| noonedeadpunk | mornings! | 06:36 |
|---|---|---|
| opendevreview | Dmitriy Rabotyagov proposed openstack/openstack-ansible-os_tempest stable/victoria: Use new openstack.cloud collection names https://review.opendev.org/c/openstack/openstack-ansible-os_tempest/+/776438 | 06:56 |
| noonedeadpunk | regarding mariadb bump - let's probably do 10.5.12 -> revert workaround -> 10.6.4? That way we will be able to easily backport first two patches to W, since Bullseye is finally released and we might want to set it to voting now | 07:06 |
| noonedeadpunk | andrewbonney: do you have some notes you can share for bionic->focal upgrade ? :) | 07:55 |
| andrewbonney | Yes, I've started adapting an upgrade guide from rocky. Will submit a docs patch as soon as it's ready | 07:55 |
| noonedeadpunk | As we're about to proceed with upgrades here so not to re-invent the wheel | 07:55 |
| opendevreview | Dmitriy Rabotyagov proposed openstack/openstack-ansible-os_neutron master: Exclude neutron from venv constraints https://review.opendev.org/c/openstack/openstack-ansible-os_neutron/+/798960 | 07:58 |
| kleini | Would like to test the upgrade guide from bionic to focal. | 08:05 |
| opendevreview | Dmitriy Rabotyagov proposed openstack/openstack-ansible master: Switch ceph-ansible to Pacific https://review.opendev.org/c/openstack/openstack-ansible/+/804610 | 08:21 |
| opendevreview | Merged openstack/openstack-ansible-rabbitmq_server master: Fix erlang upgrades for rabbitmq external_repo installs https://review.opendev.org/c/openstack/openstack-ansible-rabbitmq_server/+/803711 | 09:20 |
| opendevreview | Merged openstack/ansible-role-python_venv_build stable/wallaby: Add variables to set permissions for created files https://review.opendev.org/c/openstack/ansible-role-python_venv_build/+/804338 | 09:33 |
| opendevreview | Merged openstack/ansible-role-python_venv_build stable/wallaby: Add distro/arch to requirements file path https://review.opendev.org/c/openstack/ansible-role-python_venv_build/+/804432 | 09:34 |
| opendevreview | Merged openstack/ansible-role-python_venv_build stable/victoria: Add variables to set permissions for created files https://review.opendev.org/c/openstack/ansible-role-python_venv_build/+/804339 | 09:36 |
| opendevreview | Merged openstack/ansible-role-python_venv_build stable/victoria: Add distro/arch to requirements file path https://review.opendev.org/c/openstack/ansible-role-python_venv_build/+/804493 | 09:36 |
| kleini | andrewbonney: do you have some draft somewhere, where I could peak a little bit into? | 09:50 |
| andrewbonney | Not yet. It's very close to https://docs.openstack.org/openstack-ansible/rocky/admin/upgrades/distribution-upgrades.html with a couple of tweaks | 09:51 |
| andrewbonney | The most important thing is to have the recent patches applied before upgrading | 09:51 |
| andrewbonney | I'll try and get a draft ready in the next couple of days | 09:51 |
| kleini | that old guide already has some useful pointers for me. | 09:57 |
| opendevreview | Dmitriy Rabotyagov proposed openstack/openstack-ansible-os_neutron master: Exclude neutron from venv constraints https://review.opendev.org/c/openstack/openstack-ansible-os_neutron/+/798960 | 10:16 |
| opendevreview | Dmitriy Rabotyagov proposed openstack/openstack-ansible-os_neutron stable/wallaby: Exclude neutron from venv constraints https://review.opendev.org/c/openstack/openstack-ansible-os_neutron/+/798881 | 10:16 |
| opendevreview | Dmitriy Rabotyagov proposed openstack/openstack-ansible-galera_server master: Update galera to 10.6.4 https://review.opendev.org/c/openstack/openstack-ansible-galera_server/+/804370 | 10:24 |
| opendevreview | Merged openstack/openstack-ansible master: Fix permissions for files created on repo server https://review.opendev.org/c/openstack/openstack-ansible/+/804077 | 10:26 |
| opendevreview | Dmitriy Rabotyagov proposed openstack/openstack-ansible-os_neutron stable/wallaby: Replace centos-8.x jobs with centos-8-stream https://review.opendev.org/c/openstack/openstack-ansible-os_neutron/+/804447 | 10:27 |
| opendevreview | Dmitriy Rabotyagov proposed openstack/openstack-ansible-os_neutron stable/wallaby: Set ovn hostname using nodename facts https://review.opendev.org/c/openstack/openstack-ansible-os_neutron/+/804448 | 10:27 |
| opendevreview | Dmitriy Rabotyagov proposed openstack/openstack-ansible-os_neutron stable/wallaby: Set ovn hostname using nodename facts https://review.opendev.org/c/openstack/openstack-ansible-os_neutron/+/804448 | 10:27 |
