08:00:52 #startmeeting tacker 08:00:53 Meeting started Tue Jul 24 08:00:52 2018 UTC and is due to finish in 60 minutes. The chair is gongysh. Information about MeetBot at http://wiki.debian.org/MeetBot. 08:00:54 Useful Commands: #action #agreed #help #info #idea #link #topic #startvote. 08:00:56 The meeting name has been set to 'tacker' 08:01:07 #topic roll call 08:01:11 hi 08:01:13 Hi 08:03:04 o/ 08:03:13 dkushwaha, tpatil hi 08:03:35 hi 08:03:51 YanXingAn, helo 08:04:00 phuoc_ hi 08:04:04 hi 08:04:17 hi 08:04:21 YanXingAn, Li_Jiale is here? 08:04:37 joxyuki, helo 08:05:25 #topic bp 08:05:29 https://review.openstack.org/#/c/579724/ 08:05:29 patch 579724 - tacker - Support shared vim for policy action execution 08:05:51 dkushwaha, have time to test it? 08:06:18 gongysh, yea, i am testing it, and still getting KeyManagerError 08:06:24 on lattest patch too 08:06:35 hi 08:06:35 dkushwaha, thanks 08:07:02 we are closing to cut the rocky branch 08:07:27 so Li_Jiale , we should work moonnights. 08:07:37 :) 08:07:39 add admin role to tacker user , 08:07:43 it work fine. 08:08:24 @gongysh 08:08:36 @dkushwaha 08:09:23 dkushwaha_: you can test it again 08:10:41 ok 08:11:04 Li_Jiale: http://paste.openstack.org/show/726503/ 08:13:38 reason is : tacker has no admin role. 08:14:07 so occur this error. 08:14:25 now fixed it . 08:15:00 Li_Jiale: I source it with admin role 08:16:33 gongysh, dhushwaha_, we should consider whether it's suitable to add "admin" role to the "tacker" service account. 08:17:39 Li_Jiale, what is project castellan you are introducing? 08:19:09 currently, heat, placement, mistral, barbican, swift, and nova has admin role. 08:20:08 gongysh: 08:20:08 Castellan is the library of Barbican, working on the principle of providing 08:20:08 an abstracted key manager based on the configurations. In this manner, 08:20:08 several different management services can be supported through a single 08:20:08 interface. In addition to the key manager, Castellan also provides primitives 08:20:09 for various types of secrets (for example, asymmetric keys,simple 08:20:09 passphrases, and certificates). These primitives are used in conjunction 08:20:10 with the key manager to create, store, retrieve, and destroy managed secrets. 08:20:36 Li_Jiale, ok 08:20:55 YanXing_an: I am not seeing any issue with assigning admin role to service account. 08:21:23 Li_Jiale, CONF.vim_keys.all_vims_shared 08:21:42 where is the all_vims_shared configure item defined? 08:21:53 dkushwaha_, ok, thanks 08:23:10 all_vims_shared was deleted. 08:23:10 don't want it any more. 08:23:21 @gongysh 08:23:44 so the patch is still buggy? 08:23:51 :) 08:24:51 https://review.openstack.org/#/c/579620/1 08:24:52 patch 579620 - tacker-specs - Support shared vim for policy action execution 08:24:58 please update the spec too. 08:25:44 sorry , i will update it. 08:25:59 Li_Jiale: if the latest patch working fine, could you please let me know the steps(after this meeting is also fine) how you tested it. I would like to test it again. 08:28:07 dkushwaha: ok , after meeting, talk about it in tacker channal. 08:28:19 Li_Jiale: Thanks 08:28:21 any reply to dkushwaha_ ? 08:28:27 ok 08:28:28 https://review.openstack.org/#/c/570845/ 08:28:29 patch 570845 - tacker - Add placement policies support 08:28:55 gongysh: thank you for approving our specs 08:28:55 policy patch, dkushwaha_ has gived +1, said a failed test case by him. 08:29:02 Li_Jiale, you can update doc/source/contributor/encrypt_vim_auth_with_barbican.rst with new steps. 