Thursday, 2025-07-17

« Wednesday, 2025-07-16 Index Friday, 2025-07-18 »
opendevreviewDmitriy Rabotyagov proposed openstack/openstack-ansible master: Offload network provisionment for AIO to openstack_hosts  https://review.opendev.org/c/openstack/openstack-ansible/+/95357006:37
opendevreviewDmitriy Rabotyagov proposed openstack/openstack-ansible master: Offload kernel module management to openstack_hosts  https://review.opendev.org/c/openstack/openstack-ansible/+/95368506:38
opendevreviewDmitriy Rabotyagov proposed openstack/openstack-ansible master: Define losetup devices statically rather then dynamically  https://review.opendev.org/c/openstack/openstack-ansible/+/95377006:38
f0onoonedeadpunk: sometimes you get so fixated on the high-tech solutions that you entirely forget the low-tech ones. I've already a spanned L2 because of distributed FIPs. I can just slop a /48 on that and expose that as a 2nd network. Sure it's not dualstack but honestly who cares. It's far less headaches than the bgp-shenanigans06:56
noonedeadpunkwell, if you are passing it to computes, and don't need any routers on it - then yeah06:59
noonedeadpunkNDP still does work06:59
f0oyeah that's where I'm at right now after drowning in overcomplicated diagrams and just moving the bottleneck from one OVN chassis to another07:00
noonedeadpunkbut I'd guess you need a different vl;an and then another port to VMs07:00
f0oyeah07:00
f0ovlans are free :D07:00
noonedeadpunkand it could be tricky for sya octavia/magnum/trove07:00
f0ooctavia is my only concern07:00
f0obut if I go with amphora driver instead of ovn it shouldnt care right?07:01
noonedeadpunkI frankly never checked if you can have multiple VIP ports there07:01
noonedeadpunklike technically - it should be possible, but if it's implemented or not - good question07:01
f0oor maybe LBaaS just becomes a v4-only thing alltogether07:01
noonedeadpunkor different LBs for v4 v6?:)07:02
f0oyeah something like that07:02
noonedeadpunkwhich is kinda waste of resources... but well07:02
f0oidk better than the OVN GWChassis rabbithole07:02
f0owill lab this a bit prior07:03
noonedeadpunkfrankly - I tend to agree here07:12
jrosser^ interested in the meaning here?07:13
noonedeadpunkI'm not much fan of L3 setup as of today, si8mply due to it being overcomplex and very tricky to debug and understand07:13
jrosserdedicated gw chassis == bad?07:13
noonedeadpunkno, not really07:13
noonedeadpunkbut ovn-bgp-agent is not best thing out07:14
jrosserthis is all in my future so knowing what not to do is ++++07:14
noonedeadpunkor well. maybe too early and too late07:14
f0odedicated gw chassis is alright but it lacks active/active load sharing. Right now it's just sharded allocation. A single tenant can put a lot of stress on them if they start pushing packets a lot which will effect other tenants that happened to be scheduled on the same GW chassis. If OVN would allow ECMP then all chassis could be used in active/active fashion07:15
noonedeadpunkjust ovn-bgp-agent is really a set of hooks to make L2 oriented OVN deal with L307:15
jrosserdid anyone try ovs offload for a gw chassis07:16
noonedeadpunkwe can't do that due to ovn-bgp pretty much07:16
noonedeadpunkas it all gets ejected into kernel networking right away07:17
f0oI tried but apparently my NICs although supported by DPDK and OVS, wouldnt work so the whole thing just collapsed07:17
opendevreviewJonathan Rosser proposed openstack/openstack-ansible-os_keystone master: Switch from wsgi script to wsgi module  https://review.opendev.org/c/openstack/openstack-ansible-os_keystone/+/95526807:53
opendevreviewJonathan Rosser proposed openstack/openstack-ansible master: Bump SHAs for master  https://review.opendev.org/c/openstack/openstack-ansible/+/95522607:53
opendevreviewDmitriy Rabotyagov proposed openstack/openstack-ansible stable/2023.2: Bump SHAs for EOL-ing 2023.2  https://review.opendev.org/c/openstack/openstack-ansible/+/95089307:55
