opendevreview | James Denton proposed openstack/openstack-ansible-os_glance master: Add boto3 module for s3 backend https://review.opendev.org/c/openstack/openstack-ansible-os_glance/+/822870 | 03:15 |
---|---|---|
gokhani | hi folks, I tried to add octavia to my OSA 22.1.0 deployment, but it gives error and can not create constrainta | 07:50 |
gokhani | constraints.txt file | 07:51 |
gokhani | these are the logs: https://paste.openstack.org/show/811833/ | 07:51 |
gokhani | how can I solve this problem ? | 07:52 |
noonedeadpunk | hey | 08:07 |
noonedeadpunk | gokhani: I believe you have old ca-certificates in repo containers | 08:09 |
gokhani | noonedeadpunk, it seems it is related with systemd_python package. https://paste.openstack.org/show/811836/ | 08:11 |
noonedeadpunk | Paste you sent first explicitly says: Command errored out with exit status 128: git clone -q https://opendev.org/openstack/octavia /tmp/pip-wheel-adgqjg40/octavia | 08:12 |
noonedeadpunk | which is quite common issue for last severla month as opendev uses lets encrypt whos root ca expired September 30 | 08:13 |
noonedeadpunk | So to be able to verify and clone from opendev you need to have recent ca-certificates package | 08:14 |
kleini | what is the difference between keepalived internal and external ping address? | 08:18 |
kleini | what exactly happens if one of both pings does not respond any more? | 08:19 |
kleini | answering my own question again: keepalived has different configuration for internal and external interface and now corresponding ping configurations | 08:25 |
gokhani | noonedeadpunk, you are right, when I run "git clone -q https://opendev.org/openstack/octavia /tmp/pip-wheel-2nx5efr6/octavia" , it gives fatal: unable to access 'https://opendev.org/openstack/octavia/': server certificate verification failed. CAfile: none CRLfile: none | 08:27 |
noonedeadpunk | kleini: I can recall some recent changes to that so you could have only one defined or smth like that? | 08:32 |
noonedeadpunk | ah, yes, this implemented exactly that https://review.opendev.org/c/openstack/openstack-ansible/+/782374 | 08:33 |
noonedeadpunk | so it's to prevent failure when external resource becomes unavailable for all deployment | 08:34 |
noonedeadpunk | gokhani: you can update package easily with ad-hoc | 08:37 |
gokhani | noonedeadpunk, thanks, I reinstalled certificates, it is solved. | 08:46 |
opendevreview | Dmitriy Rabotyagov proposed openstack/openstack-ansible-os_glance master: Define _glance_available_stores in variables https://review.opendev.org/c/openstack/openstack-ansible-os_glance/+/822899 | 09:23 |
opendevreview | Dmitriy Rabotyagov proposed openstack/openstack-ansible-os_glance master: Add boto3 module for s3 backend https://review.opendev.org/c/openstack/openstack-ansible-os_glance/+/822870 | 09:23 |
opendevreview | Dmitriy Rabotyagov proposed openstack/openstack-ansible-os_glance master: Add boto3 module for s3 backend https://review.opendev.org/c/openstack/openstack-ansible-os_glance/+/822870 | 09:24 |
opendevreview | Merged openstack/openstack-ansible-plugins master: Add galaxy metadata and roles to use as a collection https://review.opendev.org/c/openstack/openstack-ansible-plugins/+/821009 | 09:26 |
kleini | noonedeadpunk: thanks. That commit message would be helpful here: https://docs.openstack.org/openstack-ansible-haproxy_server/wallaby/configure-haproxy.html#configuring-keepalived-ping-checks . Will try to contribute that. | 09:49 |
noonedeadpunk | you're always welcome!) | 10:14 |
opendevreview | Dmitriy Rabotyagov proposed openstack/ansible-role-python_venv_build master: Verify that wheels are built while running against multiple hosts https://review.opendev.org/c/openstack/ansible-role-python_venv_build/+/821415 | 10:22 |
