Monday, 2025-02-24

« Sunday, 2025-02-23 Index Tuesday, 2025-02-25 »
rpittaugood morning ironic! o/07:57
abongale[m]Good Morning Ironic, I am curious about log file size. Is there any upper limit to how big a log size can be?10:19
vsaienkohello ironic community, do you know if serial console in horizon should work only for instances when admin explicitly enabled console on the node? and why we can't enable console for the node automatically when requesting console url?10:22
iurygregorygood morning Ironic, I'm back o/10:53
masgharWelcome back, Iury!11:05
iurygregorytks11:10
vsaienkoironic team please review https://review.opendev.org/c/openstack/nova/+/942575 and https://review.opendev.org/c/openstack/openstacksdk/+/942533 fixes broken serial console in horizon, its broken in Caracal as well (did not check earlier releases, so needs a backport)11:40
dtantsur+2 on SDK, cannot do much on Nova (but left a few nits)11:43
cardoedtantsur: not sure if ya wanna look at https://review.opendev.org/c/openstack/ironic/+/942496 as well but that's what I need so that I can use the anaconda deploy interface with glance.14:04
cardoeIt's been broken for a few releases.14:04
TheJuliagood morning14:09
TheJuliavsaienko: serial console, not really. Shellinabox is a dead project. Most nova folks won't run the serial console proxy which afaik is the needful for the socat console. Truthfully, it also requires IPMI and that is just a not great idea in general. Enabling the console for all nodes also increases risk of conflicts and lockouts as well. Its just asking for problems.14:11
vsaienkoTheJulia: thanks, but right now we do not have other alternative that socat, shellinabox is deprecated and going to be removed? do we have any other replacement?14:13
TheJuliavsaienko: serial console, no. We've learned serial consoles are actually really bad for modern kernel as well if there are high packet loads on the hosts14:14
TheJuliavsaienko: we've been working on graphical consoles which are less bad if you have the framebuffer turned on14:14
vsaienkowhat are currently available options for graphical console?14:15
TheJuliaabongale[m]: The limit would really depend on how logging is being done. Most often log files are being handled by the process launcher, not ironic itself.14:16
TheJuliavsaienko: stevebaker[m] has patches in review how to start building the framework to do it, I think dell is his primary first target, then ilo, then supermicro.14:17
TheJuliavsaienko: but, the key to that is "in review"14:17
TheJuliahttps://review.opendev.org/q/topic:%22novnc_proxy%2214:41
cardoeTrying to write a tempest change for my anaconda stuff... I notice that anaconda is marked as non-voting by you TheJulia. Any particular reason?14:41
TheJuliacardoe: the reason was largely failure rate related, I haven't re-evaluated it since then. So if it look solid, cool to change, but if it fails often/easily, then it needs more work/hardeing/luck14:42
TheJuliaspeaking of ci failures, looks like we're seeing a lot of cirros vms tartup and no ping or ssh :(14:43
TheJulias/vms tartup/vm startup/14:43
opendevreviewDoug Goldstein proposed openstack/ironic master: deploy: allow anaconda to use the provisioning network  https://review.opendev.org/c/openstack/ironic/+/94259014:43
cardoeplus https://review.opendev.org/c/openstack/ironic/+/942496 lead to me almost being able to install ESXi14:44
cardoeI need to run some of the instance metadata into the kickstart file14:44
cardoeBut if I don't say that it's a touchless install and manually answer the questions on the console then it works.14:45
rpittau#startmeeting ironic15:00
opendevmeetMeeting started Mon Feb 24 15:00:07 2025 UTC and is due to finish in 60 minutes.  The chair is rpittau. Information about MeetBot at http://wiki.debian.org/MeetBot.15:00
opendevmeetUseful Commands: #action #agreed #help #info #idea #link #topic #startvote.15:00
opendevmeetThe meeting name has been set to 'ironic'15:00
rpittauHello everyone!15:00
rpittauWelcome to our weekly meeting!15:00
rpittauThe meeting agenda can be found here:15:00
rpittau#link https://wiki.openstack.org/wiki/Meetings/Ironic#Agenda_for_February_24.2C_202515:00
iurygregoryo/15:01
masgharo/15:02
rpittaulet's wait a couple of minutes for people to join :)15:02
cardoeo/15:02
dtantsuro/15:02
TheJuliao/15:02
cardoeI forgot to add it to the agenda but can we discuss sushy release?15:02
cido/15:02
rpittauwell I think we're good with quorum :)15:02
rpittaucardoe: it's there actually, I added it15:03
rpittau#topic Announcements/Reminders15:03
rpittauStanding reminder to review patches tagged ironic-week-prio and to hashtag any patches ready for review with ironic-week-prio:15:03
rpittau#link https://tinyurl.com/ironic-weekly-prio-dash15:03
rpittausome patches to review there, need to get them quick as the time is running out for the release15:04
kubajjo/15:04
rpittau#info 2025.1 Epoxy Release Schedule15:04
rpittau#link https://releases.openstack.org/epoxy/schedule.html15:04
iurygregoryI will prioritize review in sushy, I was on PTO15:04
rpittauwe're at R-5 !15:05
rpittaufeature freeze is upon us15:05
JayFo/15:05
rpittauso anything that we want to go in Epoxy needs to merge before EoW15:05
rpittauI will also start working on the cycle highlights that are due next week15:06
rpittau#info Flamingo PTG will take place place April 7-11, 2025!15:07
rpittaudon't forget to register!15:07
rpittauthe etherpad is ready here:15:07
