Monday, 2017-10-02

*** dardelean_ has joined #openstack-kolla		00:14
*** dave-mccowan has joined #openstack-kolla		00:15
*** dardelean_ has quit IRC		00:18
*** jamesbenson has joined #openstack-kolla		00:34
*** jamesbenson has quit IRC		00:39
*** hieulq has joined #openstack-kolla		00:41
*** dardelean_ has joined #openstack-kolla		00:50
*** hrw has quit IRC		00:50
*** hrw has joined #openstack-kolla		00:52
*** duonghq has joined #openstack-kolla		00:52
*** dardelean_ has quit IRC		00:54
*** tovin07_ has joined #openstack-kolla		00:58
*** jascott1 has joined #openstack-kolla		01:03
*** jtriley has quit IRC		01:07
*** dave-mccowan has quit IRC		01:30
*** dave-mccowan has joined #openstack-kolla		01:33
*** genek has joined #openstack-kolla		01:47
*** dave-mcc_ has joined #openstack-kolla		01:49
*** dave-mccowan has quit IRC		01:51
*** jtriley has joined #openstack-kolla		01:55
*** dave-mccowan has joined #openstack-kolla		01:56
*** dave-mcc_ has quit IRC		01:59
*** genek has quit IRC		02:04
*** genek has joined #openstack-kolla		02:09
*** dave-mcc_ has joined #openstack-kolla		02:18
*** dave-mccowan has quit IRC		02:18
*** genek has quit IRC		02:23
*** jtriley has quit IRC		02:41
*** dave-mcc_ has quit IRC		02:55
openstackgerrit	Jeffrey Zhang proposed openstack/kolla master: [DNM]Testing in project jobs definition https://review.openstack.org/508768	03:06
openstackgerrit	Jeffrey Zhang proposed openstack/kolla master: [DNM]Testing in project jobs definition 2 https://review.openstack.org/508797	03:06
openstackgerrit	Jeffrey Zhang proposed openstack/kolla master: [DNM]Testing in project jobs definition 2 https://review.openstack.org/508797	03:08
openstackgerrit	Jeffrey Zhang proposed openstack/kolla master: [DNM]Testing in project jobs definition https://review.openstack.org/508768	03:09
*** dardelean_ has joined #openstack-kolla		03:14
openstackgerrit	Jeffrey Zhang proposed openstack/kolla master: Testing in project jobs definition https://review.openstack.org/508661	03:19
*** dardelean_ has quit IRC		03:19
*** jtriley has joined #openstack-kolla		03:20
openstackgerrit	Jeffrey Zhang proposed openstack/kolla-ansible master: Move to zuul v3 in project jobs https://review.openstack.org/508759	03:27
openstackgerrit	Jeffrey Zhang proposed openstack/kolla-ansible master: Move to zuul v3 in project jobs https://review.openstack.org/508759	03:40
openstackgerrit	Jeffrey Zhang proposed openstack/kolla-ansible master: Move to zuul v3 in project jobs https://review.openstack.org/508759	03:43
*** jtriley has quit IRC		04:10
*** jaosorior has joined #openstack-kolla		04:19
*** jtriley has joined #openstack-kolla		04:46
*** unicell has joined #openstack-kolla		04:58
*** unicell1 has joined #openstack-kolla		05:02
*** numans has quit IRC		05:03
*** unicell has quit IRC		05:04
*** noVNC has joined #openstack-kolla		05:04
*** numans has joined #openstack-kolla		05:06
*** jascott1 has quit IRC		05:07
*** jascott1 has joined #openstack-kolla		05:08
*** logan- has quit IRC		05:18
*** logan- has joined #openstack-kolla		05:21
*** aagate has joined #openstack-kolla		05:23
*** livelace has joined #openstack-kolla		05:36
*** jtriley has quit IRC		05:37
*** mdnadeem has joined #openstack-kolla		05:40
noVNC	anyone seen this error https://pastebin.com/raw/DBcx4VSh ???	05:45
noVNC	during kolla-ansible upgrade	05:45
*** logan- has quit IRC		05:48
*** logan- has joined #openstack-kolla		05:53
*** jtriley has joined #openstack-kolla		06:11
*** serlex has joined #openstack-kolla		06:14
*** aagate has quit IRC		06:15
*** aagate has joined #openstack-kolla		06:15
*** dciabrin has joined #openstack-kolla		06:22
*** aagate has quit IRC		06:30
*** noVNC has quit IRC		06:37
*** shardy has joined #openstack-kolla		06:37
*** chas has joined #openstack-kolla		06:54
*** dardelean_ has joined #openstack-kolla		07:00
*** dardelean_ has quit IRC		07:03
*** jtriley has quit IRC		07:06
*** pcaruana has joined #openstack-kolla		07:08
*** livelace-link has joined #openstack-kolla		07:10
openstackgerrit	Jeffrey Zhang proposed openstack/kolla master: Testing in project jobs definition https://review.openstack.org/508661	07:14
openstackgerrit	Jeffrey Zhang proposed openstack/kolla-ansible master: Move to zuul v3 in project jobs https://review.openstack.org/508759	07:18
*** nrado has joined #openstack-kolla		07:22
*** dardelean_ has joined #openstack-kolla		07:24
*** dardelean_ has quit IRC		07:27
*** unicell1 has quit IRC		07:29
*** rmart04 has joined #openstack-kolla		07:33
*** jtriley has joined #openstack-kolla		07:39
*** egonzalez has joined #openstack-kolla		07:43
*** magicboiz has joined #openstack-kolla		07:47
*** magicboiz has quit IRC		07:53
openstackgerrit	Marcin Juszkiewicz proposed openstack/kolla master: cinder-api: handle Debian too https://review.openstack.org/508818	07:56
hrw	morning	07:56
egonzalez	morning	07:57
hrw	egonzalez: can you review ^^?	07:58
egonzalez	Jeffrey4l, is there any order to fix gates? this need to be merged first https://review.openstack.org/#/c/508376/ ?	07:58
