*** simondodsley has quit IRC | 00:18 | |
*** hindret has quit IRC | 00:18 | |
*** simondodsley has joined #openstack-ansible | 00:18 | |
*** hindret has joined #openstack-ansible | 00:19 | |
*** luksky has quit IRC | 00:31 | |
*** cshen has joined #openstack-ansible | 01:07 | |
*** cshen has quit IRC | 01:12 | |
*** macz_ has joined #openstack-ansible | 01:17 | |
*** macz_ has quit IRC | 01:21 | |
*** cshen has joined #openstack-ansible | 03:07 | |
*** cshen has quit IRC | 03:12 | |
*** macz_ has joined #openstack-ansible | 03:18 | |
*** macz_ has quit IRC | 03:23 | |
*** raukadah is now known as chandankumar | 04:07 | |
*** cshen has joined #openstack-ansible | 04:42 | |
*** cshen has quit IRC | 04:47 | |
*** macz_ has joined #openstack-ansible | 05:19 | |
*** macz_ has quit IRC | 05:23 | |
openstackgerrit | Satish Patel proposed openstack/openstack-ansible-os_neutron master: Adding support of subnet_dns_publish_fixed_ip extension in ml2 plugin https://review.opendev.org/c/openstack/openstack-ansible-os_neutron/+/772245 | 05:26 |
---|---|---|
openstackgerrit | Satish Patel proposed openstack/openstack-ansible-os_neutron master: Adding support of subnet_dns_publish_fixed_ip extension in ml2 plugin https://review.opendev.org/c/openstack/openstack-ansible-os_neutron/+/772245 | 05:28 |
*** viks____ has joined #openstack-ansible | 05:30 | |
*** evrardjp has quit IRC | 05:33 | |
*** evrardjp has joined #openstack-ansible | 05:33 | |
*** cshen has joined #openstack-ansible | 06:43 | |
*** cshen has quit IRC | 06:47 | |
*** cshen has joined #openstack-ansible | 06:54 | |
*** miloa has joined #openstack-ansible | 06:57 | |
frickler | so is there some "resident ceph expert" around here? I would like to discuss the network setup that is shown in the documentation, which seems pretty nonsensical to me | 07:37 |
*** luksky has joined #openstack-ansible | 08:03 | |
kleini | frickler: which documentation do you mean? | 08:05 |
jrosser | morning | 08:09 |
jrosser | frickler: theres a few of us here with various different OSA + ceph deployments..... which bit does not make sense? | 08:13 |
frickler | I'm talking about https://docs.openstack.org/openstack-ansible/latest/user/ceph/full-deploy.html mainly | 08:17 |
frickler | you define a storage network that is attached to various containers and stuff, but then define it as cluster_network in the ceph config | 08:18 |
frickler | and the cluster network in ceph is only being used for internal replication between OSDs, so it should not contain any clients | 08:19 |
*** andrewbonney has joined #openstack-ansible | 08:19 | |
noonedeadpunk | I think all storage interaction is meant to be through storage network | 08:19 |
frickler | noonedeadpunk: that may be the intention, but it is not what is happening. to move all storage interaction there, one would need to set the public_network to it and also the mon addresses | 08:21 |
noonedeadpunk | So agree that it makes sense to have public network through storage network as well | 08:21 |
noonedeadpunk | (at least in my usecase) | 08:22 |
noonedeadpunk | I think that we probably wanted to show that this distinguishing is possible if needed, but not sure | 08:23 |
openstackgerrit | Jonathan Rosser proposed openstack/openstack-ansible-os_horizon master: Move horizon pip packages from constraints to requirements https://review.opendev.org/c/openstack/openstack-ansible-os_horizon/+/770283 | 08:23 |
jrosser | what i find most wrong with the config is that the client traffic end up on br-mgmt | 08:24 |
*** pcaruana has joined #openstack-ansible | 08:25 | |
jrosser | which might be a total surprise to people | 08:25 |
noonedeadpunk | +1 | 08:25 |
noonedeadpunk | actually we even might skip defining storage_network I guess | 08:25 |
frickler | yes, my poc now works without storage network | 08:26 |
noonedeadpunk | but I'd rather left it commented for say - you might do it that way as well if you wish | 08:26 |
jrosser | in my deployments i have made br-storage be "clients of ceph in the openstack control plane", so it's really clear what it is | 08:26 |
frickler | some slightly related issue, with the sample config I get this error http://paste.openstack.org/show/801915/ , as a workaround I added the explicit network cidr in those variables | 08:27 |
frickler | I guess I'll set up a draft to modify that example doc and we can continue to discuss there | 08:27 |
noonedeadpunk | sounds good | 08:27 |
