mtaylor22 | hello, morning! | 00:00 |
---|---|---|
*** williamcaban has quit IRC | 00:02 | |
*** tonanhngo has joined #openstack-kolla | 00:02 | |
openstackgerrit | Serguei Bezverkhi proposed openstack/kolla: Adding required check for Orchestration Kubernetes https://review.openstack.org/368469 | 00:04 |
*** tonanhngo has quit IRC | 00:04 | |
*** daneyon has joined #openstack-kolla | 00:05 | |
*** fguillot has quit IRC | 00:05 | |
*** Mech422 has joined #openstack-kolla | 00:09 | |
*** daneyon has quit IRC | 00:10 | |
*** yingjun has joined #openstack-kolla | 00:13 | |
*** fguillot has joined #openstack-kolla | 00:14 | |
*** caowei has joined #openstack-kolla | 00:15 | |
*** Mech422 has quit IRC | 00:15 | |
*** mbound has joined #openstack-kolla | 00:16 | |
*** Mech422 has joined #openstack-kolla | 00:20 | |
*** mbound has quit IRC | 00:21 | |
*** tonanhngo has joined #openstack-kolla | 00:23 | |
*** tonanhngo has quit IRC | 00:24 | |
*** Mech422 has quit IRC | 00:25 | |
*** Mech422 has joined #openstack-kolla | 00:25 | |
*** fragatina has joined #openstack-kolla | 00:39 | |
*** caowei has quit IRC | 00:41 | |
*** unicell has joined #openstack-kolla | 00:46 | |
*** zhubingbing_ has joined #openstack-kolla | 00:52 | |
*** unicell has quit IRC | 00:52 | |
*** williamcaban has joined #openstack-kolla | 00:59 | |
openstackgerrit | Merged openstack/kolla-kubernetes: Add the ability to create services from the CLI https://review.openstack.org/368438 | 01:00 |
*** yingjun has quit IRC | 01:01 | |
openstackgerrit | Kevin Fox proposed openstack/kolla-kubernetes: l3/metadata DaemonSets + DVR, & labels https://review.openstack.org/357557 | 01:05 |
openstackgerrit | Kevin Fox proposed openstack/kolla-kubernetes: remove redundant -configmap from names https://review.openstack.org/368460 | 01:05 |
*** yingjun has joined #openstack-kolla | 01:06 | |
*** duonghq has joined #openstack-kolla | 01:13 | |
duonghq | morning | 01:13 |
zhubingbing_ | morning | 01:14 |
zhubingbing_ | hi | 01:14 |
duonghq | hi zhubingbing_ | 01:15 |
duonghq | new week :) | 01:15 |
zhubingbing_ | yeah | 01:15 |
zhubingbing_ | new begin | 01:15 |
*** zhurong has joined #openstack-kolla | 01:15 | |
openstackgerrit | Kevin Fox proposed openstack/kolla-kubernetes: remove redundant -configmap from names https://review.openstack.org/368460 | 01:18 |
*** tonanhngo has joined #openstack-kolla | 01:18 | |
*** tonanhngo has quit IRC | 01:21 | |
openstackgerrit | Serguei Bezverkhi proposed openstack/kolla: Adding required check for Orchestration Kubernetes https://review.openstack.org/368469 | 01:24 |
*** neilus has joined #openstack-kolla | 01:26 | |
*** neilus has quit IRC | 01:30 | |
openstackgerrit | caoyuan proposed openstack/kolla: Correct the name of file and it's path https://review.openstack.org/368514 | 01:31 |
*** rhallisey has quit IRC | 01:46 | |
*** rhallisey has joined #openstack-kolla | 01:46 | |
*** hieulq has joined #openstack-kolla | 01:52 | |
*** daneyon has joined #openstack-kolla | 01:54 | |
openstackgerrit | caoyuan proposed openstack/kolla: Use "node" take place of "nodes" https://review.openstack.org/368519 | 01:56 |
*** daneyon has quit IRC | 01:58 | |
*** rhallisey has quit IRC | 02:02 | |
*** rhallisey has joined #openstack-kolla | 02:02 | |
openstackgerrit | Merged openstack/kolla-kubernetes: l3/metadata DaemonSets + DVR, & labels https://review.openstack.org/357557 | 02:04 |
openstackgerrit | Merged openstack/kolla-kubernetes: remove redundant -configmap from names https://review.openstack.org/368460 | 02:04 |
*** rhallisey has quit IRC | 02:06 | |
*** rhallisey has joined #openstack-kolla | 02:07 | |
openstackgerrit | Ryan Hallisey proposed openstack/kolla-kubernetes: Use resource_name instead of service_name https://review.openstack.org/368504 | 02:11 |
*** fguillot has quit IRC | 02:16 | |
openstackgerrit | Merged openstack/kolla-kubernetes: Docker systemd fix https://review.openstack.org/365664 | 02:17 |
*** rhallisey has quit IRC | 02:20 | |
openstackgerrit | Merged openstack/kolla-kubernetes: Use resource_name instead of service_name https://review.openstack.org/368504 | 02:20 |
openstackgerrit | Zeyu Zhu proposed openstack/kolla: When deployment with multinode, using this script can make service visit the target_node without password, it will make the process of the deployment simple. using method: ./trustme.sh <target_node ip> <password> https://review.openstack.org/368524 | 02:35 |
openstackgerrit | zhubingbing proposed openstack/kolla: Added grafana role https://review.openstack.org/346450 | 02:41 |
openstackgerrit | Kevin Fox proposed openstack/kolla-kubernetes: Fix mariadb pvc name https://review.openstack.org/368525 | 02:46 |
*** mandre has quit IRC | 02:47 | |
*** yuanying has quit IRC | 02:51 | |
*** Jeffrey4l has quit IRC | 02:52 | |
*** Jeffrey4l has joined #openstack-kolla | 02:58 | |
sbezverk | Jeffrey4l: ping | 03:02 |
Jeffrey4l | sbezverk, pong | 03:03 |
sbezverk | Jeffrey4l: when genconfig renders some jinja2 statement it delets trailing newline and two lines get concatinated. DO you know how to disable it? | 03:04 |
Jeffrey4l | genconfig just render kolla-build.conf. is it render jinja2? | 03:05 |
Jeffrey4l | sbezverk, ^ | 03:05 |
sbezverk | Jeffrey4l: ansible templates have jinja2 code | 03:06 |
duonghq | Seems that something wrong with binary ubuntu gate? | 03:07 |
sbezverk | Jeffrey4l: see these two lines | 03:07 |
sbezverk | osapi_compute_listen = {% if orchestration_engine == 'KUBERNETES' %}{{ api_interface_address }}{% else %}{{ hostvars[inventory_hostname]['ansible_' + api_interface]['ipv4']['address'] }}{% endif %} | 03:07 |
sbezverk | osapi_compute_listen_port = {{ nova_api_port }} | 03:07 |
sbezverk | instead of keeping then as two separate line in nova.conf | 03:07 |
sbezverk | they got merged into 1 line | 03:08 |
sbezverk | osapi_compute_listen = 0.0.0.0 osapi_compute_listen_port = 8774 | 03:08 |
Jeffrey4l | sbezverk, ok, understand.. never saw this. let me check the code. | 03:09 |
sbezverk | Jeffrey4l: thanks, I tried to find a solution but nothing seems to help here :-( | 03:10 |
Jeffrey4l | should be some jinja2 stuff. | 03:11 |
Jeffrey4l | why not use {{ api_interface_address }} here directly? sbezverk | 03:12 |
Jeffrey4l | https://github.com/openstack/kolla/blob/master/ansible/group_vars/all.yml#L57 | 03:12 |
Jeffrey4l | it is equal to hostvars[inventory_hostname]['ansible_' + api_interface]['ipv4']['address' | 03:12 |
Jeffrey4l | sbezverk, ^ | 03:12 |
Jeffrey4l | sbezverk, where is you PS for this change? any link about this? | 03:13 |
sbezverk | Jeffrey4l: cannot ansible_eth0 does not exist in kubernetes | 03:14 |
Jeffrey4l | sbezverk, this is defined in group_vars/all.yml file | 03:14 |
Jeffrey4l | api_interface_address: "{{ hostvars[inventory_hostname]['ansible_' + api_interface]['ipv4']['address'] if orchestration_engine == 'ANSIBLE' else '0.0.0.0' }}" | 03:14 |
sbezverk | we cannot relay on any code where hostvars[inventory_hostname]['ansible_' + api_interface]['ipv4'] is used | 03:14 |
*** neilus has joined #openstack-kolla | 03:14 | |
Jeffrey4l | i think it is all you need. | 03:14 |
sbezverk | https://review.openstack.org/#/c/368469 | 03:15 |
sbezverk | Jeffrey4l: -----^ | 03:15 |
Jeffrey4l | osapi_compute_listen = {{ api_interface_address }} should work. | 03:15 |
Jeffrey4l | it use `0.0.0.0` when orchestration_engine != ANSIBLE | 03:15 |
Jeffrey4l | sbezverk, ^ | 03:15 |
sbezverk | ok let me try | 03:16 |
Jeffrey4l | duonghq, yep. fix is here https://review.openstack.org/368342 | 03:16 |
Jeffrey4l | UCA package bust the gate. | 03:17 |
duonghq | Jeffrey4l: roger | 03:18 |
*** neilus has quit IRC | 03:19 | |
sbezverk | Jeffrey4l: it works for me, so I can safely replace everywhere the condition and use just api_interface_address | 03:20 |
Jeffrey4l | sbezverk, OK. cool | 03:20 |
sbezverk | Jeffrey4l: thanks | 03:21 |
Jeffrey4l | the api_interface_address in group_vars/all.yml is introduced to reduce the if-else condition for orchestration_engine variable. I prefer to use this patten in other place. :) sbezverk | 03:22 |
openstackgerrit | Serguei Bezverkhi proposed openstack/kolla: Adding required check for Orchestration Kubernetes https://review.openstack.org/368469 | 03:34 |
sbezverk | Jeffrey4l: refactor with your suggestion: https://review.openstack.org/368469 | 03:34 |
zhubingbing_ | ping hiking | 03:41 |
zhubingbing_ | ping hiking | 03:41 |
zhubingbing_ | ping huikang | 03:42 |
*** yuanying has joined #openstack-kolla | 03:50 | |
*** sdake has joined #openstack-kolla | 03:54 | |
Jeffrey4l | thanks. | 03:56 |
*** unicell has joined #openstack-kolla | 03:57 | |
*** unicell has quit IRC | 03:57 | |
*** zhubingbing_ has quit IRC | 03:59 | |
*** unicell has joined #openstack-kolla | 04:02 | |
*** zhubingbing_ has joined #openstack-kolla | 04:10 | |
openstackgerrit | Hui Kang proposed openstack/kolla: Add etcd ansible role https://review.openstack.org/364662 | 04:14 |
openstackgerrit | zhubingbing proposed openstack/kolla: Added grafana role https://review.openstack.org/346450 | 04:22 |
*** daneyon has joined #openstack-kolla | 04:36 | |
*** daneyon has quit IRC | 04:41 | |
openstackgerrit | zhubingbing proposed openstack/kolla: Added grafana role https://review.openstack.org/346450 | 04:46 |
*** salv-orlando has joined #openstack-kolla | 04:52 | |
*** bdaca has joined #openstack-kolla | 04:52 | |
openstackgerrit | Bartłomiej Daca proposed openstack/kolla: Adding manila endpoints to HAProxy https://review.openstack.org/368546 | 04:53 |
*** Jeffrey4l has quit IRC | 05:00 | |
*** Jeffrey4l has joined #openstack-kolla | 05:00 | |
*** mandre has joined #openstack-kolla | 05:01 | |
*** tonanhngo has joined #openstack-kolla | 05:01 | |
*** neilus has joined #openstack-kolla | 05:02 | |
*** neilus has quit IRC | 05:07 | |
*** unicell has quit IRC | 05:07 | |
*** unicell1 has joined #openstack-kolla | 05:07 | |
*** unicell has joined #openstack-kolla | 05:11 | |
*** unicell1 has quit IRC | 05:12 | |
*** unicell1 has joined #openstack-kolla | 05:17 | |
*** unicell has quit IRC | 05:17 | |
*** msimonin has joined #openstack-kolla | 05:17 | |
*** msimonin has quit IRC | 05:18 | |
*** egonzalez90 has joined #openstack-kolla | 05:19 | |
*** egonzalez90 has quit IRC | 05:20 | |
*** egonzalez90 has joined #openstack-kolla | 05:20 | |
mtaylor22 | @Jeffrey4l ping | 05:21 |
