Tuesday, 2016-02-02

« Monday, 2016-02-01 Index Wednesday, 2016-02-03 »
*** retreved has quit IRC00:04
*** olivier427 has joined #openstack-ansible00:06
*** skamithi has joined #openstack-ansible00:24
*** pegmanm_ has joined #openstack-ansible00:29
*** raddaoui has quit IRC00:30
*** pegmanm has quit IRC00:31
*** jthorne has joined #openstack-ansible00:36
*** jthorne has quit IRC00:38
*** eil397 has quit IRC00:41
*** weezS has quit IRC00:52
*** jamielennox|away is now known as jamielennox00:55
*** skamithi has quit IRC01:08
*** baker has joined #openstack-ansible01:12
*** skamithi has joined #openstack-ansible01:13
*** markvoelker has joined #openstack-ansible01:15
*** markvoelker has quit IRC01:20
*** kjelly has joined #openstack-ansible01:20
*** skamithi has left #openstack-ansible01:21
*** jamielennox is now known as jamielennox|away01:23
*** oneswig has joined #openstack-ansible01:27
*** pegmanm has joined #openstack-ansible01:30
*** oneswig has quit IRC01:32
*** pegmanm_ has quit IRC01:33
*** daneyon_ has quit IRC01:36
*** daneyon has joined #openstack-ansible01:36
*** kjelly has quit IRC01:39
*** marekd has quit IRC01:40
*** marekd has joined #openstack-ansible01:40
*** izaakk has quit IRC01:53
*** baker has quit IRC01:58
*** olivier427 has quit IRC02:01
*** baker has joined #openstack-ansible02:03
*** baker_ has joined #openstack-ansible02:04
*** phiche1 has joined #openstack-ansible02:06
*** baker has quit IRC02:07
*** woodard has quit IRC02:08
*** phiche has quit IRC02:10
*** olivier427 has joined #openstack-ansible02:13
*** markvoelker has joined #openstack-ansible02:16
*** markvoelker has quit IRC02:20
*** baker_ has quit IRC02:25
*** zaze89 has joined #openstack-ansible02:25
*** baker has joined #openstack-ansible02:26
*** skamithi has joined #openstack-ansible02:27
*** pegmanm_ has joined #openstack-ansible02:32
*** baker has quit IRC02:33
*** pegmanm has quit IRC02:34
*** jamielennox|away is now known as jamielennox02:44
*** skamithi has left #openstack-ansible02:45
*** baker has joined #openstack-ansible02:59
*** skamithi has joined #openstack-ansible03:01
*** skamithi has left #openstack-ansible03:01
*** baker has quit IRC03:05
*** baker has joined #openstack-ansible03:06
*** zaze89 has quit IRC03:07
*** baker_ has joined #openstack-ansible03:08
*** skamithi has joined #openstack-ansible03:09
*** zhangjn has joined #openstack-ansible03:09
*** baker has quit IRC03:11
*** skamithi has quit IRC03:11
*** skamithi has joined #openstack-ansible03:11
*** baker has joined #openstack-ansible03:16
*** oneswig has joined #openstack-ansible03:16
*** skamithi has quit IRC03:16
*** olivier427 has quit IRC03:17
*** baker_ has quit IRC03:19
*** skamithi has joined #openstack-ansible03:19
*** oneswig has quit IRC03:20
*** skamithi has quit IRC03:23
*** olivier427 has joined #openstack-ansible03:24
*** skamithi has joined #openstack-ansible03:31
*** pegmanm has joined #openstack-ansible03:32
*** skamithi has quit IRC03:32
*** skamithi has joined #openstack-ansible03:33
*** skamithi has quit IRC03:33
*** pegmanm_ has quit IRC03:34
*** skamithi has joined #openstack-ansible03:34
*** sdake has joined #openstack-ansible03:35
*** coolg has joined #openstack-ansible03:44
*** skamithi has left #openstack-ansible03:52
coolgFor liberty installation using openstack-ansible, whether the container address should be public ip?03:54
*** CheKoLyN has joined #openstack-ansible03:55
coolgI have used the same subnet Container management: 172.29.236.0/22 Tunnel: 172.29.240.0/22 Storage: 172.29.244.0/22 for my installation03:56
coolgwhich is given in installlation guide03:57
*** baker has quit IRC03:59
*** skamithi has joined #openstack-ansible04:00
*** skamithi has quit IRC04:04
*** skamithi has joined #openstack-ansible04:05
*** cemmason has joined #openstack-ansible04:07
*** jamielennox is now known as jamielennox|away04:10
*** skamithi has left #openstack-ansible04:14
*** markvoelker has joined #openstack-ansible04:17
*** javeriak has joined #openstack-ansible04:18
*** markvoelker has quit IRC04:21
*** javeriak_ has joined #openstack-ansible04:23
*** grumpycatt has quit IRC04:23
*** javeriak has quit IRC04:24
*** grumpycatt has joined #openstack-ansible04:26
*** skamithi has joined #openstack-ansible04:32
*** pegmanm_ has joined #openstack-ansible04:32
*** pegmanm has quit IRC04:35
*** jamielennox|away is now known as jamielennox04:39
*** coolg has quit IRC04:44
*** zhangjn has quit IRC04:46
*** zhangjn has joined #openstack-ansible04:47
openstackgerritKevin Carter proposed openstack/openstack-ansible: Add support for the nova_api db  https://review.openstack.org/27493204:48
*** oneswig has joined #openstack-ansible05:04
*** sdake has quit IRC05:05
*** oneswig has quit IRC05:09
*** jamielennox is now known as jamielennox|away05:13
*** pegmanm has joined #openstack-ansible05:34
*** pegmanm_ has quit IRC05:36
*** javeriak has joined #openstack-ansible05:44
*** javeriak_ has quit IRC05:47
*** javeriak has quit IRC05:52
*** skamithi has quit IRC05:53
*** CheKoLyN has quit IRC06:00
*** javeriak has joined #openstack-ansible06:01
openstackgerritKevin Carter proposed openstack/openstack-ansible: Add support for the nova_api db  https://review.openstack.org/27493206:05
*** fawadkhaliq has joined #openstack-ansible06:11
*** javeriak has quit IRC06:11
*** fawadkhaliq has quit IRC06:11
*** markvoelker has joined #openstack-ansible06:18
*** javeriak has joined #openstack-ansible06:21
*** javeriak has quit IRC06:21
*** markvoelker has quit IRC06:22
*** pegmanm_ has joined #openstack-ansible06:34
*** cemmason has quit IRC06:36
*** pegmanm has quit IRC06:37
*** cemmason has joined #openstack-ansible06:48
*** javeriak has joined #openstack-ansible06:51
*** oneswig has joined #openstack-ansible06:52
*** olivier427 has quit IRC06:54
*** zhangjn has quit IRC06:54
*** phiche1 has quit IRC06:55
*** oneswig has quit IRC06:57
*** keedya has joined #openstack-ansible07:04
*** phiche has joined #openstack-ansible07:05
*** javeriak has quit IRC07:14
*** keedya has quit IRC07:26
*** javeriak has joined #openstack-ansible07:30
*** blackstar257 has joined #openstack-ansible07:36
*** pegmanm has joined #openstack-ansible07:37
*** javeriak_ has joined #openstack-ansible07:37
*** javeriak has quit IRC07:38
*** pegmanm_ has quit IRC07:38
*** sdake has joined #openstack-ansible08:09
*** agireud has quit IRC08:10
*** agireud has joined #openstack-ansible08:12
*** markvoelker has joined #openstack-ansible08:18
*** mikelk has joined #openstack-ansible08:22
*** markvoelker has quit IRC08:22
*** tlbr_ has quit IRC08:23
*** pegmanm_ has joined #openstack-ansible08:35
*** pegmanm has quit IRC08:38
*** oneswig has joined #openstack-ansible08:41
*** tlbr has joined #openstack-ansible08:42
*** oneswig has quit IRC08:45
*** blackstar257 has quit IRC08:49
*** marekd has quit IRC08:50
*** oneswig has joined #openstack-ansible08:51
*** marekd has joined #openstack-ansible08:52
*** marekd has quit IRC09:01
*** zhangjn has joined #openstack-ansible09:04
*** zhangjn has quit IRC09:04
*** blackstar257 has joined #openstack-ansible09:07
*** zhangjn has joined #openstack-ansible09:09
*** gparaskevas has joined #openstack-ansible09:11
*** mgoddard has joined #openstack-ansible09:30
*** blackstar257 has quit IRC09:35
*** grumpycatt has quit IRC09:41
odyssey4memattt hughsaunders git-harry andymccr FYI, interesting pattern: https://github.com/openstack/ansible-role-diskimage-builder09:44
*** grumpycatt has joined #openstack-ansible09:47
*** zhangjn has quit IRC09:57
*** stian_ has joined #openstack-ansible10:09
*** zhangjn has joined #openstack-ansible10:11
*** grumpycatt has quit IRC10:14
*** andrei has quit IRC10:15
*** openstackgerrit has quit IRC10:17
*** openstackgerrit has joined #openstack-ansible10:17
*** markvoelker has joined #openstack-ansible10:19
*** markvoelker has quit IRC10:23
*** javeriak_ has quit IRC10:29
stian_Hi! What is the best way to rebuild a container on a different node? Example: I want to destroy galera on node 3 and rebuild it on node 4.10:30
*** grumpycatt has joined #openstack-ansible10:31
*** evrardjp_ is now known as evrardjp10:34
*** javeriak has joined #openstack-ansible10:38
*** pegmanm has joined #openstack-ansible10:41
*** pegmanm_ has quit IRC10:43
*** stian_ has quit IRC10:52
*** electrofelix has joined #openstack-ansible10:53
*** zhangjn has quit IRC10:57
*** zhangjn has joined #openstack-ansible10:58
*** zhangjn has quit IRC10:59
*** zhangjn has joined #openstack-ansible10:59
*** zhangjn has quit IRC11:00
*** zhangjn has joined #openstack-ansible11:00
*** zhangjn has quit IRC11:01
*** cemmason has quit IRC11:01
*** stian_ has joined #openstack-ansible11:02
*** zhangjn has joined #openstack-ansible11:06
*** zhangjn has quit IRC11:06
odyssey4mestian_ you simply add the group to your openstack_user_config.yml or to conf.d with the host in that group, as described in https://github.com/openstack/ansible-role-diskimage-builder11:06
odyssey4meoops - the right url is https://github.com/openstack/openstack-ansible/blob/master/etc/openstack_deploy/openstack_user_config.yml.example11:06
odyssey4mehughsaunders andymccr mattt looking for reviews for https://review.openstack.org/272723 please11:10
*** cemmason has joined #openstack-ansible11:12
odyssey4mestian_ it's probably best to setup the new container on the new host, then once that's up and working properly, remove the old container from the old host11:13
*** zhangjn has joined #openstack-ansible11:13
*** zhangjn has quit IRC11:13
*** zhangjn has joined #openstack-ansible11:14
*** zhangjn has quit IRC11:14
stian_odyssey4me : What abount the inventory ? The old node is still defined there and is rebuilt when I run the playbook.11:15
*** swati_ has joined #openstack-ansible11:15
*** zhangjn has joined #openstack-ansible11:15
odyssey4mestian_ you can use the inventory-manage script to remove entries from the inventory11:15
*** zhangjn has quit IRC11:15
*** zhangjn has joined #openstack-ansible11:16
odyssey4mestian_ if you've used a host group that includes the container group among others, then you may have to set the affinity for that particular host down to 011:16
stian_odyssey4me : ahh, that is exactly what I was looking for. Thank you very much!11:16