| opendevreview | Dmitriy Rabotyagov proposed openstack/openstack-ansible-os_neutron stable/wallaby: Fix OVN metadata protocol to point https https://review.opendev.org/c/openstack/openstack-ansible-os_neutron/+/804449 | 10:28 |
| opendevreview | Dmitriy Rabotyagov proposed openstack/openstack-ansible-os_neutron stable/wallaby: Fix OVN metadata protocol to point https https://review.opendev.org/c/openstack/openstack-ansible-os_neutron/+/804449 | 10:28 |
| opendevreview | Dmitriy Rabotyagov proposed openstack/openstack-ansible-os_neutron stable/wallaby: Switch calico job from bionic to focal https://review.opendev.org/c/openstack/openstack-ansible-os_neutron/+/804710 | 10:28 |
| opendevreview | Dmitriy Rabotyagov proposed openstack/openstack-ansible-os_neutron stable/wallaby: Switch calico job from bionic to focal https://review.opendev.org/c/openstack/openstack-ansible-os_neutron/+/804710 | 10:28 |
| opendevreview | Andrew Bonney proposed openstack/openstack-ansible stable/wallaby: Fix permissions for files created on repo server https://review.opendev.org/c/openstack/openstack-ansible/+/804711 | 10:30 |
| *** sshnaidm|pto is now known as sshnaidm | 10:30 | |
| *** sshnaidm is now known as sshnaidm|pto | 10:31 | |
| opendevreview | Andrew Bonney proposed openstack/openstack-ansible stable/victoria: Fix permissions for files created on repo server https://review.opendev.org/c/openstack/openstack-ansible/+/804693 | 10:32 |
| kleini | How do I correctly restore a keystone container with all its fernet/credential keys and so on? | 10:54 |
| kleini | setup-openstack.yml --limit localhost,somehost_keystone_container-hash fails to start keystone due to missing keys | 10:55 |
| kleini | Luckily I manually backed up the fernet and credential keys of the first keystone container and had to restore them manually. How is this done correctly using OSA? | 11:18 |
| noonedeadpunk | I'm afraid it's not handled properly. So fernets would be just rotated and issued tokens invalidated | 11:19 |
| noonedeadpunk | I think we probably should add some mount point or edit existing one so that keys were resided in directories that persist during container removal | 11:21 |
| kleini | the documentation mentions such keys and to be careful on container removal to not lose them and luckily I already knew about those keys for keystone. which other keys do exist, that need to be backed up on container removal? | 11:23 |
| noonedeadpunk | like mount location with fernet keys to /openstack/{{ container_name }} | 11:24 |
| noonedeadpunk | not sure how to handle upgrade path for that though | 11:25 |
| kleini | my question is more, about which keys do I have to take care, not to loose them. what other keys are possibly somewhere in an OSA deployment for other OpenStack services? | 11:26 |
| noonedeadpunk | I think these are main ones. Maybe some idp stuff as well but not sure | 11:26 |
| noonedeadpunk | you also should take care regarding octavia ssl certs | 11:26 |
| kleini | barbican for storing private keys encrypted somehow? | 11:27 |
| noonedeadpunk | because amphoras are completing auth with them | 11:27 |
| noonedeadpunk | depends on the storage driver | 11:27 |
| noonedeadpunk | but with simple_crypto, it needs only secret that is in user_secrets | 11:27 |
| noonedeadpunk | so nothing special | 11:28 |
| noonedeadpunk | rotating certs for octavia is nighmare if they're lost... Eventually you'd need to respawn all amphoras | 11:29 |
| kleini | I have octavia deployed but no loadbalancers currently active :-) | 11:30 |
| opendevreview | Merged openstack/openstack-ansible-os_neutron master: Add support of OVN for CentOS-8-Stream https://review.opendev.org/c/openstack/openstack-ansible-os_neutron/+/803987 | 11:33 |
| noonedeadpunk | Other then that - nothing comes to mind (ofc except galera and rabbit :D) | 11:35 |
| opendevreview | Dmitriy Rabotyagov proposed openstack/openstack-ansible-os_neutron stable/wallaby: Add support of OVN for CentOS-8-Stream https://review.opendev.org/c/openstack/openstack-ansible-os_neutron/+/804717 | 11:36 |
| opendevreview | Dmitriy Rabotyagov proposed openstack/openstack-ansible-os_neutron stable/wallaby: Add support of OVN for CentOS-8-Stream https://review.opendev.org/c/openstack/openstack-ansible-os_neutron/+/804717 | 11:36 |
| opendevreview | Dmitriy Rabotyagov proposed openstack/openstack-ansible-os_neutron master: Set OVN jobs to voting https://review.opendev.org/c/openstack/openstack-ansible-os_neutron/+/804324 | 11:37 |
