Thursday, 2018-05-10

*** srart has joined #openstack-ironic		00:02
*** gyee has quit IRC		00:08
*** cjloader has joined #openstack-ironic		00:13
*** cjloader has quit IRC		00:17
*** akhilaki has quit IRC		00:32
*** mjturek has joined #openstack-ironic		00:39
*** mjturek has quit IRC		00:40
*** liuzz has joined #openstack-ironic		00:41
*** mikal_ has joined #openstack-ironic		00:45
*** mikal has quit IRC		00:49
*** zhangfei has joined #openstack-ironic		01:03
*** HoloIRCUser1 has joined #openstack-ironic		01:06
*** hshiina has joined #openstack-ironic		01:06
*** akhilaki has joined #openstack-ironic		01:07
*** akhilaki has quit IRC		01:08
*** HoloIRCUser1 has quit IRC		01:12
*** HoloIRCUser1 has joined #openstack-ironic		01:13
*** HoloIRCUser1 is now known as rloo		01:14
*** rloo has left #openstack-ironic		01:15
*** cjloader has joined #openstack-ironic		01:15
*** cjloader has quit IRC		01:20
*** sapd has joined #openstack-ironic		01:24
*** phuongnh has joined #openstack-ironic		01:27
openstackgerrit	Merged openstack/ironic master: Install OSC during quickstart https://review.openstack.org/567061	01:31
*** tiendc has joined #openstack-ironic		02:04
*** cjloader has joined #openstack-ironic		02:18
*** cjloader has quit IRC		02:23
*** links has joined #openstack-ironic		02:28
*** tiendc has quit IRC		03:10
*** tiendc has joined #openstack-ironic		03:12
*** cjloader has joined #openstack-ironic		03:13
*** cjloader has quit IRC		03:18
*** links has quit IRC		03:43
*** fragatina has quit IRC		03:55
*** fragatina has joined #openstack-ironic		03:56
*** gyankum has joined #openstack-ironic		03:56
*** gyan_ has joined #openstack-ironic		03:56
*** fragatina has quit IRC		04:00
*** rbudden has quit IRC		04:09
*** hamzy has joined #openstack-ironic		04:38
*** links has joined #openstack-ironic		04:49
openstackgerrit	Shivanand Tendulker proposed openstack/ironic master: Follow up to inspect wait implementation https://review.openstack.org/566948	04:55
*** marios has joined #openstack-ironic		04:56
*** rcernin has joined #openstack-ironic		05:05
*** jtomasek has joined #openstack-ironic		05:15
*** cjloader has joined #openstack-ironic		05:17
*** marios has quit IRC		05:18
*** marios has joined #openstack-ironic		05:18
*** cjloader has quit IRC		05:22
*** fragatina has joined #openstack-ironic		05:22
*** fragatina has quit IRC		05:23
*** fragatina has joined #openstack-ironic		05:23
*** UForgotten has quit IRC		05:25
*** jmccrory has quit IRC		05:28
*** jmccrory has joined #openstack-ironic		05:28
*** UForgotten has joined #openstack-ironic		05:29
*** jhesketh has quit IRC		05:58
*** hjensas has quit IRC		05:58
*** rajinir has quit IRC		06:05
*** fragatin_ has joined #openstack-ironic		06:17
*** fragati__ has joined #openstack-ironic		06:18
*** fragatina has quit IRC		06:20
*** fragatin_ has quit IRC		06:21
*** fragati__ has quit IRC		06:27
*** trungnv has quit IRC		06:38
*** trungnv has joined #openstack-ironic		06:38
*** phuongnh has quit IRC		06:39
*** phuongnh has joined #openstack-ironic		06:40
openstackgerrit	Pavlo Shchelokovskyy proposed openstack/ironic stable/queens: Cap hacking to avoid gate failure https://review.openstack.org/567481	06:43
*** rbartal has joined #openstack-ironic		06:45
*** trungnv has quit IRC		06:49
*** trungnv has joined #openstack-ironic		06:49
*** pcaruana has joined #openstack-ironic		06:51
*** threestrands_ has quit IRC		06:58
*** kiseok7 has quit IRC		07:18
*** tesseract has joined #openstack-ironic		07:24
*** zhangfei has quit IRC		07:24
pas-ha	let's merge this to unblock queens gates ^	07:26
*** trungnv has quit IRC		07:32
*** racedo_ has joined #openstack-ironic		07:32
*** trungnv has joined #openstack-ironic		07:32
*** zhangfei has joined #openstack-ironic		07:37
*** arxcruz is now known as arxcruz\|off		07:46
*** lucas-afk is now known as lucasagomes		07:55
*** livelace has joined #openstack-ironic		07:57
*** mgoddard has joined #openstack-ironic		08:00
*** jaganathan has joined #openstack-ironic		08:02
*** e0ne has joined #openstack-ironic		08:03
*** toabctl has quit IRC		08:04
*** erolg has joined #openstack-ironic		08:06
*** dougsz has joined #openstack-ironic		08:10
*** livelace has quit IRC		08:10
*** jhesketh has joined #openstack-ironic		08:29
*** tiendc has quit IRC		08:31
*** jovial[m] has quit IRC		08:36
*** mkrai has quit IRC		08:36
*** csmart has quit IRC		08:41
*** retr0h has quit IRC		08:41
*** derekh has joined #openstack-ironic		08:45
*** jhesketh has quit IRC		08:47
*** jhesketh has joined #openstack-ironic		09:06
*** johnthetubaguy has quit IRC		09:09
*** johnthetubaguy has joined #openstack-ironic		09:10
*** csmart has joined #openstack-ironic		09:29
openstackgerrit	Ilya Etingof proposed openstack/sushy-tools master: Add system boot mode support https://review.openstack.org/526101	09:39
