Saturday, 2020-02-15

*** oyrogerg has quit IRC00:05
*** vedup19 has quit IRC00:25
*** spiette has quit IRC00:35
*** spiette has joined #openstack-kolla00:39
*** goldyfruit_ has joined #openstack-kolla00:54
*** noxoid_ has joined #openstack-kolla00:54
*** vesper has joined #openstack-kolla00:56
*** spiette_ has joined #openstack-kolla00:56
*** xinliang has quit IRC00:59
*** goldyfruit has quit IRC00:59
*** noxoid has quit IRC00:59
*** vesper11 has quit IRC01:00
*** spiette has quit IRC01:00
*** imcsk8 has quit IRC01:00
*** lklimin has quit IRC01:48
*** dking_desktop has quit IRC03:18
openstackgerritChason Chan proposed openstack/kolla-ansible master: [Docs] Pin kolla-anisble to the same version of quickstart guide  https://review.opendev.org/70789603:48
openstackgerritChason Chan proposed openstack/kolla-ansible master: [Docs] Pin kolla-anisble to the same version of quickstart guide  https://review.opendev.org/70789603:53
iniaziIs there a write up somewhere on how to manage certificates with kolla-ansible (i.e. letsencrypt etc.).  i.e. what do i have to configure and what locations to put the certs in so haproxy can get htem04:07
iniazii'm still working on a deployment so I'm not sure where they'd go. i guess we can inject them into docker volume and haproxy can pick it up from ther?  does haproxy automatically reload or does it need to be restarted?  etc.04:08
iniaziin advanced config docs, it talks about setting kolla_external_fqdn_cert and kolla_internal_fqdn_cert, but how do I put in renewed certs etc.04:10
iniaziActually let me clarify.  if I update the cert in the config dir (on the deployment host, I imagine) and would i just run kolla-ansible?  i.e. if i setup acme script to renew certs and update the relevant /etc/kolla/* config dir, etc.05:27
iniazierr. I mean would I run kolla-ansible reconfigure?05:27
*** Tony31 has joined #openstack-kolla05:29
Tony31I would like to try out swift storage. When I run `kayobe reconfigure` the ring files are removed and then later on in the reconfig deployment, it throws an error that the ring files are not present. If I keep checking the directory, I can copy the ring files back after reconfigure removes them and this error does not appear.05:31
Tony31hy the ring files are being removed during the deployment.05:31
Tony31*Why are the ring files being removed during deployment?05:31
*** evrardjp has quit IRC05:34
*** evrardjp has joined #openstack-kolla05:34
*** negronjl has quit IRC06:05
*** negronjl has joined #openstack-kolla06:07
*** sean-k-mooney has quit IRC06:14
openstackgerritYongjun Bai proposed openstack/kolla-ansible master: Add support for encrypting nova/heat api  https://review.opendev.org/70713106:38
openstackgerritYongjun Bai proposed openstack/kolla-ansible master: Add support for encrypting nova/heat api  https://review.opendev.org/70713106:44
Tony31when I run `kayobe overcloud swift rings generate` it errors at `TASK [swift-rings : Ensure Swift ring builder configuration exists]`07:28
Tony31https://pastebin.com/Ax9RGRzH07:29
Tony31is this a kayobe bug do you think?07:30
Tony31not a bug - I had bad format of the swift devices :)07:41
Tony31deployment fails now with `Template source files must be utf-8 encoded"}`08:02
*** Wellie has quit IRC08:03
openstackgerritMark Goddard proposed openstack/kayobe master: WIP: CentOS 8  https://review.opendev.org/70769008:58
openstackgerritMark Goddard proposed openstack/kayobe master: WIP: CentOS 8  https://review.opendev.org/70769008:59
*** pbing19 has joined #openstack-kolla09:34
yoctozeptohrw: thanks, have fun09:48
