Monday, 2018-06-11

« Sunday, 2018-06-10 Index Tuesday, 2018-06-12 »
*** dardelean_ has quit IRC00:00
*** vijaykc4 has quit IRC00:14
*** vijaykc4 has joined #openstack-containers00:30
*** dardelean_ has joined #openstack-containers01:05
*** dardelean_ has quit IRC01:10
*** pengdake has joined #openstack-containers01:18
*** hongbin has joined #openstack-containers01:18
*** pengdake_ has joined #openstack-containers01:38
*** pengdake has quit IRC01:41
*** ramishra has joined #openstack-containers02:14
*** Nel1x has joined #openstack-containers03:29
*** yolanda has joined #openstack-containers03:44
*** yolanda_ has quit IRC03:46
*** hongbin has quit IRC03:48
*** pengdake_ has quit IRC04:22
*** yamamoto has joined #openstack-containers04:28
*** pengdake_ has joined #openstack-containers04:50
*** pengdake_ has quit IRC04:55
*** pengdake has joined #openstack-containers04:56
*** Nel1x has quit IRC04:59
*** ykarel has joined #openstack-containers05:05
*** udesale has joined #openstack-containers05:09
*** flwang1 has quit IRC05:12
*** vijaykc4 has quit IRC05:21
*** udesale_ has joined #openstack-containers05:40
*** udesale has quit IRC05:41
*** vijaykc4 has joined #openstack-containers05:43
*** vijaykc4 has quit IRC05:56
*** pengdake has quit IRC05:57
*** udesale__ has joined #openstack-containers06:01
*** udesale_ has quit IRC06:03
*** AlexeyAbashkin has joined #openstack-containers06:04
*** iranzo has joined #openstack-containers06:10
*** iranzo has joined #openstack-containers06:10
*** sheel has joined #openstack-containers06:19
*** janki has joined #openstack-containers06:24
*** pcaruana has joined #openstack-containers06:26
*** belmoreira has joined #openstack-containers06:27
*** yamamoto has quit IRC06:35
*** yamamoto has joined #openstack-containers06:41
*** armaan has joined #openstack-containers07:01
*** pengdake has joined #openstack-containers07:01
*** b_bezak has joined #openstack-containers07:07
*** rcernin has quit IRC07:10
*** dardelean_ has joined #openstack-containers07:14
*** gsimondon has joined #openstack-containers07:19
*** dardelean_ has quit IRC07:28
*** armaan has quit IRC07:34
*** armaan has joined #openstack-containers07:34
*** belmoreira has quit IRC07:36
*** janki has quit IRC07:36
*** armaan has quit IRC07:44
*** armaan has joined #openstack-containers07:45
*** ykarel is now known as ykarel|afk07:46
*** yamamoto has quit IRC07:50
*** yamamoto has joined #openstack-containers07:51
*** yamamoto has quit IRC07:54
*** yamamoto has joined #openstack-containers07:54
*** yamamoto has quit IRC07:54
*** yamamoto has joined #openstack-containers07:56
*** ktibi has joined #openstack-containers07:58
*** janki has joined #openstack-containers07:59
brtknrwe have some patches locally which make magnum compatible with Docker-CE for both swarm and k8s. would it be helpful to push them upstream?08:00
strigazibrtknr: on atomic?08:00
brtknrstrigazi: yes08:00
strigazithen yes!08:00
brtknrokay! great08:01
strigazibrtknr: we have a stoty (previously bug) since some time08:01
strigazibrtknr: we have a story (previously bug) since some time08:01
brtknron storyboard?08:02
strigazibrtknr: https://storyboard.openstack.org/#!/story/172770008:02
brtknrstrigazi: also nice to see the move to storyboard :)08:05
strigazibrtknr: I'm passing all the blueprints now08:05
strigazibrtknr: do you have on github or somewhere the patches?08:05
brtknrstrigazi: yes, https://github.com/stackhpc/magnum/commits/stackhpc/queens08:08
brtknrstrigazi: it is specifically commit https://github.com/stackhpc/magnum/commit/2272ac84f29ff6cc5c6a19577b75c33377bf0193 that relates to supporting k8s and swarm08:09
brtknrwith docker-ce08:09
*** jmlowe has quit IRC08:10
strigazithis assuems that docker is installed in the OS, no?08:10
brtknrbut unlike the blueprint, we install docker via rpm-ostree rather than inside a container08:10
brtknryes it does08:10