*** d0ugal_ has quit IRC		09:45
*** d0ugal has joined #openstack-ironic		09:45
*** d0ugal has quit IRC		09:45
*** d0ugal has joined #openstack-ironic		09:45
openstackgerrit	Ilya Etingof proposed openstack/sushy-tools master: Simulator processes return rc on exit https://review.openstack.org/567541	09:47
openstackgerrit	Aija proposed openstack/sushy master: Create mappings for System Indicator LED https://review.openstack.org/485376	10:16
*** mkrai has joined #openstack-ironic		10:23
*** retr0h has joined #openstack-ironic		10:23
*** jovial[m] has joined #openstack-ironic		10:24
openstackgerrit	Ilya Etingof proposed openstack/sushy-tools master: Add an option to bind simulators to a local interface https://review.openstack.org/567549	10:28
phuongnh	hi mgoddard	10:32
phuongnh	I just want to create a custom traits for node so I have looked in the test code and decided to use this code:	10:32
phuongnh	https://github.com/openstack/ironic/blob/master/ironic/tests/unit/api/controllers/v1/test_node.py#L542	10:32
phuongnh	mgoddard, and I changed to:	10:32
phuongnh	objects.TraitList.create(task.context, node.id, ['CUSTOM_1'])	10:32
phuongnh	and insert in this line:	10:32
phuongnh	https://github.com/openstack/ironic/blob/master/ironic/drivers/modules/irmc/inspect.py#L245	10:32
phuongnh	just before node.save()	10:32
phuongnh	but this line of code does not work, ['CUSTOM_1'] is not found in node info. What should I do?	10:32
openstackgerrit	Ilya Etingof proposed openstack/sushy-tools master: OpenStack cloud driver added https://review.openstack.org/523879	10:34
openstackgerrit	Ilya Etingof proposed openstack/sushy-tools master: Add system boot mode support https://review.openstack.org/526101	10:36
*** milan has joined #openstack-ironic		10:42
mgoddard	hi phuongnh. Where are you expecting the traits to be seen?	10:49
mgoddard	openstack baremetal node list?	10:49
mgoddard	they should be shown in openstack baremetal node show <node>, if you use a sufficient api version	10:50
phuongnh	oh, thanks	10:51
phuongnh	I used ironic node-show <node>	10:51
phuongnh	:)	10:51
mgoddard	I think that would also work	10:52
mgoddard	but you need to use a sufficient version	10:53
mgoddard	1.37	10:53
phuongnh	:) I see	10:54
*** rh-jelabarre has joined #openstack-ironic		10:56
*** MattMan has quit IRC		11:04
*** MattMan has joined #openstack-ironic		11:04
*** zhangfei has quit IRC		11:05
*** lucasagomes is now known as lucas-hungry		11:09
*** dprince has joined #openstack-ironic		11:16
*** rcernin has quit IRC		11:31
TheJulia	good morning everyone	11:42
*** bfournie has quit IRC		11:44
*** bfournie has joined #openstack-ironic		11:44
openstackgerrit	Julia Kreger proposed openstack/python-ironic-inspector-client stable/queens: Gate fix: Cap hacking to avoid gate failure https://review.openstack.org/567567	11:49
*** bfournie has quit IRC		11:49
openstackgerrit	Julia Kreger proposed openstack/python-ironicclient stable/queens: Gate fix: Cap hacking to avoid gate failure https://review.openstack.org/567568	11:49
openstackgerrit	Julia Kreger proposed openstack/ironic-python-agent stable/queens: Gate fix: Cap hacking to avoid gate failure https://review.openstack.org/567569	11:49
openstackgerrit	Julia Kreger proposed openstack/ironic-inspector stable/queens: Gate fix: Cap hacking to avoid gate failure https://review.openstack.org/567570	11:49
phuongnh	good morning TheJulia	11:49
openstackgerrit	Julia Kreger proposed openstack/ironic-lib stable/queens: Gate fix: Cap hacking to avoid gate failure https://review.openstack.org/567571	11:49
phuongnh	TheJulia: I have added a [RFE] in storyboard, please have a look if you have free time :) https://storyboard.openstack.org/#!/story/2001999	11:50
TheJulia	pas-ha: seems rloo is going to have to approve that one today, I'll try to remind her	11:51
TheJulia	what is this free time you speak of? ;)	11:51
TheJulia	phuongnh: I don't understand your rfe. Anything prepended with custom is allowed to be added as a trait	11:52
*** dsneddon has quit IRC		11:53
phuongnh	TheJulia: you mean I do not have to create a [RFE], right?	11:53
TheJulia	no you don't. We have a structural limit of 50 traits to prevent abuse and overloading the scheduler	11:54
phuongnh	thanks, I will remove that RFE :)	11:54
