Monday, 2025-04-28

« Sunday, 2025-04-27 Index Tuesday, 2025-04-29 »
opendevreviewOpenStack Proposal Bot proposed openstack/openstack-ansible master: Imported Translations from Zanata  https://review.opendev.org/c/openstack/openstack-ansible/+/94829004:22
opendevreviewDmitriy Rabotyagov proposed openstack/openstack-ansible master: Unfreeze roles after milestone release  https://review.opendev.org/c/openstack/openstack-ansible/+/94628107:43
noonedeadpunkwow, 35m aio build right here: https://zuul.opendev.org/t/openstack/build/16ff2eb6a5f044afb3e254f0c317d94007:50
noonedeadpunkgood morning:)07:50
jrosserwe have a grafana dashboard for this dont we08:03
jrossercan probably see when the new modern nodes in the raxflex regions became available, and i would hope we also see an improvement from ansible forks too08:03
jrosseroh, we really do need to update that again, it's looking at non-existant jobs08:05
opendevreviewMerged openstack/openstack-ansible master: docs: minor fixes with RabbitMQ and HAProxy  https://review.opendev.org/c/openstack/openstack-ansible/+/94756908:08
noonedeadpunkyeah, dashboard needs some love for sure08:32
opendevreviewDmitriy Rabotyagov proposed openstack/openstack-ansible master: Fix SHA test scenario  https://review.opendev.org/c/openstack/openstack-ansible/+/94831909:26
opendevreviewDmitriy Rabotyagov proposed openstack/openstack-ansible master: Unfreeze roles after milestone release  https://review.opendev.org/c/openstack/openstack-ansible/+/94628109:26
opendevreviewDmitriy Rabotyagov proposed openstack/openstack-ansible-os_horizon master: Stop creating the `member` role in Horizon  https://review.opendev.org/c/openstack/openstack-ansible-os_horizon/+/94832110:00
opendevreviewDmitriy Rabotyagov proposed openstack/openstack-ansible-os_horizon master: Loop around module list in horizon_translations_update  https://review.opendev.org/c/openstack/openstack-ansible-os_horizon/+/65604510:01
opendevreviewDmitriy Rabotyagov proposed openstack/openstack-ansible-os_horizon master: Loop around module list in horizon_translations_update  https://review.opendev.org/c/openstack/openstack-ansible-os_horizon/+/65604510:02
opendevreviewDmitriy Rabotyagov proposed openstack/openstack-ansible-os_horizon master: Use standalone httpd role  https://review.opendev.org/c/openstack/openstack-ansible-os_horizon/+/94767310:13
opendevreviewDmitriy Rabotyagov proposed openstack/openstack-ansible-os_horizon master: Use standalone httpd role  https://review.opendev.org/c/openstack/openstack-ansible-os_horizon/+/94767310:13
opendevreviewDmitriy Rabotyagov proposed openstack/openstack-ansible-os_horizon master: Ensure post-install is idempotent  https://review.opendev.org/c/openstack/openstack-ansible-os_horizon/+/94768010:14
noonedeadpunkso pretty much for the release we have keystone -> httpd and figure out smth with Zun10:28
noonedeadpunkand we also have manila broken I believe...10:29
noonedeadpunkas ganesha is replaced with in-tree code / plugin IIRC10:29
* noonedeadpunk planning to work on keystone right away10:30
* noonedeadpunk instantly regred that decision10:41
noonedeadpunk*regret10:41
noonedeadpunkI'm very o_O an handlers even....10:49
noonedeadpunkit feels even now we'd restart uwsgi twice under certain conditions10:50
noonedeadpunkI guess I will just replace the apache setup for now and leave all clean-ups as a follow-up anyway... 11:04
noonedeadpunkAnd we'd need to add some kind of oidc test I guess...11:04
opendevreviewIvan Anfimov proposed openstack/openstack-ansible master: wip  https://review.opendev.org/c/openstack/openstack-ansible/+/94811112:19
noonedeadpunkjrosser: I'm looking at these proxy passes and wonder - do they have to be at the very end? basically, does the order matters in apache? really can't recall that... I believe that for locations/directories it does, but can't recall about options...13:38
noonedeadpunkhttps://opendev.org/openstack/openstack-ansible-os_keystone/src/branch/master/templates/keystone-httpd.conf.j2#L141-L14513:38
