| TheJulia | maybe we need to force server side content-length to be returned | 00:00 |
|---|---|---|
| hjensas | I tried response.content_length = 0, does not help. | 00:21 |
| hjensas | I also tried setting response = '', 204 which is what we did prior to If2e7697e3fde58ab0a4193787e29d3acdca81ebf and it fails the same way. | 00:22 |
| opendevreview | Harald Jensås proposed openstack/ironic stable/xena: Ensure 'port' is up2date after binding:host_id https://review.opendev.org/c/openstack/ironic/+/824163 | 00:45 |
| opendevreview | Harald Jensås proposed openstack/ironic stable/wallaby: Ensure 'port' is up2date after binding:host_id https://review.opendev.org/c/openstack/ironic/+/824164 | 00:45 |
| opendevreview | Harald Jensås proposed openstack/ironic stable/victoria: Ensure 'port' is up2date after binding:host_id https://review.opendev.org/c/openstack/ironic/+/824165 | 00:45 |
| opendevreview | Harald Jensås proposed openstack/ironic bugfix/19.0: Ensure 'port' is up2date after binding:host_id https://review.opendev.org/c/openstack/ironic/+/824166 | 00:46 |
| opendevreview | Harald Jensås proposed openstack/ironic bugfix/18.1: Ensure 'port' is up2date after binding:host_id https://review.opendev.org/c/openstack/ironic/+/824167 | 00:46 |
| opendevreview | Harald Jensås proposed openstack/ironic bugfix/18.0: Ensure 'port' is up2date after binding:host_id https://review.opendev.org/c/openstack/ironic/+/824168 | 00:46 |
| stevebaker[m] | I wonder if this eventlet change is required https://github.com/eventlet/eventlet/commit/4b0450b37c26d77cebf58d15f6c07525b5073b72 | 00:52 |
| stevebaker[m] | never mind, it looks like that change has been backported | 00:59 |
| opendevreview | Takashi Kajinami proposed openstack/tenks master: Migrate jobs from CentOS 8 to CentOS 8 Stream https://review.opendev.org/c/openstack/tenks/+/824272 | 01:08 |
| TheJulia | stevebaker[m]: hjensas: hmmm | 05:08 |
| stevebaker[m] | TheJulia: my day's findings https://bugzilla.redhat.com/show_bug.cgi?id=2039046#c4 | 05:17 |
| TheJulia | stevebaker[m]: ugh :( | 05:36 |
| TheJulia | stevebaker[m]: maybe time to get people to have people ask ironic to inspect directly? | 05:37 |
| TheJulia | I.e a state change? | 05:37 |
| arne_wiebalck | Good morning, Ironic! | 07:23 |
| rpittau | good morning ironic! o/ | 08:31 |
| rpittau | mmmm non voting gate in job is not good :/ | 08:32 |
| rpittau | non voting job in gate! | 08:32 |
| rpittau | morning dyslexia is the worst | 08:32 |
| opendevreview | Riccardo Pittau proposed openstack/ironic bugfix/18.1: Explicitly pin upper sushy, reduce job count https://review.opendev.org/c/openstack/ironic/+/820927 | 08:42 |
| arne_wiebalck | good morning, rpittau o/ | 09:22 |
| * arne_wiebalck had to read rpittau's 2 messages several times before spotting the mix-up :-D | 09:23 | |
| rpittau | hey arne_wiebalck :) | 09:23 |
| holtgrewe | Good morning ironic! Is it possible to use configdrive to disable DHCP and use completely static configuration? | 09:44 |
| dtantsur | morning ironic | 10:11 |
| dtantsur | holtgrewe: yes. you can provide network_data for all interfaces. | 10:11 |
| dtantsur | holtgrewe: if you also want it during provisioning, it's a bit more complex, but can be done as well | 10:16 |
| opendevreview | Riccardo Pittau proposed openstack/bifrost master: Add CentOS Stream 9 keystone integration job https://review.opendev.org/c/openstack/bifrost/+/824193 | 10:22 |
| frigo | good morning Ironic :) bonne année à tous | 10:31 |
| frigo | I would like to know if there was any work done on luks encryption for the root disks of the servers provisioned with ironic | 10:31 |
| frigo | I was thinking of requesting some TPM2 modules for my servers and use that for decrypting the disk at boot... | 10:32 |
| dtantsur | frigo: nothing out of box, I'm afraid | 10:36 |
| dtantsur | but with a whole disk image, it may work nonetheless | 10:36 |
| dtantsur | you will need to keep the EFI partition separate, probably using secure boot to protect it | 10:36 |
| dtantsur | if you need TPM configuration at deploy time, you can achieve it with custom deploy steps embedded into your IPA image | 10:37 |
| dtantsur | so, I think, it's doable, but you'll need to do some engineering | 10:37 |
