| *** yolanda has quit IRC | 00:06 | |
| *** yolanda has joined #openstack-ironic | 00:09 | |
| *** dtruong has quit IRC | 00:12 | |
| *** dtruong has joined #openstack-ironic | 00:12 | |
| *** k_mouza has joined #openstack-ironic | 00:17 | |
| *** k_mouza has quit IRC | 00:22 | |
| *** threestrands has joined #openstack-ironic | 00:50 | |
| *** billp_ has quit IRC | 00:53 | |
| *** jdandrea has quit IRC | 00:57 | |
| *** TxGirlGeek has quit IRC | 01:06 | |
| *** igordc has quit IRC | 01:23 | |
| *** Lucas_Gray has quit IRC | 01:26 | |
| *** tzumainn has quit IRC | 01:52 | |
| *** gyee has quit IRC | 01:55 | |
| *** hamzy has quit IRC | 01:56 | |
| *** hamzy has joined #openstack-ironic | 01:56 | |
| *** jrist has quit IRC | 01:57 | |
| *** zzzeek has quit IRC | 02:03 | |
| *** TxGirlGeek has joined #openstack-ironic | 02:04 | |
| *** rnoriega_ has joined #openstack-ironic | 02:05 | |
| *** zzzeek has joined #openstack-ironic | 02:08 | |
| *** zul has quit IRC | 02:12 | |
| *** rloo has quit IRC | 02:24 | |
| *** jrist has joined #openstack-ironic | 02:40 | |
| *** TxGirlGeek has quit IRC | 03:50 | |
| *** goldyfruit_ has quit IRC | 04:04 | |
| *** k_mouza has joined #openstack-ironic | 04:18 | |
| *** jdandrea has joined #openstack-ironic | 04:18 | |
| *** k_mouza has quit IRC | 04:22 | |
| *** mbeierl has quit IRC | 04:24 | |
| *** mbeierl has joined #openstack-ironic | 04:24 | |
| *** jdandrea has quit IRC | 04:41 | |
| *** TxGirlGeek has joined #openstack-ironic | 04:51 | |
| openstackgerrit | Julia Kreger proposed openstack/ironic-python-agent master: Skip read-only devices https://review.opendev.org/704725 | 04:55 |
|---|---|---|
| TheJulia | dtantsur|afk: rpittau|afk fyi^^^ | 04:55 |
| *** TxGirlGeek has quit IRC | 05:12 | |
| *** TxGirlGeek has joined #openstack-ironic | 05:12 | |
| *** TxGirlGeek has quit IRC | 05:17 | |
| *** HagunKim has quit IRC | 05:32 | |
| *** hwoarang has quit IRC | 05:48 | |
| *** hwoarang has joined #openstack-ironic | 05:48 | |
| *** mmethot_ has joined #openstack-ironic | 06:17 | |
| *** k_mouza has joined #openstack-ironic | 06:18 | |
| *** mmethot has quit IRC | 06:20 | |
| *** k_mouza has quit IRC | 06:23 | |
| *** dsneddon has quit IRC | 06:45 | |
| *** dsneddon has joined #openstack-ironic | 06:45 | |
| arne_wiebalck | Good morning, ironic! | 07:25 |
| *** dtantsur|afk is now known as dtantsur | 07:54 | |
| dtantsur | morning ironic | 07:54 |
| *** tesseract has joined #openstack-ironic | 08:03 | |
| *** rpittau|afk is now known as rpittau | 08:08 | |
| rpittau | good morning ironic! o/ | 08:08 |
| *** jtomasek has joined #openstack-ironic | 08:12 | |
| *** rcernin has quit IRC | 08:20 | |
| *** belmoreira has joined #openstack-ironic | 08:57 | |
| *** amoralej|off is now known as amoralej | 08:58 | |
| *** mbeierl1 has joined #openstack-ironic | 09:04 | |
| *** mbeierl has quit IRC | 09:04 | |
| *** mbeierl1 is now known as mbeierl | 09:04 | |
| *** dougsz has joined #openstack-ironic | 09:14 | |
| *** lucasagomes has joined #openstack-ironic | 09:16 | |
| *** iurygregory has joined #openstack-ironic | 09:40 | |
| iurygregory | good morning o/ | 09:41 |
| *** alexmcleod has joined #openstack-ironic | 09:47 | |
| *** threestrands has quit IRC | 09:47 | |
| rpittau | hey iurygregory :) | 09:50 |
| iurygregory | rpittau, o/ | 09:51 |
| openstackgerrit | Mark Goddard proposed openstack/tenks master: DNM: Test libvirt-host role ansible_python https://review.opendev.org/704766 | 10:06 |
| *** derekh has joined #openstack-ironic | 10:13 | |
| *** lifeless has quit IRC | 10:19 | |