rpittau#link https://etherpad.opendev.org/p/ironic-ptg-april-202515:07
cardoegrrr there was something I was suppose to add there.15:07
rpittauanything else to announce/remind ?15:08
JayFIronic is DPL; or will be at the flip of the cycle.15:08
JayFI will work with TC to ensure that change merges15:08
iurygregorytks JayF 15:08
rpittauyep, when Epoxy is released ironic will switch to DPL15:08
* JayF hands rpittau his "Last PTL of Ironic Ever (maybe)" sash15:09
rpittau:D15:09
rpittauthanks!15:09
rpittauanything else or we can move to the discussion topics?15:10
rpittauok moving on15:11
rpittau#topic Discussion Topics15:11
rpittau#info migrate sushy-oem-idrac to sushy15:11
rpittau#link  https://review.opendev.org/c/openstack/sushy/+/94055715:11
rpittauI guess we need to move this to the next cycle15:11
rpittausushy release is already late15:12
TheJuliaWell, we can do it, it just won't make this cycle15:12
rpittauyeah15:12
rpittauthat's what I meant :)15:12
iurygregoryomg +655015:12
cardoeI just don't know what we need to do.15:12
TheJuliaand by do it, I mean approve the patches right now15:12
cardoeCause it works.15:12
cardoeIt even installs along side together just fine15:12
cardoeIt's just "wrong" to install both"15:12
rpittauit's a last minute huge change15:13
JayFyeah; it seems like the ideal thing to have at the top of the cycle15:13
rpittauand IMHO we probably need to deprecate sushy-oem-idrac first15:13
JayFI know it's painful to wait but it's extremely good it's lined up15:13
cardoehttps://review.opendev.org/c/openstack/ironic/+/942520 is all that ironic needed.15:13
rpittaucardoe: you did a great job, thanks a lot for that :)15:13
cardoeI'm good with pushing to the next cycle and deprecating sushy-oem-idrac first.15:14
rpittauthat's another last minute change, FF is this week15:14
rpittaucardoe: perfect15:14
rpittauthanks15:14
JayFTraditionally Ironic hasn't complied with overall OpenStack FF15:14
JayFthose are usually for cycle-with-rc, not cycle-with-intermediary15:14
iurygregory++15:14
cardoeI just want to know WHAT we want to do to formally merge it all.15:14
dtantsurIf it's co-installable, we might JFDI right after branching ironic15:15
rpittauyep15:15
JayF++15:15
rpittauI'd say we can merge the sushy change whenever, but wait for the ironic one15:15
dtantsurThis may cause troubles for people consuming master15:16
dtantsurbut probably not critical troubles15:16
cardoeI dunno what trouble it will cause for packagers. Cause they do install the same file (for the entry point). And while pip doesn't care. An RPM built up from a Python package might care if they both install the same file?15:17
rpittaummmm well it won't be released, so if we see issues we're more relaxed in fixing them15:17
cardoeSo I'd rather hold off and understand WHAT I need to do to communicate the change the best way.15:17
cardoeBut that's what I'm saying.. I dunno how to best communicate that.15:17
rpittauproduction RPMs usually are built from releases, not from master 15:18
dtantsuryeah, I'm just being overly cautious15:18
rpittau:)15:18
dtantsurbut *at latest* when Ironic is branches we should just merge everything15:18
dtantsur* is branched15:18
rpittauyep15:18
rpittauI'll release the krak... the sushy release then15:19
dtantsurpull the lever!15:20
rpittaudone! :D15:20
iurygregoryship it!15:20
rpittaucardoe: I just udpated the ironic change so it's clear what we need to do15:20
rpittauthe sushy change can go in at will15:21
rpittauare we good to move on?15:21
rpittauok!15:23
rpittau#info ironic-lib deprecation15:23
rpittau#link  https://review.opendev.org/q/topic:%22ironic-lib-deprecation%2215:23
rpittauI think we're waiting for https://review.opendev.org/c/openstack/governance/+/939278 ?15:23
JayFyes, I'll nudge TC about that, too15:23
rpittauthanks JayF :)15:23
rpittauany other discussion topics for today?15:24
cidRFEs15:25
rpittaucid: yes!15:25
rpittauwhich one(s) ?15:25
cidThis, https://bugs.launchpad.net/ironic/+bug/209888415:26
cidI have updated the agenda with the links to the rest.15:26
JayFI assume (cc: TheJulia) that the redfish serial interface is shaped similarly to the ipmi stuff? 15:27
JayFIf so, seems like an obvious JFDI15:27
TheJuliaJayF: It really doesn't exist afaik15:27
dtantsurWell, it can be over IPMI or SSH15:27
JayFthen what is the RFE wanting us to do?15:27
dtantsur(or OEM, yay)15:27
JayFwait, what15:27
TheJuliawell, true, it can be15:27
JayFredfish bmcs expose serial consoles over ipmi, is that what you just said?15:27
dtantsurJayF: Redfish specifies IPMI or SSH as possible protocols for serial console :)15:27
TheJuliaI've *yet* to see a bmc that offers that though15:27
dtantsur\o/15:28
TheJuliapossible being the magical aspect :)15:28
JayForoborous is gonna sue hardware companies for gimmick infringement lol15:28
dtantsurIf we did not have a VPN outage, I would check our internal Redfish dumps15:28
TheJuliawheeeeeeee15:28
TheJuliaAnyway, yeah, given its a possible option, jfdi just seems to make sense to me15:28
dtantsurTheJulia: is what you offer basically just adding ipmitool-socat to the list of supported interfaces?15:29
dtantsurI.e. without actually checking the Redfish data?15:29
JayFI assume we'd actually need some glue code, the RFE implies we'd have to do some credential and metadata passing15:29
TheJuliadtantsur: Thinking so *and* likely allowing the ipmitool exec code to understand it can grab username/password/host address from the redfish fields15:30