jrosser | whats missing there? cidr_networks.container is a cidr? | 08:29 |
openstackgerrit | Jonathan Rosser proposed openstack/openstack-ansible-rsyslog_client stable/victoria: Remove examples for variables which no longer exist https://review.opendev.org/c/openstack/openstack-ansible-rsyslog_client/+/772223 | 08:34 |
*** rpittau|afk is now known as rpittau | 08:35 | |
frickler | jrosser: yes, to me the error looks like the variable is not being expanded properly | 08:36 |
jrosser | thats interesting | 08:36 |
frickler | that's with 22.0.0 fwiw | 08:37 |
jrosser | i wonder if it needs some quotes in the original data | 08:37 |
jrosser | unfortunatley ceph-ansible is quite changeable too, 'stable' branch is not really a good description | 08:38 |
jrosser | though i think we may now use a SHA pin because of that | 08:38 |
openstackgerrit | Jonathan Rosser proposed openstack/openstack-ansible-os_aodh master: Move aodh pip packages from constraints to requirements https://review.opendev.org/c/openstack/openstack-ansible-os_aodh/+/772259 | 08:46 |
openstackgerrit | Jonathan Rosser proposed openstack/openstack-ansible-os_barbican master: Move barbican pip packages from constraints to requirements https://review.opendev.org/c/openstack/openstack-ansible-os_barbican/+/772260 | 08:48 |
openstackgerrit | Jonathan Rosser proposed openstack/openstack-ansible-os_blazar master: Move blazar pip packages from constraints to requirements https://review.opendev.org/c/openstack/openstack-ansible-os_blazar/+/772261 | 08:50 |
frickler | jrosser: hmm, weird, I had cidr_networks defined in openstack_user_config.yml , but that doesn't seem to take effect for the ceph playbook. I've now copied that into user_variables.yml and the error disappeared | 08:52 |
jrosser | oh right, well o_u_c.yml is input to the dynamic inventory | 08:53 |
jrosser | rather than ansible vars set with -e at the cli as is the case for user_*.yml | 08:54 |
jrosser | would be interesting to look where cidr_networks ends up in openstack_inventory.json | 08:56 |
*** maharg101 has joined #openstack-ansible | 08:57 | |
frickler | cidr_networks.container ends up in all.vars.container_cidr it seems | 08:59 |
frickler | I don't find the storage network there at all, likely because I did not actually deploy it | 09:00 |
jrosser | i think really the thing to decide here is if you are going to deploy ceph using openstack-ansible to wrap ceph-ansible, or to do them independantly | 09:02 |
frickler | anyway, this then looks like another thing to fix in the ceph example | 09:02 |
jrosser | personally i do them independantly to keep all these couplings to a minimum | 09:03 |
frickler | jrosser: yes, that is another approach, but that doesn't seem to be well documented, either. also it would seem to be duplicating some configuration | 09:03 |
jrosser | the documentation is linked off of https://docs.openstack.org/openstack-ansible/latest/user/ceph/full-deploy.html | 09:04 |
jrosser | a bunch of it is in the ceph_client role documentation | 09:04 |
openstackgerrit | Andrew Bonney proposed openstack/openstack-ansible-os_neutron master: Prevent neutron-l3-agent killing keepalived on restart https://review.opendev.org/c/openstack/openstack-ansible-os_neutron/+/771791 | 09:08 |
*** tosky has joined #openstack-ansible | 09:23 | |
openstackgerrit | Merged openstack/openstack-ansible-rsyslog_client stable/victoria: Update TOX_CONSTRAINTS_FILE for stable/victoria https://review.opendev.org/c/openstack/openstack-ansible-rsyslog_client/+/767902 | 09:27 |
openstackgerrit | Jonathan Rosser proposed openstack/openstack-ansible master: Add more explantion for variables for external ceph integration https://review.opendev.org/c/openstack/openstack-ansible/+/772270 | 09:45 |
jrosser | frickler: ^ i added more detail for external ceph integration, there is no duplication and in some cases there is only one variable to set | 09:46 |
frickler | jrosser: well, duplicating the mon address configuration still, but o.k. ;) I'm also wondering how well this might work out if one wants to have ceph actually deployed on the same infra hosts, just not managed by osa | 09:49 |
frickler | also you need to sync user secrets | 09:49 |
jrosser | ceph_client does that by ssh if your deployment allows the OSA ansible to ssh to the mon | 09:49 |
jrosser | if it does not then you are in the second situation described in the docs | 09:50 |