opendevreviewIvan Anfimov proposed openstack/openstack-ansible master: Replaced usage outdate egrep to grep  https://review.opendev.org/c/openstack/openstack-ansible/+/95374008:43
opendevreviewDmitriy Rabotyagov proposed openstack/openstack-ansible master: Offload network provisionment for AIO to openstack_hosts  https://review.opendev.org/c/openstack/openstack-ansible/+/95357009:30
opendevreviewDmitriy Rabotyagov proposed openstack/openstack-ansible master: Provision AIO network interfaces conditionally  https://review.opendev.org/c/openstack/openstack-ansible/+/95357410:36
opendevreviewDmitriy Rabotyagov proposed openstack/openstack-ansible-plugins master: Implement post openstack_hosts playbook  https://review.opendev.org/c/openstack/openstack-ansible-plugins/+/95528010:47
opendevreviewJonathan Rosser proposed openstack/openstack-ansible-os_magnum master: Switch from wsgi script to wsgi module  https://review.opendev.org/c/openstack/openstack-ansible-os_magnum/+/95050912:30
opendevreviewJonathan Rosser proposed openstack/openstack-ansible-os_ironic master: Add apparmor rules for ironic inspector  https://review.opendev.org/c/openstack/openstack-ansible-os_ironic/+/95100312:35
opendevreviewIvan Anfimov proposed openstack/ansible-hardening master: Use doc8 for documentation generation  https://review.opendev.org/c/openstack/ansible-hardening/+/71028412:50
opendevreviewJonathan Rosser proposed openstack/openstack-ansible-os_ironic master: Switch from wsgi script to wsgi module  https://review.opendev.org/c/openstack/openstack-ansible-os_ironic/+/95050812:52
opendevreviewJonathan Rosser proposed openstack/openstack-ansible-os_ironic master: Switch from wsgi script to wsgi module  https://review.opendev.org/c/openstack/openstack-ansible-os_ironic/+/95050812:52
opendevreviewIvan Anfimov proposed openstack/ansible-hardening master: Use doc8 for documentation generation  https://review.opendev.org/c/openstack/ansible-hardening/+/71028413:06
opendevreviewIvan Anfimov proposed openstack/ansible-hardening master: Use doc8 for documentation generation  https://review.opendev.org/c/openstack/ansible-hardening/+/71028413:25
opendevreviewIvan Anfimov proposed openstack/ansible-hardening master: Use doc8 for documentation generation  https://review.opendev.org/c/openstack/ansible-hardening/+/71028414:07
opendevreviewIvan Anfimov proposed openstack/ansible-hardening master: Use doc8 for documentation generation  https://review.opendev.org/c/openstack/ansible-hardening/+/71028414:07
opendevreviewJonathan Rosser proposed openstack/openstack-ansible-os_ironic master: Switch from wsgi script to wsgi module  https://review.opendev.org/c/openstack/openstack-ansible-os_ironic/+/95050816:21
opendevreviewJonathan Rosser proposed openstack/openstack-ansible-os_magnum master: Switch from wsgi script to wsgi module  https://review.opendev.org/c/openstack/openstack-ansible-os_magnum/+/95050916:21
jrosserthis is going to be a blocker for getting the master sha bump in https://review.opendev.org/c/openstack/openstack-ansible-os_keystone/+/95526816:23
jrosserand looks like we lost the neutron-server service entirely somewhere https://zuul.opendev.org/t/openstack/build/ece7fae953cc44a580038ff54a8b6471/logs16:27
noonedeadpunkI think they might have dropped it in favor of uwsgi16:46
noonedeadpunkand we switched it back and forth: https://opendev.org/openstack/openstack-ansible-os_neutron/src/branch/master/defaults/main.yml#L19616:47
noonedeadpunkI think we might need to add some more services still to make uwsgi work16:47
opendevreviewIvan Anfimov proposed openstack/ansible-hardening master: Use doc8 for documentation generation  https://review.opendev.org/c/openstack/ansible-hardening/+/71028416:49
opendevreviewIvan Anfimov proposed openstack/ansible-hardening master: Use doc8 for documentation generation  https://review.opendev.org/c/openstack/ansible-hardening/+/71028416:51