strigaziwhat do you think about atomic install docker?08:12
brtknrhow would that work?08:13
brtknri haven't tried that approach but sounds like that would be a better approach08:13
strigazihttps://gitlab.cern.ch/cloud-infrastructure/magnum/commit/6aecfdcd237363a5dac2d0945bbb4da0c96d67f508:13
strigaziwe can combine the two patches08:14
strigaziour patch with yours that configures daemon.json08:14
*** ispp has joined #openstack-containers08:17
brtknrhow does running docker inside a container affect performance?08:18
strigaziit doesn't, why should it?08:18
brtknri thought atomic install = run docker inside runc08:19
strigaziit does08:19
strigazibrtknr: what is the overhead of running a container with runc?08:23
brtknrim not entirely sure, thats why i was asking you08:24
brtknrstrigazi: i imagine its minimal08:24
brtknrstrigazi: i imagine its minimal08:32
openstackgerritPiotr Mrowczynski proposed openstack/magnum stable/queens: Strip signed certificate  https://review.openstack.org/57416708:33
strigazibrtknr: i think there won't be any, not minimal08:33
*** belmoreira has joined #openstack-containers08:34
*** janki has quit IRC08:38
*** janki has joined #openstack-containers08:40
*** janki has quit IRC08:52
*** salmankhan has joined #openstack-containers09:28
*** ykarel|afk is now known as ykarel09:30
brtknrstrigazi: what is a valid DOCKER_CE_VERSION?09:31
brtknrI've tried 18.03 17.03, 17.03.1, none are working09:31
strigaziYou try to pull from where?09:32
brtknrFrom docker hub09:38
brtknratomic install --system --system-package no --name docker hub.docker.com/docker/docker:stable09:38
brtknris this not correct?09:38
strigaziit is not09:39
strigazisee https://storyboard.openstack.org/#!/story/172770009:39
strigaziwe need a special container09:39
*** udesale_ has joined #openstack-containers09:45
strigazitryL09:46
strigazitry:09:46
strigaziatomic install --system --system-package no --name docker gitlab-registry.cern.ch/cloud/docker-ce-centos:17.0909:47
strigazibrtknr: ^^09:47
*** udesale__ has quit IRC09:47
*** udesale_ has quit IRC09:50
brtknrstrigazi: why do we need custom image? i dont fully understand09:54
brtknralso, where is the Dockerfile for docker-ce-centos:17.09?09:55
brtknrmay i take a look?09:55
strigazigitlab.cern.ch/cloud/docker-ce-centos:17.0909:55
strigazigitlab.cern.ch/cloud/docker-ce-centos here09:55
*** ykarel has quit IRC09:58
*** ykarel has joined #openstack-containers10:01
brtknrso the client inside the container remains 1.13 but the server is updated to 17.0910:02
brtknrbtw how does cri-o compare to running docker10:04
*** pengdake has quit IRC10:44
brtknrstrigazi: when i build docker-centos locally, it appears to install docker-1.13.110:53
brtknrnot 17.0910:53
strigazibrtknr: try this one https://gitlab.cern.ch/cloud/atomic-system-containers/tree/cern-qa/docker-centos10:57
*** ykarel_ has joined #openstack-containers11:00
*** ykarel has quit IRC11:02
*** udesale has joined #openstack-containers11:03
brtknrstrigazi: this one works! thanks11:07
*** dardelean_ has joined #openstack-containers11:13
*** udesale has quit IRC11:14
*** udesale has joined #openstack-containers11:29
*** ykarel_ is now known as ykarel11:31
*** vijaykc4 has joined #openstack-containers11:33
*** rochapor1o has quit IRC11:34
*** udesale has quit IRC11:35
*** armaan has quit IRC11:57
*** armaan has joined #openstack-containers11:58
*** armaan has quit IRC12:02
*** ramishra has quit IRC12:09
*** markguz_ has joined #openstack-containers12:10
*** armaan has joined #openstack-containers12:18
*** armaan has quit IRC12:20
*** armaan has joined #openstack-containers12:20
*** markguz_ has quit IRC12:23
*** markguz_ has joined #openstack-containers12:26
*** ramishra has joined #openstack-containers12:30
*** serlex has joined #openstack-containers12:37
*** udesale has joined #openstack-containers12:38
*** pcaruana has quit IRC12:39
*** AlexeyAbashkin has quit IRC12:42
*** Nel1x has joined #openstack-containers12:44
*** Nel1x has quit IRC12:53
*** mago_ has joined #openstack-containers12:58
*** armaan has quit IRC13:01
*** armaan has joined #openstack-containers13:01
*** markguz_ has quit IRC13:03
*** pengdake has joined #openstack-containers13:05
*** udesale has quit IRC13:07
*** pengdake has quit IRC13:12
brtknrhow do you override daemon.json create by this repo?13:12