*** magicboiz has joined #openstack-kolla		07:58
*** dardelean_ has joined #openstack-kolla		07:59
*** dardelean_ has quit IRC		08:00
*** dardelean_ has joined #openstack-kolla		08:00
*** gfidente has joined #openstack-kolla		08:07
*** gfidente has quit IRC		08:07
*** gfidente has joined #openstack-kolla		08:07
*** dougsz has joined #openstack-kolla		08:16
nrado	Good morning, is someone experienced with LBaaS v2 and the Octavia driver? I installed everything with source type (ubuntu + stable/ocata release).	08:17
nrado	But the lbaas agents are not listed within the neutron agents and I'm getting this error in the lbaas-logs: https://gist.github.com/anonymous/553d786dc5284d70763157f9efd697e9.	08:17
nrado	Is this a known issue?	08:17
*** Zophar has joined #openstack-kolla		08:29
*** vincent_vdk has joined #openstack-kolla		08:31
hrw	egonzalez: that's why all gates fail?	08:32
egonzalez	hrw, yep, zuulv3 is not active and broke all our gates	08:33
*** gkadam has joined #openstack-kolla		08:33
egonzalez	s/not/now	08:33
hrw	I just saw that inc0 and Jeffrey4l discussed it yesterday morning	08:34
hrw	trying to catch up some stuff after linaro connect	08:35
*** jtriley has quit IRC		08:37
*** kbaegis has joined #openstack-kolla		08:40
*** athomas has joined #openstack-kolla		08:41
*** jascott1 has quit IRC		08:44
*** jascott1 has joined #openstack-kolla		08:44
*** jmccarthy has joined #openstack-kolla		08:47
*** jascott1 has quit IRC		08:49
*** jtriley has joined #openstack-kolla		09:16
openstackgerrit	chao liu proposed openstack/kolla-ansible master: Add notes on docker version in quickstart and multinode guide https://review.openstack.org/508790	09:19
openstackgerrit	chao liu proposed openstack/kolla-ansible master: Add notes on docker version in quickstart and multinode guide https://review.openstack.org/508790	09:23
openstackgerrit	chao liu proposed openstack/kolla-ansible master: Add notes on docker version in quickstart and multinode guide https://review.openstack.org/508790	09:25
*** sambetts\|afk is now known as sambetts		09:28
*** yangyapeng has quit IRC		09:29
*** yangyapeng has joined #openstack-kolla		09:29
*** rmart04_ has joined #openstack-kolla		09:30
*** rmart04 has quit IRC		09:31
*** rmart04_ is now known as rmart04		09:31
openstackgerrit	Merged openstack/kolla-ansible master: Add fluentd enable option https://review.openstack.org/500712	09:33
*** yangyapeng has quit IRC		09:34
*** rmart04_ has joined #openstack-kolla		09:38
*** rmart04 has quit IRC		09:38
*** rmart04_ is now known as rmart04		09:38
*** mdnadeem has quit IRC		09:41
*** vbel has joined #openstack-kolla		09:42
*** mdnadeem has joined #openstack-kolla		09:44
vbel	hello everyone, any designate experts? I wonder how to configure it safely. It need customer and instance facing interface which I think could be not that secure. I usually configure internal vip and let external router map ports instead of using internal/external haproxy/keepalived pairs. With designate it does not seem easy to use external router. All tutorials I have seen so far dealt with network_interface for designate	09:46
*** kbaegis has quit IRC		09:49
*** kbaegis has joined #openstack-kolla		09:49
*** mdnadeem is now known as mdnadeem\|afk		09:49
vbel	in another words, do I need to use neutron_external_interface with assigned public IP? The interface - does it have to be configured on controllers or/and network nodes. Network nodes already have such interface which does not have IP	09:53
*** egonzalez has quit IRC		09:55
*** mdnadeem\|afk is now known as mdnadeem		09:58
*** kbaegis has quit IRC		10:01
*** kbaegis has joined #openstack-kolla		10:14
*** duonghq has quit IRC		10:15
*** jtriley has quit IRC		10:20
*** tovin07_ has quit IRC		10:21
*** kbaegis has quit IRC		10:41
*** jtriley has joined #openstack-kolla		10:45
*** kbaegis has joined #openstack-kolla		10:45
*** jascott1 has joined #openstack-kolla		10:46
*** pbourke has quit IRC		10:50
*** pbourke has joined #openstack-kolla		10:52
*** kbaegis has quit IRC		11:01
*** dave-mccowan has joined #openstack-kolla		11:07
Jeffrey4l	we can merge https://review.openstack.org/508661 this patch now ( need a fix), which moved to in-project-job.	11:16
openstackgerrit	Jeffrey Zhang proposed openstack/kolla master: Testing in project jobs definition https://review.openstack.org/508661	11:18
*** livelace has quit IRC		11:18
*** dougsz has quit IRC		11:23
*** egonzalez has joined #openstack-kolla		11:24
*** mrunge has quit IRC		11:24
*** mrunge has joined #openstack-kolla		11:24
*** livelace has joined #openstack-kolla		11:34
*** ansmith has joined #openstack-kolla		11:36
*** rmart04_ has joined #openstack-kolla		11:37
openstackgerrit	Jeffrey Zhang proposed openstack/kolla-ansible master: Move to zuul v3 in project jobs https://review.openstack.org/508759	11:38
*** rmart04 has quit IRC		11:39
*** rmart04_ is now known as rmart04		11:39
*** rmart04_ has joined #openstack-kolla		11:42
*** vincent_vdk has left #openstack-kolla		11:42
*** rmart04 has quit IRC		11:44
*** rmart04_ is now known as rmart04		11:44
openstackgerrit	Jeffrey Zhang proposed openstack/kolla master: Testing in project jobs definition https://review.openstack.org/508661	11:48
*** jtriley has quit IRC		11:48
openstackgerrit	Jeffrey Zhang proposed openstack/kolla-ansible master: Move to zuul v3 in project jobs https://review.openstack.org/508759	11:49
openstackgerrit	Dan Ardelean proposed openstack/kolla-ansible master: Implement cinder-smb-hyperv ansible role https://review.openstack.org/508530	11:52
