15:00:47 <noonedeadpunk> #startmeeting openstack_ansible_meeting 15:00:47 <opendevmeet> Meeting started Tue Feb 11 15:00:47 2025 UTC and is due to finish in 60 minutes. The chair is noonedeadpunk. Information about MeetBot at http://wiki.debian.org/MeetBot. 15:00:47 <opendevmeet> Useful Commands: #action #agreed #help #info #idea #link #topic #startvote. 15:00:47 <opendevmeet> The meeting name has been set to 'openstack_ansible_meeting' 15:00:50 <noonedeadpunk> #topic rollcall 15:00:52 <noonedeadpunk> o/ 15:02:12 <damiandabrowski> hi! 15:04:37 <noonedeadpunk> #topic office hours 15:05:04 <noonedeadpunk> first I have a question - are there any volunteers to run to PTL for the next cycle?:) 15:05:14 <noonedeadpunk> *run for 15:05:54 <jrosser> o/ hello 15:07:10 <noonedeadpunk> also - looking at https://governance.openstack.org/election/ - this looks very scary 15:07:43 <noonedeadpunk> There're just no RH people there? 15:08:23 <spatel> noonedeadpunk fyi, - ovn-nbctl set ha_chassis 97077f76-46ae-4e15-9502-24fdb4ad0214 priority=32750 15:09:05 <noonedeadpunk> there's a whole week ofc for nominations... 15:10:13 <NeilHanlon> o/ 15:11:26 <damiandabrowski> btw i have some good news, i finally started work on hashicorp vault integration for ansible-role-pki so you can expect some patches soon ;) 15:12:04 <noonedeadpunk> ok, so seems no other volunteers :) 15:12:19 <NeilHanlon> I can't see myself having the time to dedicate to it at this time, sadly 15:12:26 <NeilHanlon> but I am more than happy to assist you! :D 15:12:39 <noonedeadpunk> damiandabrowski: just don't forget about adding a new molecule scenario for testing that :) 15:14:01 <noonedeadpunk> I'm in general feel super concerned about more and more rumors about RH pulling back from openstack... and somehow the election looks like proving the point in a way 15:14:29 <NeilHanlon> Yeah, it definitely "feels" a sort of way. 15:14:53 <NeilHanlon> Including the call for maintaining RDO packaging, the C10S CI issues re: x86-v3... etc 15:15:04 <noonedeadpunk> yup 15:15:45 <NeilHanlon> Don't get me wrong, I think having the community more involved is good, but there is certainly a lot of work that RH is/was doing that I don't know if is fully picked up by others atm. 15:15:51 <noonedeadpunk> and then a call from foundation to move things under linuxfoundation 15:16:30 <noonedeadpunk> yeah, exactly, it would totally require quite some time to re-format things 15:17:25 <NeilHanlon> and then e.g. https://www.redhat.com/en/blog/evolving-our-middleware-strategy 15:18:21 <NeilHanlon> at the same time it's weird as OS has had great success the last year winning marketshare from Broadcom/VMWare, so.. 🤷 15:18:59 <noonedeadpunk> yeah, exactly, timeing also doesn't make much sense to me personally. Obviously, they're prioritizing openshift... But dunno 15:19:17 <noonedeadpunk> they put 2y into openstack on openshift project as well 15:20:36 <NeilHanlon> It does appear we're at a bit of an inflection point in the industry/world... 15:21:51 <noonedeadpunk> oh, yes, true... 15:22:14 <noonedeadpunk> anyway... 15:22:41 <noonedeadpunk> so, right now we have multiple issues with molecule tests 15:23:20 <noonedeadpunk> for plugins repo there's an apparmor issue for centos9 solely (doesn't affect rocky) which needs to be investigated 15:23:37 <noonedeadpunk> or, we can use centos9 node for running them, as alternative 15:23:48 <jrosser> i have not had time to look further at this yet 15:23:56 <NeilHanlon> apparmor ? on.. centos? 15:24:11 <noonedeadpunk> apparmor on host, where docker with centos 15:24:14 <jrosser> but likely stracing the sshd process and seeing what it does that upsets apparmor would be a next step 15:24:14 <NeilHanlon> ahh 15:24:59 <noonedeadpunk> another thing that `openstack-ansible-inventory` console_script doesn't work with py3.12 anymore: https://opendev.org/openstack/openstack-ansible/src/branch/master/setup.cfg#L30-L31 15:25:05 <jrosser> i suspect that there is some pam config can be adjusted, but kind of just guessing 15:25:54 <noonedeadpunk> I didn't have time to check either 15:26:25 <NeilHanlon> fwiw https://gitlab.com/redhat/centos-stream/rpms/openssh/-/blob/c9s/openssh.spec?ref_type=heads#L816-822 this is the changelog delta between Rocky 9 and C9S 15:27:29 <jrosser> this is what fails `unix_chkpwd[578]: could not obtain user info (root)` 15:31:20 <NeilHanlon> odd 15:32:10 <jrosser> it wants dac_override capability but apparmor denies that 15:32:34 <jrosser> and its odd becasue rocky doesnt do this 15:32:45 <jrosser> ^ rocky container on ubuntu noble host 15:32:56 <jrosser> but the centos container on a jammy host is just fine 15:39:24 <noonedeadpunk> it is indeed very weird 15:39:34 <NeilHanlon> super strange yeah 15:39:50 <noonedeadpunk> and I think there's another issue (but I think related) with sudo and in another patch 15:39:53 <noonedeadpunk> I think it's frr 15:40:06 <NeilHanlon> i wonder if related https://github.com/rocky-linux/sig-cloud-instance-images/issues/56 15:40:07 <noonedeadpunk> but I can imagine, it has the same root cause 15:41:58 <noonedeadpunk> What I wanted to test and check this week - how well ansible-lint autofix works wrt FQCNs 15:42:15 <noonedeadpunk> as potentially I can quickly automate migration to usage of FQCNs 15:42:28 <jrosser> that github issue looks extremely related 15:42:35 <noonedeadpunk> ++ 15:44:45 <noonedeadpunk> but other then that, it feels I have to spend most of the time this week dowstream 16:13:47 <noonedeadpunk> #endmeeting