| openstackgerrit | Mark Goddard proposed openstack/tenks master: WIP: CentOS 8 support https://review.opendev.org/695881 | 10:27 |
| openstackgerrit | Mark Goddard proposed openstack/tenks master: DNM: Test libvirt-host role ansible_python https://review.opendev.org/704766 | 10:27 |
| openstackgerrit | Mark Goddard proposed openstack/tenks master: WIP: CentOS 8 support https://review.opendev.org/695881 | 10:43 |
| openstackgerrit | Mark Goddard proposed openstack/tenks master: DNM: Test libvirt-host role ansible_python https://review.opendev.org/704766 | 10:43 |
| openstackgerrit | Georgy Karataev proposed openstack/bifrost master: (WIP) Fix the pre-installation scripts https://review.opendev.org/704776 | 10:51 |
| *** pcaruana has quit IRC | 10:57 | |
| *** priteau has joined #openstack-ironic | 10:59 | |
| openstackgerrit | Riccardo Pittau proposed openstack/ironic master: Fix typo in setup-network.sh script https://review.opendev.org/704777 | 11:05 |
| *** Lucas_Gray has joined #openstack-ironic | 11:16 | |
| *** pcaruana has joined #openstack-ironic | 11:40 | |
| *** rpittau is now known as rpittau|bbl | 11:53 | |
| *** ociuhandu has joined #openstack-ironic | 11:58 | |
| openstackgerrit | Georgy Karataev proposed openstack/bifrost master: (WIP) Fix the pre-installation scripts https://review.opendev.org/704776 | 12:02 |
| *** amoralej is now known as amoralej|lunch | 12:05 | |
| *** ociuhandu has quit IRC | 12:31 | |
| *** ociuhandu has joined #openstack-ironic | 12:40 | |
| *** jawad_axd has joined #openstack-ironic | 12:54 | |
| *** Lucas_Gray has quit IRC | 12:59 | |
| *** goldyfruit_ has joined #openstack-ironic | 13:01 | |
| *** amoralej|lunch is now known as amoralej | 13:11 | |
| *** rh-jelabarre has joined #openstack-ironic | 13:12 | |
| *** ociuhandu has quit IRC | 13:17 | |
| *** ociuhandu has joined #openstack-ironic | 13:21 | |
| *** ociuhandu has quit IRC | 13:26 | |
| dtantsur | TheJulia, rpittau|bbl, please check https://review.opendev.org/#/c/704598/ | 13:30 |
| patchbot | patch 704598 - bifrost - Check out global requirements when creating test VMs - 3 patch sets | 13:30 |
| dtantsur | it may be blocking people | 13:30 |
| *** rpittau|bbl is now known as rpittau | 13:30 | |
| *** khansa has joined #openstack-ironic | 13:36 | |
| *** rloo has joined #openstack-ironic | 13:36 | |
| openstackgerrit | Mark Goddard proposed openstack/tenks master: WIP: CentOS 8 support https://review.opendev.org/695881 | 13:46 |
| openstackgerrit | Mark Goddard proposed openstack/tenks master: DNM: Test libvirt-host role ansible_python https://review.opendev.org/704766 | 13:46 |
| *** bobmel has joined #openstack-ironic | 13:46 | |
| *** jdandrea has joined #openstack-ironic | 13:46 | |
| *** Lucas_Gray has joined #openstack-ironic | 13:49 | |
| *** bobmel has quit IRC | 13:51 | |
| *** strigazi has quit IRC | 13:56 | |
| *** ociuhandu has joined #openstack-ironic | 14:00 | |
| *** strigazi has joined #openstack-ironic | 14:02 | |
| *** khansa has quit IRC | 14:03 | |
| openstackgerrit | Mark Goddard proposed openstack/tenks master: WIP: CentOS 8 support https://review.opendev.org/695881 | 14:08 |
| openstackgerrit | Mark Goddard proposed openstack/tenks master: DNM: Test libvirt-host role ansible_python https://review.opendev.org/704766 | 14:08 |
| *** Lucas_Gray has quit IRC | 14:14 | |
| rpioso | Good morning | 14:15 |
| TheJulia | dtantsur: done | 14:22 |
| dtantsur | thx | 14:22 |
| dtantsur | and good morning TheJulia | 14:22 |
| *** zzzeek has quit IRC | 14:22 | |
| *** zzzeek has joined #openstack-ironic | 14:23 | |
| *** gkaratae has joined #openstack-ironic | 14:30 | |