*** senk has joined #openstack-kolla | 05:21 | |
openstackgerrit | Eduardo Gonzalez proposed openstack/kolla: Add Senlin Ansible role https://review.openstack.org/339725 | 05:26 |
Jeffrey4l | mtaylor22, pong | 05:30 |
mtaylor22 | hello :) | 05:30 |
mtaylor22 | ive been digging more into RTNETLINK issue | 05:30 |
mtaylor22 | ah 1 moment | 05:30 |
Jeffrey4l | cool | 05:31 |
Jeffrey4l | any deeper find? | 05:32 |
mtaylor22 | its hard to say | 05:32 |
*** egonzalez90 has quit IRC | 05:32 | |
mtaylor22 | it looks like docker is using shm (which is normal), but i think there may be associations between those and the namespaces | 05:32 |
mtaylor22 | once i unmounted the shm mounts, i could 'ip netns del <ns>' | 05:33 |
mtaylor22 | mind you, docker was stopped | 05:33 |
mtaylor22 | just trying again to confirm | 05:33 |
mtaylor22 | i am focusing more on docker at the moment | 05:33 |
mtaylor22 | and also iproute2 packges | 05:33 |
mtaylor22 | iproute2 is meant to unlink, wait, unmount namespaces | 05:34 |
mtaylor22 | even if the namespaces are in use | 05:34 |
mtaylor22 | latest stable release is 4.6.0, however CentOS upstream only has 3.10.0 | 05:35 |
mtaylor22 | so i want to check changelogs between builds on that too | 05:35 |
mtaylor22 | 4.6.0 is in fc25 | 05:38 |
bjolo | morning | 05:40 |
mtaylor22 | sup | 05:40 |
bjolo | coffe :) | 05:42 |
mtaylor22 | ah yes | 05:42 |
mtaylor22 | just had one then too :p | 05:42 |
mtaylor22 | except its 15:44 here | 05:44 |
bjolo | where are you? japan? | 05:44 |
Jeffrey4l | mtaylor22, nice dig. I think we will find the root cause soon. :) | 05:44 |
mtaylor22 | i hope so | 05:45 |
*** senk has quit IRC | 05:45 | |
mtaylor22 | atm i am just building a rpm for iproute2 4.6.0 under kernel uhh | 05:45 |
*** senk has joined #openstack-kolla | 05:46 | |
Jeffrey4l | just want to make clear: if we do not use shm in container, the docker will stopped when run `ip netns del`? | 05:46 |
Jeffrey4l | mtaylor22, ^ | 05:46 |
mtaylor22 | hm | 05:47 |
*** senk has quit IRC | 05:47 | |
mtaylor22 | unsure | 05:47 |
mtaylor22 | actually i wonder what semaphores are in use | 05:48 |
mtaylor22 | after docker dies | 05:48 |
mtaylor22 | Jeffrey4l: can you rephrase that question? (sorry) | 05:48 |
mtaylor22 | ie. will docker die if i run `ip netns del` ? | 05:48 |
Jeffrey4l | <mtaylor22> once i unmounted the shm mounts, i could 'ip netns del <ns>' | 05:48 |
Jeffrey4l | <mtaylor22> mind you, docker was stopped | 05:48 |
Jeffrey4l | yep. | 05:48 |
mtaylor22 | i haven't tested not using shm in the container | 05:49 |
mtaylor22 | i need to research a bit more to understand how docker uses shm | 05:49 |
Jeffrey4l | ok. so you tried umounting the shm from container during the container is running? | 05:49 |
mtaylor22 | ooooh | 05:50 |
mtaylor22 | no, i haven't done that. | 05:50 |
mtaylor22 | i have not unmounted shm mounts while container is running. only while container is stopped | 05:50 |
Jeffrey4l | OK. got. | 05:50 |
mtaylor22 | http://pastebin.com/5xDre0d3 | 05:50 |
Jeffrey4l | `docker run --shm-size 0 ` this should disable the shm in container | 05:50 |
mtaylor22 | roger, i'll test in a moment. | 05:51 |
mtaylor22 | lol ignore line 60. | 05:51 |
Jeffrey4l | got. clearly. | 05:51 |
Jeffrey4l | mtaylor22, have u tried to delete all the interfaces in the namespace before deleting it? | 05:52 |
mtaylor22 | yes | 05:52 |
mtaylor22 | i tried that earlier, was unable to remove the interfaces | 05:52 |
Jeffrey4l | ok. | 05:52 |
mtaylor22 | ill try with shm size 0 shortly. | 05:53 |
mtaylor22 | just fixing the enviroment after breaking it (lol) | 05:53 |
Jeffrey4l | OK. thanks. | 05:53 |
mtaylor22 | the thing that annoys me the most is `ip netns pids <ns>` does not work from the host, or inside containers .. | 05:55 |
Jeffrey4l | hmm --shm-size 0 seems not work. | 05:55 |
Jeffrey4l | the docker ignore the value `0` and use 64M still. | 05:56 |
openstackgerrit | zhubingbing proposed openstack/kolla: Added grafana role https://review.openstack.org/346450 | 05:57 |
mtaylor22 | ok | 05:59 |
mtaylor22 | i am checking to see what semaphores are left over once docker has stopped | 05:59 |
*** egonzalez90 has joined #openstack-kolla | 06:00 | |
egonzalez90 | morning guys | 06:00 |
Jeffrey4l | OK | 06:00 |
Jeffrey4l | morning :) | 06:01 |
egonzalez90 | still ubuntu neutron-server broken? | 06:02 |
bjolo | morning egonzalez90 | 06:07 |
*** yingjun has quit IRC | 06:17 | |
*** haplo37 has quit IRC | 06:19 | |
*** caowei has joined #openstack-kolla | 06:20 | |
*** haplo37 has joined #openstack-kolla | 06:22 | |
*** coolsvap has joined #openstack-kolla | 06:22 | |
Jeffrey4l | egonzalez90, yep. fix is here https://review.openstack.org/368342 | 06:25 |
Jeffrey4l | coolsvap, could u review this? https://review.openstack.org/368342 | 06:25 |
Jeffrey4l | it blocked the ubuntu binary gate. | 06:25 |
coolsvap | Jeffrey4l: ack | 06:26 |
*** dupengfei has joined #openstack-kolla | 06:26 | |
Jeffrey4l | thanks. | 06:26 |
coolsvap | Jeffrey4l: np :) gate looks good (green) now :) | 06:27 |
dupengfei | Hello, Is Kevin Fox here? | 06:27 |
dupengfei | Kevin Fox: Is Kevin Fox here ? | 06:27 |
coolsvap | Jeffrey4l: we should probably get some consensus on voting gates sooner than later | 06:27 |
Jeffrey4l | dupengfei, seems no. | 06:27 |
dupengfei | oh,~~ | 06:28 |
coolsvap | dupengfei: you are around 8-10 hrs early | 06:28 |
Jeffrey4l | coolsvap, agreed. | 06:28 |
dupengfei | Oh, I see. | 06:28 |
Jeffrey4l | But question is: we need enable the voting branch by branch. rather than enable on all branches. | 06:28 |
openstackgerrit | Merged openstack/kolla: Add neutron-lbaas-agent to exlude image for Ubuntu binary https://review.openstack.org/368342 | 06:28 |
coolsvap | Jeffrey4l: yes | 06:29 |
coolsvap | but then only the gating failures will be taken seriously and debugged by more people | 06:29 |
dupengfei | Is there a good IRC client instead of http://webchat.freenode.net ? (windows) | 06:30 |
coolsvap | xchat is available on windows i suppose | 06:30 |
mtaylor22 | mIRC also | 06:30 |
coolsvap | mIRC requires to purchase some licence iirc | 06:31 |
dupengfei | xchat don't work because of authentication issues. | 06:31 |
dupengfei | I try mIRC later. | 06:31 |
Jeffrey4l | dupengfei, try this https://hexchat.github.io/downloads.html | 06:31 |
mtaylor22 | ah 30 days | 06:31 |
mtaylor22 | for mIRC | 06:31 |
Jeffrey4l | this is free :) | 06:31 |
dupengfei | thanks, I try. | 06:31 |
coolsvap | you can also try irccloud unless you want to move out of web based clients | 06:32 |
openstackgerrit | Nguyen Hung Phuong proposed openstack/kolla-kubernetes: TrivialFix: Remove unused code https://review.openstack.org/368569 | 06:33 |
dupengfei | You mean other clients are of web based clients ? | 06:33 |
*** dupengfei has left #openstack-kolla | 06:38 | |
*** dupengfei has joined #openstack-kolla | 06:41 | |
mtaylor22 | Jeffrey4l: iproute2-4.6.0 building now | 06:44 |
mtaylor22 | (for testing) | 06:44 |
Jeffrey4l | roger | 06:44 |
*** senk has joined #openstack-kolla | 06:46 | |
*** neilus has joined #openstack-kolla | 06:51 | |
dupengfei | Is there anyone here interested in kolla-k8s? | 06:55 |
*** neilus has quit IRC | 06:55 | |
egonzalez90 | dupengfei, yup | 06:56 |
dupengfei | I see some confusion in the new features. | 06:56 |
dupengfei | The configure file is generated by kolla-ansible. | 06:56 |
dupengfei | but, the init container change the IP in the kolla-k8s pod yml.j2 | 06:57 |
zhubingbing_ | yes | 06:57 |
dupengfei | In my mind, the IP can be well assigned in kolla-ansible, | 06:58 |
dupengfei | Why do the init_container step ? | 06:58 |
zhubingbing_ | k8s the container is stateless. | 06:58 |
dupengfei | If we use init_container, we should make all the config, not only some IP. | 06:58 |
zhubingbing_ | k8s service ip can fixed | 06:59 |
dupengfei | In k8s, we use DNS domain instead of cluster-IP, | 07:00 |
dupengfei | we can config with dns domain. | 07:00 |
zhubingbing_ | sure,good job, you can look this kube2sky | 07:01 |
mtaylor22 | no go Jeffrey4l :( | 07:01 |
mtaylor22 | http://pastebin.com/raw/UekR01mi | 07:02 |
Jeffrey4l | hmm. OK. | 07:03 |
openstackgerrit | Nguyen Hung Phuong proposed openstack/kolla-kubernetes: Clean imports in code https://review.openstack.org/368592 | 07:11 |
*** matrohon has joined #openstack-kolla | 07:13 | |
*** berendt has joined #openstack-kolla | 07:15 | |
*** berendt has quit IRC | 07:15 | |
*** berendt has joined #openstack-kolla | 07:16 | |
berendt | morning guys | 07:16 |
*** daneyon has joined #openstack-kolla | 07:18 | |
*** mgoddard has joined #openstack-kolla | 07:20 | |
*** daneyon has quit IRC | 07:23 | |
*** msimonin has joined #openstack-kolla | 07:26 | |
*** tonanhngo has quit IRC | 07:27 | |
*** msimonin has quit IRC | 07:27 | |
openstackgerrit | Christian Berendt proposed openstack/kolla: Add neutron-vpnaas-agent container https://review.openstack.org/335495 | 07:41 |
openstackgerrit | Christian Berendt proposed openstack/kolla: Enable CADF events in Keystone and introduce enable_cadf_notifications https://review.openstack.org/349006 | 07:41 |
mtaylor22 | Jeffrey4l: I am leaving for the day -- i have posted more comments in https://bugs.launchpad.net/kolla/+bug/1616268 | 07:45 |
openstack | Launchpad bug 1616268 in kolla mitaka "Stale namespace removal causing "RTNETLINK answers: Invalid argument" errors" [Critical,Confirmed] | 07:45 |
openstackgerrit | zhubingbing proposed openstack/kolla: Add Barbican ansible role https://review.openstack.org/352515 | 07:46 |
*** egonzalez90 has quit IRC | 07:48 | |
openstackgerrit | Christian Berendt proposed openstack/kolla: Improve README file https://review.openstack.org/365941 | 07:52 |
zhubingbing_ | ping berendt | 07:52 |
berendt | zhubingbing_ pong | 07:52 |
