Thursday, 2021-01-28

*** MentalSiege has quit IRC		00:05
stevebaker	TheJulia: +1 on hashing out the details in the code reviews	00:08
TheJulia	does it seem reasonable to take all portgroup tests and s/group// for ports?	00:15
stevebaker	I think so	00:16
TheJulia	okay, just mentally checking	00:17
*** tosky has quit IRC		00:21
TheJulia	stevebaker: in all of your api refactoring work, was there anything that screamed "oh, different access controls apply to /detail ?	00:27
*** k_mouza has joined #openstack-ironic		00:29
*** anuradha1904 has quit IRC		00:33
*** k_mouza has quit IRC		00:33
*** tosin has quit IRC		00:36
*** lifeless has quit IRC		00:55
*** lifeless has joined #openstack-ironic		00:57
*** gudrutis4 has joined #openstack-ironic		01:15
*** gudrutis has quit IRC		01:16
*** gudrutis4 is now known as gudrutis		01:16
*** priteau has quit IRC		01:16
*** sdanni has quit IRC		01:34
openstackgerrit	Julia Kreger proposed openstack/ironic master: WIP: Project scoped tests https://review.opendev.org/c/openstack/ironic/+/772451	01:49
TheJulia	stevebaker: for system endpoints, do you think ^^^ that is enough testing on them. good examples in conductors, drivers, driver passthru	01:50
*** gyee has quit IRC		01:59
*** gudrutis2 has joined #openstack-ironic		02:20
*** irclogbot_0 has quit IRC		02:21
*** portdirect has quit IRC		02:21
*** gudrutis has quit IRC		02:21
*** rloo has quit IRC		02:21
*** paras333_ has quit IRC		02:22
*** gudrutis2 is now known as gudrutis		02:22
*** portdirect has joined #openstack-ironic		02:22
*** irclogbot_2 has joined #openstack-ironic		02:23
stevebaker	TheJulia: no, other than more detail fields means more redacted secrets	02:23
stevebaker	thats... a lot of tests	02:29
*** xinliang has joined #openstack-ironic		02:30
stevebaker	TheJulia: That looks like enough testing	02:33
*** paras333 has joined #openstack-ironic		02:33
*** rcernin has quit IRC		02:34
*** rcernin has joined #openstack-ironic		02:36
*** paras333 has quit IRC		02:38
*** mkrai has joined #openstack-ironic		02:53
*** xinliang has quit IRC		04:13
*** rh-jelabarre has quit IRC		04:34
*** lifeless has quit IRC		04:36
*** lifeless has joined #openstack-ironic		04:38
*** anuradha1904 has joined #openstack-ironic		05:49
*** k_mouza has joined #openstack-ironic		05:57
*** k_mouza has quit IRC		06:02
*** tzumainn has quit IRC		06:11
*** rcernin has quit IRC		06:18
*** rcernin has joined #openstack-ironic		06:22
openstackgerrit	Jacob Anders proposed openstack/ironic-python-agent master: Add support for using NVMe specific cleaning https://review.opendev.org/c/openstack/ironic-python-agent/+/771904	06:32
*** Rahman has joined #openstack-ironic		06:56
*** pmannidi has quit IRC		07:15
*** mkrai has quit IRC		07:15
*** ricolin has joined #openstack-ironic		07:18
arne_wiebalck	Good morning, ironic!	07:35
*** rcernin has quit IRC		07:42
*** akahat\|rover is now known as akahat\|lunch		07:51
*** pmannidi has joined #openstack-ironic		08:05
*** pmannidi has quit IRC		08:10
openstackgerrit	Arun S A G proposed openstack/ironic master: Add anaconda configuration and template https://review.opendev.org/c/openstack/ironic/+/772166	08:11
*** rcernin has joined #openstack-ironic		08:15
*** rpittau\|afk is now known as rpittau		08:27
rpittau	good morning ironic! o/	08:27
rpittau	dtantsur\|afk, TheJulia FYI https://review.opendev.org/c/openstack/requirements/+/772684	08:28
openstackgerrit	Arun S A G proposed openstack/ironic master: Add anaconda configuration and template https://review.opendev.org/c/openstack/ironic/+/772166	08:31