*** sorin-mihai has joined #openstack-kolla09:49
Tony31mgoddard any idea why I'd get `Template source files must be utf-8 encoded"}` when trying to deploy swift and using `kayobe overcloud swift rings generate` ?10:00
yoctozeptoTony31: which task?10:05
yoctozeptoiniazi: yeah, this is pretty much what is required to be done10:07
yoctozeptothere is not auto reload10:07
*** pbing19 has quit IRC10:21
openstackgerritRadosław Piliszek proposed openstack/kolla-ansible master: Fix RabbitMQ hostname address resolution precheck  https://review.opendev.org/70789210:24
Tony31yoctozepto `venvs\kayobe\share\kayobe\ansible\roleskolla-openstack\tasks\config.yml`10:28
Tony31`venvs\kayobe\share\kayobe\ansible\roles\kolla-openstack\tasks\config.yml`10:29
yoctozeptoTony31 you running this from windows? ;o10:31
Tony31The error output led me to believe that the generated files with `kayobe overcloud swift rings generate` are not in utf-8 format. I tried to check on this but I dont fully understand. When I `cat` the `account.builder` generated files it does not print to the terminal very well and shows chars like `array10:31
Tony31K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K`10:31
Tony31no it's centos 710:31
yoctozeptoTony31 uff, I thought windows from that path separator10:32
yoctozepto\10:32
Tony31I had to type it manually 🤣10:32
yoctozeptololz10:33
Tony31yoctozepto should I be able to cat the file and see readable contents?10:34
yoctozeptoabout the ring files - they are binary10:34
Tony31ah ok10:34
yoctozeptono, and never run cat on unknown files in general10:34
yoctozeptoit can break the terminal10:34
yoctozeptoalways use at least less10:34
Tony31thanks for the tip :)10:34
Tony31could you suggest any reasons for the playbook fail with the error about "not utf-8" ? https://pastebin.com/LpJu9uf910:37
Tony31Actually, this error is different now. I've pasted it into notepad I can see the error text is different to before.10:39
Tony31I need to fix the red text error on blue, can't read it at all unless I copy and paste it out of terminal 🙈10:39
Tony31.. no it is indeed same error further down `"msg": "Template source files must be utf-8 encoded"}`10:41
yoctozeptoTony31: no wonder it breaks as it tries to template out these binary files10:41
yoctozeptoclearly a kayobe bug10:41
*** ricolin has quit IRC10:43
Tony31I am not quite sure what is going on here. I tried to search the docs t oget more insight but I couldnt figure it out. Thanks for looking for me10:43
yoctozeptoTony31: https://storyboard.openstack.org/#!/story/2007297 I reported it there10:44
Tony31thanks 👍🏻10:46
openstackgerritMark Goddard proposed openstack/kayobe master: Switch from shade to openstacksdk  https://review.opendev.org/70768910:48
openstackgerritMark Goddard proposed openstack/kayobe master: WIP: CentOS 8  https://review.opendev.org/70769010:48
*** pbing19 has joined #openstack-kolla11:08
*** zhanglong has joined #openstack-kolla11:24
*** sean-k-mooney has joined #openstack-kolla11:38
*** zhanglong has quit IRC12:00
*** zhanglong has joined #openstack-kolla12:01
openstackgerritRadosław Piliszek proposed openstack/kolla-ansible master: Fix RabbitMQ hostname address resolution precheck  https://review.opendev.org/70789212:03
*** zhanglong has quit IRC12:14
*** zhanglong has joined #openstack-kolla12:19
*** zhanglong has quit IRC12:28
*** zhanglong has joined #openstack-kolla12:39
*** zhanglong has quit IRC13:45
cosmicsoundGood day15:14
cosmicsoundAnyone has idea why Kolla mixes the TLS and it does not take the directive from globals.ym;l16:08
*** Tengu has quit IRC16:10
*** Tengu has joined #openstack-kolla16:12
yoctozeptomixes how?16:15