opendevreviewDamian Dąbrowski proposed openstack/ansible-role-pki master: Rename pki_method variable to pki_default_backend  https://review.opendev.org/c/openstack/ansible-role-pki/+/94887717:07
opendevreviewDamian Dąbrowski proposed openstack/ansible-role-pki master: Rename pki_method variable to pki_default_backend  https://review.opendev.org/c/openstack/ansible-role-pki/+/94887717:07
opendevreviewDamian Dąbrowski proposed openstack/openstack-ansible-openstack_hosts master: Pass required vars when installing CA certs  https://review.opendev.org/c/openstack/openstack-ansible-openstack_hosts/+/94888417:12
opendevreviewDamian Dąbrowski proposed openstack/openstack-ansible-openstack_hosts master: Pass pki_authorities var when installing CA certs  https://review.opendev.org/c/openstack/openstack-ansible-openstack_hosts/+/94888417:13
jrosserI still find this default backend var a bit wrong17:17
jrosserthat name might be more correct for a user when the backend is not overridden per cert17:18
opendevreviewDamian Dąbrowski proposed openstack/ansible-role-pki master: Add hashi_vault backend  https://review.opendev.org/c/openstack/ansible-role-pki/+/94888117:18
jrosserbut it’s much more wrong inside the role because it might not actually be the “default” backend if it’s overridden17:18
jrosseridk why we don’t just call it pki_backend then it’s in defaults/ and the semantics/purpose are clear17:23
damiandabrowskii really don't mind, i can change it17:29
damiandabrowskiwhen i thought about it, it was just confusing to call it pki_backend and let users put it into user_variables.yml for example17:30
damiandabrowskiwhile the subset of the certificates may use different backend17:30
opendevreviewDamian Dąbrowski proposed openstack/ansible-role-pki master: Rename pki_method variable to pki_backend  https://review.opendev.org/c/openstack/ansible-role-pki/+/94887717:31
opendevreviewDamian Dąbrowski proposed openstack/ansible-role-pki master: Rename pki_method variable to pki_backend  https://review.opendev.org/c/openstack/ansible-role-pki/+/94887717:36
opendevreviewDamian Dąbrowski proposed openstack/ansible-role-pki master: Rename pki_method variable to pki_backend  https://review.opendev.org/c/openstack/ansible-role-pki/+/94887717:38
opendevreviewDamian Dąbrowski proposed openstack/ansible-role-pki master: Rename pki_method variable to pki_backend  https://review.opendev.org/c/openstack/ansible-role-pki/+/94887717:39
opendevreviewMerged openstack/ansible-role-pki master: Add python3-setuptools for redhat-10 based distros.  https://review.opendev.org/c/openstack/ansible-role-pki/+/95421319:58
opendevreviewIvan Anfimov proposed openstack/ansible-role-pki stable/2025.1: Add python3-setuptools for redhat-10 based distros.  https://review.opendev.org/c/openstack/ansible-role-pki/+/95531820:02
opendevreviewMerged openstack/ansible-role-pki master: Generate ca_bundle during cert creation for standalone backend  https://review.opendev.org/c/openstack/ansible-role-pki/+/95462820:07
opendevreviewIvan Anfimov proposed openstack/ansible-hardening master: Use doc8 for documentation generation  https://review.opendev.org/c/openstack/ansible-hardening/+/71028420:08
opendevreviewIvan Anfimov proposed openstack/openstack-ansible-plugins master: Move provider_networks module into os_neutron  https://review.opendev.org/c/openstack/openstack-ansible-plugins/+/65813020:21
opendevreviewIvan Anfimov proposed openstack/openstack-ansible-galera_server master: Cannot set fs attributes on a non-existent symlink target  https://review.opendev.org/c/openstack/openstack-ansible-galera_server/+/95320320:28
opendevreviewDamian Dąbrowski proposed openstack/ansible-role-pki master: Separate backend-specific logic to improve extensibility  https://review.opendev.org/c/openstack/ansible-role-pki/+/94887820:51
opendevreviewDamian Dąbrowski proposed openstack/ansible-role-pki master: Change the format of 'san' parameter in `pki_certificates` variable  https://review.opendev.org/c/openstack/ansible-role-pki/+/94887920:52