*** zhangjn has quit IRC11:16
odyssey4mestian_ for example, this is setting affinity: https://github.com/openstack/openstack-ansible/blob/master/etc/openstack_deploy/openstack_user_config.yml.aio#L71-L7711:17
odyssey4mein this case, though, you'd be setting the affinity to 0 instead of 311:17
*** zhangjn has joined #openstack-ansible11:17
*** zhangjn has quit IRC11:17
odyssey4mein that example all containers from the shared-infra_hosts group (which contains galera, rabbit, etc) would have the standard default affinity of 1 - but then rabbit and galera have affinities of 3 (ie 3 containers for each host)11:18
stian_odyssey4me : I tried to set affinity to 1 galera container on node 1 and 2 galera containers on node 2. That worked fine. But when I set affinity back to 1 on node 2, it still built 2 an extra container on node2.11:19
*** zhangjn has joined #openstack-ansible11:19
*** zhangjn has quit IRC11:19
odyssey4mestian_ you never need to set an affinity of 1 - that's the default11:20
odyssey4mebut yes, once you change the affinity you'll also need to remove any existing container from the inventory11:20
*** zhangjn has joined #openstack-ansible11:20
*** zhangjn has quit IRC11:20
stian_Yes, the problem was that it still existed in the inventory.11:20
stian_Thanks!11:21
*** zhangjn has joined #openstack-ansible11:21
*** zhangjn has quit IRC11:21
odyssey4mestian_ sure :)11:23
*** zhangjn has joined #openstack-ansible11:24
*** zhangjn has quit IRC11:24
*** zhangjn has joined #openstack-ansible11:25
*** javeriak has quit IRC11:25
*** javeriak has joined #openstack-ansible11:27
swati_Hi Jesse, how are openstack components installed using ansible....like is nova installed using venv?11:27
*** agireud has quit IRC11:27
*** agireud has joined #openstack-ansible11:29
odyssey4meswati_ all openstack components are now, by default, installed into a venv - assuming the deployer has left the default in place11:34
odyssey4meswati_ I sent an email earlier this year suggesting that we import your current work into an openstack repo, then we can work on finalising it together11:35
odyssey4meI can then pair you up with one of the team who understands the framework well enough to help with that finalisation11:36
*** oneswig has quit IRC11:39
*** pegmanm_ has joined #openstack-ansible11:40
*** pegmanm has quit IRC11:43
*** cemmason has quit IRC11:45
*** gus_ is now known as gus11:47
*** oneswig has joined #openstack-ansible11:54
*** skamithi has joined #openstack-ansible12:03
javeriakhey folks, the galera-bootstrap tag doesnt seem to be available on kilo anymore?12:04
odyssey4mejaveriak I'm not sure if it ever was - that's a carry over from Juno and I think the mechanism for that was changed for kilo.12:05
odyssey4methe docs need an update12:05
javeriakoh, what tag should we use then to rekick galera?12:05
odyssey4mejaveriak try this? http://docs.openstack.org/developer/openstack-ansible/developer-docs/quickstart-aio.html#rebooting-an-aio12:05
javeriakodyssey4me but rerunning the infra playbook sometimes fails again even after doing that12:06
odyssey4mejaveriak then you'll need to actually look into what's broken in the galera cluster12:06
hughsaundersodyssey4me: re linting patch, the gate-check-docs script has gone, so will there be a docs job to call the docs tox env?12:06
odyssey4meanother option, if you're ok with it, is to try trashing the containers and rebuilding them12:07
odyssey4methe data stays, as that's bind-mounted to the host12:07
javeriakwhere does this come from 'wsrep_incomming_adress does not match accross cluster'? I only managed to sort this out by deleting the cotainers and rebuilding12:07
odyssey4mehughsaunders the docs job has been using the docs tox target for ages12:07
odyssey4mehughsaunders the gate-check-docs scripts hasn't been in use for a long, long time12:07
odyssey4mejaveriak hmm, that's odd - sounds like a busted up inventory12:08
odyssey4mejaveriak that's set here: https://github.com/openstack/openstack-ansible/blob/kilo/playbooks/roles/galera_server/templates/cluster.cnf.j2#L1812:09
*** swati_ has quit IRC12:09
odyssey4mejaveriak here's where that error comes from: https://github.com/openstack/openstack-ansible/blob/kilo/playbooks/galera-install.yml#L43-L5012:09
javeriakodyssey4me yep see it, dont really see how that went out of sync, guess will have to dig deeper12:10
*** oneswig has quit IRC12:16
Bofu2Urandom Q ... if you deploy using HA controllers, and one of them goes down, does any part of the networking component go with it?12:18
*** skamithi has quit IRC12:20
*** markvoelker has joined #openstack-ansible12:20
*** javeriak_ has joined #openstack-ansible12:20
*** javeriak has quit IRC12:24
*** markvoelker has quit IRC12:24
*** retreved has joined #openstack-ansible12:46
*** oneswig has joined #openstack-ansible12:50
javeriak_hey guys, im getting a 'ValueError: too many values to unpack ' in the keystone logs while failing to login to horizon, any ideas whats wrong?12:50
*** oneswig has quit IRC12:54
cloudnullmorning12:55
Bofu2Umornin12:56
*** logan- has quit IRC13:00
*** logan- has joined #openstack-ansible13:00
cloudnulljaveriak_:  what release is that ?13:06
javeriak_cloudnull im on 11.2.713:07
cloudnulldo you have the py traceback handy?13:07
javeriak_i saw something in the horizon logs too about wrong version13:07
javeriak_yes let me find13:07
javeriak_[pid 7749:tid 140630231602944] SSL Library Error: error:1408A10B:SSL routines:SSL3_GET_CLIENT_HELLO:wrong  <-- thats from horizon logs13:08
cloudnullhum...13:12
cloudnullthat i've not seen13:13
javeriak_cloudnull: http://paste.ubuntu.com/14857007/13:13
mhaydenmorning13:13
javeriak_my horzion one got clipped, but this was it: SSL routines:SSL3_GET_CLIENT_HELLO:wrong version number13:14
*** oneswig has joined #openstack-ansible13:14
cloudnulllbragstad dolphm dstanek have you guys seen http://paste.ubuntu.com/14857007/ w/ keystone in Kilo  ?13:15
dstanekcloudnull: looks like fernet is somehow broken13:17
cloudnullyea13:17
dstaneki don't recall that specific error though13:17
javeriak_just checked my code base, and im on the kilo 11.2.8+13:17
*** oneswig has quit IRC13:18
*** grumpycatt has quit IRC13:18
cloudnulljaveriak_:  would you mind doing a rebase from the branch kilo rebuilding your repo and rerunning the keystone playbook ?13:19
javeriak_cloudnull sure; should i leave the keystone containers as is or try rebuilding first?13:20
*** oneswig has joined #openstack-ansible13:20
*** markvoelker has joined #openstack-ansible13:21
dstanekcloudnull: that's not a federated token is it?13:22
cloudnulljaveriak_:  i'd leave everything intact13:22
cloudnulldstanek: i dont think so, javeriak_ are you deploying federation ?13:22
javeriak_k thanks cloudnull; nope no federation13:22
cloudnulljaveriak_:  you should be able to rebuild in place.13:22
odyssey4mejaveriak_ that ssl version number issue is a non issue - it's most probably haproxy's checks causing that13:23
javeriak_odyssey4me i seem to be getting version mismatch errors with keystone cli commands as well13:23
javeriak_but will try rebasing and rerunning for now13:23
odyssey4mejaveriak_ you've deployed with SSL then?13:23
odyssey4meSSL for both keystone and horizon?13:24
javeriak_odyssey4me yes13:24
*** grumpycatt has joined #openstack-ansible13:24
javeriak_WARNING: unsupported identity-api-version 3, falling back to 2.0 <-- this13:24
odyssey4mejaveriak_ is the keystone ssl set on the keystone/apache or on haproxy?13:24
odyssey4mejaveriak_ that's an openrc misconfiguration13:26
*** markvoelker has quit IRC13:26
*** markvoelker_ has joined #openstack-ansible13:26
*** andrei__ has joined #openstack-ansible13:26
javeriak_odyssey4me not sure, it'll be the standard config that comes on kilo13:27
odyssey4mejaveriak_ the standard config in kilo doesn't do SSL for keystone13:27
odyssey4meit can, but that's not enabled by default13:27
dstanekcloudnull: javeriak_: the best i can tell is that the token has a broken payload - maybe dolphm or lbragstad remember a bug?13:27
javeriak_odyssey4me this doesnt set ssl for keystone then ssl_protocol: "ALL -SSLv2 -SSLv3"13:28
cloudnulljaveriak_:  are you using the keystone CLI or the openstack CLI ?13:28
javeriak_cloudnull openstack cli13:28
cloudnullkk13:28
javeriak_so cloudnull  dstanek odyssey4me rebasing and running the keystone plays seems to have fixed it13:29
odyssey4mejaveriak_ nope - there are quite a few more options13:29
odyssey4mejaveriak_ that just sets the protocols allowed when SSL is used13:30
javeriak_hmm dunno what went wrong in the first place13:30
*** mikelk has quit IRC13:31
*** tlbr has quit IRC13:37
cloudnullmaybe something happened on the original wheel build that caused the failure?13:39
*** keedya has joined #openstack-ansible13:40
*** woodard has joined #openstack-ansible13:41
*** cemmason has joined #openstack-ansible13:45
*** b3rnard0_away is now known as b3rnard013:46
*** keedya has quit IRC13:51
dolphmcloudnull: do you have the token and fernet keys?14:00
cloudnulli do not.14:00
cloudnulljaveriak_: was seeing that issue14:01
dolphmjaveriak_: o/14:01
cloudnullhowever it seems that on redeploy everything was right with the world. so idk14:01
javeriak_hey dolphm; yep cloudnull redeploying fixed it; let me add that this was an operational system; i dont know what brought it to that state though14:02
*** skamithi has joined #openstack-ansible14:10
*** tlbr has joined #openstack-ansible14:11
*** sdake has quit IRC14:11
openstackgerritgit-harry proposed openstack/openstack-ansible: Upgrades: Cleanup RabbitMQ / vhost  https://review.openstack.org/27265214:13
*** dmsimard has quit IRC14:15
openstackgerritKevin Carter proposed openstack/openstack-ansible: DEFCORE: Updated tempest config and resources  https://review.openstack.org/27424814:19
andrei__hi all, did anyone try to disable iscsi_helper? I see tgt is installing by default and running in cinder container. Is there any good way to disable it without changing playbooks?14:20
*** mikelk has joined #openstack-ansible14:26
*** grumpycatt has quit IRC14:30
cloudnullandrei__: i think thats some left over cruft that we need to add a conditional too14:34