openstackgerrit	Jeffrey Zhang proposed openstack/kolla master: Testing in project jobs definition https://review.openstack.org/508661	12:05
openstackgerrit	Jeffrey Zhang proposed openstack/kolla-ansible master: Move to zuul v3 in project jobs https://review.openstack.org/508759	12:07
openstackgerrit	Dan Ardelean proposed openstack/kolla-ansible master: [HyperV] Add pull and precheck actions to nova-hyperv role https://review.openstack.org/508858	12:08
*** jtriley has joined #openstack-kolla		12:15
*** nrado1 has joined #openstack-kolla		12:17
*** lpetrut has joined #openstack-kolla		12:17
*** nrado has quit IRC		12:20
*** ipsecguy has quit IRC		12:26
*** mnasiadka has joined #openstack-kolla		12:27
*** ipsecguy has joined #openstack-kolla		12:27
*** rmart04 has quit IRC		12:30
*** Zophar has quit IRC		12:38
hrw	hm. "--push" argument is my new find ;D	12:39
mnasiadka	Hello	12:46
mnasiadka	Is there a plan to make some progress on https://review.openstack.org/#/c/505786/ ?	12:46
mnasiadka	Without that - the ubuntu/binary pike build is a bit broken with ceph ;)	12:46
openstackgerrit	Honza Pokorny proposed openstack/kolla master: Add tripleo-ui image https://review.openstack.org/508869	12:52
hrw	mnasiadka: I was at conference last week	12:53
hrw	mnasiadka: once gates get into working state again we can go for it	12:53
* hrw -> food		12:53
*** ipsecguy_ has joined #openstack-kolla		12:54
*** rhallisey has joined #openstack-kolla		12:55
*** ipsecguy__ has joined #openstack-kolla		12:56
*** ipsecguy has quit IRC		12:58
*** ipsecguy_ has quit IRC		13:00
mnasiadka	so let me apply that patch on my env and see if it works	13:00
*** erlon has joined #openstack-kolla		13:11
*** ipsecguy has joined #openstack-kolla		13:13
*** rmart04 has joined #openstack-kolla		13:15
*** ipsecguy__ has quit IRC		13:17
*** Zophar has joined #openstack-kolla		13:22
*** mnasiadka has quit IRC		13:23
*** noVNC has joined #openstack-kolla		13:28
openstackgerrit	Bertrand Lallau proposed openstack/kolla master: Move a release note generated in bad place https://review.openstack.org/508879	13:33
*** lucasxu has joined #openstack-kolla		13:34
noVNC	Jeffrey4l, sup	13:35
openstackgerrit	Dan Ardelean proposed openstack/kolla-ansible master: [HyperV] Add pull and precheck actions to nova-hyperv role https://review.openstack.org/508858	13:39
Jeffrey4l	sup noVNC	13:42
*** noVNC has quit IRC		13:43
openstackgerrit	Jeffrey Zhang proposed openstack/kolla master: Testing in project jobs definition https://review.openstack.org/508661	13:44
openstackgerrit	Jeffrey Zhang proposed openstack/kolla master: Testing in project jobs definition https://review.openstack.org/508661	13:45
*** goldyfruit has joined #openstack-kolla		13:58
*** hachi has joined #openstack-kolla		14:02
*** hongbin has joined #openstack-kolla		14:08
openstackgerrit	Jeffrey Zhang proposed openstack/kolla-ansible master: Move to zuul v3 in project jobs https://review.openstack.org/508759	14:16
*** nrado1 has quit IRC		14:20
*** jamesbenson has joined #openstack-kolla		14:38
*** jamesbenson has quit IRC		14:43
*** rmart04_ has joined #openstack-kolla		14:46
*** aagate has joined #openstack-kolla		14:48
*** rmart04 has quit IRC		14:49
*** rmart04_ is now known as rmart04		14:49
*** dardelean_ has quit IRC		14:53
jmccarthy	Hmm any magnum/ansible pros here ? :) In relation to proxy settings (have a corporate proxy to deal with) - any idea how to improve this here ? https://review.openstack.org/#/c/379862/1/doc/advanced-configuration.rst	14:54
jmccarthy	What I mean is to optionally set http_proxy, https_proxy, no_proxy from env to pass in as needed some way ?	14:55
jmccarthy	I mean maybe for example, if they are or are not defined in globals.yml some way possibly ?	14:56
*** jamesbenson has joined #openstack-kolla		15:11
*** rmart04 has quit IRC		15:13
openstackgerrit	Jeffrey Zhang proposed openstack/kolla master: Testing in project jobs definition https://review.openstack.org/508661	15:17
*** noVNC has joined #openstack-kolla		15:19
*** rhallisey has quit IRC		15:23
*** rhallisey has joined #openstack-kolla		15:24
*** nrado has joined #openstack-kolla		15:24
*** noVNC has quit IRC		15:24
openstackgerrit	Jeffrey Zhang proposed openstack/kolla-ansible master: Move to zuul v3 in project jobs https://review.openstack.org/508759	15:27
*** pcaruana has quit IRC		15:27
*** dardelean_ has joined #openstack-kolla		15:29
openstackgerrit	Jeffrey Zhang proposed openstack/kolla master: [DNM]Test zuulv3 https://review.openstack.org/508915	15:30
*** dave-mccowan has quit IRC		15:32
*** dave-mcc_ has joined #openstack-kolla		15:32
*** dardelean_ has quit IRC		15:33
*** hachi has quit IRC		15:35
*** Zophar has quit IRC		15:40
*** jistr is now known as jistr\|off\|mtg		15:48
*** jistr\|off\|mtg is now known as jistr		15:49
*** egonzalez has quit IRC		15:54
*** jascott1 has quit IRC		15:58
spsurya	Sydney Community Contributor Awards !!!	15:59
spsurya	https://openstackfoundation.formstack.com/forms/cca_nominations_syd	15:59
spsurya	============================================================	15:59
spsurya	Hello guys	15:59
spsurya	Please spare your two minutes to nominate super active helping from Kolla	16:00
*** jemcevoy has joined #openstack-kolla		16:00
spsurya	I did for few members from Kolla	16:01