noonedeadpunkas i nthe httpd role we don't have anything at the end to add https://opendev.org/openstack/ansible-role-httpd/src/branch/master/templates/httpd_vhost.conf.j213:39
jrosseri dont know tbh13:42
jrosserthe order they are configured in does matter, ie first matching proxypass wins13:43
jrosserbut as for order in the file with everything else, not sure13:43
NeilHanlonYeah the order matters, as well as if you have any rules that end evaluation13:43
jrosseryou mean they have to go at the end of the config file? or just the order of them13:44
noonedeadpunkI know the order of same value does for sure13:44
noonedeadpunkBut really can't recall about order of different ones...13:44
NeilHanlonno not at the end necessarily 13:44
noonedeadpunkSo if smth will break if I add ProxyPass as `options`13:45
jpw_im setting up openstack for the first time. I'm really struggling to get a working network configuration though. are the docs up to date on this? Even using the example configs i seem to find myself in the situation where neutron is in a crash loop13:45
noonedeadpunkjpw_: Highly depend :)13:45
NeilHanlonwhat if instead of your jinja conditional, you actually conditionalized the ProxyPass? 13:45
noonedeadpunkjpw_: if you give the link to example and give a bit more of context - we probably can figure smth out13:46
jpw_my original plan was to use linux bridge for vxlan. As i understand using the "neutron_linuxbridge_agent" but neutron was complaining vxlan wan't a valid plugin.13:46
jpw_i'll make a pastebin of my user config/interfaces13:46
noonedeadpunkNeilHanlon: well, I'm rewriting the thing to httpd role. So was thinking about moving ProxyPass here: https://opendev.org/openstack/ansible-role-httpd/src/branch/master/templates/httpd_vhost.conf.j2#L40-L4213:47
noonedeadpunkwhich will be above <Location> and <Directory>13:47
noonedeadpunkjpw_: LinuxBridge is dropped from Neutron in 2025.113:47
noonedeadpunkSo it can not be used as an option anymore13:47
noonedeadpunkjpw_: but also by default we're deploying OVN since 2023.1 IIRC. So unless you define `neutron_plugin_type: ml2.lxb` - you are using OVN13:49
NeilHanlonhmm i may be wrong here, anyways.. it looks from a quick test that ProxyPass does terminate further execution13:49
noonedeadpunkand then there're also several more overrides needed for LXB13:49
noonedeadpunkBut it's pointelss to attempt a fresh deployment on LXB as of today13:49
noonedeadpunkNeilHanlon: gotcha13:49
noonedeadpunkbad news then :(13:49
NeilHanlonYeah... the only thing I can think of that might work would be to use mod_macro 13:50
jpw_https://paste.debian.net/1372056/13:51
NeilHanlonbut then you're templating out a template which sounds.. not ideal13:51
jpw_i got that far re lxb deprecation even though it wasn't explicitly stated. I've since tried again with ovs but not having any more luck13:52
noonedeadpunkjpw_: I see that `neutron_plugin_type: ml2.ovs` is commented out right now13:52
noonedeadpunkbut I think you need couple of more vars for OVS to work13:53
jpw_i'll uncomment it. i wasn't sure if it was default. i've not checked the defaults yet.13:54
noonedeadpunkI think you need this as well: neutron_plugin_base: ['router', 'metering']13:54
jpw_ok, done. any other comments or shall i try sending it?13:55
jpw_one other question i had about ovs. does it require any other configuration on the host or does osa handle it all?13:57
noonedeadpunkit probably should be fine otherwise....13:57
noonedeadpunkI did not check your network setup thoroughly though13:57
noonedeadpunkI think you might need less configuration actually. Ie, drop configuration of `br-vlan`, as I think this should be OVS bridge osa creates13:58
noonedeadpunkbut there should be a proper mapping for it in place...13:59
noonedeadpunkso `enp86s0` will be enslaved by OVS14:00
jpw_ok. that won't cause an issue with the other bridges will it? 14:00
noonedeadpunkI just somehow can't recall what is needed in `provider_networks` for this to happen :D14:00
noonedeadpunkno, it will not14:00
