Monday, 2020-09-21

« Sunday, 2020-09-20 Index Tuesday, 2020-09-22 »
*** d34dh0r53 has joined #openstack-ansible00:14
*** spatel has joined #openstack-ansible00:49
*** redrobot has quit IRC01:08
*** spatel has quit IRC01:10
*** cshen has joined #openstack-ansible01:40
*** cshen has quit IRC01:44
*** cshen has joined #openstack-ansible03:14
*** cshen has quit IRC03:18
*** dave-mccowan has quit IRC03:23
*** shyamb has joined #openstack-ansible04:21
*** MickyMan77 has quit IRC04:22
*** MickyMan77 has joined #openstack-ansible04:23
*** evrardjp has quit IRC04:33
*** evrardjp has joined #openstack-ansible04:33
*** shyamb has quit IRC05:03
*** shyamb has joined #openstack-ansible05:03
*** shyamb has quit IRC05:09
*** shyamb has joined #openstack-ansible05:10
*** jawad_axd has joined #openstack-ansible05:11
*** cshen has joined #openstack-ansible05:14
*** jawad_axd has quit IRC05:15
*** cshen has quit IRC05:19
snadgeso my employer is finally ready to move onto this train openstack-ansible deployment, but I'm seeing a bunch of timeout errors for neutron relating to rabbitmq.. i wonder if I have enough threads / processes allocated to various things etc05:30
snadgemissed heartbeats and things like that.. it jams up.. errors.. then continues05:30
*** shyamb has quit IRC05:45
*** mathlin has joined #openstack-ansible06:03
*** mathlin has quit IRC06:20
*** mathlin has joined #openstack-ansible06:22
*** cshen has joined #openstack-ansible06:25
*** cshen has quit IRC06:30
*** andrewbonney has joined #openstack-ansible06:50
jrossernoonedeadpunk: did you see the train SHA bump failures, like on centos7 it just ignores the boostrap-host role totally https://zuul.opendev.org/t/openstack/build/1048979a2e204b80bf551baadca2fc40/log/job-output.txt#3913-398806:53
noonedeadpunkjrosser: not yet06:54
noonedeadpunkum....07:00
noonedeadpunkthat is weird indeed07:00
noonedeadpunkand tbh I thought that gate-check-commit is the one which launch bootstrap-ansible and bootstrap-aio07:02
jrosseri was looking here https://github.com/openstack/openstack-ansible/blob/stable/train/tests/bootstrap-aio.yml#L2207:02
jrosserseems like the sshd role runs07:03
noonedeadpunkyeah07:03
*** tosky has joined #openstack-ansible07:03
noonedeadpunkand it's not failing as well07:03
jrosserthen later it all just doesnt have inventory and deploys nothing, i guess becasue nothing got put in /etc/openstack_deploy07:04
noonedeadpunkyeah as we don't bootstrap corerectly, you're right about that07:04
noonedeadpunk*correctly07:05
noonedeadpunkoh, ok, we moved from bootstrap to pre step indeed to do it in more zuul native way, I can recall that07:06
noonedeadpunkI guess Logan was doing that07:06
noonedeadpunkId say that might be just some gates flap unless that would be for all centos 7....07:08
jrosserwell, maybe just recheck and see if it comes good - 2 out of 3 centos7 jobs did that07:09
noonedeadpunkbut.... sshd role seems not to be finished07:09
noonedeadpunkyeah, agree07:09
*** pcaruana has joined #openstack-ansible07:14
*** pcaruana has quit IRC07:17
*** pcaruana has joined #openstack-ansible07:17
*** cshen has joined #openstack-ansible07:20
openstackgerritJonathan Rosser proposed openstack/openstack-ansible master: Remove references to eth10/eth11 container interfaces  https://review.opendev.org/75118307:38
openstackgerritJonathan Rosser proposed openstack/openstack-ansible master: Remove Centos-7 support  https://review.opendev.org/74210007:42
openstackgerritMerged openstack/openstack-ansible-lxc_hosts master: Wait for aria2c to finish  https://review.opendev.org/75172407:44
openstackgerritJonathan Rosser proposed openstack/openstack-ansible-lxc_container_create master: Remove support for Centos-7  https://review.opendev.org/74212007:46
openstackgerritJonathan Rosser proposed openstack/openstack-ansible-lxc_container_create master: Remove support for LXC2 configuration keys  https://review.opendev.org/74212107:46
openstackgerritJonathan Rosser proposed openstack/openstack-ansible master: WIP - test ansible 2.10  https://review.opendev.org/74948407:51
openstackgerritJonathan Rosser proposed openstack/openstack-ansible-tests master: Bump ansible version to 2.9.13  https://review.opendev.org/73793507:52
