Friday, 2017-07-21

« Thursday, 2017-07-20 Index Saturday, 2017-07-22 »
*** david-lyle has joined #openstack-kolla00:03
*** yingjun has joined #openstack-kolla00:05
*** manheim has joined #openstack-kolla00:06
*** ducttape_ has joined #openstack-kolla00:07
*** ducttap__ has joined #openstack-kolla00:10
*** ducttape_ has quit IRC00:10
*** openstackgerrit has joined #openstack-kolla00:12
openstackgerritOpenStack Proposal Bot proposed openstack/kolla-kubernetes master: Updated from global requirements  https://review.openstack.org/47465200:12
*** ducttap__ has quit IRC00:15
*** itlinux has quit IRC00:17
*** itlinux_ has quit IRC00:17
*** awidders_ has quit IRC00:17
*** awiddersheim has joined #openstack-kolla00:17
*** mattmceuen has quit IRC00:27
*** jascott1 has quit IRC00:27
openstackgerritOpenStack Proposal Bot proposed openstack/kolla-kubernetes master: Updated from global requirements  https://review.openstack.org/47465200:28
*** zhangfei has quit IRC00:30
*** zhurong has joined #openstack-kolla00:31
*** masber has quit IRC00:33
*** masber has joined #openstack-kolla00:33
*** krtaylor has joined #openstack-kolla00:40
*** manheim has quit IRC00:40
*** schwicht has joined #openstack-kolla00:43
*** zhangfei has joined #openstack-kolla00:43
*** jascott1 has joined #openstack-kolla00:45
*** goldyfruit has joined #openstack-kolla00:57
openstackgerritjimmygc proposed openstack/kolla-ansible master: Add vmware support to ceilometer  https://review.openstack.org/46284200:59
*** schwicht has quit IRC00:59
*** dave-mcc_ has joined #openstack-kolla01:00
*** itlinux has joined #openstack-kolla01:01
*** itlinux_ has joined #openstack-kolla01:01
openstackgerritMerged openstack/kolla-kubernetes master: Updated from global requirements  https://review.openstack.org/47465201:05
*** kevinz has joined #openstack-kolla01:10
openstackgerritOpenStack Proposal Bot proposed openstack/kolla-kubernetes master: Updated from global requirements  https://review.openstack.org/48590501:10
*** rwallner has joined #openstack-kolla01:15
*** ducttape_ has joined #openstack-kolla01:15
*** mattmceuen has joined #openstack-kolla01:18
*** rwallner has quit IRC01:20
*** ducttape_ has quit IRC01:20
*** ansmith has quit IRC01:28
*** manheim has joined #openstack-kolla01:37
emccormickhawi, if you're still here, define the variables in group_vars or host_vars rather than in the inventory file01:40
*** itlinux has quit IRC01:49
*** itlinux_ has quit IRC01:49
*** caowei has quit IRC01:50
*** manheim has quit IRC01:53
*** tvignaud has quit IRC01:58
*** itlinux has joined #openstack-kolla02:04
*** itlinux_ has joined #openstack-kolla02:04
*** caowei has joined #openstack-kolla02:16
*** ducttape_ has joined #openstack-kolla02:16
*** ducttape_ has quit IRC02:21
*** ducttap__ has joined #openstack-kolla02:21
openstackgerritJeffrey Zhang proposed openstack/kolla-ansible master: [TEST][MASTER][KOLLA-ANSIBLE]TEST CLEAN CEILOMETER  https://review.openstack.org/47567002:21
*** ducttap__ has quit IRC02:23
*** ducttape_ has joined #openstack-kolla02:23
*** ducttape_ has quit IRC02:28
spsuryamorning all02:28
Seyongspsurya: good morning02:28
*** yangyapeng has joined #openstack-kolla02:31
*** jamesbenson has joined #openstack-kolla02:32
*** ducttape_ has joined #openstack-kolla02:33
sbezverkspsurya Jeffrey4l hopefully last attempt to fix tarball generation pipeline. https://review.openstack.org/#/c/485739/02:33
spsuryasbezverk: roger02:35
sbezverkspsurya thanks a lot02:35
*** jamesbenson has quit IRC02:36
*** dave-mcc_ has quit IRC02:42
*** yingjun has quit IRC02:44
*** ducttape_ has quit IRC02:45
*** ducttape_ has joined #openstack-kolla02:47
*** ducttape_ has quit IRC02:48
*** ducttap__ has joined #openstack-kolla02:48
*** ducttap__ has quit IRC02:49
*** yingjun has joined #openstack-kolla02:51
*** goldyfruit has quit IRC02:52
*** ducttape_ has joined #openstack-kolla02:57
*** ducttape_ has quit IRC02:59
*** ducttape_ has joined #openstack-kolla02:59
*** eaguilar has quit IRC02:59
*** ducttape_ has quit IRC03:04
*** ducttape_ has joined #openstack-kolla03:07
openstackgerritjimmygc proposed openstack/kolla master: Add collectd support to telegraf  https://review.openstack.org/48592303:08
openstackgerritJeffrey Zhang proposed openstack/kolla-ansible master: Optimize reconfiguration for mariadb  https://review.openstack.org/43348003:10
*** ducttape_ has quit IRC03:11
openstackgerritjimmygc proposed openstack/kolla-ansible master: Add collectd support to telegraf container  https://review.openstack.org/48592503:12
openstackgerritjimmygc proposed openstack/kolla master: Add collectd support to telegraf  https://review.openstack.org/48592303:14
*** caowei has quit IRC03:15
openstackgerritjimmygc proposed openstack/kolla-ansible master: Support customizing grafana home dashboard  https://review.openstack.org/48593103:33
openstackgerritjimmygc proposed openstack/kolla-ansible master: Add collectd support to telegraf container  https://review.openstack.org/48592503:35
openstackgerritjimmygc proposed openstack/kolla-ansible master: Disable grafana Getting Started panel  https://review.openstack.org/48593203:42
*** jamesbenson has joined #openstack-kolla03:44
openstackgerritMerged openstack/kolla master: Fix tarball name again  https://review.openstack.org/48573903:45
*** jamesbenson has quit IRC03:49
*** kevinz has quit IRC04:31
*** iniazi_ has quit IRC04:32
*** iniazi has joined #openstack-kolla04:32
*** jamesbenson has joined #openstack-kolla04:41
*** jamesbenson has quit IRC04:46
openstackgerritMerged openstack/kolla-ansible stable/ocata: Add pipeline file into ceilometer-central and ceilomter-compute node  https://review.openstack.org/48501705:07
*** ducttape_ has joined #openstack-kolla05:08
*** ducttape_ has quit IRC05:12
*** ducttap__ has joined #openstack-kolla05:12
*** ducttap__ has quit IRC05:17
*** omenv has joined #openstack-kolla05:17
*** jamesbenson has joined #openstack-kolla05:23
*** skramaja has joined #openstack-kolla05:26
*** jamesbenson has quit IRC05:27
*** mewald has joined #openstack-kolla05:31
*** coolsvap has joined #openstack-kolla05:43
*** yangyapeng has quit IRC05:46
*** yangyapeng has joined #openstack-kolla05:47
*** manheim has joined #openstack-kolla05:49
*** manheim has quit IRC05:54
*** wlfightup_ has joined #openstack-kolla05:58
*** wlfightup has quit IRC06:02
*** wlfightup_ is now known as wlfightup06:02
*** jbadiapa has joined #openstack-kolla06:03
*** emccormick has quit IRC06:04
*** jamesbenson has joined #openstack-kolla06:04
*** jamesbenson has quit IRC06:09
*** magicboiz has joined #openstack-kolla06:13
*** magicboiz has joined #openstack-kolla06:18
openstackgerritoctopuszhang proposed openstack/kolla-ansible master: Add ntp start and enable commands on ubuntu  https://review.openstack.org/48598406:19
*** caowei has joined #openstack-kolla06:22
*** magicboiz has quit IRC06:23
*** magicboiz has joined #openstack-kolla06:23
*** jamesbenson has joined #openstack-kolla06:46
*** athomas has joined #openstack-kolla06:49
*** jamesbenson has quit IRC06:51
*** mewald has quit IRC06:54
*** manheim has joined #openstack-kolla06:55
*** mewald has joined #openstack-kolla06:55
*** gfidente has joined #openstack-kolla06:57
*** gfidente has quit IRC06:57
*** gfidente has joined #openstack-kolla06:57
*** pc_m has quit IRC06:58
*** pc_m has joined #openstack-kolla07:00
*** manheim has quit IRC07:00
*** manheim has joined #openstack-kolla07:03
*** pc_m has quit IRC07:07
*** manheim has quit IRC07:07
*** pc_m has joined #openstack-kolla07:08
*** sayantani01 has quit IRC07:08
*** shasha_t_ has quit IRC07:08
*** omenv has quit IRC07:12
*** ducttape_ has joined #openstack-kolla07:14
zhangfeihi, when deploy kolla, mariadb report error: Info: Using unique option prefix 'exec' is error-prone and can break in the future. Please use the full name 'execute' instead.07:15
zhangfeiAny clue? thanks07:15
zhangfeithe container bootstrap_mariadb exicted07:16
zhangfeidebian-source-mariadb:5.0.0         "kolla_start"       17 minutes ago      Exited (1) 16 minutes ago07:16
*** zhurong has quit IRC07:18
*** ducttape_ has quit IRC07:18
*** mgoddard_ has joined #openstack-kolla07:22
*** omenv has joined #openstack-kolla07:23
*** itlinux has quit IRC07:26
*** itlinux_ has quit IRC07:26
*** mewald1 has joined #openstack-kolla07:26
*** jamesbenson has joined #openstack-kolla07:28
*** mewald has quit IRC07:29
*** jamesbenson has quit IRC07:33
*** ddyer has quit IRC07:42
*** ddyer has joined #openstack-kolla07:42
openstackgerritMathias Ewald proposed openstack/kolla-ansible master: Add role to deploy prometheus  https://review.openstack.org/48515007:49
*** zhurong has joined #openstack-kolla07:59
openstackgerritMerged openstack/kolla master: Compile i18n messages for all projects who have locale folder  https://review.openstack.org/48467008:01
*** rmart04 has joined #openstack-kolla08:04
*** dims has quit IRC08:09
*** jamesbenson has joined #openstack-kolla08:09
*** manheim has joined #openstack-kolla08:11
*** dims has joined #openstack-kolla08:11
*** jamesbenson has quit IRC08:13
*** ducttape_ has joined #openstack-kolla08:15
*** ducttape_ has quit IRC08:19
*** yangyape_ has joined #openstack-kolla08:20
*** manheim has quit IRC08:20
*** egonzalez has joined #openstack-kolla08:21
*** dims has quit IRC08:21
*** manheim has joined #openstack-kolla08:21
*** dims has joined #openstack-kolla08:23
openstackgerritJeffrey Zhang proposed openstack/kolla-ansible master: Add default volume_backend_name for rbd driver in cinder volume  https://review.openstack.org/48604308:26
*** omenv has quit IRC08:28
openstackgerritEduardo Gonzalez proposed openstack/kolla-ansible master: Add 777 permission to kolla gate logs  https://review.openstack.org/48572308:28
*** serlex has joined #openstack-kolla08:28
*** jascott1 has quit IRC08:30
*** jascott1 has joined #openstack-kolla08:30
openstackgerritEduardo Gonzalez proposed openstack/kolla master: Add openstack logs in deploy gates  https://review.openstack.org/47453908:33
*** jascott1 has quit IRC08:35
*** jmccarthy has joined #openstack-kolla08:36
*** yangyape_ has quit IRC08:37
*** tvignaud has joined #openstack-kolla08:38
*** omenv has joined #openstack-kolla08:39
openstackgerritoctopuszhang proposed openstack/kolla-ansible master: Add ntp start and enable commands on ubuntu  https://review.openstack.org/48598408:42
*** omenv has quit IRC08:47
*** shardy has joined #openstack-kolla08:54
*** ramishra has quit IRC09:00
*** ramishra has joined #openstack-kolla09:02
openstackgerritJeffrey Zhang proposed openstack/kolla master: Add ujson into binary install type  https://review.openstack.org/48454309:04
openstackgerritMathias Ewald proposed openstack/kolla-ansible master: Fix grafana data source registration  https://review.openstack.org/48605609:06
openstackgerritJeffrey Zhang proposed openstack/kolla stable/ocata: Compile i18n messages for all projects who have locale folder  https://review.openstack.org/48606009:08
mewald1egonzalez: I'll remove the prometheus part and supply another patch once prometheus and the grafana patch are merged09:12
egonzalezmewald1, that will speed grafana change :)09:13
mewald1yes09:13
openstackgerritMathias Ewald proposed openstack/kolla-ansible master: Fix grafana data source registration  https://review.openstack.org/48605609:13
*** yingjun has quit IRC09:14
mewald1egonzalez: shall I rebase prometheus patch on the grafana patch? what do you think?09:14
mewald1the grafana one seems obvious and simple and should be mergeable quickly09:14
*** ducttape_ has joined #openstack-kolla09:15
openstackgerritJeffrey Zhang proposed openstack/kolla master: Remove python-wsme and python-pecan packages for centos  https://review.openstack.org/48606309:17
openstackgerritJeffrey Zhang proposed openstack/kolla master: Add ujson into binary install type  https://review.openstack.org/48454309:17
egonzalezmewald1, added other comment, except this jinja thing, lgtm09:17
mewald1So "when: item.value.enable | bool" is what it should look like?09:19
*** ducttape_ has quit IRC09:20
egonzalezmewald1, yep09:21
mewald1done09:22
openstackgerritMathias Ewald proposed openstack/kolla-ansible master: Fix grafana data source registration  https://review.openstack.org/48605609:22
*** lpetrut has joined #openstack-kolla09:23
mewald1egonzalez: I dont understand your comment: remote "".09:31
*** omenv has joined #openstack-kolla09:31
egonzalezmewald1, was Jeffrey4l's but refers to remove double colons09:32
mewald1ahh right, sorry about that09:32
*** sambetts|afk is now known as sambetts09:33
*** omenvl has joined #openstack-kolla09:33
*** omenv has quit IRC09:36
openstackgerritChason Chan proposed openstack/kolla-ansible master: Update the documentation link for doc migration  https://review.openstack.org/48516109:39
openstackgerritMathias Ewald proposed openstack/kolla-ansible master: Fix grafana data source registration  https://review.openstack.org/48605609:40
*** pbourke_ has joined #openstack-kolla09:47
openstackgerritChason Chan proposed openstack/kolla-ansible master: Update the documentation link for doc migration  https://review.openstack.org/48516109:49
*** palexster has quit IRC09:50
openstackgerritChason Chan proposed openstack/kolla master: Update the documentation link for doc migration  https://review.openstack.org/48515109:50
*** palexster has joined #openstack-kolla09:56
openstackgerritEduardo Gonzalez proposed openstack/kolla-ansible master: Fix logging in gates  https://review.openstack.org/48572309:58
*** jamesbenson has joined #openstack-kolla10:02
*** slagle has quit IRC10:04
*** jamesbenson has quit IRC10:07
*** jiriprox has quit IRC10:12
openstackgerritMerged openstack/kolla master: Add sfc plugin into neutron-base image  https://review.openstack.org/46174810:21
openstackgerritJeffrey Zhang proposed openstack/kolla master: Remove python-wsme and python-pecan packages for centos  https://review.openstack.org/48606310:21
*** omenvl has quit IRC10:23
*** ramishra has quit IRC10:24
*** omenv has joined #openstack-kolla10:25
*** ramishra has joined #openstack-kolla10:26
*** skramaja has quit IRC10:38
*** pc_m has quit IRC10:41
mewald1egonzalez: What wrong with the prometheus containers? I have no experience in interpreting the jenkins checks outputs10:41
egonzalezsean-k-mooney, added a few more comments in the ovs change10:42
egonzalez*ovs-dpdk rather ovs10:42
*** yangyapeng has quit IRC10:43
sean-k-mooneyegonzalez: cool ill take a look at them10:47
sean-k-mooneyegonzalez: still seting up a centos enviornment to test10:48
openstackgerritMerged openstack/kolla-ansible master: Fix grafana data source registration  https://review.openstack.org/48605610:48
egonzalezsean-k-mooney, as said in the review, if not have time for pike, add in the release note(also add release note btw hehe) that is only supported for debian based distros10:48
*** zhurong has quit IRC10:50
*** pc_m has joined #openstack-kolla10:50
sean-k-mooneyegonzalez: as in the continers only work for debina based distros or the deployment code? im going to add the network config scrpts for redhat family10:52