spsurya	==========================================================	16:01
openstackgerrit	Marcin Juszkiewicz proposed openstack/kolla master: kolla: do not mention arch specific images in --help https://review.openstack.org/508922	16:02
*** vhosakot has joined #openstack-kolla		16:08
inc0	good morning	16:11
kolla-slack	<britthouser> morning!	16:11
openstackgerrit	Merged openstack/kolla-ansible master: fix wrong keystone_authtoken settings https://review.openstack.org/508220	16:13
hrw	morning inc0	16:13
*** dardelean_ has joined #openstack-kolla		16:24
*** dardelean_ has quit IRC		16:25
*** cocakolla has joined #openstack-kolla		16:31
*** aagate has quit IRC		16:34
inc0	Jeffrey4l: still around? mind if I take over gate changes when you're asleep?	16:36
Jeffrey4l	inc0, sure. please.	16:36
inc0	thanks, get some rest man	16:36
inc0	awesome job, but don't overtax yourself	16:37
inc0	kfox1111: fyi, kolla-ansible and kolla are almost moved to local zuulv3 files	16:39
inc0	https://review.openstack.org/#/c/508759/11	16:39
Jeffrey4l	inc0, thanks.	16:40
kfox1111	inc0: cool.	16:40
kfox1111	I've almost unbroken the kolla-kubernetes gate. :/	16:40
kfox1111	the transition broke a lot of things. :(	16:41
inc0	ahh the chaos	16:41
inc0	ahh the mayhem of new CI platform	16:41
inc0	;)(	16:41
hrw	;)	16:41
kfox1111	it did thinkgs like convert all the jobs to ubuntu single node. :/	16:41
inc0	so no more multinode jobs?	16:41
kfox1111	I had to tag them properly to get them back to multinode.	16:42
inc0	when we'll be done with kolla and kolla-ansible	16:42
kfox1111	still isn't quite working though.	16:42
inc0	I'll help you there	16:42
kfox1111	k. thx.	16:42
*** dave-mcc_ has quit IRC		16:46
*** jascott1 has joined #openstack-kolla		16:52
*** jamesbenson has quit IRC		16:53
inc0	guys I'm going to propose patch removing gates from project-config	16:53
inc0	that means before we're done with moving jobs to local kolla, we're without CI	16:53
inc0	so I think we need code freeze	16:53
inc0	for time being	16:53
kfox1111	why?	16:54
*** jamesbenson has joined #openstack-kolla		16:54
inc0	running double jobs is nightmare	16:54
SamYaple	no gate no merge!	16:54
hrw	inc0: infra gates are broken for now anyway so go for it	16:54
inc0	right, zuulv3 wansn't nice for us	16:55
SamYaple	i just rewrote my gates	16:55
inc0	kfox1111: want me to do the same for k8s or just kolla and ansible	16:55
SamYaple	removed legacy jobs and then wrote new gates	16:55
inc0	SamYaple: we have most of rewrite done	16:55
kfox1111	no. I think I almost got it working.	16:55
inc0	https://review.openstack.org/#/c/508759/11	16:55
inc0	https://review.openstack.org/#/c/508661/	16:56
inc0	SamYaple: ^ if you can review these, would be awesome	16:56
SamYaple	ill rewrite ur face	16:56
inc0	somebody's cranky on Monday	16:57
SamYaple	jeez... a two hour gate?	16:57
inc0	normally it's ~20min	16:57
SamYaple	the patchset has the timeout at 2 hours (5400)	16:58
SamYaple	not a big deal just found it interesting	16:58
SamYaple	yea get the initial gates merged and ill update it with some ansibilized code	16:58
inc0	yeah, sometimes installation of stuff have hickup	16:58
SamYaple	inc0: i told Jeffrey4l the same thing, but feel free to rip off this https://review.openstack.org/#/c/508718/	17:00
SamYaple	esspecially the setup-gate part	17:00
*** dklyle has joined #openstack-kolla		17:00
inc0	thanks, I'll do it as soon as we have functional gates;)	17:01
*** jamesbenson has quit IRC		17:01
jascott1	o/	17:01
*** gkadam has quit IRC		17:01
inc0	I was thinking of just including our site.yaml into run.yaml playbook	17:01
inc0	so isntead of running kolla-ansible deploy, do it from ansible too	17:02
SamYaple	you totally could, but i would take it slow at first	17:02
*** david-lyle has quit IRC		17:02
inc0	oh totally	17:02
*** jamesbenson has joined #openstack-kolla		17:02
*** mdnadeem has quit IRC		17:02
*** cocakolla has quit IRC		17:03
*** dardelean has joined #openstack-kolla		17:07
openstackgerrit	Christian Berendt proposed openstack/kolla-ansible master: Move vmware password parameters to passwords.yml https://review.openstack.org/508422	17:07
*** dardelean_ has joined #openstack-kolla		17:08
*** harlowja has joined #openstack-kolla		17:10
*** dardelean_ has quit IRC		17:12
inc0	aaaand patch is proposed and mail is sent	17:13
inc0	we're in code freeze now folks;)	17:13
inc0	feel free to work on ongoing patches, but don't merge anything until we resolve CI crysis	17:14
*** Croata has joined #openstack-kolla		17:21
openstackgerrit	Michal Jastrzebski (inc0) proposed openstack/kolla master: Moving jobs to kolla repo https://review.openstack.org/508661	17:23
SamYaple	inc0: just fyi zuul is down right now	17:25
SamYaple	they are restarting and patching	17:25
*** dardelean_ has joined #openstack-kolla		17:26
inc0	thanks for heads up	17:26
SamYaple	or it might be back up, but anyway its goign up and down	17:26
inc0	ah the joy, ah the happiness	17:28
SamYaple	this is why i did all my work over the weekend when it was all dead :)	17:28
*** cocakolla has joined #openstack-kolla		17:36
openstackgerrit	Charlie Kang proposed openstack/kolla-ansible master: ovs-dpdkctl.sh function list_dpdk_nics only grabs the first nic https://review.openstack.org/505319	17:38