frickler | ah, you modified the first option, not the second one, I misparsed the gerrit diff. that's ok-ish then I guess. not sure though whether I'd actually want to deploy that variant in terms of stability and security, but that's a matter of taste probably | 09:53 |
jrosser | ceph-ansible has it's own idea of what version of ansible and ceph it wants to deploy | 09:54 |
jrosser | openstack-ansible also makes a choice about the ansible version, we move that forward per release | 09:55 |
jrosser | what i don't like about the combined osa+ceph deployment is that all of that gets tangled together, and i just don't want to go there particularly at major upgrade, or OS upgrade time | 09:55 |
openstackgerrit | Jonathan Rosser proposed openstack/openstack-ansible-os_cloudkitty master: Move cloudkitty pip packages from constraints to requirements https://review.opendev.org/c/openstack/openstack-ansible-os_cloudkitty/+/772279 | 09:58 |
openstackgerrit | Jonathan Rosser proposed openstack/openstack-ansible-os_designate master: Move designate pip packages from constraints to requirements https://review.opendev.org/c/openstack/openstack-ansible-os_designate/+/772280 | 10:00 |
openstackgerrit | Jonathan Rosser proposed openstack/openstack-ansible-os_gnocchi master: Move gnocchi pip packages from constraints to requirements https://review.opendev.org/c/openstack/openstack-ansible-os_gnocchi/+/772281 | 10:03 |
openstackgerrit | Jonathan Rosser proposed openstack/openstack-ansible-os_heat master: Move heat pip packages from constraints to requirements https://review.opendev.org/c/openstack/openstack-ansible-os_heat/+/772283 | 10:04 |
openstackgerrit | Jonathan Rosser proposed openstack/openstack-ansible-os_ironic master: Move ironic pip packages from constraints to requirements https://review.opendev.org/c/openstack/openstack-ansible-os_ironic/+/772284 | 10:06 |
openstackgerrit | Jonathan Rosser proposed openstack/openstack-ansible-os_magnum master: Move magnum pip packages from constraints to requirements https://review.opendev.org/c/openstack/openstack-ansible-os_magnum/+/772285 | 10:08 |
openstackgerrit | Jonathan Rosser proposed openstack/openstack-ansible-os_manila master: Move manila pip packages from constraints to requirements https://review.opendev.org/c/openstack/openstack-ansible-os_manila/+/772287 | 10:10 |
openstackgerrit | Jonathan Rosser proposed openstack/openstack-ansible-os_masakari master: Move masakari pip packages from constraints to requirements https://review.opendev.org/c/openstack/openstack-ansible-os_masakari/+/772288 | 10:12 |
openstackgerrit | Jonathan Rosser proposed openstack/openstack-ansible-os_mistral master: Move mistral pip packages from constraints to requirements https://review.opendev.org/c/openstack/openstack-ansible-os_mistral/+/772291 | 10:14 |
openstackgerrit | Jonathan Rosser proposed openstack/openstack-ansible-os_murano master: Move murano pip packages from constraints to requirements https://review.opendev.org/c/openstack/openstack-ansible-os_murano/+/772292 | 10:16 |
openstackgerrit | Jonathan Rosser proposed openstack/openstack-ansible-os_octavia master: Move octaiva pip packages from constraints to requirements https://review.opendev.org/c/openstack/openstack-ansible-os_octavia/+/772293 | 10:17 |
openstackgerrit | Jonathan Rosser proposed openstack/openstack-ansible-os_panko master: Move panko pip packages from constraints to requirements https://review.opendev.org/c/openstack/openstack-ansible-os_panko/+/772294 | 10:19 |
openstackgerrit | Jonathan Rosser proposed openstack/openstack-ansible-os_sahara master: Move sahara pip packages from constraints to requirements https://review.opendev.org/c/openstack/openstack-ansible-os_sahara/+/772295 | 10:21 |
openstackgerrit | Jonathan Rosser proposed openstack/openstack-ansible-os_senlin master: Move senlin pip packages from constraints to requirements https://review.opendev.org/c/openstack/openstack-ansible-os_senlin/+/772296 | 10:29 |
openstackgerrit | Jonathan Rosser proposed openstack/openstack-ansible-os_swift master: Move swift packages from constraints to requirements https://review.opendev.org/c/openstack/openstack-ansible-os_swift/+/772297 | 10:32 |
openstackgerrit | Jonathan Rosser proposed openstack/openstack-ansible-os_tacker master: Move tacker pip packages from constraints to requirements https://review.opendev.org/c/openstack/openstack-ansible-os_tacker/+/772298 | 10:33 |