| gkaratae | hi, afaik centos 7 won't be supported in Ussuri, but can I ask why and what is prevents from it? :-) | 14:30 |
| openstackgerrit | Julia Kreger proposed openstack/ironic-python-agent master: Skip read-only devices https://review.opendev.org/704725 | 14:32 |
| TheJulia | gkaratae: python versions 3.6 through 3.8 are what is being tested.... where as the latest version of python for centos that was available is python 3.4. Realistically, Centos also defaults around python2, which many of the libraries and code paths that worked around py2/py3 differences have been removed meaning the code will no longer fire up on python2. | 14:37 |
| dtantsur | gkaratae: as Julia said, a lot of additional work for unclear benefit. Train is just as good for most cases. | 14:38 |
| *** jawad_axd has quit IRC | 14:39 | |
| *** jawad_axd has joined #openstack-ironic | 14:39 | |
| openstackgerrit | Merged openstack/bifrost master: Check out global requirements when creating test VMs https://review.opendev.org/704598 | 14:43 |
| *** jawad_ax_ has joined #openstack-ironic | 14:43 | |
| *** khansa has joined #openstack-ironic | 14:44 | |
| openstackgerrit | Dmitry Tantsur proposed openstack/bifrost stable/train: Check out global requirements when creating test VMs https://review.opendev.org/704822 | 14:44 |
| *** jawad_axd has quit IRC | 14:45 | |
| openstackgerrit | Dmitry Tantsur proposed openstack/bifrost stable/stein: Check out global requirements when creating test VMs https://review.opendev.org/704823 | 14:45 |
| *** jawad_ax_ has quit IRC | 14:48 | |
| *** priteau has quit IRC | 14:50 | |
| *** priteau has joined #openstack-ironic | 14:51 | |
| openstackgerrit | Mark Goddard proposed openstack/tenks master: DNM: Test libvirt-host role ansible_python https://review.opendev.org/704766 | 14:51 |
| gkaratae | TheJulia: thanks, so therefore the same applies for rhel 7x distributions if I understand right? | 14:54 |
| dtantsur | gkaratae: precisely | 14:55 |
| dtantsur | gkaratae: in your specific case, starting a new project on git master may not be a wise thing to do. | 14:55 |
| dtantsur | I'd go with stable/train and backport fixes for all issues you may encounter | 14:55 |
| dtantsur | master is VERY much in flux at this point | 14:55 |
| *** priteau has quit IRC | 14:56 | |
| openstackgerrit | Riccardo Pittau proposed openstack/ironic-python-agent-builder master: [DNM] testing centos8 job https://review.opendev.org/704826 | 14:58 |
| gkaratae | yep, I already tried train, but in my case python3 is need in the future production, so train branch will not make much sense | 14:58 |
| rpittau | even without considering the potential bug with libvirt in centos8.... | 14:58 |
| TheJulia | gkaratae: do you somehow percieve train not working iwth python3? | 15:00 |
| TheJulia | oh, for bifrost... yeah | 15:00 |
| * TheJulia makes a sad face | 15:01 | |
| *** priteau has joined #openstack-ironic | 15:07 | |
| dtantsur | gkaratae: if you need python 3, why talk about RHEL 7? it has only limited support there. | 15:09 |
| *** gkaratae has quit IRC | 15:14 | |
| openstackgerrit | Mark Goddard proposed openstack/tenks master: DNM: Test libvirt-host role ansible_python https://review.opendev.org/704766 | 15:17 |
| rpittau | dtantsur: sorry for change of context, maybe you're aware already, but I'm afraid the centos8 job in ipa-B is broken :/ | 15:18 |
| dtantsur | well, wonderful | 15:18 |
| dtantsur | no, I'm not aware. do you have any ideas? | 15:18 |