*** grumpycatt has joined #openstack-ansible14:35
*** javeriak_ has quit IRC14:35
cloudnullandrei__: the cinder apt packages assume tgt will be installed from here https://github.com/openstack/openstack-ansible/blob/master/playbooks/roles/os_cinder/defaults/main.yml#L21614:36
cloudnullwe'd need to abstract that out when using cinder+lvm14:36
*** KLevenstein has joined #openstack-ansible14:45
*** pegmanm has joined #openstack-ansible14:46
*** keedya has joined #openstack-ansible14:47
*** pegmanm_ has quit IRC14:49
*** jeh has joined #openstack-ansible14:49
andrei__thank you14:51
*** Mudpuppy has joined #openstack-ansible14:53
openstackgerritMerged openstack/openstack-ansible: Update Defcore test list function  https://review.openstack.org/27013814:54
*** Mudpuppy has quit IRC14:59
*** Mudpuppy has joined #openstack-ansible15:00
*** zhangjn has quit IRC15:00
*** dmsimard has joined #openstack-ansible15:02
*** bryan_att has joined #openstack-ansible15:03
*** olivier427 has joined #openstack-ansible15:08
*** michaelgugino has joined #openstack-ansible15:09
*** sigmavirus24_awa is now known as sigmavirus2415:10
logan-andrei__: i just went through that last week :)15:11
openstackgerritKevin Carter proposed openstack/openstack-ansible: Add support for the nova_api db  https://review.openstack.org/27493215:11
logan-re: disabling tgt in cinder15:11
logan-one moment I am finding the commit15:11
logan-the first thing you will need to do is override cinder_apt_packages in user_variables and remove tgt from that list: http://paste.gentoolinux.info/imoxudumac.axapta15:14
logan-then, if you run cinder you will see a failure on a task called "Ensure cinder tgt include"15:14
openstackgerritKevin Carter proposed openstack/openstack-ansible: Use Swift venv Python interpreter  https://review.openstack.org/27525615:14
logan-so a quick stopgap patch I put in place for now is: http://paste.gentoolinux.info/abakumotij.diff15:15
logan-then it will deploy without installing tgt anywhere. you will still have some junked iscsi_* settings in your cinder.conf as there are no conditionals there, but they don't appear to affect my environment at all (using rbd backends only)15:16
*** cemmason has quit IRC15:17
andrei__setting have no 'disable' feature :)15:17
andrei__thank you, I'll check15:17
*** baker has joined #openstack-ansible15:19
*** dmsimard has quit IRC15:21
openstackgerritMiguel Alex Cantu (alextricity25) proposed openstack/openstack-ansible: Changed ceilometer configs to use keystonev3  https://review.openstack.org/27490515:21
cloudnulllogan- andrei__ idk you have time, but if you could parameterize the tgt install It'd be much appreciated =)15:23
*** Bjoern has joined #openstack-ansible15:24
*** cemmason has joined #openstack-ansible15:25
logan-I will try to circle back to that someday. will probably have to spend a little more time on that one because I am not very familiar with cinder/iscsi deployments15:31
openstackgerritMatt Thompson proposed openstack/openstack-ansible: [WIP] Remove venv activation code  https://review.openstack.org/27527915:39
andrei__me neither. Probably difficulty here is default values for iscsi_helper, so it's assumed that tgt is installed. On pure ceph installation for example tgt is not needed, nevertheless one can probably use different backends with different volume drivers.15:40
*** olivier427 has quit IRC15:40
*** jthorne has joined #openstack-ansible15:44
*** raddaoui has joined #openstack-ansible15:45
*** Mudpuppy has quit IRC15:46
*** galstrom_zzz is now known as galstrom15:46
*** olivier427 has joined #openstack-ansible15:54
*** cemmason has quit IRC15:56
cloudnulllogan-:  ++ happy to circle back on it whenever15:58
*** dweaver has quit IRC15:59
*** dweaver has joined #openstack-ansible16:00
openstackgerritJesse Pretorius (odyssey4me) proposed openstack/openstack-ansible: Resolve bashate violation E005  https://review.openstack.org/27529016:00
odyssey4mebug triage in this meeting room cloudnull, mattt, andymccr, d34dh0r53, hughsaunders, b3rnard0, palendae, Sam-I-Am, odyssey4me, serverascode, rromans, erikmwilson, mancdaz, _shaps_, BjoernT, claco, echiu, dstanek, jwagner, ayoung, prometheanfire, evrardjp, arbrandes, mhayden, scarlisle, luckyinva, ntt, javeriak, automagically, spotz, vdo, jmccrory, alextricity25, jasondotstar, KLevenstein, admin0, michaelgugino16:01
palendaeo/16:01
michaelguginohere16:01
* mhayden woots16:01
alextricity25o/16:01
odyssey4mehello everyone, welcome :)16:02
KLevenstein.16:02
odyssey4mefirst up: https://bugs.launchpad.net/openstack-ansible/+bug/153507516:02
openstackLaunchpad bug 1535075 in openstack-ansible trunk "extra kernel module checks for kernel version only done on the deploy node" [Undecided,New] - Assigned to Jimmy McCrory (jimmy-mccrory)16:02
odyssey4mejmccrory it looks like to found the root cause16:02
mattt\o16:02
jmccrorydo we want some kind of forced re-caching during the host setup playbook to help avoid that?16:03
odyssey4mewell, I saw that there was an option for the CLI to clear the fact cache16:04
michaelguginoI think rerunning setup with gather facts again16:04
odyssey4mebut I don't have a CLI handy right now16:04
michaelguginoso, we could include that at the top of the playbook16:04
odyssey4meI don't think that we should just flush the fact cache willy nilly16:05
odyssey4meI think that we should make people aware that the fact cache can be flushed and that it should be part of the troubleshooting process.16:05
cloudnullwe can do rm /etc/openstack_deploy/ansible_facts/*16:05
cloudnullitll then rebuild the facts16:05
cloudnullalso the facts are cached for 24 hours16:06
cloudnullthat can be tuned down in the ansible.cfg file16:06
odyssey4meyes, that can be done - but the more ansible way is --flush-cache on the CLI... or something to that effect16:06
odyssey4mecan someone do an 'ansible-playbook --help' quickly?16:06
michaelguginoor call setup in the playbook16:06
*** gparaskevas has quit IRC16:07
cloudnullit doesnt seem that the flush-cache command works16:07
*** weezS has joined #openstack-ansible16:08
michaelguginoflush cache is indeed a command line option16:08
prometheanfireneato16:08
cloudnullhttp://cdn.pasteraw.com/i98ikveaeen46n1vceju5cnqzbbekcn16:08
cloudnullsame thing when i run the command manually http://cdn.pasteraw.com/h72ig7b5sqf87xyh93v0zqzlc5cu7fk16:09
cloudnullw/out the wrapper16:09
cloudnullIMO, use "rm" technology and rerun play :)16:09
odyssey4meok, I've added a note to that effect and marked the bug as invalid16:09
odyssey4meit's be nice if someone could add a note about this in http://docs.openstack.org/developer/openstack-ansible/install-guide/app-tips.html16:10
michaelguginoMaybe a known issues section16:10
cloudnullmaybe mark that bug as a doc issue ?16:10
odyssey4mewell, if someone has a gap to add a known issues section and add this, that'd be great16:12
michaelguginothere is a troubleshooting section16:13
michaelguginohttp://docs.openstack.org/developer/openstack-ansible/install-guide/ops-troubleshooting.html16:13
odyssey4mesounds like a good section to add it16:13
odyssey4meany volunteers to put together a docs patch for it?16:13
openstackgerritMiguel Alex Cantu (alextricity25) proposed openstack/openstack-ansible: Allow apache file overrides  https://review.openstack.org/26774916:13
jmccroryi'll take that up16:14
odyssey4megreat, thanks jimmy16:14
odyssey4meI'm going to mark it as triaged16:14
michaelguginoPerhaps would should instruct people to run apt-get upgrade while setting up target hosts?16:14
odyssey4memichaelgugino I think that perhaps there should be some sort of pre-requisites guide with some examples of things that should be done before executing a build.16:15
*** dweaver has quit IRC16:15
michaelguginoWell, there is:  http://docs.openstack.org/developer/openstack-ansible/install-guide/targethosts-prepare.html16:16
*** dweaver has joined #openstack-ansible16:16
odyssey4mesounds like a good spot16:16
odyssey4meany volunteers to add another section there recommending an apt-get dist-upgrade ?16:17
openstackgerritMiguel Alex Cantu (alextricity25) proposed openstack/openstack-ansible-plugins: Allow apache file overrides  https://review.openstack.org/27529816:17
*** skamithi has quit IRC16:17
*** skamithi has joined #openstack-ansible16:18
michaelguginoI'll take that16:18
odyssey4methanks michaelgugino16:18
michaelguginoyw16:19
odyssey4menext up: https://bugs.launchpad.net/openstack-ansible/+bug/153826816:19
openstackLaunchpad bug 1538268 in openstack-ansible "openstack-ansible-security newalias task fails if disable_ipv6 true" [Undecided,New]16:19
openstackgerritMiguel Alex Cantu (alextricity25) proposed openstack/openstack-ansible: Allow apache file overrides  https://review.openstack.org/26774916:19
odyssey4memhayden ping?16:19
odyssey4meThis looks valid to me, but I think mhayden will need to look into it unless someone else wants to give it a go.16:21
*** sdake has joined #openstack-ansible16:21
odyssey4meok, moving on: https://bugs.launchpad.net/openstack-ansible/+bug/153920716:21
openstackLaunchpad bug 1539207 in openstack-ansible "permission on swift log directories incorrect" [Undecided,New]16:21
odyssey4mewasn't there a patch in review for this?16:22
cloudnulli thought there was16:23
cloudnullthis was one side https://review.openstack.org/#/c/273231/16:23
cloudnulli want to say travis did the other patch16:24
odyssey4meping automagically16:24
odyssey4me:/ not here16:24
odyssey4mehttps://review.openstack.org/273231 ?16:25
odyssey4menope - ok, this looks like a valid bug then16:25
odyssey4meany volunteers to patch it up? the bug report appears to resolve it16:26
mhaydenodyssey4me: sorry, on a conf call at the moment -- i'll look at the bug16:26
cloudnullthe issue is that we need to adjust https://github.com/openstack/openstack-ansible/blob/master/playbooks/roles/os_swift/tasks/swift_pre_install.yml#L90-L9116:26
cloudnullto be syslog16:26
cloudnullnot swift the user name16:26
odyssey4methere's a patch in the report which says differently16:27
openstackgerritMerged openstack/openstack-ansible: Use Swift venv Python interpreter  https://review.openstack.org/27394316:27
odyssey4mebut yeah, I agree that would be a better course of action16:27
mhaydeni'll take https://bugs.launchpad.net/openstack-ansible/+bug/153826816:27
