jrosser | o/ morning | 08:43 |
---|---|---|
noonedeadpunk | good morning | 08:43 |
noonedeadpunk | heh :) | 08:43 |
jrosser | hah | 08:43 |
opendevreview | Jonathan Rosser proposed openstack/ansible-role-pki master: Allow certificates to be installed by specifying them by name https://review.opendev.org/c/openstack/ansible-role-pki/+/954239 | 08:49 |
noonedeadpunk | so I think there're some first results of azimuth driver for capi, and was able to spawn k8s 1.33 for it with our already deployed control cluster | 08:53 |
noonedeadpunk | thus there's a chance of just do driver selection thing with telatively minor modifications | 08:54 |
jrosser | do we need to factor out the k8s control plane parts | 08:54 |
jrosser | as that would be common | 08:54 |
noonedeadpunk | yeah | 08:54 |
jrosser | how do you want to handle that, as for any variety of magnum in the future we will need a k8s in the infra nodes | 08:55 |
jrosser | so that might be more "core OSA" than any of the drivers is | 08:55 |
noonedeadpunk | though it would highly likely be a fork of ansible-collection-kubernetes | 08:55 |
noonedeadpunk | yeah, I was about to ask the same question :) | 08:55 |
noonedeadpunk | I don't know yet how to handle that | 08:56 |
noonedeadpunk | I think I would start from elaborating on what we already have in ops repo | 08:58 |
noonedeadpunk | and then stage things out somewhere | 08:58 |
noonedeadpunk | but then a question would be what to do with driver specific things | 09:00 |
jrosser | there is a whole pile of complexity with integrating the stuff in the ops repo into (for example) an AIO | 09:00 |
jrosser | its super expert level really | 09:00 |
noonedeadpunk | yeah, right, and we probably can phase this things out for sure | 09:00 |
noonedeadpunk | as given it's compatible - make sense to get it into core indeed | 09:01 |
jrosser | so for example, putting drivers aside, we could add a playbook and conf.d/env.d into the main repos very simply kind of now | 09:01 |
jrosser | different question then would be the k8s/containers collection which we have forks of for ~years now | 09:02 |
noonedeadpunk | so about playbooks - I'm looking through https://opendev.org/openstack/openstack-ansible-ops/src/branch/master/mcapi_vexxhost/playbooks and it looks it's somehow 50/50 | 09:02 |
noonedeadpunk | you mean that, right? https://opendev.org/openstack/openstack-ansible-ops/src/branch/master/mcapi_vexxhost/playbooks/files/openstack_deploy/user-collection-requirements.yml#L2-L5 | 09:03 |
jrosser | yes | 09:03 |
jrosser | for playbooks its mainly this https://opendev.org/openstack/openstack-ansible-ops/src/branch/master/mcapi_vexxhost/playbooks/k8s_install.yml#L16-L17 | 09:04 |
noonedeadpunk | well, I think we have several options here, given I lost any hope about merging anything to it | 09:04 |
jrosser | mnaser: ^ reality is starting to really bite here :( | 09:05 |
noonedeadpunk | but we can be adding this to the os_magnum as well? https://opendev.org/openstack/openstack-ansible-ops/src/branch/master/mcapi_vexxhost/playbooks/mcapi_magnum_integration.yml | 09:05 |
jrosser | we can, for sure | 09:05 |
jrosser | i guess the original question was kind of philosophical one about how we support out of tree drivers | 09:05 |
jrosser | but i'm not sure tbh how "in tree" the azimuth one is | 09:06 |
noonedeadpunk | well, it was mainly as I wanted to have some "universal" way for different drivers. and had no clue about any of them at a time | 09:06 |
noonedeadpunk | at least it seems to be a bit better maintained atm, as missing 2 major k8s versions is kinda sucks... | 09:07 |
noonedeadpunk | also, given that I saw 1.31 even being spawned with heat driver (with some changes ofc0 | 09:08 |
noonedeadpunk | anyway | 09:08 |
jrosser | well we can do it in pieces | 09:08 |
jrosser | port 1/2 of whats in the ops repo to os_magnum, and 1/2 to plugins repo/main repo | 09:09 |
noonedeadpunk | I kinda don't want to go into "in-tree" topic, as it doesn't matter. I'm more about having a way to pick the poison more naturally indeed | 09:09 |
noonedeadpunk | yeah | 09:09 |
jrosser | sure | 09:09 |
noonedeadpunk | but I also think it might make sense to add second one to ops first, to see the full picture/scope? | 09:09 |
noonedeadpunk | *second driver | 09:09 |
noonedeadpunk | dunno though | 09:10 |
jrosser | i think the choice there would be if we factor out the control plane k8s or not, and re-use it | 09:10 |
jrosser | well, actually it could probably be reused now as mcapi_vexxhost is a collection, so the control plane parts may be usable independantly anyway | 09:11 |
noonedeadpunk | yes, right. and for that we need to decide what to do with ansible-collection-kubernetes | 09:11 |
noonedeadpunk | yeah | 09:11 |
noonedeadpunk | I was thinking about forking it more permanently and encompassing all fixes we need for it to be universal for both drivers | 09:12 |
noonedeadpunk | not sure if do that into a github space or pull it to opendev | 09:12 |