sean-k-mooneyegonzalez: with the template override the centos container also works. at least when deployed on a ubuntu host.10:53
openstackgerritEduardo Gonzalez proposed openstack/kolla-ansible master: Fix logging collection in gates  https://review.openstack.org/48572311:03
openstackgerritMerged openstack/kolla-ansible master: Update the documentation link for doc migration  https://review.openstack.org/48516111:06
*** rwallner has joined #openstack-kolla11:08
*** hieulq has quit IRC11:09
*** shardy is now known as shardy_lunch11:10
openstackgerritSerguei Bezverkhi proposed openstack/kolla-kubernetes master: Do Not Merge, kolla-kubernetes gate tests  https://review.openstack.org/46106311:26
*** coolsvap has quit IRC11:27
openstackgerritMathias Ewald proposed openstack/kolla master: Fix redis container start sequence  https://review.openstack.org/48610911:28
*** omenvl has joined #openstack-kolla11:31
wlfightupmoring11:33
wlfightupegonzalez11:33
*** omenv has quit IRC11:33
wlfightuptunnel_interface also inc have ip address ?11:33
openstackgerritMathias Ewald proposed openstack/kolla-ansible master: Add Redis role  https://review.openstack.org/48611011:33
mewald1wlfightup: yes the tunnel interface must have an IP11:34
wlfightupwhy?11:34
*** schwicht has joined #openstack-kolla11:35
wlfightupneed ip address why comunicate between vm and vm ?11:35
wlfightupI have always been the production environment for this card has never been ip11:36
wlfightupmewald1?11:36
wlfightupmewald111:36
mewald1then try without and check ;)11:36
wlfightupSuddenly feel this is still very immature11:37
*** shardy_lunch is now known as shardy11:38
mewald1dude, the tunnel interface is used for VXLAN and that protocol runs on UDP and therefore needs IP, too. VXLAN travels from host to host and carries encapsulated VM traffic. When two hosts talk to each others they need to have an IP address.11:39
wlfightupvxlan need physical card have an IP address ?11:42
wlfightupare you sure?11:42
wlfightupi don't assign any ip address in physical always11:44
mewald1then what do you set in ml2_conf.ini [ovs] local_ip ?11:45
mewald1@wlfightup Please send me PM since this discussion is not kolla related.11:48
wlfightupi use linuxbridge11:50
wlfightupPM? what is PM? where are you from?11:50
egonzalezwlfightup, you are missunderstanding br-tun with tunnel_interface, tunnel_interface is where tunnels are going to be created, need an IP to create the tunnel endpoint. br-tun is an ovs bridge where tunneled connections run11:51
egonzalezwlfightup, if check ovs-vsctl show will se br-tun bridge, and connections with IP addresses, those IP addresses are the tunnel endpoints (tunnel_interface IPs for each network/compute node)11:52
*** omenvl has quit IRC11:57
*** omenv has joined #openstack-kolla11:58
*** omenvl has joined #openstack-kolla12:00
*** omenv has quit IRC12:03
mewald1egonzalez: all checks passed now for the prometheus containers12:08
openstackgerritEduardo Gonzalez proposed openstack/kolla-ansible master: Fix logging collection in gates  https://review.openstack.org/48572312:13
*** slagle has joined #openstack-kolla12:15
egonzalezmewald1, is this really needed? ENV prometheus_version=1.7.1 \12:22
egonzalez    prometheus_arch={{ base_arch }}12:22
egonzalezre second prometheus_arch, if is overiden in next lines, makes sense set the arch twice?12:22
*** goldyfruit has joined #openstack-kolla12:25
*** ansmith has joined #openstack-kolla12:27
*** iniazi_ has joined #openstack-kolla12:29
*** mewald1 has quit IRC12:30
*** iniazi has quit IRC12:32
*** hrw has quit IRC12:32
*** hrw has joined #openstack-kolla12:34
*** mnaser has left #openstack-kolla12:35
*** goldyfruit has quit IRC12:40
*** dave-mccowan has joined #openstack-kolla12:41
*** mewald has joined #openstack-kolla12:42
*** dave-mcc_ has joined #openstack-kolla12:46
mewaldegonzalez: I followed the pattern that helm uses. By default prometheus_arch is set to whatever base_arch is. Since base_arch values don't match the values used by prometheus, we have to overwrite prometheus_arch.12:46
mewaldI can hardcode the amd64 bit of the download url but this gave me a comment by sbezverk to do it the way helm does it12:48
*** dave-mccowan has quit IRC12:48
*** jrist has quit IRC12:49
*** mattmceuen has quit IRC12:51
*** rhallisey has joined #openstack-kolla12:51
*** awiddersheim has quit IRC12:52
*** awiddersheim has joined #openstack-kolla12:52
mewaldegonzalez: Also, if we remove line 8 and leave 11 through 15 intact, what will be haproxy_exporter_arch for architecture other than x86_64 and aarch64? Line 8 sets a default.12:53
*** goldyfruit has joined #openstack-kolla12:54
*** pbourke has quit IRC13:00
*** eaguilar has joined #openstack-kolla13:00
*** pbourke has joined #openstack-kolla13:02
*** jrist has joined #openstack-kolla13:03
*** ramishra has quit IRC13:03
*** emccormick has joined #openstack-kolla13:04
*** ramishra has joined #openstack-kolla13:05
*** goldyfruit has quit IRC13:07
*** caowei has quit IRC13:07
*** ducttape_ has joined #openstack-kolla13:08
*** yangyapeng has joined #openstack-kolla13:10
mewaldegonzalez: I am not going to fight for it :D if you tell me how you would like to have it I'll change it13:11
*** magicboiz has quit IRC13:11
*** ducttape_ has quit IRC13:12
sbezverkegonzalez it would be great to support not just x86_6413:32
sbezverkthat was the reason for my original comment for prometeus13:32
rwellumMorning sbezverk13:33
*** lpetrut has quit IRC13:35
sbezverkrwellum good morning13:35
*** lucasxu has joined #openstack-kolla13:37
rwellumsbezverk: I am re-running 5.0 - will report back. Somehow last night, I kept losing my sessions - but hopefully undisturbed today. I had an unrelated question though. I am still trying to build my own source code for a Service. The image appears to build, I appear to use it when I deploy, but somehow it's not my source code running.13:37
rwellumsbezverk: I know this because the version of Horizon I am deploying should have some proprietary labeling which I don't see.13:38
openstackgerritMathias Ewald proposed openstack/kolla-ansible master: Add Redis role  https://review.openstack.org/48611013:38
rwellumsbezverk: so this is what I get when I generate. It gets tag 4.0.2. https://www.irccloud.com/pastebin/QoGnfjiO/13:39
openstackgerritMathias Ewald proposed openstack/kolla master: Fix redis container start sequence  https://review.openstack.org/48610913:39
rwellumsbezverk: I've had 5.0.0 as a tag before - not really sure if that's deterministic or not.13:41
wlfightupegonzalez: if is vlan network, only br-int, how to config ?13:42
*** zhangfei has quit IRC13:44
sbezverkrwellum: now you have 4.0.2 on your local machine.. but you need to informa horizon chart to use it, otherwise it will use default 4.0.0 tag13:45
rwellumsbezverk: yes by modifying cloud.yaml13:45
*** hawi has quit IRC13:46
rwellumsbezverk https://www.irccloud.com/pastebin/0AelWHqM/13:46
sbezverkrwellum looks good13:50
*** mgoddard_ has quit IRC13:53
rwellumsbezverk: ok - doing this again - will see :). If I don't see the Horizon I expect, then I'll need to debug further.13:54
*** jtriley has quit IRC13:54
*** zhangfei has joined #openstack-kolla13:56
sbezverkrwellum the best way to confirm is kubectl describe pod horizon-blah -n kolla | | grep Image13:56
sbezverksorry it is a single pipe13:56
rwellumThat's helpful thanks sbezverk13:57
rwellumsbezverk: on the 5.0 looks like cinder is crashing13:57
*** omenvl has quit IRC13:58
sbezverkrwellum there are a handful cinder pods, which one is crashing?13:58
*** hawi has joined #openstack-kolla13:58
rwellumcinder-volume-rwdj813:59
egonzalezsbezverk, mewald , actually I was not asking to make only x86, is for removal of double setting the arch environment for arch64 and x86, if supporting multiple architectures, ppc64 is also implemented in kolla too14:02
*** omenvl has joined #openstack-kolla14:03
egonzalezalso maybemakes sense to only define arch env in prometheus-base image, all other will inherit from it hence having the same arch14:04
*** omenvlad has joined #openstack-kolla14:04
sbezverkegonzalez not sure if it right approach as different components might be running on diff arc hosts14:06
sbezverkegonzalez or at least a components should be able to override base arc is required..14:07
sbezverks/is/if/14:07
*** omenvl has quit IRC14:07
egonzalezsbezverk, image names will be different and will need to be changed in deployment method, an arch64 image cannot have ppc64 as parent image14:08
sbezverkegonzalez got it, you are right14:09
mewaldsbezverk: egonzalez: so what is the best way to do it now?14:10
*** srnbckr has quit IRC14:17
*** schwicht has quit IRC14:17
*** mewald has quit IRC14:17
*** mattmceuen has joined #openstack-kolla14:22
openstackgerritEduardo Gonzalez proposed openstack/kolla-ansible master: Fix logging collection in gates  https://review.openstack.org/48572314:23
*** jrist has quit IRC14:26
openstackgerritEduardo Gonzalez proposed openstack/kolla-ansible master: Fix logging collection in gates  https://review.openstack.org/48572314:29
*** jrist has joined #openstack-kolla14:39
*** jamesbenson has joined #openstack-kolla14:41
*** serlex has quit IRC14:50
*** mewald has joined #openstack-kolla14:50
*** schwicht has joined #openstack-kolla14:56
*** rmart04 has quit IRC14:59
*** gfidente is now known as gfidente|afk14:59
*** gfidente has joined #openstack-kolla15:00
*** gfidente has quit IRC15:00
*** gfidente has joined #openstack-kolla15:00
*** shardy is now known as shardy_mtg15:00
mewaldegonzalez: so you want the arch stuff in the base image with an if-elsif-else conditional, would that work for you?15:01
*** ducttape_ has joined #openstack-kolla15:10
inc0good morning15:10
inc0sbezverk: you have images available15:10
sbezverkinc0: thanks and I have tested, so now we have two green master jobs centos and ubuntu15:11
*** itlinux has joined #openstack-kolla15:11
*** itlinux_ has joined #openstack-kolla15:11
inc0great news15:12
mewaldI am a bit confused about the deployment model we're running in multinode inventory file: The is a monitoring group which (as I assume) is supposed to run monitoring services. For me this include elasticsearch, kibana, influxdb, grafana, prometheus and possibly a few more (skydive, do clue what that is). most of them are deployed to the control nodes though. The question came up when egonzalez commented on my redis role that is15:13
mewaldshould go on the control nodes (https://review.openstack.org/#/c/486110/2/ansible/inventory/all-in-one) I intend to use redis for monitoring with sensu and therefore it should go to the monitoring nodes. I feel like this is a broader topic that is difficult to discuss in gerrit comments which is why I am writing this here. What is the overall strategy for this type of issue?15:13
*** ducttape_ has quit IRC15:14
inc0mewald: afair reason we have separate monitoring group is that we used InfluxDB, which is single node15:15
inc0on free license15:15
inc0it was never finished tho so we still can move it to control/remove monitoring group as far as I'm concerned15:16
*** gfidente has quit IRC15:16
openstackgerritEduardo Gonzalez proposed openstack/kolla-ansible master: Fix logging collection in gates  https://review.openstack.org/48572315:17
*** jrist has quit IRC15:18
*** gfidente has joined #openstack-kolla15:19
*** gfidente has quit IRC15:19
*** gfidente has joined #openstack-kolla15:19
mewaldinc0: yeah could be removed I guess. In production I would try to remove as much load from the controllers as possible as long it is not openstack control plane related15:19
inc0yeah and monitoring can produce a lot of it15:20
inc0in any case, as far as I'm concenrned monitoring is still open question for us15:20
kfox1111inc0: just some info from the field.15:20
kfox1111I've used nagios, checkmk, influxdb, graphite, and prometheus.15:20
mewaldI am working in a prometheus patch which is currently in review which is on apache license and can be deploy across multiple nodes.15:21
kfox1111plus have looked into several others.15:21
mewaldthat would replace influxdb15:21
kfox1111I'm currently quite fond of prometheus.15:21
egonzalezmewald, i said because redis is not a monitoring service, DBs at this moment run under control nodes15:21
kfox1111I've been working prometheus support into kolla-kubernetes.15:21
inc0yeah prometheus seems like new kid in the block and seems to have lots of good ideas15:21
kfox1111its the first monitoring system I've seen that handles dynamic infrastructure well.15:22
inc0egonzalez: I think our kolla-ansible monitoring is based of influx not redis15:22
inc0but if we want to move all in to prometheus, I'm interested15:23
egonzalezinc0, yep, was regarding redis patch who put redis in monitoring host group15:23
inc0ah ok15:23
inc0well monitoring group was separate group only because of this single node requirement by influx15:24
*** omenvlad has quit IRC15:24
egonzalezprometheus patch if want to take a look https://review.openstack.org/#/c/484882/ https://review.openstack.org/#/c/485150/15:24
*** ducttape_ has joined #openstack-kolla15:24
inc0so if we're moving to prometheus, we can get rid of it and put it in control:children15:24
inc0this way we remove one top level group from inv which is good15:25
kfox1111is there a reason not to use the upstsream containers for the exporters?15:25
mewaldinc0: agreed, shall we completely remove influxdb right now or is there a deprecation process we want to run through?15:25
inc0well we didn't use upstream containers for anything yet...but I'd be willing to try.15:26
inc0deprecation, but we're close to release anyway15:26
*** gfidente has quit IRC15:26
kfox1111inc0: kolla-kubernetes is pointing at the upstream ones and they seem to work well.15:26
mewaldinc0: ok, i'll just leave it as it is right now15:26
kfox1111been gating on them for a while now.15:26
inc0yeah prometheus is container-centric so I expect them to be high quality15:26
egonzalezkfox1111, guess they come from busybox and no other arch than x86 supported15:27
mewaldegonzalez: looks like ENV variables are not inherited from base images to child images. have you tried it before?15:27
kfox1111hmm... yeah, I guess they probably don't support arm currently. though that could be added.15:27
inc0I personally think reinventing a wheel just to have contos/ubuntu isn't good idea15:27
kfox1111as for image, its literally one go statically linked binary per exporter. so distro really doesn't much matter.15:27
egonzalezmewald, never tried, leave as they are then15:27
inc0I'd say we should work with prometheus community rather than doing it ourselves15:28
inc0for arm/power15:28
kfox1111yeah. I'm guessing they just have never tried arm/power. but would be just fine supporting them.15:28
kfox1111which reminds me. I did get an arm box into my personal home k8s.15:29