openstackgerritJonathan Rosser proposed openstack/openstack-ansible-tests master: Bump ansible version to 2.9.13  https://review.opendev.org/73793507:52
openstackgerritJonathan Rosser proposed openstack/openstack-ansible-tests master: Remove Centos-7 support  https://review.opendev.org/74210307:52
openstackgerritJonathan Rosser proposed openstack/openstack-ansible-galera_server master: Remove Centos-7 support  https://review.opendev.org/74210407:54
*** jawad_axd has joined #openstack-ansible08:00
openstackgerritJonathan Rosser proposed openstack/openstack-ansible-tests master: Remove opensuse-15 jobs  https://review.opendev.org/73798508:01
openstackgerritJonathan Rosser proposed openstack/openstack-ansible-tests master: Remove opensuse-15 jobs  https://review.opendev.org/73798508:02
openstackgerritJonathan Rosser proposed openstack/openstack-ansible-os_magnum master: Only install devel packages during python_venv_build  https://review.opendev.org/73784408:07
openstackgerritJonathan Rosser proposed openstack/openstack-ansible master: Remove apt proxy cleanup tasks  https://review.opendev.org/73625008:08
openstackgerritJonathan Rosser proposed openstack/openstack-ansible-os_tempest master: Use ansible openstack collection  https://review.opendev.org/71863908:09
openstackgerritMerged openstack/openstack-ansible-tests master: Add os_senlin to required-projects  https://review.opendev.org/74953008:09
openstackgerritJonathan Rosser proposed openstack/openstack-ansible master: [WIP] Bind services to mgmt network addresses  https://review.opendev.org/67005108:10
*** jbadiapa has joined #openstack-ansible08:13
openstackgerritOpenStack Proposal Bot proposed openstack/openstack-ansible-os_senlin master: Updated from OpenStack Ansible Tests  https://review.opendev.org/75289208:21
openstackgerritMerged openstack/openstack-ansible-os_barbican master: Define condition for the first play host one time  https://review.opendev.org/75124808:34
openstackgerritMerged openstack/openstack-ansible-os_glance master: Define condition for the first play host one time  https://review.opendev.org/75127008:38
openstackgerritMerged openstack/openstack-ansible-os_masakari master: Define condition for the first play host one time  https://review.opendev.org/75178308:48
openstackgerritMerged openstack/openstack-ansible-os_cinder master: Define condition for the first play host one time  https://review.opendev.org/75126008:49
openstackgerritMerged openstack/openstack-ansible-os_heat master: Define condition for the first play host one time  https://review.opendev.org/75127408:51
openstackgerritMerged openstack/openstack-ansible-os_mistral master: Define condition for the first play host one time  https://review.opendev.org/75178408:53
openstackgerritMerged openstack/openstack-ansible-os_cinder master: Use cinder_service_setup_host for qos and types creation  https://review.opendev.org/75049108:55
openstackgerritMerged openstack/openstack-ansible-os_designate master: Define condition for the first play host one time  https://review.opendev.org/75126808:56
openstackgerritMerged openstack/openstack-ansible-os_aodh master: Define condition for the first play host one time  https://review.opendev.org/75118508:57
openstackgerritMerged openstack/openstack-ansible-os_ceilometer master: Define condition for the first play host one time  https://review.opendev.org/75125708:58
openstackgerritMerged openstack/openstack-ansible stable/ussuri: Bump SHAs for stable/ussuri  https://review.opendev.org/75283209:29
openstackgerritMerged openstack/openstack-ansible-os_neutron master: Define condition for the first play host one time  https://review.opendev.org/75179009:29
openstackgerritMerged openstack/openstack-ansible-os_gnocchi master: Define condition for the first play host one time  https://review.opendev.org/75127209:35
openstackgerritDmitriy Rabotyagov (noonedeadpunk) proposed openstack/openstack-ansible-lxc_hosts stable/ussuri: Wait for aria2c to finish  https://review.opendev.org/75290509:38
*** sshnaidm|afk is now known as sshnaidm09:52
*** SecOpsNinja has joined #openstack-ansible10:04
noonedeadpunkjrosser: I'm really concerned about centos 8 job for galera... It fails for cluster, but spatel says it's working nicely for him... have no idea :(10:16