openstackLaunchpad bug 1538268 in openstack-ansible "openstack-ansible-security newalias task fails if disable_ipv6 true" [Undecided,New] - Assigned to Major Hayden (rackerhacker)16:27
openstackgerritAndy McCrae proposed openstack/openstack-ansible: Use Swift venv Python interpreter  https://review.openstack.org/27525616:27
odyssey4meany volunteers to patch that up?16:27
cloudnullodyssey4me:  i can bang that out rigth quick16:28
odyssey4meok cloudnull assigned16:28
odyssey4menext: https://bugs.launchpad.net/openstack-ansible/+bug/153921016:29
openstackLaunchpad bug 1539210 in openstack-ansible "empty log directories cause invalid logrotate files" [Undecided,New]16:29
*** daneyon_ has joined #openstack-ansible16:29
odyssey4meah, https://review.openstack.org/#/c/273292/ is looking for another core reviewer16:30
odyssey4memattt ^16:30
odyssey4mehughsaunders andymccr d34dh0r53 stevelle ^16:30
openstackgerritKevin Carter proposed openstack/openstack-ansible: Fix swift log perms  https://review.openstack.org/27531116:31
*** spotz_zzz is now known as spotz16:31
*** dweaver has quit IRC16:31
openstackgerritJesse Pretorius (odyssey4me) proposed openstack/openstack-ansible-rsyslog_client: Added conditional templating  https://review.openstack.org/27329216:32
*** dweaver has joined #openstack-ansible16:32
openstackgerritJesse Pretorius (odyssey4me) proposed openstack/openstack-ansible: Added conditional templating  https://review.openstack.org/27329316:32
spotzhey guys sorry I'm late was driving to Austin, miss anything?16:32
*** daneyon has quit IRC16:33
odyssey4meok, so that one is in progress16:33
odyssey4mewelcome spotz :)16:33
odyssey4menext up: https://bugs.launchpad.net/openstack-ansible/+bug/153923616:33
openstackLaunchpad bug 1539236 in openstack-ansible "lxc_host cache issues" [Undecided,New]16:33
*** skamithi has quit IRC16:34
cloudnullthe only way ive seen this issue in the wild is if the  play was stopped while expanding the lxc cache16:34
odyssey4methis is a valid issue, and a bit of a hangover from Juno where all hosts had lxc installed16:35
odyssey4meand yes, what cloudnull said16:35
*** Mudpuppy has joined #openstack-ansible16:35
alextricity25I thought there was already a sha check in place?16:35
alextricity25or something like that16:35
odyssey4memattt also discovered that the sha check in Ansible <2 doesn't work as you think it does16:35
odyssey4mewe should perhaps be a little more robust in our checks16:36
cloudnullthe download works but if the task is stopped when the tar is expanded it can cuase issues16:36
odyssey4meany volunteers to fix this up?16:36
alextricity25I had an issue with the container image cache in Kilo16:36
*** agireud has quit IRC16:36
*** skamithi has joined #openstack-ansible16:36
alextricity25the play wasn't stopped...the image was just corrupted in transit16:36
alextricity25at least it seemed that way16:36
cloudnullodyssey4me:  i think the real fix here is to begin using the download template and building without the rpc image download16:36
odyssey4meyeah, I actually have started doing some work on that again16:36
odyssey4melet me take this as it's complementary work16:37
*** daneyon has joined #openstack-ansible16:37
*** agireud has joined #openstack-ansible16:37
cloudnulli think if we hybridify the work you had before and this role https://github.com/os-cloud/lxc_image_cache we'd  have a fairly robust solution16:37
odyssey4mecloudnull yeah, I've been looking at several options16:38
cloudnullwe could also simply use the download template as is16:38
cloudnullbut anyway ... i think the correct solution is to look at using the lxc community images instead16:39
odyssey4meI think next cycle we can build more of an image pipeline and look at working on prepping images per container profile or something16:39
cloudnullmaybe by then lxd will more robust too16:39
odyssey4mebut for now I just want to add a simple mechanism to use a downloaded image, or use an image from the lxc images16:39
logan-download template being the distro one cloudnull? are tehre any major differences beetween the rpc one and the regular trusty template that comes with ubuntu?16:39
odyssey4meboth would then require some additional prep before deployment16:39
*** daneyon_ has quit IRC16:40
odyssey4melogan- FYI I've got a WIP here: https://review.openstack.org/27274316:40
palendaecloudnull: I'm not sure that LXD replaces any of that logic. It might, I guess16:40
cloudnulllogan-: not much difference.16:40
cloudnullthe rpc image has additional packages within it to speed things up16:40
odyssey4meit's a long way from done, but essentially it grabs a raw image from the lxc daily builds, then does the updates we need to it before we can use it.16:40
logan-thanks odyssey4me, will look thru that16:40
odyssey4meit makes the whole image prep process transparent16:40
cloudnull++16:41
odyssey4methe objective is to make the image prep process completely transparent so that the rpc-prepped image is no longer required16:41
odyssey4methis should also speed things up, because the rpc image is old :p16:41
odyssey4menext up: https://bugs.launchpad.net/openstack-ansible/+bug/153924616:42
openstackLaunchpad bug 1539246 in openstack-ansible "only install one of nova_console_novnc or nova_console to haproxy" [Undecided,New]16:42
*** izaakk has joined #openstack-ansible16:42
cloudnullodyssey4me: the rpc image is up-to-date16:42
cloudnulljust updated last week16:42
cloudnullodyssey4me:  on that issue16:43
odyssey4mehmm, it would seem to me that we need to ensure that novnc and spice have their own groups16:43
andymccrtransparency is the main reason i'd like to see that done.16:43
cloudnullif you have spice, and then change to novnc, you need to keep both endpoints16:44
odyssey4meor we need to consolidate https://github.com/openstack/openstack-ansible/blob/master/playbooks/vars/configs/haproxy_config.yml#L122-L139 somehow to do one or the other16:44
odyssey4meandymccr ++16:44
andymccrwell that also sounds like an haproxy issue and not a spice vs novnc issue16:44
cloudnullany vm built with a particular console type will remain using that console type forever16:44
jthornei recently switched from spice to novnc in OSIC Cloud 116:44
cloudnullunless you modify the DB to change it16:44
odyssey4mecloudnull yuck, that's fun16:44
andymccrthat sounds fine?16:45
*** mgoddard_ has joined #openstack-ansible16:45
odyssey4meok cloudnull in that case we need to have different container profiles for each16:45
andymccrand cleaner tbh16:45
andymccrjust remove the old no_vnc containers16:45
andymccrand create new ones16:45
odyssey4meunless it's possible to run both in the same container?16:45
cloudnullthey can be in the same container16:45
cloudnullall that works16:45
andymccrdo you really want old containers that "had" spice running, (and still have all the bits there) now running novnc?16:45
andymccrwith the intention of no longer running spice console16:45
odyssey4meshouldn't we look at fronting novnc/spice with Apache/nginx? afaik both support it16:45
cloudnullthey work on different ports and endpoints16:46
openstackgerritHugh Saunders proposed openstack/openstack-ansible: Update Defcore test list function  https://review.openstack.org/27531816:46
Bjoernput a proxy in front of a proxy, novnc and spice are already a proxy?16:46
odyssey4meusing nginx/apache can provide SSL endpoints for both equally16:46
Bjoernspice has TLS builtin, novnc i'm not sure currently16:47
odyssey4meand when you set it up with a web server front-end, it doesn't use the python webserver (proxy)16:47
*** dweaver has quit IRC16:47
odyssey4meit's far more secure that way, IMO16:47
cloudnullandymccr: normally i say no. but if the deployment changes console types and has running vms itll orphan the old vms access to the console16:48
*** dweaver has joined #openstack-ansible16:48
*** mgoddard has quit IRC16:48
Bjoernif it works like keystone/wsgi then it's fine16:48
andymccrthats not a solvable problem within OSA though16:48
cloudnulltrue16:48
odyssey4meBjoern I may stand under correction, but I've seen blog posts and stuff that give me that understanding.16:49
cloudnulli mean you can deploy one and then another and both will run16:49
cloudnulland will do so all within the same container.16:49
*** skamithi has quit IRC16:49
odyssey4meanyway, that's not the immediate issue here - it just might be a nice way to round out the config in a more robust way16:49
odyssey4methe ssl will scale better too16:49
cloudnulland when the deployer wants to clean it up they can nuke those containers and redeploy them for a clean env16:49
odyssey4methe bug in question specifies that haproxy isn't aware of which back-end is actually there16:50
andymccror it is but doesnt clean it up?16:50
cloudnull^16:50
andymccrwe don't have a mechanism to ensure certain files "aren't present"16:50
andymccrand im not sure we should add one.16:50
cloudnull^ also16:50
odyssey4me++16:50
openstackgerritHugh Saunders proposed openstack/openstack-ansible: Update Defcore test list function  https://review.openstack.org/27532016:50
andymccrunless we want to do an "ensure disabled" or something16:50
andymccrbut that sounds like more effort than is worth16:50
cloudnulli remember that from the chef days and I'd like not to repeate that16:51
andymccrits a bug IF you manually remove the haproxy conf for spice/novnc and it keeps re-adding it when the console isn't present i guess16:51
cloudnulli think our current haproxy role adds everything we support to the conf16:51
cloudnulleven if its not present16:51
andymccryeh true16:51
andymccrso you will have that problem for all services really16:51
odyssey4mehttps://github.com/openstack/openstack-ansible/blob/master/playbooks/vars/configs/haproxy_config.yml#L122-L139 will need to reference a different group for each console type so that it's more aware. Each console type would need to be in a container group that specifies the type.16:52
andymccrexcept that the ones with no containers won't have existing hosts i guess16:52
evrardjphello, it just happens that I come by here16:52
cloudnulli like evrardjp approach better for a revamped haproxy role16:52
cloudnullspeak of the devil :)16:52
evrardjp:)16:53
evrardjpsorry I'm not much available nowadays16:53