*** ducttape_ has quit IRC15:29
kfox1111so getting node-exporter on it would be aswesome. :)15:29
inc0so, mewald egonzalez kfox1111 this is big decision, so let's send mail to ML15:29
mewaldinc0, kfox1111 how do I properly include community containers?15:29
kfox1111+1 to mailing list.15:29
inc0I'm supporting migration from our current non-maintained monitoring to prometheus all the way, that will include deprectation of what we have today15:30
inc0(which never exited tech preview stage so I'm not concerned)15:30
inc0mewald: just put their name in start task15:30
inc0docker will handle downloading15:31
inc0also that, this is something new in Kolla but change for good15:31
mewaldinc0: I am concerned with deployment situations where internet access is not available, pointing to docker hub would break it in those cases15:31
inc0I'd love to see day when Kolla uses upstrema containers for all/most of non-openstack services15:31
*** gfidente has joined #openstack-kolla15:32
*** gfidente has quit IRC15:32
*** gfidente has joined #openstack-kolla15:32
inc0mewald: well you need internet for build and you can download/push-to-local just as well15:32
openstackgerritMathias Ewald proposed openstack/kolla master: Add prometheus and related containers  https://review.openstack.org/48488215:32
inc0but good point15:32
inc0that being said, I think we can make change to build.py15:32
inc0where it will not only build our images15:32
inc0but also pull images we require15:32
kfox1111mewald: for kolla-kubernetes, I've been contemplating something similar to inc0's trunk tarball.15:33
kfox1111has all the containers needed for a launch.15:33
*** shardy_mtg is now known as shardy15:33
kfox1111so user only has to wget one file to get going in a limited area.15:34
mewaldI am not capable of doing this patch to build.py15:35
kfox1111inc0: you might want to jump into the rdo ceph conversation...15:35
inc0kfox1111: where?15:36
kfox1111Re: [rdo-list] Heads up: Ceph Luminous (next LTS) is in release candidate15:36
inc0mewald: don't worry about this15:36
kfox1111we probably don't want centos-binary luminous and ubuntu jewel?15:36
inc0I'm ok with us just downloading as long as we provice way to override the name15:37
inc0damn...15:37
inc0no, we don't15:37
inc0but aren't we pinning rpm to jewel?15:37
kfox1111yeah, but generally better to run distro supported stuff then not.15:38
inc0I'd expect canonical to quickly follow...or hope at least15:39
inc0also I think we use ceph repos there15:39
*** zhangfei has quit IRC15:39
kfox1111they may, but timings tight on the redhat side, so I'd expect ubuntu to be sligtly slower and maybe miss the window.15:40
*** goldyfruit has joined #openstack-kolla15:40
kfox1111its just a weird alignment of project releases.15:40
inc0https://github.com/openstack/kolla/blob/master/docker/base/Dockerfile.j2#L14115:40
inc0I think ubuntu ceph comes from cloud archive15:41
sean-k-mooneyinc0: kfox1111 you could just use the ceph ceph repos if the could archive does not have luminious15:42
inc0yeah15:42
inc0Queens goal anyway15:42
inc0we can safely assume that by the end of Queens we'll have Luminious ready and give us time to test upgrade and stability15:43
sean-k-mooneyinc0: the bluestore support and small writes on erasure coded pool are really nice features to have15:43
kfox1111sean-k-mooney: yeah, ,but like I was saying, it may be better to support what rdo tests against. :/15:43
inc0kfox1111: agree, it's not pike anyway15:43
kfox1111if they are testing against luminous and we slide in jewel instead, not sure what breakage may happen.15:44
sean-k-mooneykfox1111: yep, but the same logic would apply to canonical and the cloud archive15:44
kfox1111I was thinking cononical equally tested their cloud archive.15:44
sean-k-mooneykfox1111: yes but with jewel15:44
kfox1111right.15:44
sean-k-mooneyso if you use the vendor repose you cant gurentee each vendor has the same version15:45
kfox1111so we might want to ask rdo not to be too aggresive with getting luminious in at the last moment.15:45
sean-k-mooneyif you use the upstream you can so that is the trade off15:45
kfox1111yup. but the yare actively discussing whether to go to luminous for pike or not.15:45
sean-k-mooneykfox1111: i would preferer to ask canonical to be more agressive15:45
kfox1111nows the time to help shape the decision.15:45
inc0kfox1111: Pike ends in a month15:45
kfox1111sean-k-mooney: ah. well, that works too.15:45
inc0Luminius is not LTS yet15:46
sean-k-mooneykfox1111: there are a lot of nice featuers in luminous i would not want to give up15:46
kfox1111and if so, we probably should support luminius all around kolla too.15:46
sean-k-mooneyinc0: luminious is not released yet15:46
inc0right15:46
kfox1111yeah.15:46
sean-k-mooneyit will be in october i think15:46
inc0so there is little chance we'll make it in Pike15:46
sean-k-mooneyso it should be fine for queens15:46
inc0right, so it's for Queens definetly15:47
kfox1111yeah. queens would probably be better timing. :/15:47
inc0and within Queens window we'll have plenty of time to figure it out15:47
kfox1111but, just tryign to head off having one container set be different then all the rest.15:47
sean-k-mooneyyes. im running luminous from opensuse tumbelweed but i would nto put it in to production as our default in kolla15:47
kfox1111so, do we ask rdo to stick to jewel?15:47
kfox1111(for pike)15:47
sean-k-mooneykfox1111: for pike i would say yes.15:48
kfox1111ok.15:48
kfox1111inc0: can you ask as the ptl?15:48
mewaldegonzalez: Redis itself is quite stupid: it will replicate from master to slaves as long as the master lives. Sentinel (a second service not yet provided in the patch) is responsible for forming a quorum and promoting a new master when the original master died. We would just have to make sure redis servers will be restarted sequentially and it will be waited until the node is back in the game. Can someone point me to a service w15:48
mewaldith a similar upgrade pattern so I can have a look at the Ansible side of this?15:48
sean-k-mooneykfox1111: unless they are not going to release rdo until after ceph releases luminious i dodnt think rdo really has a coice15:48
mewaldsorry more context: about the upgrade procedure for redis15:49
kfox1111sean-k-mooney: tehy are discussing it on their mailing list now.15:49
sean-k-mooneykfox1111: holding the release or using a beta drop of ceph in a production deployment our of the box?15:49
inc0kfox1111: I think we pin to jewel so we shouldn't be affected even if they move on15:50
kfox1111https://www.redhat.com/archives/rdo-list/2017-July/msg00048.html15:50
inc0also, jewel is LTS so I'd hope RDO will keep it tested for a time being15:51
inc0I mean, that's what LTS means15:51
kfox1111inc0: I think there may be subtile bugs that creep up then. :/15:51
inc0over time15:51
inc0yes15:51
inc0but Queens starts in little over a month15:51
inc0we'll be pretty fresh15:51
kfox1111no. wrong idea.15:52
kfox1111pike is supported for a year.15:52
kfox1111not, queens starts, lets forget about pike.15:52
inc0sure15:52
*** schwicht has quit IRC15:52
kfox1111what we do, affects us for a long time.15:52
sean-k-mooneykfox1111: yes but your not suggesting changeing the supported version of ceph after the stable branch is created15:52
inc0what I'm saying is, rushing to put L in Pike will destabilize Pike probably15:52
kfox1111sean-k-mooney: right. we should stick to one. but ideally, we should get rdo to stick with jewel rather then them go to luminious and we try and pin back to jewel.15:53
inc0we just don't have time to figure out upgrades and all15:53
sean-k-mooneykfox1111: what do cinder et al offically support for pike?15:53
inc0and it's not released yet15:53
sean-k-mooneykfox1111: yes i would agree with that.15:54
kfox1111the ideal sitiuation is to ask rdo not to go to luminious for pike.15:54
inc0dmsimard: around?15:54
kfox1111lets try the ideal solution first.15:54
*** eaguilar is now known as eaguilar|afk15:55
*** gfidente has quit IRC15:55
dmsimardinc0: kina15:55
dmsimardinc0: kinda15:55
inc0qq - Ceph L in Pike - please don't?15:56
inc0it wasn't a question really, a plea rather15:56
dmsimardinc0: you can choose to stay on jewel, we're not imposing anything15:57
kfox1111imposing no. but testing.15:57
inc0you keep testing against jewel?15:57
*** jrist has joined #openstack-kolla15:57
*** jrist has quit IRC15:57
*** jrist has joined #openstack-kolla15:57
kfox1111yeah. if you test against both, I think we'd be happy.15:57
*** srnbckr has joined #openstack-kolla15:59
sean-k-mooneydmsimard: was the intention to have luminious as techpreview in pike or the default ceph version. if jewel is still default/testing that would prevent so headaces for kolla as the concure is we wont have time to write and test the upgrade playbook between now and the pike release and we also dont want to have a different version of ceph on centos  vs ubunut16:00
dmsimardwell, FWIW we're testing the /installers/16:01
*** itlinux_ has quit IRC16:01
kfox1111dmsimard: you don't test that the installer deploys something that works?16:01
inc0it won't be just kolla, it's for all of openstak rly16:01
dmsimardCeph is not mirrored or managed by RDO (though I do happen to be a maintainer)16:01
kfox1111and that the rpms can produce a working cloud?16:02
dmsimardWhat I'm trying to say is that for example, I think during Mitaka, some folks were running Jewel just fine while we were still testing Hammer16:02
dmsimardOr they were still running Hammer when we had moved on to Jewel16:02
kfox1111where the rpms built against jewel or hammer? (and does that matter)16:03
dmsimardThe fact that puppet-openstack or TripleO works (or not) with jewel or luminous should not have influence on what you're doing in Kolla 616:03
*** itlinux has quit IRC16:03
kfox1111I woud think rpms built against hammer would work with a jewel lib rpm, but maybe not the other way around.16:03
dmsimardkfox1111: there's no such thing as building against ceph, RDO doesn't have any dependencies on cpeh16:03
kfox1111ah. pure python imports?16:03
dmsimardyou're making me doubt, actually, so I'll go check, but stuff like python-rbd is likely not on our end16:03
kfox1111if its pure python imports, I remove my objection.16:04
dmsimardYeah, python-rbd, python-rados and all that stuff is straight out of Ceph, we don't have any of that in RDO16:04
dmsimardSee the package list here: https://cbs.centos.org/koji/buildinfo?buildID=1685716:05
kfox1111ok. cool. then no worries. :)16:05
inc0I'd still put ceph version bump as Q goal16:06
kfox1111inc0: +1.16:06
kfox1111or, honestly, it might be nice to support multiple versions of ceph per openstack release.16:06
kfox1111like, 2 LTS's.16:06
inc0I just kicked this off16:07
kfox1111though not sure how much extra work that may involve.16:07
inc0https://etherpad.openstack.org/p/kolla-queens-ptg-planning16:07
dmsimardYou probably have to handle testing upgrade from Jewel to Luminous16:07
dmsimardWhich is the part that sucks16:07
kfox1111depends on if thats in scope or not.16:07
kfox1111I've been trying to keep ceph server support out of scope of kolla-kubernetes.16:08
kfox1111ceph-deploy or other tools are really good. I really don't think we need to reinvent those wheels.16:08
inc0We got H->J working16:08
kfox1111rook is looking interesting too.16:09
inc0I'm ok with keeping ceph outside of kolla-k8s16:11
inc0we're kinda stuck with it in Kolla-ansible16:11
kfox1111stuck until you deprecate it.16:11
inc0deprecate+provide upgrade path16:11
kfox1111if you give a migration path to another tool, that would be ok.16:11
kfox1111right.16:11
inc0something to discuss definetly16:12
inc0maybe once tripleo does ansible+containers for ceph we could share roles16:13
inc0EmilienM ^16:13
*** eaguilar|afk is now known as eaguilar16:13
*** eaguilar is now known as eaguilar|afk16:14
kfox1111is ceph-ansible up to the task by now?16:14
EmilienMinc0: we use ceph-ansible16:14
inc0I guess that's the answer16:14
kfox1111then, that. :)16:14
inc0I'll put it in goals16:15
kfox1111kolla-ansible shoudl probably provide a migration path to ceph-ansible and drop its own ceph server support.16:15
kfox1111kk16:15
*** egonzalez has quit IRC16:16
*** gfidente|afk is now known as gfidente16:16
inc0I really like how simple it is to deploy ceph with our stuff now, but maybe we could tinker out something that would simply allow us to import ceph-ansible roles16:17
kfox1111as for kolla-kubernetes, I'm curious what ceph in kubernetes solutions will turn up.16:17
kfox1111rook.io looks interesting, but seems a bit green yet.16:17
kfox1111with the local volume support in k8s 1.7, I think ceph in k8s might be much more obtainable.16:17
kfox1111ceph server that is.16:18
jamesbenson(I wish i could get ceph with kolla working here... manual deploy works though.)16:18
srnbckrhey guys, I still have problems with the kolla_toolbox container keep stuck in restarting mode -> docker logs kolla_toolbox shows "sudo: unknown uid 42401: who are you?". The ansible user exists in the container and kolla_ansible_sudoers looks ok. I've rebuild the container several times but nothing worked.16:19
inc0jamesbenson: part of reason why we're having this discussion16:19
jamesbensoninc0: don't think I don't notice ;-)16:19
srnbckrCan you maybe point me to another thing to look at?16:19
inc0srnbckr: what versions?16:19
inc0of kolla?16:19
srnbckrkolla 4.0.116:20
srnbckrnodes are ubuntu 16.04 with docker 1.12.616:20
inc0I've never seen this, do you have customized build.conf or anything?16:20
inc0also try to rebuild with --nocache16:21
jamesbensonsrnbckr: are you using AD server or anything for auth?16:21
EmilienMinc0: cool! thanks16:21
inc0because creation of users runs as one of first RUNs in our dockerfiles16:21
srnbckrinc0, in my kolla-build.conf only the variables for the registry and base image are set16:21
srnbckrjamesbenson, yeah I have a ldap running for auth16:22
jamesbensoninc0: is it recommended to always do nocache or just in instances like this?16:22
jamesbensonsrnbckr: does that id exist in ldap?16:23
inc0jamesbenson: depends, if you develop image for example it cache will speed thnigs up a lot16:23
inc0every now and then --nocache helps tho16:23
jamesbensonok, good to know16:23
srnbckrjamesbenson, nope the uid doesn't exist in ldap16:24
jamesbensonsrnbckr: I know when I did ldap/ad auth, I would run into those errors a bunch.... okay, try the --nocache then, maybe that will help16:24
srnbckrbuilding it atm, thx16:25
inc0srnbckr: I don't know much about ldap in container work, but alternatively it could be that creation of users filed silently for some reason and it uses cache ever since16:25
*** ducttape_ has joined #openstack-kolla16:25
srnbckrinc0, I'm not using ldap inside of the containers, our cluster is using ldap for auth16:26
inc0yeah, I'm thinking if ldap could somehow bleed into container, not sure tho16:27
*** jascott1 has joined #openstack-kolla16:27
srnbckrmhm, I've deployed kolla on 3 centos nodes of the same cluster which are not using ldap auth. it worked there, so maybe you've got a point16:27