openstackgerrit | Jonathan Rosser proposed openstack/openstack-ansible-os_trove master: Move trove pip packages from constraints to requirements https://review.opendev.org/c/openstack/openstack-ansible-os_trove/+/772299 | 10:35 |
openstackgerrit | Jonathan Rosser proposed openstack/openstack-ansible-os_horizon master: Move horizon pip packages from constraints to requirements https://review.opendev.org/c/openstack/openstack-ansible-os_horizon/+/770283 | 10:38 |
*** sshnaidm is now known as sshnaidm|ruck | 10:39 | |
openstackgerrit | Jonathan Rosser proposed openstack/openstack-ansible-os_zun master: Move zun pip packages from constraints to requirements https://review.opendev.org/c/openstack/openstack-ansible-os_zun/+/772300 | 10:39 |
openstackgerrit | Jonathan Rosser proposed openstack/openstack-ansible master: Add more explantion for variables for external ceph integration https://review.opendev.org/c/openstack/openstack-ansible/+/772270 | 10:42 |
*** luksky has quit IRC | 10:45 | |
*** luksky has joined #openstack-ansible | 10:45 | |
*** dtantsur|afk is now known as dtantsur | 11:11 | |
*** luksky has quit IRC | 11:29 | |
*** luksky has joined #openstack-ansible | 11:30 | |
openstackgerrit | Merged openstack/openstack-ansible stable/victoria: [doc] Release Victoria https://review.opendev.org/c/openstack/openstack-ansible/+/771809 | 11:45 |
openstackgerrit | Merged openstack/openstack-ansible stable/ussuri: [doc] Cleanup heading page https://review.opendev.org/c/openstack/openstack-ansible/+/771811 | 11:45 |
openstackgerrit | Merged openstack/openstack-ansible stable/train: [doc] Cleanup heading page https://review.opendev.org/c/openstack/openstack-ansible/+/771810 | 11:46 |
*** lemko has quit IRC | 11:56 | |
*** dasp_ has joined #openstack-ansible | 11:56 | |
*** lemko has joined #openstack-ansible | 11:56 | |
*** dasp has quit IRC | 11:58 | |
*** mgariepy has quit IRC | 11:59 | |
*** SiavashSardari has joined #openstack-ansible | 12:05 | |
*** jbadiapa has joined #openstack-ansible | 12:07 | |
*** ianychoi__ has joined #openstack-ansible | 12:16 | |
openstackgerrit | Andrew Bonney proposed openstack/openstack-ansible-os_zun master: Prevent zun-wsproxy binding to all IP addresses https://review.opendev.org/c/openstack/openstack-ansible-os_zun/+/772327 | 12:18 |
*** ianychoi_ has quit IRC | 12:19 | |
*** avagi has quit IRC | 12:19 | |
*** avagi has joined #openstack-ansible | 12:20 | |
*** dirk has quit IRC | 12:21 | |
*** dirk has joined #openstack-ansible | 12:21 | |
openstackgerrit | Merged openstack/openstack-ansible-rsyslog_client stable/victoria: Updated from OpenStack Ansible Tests https://review.opendev.org/c/openstack/openstack-ansible-rsyslog_client/+/767914 | 12:24 |
*** SecOpsNinja has joined #openstack-ansible | 12:30 | |
SecOpsNinja | hi everyone. if im seeing he haproxy_server role correctly, it doesn't seem to have the posibility to have systemd overrride.conf file when installing with keepalive and have it started after keepalvied. do you see any problem with this aproach - editing haproxy_server to star its service only after keepalived and depeding on it? | 12:33 |
frickler | SecOpsNinja: why would you want that? it seems much more useful to me to have haproxy up and running before keepalived starts | 12:40 |
*** spatel has joined #openstack-ansible | 12:40 | |
SecOpsNinja | frickler, the problem is that in my installation i have haproxy public and private endpoints in keepalived ips and when i restart the machine haproxy starts failing (because keepalvie stil don't have its ip up) and haproxy stops service with failed state. it doesn seem to have the option to force Restart=always in haproxy systemd with osa role | 12:42 |
SecOpsNinja | so one solution whould be to have haproxy ystemd servcice with Restart=always in overrride.conf or have with the option to start only after keepalvied it people ienalbed it in haproxy role variables | 12:44 |
*** spatel has quit IRC | 12:45 | |
jrosser | SecOpsNinja: i'm not really understanding why keepalived prevents haproxy starting | 12:47 |
jrosser | it's completely normal in an OSA HA deployment that keepalived is managing the internal and external endpoint IP | 12:48 |
SecOpsNinja | ok lets me see if i cna past my haproxy probllem when is rebooting | 12:49 |
CeeMac | jrosser: i remember seeing a similar issue myself when I had issues with Netplan not allowing the VIP to bind and keepalived not starting, then haproxy not starting as it could listen on the vip as it wasn't there | 12:50 |