openstackgerrit	Charlie Kang proposed openstack/kolla-ansible master: ovs-dpdkctl.sh function list_dpdk_nics only grabs the first nic https://review.openstack.org/505319	17:38
*** dardelean_ has quit IRC		17:42
*** shardy has quit IRC		17:52
*** sambetts is now known as sambetts\|afk		17:54
*** lpetrut has quit IRC		17:58
*** dklyle is now known as david-lyle		18:06
*** rmart04 has joined #openstack-kolla		18:09
*** hachi has joined #openstack-kolla		18:10
*** rmart04 has quit IRC		18:13
*** noVNC has joined #openstack-kolla		18:20
*** chas has quit IRC		18:23
*** jbadiapa_ has joined #openstack-kolla		18:23
*** rhallisey has quit IRC		18:23
*** jbadiapa has quit IRC		18:25
*** itlinux has joined #openstack-kolla		18:28
*** unicell has joined #openstack-kolla		18:30
*** noVNC has quit IRC		18:38
*** gfidente has quit IRC		18:39
*** gfidente has joined #openstack-kolla		18:51
*** gfidente has quit IRC		18:51
*** gfidente has joined #openstack-kolla		18:51
*** dave-mccowan has joined #openstack-kolla		18:58
*** lpetrut has joined #openstack-kolla		19:05
*** jmccarthy has left #openstack-kolla		19:25
*** itlinux has quit IRC		19:26
*** devananda has quit IRC		19:28
*** hachi has quit IRC		19:29
*** hachi has joined #openstack-kolla		19:29
*** jascott1 has quit IRC		19:33
*** jascott1 has joined #openstack-kolla		19:34
*** dardelean_ has joined #openstack-kolla		19:42
*** hachi has quit IRC		19:46
*** dardelean_ has quit IRC		19:47
*** hachi has joined #openstack-kolla		19:47
*** noVNC has joined #openstack-kolla		19:55
*** aolwas has joined #openstack-kolla		20:03
*** MrNerdHair has joined #openstack-kolla		20:12
*** dave-mcc_ has joined #openstack-kolla		20:14
*** itlinux has joined #openstack-kolla		20:14
MrNerdHair	Hey, I'd like to deploy OpenStack using Kolla on top of CentOS or Fedora Atomic Host. Can anyone point me in the right direction?	20:15
inc0	MrNerdHair: sure, I'd suggest starting with centos as we have playbooks to prep host for it	20:16
*** dave-mccowan has quit IRC		20:16
*** dave-mcc_ is now known as dave-mccowan		20:17
inc0	a bit unfortunate timing as we're in process of reworking our docs a lot, so now it's a bit chaotic, but let me walk you through	20:17
inc0	1. You want to build your images	20:17
MrNerdHair	Atomic is already providing the Kubernetes cluster I want to deploy on, and I'm having a bit of trouble figuring out how to adapt the kolla-kubernetes bare metal deployment instructions	20:17
inc0	https://docs.openstack.org/kolla/latest/image-building.html	20:17
inc0	well kolla-k8s is different story;)	20:17
MrNerdHair	(can I just use the prebuilt ones from docker hub?)	20:17
inc0	well you still want images so ^ is available	20:18
inc0	I discourage that as they're very old	20:18
inc0	we're building publishing pipeline	20:18
MrNerdHair	ah! was wondering about that b/c the version numbers didn't make a lot of sense	20:18
inc0	so soon dockerhub will have properly refreshed images, but that's in works	20:18
inc0	stick to building for now	20:19
inc0	so, you already have k8s, cool, you'll also need ceph or any other volume provider	20:19
MrNerdHair	lemme back up a bit	20:20
inc0	(also keep in mind that kolla-k8s is pre-1.0, so you might want to reconsider if you plan to use it for prod)	20:20
MrNerdHair	^^ that	20:20
inc0	for production, I'd suggest going for kolla-ansible..	20:20
MrNerdHair	I am (wanting to be) running OS on kolla on kubernetes on atomic on hyper-v.	20:21
inc0	add ".. managing hyper-v underneath" and you'll have perfect loop	20:21
MrNerdHair	I need to generate an artifact that deploys that whole stack automatically.	20:22
MrNerdHair	actually, that's exactly the idea	20:22
inc0	right, then you'll need more than that;) we don't have hyper-v in k8s just yet	20:22
*** jascott1 has quit IRC		20:22
inc0	I know there was some work involved to make hyperv work with kolla-ansible	20:23
MrNerdHair	not quite like that	20:23
*** jascott1 has joined #openstack-kolla		20:23
*** chas has joined #openstack-kolla		20:23
MrNerdHair	hyper-v runs atomic which runs nova which plugs into hyper-v and manages its VMs	20:23
inc0	https://github.com/openstack/kolla-ansible/blob/master/ansible/roles/nova-hyperv/tasks/install.yml	20:23
*** athomas has quit IRC		20:23
MrNerdHair	the atomic instance also runs magnum, which will spin up more atomic VMs as needed for linux containers	20:24
inc0	that's a cool stack	20:24
MrNerdHair	so the k8s never touches hyper-v	20:24
MrNerdHair	only nova and neutron do (and maybe cinder? idk yet)	20:25
inc0	so one issue with kolla-k8s is that we don't have elegant orchestration to deploy	20:25
inc0	but we do have pretty good gating system, so you can disect what happens in gates	20:25
*** jascott1 has quit IRC		20:25
inc0	that will involve a lot of bash-reading	20:25
*** jascott1 has joined #openstack-kolla		20:26
inc0	but it's all bash that was proved over and over to deploy proper kolla-k8s	20:26
MrNerdHair	my os cloud management plane runs on a kubernetes cluster backed by a etcd deployment, so the hope is that I can take another identically-configured machine, join the existing etcd cluster, and it will automagically integrate with the existing k9s and openstack deployments.	20:27
inc0	https://github.com/openstack/kolla-kubernetes/blob/master/tools/setup_gate.sh <- this is what is run in gates	20:28