snadgeyeah i have some strange networking stuff going on with amqp/rabbitmq10:17
snadgeand neutron disconnecting10:17
snadgethat's on centos 7.. im not sure if maybe its something dumb like systemd-networkd resetting interfaces when it shouldn't be10:18
snadgebut getting things like connection resets10:18
noonedeadpunkhttps://zuul.opendev.org/t/openstack/build/5cf2d490f34846329a8aa45b83e38628/log/logs/openstack/container2/mariadb.service.journal.log.txt#54210:19
noonedeadpunksnadge: do you get it for nova?10:19
snadgeyes10:19
noonedeadpunkI mean it's for all services or for nova only?:)10:20
noonedeadpunkas I can recall some discussion that nova drops connections and it's more intended behaviour than an issue10:20
snadgenova.console.websocketproxy error: [Errno 32] Broken pipe10:21
noonedeadpunkdo you see reall issues with nova except seeing this logged?10:22
snadgeyeah.. amqp timeouts, and neutron errors in the nova log10:23
snadgefor some reason the rabbit stuff is getting jammed up10:23
snadgei have 7 compute nodes, and one controller which runs all the containers10:25
noonedeadpunkdoes it have enough ram?10:25
snadgei think so10:25
noonedeadpunk(64gb might not be enough)10:25
snadgenova.console.websocketproxy error: [Errno 32] Broken pipe10:26
snadgewrong paste10:26
noonedeadpunkI think that might be okay10:26
snadgeKiB Mem : 14010537+total, 28267148 free,  9387288 used, 10245094+buff/cache10:26
snadgeso thats 16gb total?10:26
noonedeadpunkI mean iirc `Broken pipe` is caused with respawning of nova services, which have ttl or smth10:27
noonedeadpunkso it's smth that should not cause issues. but again, if I'm not mixing things up10:27
snadge140gb rather, and 28gb free10:28
noonedeadpunkyah, more than 64 gb is enough for sure10:28
noonedeadpunkand what neutron errors are?10:29
snadgejust heaps of rabbit timeouts10:29
snadgein the nuetron logs10:29
snadgeso maybe i should look at simple things.. like how many threads/processes should be allocated to rabbit/neutron10:30
noonedeadpunkwhat I can suggest trying, is to run `openstack-ansible playbooks/rabbitmq-install.yml -e rabbitmq_upgrade=true` but again, this more fixes issue when you have a cluster rather than single instance10:30
snadgeinteresting.. so i see lots of errors like "ERROR oslo.messaging._drivers.impl_rabbit [req-1dc8f485-9008-4635-8cab-4560b2edb71d - - - - -] [4264d422-74f3-4764-8ad1-5cda53f65d2e] AMQP server on 172.29.237.199:5672 is unreachable: timed out. Trying again in 6 seconds.: timeout: timed out"10:32
snadgeand too many heartbeats missed.. then eventually it goes 200 OK10:32
snadgelooks like it makes about 8 connections to the rabbit server10:33
snadgeis that one for each compute node or something?10:33
snadgeAgent healthcheck: found 11 dead agents out of 1310:34
jrossersnadge: if you've got somehow massive numbers of messages backed up in rabbitmq the whole thing can bog down10:45
snadgehow do i check the queue depth?10:46
jrosserenabling the rabbitmq dashboard and looking at that is sometimes quite useful10:46
jrosseri think that dashboard is on port 15672 of the internal VIP and the password is in user secrets10:48
jrosserthe 'monitoring' user has limited permissions which means it doesnt see everything10:49
jrosseryou can 'rabbitmqctl set_user_tags monitoring administrator'10:49
jrosserto give it full permissions10:50
snadgei must have used an ssh port forward to do it before, thats the part i would have missed for usre10:50
snadgei can see i have accessed 15672 via localhost10:50
jrossernoonedeadpunk: yes centos-8 galera is looking really bad10:52
jrosserand thats blocking loads of patches10:52
openstackgerritMerged openstack/openstack-ansible-tests master: Remove opensuse-15 jobs  https://review.opendev.org/73798510:53
noonedeadpunkincluding move of ansible version, yeah10:54
noonedeadpunkand I'd rather not set it to non-voting....10:55
snadgeim logged in as "admin" user10:57
noonedeadpunkjrosser: btw, I've put us into PTG schedule - on wednesday on day slot, and on thursday on evening one10:58
noonedeadpunkWill that work for you?10:58
noonedeadpunkoh my10:59
noonedeadpunkthat's bad11:00
noonedeadpunkI did huge mistake11:00
snadgeit looks like neutron messages are queueing/unacked11:02
snadgespecifically q-reports-plugin11:03