noonedeadpunkit would if you'd relied on `enp86s0` as untagged for something14:01
noonedeadpunklike using it for SSH access or smth :D14:01
jpw_nah native vlan is for pxe stuff14:01
jpw_ssh is coming in over vlan 4014:02
noonedeadpunkyes, right, that is good:)14:02
jpw_i'll try commenting it out after this run has completed. i'll let you know how i get on. 14:03
jpw_thank you14:03
noonedeadpunkone thing though, is that as it's an HCI setup, you might want to consider not mixing up OVS and LXB bridges on same hosts... It's generally should not matter, just wanted to say that it's possible to connect LXC containers to OVS as well14:03
jpw_as in build the bridges within ovs?14:04
noonedeadpunkyeah14:04
noonedeadpunkbut it's possibility, not requirement I guess14:04
noonedeadpunkjsut wanted to mention that14:04
jpw_that would be pushing the boundaries of my knowledge. 14:05
jpw_would that be following the process here? https://docs.openstack.org/openstack-ansible-os_neutron/2024.2/app-openvswitch.html14:05
noonedeadpunkI'm trying to find the doc14:06
noonedeadpunkit looks like it's not really documented :(14:07
noonedeadpunkexcept https://opendev.org/openstack/openstack-ansible/src/branch/master/etc/openstack_deploy/openstack_user_config.yml.example#L141-L14414:08
jamesdenton__jpw_ what sort of errors are you seeing with neutron logs? And if you can share your openstack_user_config.yml and user_variables.yml we can prob help you out14:08
noonedeadpunkjamesdenton__: it;'s https://paste.debian.net/1372056/14:08
jamesdenton__thank you14:08
jpw_i'll share some logs once this run completes. shouldn't be too much longer14:09
jamesdenton__ok - so i see in your interfaces file you;ve defined "br-vlan", but we also have that defined in openstack_user_config as an OVS bridge (it's not clear, i know)14:10
noonedeadpunkjpw_: so I had smth like this for using OVS as the bridge: https://paste.openstack.org/show/bcOLpjKoPCIl5mbHGiE1/14:10
jamesdenton__so, i would remove the one in the interfaces file14:10
jamesdenton__you also have a br-vlan defined twice - once at 42 and another at 51. I would remove 51-5914:11
noonedeadpunkjamesdenton__: do you recall if all options are there for proper mapping? As I'm using a neutron_provider_networks for a while now and somehow forgot what are required options would be in `provider_network` for os_neutron to create the bridge and wire interface to it14:11
jamesdenton__noonedeadpunk 42-50 should be enough to build an ovs bridge named 'br-vlan' and plug enp86s0 into it14:12
jamesdenton__actually i take that bacjk14:12
jamesdenton__change line 46 from host_bind_override to network_interface, then it will plug it in14:12
jamesdenton__but now there is likely a linux bridge named br-vlan causing conflicts14:13
jamesdenton__but i guess what also isn't clear here is whether or not LXC is to be used?14:14
jamesdenton__ie. is the intention to use it or not14:14
jpw_I am deploying in to LXC yes14:16
jpw_next steps. provide some logs, remove vlan from interfaces, remove :51-59, change :46 to `network_interface`14:18
jamesdenton__ok - hang tight14:18
jamesdenton__yes, change that to network_interfaces14:20
jamesdenton__remove br-vlan from interfaces file14:20
jamesdenton__and ip link delete br-vlan14:20
jpw_legends, neutron is happy now. i can load horizon :D14:21
jamesdenton__also, uncomment 19414:21
jamesdenton__if you hadn't already14:21
jamesdenton__might also need to fix the spacing on that one14:21
jpw_give me a few minutes. i need to do the interfaces change manually. 14:23
noonedeadpunkjamesdenton__: ah, right, I was looking at 51:59 and thinking that smth is missing there14:25
jamesdenton__been a minute14:25
jrosserfeels like we need to extract an example config from all this14:25
jamesdenton__... since i've looked at it14:25
jamesdenton__yes jrosser i think we can probably simplify it a bit14:26
* jamesdenton__ adds it to the backlog14:26
jamesdenton__see you in 202714:26
noonedeadpunklol14:26
jpw_yes some clarity would be welcome. that deprecation note for lxb is something i found in the bug tracker14:29