*** chas has quit IRC		20:28
inc0	yeah we had similar idea with k8s on top of ironic stack	20:28
inc0	I mean ironic deploys bare metal, stuff installs k8s on it and joins into cluster, openstack scales up	20:28
inc0	but that's...well... future	20:29
MrNerdHair	with the end goal of having the whole deployment packed into a binary image, so that you just PXE boot a new node and it brings the whole thing up	20:29
inc0	^and that pxe can be run with ironic;)	20:29
inc0	so we were thinking of hacking around this stack during PTG 2 weeks ago	20:30
MrNerdHair	crucially, though, the deployment procedure for an additional node is identical to the deployment procedure for the first... the only difference is that the new node gets given the X.509 certs to integrate with the existing cluster.	20:30
inc0	but you know..	20:30
inc0	anyway, what you want is 1. registry of kolla images	20:30
MrNerdHair	right, I can make that happen	20:31
inc0	(you can run it on k8s + nodeport for insecure registry)	20:31
inc0	2. helm registry (simple http server)	20:31
inc0	then you just do helm install in correct order with waiting for stuff to finish	20:31
MrNerdHair	ok, seems doable, will bing up tiller at the same time as the k8s cluster	20:31
MrNerdHair	3) ??? 4) profit	20:31
inc0	yeah, you'll need a lot of underpants	20:32
*** gema has quit IRC		20:32
MrNerdHair	it looks like kolla-k8s has a bunch of python and stuff on top of the helm charts?	20:32
inc0	well not really, what it has is a bunch of helm charts	20:33
inc0	python/shell stuff on top of it is just to make building easeir	20:33
inc0	https://github.com/openstack/kolla-kubernetes/blob/master/tools/helm_build_all.sh <- like this	20:34
MrNerdHair	All I need is keystone, glance, neutron, cinder, nova, horizon, barbican, magnum, and manila. I'm hoping I can figure out how to extract the charts for just those. I have no idea if that's practical though.	20:36
inc0	thats most of it really there	20:37
inc0	well, you'll need a driver for cinder too	20:37
inc0	so iscsi if you hate your data or ceph	20:37
MrNerdHair	storage will be provided by hyper-v storage spaces (direct?)	20:37
inc0	ok that works	20:37
inc0	can k8s use this as volume provider too?	20:38
MrNerdHair	the atomic VM will have a block device attached that is backed by storage spaces	20:38
inc0	what I'm sayin is kubectl pv create	20:39
inc0	lots of things (mariadb for example) in k8s is backed with pv	20:39
inc0	in kolla-k8s	20:39
MrNerdHair	hmm... gotta think about that. was planning on most stuff going into manila, but obv. that doesn't work there.	20:40
inc0	well you'll need some storage for database files, all I'm saying	20:41
inc0	and it won't hurt your k8s effort to have trusty volume provider either	20:41
inc0	on bright note, microsoft goes heavy on k8s now	20:41
inc0	so I wouldn't be surprised if k8s could use hyperv storage natively	20:42
MrNerdHair	just for the management plane, though... they shouldn't grow much as the tenant stuff scales?	20:42
inc0	well depends, are you going to give same k8s for tenants as well?	20:42
MrNerdHair	yes, but magnum will handle that	20:43
MrNerdHair	so this cluster will be dedicated to management stuff	20:44
MrNerdHair	I can make iSCSI work... is it really that bad?	20:44
MrNerdHair	(I'm lookign through the k8s PV drivers)	20:45
inc0	well, if iscsi is just iface for netapp or sth, it's fine, but if it's for lvm, you have no replication for your data	20:45
inc0	so if server blows, it takes data with it	20:46
inc0	blows up that is;)	20:46
inc0	also there are some funky stuff with iscsi (or rather tgtd) + containers	20:46
inc0	solved in kolla, but you'd need to keep an eye on it	20:47
inc0	I personally don't know much about that tho, I like ceph too much to bother with iscsi	20:47
MrNerdHair	I can run the MS iSCSI target thing to expose the storage spaces magical cluster shared volume stuff, that would probably fix it	20:47
inc0	probably, yeah	20:47
inc0	dunno what happens when tgtd dies, but well	20:48
MrNerdHair	hmm... just had a thought. ceph is great if you don't run windows, but all my managment plane stuff isn't going to be running windows, it's going to be in atomic.	20:48
MrNerdHair	gonna have to mull on that for a while.	20:49
inc0	there are ways to deploy ceph on top of k8s, but I don't know them too well	20:50
inc0	https://rook.io/ stuff like this (although this one is kinda scary as it wraps ceph native code into golang)	20:50
inc0	I personally deploy my cephs with kolla-ansible	20:50
inc0	or ceph-deploy	20:51
inc0	anyway, ceph likes k8s and vice versa, so you can back your k8s and cinder (if you want) with it	20:51
inc0	anywya, so assuming you have k8s with pv driver	20:52
inc0	go through kolla-k8s docs	20:52
*** gfidente has quit IRC		20:52
inc0	https://docs.openstack.org/kolla-kubernetes/latest/deployment-guide.html#step-3-deploying-kolla-kubernetes	20:53
inc0	and if you run into problems, try digging through gate code	20:53
MrNerdHair	I follow all that stuff until you have to start pip installing things	20:53
inc0	on your deploy node tho	20:54
inc0	you don't need to pip install stuff on nodes with k8s	20:54
MrNerdHair	on atomic I don't have access to python natively, so I'd have to put all this in a container that acts as the deploy node.	20:54
