| openstackgerrit | PRATEEK REDDY DODDA proposed airship/promenade master: Coredns: Add pod/container security context https://review.opendev.org/664662 | 00:20 |
|---|---|---|
| openstackgerrit | Rahul Khiyani proposed airship/promenade master: ETCD: Add pod/container security context https://review.opendev.org/662334 | 00:25 |
| *** AlexNoskov has quit IRC | 01:23 | |
| *** happyhemant has quit IRC | 01:28 | |
| *** michael-beaver has joined #airshipit | 01:38 | |
| openstackgerrit | Rahul Khiyani proposed airship/promenade master: ETCD: Add pod/container security context https://review.opendev.org/662334 | 01:58 |
| openstackgerrit | Rahul Khiyani proposed airship/promenade master: ETCD: Add pod/container security context https://review.opendev.org/662334 | 02:01 |
| *** jamesgu has quit IRC | 02:12 | |
| *** licanwei has joined #airshipit | 02:13 | |
| *** cheng1 has quit IRC | 02:51 | |
| openstackgerrit | PRATEEK REDDY DODDA proposed airship/promenade master: Coredns: Add pod/container security context https://review.opendev.org/664662 | 02:53 |
| *** cheng1 has joined #airshipit | 02:53 | |
| *** KeithMnemonic has quit IRC | 03:08 | |
| *** cheng1 has quit IRC | 03:20 | |
| *** cheng1 has joined #airshipit | 03:25 | |
| *** michael-beaver has quit IRC | 03:48 | |
| *** nishantkr has quit IRC | 04:12 | |
| openstackgerrit | PRATEEK REDDY DODDA proposed airship/promenade master: Coredns: Add pod/container security context https://review.opendev.org/664662 | 04:58 |
| *** pgaxatte has joined #airshipit | 06:49 | |
| *** mikkos has joined #airshipit | 07:00 | |
| *** ianychoi has joined #airshipit | 07:02 | |
| mikkos | https://etherpad.openstack.org/p/Airship_OpenDesignDiscussions/timeslider#17477 has not latin alphabets | 07:03 |
| *** kskels has quit IRC | 07:22 | |
| *** lemko has joined #airshipit | 07:58 | |
| *** gkadam has joined #airshipit | 08:16 | |
| *** gkadam has quit IRC | 08:17 | |
| *** mikkos has quit IRC | 08:42 | |
| *** mikkos has joined #airshipit | 08:43 | |
| *** viktor_t has quit IRC | 08:59 | |
| *** viktor_t has joined #airshipit | 09:15 | |
| *** mikkos has quit IRC | 09:26 | |
| *** mikkos has joined #airshipit | 09:27 | |
| *** mikkos has quit IRC | 09:40 | |
| *** mikkos has joined #airshipit | 09:42 | |
| *** mikkos has quit IRC | 10:04 | |
| *** mikkos has joined #airshipit | 10:06 | |
| *** obravo has joined #airshipit | 10:13 | |
| *** viktor_t has quit IRC | 10:30 | |
| *** sthussey has quit IRC | 10:40 | |
| *** viktor_t has joined #airshipit | 10:43 | |
| *** mikkos has quit IRC | 11:00 | |
| *** mikkos has joined #airshipit | 11:01 | |
| *** mikkos has quit IRC | 11:13 | |
| *** mikkos has joined #airshipit | 11:15 | |
| *** arunkant has quit IRC | 11:59 | |
| *** arunkant has joined #airshipit | 12:00 | |
| *** mikkos has quit IRC | 12:34 | |
| *** mikkos has joined #airshipit | 12:36 | |
| *** aaronsheffield has joined #airshipit | 12:56 | |
| *** howell has joined #airshipit | 13:10 | |
| *** roman_g has joined #airshipit | 13:19 | |
| *** mikkos has quit IRC | 13:43 | |
| *** amalrajgenocidex has joined #airshipit | 13:59 | |
| *** pkaralis has quit IRC | 14:01 | |
| amalrajgenocidex | Hi, I'm deplying airship airsloop and got below error on step "tools/airship shipyard commit configdocs" | 14:01 |
| amalrajgenocidex | Reason: Validation - Error: Required substitution source document [deckhand/CertificateAuthority/v1] kubernetes was not found, yet is referenced by [armada/Chart/v1] kubernetes-proxy | 14:01 |
| amalrajgenocidex | Any idea? | 14:01 |
| *** viktor_t has quit IRC | 14:05 | |
| *** nishantkr has joined #airshipit | 14:08 | |
| evgenyl | amalrajgenocidex: Hi, `[armada/Chart/v1] kubernetes-proxy` manifest, references a Certificate `[deckhand/CertificateAuthority/v1]` which does not exist in your site directory. | 14:10 |
| amalrajgenocidex | How to generate it? | 14:12 |
| *** sreejithp has joined #airshipit | 14:17 | |
| amalrajgenocidex | Yes, I did. | 14:22 |
| amalrajgenocidex | I exported username and password and then ran the collect script | 14:22 |
| amalrajgenocidex | Anything else needs to be done before that? | 14:22 |
| *** kskels has joined #airshipit | 14:24 | |