*** mkrai has joined #openstack-ironic		08:41
*** tosky has joined #openstack-ironic		08:45
*** tkajinam has quit IRC		08:58
janders	good morning rpittau! o/	09:11
*** lucasagomes has joined #openstack-ironic		09:11
rpittau	hey janders :)	09:31
*** zaneb has quit IRC		09:32
*** derekh has joined #openstack-ironic		09:38
*** ociuhandu has joined #openstack-ironic		09:40
rpittau	this would be nice to backport even if it's an upgrade https://review.opendev.org/c/openstack/bifrost/+/772572	09:53
*** rcernin has quit IRC		10:24
*** akahat\|lunch is now known as akahat\|rover		10:44
*** k_mouza has joined #openstack-ironic		10:48
*** rcernin has joined #openstack-ironic		10:50
*** dtantsur\|afk is now known as dtantsur		10:55
dtantsur	rpioso: I can only reproduce that with ironic, but let me see if there is something in the logs	10:56
iurygregory	good morning arne_wiebalck rpittau janders dtantsur and Ironic o/	10:58
dtantsur	good morning	10:58
dtantsur	rpioso: nothing in the iDRAC logs.. I suspect we may hit a dead end with this one.	11:00
rpittau	hey iurygregory :)	11:01
rpittau	good morning dtantsur :)	11:01
*** rcernin has quit IRC		11:08
*** ociuhandu has quit IRC		11:09
*** ociuhandu has joined #openstack-ironic		11:09
*** ociuhandu has quit IRC		11:10
*** ociuhandu has joined #openstack-ironic		11:10
*** ociuhandu has quit IRC		11:11
*** ociuhandu has joined #openstack-ironic		11:12
janders	hey iurygregory and dtantsur o/	11:13
*** ociuhandu has quit IRC		11:17
*** mkrai has quit IRC		11:24
*** ociuhandu has joined #openstack-ironic		11:25
openstackgerrit	Merged openstack/ironic-lib stable/victoria: Handle EBRs and tiny partitions when removing metadata https://review.opendev.org/c/openstack/ironic-lib/+/772666	11:29
openstackgerrit	Riccardo Pittau proposed openstack/ironic-inspector master: [DNM] remove pymemcache 3.4.0 from blacklist https://review.opendev.org/c/openstack/ironic-inspector/+/772714	11:40
*** k_mouza has quit IRC		11:48
*** k_mouza_ has joined #openstack-ironic		11:48
janders	newbie question: how do I temporarily override IPA config from tests? I tried using CONF.set_override e.g. CONF.set_override('debug', True) - but all I get is "oslo_config.cfg.NoSuchOptError: no such option debug in group [DEFAULT]". Context: trying to add tests to my nvme cleaning change. Thanks!	11:49
ajya	janders: mock CONF?	11:50
iurygregory	janders, you mean to enable debug for ipa when running in real hardware?	11:56
iurygregory	janders, maybe https://github.com/openstack/ironic-python-agent/blob/3ddca46131fd2dea3536850208b940892706f538/doc/source/admin/troubleshooting.rst#set-ipa-to-debug-logging	11:57
ajya	I was assuming unit tests, there it could be mocked.	11:59
dtantsur	please don't mock CONF, set_override is the correct path	12:26
dtantsur	although debug may be special as it comes from oslo.log	12:28
*** ociuhandu has quit IRC		12:31
*** ociuhandu has joined #openstack-ironic		12:31
*** ociuhandu has quit IRC		12:36
ajya	ugh, then I need to go back to my patches as I hit the same issue. Why doesn't set_override work here?	12:36
dtantsur	a good question. it should in most cases.	12:37
dtantsur	but it relies on the configuration option being known upfront	12:37
dtantsur	and we seem to define oslo options in cmd/agent.py, which may not be executed in tests	12:37
*** priteau has joined #openstack-ironic		12:42
*** anuradha1904 has quit IRC		12:44
*** anuradha1904 has joined #openstack-ironic		12:44
*** rh-jelabarre has joined #openstack-ironic		12:58
*** rloo has joined #openstack-ironic		12:59
*** ociuhandu has joined #openstack-ironic		13:04
openstackgerrit	Jacob Anders proposed openstack/ironic-python-agent master: Add support for using NVMe specific cleaning https://review.opendev.org/c/openstack/ironic-python-agent/+/771904	13:06