inc0srnbckr: if same containers works on one and not another, then it's host16:28
*** vhosakot has joined #openstack-kolla16:29
jamesbensonsrnbckr: once you get that worked out, you may want to try 4.0.2 or master 4.0.3. a bunch of bugs were fixed....16:29
*** itlinux has joined #openstack-kolla16:29
srnbckrinc0, I've used a different registry for that deployment16:29
*** ducttape_ has quit IRC16:30
*** iniazi has joined #openstack-kolla16:30
srnbckrjamesbenson, ok, I will try out 4.0.3 then16:30
inc0yup, we did a bunch of stuff last few months;)16:31
jamesbensonback to ceph convo?16:31
inc04.0.3 isn't released yet, it's what git stable/ocata is today16:31
*** itlinux has quit IRC16:31
inc0jamesbenson: so I for one like idea of moving to ceph-ansible or ceph-deploy16:32
jamesbensonsorry, correct, master is pike...16:32
inc0and focusing on external ceph16:32
inc0branch stable/ocata in git16:32
inc0master will be pike when we release, yes16:32
jamesbensonI have a decent ceph script for ceph-deploy16:32
*** lpetrut has joined #openstack-kolla16:33
jamesbensonstill need to debug, but good layout at least16:33
jmccarthyHiya, I'm sure this has come up before, but I can't seem to see/remember what is up ? "error while evaluating conditional ('169.254.' not in kolla_internal_vip_address and kolla_internal_vip_address | ipaddr(ip_addr_output.stdout.split()[3]) is none): 'dict object' has no attribute 'stdout'" for "Checking if kolla_internal_vip_address is in the same network as api_interface on all nodes" ansible task ?16:33
jamesbensonrelatively simple16:33
inc0well I think ceph-ansible would be better option tho, that's a discussion we need to have carefully16:33
*** iniazi_ has quit IRC16:33
jamesbensonagreed and I think it could be wrapped in from what I've seen16:33
jamesbensonjust stating what I've worked with16:34
jamesbensonand have16:34
inc0jmccarthy: is kolla_internal_vip_address in same network as ansible_interface on all nodes?:)16:34
sean-k-mooneyinc0: have you got ceph ansible to work. i could not get it to work on ubuntu 16.0416:34
jmccarthyI checked that yea the vip is oh ansible_interface or api_interface ?16:34
inc0api_interface16:35
jamesbensonsean-k-mooney: yeah, I think I gave it 1 try, couldn't and that's why I went with deploy16:35
inc0my bad16:35
sean-k-mooneyjamesbenson: same16:35
jmccarthyYea it it yea, which is network_interface by default, for me eth0 all around, it's in same network alright16:35
*** manheim has quit IRC16:36
jamesbensonsean-k-mooney, are you running external?16:36
*** manheim has joined #openstack-kolla16:36
sean-k-mooneyjamesbenson: haved got around to deploying kolla yet at home its on my todo list. at work i use ceph deployed by kolla not external16:37
*** dmsimard is now known as dmsimard|afk16:37
jamesbensonsean-k-mooney: okay.  kolla gives me issues with ceph for some reason, so I have to run it external here at work.  (no toys at home besides a diy firewall, and rpi's)16:38
sean-k-mooneyjamesbenson: there are a few rough spots with kollas ceph implenetaion. mail releated to external journals and caching16:39
sean-k-mooneyif you dont use external journals or chacing it works pretty well16:39
jamesbensonI don't :-(16:39
sean-k-mooneyjamesbenson: i use both hence why i know there are rough spot with those features16:40
jamesbensonoh wait...16:40
jmccarthyOk I'll look again, maybe I am loosing my mind :) Well that's another question altogether lol16:40
jamesbensonceph_cache_mode: "none"?   I kept it on default, writeback16:41
*** manheim has quit IRC16:41
jamesbensonscratch that, ceph_enable_cache: "no"16:41
*** jascott1 has quit IRC16:42
jamesbensonreally just enabled ceph, ceph_rgw, rgw_keystone, and the backends16:42
jamesbensonbut tbh, it's the same with keystone-fernet, always fails.16:43
jamesbensonthose two features, I can't use :-(16:43
sean-k-mooneythey both take a little extra prep work on the hosts to get them to work16:43
jamesbensonplease tell!16:44
sean-k-mooneywell actully not sure about the fernet tokens16:44
sean-k-mooneywell for ceph you need to have a gpt partion table with the lables applied for your osd disks16:44
jamesbensonalready do that16:44
sean-k-mooneydo your re do it every time you run deploy16:45
jamesbensonI love prep work.  ^_^ give me more ^_^16:45
jamesbensonyep and a reboot16:45
sean-k-mooneyi have had little issues following the ceph guide to be hosnest16:45
sean-k-mooneyjamesbenson: sepcifcially kolla's https://github.com/openstack/kolla-ansible/blob/master/doc/ceph-guide.rst16:46
jamesbensonI run this with my destroy script: https://github.com/JamesOBenson/Kolla-misc/blob/master/tasks/ceph.yml16:47
*** dave-mccowan has joined #openstack-kolla16:47
*** dave-mcc_ has quit IRC16:50
jamesbensonyeah, I've followed it... results were never consistent, about 90+% fail, and it is all scripted, so no reason why it shouldn't be repeatable....  I've only had a few successfull but other issues happened and had to destroy/deploy and then it fails again and again...16:51
hawihi. what is "TASK [haproxy : Waiting for virtual IP to appear]" and getting timeout, when deploying?16:52
jamesbensonhawi: did your prechecks pass?16:53
hawijamesbenson: yes16:53
sean-k-mooneyhawi: haproxy is the loadblancer we use16:53
sean-k-mooneyhawi: that task wait until it is pinable before moving on16:54
mewaldwhere can I read how the release notes work? e.g: how is the random string generated?16:55
*** athomas has quit IRC16:55
sean-k-mooneymewald: you do someting along the lines of "tox -e venv reno add <name of release note>"  to create it16:56
mewaldah oh, thx16:56
hawisean-k-mooney: with previous installations i had all interfaces as vlan interfaces on same interface, now i tried to install everything on same interface16:56
*** ramishra has quit IRC16:57
sean-k-mooneyhawi: yo can do that for everything except the neutron_external_interface16:57
*** eaguilar|afk is now known as eaguilar16:58
hawiyes, that's what i planned to do, neutron external interface has to be separate one because i will put vlans to it for connecting to external vlans16:58
*** eaguilar is now known as eaguilar|afk16:58
sean-k-mooneymewald: its tox -e venv reno new <name of release note>16:58
hawiand all others will sit on network_interface: "eno1"16:59
sean-k-mooneymewald: it will then output the path to the new file in the release note folder if i remember correctly16:59
sean-k-mooneymewald: https://docs.openstack.org/reno/latest/user/usage.html#creating-new-release-notes16:59
jamesbensonrook.io does look interesting ;-)17:00
sean-k-mooneyhawi: that will in general not work unless you do not plan to support vlan network for tenants17:00
sean-k-mooneyhawi: the neutron_external_interface should be a raw interface not a vlan subport17:01
vhosakotjmccarthy: the default network_interface works fine.. can you ping all the nodes from the kolla deploy node (the node on which you run kolla-ansible to deplot kolla)?17:01
vhosakotdeploy*17:01
sean-k-mooneyhawi: is the ip adress of you vip  in the same range as the ip adress on eno117:02
*** sambetts is now known as sambetts|afk17:02
hawisean-k-mooney: yes17:02
sean-k-mooneythen proivded the vip is not inuse by something else it should work unless something on your network is blocking acess to it17:03
jmccarthyvhosakot: I can ping them all ok yep17:05
-openstackstatus- NOTICE: Restarting Gerrit for our weekly memory leak cleanup.17:05
jmccarthysean-k-mooney: it is , I double checked17:06
*** eaguilar|afk is now known as eaguilar17:07
jmccarthyThe vip task passes, it is not answering that seems ok17:07
*** eaguilar is now known as eaguilar|afk17:07
sean-k-mooneyjmccarthy: have you disable the firewall on the servers? that could be blocking it17:08
jmccarthyI'll check17:08
openstackgerritJames Benson proposed openstack/kolla-ansible master: Added note  https://review.openstack.org/48572717:09
jmccarthyYea doesn't look to be firewall related hmr missing something obviously17:09
sean-k-mooneyjamesbenson: you have an extra space on line 117 https://review.openstack.org/#/c/485727/3/doc/external-ceph-guide.rst hehe17:10
jamesbensongah!17:10
sean-k-mooneyjamesbenson: looks fine other then that17:10
jmccarthy-vvv doesn't give much info on it, I'd like to see the output of ipaddr(ip_addr_output.stdout17:10
openstackgerritJames Benson proposed openstack/kolla-ansible master: Added note  https://review.openstack.org/48572717:11
jamesbensonI was following line 191 in that patch...17:11
jamesbensonthanks sean-k-mooney :-)17:11
sean-k-mooneyjamesbenson: haha no worries, such promt adressing of critique too17:12
jamesbenson:-) I try not to build a queue if possible17:12
jamesbensonfeel free to +2 it :-)17:13
jmccarthyOh I just noticed this, but there is an eth0 ? (1, '\n{"msg": "[Errno 2] No such file or directory", "failed": true, "cmd": "ip -4 -o addr show dev eth0", "rc": 2, "invocation": {"module_args":17:14
jmccarthy{"warn": true, "executable": null, "_uses_shell": false, "_raw_params": "ip -4 -o addr show dev eth0", "removes": null, "creates": null, "chdir": null}}}\n', '')17:14
sean-k-mooneyjamesbenson: if i had core rights on kolla-ansible i might but unfortuetly i do not17:14
sean-k-mooneyjamesbenson: if it was to os-vif or networking-ovs-dpdk that would be another matter17:14
jmccarthyip -4 -o addr show dev eth0 on the nodes in question gives what looks like the correct output17:14
jamesbensonyou're a core there?17:15
sean-k-mooneyjamesbenson: yes but not on kolla* projects17:15
sean-k-mooneyi just like kolla17:15
jamesbensonyeah17:15
hawisean-k-mooney: i checked and moved it to safe range and still seems that it will fail17:16
hawisean-k-mooney: 4.0.017:16
hawii just need to install it in order to have some understanding of upgrading to 4.0.1 or 4.0.217:16
*** lpetrut has quit IRC17:16
hawion multiple nodes17:16
sean-k-mooneyjmccarthy: if you interfaces are not the same on all nodes you need to declare them in the inventory file instead of setting network_interface in the global.yml17:19
*** eaguilar|afk is now known as eaguilar17:20
*** eaguilar is now known as eaguilar|afk17:20
vhosakot^^ yes, I was gonna say the same thing jmccarthy.  "ip -4 -o addr show dev eth0" just shows the v4 IP of eth017:21
*** jtriley has joined #openstack-kolla17:21
*** jtriley has quit IRC17:21
*** jtriley has joined #openstack-kolla17:21
vhosakotin the inventory file, all interfaces can be sparately specified if there is any conflict with network_interface.17:21
jmccarthysean-k-mooney: Yea I have been bitten by that before alright, nope they are all eth0 as what is in the prop17:23
sean-k-mooneyvhosakot: correct but global.yml overrides this so if you have to spcify it in the inventory you have to remove it from globals17:23
*** dave-mccowan has quit IRC17:23
sean-k-mooneyjmccarthy: are you working with hawi our are ye both haveing different issues17:24
vhosakotah right, global.yml overrides the inv file.. globals overrides everything.. right17:24
jmccarthysean-k-mooney: Oh ? No not with hawi17:25
sean-k-mooneyvhosakot: yep i really wish it work the other way around but its becasue we are using -e @/etc/kolla/globals.yml to pass it in17:25
*** ducttape_ has joined #openstack-kolla17:26
*** dave-mccowan has joined #openstack-kolla17:26
sean-k-mooneyjmccarthy: ok cool hawi is have issue with haproxy i just want ed to make sure these converstation were not overlapping on the same deployment17:26
jmccarthyI will double check what is actually there in the lab again, I think the ansible etc is ok17:26
jmccarthysean-k-mooney: gotcha :) No overlap, actually I'm going to leave it and see on Monday and find out it all magically works :)17:28
sean-k-mooneyjmccarthy: thats allways a good coiche on a friday evening. enjoy your weekend17:29
jmccarthyThanks again all , laters !17:29
vhosakotsean-k-mooney: oh yeah, "-e" overrides the universe per ansible's variable precedence -->  http://docs.ansible.com/ansible/latest/playbooks_variables.html#variable-precedence-where-should-i-put-a-variable17:29
*** eaguilar|afk is now known as eaguilar17:30
*** ducttape_ has quit IRC17:30
vhosakot"-e" can be used to crash the entire automation too :)17:30
sean-k-mooneyvhosakot: yep -e is god in ansible world17:30
*** jmccarthy has left #openstack-kolla17:33
sean-k-mooneyvhosakot: unfutunetly there is no other way that i know of to supprot keeping the global.yml outside of the git tree17:33
vhosakotsean-k-mooney: yeah, globals is our entry point for all customizations...17:34
*** pbourke_ has quit IRC17:34
*** shardy has quit IRC17:39
*** pbourke_ has joined #openstack-kolla17:39
*** pbourke_ has quit IRC17:40
sean-k-mooneysome times i really hate centos....17:50
sean-k-mooneythe kernel devel package is installing the headers. its not creating the symlink in /lib/modules17:51
*** jtriley has quit IRC18:01
iniaziquestion... doing multinode kolla-ansible, and the requirements that show up on quickstart guide, mainly the 40gb disk space... is that for deploy node or all the nodes that will be running?  and where does it need the 40gb, /var?18:04
iniazideploy node... is also going to be where I'll keep the registry, i guess18:05
inc0iniazi: so registry isn't that big, I think it's ~15gig total18:05
inc0or less actually18:06
inc0control node - databases18:06
sean-k-mooneyinc0: closer to 30G for ubuntu source build18:06
inc0if you're enabling central_logging then elasticsearch takes a lot of space18:06
inc0really sean-k-mooney? It gunzips to less than 3G18:07
sean-k-mooneyinc0: i taught so but maybe im wrong. from some reasone 27G was in my head but maybe that was for someting else18:09
inc0tarball of all the images (no gzip) was 12G18:09
inc0so it'd be strange18:10
sean-k-mooneyinc0: checking my host env its actully 14G18:10
sean-k-mooneyinc0: oh now i rememeber you need ~27G because if you put your registry on the same node as your contoller it need to have 2 copies of the images18:12
sean-k-mooneyinc0: the registry copy and the local copy for the contoler containers18:12
inc0yeah that would be right. Although controllers don't use all of images18:12
sean-k-mooneyinc0: true18:13
vhosakotI usually don't have a fat registry, delete unwanted/intermediate images.  my registry size is like ~11G18:15
*** iniazi_ has joined #openstack-kolla18:15
sean-k-mooneyvhosakot: isnt that the default. kolla only pushes the final images and the layers it depends on18:16
sean-k-mooneyvhosakot: or do you flatten them before pushing18:16
vhosakotsean-k-mooney: yes that's the default.. no, I don't flatten... just push the usual way and docker does its layering magic to store images on disk to use optimum disk space.18:17
*** iniazi has quit IRC18:18
vhosakotmy registry usually has the master images now... if we carry older releases/tags/versions, we'll end up with a fat registry.18:18