SecOpsNinja | http://paste.openstack.org/show/801940/ | 12:51 |
CeeMac | i seem to recall though there is a setting where you can instruct haproxy to be able to listen on an IP that isn't attached to anything so it would still start | 12:51 |
SecOpsNinja | the bind socket doesnt work and after a few minutes it stays in a failed statred and even hatop doesnt work correctly | 12:51 |
CeeMac | net.ipv4.ip_nonlocal_bind maybe | 12:52 |
jrosser | we already do that https://opendev.org/openstack/openstack-ansible-haproxy_server/src/branch/master/tasks/haproxy_post_install.yml#L16-L27 | 12:53 |
SecOpsNinja | and i have haproxy_keepalived_external_vip_cidr and haproxy_keepalived_internal_vip_cidr with keepalvie vips | 12:53 |
jrosser | so is the actual issue that those sysctl settings do not survive a reboot? | 12:53 |
CeeMac | oh, then in theory haproxy should start even if keepalived is not up and binding the vip | 12:53 |
SecOpsNinja | let me checkj if i have that setting enabled | 12:54 |
jrosser | thing is if you've got N haproxies then there are always N-1 that wont have the vip | 12:54 |
jrosser | so this needs to work regardless without the VIP | 12:54 |
CeeMac | true | 12:54 |
SecOpsNinja | yep true | 12:54 |
CeeMac | can you do keepalived active/active? | 12:55 |
SecOpsNinja | atm i only have 1 (despiute in the future going to add more haproxys) | 12:55 |
SecOpsNinja | the strange part is that haproxy goes in weird statre that even hatop doesn work because it can read the socket | 12:56 |
SecOpsNinja | after restart the service it goes ok and everything works fine... | 12:56 |
CeeMac | what do you see in the kernel logs? | 12:58 |
SecOpsNinja | let mee see if i can find anythinf usefull in that period of time | 13:03 |
SecOpsNinja | http://paste.openstack.org/show/801941/ | 13:07 |
SecOpsNinja | i need to go eat now but after i can try to see if journald does give more info | 13:08 |
openstackgerrit | Andrew Bonney proposed openstack/openstack-ansible-os_zun master: Add configuration for zun-wsproxy service https://review.opendev.org/c/openstack/openstack-ansible-os_zun/+/769143 | 13:08 |
*** rgogunskiy has quit IRC | 13:09 | |
jrosser | CeeMac: keepalived is always active/standby, it’s an implementation of vrrp in software | 13:13 |
jrosser | l2 based ip / mac failover | 13:14 |
CeeMac | That's what I thought | 13:14 |
CeeMac | There is no open alternate to cisco glbp I don't think | 13:15 |
*** rh-jelabarre has joined #openstack-ansible | 13:19 | |
jrosser | from what I can see that will loadbalance based on the host mac, which for a real cloud is likley to be your upstream router SVI rather than actual hosts, so may not be effective | 13:21 |
frickler | SecOpsNinja: don't you set ip_nonlocal_bind=1 ? | 13:21 |
jrosser | active/active is best approached with ecmp but that has its own difficulties too, like the traffic hashing will change every time an ecmp route adds/removes | 13:22 |
frickler | ah, this was already mentioned | 13:22 |
*** jamesdenton has joined #openstack-ansible | 13:33 | |
*** mgariepy has joined #openstack-ansible | 13:35 | |
*** lemko2 has joined #openstack-ansible | 13:46 | |
*** lemko has quit IRC | 13:47 | |
*** lemko2 is now known as lemko | 13:47 | |
openstackgerrit | Ebbex proposed openstack/openstack-ansible-ops master: Fixes for tests/gates https://review.opendev.org/c/openstack/openstack-ansible-ops/+/741997 | 13:50 |
*** dirk has quit IRC | 13:51 | |
*** dirk has joined #openstack-ansible | 13:51 | |
*** spatel has joined #openstack-ansible | 13:58 | |
*** spatel has quit IRC | 14:00 | |
*** spatel has joined #openstack-ansible | 14:01 | |
ThiagoCMC | Morning! Are you guys using Prometheus+Grafana somehow, to monitor an OSA deployment? | 14:02 |
spatel | ThiagoCMC: i am using my own custom influx/grafana solution to monitor. | 14:03 |
SiavashSardari | ThiagoCMC I'm using prom and grafana | 14:05 |
ThiagoCMC | Nice! Any Ansible playbooks do deploy each solution? | 14:05 |
SiavashSardari | I used roles from galaxy. let me find them | 14:06 |
spatel | I don't think we have anything ready to go, its all depend what you want. I think openstack-ansible-ops repo will tell you what it has | 14:06 |
SiavashSardari | ThiagoCMC take a look at https://github.com/cloudalchemy repos. the repos are very usefull and I think I used many of their repos without any change. | 14:08 |