TheJulia	but anything prepended with CUSTOM or that is defined in os-traits is permitted	11:54
phuongnh	I got it, thanks	11:55
*** dsneddon has joined #openstack-ironic		11:56
*** lucas-hungry is now known as lucasagomes		11:56
jroll	morning ironic	11:56
jroll	ooooo this is a fun one	11:58
jroll	https://bugs.launchpad.net/nova/+bug/1769817	11:58
openstack	Launchpad bug 1769817 in OpenStack Compute (nova) "Ironic serial console doesn't get disabled when instance is deleted" [Undecided,Confirmed]	11:58
jroll	it appears we don't tear the console down ironic-side during tear-down either: https://github.com/openstack/ironic/blob/master/ironic/conductor/manager.py#L893	11:58
jroll	also makes a fun process question: if we want a fix in nova and ironic, do we just duplicate the bug in storyboard?	12:00
sambetts\|afk	I belive thats what would have happened to existing bugs that had mulitple projects including ironic associated with them	12:01
*** sambetts\|afk is now known as sambetts		12:02
* jroll files https://storyboard.openstack.org/#!/story/2002000		12:02
jroll	oooo I got a good number	12:02
sambetts	:-P	12:02
TheJulia	nice!	12:05
* TheJulia goes and finds quiet place to work on slide decks		12:07
*** phuongnh has quit IRC		12:10
*** rbudden has joined #openstack-ironic		12:13
*** trown\|outtypewww is now known as trown		12:15
jroll	fix inbound now	12:15
openstackgerrit	Jim Rollenhagen proposed openstack/ironic master: Tear down console during unprovisioning https://review.openstack.org/567577	12:16
jroll	will need to backport that all the way to ocata	12:16
jroll	blah, I always forget I don't have stable privs: https://review.openstack.org/#/c/567481/	12:16
patchbot	patch 567481 - ironic (stable/queens) - Cap hacking to avoid gate failure	12:16
*** bfournie has joined #openstack-ironic		12:21
*** AlexeyAbashkin has joined #openstack-ironic		12:28
*** AlexeyAbashkin has quit IRC		12:37
TheJulia	jroll: I need to send a few emails this week... I'll try to remember that as well	12:44
*** jiapei has joined #openstack-ironic		12:44
jroll	TheJulia: thanks :)	12:44
*** AlexeyAbashkin has joined #openstack-ironic		12:47
*** AlexeyAbashkin has quit IRC		12:48
*** v12aml has quit IRC		12:50
openstackgerrit	Ilya Etingof proposed openstack/sushy-tools master: Add system boot mode support https://review.openstack.org/526101	12:53
*** rloo has joined #openstack-ironic		12:55
*** hshiina is now known as hshiina\|afk		12:58
openstackgerrit	Merged openstack/ironic master: Fix W504 errors https://review.openstack.org/567009	12:59
*** jcoufal has joined #openstack-ironic		13:01
*** mjturek has joined #openstack-ironic		13:03
*** pcaruana\|afk\| has joined #openstack-ironic		13:03
*** NotPcaruana has joined #openstack-ironic		13:04
*** gyankum has quit IRC		13:05
*** gyan_ has quit IRC		13:05
*** Goneri has joined #openstack-ironic		13:06
openstackgerrit	Sam Betts proposed openstack/ironic master: [WIP] Direct deploy serve HTTP images from conductor https://review.openstack.org/565474	13:08
*** v12aml has joined #openstack-ironic		13:14
TheJulia	oh joy, newer coreos takes a while to boot	13:21
TheJulia	ipa starting around 550 seconds in	13:21
sambetts	\o/	13:23
sambetts	le sigh... centos7 seems to have python package conflicts breaking our CI :( http://192.133.156.18/74/565474/7/check/ironic-dsvm-tempest-ironic-cimc-current-centos-7-cimc/795f310/logs/devstacklog.txt.gz#_2018-05-10_13_18_05_580	13:25
TheJulia	I'm thinking we need to all go on a long cruise and ignore computers for a week or three.	13:26
sambetts	I agree...	13:27
*** jistr is now known as jistr\|mtg		13:32
*** v12aml has quit IRC		13:32
*** NotPcaruana has quit IRC		13:34
*** pcaruana\|afk\| has quit IRC		13:34
*** cjloader has joined #openstack-ironic		13:38
openstackgerrit	Merged openstack/ironic master: Fix E305 Errors https://review.openstack.org/567025	13:40
*** v12aml has joined #openstack-ironic		13:46
*** links has quit IRC		13:46
*** dmellado has joined #openstack-ironic		13:47
*** rbartal_ has joined #openstack-ironic		13:48
*** rbartal has quit IRC		13:50
*** r-daneel has joined #openstack-ironic		14:08
openstackgerrit	Merged openstack/ironic master: Fix W605 Errors https://review.openstack.org/567026	14:12
openstackgerrit	Merged openstack/ironic master: Silence F405 errors https://review.openstack.org/567027	14:12
*** cjloader has quit IRC		14:13
*** cjloader has joined #openstack-ironic		14:13
jroll	rloo: since you weren't here at the time, this is a nasty one that needs reviews: https://review.openstack.org/567577	14:14