| rpittau | dtantsur: https://654d83e20ff6115f815e-89f45418e048e284a0aa8c1a9bb175a2.ssl.cf1.rackcdn.com/704826/1/check/ironic-python-agent-check-image-dib-centos8/c27dde8/job-output.txt | 15:19 |
| rpittau | UnicodeEncodeError: 'ascii' codec can't encode characters in position 72-74: ordinal not in range(128) | 15:19 |
| rpittau | seems some python package screwed up | 15:19 |
| *** khansa has quit IRC | 15:19 | |
| rpittau | I was not able to reproduce locally though | 15:20 |
| dtantsur | rpittau: could you bring it to #openstack-dib? | 15:20 |
| dtantsur | I'm a bit overbooked | 15:20 |
| rpittau | of course, just wanted to check it with you first | 15:20 |
| *** ociuhandu has quit IRC | 15:24 | |
| rpittau | ok I was able to reprdouce it locally now | 15:43 |
| openstackgerrit | Merged openstack/ironic master: Fix typo in setup-network.sh script https://review.opendev.org/704777 | 15:45 |
| *** cdearborn has joined #openstack-ironic | 15:47 | |
| *** gkaratae has joined #openstack-ironic | 15:47 | |
| gkaratae | dtantsur: rhel7 is one of our requirements (machines will run on it and switching to 8 is not planned yet) | 15:47 |
| dtantsur | gkaratae: then I guess stick with python 2 which will be supported by RH for a while? | 15:48 |
| gkaratae | dtantsur: yes, you are true, I think I need to discuss this again with colleagues, now I'll play and test with Train, that should be enough for this moment | 15:49 |
| gkaratae | thanks a lot for your reply | 15:50 |
| *** ociuhandu has joined #openstack-ironic | 15:52 | |
| *** billp has joined #openstack-ironic | 16:07 | |
| openstackgerrit | Mark Goddard proposed openstack/tenks master: DNM: Test libvirt-host role ansible_python https://review.opendev.org/704766 | 16:13 |
| *** gyee has joined #openstack-ironic | 16:14 | |
| *** TxGirlGeek has joined #openstack-ironic | 16:25 | |
| TheJulia | rpittau and any other core reviewers: https://review.opendev.org/#/c/704725/ would be greatly appreciated | 16:50 |
| patchbot | patch 704725 - ironic-python-agent - Skip read-only devices - 2 patch sets | 16:50 |
| dtantsur | done | 16:58 |
| dtantsur | TheJulia: probably worth backporting | 16:58 |
| TheJulia | Indeed :( | 16:58 |
| TheJulia | I'm _REALLY_ surprised this hsa not been hit before, but I was reading that HP changed the firmware to make it non-optional | 16:58 |
| TheJulia | so people are going to run into it more :( | 16:58 |
| *** ociuhandu has quit IRC | 16:59 | |
| *** bnemec-ooo has quit IRC | 17:00 | |
| *** bobmel has joined #openstack-ironic | 17:02 | |
| JayF | dtantsur: TheJulia: I have a serious concern about the PR, commented on there | 17:06 |
| TheJulia | I do too, tbh | 17:06 |
| JayF | can you un-workflow it? I believe it's likely to introduce a security issue | 17:07 |
| * TheJulia goes back to globally disabling cleaning in another project becuase of it | 17:07 | |
| JayF | TheJulia: tl;dr I'm just worried that failing SSDs will be mounted r/o and show up in that list -- leading them to be excluded silently from cleaning | 17:07 |
| TheJulia | JayF: commented | 17:09 |
| TheJulia | failed SSDs should still be security locked | 17:09 |
| TheJulia | which means they won't even show as devices | 17:09 |
| JayF | if an ssd is security locked, it doesn't do a r/o fallback? | 17:09 |
| JayF | TIL | 17:09 |
| TheJulia | in theory, I mean, I'd have to brick an SSD to know for sure | 17:10 |
| TheJulia | but basically it doesn't show as a funcctional disk at all | 17:10 |
| JayF | for non-security-locked home-use ssds (this knowledge is old and dusty) it went into firmware r/o mode | 17:10 |
| JayF | which triggered linux to label it r/o after enough IO failures | 17:10 |
