15:01:53 <portdirect> #startmeeting openstack-helm 15:01:54 <openstack> Meeting started Tue Jan 29 15:01:53 2019 UTC and is due to finish in 60 minutes. The chair is portdirect. Information about MeetBot at http://wiki.debian.org/MeetBot. 15:01:54 <mattmceuen> o/ 15:01:55 <openstack> Useful Commands: #action #agreed #help #info #idea #link #topic #startvote. 15:01:58 <openstack> The meeting name has been set to 'openstack_helm' 15:02:25 <portdirect> Agenda is here: https://etherpad.openstack.org/p/openstack-helm-meeting-2019-01-29 15:03:01 <portdirect> i'll give it until 5 past for the stragglers (ie even later than me ;) ) and any other burning topics to be added 15:03:11 <howell> o/ 15:03:47 <evrardjp> there is one topic I wanted to talk about but it's already on the agenda (image pushing), thanks portdirect! 15:04:07 <portdirect> evrardjp: :D 15:05:19 <portdirect> ok - lets go: 15:05:23 <portdirect> #topic Docs repo 15:05:48 <portdirect> last week we had a discussion about the work in getting the docs repo up and running 15:06:14 <portdirect> i hope it was helpful, it definitely helped me, so thanks jayahn and evrardjp :) 15:06:36 <portdirect> though we've not managed to get pen to paper (pen to git?) on this 15:07:05 <portdirect> im wondering if anyone would like to volunteer to get a ps up with an draft outline/toc? 15:07:46 <portdirect> i could make some time to do it this week, though as you all probably know by now, my grasp on the english language is tenuous at best 15:08:21 <evrardjp> haha 15:08:42 <evrardjp> ok I didn't really follow what's going on there in the docs repo, I am sorry 15:08:55 <evrardjp> it's been a hectic two weeks for me. 15:08:56 <portdirect> evrardjp: how do you do a vote on here? I'll try and make is simple ;) 15:09:19 <evrardjp> oh you mean with the bot? 15:09:23 <portdirect> yeah 15:09:25 <evrardjp> startvote 15:10:16 <evrardjp> you should probably explain the options first, then proceed to vote? 15:10:30 <portdirect> #startvote should portdirect attempt to write a toc for the docs repo, and accept his fate to be in review purgatory (+1, 0, -1) 15:10:31 <openstack> Unable to parse vote topic and options. 15:10:56 <portdirect> well that failed - but you get the point ;) 15:11:54 <mattmceuen> +1 WFM 15:12:13 <mattmceuen> farbeit for me to ask someone not to do work! 15:12:35 <roman_g> +1 15:13:26 <portdirect> ok - with that resounding backing I'll have a stab at it - dont say i didnt warn you guys ;) 15:13:35 <mattmceuen> lol 15:13:43 <portdirect> lets move on 15:13:46 <portdirect> #topic NoQA charts 15:14:27 <evrardjp> +1 15:14:33 <portdirect> so our gate coverage has reduced a bit in openstack-helm-infra - where we previously had 100% coverage 15:14:55 <portdirect> by no means was this coverage good, but we did at least attempt to deploy every chart in the repo 15:15:15 <portdirect> and this has decreased a bit in the last few weeks with some of our new additions 15:15:58 <portdirect> as this repo holds (what ee subjectively decree) critical infra for running a cloud using osh 15:16:04 <portdirect> its not the best look 15:16:47 <srwilkers> ++ 15:16:49 <portdirect> can we try and clean that up this week, and next week we can review - possibly moving things to osh-addons? 15:17:11 <evrardjp> that lgtm 15:17:48 <mattmceuen> for my chart: as discussed last week, planning to add. Doing it this week is a good plan, will try. :). 15:18:23 <portdirect> mattmceuen: thanks dude, though i dont think you are the only one ;) 15:18:43 <portdirect> ok to move on? 15:19:14 <portdirect> #topic Image Pushing 15:19:40 <portdirect> evrardjp: i saw some comments in irc - and noticed that image pushes do not seem to be happening atm 15:19:52 <evrardjp> yes 15:19:58 <portdirect> you ok to describe the current state of the art here? 15:20:05 <evrardjp> well two things 15:20:18 <evrardjp> 1) the current code 2) the state of the art 15:20:47 <evrardjp> So, for the current code (1), we are relying on a post pipeline to automatically push things 15:21:19 <evrardjp> sadly there seem to be a bug in push pipeline when a file trigger is used, which basically skips the current job of pushing the images 15:21:45 <evrardjp> I will explain the fixes after talking about the state of the art 15:21:50 <evrardjp> so... 15:22:02 <evrardjp> for the state of the art, nowadays there is a new kid in the block. Very new. 15:22:36 <evrardjp> This is a new pipeline, named "promote". 