*** jascott1 has joined #openstack-kolla18:19
vhosakotiniazi_: the storage space really depends on your usecase.. storage nodes need TB, OpenStack's db will be on control nodes, glance images take up space, so it really depends on the usecase.18:19
iniazi_well my ceph cluster has about 9tb, my deploy node has about 15t (which is running a 1node es for now) but my compute/control nodes only have about 100g free space.  which I can assign, but wasn't sure what the disk space was referring to18:21
iniazi_and where it needs it.18:22
sean-k-mooneyon compute nodes with ceph for vms kolla does not need much disk space. mainly for log storage at that point18:23
vhosakotiniazi_: well, 15T on the deploy node is a lot for sure :)18:23
jascott1inc0 technosophos said most of the pieces were there except exposing it to rudder so it can be hooked into. sounds promising so I will see what I can do18:24
inc0what's rudder?18:24
vhosakotright, nova VMs using ceph volume need very very min disk space on the computes18:24
vhosakotinc0: I think it is an airplane part?18:24
iniazi_boat part... its because we are on the same boat18:25
iniazi_:)18:25
inc0well, I know what's rudder in ship (I don't think plane tail is called that?)18:25
iniazi_plane tail is also rudder i think18:25
inc0yeah it is18:25
inc0good to know18:25
inc0anyway, hwat's rudder in kubernetes-helm nomenclature?;)18:26
iniazi_its the thingamajig that moves on the vert stabilizer18:26
inc0yeah you're right18:26
vhosakotI was a research engineer for an aircraft company for 9 months.  rudder is a part of a plane :)  https://www.grc.nasa.gov/www/k-12/airplane/Images/rud.gif18:26
vhosakotlol18:26
vhosakotorange plane18:26
inc0heh, I know these names in Polish18:27
inc0I fly paragliders and paragliders don't have rudders18:27
jascott1inc0 its an grpc tunnel to tiller pod afaik.. to be honest ive never dealt with it but should be expert soon :P18:27
inc0kk18:27
inc0also how would writing support for jinja2 look like? ^18:28
inc0kfox1111 EmilienM ^18:28
inc0EmilienM: we're exploring support for jinja2 in helm18:28
inc0if we could get it in somehow (possible) we could rewrite our templates to jinja2 while keeping compatibility with helm18:28
inc0potentially18:28
vhosakotjinjansibhelm is the next big thing ;)18:29
*** jrist has quit IRC18:29
*** iniazi_ is now known as iniazi18:30
sean-k-mooneyhelm, tiller, rudder, the k8s guys sure do like there boat based project names18:30
vhosakotyeah, kubernetes also means the captain of a ship or something18:31
vhosakotin greek18:31
*** ducttape_ has joined #openstack-kolla18:32
EmilienMinc0: you fly? nice18:32
sean-k-mooneywell its no worse then us calling the block storage project cinder i guess18:32
EmilienMinc0: I fly cessna 172 :P18:33
kfox1111sean-k-mooney: naming's hard. conventions help. :)18:33
inc0yeah I've seen tweets;) yeah, I'm paraglider pilot18:33
vhosakotyeah, cinder block.. lol18:33
vhosakotwow cool inc018:33
inc0hopefully get some quality airtime tomorrow \o/18:33
inc0I need to test my new harness18:33
EmilienMinc0: we're not far from each others18:34
vhosakotmy tomorrow is lawn, lawn, and more lawn :)18:34
EmilienMinc0: I think I can fly to your place in ~3h max18:34
inc0it would be much more for me...if at all possible18:34
inc0that being said, I really want to fly around Vancouver BC18:35
inc0mountains out there are just gorgeous18:35
EmilienMinc0: I fly on the island for now18:35
sean-k-mooneyvhosakot: i think mine is makeing dpdk work on centos....18:35
vhosakotsean-k-mooney: cool :)18:36
inc0I need to try powered paragliding someday18:36
inc0right now I'm bound to mountains and thermals;)18:36
sean-k-mooneyvhosakot: centos is a pain in the ass sometimes... i had this working untill they stoped creating the symlinkx for the kernel headres correctly.18:36
*** ducttape_ has quit IRC18:37
EmilienMinc0: come here, we'll go flying and hack on stuffs ;-)18:37
vhosakotsean-k-mooney: I see, so are they like broken packages?18:37
vhosakotEmilienM: good to land first, and then hack stuff ;)18:38
kfox1111is there an online gotl parser?18:38
sean-k-mooneyvhosakot: installing kernel-devel-$(uname-r) is ment to create a symlink in /user/modules/$(uname -r)/build but the latest package does not18:38
vhosakotI'd scared to hack the plane I fly in.. lol :)18:38
vhosakotsean-k-mooney: ah I see, sucks18:39
-openstackstatus- NOTICE: docs.o.o is currently broken, we're investigating18:39
inc0just...don't fly too close:P all I have is a piece of cloth;)18:40
EmilienMvhosakot: hehe18:40
sean-k-mooneyvhosakot: sorry that should be  /lib/modules/$(uname -r)/build  but ya i need to change my code to work around it i think which is a pain18:40
inc0EmilienM: you live on Vancouver island?18:41
EmilienMinc0: yes, for now :)18:41
vhosakotsean-k-mooney: ah I see, good luck :)18:41
inc0cool, I hope to go to BC soon to spend some more time there18:42
inc0I really loved that place18:42
*** MasterOfBugs has joined #openstack-kolla18:45
sean-k-mooneyinc0: vanvouver is pretty awsome18:47
sean-k-mooneythe summit after sydny is there again right?18:47
inc0yeah18:47
inc0second summit I'll be able to drive to;)18:47
inc0a bit longer drive, but still a nice one18:48
EmilienMinc0: there is a ferry from Port Angeles, direct to Victoria18:48
EmilienMinc0: and I live 2 min walking from the ferry :)18:48
inc0nice18:48
inc0well, if I won't stay in US, Canada is my next destination18:49
inc0most likely18:49
vhosakotyeah, vancouver after sydney... wonder where it is after vanvoucer?18:49
inc0I really like Pacific NW18:49
* vhosakot thinks inc0 still lives in San Antonio for some reason.. lol :)18:50
* inc0 does not18:52
inc0Portland since December18:52
inc0well Hillsboro, but that's same thing18:52
vhosakotinc0: are you close to that crater thing in OR?18:55
inc0there are many crater things in OR;) but I assume you're asking about crater lake18:56
inc0~5hrs18:56
vhosakotright crater lake18:56
vhosakotah cool18:56
inc0I plan to go there campnin mid August18:57
inc0btw EmilienM maybe you'll fly over here for solar eclipse?18:57
inc0or anyone really, that'll be quite an event18:57
jamesbensonvhosakot I'm in SA :-). or :-( depending on how you look at it18:58
vhosakotSA?  Aouth Australia?18:59
vhosakotSouth*18:59
vhosakotjamesbenson: ^^18:59
inc0temperature wise it's more like north australia18:59
vhosakotinc0: north australia?  I thought the entire continent of australia is in the south lol ;)19:02
jamesbensonsorry catching up in the thread, san antonio :-(19:02
jamesbensonused to live in potsdam.... ny, not germany..19:03
jamesbensonpotsdam was nice though, hit up canada a bunch :-)19:03
jamesbensonqq: why can I ping my router in openstack, but not my vm's?  security rules are good19:04
vhosakotjamesbenson: wife and I love San Antonio actually... love the river walk area and the Alamo... we also went to Waco few times19:04
jamesbenson^^ nice :-)19:04
vhosakotjamesbenson: neutron blocks incoming icmp by default19:04
jamesbensoncan't ssh into vm's either though19:05
vhosakotjamesbenson: yes, SSH (TCP port22) is also blocked19:05
vhosakotjamesbenson: neutron's ati-spoofing sec rules19:05
jamesbensonsecurity rules I enabled ssh and ping19:05
rwellumTalking about temperature - I am playing soccer this weekend and the projected forecast is 108F. I still live in Celsius - but I think I am going to die basically...19:05
vhosakotwow, 108... I remember wife and I went to Grand Canyon hiking in 111 a few years ago... we took lots of water and umbrella19:06
*** tonanhngo has joined #openstack-kolla19:07
inc0jamesbenson: can you ping vm from inside dhcp netns19:07
inc0?19:07
inc0go to net node and ip netns exec << your qdhcp... netns id >> ping <<instance id >>19:08
inc0also check instance logs if it got dhcp19:08
vhosakotall incoming traffic to TCP ports will be blocked unless explicitly opened for each source+dest IP combo, or port number, it is neutron's rule #019:08
inc0rwellum: where do you live?19:09
inc0I thought you're from US19:09
vhosakotneutron allows packets that originate form the VM (like DHCPDISCOVER, DNS request, etc)19:09
sbezverkrwellum I would really like to see you playing soccer with umbrella ;)19:09
rwellumNC inc0 - gets quite hot.19:09
jamesbensonqdhcp = neutron_dhcp_agent?19:09
vhosakotlololol... soccer in umbrells19:09
inc0jamesbenson: run "ip netns" on network node19:10
inc0it's network namespace19:10
jamesbensonnothing19:10
vhosakotjamesbenson: neutron_dhcp_agent is a nuetron process that creates a network namspace with the name qdhcp-<network ID> on the control node that runs neutron_dhcp_agent.19:10
inc0on any of network nodes?19:10
jamesbensonokay, one returned19:11
*** bmace has quit IRC19:11
*** bmace has joined #openstack-kolla19:11
jamesbensonno, can't ping either floating or internal ip on router19:12
sean-k-mooneyinc0 has http://logs.openstack.org/32/466132/6/gate/gate-kolla-dsvm-build-ubuntu-source-ubuntu-xenial/ad6ccf5/console.html#_2017-07-21_18_25_43_968049 been fixed yet19:12
jamesbensonip netns exec qrouter-09aa9dd8-da65-4fb8-beb6-1215d111a8f9 ping 192.168.100.919:12
vhosakotjamesbenson: by default, neutron runs the dhcp namespace on only one of the networks nodes, unless we specify dhcp_agents_per_network > 2 in neutron.conf --> https://github.com/openstack/kolla-ansible/blob/master/ansible/inventory/multinode#L14-L1619:12
rwellumsbezverk: quick sanity check on my source image work?:19:12
rwellumhttps://www.irccloud.com/pastebin/rGcNM7zR/19:13
inc0jamesbenson: can't you see qdhcp... netns?19:13
inc0I mean...that's hwere dhcp agent lives19:13
rwellumsbezverk: why do I see two images?19:13
sean-k-mooneyinc0: never mind its fixed here https://github.com/openstack/kolla/blob/master/tests/test_build.py#L15019:13
sbezverkrwellum yep, it looks like it is using your local image19:14
sbezverkrwellum : second image is for init container which waits for some resources before it allows main container to start19:14
jamesbensonsorry inc0, i'm getting lost.  The only thing I saw was qrouter19:14
rwellumok sbezverk - sweet19:15
inc0jamesbenson: neutron agent-list please19:15
inc0check if your dhcp agent is healthy19:15
*** ducttap__ has joined #openstack-kolla19:15
jamesbensonhttp://paste.openstack.org/show/616204/19:16
jamesbensondhcp healthy, everything is19:16
jamesbensonchecked19:16
jamesbensonand a fresh deploy19:16
jamesbensonalso, security rules: http://paste.openstack.org/show/616203/19:16
jamesbensonI enabled icmp, ssh..19:17
vhosakotjamesbenson: from the output you sent, I see three DHCP agents each running on the nodes r6-410-1/2/3.    do you need multiple DHCP agents.  one works jsut fine in most cases unless you need HA DHCP.19:17
jamesbensonI suppose we can do only 1, I just copied the control group over.19:18
jamesbensonthat shouldn't be the cause of the issue though correct?19:19
vhosakotah jamesbenson.. are your control nodes the network nodes too?19:19
jamesbensonyeah, this is dev, so I have 3 controls with everyone on it besides compute, and one compute19:19
vhosakotwell, it depends on what's your dhcp_agents_per_network in neutron.conf becasue each network now sees more than 1 DHCP agent.. so, who will respond to the DHCPDISCOVER from the nova VM?19:19
jamesbensonhttp://paste.openstack.org/show/616205/19:19
jamesbensonglobals ^^19:20
jamesbensonerr multinode sorry19:20
jamesbensonnever modified neutron.conf19:20
inc0but you can't see qdhcp namespace anywhere?19:21
vhosakotjamesbenson: can you check https://github.com/openstack/kolla-ansible/blob/master/ansible/roles/neutron/defaults/main.yml#L234 in you /etc/kolla/neutron* dir?19:21
rwellumsbezverk: so when I go to this Horizon, it's clearly default Ocata. So I may be running what I built, but I don't think I built my local source...19:23
jamesbensoninc0, no, only what I told you with that command19:23
inc0that's....strange19:24
sbezverkrwellum if you know about a specific file which should be present in your image, just run docker run -tu root -ti {your local image ID} bash19:24
sbezverkand then check if that file is there19:24
jamesbensonvhosakot: I don't have a /etc/kolla/neutron dir...19:25
sbezverkrwellum I mean I do not know how you build your images, all I can say that it is using right image from version perspective..19:25
vhosakoton your deploy node jamesbenson? not on the network node19:25
jamesbensoncorrect19:25
vhosakotha19:25
sean-k-mooneyinc0: can you weight in on https://review.openstack.org/#/c/408872/12/contrib/ovs-dpdk/library/kolla_docker.py when you get a chance19:25
inc0Sean Spicer resigned :(19:26
rwellumsbezverk: what's my local image id?19:26
jamesbensonvhosakot: care to share?19:26
sbezverkrwellum docker images | grep 4.0.219:26
sbezverk3rd parameter is the image id19:27
inc0sean-k-mooney: what's wrong with our current kolla-docker?19:27
vhosakotjamesbenson: I don't have my setup now, let me check the code.. in any case, multiple DHCP agents is not I've seen very common19:27
jamesbensonif you give me 30 I can destroy and deploy...19:28
jamesbensonyes/no?19:29
vhosakotsure.. jamesbenson do you also see the DHCP container on all the nodes? r6-410-1/2/3 ?19:29
rwellumsbezverk: that's great thanks! Unfortunately it's not my local source code...19:29
sean-k-mooneyinc0: i cannont symlink to it form the contrib playbook or use it so i had to copy it19:29
inc0well, let's get to the bottom of this19:29
inc0uhh....ok19:29
jamesbensonneutron_dhcp_agent19:29
inc0symlink didn't wokr?19:29
inc0work19:29
sean-k-mooneyinc0: that was what i tried first but no ansible did not follow the symlink correctly19:30
jamesbensonneutron_dhcp_agent is on all 319:30
inc0jamesbenson: so what should happen is dhcp agent should create netns qdhcp-<<id of subnet>>19:30
inc0and run dnsmasq within this netns19:31
jamesbensonokay, let me destroy and bring it up with only 1 network node19:31
inc0if it's not there, vms won't get dhcp19:31
sean-k-mooneyinc0: Eduardo Gonzalez was suggesting merging the contrib role into the main ones to avoid the duplication but i know you want to keep the seperate. so if you let me know which is your preference ill implement that19:32
jamesbensonokay, destroying now19:32
inc0sean-k-mooney: frankly if that's the case then I'd move ovs-dpdk to general ansible dir19:32
inc0not if it's an technicla issue19:32
sean-k-mooneyinc0: i can do that if your ok with that.19:32
inc0I'm ok with that19:33
inc0I'd rather have this than mess with copied files19:33
sean-k-mooneyinc0: it still will not be used as part of kolla deploy so it wont change the default behavoir anyway19:33
vhosakotjamesbenson: our gate runs just one DHCP agent with default neutron.conf --> http://logs.openstack.org/23/485723/8/check/gate-kolla-ansible-dsvm-deploy-centos-binary-centos-7-nv/ed2cb19/console.html#_2017-07-21_16_05_34_32192819:33
jamesbensonok19:33
inc0yeah, it's easy to turn off role19:34
inc0also I was thinking of contrib from perspective of container images rather than roles19:34
sean-k-mooneyok ill adress the other issues and do that last19:34
inc0contrib is good place for overrides19:34