| JayF | I don't know if that particular proc flag would trigger for it, but that's the source of my concern | 17:10 |
| * TheJulia unworkflows it | 17:11 | |
| JayF | This is my experience from ~10 years ago with gentoo, so very old and dusty | 17:11 |
| * TheJulia goes back to paperwork | 17:11 | |
| JayF | but would have a big impact if that actually happened | 17:11 |
| TheJulia | the case of IO failure is true, an that should be a hard failure | 17:11 |
| TheJulia | I wish there was more information to identify these devices | 17:12 |
| *** lucasagomes has quit IRC | 17:12 | |
| dtantsur | I don't know what to do here. We cannot serious refuse to work in the presence of a read-only device.. | 17:13 |
| dtantsur | especially when the alternative is people disabling cleaning | 17:14 |
| JayF | I don't know what other options there are for that particular HP case, but failing "closed" (i.e. never provisioning a device which wasn't properly cleaned) is better than failing "open" | 17:14 |
| JayF | I wish I knew more about the hardware in question, I feel like there has to be a better indicator | 17:14 |
| dtantsur | TheJulia, JayF, I think we can at least allow metadata cleaning to succeed since it's not secure | 17:14 |
| JayF | or maybe even a hardware manager that changes the behavior if it's the expected HP model, to lower the surface | 17:14 |
| JayF | ^^ probably a bad idea the more I think about it | 17:14 |
| TheJulia | few actually do that because of the overhead and never really for general consumption | 17:15 |
| dtantsur | We may assume that if somebody wants the secure cleaning, they'll find a way to remove "bad" devices | 17:15 |
| JayF | that assumption broke, in production, in onmetal once | 17:15 |
| TheJulia | dtantsur: I concur on metadata... on full scrub I wonder if we should just fail hard | 17:15 |
| JayF | I like that compromise too, tbh | 17:15 |
| dtantsur | TheJulia: I think it's the reasonable first step. Maybe issue a warning first to help with debugging? | 17:16 |
| JayF | or even make it configurable, so someone can take that security risk if they want | 17:16 |
| * TheJulia goes back to paperwork since backports are fun | 17:16 | |
| dtantsur | TheJulia: if you don't have time today, I can update the patch first(ish) thing in the morning | 17:16 |
| etingof | may be the best way of cleaning is dropping encryption key from an encrypted volume...? | 17:16 |
| JayF | Sorry for being the fun police :( | 17:16 |
| etingof | you can't fail open with that | 17:16 |
| dtantsur | etingof: won't help with read-only devices | 17:16 |
| TheJulia | dtantsur: I will have time today because this is the #1 priority atm | 17:17 |
| dtantsur | otherwise we already try ATA secure erase | 17:17 |
| dtantsur | k | 17:17 |
| TheJulia | etingof: that would be entirely unrelated | 17:17 |
| dtantsur | JayF: your comments are as valuable as always! | 17:17 |
| JayF | <3 | 17:17 |
| *** gkaratae has quit IRC | 17:17 | |
| JayF | Now I'm thinking about how to force an SSD firmware to simulate write failures | 17:18 |
| *** bobmel has quit IRC | 17:19 | |
| *** gkaratae has joined #openstack-ironic | 17:19 | |
| *** dtantsur is now known as dtantsur|afk | 17:19 | |
| dtantsur|afk | o/ | 17:19 |
| *** bobmel has joined #openstack-ironic | 17:19 | |
| etingof | so my thinking is that clear text data once written onto a media can become unavailable for removal | 17:22 |
| etingof | due to hardware failure or network disconnect or whatever | 17:22 |
| etingof | so the only way around seems to be not to place clear text data on the media | 17:23 |