noonedeadpunkwe have not released the 2025.1, but this is present in release notes: https://docs.openstack.org/releasenotes/openstack-ansible/unreleased.html#upgrade-notes14:30
noonedeadpunkwith reference to jamesdenton__ plog post :)14:31
noonedeadpunk* blog14:31
jamesdenton__hey, lookie there :D14:31
jpw_removing that interface has made something very unhappy :s14:36
jamesdenton__oh?14:36
jpw_hanging on boot14:36
jamesdenton__whats the last message on console?14:37
jamesdenton__it should be unrelated14:37
jpw_"fauled to start console-font"14:37
jamesdenton__hmm let's wait and see14:38
jpw_i'll give it a few more minutes. im tempted to do a full redeploy so i can start fresh tomorrow14:38
jpw_oh it just came back14:39
jpw_"Dependency failed for openvswithch something" then the screen cleared14:40
jpw_i'll make those other changes14:40
noonedeadpunkNeilHanlon: I've read the doc https://httpd.apache.org/docs/2.4/mod/mod_proxy.html#proxypass and it seems that only relative position of ProxyPass to each other matters. And seems that all <Location>s are processed before any Vhost ones, so location of ProxyPass relative to Location does not matter.,..14:41
noonedeadpunkI'm not 100% sure still, but I guess I will try my luck...14:42
jamesdenton__jpw_ if you decide to do a full redeploy, ping me here and i can take a look at those files and your networking to hopefully ensure a good experience. then we can take your config and use it as an example14:47
jamesdenton__no doubt the docs have gotten stale in a few areas14:47
jpw_yeah sure, will do14:49
noonedeadpunkjpw_: as another thing to consider - you can try adding `neutron_provider_networks` - these will take precedence over stuff  you configured in `provider_networks` in openstack_user_config14:49
noonedeadpunkand they are waaaaay less confusing, IMO14:50
noonedeadpunkfrom the doc, I meanL: https://docs.openstack.org/openstack-ansible-os_neutron/2024.2/app-openvswitch.html#openstack-ansible-user-variables14:50
jpw_here's me thinking i had already picked the easy option14:53
jpw_if i understand that correctly you hand off a bridge to neutron_openvswitch_agent and it configures everything else?14:54
noonedeadpunkfor me personally - networking is hardest part of the OpenStack14:54
noonedeadpunkyou don't need to have a bridge14:54
noonedeadpunkyou hand off an interface and namings/mappings14:54
noonedeadpunkthen the role will create the bridge, add interface, configure neutron14:55
jpw_oh right it's directly against the interface14:55
jpw_that's nifty14:55
noonedeadpunkyou probably can add the bridge to another bridge as well14:55
noonedeadpunkbut naming should be different. and that is weird...14:55
noonedeadpunkbut you should be able to do that as well :D14:55
jamesdenton__here's an example i have: https://gisty.link/7fa4a117ff8af23bec5784554f77c5c0a098540814:56
noonedeadpunkI do have very much alike to that, yes ^14:56
jpw_specifically the hardest part about it for me was the terminology14:56
jpw_as in there's plenty of openstack specific terms that are new to me14:58
jamesdenton__yes, that tends to be the case14:58
*** gmaan_pto is now known as gmaan14:59
jamesdenton__no question is too basic to be asked here - so if there's any confusion don't hesitate15:00
jamesdenton__jrosser doesn't bite15:00
NeilHanlonnoonedeadpunk: hmm okay, i did a really quick test on my machine here but I could've been misinterpretting what I saw... good you read the docs :D 15:03
noonedeadpunkyou might be right though, as I did not come to the test part yet :(15:03
noonedeadpunkI just really want you to be wrong here and avoid introducing messy variable to the template :D15:06
noonedeadpunkwhat makes things worse - we don't use any federation over here, so I kinda struggle to do tests either15:07
jpw_jamesdenton__: it looks like that change of host_bind_override to network_interface may have causeed an issue.15:14
jpw_/usr/bin/ovs-vsctl -t 5 add-port br-vlan enp86s0", "interface_mapping": "br-vlan:enp86s0", "msg": "ovs-vsctl: cannot create a port named enp86s0 because a bridge named enp86s0 already exists"15:14