noonedeadpunkchange of plans:) monday  13UTC-17UTC, Tuesday 21UTC-23UTC ?11:03
noonedeadpunk(it's October 26-27)11:07
jrossershould be ok11:18
openstackgerritJonathan Rosser proposed openstack/openstack-ansible-os_magnum master: Only install devel packages during python_venv_build  https://review.opendev.org/73784411:25
*** jawad_axd has quit IRC11:25
*** jawad_axd has joined #openstack-ansible11:26
noonedeadpunkok and train failed exact same way :(11:45
noonedeadpunka bunch of PRs were merged for https://github.com/willshersystems/ansible-sshd/commits/master11:50
jrossernoonedeadpunk: we didnt remove something on master for centos-7 which has affected stable/train?11:50
jrosserzuul jobs stuff11:51
noonedeadpunknope we didn;t I think it's ssh role that breaks us for some reason...11:52
noonedeadpunkLike https://github.com/willshersystems/ansible-sshd/commit/b9fb457d2b8a453e2e9e983216be11b857f9183111:52
noonedeadpunkor not...11:53
noonedeadpunkI mean sshd doesn't really execute11:53
noonedeadpunkit just gather facts and fails...11:54
openstackgerritDmitriy Rabotyagov (noonedeadpunk) proposed openstack/openstack-ansible stable/train: Bump SHAs for stable/train  https://review.opendev.org/75283111:54
*** rh-jelabarre has joined #openstack-ansible11:55
*** Brace has joined #openstack-ansible11:57
openstackgerritMerged openstack/openstack-ansible-lxc_hosts stable/ussuri: Wait for aria2c to finish  https://review.opendev.org/75290512:02
openstackgerritMerged openstack/openstack-ansible-os_magnum master: Add deployment of keystone_auth_default_policy  https://review.opendev.org/75176712:10
jrossernoonedeadpunk: what do you think of this https://github.com/openstack/openstack-ansible-rabbitmq_server/blob/fc27e735a68b64cb3c67dd8abeaf324803a9845b/tasks/rabbitmq_post_install.yml#L56-L7412:14
jrosserit tries to configure the plugins before restarting the service, that feels a bit odd12:14
jrosserwith ansible 2.10 *all* the focal jobs fail like this https://zuul.opendev.org/t/openstack/build/26fd41c434e24643be1aef6fc12e84cc/log/job-output.txt#872412:16
* noonedeadpunk wondering how ansible version changes that12:17
jrosseryeah, odd12:18
noonedeadpunkmaybe it started to correctly interper output of plugin...12:18
jrosseroh hrrm you know what else - focal we still take the distro package for rabbtmq12:19
noonedeadpunkoh, so it might get another version of rabbit12:19
noonedeadpunkit's 3.8.212:21
jrosserit's working elsewhere though isnt it12:21
openstackgerritMerged openstack/openstack-ansible-os_magnum master: Simplify service creation  https://review.opendev.org/75176812:22
jrosserso maybe you're right and something changes with 2.10 and the rabbitmq_plugin module12:22
jrossermaybe not https://zuul.opendev.org/t/openstack/build/26fd41c434e24643be1aef6fc12e84cc/log/logs/host/rabbitmq/rabbit@aio1.log.txt#16912:22
noonedeadpunkbtw still no package on packagecloud12:23
jrosserno it seems just noting at all for focal12:23
jrosser*nothing12:23
noonedeadpunkhm, where do we store this plugin?12:25
noonedeadpunkoh, it's upstream...12:26
noonedeadpunklol12:26
jrossermaybe i miss something but not even focal here https://bintray.com/rabbitmq/debian/rabbitmq-server12:26
noonedeadpunkI guess since focal uses 3.8 from their repos, they decided not to build 3.8 for it at all...12:27
noonedeadpunkhttps://launchpad.net/ubuntu/focal/+package/rabbitmq-server12:28
jrosserhmm ok - think i need a focal / ansible 2.10 AIO to see whats going on12:30
noonedeadpunkrabbitmq_plugin wasn't changed for years as well....12:30
noonedeadpunkoh, wait, for 2.10 I think it comes from another repo12:31
jrosserright - so i'm wondering how this even works12:31
jrosserdoes ansible 2.10 ship the community collections?12:32
*** jawad_ax_ has joined #openstack-ansible12:32
jrosserhttps://github.com/ansible-collections/community.rabbitmq12:33
jrosseroh wow look who makes all the commits there :) odyssey4me12:33
noonedeadpunkyeah, I promised to help out with that but never did ;(12:34
noonedeadpunkhuh, lol12:35
*** dave-mccowan has joined #openstack-ansible12:35
noonedeadpunkhttps://github.com/ansible-collections/community.rabbitmq/blob/main/plugins/modules/rabbitmq_plugin.py#L143 - that is new12:35
*** jawad_axd has quit IRC12:36
noonedeadpunkso maybe not valid defaults were used...12:37