cosmicsoundWell I explictily setup only external TLS16:30
cosmicsoundAnd i added my .pem cert in kolla/certificates/16:30
cosmicsoundWhen I redeployed I get a self signed SSL on Internal VIP Floating ip 172.x.x.10 and the site runs on https://cloud.uhlhost.net16:31
cosmicsoundThus giving me a  https://mdb.uhlhost.net/uploads/0bcd249a290673cd/image.png16:31
cosmicsoundLocal SSL self generated instead of the TLS global config defined in globals.yml16:32
cosmicsoundkolla_enable_tls_external: "yes"16:32
cosmicsoundkolla_external_fqdn_cert: "{{ node_config }}/certificates/cloud_uhlhost_net.pem"16:32
cosmicsoundI did not setup kolla_internal_fqdn_cert16:33
cosmicsoundhttps://mdb.uhlhost.net/uploads/3000ef9b35494803/image.png16:33
yoctozeptoodd, it certainly works for me16:33
cosmicsoundI am wondering what I miss16:33
cosmicsoundMaybe some changes in past versions?16:33
yoctozeptowhich release?16:34
cosmicsoundTrain her16:34
yoctozeptosame here16:34
cosmicsoundNot sure if my network is not doing this16:35
cosmicsoundIl try a redeploy16:35
cosmicsoundAnd maybe to remove the self signed serts16:35
cosmicsoundcerts*16:35
cosmicsoundIl rerun deplopy containers16:37
cosmicsoundand a new deploy will see maybe it helps.16:37
cosmicsoundI guess later we could look at my globals.yml file it starts to get heavier16:38
cosmicsoundWould be great to get some hints on what approach to use to properly grasp the network from my providers side16:38
cosmicsoundBecause I have network like eno1 ipv4 MAIN provider LAN, and eno2 Management LAN where VLANS and all Vrack ips are configured.16:40
cosmicsoundI just wish to make a best scenario and use ENO1 where is possible. So I made eno1 as a DNS / FQDN16:40
cosmicsoundSince these are static and do not change.16:41
openstackgerritMark Goddard proposed openstack/kayobe master: WIP: CentOS 8  https://review.opendev.org/70769016:45
*** pbing19 has quit IRC16:57
*** dave-mccowan has joined #openstack-kolla17:24
*** factor has quit IRC17:27
Tony31I just installed TLS on on mine but I use kayobe Train. I have in kolla globals: `kolla_enable_tls_external: True` `kolla_external_fqdn_cacert: "/etc/kolla/config/certificates/cacert.pem"` And I have both internal API VIP and external API VIP set.17:30
Tony31I mean "set" as in the IP configured. TLS is only configured for external VIP at the moment.17:30
*** dave-mccowan has quit IRC17:34
*** evrardjp has quit IRC17:34
*** evrardjp has joined #openstack-kolla17:34
*** pbing19 has joined #openstack-kolla17:51
*** dking_desktop has joined #openstack-kolla18:14
*** pbing19 has quit IRC18:48
*** Tengu has quit IRC18:57
*** negronjl has quit IRC19:02
*** negronjl has joined #openstack-kolla19:03
*** pbing19 has joined #openstack-kolla19:12
*** Tengu has joined #openstack-kolla19:18
*** pbing19 has quit IRC19:37
*** pbing19 has joined #openstack-kolla19:37
*** igordc has joined #openstack-kolla19:46
*** igordc has quit IRC20:20
*** vedup19 has joined #openstack-kolla20:26
*** pbing19 has quit IRC20:29
*** Tengu has quit IRC20:42
*** Tengu has joined #openstack-kolla20:43
yoctozepto^21:07
iniaziyoctozepto, thanks.  I need to figure out the ceph volumes to create (going to do a erasure coding but separating the metadata with the normal data technique)21:09
iniaziI mean after I do the ceph stuff, I should be ready to deploy.  hopefully...21:10
*** vedup19 has quit IRC21:52
*** sorin-mihai has quit IRC23:54
*** tumble has quit IRC23:54
*** sorin-mihai has joined #openstack-kolla23:55

Generated by irclog2html.py 2.15.3 by Marius Gedminas - find it at mg.pov.lt!