| evgenyl | After you generate the certificates using promenade, you need to copy those to collected and site directories: https://airship-treasuremap.readthedocs.io/en/latest/authoring_and_deployment.html#building-the-promenade-bundle | 14:27 |
| openstackgerrit | Ian Pittwood proposed airship/pegleg master: Upgrade Promade dependency https://review.opendev.org/665149 | 14:29 |
| openstackgerrit | Ian Pittwood proposed airship/pegleg master: Upgrade Promenade dependency https://review.opendev.org/665149 | 14:31 |
| amalrajgenocidex | @evgenyl Does this needs to be done before implementing genesis node? | 14:32 |
| amalrajgenocidex | I completed genesis node installation without copying promenade and genesis node setup went without any issues | 14:33 |
| amalrajgenocidex | FYI, I'm setting up airsloop not seaworthy | 14:35 |
| kskels | yeah - when you are pushing the documents into shipyard (including certificates) - they need to match the ones with promenade (as they are used for k8s) | 14:36 |
| kskels | meaning if you will generate a new set of certs - they will be failing to join the cluster | 14:36 |
| kskels | I will take a note to add this part more clearly in airsloop docs - people have been stumbling upon this one multiple times now | 14:37 |
| kskels | generating certs should always be 1x thing | 14:37 |
| kskels | as later you may want to update the site, etc as well | 14:37 |
| kskels | if you are going to re-install genesis - there is a Promenade cleanup script you can use to wipe the node | 14:42 |
| kskels | https://github.com/airshipit/promenade/blob/master/tools/cleanup.sh | 14:42 |
| kskels | 'sudo promenade/tools/cleanup.sh -f' will completely remove all k8s things | 14:42 |
| kskels | due to ceph mounts, etc - it will hang in the middle and you will need to hard reboot the server and run the script 2nd time to fully clean the server | 14:43 |
| amalrajgenocidex | Thank you kskels for detailed explanation. I did try cleanup yesteday and I wanted to reboot, thought it was my issue | 14:53 |
| kskels | yeah - you will need to hard reboot it via iDRAC/iLO else it will hang | 14:55 |
| amalrajgenocidex | Is there any other doc with you that explain steps to install airsloop? Going back and forth on deployment site and airsloop site for commands is very confusing. | 14:55 |
| kskels | Airsloop is really the same as any regular site | 14:55 |
| kskels | just configuration is a little more streamlined for small deployment | 14:55 |
| openstackgerrit | Ian Pittwood proposed airship/pegleg master: Upgrade Promenade dependency https://review.opendev.org/665149 | 14:56 |
| kskels | so going back and forth is kind a in your favor later when you will install more full HA sites and get general concepts of site deployment | 14:56 |
| kskels | the cleanup.sh is more of a unofficial tools in a way - as normally you would need to simply re-install ubuntu to make it clean | 14:56 |
| kskels | there is https://github.com/airshipit/treasuremap/blob/master/tools/gate/Jenkinsfile | 14:56 |
| amalrajgenocidex | Ok. I understand. Let me restart the installation once again :) | 14:57 |
| kskels | can be a good guidance of what pipeline does to re-deploy the site over and over again | 14:57 |
| kskels | and final detail | 14:57 |
| kskels | also clean your OSD disks | 14:57 |
| kskels | https://github.com/airshipit/treasuremap/blob/master/tools/gate/Jenkinsfile#L172 | 14:57 |
| kskels | oh never mind - it's not relevant for airsloop :) | 14:57 |
| kskels | ..as we only use 1 root disk for everything in simplified case | 14:58 |
| amalrajgenocidex | Ok. Thanks kskels. You are a life saver :) | 14:59 |
| *** sthussey has joined #airshipit | 15:02 | |
| *** pgaxatte has quit IRC | 15:36 | |
| *** jsun3 has quit IRC | 16:24 | |
| openstackgerrit | Merged airship/pegleg master: Upgrade Promenade dependency https://review.opendev.org/665149 | 16:33 |
| openstackgerrit | Ian Pittwood proposed airship/pegleg master: [WIP] Implement PBR for Pegleg https://review.opendev.org/665171 | 16:36 |
| *** lemko has quit IRC | 16:47 | |
| openstackgerrit | Alexander Hughes proposed airship/pegleg master: Requests Dependency Error https://review.opendev.org/664969 | 16:51 |
| openstackgerrit | Evgeniy L proposed airship/treasuremap master: [aiab] Add a site linting gate to Zuul https://review.opendev.org/665007 | 16:54 |