zhubingbing_ | hi | 07:52 |
*** neilus has joined #openstack-kolla | 07:53 | |
*** neilus has quit IRC | 07:57 | |
*** zhurong has quit IRC | 08:03 | |
openstackgerrit | zhubingbing proposed openstack/kolla: Added grafana container https://review.openstack.org/346447 | 08:03 |
*** mbound has joined #openstack-kolla | 08:08 | |
openstackgerrit | Zeyu Zhu proposed openstack/kolla: When deployment with multinode, using this script can make service visit the target_node without password. using method: ./trustme.sh <target_node ip> <password> https://review.openstack.org/368524 | 08:08 |
*** neilus has joined #openstack-kolla | 08:10 | |
*** gfidente has joined #openstack-kolla | 08:11 | |
*** mtaylor22 has quit IRC | 08:12 | |
*** egonzalez90 has joined #openstack-kolla | 08:14 | |
openstackgerrit | Nguyen Hung Phuong proposed openstack/kolla: Clean imports in code https://review.openstack.org/368624 | 08:15 |
*** neilus has quit IRC | 08:16 | |
*** neilus_ has joined #openstack-kolla | 08:17 | |
*** zhurong has joined #openstack-kolla | 08:28 | |
*** tonanhngo has joined #openstack-kolla | 08:28 | |
*** yingjun has joined #openstack-kolla | 08:29 | |
*** msimonin has joined #openstack-kolla | 08:30 | |
*** tonanhngo has quit IRC | 08:30 | |
*** salv-orl_ has joined #openstack-kolla | 08:31 | |
*** mgoddard has quit IRC | 08:32 | |
*** salv-orlando has quit IRC | 08:34 | |
*** msimonin has quit IRC | 08:34 | |
*** msimonin has joined #openstack-kolla | 08:36 | |
*** neilus_1 has joined #openstack-kolla | 08:37 | |
*** msimonin has left #openstack-kolla | 08:39 | |
*** msimonin has joined #openstack-kolla | 08:40 | |
*** neilus_ has quit IRC | 08:40 | |
*** msimonin has quit IRC | 08:41 | |
openstackgerrit | zhubingbing proposed openstack/kolla: Added grafana role https://review.openstack.org/346450 | 08:41 |
*** mgoddard has joined #openstack-kolla | 08:47 | |
*** gfidente has quit IRC | 08:47 | |
*** neilus_1 has quit IRC | 08:51 | |
*** neilus has joined #openstack-kolla | 08:52 | |
*** prithiv has joined #openstack-kolla | 08:55 | |
*** neilus has quit IRC | 08:56 | |
*** openstackgerrit has quit IRC | 09:04 | |
*** openstackgerrit has joined #openstack-kolla | 09:04 | |
*** egonzalez90 has quit IRC | 09:05 | |
*** neilus_ has joined #openstack-kolla | 09:07 | |
*** daneyon has joined #openstack-kolla | 09:07 | |
*** daneyon has quit IRC | 09:11 | |
*** zhugaoxiao has quit IRC | 09:16 | |
*** zhugaoxiao has joined #openstack-kolla | 09:17 | |
prithiv | hi. can i use recheck now. is the issue with the gate still on | 09:19 |
openstackgerrit | Paul Bourke proposed openstack/kolla: Allow mysql to be used as a database for Ceilometer https://review.openstack.org/360669 | 09:20 |
*** neilus_1 has joined #openstack-kolla | 09:21 | |
*** williamcaban has joined #openstack-kolla | 09:23 | |
*** neilus_ has quit IRC | 09:24 | |
duonghq | prithiv: it should be ok now | 09:26 |
duonghq | Jeffrey's ps is merged | 09:26 |
prithiv | okay. i will try to run recheck now. i still see errors for couple of non-voting task (which were successful before) | 09:27 |
duonghq | the ps is merged just 3hrs ago | 09:28 |
*** tonanhngo has joined #openstack-kolla | 09:28 | |
duonghq | hope that it'll be ok | 09:28 |
Jeffrey4l | prithiv, you need a rebase to include that PS. | 09:29 |
*** tonanhngo has quit IRC | 09:29 | |
duonghq | ah, forget that, Jeffrey4l | 09:29 |
openstackgerrit | Duong Ha-Quang proposed openstack/kolla: Specify 'become' to neccesary tasks (general roles) https://review.openstack.org/358539 | 09:29 |
openstackgerrit | Duong Ha-Quang proposed openstack/kolla: Specify 'become' for only neccesary tasks (default roles) https://review.openstack.org/359031 | 09:31 |
openstackgerrit | Duong Ha-Quang proposed openstack/kolla: Specify 'become' for only neccesary tasks (all other roles) https://review.openstack.org/359096 | 09:31 |
prithiv | thank you... | 09:32 |
Jeffrey4l | :) | 09:32 |
*** egonzalez90 has joined #openstack-kolla | 09:35 | |
openstackgerrit | Merged openstack/kolla: Added grafana container https://review.openstack.org/346447 | 09:37 |
openstackgerrit | dupengfei proposed openstack/kolla-kubernetes: Support nova_consoleauth and nova_novncproxy Right now, nova_consoleauth and nova_novncproxy can't be deployed by kolla-kubernetes. This feature is to implement it. I create 2 pods which kind is PetSet. https://review.openstack.org/367270 | 09:38 |
*** zhubingbing_ has quit IRC | 09:48 | |
*** zhubingbing_ has joined #openstack-kolla | 09:54 | |
*** ankush has quit IRC | 09:54 | |
*** yingjun has quit IRC | 09:54 | |
*** msimonin has joined #openstack-kolla | 09:56 | |
*** msimonin has quit IRC | 09:57 | |
openstackgerrit | Jeffrey Zhang proposed openstack/kolla: Use delorean rabbitmq https://review.openstack.org/367269 | 09:58 |
*** zhubingbing_ has quit IRC | 09:59 | |
*** zhubingbing_ has joined #openstack-kolla | 09:59 | |
*** msimonin has joined #openstack-kolla | 10:00 | |
*** msimonin has quit IRC | 10:00 | |
duonghq | which guide I should use to deploy kolla-k8 | 10:00 |
duonghq | *k8s | 10:00 |
*** zhubingbing_ has quit IRC | 10:01 | |
*** ankush has joined #openstack-kolla | 10:04 | |
*** zhurong has quit IRC | 10:04 | |
*** jmccarthy has quit IRC | 10:09 | |
*** jmccarthy has joined #openstack-kolla | 10:10 | |
*** neilus_1 has quit IRC | 10:13 | |
*** neilus_ has joined #openstack-kolla | 10:13 | |
*** fragatin_ has joined #openstack-kolla | 10:15 | |
*** williamcaban has quit IRC | 10:16 | |
openstackgerrit | Md Nadeem proposed openstack/kolla-kubernetes: Remove 'MANIFEST.in' https://review.openstack.org/368713 | 10:16 |
*** neilus has joined #openstack-kolla | 10:17 | |
*** duonghq has left #openstack-kolla | 10:19 | |
*** duonghq has quit IRC | 10:19 | |
*** sdake has quit IRC | 10:19 | |
*** fragatina has quit IRC | 10:19 | |
*** neilus has quit IRC | 10:22 | |
openstackgerrit | dupengfei proposed openstack/kolla-kubernetes: Support nova_consoleauth and nova_novncproxy https://review.openstack.org/367270 | 10:25 |
*** neilus_ has quit IRC | 10:30 | |
*** egonzalez90 has quit IRC | 10:37 | |
*** zhubingbing has joined #openstack-kolla | 10:43 | |
*** prithiv has quit IRC | 10:43 | |
zhubingbing | kolla-k8s。? | 10:44 |
*** caowei has quit IRC | 10:45 | |
*** neilus_ has joined #openstack-kolla | 10:46 | |
zhubingbing | ping <egonzalez90 | 10:46 |
zhubingbing | ping egonzalez90 | 10:46 |
*** diogogmt_ has joined #openstack-kolla | 10:52 | |
*** diogogmt has quit IRC | 10:53 | |
*** diogogmt_ is now known as diogogmt | 10:53 | |
*** daneyon has joined #openstack-kolla | 10:55 | |
*** shardy has joined #openstack-kolla | 10:56 | |
*** dupengfei has quit IRC | 10:56 | |
sean-k-mooney | out of interest what is the keystone-ssh container used for? | 10:59 |
*** daneyon has quit IRC | 10:59 | |
Jeffrey4l | sean-k-mooney, it is used for keystone fernet token. | 11:02 |
Jeffrey4l | sean-k-mooney, fernet token will distribute keys by using ssh | 11:02 |
sean-k-mooney | oh ok. we both the keystone ssh and keystone fernet conatiner seam to not build on ubuntu source currently on my system | 11:03 |
sean-k-mooney | i guess i should be able to deploy without them if im not using fernet token autentication? | 11:04 |
Jeffrey4l | sean-k-mooney, yep. what error message did you get? | 11:04 |
sean-k-mooney | for some reason it is trying to install packages for those containers and for bifrost via ipv6 so it fails to connect to the apt repo | 11:06 |
sean-k-mooney | the vm im builing in gets an ipv6 adress from openstack but i do not actully have ipv6 connectiviy to the outside world. | 11:07 |
sean-k-mooney | it should be an easy fix just wondering if i can deploy without it and fix it later. | 11:07 |
Jeffrey4l | there is nothing special for these containers and should success. i think you have some network connect issue? | 11:07 |
Jeffrey4l | you can. | 11:08 |
sean-k-mooney | well all the rest build fine | 11:08 |
sean-k-mooney | if i remove the ipv6 adress from the vm im building the images on im sure it would work fine so i think its a local env issue. just not sure why it only effect 4 images | 11:11 |
sean-k-mooney | anyway thanks | 11:11 |
*** Pavo has quit IRC | 11:17 | |
*** williamcaban has joined #openstack-kolla | 11:20 | |
*** williamcaban has quit IRC | 11:25 | |
*** Pavo has joined #openstack-kolla | 11:25 | |
*** bdaca has quit IRC | 11:27 | |
*** shardy has quit IRC | 11:29 | |
*** zhubingbing has quit IRC | 11:31 | |
openstackgerrit | Paul Bourke proposed openstack/kolla: Allow mysql to be used as a database for Ceilometer https://review.openstack.org/360669 | 11:41 |
*** zhubingbing_ has joined #openstack-kolla | 11:44 | |
zhubingbing_ | hello guys | 11:44 |
*** ccesario has joined #openstack-kolla | 11:45 | |
openstackgerrit | Merged openstack/kolla: Ansible roles for collectd Container https://review.openstack.org/366082 | 11:47 |
*** mliima has joined #openstack-kolla | 11:47 | |
zhubingbing_ | ping Paul Bourke | 11:47 |
*** gfidente has joined #openstack-kolla | 11:49 | |
pbourke | zhubingbing_: hi | 11:51 |
zhubingbing_ | hi | 11:51 |
*** rhallisey has joined #openstack-kolla | 11:52 | |
mliima | morning guys | 11:55 |
mliima | i need some reviews here -> https://review.openstack.org/#/c/366247/3 | 11:55 |
openstackgerrit | zhubingbing proposed openstack/kolla: Added grafana role https://review.openstack.org/346450 | 11:56 |
*** neilus has joined #openstack-kolla | 11:57 | |
*** Jeffrey4l_ has joined #openstack-kolla | 12:00 | |
*** Jeffrey4l_ has quit IRC | 12:01 | |
*** Jeffrey4l_ has joined #openstack-kolla | 12:01 | |
*** neilus has quit IRC | 12:02 | |
openstackgerrit | Merged openstack/kolla: Improve README file https://review.openstack.org/365941 | 12:02 |
*** lamt has quit IRC | 12:03 | |
openstackgerrit | Merged openstack/kolla: Adding manila endpoints to HAProxy https://review.openstack.org/368546 | 12:04 |