cardoeTheJulia: does that just work?15:30
TheJuliaI've not looked closely at it, so my brain is running form memory, but it should just work if the values are already populated for ipmi15:30
TheJuliaand the interface is available/loaded 15:31
dtantsurHmm. I don't object to it, but let's make sure (naming etc) that we can introduce a more proper Redfish interface later (even if it looks unlikely right now)15:31
cardoehttps://www.dmtf.org/sites/default/files/Redfish_Serial_Console_Enhancements_05-2020_WIP.pdf afaik is what I had bookmarked for changes15:31
JayFIPMISoCatConsoleViaRedfish console class coming up? :D 15:31
TheJuliaI suspect our introduced interfaces will be more-so graphical :)15:31
TheJuliabut yeah15:31
TheJuliaEh, I suspect some folks would prefer ssh if we have a known working example15:32
TheJuliabut I'm just trying to do the needful, not boil an ocean15:32
* TheJulia is working on ocean boiling network switching at the moment15:32
TheJulia(well, testing)15:32
vsaienkoironic team, can somebody please point me to the code where connectivity between multinode devstack builds is configured on CI? I'm looking similar place https://review.opendev.org/c/openstack/devstack-gate/+/335981/7/devstack-vm-gate.sh in zuul ansible roles15:34
rpittauvsaienko: let's wait for after the meeting for that, thanks :)15:35
cardoeThere's a few more RFEs. Let's go through them.15:35
cardoecid said 4 but I see 5. :shifty:15:36
cardoehttps://bugs.launchpad.net/ironic/+bug/209888615:36
TheJuliafolk scan blame me for some of these, I was quickly filing bugs from discussions15:36
cid:)15:36
cardoe#link https://bugs.launchpad.net/ironic/+bug/209888615:36
cardoeTo steal rpittau's thunder a little.15:36
TheJuliaThis one comes from a disucssion where someone conveyed they really neede to deploy a whole bunch of identical machines, and didn't care about fine details15:37
TheJuliaand didn't also care about much of the openstacky primitives15:37
dtantsurOh. TheJulia is going to hate me, but this should be reworked in terms of allocations and ideally the deployment API15:37
TheJuliathey just wanted it to be single-action oriented15:37
dtantsurmaybe not allocations, maybe only the deployment API..15:37
TheJuliaThe key aspet is they are just a tenant with restricted views and basically wanted bulk deployments15:37
TheJuliadtantsur: actually, I was kind of thinking something along the basic idea but sans allocations since that is something else they need to interact with15:38
TheJuliabasically, they just want a bulk interactions interface15:38
TheJuliawhere the conductor can solve the details15:38
dtantsurBut in all honesty.. it's a simple loop in Python, no?15:38
TheJuliaI realize, the idea needs a lot of work, so its fine if people want to put notes in and we can move on 15:38
TheJuliathey don't want to have to think/manage at that level15:38
dtantsurI think a much bigger usability issue is the lack of a deployment API, which caused metalsmith15:39
JayFI don't really like the idea of that at all tbh15:39
JayF== dtantsur 15:39
dtantsurif we have deployment API, what you need would be 4 lines of Python probably15:39
TheJuliaThey don't want that, they want a single rest call.15:39
cardoeSo honestly I think this puts complexity into Ironic that should really be done by the caller of the API.15:39
TheJuliafair enough15:39
cardoeCause what should be the result if 1 fails and 3 succeed cause of locking?15:40
JayFI mean, I'd rather them have a short script or client hack than have ironic do a bad job of batching15:40
TheJuliaI'm just the proxy, I'm not going to advocate endlessly for this15:40
JayFbecause it's not... ^^^ yes exactly cardoe is going down my path15:40
dtantsurMy comment is not a hard no, but I pretty firmly believe we need to solve the general deployment UX first15:40
JayFyeah; have a "deploy one in one rest API call"15:40
JayFbefore "deploy many in one rest API call"15:40
TheJuliaI sort of think one of the next ones actually approaches that, so I think we can carry on to the next rfe?15:41
cardoe#link https://bugs.launchpad.net/ironic/+bug/209888815:42
cardoeFeels like a better replacement for shellinabox?15:42
JayFI'm assuming the mechanism for this would be a sidecar container, like for redfish gfx console?15:43
JayFI'd prefer something like this not end up with ssh connections routed through/proxied by a conductor15:43
dtantsurYeah, I'm also curious about technical details, but the idea sounds good15:43
TheJuliaSocat console would get you a graphical console15:44
TheJuliathis is just... ssh wrapping the connection15:44
TheJuliaJayF: to be determined, but if we follow the existing model of console interfaces each responsible conductor would manage the "sshds"15:45
JayFI have a lot of security nervousness if those sshds are colocated with the conductor, but that's implementation detail territory15:45
TheJuliaindeed15:45
dtantsurI potential issue may be the requirements on root access15:45
dtantsurWe've just got rid of oslo.rootwrap15:45
dtantsurCould be a case for a small companion service15:46
TheJuliaat least a long time ago, you could invoke sshd without root if you were doing a highly sepcific configuraiton15:46
dtantsurhmmm15:46
dtantsurI'd read a more detailed proposal, be it in a spec or simply on LP15:46
TheJuliaspecific configurations would be be the soup of the day for something like this15:46