noonedeadpunkbut we have pretty simple fix though12:38
noonedeadpunkbut we jsut need to set `broker_state: offline` there12:39
jrosseryeah, i think from our code it does this after dropping the config but before restarting the service, which could explain that12:40
noonedeadpunkand seems default was offline (but no default here https://www.rabbitmq.com/rabbitmq-plugins.8.html )12:40
jrossermight be intersting chicken/egg to land this patch12:41
noonedeadpunkI mean it seems that --online is actually what changes behaviour12:41
noonedeadpunkas it means `Treat a failure to connect to the running broker as fatal.`12:41
noonedeadpunkmaybe we will just change default in collection?:)12:41
*** jawad_axd has joined #openstack-ansible12:42
noonedeadpunkit's tagged though....12:42
jrosserdoes this mean we need to pull in the collection?12:43
noonedeadpunkI think ansible pulls it...12:43
noonedeadpunkbtw I guess just landing patch to 2.9 won't make it broken because of unkown argument?12:44
jrosserthats an error isnt it? using non existant module arg?12:45
jrosserwell - maybe bigger picture thing12:45
*** jawad_ax_ has quit IRC12:46
jrosserrabbitmq was always a pain point for the ansible module12:46
jrosserso perhaps we just switch to using the collection right now12:46
jrosserindependant of 2.1012:46
noonedeadpunkand drop afterwards?12:46
odyssey4mejrosser: yep, I got that setup as an individual collection after our chat about all the changes you and noonedeadpunk wanted to make12:46
noonedeadpunkas in 2.10 it will be collection anyway?12:47
jrosserwell i'm kind of not sure12:47
jrosseri really don't understand how my wip patch on 2.10 is getting rabbitmq modules at all right now12:47
jrossero/ hello odyssey4me12:47
noonedeadpunkfrom what I can recall they were going to install all collections with ansible and provide minimal package along with that12:48
odyssey4meyeah, 2.10 should include that collection12:48
noonedeadpunkno to bother users with installing all manually to get things working as was in 2.912:48
odyssey4meI think 'ansible' from pypi will be ansible-base+maintained collections12:49
noonedeadpunk+112:49
jrosserodyssey4me: so if i run a job today with ansible 2.10 can i find which version of rabbitmq_plugin is used?12:51
odyssey4mejrosser: it should be the 1.0.0 collection release that is used12:53
odyssey4mejrosser: although quite honestly I have no idea how one would confirm that12:54
jrosser:)12:54
noonedeadpunkjrosser: yeah, probably it would be great goal to use ansible-minimal12:54
jrossernoonedeadpunk: looks like it - you just can no longer go to github/ansible/ansible and dive straight to the module code12:54
noonedeadpunkI'm more bothered with docs tbh12:55
odyssey4menoonedeadpunk: the docs should also be getting published - if not, there's a bug12:55
noonedeadpunkas https://docs.ansible.com/ansible/latest/modules/rabbitmq_plugin_module.html is obviously not relevant12:55
noonedeadpunkbroker_state was already in 1.0.012:56
*** yasemind has quit IRC12:57
admin0hi all .. anyone using magnum/kubernetes on openstack13:07
*** yasemind has joined #openstack-ansible13:10
*** jawad_axd has quit IRC13:21
*** jawad_axd has joined #openstack-ansible13:22
*** cshen has quit IRC13:28
openstackgerritMerged openstack/openstack-ansible stable/stein: Bump SHAs for stable/stein  https://review.opendev.org/75283013:36
mgariepycan i have some votes for the OVN backport to U ? https://review.opendev.org/#/c/75126913:37
*** dwilde has joined #openstack-ansible13:44
*** d34dh0r53 has quit IRC13:44
*** MickyMan77 has quit IRC13:49
openstackgerritJonathan Rosser proposed openstack/openstack-ansible-rabbitmq_server master: DNM set broker_state when enabling plugins  https://review.opendev.org/75295814:19
openstackgerritJonathan Rosser proposed openstack/openstack-ansible master: WIP - test ansible 2.10  https://review.opendev.org/74948414:19
openstackgerritJonathan Rosser proposed openstack/openstack-ansible master: Test ansible-base 2.10.1  https://review.opendev.org/75296314:26
noonedeadpunkjrosser: so, train has failed because of the sshd role....14:43
noonedeadpunkI guess we need to bump it back for ussuri as well then...14:43
noonedeadpunkand llok into it...14:43