*** Jeffrey4l_ has quit IRC | 12:05 | |
*** dwalsh has joined #openstack-kolla | 12:06 | |
*** prithiv has joined #openstack-kolla | 12:15 | |
*** yingjun has joined #openstack-kolla | 12:15 | |
*** coolsvap is now known as _coolsvap_ | 12:22 | |
*** fragatin_ has quit IRC | 12:23 | |
bjolo | question about upgrades if anyone have time | 12:24 |
bjolo | is it possible to just upgrade one container? (or service) | 12:24 |
bjolo | hypothetically there is a bugg in service foo that i want to fix asap. I build new containers for foo, and do kolla-ansible upgrade | 12:25 |
bjolo | it seems like i have to build new containers for all services (or build same container but with a new version number e.g. 3.0.0.42) and upgrade all of them even though foo is the only NEW container | 12:27 |
bjolo | is this correct? | 12:27 |
*** DanyC has joined #openstack-kolla | 12:31 | |
Jeffrey4l | bjolo, it is possible. we have variable like `nova_api_tag` variable. in default it equal to `openstack_release`. But you can just specify that value. It will upgrade the nova_api only. | 12:36 |
Jeffrey4l | But Kolla do not guarantee nova work after upgrade. You need test whether only upgrade nova_api work. | 12:37 |
*** fguillot has joined #openstack-kolla | 12:40 | |
*** daneyon has joined #openstack-kolla | 12:43 | |
bjolo | Jeffrey4l, ah ok in the defaults/main.yml for each service | 12:46 |
bjolo | role | 12:46 |
*** DanyC has quit IRC | 12:48 | |
*** daneyon has quit IRC | 12:48 | |
bjolo | so i can specify it in globals.conf and then do a custom upgrade for service foo. i.e. openstack_release=3.0.0.42 and nova_api_tag=3.0.0.42patch1234 | 12:48 |
bjolo | followed by kolla-ansible upgrade | 12:49 |
bjolo | or do you mean something else? | 12:49 |
Jeffrey4l | bjolo, i think so. | 12:49 |
Jeffrey4l | openstack_release=3.0.0.42 and nova_api_tag=3.0.0.42patch1234 | 12:49 |
*** zhubingbing_ has quit IRC | 12:51 | |
openstackgerrit | Merged openstack/kolla: Use delorean rabbitmq https://review.openstack.org/367269 | 12:56 |
*** neilus has joined #openstack-kolla | 12:57 | |
*** Jeffrey4l has quit IRC | 12:59 | |
*** Jeffrey4l has joined #openstack-kolla | 12:59 | |
*** msimonin has joined #openstack-kolla | 12:59 | |
*** zhubingbing_ has joined #openstack-kolla | 12:59 | |
*** lrensing_ has joined #openstack-kolla | 13:01 | |
*** dwalsh has quit IRC | 13:01 | |
*** neilus has quit IRC | 13:02 | |
*** zhubingbing_ has quit IRC | 13:02 | |
*** msimonin has quit IRC | 13:02 | |
*** matrohon has quit IRC | 13:04 | |
*** zhubingbing_ has joined #openstack-kolla | 13:04 | |
*** msimonin has joined #openstack-kolla | 13:05 | |
*** caowei has joined #openstack-kolla | 13:08 | |
*** fguillot has quit IRC | 13:10 | |
*** msimonin has quit IRC | 13:13 | |
openstackgerrit | Serguei Bezverkhi proposed openstack/kolla-kubernetes: Adding cinder database variable https://review.openstack.org/368831 | 13:14 |
*** lamt has joined #openstack-kolla | 13:16 | |
*** dwalsh has joined #openstack-kolla | 13:17 | |
*** matrohon has joined #openstack-kolla | 13:18 | |
*** openstackgerrit has quit IRC | 13:19 | |
*** openstackgerrit has joined #openstack-kolla | 13:19 | |
*** neilus has joined #openstack-kolla | 13:24 | |
*** neilus_ has quit IRC | 13:27 | |
*** neilus_ has joined #openstack-kolla | 13:27 | |
*** neilus has quit IRC | 13:30 | |
openstackgerrit | zhubingbing proposed openstack/kolla: add telegraf log directory /var/log/kolla/telegraf https://review.openstack.org/368847 | 13:31 |
openstackgerrit | Serguei Bezverkhi proposed openstack/kolla: Adding required check for Orchestration Kubernetes https://review.openstack.org/368469 | 13:32 |
*** inc0 has joined #openstack-kolla | 13:33 | |
inc0 | good morning | 13:33 |
openstackgerrit | zhubingbing proposed openstack/kolla: add telegraf log directory /var/log/kolla/telegraf https://review.openstack.org/368847 | 13:34 |
*** lamt has quit IRC | 13:36 | |
*** zhurong has joined #openstack-kolla | 13:38 | |
*** egonzalez90 has joined #openstack-kolla | 13:39 | |
sean-k-mooney | inc0: good morning | 13:41 |
zhubingbing_ | hi | 13:41 |
sean-k-mooney | inc0: can i ask a quick question? do yo know how the ha proxy vip is allocated? that step is failing for me on master but not sure why | 13:42 |
zhubingbing_ | who can help me review https://review.openstack.org/#/c/368847/ | 13:42 |
inc0 | haproxy vip? | 13:42 |
inc0 | user has to choose it himself | 13:42 |
sean-k-mooney | inc0: yep i have chosen one 192.168.10.254 but ansible is failing on TASK [haproxy : Waiting for virtual IP to appear] | 13:43 |
*** lamt has joined #openstack-kolla | 13:44 | |
sean-k-mooney | inc0: i was just wondering if you had any tip on where to start debuging this | 13:44 |
inc0 | there can be several issues with this | 13:44 |
inc0 | first off, check if keepalived is up | 13:44 |
inc0 | ip a on nodes | 13:44 |
inc0 | see if floating is there | 13:44 |
inc0 | if it is, see if it's pingable | 13:44 |
sean-k-mooney | the ip is not pingabel. keepalived is spwaned but i did not check if it was working. | 13:45 |
inc0 | yeah do that | 13:45 |
inc0 | and if floating IP apeared | 13:45 |
sean-k-mooney | is keepalived responible for floating the ip between the nodes? | 13:45 |
inc0 | yes | 13:45 |
sean-k-mooney | ok cool am the floating ip is not on either of the nodes but ill take a look at keepalived thanks | 13:47 |
sean-k-mooney | Keepalived_vrrp[14]: VRRP_Instance(kolla_internal_vip_51) ignoring received advertisment... | 13:48 |
sean-k-mooney | receive an invalid ip number count associated with VRID! | 13:48 |
inc0 | sean-k-mooney, do you have multiple keepalived instances in same L2? | 13:50 |
*** dwalsh has quit IRC | 13:53 | |
*** neilus has joined #openstack-kolla | 13:56 | |
*** tonanhngo has joined #openstack-kolla | 13:58 | |
*** neilus has quit IRC | 14:01 | |
openstackgerrit | Christian Berendt proposed openstack/kolla: Add neutron-vpnaas-agent container https://review.openstack.org/335495 | 14:04 |
*** dwalsh has joined #openstack-kolla | 14:06 | |
*** banix has joined #openstack-kolla | 14:08 | |
openstackgerrit | zhubingbing proposed openstack/kolla: Added telegraf role https://review.openstack.org/346448 | 14:10 |
*** yingjun has quit IRC | 14:10 | |
*** yingjun has joined #openstack-kolla | 14:11 | |
lrensing_ | hello inc0 | 14:11 |
inc0 | gmorning lrensing_ | 14:11 |
lrensing_ | in the review, you left a comment about using merge_ini to avoid config overriding | 14:12 |
inc0 | yeah, we need to make this one configurable somehow | 14:13 |
inc0 | but vmtp doesnt use ini right? | 14:13 |
lrensing_ | so, when vmtp is installed using pip, the default config gets saved to ./2.7.11/lib/python2.7/site-packages/vmtp/cfg.default.yaml | 14:14 |
lrensing_ | it uses yaml | 14:14 |
lrensing_ | how would i define that directory as a source in merge_yaml | 14:15 |
*** fguillot has joined #openstack-kolla | 14:15 | |
lrensing_ | i don't know what best practices are, i would assume it shouldn't be hard coded | 14:15 |
inc0 | I don't think we have merge yaml module | 14:16 |
inc0 | however, that being said, you can use with_first_found | 14:16 |
lrensing_ | there is one in ansible/library/ | 14:17 |
lamt | inc0: https://github.com/openstack/kolla/blob/master/ansible/library/merge_yaml.py | 14:17 |
*** egonzalez90 has quit IRC | 14:18 | |
*** eaguilar has joined #openstack-kolla | 14:18 | |
inc0 | oh? how fun:) | 14:19 |
inc0 | use this then:) | 14:19 |
inc0 | that's why we have 2* +2 requirement | 14:19 |
openstackgerrit | Mick Thompson proposed openstack/kolla: Added serial option to site.yml. https://review.openstack.org/367264 | 14:20 |
lamt | the question I have per lrensing_'s comment earlier, is that the default configuration cfg.default.yaml is installed to ./2.7.11/lib/python2.7/site-packages/vmtp/cfg.default.yaml. | 14:20 |
lamt | is there a variable that can be used to reference that path, since it is not the usual {{node_config_directory}} | 14:21 |
*** neilus has joined #openstack-kolla | 14:23 | |
*** igordcard has joined #openstack-kolla | 14:26 | |
*** neilus has quit IRC | 14:28 | |
inc0 | lamt so node_config_directory will be directory mounted from host | 14:29 |
inc0 | since lrensing_ is rendering the template of config, we don't care about default any more | 14:29 |
*** salv-orlando has joined #openstack-kolla | 14:30 | |
*** egonzalez90 has joined #openstack-kolla | 14:30 | |
lamt | inc0: thanks | 14:32 |
*** michauds has joined #openstack-kolla | 14:33 | |
*** salv-orl_ has quit IRC | 14:33 | |
*** senk has quit IRC | 14:38 | |
*** lyncos_ has joined #openstack-kolla | 14:39 | |
*** yingjun has quit IRC | 14:40 | |
*** yingjun has joined #openstack-kolla | 14:40 | |
zhubingbing_ | ping Dave Walker | 14:40 |
*** zhubingbing_ has quit IRC | 14:42 | |
*** yingjun has quit IRC | 14:45 | |
openstackgerrit | Kevin Fox proposed openstack/kolla-kubernetes: Fix mariadb pvc name https://review.openstack.org/368525 | 14:48 |
*** prithiv has quit IRC | 14:48 | |
*** sdake has joined #openstack-kolla | 14:51 | |
*** sdake has quit IRC | 14:51 | |
*** sdake has joined #openstack-kolla | 14:51 | |
jmccarthy | Question about upgrades, I seem to have an issue where the configuration for keepalived is not correct when trying to do an upgrade .. anyone familiar with this sort of thing ? | 14:52 |
*** zhubingbing has joined #openstack-kolla | 14:53 | |
sbezverk | sdake: could you please check this ps we need these changes on kolla side for kubernetes config to be generated automatically without manual edtiging after: https://review.openstack.org/#/c/368469/ | 14:53 |
inc0 | jmccarthy, how not correct? | 14:53 |
jmccarthy | It's like the json that set_configs should act on doesn't happen | 14:53 |
*** neilus has joined #openstack-kolla | 14:53 | |
zhubingbing | sdake, barbican role can u review it | 14:53 |
jmccarthy | The config is /etc/keepalived/keepalived.conf is wrong (like some default one from somewhere) | 14:54 |
zhubingbing | https://review.openstack.org/#/c/352515/ | 14:54 |
jmccarthy | but the one in /var/lib/kolla/config_files is correct | 14:54 |
*** zhurong has quit IRC | 14:55 | |
jmccarthy | Sorry ok to clarify the one on the host and at the ro mount to the keepalived container is correct | 14:55 |