| spatel | Morning folks! | 12:22 |
| spatel | noonedeadpunk i saw your comments, let me take a look - https://review.opendev.org/c/openstack/openstack-ansible-os_neutron/+/803990/6/defaults/main.yml#447 | 12:23 |
| noonedeadpunk | hey \o\ | 12:32 |
| noonedeadpunk | well, it's not like it's written in stone, but more a suggestion for discussion. Maybe current state is fine after all, but I guess having list of hosts is cleaner since defaults are to be renderred in docs | 12:33 |
| anskiy | hello. I've installed mistral, but as far as I can see, there are no cross-service actions, for example: there is no cinder.volume_snapshots_create. It looks, like all of these actions were moved to mistral-extra package, here: https://opendev.org/openstack/mistral-extra, so I need to add it to mistral_user_pip_packages. Is this proper way to do this? I'm asking because those "extra" actions | 12:59 |
| anskiy | look like core functionality for mistral. | 12:59 |
| opendevreview | Merged openstack/openstack-ansible-os_horizon stable/ussuri: Add missing 'horizon-config' tag https://review.opendev.org/c/openstack/openstack-ansible-os_horizon/+/771550 | 13:04 |
| spatel | Folk!!! looking for Horizon replacement with morden GUI dashboard then here you go - https://satishdotpatel.github.io/openstack-skyline-dashborad/ | 13:05 |
| spatel | I am thinking to bring skyline on OSA :) | 13:23 |
| strattao | For a production environment, are the networking requirements in the OSA documentation accurate and still recommended or are there any best practices that are not documented here? | 15:01 |
| strattao | https://docs.openstack.org/openstack-ansible/wallaby/user/prod/example.html | 15:01 |
| strattao | I have seen a bunch of OVN discussions recently, and I don't know if that makes any impact in the network design decisions based on these production network examples... | 15:03 |
| strattao | maybe jrosser or spatel can chime in? Any thoughts/caveats with following the production environment network configuration? | 15:05 |
| spatel | strattao that document is still valid for production deployment | 15:06 |
| spatel | OVN will only change few components in neutron level. | 15:07 |
| DK4 | still playing around on trying to get a multinode setup up, im pretty far but getting this error at nova_api creation: https://pastebin.com/VYGXgkWy any ideas on wheres that failing? | 15:25 |
| spatel | DK4 use https://paste.opendev.org/ for posting any error snippet, it format it very well compare to pastebin | 15:29 |
| spatel | Are you deploying new cloud or doing some kind of upgrade etc.. i would say check nova-api logs something went wrong during this command run /openstack/venvs/nova-23.1.0.dev9/bin/nova-manage db online_data_migrations | 15:33 |
| DK4 | https://paste.opendev.org/show/808117/ like this? | 15:33 |
| DK4 | spatel: this is a new cloud, not upgrading it | 15:35 |
| spatel | check nova-api logs it will tell you story why it failed | 15:36 |
| spatel | also you can run that command by hand on nova-api container also to see more output and also you can use --debug i believe to get verbose | 15:37 |
| DK4 | executing the online_data_migrations on the lxc containter itself gives me the same error. where do i actually find the log file for it? | 15:37 |
| spatel | in infra1_nova_api_container-28abf292 run journalctl -u nova-* -f | 15:38 |
| DK4 | tried to rerun that command with debug and it seems that error is actually gone by now. im trying to rerun the playbook.. thanks for all the hints | 15:39 |
| spatel | if this is not production then drop nova database and re-run os-nova-install.yml playbook again it will rebuild database | 15:39 |
| DK4 | yeah its just a testlab im starting to get into openstack | 15:40 |
| DK4 | the nova db has to dropped on that galera container? | 15:52 |
| spatel | yes galera DB | 16:02 |
| DK4 | seems that error fixed itself tough, im past the problematic step | 16:13 |
| DK4 | but i guess i have few problems running the deployment cause my vms are badly specced with 10gig ram each and 4 cores, gotta upgrade my host tommorow | 18:57 |
| opendevreview | Merged openstack/openstack-ansible-os_tempest stable/victoria: Use new openstack.cloud collection names https://review.opendev.org/c/openstack/openstack-ansible-os_tempest/+/776438 | 20:46 |
Generated by irclog2html.py 2.17.2 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!