admin0checking if anyone is using kubernetes on openstack.. i am getting "Create FailedResource Create Failed: Authorizationfailure: Resources.Kube Masters.Resources[0].Resources.Kube-Master: Authorization Failed." --  i think i have to manually fix some permissions for this, but I cannot find a documentation or pinpoint it14:43
*** spatel has joined #openstack-ansible14:46
jrossernoonedeadpunk: https://github.com/willshersystems/ansible-sshd/compare/3fb34ad9de7757739071bc777f8cb89c28a8ea74..6e9c4c181163a3863fc4ad76ebb32600333e903f14:50
jrosserthis looks suspicious https://github.com/willshersystems/ansible-sshd/compare/3fb34ad9de7757739071bc777f8cb89c28a8ea74..6e9c4c181163a3863fc4ad76ebb32600333e903f#diff-468007bd6f59ca63e12c1a3613323a17R314:50
noonedeadpunkbut https://github.com/willshersystems/ansible-sshd/blob/master/vars/RedHat_7.yml#L2814:52
noonedeadpunkhowever it's exactly where task fails14:52
noonedeadpunk*it ends14:53
jrosserthat code feels kind of suspect14:53
* noonedeadpunk wondering if meta can be used with when14:53
jrosserfor a non supported OS won't it fail with __sshd_os_supported variable is not defined14:53
jrosseroh hold on14:54
jrosserits int defaults/main.yml as 'no'14:54
noonedeadpunkit is14:55
jrosserso the other possiblity is that no OS specific file got included here https://github.com/willshersystems/ansible-sshd/blob/9e79cc3802343d789baabf5f8233c4fab779dd30/tasks/variables.yml#L214:57
noonedeadpunkhm, shouldn't it be ansible_distribution_major_version rather then ansible_distribution_version?14:59
noonedeadpunkhttps://github.com/ansible/ansible/issues/5746315:00
jrosseryes i was just looking at this https://github.com/willshersystems/ansible-sshd/blob/9e79cc3802343d789baabf5f8233c4fab779dd30/tasks/variables.yml#L2215:00
noonedeadpunkand ansible_distribution_lts_version is kinda the same15:00
jrosserour issue is centos-7 though?15:01
noonedeadpunkyeah15:01
noonedeadpunk8 was passing15:01
jrosserfor the 7 jobs we get15:02
jrosseransible_os_family: RedHat15:02
jrosseransible_distribution_version: '7.8'15:03
noonedeadpunkwe might got another ansible_distribution_version15:03
jrosseron stable/train15:03
noonedeadpunkyeah15:03
jrosserso theres an ansible version factor here too15:03
noonedeadpunkis it out of logs?15:03
jrosserthe 8 jobs are on a later ansible15:03
jrosserhttps://zuul.opendev.org/t/openstack/build/e5ae88e08ac546ccb0e7ab99f8f0a051/log/zuul-info/host-info.centos-7.yaml15:03
jrosserseems our with-first-found pattern is a bit more robust than this15:04
noonedeadpunkit is15:04
noonedeadpunkour is really perfect:)15:04
jrosseroh err right so it's this then? https://github.com/willshersystems/ansible-sshd/commit/9e79cc3802343d789baabf5f8233c4fab779dd3015:13
noonedeadpunkit is...15:13
noonedeadpunkgood news that we can bump 0.9.1?15:14
noonedeadpunkjust in case I pushed https://github.com/willshersystems/ansible-sshd/pull/13215:14
openstackgerritDmitriy Rabotyagov (noonedeadpunk) proposed openstack/openstack-ansible stable/train: Bump SHAs for stable/train  https://review.opendev.org/75283115:17
openstackgerritDmitriy Rabotyagov (noonedeadpunk) proposed openstack/openstack-ansible-os_cinder stable/ussuri: Use cinder_service_setup_host for qos and types creation  https://review.opendev.org/75301615:20
*** jawad_axd has quit IRC15:20
*** cshen has joined #openstack-ansible15:22
*** redrobot has joined #openstack-ansible15:23
*** jawad_axd has joined #openstack-ansible15:40
*** jawad_axd has quit IRC15:45
openstackgerritMerged openstack/openstack-ansible-os_magnum master: Only install devel packages during python_venv_build  https://review.opendev.org/73784416:07
*** dwilde has quit IRC16:30
*** d34dh0r53 has joined #openstack-ansible16:30
*** cshen has quit IRC16:31
openstackgerritMerged openstack/openstack-ansible stable/ussuri: Add integrated test for Ubuntu using ML2/OVN driver  https://review.opendev.org/75126916:36
openstackgerritMerged openstack/openstack-ansible master: Remove references to eth10/eth11 container interfaces  https://review.opendev.org/75118316:36
mgariepy\o/ OVN16:37
mgariepyi've been waiting for this moment, for weeks, and a great number of recheck ! haha16:37
mgariepyand i found the root cause of the ceph-volume race condition.16:39