inc0	yeah that works	20:54
MrNerdHair	so I'm guessing it all uses kubectl and if that's hooked up right it will configure on the right cluster?	20:55
inc0	kubectl and helm, yeah	20:56
MrNerdHair	so what about the stuff about editing /etc/kolla/whatever? are those files on the deploy container or the cluster node or what?	20:57
inc0	deploy container	20:57
inc0	all that is in deploy container	20:57
MrNerdHair	so what do the network and neutron interface settigns even mean in that context?	20:57
inc0	well, based on that kolla-k8s will create configmaps	20:58
*** chas has joined #openstack-kolla		20:58
inc0	which will be what matters	20:58
inc0	although docs with /etc/kolla stuff might be out of date	20:59
inc0	yup, it is	20:59
MrNerdHair	what machine are those the interface names for? the atomic host itself? and if so, what if the names are different when I bring up another atomic node and make it multimaster?	20:59
inc0	it's host machines, yes, neutron needs that for net-host stuff	20:59
inc0	kfox1111: ^ good question, how to tell init-container name of iface for different node?	21:00
MrNerdHair	a wrinkle here is that centos atomic uses "predicatable network interface names", which are not predictable for cloud VMs.	21:00
*** dave-mccowan has quit IRC		21:01
inc0	https://github.com/openstack/kolla-kubernetes/blob/3765d05f6d5edcf950469a776b157d7f4d161899/tests/bin/setup_config_iscsi.sh#L27 <- you want this line instead of kolla-ansible gencontif	21:01
inc0	genconfig	21:01
MrNerdHair	I already had to fight cloud-init about that, because you can't fix that without changing the kernel arguments -_-	21:01
kolla-slack	<kfox1111> The iface name is in the config file. The in it container find the ip associated with it.	21:01
*** cocakolla has quit IRC		21:02
inc0	yeah, but can we specify iface name per node?	21:02
inc0	node1 - eth0, node2-ens3	21:02
*** cocakolla has joined #openstack-kolla		21:02
*** cocakolla has quit IRC		21:03
kolla-slack	<kfox1111> Per node? Should be that different. But, I think there is an override file on the host that y oh can put the interface in.	21:03
*** cocakolla has joined #openstack-kolla		21:03
*** cocakolla has quit IRC		21:03
*** hachi has quit IRC		21:04
*** cocakolla has joined #openstack-kolla		21:04
*** cocakolla has quit IRC		21:04
*** cocakolla has joined #openstack-kolla		21:05
*** cocakolla has quit IRC		21:05
MrNerdHair	going through these instructions, it seems like most of this procedure is just building a set of helm charts and then running a bunch of helm installs. That's exactly what i'd like it to be, but I'm not certain that nothing else in the procedure touches the actual k8s cluster.	21:05
*** cocakolla has joined #openstack-kolla		21:06
*** cocakolla has quit IRC		21:06
MrNerdHair	except maybe the kolla-ansible/tools/init-runonce bit? not entirely sure where the optional bits about cinder and lvm stop.	21:06
*** cocakolla has joined #openstack-kolla		21:06
*** cocakolla has quit IRC		21:07
*** dciabrin has quit IRC		21:07
*** cocakolla has joined #openstack-kolla		21:07
*** cocakolla has quit IRC		21:07
*** serlex has quit IRC		21:08
inc0	init-runonce shouldn't matter	21:08
MrNerdHair	phew	21:08
inc0	it';s just to create things like network or router	21:08
*** cocakolla has joined #openstack-kolla		21:08
*** cocakolla has quit IRC		21:08
inc0	it'll run neutron net-create for ya;)	21:08
inc0	to bootstrap somethign	21:08
MrNerdHair	you can do that in horizon yourself though, right?	21:09
*** cocakolla has joined #openstack-kolla		21:09
*** cocakolla has joined #openstack-kolla		21:10
*** cocakolla has quit IRC		21:10
inc0	sure	21:10
*** cocakolla has joined #openstack-kolla		21:10
MrNerdHair	I'm hoping I can create a container that produces a set of helm charts as an artifact, and then another "deployment" container that just runs those helm charts. I can put the first container in my CI system and the second can be wrapped up into an OCI image and become part of my deployment package.	21:11
*** cocakolla has quit IRC		21:11
inc0	that'd work	21:11
*** cocakolla has joined #openstack-kolla		21:11
MrNerdHair	it wouldn't actually have any kolla-k8s stuff in it, just the kolla images, helm charts, and a script with a set of helm-install commands.	21:11
*** cocakolla has quit IRC		21:11
inc0	well...that is kolla-k8s really;)	21:12
*** cocakolla has joined #openstack-kolla		21:12
inc0	you'll also need something to create config files for nova and whatnot	21:12
*** cocakolla has quit IRC		21:12
inc0	https://github.com/openstack/kolla-kubernetes/blob/3765d05f6d5edcf950469a776b157d7f4d161899/tests/bin/setup_config_iscsi.sh#L27 run this command and then run kolla-kubernetes res create configmap on them	21:12
*** cocakolla has joined #openstack-kolla		21:13
inc0	https://github.com/openstack/kolla-kubernetes/blob/b195d41cf9b503e804041e3579144437e4c34654/tools/setup_dev_env.sh#L156	21:13
*** cocakolla has quit IRC		21:13
*** aagate has joined #openstack-kolla		21:13
inc0	which really is glorified kubectl create configmap --from-file blah	21:13
MrNerdHair	ok, so to recap: hyper-v installs with an unattend.xml that launches a powershell script. PS script copies down the centos atomic image and a cloud-init ISO, and starts it as a VM. cloud-init sets up networking, and the run_cmd section brings up etcd using dns-sd (via a container that runs an avahi-to-dnsmasq proxy).	21:15