*** udesale has joined #openstack-containers13:15
*** zul has quit IRC13:15
brtknractually, it looks like docker running inside runc respect docker-storage13:19
*** zul has joined #openstack-containers13:19
*** pengdake has joined #openstack-containers13:21
*** vabada has joined #openstack-containers13:23
*** pengdake has quit IRC13:26
*** ispp has quit IRC13:29
*** markguz_ has joined #openstack-containers13:30
*** ispp has joined #openstack-containers13:31
*** pcaruana has joined #openstack-containers13:32
*** belmorei_ has joined #openstack-containers13:32
*** belmoreira has quit IRC13:34
strigaziyou can clear /etc/sysconfig/docker-storage13:43
strigazibrtknr: ^^13:44
*** sheel has quit IRC13:49
brtknrany reason why you havent pushed your patch upstream as it looks like it already works without any issues...14:00
*** ianychoi has quit IRC14:02
*** markguz_ has quit IRC14:02
*** AlexeyAbashkin has joined #openstack-containers14:04
*** armaan has quit IRC14:05
*** armaan has joined #openstack-containers14:06
*** zhubingbing has joined #openstack-containers14:06
*** Alexey_Abashkin has joined #openstack-containers14:11
*** zul is now known as zul_14:11
*** yamamoto has quit IRC14:11
*** yamamoto has joined #openstack-containers14:12
*** AlexeyAbashkin has quit IRC14:13
*** Alexey_Abashkin is now known as AlexeyAbashkin14:13
*** zul_ is now known as zul14:14
*** yamamoto has quit IRC14:19
*** chhagarw has joined #openstack-containers14:20
*** ricolin__ has joined #openstack-containers14:21
*** jmlowe has joined #openstack-containers14:31
*** yamamoto has joined #openstack-containers14:32
*** ykarel is now known as ykarel|away14:43
*** hongbin has joined #openstack-containers14:46
*** ispp has quit IRC14:51
*** b_bezak has quit IRC14:53
*** b_bezak has joined #openstack-containers14:53
*** ispp has joined #openstack-containers14:54
*** vabada has quit IRC14:54
*** b_bezak has quit IRC14:58
*** gsimondon has quit IRC15:03
*** jmlowe has quit IRC15:08
*** zhubingbing has quit IRC15:12
*** vijaykc4 has quit IRC15:30
*** jmlowe has joined #openstack-containers15:32
*** markguz_ has joined #openstack-containers15:36
*** markguz_ has quit IRC15:37
*** vijaykc4 has joined #openstack-containers15:37
*** markguz_ has joined #openstack-containers15:38
*** mago_ has quit IRC15:38
*** armaan has quit IRC15:39
*** ispp has quit IRC15:40
*** belmorei_ has quit IRC15:42
*** ramishra has quit IRC15:44
*** vijaykc4 has quit IRC15:48
*** ktibi has quit IRC15:55
*** dardelean_ has quit IRC15:59
*** dtruong_ has quit IRC16:05
*** AlexeyAbashkin has quit IRC16:11
*** zhubingbing has joined #openstack-containers16:12
*** AlexeyAbashkin has joined #openstack-containers16:13
*** dardelean_ has joined #openstack-containers16:14
*** ramishra has joined #openstack-containers16:16
*** zhubingbing has quit IRC16:17
*** ramishra has quit IRC16:21
*** ricolin__ has quit IRC16:27
*** Alexey_Abashkin has joined #openstack-containers16:35
*** AlexeyAbashkin has quit IRC16:36
*** Alexey_Abashkin is now known as AlexeyAbashkin16:36
*** Alexey_Abashkin has joined #openstack-containers16:42
*** AlexeyAbashkin has quit IRC16:44
*** Alexey_Abashkin is now known as AlexeyAbashkin16:44
openstackgerritClenimar Filemon proposed openstack/magnum master: federation-api: add api reference  https://review.openstack.org/55973216:48