cloudnullthis role https://github.com/evrardjp/ansible-haproxy16:53
evrardjpbut I think it's the way to go16:53
evrardjp(don't check on the "build failed", it's just a problem in my CI... :p)16:54
*** Nepoc has joined #openstack-ansible16:54
evrardjpso what's the issue, except lack of modularity?16:54
odyssey4meok, this is just a cosmetic error anyway16:54
andymccrif its not causing haproxy to fail, im inclined to not care as much about the bug.16:54
andymccrlike wishlist item "haproxy plays could be better"16:54
evrardjpcould you ping me the link?16:55
odyssey4meso I'd say that it's confirmed, but low priority - any objections/preferred suggestions?16:55
cloudnull++16:55
logan-maybe looking at calling haproxy as a conditional dependency to do service setup16:55
odyssey4meok, I've added some comments16:56
odyssey4meI think we've spent enough time on it :)16:56
odyssey4menext up: https://bugs.launchpad.net/openstack-ansible/+bug/153980316:57
openstackLaunchpad bug 1539803 in openstack-ansible "enable support for availability zones for compute and services" [Undecided,New]16:57
odyssey4methis is already possible16:57
cloudnulladmin0 is interested in that ^16:57
git-harryscre16:58
odyssey4mehttp://docs.openstack.org/developer/openstack-ansible/install-guide/configure-openstack.html16:58
cloudnullodyssey4me: is it manual or automated ?16:58
evrardjpaz are already supported in openstack-ansible, maybe a doc is needed then?16:58
odyssey4memore specifically: http://docs.openstack.org/developer/openstack-ansible/install-guide/configure-openstack.html#overriding-conf-files16:58
*** mikelk has quit IRC16:58
odyssey4meper host config overrides are already documented there16:59
evrardjpalso this is documented: http://docs.openstack.org/developer/openstack-ansible/install-guide/configure-cinder-az.html16:59
openstackgerritMerged openstack/openstack-ansible: Fix rsync service restart in os_swift  https://review.openstack.org/27314916:59
openstackgerritAndy McCrae proposed openstack/openstack-ansible: Fix rsync service restart in os_swift  https://review.openstack.org/27532417:00
evrardjpnova it's about 2 clicks in the web interface OR few api calls, already explained in the upstream openstack doc17:00
odyssey4memarking as invalid17:00
odyssey4melast one: https://bugs.launchpad.net/openstack-ansible/+bug/154053117:01
openstackLaunchpad bug 1540531 in openstack-ansible "Upgrade issues with 'Create log aggregation links'" [Undecided,New]17:01
*** oneswig has quit IRC17:01
*** skamithi has joined #openstack-ansible17:01
odyssey4mepalendae can I ask you to look into this as part of the upgrade testing/fixing?17:02
palendaeodyssey4me: Sure thing17:02
odyssey4meit looks entirely plausible, but will likely be based on a situation where someone is coming from a pretty old build17:02
*** raddaoui has quit IRC17:02
odyssey4methanks palendae17:02
palendaeodyssey4me: Yeah, I can see a situation where our customers have environemtns that move from Icehouse/Juno to Kilo to Liberty17:03
odyssey4mepalendae yeah, or who have pre-existing environments and convert to using OSA17:03
odyssey4me :)17:03
*** dweaver has quit IRC17:03
*** scarlisle has joined #openstack-ansible17:03
*** mgoddard_ has quit IRC17:03
odyssey4methank you all for your time - we're a few mins over17:03
*** mgoddard has joined #openstack-ansible17:04
*** dweaver has joined #openstack-ansible17:04
cloudnullcheers17:04
*** oneswig has joined #openstack-ansible17:06
NepocHello everyone, back with a question. How do I enable the firewall? The tab is absent from Horizon.17:06
odyssey4meNepoc you're looking for 'Security Groups'17:08
cloudnullNepoc: or are you looking for FWAAS  ?17:08
odyssey4meSecurity Groups are basic firewalling which can be applied for internal and external rules17:08
bgmccollumanyone configured OSA to use LXC?17:08
odyssey4mebgmccollum yeah, some guy on the mailing list instrumented the lxc hypervisor17:09
bgmccollumodyssey4me interesting... *digs through ML*17:09
logan-that sounds interesting17:09
NepocIf FWAAS is what provided the "Firewall" tab in horizon then yes that's what I'm looking for... One moment I'll try to get more information from the developer here who's looking for it.17:09
odyssey4mebgmccollum openstack-operators list - 'virt_type=lxc'17:10
cloudnullNepoc: we dont have that option as something we deploy by default. however we could add it with little work .17:10
*** oneswig has quit IRC17:10
odyssey4mebgmccollum here're his notes: https://etherpad.openstack.org/p/osad-lxc-hyper-notes17:11
cloudnullat last check, in kilo, it wasnt the most function of neutron services17:11
bgmccollumodyssey4me thanks!17:11
cloudnullbut maybe time to revise that17:11
odyssey4mebgmccollum caveat - please do an appendix entry or blog post showing how to do it right :)17:11
logan-odyssey4me, bgmccollum: thanks17:12
bgmccollumodyssey4me: git apply-patch ...17:12
*** raddaoui has joined #openstack-ansible17:12
cloudnullNepoc: looking at whats required in master/liberty17:12
odyssey4mebgmccollum I don't think that modifying the source is necessary, as you'll see in my responses to him17:12
odyssey4mebgmccollum my responses are in green text17:13
bgmccollumgot it17:13
odyssey4melogan- I challenge you to beat bgmccollum to the punch. :)17:13
Nepoccloudnull: that would be great if we could enable that17:13
odyssey4meNepoc It should be a pretty easy edit to enable it, and we'd be happy to help you put it together.17:14
logan-lol, I would love to but have to get kvm to production first :( that seems like a fun experiment though17:15
*** sdake has quit IRC17:15
bgmccollumodyssey4me logan- its also on my "i shouldn't be looking at this" list :/17:16
prometheanfirewhy do we ignore errors in bootstraping ansible (during the galaxy install) https://github.com/openstack/openstack-ansible/blob/master/scripts/bootstrap-ansible.sh#L89 ?17:16
logan-haha17:16
Nepocodyssey4me: Do you guys have an idea of how much time it might take?17:16
prometheanfirecloudnull: you had that in your megapatch :P17:17
Nepocodyssey4me: Also one of the developers here asked if there is a way to enable it manually or are there things missing?17:18
odyssey4meNepoc I expect that the basic neutron binaries should be there, but it may be missing drivers.17:18
*** spotz is now known as spotz_zzz17:19
*** dweaver has quit IRC17:19
odyssey4meNepoc I'm not sure that any of us are familiar enough with FWAAS right now to provide a decent answer.17:19
odyssey4meany volunteers to see what it takes to get FWAAS going? :)17:19
*** dweaver has joined #openstack-ansible17:20
NepocI think cloudnull is taking a look?17:20
*** skamithi has quit IRC17:20
palendaeWhat are the <service_name>_venv_tag variables for? Tagging to a specific release? https://github.com/openstack/openstack-ansible/blob/master/playbooks/roles/os_cinder/defaults/main.yml#L19-L2017:23
*** phiche has quit IRC17:24
palendaeAlso noticing all the services are set to download from the hard-coded string "untagged" rather than the venv_tag value, is that intentional? https://github.com/openstack/openstack-ansible/blob/master/playbooks/roles/os_cinder/defaults/main.yml#L3117:25
odyssey4mepalendae the tag name is overridden in the group vars I think17:25
odyssey4meso the venv gets named according to the release tag number17:26
palendaeOk17:26
odyssey4meie cinder_12.0.317:26
palendaeBut that download URL doesn't appear to17:26
palendaeGotcha17:26
palendaeHm, not seeing venv_tags in playbooks/defaults, inventory/group_vars, or playbooks/vars17:28
odyssey4mepalendae playbooks/os-cinder-install.yml:      cinder_venv_download_url: "{{ openstack_repo_url }}/venvs/{{ openstack_release }}/{{ ansible_distribution | lower }}/cinder-{{ openstack_release }}.tgz"17:28
palendaeAh, I see17:28
odyssey4mepalendae I think it's all in the playbook17:28
odyssey4mesorry, misdirection17:28
palendaenp17:28
palendaeSee it now, thanks17:28
palendaeDoesn't actually look like the venv_tag value is used, then17:29
palendaeSince the URLs use openstack_release17:29
odyssey4mepalendae heh, sounds like we have a little bug there :)17:30
palendaeNope, not according to ack in playbooks/. It's set to openstack_release, but never actually used17:30
jmccroryanyone know why the default neutron device and VM interfaces are set to 1450 MTU here? https://github.com/openstack/openstack-ansible/blob/master/playbooks/roles/os_neutron/defaults/main.yml#L244-L25217:30
palendaeOh, used with vevn_bin17:30
palendaeOk17:30
odyssey4megood catch - if you do find it's not being used then please feel free to clean it up17:30
palendaeodyssey4me: Misread; used in exactly 1 spot per role :p17:31
*** phiche has joined #openstack-ansible17:31
odyssey4mejmccrory gre encapsulation?17:31
odyssey4me(or vxlan)17:31
odyssey4meno idea really, just throwing it out there17:31
*** openstackgerrit has quit IRC17:32
*** openstackgerrit has joined #openstack-ansible17:32
*** dweaver has quit IRC17:35
*** dweaver has joined #openstack-ansible17:35
michaelguginogre needs mtu of 145017:36
jmccroryoh ok, so it's limiting there to account for encapsulation headers outside of VM?17:40
bgmccollumjmccrory yup17:41
Bjoernodeysee4me: 1540531 is an issue inside liberty and not just mitaka17:45
palendaeBjoern: I was going to treat that as a liberty problem17:46
Bjoernok17:46
*** javeriak has joined #openstack-ansible17:46
palendaeBjoern: I'm not working on mitaka upgrades yet17:46
*** sdake has joined #openstack-ansible17:48
*** javeriak has quit IRC17:49
*** javeriak has joined #openstack-ansible17:50
*** sdake has quit IRC17:50
*** javeriak_ has joined #openstack-ansible17:54
openstackgerritJesse Pretorius (odyssey4me) proposed openstack/openstack-ansible: Add notes about bashate E006 exception  https://review.openstack.org/27534917:55
*** javeriak has quit IRC17:55
*** weezS has quit IRC17:56
odyssey4meBjoern yep, palendae is looking into it and it can be targeted once the triage is complete17:57
openstackgerritMichael Gugino proposed openstack/openstack-ansible: Docs: encourage users to run apt-get dist-upgrade on target hosts  https://review.openstack.org/27535417:59
lbragstadis the ansible docs site down?18:00
palendaeNot loading for me18:00
palendaeYeah, just got a cloudflare error18:01