dtantsurbut I'm not against the idea15:46
TheJuliaack15:46
rpittauTheJulia: yeah you can do that with a user config15:46
TheJuliarpittau: yup15:47
JayFYeah the idea seems good here but likely valuable to write more details (if it were me I'd do a spec)15:47
dtantsurWe really need some form between an RFE and a spec15:47
TheJuliaOkay, onward!15:47
rpittauor just add more details to the RFE ?15:47
JayFeh; I think it's mainly "don't be a stick in the mud when reviewing specs for minor things" :D 15:47
dtantsurtrue :D15:47
JayFI appreciate the structure, but maybe that's just me15:48
TheJuliaonward?15:48
JayFonward!15:49
rpittau#link https://bugs.launchpad.net/ironic/+bug/209869415:50
TheJuliaJust an idea placeholder for the aformentioned serial console topic15:51
dtantsurI guess the blocking concern is lack of hardware?15:51
JayFis that a differently worded version of the other two RFEs we've looked at around ssh->socat and ipmi-over-redfish consoles?15:51
rpittauI was wondering the same15:52
TheJuliaI added this one as "we should look into this in general, not specifically"15:52
TheJuliaso there is no ipmi-over-redfish console and this is entirely unrelated to ssh->socat->ipmitool sol15:52
JayFI'm happy for the feature to exist; but I would not have a use case or consume it :)15:53
TheJuliaThis might be a source of redfish-ssh console or soemthing like that15:53
dtantsurThis is probably ENEEDSPEC15:53
dtantsurGenerally valid idea but we don't have enough information to approve it15:53
JayFseems like this is less an RFE at this point and more a place to put research until we see what the feature owuld loook like15:53
dtantsur++15:53
rpittau +115:54
JayFRFE: research for enhancement lol15:54
dtantsur:D15:55
rpittau:)15:55
rpittaunext (and last) one ?15:55
rpittau#link https://bugs.launchpad.net/ironic/+bug/209990615:55
JayFwait, really?15:56
JayF+2 JFDI15:56
rpittauyep not a lot to discuss  there15:56
cardoeWhat do ya want the field called?15:56
dtantsurIs it similar to node.description?15:56
dtantsurbecause it sounds like node.description15:56
TheJuliaa port.description filed?15:57
TheJuliafield15:57
* TheJulia cannot type today15:57
cardoeport.description works for me.15:57
rpittausounds good15:57
TheJuliaso one last item I wanted to bring up15:57
TheJuliaif we've got time15:57
rpittauwe have 2:25 minutes :)15:57
TheJulia#link https://bugs.launchpad.net/ironic/+bug/209869715:57
dtantsurA solid idea, definitely needs a spec in my book15:58
TheJuliaThe idea is "it would be really nice if we didn't have to think in neutron primitives and have a vif" so to enable a model where ironic can fill the gap to it's neutron preferred data model, or even non-neutron usage models with some automatic logic15:58
JayFWell, I wonder if at the PTG15:58
JayFwe should try to have a chat with neutron/nova/ironic devs and see if there's a better path forward including ideas like this15:58
TheJuliaThis is semi-disjointed, because a nova user will always send us a vif15:59
JayF(that's not an instead; that's an in-addition-to / as a part of)15:59
TheJuliawell, nova will do it15:59
JayFTheJulia: well, I'm asking, is there a world where there'd be value in Nova not doing it, and Ironic doing it15:59
TheJulianova (last time I looked) had paths to magically get you a vif15:59
JayFIt seems like pushing some of the network config to Ironic/neutron without nova involved could lead to more flexibility, especially for cases where you are owner/lessee and have some control over the node16:00
TheJuliaI would avoid nova like the plauge since nova has all of the logic "if we get handed a network, we need to do x, if we get handed a this other value we need to do y logic"16:00
JayFack16:00
cardoeGonna have to chat with the nova folks about that change.16:00
cardoeI know they've been breaking out the vif bits into a separate os-vif library.16:01
TheJuliaI'm just thinking, is there a path to make the non-nova user life easier16:01
dtantsurnon-nova but with neutron?16:01
TheJuliayup16:01
dtantsurmetalsmith-style16:01
dtantsurokay, yeah16:01
TheJuliaor, potentially without16:01
TheJuliasort of depends on where the matrix needs to end up overall, but not trying to join other stuff together in a grand vision at the moment16:02
TheJuliahopefully, that makes sense16:02
JayFI understand, I do worry sometimes that we haven't taken a high level view of the integrated process in a while, and often assume that the status quo is unchangable16:03
rpittauwe can bring up the topic next time for a deeper discussion if needed, or even add something to the PTG etherpad16:03
JayFI wanted to imagine for a second that we could change the status quo :)16:03
rpittaualright thanks everyone, going to close the meeting now :)16:04
rpittau#endmeeting16:04
opendevmeetMeeting ended Mon Feb 24 16:04:30 2025 UTC.  Information about MeetBot at http://wiki.debian.org/MeetBot . (v 0.1.4)16:04
opendevmeetMinutes:        https://meetings.opendev.org/meetings/ironic/2025/ironic.2025-02-24-15.00.html16:04
opendevmeetMinutes (text): https://meetings.opendev.org/meetings/ironic/2025/ironic.2025-02-24-15.00.txt16:04
opendevmeetLog:            https://meetings.opendev.org/meetings/ironic/2025/ironic.2025-02-24-15.00.log.html16:04
dtantsurUnfortunately, did not have time during the meeting, but16:04
dtantsurwe have discussed a few small(ish) RFEs, and some of you may have more in their heads16:04