inc0 | and container doesn't use the one in config directory? | 14:55 |
jmccarthy | but in the container the one at /etc/keepalived is wrong | 14:55 |
inc0 | hmm | 14:55 |
inc0 | and it happends during upgrade? | 14:56 |
inc0 | did you do pull before upgrading? | 14:56 |
jmccarthy | It's like the keepalived.json.j2 actions are skipped, yep I have the new image pulled ok | 14:57 |
jmccarthy | (It is running after I run upgrade) | 14:58 |
*** neilus has quit IRC | 15:00 | |
*** mgoddard_ has joined #openstack-kolla | 15:00 | |
openstackgerrit | Serguei Bezverkhi proposed openstack/kolla-kubernetes: Adding cinder database variable https://review.openstack.org/368831 | 15:01 |
*** lrensing_ has quit IRC | 15:01 | |
*** jgriffith has quit IRC | 15:03 | |
*** mgoddard has quit IRC | 15:04 | |
*** williamcaban has joined #openstack-kolla | 15:05 | |
*** zhubingbing has quit IRC | 15:06 | |
*** lamt has quit IRC | 15:07 | |
*** zhubingbing has joined #openstack-kolla | 15:08 | |
*** williamcaban has quit IRC | 15:09 | |
*** banix has quit IRC | 15:12 | |
*** banix has joined #openstack-kolla | 15:14 | |
*** pbourke has quit IRC | 15:14 | |
*** pbourke has joined #openstack-kolla | 15:15 | |
*** unicell has joined #openstack-kolla | 15:16 | |
openstackgerrit | zhubingbing proposed openstack/kolla: Added grafana role https://review.openstack.org/346450 | 15:17 |
*** huikang has joined #openstack-kolla | 15:17 | |
*** v1k0d3n has joined #openstack-kolla | 15:17 | |
*** unicell1 has quit IRC | 15:19 | |
*** flaper87 has quit IRC | 15:21 | |
openstackgerrit | zhubingbing proposed openstack/kolla: Added grafana role https://review.openstack.org/346450 | 15:21 |
*** lamt has joined #openstack-kolla | 15:23 | |
*** matrohon has quit IRC | 15:25 | |
*** zhubingbing has quit IRC | 15:26 | |
*** msimonin has joined #openstack-kolla | 15:26 | |
*** harlowja_at_home has joined #openstack-kolla | 15:27 | |
*** srwilkers_ has joined #openstack-kolla | 15:27 | |
*** zhubingbing has joined #openstack-kolla | 15:27 | |
*** jheroux has joined #openstack-kolla | 15:27 | |
*** msimonin has quit IRC | 15:27 | |
openstackgerrit | Serguei Bezverkhi proposed openstack/kolla-kubernetes: WIP Modifying horizon pod for deployment type https://review.openstack.org/368921 | 15:27 |
*** lrensing_ has joined #openstack-kolla | 15:28 | |
*** harlowja_still_a has joined #openstack-kolla | 15:29 | |
*** caowei has quit IRC | 15:30 | |
*** harlowja_still_a has quit IRC | 15:30 | |
*** msimonin has joined #openstack-kolla | 15:31 | |
sean-k-mooney | inc0: so was in a meeting until now but yes the issue i had with the floathing ip is defently cased by keepalived | 15:31 |
sean-k-mooney | Keepalived_vrrp[14]: bogus VRRP packet received on eno2 !!! | 15:31 |
sean-k-mooney | VRRP_Instance(kolla_internal_vip_51) ignoring received advertisment... | 15:31 |
sean-k-mooney | Keepalived_vrrp[14]: VRRP_Instance(kolla_internal_vip_51) ignoring received advertisment... | 15:31 |
sean-k-mooney | receive an invalid ip number count associated with VRID! | 15:31 |
sean-k-mooney | Keepalived_vrrp[14]: receive an invalid ip number count associated with VRID! | 15:31 |
sean-k-mooney | bogus VRRP packet received on eno2 !!! | 15:31 |
sdake | sean-k-mooney try changing 51 to some other number | 15:32 |
inc0 | sean-k-mooney, you probably have different keepalived instance running in same L2 | 15:32 |
sean-k-mooney | ok will do. what is the socping for this | 15:32 |
sean-k-mooney | inc0: yes yes i do | 15:32 |
inc0 | do as sdake said - configure in globals.yml keepalived_router_id | 15:33 |
inc0 | or sth like that, can't remember exactly name of var | 15:33 |
lrensing_ | if there is a specific directory we need to use in an ansible role, where is the appropriate place to define the directory? | 15:33 |
inc0 | it's there commented, just change the id | 15:33 |
inc0 | lrensing_, dir for what | 15:33 |
inc0 | ? | 15:33 |
inc0 | brb | 15:33 |
sean-k-mooney | inc0: we used to have port level vlan seperation on our tor but we removed it recently | 15:33 |
*** inc0 has quit IRC | 15:33 | |
*** inc0 has joined #openstack-kolla | 15:34 | |
*** Jeffrey4l has quit IRC | 15:35 | |
*** Jeffrey4l has joined #openstack-kolla | 15:36 | |
*** sdake has quit IRC | 15:40 | |
*** sdake has joined #openstack-kolla | 15:40 | |
sean-k-mooney | sdake: inc0 yep that was the issue thanks | 15:47 |
sdake | sean-k-mooney - yup - we hve passwords enabled in keepalived | 15:49 |
sdake | sean-k-mooney i'd think that would prevent that problem | 15:50 |
sdake | it appears not so much | 15:50 |
*** eaguilar has quit IRC | 15:52 | |
openstackgerrit | Serguei Bezverkhi proposed openstack/kolla-kubernetes: WIP Modifying horizon pod for deployment type https://review.openstack.org/368921 | 15:55 |
*** diogogmt has quit IRC | 15:57 | |
*** neilus has joined #openstack-kolla | 15:59 | |
sean-k-mooney | sdake: are the passward for keepalived generated as part the genpasswd.py file or are they default values in ansible role i wonder | 16:00 |
sdake | sean-k-mooney no idea - Jeffrey4l added that functionality to fix the exact problem you suffered from in the box gates | 16:01 |
*** tonanhngo has quit IRC | 16:01 | |
sdake | because they lack proper network isolation | 16:01 |
sean-k-mooney | well there is an entry in the password.yml | 16:01 |
sdake | i had assumed it was working because bluebox gates stopped falling over | 16:01 |
sdake | this was 3 or 4 months ago | 16:02 |
sean-k-mooney | strange. ok well using a uniqui id "42" seams to have fixed it local. now i just need to figure our why cinder and glance do not like ceph :) | 16:03 |
sdake | nice the delorean amqp patch meerged | 16:03 |
berendt | the password is part of passwords.yml and set in the keepalived.conf template (haproxy/templates/keepalived.conf.j2: auth_pass {{ keepalived_password }}) | 16:03 |
Jeffrey4l | sean-k-mooney, what's the issue about the keepalived password? | 16:03 |
sdake | Jeffrey4l he had a keepalived collsion | 16:04 |
*** neilus has quit IRC | 16:04 | |
sdake | with multiple labs running kolla inside his environment | 16:04 |
sdake | and keepalived cratered | 16:04 |
Jeffrey4l | it is introduce in case of someone make some fake vrrp package to get the vip address. | 16:05 |
sean-k-mooney | sdake: the issue is probebly caused because the other kolla instance on that switch is currently running stable/mitaka | 16:05 |
sdake | Jeffrey4l i thought it was introduced to make keepalived handle network collsions | 16:05 |
*** thumpba has joined #openstack-kolla | 16:06 | |
sdake | sean-k-mooney - well at worst that would break the mitaka version but shuld leave mater unphaed | 16:06 |
sdake | and i thought we backported that | 16:06 |
sdake | maybe we didn't | 16:06 |
Jeffrey4l | the keepalived_virtual_router_id is used for avoiding collisions | 16:06 |
Jeffrey4l | the password is used for safety. | 16:07 |
sdake | kfox1111 back in the land of living today - you needed some assistance? | 16:07 |
sean-k-mooney | Jeffrey4l: yes if i set that it resolves the issue. | 16:07 |
Jeffrey4l | sean-k-mooney, that's why the router_id is introduced. | 16:07 |
sdake | Jeffrey4l yes but i'd think auth would keep unwanted parties from intefering with keepalived | 16:07 |
sdake | the reason it was added to my knowledge was to fix the bluebox gates | 16:08 |
kfox1111 | sdake: yeah. I've been working on getting something going for testing. | 16:08 |
sdake | among other things | 16:08 |
*** kangh_ has joined #openstack-kolla | 16:08 | |
kfox1111 | I've got instructions for getting minikube running, and launching some of the kolla-kubernetes bits in it. | 16:08 |
sean-k-mooney | it looks like even if authenticate is enabled i can break keepalived but generating packets with the same id | 16:08 |
Jeffrey4l | sdake, that's route_id not password :) | 16:08 |
kfox1111 | was thinking it might be a good start for getting some bare metal gate tests going. | 16:08 |
sdake | Jeffrey4l see sean-k-mooney 's last msg | 16:08 |
sdake | bare metal/vm? | 16:09 |
Jeffrey4l | sean-k-mooney, same route_id with different password won't work. | 16:09 |
sean-k-mooney | Jeffrey4l: same route_id with diffrent password will break keepalived | 16:09 |
Jeffrey4l | yep. | 16:09 |
sdake | wow you have to be kidding me | 16:09 |
sean-k-mooney | Jeffrey4l: isnt that a bad thing that we would like to not happen | 16:09 |
sean-k-mooney | Jeffrey4l: espcially since there are only 254 ids you can use | 16:10 |
sdake | sean-k-mooney yes - it sounds like an upstream bug to me | 16:10 |
Jeffrey4l | sean-k-mooney, so, what's your opinion? | 16:10 |
Jeffrey4l | sean-k-mooney, you can use virtual_ip with vlan? :) | 16:10 |
sdake | Jeffrey4l having keepalived spew out warnings is one thing - having keepalived crater on an invalid packet is another | 16:10 |
sdake | vlan is good answer - needs to be documented - since its a security risk | 16:11 |
*** huikang has quit IRC | 16:11 | |
sean-k-mooney | Jeffrey4l: i would have assumed if the password did not match it would discard the packet and have no other effect bar parhaps a log entry to that effect | 16:11 |
sdake | sean-k-mooney that is my thinking as well | 16:11 |
Jeffrey4l | sean-k-mooney, no. for example, we have two keepalived cluster with the same route id and different password. | 16:12 |
Jeffrey4l | each cluster has two nodes. | 16:12 |
sean-k-mooney | its not really an issue for me as this is jsut for our dev lab and i can make sure that we dont have overlaping ids | 16:12 |
Jeffrey4l | at a result, who should hold the vip? ( if the two cluster has the same vip ) | 16:13 |
berendt | i think it will help to change kolla_internal_vip_address: "169.254.169.10" to kolla_internal_vip_address: "169.254.169.${KEEPALIVED_VIRTUAL_ROUTER_ID}" | 16:14 |
openstackgerrit | zhubingbing proposed openstack/kolla: Add Barbican ansible role https://review.openstack.org/352515 | 16:15 |
berendt | I thought I proposed this in the past, but I do not find a review for it | 16:15 |