08:29:19 https://review.openstack.org/#/c/578170/ 08:29:20 patch 578170 - tacker - WIP: Add multinode jobs 08:29:43 I have confirmed multinode job is working as expected. I have verified instances are booted on the compute node 08:30:00 tpatil, a big step forward. 08:30:19 Should I add a new multinode job along the existing one in the above patch? 08:30:21 tpatil, what is the blocker now? 08:30:33 IMO, nothing 08:30:34 no need for single node. 08:31:08 I have written one functional test to verify VNF with anti-affinity fails on single compute node. 08:31:45 If that test is needed ,we need single node. 08:32:14 I'm talking about "test_vnf_with_placement_policy_anti_affinity_on_single_comp_node" functional test 08:33:40 tpatil, you can start a three vdu vnf with two node env. 08:33:51 to test strict anti-affinity 08:33:57 gongysh: tpatil I tested the patch on my single node env with singleconductor and seeing no issue for affinity and anti-affinity. But not sure about the behaviour of soft-affinity (as commented on patch too). 08:34:40 so we can remove single node job to avoid a long time CI for each code patch. 08:35:22 gongysh: Ok, I can add this new test in my next patch 08:35:42 tpatil, thanks for the multi node ci job. 08:36:35 hope we can merge the ci job and policy patch next week. 08:36:46 #topic open discussion 08:36:55 any thing to talk? 08:37:01 gongysh: Yes, I will upload all necessary changes by tomorrow my time 08:37:14 by the way, I have released python-tackerclient. 08:37:42 gongysh: https://review.openstack.org/#/c/583795/ is it just a testing and "not to merge" patch ? 08:37:43 patch 583795 - tacker - [NOT MERGE]test to run ansible playbook on multi n... 08:38:43 dkushwaha_, I want to run a multi node env: first install target two node openstack via kolla-ansible, and then install tacker system by devstack. 08:39:22 this way, the CI jobs are more like our true deployment. 08:40:21 later, I am planning to install a target k8s two. 08:41:01 so we will have one three node k8s and one two-node opoenstack, and a destack tacker system. at CI job. 08:41:52 gongysh: I see 08:42:47 gongysh: i think, in this patch functional tests jobs are removed from there 08:43:07 dkushwaha_, it is still in infancy. 08:43:27 later, the functional tests will be enalbed. 08:43:45 I have assigned my colleague to do it. 08:44:00 gongysh: ok got it 08:45:14 anything else? 08:45:19 YanXing_an, hi 08:45:21 phuoc_ ? 08:45:46 gongysh: https://review.openstack.org/#/c/572728/ I responded on your comment 08:45:47 I fix some bugs in NS 08:45:47 patch 572728 - tacker - Correct error handling for PENDING_DELETE VNFs. 08:46:07 I tried to finish some bugs soon 08:47:00 https://review.openstack.org/#/c/572728/ 08:47:01 patch 572728 - tacker - Correct error handling for PENDING_DELETE VNFs. 08:47:12 what do you think of it? YanXing_an , phuoc_ ? 08:47:50 I think we should prevent users can't delete resources in some special cases 08:47:59 but let them do it with force 08:48:51 dkushwaha_. so please register a bp for user to forcly delete the resources. 08:48:52 phuoc_: +1, we needs to introduce force delete for that 08:49:08 gongysh: sure 08:49:19 gongysh, agree with phuoc_, we need force delete IMO 08:49:27 dkushwaha_, add reno note for this patch too. 08:50:06 gongysh: ok 08:51:26 this week, we must freeze feature code. I don't think I can put off it any longer. 08:51:41 thanks 08:52:03 gongysh: What is last date? 08:52:21 Just a quick reminder that this week is a big one for deadlines. 08:52:23 This Thursday, July 26, is our scheduled deadline for feature freeze, soft 08:52:23 string freeze, client library freeze, and requirements freeze. 08:52:35 this is from release team. 08:53:09 gongysh: ok 08:53:28 #endmeeting