Wednesday, 2019-12-11

« Tuesday, 2019-12-10 Index Thursday, 2019-12-12 »
*** awalende has joined #openstack-glance00:31
*** awalende has quit IRC00:36
*** jcosmao has left #openstack-glance00:36
*** gyee has quit IRC01:09
*** Liang__ has joined #openstack-glance01:12
*** goldyfruit_ has joined #openstack-glance01:27
*** jmlowe has joined #openstack-glance01:32
*** rcernin has quit IRC01:53
*** jmlowe has quit IRC02:10
*** goldyfruit_ has quit IRC02:15
*** goldyfruit_ has joined #openstack-glance02:15
*** awalende has joined #openstack-glance02:32
*** awalende has quit IRC02:37
*** goldyfruit_ has quit IRC02:40
*** rcernin has joined #openstack-glance02:54
*** awalende has joined #openstack-glance04:10
*** udesale has joined #openstack-glance04:13
*** awalende has quit IRC04:15
*** bhagyashris has joined #openstack-glance04:20
*** abhishekk has joined #openstack-glance04:53
*** dansmith has quit IRC05:10
*** dansmith has joined #openstack-glance05:14
*** Laszlo-74 has joined #openstack-glance05:38
Laszlo-74hello05:58
Laszlo-74I have a problem with glance in queens05:58
Laszlo-74after an openstack ansible upgrade, glance is not able to get or create images05:59
Laszlo-74we are using rbd as backend05:59
Laszlo-74and in the same deployment cinder is working well with rbd05:59
Laszlo-74I have switched glance to debug mode, but it doesn't display any error06:00
Laszlo-74I've checked and glance is communicating with the ceph mons (at least I can see traffic between them)06:01
Laszlo-74this is the log that I get when trying to download an image from glance: http://paste.openstack.org/show/787414/06:06
Laszlo-74I can list images, and also show their details06:06
Laszlo-74it seems that the problem is when I try to reach their content06:07
Laszlo-74either to create a new image or to get data from an existing one06:07
Laszlo-74on the client side I get a gateway timeout from the ha-proxy06:09
*** pcaruana has joined #openstack-glance06:09
Laszlo-74as for the haproxy I have increased the timeout values to 30 sec. So I guess it's not that the ceph is not responding in time to the glance.06:11
Laszlo-74do you have any idea what could be wrong with glance?06:11
abhishekkLaszlo-74, nothing is in the logs, when you create the image, did you see your request is accepted by API in g-api logs?06:42
Laszlo-74abhishekk this is the log when I'm trying to create an image: http://paste.openstack.org/show/787415/07:04
*** tosky has joined #openstack-glance07:09
abhishekkLaszlo-74, I can see this line in the logs07:12
abhishekksince image size is zero we will be doing resize-before-write for each chunk which will be considerably slower than normal07:12
*** Laszlo-74 has quit IRC07:17
*** lpetrut has joined #openstack-glance07:18
openstackgerritAbhishek Kekane proposed openstack/glance master: Drop old neutron-grenade job  https://review.opendev.org/69841007:26
*** zainub_wahid has joined #openstack-glance07:31
*** Laszlo-74 has joined #openstack-glance07:40
*** bhagyashris has quit IRC07:54
*** Laszlo-74 has quit IRC07:56
*** belmoreira has joined #openstack-glance07:56
*** tesseract has joined #openstack-glance07:57
*** bhagyashris has joined #openstack-glance08:06
*** tkajinam has quit IRC08:12
openstackgerritMerged openstack/python-glanceclient master: Cleanup session object  https://review.opendev.org/67413308:16
*** awalende has joined #openstack-glance08:20
*** pcaruana has quit IRC08:22
*** bhagyashris has quit IRC08:30
abhishekkjokke_, around?08:51
*** awalende has quit IRC08:59
*** awalende has joined #openstack-glance09:01
*** bhagyashris has joined #openstack-glance09:01
*** Laszlo-74 has joined #openstack-glance09:01
Laszlo-74abhishekk hi again, I've been disconnected for a while ... It's strange that message with the zero size, as I am creating an image with some non zero content.09:04
