Tuesday, 2017-01-17

« Monday, 2017-01-16 Index Wednesday, 2017-01-18 »
*** catintheroof has joined #openstack-dns00:11
*** hoangcx has joined #openstack-dns00:41
*** cuongnv has joined #openstack-dns01:06
*** catintheroof has quit IRC01:09
*** leitan has joined #openstack-dns01:17
*** leitan has quit IRC01:21
*** mlavalle has quit IRC01:26
*** EricGonczer_ has joined #openstack-dns01:34
*** EricGonczer_ has quit IRC01:37
*** EricGonczer_ has joined #openstack-dns01:43
*** EricGonczer_ has quit IRC01:45
*** fandi has joined #openstack-dns02:38
*** fandi has quit IRC02:39
openstackgerritCuong Nguyen proposed openstack/designate: Make exception catching more python3-ish  https://review.openstack.org/42102702:43
*** EricGonczer_ has joined #openstack-dns02:45
*** leitan has joined #openstack-dns03:18
*** leitan has quit IRC03:23
*** brensen has quit IRC03:26
*** brensen has joined #openstack-dns03:27
*** EricGonczer_ has quit IRC04:01
*** leitan has joined #openstack-dns05:19
*** leitan has quit IRC05:23
*** rahul1911 has joined #openstack-dns05:27
*** cliles has joined #openstack-dns06:00
*** rahul1911 has quit IRC06:04
*** rahul1911 has joined #openstack-dns06:30
*** richm has quit IRC06:42
*** eandersson_ has joined #openstack-dns06:48
*** eandersson has quit IRC06:51
*** leitan has joined #openstack-dns07:20
*** leitan has quit IRC07:24
*** leitan has joined #openstack-dns09:21
*** leitan has quit IRC09:26
openstackgerritavnish proposed openstack/designate-dashboard: Switch to oslo_log  https://review.openstack.org/42116909:27
*** hoangcx has quit IRC10:10
*** cuongnv has quit IRC10:17
*** haplo37_ has quit IRC10:19
*** haplo37_ has joined #openstack-dns10:19
*** abalutoiu has quit IRC11:06
*** richm has joined #openstack-dns11:13
*** rahul1911 has quit IRC11:19
*** leitan has joined #openstack-dns11:23
*** rahul1911 has joined #openstack-dns11:25
*** leitan has quit IRC11:27
*** rahul1911 has quit IRC11:35
*** leitan has joined #openstack-dns11:55
*** EmilienM has joined #openstack-dns12:21
EmilienMo/12:21
EmilienMI've reported a bug a few weeks ago about ipv6 binding, which looks broken: https://bugs.launchpad.net/designate/+bug/165383912:21
openstackLaunchpad bug 1653839 in Designate "ipv6 binding is broken" [High,Triaged]12:21
EmilienMtimsim: I saw you did some triage on it but do you know if it's in your radar?12:22
EmilienMwe had to stop to test designate in Puppet OpenStack CI, which is odd12:22
*** catintheroof has joined #openstack-dns12:32
*** EricGonczer_ has joined #openstack-dns12:32
*** EricGonc_ has joined #openstack-dns14:00
*** EricGonczer_ has quit IRC14:01
*** EricGonc_ has quit IRC14:13
*** EricGonczer_ has joined #openstack-dns14:14
*** mlavalle has joined #openstack-dns14:22
*** cleong has joined #openstack-dns14:23
*** ducttape_ has quit IRC14:26
*** abalutoiu has joined #openstack-dns14:31
*** stanzgy has quit IRC14:31
*** rahul1911 has joined #openstack-dns14:32
*** rahul1911 has quit IRC14:36
*** rahul1911 has joined #openstack-dns14:37
*** tdink has joined #openstack-dns14:52
*** ducttape_ has joined #openstack-dns14:59
*** pcaruana has quit IRC15:15
*** rahul1911 has quit IRC15:16
*** _ducttape_ has joined #openstack-dns15:59
*** ducttape_ has quit IRC16:03
mugsieEmilienM: it is on our radar, but we may not have developer time to fix it in ocata16:11
mugsieit is weird, it looks like the issue is in olso.service16:11
mugsieis there any other project that have this issue?16:11
EmilienMmugsie: not afik, only designate16:11
EmilienMmugsie: we deploy other services with ipv616:12
mugsie:/16:13
leitanHi guys, wondering if there is a resource to create and manage servers on the v2 version, cause i dont seem to get it working16:20
mugsieleitan: kinda16:22
leitanmugsie: enlight me please :)16:22
mugsiebut the v1/servers endpoint will update the servers applied in v216:22
leitanim getting 403 forbidden16:23
mugsiewe moved the config to a yaml file that is then loaded into the DB16:23
leitancalling v1/servers16:23
leitanwith designate client16:23
leitanor with curl16:23
leitanboth16:23
mugsieare you an admin?16:23
leitani am16:23
mugsiewhat version of designate again?16:23
leitanmitaka16:23
mugsieah16:23
mugsieok, we made it much better since then16:24
leitanfor example in other deployment16:24
mugsiehttp://docs.openstack.org/developer/designate/pools.html#managing-pools16:24
leitani have created the server previously to switching to v216:24