| frigo | ok. I was seeing CoreOS could support luks encryption but maybe it's not deployed with Ironic (https://docs.openshift.com/container-platform/4.7/installing/install_config/installing-customizing.html#installation-special-config-encrypt-disk-tpm2_installing-customizing). Maybe I'll try to do a poc with the custom deploy steps | 10:39 |
| dtantsur | frigo: if you're interested in coreos specifically, I've done quite extensive work on supporting coreos-installer: https://github.com/metal3-io/ironic-agent-image | 10:41 |
| dtantsur | (the readme might be somewhat outdated, but should give you an idea) | 10:42 |
| dtantsur | frigo: https://owlet.today/posts/integrating-coreos-installer-with-ironic/ is an explanation | 10:42 |
| frigo | the IPA would need to build a luks device, the copy the root disk on the root device. Now that I think again, it won't be possible to enroll a key with the IPA and use it when booting the OS, as the keys will be bound to the "measurement" of the boot | 10:42 |
| frigo | yes Im a big fan of your blog posts | 10:43 |
| dtantsur | :) | 10:43 |
| rpittau | this should now be ok -> https://review.opendev.org/c/openstack/ironic/+/820927 please review it when you got a chance so we can start again merging stuff to 18.1 :) | 11:11 |
| iurygregory | good morning Ironic o/ | 11:30 |
| *** sshnaidm|afk is now known as sshnaidm | 11:58 | |
| frigo | opened https://storyboard.openstack.org/#!/story/2009782 I asked for a few TPM for christmas, I need to get them installed first :) | 12:57 |
| opendevreview | Merged openstack/tenks master: Migrate jobs from CentOS 8 to CentOS 8 Stream https://review.opendev.org/c/openstack/tenks/+/824272 | 12:58 |
| opendevreview | Merged openstack/ironic stable/xena: Add dhcp options for each ip_version once https://review.opendev.org/c/openstack/ironic/+/824012 | 13:14 |
| opendevreview | Merged openstack/ironic bugfix/19.0: Add dhcp options for each ip_version once https://review.opendev.org/c/openstack/ironic/+/824014 | 13:17 |
| opendevreview | Verification of a change to openstack/ironic master failed: Use mtools mcopy in create_vfat_image https://review.opendev.org/c/openstack/ironic/+/824075 | 13:21 |
| iurygregory | dtantsur, hey, re the conversation about privsep with stevebaker[m], seems like in inspector we will need privsep in the dnsmasq filter so I don't think we will make it optional in inspector, do you have any thoughts about it? | 13:46 |
| dtantsur | iurygregory: do we? | 13:50 |
| dtantsur | in the default mode, we just write to files | 13:50 |
| iurygregory | https://meetings.opendev.org/irclogs/%23openstack-ironic/%23openstack-ironic.2022-01-10.log.html#t2022-01-10T19:45:05 | 13:52 |
| iurygregory | "as far as inspector goes, its just the dnsmasq restart thing. I think it can just be converted to privsep, and privsep will only launch a process when a dnsmasq stop/start is requested" | 13:52 |
| dtantsur | so yeah, it's basically optional | 13:52 |
| iurygregory | so iptables would require because it needs sudo and dnsmasq we can make it optional, right? | 13:53 |
| dtantsur | correct | 13:54 |
| iurygregory | I was about to tell you about https://review.opendev.org/c/openstack/ironic/+/821363 , I see you left a comment already | 13:56 |
| dtantsur | yeah, I have very awkward feelings about this patch | 13:57 |
| dtantsur | I understand the motivation, but the amount of effort to achieve that seems disproportional | 13:57 |
| iurygregory | yeah, adding privsep to ironic just to help in automation seems like a lot of effort for a *simple thing* | 13:58 |
| iurygregory | and we would be adding the problems with memory consumption... (maybe..) | 13:59 |
| dtantsur | A one-off operation is probably not too bad.. probably | 13:59 |
| dtantsur | stevebaker[m], iurygregory, I nearly seriously wonder if we can do `dnf download shim` to get these files without root.. | 14:01 |
| iurygregory | `dnf download shim` seems to run without root without any problems in my F35 | 14:04 |
| opendevreview | Merged openstack/ironic stable/wallaby: Add dhcp options for each ip_version once https://review.opendev.org/c/openstack/ironic/+/824013 | 14:04 |