opendevreviewDamian Dąbrowski proposed openstack/ansible-role-pki master: Change the format of 'san' parameter in `pki_certificates` variable  https://review.opendev.org/c/openstack/ansible-role-pki/+/94887920:52
opendevreviewDamian Dąbrowski proposed openstack/ansible-role-pki master: Change the format of 'san' parameter in `pki_certificates` variable  https://review.opendev.org/c/openstack/ansible-role-pki/+/94887920:56
opendevreviewDamian Dąbrowski proposed openstack/ansible-role-pki master: Rename pki_method variable to pki_backend  https://review.opendev.org/c/openstack/ansible-role-pki/+/94887720:58
opendevreviewDamian Dąbrowski proposed openstack/ansible-role-pki master: Separate backend-specific logic to improve extensibility  https://review.opendev.org/c/openstack/ansible-role-pki/+/94887820:59
opendevreviewDamian Dąbrowski proposed openstack/ansible-role-pki master: Change the format of 'san' parameter in `pki_certificates` variable  https://review.opendev.org/c/openstack/ansible-role-pki/+/94887921:01
opendevreviewDamian Dąbrowski proposed openstack/ansible-role-pki master: Use ttl instead of not_after in pki_authorities  https://review.opendev.org/c/openstack/ansible-role-pki/+/94888021:01
opendevreviewDamian Dąbrowski proposed openstack/ansible-role-pki master: Use ttl instead of not_after in pki_authorities  https://review.opendev.org/c/openstack/ansible-role-pki/+/94888021:01
opendevreviewDamian Dąbrowski proposed openstack/ansible-role-pki master: Use ttl instead of not_after in pki_authorities  https://review.opendev.org/c/openstack/ansible-role-pki/+/94888021:02
opendevreviewDamian Dąbrowski proposed openstack/ansible-role-pki master: Add hashi_vault backend  https://review.opendev.org/c/openstack/ansible-role-pki/+/94888121:30
opendevreviewIvan Anfimov proposed openstack/openstack-ansible-plugins master: Move provider_networks module into os_neutron  https://review.opendev.org/c/openstack/openstack-ansible-plugins/+/65813021:36
opendevreviewDamian Dąbrowski proposed openstack/openstack-ansible master: Add support for hashi_vault PKI backend  https://review.opendev.org/c/openstack/openstack-ansible/+/94888821:38
opendevreviewDamian Dąbrowski proposed openstack/openstack-ansible master: Enable openbao jobs  https://review.opendev.org/c/openstack/openstack-ansible/+/94888921:38
opendevreviewDamian Dąbrowski proposed openstack/openstack-ansible master: Enable openbao jobs  https://review.opendev.org/c/openstack/openstack-ansible/+/94888921:39
opendevreviewDamian Dąbrowski proposed openstack/openstack-ansible-os_neutron master: Add hashi_vault pki backend support  https://review.opendev.org/c/openstack/openstack-ansible-os_neutron/+/94942022:25
opendevreviewDamian Dąbrowski proposed openstack/ansible-role-pki master: Separate backend-specific logic to improve extensibility  https://review.opendev.org/c/openstack/ansible-role-pki/+/94887822:31
opendevreviewDamian Dąbrowski proposed openstack/ansible-role-pki master: Change the format of 'san' parameter in `pki_certificates` variable  https://review.opendev.org/c/openstack/ansible-role-pki/+/94887922:31
opendevreviewDamian Dąbrowski proposed openstack/ansible-role-pki master: Use ttl instead of not_after in pki_authorities  https://review.opendev.org/c/openstack/ansible-role-pki/+/94888022:32
opendevreviewDamian Dąbrowski proposed openstack/ansible-role-pki master: Add hashi_vault backend  https://review.opendev.org/c/openstack/ansible-role-pki/+/94888122:32
opendevreviewIvan Anfimov proposed openstack/openstack-ansible-plugins master: Move provider_networks module into os_neutron  https://review.opendev.org/c/openstack/openstack-ansible-plugins/+/65813023:09
« Wednesday, 2025-07-16 Index Friday, 2025-07-18 »

Generated by irclog2html.py 4.0.0 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!