leitandesignate server-create etc16:24
mugsiethe "servers" are now the section called "ns_records"16:24
leitanand listing works with curl16:24
mugsiein that yaml file16:25
leitanok great16:25
leitanyes, so i dont need anymore16:25
leitanthe "server" that i create with server create16:25
leitanin v116:25
mugsieyeah - there was a loooooong transition - but we managed to move to the new config format16:25
mugsieno16:25
leitanmugsie: great, i have a fully working v2 env with that pool.yml, so i was mixing concepts then16:25
leitanmugsie: are you related with the neutron integration ? cause i need to know if ptr should be created automatically from floating ips allocated16:26
mugsieI have a working knowledge16:26
mugsiethey should be created16:27
mugsiebut you would need to delegate the in-arpa domain to the designate servers for it to be useful16:27
mugsiethey are not in the tenant / project though, they are in the admin tenat16:27
*** carthaca_ has joined #openstack-dns16:30
carthaca_Hi mugsie: are you up for more questions? :slightly_smiling_face:16:30
carthaca_We are trying to use the akamai backend to create a zone there, but run into some kind of chicken-egg-problem16:30
mugsiecarthaca_: sure :)16:30
mugsieOK, - is it TSIG Keys?16:31
carthaca_Here is in short how I understand what is happening: the backend is sending out SOA requests to akamai before setting the zone to active, but akamai can't retrieve the details via axfr from mdns because it is not active yet.16:31
carthaca_no tsig-keys is the thing I submitted and patched already xD16:31
mugsieoh. mdns should serve the zone regardless of the status16:31
mugsieif you dig @mdns:5354 zone.tld. SOA does it work?16:32
mugsieOH, akamai ! are you running miniDNS on port 53 ?16:32
carthaca_no that doesn't work16:32
mugsieyou have to run it on 53 for akamai to read it16:32
mugsie(they do not support non standard ports)16:33
carthaca_ok, I have to check with my colleague with the loadbalacing setup16:33
carthaca_but anyhow, it does not work on port 5354, too16:33
mugsiesorry "dig @mdns -p 5453 zone SOA"16:33
mugsie5453 i think is the right one16:34
mugsiesorry, it is 535416:35
mugsieOK, I would check the mdns logs then16:35
carthaca_it is telling ZoneNotFound16:37
carthaca_I cross-checked it earlier with dig AXFR, where I got 'ZoneNotFound while handling axfr request' for the zone that is in status pending16:39
*** cleong has quit IRC16:40
carthaca_but it worked for another one that lives on the bind backend16:40
mugsieand your using the tsig key?16:41
carthaca_yes that as well16:41
carthaca_dig -y keyname:secret ..etc16:41
mugsiehumm ...16:42
carthaca_makes no difference16:42
mugsiebrb16:43
carthaca_asking for SOA gives a similar log entry: "NotFound, refusing. Question was domain. IN SOA"16:44
timsimDo you have different pools?16:52
timsimAlso, what version of designate?16:52
carthaca_yes, two16:52
carthaca_newton16:53
carthaca_fwiw, we tried it both with poolmanager on mitaka, and with worker on newton16:53
timsimBut the main issue seems to be mdns notfounding your zone right?16:53
carthaca_yes, it is not serving the zone that is still in 'pending'16:54
timsimIs that tsig key scoped to the right pool?16:55
timsimor zone?16:55
leitanmugsie: thanks ill take a look, and yes the ptr for that in-arpa zone will be delegated to the powerdns servers that designate autoprovisinos16:57
carthaca_timsim: how I should best check that?16:59
*** _ducttape_ has quit IRC16:59
mugsietsig keys are not in the client yet, are they?16:59
*** ducttape_ has joined #openstack-dns16:59
timsimI don't think so17:00
carthaca_in db it has scope POOL and the correct resource_id of the akamai pool17:00
mugsieEmilienM: found the issue for #165383917:00
mugsiehttps://github.com/openstack/designate/blob/master/designate/service.py#L13017:00
EmilienMnice :)17:00
timsimcarthaca_: The resource_id matches the id of the pool in the db?17:00
carthaca_oh wait.. I was too quick... it doesn't match the pool id17:01
*** _ducttape_ has joined #openstack-dns17:01
timsimBOOM17:01
timsimThat's probably it17:01
carthaca_it matches the wrong pool17:01
mugsiethat will cause it17:01
carthaca_okay, time for some database fumbling :slightly_smiling_face:17:02
timsimYou can use the API too17:02
carthaca_you are my heroes if that's it17:03
mugsiecarthaca_: all timsim's doing :)17:03
timsimLucky guess, I was totally out after that.17:03