| dtantsur | iurygregory: it should, it just downloads an RPM from the mirror and unpacks it. | 14:05 |
| rpittau | dtantsur: not even unpack | 14:07 |
| dtantsur | fair enough, we can do it :) | 14:07 |
| rpittau | yeah, that should work | 14:09 |
| opendevreview | Merged openstack/ironic master: Fix Redfish RAID deploy steps https://review.opendev.org/c/openstack/ironic/+/823310 | 14:10 |
| opendevreview | Verification of a change to openstack/ironic master failed: Use mtools mcopy in create_vfat_image https://review.opendev.org/c/openstack/ironic/+/824075 | 14:35 |
| TheJulia | good morning | 14:50 |
| dtantsur | morning TheJulia | 14:50 |
| rpittau | good morning TheJulia :) | 14:50 |
| opendevreview | Verification of a change to openstack/ironic master failed: Use driver_internal_info methods for ilo driver https://review.opendev.org/c/openstack/ironic/+/818507 | 14:50 |
| opendevreview | Verification of a change to openstack/ironic master failed: Use driver_internal_info methods for drac driver https://review.opendev.org/c/openstack/ironic/+/818506 | 14:50 |
| opendevreview | Riccardo Pittau proposed openstack/bifrost master: Follow up to "Run bifrost on CentOS Stream 9" https://review.opendev.org/c/openstack/bifrost/+/824186 | 14:55 |
| opendevreview | Verification of a change to openstack/ironic master failed: Use driver_internal_info methods for ilo driver https://review.opendev.org/c/openstack/ironic/+/818507 | 15:48 |
| opendevreview | Riccardo Pittau proposed openstack/ironic bugfix/18.1: Use stable/xena upper-constraints https://review.opendev.org/c/openstack/ironic/+/824451 | 15:58 |
| opendevreview | Merged openstack/ironic bugfix/18.1: Explicitly pin upper sushy, reduce job count https://review.opendev.org/c/openstack/ironic/+/820927 | 16:29 |
| rpittau | bye everyone, see you tomorrow! o/ | 16:53 |
| arne_wiebalck | bye rpittau o/ | 16:56 |
| TheJulia | dtantsur: you around? | 17:22 |
| TheJulia | hjensas: when you tried content-length: 0, did you confirm it was in the response body and that encoding was dropped? | 17:26 |
| arne_wiebalck | bye everyone o/ | 18:03 |
| TheJulia | goodnight arne_wiebalck | 18:04 |
| Guest393 | Merged openstack/ironic master: Use mtools mcopy in create_vfat_image https://review.opendev.org/c/openstack/ironic/+/824075 | 18:39 |
| opendevreview | Julia Kreger proposed openstack/python-ironic-inspector-client master: Fix connection read/timeout issues. https://review.opendev.org/c/openstack/python-ironic-inspector-client/+/824247 | 18:47 |
| *** sshnaidm is now known as sshnaidm|afk | 19:20 | |
| opendevreview | Verification of a change to openstack/ironic master failed: Use driver_internal_info methods for ilo driver https://review.opendev.org/c/openstack/ironic/+/818507 | 19:38 |
| stevebaker[m] | good morning | 20:02 |
| TheJulia | o/ stevebaker[m] | 20:08 |
| TheJulia | I went ahead and revised the python-ironic-inspector-client patch to use stream to at least bypass the empty reply responses | 20:08 |
| stevebaker[m] | TheJulia: thats a nice novella-length commit message :) | 20:11 |
| TheJulia | thanks! | 20:13 |
| TheJulia | I *do* need to write more | 20:13 |
| stevebaker[m] | I'd rather do commit messages in song form | 20:14 |
| opendevreview | Merged openstack/ironic bugfix/18.1: Fix various issues in the anaconda deploy interface https://review.opendev.org/c/openstack/ironic/+/815871 | 20:14 |
| TheJulia | stevebaker[m]: I look forward to the change which has an attached youtube video! | 20:15 |
| stevebaker[m] | ahhhhaha | 20:15 |
| JayF | stevebaker[m]: Never going to get reviewed; Never going to get approved; Never going to get through 10 gate jobs | 20:20 |
| stevebaker[m] | a natural! | 20:20 |
| TheJulia | JayF wins this round. | 20:20 |
| opendevreview | Verification of a change to openstack/ironic master failed: Use driver_internal_info methods for drac driver https://review.opendev.org/c/openstack/ironic/+/818506 | 23:10 |
| opendevreview | Verification of a change to openstack/ironic master failed: Use driver_internal_info methods for ilo driver https://review.opendev.org/c/openstack/ironic/+/818507 | 23:11 |
Generated by irclog2html.py 2.17.3 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!