lbragstadhttp://docs.ansible.com/list_of_files_modules.html18:01
odyssey4melbragstad ask jmccrory - he knows them out of his head :18:01
odyssey4me:p18:01
palendaeHm, ansible.com loads and readthedocs.org loads18:01
lbragstaddocs.ansible.com seems to load18:02
palendaeCan't remember if they hosted on rtd, looks like not18:02
palendaelbragstad: docs.ansible.com loads for me out of cloudflare, but I get a banner saying the host is down18:02
*** sigmavirus24 is now known as sigmavirus24_awa18:03
lbragstadhmm - okay. thanks for the sanity check!18:03
palendaeI can browse it now18:03
palendaeBut still have the cloudflare banner18:04
palendaeAaaand spoke too soon18:04
lbragstadah!18:04
lbragstadba dum psh...18:04
jmccroryarchive.org kinda works...slowly https://web.archive.org/web/20150405065537/http://docs.ansible.com/list_of_files_modules.html18:07
jmccroryodyssey4me heh not quite there yet18:07
openstackgerritMichael Gugino proposed openstack/openstack-ansible: Docs: encourage users to run apt-get dist-upgrade on target hosts  https://review.openstack.org/27535418:08
odyssey4memichaelgugino thanks for ^ - I've left a comment with a question :)18:10
michaelguginoodyssey4me: replied18:11
*** mariognarly has joined #openstack-ansible18:13
openstackgerritMichael Gugino proposed openstack/openstack-ansible: Docs: encourage users to run apt-get dist-upgrade on target hosts  https://review.openstack.org/27535418:15
*** shanec has joined #openstack-ansible18:15
michaelguginoI see that reboot is already covered at the bottom of target-hosts prep.  I just moved that step and added some text.18:15
cloudnullNepoc: your welcome to pull the changes in and test them out to see it mets your needs https://github.com/os-cloud/os-ansible-deployment/tree/neutron-fwaas18:16
cloudnullill be submitting it as a review once I can validate it works on a running system I have18:16
cloudnullbut thats the WIP branch18:16
Nepoccloudnull: Awesome that was fast18:16
odyssey4meNepoc while cloudnull is probably a genius, OSA is also an easy framework to add things to once you know how :)18:17
cloudnull^ that18:18
cloudnullbecause of the work odyssey4me has put into it18:18
cloudnull:)18:18
shanechey all, when setting lxc_cache_resolvers in user_vars, what's the syntax? this is throwing a yaml error"xc_cache_resolvers: "nameserver 69.20.0.164","nameserver 69.20.0.196"18:18
odyssey4melol, not me - all of us as a community :p18:18
cloudnull^ that18:18
odyssey4meshanec - it looks like you've added a comma delimited string instead of a yaml list?18:19
SamYaple"nameserver 69.20.0.164","nameserver 69.20.0.196" should be "nameserver 69.20.0.164,nameserver 69.20.0.196" if i read your intent correcly shanec18:20
odyssey4meshanec it should be formatted like so: https://github.com/openstack/openstack-ansible-lxc_hosts/blob/master/defaults/main.yml#L84-L8618:20
NepocWell I'll review it and let you know my success and hopefully glean some info of how I can easily make these changes as well.18:20
shanecawesome, thanks SamYaple and odyssey4me18:21
odyssey4methanks for helping out SamYaple :)18:21
NepocSpeaking of other changes, the SpiceVNC is ... unusable, it doesn't update the display in any browser, you have to type and hit refresh to get updates.18:21
*** skamithi has joined #openstack-ansible18:22
NepocCan I swap it with something else?18:22
odyssey4meNepoc novnc is an option too, although I'm not sure whether anyone's put a config doc together for that yet18:22
odyssey4meit'd be rather lovely if someone did :)18:22
odyssey4mealright, I'm outta here - time to head home18:23
odyssey4menight all18:23
cloudnullnite18:25
cloudnullNepoc: set "nova_console_type: novnc"18:26
cloudnullin your user_variables.yml18:26
*** metral has quit IRC18:26
cloudnullthe option comes from https://github.com/openstack/openstack-ansible/blob/master/playbooks/roles/os_nova/defaults/main.yml#L156-L15718:26
NepocExcellent!18:29
cloudnullonce you set that, you'll want to run os-nova-install.yml18:30
bgmccollumodyssey4me logan- got LXC working...fiddled many bits, now need to figure out which was the correct combination18:33
*** metral_zzz has joined #openstack-ansible18:35
*** metral_zzz is now known as metral18:35
Nepoccloudnull: looks like I don't have the driver No module named neutron_fwaas.services.firewall.fwaas_plugin18:41
SamYapleodyssey4me: i always help!... when i remember to log into this channel....18:41
cloudnullNepoc: likely need to make sure neutron-fwaas is installed within the venv18:42
openstackgerritMerged openstack/openstack-ansible: Ensure that Heat role works with multiple Keystone back-ends  https://review.openstack.org/27271418:43
*** raddaoui has quit IRC18:44
logan-bgmccollum: nice! any massive changes needed or were you able to do most of it using variable overrides?18:48
bgmccollummostly variables i think...i fiddles lots of things...back tracking now to get exact changes18:48
logan-cool18:48
*** skamithi has quit IRC18:52
*** oneswig has joined #openstack-ansible18:54
Nepoccloudnull: yeah that was my problem... now to figure out how to get it in there automatically18:56
*** oneswig has quit IRC18:59
*** electrofelix has quit IRC19:00
cloudnullyea itll get in there  if you have the venv rebuilt this can be done by simply setting repo_build_venv_force_rebuild=true19:00
cloudnullso the command: [ openstack-ansible repo-build.yml os-neutron-install.yml -e 'repo_build_venv_force_rebuild=true' ] should do what you wnat19:01
cloudnull*want19:01
Nepocokay sounds good, just so I can learn something. How does it know to include that in the venv now?19:02
cloudnullits part of the way the repo-build play works with the plugin py_pkgs19:03
*** raddaoui has joined #openstack-ansible19:03
cloudnullthis role https://github.com/openstack/openstack-ansible/tree/master/playbooks/roles/repo_build19:03
NepocYeah I was just digging through trying to figure out how it was going to get pulled in :)19:04
cloudnullthis plugin https://github.com/openstack/openstack-ansible-plugins/blob/master/lookups/py_pkgs.py19:04
NepocLooks like I have some reading to do :)19:05
cloudnullso what happens is the plugin iterates over a list of items which is the locations of various roles19:05
cloudnullhttps://github.com/openstack/openstack-ansible/blob/master/playbooks/repo-build.yml#L2419:05
cloudnullwhich constructs a big json blob of every python type package it could find19:05
*** richoid1 has joined #openstack-ansible19:05
cloudnullwhich it then globs into role based requirements that are used for the individual venvs19:06
*** pellaeon_ has joined #openstack-ansible19:06
NepocNice and complex but handy19:07
cloudnullit used to be simpler, however with the galaxy approach to roles we needed something a bit more complex. sadly.19:08
NepocAh I see19:09
*** itsuugo_ has joined #openstack-ansible19:10
*** evrardjp_ has joined #openstack-ansible19:11
*** lbragstad_ has joined #openstack-ansible19:11
*** pabelanger_ has joined #openstack-ansible19:11
*** mrodden_ has joined #openstack-ansible19:11
*** miguelgrinberg_ has joined #openstack-ansible19:11
*** charz has joined #openstack-ansible19:11
*** weezS has joined #openstack-ansible19:11
*** arbrandes has quit IRC19:12
*** evrardjp has quit IRC19:12
*** richoid has quit IRC19:12
*** pabelanger has quit IRC19:12
*** mattt has quit IRC19:12
*** itsuugo has quit IRC19:12
*** pellaeon has quit IRC19:12
*** charz_ has quit IRC19:12
*** lbragstad has quit IRC19:12
*** mrodden has quit IRC19:12
*** miguelgrinberg has quit IRC19:12
*** lbragstad_ is now known as lbragstad19:12
*** miguelgrinberg_ is now known as miguelgrinberg19:12
*** mrodden_ is now known as mrodden19:12
*** pabelanger_ is now known as pabelanger19:12
*** itsuugo_ is now known as itsuugo19:12
*** skamithi has joined #openstack-ansible19:13
NepocI see how it's working (I think) the "neutron_fwaas: true" gets picked up by the script when it runs through the roles.19:14
cloudnullyes19:14
bgmccollumlogan- updated etherpad, i think its as simple as that -- https://etherpad.openstack.org/p/osad-lxc-hyper-notes19:14
logan-tyvm! bookmarked for when I get some time :)19:14
Nepoccloudnull: Another thanks for your help!19:15
cloudnullanytime19:15
*** mattt1 has joined #openstack-ansible19:16
*** arbrandes has joined #openstack-ansible19:16
*** javeriak_ has quit IRC19:16
*** skamithi has left #openstack-ansible19:19
palendaeBjoern: Left a question for you on https://bugs.launchpad.net/openstack-ansible/+bug/154053119:23
openstackLaunchpad bug 1540531 in openstack-ansible "Upgrade issues with 'Create log aggregation links'" [Undecided,New] - Assigned to Nolan Brubaker (nolan-brubaker)19:23
*** Bjoern is now known as Bjoern_zZzZzZzZ19:27
*** dmsimard has joined #openstack-ansible19:32
*** Bjoern_zZzZzZzZ is now known as Bjoern19:36
*** dmsimard has quit IRC19:37
*** jwagner is now known as jwanger_lunch19:39
*** dmsimard has joined #openstack-ansible19:41
*** oneswig has joined #openstack-ansible19:41
*** dmsimard has quit IRC19:41
Nepoccloudnull: I made that change to novnc but I get "console is currently unavailable" in the browser and I'm seeing this in the horizon logs: "Recoverable error: No available console found.19:44
Nepoc"19:44
cloudnullare you using haproxy ?19:44
cloudnullyou may need to rerun that role to setup the vip .19:44
Nepocahh that's likely it19:44
*** dmsimard has joined #openstack-ansible19:46
Nepoccloudnull: still the same issue, I see novnc running on the nova-console container and haproxy looks good19:54
Nepoccloudnull: I can hit the novnc directly19:55
cloudnullcan you build a new vm to test19:55
Nepocindeed, I was just thinking of testing that too.19:55
cloudnulli bet its an issue with the old vm trying to hit a console type thats no longer available, which is an issue when switching console types19:56
cloudnullthe libvirt.xml wont see the new changes.19:56
cloudnullfor your old vms19:56
NepocSo I would need to manually make those changes or just restart the vm?19:58
*** KLevenstein has quit IRC20:01
cloudnullNepoc: i thnk the change has to be in the DB however i've not spent much time figuring out exactly what would be needed to migrate it20:02
*** KLevenstein has joined #openstack-ansible20:02
NepocOkay no problem, thank you for help20:03