dtantsurwe're currently looking for a project for Outreachy16:05
dtantsurso if you have something that is rather on the small side and self-contained, let me know16:05
dtantsur(if you want to (co-)mentor, also let me know)16:05
TheJulia++16:06
dtantsur"Let's implement this Redfish feature" can be a good one, especially if it can be tested on sushy-tools16:06
opendevreviewTakashi Kajinami proposed openstack/python-ironicclient master: Drop remaining use of iteritems  https://review.opendev.org/c/openstack/python-ironicclient/+/94261316:07
JayFI wonder if cardoe has something ingestible for OEM support stuff, like integrating ilo .... but that's  as far from "Testable in sushy-tools" as possible 16:08
TheJuliaJayF: fwiw, personally, I'm trying to avoid scope creeping efforts to preserve my sanity and capacity16:08
JayFcid: ^ you might be a good person to think about what'd be good for an outreachy project16:08
TheJuliadtantsur: it would be super neat if with redfish we could somehow cleanly account for how much power a baremetal node used during it's deployed lifetime....16:08
cardoeYeah I was thinking about that too JayF 16:08
TheJulia#crazy_idea16:08
JayFTheJulia: I understand that; sadly for me I am having to go the other direction more these days and try to get things working smoother together16:08
masgharTheJulia: Is that possible with redfish?16:09
TheJuliaJayF: fair enough16:09
TheJuliamasghar: why yes! Checkout the power supplies structural data in the standard16:09
TheJuliaThere *is* a counter in the standard16:09
TheJuliain kWh16:10
dtantsurYep. The only problem is that we cannot ask the intern to write a spec. So we need to come up with a complete design *before*16:10
TheJuliadtantsur: exactly16:10
TheJuliaI was musing, this might be something useful for node history16:10
TheJuliarecord it as an informational value16:10
dtantsurMe, I was thinking about configuring TLS certificates for virtual media16:10
dtantsur(and turning their validation on and off)16:10
JayFdtantsur: I'm giving satoshi most of the parts for a container hardware manager implementation and letting him do the spec-level research. It does depend on how well levelled the candidate is16:10
TheJuliaif someone really needs it, they could grab it easily16:10
dtantsurJayF: we don't expect a very high level, and we have a hard timebox of 3 months16:11
JayFfaif enough16:12
cardoespeaking of nova integration.. https://review.opendev.org/c/openstack/nova/+/942019 could take a nod from an ironic person16:16
cardoeand https://review.opendev.org/c/openstack/ironic/+/942496 I wanted to propose a follow on for master... that's a backport-able change.16:16
cardoeBut rather than making our own dictionary... can we not just pass around the SDK Image object and use type annotations in our code for that?16:17
cardoeThat would involve changing the tests16:17
JayFcardoe: tl;dr: -1, release note needed16:17
cardoeFor which one?16:18
JayFoh, the first one16:18
JayF94201916:18
dtantsuraccess denied!16:18
cardoeshould I open a nova bug too?16:18
JayFcardoe: you should do whatever nova requires for that to be backported16:18
JayFcardoe: IDK what that is off the dome16:18
* dtantsur assumed JayF had a hardware token fire in IRC :D16:18
JayFdtantsur: sdflkghsdfdsagdksjhkasgjld===16:19
* dtantsur is scared16:19
* TheJulia blinks16:21
TheJuliaJayF: you forgot to add "Bearer" to the front of that ;)16:22
JayFBearer Metal kjshdgslkjdfgsdklasd===16:23
dtantsur"Bearer Metal" could be the foundation for new stickers16:26
* JayF finds an AI to ask "a bear playing the drums with a red fish" /s16:29
TheJuliaoh... my16:45
opendevreviewJulia Kreger proposed openstack/ironic master: WIP: hooking in an external network simulator  https://review.opendev.org/c/openstack/ironic/+/94229816:47
rpittaugood night! o/17:06
masgharo\17:07
* frickler wonders how Bear Metal would sound, something between Heavy and Death with a touch of Melodic? ;)17:22
opendevreviewAdam McArthur proposed openstack/ironic-tempest-plugin master: Testing bad microversions on v1/conductors  https://review.opendev.org/c/openstack/ironic-tempest-plugin/+/94263217:48
opendevreviewJulia Kreger proposed openstack/ironic master: CI: Extend default timeouts slightly  https://review.opendev.org/c/openstack/ironic/+/94263317:50
opendevreviewAdam McArthur proposed openstack/ironic-tempest-plugin master: Testing bad microversions on v1/XXX  https://review.opendev.org/c/openstack/ironic-tempest-plugin/+/94263417:52
opendevreviewAdam McArthur proposed openstack/ironic-tempest-plugin master: Testing bad microversions on v1/conductors  https://review.opendev.org/c/openstack/ironic-tempest-plugin/+/94263217:53
opendevreviewAdam McArthur proposed openstack/ironic-tempest-plugin master: Testing bad microversions on v1/runbooks  https://review.opendev.org/c/openstack/ironic-tempest-plugin/+/94263417:53
opendevreviewAdam McArthur proposed openstack/ironic-tempest-plugin master: Testing bad microversions on v1/portgroups and v1/node/{node_id}/portgroup  https://review.opendev.org/c/openstack/ironic-tempest-plugin/+/94263617:59
cardoeWhen the IPA downloads the configdrive, is that a privileged operation? e.g. do I need a token? will the agent token work?18:01
JayFI know it's not /always/ privledged because we have swift-temp-urls modes for those (or at least, onmetal had it hacked in lol)18:02
cardoeSo just looking at how the anaconda deploy interface makes the data available. And essentially it's all a special case.18:04