patchbot	patch 567577 - ironic - Tear down console during unprovisioning	14:14
rloo	jroll: OH. ok, will wait for tests to pass first.	14:15
jroll	they're still running? :\|	14:15
rloo	jroll: all i see is red but that's 3rd party	14:16
* jroll should probably note the test update in commit message too		14:16
jroll	right	14:16
*** jistr\|mtg is now known as jistr		14:17
jroll	ugh, now I'm reading where else we stop the console, why do I need to check myself if it's running	14:17
jroll	and handle notifications and such	14:17
jroll	we suck at driver interfaces	14:18
jroll	never mind, that patch isn't ready :(	14:18
rloo	jroll: ok, off my list now :)	14:19
*** baha has joined #openstack-ironic		14:21
*** rajinir has joined #openstack-ironic		14:23
*** rbartal_ has quit IRC		14:33
openstackgerrit	Jim Rollenhagen proposed openstack/ironic master: Tear down console during unprovisioning https://review.openstack.org/567577	14:35
openstackgerrit	Jim Rollenhagen proposed openstack/ironic master: Tear down console during unprovisioning https://review.openstack.org/567577	14:55
jroll	ok this is much better now	14:55
*** rpioso\|afk is now known as rpioso		14:55
rpioso	Good morning	14:55
TheJulia	good morning rpioso	14:56
rpioso	TheJulia: :)	14:56
*** mgoddard has quit IRC		15:05
openstackgerrit	Merged openstack/ironic master: Gate fix: Cap hacking to avoid gate failure https://review.openstack.org/567099	15:07
openstackgerrit	Merged openstack/ironic stable/queens: Cap hacking to avoid gate failure https://review.openstack.org/567481	15:07
*** e0ne has quit IRC		15:07
*** mgoddard has joined #openstack-ironic		15:09
*** jiapei has quit IRC		15:09
TheJulia	Wow we have many repos	15:11
*** alex_xu has quit IRC		15:24
*** v12aml has quit IRC		15:27
*** v12aml has joined #openstack-ironic		15:29
*** jaganathan has quit IRC		15:30
*** prometheanfire has joined #openstack-ironic		15:34
prometheanfire	so... the rados stuff	15:34
prometheanfire	given swift removing support for that url format, that means that the swift_account_type conf option does nothing and should be removed	15:35
openstackgerrit	Merged openstack/ironic-inspector master: Fix pycodestyle warnings/errors now visible with hacking 1.1.0 https://review.openstack.org/567066	15:35
openstackgerrit	Merged openstack/ironic master: Follow up to inspect wait implementation https://review.openstack.org/566948	15:35
openstackgerrit	Merged openstack/ironic master: BIOS Settings: Add BIOSInterface https://review.openstack.org/507793	15:36
*** v12aml has quit IRC		15:36
*** srart has quit IRC		15:37
*** srart has joined #openstack-ironic		15:38
*** v12aml has joined #openstack-ironic		15:40
*** bdodd has quit IRC		15:44
*** pcaruana has quit IRC		15:52
jroll	prometheanfire: cool with me - I wonder if this makes it a multi-cycle thing to deprecate it though :(	15:53
TheJulia	given how long it has been broken, I kind of see the deprecation policy as not really working in this case	15:54
jroll	has it been broken long? I thought this just released	15:55
TheJulia	I thought it required ocata client code to still work	15:56
TheJulia	unless there was just no need for the client to be updated for cycles and the breaking change landed this cycle.	15:56
TheJulia	I'll have to actually look deeper, I glanced at it yesterday and got pulled onto something else a few times :(	15:57
jroll	oh, it was made in ocata	15:57
jroll	kill it with fire	15:57
* TheJulia makes mental note to try and discuss it with some folks internally tomorrow		15:57
clarkb	I'm not caught up on email, I take it TheJulia's ask that the client not care so much went nowhere?	16:02
prometheanfire	jroll: ya, that's my worry (multi-cycle stuff)	16:02
TheJulia	As of this morning, I didn't see any reply	16:02
prometheanfire	it requires newton swiftclient to work	16:02
TheJulia	but I've not looked back since I'm in prep mode for summit/forum	16:02
prometheanfire	ocata is where the break occured	16:03
jroll	it's about ceph trying to emulate swift features, I've got no problem with the client staying as-is given ceph can support it	16:03
prometheanfire	ya, no need to use a new client, that'd be more of a pain	16:04
*** racedo_ has quit IRC		16:05
*** racedo_ has joined #openstack-ironic		16:05
*** racedo_ has quit IRC		16:05
* TheJulia sighs		16:05
*** racedo_ has joined #openstack-ironic		16:06
*** racedo_ has quit IRC		16:06
*** racedo_ has joined #openstack-ironic		16:07
prometheanfire	new client meanting not-swiftclient	16:07