openstackgerrit	Dmitry Tantsur proposed openstack/ironic master: Refactoring: move vendor caching to where it belongs https://review.opendev.org/c/openstack/ironic/+/771595	13:06
openstackgerrit	Dmitry Tantsur proposed openstack/ironic master: Prevent redfish-virtual-media from being used with Dell nodes https://review.opendev.org/c/openstack/ironic/+/771619	13:09
openstackgerrit	Bob Fournier proposed openstack/ironic master: For Supermicro BMCs, set the BootSourceOverrideEnable value when changing boot device https://review.opendev.org/c/openstack/ironic/+/772239	13:15
janders	thank you ajya iurygregory and dtantsur	13:29
janders	debug was just an example, the actual config change is here:	13:30
janders	https://review.opendev.org/c/openstack/ironic-python-agent/+/771904/5/ironic_python_agent/tests/unit/test_hardware.py#39	13:30
janders	(uploaded my working copy to explain)	13:30
janders	Iury pointed out I'm trying to temporarily override Ironic config from IPA, which might be making things more tricky	13:30
iurygregory	yeah .-. I would say that maybe would be ok to also have a config on IPA that will be passed based on the config you have in ironic	13:33
arne_wiebalck	anyone ever connected to a KVMIP endpoint and willing to share how to do that? (I see the endpoint but I fail to communicate with it properly, I probably miss sth basic ...) ... rpioso maybe?	13:43
*** k_mouza has joined #openstack-ironic		13:43
*** lucasagomes_ has joined #openstack-ironic		13:43
*** parallax_ has joined #openstack-ironic		13:45
*** parallax has quit IRC		13:45
*** tosky has quit IRC		13:45
*** parallax_ is now known as parallax		13:45
*** tosky_ has joined #openstack-ironic		13:46
*** k_mouza_ has quit IRC		13:46
*** lucasagomes has quit IRC		13:46
openstackgerrit	Moisés Guimarães de Medeiros proposed openstack/ironic-inspector master: [DNM] remove pymemcache 3.4.0 from blacklist https://review.opendev.org/c/openstack/ironic-inspector/+/772714	13:47
*** zaneb has joined #openstack-ironic		13:59
*** jdandrea has joined #openstack-ironic		14:07
TheJulia	stevebaker: yeah.... it will be a lot	14:10
TheJulia	Also, good morning everyone!	14:10
rpittau	good morning TheJulia :)	14:13
*** lmcgann has joined #openstack-ironic		14:19
dtantsur	morning TheJulia	14:24
iurygregory	good morning TheJulia =)	14:29
*** ociuhandu has quit IRC		14:33
*** Rahman has quit IRC		14:33
*** ociuhandu has joined #openstack-ironic		14:33
TheJulia	question of the day, should /v1/nodes/uuid/allocation be visible to mere mortals in project scope?	14:34
openstackgerrit	Riccardo Pittau proposed openstack/bifrost stable/ussuri: Fix CI issues https://review.opendev.org/c/openstack/bifrost/+/766742	14:38
*** ociuhandu has quit IRC		14:38
*** k_mouza has quit IRC		14:42
*** tzumainn has joined #openstack-ironic		14:43
*** k_mouza has joined #openstack-ironic		14:43
*** k_mouza has quit IRC		14:45
*** rcernin has joined #openstack-ironic		14:46
*** k_mouza has joined #openstack-ironic		14:46
*** hjensas is now known as hjensas\|afk		14:52
dtantsur	TheJulia: if they can see the node.. they probably should?	14:52
*** sdanni has joined #openstack-ironic		14:57
*** rcernin has quit IRC		15:00
*** sshnaidm\|ruck is now known as sshnaidm\|afk		15:01
*** ociuhandu has joined #openstack-ironic		15:03
*** MentalSiege has joined #openstack-ironic		15:04
openstackgerrit	Riccardo Pittau proposed openstack/ironic stable/stein: Remove grenade jobs from old stable branches https://review.opendev.org/c/openstack/ironic/+/772889	15:07