cardoeIt creates a kickstart snippet of %post sections per file which have a bash variable with the contents of each file base64'd and the filename. It then writes that file out to the path un-base64'ing it.18:04
cardoeJust thinking how I can make this more generic.18:07
* cid JayF: Re: <^ you might be a good person to think about what'd be good for an outreachy project>. That does sound like something within my purview. I will BRB with any that I think might be suitable.18:08
JayFyeah, just keep it in mind and reach out to Dmitry if you find something :)18:08
cidOkay sure. In terms of scope, just Ironic or adjacent projects inclusive?18:10
JayFironic projects and surrounding stuff18:12
JayFhe specifically said something self-contained in redfish+sushy land might be preferable18:13
cidDmitry: if you had a moment, about inspection rules. Should I get rid of Plugin Data action classes (based on your last review)18:13
cidOr the actions are meant to alter a copy of the plugin data object but no retuns... so I just remove the return statements.18:15
JayFcardoe: this is completely spitballing, and I'm making up this data structure, but ... {"deploy_files": ["some_esx_bs.lolvmware", "some_rs_bs.local"], "deploy_template_files": [ "kickstart_but_esx.template" ] } with some kinda documented "if it's a template, we will find and replace these magic variables with these magic strings18:16
JayFcardoe: if you want it to be custom, give the user the customization skills18:16
JayFcardoe: custom-installer interface here we come? 18:16
dtantsurcid: please use the nick, my IRC client does not highlight on "Dmitry" (maybe it should?) :)18:19
dtantsurcid: re modifying plugin_data: I was under impression that we're passing a mutable object around18:20
dtantsurso any edits to it inside plugins or rules will immediately be visible to any subsequent operations18:20
dtantsurcid: re outreachy: we participate as part of the OpenStack community, so it has to be something inside OpenStack18:22
ciddtantsur, ++. I could quickly check again on devstack, but the last time I tested, unless I returned a copy, updates do not reflect to the output from `openstack baremetal node inventory save node-0 | python -m json.tool | less -S`18:22
dtantsurso metal3 would be a stretch (although improving the metal3 CI job on ironic potentially not)18:22
cardoeJayF: unfortunately that's using the direct deploy and the fact that there's an image I can write. But I cannot write an image.18:23
cidMight I be looking at the wrong place?18:23
dtantsurcid: yeah, let's double-check it. you're not calling copy() explicitly, are you?18:23
JayFcardoe: that's custom-agent; I'm suggesting a completely new thing18:23
dtantsuralso custom-agent does not expect an image18:23
dtantsurit does expect IPA though18:24
ciddtantsur, re: explicit call: Erm, nop. So I will double-check ! 18:26
opendevreviewVerification of a change to openstack/ironic-python-agent master failed: Lockout agent command results if a token is received  https://review.opendev.org/c/openstack/ironic-python-agent/+/94201018:26
dtantsurcid: I have a headache now, remind me tomorrow (ideally a few hours earlier), I'll take another look at the patch18:27
cidSure thing. I should have updated the patch by then. Here's the right place to look: https://review.opendev.org/c/openstack/ironic/+/94211218:28
dtantsurcid: maybe a result of some sanitizing?18:28
ciddtantsur. I really don't know. I was thinking if it's possible the plugin data have never being written to memory at the point of an action call.18:30
cidI will just have to check once more to be sure.18:31
dtantsurit's just a Python dict18:31
dtantsurunless we accidentally copy it, it should be shared between all hooks and rules18:31
cidRight!18:31
dtantsurRemind me if I forget to take another look tomorrow18:37
dtantsurTried now, but cannot think clearly18:38
dtantsurSee you folks18:38
cidYou can count on that :D o/18:40
opendevreviewSatoshi Shirosaka proposed openstack/ironic master: Add extra log to is_image_available  https://review.opendev.org/c/openstack/ironic/+/94264118:59
opendevreviewJulia Kreger proposed openstack/ironic master: WIP: hooking in an external network simulator  https://review.opendev.org/c/openstack/ironic/+/94229819:04
opendevreviewMerged openstack/ironic master: Add ironic-novncproxy service  https://review.opendev.org/c/openstack/ironic/+/93919119:06
opendevreviewJay Faulkner proposed openstack/ironic-lib master: Deprecate ironic-lib master branch  https://review.opendev.org/c/openstack/ironic-lib/+/93927719:18
JayF^ is teed up for merge now, V+1 with noop jobs19:20
JayFI'll self-merge if it's not landed in a while, just would rather avoid if other folks are around19:20
opendevreviewMerged openstack/ironic-lib master: Deprecate ironic-lib master branch  https://review.opendev.org/c/openstack/ironic-lib/+/93927719:22
JayFRIP https://opendev.org/openstack/ironic-lib 2015-202519:25
JayFonly remaining changes needed have been cleaned up and must be approved by others19:25
opendevreviewSatoshi Shirosaka proposed openstack/ironic-python-agent master: WIP Add ContainerHardwareManager  https://review.opendev.org/c/openstack/ironic-python-agent/+/94171419:50
TheJuliacardoe: one quick test on your properties fix. Just to make sure we don't end up in the same conundrum19:57