vhosakotwonder if it's because the control nodes are the network nodes r6-410-1/2/3.19:35
rwelluminc0: so I am trying to build my local source code with kolla-build, by editing the kolla-build.conf file - and it generates an image just fine - but doesn't seem to be the code I point it to. Any good steps to debug this?19:35
inc0jamesbenson: also you did create subnet for net right?;)19:35
sean-k-mooneyya i agree. i like haveing it contrib when i taugh i could symlink in the shared code but that did not pan out19:35
jamesbensonmaybe we should update the default inventory to only one host there then?  https://github.com/openstack/kolla-ansible/blob/master/ansible/inventory/multinode#L1619:35
vhosakotjamesbenson: might be a good try to use just one node (for example r6-410-1) as your network node and redeploy.19:35
jamesbensoninc0, ha! yes good call though19:35
*** dmsimard|afk is now known as dmsimard19:35
inc0rwellum: local source code for openstack service?19:35
inc0sorry jamesbenson, happened to me once and I felt stupid;)19:36
inc0...after few hrs19:36
vhosakotinc0: there can be multiple network nodes, and neutron uses the value of dhcp_agents_per_network in neutron.conf to decide on how many nodes to run the DHCP agent.19:36
jamesbensonfair enough, don't similar things... sometimes you get happy with only a few additional lines of code in a day....19:36
rwellumyes inc0 - trying to replace Horizon service with local source code.19:36
jamesbensonand that's why I script the hell out of things... to prevent me from being stupid.19:36
jamesbensonor at least stupid only once...19:37
inc0rwellum: you have git repo with it? or how do you put it there?19:37
rwelluminc0: yeah - I git clone my companies source code - with is Mitaka based btw.19:38
inc0show me your kolla conf plz19:38
inc0also, you shouldn't really clone it19:38
inc0you should point to repo and build will clone it19:38
inc0oh yoy're trying to do type=local?19:39
rwelluminc0 - yup: https://www.irccloud.com/pastebin/xMwFqZbT/19:39
inc0I'm not sure how local works tbh;) I'd need to check19:39
inc0oh, also try to use absolute paths if anything19:40
inc0not ~19:40
rwellumok19:40
inc0or better would be to use type=git19:40
jamesbensonside note while deploying: inc0 can you check this out? https://review.openstack.org/#/c/485704/19:41
rwelluminc0: changed to absolute path but now getting an odd error when building:19:49
rwellumhttps://www.irccloud.com/pastebin/XkLy6om8/19:49
inc0rwellum: try running pip install -U .19:50
vhosakotrwellum: so, isn't 'location' in kolla-build.conf not picking up and using your company's custom tar.gz to build the image from source?19:52
rwellumvhosakot: yeah maybe19:53
vhosakotrwellum: yeah, I'd try the abs path for 'location' in kolla-build.conf instead of ~/horizon/.19:53
rwellumvhosakot: trying that but seem to have broken kolla. Recloning and building now19:53
vhosakotcool19:54
rwelluminc0: I tried that, same issue. Deleted kolla, repulled, recompiled - same error when I kolla build...19:55
kfox1111sbezverk: btw, https://github.com/kubernetes/helm/issues/270619:58
kfox1111the .Capabilities.KubeVersion thing is very interesting.19:58
vhosakotrwellum: same error "self._dc = docker.Client(version='auto', **docker_kwargs)" again after you repull and rerun?19:59
rwellumyes vhosakot19:59
jamesbensonokay deployed and setting up infra20:00
sbezverkkfox1111  really interesting. We could try to print .Capabilities and see what else is there ;)20:00
*** dave-mccowan has quit IRC20:02
jamesbensonsame result20:02
vhosakotrwellum: are you using master?  I see the latest docker-py has docker.APIClient instead of docker.Client --> https://review.openstack.org/#/c/475939/3/kolla/image/build.py20:03
rwellumI think so vhosakot: git clone http://github.com/openstack/kolla20:04
vhosakotrwellum: on the deploy node, can you open a Python interpreter (type "python") and do    "import docker"    and then   "docker.Client"   and also  "docker.APIClient"20:04
jamesbensoninc0 ip netns still returns: qrouter-8a66770e-f47b-470a-a447-ad1805e1796120:04
vhosakotrwellum: master has docker.APIClient instead of docker.Client  - https://github.com/openstack/kolla/blob/master/kolla/image/build.py#L13520:04
jamesbensonall network agents are up and alive on r6-410-120:05
rwellumvhosakot: ah and the commands above confirmed this. So am I just cloning the wrong version of kolla?20:06
vhosakotrwellum: I think you need to uninstalla and install the master... did you use pip to install kolla?20:06
jamesbensoninc0: where do you find this info from exactly: qdhcp-<<id of subnet>>. I want to make sure I'm pulling it correctly20:09
rwellumYes I used pip20:09
rwellumvhosakot:  https://www.irccloud.com/pastebin/ZTT7N20w/20:10
kfox1111sbezverk: yeah. :)20:11
jamesbensonvhosakot: can you help on the network issue still?20:12
vhosakotjamesbenson: sure, I'm still trying to see the code where the playbook deploys multiple DHCP agents :)20:12
jamesbensonwell I've got just one node now :-)20:13
jamesbensonshould the ip netns command return the qdhcp-... ?20:13
inc0it should20:14
inc0try to spawn a vm20:14
jamesbensonhmm it doesn't.'20:14
jamesbensonjust the qrouter.20:14
*** lpetrut has joined #openstack-kolla20:15
vhosakotrwellum: hmm, wonder you should do "pip uninstall kolla" before "sudo -H pip install -U kolla"20:15
jamesbensonthis is how I set up my networking... hasn't been an issue yet, but maybe I was lucky?20:16
jamesbensonhttps://github.com/JamesOBenson/Kolla-misc/blob/master/scripts/setup_networking.sh20:16
hawisean-k-mooney: still nothing. https://pastebin.com/aDZqBhbN - i can see, that db listens on kolla_internal_vip_address20:16
rwellumvhosakot: tried that and also deleted the whole dir - uninstalled and reinstalled20:16
kfox1111sbezverk: probably can toYaml the whole thing and --dry-run --debug see what it looks like. :)20:16
jamesbensonI can ping the router, so router, so external networking works and router works, correct?20:17
rwellumvhosakot: but when I install it seems to be pulling a cached version of kolla20:18
sean-k-mooneyhawi: that does not look right. keepalived should only have floated the vip to one of the hosts not all of them20:18
rwellum"Using cached kolla-4.0.2-py2-none-any.whl"20:18
vhosakotI think pip has a --no-cache or soomething, checking20:18
sean-k-mooneyhawi: your sudo netstat command should have shown it bound to the local ip on eno120:19
hawisean-k-mooney: yes, something is seriously wrong. also i cant connect to this port (i assume it's brought up by haproxy)20:19
jamesbensonvhosakot: whats vnic type?  I don't think I recall this in the past.  But previously I ran a few version behind...20:19
vhosakotinc0: just saw the quickstart guide https://github.com/openstack/kolla-ansible/blob/master/doc/quickstart.rst does not have the step to install kolla, it just has "pip install kolla-ansible"20:20
sean-k-mooneydo you have anohter kolla cluster runing in the datatcenter20:20
inc0vhosakot: because it's kolla-ansible quickstart;)20:20
sean-k-mooneyhawi: or rather on the same physical network20:20
sean-k-mooneyhawi: if you do you need to make sure https://github.com/openstack/kolla-ansible/blob/master/etc/kolla/globals.yml#L97 is set to a unique number of this deployment20:21
vhosakotinc0: right, kolla docs also do not have the step to install the repo (sudo -H pip install -U kolla)... there is no mention aboue how kolla-build is installed in the first place in https://github.com/openstack/kolla/blob/master/doc/image-building.rst :)20:21
hawisean-k-mooney: https://pastebin.com/5u7xKg0u is from one controller20:21
inc0vhosakot: sounds like great patch;)20:22
vhosakotjamesbenson: vnic?  where do you see it? as a neutron option20:22
vhosakotinc0: yea, doc patch :) lol20:22
hawisean-k-mooney: it's commented out20:22
sean-k-mooneyvhosakot: as a develope quickstart you would never do sudo -H pip install -U kolla as a operator quickstart you should20:22
sean-k-mooneyhawi: can you do netstat -lnp instead of an20:23
vhosakotsean-k-mooney: as a dev, do you see build.py directly in the repo?20:23
vhosakotsee == use20:23
sean-k-mooneyvhosakot: yes always20:23
jamesbensonvhosakot inc0: https://snag.gy/yzuFOw.jpg20:24
sean-k-mooneyvhosakot: same for tools/kolla-ansible20:24
vhosakotsean-k-mooney: right, I use pip too sometimes to excersise the pip installation part of the project20:24
hawisean-k-mooney: sure - https://pastebin.com/x073y41R20:24
*** ansmith has quit IRC20:25
rwellumsean-k-mooney: how should I be installing kolla then?20:26
rwellumI just want the build command20:26
sean-k-mooneyhawi:  192.168.253.99 and  192.168.253.98 are your external and intenal vip adress correct20:26
rwellumvhosakot: I've tried both --no-cache and --no-cache-dir - no luck20:26
vhosakotjamesbenson: ah, it is an option for the neutron port... direct is a regular port... I've used vnic-type direct to bypass the ovs/hypervisor (SR-IOV/PCS pass thru), I think baremetal option for a baremetal port --> https://docs.openstack.org/python-openstackclient/latest/cli/command-objects/port.html#port-create20:27
rwellumvhosakot: just a vm so I can just redo - :-/20:27
*** mewald has quit IRC20:27
sean-k-mooneyrwellum: for development you dont install, you git clone the repo cd into it and do sudo pip insnstall -e . or sudo pip install -r requirements20:27
vhosakot^^ rwellum: can you build form repo without installing kolla?20:28
inc0hmm20:28
jamesbensonokay, so nothing I need to deal with then..20:28
sean-k-mooneyrwellum:  sudo pip insnstall -e . installs it system wide but point it to the local git repo so it picks up your chagnes.20:28
inc0rwellum: do pip freeze | grep docker20:28
vhosakotjamesbenson: so the port type distinguishes what is attached under/to the port (OVS vs baremetal vs normal vs direct).20:29
sean-k-mooneysudo pip install -r requirement.txt install the requirement bunt does not install kolla so you dont get kolla build on your patath and have to call the build script form the tools dir directly20:29
jamesbensonok?20:29
jamesbensonvhosakot: ok?20:29
vhosakotjamesbenson: yes, normal (default) is good20:30
rwelluminc0: https://www.irccloud.com/pastebin/swR8pPUw/20:30
jamesbensonr6-410-x are all baremetal... whew :-)20:30
sean-k-mooneyvhosakot: vnic type direct mean sriov20:30
sean-k-mooneyvnic type baremetal is for ironic20:30
hawisean-k-mooney: yes20:31
vhosakotah right...20:31
inc0rwellum: try pip install docker-py==1.6.*20:31
rwelluminc0: docker --version is 1.1220:32
inc0docker-py is what I'm interested in20:32
sean-k-mooneyhawi: so the issue i think you are having is that the loadblancer is stating but looking at https://pastebin.com/x073y41R you dont have any of the service running on this node20:32
jamesbensonvhosakot: do the vm's need to be in the allowed address pairs?  This is a new screen for me as well...20:32
jamesbensonI wouldn't think so..20:32
*** jrist has joined #openstack-kolla20:33
vhosakotjamesbenson: yes, the default address pairs (combination of IP and mac) is good to ping and SSH into the VM after opening the icmp and SSH ports in sec group rules.20:33
vhosakotjamesbenson: I used allowed address pairs to allow traffic that neutron drops like multicast for eg.20:34
hawisean-k-mooney: yes. because kolla hasnt brought them up yet?20:34
sean-k-mooneyhawi: yes, can you ping 192.168.253.99 and 192.168.253.9820:34
hawino20:34
rwelluminc0: that appears to be working for me :)20:35
rwellumni why20:35
inc0docker-py at some point changed its API20:35
vhosakotrwellum: ah, did "pip install docker-py==1.6.* work?20:35
hawisean-k-mooney: the only things that are up are keepalived, haproxy, elasticsearch, cron, kolla_toolbox and fluentd20:35
hawisean-k-mooney: at least on controllers20:35
sean-k-mooneyhawi: you should should be able to ping the vip even without the services running20:36
vhosakotso, uninstalling kolla did not uninstall your old docker-py.. I see20:36
rwellumit's building now vhosakot20:36
sean-k-mooneyhawi: that vip should only be present on 1 of the 3 controlers also20:36
hawisean-k-mooney: arp is also incomplere20:37
hawisean-k-mooney: arp is also incomplete20:37
hawiso it cant be fw issue20:37
hawion same lan20:37
*** eaguilar is now known as eaguilar|afk20:38
sean-k-mooneyhawi: do you have any other instance or keepalived running on the same lan?20:38
jamesbensonvhosakot: I added them and still no ping access to VM's.20:38
jamesbenson(using cirros)20:38
jamesbensoncan still ping router20:39
hawiwell .... YES :( i think i do have all-in-one installation....20:39
hawiand it's perhaps with same keepalived id20:39
hawiand maybe this leads to it20:39
*** pbourke_ has joined #openstack-kolla20:40
sean-k-mooneyif its working correctly one of the api interfaces on teh controler will look like this http://paste.openstack.org/show/616209/20:40
sean-k-mooneyhawi: yes if you did not set this for your new deployment they will conflict20:40
*** pbourke_ has quit IRC20:41
sean-k-mooneykeepalived uses vrrp wich works at the l2 broadcast dompain level. i your have 2 keepalived instance useing the same id that are not part of the same cluster it will break for both cluster when the scond cluter is deployed20:42
hawisean-k-mooney: well. that has driven me crazy for half a day, i totally forgot it20:42
sean-k-mooneyhawi: set keepalived_virtual_router_id:42 in the global.yml and it should fix it.20:42
sean-k-mooneyhawi: yes i spent quite a while figuring that out myself20:43
hawiubuntu@maakri-maas:~$ ping 192.168.253.9820:43
hawiPING 192.168.253.98 (192.168.253.98) 56(84) bytes of data.20:43
hawi64 bytes from 192.168.253.98: icmp_seq=1 ttl=64 time=0.294 ms20:43
hawiwelll, now it works20:43
hawisean-k-mooney: thanks a lot20:44
sean-k-mooneyhawi: so what happening is that haproxy is correctly starting but keepalived never floated the vip ips to one of the host because it was geting invalid vrrp messages form the all in one deployment so it never formed a quorm20:45
hawii really thought that i reinstalled all-in-one baremetal box and included as one boxes for current setup20:45
jamesbensoninc0: why would qdhcp not start?20:45
sean-k-mooneyhawi: also 42 is as always the answer to everyting20:45
inc0jamesbenson: anything in dhcp agent logs?20:45
hawi:)20:45
jamesbensonin the neutron_dhcp_agent?20:46
*** rwallner has quit IRC20:46
inc0yeah20:47
jamesbensonnothing that I see: http://paste.openstack.org/show/616210/20:47
jamesbensonlook at that last line...20:47
* inc0 is confused20:47
jamesbenson?20:48
*** rwallner has joined #openstack-kolla20:48
jamesbenson(btw, how do you do that?  \/me?20:48
inc0yeah20:48
inc0 /me does it20:49
jamesbensonk20:49
inc0line doesnt' look bad20:49
jamesbensonokay20:49
*** rwallner_ has joined #openstack-kolla20:49
*** goldyfruit has quit IRC20:50
jamesbensoninc0: what's confusing then?20:50
inc0why no namespace20:50
jamesbensonno idea?20:51
inc0vms don't get dhcp?20:51
jamesbensonthey get an IP20:51
jamesbensonI'd share screen with you if I could/you wanted ;-)20:51