15:23:04 <evrardjp> By default, all the commits into osh-images would push a new image with a change id number 15:24:02 <evrardjp> then the promote pipeline doesn't have to run an image building once again (compared to the post which basically forces yet another build of an image). Instead it retags an image with what we want, and remove the old reference with a change id 15:25:11 <portdirect> oh - thats pretty nice 15:25:13 <evrardjp> the advantages of that pipeline is multiple: Faster (because no need to rebuild in post), scheduled faster (don't need to allocate nodes,as promote happens on the same node 15:25:32 <evrardjp> and the last advantage: it's already built by other people. 15:25:39 <portdirect> so the *same* image that was tested is the one that gets pushed 15:25:57 <portdirect> which was always a bit of a gap before with the post pattern. 15:25:59 <evrardjp> well that was always the case, because you were rebuilding 15:26:07 <evrardjp> in post 15:26:24 <evrardjp> the gap would be time between your code change and post 15:27:00 <evrardjp> but the code tested would be the same. but that's details, let's skip that for now 15:27:09 <evrardjp> problem of that: 15:27:23 <evrardjp> we need to be refactoring jobs, and our code, which I just did. 15:27:48 <evrardjp> I am not so sure we'll be able to be as granular as what we were. 15:28:00 <evrardjp> Anyway, I did a few patches to make that work for OSH 15:28:06 <evrardjp> so we could leverage it. 15:28:12 <evrardjp> question now is the following: 15:28:43 <evrardjp> should we fix the current code, and adapt post to be less surgical, OR adapt to latest state of the art 15:29:17 <evrardjp> I would tend to go to latter, but I need time. I am currently fighting fires, so I will probably require more time before doing htat. 15:29:25 <evrardjp> opinions? 15:29:47 <srwilkers> i'd prefer to use promote if possible 15:30:01 <evrardjp> ok 15:30:42 <portdirect> how much work is required for each option? 15:30:47 <evrardjp> if anyone wants to help there, I can point to what needs doing. Else wait that fights are extinguished 15:30:58 <evrardjp> first option is probably fastest. 15:31:13 <portdirect> days? weeks? 15:31:18 <evrardjp> but it means carrying our own code, and slower. 15:31:35 <portdirect> the reason for asking is that I'd like to help people getting running on healthchecks for non rest based services 15:31:37 <evrardjp> former is I'd say days, depending on how fast I get core reviews and iterations 15:31:46 <portdirect> and that requires building images with iptables in 15:32:04 <evrardjp> you can still build currently and manually upload 15:32:11 <portdirect> thats true 15:32:15 <evrardjp> it's just it's not automatically done 15:32:28 <portdirect> if no objection there i'll do that in the short term 15:32:41 <evrardjp> I think that's what was done in the past, and nobody complained 15:32:45 <portdirect> but like srwilkers lets move forward 15:32:49 <evrardjp> ok 15:33:10 <evrardjp> I have prioritized this work, but it's not highest prio. Will keep ppl informed in the chan 15:33:31 <evrardjp> That's all I have. 15:35:28 <portdirect> nice - thanks for all your work on this evrardjp 15:35:33 <mattmceuen> +1! 