satoshiI'm trying to use the container for the cleaning process via Podman. It successfully downloads the image from the local registry but it has an issue running it because I cannot see the output. 19:58
satoshiDo you have any idea about this?19:58
satoshiThis is the change I have. https://review.opendev.org/c/openstack/ironic-python-agent/+/94171419:58
JayFCan you pastebin the output that you got form the agent machine? the full boot19:58
satoshiDoes the paste bin has the length limit? I canno paste it fully20:17
JayFTry just hitting the upload button in irc cloud and telling it post text snippet20:24
JayFI think the limit for that is something like 100K20:24
JayFIf it's still too big, just pair it down to the parts that come from after the IPA starts20:25
satoshihttps://www.irccloud.com/pastebin/AeWNGhat/20:31
satoshihttps://www.irccloud.com/pastebin/fYo7ttaF/20:33
satoshihttps://www.irccloud.com/pastebin/jzmQ6FeX/20:33
satoshihttps://www.irccloud.com/pastebin/E531hdaK/20:33
satoshihttps://www.irccloud.com/pastebin/pYLWgGUe/20:33
cardoeTheJulia: so like I was saying in the meeting. I wanna refactor the code we've got to just use the SDK Image object and use some type annotations around that if that's okay. But that'd be a bigger non-backport-able change.20:39
TheJuliaspeaking of meetings, I'm in a meeting right now :(20:40
JayFsatoshi: https://review.opendev.org/c/openstack/ironic-python-agent/+/941714/6#message-562fd498ba6dba41664d1c27ac22c4ad39fdb3ca I think your root cause is around logging not working, not around the container not working20:40
cardoeone head scratcher with this anaconda deploy... it's tossing a file in the conductor called "disk" and it's a gzipped ELF.. no idea what it is.20:53
JayFare you sure that's what it is? and not just file doing a bad job id'ing it?20:54
cardoeI've ungzipped it and it's coming up as a 386 ELF.20:54
cardoeSo maybe20:55
JayFhttps://opendev.org/openstack/oslo.utils/src/branch/master/oslo_utils/imageutils/cli.py#L3120:55
JayFrun that on it20:55
JayFin verbose20:55
JayFsee if it finds an image20:55
cardoeokay. I'm basically trying to figure out how to get the configdrive over to my ESXi installer.20:56
cardoeI see the kickstart stuff templates it out in its only syntax.20:56
cardoeThat's why I was asking how the agent got the config drive.20:56
JayFposted to standby.prepare_image20:58
JayFit seems20:58
JayF...as either a gzip+base64 blob20:58
JayFor as a URL20:58
JayFper the pydoc on that method20:58
cardoe'agent_status': 'start', 'agent_status_message': 'Deployment starting. Running pre-installation scripts.', 21:00
cardoeSuch excite. Many wow.21:00
opendevreviewAdam McArthur proposed openstack/ironic-tempest-plugin master: Testing bad microversions on v1/conductors  https://review.opendev.org/c/openstack/ironic-tempest-plugin/+/94263221:20
opendevreviewAdam McArthur proposed openstack/ironic-tempest-plugin master: Testing bad microversions on v1/portgroups and v1/node/{node_id}/portgroup  https://review.opendev.org/c/openstack/ironic-tempest-plugin/+/94263621:25
opendevreviewSatoshi Shirosaka proposed openstack/ironic-python-agent master: WIP Add ContainerHardwareManager  https://review.opendev.org/c/openstack/ironic-python-agent/+/94171421:30
opendevreviewAdam McArthur proposed openstack/ironic-tempest-plugin master: Testing bad microversions on v1/runbooks  https://review.opendev.org/c/openstack/ironic-tempest-plugin/+/94263421:32
satoshijay: Updated the code as advised.  Got new errors and clean failure now.21:44
satoshihttps://www.irccloud.com/pastebin/TDSZOR2D/21:44
JayFclean failing when container failed is an improvement \o/21:44
JayF[  183.514892] ironic-python-agent[534]: Stderr: 'Error: OCI runtime error: crun: pivot_root: Invalid argument\n': oslo_concurrency.processutils.ProcessExecutionError: Unexpected error while running command.21:45
JayFthat's a fun one21:45
JayFI am generally unfamiliar with this error and we'll have to dig21:45
JayFI'm surprised it didn't just work21:45
cardoeJayF: ah so I see the conductor is gonna call the agent's URL and pass the configdrive info that way.21:49
satoshiYeah, sure. I will research it some more. 21:50
JayFhttps://forum.tinycorelinux.net/index.php/topic,21089.0.html21:50
JayFsatoshi: ^ basically it sounds like it's trying to pivot_root which is completely forboden (today I learned) inside a ramdisk21:51
JayFthere might be a way to disable pivot root21:51
JayFthe answer in 2017 was DOCKER_RAMDISK=true in the dockerd spawn21:51
JayFbut there's likely  amore generic way now21:51
cardoeWhat I'm trying to do now is download the instance_metadata / configdrive and parse the network_data.json to setup the network before rebooting out of their installer.21:52
cardoeBut otherwise this works with very minimal Ironic tweaks.21:53
JayFyeah I figured all the framing was there for it21:53
JayFjust a matter of reassembling context on what goes where21:53
cardoeWell most of the fixes are to make the anaconda deploy interface actually work again21:58
opendevreviewSteve Baker proposed openstack/ironic master: Add systemd provider for console containers  https://review.opendev.org/c/openstack/ironic/+/94161422:08
opendevreviewSteve Baker proposed openstack/ironic master: Implement drivers redfish-graphical, fake-graphical  https://review.opendev.org/c/openstack/ironic/+/94161522:08
opendevreviewSteve Baker proposed openstack/ironic master: Add vnc-container image build  https://review.opendev.org/c/openstack/ironic/+/94201722:08