MrNerdHair	then it starts flanneld, kubelet, kube-apiserver, kube-controller-master, kube-scheduler, and kube-proxy.	21:15
MrNerdHair	then it checks to see if it's a new cluster, and if it is, it launches the prepackaged OCI container with the kolla-k8s artifacts in it.	21:16
MrNerdHair	that brings up the openstack cluster, and the hyper-v nova, neutron, and cinder drivers find it via DNS or something maybe.	21:18
MrNerdHair	and then I can run TripleO on all that just to piss people off.	21:19
inc0	:D	21:19
inc0	so one thing there is different configuration per node (iface names?)	21:19
inc0	so you need to figure that one out	21:20
inc0	other than that, looks good	21:20
MrNerdHair	(of course, tripleO will be brought up using kolla-k8s on top of magnum, for good measure.)	21:20
inc0	I'd also love to see this container sometime	21:20
MrNerdHair	The whole reason I'm doing this is that I trust Hyper-V's software TPMs.	21:20
MrNerdHair	(at least when you seal the HGS keys to the right PCRs.)	21:21
inc0	https://wiki.qemu.org/Features/TPM	21:22
inc0	just sayin'	21:22
inc0	anyway, I don't know much about it	21:23
inc0	or anything really	21:23
MrNerdHair	yeah, but hyper-v is actually super tiny, like under a meg. it's really the only bare metal hypervisor there is. the "management OS" is just another VM, and it can be restricted easily.	21:23
MrNerdHair	the attack surface for a kvm or esxi solution is much bigger, and once you break out of the VM you own the platform.	21:24
MrNerdHair	in hyper-v, say you exploit a virtual driver vulnerability. well, the virtual drivers are all run on the managment OS... the actual hypervisor just shuttles data around.	21:25
MrNerdHair	so a compromise gets you code execution in an environment that can't read anything important.	21:26
MrNerdHair	the vTPMs are tiny VMs too, with all the protections that affords, which is why I trust them more than any other platform's VM TPM solution.	21:27
MrNerdHair	(also Hyper-V server is free)	21:27
inc0	again, I'm ignorant, but thanks, good learning	21:27
MrNerdHair	np. I like to contribute back too!	21:28
MrNerdHair	thanks for your help	21:28
inc0	no problem, feel free to ask if you run into hurdles	21:28
MrNerdHair	I'll probably whack at this more tomorrow. I'll maybe pop back on then	21:29
kolla-slack	<britthouser> Does Hyper-V has SELinux?	21:30
MrNerdHair	it's windows, so no :P	21:31
MrNerdHair	you can run an SELinux shielded VM, though	21:32
MrNerdHair	that prevents the managment OS from accessing the VM's memory or TPM data	21:33
*** rhallisey has joined #openstack-kolla		21:33
*** jascott1 has quit IRC		21:33
*** jascott1 has joined #openstack-kolla		21:33
MrNerdHair	so at that point, you're a peer of the windows part of the system, and you get all the same security guarantees you might expect on a normal setup	21:34
*** jascott1 has quit IRC		21:35
*** itlinux has quit IRC		21:36
MrNerdHair	Oh, yeah, the hyper-v hypervisor can enforce code integrity policies on the management OS kernel too :)	21:36
MrNerdHair	that means you can create a signed list of all the hashes of any page of code that gets to be marked executable on the whole system, and not even a kernel compromise can change that	21:37
*** itlinux has joined #openstack-kolla		21:37
*** jascott1 has joined #openstack-kolla		21:40
*** rhallisey has quit IRC		21:42
*** lucasxu has quit IRC		21:47
*** Croata has quit IRC		21:49
*** lpetrut has quit IRC		21:50
*** jascott1 has quit IRC		21:50
*** jascott1 has joined #openstack-kolla		21:51
*** jascott1 has quit IRC		21:53
*** jamesbenson has quit IRC		21:55
*** itlinux has quit IRC		21:56
*** jascott1 has joined #openstack-kolla		21:57
*** jascott1 has quit IRC		22:02
*** jascott1 has joined #openstack-kolla		22:02
*** jascott1 has quit IRC		22:06
openstackgerrit	chao liu proposed openstack/kolla-ansible master: Add notes on docker version in quickstart and multinode guide https://review.openstack.org/508790	22:10
*** chas has quit IRC		22:16
*** chas has joined #openstack-kolla		22:18
*** jascott1 has joined #openstack-kolla		22:20
*** jascott1 has quit IRC		22:22
*** chas has quit IRC		22:24
honza	I'm getting errors when building centos+source, it's complaining about missing "scsi-target-utils". Ideas?	22:35
honza	It works fine in binary though which is weird.	22:37
*** jascott1 has joined #openstack-kolla		22:38
jascott1	sbezverk ping	22:39
honza	Looks like "scsi-target-utils" was removed in epel 7?	22:40
*** fuegoel has joined #openstack-kolla		22:42
*** nrado has quit IRC		22:45
*** noVNC has quit IRC		22:48
*** MrNerdHair has quit IRC		22:54
*** dardelean_ has joined #openstack-kolla		23:00
*** dardelean has quit IRC		23:01
*** mrunge_ has joined #openstack-kolla		23:05
*** mrunge has quit IRC		23:07
openstackgerrit	Kevin Fox proposed openstack/kolla-kubernetes master: Fixes for Kubernetes 1.8 https://review.openstack.org/508682	23:22
*** hongbin has quit IRC		23:30
*** jamesbenson has joined #openstack-kolla		23:33
*** jamesbenson has quit IRC		23:37
*** dardelean_ has quit IRC		23:46
*** goldyfruit has quit IRC		23:49

Generated by irclog2html.py 2.15.3 by Marius Gedminas - find it at mg.pov.lt!