opendevreview | Merged openstack/openstack-ansible-os_ironic master: Remove glance_api_servers from ironic.conf https://review.opendev.org/c/openstack/openstack-ansible-os_ironic/+/822839 | 10:24 |
*** akahat|out is now known as akahat|ruck | 10:31 | |
opendevreview | Merged openstack/openstack-ansible-os_rally stable/wallaby: Install PyMySQL as rally commands may not work without it https://review.opendev.org/c/openstack/openstack-ansible-os_rally/+/822802 | 10:42 |
opendevreview | Dmitriy Rabotyagov proposed openstack/ansible-role-python_venv_build master: Install python3-venv on destination hosts https://review.opendev.org/c/openstack/ansible-role-python_venv_build/+/822901 | 10:49 |
opendevreview | Merged openstack/openstack-ansible-os_rally stable/victoria: Install PyMySQL as rally commands may not work without it https://review.opendev.org/c/openstack/openstack-ansible-os_rally/+/822803 | 10:49 |
opendevreview | Dmitriy Rabotyagov proposed openstack/openstack-ansible-os_glance master: Define _glance_available_stores in variables https://review.opendev.org/c/openstack/openstack-ansible-os_glance/+/822899 | 10:50 |
opendevreview | Dmitriy Rabotyagov proposed openstack/openstack-ansible-os_glance master: Add boto3 module for s3 backend https://review.opendev.org/c/openstack/openstack-ansible-os_glance/+/822870 | 10:50 |
opendevreview | Dmitriy Rabotyagov proposed openstack/openstack-ansible-openstack_hosts master: Don not install virtualenv packages https://review.opendev.org/c/openstack/openstack-ansible-openstack_hosts/+/822902 | 10:53 |
noonedeadpunk | btw we broke gates with https://review.opendev.org/c/openstack/ansible-role-python_venv_build/+/822274 | 10:54 |
noonedeadpunk | https://review.opendev.org/c/openstack/ansible-role-python_venv_build/+/822901 hopefully will fix that | 10:54 |
jrosser_ | watch out, there is a venv constructed in the repo container for the wheel build | 11:28 |
jrosser_ | so it is possible that python3-venv is needed in both of those package lists | 11:28 |
noonedeadpunk | huh, I thought it's not | 11:36 |
noonedeadpunk | but yeah, agree | 11:36 |
noonedeadpunk | btw weird we haven't catched that | 11:37 |
opendevreview | Dmitriy Rabotyagov proposed openstack/ansible-role-python_venv_build master: Install python3-venv on destination hosts https://review.opendev.org/c/openstack/ansible-role-python_venv_build/+/822901 | 11:38 |
jrosser_ | I wonder if on metal jobs we only see the error in the wheel build venv | 11:38 |
jrosser_ | but then it breaks later on other lxc jobs | 11:38 |
jrosser_ | we have this before with patches to minor roles that only have metal job tests | 11:39 |
noonedeadpunk | oh, wait, we don't have lxc for python_venv_build | 11:40 |
noonedeadpunk | that's weird.... | 11:41 |
noonedeadpunk | I thought we had | 11:41 |
opendevreview | Dmitriy Rabotyagov proposed openstack/openstack-ansible-os_gnocchi master: Add availability to define gnocchi_incoming_driver https://review.opendev.org/c/openstack/openstack-ansible-os_gnocchi/+/822905 | 11:42 |
opendevreview | Dmitriy Rabotyagov proposed openstack/ansible-role-python_venv_build master: Switch to LXC jobs https://review.opendev.org/c/openstack/ansible-role-python_venv_build/+/822906 | 12:07 |
opendevreview | Dmitriy Rabotyagov proposed openstack/ansible-role-python_venv_build master: Switch to LXC jobs https://review.opendev.org/c/openstack/ansible-role-python_venv_build/+/822906 | 12:07 |
opendevreview | Dmitriy Rabotyagov proposed openstack/openstack-ansible-openstack_hosts master: Do not install virtualenv packages https://review.opendev.org/c/openstack/openstack-ansible-openstack_hosts/+/822902 | 13:03 |
noonedeadpunk | jrosser_: have you everr tried to expand galera cluster? It's me not seeing how to do this or role missing this? | 14:13 |
jrosser_ | noonedeadpunk: we did go from 2 -> 3 nodes one time, but i don't remember if there was really an issue with that | 14:24 |