carthaca_ah tsigkey patch, then I will go that way17:03
*** ducttape_ has quit IRC17:04
carthaca_btw: to properly introduce myself: if you remember we met in Barcelona. I was the outsider in your working session on thursday :slightly_smiling_face:17:05
mugsieah, welcome to the channel!17:06
mugsiesummits help putting faces to IRC names :)17:06
timsimo/17:07
mugsieEmilienM: can you try setting "host" and "port" options instead of "listen" ?17:10
EmilienMmugsie: sure thing17:10
EmilienMmugsie: done, i'll let you know results17:12
mugsieEmilienM: thanks17:13
carthaca_It's not working yet, but I least I got another error, I can work with tomorrow, thanks :slightly_smiling_face:17:29
*** ftpd has joined #openstack-dns17:39
ftpdHi guys. I'm creating heat stack for designate as a service. After creating I'm trying to use designate cli client or curl on api instance and still have:17:40
ftpd2017-01-17 18:38:56.467 11772 INFO keystonemiddleware.auth_token [-] Rejecting request17:41
ftpdI have auth_url (and identity_uri and several other things) pointed to my openstack controllers, but as I can see all the traffic stays on the machine.17:42
ftpdNothing in keystone logs, nothing in tcpdumump (just connections from my floating ip to the 'basic' one0.17:42
ftpdIdeas?17:42
mugsieftpd: what does your designate.conf file look like?17:45
ftpdWhat section do you like do see?17:46
ftpdhttp://pastebin.com/5w4vrrd417:46
ftpdit's the authotoken section17:46
ftpdI've changed 35357 to 5000, it's my working public endpoint address from keystone (verified by openstack endpoint show on controller).18:04
ftpdStill the same error message.18:04
mugsieftpd: seems to be coming from https://github.com/openstack/keystonemiddleware/blob/2092d5783607223c7cbdfed690997e9c9f831b6f/keystonemiddleware/auth_token/__init__.py#L64218:07
mugsietry removing the "/v2.0"18:08
mugsieyou may also need the "domain" settings18:09
ftpdDo I need both, auth_url and auth_uri?18:13
mugsiethe keystoneauthmiddleware example just uses auth_url18:14
ftpdSeems so. auth_url is needed (MissingRequiredOptions: Auth plugin requires parameters which were not given: auth_url) and auth_uri recommended (Configuring auth_uri to point to the public identity endpoint is required; clients may not be able to authenticate against an admin endpoint).18:14
ftpdNevermind, I have both.18:15
ftpdBut still the same 40118:15
ftpd 19:09:17      mugsie| you may also need the "domain" settings18:15
mugsieproject_domain and user_domain18:16
ftpdlike project_domain and user_domain_id?18:16
ftpdOk.18:16
mugsie90% of the time they are just "default"18:16
EmilienMmugsie: https://review.openstack.org/#/c/403967/18:17
EmilienMmugsie: it sounds like host/port do not exist anymore in puppet-designate, because they are deprecated in designate18:17
mugsieapi_port + api_host are gone18:18
mugsiehost + port in the [service:api] shouldnt be18:18
mugsiebut let me check18:18
mugsieah18:19
mugsieits not depricated, as we did a weird thing in the API18:19
mugsiedamn18:19
mugsieOK, need a code change in our side then18:19
ftpdNothing new after project_domain and user_domain.18:20
mugsie:/18:21
mugsiecan you curl that endpoint from the designate VM ?18:21
ftpdhttp://pastebin.com/gs3bAJ4U18:24
EmilienMmugsie: do I need to do something in puppet-designate?18:24
mugsieEmilienM: nope, its on us18:24
EmilienMok, let me know when I can test something etc18:25
EmilienMthanks!18:25
mugsieack18:25
EmilienMand thanks for helping, it's appreciated :)18:25
ftpdOk, mugsie, I have to go home for today. Don't hesitate to hilight me here if you have more ideas to test, will do it tomorrow morning18:25
EmilienMmwhahaha: ^ fyi18:25
leitanguys, using COMPRESS_ENABLED = True and COMPRESS_OFFLINE = True the designatedashboard newton version has a lot of JS errors on the CREATE ZONE form, without using compression it works just fines, it seems that the JS used by the designate dashboard are getting compressed before other needed classes18:53
*** ducttape_ has joined #openstack-dns21:01
*** _ducttape_ has quit IRC21:04
*** ducttape_ has quit IRC21:17
*** ducttape_ has joined #openstack-dns21:17
*** leitan has quit IRC21:52
*** catintheroof has quit IRC22:20
*** thiagolib has quit IRC22:28
*** tdink has quit IRC23:00
*** ducttape_ has quit IRC23:07
« Monday, 2017-01-16 Index Wednesday, 2017-01-18 »

Generated by irclog2html.py 2.14.0 by Marius Gedminas - find it at mg.pov.lt!