardjp working on doc for a phasing out bugs as opinion schedule 16:07:04 :) 16:07:14 #topic evrardjp schedule a hack day to go through old reviews and possibly bugs 16:07:22 oh man evrardjp is busy again! :P 16:07:29 This has been on the list if no one has seen it 16:07:36 so, for that there was a mail on the list indeed. 16:07:43 There was a few votes already. 16:08:08 here is the link 16:08:10 #link https://framadate.org/osa-pike-bug-smash 16:08:33 thanks to spotz and mhayden to already have put time there :) 16:08:39 :) 16:08:45 See also the ML for the full mail 16:08:53 that's it. 16:09:15 link to the ML post? 16:09:34 just a sec 16:09:58 ahh! 16:10:24 so wait is the plan to do bug smash after community meeting? 16:10:27 (s) 16:10:32 #link http://lists.openstack.org/pipermail/openstack-dev/2017-July/120118.html 16:10:59 hmm, those times are all quite late for me 16:11:00 well that's true I didn't think that far because it will be late. 16:11:23 ok let's modify this by "before" then? 16:11:34 evrardjp: we could "follow the sun" 16:11:35 why not have them all day - then we can hand over to the US crew 16:11:39 yeah 16:11:41 that sounds good to me 16:11:43 +1 16:11:54 ok will remove the time notation 16:11:54 +1 16:11:58 sounds good 16:12:58 #action evrardjp to update the 'hack day' to be follow the sun 16:13:04 thanks for arranging jp - i'll update that list once i double check im available on those dates 16:13:34 done :) 16:13:39 oh dear, previous votes are gone 16:13:39 #topic Topics for Discussion 16:13:42 spotz: mhayden could you revote? 16:13:47 evrardjp: will do 16:14:07 #topic PTG - 11-15 September - Denver, Colorado 16:14:11 or I force you to follow the sun :p 16:14:19 #link https://etherpad.openstack.org/p/osa-denver-PTG-planning 16:15:41 yay 16:15:41 so 16:15:43 etherpad is up 16:15:47 woot! 16:15:49 \o/ 16:16:14 start putting some ideas in there - it's usually best if you can have some form of POC or more detail about whatever it is you're interested in implenting/discussing 16:16:29 we'll put focus on that as we get closer to the PTG which is in about 6 weeks 16:17:04 After the bug smash, if we have time, we could maybe use wishlist items here. 16:17:13 works for me 16:17:16 s/use/list/ 16:18:39 might badger ppl around the PTG in the next week or 2 :) look forward to that! 16:18:50 :D 16:19:00 Maybe we can already list attendees 16:19:13 yeah if you think/know you're going put your name down on the list - would be useful 16:19:52 filled a few already 16:19:54 and video:) 16:20:28 So moving on 16:20:32 #topic Release Planning and Decisions 16:20:46 ok 16:20:47 so 16:20:47 I noticed Pike wasn't there and poor little Mitaka was gone:( 16:20:52 hahaha 16:20:56 yeah :( mitaka is gone 16:20:57 but 16:21:00 pike milestone-3 is out! 16:21:24 we have just short of 2 months to get the stable/pike all ready to go 16:21:27 for the first pike release 16:21:31 (which is actually the week of the PTG!) 16:21:50 we have released a new stable/newton & stable/ocata so hopefully we will see a lot fewer problems 16:22:06 the last release for both was pretty unstable,but we've ironed out the issues so we should be in a good place again! 16:22:55 yay! 16:22:59 but from releases that is all - feature freeze is in 2 weeks - so i expect a stronger focus now on testing/bug fixes and just general stabilization 16:23:10 andymccr: speaking of newton say some issues go past in the channel last night with repos 16:23:16 err ocata actually 16:23:35 spotz: ahh - which issues? 16:25:04 don't see it any ore in my scroll, but it was calling a repo I hadn't heard of before 16:25:47 maybe to do with the calico/felix thing which just came up? 16:26:05 Yes!!!! 16:26:12 oh, what changed? 16:26:13 yeah, that fix is in the next release 16:26:15 I knew it was something catty:) 16:26:26 hahaha 16:26:27 ok cool 16:26:31 that should be fixed now with the new release 16:26:40 thanks to logan- for fixing it before i even noticed :P 16:27:20 Yeah logan-!!!! 16:27:34 So that brings us to.... 16:27:38 #topic Blueprint work 16:28:00 ok so i think we're doing ok - i started getting some of the wsgi work moving last week, thanks for the reviews 16:28:06 more to come - i anticipate to finish it before feature freeze 16:28:15 i pushed up a new rev of the firewall spec and asked for firewalld/iptables/nftables feedback on the ML 16:28:32 https://review.openstack.org/479415 16:28:37 #link https://review.openstack.org/#/c/479415/ 16:28:57 no real consensus so far on the path to implementation 16:29:28 logan- leans towards plain iptables, evrardjp is on the fence, and nftables was brought up on the ML 16:29:39 i'd prefer firewalld or iptables 16:29:48 nftables seems a bit too modern at the moment 16:29:56 I lean towards iptables but that's cause I'm old school:) 16:30:08 it is tried and true (to logan-'s point) 16:30:12 nftables isn't the future? 