*** racedo_ has quit IRC		16:07
*** racedo_ has joined #openstack-ironic		16:07
clarkb	I think the ask was to update swiftclient to accomodate less strict urls	16:08
*** racedo_ has quit IRC		16:08
prometheanfire	it was	16:08
prometheanfire	and they (notmyname) said no	16:08
clarkb	ah ok that is what I was behind on	16:09
prometheanfire	swift cares about swift only	16:09
TheJulia	$WORDS	16:09
prometheanfire	:D	16:10
clarkb	TheJulia: summit prep probably a good idea :P /me wanders off to do some of that too	16:10
TheJulia	It is far from ideal that is their stance since it ultimately harms the overall community, but if they wish to play the game of lock-in... there is not really much we can do.	16:10
prometheanfire	I expect this to fail spectacularly	16:10
openstackgerrit	Matthew Thode proposed openstack/ironic master: Remove endpoint_type from configuration https://review.openstack.org/567628	16:10
prometheanfire	but that's all the refrences I think that needed to be updated	16:11
TheJulia	I guess there is a fifth option... Someone go about the path of decoupling ceph from swift in ironic, and we take a whole other route, but that is a longer term thing that maybe is worth doing after the initial tearout	16:11
prometheanfire	TheJulia: ya, that was my view too, it's a valid opinion, but coming from swiftstack, sounds like lockin too	16:11
NobodyCam	Good Morning Ironic'ers	16:13
*** gyee has joined #openstack-ironic		16:13
TheJulia	prometheanfire: I guess in my mind, it feels like intentional lock-in, and I'm feel like given my perceptions of their focus that even if we pressed and had a CI job for it, we would have had to go down the same route of ripping it out... just sooner :(	16:16
TheJulia	The optics of abrupt feature rip-out are just... bad.	16:17
*** marios has quit IRC		16:17
prometheanfire	agreed	16:21
*** sambetts is now known as sambetts\|afk		16:21
* TheJulia goes back to slide deck because the end of it is in sight		16:21
sambetts\|afk	night all	16:22
openstackgerrit	Pavlo Shchelokovskyy proposed openstack/ironic master: Mark xclarity password as secret https://review.openstack.org/567637	16:22
sambetts\|afk	o/	16:22
TheJulia	goodnight sambetts\|afk	16:22
* TheJulia sighs		16:22
*** baha has quit IRC		16:23
openstackgerrit	Julia Kreger proposed openstack/ironic stable/queens: Mark xclarity password as secret https://review.openstack.org/567639	16:25
*** fragatin_ has joined #openstack-ironic		16:25
*** erolg has quit IRC		16:26
jroll	TheJulia: fwiw we aren't removing the feature, just requiring a config option set on the ceph side	16:30
jroll	and ripping out the config on our side as it is no longer needed	16:31
TheJulia	yeah, I just picked up on that checking the thread	16:31
jroll	:)	16:31
clarkb	jroll: any idea how difficult it is to change that setting on an existing ceph install?	16:33
clarkb	(I have no idea myself)	16:33
jroll	clarkb: not a clue	16:34
*** pcaruana has joined #openstack-ironic		16:36
*** milan has quit IRC		16:36
*** trown is now known as trown\|lunch		16:39
prometheanfire	clarkb: not hard, using ceph-ansible just take the config from the bug and rerun the ceph-deply playbook	16:42
clarkb	prometheanfire: and users don't all have to update their usage of the api?	16:43
clarkb	rpobably not if the old urls are still allowed	16:43
*** pcaruana has quit IRC		16:44
prometheanfire	clarkb: that's a good question, not sure if the old format will continue to work	16:44
*** e0ne has joined #openstack-ironic		16:49
*** dprince has quit IRC		16:50
*** dsneddon_ has joined #openstack-ironic		16:51
*** dsneddon_ has quit IRC		16:53
*** prometheanfire has quit IRC		16:57
*** dsneddon_ has joined #openstack-ironic		16:58
*** prometheanfire has joined #openstack-ironic		16:58
*** dougsz has quit IRC		16:59
*** dsneddon_ has quit IRC		16:59
*** dsneddon_ has joined #openstack-ironic		16:59
*** derekh has quit IRC		17:00
*** lucasagomes is now known as lucas-afk		17:00
*** mgoddard has quit IRC		17:07
*** cjloader has quit IRC		17:09
*** jtomasek has quit IRC		17:10
*** dprince has joined #openstack-ironic		17:16
jroll	ok, zuul is happy with this one: https://review.openstack.org/#/c/567577/	17:18
patchbot	patch 567577 - ironic - Tear down console during unprovisioning	17:18
jroll	TheJulia: bit of a security thing there so we should merge that sooner than later	17:18
TheJulia	jroll: yah :)	17:27