rpittau	let's see how this goes	15:08
*** MentalSiege has quit IRC		15:08
*** alexmcleod has quit IRC		15:08
*** k_mouza has quit IRC		15:09
*** k_mouza_ has joined #openstack-ironic		15:09
*** alexmcleod has joined #openstack-ironic		15:09
*** gouthamr has joined #openstack-ironic		15:14
iurygregory	ironic cores, let me know if I missed any project https://review.opendev.org/c/openstack/project-config/+/772427 =)	15:18
rpittau	iurygregory: networking-baremetal and I don't recall if we want to include ironic-lib and clients ?	15:19
rpittau	iurygregory: ironic-python-agent	15:20
dtantsur	some projects may share configuration with ironic, needs checking	15:21
iurygregory	rpittau, so I couldn't find networking-baremetal, ironic-lib, ipa in https://github.com/openstack/project-config/tree/master/gerrit/acls/openstack	15:21
iurygregory	I think they would work according to ironic.config	15:22
rpittau	they're probably shared	15:22
iurygregory	yeah	15:22
openstackgerrit	Dmitry Tantsur proposed openstack/ironic master: Refactor vendor detection and add Redfish implementation https://review.opendev.org/c/openstack/ironic/+/771595	15:42
dtantsur	bfournie: I moved redfish detect_vendor here ^^ feel free to rebase	15:42
openstackgerrit	Dmitry Tantsur proposed openstack/ironic master: Prevent redfish-virtual-media from being used with Dell nodes https://review.opendev.org/c/openstack/ironic/+/771619	15:43
bfournie	dtantsur: great, thanks	15:49
openstackgerrit	Moisés Guimarães de Medeiros proposed openstack/ironic-inspector master: Fix memcached host address. https://review.opendev.org/c/openstack/ironic-inspector/+/772714	15:51
TheJulia	dtantsur: Ig uess my only concern is that the /allocations endpoint will go "nope, won't give you anything	15:53
TheJulia	"	15:53
openstackgerrit	Dmitry Tantsur proposed openstack/ironic master: [WIP] Make redfish-virtual-media work with Dell hardware https://review.opendev.org/c/openstack/ironic/+/772899	16:01
dtantsur	rpioso: this is how it could look like ^^	16:01
*** rh-jelabarre has quit IRC		16:03
*** rh-jelabarre has joined #openstack-ironic		16:04
dtantsur	it makes more sense to me than trying to forbid users from using the redfish hardware type, but dunno..	16:05
*** tosky_ is now known as tosky		16:06
dtantsur	TheJulia: ^^ your comments also welcome	16:07
*** mgagne has joined #openstack-ironic		16:11
TheJulia	dtantsur: I guess that works. I guess there are like 10 different ways to approach this in the grand scheme of the universe	16:14
dtantsur	yep. but I don't think that our users will be pleased with all 10 of them.	16:14
*** tosin has joined #openstack-ironic		16:29
*** jdandrea has quit IRC		16:29
*** jdandrea has joined #openstack-ironic		16:30
*** coreycb has quit IRC		16:37
*** coreycb has joined #openstack-ironic		16:38
openstackgerrit	Riccardo Pittau proposed openstack/ironic stable/stein: Remove grenade jobs from old stable branches https://review.opendev.org/c/openstack/ironic/+/772889	16:40
dtantsur	TheJulia: when you're free, I'd be curious to hear your thoughts re https://storyboard.openstack.org/#!/story/2008566	16:52
dtantsur	also looking for a 2nd review on https://review.opendev.org/c/openstack/metalsmith/+/772581/	16:58
*** sshnaidm\|afk is now known as sshnaidm\|ruck		16:58
openstackgerrit	Leo McGann proposed openstack/ironic master: Adds Security Interface to Node https://review.opendev.org/c/openstack/ironic/+/755836	17:00