SiavashSardari | but at the end of the day you should glue something together for your specific requirements. | 14:09 |
ThiagoCMC | SiavashSardari, wow!!! Thank you! | 14:12 |
ThiagoCMC | :-D | 14:12 |
*** SiavashSardari has quit IRC | 14:24 | |
*** d34dh0r53 has quit IRC | 14:48 | |
MickyMan77 | Hi all, which version of OSA is stable now for CentOS 8, today I use 21.2.0 | 14:48 |
MickyMan77 | Can I upgrade to Victoria ? | 14:49 |
MickyMan77 | Is there any doc online howto upgrade to victoria ? | 14:49 |
*** d34dh0r53 has joined #openstack-ansible | 14:54 | |
spatel | MickyMan77: CentOS 8 is going away, i am sure you are aware of it | 14:54 |
spatel | I deployed my production on centos 8 and then last month migrated to ubuntu after news breakout | 14:55 |
MickyMan77 | yes.. I know.. there is a plan to move over to ubuntu.. | 14:55 |
spatel | Victoria should be fine with centos8 if you want to buy sometime | 14:55 |
spatel | FYI victoria still in RC2 release but very close to stable (i am running RC in production and so far all good) | 14:56 |
MickyMan77 | aha.. I will wait to stable... | 14:57 |
MickyMan77 | version 22.0.0 is that victoria ? | 14:58 |
spatel | yes | 14:58 |
spatel | you can deploy RC and when stable come out you can do minor upgrade :) | 14:58 |
*** miloa has quit IRC | 15:07 | |
ThiagoCMC | For the guys moving to Ubuntu from CentOS or other systems, I just want to inform that I had very bad experiences with Ubuntu 20.04 and its HWE Linux Kernel version 5.8. The default kernel (Linux 5.4 LTS) shipped with Ubuntu 20.04 is awesome. Just don't run `sudo apt-get install --install-recommends linux-generic-hwe-20.04` because it'll bring Linux 5.8 and it's kinda creepy... lol | 15:31 |
*** jbadiapa has quit IRC | 15:42 | |
*** klamath_atx has quit IRC | 15:49 | |
jrosser | spatel: MickyMan77 22.0.0 is released, and 22.0.0rc2==22.0.0 | 15:50 |
jrosser | MickyMan77: the major upgrade instructions are here https://docs.openstack.org/openstack-ansible/victoria/admin/upgrades/major-upgrades.html | 15:51 |
jrosser | i would test that out in a lab first | 15:51 |
kleini | ThiagoCMC: which problems appear with Linux 5.8? | 15:53 |
MickyMan77 | next question, Can i change ip addess on one lxc container, controller03_heat_api_container-d70913b0 ? | 15:54 |
jrosser | MickyMan77: if you use the playbook to delete the container, search/replace edit the inventory files in /etc/openstack-deploy/* for the old/new IP address, rerun haproxy-install then re-create the container and re-run the heat playbook | 16:01 |
*** jbadiapa has joined #openstack-ansible | 16:01 | |
jrosser | kind of major surgery involving breaking "never edit inventory files by hand" rule | 16:01 |
*** jamesdenton has quit IRC | 16:03 | |
*** jamesdenton has joined #openstack-ansible | 16:03 | |
spatel | jrosser: what do you think about this https://review.opendev.org/c/openstack/openstack-ansible-os_neutron/+/772245 | 16:04 |
spatel | we need better logic to handle this condition dns vs subnet_dns_publish_fixed_ip extension in ml2 | 16:05 |
*** macz_ has joined #openstack-ansible | 16:10 | |
*** mgariepy has quit IRC | 16:11 | |
admin0 | is there a way to provide dns for every host created in openstack ? like very vm ? if yes, what could be the workflow like ? | 16:11 |
admin0 | the way i can think of is doing a sql select and mapping very new vm to a dns request | 16:11 |
kleini | admin0: you can enable internal DNS in Neutron. http://paste.openstack.org/show/801951/ settings neutron_dns_domain and dns_domain_ports plugin are necesary for that. DNS entries can then be defined through attributes on ports. | 16:15 |
spatel | kleini: while we are talking about DNS, I have question. I have implemented designate DNS service and found if i don't add "router" to service_plugin then it break neutron. | 16:17 |
spatel | Getting this error - Unable to process extensions (auto-allocated-topology, dns-integration) because the configured plugins do not satisfy their requirements. Some features will not work as expected. | 16:19 |
spatel | If router is required then we should make it dependency in OSA to load that extension along with "dns" | 16:19 |
kleini | spatel: I would say, router is a default plugin of Neutron, isn't it? | 16:25 |
spatel | none of my cloud has that (I meant its empty in my all cloud deployment) | 16:26 |
spatel | I am running vlan provider so i don't need any virtual routet | 16:26 |