*** udesale has quit IRC09:29
*** udesale has joined #openstack-glance09:32
*** zainub_wahid has quit IRC09:37
*** rcernin has quit IRC09:50
*** abhishekk has quit IRC09:57
*** farhanjamil has joined #openstack-glance09:59
*** farhanjamil has quit IRC10:07
*** Liang__ has quit IRC10:17
*** belmoreira has quit IRC10:44
*** belmoreira has joined #openstack-glance10:45
*** belmoreira has quit IRC10:49
*** bhagyashris has quit IRC10:53
*** udesale has quit IRC11:04
*** bhagyashris has joined #openstack-glance11:07
*** awalende has quit IRC11:20
*** awalende has joined #openstack-glance11:21
*** awalende_ has joined #openstack-glance11:23
*** awalende has quit IRC11:25
*** awalende_ has quit IRC11:27
*** abhishekk has joined #openstack-glance11:29
*** udesale has joined #openstack-glance11:35
*** pcaruana has joined #openstack-glance11:36
*** brinzhang has joined #openstack-glance12:00
*** awalende has joined #openstack-glance12:01
*** brinzhang has quit IRC12:02
*** brinzhang has joined #openstack-glance12:02
*** brinzhang has quit IRC12:03
*** brinzhang has joined #openstack-glance12:03
*** brinzhang has quit IRC12:04
*** spsurya has joined #openstack-glance12:05
*** brinzhang has joined #openstack-glance12:07
*** brinzhang has quit IRC12:07
*** brinzhang has joined #openstack-glance12:08
*** brinzhang has quit IRC12:09
*** brinzhang has joined #openstack-glance12:11
*** brinzhang has quit IRC12:11
*** brinzhang has joined #openstack-glance12:12
*** brinzhang_ has joined #openstack-glance12:16
*** nicolasbock has joined #openstack-glance12:18
*** brinzhang has quit IRC12:19
*** Liang__ has joined #openstack-glance12:27
*** udesale has quit IRC12:50
*** Laszlo-74 has quit IRC13:01
*** CeeMac has quit IRC13:08
*** goldyfruit_ has joined #openstack-glance13:17
*** abhishekk has quit IRC13:22
*** brinzhang_ has quit IRC13:33
zanebjokke_: any thoughts on my suggestion in https://review.opendev.org/#/c/693129/ ?13:50
*** Liang__ is now known as LiangFang13:54
jokke_zaneb: I kind of like the check_str approach but I don't 100% catch what's the problem in your second example, does that mean that if we take that approach the default will not be just override but applied in every case?13:55
jokke_like do we have any reasonable option where we could define the "default" from policy.json just as override for the defaults we have in code and if that's not provided from the admin we would behave like it didn't exist? (That would solve the backwards incompatibility which is my biggest fear here)13:57
jokke_As our default policy is far from sane for any real life deployment. It's super permissive so we're able to test stuff13:58
zanebjokke_: we should probably fix that by providing a sane default and overriding it for testing13:59
zanebthe problem in the second example is that currently the 'default' rule has the default value "role:admin", but in this proposal we'd change it to ""14:01
jokke_Currently we don't have default unless it's provided in the policy.json iirc14:02
zanebso if anybody is relying on *both* the 'default' rule *and* its default value of "role:admin" then behaviour will change14:02
*** goldyfruit_ has quit IRC14:02
jokke_the current policy.json is example providing list of policies we have, it sets the default as example and then overrides every single policy after that so the default only takes effect if you remove lines from tht example14:03
zanebhttps://opendev.org/openstack/glance/src/branch/master/glance/api/policy.py#L4314:03
jokke_aargh, totally forgot we merged that one14:04
zanebI think it's unlikely anyone is relying on that, but it's a risk we'd be taking14:04
zanebI don't think we actually have a choice though14:05
zanebwe can potentially use an upgrade checker to manage the risk14:05
jokke_this is why I hate this whoe initiative. silently changing security setting over upgrade s just fucking moronic no matter how much easier it makes some peoples lives14:06
*** bhagyashris has quit IRC14:06
zanebafaict glance is the only project relying on this behaviour. for every other project it was a no-op as far as users are concerned14:07
zanebonce the policy is in code you can actually do nice deprecation stuff in future; that's the reason for this initiative14:08
jokke_but i still prefer breaking that default that is in the code now than the "default" behavior from the policy.json people are actually relying on. This will look ugly AF in code but how about:14:08
zanebhaving a brain-dead useless policy (this applied to all projects) hard-coded in a json file that we could never change - that's what was moronic :)14:09
jokke_we set the "default" in the code to None and use the "default" from file only if it's actually provided14:10
zanebjokke_: I think that's the same thing that I proposed in my comment on the review14:13
jokke_ok, cool14:13
jokke_that (with the fact that I totally missed we merged the "default" in code already) was the part which was confusing me14:13