15:35:35 <portdirect> it really helps move the project forward 15:36:07 <portdirect> #topic Internal TLS 15:36:19 <portdirect> so im finally getting this moving again 15:36:34 <portdirect> ironicly it was how i 1st got interested in OSH :) 15:37:07 <portdirect> stage one of this has been cleaning up some htk functions: https://review.openstack.org/#/q/topic:hostname_short_endpoint_lookup+(status:open+OR+status:merged) 15:38:01 <portdirect> and over the next two weeks i hope to finish the work started here: https://review.openstack.org/#/c/597611/ 15:38:29 <portdirect> the plans not changed here: 15:38:47 <portdirect> we will support both 'bring your own certs' and 'bring your own ca' 15:39:10 <portdirect> in the latter case using sprig to create the required certs dynamicly 15:39:31 <portdirect> thats kinda all i got there - just wanted to raise it 15:39:54 <portdirect> and obviously i'll also get a set of gates in that exercise this 15:40:16 <portdirect> starting with rest services - then we can move onto mysql and rabbit 15:41:20 <srwilkers> and then all the LMA goodness -- that'll be fun 15:41:43 <mattmceuen> Woot portdirect - looking forward to this 15:41:47 <portdirect> yeah - so that makes me think of somthing that will make many people shudder 15:41:52 <mattmceuen> don't go losing interest in OSH after this is implemented :D 15:42:06 <portdirect> initially I'm gonna use eventlet to terminate connections internally 15:42:28 <portdirect> and once we have done what move to nginx to terminate as a sidecar 15:43:41 <evrardjp> wait what 15:43:51 <evrardjp> could you clarify this? 15:43:57 <portdirect> :) 15:44:37 <portdirect> yeah - in the 1st pass this will make use of eventlet/pecan etc for many services 15:44:59 <portdirect> and then quickly follow on to move to a more sane approach 15:45:07 <evrardjp> so you mean for putting some termination on the host for the API services 15:45:14 <evrardjp> mmm ok 15:45:16 <portdirect> in the pod 15:45:20 <evrardjp> yeah 15:45:28 <portdirect> thought that would perk your ears up evrardjp ;) 15:45:41 <portdirect> dont worry - its not the intended end state, just a stepping stone 15:45:51 <evrardjp> haha 15:46:10 <evrardjp> I know the "forever temporary" state 15:46:14 <evrardjp> I am just cautious 15:46:32 <portdirect> lol - trust me I wont let this be a long term thing 15:46:50 * evrardjp is marking those words :) 15:47:05 <portdirect> though being cadid - it may end up with things listening on localhost, and doing it 'crudely' 15:47:24 <portdirect> rather than a more socket etc 15:47:36 <portdirect> *more elegant 15:48:08 <portdirect> ok to move on? 15:48:38 <portdirect> #topic reviews needed please 15:49:28 <evrardjp> ok to move on 15:49:28 <portdirect> mattmceuen and dwalt could do with some help here: 15:49:32 <portdirect> Reviews: 15:49:32 <portdirect> https://review.openstack.org/632481 15:49:32 <portdirect> https://review.openstack.org/631349 15:49:47 <dwalt> much appreciated! 15:50:04 <evrardjp> About that topic, I am very sorry for the state I left OSH for the last two weeks, didn't review, didn't commit. That will be solved when fires are extinguished. 15:50:05 <portdirect> the 1st brings support to running minikube based tests behind the proxy - and looks great to me (not that im biased or anything) 15:50:22 <srwilkers> minikube work looks good to me 15:50:35 <portdirect> evrardjp: all good man - in the world of openstack the next fire is only a moment away :) 15:50:50 <evrardjp> haha 15:50:59 <evrardjp> mmm aptly, it's been a while! 15:51:08 <portdirect> and the 2nd adds an image for building a local deb repo - which is required for managing airgapped hosts 15:51:43 <portdirect> i expect airship will be the primary user of the mini-mirror - but they've written it to be a great general purpose tool 15:52:17 <portdirect> personally i think people should use ostree more, but whatever ;) 15:52:36 <portdirect> thats all i got this week really, lets open the floor 15:52:41 <portdirect> #topic parking lot 15:52:54 <portdirect> anything else people want to discuss? 15:53:20 <evrardjp> portdirect: general purpose with apt only :p 15:53:45 <srwilkers> not much -- there's a change i've got opened to move the multinode osh-infra job to periodic, but that's the only thing i could use some opinions on: https://review.openstack.org/#/c/632735/ 15:54:05 <portdirect> evrardjp: the door is open for rpm :) 15:54:06 <srwilkers> this moves us to a similar spot as openstack-helm, where we run the multinode jobs as periodics/experimentals 15:55:47 <portdirect> ok folks - lets get 5 mins back :) 15:55:51 <portdirect> #endmeeting