-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 OK, I went forward and requested a revert for the patch [1]. Also, I've updated release notes for 2014.1.3 [2] that is the first and only released Icehouse version that included the patch with the following text: "* A new runtime dependency on conntrack-tools in L3 agent sneaked in the release. This is an issue for at least one of target distributions for Icehouse (specifically, RHEL6/RHEL7), so a revert for the patch that introduced the dependency was requested: https://review.openstack.org/#/c/132052/ Packagers of 2014.1.3 release are left with dilemma: either they also revert the patch in their downstream packages, or they introduce a new runtime conntrack-tools dependency for Neutron L3 agent." I think that's all we can do to mitigate the problem. [1]: https://review.openstack.org/#/c/132052/ [2]: https://wiki.openstack.org/wiki/ReleaseNotes/2014.1.3 /Ihar On 30/10/14 16:32, Miguel Angel Ajo Pelayo wrote:
+1 for revert.
----- Original Message -----
On Thu, Oct 30, 2014 at 8:15 AM, Ihar Hrachyshka <ihrachys@redhat.com> wrote: Hi all,
it seems that we've missed a new runtime dependency being backported recently into Icehouse. The patch is [1], and it introduced conntrack-tools dependency for L3 agent. This turned out as a problem for existing distributions, specifically RHOSP5 [2] which is built for both RHEL6 and RHEL7. In case of RHEL7, conntrack-tools is not available neither in base OS repos nor in RHOSP5 specific ones. So Red Hat will need to import the package into RHOSP5 repos. That's not convenient but doable. The problem starts when you consider importing the package for RHEL6 too. It may turn out that some support from kernel may be missing (we're going to check that in the very near future).
If RHEL6 conntrack-tools won't play nice, we'll be forced to patch the fix out for the platform. I wonder whether we'll consider reverting the patch in upstream if that's the case?
It seems to me that this should be reverted based on the information you've provided. This shouldn't have been merged given it pulls in this new runtime dependency, which may also pull in new kernel dependencies. I don't see any other way around this other than to revert the change.
So my general point is that we should pay more attention to those kind of runtime dependencies sneaking into stable branches, because it may result in huge problems in downstream.
Also, consider this email as a heads-up for other distributions. Should we update release notes for the latest release to include that info?
[1]: https://review.openstack.org/#/c/124375/ [2]: https://bugzilla.redhat.com/show_bug.cgi?id=1158871
/Ihar
_______________________________________________ Openstack-stable-maint mailing list Openstack-stable-maint@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-stable-maint
Openstack-stable-maint mailing list Openstack-stable-maint@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-stable-maint
-----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.22 (Darwin)
iQEcBAEBCgAGBQJUUl5tAAoJEC5aWaUY1u579DIH/R3f1uBqCXjRVbiDPyKUHhYt CAiIbfhEa098ZMy/PhCIvPGWPIxWumG73ePGcnCsqRFlIdTfgs2kTDODGWLdVmDR T1bVfI6RSZ6j74p1qfa9UT7GtRQwi4AtCwD1nnuYHtudYuKyRbDfp8UYN0JTSVf+ HNbBufmTMqwpAkLPo0XFZrkpNYZeHyPKHAQd1jSYo+wKaSpKK2Xam7IFQQ/xhqxT dBAcpume/nQY/V6/wco9u5QYgFkyiiNutynocpym4RPk5TvmmPmcyDLQV4TxCIu7 ytJ4ul3iC6sP1O3v4JD9PdfqciCjb/yeF4qJwEI/16wmWRDmLwqnOOfCkb9Bu04= =C/yD -----END PGP SIGNATURE-----