Nepocthe help20:03
bgmccollumi wonder if migrating the VM would rewrite the libvirt.xml with the new console type...20:19
palendaecloudnull: With the upgrade to MariaDB 10, what was the reasoning for including xtrabackup2 by default?20:20
cloudnullwe stopped using the system provided version and set it to a downloadable deb20:22
palendaeOk. Trying to provide notes for docs, all I can find is that it was dropped cause it was old20:23
cloudnullthis was because the system version broke one night after the mariadb repos released a busted version to stable20:23
cloudnullthat was right before the liberty release, like the evening of (if i remember right).20:23
palendaeOk. That was v1, which isn't compatible with the 10.x line anyway, right?20:24
palendaeAnd iirc xtrabackup has something to do with replication?20:24
cloudnullit was v220:25
cloudnullbut the maria folks released v2.3 which busted everything20:26
cloudnullso we stayed on 2.220:26
palendaeOk. So there's not much to it other than to keep MariaDB and xtrabackup in sync so updating one doesn't break the other?20:26
cloudnullyup20:27
palendaeCool, thanks20:27
cloudnullpalendae:  i'd find you the commit , but gerrit is sucking right now20:28
SamYaplecloudnull: you should gertty!20:28
palendaecloudnull: I found the update one and the spec, but they didn't really say much other than xtrabackup was old20:28
palendaeI just did git log --grep locally20:28
palendaeDocumenting changed/added vars for docs20:28
cloudnullSamYaple: i gave gertty a go not long ago, it was ok.20:29
palendaehttps://review.openstack.org/#/c/227839/ <- gold standard20:29
cloudnulli found some of it frustrating20:29
SamYaplecloudnull: yea i use it about %70 of the time. its not a full replacement20:29
palendaeSamYaple: Last I had looked, it was for syncing in-flight reviews. It doesn't have a search feature like the web interface, does it?20:30
*** shanec has quit IRC20:32
SamYaplepalendae: no it doesnt have a search feature afaik you are right. honestly i just saw "gerrit problems" and said "gertty" :) not a huge fain of 2.0 web interface20:32
palendae:p20:32
palendaeYeah, for that, git log --grep anyway20:32
*** shanec has joined #openstack-ansible20:33
NepocIf I have a single Galera container and when it gets rebooted I always need to run the galera-bootstrap to get it up and running. Is there a way to fix that? (not including adding more galera containers)20:33
*** oneswig has quit IRC20:34
cloudnullNepoc: if you add >2 containers the cluster will stay online if you reboot a single node20:34
palendaeNepoc: afaik, if you only have one galera node, it'll have to be re-bootstrapped cause there's no other machines to get the cluster info from20:34
palendaeThe reference design does 3 for that reason, and to establish quorum20:34
cloudnull>=3 is the best way to maintain cluster integrity20:35
cloudnullwhat palendae said20:35
SamYaplepalendae: no it shouldn't need to be bootstraped with one galera node20:35
bgmccollumgerrit 2.11 looks like web 1.020:35
SamYaplethe config itself should have "gcomm://" with no address (essentially --wsrep-new-cluster)20:35
palendaeI think that's what our "bootstrap" does20:36
palendaeBasically start without trying to connect to an existing cluster cause there isn't one20:36
*** oneswig has joined #openstack-ansible20:37
Nepocpalendae: okay I'll try that out "wsrep_cluster_address = gcomm://20:38
Nepoc" ?20:38
*** cemmason has joined #openstack-ansible20:39
palendaeNepoc: Sounds like20:39
*** eil397 has joined #openstack-ansible20:44
izaakkHello all!, I'm trying to do an AIO behind a proxy, I did configure the /etc/openstack_deploy/user_variables.yml with the proxy env vars, but it seems to work only for the host, when the script starts the basic lxc host setup looks like the proxy settings are not applied since its not able to get pip, any suggestion?20:46
*** sdake has joined #openstack-ansible20:47
palendaeizaakk: So the repo container doesn't get the env vars?20:48
izaakkpalendae: I think so, how can I check that?20:49
*** baker has quit IRC20:49
palendaeizaakk: lxc-ls to see if the repo container is there, lxc-attach -n <container_name>20:49
palendaeThen you can look for the pip info20:50
izaakkpalendae: uh, weird, when I do lxc-ls there is no output..20:54
palendaeizaakk: What did you run/20:55
palendaeizaakk: The containers should be made fairly early20:57
izaakkI first ran the scripts/bootstrap_ansible.sh & bootstrap_aio.sh, then went to the user_vars to set the proxy. I ran the run_playbooks.sh.   After like one minute, when it's at the Basic lxc host setup fails at the Get Modern PIP TASK20:59
palendaeAh, ok21:00
palendaeSo it probably hasn't set up the containers yet21:00
*** baker has joined #openstack-ansible21:02
*** mattt1 has quit IRC21:02
*** mattt1 has joined #openstack-ansible21:02
palendaeizaakk: What docs did you reference for the proxy settings? It's been a while since I've used htem21:02
*** mattt1 is now known as mattt21:02
izaakkpalendae: I didn't find anything in the docs, but I found in the file /etc/openstack_deploy/user_variables.yml in the repo, the following: http://paste.openstack.org/show/485772/21:07
*** spotz_zzz is now known as spotz21:11
*** raddaoui has quit IRC21:12
palendaeizaakk: Ok. Mind pasting the error on paste.openstack.org?21:15
*** CheKoLyN has joined #openstack-ansible21:15
izaakkpalendae: sure thing, http://paste.openstack.org/show/485773/21:19
palendaeizaakk: What's in your /root/.pip/pip.conf?21:21
izaakkpalendae: then, retries with  -vvvv: http://paste.openstack.org/show/485774/21:21
*** raddaoui has joined #openstack-ansible21:21
izaakkpalendae: where can I find the pip.conf? I don't have one in /root21:24
palendaeOh, hm. can you do a set and see if the proxy vars are really in the environment?21:25
palendaeThough if they're in the user vars they might be passed in. Your verbose output doesn't appear to have any proxy info, but I don't remember what the output looks like21:25
izaakkpalendae: you mean, set export?21:27
palendaeUsing `set` should dump all the environment variables21:27
palendaeMight also help to see your user_variables21:28
palendaeAlso, what version are you deploying?21:28
*** sdake has quit IRC21:29
izaakkpalendae: I'm deploying master21:31
*** cemmason has quit IRC21:36
*** spotz is now known as spotz_zzz21:36
izaakkpalendae: for the user_variables, I just added the following lines : http://paste.openstack.org/show/485775/21:37
palendaeizaakk: Ok. Did you sanitize that proxy address, or is it literally proxy.server.com?21:38
izaakkpalendae: I did sanitize it hehe21:39
palendaeFor sanity, can you telnet to that machine/port?21:39
palendaeOr ping it21:39
palendaeRe-reading your error, looks like the SSL cert coming back from bootstrap.pypa.io:443 for you is invalid. Wonder if the proxy's not passing that correctly21:40
*** baker has quit IRC21:41
*** spotz_zzz is now known as spotz21:42
izaakkpalendae: yeah, that's the proxy server I use for other stuff and it's working.. huhh weird21:45
palendaeizaakk: Is it working with get-pip.py outside of the OSA stuff?21:45
odyssey4mehmm, this is not a new issue21:46
odyssey4meit generally happens when the proxy is being naughty and intercepting the cert21:46
palendaeIt's not one I've encountered, I don't work with proxies much21:46
palendaeYeah, that's what I thought21:46
palendaeizaakk: Is it a corporate or personal proxy?21:46
izaakkpalendae: Corporate21:47
palendaeOk, figured :)21:47
odyssey4mewe need to turn the lines like this into something configurable: https://github.com/openstack/openstack-ansible-pip_install/blob/master/tasks/main.yml#L4621:47
palendaeAh, yeah - izaakk You could try changing that line to no =\21:47
odyssey4methere're a few of those21:47
odyssey4meizaakk this would be a good first patch :)21:48
palendaeMight get you further...and then blow up21:48
palendaeBut yeah, pip stuff's spread around a little21:48
odyssey4meno, I mean that there are a few of those in that task file21:48
palendaeOh21:48
* palendae is running out of steam21:49
odyssey4meizaakk something else we've learned is that you may need to set http_proxy, HTTP_PROXY, etc in order for it to work21:50
*** oneswig has quit IRC21:50
odyssey4meie capitals and smalls... some linux bits respect the one set, and others the other set21:50
palendaeThe global_environment_variables bit only did the all caps21:50
*** baker has joined #openstack-ansible21:51
palendaeodyssey4me: Before I forget, I tossed a note on https://etherpad.openstack.org/p/openstack-ansible-upgrade-framework about env.d possibly changing between releases. It occurred to me we hadn't accounted for it in Liberty yet, but I also figured it's gonna be something to at least check every version21:51
izaakkodyssey4me: alright, will try to change that and submit the patch. Will try to add both, upper and lower case.21:51
izaakkthanks palendae and odyssey4me !!21:51
palendaeNot sure if it belongs on the same line or separate, since env.d changes could be to existing containers, not necessarily new ones21:52
palendaeizaakk: Sure thing21:52
odyssey4mepalendae yes, good call - the trouble with env.d is that it's up to the deployer how they want to lay things out... but we should have a way of informing them of new environment bits21:53
palendaeodyssey4me: Right, that's what I was puzzling through over lunch21:53
palendaeI know it needs to happen, I just don't know how to go about it yet21:53
odyssey4mepalendae now with config_template I'm starting to wonder whether we shouldn't do away with env.d/conf.d and just use config_template to modify the stock setup21:53
palendaeonce copied, the project doesn't "own" env.d anymore21:53
odyssey4mepalendae I would recommend, as a starting point, just release notes to inform of changes - from there, perhaps some sort of 'inspector' scripts could compare what a deployer has to the stock bits21:54
*** metral has quit IRC21:54
odyssey4methen they can actively make the changes they want, or spot changes they made on purpose21:54
palendaeYeah. I know git-harry did an 'update_yaml.py' script for rpc-openstack that merged/overwrote default values for the config21:55
logan-update-yaml.py is awesome21:55