*** udesale has quit IRC16:56
*** armaan has joined #openstack-containers16:57
*** gsimondon has joined #openstack-containers17:07
*** dardelean_ has quit IRC17:08
*** dardelean_ has joined #openstack-containers17:09
*** dardelean_ has quit IRC17:13
*** armaan has quit IRC17:13
*** armaan has joined #openstack-containers17:14
*** armaan has quit IRC17:22
*** armaan has joined #openstack-containers17:23
*** armaan has quit IRC17:27
*** armaan has joined #openstack-containers17:27
*** AlexeyAbashkin has quit IRC17:35
*** spiette has quit IRC17:44
*** spiette has joined #openstack-containers17:46
*** armaan has quit IRC17:52
*** ykarel|away has quit IRC18:00
*** flwang1 has joined #openstack-containers18:05
*** iranzo has quit IRC18:06
*** salmankhan has quit IRC18:12
*** zhubingbing has joined #openstack-containers18:14
*** zhubingbing has quit IRC18:19
*** imdigitaljim has quit IRC18:20
*** imdigitaljim has joined #openstack-containers18:20
*** armaan has joined #openstack-containers18:24
*** dave-mcc_ has quit IRC18:25
*** armaan has quit IRC18:27
*** gsimondon has quit IRC18:29
*** dave-mccowan has joined #openstack-containers18:30
*** dtruong has joined #openstack-containers18:31
*** oikiki has joined #openstack-containers18:34
*** chhagarw has quit IRC18:50
*** gsimondon has joined #openstack-containers18:56
*** dardelean_ has joined #openstack-containers18:59
*** dardelean_ has quit IRC19:03
*** jmlowe has quit IRC19:04
*** flwang1 has quit IRC19:29
*** gsimondo1 has joined #openstack-containers19:35
*** gsimondon has quit IRC19:37
*** yamamoto has quit IRC19:51
*** armaan has joined #openstack-containers19:55
-openstackstatus- NOTICE: Zuul was restarted for a software upgrade; changes uploaded or approved between 19:30 and 19:50 will need to be rechecked19:56
*** armaan has quit IRC20:00
imdigitaljimRegarding the continuation of applying primary/secondary masters: managing clusters, adding features, and maintaining code with a primary master resource and a secondary master resource for Kubernetes clusters (that may exist for long periods of time) will become burdensome and more prone to issues in terms of scaling masters without having a +1/-1 consideration, in-place upgrading clusters for a master pool and a snowflake,20:02
imdigitaljimfederation for similar concerns, and failure recovery (HA) between different resource groups to name a few. Following the intended Kubernetes paradigm of a homogenous pools for masters and minions (not: 1 special master, other/more masters, and minions), makes everything more manageable and less prone to error because you treat all masters as masters and all minions as minions and heat would reflect this cleanly. However, at cluster20:02
imdigitaljimcreation, I understand identifying a single bootstrapping master to construct the control plane and provide some services. flwang1 has put forth an excellent solution for this problem and can be adapted to fit almost any scenario for bootstrapping and I look forward to using it soon. Regarding the discoveryurl concerns, I think using the current default pattern as the primary choice in production still serves the best cluster delivery20:02
imdigitaljimmethod. However, I don’t like using the (external) public discoveryurl for availability and security reasons and propose adding as part of the Magnum setup the ability/documentation for configuring a project level etcd discovery service (we would be glad to put forth what we’ve done for this service), further eliminating the necessity/desire to use the two resource groups. Additional thoughts: we could consider a separate e20:02
imdigitaljimtcd cluster creation resource group to make scaling etcd and masters separated concerns. This has pros/cons we could discuss but I’m less concerned about this in the short term.20:02