*** jaganathan has joined #openstack-ironic		17:31
*** ianychoi_ has joined #openstack-ironic		17:32
*** ianychoi has quit IRC		17:35
*** baha has joined #openstack-ironic		17:37
*** trown\|lunch is now known as trown		17:37
*** mgoddard has joined #openstack-ironic		17:42
*** rcernin has joined #openstack-ironic		17:52
*** sekharvajjula has joined #openstack-ironic		17:52
*** dsneddon has quit IRC		17:52
*** ChandraS has quit IRC		17:54
*** tesseract-RH has joined #openstack-ironic		18:08
*** tesseract has quit IRC		18:09
*** tesseract-RH has quit IRC		18:11
*** tesseract has joined #openstack-ironic		18:11
*** liuzz_ has joined #openstack-ironic		18:15
*** masuberu has joined #openstack-ironic		18:16
*** liuzz has quit IRC		18:17
*** alineb has quit IRC		18:18
*** mjturek has quit IRC		18:19
*** masber has quit IRC		18:19
openstackgerrit	Matthew Thode proposed openstack/ironic master: Remove endpoint_type from configuration https://review.openstack.org/567628	18:22
*** fragatin_ has quit IRC		18:31
*** mgoddard has quit IRC		18:33
*** e0ne has quit IRC		18:33
*** alineb has joined #openstack-ironic		18:45
*** tesseract has quit IRC		18:49
*** rcernin has quit IRC		18:50
*** fragatina has joined #openstack-ironic		18:54
*** fragatina has quit IRC		18:54
*** fragatina has joined #openstack-ironic		18:55
*** livelace has joined #openstack-ironic		19:01
*** rcernin has joined #openstack-ironic		19:09
*** milan has joined #openstack-ironic		19:14
*** rcernin has quit IRC		19:15
*** jcoufal has quit IRC		19:16
TheJulia	jroll: comment on that patch	19:19
jroll	thanks, gimme a few	19:19
TheJulia	jroll: thanks, my only issue is with the reno to keep down edits... esp since we need to backport it	19:29
*** jaganathan has quit IRC		19:39
*** mjturek has joined #openstack-ironic		19:44
*** hoonetorg has quit IRC		19:46
*** karimull has joined #openstack-ironic		19:49
karimull	hi can get used case scenario on how the exta-spec traits are used in ironic node configuration	19:50
*** prometheanfire has quit IRC		19:52
*** prometheanfire has joined #openstack-ironic		19:53
*** hoonetorg has joined #openstack-ironic		20:00
TheJulia	do you mean traits?	20:01
karimull	yes	20:01
*** dprince has quit IRC		20:01
TheJulia	traits are not used yet, but will eventually be translated, where appropriate, to driver level actions such as setting the boot mode, since a node can support multiple boot modes	20:02
TheJulia	raid is another case where it would be useful	20:02
karimull	ok..	20:02
jroll	they are used for scheduling, I believe	20:02
jroll	so you could set a node with a trait of CUSTOM_HAS_BITCOIN_MINER, and set the same in the flavor, and they'll be matched up	20:03
TheJulia	That as well, but that is not node configuration yet	20:03
karimull	when they say get_traits() in nova does it mean..getting from the remote node or from instance_info/traits file?	20:03
jroll	TheJulia: reading is hard	20:03
TheJulia	jroll: indeed :(	20:03
TheJulia	karimull: instance_info traits data should be the traits that are requested by the user for the instance	20:04
jroll	karimull: the resource tracker calls get_traits() in the ironic driver, to find which traits are set on the node	20:04
*** prometheanfire has quit IRC		20:04
jroll	during deploy, the ironic driver puts the traits from the flavor into instance_info/traits for the node	20:05
*** milan has quit IRC		20:05
karimull	deploy means..during ironic node enrollment is that correct?	20:06
TheJulia	no	20:06
karimull	nova boot?	20:06
*** prometheanfire has joined #openstack-ironic		20:06
TheJulia	enrollment is when someone adds a baremetal node to ironic, deploy equates to nova boot	20:06
karimull	even during enrollment we should be able to pass traits right?..	20:07
karimull	in future once implemented how do we know that particular bare metal server has that traits that user has requested?	20:08
jroll	the traits which an operator defines on a node go in node.traits, and can be added at enrollment	20:09
jroll	the traits which a user has requested go in instance_info/traits	20:09
karimull	for example if I have SGX enabled functionality on a baremetal server.. and how does the placement api compares with user requested CUSTOM_SGX traits with real configuration	20:10
jroll	20:03:36 jroll \| so you could set a node with a trait of CUSTOM_HAS_BITCOIN_MINER, and set the same in the flavor, and they'll be matched up	20:11
karimull	ok..so the operator has to make sure that particular node has this traits on the BMS	20:11
jroll	yes	20:11
karimull	and nova / placement-api will compare instance_info/traits with node.traits to filter out the nodes	20:14