openstackgerrit	Bob Fournier proposed openstack/ironic master: For Supermicro BMCs, set the BootSourceOverrideEnable value when changing boot device https://review.opendev.org/c/openstack/ironic/+/772239	17:01
*** lucasagomes_ has quit IRC		17:02
*** gyee has joined #openstack-ironic		17:02
openstackgerrit	Riccardo Pittau proposed openstack/bifrost stable/victoria: [DNM] test CI https://review.opendev.org/c/openstack/bifrost/+/772926	17:06
TheJulia	dtantsur: an optional url for "where can bmcs get artifacts" ?	17:06
*** tosky has quit IRC		17:07
dtantsur	mmm?	17:07
dtantsur	I'm not sure I get the artifacts bit	17:07
*** tosky has joined #openstack-ironic		17:07
TheJulia	tosin: you around to resume the call?	17:22
TheJulia	dtantsur: artifacts like vmedia.iso	17:22
tosin	sure	17:22
dtantsur	aah. right. I might have forgotten what I've asked you already....	17:23
dtantsur	(speaks volumes about my state)	17:23
dtantsur	TheJulia: so yeah, not just http_url, but also, say, external_http_url?	17:23
TheJulia	would nikka coffey grain help	17:23
dtantsur	maybe? I'm taking tomorrow off in attempt to do something with it	17:24
* arne_wiebalck ran out of coffee today! (how can one let that ever happen, EVER?)		17:24
TheJulia	arne_wiebalck: it is not coffee	17:24
dtantsur	we're way past coffee in this channel	17:24
TheJulia	++	17:25
arne_wiebalck	:-D :-D :-D	17:25
arne_wiebalck	cafe corretto maybe	17:25
rpittau	ah now we're talking	17:25
arne_wiebalck	rpittau has an alert filter on this channel!	17:26
rpittau	:D	17:26
iurygregory	hahaha	17:33
*** anuradha1904 has quit IRC		17:38
*** ociuhandu_ has joined #openstack-ironic		17:40
*** ociuhandu has quit IRC		17:43
*** ociuhandu_ has quit IRC		17:45
*** MentalSiege has joined #openstack-ironic		17:48
rpittau	good night! o/	17:57
*** rpittau is now known as rpittau\|afk		17:57
*** derekh has quit IRC		18:00
NobodyCam	good Morning Ironicer's	18:16
openstackgerrit	Merged openstack/metalsmith master: Do not wipe instance_info on normal unprovisioning https://review.opendev.org/c/openstack/metalsmith/+/772581	18:19
dtantsur	heya NobodyCam!	18:20
openstackgerrit	Dmitry Tantsur proposed openstack/metalsmith stable/victoria: Do not wipe instance_info on normal unprovisioning https://review.opendev.org/c/openstack/metalsmith/+/772812	18:20
TheJulia	dtantsur: external sounds or feels like the wrong word, but I'm not sure	18:22
TheJulia	I guess the intent is that the bmc networks sometimes need a very special, non external but interal endpoint to get $things from	18:23
TheJulia	that are not the provisioning network, necessarilly.	18:23
dtantsur	mm, yeah. need to think about it (in parallel to other 100500 things)	18:24
dtantsur	okay, time to go, see you on Monday!	18:25
*** dtantsur is now known as dtantsur\|afk		18:25
*** jdandrea has quit IRC		18:27
*** tzumainn has quit IRC		18:38
*** tzumainn has joined #openstack-ironic		18:41
*** k_mouza_ has quit IRC		19:08
openstackgerrit	Bob Fournier proposed openstack/ironic master: For Supermicro BMCs set enable when changing boot device https://review.opendev.org/c/openstack/ironic/+/772239	19:15
*** portdirect has quit IRC		19:17
*** portdirect has joined #openstack-ironic		19:17
*** sdanni has quit IRC		19:38
*** sdanni has joined #openstack-ironic		19:39
*** k_mouza has joined #openstack-ironic		19:48
*** jamesden_ is now known as jamesdenton		19:53
*** k_mouza has quit IRC		19:54
*** rcernin has joined #openstack-ironic		20:03
*** rcernin has quit IRC		20:30
NobodyCam	hey hey dtantsur\|afk	20:33
NobodyCam	sorry for slow reply. just e_to_many_meetings	20:34