jamesbensoncurrently the vm has both internal and floating20:52
inc0btw you're using dvr?20:52
jamesbensonwhat ever is default...20:52
inc0well if it works it works20:52
inc0let's not ask too many questions;)20:52
jamesbensonthat stuff is sort of above my scope..20:52
sean-k-mooneydvr is off by default i think20:52
jamesbensondefinitely dont enable random stuff... let me check20:52
jamesbensonglobals?20:52
inc0you'd know if you'd enable dvr20:53
inc0its off by defaylt20:53
jamesbenson#enable_neutron_dvr: "no"20:53
*** rwallner has quit IRC20:53
sean-k-mooneyjamesbenson: so what is the issue your haveng. i missed the start of the conv20:53
sean-k-mooneydhcp did not start?20:54
jamesbensonI can ping my router, but no vm's can get outside access, no ping etc...20:54
jamesbensonqdhcp isn't showing up20:54
*** rwallner_ has quit IRC20:54
sean-k-mooneyand did you say the vms were getting ips or not20:54
jamesbensonI had 3 network nodes, now I have one20:54
jamesbensonthey have both internal and floating ip20:54
sean-k-mooneyok so its likely not an issue with dhcp then20:55
sean-k-mooneybut rather your routers20:55
jamesbensonand I can ping to my router20:55
jamesbensonthe routers public port...20:55
jamesbensonthis is the script I used to create all of my networking: https://github.com/JamesOBenson/Kolla-misc/blob/master/scripts/setup_networking.sh20:55
sean-k-mooneyare the tenant networks vxlan or vlan and if vlan have you trunked the openstack range across your phyical switchs20:56
jamesbensonI've used it in the past without issue..., but maybe I fat fingered something without realizing it20:56
jamesbensonvxlan20:56
jamesbensonmtu is 1450?20:57
sean-k-mooneyhttps://github.com/JamesOBenson/Kolla-misc/blob/master/scripts/setup_networking.sh#L26 you truned off dhcp on the private network too20:57
jamesbensonneeds to be on?  I thought I always had it off... maybe not... :-/20:58
sean-k-mooneymy quess is the vms are allocated ips from nova but you dont have an instace of the dhcp server running because you set --no-dhcp where you created the private network20:58
jamesbensonlet me fix that and check :-)20:58
sean-k-mooneyjamesbenson: well it is usally off for the external network and on for internal networks20:58
jamesbensondhcp on both public and private?20:58
jamesbensonah20:59
jamesbensonI did copy and paste...20:59
jamesbensonso...20:59
jamesbensondang..20:59
inc0--no-dhcp would explain why there is no dhcp20:59
sean-k-mooneyinc0: well i would hope so or there is someone on the openstack client team i need to have a conversation with regarding there nameing convetions20:59
* jamesbenson feeling sheepish now....21:00
sean-k-mooneyinc0: by the way the init-runonece  script i think has been broken for a while21:00
jamesbensonthank you!  🙏 this fixed it!21:01
sean-k-mooneyinc0: it always gives me errors seting up the routers does it work for you?21:01
jamesbensonI finally have openstack up and running again21:01
sean-k-mooneyjamesbenson:  :)21:02
jamesbensonnow to deploy a production ::finally::21:02
jamesbensonI think that was the last bug...21:02
jamesbensonbut I will try on the ceph one last time...  :-D21:03
sean-k-mooneyi set up openstack on a bunch of server over a year ago and have been doing my developemnt of openstack in vms form that cluster ever since21:03
inc0jamesbenson: I think you should be fine with more than one net node;)21:03
jamesbensonok21:04
jamesbensonif I do 3 network nodes, will it be in HA automatically or do I need to do configs?21:04
inc0ha automatically21:04
jamesbensonsafe to overlay them on the controllers as well?21:04
jamesbensonor too much for controllers?21:05
sean-k-mooneyyou could also enable dvr. yes you can locate network nodes and conntrolers21:05
jamesbensondvr?21:05
inc0distributed virtual router21:05
inc0basically floating ip lands on compute node21:05
sean-k-mooneyjamesbenson: i have ceph+contolers+network node + compute all on same server and it works fine21:06
sean-k-mooneyjamesbenson: basically i made my 3 controllers 3 all in one nodes21:06
inc0depends on scale/traffic21:06
sean-k-mooneyjamesbenson: unless you have a lot of computenodes teh controlers are usully not that busy21:06
sean-k-mooneytrue21:07
sean-k-mooneythe only think i would change if i was to do it again would be to not have the ceph osds and ceph mons colocated21:07
jamesbenson25 compute nodes?21:07
inc0osd can eat cpu like hungry....honey badger21:07
inc0it won't care21:07
sean-k-mooneyjamesbenson:  25 should be fine21:08
inc0it won't give a... you knw21:08
jamesbensonhttp://pixel.nymag.com/imgs/daily/intelligencer/2016/08/18/18-honey-badger-teeth.w710.h473.2x.jpg21:08
sean-k-mooneyjamesbenson: inc0 deployed 235 nodes with 3 contolers on the osic cluster a while back and they were idel most of the time even under load21:09
jamesbensondamn...21:09
inc0yeah21:09
jamesbensonI guess I'll be fine then ;-)21:09
inc0but network nodes can be stressed out if all these vms will start downloadig stuff at once21:09
inc0and ceph can get busy when rebalancing21:09
inc0that's why they're separate usually21:10
sean-k-mooneyinc0: is the video still on your youtube out of interest. ya they can be thats why i was suggesting enableing dvr21:10
inc0but for 25 nodes that should be ok21:10
jamesbensonokay, so 3 nodes with compute/ceph/network. 1 monitor/ceph 3compute/ceph and 25 compute....21:10
sean-k-mooneywell for ceph really you should use another nic for that21:10
inc0yeah vid is up21:10
vhosakothttps://rlv.zcache.com/honey_badger_card-r84cef6dd4372467381e1858a8d6c7083_xvuat_8byvr_324.jpg21:10
inc0honey badger is one of our secret mascots21:11
vhosakotlolol21:11
inc0another one, and I refuse to say otherwise, is koalla+ glue21:11
inc0kolla = glue in greek21:11
vhosakotyes21:12
jamesbensonjust keep honey badger away from koala bear21:12
inc0koala is animal that's always high from eucalyptus21:12
inc0a junkie21:12
sean-k-mooneyjamesbenson: i would got 3 nodes with controler/ceph mon/network + 4 nodes ceph osds/compute + compute21:12
inc0what would junkie do with glue?21:12
inc0I'll just leave it to your imagination21:12
sean-k-mooneyjamesbenson: but what you suggeted would work too21:13
sean-k-mooneyjamesbenson: you generally want to have 3 ceph monitor nodes21:13
*** eaguilar|afk is now known as eaguilar21:14
sean-k-mooneyjamesbenson: if the ceph mon goes down the the cluster goes offline so 1 ceph mond means your ha cloud has a singel point of failute21:14
*** eaguilar is now known as eaguilar|afk21:14
jamesbensonthese are the specs of our machines... we usually put all of the controller/etc on 710's and 610/410== compute http://paste.openstack.org/show/616215/21:15
jamesbensonyeah I would do 3 mon's21:15
jamesbensonand only 2 nics, both 1 G....  but that's the whole prod cluster21:16
jamesbensonthe 410's don't have a 10G card in them...21:16
sean-k-mooneythe dell 710s should eailly handel the controlr and ceph load.21:16
sean-k-mooneydo the 710s and 610 have 10G?21:17
jamesbensonyes,21:17
jamesbenson10G is internal21:17
sean-k-mooneyim assuming they are dual port? if so make sure ceph is on 1 of the 10G ports with ovs on the other.21:18
jamesbensonyeah, I think dual21:18
jamesbensonin the globals, that's just storage and cluster right?21:19
sean-k-mooneyyes21:19
sean-k-mooneyset storage and clust to 1 of the 10G ports and neutron_external_interface to the other21:19
sean-k-mooneythe api network can be shared with ceph or you can use one of the 1G ports21:20
sean-k-mooneybasiclaly you dont want ceph replication to impact the perfomance of the vms network21:20
sean-k-mooneyif you can afford to give ceph its own nic its a good idea.21:21
kfox1111yeah. dedicated ceph backend networks always good if you can afford it.21:22
sean-k-mooneyits not required but it help when things explode and it starts doing a recovery operation21:22
kfox1111same with dedicated ceph servers. better to have them on dedicated harware too.21:22
jamesbensonNot sure if I can wire it up like that, but I shall try my best :-)21:22
*** lpetrut has quit IRC21:22
jamesbensonwe have old, old drives and even 1 or 2 bad HD ports in the servers... so... replication is good and why we usually run raid5/621:23
jamesbensonbut I want to try to optimize this and have redundancy, so I'll probably mirror the os for the controllers and seperate the HD's for ceph21:23
sean-k-mooneyjamesbenson: sounds resonable.21:24
kfox1111yeah. usually old drives imply old computers. so replicating across machines helps. :)21:24
jamesbensonI know I could definitely give ceph a 1G connection21:24
jamesbensonbut we have been itching to finially use the 10g... been sitting there for a while from what I understand21:24
kfox111110g's much better.21:25
kfox1111much much better. :)21:25
kfox1111> 10 x better. :)21:25
kfox1111like, dsl vs dialup. :)21:25
sean-k-mooneyone thing you can do and i do this for my work setup is create macvtap ports off the phyical nics and used those in the kolla config.21:25
kfox1111sean-k-mooney: I do the same but with openvswitch.21:26
sean-k-mooneyit does reduce the perfromace somwhat but it give you flexablity to chagen your mind21:26
sean-k-mooneykfox1111: ovs is a better option now that we have external ovs21:26
* kfox1111 nods21:26
jamesbensonso I'll do something liek this then: http://paste.openstack.org/show/616217/21:27
*** ducttape_ has joined #openstack-kolla21:28
jamesbensonyeah, i've been using the internal network for deploying... deployment node is on seperate rack21:28
sean-k-mooneythis is what my contolers look like http://paste.openstack.org/show/616218/21:28
jamesbensonand use dvr?21:28
kfox1111looks good, but I'd recommend not putting compute on controllers if you can help it,21:29
kfox1111or put them in an aggretate only for your own mgmt use.21:29
kfox1111I've been using dvr to good effect.21:29
jamesbensonhow do you do that?  I've been meaning to figure that out21:29
kfox1111havent' tried dvr+l3-ha, but hear its stable now.21:29
kfox1111you set up host aggregates for each of the hardware.21:30
sean-k-mooneykfox1111: i use dvr + l3 ha in my cluster and it works21:30
kfox1111then add a label to the aggregate like, compute=v1 or controller=v121:30
kfox1111then modify the flavors to have the same key.21:30
kfox1111sean-k-mooney: cool. thanks for the info. I'll expidite switching it on then. :)21:30
kfox1111we probably should test out dvr+l3-ha and default it on in kolla-kubernetes.21:31
*** ducttap__ has quit IRC21:31
jamesbensonkfox1111: enabling that is just enabling dvr and putting it on 3 nodes?21:31
jamesbensonerr sean-k-mooney sorry21:31
jamesbenson^^21:31
sean-k-mooneyjamesbenson: enable dvr and just deploy yes21:31
sean-k-mooneywhat dvr will do is create a router on every node21:32
sean-k-mooneyeach of the network nodes should be running in dvr_snat mode for servers without a floating ip21:32
kfox1111yeah. dvr goes on all the nodes. dvr_snat goes on the network nodes.21:32
kfox1111I see they finally added octavia support for l3+ha/dvr in pike.21:33
kfox1111though the implementation I think is a little suboptimal. :/21:33
sean-k-mooneyjamesbenson: the effect of that is if the traffic is internal it get route betteen the compute nodes without needing to go to the network node21:33
jamesbensoninteresting :-)21:33
jamesbensonminimal overhead?21:34
kfox1111yeah. we had a bunch of vm's stay up/responsive with the network controller nodes going out due to ups blowing up.21:34
kfox1111they had fips, and were on city power, so worked well. :)21:34
jamesbensonfun :-)21:34
*** eaguilar|afk is now known as eaguilar21:34
jamesbensonlol21:34
kfox1111hopefully that never happens to you though. :)21:34
sean-k-mooneythe overhead is relitivly little21:35
kfox1111yeah. compared to the scalability, the overhead is nothing.21:35
*** eaguilar is now known as eaguilar|afk21:35
jamesbensonwell, our own IT department brings the network down for us... we lose connectivity every couple of months for no reason...21:35
kfox1111you don't have to contend with others for network nodes.21:35
kfox1111lame.21:35
jamesbensonyep21:35
sean-k-mooneythe compute nodes are doing more work but not significatly and if you are looking enought to have traffic going between 2 vms on the same server it uses none of your nic bandwidth21:35
jamesbensonbut hey, university ;-D21:35
jamesbensonlove it :-)21:36
sean-k-mooneythat said my team is currently working on rewiting dvr to make it better21:36
jamesbensoncool21:37
kfox1111oh?21:37
jamesbensonany other tips from the pro's here ;-)21:37
sean-k-mooneycurrently it uses kernel network namespace to do the routing. we are working to move it into openflow rules and do the routing directly in ovs21:37
kfox1111ah.21:37
jamesbensonseriously though, you guys blow me out of the water... and I love it.  I love learning from all of you guys.21:37
kfox1111yeah, that would be better.21:37
kfox1111though would ake the linux bridge folks upset?21:38
*** eaguilar|afk is now known as eaguilar21:38
kfox1111is anyone still pushing linux bridge?21:38
sean-k-mooneykfox1111: we have it work for ipv4 - floating ips but that is easy to add. we need 2 flag bits to be added to ovs to get ipv6 to work.21:38
*** eaguilar is now known as eaguilar|afk21:38
jamesbensondoesnt ovs blow linux bridge out of the water with everything?21:38
kfox1111I still want ipv6 fip suport too...21:39
sean-k-mooneyjamesbenson: not multicast vxlan21:39
jamesbensonok21:39
sean-k-mooneyovs does not support multicast tunneling so it has to unicast all tunnels21:39
kfox1111I don't understand neutron's stance on ipv6 fips. fips are not about nating. they are about keeping state (ip address) seperate from instance to minimize pets.21:40
sean-k-mooneythat means if you have lots of multicast or broadcast traffic ovs gets slower21:40
*** ansmith has joined #openstack-kolla21:40
sean-k-mooneykfox1111: well fips can still be a thing in the ipv6 world21:40
kfox1111yeah. I think so. but have seen pushback from the neutron team on ever supporting them.21:41
sean-k-mooneythere is even an extra extention to allow ipv4->ipv6 fips or visversa but its not supproted by most drivers21:41
kfox1111oh, that would be cool. :)21:41
sean-k-mooneyjamesbenson: but back to your question no your deployment looks good http://paste.openstack.org/show/616217/21:42
kfox1111totally could see internal ipv6 with a few things exposed via ipv4 fips.21:42
sean-k-mooneyi remember someone wannted to add fip port frowarding at one point too but i dont think that went anywhere21:43
jamesbensonthanks sean-k-mooney:  good to get validation from experts :-)21:43
sean-k-mooneyjamesbenson: well kfox1111 is more of an expert then i am21:43
sean-k-mooneykfox1111: how is your production cloud going21:44
kfox1111experienced in different ways, lets say.21:44
kfox1111good and bad.21:44
kfox1111I'm involved with 3 openstack clouds.21:44
sean-k-mooneyi need to finally learn how to do openstack upgrades soon21:44
kfox1111the team is seriously discussing dismantling one of them.21:44