jroll	it will compare the traits in flavor extra_specs with node.traits to find a node. then while booting the instance on that node, it will put the traits from the flavor extra_specs in node.instance_info/traits	20:15
karimull	got it..	20:15
karimull	I wanted to add a ironic node with trusted_boot traits ..but a node is considered trusted_boot only after user image is up and attestation is done..	20:17
karimull	in this case as an operator how can indicate this particular node is trusted?	20:17
TheJulia	so that gets to be a bit complex	20:17
jroll	that attestation process is done outside of ironic, right?	20:18
karimull	yes	20:18
TheJulia	The trusted_boot concept is signed kernel, any attestation is completely outside of ironic, and we never know about it	20:18
karimull	but they is client running on irnoc	20:18
jroll	so when that is complete, you can add the trait to the node	20:18
jroll	before making it available to nova	20:18
TheJulia	problem is...	20:18
TheJulia	attestation is from the OS running	20:18
karimull	like do an update ..yes that would do	20:18
TheJulia	after deployment	20:19
jroll	yes, `openstack baremetal node add trait CUSTOM_TRUSTED_BOOT` or so	20:19
jroll	TheJulia: I think s/attestation/measurement/	20:19
karimull	cool..thanks..	20:20
TheJulia	well both are post-deployment things. measurement would be the launch environmment enforcing the policy. attesttion is stating to the attestation server what the measurement is	20:20
jroll	er, you're right	20:21
karimull	yes both are post deployment after tboot procedure	20:21
jroll	I guess I assumed it was being boot once manually for attestation	20:21
TheJulia	all that ironic can help with advertisment wise to nova for scheduling... is the capacity to support	20:21
jroll	and then it was good to go to be re-deployed	20:21
TheJulia	and	20:21
TheJulia	the fact that the TPM is owned by an attestation server	20:21
TheJulia	but that last part would have to be operator interaction with the hardware depending on attestation solution used/desired	20:22
TheJulia	so the tpm ownership can, at least with OpenCIT cross deployments so it is a do it once action	20:22
karimull	yes ... once we make sure attestation is done..operator intervention is required	20:23
TheJulia	I believe the same is true with keylime, but i'm not 100% sure	20:23
jroll	how we're planning on doing secure boot things is to do all the attestation stuff before we install the server at it's site	20:23
jroll	so I guess I assumed that's what was happening	20:23
karimull	in secure boot does the signature validation is done after deployment?	20:24
TheJulia	so the UEFI ramdisk _should_ be able to verify the signatures on the bootloader/boot loader elements	20:25
TheJulia	after that, measurement validations can take place with a policy, but tboot is needed or... something else to also tie into the boot loader	20:26
TheJulia	to enable further measurment/validation where required	20:26
* TheJulia is kind of glad we're having this discussion		20:26
* jroll is just getting confused		20:27
TheJulia	jroll: it is a confusing topic	20:27
* TheJulia suspects whiskey would improve it		20:28
jroll	TheJulia: oh I know, it's been on my mind this week	20:28
karimull	we are planning to resolve an issue where user wants to tag a node with trusted_boot .before deployment of user image..like in initial phase of initramfs	20:29
TheJulia	karimull: what would that entail from your perspective?	20:30
karimull	we are investigating ..if this possible..because to compare the whitelist with measure values we have to do our side the node..and we don't know ..like it can be done	20:31
karimull	out*	20:32
TheJulia	so if a user were to submit a measurement policy in with the image to be deployed, or possibly even into nova, I think it might be feasible to automate that	20:32
TheJulia	we historically have resisted any attempts to edit the user supplied image, but that needs to be house in with something like the tboot extension for grub	20:32
TheJulia	but checking existing values for the hardware seems feasible, we've discussed adding a security_interface concept	20:33
karimull	measurement policy with image in the sense like image meta data?	20:34
karimull	that seems to be good idea	20:34
TheJulia	Well, I'm not entirely sure that is feasible because the measurement policy is an in-filesystem element ultimately and can have measurements for libraries and binaries inside the system	20:35
TheJulia	The system can't attest if it cant read the policy, but it could be stored in configuration drive data and the booting OS could put it in place. The booting guest will then still need to reboot I believe	20:36