*** rcernin has joined #openstack-ironic		20:41
*** tosin has quit IRC		20:46
*** zzzeek has quit IRC		20:57
*** zzzeek has joined #openstack-ironic		20:57
arne_wiebalck	bye everyone o/	21:15
*** lmcgann has quit IRC		21:31
*** sdanni has quit IRC		21:32
*** rcernin has quit IRC		21:34
openstackgerrit	Jacob Anders proposed openstack/ironic-python-agent master: Add support for using NVMe specific cleaning https://review.opendev.org/c/openstack/ironic-python-agent/+/771904	21:37
*** rcernin has joined #openstack-ironic		21:51
erbarr	hi, noobie question, is "openstack baremetal deploy" required before an "openstack server create"?	21:51
JayF	`openstack baremetal node [] deploy` is what is called by nova behind the scenes (along with a lot of other stuff) when you run an `openstack server create` targetted at an ironic flavor	21:55
*** tosin has joined #openstack-ironic		22:07
erbarr	JayF: thanks, i consistently get this error if all the different thing I do is skip "openstack baremetal node deploy" and "openstack baremetal node undeploy" to bring it back to available	22:07
erbarr	https://www.irccloud.com/pastebin/E3D3hzeD/	22:07
TheJulia	erbarr: have you checked for vifs in use?	22:07
JayF	> VirtualInterfacePlugException: Cannot attach VIF dac03298-0b66-45ec-aff6-fce5fec2568e to the node ea0b9846-c429-4d37-bebb-6cfde247d09e due to error: Unable to attach VIF dac03298-0b66-45ec-aff6-fce5fec2568e, not enough free physical ports.	22:07
JayF	looks like you have some kind of issue with your networking	22:07
TheJulia	erbarr: you need 1 free physical port per vif	22:08
TheJulia	openstack baremetal node vif list	22:08
TheJulia	openstack baremetal node vif remove is your friend	22:08
TheJulia	you likely only have one port and may be trying to attack >1 VIFs	22:08
TheJulia	hope that makes	22:08
TheJulia	err, makes sense	22:08
* TheJulia goes and checks on the electritians		22:08
erbarr	TheJulia, JayF, yea, i'm making the VIF here's the port show before deploy	22:11
erbarr	https://www.irccloud.com/pastebin/izR6YlkW/	22:13
erbarr	this is the vif port show:	22:13
erbarr	https://www.irccloud.com/pastebin/09beLaAM/	22:14
erbarr	and after successful "deploy" and "undeploy" where afterwards I can get a successful server create:	22:14
erbarr	https://www.irccloud.com/pastebin/LN6uVWYg/	22:15
*** eagereagle1 has joined #openstack-ironic		22:15
eagereagle1	TheJulia I am back with another question if you can again assist :) I am getting the ipmi password in a hardware manager via node.get('driver_info').get('ipmi_password') but the value is masked (****) how do I unmask it?	22:17
*** pmannidi has joined #openstack-ironic		22:53
*** k_mouza has joined #openstack-ironic		23:09
TheJulia	erbarr: okay... your issue is nova is attempting to do vif attachment, and you've got a manually applied vif in the extra field	23:14
*** k_mouza has quit IRC		23:14
TheJulia	I've got a patch to rip out the extra vif port id interface	23:14
TheJulia	eagereagle1: you have to run a custom policy to turn off secret value unmasking	23:14
TheJulia	eagereagle1: see ironic/common/policy.py for the code, the generated output should have it as an item... at least should	23:14
erbarr	TheJulia, thanks! so if manually attaching I should drop the --extra from "openstack baremetal port set --extra vif_port_id=<q-port> <ir-port>?	23:19
TheJulia	erbarr: well, you said nova is deploying it right?	23:19
TheJulia	erbarr: if yes, yeah, you don't need that at all	23:19
TheJulia	you'd only use vif-attach manually if your manually doing openstack baremetal node deploy	23:20
erbarr	TheJulia, mmmnn, okay, then i think I hit a slightly different issue after that if i don't deploy and skip vif	23:21