palendaeIf not config_template, maybe something similar could be useful21:55
odyssey4mebut yeah - perhaps we should switch to using the stock bits by default, and the conf.d/env.d entries can be overrides while we deprecate that functionality21:55
palendaeHm, yeah21:55
palendaeSo we have a stock thing that we own21:55
palendaeuser_env.d :p21:55
odyssey4meor yes - the update-yaml thing could have an 'inspector' mode which tells you how things will change21:56
palendaeOk, for liberty I think that's sailed21:56
odyssey4meyep, but these effects are things that need to feed into a more sustainable framework that's ongoing21:56
palendaeYeah, I've got some of that for the variable changes in defaults/main.yml for ansible roles, but I basically rely on anisgenome to fish that stuff out for me to do some comparisons on21:56
palendaeRight21:56
palendaeI'21:56
*** sdake has joined #openstack-ansible21:57
palendaeI'm trying to keep a mind towards what we'll need in the future, even if I don't do it now21:57
palendaeLike renaming/deprecating vars21:57
odyssey4mepalendae I dunno if you've seen https://github.com/openstack/ansible-role-diskimage-builder - but I quite like how the defaults are things you override, and the vars are things you don't21:58
palendaeI have a pipeline of scripts that'll compare variables now, but I'm not adding them to the project because I'm not sure they fit, and also they require doing git checkouts right now...and they won't get added back to kilo21:58
palendaeI have not looked at those closely, no21:58
*** jthorne has quit IRC21:59
odyssey4mepalendae keep them somewhere public - they can feed into the conversation when we get back to it21:59
palendaeI'll toss em in a repo21:59
odyssey4memy ideal is that every patch considers docs/releasenotes/upgrades with it21:59
palendaeRight21:59
odyssey4mebut for that to happen, we need a framework to slot that consideration into it22:00
palendaeThe hope would be they'd not be relevant for too many releases22:00
palendaeI'd hoped we could get upgrade stuff in with each thing in liberty, but obviously didn't happen22:00
odyssey4meyeah, such is life - but we're learning22:00
odyssey4mewith each step we learn newer things22:01
palendaeYeah22:01
palendaeThis process, thus far, has been better than Juno -> Kilo22:01
odyssey4mewe almost have some breathing room to actually step back and look around for inspiration... and I think that may just be possible next cycle... at least with one or two streams of work22:02
*** shanec has quit IRC22:02
odyssey4meI can see us doing quite a bit of refactoring to take advantage of Ansible 2, but also at the same time applying what we think is a good set of patterns consistently across roles.22:03
stevelleinspiration / consternation. same same.22:03
palendaeThe thing that's going to get tricky is the integration gate staying stable22:03
*** metral_zzz has joined #openstack-ansible22:03
*** metral_zzz is now known as metral22:03
*** Mudpuppy_ has joined #openstack-ansible22:03
palendaeI've noticed when a separated role causes gate failure, it adds a step of tracking to get it fixed22:03
palendaeSuch is the nature though22:04
palendaeAnd we're early days22:04
odyssey4meyeah, that's a new set of things to learn - but we'll get better at it22:04
stevelleshould each role have an integration check run on osa?22:04
odyssey4mestevelle we need to figure out what we think is the right way to do it22:05
stevelleI like the idea of having it as an experimental check on each role repo at least22:05
odyssey4mein my mind it makes more sense to treat many of the roles like libraries - they must have their own tests, then when we tag them an integration test should run to validate that they work22:05
*** woodard has quit IRC22:05
odyssey4memany of the OpenStack roles rely on the other OS roles anyway, as do many of the non OS roles22:06
palendaeRight22:06
odyssey4meso they do a sort-of integration test already - but just using a minimum set of roles to achieve the goal of functional testing22:06
*** Mudpuppy has quit IRC22:06
odyssey4meeg the Galera role implements a cluster using the lxc hosts and lxc container create roles22:07
odyssey4meit then runs a barrel of tests to validate that the cluster is working22:07
odyssey4mesame with rabbit22:07
stevelleWith gate split I suspect we might be able to do some interesting work to get tempest tests running for the os_role repos at least22:07
odyssey4meboth of those have had more testing added since they were split out - with both we discovered shortfalls and ended up improving the setups in liberty & kilo as a result22:08
*** Mudpuppy_ has quit IRC22:08
odyssey4meyeah, cloudnull is trying to figure all that out22:08
cloudnullwhats that ?22:08
odyssey4meit's likely to require some restructuring too22:08
stevelleIt works for the infra, for sure, but you're not going to meaningfully test cinder by itself22:08
stevellesmoke test maybe22:09
odyssey4mespeaking of which, we need some more feedback in https://review.openstack.org/272764 please22:09
odyssey4mepalendae stevelle ^22:09
cloudnullthis one too https://review.openstack.org/#/c/271423/ =)22:09
odyssey4mestevelle well, cinder could conceivably tested with a minimal nova/glance build22:10
odyssey4menova/glance/keystone22:10
stevelleodyssey4me: that's closer to my thinking yes.22:10
odyssey4meso that's the general idea22:10
stevelleone should be able to do tempest tests for all 3 of them in the one build22:10
odyssey4mewhich means that each role does an integration test of sorts - it's different to the production build-out though, and that's a good thing22:11
stevelleand should run that set of tempest tests for any change to any of the 3 roles22:11
odyssey4meno dynamic inventory, less containers, less complexity22:11
*** raddaoui has quit IRC22:11
odyssey4mequicker feedback22:11
*** baker_ has joined #openstack-ansible22:13
*** baker has quit IRC22:13
odyssey4meanyway, I came on for a cross project meeting which was postponed :)22:14
cloudnullstevelle: so far my plan of attack was to do the independent roles for all the things and add tests much like we have. being that I wasnt sure what to test I thought I'd have each role execute its part of the smoke tests we currently do to ensure functionality.22:14
odyssey4meso yeah, let me get back to !computering :)22:14
cloudnullchao22:14
palendaeodyssey4me: Do that :)22:14
*** KLevenstein has quit IRC22:14
odyssey4megood chat all :) thanks for the heads up palendae :)22:15
odyssey4meciao22:15
*** rev_dr has quit IRC22:16
*** KLevenstein has joined #openstack-ansible22:18
*** retreved has quit IRC22:21
*** admin0 has joined #openstack-ansible22:22
cfarquharare there any playbooks in liberty that aren't idempotent?22:24
*** sdake has quit IRC22:24
openstackgerritNolan Brubaker proposed openstack/openstack-ansible: [WIP] Add support for upgrading from Kilo to Liberty  https://review.openstack.org/27218222:25
*** sdake has joined #openstack-ansible22:26
*** phiche1 has joined #openstack-ansible22:33
admin0setup-hosts set's up the containers right ? but the IP is natted and not the br-mgmt , so setup-infra fails ??22:33
*** jwanger_lunch is now known as jwagner22:33
admin0my deploy server has access to just the mgmt range only22:33
*** phiche has quit IRC22:34
*** oneswig has joined #openstack-ansible22:35
*** vCloudernBeer has joined #openstack-ansible22:38
vCloudernBeerping odyssey4me22:38
admin0ping anyone :)22:39
*** phiche has joined #openstack-ansible22:39
vCloudernBeeradmin0 I am here22:39
*** oneswig has quit IRC22:39
*** phiche1 has quit IRC22:40
admin0vCloudernBeer:  my ansible server has access to br-mgmt .... i run ansible playbooks  .. setup-hosts work fine without issue .. i see containers running on all 3 infra servers , but they have the lxcbr0 ip only22:40
admin0when i run setup-infra, it fails22:40
admin0and this is ood22:40
admin0odd22:40
vCloudernBeeradmin0 I am new and do not know the answer.  I am still exploring22:41
*** jamielennox|away is now known as jamielennox22:41
admin0ok22:41
vCloudernBeeradmin0  When I install the all-in-one, I see a whole bunch of new interfaces created on my Linux machine.22:41
admin0vCloudernBeer: i am not using the all-in-one, but real different machines ..22:42
admin0i have never even used the all-in-one actually22:42
vCloudernBeeradmin0 Yeah, you mentioned that.  I have limited hardware for my home lab22:42
vCloudernBeerso I can only do the AIO version to play around22:43
admin0you can also do multiple virtualboxes22:43
vCloudernBeeradmin0 I tried but not enough horse power (RAM on my machine). :(  I am doing this on my own after work.  No company sponsor22:44
*** shanec has joined #openstack-ansible22:45
admin0this is also my home setup .. got a few boxes to play wtih .. so every evening after 11 when power is cheaper, turn ON ,, deploy .. test stuff .. power down :)22:46
vCloudernBeeradmin0 that is good. :)22:47
*** shanec has quit IRC22:52
*** pegmanm_ has joined #openstack-ansible22:53
admin0setup-hosts, it brings up the containers, but the containers have just 10.0 lxcbridge ip .. and in inventory json, the ssh host for the containers is null .. so my setup-infra fails22:53
admin0but i fail to find out how to fix it22:53
admin0since lxc-ls -f show the containers just have the nat range and no other ips in the br-mgmt range22:53
*** pegmanm has quit IRC22:56
*** b3rnard0 is now known as b3rnard0_away22:58
*** CheKoLyN has quit IRC23:02
*** jamielennox is now known as jamielennox|away23:05
*** phiche has quit IRC23:05
*** scarlisle has quit IRC23:07
openstackgerritBjoern Teipel proposed openstack/openstack-ansible: Replacing LBaaSv1 with v2 configuration  https://review.openstack.org/27544023:19
*** shanec has joined #openstack-ansible23:19
*** admin0 has quit IRC23:20
*** vCloudernBeer has quit IRC23:21
*** michaelgugino has quit IRC23:23
*** KLevenstein has quit IRC23:44
*** galstrom is now known as galstrom_zzz23:44
*** baker_ has quit IRC23:46
*** baker has joined #openstack-ansible23:47
*** sdake has quit IRC23:48
*** baker has quit IRC23:54
*** jeh has quit IRC23:56
« Monday, 2016-02-01 Index Wednesday, 2016-02-03 »

Generated by irclog2html.py 2.14.0 by Marius Gedminas - find it at mg.pov.lt!