*** mmercer has joined #openstack-ansible | 16:27 | |
kleini | https://opendev.org/openstack/openstack-ansible-os_neutron/src/branch/master/defaults/main.yml#L328 <- router is a default plugin | 16:29 |
kleini | spatel: I am running a VLAN provider network, too. I need virtual L3 router in addition to that. So running a VLAN provider network is not an argument in my eyes to remove the router plugin from Neutron. | 16:31 |
*** klamath_atx has joined #openstack-ansible | 16:32 | |
jrosser | i think spatel does not have project networks at all | 16:32 |
spatel | oh wait.. you are right, i think to enable DNS i just added "dns" in user_variable which override existing default list | 16:32 |
admin0 | kleini, in that, does it use designate ? | 16:34 |
admin0 | or what do I query to get the dns ? | 16:34 |
admin0 | i meant query from external (office ) | 16:34 |
kleini | admin0: for internal DNS you need the settings from my paste above. as said, domain names and host names can then be configured through port attributes. that does not configure designate. what you maybe mean is external DNS integration. And sorry, I did not have a look into that, which would require to integration Neutron and Designate: https://docs.openstack.org/neutron/ussuri/admin/config-dns-int-ext-serv.html | 16:48 |
*** strattao has joined #openstack-ansible | 16:49 | |
*** klamath_atx has quit IRC | 16:54 | |
spatel | I have integrated neutron with designate DNS so when i spin up then designate auto populate DNS entry for my vm to powerDNS which is externally available | 16:55 |
*** mgariepy has joined #openstack-ansible | 16:55 | |
spatel | its pretty easy to integrate | 16:55 |
spatel | kleini: i don't know what is internalDNS ? (I understand about external DNS where you have master slave model but what is the definition of internal DNS in document?) | 16:56 |
admin0 | spatel, kleini when a new vm comes up from 2 diff projects, both named test .. how does it add to the dns ? | 16:58 |
kleini | Internal DNS is for self-service networks, where VMs use DHCP and DNS from the virtual Neutron L3 router. This DNS is then capable to resolve the VM name to its IP address on the self-service network. | 16:58 |
kleini | Two different projects have two different self-service networks, two different virtual L3 router and therefore different DNS instances. So the does not happen a conflict. | 17:00 |
spatel | kleini: Thanks so internal DNS is just use with-in VPC right, if we need to expose it to public then we have to go with designate deployment right? | 17:02 |
openstackgerrit | Jonathan Rosser proposed openstack/openstack-ansible master: Disable octavia ipv6 tempest test when the node does not have an ipv6 address https://review.opendev.org/c/openstack/openstack-ansible/+/772379 | 17:05 |
openstackgerrit | Jonathan Rosser proposed openstack/openstack-ansible-os_octavia master: Move octaiva pip packages from constraints to requirements https://review.opendev.org/c/openstack/openstack-ansible-os_octavia/+/772293 | 17:05 |
noonedeadpunk | that is good catch with ipv6 - is it smth that was failing for centos? | 17:15 |
*** klamath_atx has joined #openstack-ansible | 17:20 | |
kleini | spatel: I think so, yes. But I never implemented it, I just tried to understand documentation. | 17:20 |
jrosser | noonedeadpunk: it depends which CI provider you land in it seems | 17:36 |
jrosser | i asked in #opendev and they don't all provide ipv6 in a way that puts one on eth0 as you might expect | 17:36 |
jrosser | i'm wondering if tempest_test_blacklist will accept an empty entry though..... | 17:38 |
jrosser | as its a template perhaps i should have done the code differently with the test in {% if ansible_default_ipv6.address is not defined %} ..... approach instead | 17:39 |
jrosser | we need this patch to merge to work around the bug we had in tempest+functional tests https://review.opendev.org/c/openstack/openstack-ansible-tests/+/771770 | 17:41 |
ThiagoCMC | kleini, for example, Ansible (OSA/Ceph Ansible) fails to restart services within containers when the host's kernel is 5.8. | 17:42 |
ThiagoCMC | Also, AIO fails when with 5.8. | 17:42 |
jrosser | it would be great if someone could put the time in to figure out what is going on there | 17:44 |
ThiagoCMC | I have an Heat Template to deploy OSA AIO automatically and, when I change basically one line (https://github.com/tmartinx/svauto/blob/main/misc/os-heat-templates/osa-aio1.yaml#L199), the deployment fails... I have to try again with Victoria though but, since I faced problems, I would rather stick with Linux 5.4 (default from Ubuntu 20.04) for a while. | 17:45 |
