Hi Openstack-Helmers, Thank you for attending our 3 hours 2025.1 (Epoxy) PTG session. The session etherpad is here [0] and the following is the short summary. Items listed below are more or less sorted by their priority. ### Charts Agreed to fix the issue regarding overriding charts when publishing them with the same version. There must be a spec that clearly describes the workflow of how we are going to bump versions, build and publish charts. Items: - Migrate from Helm API v1 to Helm API v2 for Chart.yaml (including tracking dependencies in the Chart.yaml file instead of requirements.yaml) - Move overrides to a separate directory - Add CHANGELOG.md to every chart - Since we are using kubernetes-entrypoint [1] for orchestration, let's consider removing post-* hooks. This is going to make it easier to integrate with third party CI/CDs. - Let's consider switching to the same major version for all charts. If the subchart is changed the minor chart version must be bumped. ### Secrets Some upstream charts provide the possibility to refer to existing secrets. See for example [2]. This allows easy integration with various CI/CDs. We agreed to create a design spec and implement a similar pattern to make it possible for users to get sensitive info from external predeployed secrets. Also in some cases users would like to stick to third party projects when talking about Openstack backend like MariaDB and RabbitMQ. The spec must also describe the way how we are going to make OSH charts compatible with this. In case of Rook Ceph we use `ceph-adapter-rook` chart which takes care of creating secrets that are then consumed by the rest of charts. Probably the same approach can work for other cases. ### Images - We agreed to de-duplicate the image build code for Openstack images and switch to using Loci images. - Loci tries to go its own way using one Dockerfile for building all Openstack projects. This leads to having project/version specific parts in the build workflow that makes it harder for users to customise the build workflow. Let's be more straightforward here. There are examples like this [3] where per project Dockerfiles are used that utilize two base images for `python-venv-builder` and `python-runtime`. Let's consider adopting this approach. Agreed to prepare a spec for this. ### Gateway API, Ingress, NetworkPolicy, PodDisruptionBudget ... Gateway API is coming and is supposed to substitute the Ingress API. We agreed to prepare the design to support Gateway API. Also let's try to re-factor the way how the Openstack-Helm charts deploy Ingress objects and try to follow more common practices regarding this. Instead of having these two types of Ingresses cluster and namespace it is better to have a way for a user to define explicitly the list of Ingresses with their routes. Let's also use similar pattern for managing other optional K8s API obejects like NetworkPolicies and PodDisruptionBudget. It is better for users when they are able to define explicitly what they want to deploy instead of using hidden logic like what we have for managing Ingresses. Design spec is needed. ### Noble It is not clear at the moment whether Ceph will officially support Noble by 2025.1. So perhaps we'll be forced to build 2025.1 Jammy images. Anyway we are going to have two sets of test jobs with Jammy and Noble as a host OS. This is to make sure users can upgrade the host OS smothly. At the moment there are no volunteers to add support any other OS. ### Testing There are lots of test cases and having all these test jobs in the check pipeline not necessary. Instead we agreed to have a meta layer for tracking all these test cases and generate zuul jobs files programmatically. ### OceanBase OceanBase is a distributed database compatible with MariaDB. This is the blog post [4] about how it can be used with Openstack as the DB backend. The OceanBase team showed a demo during OpenInfra days in Asia in Sep/2024. We agreed that this use case can be interesting at least for some users so let's have a test job for this. [0] https://etherpad.opendev.org/p/oct2024-ptg-os-helm [1] https://github.com/airshipit/kubernetes-entrypoint.git [2] https://github.com/bitnami/charts/blob/f14d986d3713716a9b263075ac784ef749438... [3] https://github.com/vexxhost/atmosphere/tree/main/images [4] https://en.oceanbase.com/blog/13879352832 -- Best regards, Kozhukalov Vladimir