TheJulia	before retrying, remove the vif_port_id from the interface and make sure you vif-detach the vif	23:21
TheJulia	if you look at the internal_info field, that is the tenant_vif_port_id record	23:22
TheJulia	nova does it all for you	23:22
eagereagle1	TheJulia so I can run a custom policy within the hw manager, disable 'show_password' policy, get the value, then re-enable 'show_password' policy?	23:34
TheJulia	no	23:34
TheJulia	you have to run it on the api surface	23:34
TheJulia	In other words, you likely want a special API instance only accessible to the cleaning/provisioning/rescue networks	23:35
erbarr	TheJulia, oops, sorry some connection issues, I had run an iteration where I skipped the port set vif and I ended up with this error:	23:35
*** knikolla has quit IRC		23:36
erbarr	https://www.irccloud.com/pastebin/sImhEMEG/	23:36
*** naved001 has quit IRC		23:36
*** sri_ has quit IRC		23:36
*** pas-ha has quit IRC		23:36
*** ildikov has quit IRC		23:36
*** knikolla has joined #openstack-ironic		23:36
*** sri_ has joined #openstack-ironic		23:36
*** rpioso_ has joined #openstack-ironic		23:37
*** pas-ha_ has joined #openstack-ironic		23:37
*** PrinzElvis_ has joined #openstack-ironic		23:37
*** PrinzElvis has quit IRC		23:37
*** PrinzElvis_ is now known as PrinzElvis		23:37
TheJulia	nable to attach VIF 6444cf8f-31cb-4b39-abd7-47b73b291dd1 because Ironic can not update Neutron port 6444cf8f-31cb-4b39-abd7-47b73b291dd1 MAC address to match physical MAC address 24:6e:96:58:36:50 <-- orphaned port in neutron	23:37
erbarr	TheJulia, so maybe i should just skip neutron port create with mac?	23:37
*** naved001 has joined #openstack-ironic		23:37
TheJulia	yeah, you don't need to do that. Ironic will do it for you	23:37
*** rpioso has quit IRC		23:38
erbarr	TheJulia, cool thanks, i think that's it, let me try that	23:38
*** rpioso_ is now known as rpioso		23:38
*** ildikov has joined #openstack-ironic		23:38
TheJulia	\o/	23:39
*** sri_ has quit IRC		23:41
openstackgerrit	Julia Kreger proposed openstack/ironic-specs master: Implement System Scoped Role Based Access Control https://review.opendev.org/c/openstack/ironic-specs/+/764070	23:45
eagereagle1	TheJulia how does a custom clean step in a hardware manager relate to the API, with regard to the policy...?	23:51
TheJulia	eagereagle1: so basically, ironic doesn't push a password out or such details out	23:52
TheJulia	the fields are provided to the agent in ?lookup? when it is finding itself	23:52
TheJulia	so that lookup operation is a GET request against ironic's api	23:53
TheJulia	or an endpoint, doesn't have to be a human facing endpoint	23:53
*** sri_ has joined #openstack-ironic		23:54
eagereagle1	so the custom policy will be applied against the lookup API?	23:54
TheJulia	against the entire api	23:54
TheJulia	of the running instance	23:54
TheJulia	all secret value masking is handled in field return processing	23:55
TheJulia	so you can't say "just reveal this one secret in get requests	23:55
TheJulia	"	23:55
TheJulia	you have to change the policy knob for the entire api surface, which is why you likely want to now have >1 api surface	23:55
eagereagle1	what determines which api surface you are using?	23:56
TheJulia	api_url I think	23:58
TheJulia	in the conductor	23:58
TheJulia	configuration	23:58
TheJulia	that embeds the "call home to here" url in the ipxe config or in the mdns annoucements	23:58
eagereagle1	ok, great information -- thanks!	23:59

Generated by irclog2html.py 2.17.2 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!