jrosser_ | galera_server role, but not with OSA | 14:24 |
noonedeadpunk | huh | 14:24 |
jrosser_ | i'm thinking "just run the role" but guess theres more to it than that? | 14:25 |
noonedeadpunk | eventually what I see, is that current "boostrap" node got reconfigured and tries to restart with handler. But can't connect to all defined in config wsrep addresses and fail | 14:26 |
noonedeadpunk | but ok, got it. (I;m just playing in aio to figure out how to scale) | 14:26 |
jrosser_ | if the order of the hosts in the group changes that might be bad | 14:27 |
noonedeadpunk | galera_force_bootstrap=true doesnt have any effect and hardly used in code | 14:27 |
noonedeadpunk | no, bootstrap is still same | 14:27 |
noonedeadpunk | as others don't have maria installed at all yet | 14:28 |
noonedeadpunk | it's eventually matter of these 2 tasks https://opendev.org/openstack/openstack-ansible-galera_server/src/branch/master/handlers/main.yml#L64-L96 | 14:28 |
noonedeadpunk | I guess we shouldn't restart mysql when executing `Start new cluster` | 14:29 |
noonedeadpunk | and add galera_force_bootstrap as extra conditin for `Start new cluster` | 14:30 |
opendevreview | Marcus Klein proposed openstack/openstack-ansible-haproxy_server master: Describe in detail why external and internal keepalived ping addresses should be separated https://review.opendev.org/c/openstack/openstack-ansible-haproxy_server/+/822910 | 14:48 |
opendevreview | Marcus Klein proposed openstack/openstack-ansible-haproxy_server stable/wallaby: Describe in detail why external and internal keepalived ping addresses should be separated https://review.opendev.org/c/openstack/openstack-ansible-haproxy_server/+/822807 | 14:49 |
opendevreview | Marcus Klein proposed openstack/openstack-ansible-haproxy_server stable/xena: Describe in detail why external and internal keepalived ping addresses should be separated https://review.opendev.org/c/openstack/openstack-ansible-haproxy_server/+/822808 | 14:49 |
opendevreview | Dmitriy Rabotyagov proposed openstack/openstack-ansible-galera_server master: Fix galera_force_bootstrap behaviour https://review.opendev.org/c/openstack/openstack-ansible-galera_server/+/822911 | 14:50 |
kleini | damn: https://storyboard.openstack.org/#!/story/2009690 | 14:50 |
noonedeadpunk | This has been already fixed and released | 14:50 |
noonedeadpunk | kleini: just in case - we suggest backport patches only when master one merges | 14:52 |
kleini | sorry | 14:53 |
noonedeadpunk | np, just for the future) | 14:53 |
opendevreview | Merged openstack/openstack-ansible master: Update notes on how to enable TLS for VNC https://review.opendev.org/c/openstack/openstack-ansible/+/822690 | 15:05 |
opendevreview | Dmitriy Rabotyagov proposed openstack/openstack-ansible master: [doc] Update infra node scaling documentation https://review.opendev.org/c/openstack/openstack-ansible/+/822912 | 15:06 |
opendevreview | Dmitriy Rabotyagov proposed openstack/openstack-ansible stable/xena: Update notes on how to enable TLS for VNC https://review.opendev.org/c/openstack/openstack-ansible/+/822809 | 15:07 |
opendevreview | Merged openstack/openstack-ansible-os_nova stable/xena: Add release note issue for no console access when TLS for VNC enabled https://review.opendev.org/c/openstack/openstack-ansible-os_nova/+/822713 | 15:13 |
opendevreview | Dmitriy Rabotyagov proposed openstack/openstack-ansible master: [doc] Update infra node scaling documentation https://review.opendev.org/c/openstack/openstack-ansible/+/822912 | 15:20 |
opendevreview | Dmitriy Rabotyagov proposed openstack/openstack-ansible master: [doc] Update infra node scaling documentation https://review.opendev.org/c/openstack/openstack-ansible/+/822912 | 15:24 |