| JayF | Here's the case I'm concerned about, this is a real-life example that thankfully didn't end up being a security issue because it was caught in our QE-server-booter: | 17:26 |
| JayF | In the case of a failing SSD (in this case, it was one that was intermittantly working), you can provision a machine to person and when it boots, the data on that SSD is still there because it wasn't cleaned off | 17:26 |
| JayF | you can absolutely have this happen without Ironic noticing, depending on how disks in the device are configured | 17:26 |
| JayF | in our case, we worked around that issue by having custom cleaning steps that asserted exactly the disk config expected (so if one was missing or r/o, we'd cleanfail) | 17:27 |
| JayF | Of course Ironic can't do anything about that failing disk if we can't clean it -- but we can make it fail cleaning with a reasonable error so that the operator knows the device needs human intervention | 17:27 |
| openstackgerrit | Riccardo Pittau proposed openstack/ironic-python-agent-builder master: Use correct command for Python virtualenv https://review.opendev.org/704854 | 17:33 |
| rpittau | good night! o/ | 17:33 |
| *** rpittau is now known as rpittau|afk | 17:33 | |
| *** amoralej is now known as amoralej|off | 17:34 | |
| *** TxGirlGeek has quit IRC | 17:45 | |
| *** dougsz has quit IRC | 17:57 | |
| openstackgerrit | Julia Kreger proposed openstack/ironic-python-agent master: Skip read-only devices with metadata erase https://review.opendev.org/704725 | 18:03 |
| *** derekh has quit IRC | 18:03 | |
| openstackgerrit | Tzu-Mainn Chen proposed openstack/ironic-specs master: Create node lessee field https://review.opendev.org/701061 | 18:08 |
| *** TxGirlGeek has joined #openstack-ironic | 18:09 | |
| *** priteau has quit IRC | 18:33 | |
| * etingof has a feeling that cliff does not really handle "nested" CLI commands | 18:46 | |
| *** benj_ has quit IRC | 18:47 | |
| *** benj_ has joined #openstack-ironic | 18:47 | |
| *** iurygregory has quit IRC | 18:52 | |
| *** tesseract has quit IRC | 18:59 | |
| *** igordc has joined #openstack-ironic | 19:02 | |
| TheJulia | etingof: afaik no | 19:33 |
| openstackgerrit | Julia Kreger proposed openstack/ironic-python-agent master: Skip read-only devices with metadata erase https://review.opendev.org/704725 | 19:41 |
| * etingof wants to do `sushycli system power on` like things | 19:43 | |
| *** gmann is now known as gmann_afk | 19:57 | |
| *** lifeless has joined #openstack-ironic | 20:01 | |
| *** alexmcleod has quit IRC | 20:44 | |
| *** jawad_axd has joined #openstack-ironic | 20:52 | |
| *** jawad_axd has quit IRC | 20:56 | |
| *** Lucas_Gray has joined #openstack-ironic | 21:10 | |
| *** gmann_afk is now known as gmann | 21:17 | |
| *** gkaratae has quit IRC | 21:25 | |
| *** rcernin has joined #openstack-ironic | 21:32 | |
| *** stevebaker_ has quit IRC | 21:35 | |
| *** ociuhandu has joined #openstack-ironic | 22:01 | |
| *** ociuhandu has quit IRC | 22:06 | |
| *** jtomasek has quit IRC | 22:06 | |
| *** k_mouza has joined #openstack-ironic | 22:15 | |
| *** rh-jelabarre has quit IRC | 22:17 | |
| *** k_mouza has quit IRC | 22:19 | |
| *** jdandrea has quit IRC | 22:53 | |
| *** TxGirlGeek has quit IRC | 23:11 | |
| *** cdearborn has quit IRC | 23:17 | |
| *** TxGirlGeek has joined #openstack-ironic | 23:19 | |
| openstackgerrit | Julia Kreger proposed openstack/bifrost master: Disable inspection power-off https://review.opendev.org/704468 | 23:42 |
Generated by irclog2html.py 2.15.3 by Marius Gedminas - find it at mg.pov.lt!