sean-k-mooney | Jeffrey4l: in that case i really dont know who should get the ip but the current situation is neither will get the ip as both keepalived instances will error | 16:15 |
Jeffrey4l | berendt, 169.254 is a loop address. that issue should never happen, unless we use a real vip share among at least two nodes. | 16:15 |
openstackgerrit | Serguei Bezverkhi proposed openstack/kolla-kubernetes: Modifying horizon pod for deployment type https://review.openstack.org/368921 | 16:15 |
openstackgerrit | zhubingbing proposed openstack/kolla: Add Barbican ansible role https://review.openstack.org/352515 | 16:16 |
Jeffrey4l | anyway, when the keepalived is not well configured ( two cluster, same route_id, different password ), it do not work and print error message in log. | 16:17 |
Jeffrey4l | i think this is reasonable. and operator should avoid this case. | 16:17 |
Jeffrey4l | ignoring it is wrong. | 16:17 |
*** vhosakot has joined #openstack-kolla | 16:18 | |
sdake | Jeffrey4l agree ignoring is inot optimal | 16:18 |
sdake | Jeffrey4l surely someone on the network should not be able to create a malformed packet and crater the entire deployment | 16:19 |
*** diogogmt has joined #openstack-kolla | 16:19 | |
sdake | and by create a malformed packet i mean "guess at the vrrp id and run keepalived" | 16:19 |
sdake | in the meantime while we sort that out I think we should recommend a vlan-based workaround | 16:20 |
sdake | with a link to a bug id | 16:20 |
*** egonzalez90 has quit IRC | 16:20 | |
sdake | sean-k-mooney could you open a bug plz with your relevant logs (if yu still hvae them) | 16:20 |
Jeffrey4l | if so, he can easily get the vip address and it turns out my above case. | 16:21 |
Jeffrey4l | ya. vlan-based network is required for security consideration. | 16:21 |
*** vhosakot has quit IRC | 16:21 | |
berendt | what about using auth_type AH instead of PASS? this will at least increase the security | 16:22 |
berendt | and we could use unicast connections instead of multicast | 16:22 |
* Jeffrey4l hmm what's this? seaching | 16:22 | |
berendt | AH uses ipsec for the authentication header, PASS transmits the password in cleartext | 16:23 |
berendt | so if you have access to the vlan used for keepalived the password is useless | 16:23 |
*** jgriffith_ has joined #openstack-kolla | 16:24 | |
Jeffrey4l | berendt, is PASS really transmits the password in cleartext? i doubt that. | 16:25 |
openstackgerrit | Serguei Bezverkhi proposed openstack/kolla-kubernetes: Modifying horizon pod for deployment type https://review.openstack.org/368921 | 16:26 |
*** vhosakot has joined #openstack-kolla | 16:27 | |
berendt | Jeffrey4l read this somewhere, I cannot find a not in the keepalived docs that is is encrypted | 16:28 |
sean-k-mooney | sdake: sure do you want me to flag them with security | 16:28 |
berendt | https://www.atlantic.net/community/howto/vrrp-keepalived-configuration/ | 16:28 |
sdake | sean-k-mooney that wuld be typical - although we have had this conversation in the open in a logged channel | 16:29 |
sdake | so genie out of the bottle | 16:29 |
*** jgriffith_ has quit IRC | 16:29 | |
*** sdake_ has joined #openstack-kolla | 16:30 | |
*** vhosakot has quit IRC | 16:32 | |
*** msimonin has quit IRC | 16:32 | |
openstackgerrit | Christian Berendt proposed openstack/kolla: Allow a custom keepalived configuration file https://review.openstack.org/368956 | 16:33 |
Jeffrey4l | berendt, you are right PASS is plain text. | 16:33 |
Jeffrey4l | https://tools.ietf.org/html/rfc2338#section-10.2 | 16:33 |
*** bmace has joined #openstack-kolla | 16:33 | |
berendt | Doh, I have not checked the RFC :( | 16:34 |
Jeffrey4l | But AH is not using ipsec. | 16:34 |
Jeffrey4l | and both of them are deprecated in latest rfc doc https://tools.ietf.org/html/rfc3768#section-5.3.6 | 16:34 |
*** ssurana has joined #openstack-kolla | 16:34 | |
*** harlowja_at_home has quit IRC | 16:35 | |
berendt | Jeffrey4l # AH - IPSEC (not recommended)) | 16:35 |
*** jgriffith has joined #openstack-kolla | 16:35 | |
openstackgerrit | Serguei Bezverkhi proposed openstack/kolla-kubernetes: Modifying horizon pod for deployment type https://review.openstack.org/368921 | 16:35 |
berendt | anyway, if it is marked as deprecated it makes no sense to use it | 16:35 |
Jeffrey4l | yep. | 16:35 |
openstackgerrit | Christian Berendt proposed openstack/kolla: Allow a custom haproxy configuration file https://review.openstack.org/368959 | 16:37 |
Jeffrey4l | fyi: This type (PASS) of authentication is useful to protect against accidental | 16:37 |
Jeffrey4l | misconfiguration of routers on a LAN. | 16:37 |
kfox1111 | nice... up through keystone working... | 16:38 |
*** senk has joined #openstack-kolla | 16:39 | |
openstackgerrit | Serguei Bezverkhi proposed openstack/kolla-kubernetes: Modifying horizon pod for deployment type https://review.openstack.org/368921 | 16:42 |
*** vhosakot has joined #openstack-kolla | 16:46 | |
*** diogogmt has quit IRC | 16:47 | |
*** unicell has quit IRC | 16:48 | |
openstackgerrit | Serguei Bezverkhi proposed openstack/kolla-kubernetes: Modifying horizon pod for deployment type https://review.openstack.org/368921 | 16:50 |
openstackgerrit | Michal Jastrzebski (inc0) proposed openstack/kolla: Allow customizations of pip packages https://review.openstack.org/368973 | 16:51 |
*** williamcaban has joined #openstack-kolla | 16:54 | |
*** williamcaban has quit IRC | 16:58 | |
sbezverk | kfox1111: ping | 16:58 |
*** neilus_ has left #openstack-kolla | 16:59 | |
*** inc0 has quit IRC | 16:59 | |
*** inc0 has joined #openstack-kolla | 17:00 | |
*** LamT_ has quit IRC | 17:01 | |
*** fragatina has joined #openstack-kolla | 17:01 | |
*** sdake has quit IRC | 17:04 | |
*** sdake has joined #openstack-kolla | 17:06 | |
*** sdake_ has quit IRC | 17:09 | |
dims | go sdake ! nice passing of the baton | 17:09 |
*** gfidente is now known as gfidente|afk | 17:10 | |
sdake | dims thx | 17:10 |
openstackgerrit | Christian Berendt proposed openstack/kolla: Check if libvirtd apparmor profiles exists before removal https://review.openstack.org/368985 | 17:13 |
*** charliekang has joined #openstack-kolla | 17:15 | |
inc0 | let see who gets hit by it | 17:15 |
*** harlowja has joined #openstack-kolla | 17:19 | |
*** diogogmt has joined #openstack-kolla | 17:21 | |
*** unicell has joined #openstack-kolla | 17:23 | |
sean-k-mooney | so for https://review.openstack.org/368985 do you see a failure if no profile is present? | 17:24 |
sean-k-mooney | you shoudl be able to run the kolla-host playbook multiple times on the same host today | 17:25 |
sean-k-mooney | berendt ^^ | 17:25 |
berendt | i tested the command on one of my nodes and got a failure | 17:25 |
sean-k-mooney | strange i tested the entire playbook to make sure that you could run it many times and did not get a failure on ubuntu14.04,16.04 or centos | 17:26 |
berendt | the test is not really accurate | 17:27 |
berendt | the issue was that i first tested this command and afterwards i installed apparmor | 17:27 |
berendt | if apparmor is installed everything is fined | 17:27 |
berendt | root@de-1-compute-1 ~ # apparmor_parser -R /etc/apparmor.d/usr.sbin.libvirtd | 17:27 |
berendt | File /etc/apparmor.d/usr.sbin.libvirtd not found, skipping... | 17:27 |
berendt | root@de-1-compute-1 ~ # echo $? | 17:27 |
berendt | 0 | 17:27 |
sean-k-mooney | ok so this only happens if apparmor is not installed? | 17:28 |
berendt | i think so, my task faield because apparmor_parser was not available | 17:28 |
sean-k-mooney | i did not test that as it installed by default. ok the change makes sense to me then though perphaps we should be checking if apparmor is installed then? | 17:29 |
berendt | i use a minimized preseed profile and install apparmor with openstack-ansible-security | 17:29 |
berendt | i think that proposed check is fine, the file /etc/apparmor.d/usr.sbin.libvirtd only exists when apparmor is installed | 17:30 |
openstackgerrit | Serguei Bezverkhi proposed openstack/kolla-kubernetes: Modifying horizon pod for deployment type https://review.openstack.org/368921 | 17:30 |
sean-k-mooney | berendt: i dont think it s removed if apparmor is unistalled though | 17:30 |
berendt | hm. it is part of libvirtd package | 17:31 |
berendt | probably this is a very specific failure because i do not install apparmor in a first step | 17:32 |
*** harmw_ is now known as harmw | 17:33 | |
sean-k-mooney | ok well i dont see any harm in checking if the profile exist i was just wondering how you encountered this error as i did not hit it on the cloud images or with a minimal server install form the iso | 17:34 |
mliima | guys, i need some reviews here https://review.openstack.org/#/c/366247/ | 17:34 |
berendt | maybe it is better to check if /etc/apparmor.d exists | 17:34 |
mliima | i tested it and work fine :) | 17:34 |
*** neilus has joined #openstack-kolla | 17:36 | |
sean-k-mooney | mliima: oh i actully have that error corrently glad to see its being fixed ill take a look at it now | 17:37 |
mliima | ok sean-k-mooney | 17:38 |
*** neilus has quit IRC | 17:41 | |
*** fragatina has quit IRC | 17:42 | |
openstackgerrit | Mauricio Lima proposed openstack/kolla: Fix manila_share container isn't up after deploy https://review.openstack.org/366247 | 17:42 |
*** harlowja has quit IRC | 17:43 | |
sean-k-mooney | mliima: i was just looking at https://github.com/openstack/kolla/blob/87b4b3c19ffd9888a061b2cd7a3cc8e88fae1989/ansible/roles/manila/templates/manila-share.conf.j2#L65-L69 the latest version looks good to me | 17:44 |
mliima | :( | 17:45 |
*** harlowja has joined #openstack-kolla | 17:45 | |
sean-k-mooney | why sad? | 17:45 |
mliima | because i get this error ERROR manila ManilaException: Config opt 'driver_handles_share_servers' has improper value - 'None'. Please define it as boolean. | 17:46 |
sean-k-mooney | oh... | 17:46 |
*** senk has quit IRC | 17:46 | |
sean-k-mooney | wait why are you defaultin it in openstack/kolla / ansible/group_vars/all.yml and not ansible/roles/manila/defaults/main.yml | 17:47 |
mliima | for any reason it doesn't work :( | 17:47 |