*** maharg101 has quit IRC | 17:53 | |
*** rpittau is now known as rpittau|afk | 18:10 | |
*** gyee has joined #openstack-ansible | 18:21 | |
spatel | jrosser: inventory question for you - http://paste.openstack.org/show/801958/ | 18:25 |
spatel | assuming we can't see custom groups with inventory-manage.py -l or -g command output. I can see them with -G option | 18:25 |
jrosser | you could check if ansible understands with ansible <groupname> -m ping | 18:26 |
spatel | ansible gen_hosts -m ping it works | 18:27 |
jrosser | cool | 18:27 |
spatel | its normal custom group won't be visible in inventory-manage.py -l | 18:28 |
*** andrewbonney has quit IRC | 18:28 | |
*** irclogbot_2 has quit IRC | 18:46 | |
*** irclogbot_2 has joined #openstack-ansible | 18:49 | |
*** dtantsur is now known as dtantsur|afk | 18:50 | |
openstackgerrit | Jonathan Rosser proposed openstack/openstack-ansible-os_zun master: Move zun pip packages from constraints to requirements https://review.opendev.org/c/openstack/openstack-ansible-os_zun/+/772300 | 18:52 |
*** mmercer has quit IRC | 18:57 | |
*** mmercer has joined #openstack-ansible | 18:58 | |
*** klamath_atx has quit IRC | 19:08 | |
*** itsjg has quit IRC | 19:19 | |
openstackgerrit | Satish Patel proposed openstack/openstack-ansible-os_neutron master: Adding support of subnet_dns_publish_fixed_ip extension in ml2 plugin https://review.opendev.org/c/openstack/openstack-ansible-os_neutron/+/772245 | 19:22 |
*** poopcat has quit IRC | 19:30 | |
*** mgariepy has quit IRC | 19:34 | |
*** klamath_atx has joined #openstack-ansible | 19:34 | |
*** poopcat has joined #openstack-ansible | 19:38 | |
*** cshen has quit IRC | 19:44 | |
openstackgerrit | Jonathan Rosser proposed openstack/openstack-ansible master: Disable octavia ipv6 tempest test when the node does not have an ipv6 address https://review.opendev.org/c/openstack/openstack-ansible/+/772379 | 19:45 |
*** mgariepy has joined #openstack-ansible | 19:47 | |
*** maharg101 has joined #openstack-ansible | 19:50 | |
*** maharg101 has quit IRC | 19:54 | |
*** cshen has joined #openstack-ansible | 20:14 | |
*** SecOpsNinja has left #openstack-ansible | 20:32 | |
openstackgerrit | Jonathan Rosser proposed openstack/openstack-ansible-os_zun master: Move zun pip packages from constraints to requirements https://review.opendev.org/c/openstack/openstack-ansible-os_zun/+/772300 | 21:25 |
*** tosky has quit IRC | 21:35 | |
*** tosky has joined #openstack-ansible | 21:36 | |
*** rpittau|afk has quit IRC | 21:37 | |
*** johnsom has quit IRC | 21:37 | |
*** NobodyCam_ has joined #openstack-ansible | 21:37 | |
*** rpittau|afk_ has joined #openstack-ansible | 21:37 | |
*** johnsom has joined #openstack-ansible | 21:38 | |
*** NobodyCam has quit IRC | 21:38 | |
*** NobodyCam_ is now known as NobodyCam | 21:38 | |
*** viks____ has quit IRC | 21:38 | |
*** cshen has quit IRC | 21:48 | |
*** cshen has joined #openstack-ansible | 21:48 | |
*** cshen has quit IRC | 21:54 | |
*** jbadiapa has quit IRC | 22:00 | |
*** cshen has joined #openstack-ansible | 22:08 | |
*** rh-jelabarre has quit IRC | 22:08 | |
spatel | any idea what this error trying say - http://paste.openstack.org/show/801967/ | 22:10 |
spatel | I am getting this error when adding new compute node. (fix is to run with -e venv_rebuild=yes) | 22:10 |
spatel | jrosser: noonedeadpunk ^^ not sure what is wrong or may be bug | 22:11 |
*** cshen has quit IRC | 22:26 | |
*** mgariepy has quit IRC | 22:37 | |
*** dmsimard has quit IRC | 22:50 | |
openstackgerrit | Jonathan Rosser proposed openstack/openstack-ansible-os_zun master: Move zun pip packages from constraints to requirements https://review.opendev.org/c/openstack/openstack-ansible-os_zun/+/772300 | 22:51 |
*** dmsimard has joined #openstack-ansible | 22:51 | |
*** mgariepy has joined #openstack-ansible | 22:57 | |
*** cshen has joined #openstack-ansible | 23:00 | |
*** spatel has quit IRC | 23:07 | |
*** spatel has joined #openstack-ansible | 23:15 | |
*** spatel has quit IRC | 23:26 | |
*** luksky has quit IRC | 23:36 | |
*** luksky has joined #openstack-ansible | 23:36 | |
*** luksky has quit IRC | 23:47 | |
*** tosky has quit IRC | 23:47 | |
*** luksky has joined #openstack-ansible | 23:59 |
Generated by irclog2html.py 2.17.2 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!