16:30:14 oh ok 16:30:21 * odyssey4me sucks at iptables - anything that's easier to follow wins in my books. 16:30:22 nftables is probably the future 16:30:39 odyssey4me: haha welcome to the club. I'm a pf guy :p 16:30:41 haha yes that for me too 16:30:47 my money is on firewalld supporting nftables as a backend at some point 16:31:21 systemd-nspawn requires nftables! <-- fake dependency just created because it is hotness. 16:31:30 my only concern (which I am going to write it on the list too) is that different distros have different firewalld 16:31:40 which means we get different bugs/behavior as firewalld matures 16:31:56 hmm, but will ansible mask those? 16:32:02 I like the idea of being closer to core technology 16:32:12 odyssey4me: not necessarily 16:32:12 ie if we use the ansible module, will is disguise those issues and make life simpler for us? 16:32:22 i noted on the ML that different distros have different base rulesets 16:32:24 depends on where this module is tested 16:32:24 and zones 16:32:34 the problem of the ansible module is ... that it's untested on debian based distros. 16:32:41 and flushing a base ruleset is nontrivial 16:32:43 we'll hit the bugs. 16:32:48 well, perhaps we're going to have to put this into some sort of non-voting test and drive changes upstream until it's all stabilised 16:32:49 and how much maintainance we will end up doing on that module on top of our playbooks 16:33:12 o/ oops late 16:33:12 Should we (ok not me personally:)) maybe add the missing pieces to the module? 16:33:27 i might take an expedition to compare opensuse/ubuntu/centos default firewalld rulesets/zones 16:33:33 if we can play a part in improving the upstream module, that woud be best 16:33:38 +1 16:34:11 even if that means we carry our fork for a while - we just make sure that every modification we have has a corresponding PR upstream 16:34:30 or mhayden carries the fork in his github org ;) 16:34:41 haha, it can be included in the role 16:34:46 it will automatically be loaded 16:34:54 :) 16:35:39 as far as the iptables stuff, i have done a lot of work on this recently for some other ansible things here. im putting together a little POC role with that stuff, probably hear more from me in the next day or so as I get it pushed up here mhayden https://github.com/logan2211/ansible-iptables 16:36:07 I guess we have a winner. 16:36:09 (dont look now it doesn't do anything) 16:36:15 oh. 16:36:19 hehe 16:37:46 okay, nothing else from me on the BPs ;) 16:38:05 how about ferm? 16:38:06 ill ping the ML and channel later today or tomorrow once its ready to look at 16:38:17 clean and understandable syntax 16:39:04 kysse: ++ id say ferm is the most fleshed out of the firewalld/ufw similar things 16:39:41 Any more blueprint stuffage? cloudnull? 16:40:00 haven't heard of ferm til today! 16:40:01 * cloudnull is a bad person, didn't finish his spec and will be removing the hyperconverged bits. 16:40:23 interesting DSL 16:40:47 Ok cloudnull is a bad boy and we'll move on 16:40:49 cloudnull: sad panda :( 16:40:51 #topic Open discussion 16:40:58 there is always next season/cycle 16:41:11 ok so 16:41:14 debops has a pretty extensive ferm role that does a nice job of abstracting the ferm config into ansible var stuff, thats worth taking a look at for ideas 16:41:21 I never heard of ferm, interesting 16:42:18 im not sure whether its preferable to work with ferm or template out iptables-save output directly though. lots of options to look at :) 16:42:39 yeah, mhayden will have an interesting spike work :D 16:44:37 this ferm stuff does look more ansible/template friendly 16:44:55 Keep chatting just giving a 16 minute warning:) 16:45:18 one note - with the PTL announcements coming up next week, i wanted to say I will not be standing for PTL for Queens cycle - I think 2 terms is a good amount of time, and it's probably good time for somebody else to give it a go and bring a new perspective. 16:45:53 thanks andymccr for your PTLing! 16:46:22 thank you andymccr 16:46:46 yeah, thanks andymccr - you've done well to bring us more exposure to other projects, grow our legend and keep us being talked about 16:47:18 \o/ 16:47:25 yes thank you! 16:47:47 Thanks andymccr! 16:48:39 I guess you should officially email the list for those not here:( 16:50:29 spotz: perhaps :) 16:51:21 Or you could just run again... 16:52:00 haha i could - at least i will still be around of course ;P 16:52:25 that's good news :D 16:53:16 fyi i am on holidays for the next 2 weeks so don't be alarmed if you don't see any suse patches ;p 16:53:28 hwoarang: enjoy! 16:53:43 thank you sir 16:53:52 hwoarang: well earned :) enjoy 16:53:56 enjoy indeed! 16:54:16 of course that shoudn't stop you from merging my patches in the meantime :D 16:54:21 lol 16:59:20 :) 16:59:22 have a good vacation hwoarang 16:59:34 1 minute so I'm gonna go ahead and shut this down 16:59:36 have a great holiday hwoarang - well deserved! 16:59:40 #endmeeting