mliima | all.yml | 17:47 |
*** senk has joined #openstack-kolla | 17:47 | |
mliima | https://github.com/openstack/kolla/blob/87b4b3c19ffd9888a061b2cd7a3cc8e88fae1989/ansible/group_vars/all.yml#L372-L373 | 17:48 |
*** senk has quit IRC | 17:48 | |
mliima | sean-k-mooney, https://review.openstack.org/#/c/366247/4/ansible/group_vars/all.yml | 17:49 |
mliima | i did it :) | 17:49 |
openstackgerrit | Merged openstack/kolla-kubernetes: Fix mariadb pvc name https://review.openstack.org/368525 | 17:49 |
mliima | sean-k-mooney, i'll have a snack | 17:50 |
mliima | wait for me | 17:50 |
berendt | bye bye.. see you tomorrow | 17:54 |
sdake | mliima you mke me hungry :) | 17:59 |
*** vhosakot has quit IRC | 18:02 | |
*** tonanhngo has joined #openstack-kolla | 18:02 | |
*** berendt has quit IRC | 18:04 | |
mliima | sean-k-mooney, i'm back | 18:11 |
mliima | sdake, the chocolate cake was delicious | 18:12 |
sdake | mliima i had crackers | 18:13 |
*** fragatina has joined #openstack-kolla | 18:13 | |
openstackgerrit | Merged openstack/kolla: Move transport_url parameter before service_providers section https://review.openstack.org/367961 | 18:13 |
*** eaguilar has joined #openstack-kolla | 18:16 | |
openstackgerrit | Merged openstack/kolla: Allow mysql to be used as a database for Ceilometer https://review.openstack.org/360669 | 18:18 |
sean-k-mooney | mliima: i havent actully applied your patch but if i add driver_handles_share_servers = True to the manila_share contianers manila.conf it stop restarting so i think what your proposeing should work | 18:19 |
mliima | yes sean-k-mooney | 18:20 |
mliima | the problem is that the variable driver_handles_share_servers isn't getting any value. Before this was running well, but for some reason stopped working. | 18:22 |
*** jheroux has quit IRC | 18:22 | |
mliima | the syntax of the current code is correct, I don't see anything different in relation to other codes. | 18:23 |
openstackgerrit | Kevin Fox proposed openstack/kolla-kubernetes: Fix glance pvc name https://review.openstack.org/369005 | 18:24 |
*** fragatina has quit IRC | 18:27 | |
*** vhosakot has joined #openstack-kolla | 18:27 | |
*** fragatina has joined #openstack-kolla | 18:27 | |
inc0 | sdake, rc1 is Sep15 right? | 18:31 |
sdake | yup | 18:31 |
inc0 | nothing merges afterwards besides bug fixes right? | 18:32 |
sean-k-mooney | should glance_backend_ceph: "yes" and cinder_backend_ceph: "yes" be set if you are not using external ceph? is it expecte to break anything? | 18:35 |
*** manjeets- is now known as msbhatia | 18:37 | |
*** msbhatia is now known as manjeets- | 18:38 | |
openstackgerrit | Merged openstack/kolla: Add Checking free port for Manila API https://review.openstack.org/367416 | 18:38 |
*** williamcaban has joined #openstack-kolla | 18:42 | |
*** williamcaban has quit IRC | 18:46 | |
sdake | why on earth was the templating philosophy moved to a different document | 18:55 |
sdake | why on earth is there a "architecture: TODO" in that document | 18:55 |
sdake | our philsophy document is our most critical document in the entire repo | 18:55 |
sdake | it should not be changed | 18:55 |
inc0 | I see what you mean | 18:57 |
*** mgoddard_ has quit IRC | 18:59 | |
*** inc0 has quit IRC | 19:00 | |
*** senk has joined #openstack-kolla | 19:00 | |
kfox1111 | sean-k-mooney: I believe that just points ceph/glance at ceph. | 19:00 |
kfox1111 | so should be independant of deploying ceph or not. | 19:00 |
*** msimonin has joined #openstack-kolla | 19:00 | |
*** msimonin1 has joined #openstack-kolla | 19:01 | |
sean-k-mooney | kfox1111: well when i deployed it did not create any of the non-cache volumes. trying to fiure our where they should be created currently | 19:01 |
sean-k-mooney | kfox1111: sorry pools not volumes | 19:01 |
sean-k-mooney | kfox1111: so i had ceph osd pool ls | 19:02 |
sean-k-mooney | rbd | 19:02 |
sean-k-mooney | .rgw.root | 19:02 |
sean-k-mooney | default.rgw.control | 19:02 |
sean-k-mooney | default.rgw.data.root | 19:02 |
sean-k-mooney | default.rgw.gc | 19:02 |
sean-k-mooney | default.rgw.log | 19:02 |
sean-k-mooney | images-cache | 19:02 |
sean-k-mooney | vms-cache | 19:02 |
sean-k-mooney | volumes-cache | 19:02 |
sean-k-mooney | backups-cache | 19:02 |
*** daneyon has joined #openstack-kolla | 19:02 | |
kfox1111 | sean-k-mooney: Not sure on that one. I just know that those two optoins configure those services to point to ceph instead of using local storage. | 19:02 |
sean-k-mooney | kfox1111: well that is what i want but ya it might be unrelated to my other issue | 19:03 |
kfox1111 | I mostly work on kolla-kubernetes, so am somewhat unfamilor with the kolla-ansible codebase/workflow. | 19:03 |
*** inc0 has joined #openstack-kolla | 19:04 | |
sean-k-mooney | i normally dont use cinder/ceph and the last time i used it worked first time os trying to bursh up on the ceph role | 19:04 |
*** msimonin has quit IRC | 19:04 | |
*** mandre has quit IRC | 19:06 | |
*** senk has quit IRC | 19:07 | |
kfox1111 | I need to dig into it a bit more myself. just haven't had the time yet. | 19:07 |
*** daneyon has quit IRC | 19:07 | |
*** vbel has quit IRC | 19:09 | |
*** vbel has joined #openstack-kolla | 19:09 | |
sean-k-mooney | why is tools/cleanup-contienrs deleating ovs bridges? | 19:12 |
sean-k-mooney | that totally breaks how i use that script | 19:12 |
openstackgerrit | Steven Dake proposed openstack/kolla: Revert "Build a more organized doc structure" https://review.openstack.org/369012 | 19:13 |
*** srwilkers_ has quit IRC | 19:15 | |
sean-k-mooney | pbourke: ay objection to reverting https://review.openstack.org/#/c/358924/ or moving the removal of the ovs bridg from tools/cleanup-contianers to tools/cleanup-hosts | 19:16 |
*** mandre has joined #openstack-kolla | 19:17 | |
sdake | pbourke inc0 rhallisey can I get a merge on the above revert please | 19:20 |
sdake | or any other cores kicking around | 19:20 |
rhallisey | sdake, not going with the doc revamp? | 19:21 |
*** williamcaban has joined #openstack-kolla | 19:21 | |
sdake | inc0 missed your earlier question - only bug ffixees after rc1, and they all need to be backported to the newton branch -> rc1 triggers a branching of newton and master open for business | 19:21 |
sdake | rhallisey dont mind doc revamp | 19:22 |
sdake | rhallisey but i do mind doc revamp of philosophy document | 19:22 |
sdake | i like all of your other changed docs | 19:22 |
sdake | i'm not sure how I missed that particular one | 19:22 |
sdake | lots of stuf in the review queue | 19:22 |
rhallisey | sure | 19:22 |
rhallisey | I hear ya | 19:22 |
rhallisey | wfm | 19:22 |
sdake | my main objection is that document should stand alone | 19:23 |
sdake | its a statement of what we represent | 19:23 |
sdake | it likely needs some updates | 19:23 |
sdake | because wee have shifted a bit to focus more on operational issues rather then just deployment | 19:23 |
sdake | because for kolla, deployment is a solved problem | 19:23 |
sean-k-mooney | sdake: rhallisey speaking of reverts https://review.openstack.org/#/c/358924 broke part of the fuctionality of tools/cleanup-contianers | 19:24 |
sean-k-mooney | should i open a revert or submit a patch to move the chage to tools/cleanup-hosts where it should have been made | 19:25 |
openstackgerrit | Mauricio Lima proposed openstack/kolla: Fix change the virt_type in quickstart https://review.openstack.org/369018 | 19:25 |
mliima | dear core reviews, i need some reviews here -> https://review.openstack.org/#/c/366247/ | 19:26 |
sdake | i think a move is fine sean-k-mooney | 19:26 |
mliima | i tested it and work fine :) | 19:26 |
*** matrohon has joined #openstack-kolla | 19:27 | |
sdake | mliima does that change need a backport | 19:28 |
mliima | yes | 19:29 |
mliima | and i'll update manila doc | 19:29 |
sdake | mliima https://review.openstack.org/#/c/369012/ needs a review | 19:30 |
mliima | ok | 19:30 |
*** williamcaban has quit IRC | 19:32 | |
openstackgerrit | Serguei Bezverkhi proposed openstack/kolla: Adding required check for Orchestration Kubernetes https://review.openstack.org/368469 | 19:32 |
*** bjolo_ has joined #openstack-kolla | 19:33 | |
bjolo_ | good evening | 19:33 |
sdake | mliima rhallisey above needs a +2 but not workflow - i'll workflow when gate is green | 19:40 |
openstackgerrit | Christian Berendt proposed openstack/kolla: Allow a custom haproxy configuration file https://review.openstack.org/368959 | 19:41 |
*** vhosakot has quit IRC | 19:41 | |
bjolo_ | looking at the documentation for network configuration... http://docs.openstack.org/developer/kolla/architecture-guide.html#network-configuration | 19:45 |
openstackgerrit | Tin Lam proposed openstack/kolla: Add ansible role for vmtp container https://review.openstack.org/358305 | 19:46 |
sbezverk | rhallisey: please check it will make generation of config for kubernetes almost automatic https://review.openstack.org/#/c/368469/ | 19:46 |
bjolo_ | what network interface is intendent to have the default gw? | 19:46 |
openstackgerrit | sean mooney proposed openstack/kolla: move ovs cleanup to tools/cleanup-host https://review.openstack.org/369023 | 19:47 |
bjolo_ | not all host groups needs to have all networks. | 19:47 |
*** lamt has quit IRC | 19:47 | |
sean-k-mooney | bjolo_: for tenant or on the kolla host os? | 19:49 |
bjolo_ | kolla host nodes | 19:49 |
sean-k-mooney | for the kolla host nodes you can use any network as your defualt network provided its has an ip. so any interface other then the neutorn_external_interface | 19:50 |
*** lrensing_ has quit IRC | 19:51 | |
bjolo_ | makes sense to make network_interface default gw, but if you configure api_interface as well it would give routing issues right? | 19:51 |
sean-k-mooney | bjolo_: usually you would have the default route be on the api interface as that is expected to be internet facing but its up to you | 19:51 |
bjolo_ | sorry | 19:51 |
bjolo_ | kolla_external_vip_interface i mean | 19:52 |
bjolo_ | as an operator, i want all my nodes accessible on one network for mgmt | 19:52 |