*** gsimondon has joined #openstack-containers20:04
*** gsimondo1 has quit IRC20:05
*** oikiki has quit IRC20:06
*** oikiki has joined #openstack-containers20:07
*** ispp has joined #openstack-containers20:12
*** gsimondon has quit IRC20:15
*** zhubingbing has joined #openstack-containers20:16
*** serlex has quit IRC20:17
*** zhubingbing has quit IRC20:21
*** AlexeyAbashkin has joined #openstack-containers20:32
*** Alexey_Abashkin has joined #openstack-containers20:46
*** AlexeyAbashkin has quit IRC20:47
*** Alexey_Abashkin is now known as AlexeyAbashkin20:47
*** Alexey_Abashkin has joined #openstack-containers20:51
*** yamamoto has joined #openstack-containers20:51
*** AlexeyAbashkin has quit IRC20:51
*** Alexey_Abashkin is now known as AlexeyAbashkin20:51
*** AlexeyAbashkin has quit IRC20:56
*** yamamoto has quit IRC20:58
*** flwang1 has joined #openstack-containers21:05
*** AlexeyAbashkin has joined #openstack-containers21:08
*** oikiki has quit IRC21:13
*** ispp has quit IRC21:15
*** oikiki has joined #openstack-containers21:17
*** oikiki has quit IRC21:20
flwangimdigitaljim: still around? I'm keen to know the idea of separated etcd resource group or any idea removing the dependency of discovery.etcd.io21:21
imdigitaljimyeah im around21:23
imdigitaljimwe've been using a discovery etcd service that we have control over instead of the public one, which I'd recommend using as the primary approach for production level cluster bootstrapping21:25
imdigitaljimhttps://github.com/coreos/discovery.etcd.io21:25
imdigitaljimI can get some documentation on the setup pushed upstream21:26
imdigitaljimby me or others on my team21:26
imdigitaljimThe idea of separated etcd would involve another resource group that is built prior to the masters that would separately provide etcd for the cluster. This would reflect in heat with just resource groups for etcd, masters, and minions. I havent POC'd this idea yet personally but I've researched similar configurations21:30
flwangimdigitaljim: will those 3 etcd server be built in the same time?21:41
flwangthen how to resolve the discovery issue?21:42
imdigitaljimflwang: there still is a discovery service but its not external21:51
imdigitaljimall clusters in a project use this discovery service on bootstrap21:52
imdigitaljimbut its solely controlled by the OpenStack/Magnum admins21:53
imdigitaljimrather than discovery.etcd.io21:53
imdigitaljimhttp://21:53
*** AlexeyAbashkin has quit IRC21:54
flwangok, so you're talking about create a dedicated discovery server in openstack level, right?21:57
flwangwhich may be not dedicated for magnum, is it?21:57
flwangimdigitaljim: ^21:57
*** armaan has joined #openstack-containers21:59
imdigitaljimyes the discovery service would be dedicated on an openstack level22:02
imdigitaljimbut specifically for all magnum clusters to consume on bootstrap22:02
imdigitaljimso in other words, the configuration of magnum would be to setup api, conductor, and global etcd discovery22:03
imdigitaljimpart of the configuration*22:03
*** armaan has quit IRC22:13
*** armaan has joined #openstack-containers22:14
openstackgerritJim Bach proposed openstack/magnum master: Allow multimaster lb with no floating ip option  https://review.openstack.org/57447622:14
*** rcernin has joined #openstack-containers22:16
flwangimdigitaljim: cool22:16
flwangthat's probably we're going to do as well22:16
*** zhubingbing has joined #openstack-containers22:18
flwang1imdigitaljim: thanks for the patch https://review.openstack.org/574476 that's what i'm going to propose22:21
*** zhubingbing has quit IRC22:22
flwang1imdigitaljim: but what happened if user want to enable octavia and without FIP?22:23
flwang1imdigitaljim: because technically, if user has got LB for multi master, then it's not necessary to assign FIP for master nodes22:24
imdigitaljimflwang1: "enable octavia and without FIP?" I completely agree here and havent made an octavia version yet but I absolutely will, we have a team member getting octavia working soon and I'll be adding that as well22:27
imdigitaljimwe definitely will need it too22:27