kfox1111its chef managed, and old, and they never used it like a cloud anyway, so they are talking about switching it to ovirt. :/21:45
sean-k-mooneyso far i have just set up a new cloud every 6 months but i proably should use the upgrade playbook now that i have other people ueing it21:45
kfox1111the second was about 150 nodes, and I'm about to pull all about a dozen and move them to k8s. :/21:45
sean-k-mooneynice21:46
sean-k-mooneyand ouch on the frist one21:46
kfox1111the third is realitively stable and I'm working on switching it to kolla-kubernetes.21:46
kfox1111got k8s working on the test cloud this morning.21:46
sean-k-mooneykfox1111: what do you use to install k8s21:46
kfox1111I've been hand rolling them.21:46
sean-k-mooneyi saw that we have k8s contaieers in kolla but dont know how to use them21:47
kfox1111that way I always know all the pieces.21:47
kfox1111been baking as much of that knowlege as I can though into helm charts.21:47
kfox1111the k8s containers in kolla are all but dead now.21:47
kfox1111the issue was, k8s prebuilt containers dont have ceph support.21:48
sean-k-mooneykfox1111: yes but then to use helm dont you need a seed k8s to run helm21:48
kfox1111but we got them to make an external ceph conntainer, so we no longer need it in the controllers.21:48
sean-k-mooneyah ok21:48
kfox1111sean-k-mooney: I have been working with jascott1 to get tiller static pod support upstream into helm.21:48
kfox1111I basically drop a pod description for tiller into /etc/kubernetes/manifests, and am good to go.21:48
kfox1111the idea is to make it such that 'helm init --static-pod > /etc/kubernetes/tiller.yaml' would work out of the box.21:49
jamesbensonneat :-)21:49
kfox1111then you can launch your sdn like: 'helm install stable/flannel --set subnet=mystuff/16' etc.21:49
sean-k-mooneyah right so you jsut run the kublet on the host and then drop in the pod def and it deploy the contolplane on that node?21:49
jamesbensonsean-k-mooney, kfox1111, inc0... all experts to me :-D21:49
kfox1111I've yet to submit it yet, but https://github.com/kfox1111/charts/tree/flannel if your interested.21:50
kfox1111I'm running it in production now.21:50
kfox1111sean-k-mooney: yup. :)21:50
kfox1111same as the rest of the k8s control plane.21:50
dimskfox1111 : i spent the day looking through your keystone k8s PR (https://github.com/kubernetes/kubernetes/pull/25391)21:50
kfox1111I think with a static pod, you could even then use helm to manage your kube-control plane.21:50
sean-k-mooneykfox1111: well k8s is still new to me so i have never really got a deployment working21:51
kfox1111dims: hey. :)21:51
*** lucasxu has quit IRC21:51
kfox1111dims: cool. whatcha think?21:51
jamesbensonqq: we have a san that we would love to incorporate potentially, just do an iscsi to a server and join it that way?21:51
dimsdunno yet :) let me run some experiments and ping you back next week kfox111121:51
sean-k-mooneykfox1111: i used the vagrant stuff that portdirct i think worte to work but that the closet i have got to k8s so far21:51
kfox1111sean-k-mooney: play with kubeadm in some vm's, then look at the controller in /etc/kubernetes/manifests. they do some clever things. :)21:52
kfox1111dims: cool. let me know if you need any help.21:52
sean-k-mooneykfox1111: yep its on my todo list21:52
*** eaguilar|afk is now known as eaguilar21:52
kfox1111I'm liking the path kubeadm's headed.21:52
kfox1111using k8s to deploy k8s is a great idea.21:52
*** eaguilar is now known as eaguilar|afk21:52
kfox1111I'd prefer if they used helm for a few pieces though.21:53
*** eaguilar|afk is now known as eaguilar21:54
*** eaguilar is now known as eaguilar|afk21:54
*** jamesbenson has quit IRC21:55
*** jamesbenson has joined #openstack-kolla21:58
*** jamesbenson has quit IRC22:00
*** jamesbenson has joined #openstack-kolla22:00
sean-k-mooneykfox1111: deploying k8s in contaienrs would solve all my problems since by man servers at home are using opensuse tumbelweed which nothing supports22:00
*** eaguilar|afk is now known as eaguilar22:00
*** eaguilar is now known as eaguilar|afk22:00
kfox1111sean-k-mooney: the great beinifit to the k8s using k8s to deploy is that there is very little needed on the host system.22:01
*** jamesbenson has quit IRC22:01
kfox1111docker, kubelet, and cni.22:01
kfox1111kubelet and cni are all statically linked binaries I think.22:01
kfox1111so should be able to use that os just fine. :)22:01
*** jamesbenson has joined #openstack-kolla22:01
kfox1111though it might be a little bit more work.22:02
*** trozet has quit IRC22:02
kfox1111kube-apiserver, kube-controller-manager, kube-scheduler, kube-proxy, sdn, etcd, etc are all containers.22:02
sean-k-mooneythats the thing using minikube it got 90% of the way there but i dont know enought about k8s to fix that last 10%22:02
sean-k-mooneyat least not yet22:02
kfox1111is opensuse systemd based yet?22:03
sean-k-mooneyyes for quite a while i think22:03
kfox1111I'd put the odds at ~75% then that the redhat rpms from k8s might just work out of the box.22:04
sean-k-mooneyim only using it to get a new enough kernel to use bache with partition and ceph lumious binaries22:04
sean-k-mooney*bcache with partion support22:04
kfox1111ah.22:04
sean-k-mooneymy plan was to use ceph with bluestore osd on bcache block devices and then deploy k8s on top and then try kolla-k8 after22:05
kfox1111sean-k-mooney: here's the extent of the rpms needed:22:05
kfox1111https://pastebin.com/wJPq7MRy22:05
kfox1111that would be sweet. :)22:05
*** jamesbenson has quit IRC22:06
kfox1111all the binaries in the rpm's are go binaries I think. so should be statically linked.22:06
sean-k-mooneythe problem with tumpleweed thoug is its like arch. bassily deploying master of everything in package form22:06
sean-k-mooneyso there are just 1 or 2 bugs22:07
kfox1111still willing to bet k8s would work just fine on it. :)22:07
kfox1111and I don't bet very often.22:07
kfox1111I think the only thing you may have to do is tweak the provided systemd scripts alittle to match suse thingies, if there are changes.22:07
*** ducttap__ has joined #openstack-kolla22:08
sean-k-mooneyya but thats a project for antoher weekend22:08
kfox1111fair enough. :)22:09
sean-k-mooneyby the way is kolla-ansible destroy ment to delete all container and volumes on localhost22:09
sean-k-mooneylocalhost is only listed in my inventory under deployment section22:10
sean-k-mooneyi would have taught it should not execute the destroy plays on the deployment node22:11
*** ducttape_ has quit IRC22:11
*** eaguilar|afk is now known as eaguilar22:15
*** eaguilar is now known as eaguilar|afk22:15
hawiit seems that not my lucky day for deployment, now something with ceph. failed: [dc2-stor-002] (item=(0, {u'fs_uuid': u'', u'journal_device': u'/dev/sdb', u'journal': u'/dev/sdb2', u'partition': u'/dev/sdb1', u'partition_num': u'1', u'journal_num': 2, u'fs_label': u'', u'device': u'/dev/sdb', u'external_journal': False})) => {"changed": true, "failed": true, "item": [0, {"device": "/dev/sdb",22:23
hawi"external_journal": false, "fs_label": "", "fs_uuid": "", "journal": "/dev/sdb2", "journal_device": "/dev/sdb", "journal_num": 2, "partition": "/dev/sdb1", "partition_num": "1"}], "msg": "Container exited with non-zero return code"}22:23
rwellumsean-k-mooney: I have a tool that'll install kolla-k8s on a VM in less than 40m :) Going to upstream it as soon as I get permission. It's built around kubeadm and follows the deployment guide we wrote.22:27
*** emccormick has quit IRC22:27
sean-k-mooneyrwellum: does that include building the images?22:28
sean-k-mooneykolla-ansible will deploy 235 nodes with prebuilt immages in 22mins :P22:28
rwellumNo it pulls from dockerhub, but in my repo I have a README which describe how to do this.22:28
rwellumsean-k-mooney: not trying to compete - kolla-ansible is production ready. Just if you want to play with k8s.22:29
sean-k-mooneyrwellum: hehe i know but ya if you do get permission to upstream it or publish it i would be happy to give it a try22:29
*** emccormick has joined #openstack-kolla22:29
rwellumYeah just getting through legal here at $$Job, then hopefully the cores here will give it a good review.22:30
*** manheim has joined #openstack-kolla22:30
rwellumMind you I don't have the build images step working completely. Seems to work, but when I look at the service - it's not running my code annoyingly.22:31
sean-k-mooneyrwellum: well for building hte images you just use kolla right. but then you need to update the charts to pull from your registry instaead of the docker hub22:33
*** manheim has quit IRC22:35
sean-k-mooneyrwellum: kfox1111 i kindo fo wish i could use kolla-ansible to deploy k8s then use that to deploy openstack22:35
sean-k-mooneyi understand how kolla-ansible works22:36
kfox1111inc0: ping22:36
kfox1111what do you think of this:22:38
kfox1111"22:38
kfox1111Then, to consume it in tripleo, in cae kolla remains on jewel, would you22:38
kfox1111suggest use a build override to point kolla build to the luminous repos?22:38
kfox1111Are there drawbacks you can think of?"22:38
kfox1111full email here: https://www.redhat.com/archives/rdo-list/2017-July/msg00055.html22:38
sean-k-mooneykfox1111: using build override to select ceph version?22:46
kfox1111yeah. I've never used build overrides, so not sure what the answer is.22:47
sean-k-mooneyif they are refereing to template overrides the i would say we pin to jewel in the conteiner for pike and those who want luminios can do so themselfve via the template override22:48
sean-k-mooneybut yes it will cause issues on upgrade22:48
sean-k-mooneythat said we have upgrade playbooks per role yes?22:48
*** mattmceuen has quit IRC22:49
sean-k-mooneyso maybe not22:49
kfox1111I think they just want to test.22:49
kfox1111I was just going to suggest a sed /jewel/luminous/ but if the template override works, thats probably better.22:49
sbezverkkfox1111: Have you read it? https://github.com/kubernetes/community/pull/589/files22:53
kfox1111sbezverk: yeah. sounds kind of like our ceph-rbd, doesn't it? :)22:57
sbezverkkfox1111 yep22:57
*** jamesbenson has joined #openstack-kolla22:58
kfox1111i wonder how close they are to implementing it.22:59
sbezverkkfox1111: what I do not like is the idea of a single container with all storage utilities22:59
kfox1111seems like it really depends on mount namespaces too. :)22:59
sbezverkkfox1111 well jul 24 there will be. discussion of this document23:00
kfox1111its not. its one container per volume type.23:00
sbezverkso I suspect it is not very close..23:00
kfox1111ah. bummer.23:00
sbezverkI must have missed it.. I was under impression they want to put everything into one..23:01
kfox1111see the section starting at line 6723:01
kfox1111line 62 says thats the chosen aproach.23:02
*** jamesbenson has quit IRC23:02
sean-k-mooneywhat is the best way to check if a distro is ubuntu or centos in bash?23:02
kfox1111 /etc/redhat-release23:02
kfox1111not sure ubuntu. there's a /etc/debian-release and there are ubuntu code names in it.23:03
sbezverkkfox1111 line 57 confused me..23:03
sean-k-mooneywell im just trying to figure out if i should use the rhel styple networking configs or debian stypes so if  /etc/redhat-release is not there i can assume debian based23:04
sean-k-mooneybut cool thanks23:04
inc0tripleo wants to go liminous in Pike?23:06
kfox1111sbezverk: yeah. they layed out all the apoaches, but only mention the one they picked half way through the doc. a little weird.23:06
kfox1111inc0: no.23:06
kfox1111inc0: but they are just asking the best way to test it.23:06
kfox1111how to build kolla container with it.23:06
inc0well instead of overrides I'd gladly see a patch23:07
inc0we won't merge it in Pike, but we can in early Queens23:07
sean-k-mooneywell a template override that just set ceph_base_packages is pretty clean for testing23:07
kfox1111thats not what they are asking I think.23:08
kfox1111just whats the best way right now to tweak kolla to test with luminous.23:08
kfox1111sed? template overrides?23:08
sean-k-mooneykfox1111: i would use https://github.com/openstack/kolla/blob/master/doc/image-building.rst#package-customisation23:09
inc0https://github.com/openstack/kolla/blob/master/docker/base/Dockerfile.j2#L14123:09
inc0override this thing23:09
inc0set base_centos_yum_repo_packages_remove='centos-release-ceph-jewel' and then append ...-luminous23:10
kfox1111ok. thanks.23:11
sean-k-mooneykfox1111: basically http://paste.openstack.org/show/616220/23:12
sean-k-mooneyof what inc0 said23:12
inc0yeah that23:13
inc0only afair append and remove takes str not list23:13
sean-k-mooneynot accouding to the docs23:13
kfox1111nice.23:13
sean-k-mooneythat does not mean its not true23:13
inc0docs are ok23:14
inc0my memory is not23:14
inc0I wrote damn thing:P can't remember if I was clever enough to include option for multiple appends, which would mean list23:15
inc0I guess I did23:15
sean-k-mooneyhaha i know the feeling. i have helped write deployment code for ovs-dpdk in 5 different implementations. kolla/devstack/fuel/trippleo and puppet23:17
sean-k-mooneyit can get a little confusing which one does what23:17
inc0that ^23:17
sean-k-mooneyi like devstack and kolla becasue they are simple and the rest make my head hurt more then usually trying to figure out why the exploded23:19
inc0one is shell and another is shell-over-ssh-written-in-yaml23:22
inc0with a touch of chroot23:23
sean-k-mooney+ a little jinja223:25
inc0btw...isn't it 1am at your place?23:25
sean-k-mooneymy issue with puppet is manly ruby and the fact that puppet is not ansibly in generally but manily the ruby23:26
*** manheim has joined #openstack-kolla23:27
*** emccormick has quit IRC23:32
sean-k-mooneyinc0: 12:3523:35
sean-k-mooneyinc0: but yes23:35
inc0go drink!23:35
inc0it's Friday night in Ireland;)23:36
sean-k-mooneyinc0: im actully still in the office working on the kolla dpdk role. i almost have the centos deployment code working. i just need to do 1 last test23:37
inc0srsly? Man you're crazy23:37
sean-k-mooneywell ill be in meeting all next week 2 overlapping f2f planned then wedding to atttend next weekend so im off friday so trying to get thing wrapped up before code freeze23:39
sean-k-mooneyits working :)23:40
sean-k-mooney... almost23:41
*** eaguilar|afk has quit IRC23:41
sean-k-mooneyfun centos does not consider adding an ovs bridge to be a hotplug event23:41
*** mattmceuen has joined #openstack-kolla23:42
*** mattmceuen has quit IRC23:52
openstackgerritsean mooney proposed openstack/kolla-ansible master: introduce contrib playbook for ovs-dpdk  https://review.openstack.org/40887223:57
sean-k-mooneyinc0: ^ address all the comments excepth moving it into the main roles and a minior issue with centos not auto configuing the ip on the ovs bridge.23:59
sean-k-mooneyinc0: ill adress those on monday.23:59
« Thursday, 2017-07-20 Index Saturday, 2017-07-22 »

Generated by irclog2html.py 2.15.3 by Marius Gedminas - find it at mg.pov.lt!