noonedeadpunk | kleini: do you know if https://bugs.launchpad.net/openstack-ansible/+bug/1948456 has been fixed? | 15:38 |
opendevreview | Dmitriy Rabotyagov proposed openstack/openstack-ansible-os_nova stable/victoria: Fix usage of tags https://review.opendev.org/c/openstack/openstack-ansible-os_nova/+/822930 | 15:52 |
opendevreview | Dmitriy Rabotyagov proposed openstack/openstack-ansible-os_nova stable/victoria: Fix usage of tags https://review.opendev.org/c/openstack/openstack-ansible-os_nova/+/822930 | 15:54 |
opendevreview | Dmitriy Rabotyagov proposed openstack/openstack-ansible-os_keystone stable/wallaby: Avoid Apache conflict with haproxy on metal https://review.opendev.org/c/openstack/openstack-ansible-os_keystone/+/822913 | 16:20 |
opendevreview | Dmitriy Rabotyagov proposed openstack/openstack-ansible-os_keystone stable/victoria: Avoid Apache conflict with haproxy on metal https://review.opendev.org/c/openstack/openstack-ansible-os_keystone/+/822931 | 16:20 |
opendevreview | Dmitriy Rabotyagov proposed openstack/openstack-ansible-os_keystone stable/ussuri: Avoid Apache conflict with haproxy on metal https://review.opendev.org/c/openstack/openstack-ansible-os_keystone/+/822932 | 16:20 |
opendevreview | Dmitriy Rabotyagov proposed openstack/openstack-ansible-os_keystone stable/train: Avoid Apache conflict with haproxy on metal https://review.opendev.org/c/openstack/openstack-ansible-os_keystone/+/822933 | 16:20 |
kleini | noonedeadpunk: I fixed it for me by using overrides: https://paste.opendev.org/show/811843/ | 16:22 |
kleini | deployment in staging is still running for W. will check afterwards | 16:22 |
kleini | btw Merry Christmas! | 16:22 |
noonedeadpunk | thanks, Merry Christmas to you too! :) | 16:23 |
* noonedeadpunk having Christmas on 7th of January :p | 16:23 | |
noonedeadpunk | ok, let me try to triage this the | 16:24 |
noonedeadpunk | *then | 16:24 |
noonedeadpunk | huh, so we need service types for like every service we have... | 16:25 |
noonedeadpunk | would be great to merge work on that with implementing service roles... | 16:26 |
noonedeadpunk | will try to take care of that on Monday I believe | 16:27 |
noonedeadpunk | this probably won't be backportable though | 16:27 |
opendevreview | Dmitriy Rabotyagov proposed openstack/openstack-ansible-galera_server master: Fix galera_force_bootstrap behaviour https://review.opendev.org/c/openstack/openstack-ansible-galera_server/+/822911 | 16:29 |
kleini | backporting is not necessary, as I have my solution with overrides | 16:44 |
opendevreview | Dmitriy Rabotyagov proposed openstack/openstack-ansible-tests master: Add config_template collection https://review.opendev.org/c/openstack/openstack-ansible-tests/+/822915 | 17:12 |
opendevreview | Dmitriy Rabotyagov proposed openstack/openstack-ansible-tests stable/victoria: Add config_template collection https://review.opendev.org/c/openstack/openstack-ansible-tests/+/822935 | 17:13 |
opendevreview | Dmitriy Rabotyagov proposed openstack/openstack-ansible-os_nova stable/victoria: Fix usage of tags https://review.opendev.org/c/openstack/openstack-ansible-os_nova/+/822930 | 17:13 |
opendevreview | Merged openstack/openstack-ansible stable/xena: Update notes on how to enable TLS for VNC https://review.opendev.org/c/openstack/openstack-ansible/+/822809 | 17:49 |
opendevreview | Merged openstack/openstack-ansible-haproxy_server master: Describe in detail why external and internal keepalived ping addresses should be separated https://review.opendev.org/c/openstack/openstack-ansible-haproxy_server/+/822910 | 17:52 |
opendevreview | Merged openstack/openstack-ansible-os_nova master: Disable shell for nova when tunneled migration not used https://review.opendev.org/c/openstack/openstack-ansible-os_nova/+/822838 | 23:54 |
Generated by irclog2html.py 2.17.3 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!