| *** obravo has quit IRC | 16:55 | |
| *** amalrajgenocidex has quit IRC | 17:03 | |
| *** AlexNoskov has joined #airshipit | 17:09 | |
| openstackgerrit | Evgeniy L proposed airship/treasuremap master: [aiab] Add a site linting gate to Zuul https://review.opendev.org/665007 | 17:18 |
| openstackgerrit | Evgeniy L proposed airship/treasuremap master: [aiab] Add a site linting gate to Zuul https://review.opendev.org/665007 | 17:20 |
| openstackgerrit | Evgeniy L proposed airship/treasuremap master: [aiab] Add a site linting gate to Zuul https://review.opendev.org/665007 | 17:30 |
| openstackgerrit | Evgeniy L proposed airship/treasuremap master: Remove pegleg clone from Zuul lint jobs https://review.opendev.org/665190 | 17:48 |
| openstackgerrit | Michael Beaver proposed airship/treasuremap master: Uplift Promenade https://review.opendev.org/664704 | 18:02 |
| *** ianychoi has quit IRC | 18:13 | |
| *** arunkant has quit IRC | 18:16 | |
| openstackgerrit | Nishant Kumar proposed airship/promenade master: [FIX] set correct key for Controller manager DS upgrade https://review.opendev.org/665203 | 18:17 |
| openstackgerrit | Michael Beaver proposed airship/deckhand master: Remove required-projects from Airskiff gate https://review.opendev.org/664394 | 18:18 |
| *** michael-beaver has joined #airshipit | 18:23 | |
| *** MattCoachCarter has joined #airshipit | 18:23 | |
| openstackgerrit | Kaspars Skels proposed airship/treasuremap master: Revert ingress before emptydirs fix https://review.opendev.org/665206 | 18:31 |
| openstackgerrit | Kaspars Skels proposed airship/treasuremap master: Revert ingress/ceph-rgw before emptydirs fix https://review.opendev.org/665206 | 18:39 |
| *** amalrajgenocidex has joined #airshipit | 19:15 | |
| amalrajgenocidex | Hi | 19:15 |
| amalrajgenocidex | Which command should I use to generate certificates for airsloop? One in airsloop doc or the one in global site deployment? | 19:16 |
| openstackgerrit | chinasubbareddy mallavarapu proposed airship/treasuremap master: [CEPH] uplift charts and enable helm tests https://review.opendev.org/665219 | 19:17 |
| evgenyl | amalrajgenocidex: I would recommend using `tools/airship promenade generate-certs ...` for that, make sure to copy the certificates to your site directory after you generate those. | 19:22 |
| amalrajgenocidex | @evgenyl I need to delete the existing certificate file inside "site/airsloop/secrets/certificates/certificates.yaml", right? | 19:25 |
| evgenyl | amalrajgenocidex: Yep, those are just defaults that need to be replaced. | 19:26 |
| amalrajgenocidex | I'm getting a lot of warning when generating the certificate after deleting the default one's | 19:26 |
| amalrajgenocidex | 2019-06-13 19:26:06,554 WARNING req_id=- ctx=- end_user=- user=- deckhand.engine.secrets_manager:secrets_manager.py:337:substitute_all Could not find substitution source document [deckhand/CertificateKey/v1] kubernetes-etcd-genesis among the provided substitution sources. | 19:26 |
| evgenyl | amalrajgenocidex: I also have seen these warnings, they didn't affect the deployment in my case. | 19:28 |
| amalrajgenocidex | Thank you, evgenyl. After moving the certificates to the right location. Which command should I run next to collect with new certificate? | 19:36 |
| amalrajgenocidex | One in airsloop page or one in airship common deployment doc? | 19:37 |
| evgenyl | amalrajgenocidex: Use the commands from airsloop documentation, the ones in site authoring guide will work, however they require some additional configuration (specifying correct versions of images) and this document needs to be updated to use tools/airsloop wrapper, which uses the correct versions automatically. | 19:39 |
| amalrajgenocidex | Ok, So I don't need to run any commands like ' simple-deployment.sh' or scripts from repo 'airship-pegleg', right? | 19:45 |
| openstackgerrit | Ian Pittwood proposed airship/spyglass-plugin-xls master: [WIP] Implements data objects in excel extractor https://review.opendev.org/662093 | 19:45 |