jokke_and thinking it back I might have even been the person +W'ing it ... +2'd at least14:14
zanebhttps://opendev.org/openstack/glance/commit/2428801c0065be665b0dc432ac6ebfe3190f4b2714:14
zanebnope you wrote it ;)14:15
jokke_dafuq :o14:15
jokke_how drunk have I been14:16
jokke_oh, that was in there already, I just changed the value14:17
zanebjokke_: yeah but if you hadn't changed the value we'd be fine now :P14:19
jokke_yep14:19
zanebI'm pretty sure every project had a default for the default in code since ~the beginning14:20
jokke_and that section has been there for ages ... I thought it was brought in there when this initiative started ... so those three things seems to have been there like since 201514:20
zaneb2012: https://opendev.org/openstack/glance/commit/4f36fba9969e77d01f3e296d946e6e11f1d0e82f14:22
jokke_LOL ... I'm feeling like giving up on this and going like "Let somebody else to deal with it i they really care" but that's the approach we took last time and seems like you're the somebody else :P14:22
zanebcorrect14:22
zanebI am as good as it gets ;)14:22
jokke_but honestly "hard-coded in a json file that we could never change" is the argument I never understood. It's a fecking config file in a repo. The process to change it is exactly the same as changing the ocde in the repo, just with the difference that upon upgrade you don't sneak it silently over to the consumer14:25
zanebon upgrade the consumer has to merge it14:26
jokke_exactly, or tell from the get go "don't touch my config files, I manage them myself"14:27
jokke_like any sane deployment tooling would be doing anyways14:28
jokke_but it's not like Trick or treat! You didn't check it before upgrading so we just opened your APIs to whole fecking world and turned your filewall off just because14:29
zanebin general we're moving stuff into code so we can make it stricter, not looser14:31
jokke_and honestly I would likely agreed on that 3-4 years ago when we had good handful of security focused cores pretty much in every project making sure stuff like that does not slip.14:50
jokke_Currently, guilty as charged, with handful of cores per project I can totally see myself being convinced before first cup of coffee that it's a good idea o change a default policy in code so testing can be done easier as "it's overruled in the deployments anyways, right"14:52
openstackgerritErno Kuvaja proposed openstack/glance-specs master: Delete image from single store  https://review.opendev.org/69801815:03
*** lpetrut has quit IRC15:32
*** jmlowe has joined #openstack-glance16:30
*** gyee has joined #openstack-glance16:55
*** LiangFang has quit IRC17:01
openstackgerritMerged openstack/glance master: Drop old neutron-grenade job  https://review.opendev.org/69841017:16
*** awalende has quit IRC17:46
*** awalende has joined #openstack-glance17:47
*** awalende has quit IRC17:51
*** awalende has joined #openstack-glance17:52
*** awalende_ has joined #openstack-glance17:54
*** awalende has quit IRC17:56
*** awalende_ has quit IRC17:57
*** awalende has joined #openstack-glance18:21
*** awalende has quit IRC18:25
*** tosky has quit IRC18:44
*** mvkr has quit IRC19:06
*** nicolasbock has quit IRC19:11
*** nicolasbock has joined #openstack-glance19:11
*** spsurya has quit IRC19:14
*** goldyfruit_ has joined #openstack-glance19:26
*** lpetrut has joined #openstack-glance19:33
*** tesseract has quit IRC19:46
*** lpetrut has quit IRC19:46
*** awalende has joined #openstack-glance19:48
*** awalende has quit IRC19:53
*** rcernin has joined #openstack-glance21:23
*** mvkr has joined #openstack-glance21:30
*** pcaruana has quit IRC21:38
*** tosky has joined #openstack-glance22:15
*** mvkr has quit IRC22:16
*** mvkr has joined #openstack-glance22:20
*** nicolasbock has quit IRC22:27
*** awalende has joined #openstack-glance22:34
*** awalende has quit IRC22:39
openstackgerritGrĂ©goire Unbekandt proposed openstack/glance master: WIP: Add ability to import image into multi-stores  https://review.opendev.org/66713222:59
*** tkajinam has joined #openstack-glance23:08
*** Liang__ has joined #openstack-glance23:20
*** tosky has quit IRC23:40
*** Liang__ has quit IRC23:42
*** brinzhang has joined #openstack-glance23:58
« Tuesday, 2019-12-10 Index Thursday, 2019-12-12 »

Generated by irclog2html.py 2.15.3 by Marius Gedminas - find it at mg.pov.lt!