*** gyee has joined #openstack-ansible16:40
*** cshen has joined #openstack-ansible16:58
*** andrewbonney has quit IRC16:59
arxcruznoonedeadpunk: https://review.opendev.org/#/c/752571/ if you still have time, this is blocking our upgrade/update jobs as well :)17:00
*** cshen has quit IRC17:02
openstackgerritJonathan Rosser proposed openstack/openstack-ansible-rabbitmq_server master: DNM set broker_state when enabling plugins  https://review.opendev.org/75295817:16
openstackgerritJonathan Rosser proposed openstack/openstack-ansible master: WIP - test ansible 2.10  https://review.opendev.org/74948417:40
openstackgerritJonathan Rosser proposed openstack/openstack-ansible master: WIP - test ansible 2.10  https://review.opendev.org/74948417:43
jrossernoonedeadpunk: ^ ansible-base + collections gets at least to setup-openstack.yml with that17:44
jrosseroh argh wrong patch17:49
openstackgerritJonathan Rosser proposed openstack/openstack-ansible master: Test ansible-base 2.10.1  https://review.opendev.org/75296317:50
*** cshen has joined #openstack-ansible17:51
*** SecOpsNinja has left #openstack-ansible18:00
*** ChiTo has joined #openstack-ansible18:22
ChiToHi openstack-ansible team18:22
*** ChiTo has quit IRC18:22
*** ChiTo has joined #openstack-ansible18:25
*** ChiTo has quit IRC18:26
*** ChiTo has joined #openstack-ansible18:27
admin0checking again if anyone is doing osa+magnum(kubernetes)18:28
admin0my issue might be related to magnum_keystone policies and i need some pointers/help18:28
ChiToHi guys, I have a question, how can I protect my usernames variables/passwords within the user_variables with Vault? I have already encrypt them with Vault but how can I send the variable within user_variables.yml?18:29
jrosseradmin0: i think guilhermesp has a lot of experience on osa+magnum18:29
admin0thanks jrosser  .. ping guilhermesp18:30
jrosserChiTo: if you mean ansible vault then you could encrypt the contents of user_secrets.yml as described here https://docs.ansible.com/ansible/latest/user_guide/vault.html18:33
ChiTojrosser: thx!, yes I encrypted them but now I want to send specicfic variables stored in the user_variables.yml without plain text, is tht possible?18:34
ChiTobecause even if I have encrypted everything I still have to read the usernames/passwords fromm the user_variables.yml, is that correct?18:35
*** cshen has quit IRC18:35
ChiToor there is no need to include them in my user_variables.yml after my secret password was vault-encrypted?18:35
ChiTonot sure why I am including them again in the user_variables, I think I got some errors since I was deploying keystone and it was looking for the variables in the user_variables18:35
jrosserwhen running the playbooks theres not really anything special about user_secrets.yml18:36
jrosserit's just another file names user_*.yml18:36
jrosseryou can have as many files as you like user_foo.yml user_bar.yml and so on, they all get included18:37
*** jawad_axd has joined #openstack-ansible18:41
*** jawad_axd has quit IRC18:46
ChiTojrosser: Oh I see sorry for the confusion, so the only thing I need to do is to encrypt the  yml file and automatically everytime I run the openstack-ansible the password or key would be asked right?18:47
jrosseri believe so yes, i think you have to pass some extra parameters as described in the ansible vault docs and it should work18:48
ChiTounderstood thx for the clarification!18:48
jrosserif you get it to work we could add this to our documentation, would be nice18:49
*** jawad_axd has joined #openstack-ansible19:02
*** jawad_axd has quit IRC19:06
ChiTosure thing, I am doing some tests now19:08
ChiTojrosser: btw I just submitted a comment this weekend just for your awareness guys, regarding the ironic-conductor service https://bugs.launchpad.net/openstack-ansible/+bug/1896355 nothing critical, it is just to refer them perhaps in the example files when users enable Ironic19:10
openstackLaunchpad bug 1896355 in openstack-ansible " 'ironic_conductor-infra_hosts' is missing from the example user config " [Undecided,New]19:10
*** pcaruana has quit IRC19:10
guilhermespoh sorry admin0 missed the ping. Actually, im not doing osa+magnum nowadays. I was doing until train.  What exactly are you facing ?19:11