opendevreviewSteve Baker proposed openstack/ironic master: Implement graphical console read-only support  https://review.opendev.org/c/openstack/ironic/+/94230022:08
opendevreviewSteve Baker proposed openstack/ironic master: Fix default IRONIC_DEFAULT_TRAITS setting  https://review.opendev.org/c/openstack/ironic/+/94264722:08
stevebaker[m]I'm going to need that fix from vsaienko for nova vnc console to work 22:13
cardoehttps://www.irccloud.com/pastebin/j6SlKIMJ/22:15
cardoeJayF: ^ isn't that what you were hitting?22:15
JayFis one of the images in your flow22:15
JayFnot public?22:15
JayFif so, yes potentially22:15
JayFsee https://bugs.launchpad.net/ironic/+bug/209927622:15
JayFwhich lays out the flow22:16
cardoeSo the weird thing there... the machine stayed in "wait call-back" the entire time the installer ran. Only when the installer finished did it switch to deploying.22:20
cardoeMy images are "shared", which is what the Anaconda docs say they need to do.22:21
JayFthe anaconda docs are wrong22:21
JayFthey need to be public22:22
JayFit all uses the same authorization code now22:22
* JayF suspects that doc was written against a purple! fork22:22
cardoeI've got a pile of notes that are gonna go into a doc update.22:28
cardoeBut first I wanna get this to work once.22:28
JayFwell22:28
JayFbug 2099276 aims to make the doc right22:28
JayFlol22:28
JayFwe said, in there, we wanted to open it to shared, not just public22:28
cardoeI honestly think we should remove the kickstart template from shipping as part of Ironic.22:28
JayFgiven the authorization model for glance with shared is basically "do you know the uuid?" 22:28
JayFmy impression is that it's intended as much as an example as a drop-in22:29
JayFit used to be more common for us to have files like that, e.g. the pxe config template22:29
cardoeYes. But I think you're gonna want it to be a per-image thing.22:29
cardoeThe only time it makes sense to have a global one is if you're deploying the same distro in 6 different flavors.22:29
JayFWhat information would ironic have to make a per-image decision?22:29
cardoeNone. But you need to customize it per distro.22:30
JayFoh, you can pass a different ks template, I believe, yeah?22:30
JayFand I think some of that metadata is in image_info22:30
cardoeOn a per image basis or a global Ironic one.22:30
JayF^^^ if it's in image_info, it's in glance riding along with the image22:30
JayFbut I may not fully remember all the moving parts22:30
cardoeIt is.22:30
cardoeI'm uploading my own ks_template to glance.22:31
JayFI'll note this interface has a long-standing feature request from cern to allow user templates22:31
cardoeBut I'm saying Ironic shipping a "global" default is likely wrong.22:31
cardoeGot a link to the feature request?22:31
JayFI don't know if it's bugged, but it's been discussed nearly anytime I meet them in person22:31
JayFI think we go "how do we pipe that through nova" and the conversation goes down the pipe22:31
cardoeI've already got an idea how to do it with a cloud-init style user_data22:32
JayFI'd suggest writing the flow down and getting nova and ironic folks to review it before you get too far down the path22:32
JayFif you want it to be upstreamable22:32
cardoeSo I think we bumped from "testing" (which is non-voting) from CentOS 7/8 to CentOS 9. We're using the ks_template that's baked into Ironic. But that template won't work with 9.22:32
JayFand nowish is the right time to start motion on that22:32
cardoeThat's why I'm saying shipping the template is wrong.22:33
cardoeI'll write down the flow once I get it to work correctly once. :D22:34
cardoehttps://opendev.org/openstack/ironic/src/commit/b44cce176fbb8c81c813304cd443d0f2c20ab6b2/ironic/common/kickstart_utils.py#L127-L14122:34
JayFthat code is the primary reason this is anaconda-coded instead of being generic22:35
cardoehttps://opendev.org/openstack/ironic/src/commit/b44cce176fbb8c81c813304cd443d0f2c20ab6b2/ironic/common/kickstart_utils.py#L14722:35
cardoeYeah except it's coded against a specific anaconda.22:35
cardoeRHEL != Fedora as well.22:35
cardoeThe hardcoded path won't work against CentOS 9, cause I tried just to see what the data was like.22:36
JayFI mean, you're right, but you're also essentially trailblazing. AFAIK, this driver has been used by two ironic-contributing places in total: yahoo (who wrote it downstream + upstreamed this improved version of it), and cern22:36
cardoeI'll fix it. It'll be my pile of yaks to fix.22:37
cardoeI wanted to work on inspection and redfish but this will have to do.22:37
JayFYeah. I already had to fight off the city once, I'm not zoned to have this large of a yak stack22:38
opendevreviewDoug Goldstein proposed openstack/ironic master: fix glance metadata layout  https://review.opendev.org/c/openstack/ironic/+/94249623:36
cardoeI've created https://bugs.launchpad.net/ironic/+bug/2099953 and updated the commit message to say that fixes that.23:37
JayFcardoe: we need a release note for backportable patches to be backported23:38
cardoehttps://bugs.launchpad.net/ironic/+bug/2099275 is my bug for the follow on work to make this more robust.23:38
cardoeokay I'll add a release note.23:38
JayFthe bug note in commit should be useful for future devs \o/23:38
* JayF &23:41
« Sunday, 2025-02-23 Index Tuesday, 2025-02-25 »

Generated by irclog2html.py 2.17.3 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!