karimull	hmm..need to look into openCIT on how they are doing this comparison. From my understanding they get required PCR values and compare against the measure value	20:36
TheJulia	karimull: they use tboot + an agent you have to install post deployment	20:37
*** jaganathan has joined #openstack-ironic		20:37
karimull	ok..	20:37
TheJulia	I've been thinking the agent can be installed, but I don't think I've found the agent source out there	20:37
TheJulia	I also haven't looked too hard	20:38
TheJulia	I spoke with keylime folks, and they have a different approach, I just ton't remember all of the details. They are also only TPM1.1 on x86, not TPM2 and x86_64	20:38
karimull	we have to get the source and compile it ourselfs..thatz what I figured it out	20:38
TheJulia	karimull: you might be figuring out why I've not written a security interface specification for ironic yet :)	20:39
karimull	that would really help us	20:39
karimull	admin123	20:40
TheJulia	if we could understand your usecases/workflows, that would help us understand logical hook points	20:40
TheJulia	at least, what you can share into the public universe that makes sense in your case	20:40
karimull	ok..i'm also in inital phase of understanding the used case...but mean while wanted to know how traits in Ironic works..so landed here...we start posting my developmets from now onwars.	20:41
karimull	thanks for the info ....will comeback with more updates and questions...	20:42
TheJulia	karimull: your welcome to bring it up and discuss it with us during our weekly meeting, there are a number of other intereted individuals	20:42
openstackgerrit	Julia Kreger proposed openstack/ironic-python-agent master: Fix gate and bump CoreOS version to latest stable. https://review.openstack.org/566094	20:43
TheJulia	jroll: bumped the core count ^^^ since it really helps CoreOS fire up faster inside a VM	20:43
karimull	sure will be there in next meeting..	20:43
jroll	TheJulia: cool, were those failures timeouts on the last one?	20:44
TheJulia	jroll: best as I can tell... it took 550+ seconds before it would have even gotten to starting to fire up IPA	20:44
jroll	TheJulia: oof, you were so close, see my comment	20:44
TheJulia	oof?	20:45
jroll	like, oof, I fell	20:45
openstackgerrit	Julia Kreger proposed openstack/ironic-python-agent master: Fix gate and bump CoreOS version to latest stable. https://review.openstack.org/566094	20:45
jroll	a word not an acronym :)	20:45
jroll	+2, thanks!	20:45
TheJulia	jroll: lol	20:45
jroll	:P	20:45
openstackgerrit	Merged openstack/virtualbmc master: Revert "Add Serial-over-LAN (SOL) support" https://review.openstack.org/566646	20:46
openstackgerrit	Merged openstack/virtualbmc master: Unrevert usage example inconsistency fix in docs https://review.openstack.org/567186	20:47
openstackgerrit	Jim Rollenhagen proposed openstack/ironic master: Tear down console during unprovisioning https://review.openstack.org/567577	20:54
jroll	TheJulia: rloo: this is ready for y'all again ^	20:54
rloo	jroll: ok	20:54
*** trown is now known as trown\|outtypewww		20:58
*** Goneri has quit IRC		21:01
*** baha has quit IRC		21:10
*** hemna_ has quit IRC		21:18
openstackgerrit	Will Szumski proposed openstack/ironic-python-agent master: Try empty password for ata security-unlock in GenericHardwareManager https://review.openstack.org/557755	21:29
*** livelace has quit IRC		21:58
*** bfournie has quit IRC		22:05
openstackgerrit	Will Szumski proposed openstack/ironic-python-agent master: Try empty password for ata security-unlock in GenericHardwareManager https://review.openstack.org/557755	22:05
*** hemna_ has joined #openstack-ironic		22:10
*** rbudden has quit IRC		22:28
*** jaypipes_ has joined #openstack-ironic		22:42
*** jaypipes has quit IRC		22:42
*** vdrok has quit IRC		22:42
*** vdrok has joined #openstack-ironic		22:43
*** jaypipes__ has joined #openstack-ironic		22:48
*** jaypipes_ has quit IRC		22:49
*** bfournie has joined #openstack-ironic		22:50
openstackgerrit	Julia Kreger proposed openstack/ironic-python-agent master: Fix gate and bump CoreOS version to latest stable. https://review.openstack.org/566094	22:50
*** jaganathan has quit IRC		23:04
*** rloo has quit IRC		23:14
*** srart has quit IRC		23:32
*** liuzz has joined #openstack-ironic		23:40
*** liuzz_ has quit IRC		23:40
*** rajinir has quit IRC		23:43
*** srart has joined #openstack-ironic		23:53
*** rpioso is now known as rpioso\|afk		23:59

Generated by irclog2html.py 2.15.3 by Marius Gedminas - find it at mg.pov.lt!