flwang1imdigitaljim: i would suggest improving the logic here https://review.openstack.org/#/c/574476/1/magnum/drivers/heat/template_def.py@33222:28
flwang1and we can help test it22:28
flwang1BTW, i'm working on a patch to make the etcd lb optional22:28
flwang1because it doesn't make much sense to waste 1 FIP and 2 instances for a internal use etcd server22:29
imdigitaljimI will have a look at it :)22:30
flwangcool22:31
*** armaan has quit IRC22:33
*** armaan has joined #openstack-containers22:33
imdigitaljimflwang: would you like me to make an expected change for octavia or can I make a later patch for octavia's no fip version?22:34
flwangimdigitaljim: your call, mate22:36
flwangwe can merge this one and make the octavia_no_VIP as a following patch22:36
imdigitaljimi could verify it works later :)22:37
imdigitaljim(the octavia version) on a later patch22:37
flwangcool22:39
flwangthanks22:39
imdigitaljimwhat changes would you like for now for a +1? :)22:46
imdigitaljimflwang:^22:46
*** dardelean_ has joined #openstack-containers22:49
flwangimdigitaljim: at least a comments from you say the octavia with FIP case will be done later, or something like that22:49
*** armaan has quit IRC22:50
flwangso that the other reviewers could be aware of our talk22:50
*** armaan has joined #openstack-containers22:50
imdigitaljimokay sounds good22:51
imdigitaljimwill do22:51
flwangimdigitaljim: awesome, thanks22:51
flwangimdigitaljim: another question22:57
flwangcan't we just reuse the existing floating_ip_enabled https://review.openstack.org/#/c/574476/1/magnum/drivers/heat/template_def.py@357 ?22:57
*** armaan has quit IRC23:06
imdigitaljimits a different set of conditions23:06
imdigitaljimif you mean  env_files.append(COMMON_ENV_PATH + 'disable_floating_ip.yaml') this path23:06
imdigitaljimhere: def add_fip_env_file(env_files, cluster_template):23:07
flwangi mean can't we do --master-lb-enabled=True  --floating-ip-enabled=False  ?23:07
flwangcan't it meet your requirement?23:07
imdigitaljimthose flags are what we use yes23:07
imdigitaljimbut the desired outcome is not23:08
flwangoh, ok23:08
imdigitaljimso what happens is when load balancers are made23:08
imdigitaljimfloating:23:08
imdigitaljim    type: Magnum::Optional::Neutron::LBaaS::FloatingIP23:08
imdigitaljimin lb.yaml23:09
imdigitaljimis still left with a floating ip23:09
imdigitaljimthe no_fip patch present only does floating ip's for master/minions with23:09
imdigitaljim"Magnum::Optional::KubeMaster::Neutron::FloatingIP": "OS::Heat::None"23:09
imdigitaljim  "Magnum::Optional::KubeMinion::Neutron::FloatingIP": "OS::Heat::None"23:10
imdigitaljimflwang: ^23:10
flwangimdigitaljim: ok, i see.23:11
flwangthen the fix for octavia scenario should be also easy23:11
flwangbtw, why https://review.openstack.org/#/c/574476/1/magnum/drivers/common/templates/environments/with_master_lb_no_floating_ip.yaml@10 ?23:11
imdigitaljimgreat questions23:12
flwangit shouldn't be changed based on my understanding23:12
imdigitaljimthat may be needing to be another patch separately actually with some other changes.23:13
imdigitaljimusing a hardware load balancer you may not have health monitors23:13
flwanghmm... for that case, it shouldn't be part of the this change23:13
imdigitaljimagreed23:13
imdigitaljimgood find =)23:14
flwangthat's my job ;)23:14
flwangthanks for contributing23:15
imdigitaljimthanks for reviewing23:15
flwangI'm happy to +1 after you update you patch23:18
flwangbut I may replace it with a -1 after my local testing ;) hah23:18
*** hongbin has quit IRC23:26
*** dardelean_ has quit IRC23:31
imdigitaljimpointing out that change made me see a potentially cleaner more effective way to do this23:33
imdigitaljimill test it out and push it up23:33
flwangawesome23:46
*** Nel1x has joined #openstack-containers23:52
*** markguz_ has quit IRC23:54
« Sunday, 2018-06-10 Index Tuesday, 2018-06-12 »

Generated by irclog2html.py 2.15.3 by Marius Gedminas - find it at mg.pov.lt!