sean-k-mooney | so the kolla_external_vip_interface is usally the same as you api interface | 19:53 |
bjolo_ | but i only want to expose a small number of hosts on kolla_external_vip_interface network. (network nodes only needed i presume) | 19:53 |
bjolo_ | sean-k-mooney, is it? | 19:53 |
openstackgerrit | Merged openstack/kolla: Revert "Build a more organized doc structure" https://review.openstack.org/369012 | 19:54 |
mliima | i need +2 and workflow here -> https://review.openstack.org/#/c/366247/ | 19:54 |
bjolo_ | kolla_external_vip_interface needs routing | 19:54 |
*** rhallisey has quit IRC | 19:55 | |
sean-k-mooney | bjolo_: unless it has been removed there used to be an internal vip also | 19:55 |
openstackgerrit | Merged openstack/kolla-kubernetes: Fix glance pvc name https://review.openstack.org/369005 | 19:55 |
bjolo_ | sean-k-mooney, still there. placed on api_interface (if configured) | 19:56 |
sean-k-mooney | bjolo_: basically all of openstack own traffic uses the internal vip and need to be routable only withing your cloud | 19:56 |
sean-k-mooney | the external vip is what you expose to the outside world | 19:57 |
bjolo_ | got that | 19:57 |
openstackgerrit | Serguei Bezverkhi proposed openstack/kolla-kubernetes: Modifying horizon pod for deployment type https://review.openstack.org/368921 | 19:57 |
sean-k-mooney | so in you case you would only configure a different external vip on the subset of nodes(your contolers) that you want to expose externally but i think that may already be the default config | 19:58 |
bjolo_ | but i get a routing conflict between network_interface which is the default route for all nodes and my network nodes that provides kolla_external_vip_interface | 19:58 |
bjolo_ | solvable, but does require additional routing tables | 19:59 |
sean-k-mooney | are you setting a default rout on both the kolla_external_vip_interface and the api_interface? | 19:59 |
bjolo_ | have not done yet, but looking at it | 20:00 |
sean-k-mooney | bjolo_: basiclaly the only nodes that will use the kolla_external_vip_interface are the controler nodes where the haproxy instance is running | 20:00 |
bjolo_ | i want all mgmt traffic routed of the network_interface (i.e. dns, ntp, updates, ssh logins, admin API, etc) | 20:01 |
bjolo_ | sean-k-mooney, i have changed that to run ha-proxy on the network nodes. | 20:01 |
bjolo_ | sorry for not mentioning that | 20:02 |
*** _coolsvap_ has quit IRC | 20:02 | |
bjolo_ | in my mind, it does not makes sense to expose the controllers | 20:02 |
bjolo_ | i want all public facing endpoints to run on seperate machines under tight scrutiny | 20:03 |
sean-k-mooney | bjolo_: well the reason i was refering to the contoler is that is where the haproxy container runs. | 20:03 |
sean-k-mooney | so ya | 20:03 |
bjolo_ | the controllers (that holds the keys to the kingdom) i want way back | 20:03 |
bjolo_ | but either way, the conflict is still there | 20:04 |
sean-k-mooney | what is the conflict you get agin sorry | 20:04 |
sean-k-mooney | you have one default route via kolla_external_vip_interface | 20:04 |
openstackgerrit | Christian Berendt proposed openstack/kolla: Add logrotate configuration for cloudkitty https://review.openstack.org/369031 | 20:04 |
bjolo_ | if one configure network_interface and kolla_external_vip_interface and want default route off network_interface | 20:05 |
*** rhallisey has joined #openstack-kolla | 20:05 | |
bjolo_ | but kolla_external_vip_interface has to respond to public access | 20:05 |
bjolo_ | one must do some additional routing | 20:05 |
mliima | inc0, rhallisey , pbourke https://review.openstack.org/#/c/366247/ | 20:06 |
sean-k-mooney | ah i see. well on all node excpet the network node then network_interface should be your default route but on the network node you should use kolla_external_vip_interface | 20:06 |
bjolo_ | the docs i find on this deals with setting up seperate routing tables and policy routing | 20:06 |
bjolo_ | or netns can be used as well | 20:06 |
bjolo_ | i.e. haproxy runs in its own netns | 20:06 |
openstackgerrit | Merged openstack/kolla-kubernetes: Modifying horizon pod for deployment type https://review.openstack.org/368921 | 20:07 |
sean-k-mooney | is there a reason you need to have your default route be network_interface on the network nodes though. | 20:08 |
bjolo_ | sean-k-mooney, or do that. kolla_external_vip_interface nodes have a different default gw :) | 20:09 |
sean-k-mooney | bjolo_: that is the simplest. any easy west admin traffic will follow the more specific route for the network_interface subnet and the rest will go via kolla_external_vip_interface | 20:10 |
openstackgerrit | Merged openstack/kolla: Fix manila_share container isn't up after deploy https://review.openstack.org/366247 | 20:11 |
sean-k-mooney | ok got to run before the shops all close. good evening everyone | 20:14 |
bjolo_ | gnight sean-k-mooney | 20:14 |
bjolo_ | thanks for the discussion | 20:14 |
mliima | sdake, ? | 20:16 |
*** fguillot has quit IRC | 20:17 | |
mliima | i'll do the backport | 20:17 |
openstackgerrit | Mauricio Lima proposed openstack/kolla: Fix manila_share container isn't up after deploy https://review.openstack.org/369034 | 20:17 |
*** mliima has quit IRC | 20:18 | |
*** charliekang has quit IRC | 20:23 | |
*** sdake_ has joined #openstack-kolla | 20:25 | |
*** thumpba has quit IRC | 20:27 | |
*** sdake has quit IRC | 20:28 | |
*** thumpba has joined #openstack-kolla | 20:29 | |
*** salv-orl_ has joined #openstack-kolla | 20:31 | |
*** matrohon has quit IRC | 20:33 | |
*** salv-orlando has quit IRC | 20:34 | |
openstackgerrit | Christian Berendt proposed openstack/kolla: Add doc with notes about making reviews https://review.openstack.org/369037 | 20:36 |
*** rhallisey has quit IRC | 20:38 | |
sbezverk | mliima: could you please ack workflow? for https://review.openstack.org/#/c/368469/ the gate is green | 20:39 |
Pavo | evening | 20:55 |
*** inc0 has quit IRC | 21:00 | |
*** rhallisey has joined #openstack-kolla | 21:00 | |
*** bjolo_ has quit IRC | 21:01 | |
*** neilus has joined #openstack-kolla | 21:09 | |
*** neilus__ has joined #openstack-kolla | 21:11 | |
*** williamcaban has joined #openstack-kolla | 21:11 | |
*** neilus has quit IRC | 21:13 | |
*** neilus__ has quit IRC | 21:15 | |
*** williamcaban has quit IRC | 21:16 | |
*** dwalsh has quit IRC | 21:30 | |
*** rhallisey has quit IRC | 21:31 | |
*** sdake_ has quit IRC | 21:38 | |
*** sdake has joined #openstack-kolla | 21:39 | |
*** kangh_ has quit IRC | 21:39 | |
*** eaguilar has quit IRC | 21:42 | |
*** banix has quit IRC | 21:43 | |
*** daneyon has joined #openstack-kolla | 21:45 | |
*** sdake_ has joined #openstack-kolla | 21:47 | |
*** sdake has quit IRC | 21:49 | |
*** thumpba has quit IRC | 21:49 | |
*** daneyon has quit IRC | 21:49 | |
*** sdake has joined #openstack-kolla | 21:50 | |
*** gfhellma has joined #openstack-kolla | 21:51 | |
*** sdake_ has quit IRC | 21:52 | |
*** neilus has joined #openstack-kolla | 21:52 | |
*** vhosakot has joined #openstack-kolla | 21:52 | |
*** neilus has quit IRC | 21:56 | |
*** eaguilar has joined #openstack-kolla | 21:57 | |
openstackgerrit | Merged openstack/kolla: Adding required check for Orchestration Kubernetes https://review.openstack.org/368469 | 21:59 |
*** fguillot has joined #openstack-kolla | 22:01 | |
*** zigo has quit IRC | 22:08 | |
*** msimonin1 has quit IRC | 22:10 | |
*** michauds has quit IRC | 22:10 | |
*** zigo has joined #openstack-kolla | 22:11 | |
*** zigo is now known as Guest41388 | 22:11 | |
*** Guest41388 is now known as zigo_ | 22:17 | |
*** thumpba has joined #openstack-kolla | 22:19 | |
*** neilus has joined #openstack-kolla | 22:20 | |
*** vhosakot has quit IRC | 22:20 | |
*** thumpba has quit IRC | 22:24 | |
*** neilus has quit IRC | 22:25 | |
*** eaguilar has quit IRC | 22:43 | |
*** eaguilar has joined #openstack-kolla | 22:44 | |
*** sdake has quit IRC | 22:48 | |
*** openstackgerrit has quit IRC | 22:48 | |
*** openstackgerrit has joined #openstack-kolla | 22:49 | |
*** gfhellma has quit IRC | 22:51 | |
*** salv-orlando has joined #openstack-kolla | 22:53 | |
openstackgerrit | Christian Berendt proposed openstack/kolla: Remove nova-network container https://review.openstack.org/369072 | 22:54 |
*** salv-orl_ has quit IRC | 22:54 | |
*** eaguilar has quit IRC | 22:55 | |
openstackgerrit | Christian Berendt proposed openstack/kolla: Install apt-utils in Ubuntu base image https://review.openstack.org/369073 | 23:03 |
*** mtaylor22 has joined #openstack-kolla | 23:05 | |
*** eaguilar has joined #openstack-kolla | 23:06 | |
openstackgerrit | Christian Berendt proposed openstack/kolla: Add missing apt-get clean in Ubuntu base image https://review.openstack.org/369074 | 23:07 |
openstackgerrit | Christian Berendt proposed openstack/kolla: Bump version of Kibana from 4.4 to 4.6 https://review.openstack.org/369076 | 23:13 |
*** vhosakot has joined #openstack-kolla | 23:14 | |
openstackgerrit | Christian Berendt proposed openstack/kolla: Fix wrong release name in a comment in sources.list.ubuntu https://review.openstack.org/369077 | 23:15 |
openstackgerrit | Christian Berendt proposed openstack/kolla: Bump version of MariaDB from 10.0 to 10.1 https://review.openstack.org/369078 | 23:18 |
*** neilus has joined #openstack-kolla | 23:18 | |
*** neilus has quit IRC | 23:20 | |
*** neilus has joined #openstack-kolla | 23:20 | |
*** neilus has quit IRC | 23:21 | |
*** neilus has joined #openstack-kolla | 23:22 | |
*** neilus has quit IRC | 23:23 | |
*** neilus has joined #openstack-kolla | 23:24 | |
*** neilus has quit IRC | 23:25 | |
*** neilus has joined #openstack-kolla | 23:25 | |
*** neilus has quit IRC | 23:30 | |
*** Pavo has quit IRC | 23:39 | |
*** Jeffrey4l has quit IRC | 23:43 | |
*** vhosakot has quit IRC | 23:43 | |
*** Jeffrey4l has joined #openstack-kolla | 23:43 | |
*** zhurong has joined #openstack-kolla | 23:48 | |
*** Pavo has joined #openstack-kolla | 23:57 |
Generated by irclog2html.py 2.14.0 by Marius Gedminas - find it at mg.pov.lt!