jrosserChiTo: did you see that there is a fix on the related issue now? https://bugs.launchpad.net/openstack-ansible/+bug/187242719:11
openstackLaunchpad bug 1872427 in openstack-ansible "'placement-infra_hosts' is missing from the example user config" [Undecided,In progress] - Assigned to Dmitriy Rabotyagov (noonedeadpunk)19:11
jrosserChiTo: oh sorry - placement / ironic mix up there....19:12
openstackgerritJonathan Rosser proposed openstack/openstack-ansible-os_cinder master: Revert use of _cinder_first_play_host for post install tasks  https://review.opendev.org/75313119:22
*** jawad_axd has joined #openstack-ansible19:23
openstackgerritJonathan Rosser proposed openstack/openstack-ansible-os_neutron master: Revert use of _cinder_first_play_host for post install tasks  https://review.opendev.org/75313319:24
openstackgerritJonathan Rosser proposed openstack/openstack-ansible master: Test ansible-base 2.10.1  https://review.opendev.org/75296319:25
ChiTojrosser: Yep that is correct, actually I based on that previous "bug"19:27
*** jawad_axd has quit IRC19:27
*** spatel has quit IRC19:35
*** jawad_axd has joined #openstack-ansible19:44
*** jawad_axd has quit IRC19:48
*** jawad_axd has joined #openstack-ansible20:04
*** jawad_axd has quit IRC20:09
*** cshen has joined #openstack-ansible20:30
*** MickyMan77 has joined #openstack-ansible20:34
*** cshen has quit IRC20:35
admin0guilhermesp, when i try to bring up a cluster, i get "Create FailedResource Create Failed: Authorizationfailure: Resources.Kube Masters.Resources[0].Resources.Kube-Master: Authorization Failed.20:41
admin0i think it could be due to some policy or stuff not being in place20:41
*** MickyMan77 has quit IRC20:43
*** jawad_axd has joined #openstack-ansible20:46
*** jawad_axd has quit IRC20:51
ChiToI am trying to set a manila_manila_conf_overrides variables within my user_variables to configure an Isilon backend for Manila, but for some reason the parser of ansible puts those variables within the DEFAULT section in manila.conf instead of [isilon]21:07
ChiToI am setting this in my user_variables http://paste.ubuntu.com/p/kVTCyrfSH6/21:09
ChiTobut I get this: http://paste.ubuntu.com/p/BGbWGKfrkP/21:11
ChiToin just one line21:11
ChiTobut within the DEFAULT section instead of the isilon one21:11
ChiToI created the isilon in my openstack_user_config.yml in the manila section: http://paste.ubuntu.com/p/PZ3FXbxz9r/21:13
*** jbadiapa has quit IRC21:29
*** martalais has joined #openstack-ansible21:34
*** kaiokmo has joined #openstack-ansible21:35
guilhermespadmin0: sorry for the delay, do you have a stack created? what about heat logs?21:52
jrosserChiTo: your yaml needs to use : instead of =21:54
jrosserkey: value21:54
*** dave-mccowan has quit IRC21:58
*** MickyMan77 has joined #openstack-ansible21:59
*** dave-mccowan has joined #openstack-ansible22:02
*** MickyMan77 has quit IRC22:07
*** rh-jelabarre has quit IRC22:12
*** rh-jelabarre has joined #openstack-ansible22:12
guilhermespadmin0: also i have the feeling that we could be missing role assignments  on heat domain... can you check `openstack  role assignment list --domain heat`22:12
guilhermespalso which osa version22:13
*** tacco has quit IRC22:17
*** jawad_axd has joined #openstack-ansible22:29
*** cshen has joined #openstack-ansible22:31
*** nsmeds has joined #openstack-ansible22:32
*** jawad_axd has quit IRC22:34
*** cshen has quit IRC22:35
*** tosky has quit IRC22:49
*** jawad_axd has joined #openstack-ansible22:50
*** jawad_axd has quit IRC22:55
*** kaiokmo has quit IRC22:59
*** MickyMan77 has joined #openstack-ansible23:04
*** jawad_axd has joined #openstack-ansible23:11
*** MickyMan77 has quit IRC23:13
*** jawad_axd has quit IRC23:15
*** djhankb has quit IRC23:16
*** djhankb has joined #openstack-ansible23:17
*** jawad_axd has joined #openstack-ansible23:32
*** martalais has quit IRC23:36
*** jawad_axd has quit IRC23:37
ChiTojrosser: You are totally right, thanks a lot!23:45
*** MickyMan77 has joined #openstack-ansible23:48
*** spatel has joined #openstack-ansible23:49
*** jawad_axd has joined #openstack-ansible23:52
*** jawad_axd has quit IRC23:57
*** MickyMan77 has quit IRC23:58
« Sunday, 2020-09-20 Index Tuesday, 2020-09-22 »

Generated by irclog2html.py 2.17.2 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!