noonedeadpunk | probably pulling to opendev is not really an option, as from what I can tell, it seems to be GPL 3.0 license: https://github.com/jrosser/ansible-collection-kubernetes/blob/main/galaxy.yml#L8-L9 | 09:17 |
noonedeadpunk | weirdly though, license is not included in-tree.... | 09:17 |
noonedeadpunk | but then in tasks it's apache 2.0: https://github.com/jrosser/ansible-collection-kubernetes/blob/main/roles/cluster_api/tasks/patch.yml#L7 | 09:18 |
noonedeadpunk | I wonder if we should move proxy role just as a task to os_magnum and include it conditionally based on selected driver | 09:23 |
noonedeadpunk | https://opendev.org/openstack/openstack-ansible-ops/src/branch/master/mcapi_vexxhost/roles/proxy/tasks/main.yml | 09:23 |
noonedeadpunk | oh, we can't as it's targeting different group of hosts.... | 09:23 |
noonedeadpunk | anyway, I would be doing that all stuff in a "free" time | 09:25 |
noonedeadpunk | but kinda eager to complete and finally sort out capi drivers this cycle | 09:39 |
jrosser | is anyone else using gerrit in a dark mode desktop | 14:15 |
jrosser | the in browser editor is almost unusable for me because the syntax hightlighting is picking colors not really readable on a dark background | 14:16 |
noonedeadpunk | I'm using in white mode | 14:18 |
noonedeadpunk | or well, it says "auto" | 14:18 |
jrosser | feels like the background changes to black but does not choose an alternative syntax highlighting pallete | 14:20 |
noonedeadpunk | I think it works for me? | 14:21 |
opendevreview | Jonathan Rosser proposed openstack/ansible-role-pki master: Generate ca_bundle during cert creation for standalone backend https://review.opendev.org/c/openstack/ansible-role-pki/+/954628 | 14:21 |
noonedeadpunk | it's a bit toxic to my taste... | 14:22 |
noonedeadpunk | https://ibb.co/XxTGDs88 | 14:22 |
jrosser | ah hmmm https://pasteboard.co/bSizYwylwcDz.png | 14:23 |
noonedeadpunk | ok, that is not how I see it for sure | 14:24 |
opendevreview | Jonathan Rosser proposed openstack/ansible-role-pki master: Generate ca_bundle during cert creation for standalone backend https://review.opendev.org/c/openstack/ansible-role-pki/+/954628 | 14:48 |
opendevreview | Jonathan Rosser proposed openstack/openstack-ansible master: Add debian trixie job definitions https://review.opendev.org/c/openstack/openstack-ansible/+/954616 | 15:45 |
opendevreview | Jonathan Rosser proposed openstack/openstack-ansible master: Add debian trixie job definitions https://review.opendev.org/c/openstack/openstack-ansible/+/954616 | 16:02 |
opendevreview | Jonathan Rosser proposed openstack/openstack-ansible-plugins master: Add debian trixie as a supported platform https://review.opendev.org/c/openstack/openstack-ansible-plugins/+/954976 | 16:50 |
jrosser | we should probably set `openstack.osa` collection as installing from master branch during development, theres a surprise waiting in a-c-r which doesnt do that | 16:51 |
opendevreview | Jonathan Rosser proposed openstack/openstack-ansible master: Use the master branch of the openstack.osa collection for dev work https://review.opendev.org/c/openstack/openstack-ansible/+/954979 | 16:58 |
noonedeadpunk | ah, yes, my bad, sorry | 17:02 |
opendevreview | Jonathan Rosser proposed openstack/openstack-ansible-lxc_hosts master: Fix sync of /etc/apt/mirrors/ to container base image. https://review.opendev.org/c/openstack/openstack-ansible-lxc_hosts/+/954980 | 17:04 |
jrosser | ansible-hardning fail on py3.13 https://docs.python.org/3/library/spwd.html | 17:12 |
noonedeadpunk | oh, we have a module there | 17:15 |
noonedeadpunk | doesn't look like python-pam supports it either | 17:16 |
jrosser | i found an approach like this https://github.com/saltstack/salt/pull/67788/commits/8a8fc0814264364de2928aeb1207226d18b6f2f8 | 17:22 |
jrosser | which is kind of gross | 17:22 |
noonedeadpunk | does not look too complex though.... | 17:24 |
opendevreview | Jonathan Rosser proposed openstack/openstack-ansible-haproxy_server master: Always install netcat-openbsd on debian https://review.opendev.org/c/openstack/openstack-ansible-haproxy_server/+/954985 | 17:26 |
noonedeadpunk | we have quite some things depending on this module | 17:26 |
noonedeadpunk | which kinda make sense as well | 17:26 |
opendevreview | Jonathan Rosser proposed openstack/openstack-ansible-memcached_server master: Always install netcat-openbsd on debian https://review.opendev.org/c/openstack/openstack-ansible-memcached_server/+/954986 | 17:31 |
jrosser | so i get as far as galera with really only small changes on trixie | 17:33 |
jrosser | unsurprisingly there is no repo for that | 17:33 |
noonedeadpunk | well, I think we can do same as for EL10 now there? | 17:48 |
NeilHanlon | noonedeadpunk: so.. i forgot to update you last week, apologies. | 20:01 |
NeilHanlon | systemd-networkd can be grabbed from EPEL for EL9 and EL10. it's in the `systemd-extras` package: https://koji.fedoraproject.org/koji/buildinfo?buildID=2200700 | 20:01 |
Generated by irclog2html.py 4.0.0 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!