| amalrajgenocidex | 1. Edit all the files 2. Run these 3 commands tools/airship pegleg site -r /target collect airsloop -s collect tools/airship promenade generate-certs -o /target/certs /target/collect/*.yaml tools/airship promenade build-all -o /target/bundle /target/collect/*.yaml /target/certs/*.yaml 3. Copy genesis.sh script to control server and run it??? | 19:46 |
| amalrajgenocidex | These is all I'm required to do, right? | 19:47 |
| kskels | yes | 19:50 |
| evgenyl | amalrajgenocidex: Yes, looks correct, however I'm not sure if the usage of `*` is correct in the documentation, it will be unwrapped before it would be passed to `docker run`, you may have to specify these few files explicitly. | 19:50 |
| kskels | * works ok for me :) | 19:50 |
| kskels | so I think it should be OK | 19:50 |
| evgenyl | Alright :) | 19:51 |
| kskels | I feel like long term we need to make the cert gen as seperate stage in the instructions | 19:51 |
| amalrajgenocidex | Yes, * worked for me too and genesis worked properly last time | 19:51 |
| kskels | as generally we want to generate them 1x and then keep re-collecting with the old certs especially when doing updates | 19:51 |
| kskels | but it still OK as you have it | 19:52 |
| openstackgerrit | Evgeniy L proposed airship/treasuremap master: [wip] Uplift PostgreSQL https://review.opendev.org/665228 | 19:54 |
| amalrajgenocidex | I know I have become a lot annoying, so one final doubt. Why should I move the certificates back to site/airsloop/secrets/certificate/ ?? We are not using it again anywhere in airsloop implementation | 19:56 |
| amalrajgenocidex | We are directly generating genesis.sh using the this script, right? tools/airship promenade build-all -o /target/bundle /target/collect/*.yaml /target/certs/*.yaml | 19:56 |
| kskels | right | 19:58 |
| evgenyl | amalrajgenocidex: No worries, feel free to ask as many question as you have. If you want to manage your cluster afterwards, you want to have the certificates to be stored somewhere withing your site, this way you can change the charts configuration -> run collect -> push manifests to the site (using shipyard) and rerun the deployment. | 19:58 |
| kskels | and in future do site updates, if needed, etc | 19:59 |
| kskels | for 1 time deployment - you are right - you don't really need to save these certs. | 19:59 |
| evgenyl | Yep, it is mostly for the site maintenance. | 19:59 |
| kskels | also you will see later - once the genesis is up you are following with shipyard deployment | 20:00 |
| kskels | at that time - you are pushigng site YAMLs into shipyard and deploying rest of the site (in airsloop case only 1 or more compute nodes) | 20:01 |
| kskels | but in full HA - you would push in YAMLs and deploy your entire cluster - and later manage it | 20:01 |
| amalrajgenocidex | You guys are cool!!! Thank you for the detailed explanation. | 20:02 |
| amalrajgenocidex | I'm running the genesis script once again. Hope the shipyard create goes without errors this time :) | 20:03 |
| kskels | awesome! getting genesis up fully is more then 1/2 of work to get airsloop installed | 20:04 |
| kskels | next steps will be to make sure your PXE networking and host profile is correct for compute node deployment, etc | 20:04 |
| kskels | so that MAAS/drydock can bootstrap the compute and get it deployed | 20:04 |
| kskels | (also, feel free to comment on doc gaps you see - so we can improve) | 20:05 |
| amalrajgenocidex | Sure. :). I will also try to create a detailed doc of airsloop once it is up and running for me | 20:08 |
| *** amalrajgenocidex has quit IRC | 20:12 | |
| openstackgerrit | Evgeniy L proposed airship/treasuremap master: [wip] Uplift PostgreSQL https://review.opendev.org/665228 | 20:18 |
| openstackgerrit | Evgeniy L proposed airship/treasuremap master: [wip] Uplift PostgreSQL https://review.opendev.org/665228 | 20:19 |
| openstackgerrit | Alexander Noskov proposed airship/promenade master: WIP https://review.opendev.org/652678 | 20:26 |
| *** MattCoachCarter has quit IRC | 21:13 | |
| *** howell has quit IRC | 21:33 | |
| openstackgerrit | Ian Pittwood proposed airship/spyglass master: [WIP] Implements data object models https://review.opendev.org/662092 | 21:36 |
| *** sreejithp has quit IRC | 21:43 | |
| *** aaronsheffield has quit IRC | 22:45 | |
| *** sthussey has quit IRC | 23:48 | |
Generated by irclog2html.py 2.15.3 by Marius Gedminas - find it at mg.pov.lt!