jamesdenton__host_bind_override was ineffective, and network_interface would plug enp86s0 into br-vlan, but if there;s some bridge named enp86s0 then it would be problematic. Can you post output of "ip link show"?15:15
noonedeadpunkit could be some leftover from prior runs15:16
jpw_im just rebooting to see the state of things after that br-vlan removal15:16
jpw_i think there's some lingering config here.15:17
jpw_i'm going to burn it down and try again15:17
noonedeadpunk`ovs-vsctl list-br` could be iunteresting, but whatever I guess15:23
jpw_`ip l` after a rebuild https://paste.debian.net/1372075/15:43
noonedeadpunkthat looks fine15:48
jamesdenton__that looks good, i would expect no complaints15:52
jpw_great. i'm deploying the rest of osa now. it'll take a while15:53
opendevreviewDmitriy Rabotyagov proposed openstack/openstack-ansible-os_keystone master: Use standalone httpd role  https://review.opendev.org/c/openstack/openstack-ansible-os_keystone/+/94833816:10
opendevreviewDmitriy Rabotyagov proposed openstack/openstack-ansible-os_horizon master: Use standalone httpd role  https://review.opendev.org/c/openstack/openstack-ansible-os_horizon/+/94767316:12
opendevreviewDmitriy Rabotyagov proposed openstack/openstack-ansible-os_horizon master: Use standalone httpd role  https://review.opendev.org/c/openstack/openstack-ansible-os_horizon/+/94767316:14
opendevreviewDmitriy Rabotyagov proposed openstack/openstack-ansible-os_horizon master: Use standalone httpd role  https://review.opendev.org/c/openstack/openstack-ansible-os_horizon/+/94767316:15
opendevreviewDmitriy Rabotyagov proposed openstack/openstack-ansible-os_horizon master: Ensure post-install is idempotent  https://review.opendev.org/c/openstack/openstack-ansible-os_horizon/+/94768016:17
jrosserjamesdenton__: sorry in meeting overload here :)16:20
jamesdenton__:D16:20
jrosserwas there something specific16:20
jamesdenton__you and me both16:20
jamesdenton__no no, just teasing16:21
jrosseroh right i see -ECONTEXT16:21
jpw_that looks like it's all deploying successfully now. thank you for your help all. I'll move on and do some more testing.17:05
jpw_jamesdenton__: i'll give you a ping later this week once i have refined things some more and give you my configs.17:05
noonedeadpunkawesome news17:08
jamesdenton__sounds good!17:09
opendevreviewDmitriy Rabotyagov proposed openstack/openstack-ansible-os_cinder master: Add EPEL repo for distro-based installs  https://review.opendev.org/c/openstack/openstack-ansible-os_cinder/+/94714217:14
opendevreviewDmitriy Rabotyagov proposed openstack/openstack-ansible-os_cinder master: Add EPEL repo for distro-based installs  https://review.opendev.org/c/openstack/openstack-ansible-os_cinder/+/94714217:23
opendevreviewDmitriy Rabotyagov proposed openstack/openstack-ansible-os_horizon master: Use standalone httpd role  https://review.opendev.org/c/openstack/openstack-ansible-os_horizon/+/94767319:37
opendevreviewDmitriy Rabotyagov proposed openstack/openstack-ansible-os_horizon master: Ensure post-install is idempotent  https://review.opendev.org/c/openstack/openstack-ansible-os_horizon/+/94768019:37
opendevreviewDmitriy Rabotyagov proposed openstack/openstack-ansible-os_keystone master: Use standalone httpd role  https://review.opendev.org/c/openstack/openstack-ansible-os_keystone/+/94833819:41
noonedeadpunkfwiw, EL9 distro setup is fixed with https://review.opendev.org/c/openstack/openstack-ansible-os_cinder/+/94714219:48
opendevreviewIvan Anfimov proposed openstack/openstack-ansible-os_trove master: Remove tags from README  https://review.opendev.org/c/openstack/openstack-ansible-os_trove/+/94837222:26
opendevreviewIvan Anfimov proposed openstack/openstack-ansible-os_trove master: Remove tags from README  https://review.opendev.org/c/openstack/openstack-ansible-os_trove/+/94837222:26
« Sunday, 2025-04-27 Index Tuesday, 2025-04-29 »

Generated by irclog2html.py 2.17.3 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!