*** oyrogerg has quit IRC | 00:05 | |
*** vedup19 has quit IRC | 00:25 | |
*** spiette has quit IRC | 00:35 | |
*** spiette has joined #openstack-kolla | 00:39 | |
*** goldyfruit_ has joined #openstack-kolla | 00:54 | |
*** noxoid_ has joined #openstack-kolla | 00:54 | |
*** vesper has joined #openstack-kolla | 00:56 | |
*** spiette_ has joined #openstack-kolla | 00:56 | |
*** xinliang has quit IRC | 00:59 | |
*** goldyfruit has quit IRC | 00:59 | |
*** noxoid has quit IRC | 00:59 | |
*** vesper11 has quit IRC | 01:00 | |
*** spiette has quit IRC | 01:00 | |
*** imcsk8 has quit IRC | 01:00 | |
*** lklimin has quit IRC | 01:48 | |
*** dking_desktop has quit IRC | 03:18 | |
openstackgerrit | Chason Chan proposed openstack/kolla-ansible master: [Docs] Pin kolla-anisble to the same version of quickstart guide https://review.opendev.org/707896 | 03:48 |
---|---|---|
openstackgerrit | Chason Chan proposed openstack/kolla-ansible master: [Docs] Pin kolla-anisble to the same version of quickstart guide https://review.opendev.org/707896 | 03:53 |
iniazi | Is there a write up somewhere on how to manage certificates with kolla-ansible (i.e. letsencrypt etc.). i.e. what do i have to configure and what locations to put the certs in so haproxy can get htem | 04:07 |
iniazi | i'm still working on a deployment so I'm not sure where they'd go. i guess we can inject them into docker volume and haproxy can pick it up from ther? does haproxy automatically reload or does it need to be restarted? etc. | 04:08 |
iniazi | in advanced config docs, it talks about setting kolla_external_fqdn_cert and kolla_internal_fqdn_cert, but how do I put in renewed certs etc. | 04:10 |
iniazi | Actually let me clarify. if I update the cert in the config dir (on the deployment host, I imagine) and would i just run kolla-ansible? i.e. if i setup acme script to renew certs and update the relevant /etc/kolla/* config dir, etc. | 05:27 |
iniazi | err. I mean would I run kolla-ansible reconfigure? | 05:27 |
*** Tony31 has joined #openstack-kolla | 05:29 | |
Tony31 | I would like to try out swift storage. When I run `kayobe reconfigure` the ring files are removed and then later on in the reconfig deployment, it throws an error that the ring files are not present. If I keep checking the directory, I can copy the ring files back after reconfigure removes them and this error does not appear. | 05:31 |
Tony31 | hy the ring files are being removed during the deployment. | 05:31 |
Tony31 | *Why are the ring files being removed during deployment? | 05:31 |
*** evrardjp has quit IRC | 05:34 | |
*** evrardjp has joined #openstack-kolla | 05:34 | |
*** negronjl has quit IRC | 06:05 | |
*** negronjl has joined #openstack-kolla | 06:07 | |
*** sean-k-mooney has quit IRC | 06:14 | |
openstackgerrit | Yongjun Bai proposed openstack/kolla-ansible master: Add support for encrypting nova/heat api https://review.opendev.org/707131 | 06:38 |
openstackgerrit | Yongjun Bai proposed openstack/kolla-ansible master: Add support for encrypting nova/heat api https://review.opendev.org/707131 | 06:44 |
Tony31 | when I run `kayobe overcloud swift rings generate` it errors at `TASK [swift-rings : Ensure Swift ring builder configuration exists]` | 07:28 |
Tony31 | https://pastebin.com/Ax9RGRzH | 07:29 |
Tony31 | is this a kayobe bug do you think? | 07:30 |
Tony31 | not a bug - I had bad format of the swift devices :) | 07:41 |
Tony31 | deployment fails now with `Template source files must be utf-8 encoded"}` | 08:02 |
*** Wellie has quit IRC | 08:03 | |
openstackgerrit | Mark Goddard proposed openstack/kayobe master: WIP: CentOS 8 https://review.opendev.org/707690 | 08:58 |
openstackgerrit | Mark Goddard proposed openstack/kayobe master: WIP: CentOS 8 https://review.opendev.org/707690 | 08:59 |
*** pbing19 has joined #openstack-kolla | 09:34 | |
yoctozepto | hrw: thanks, have fun | 09:48 |
*** sorin-mihai has joined #openstack-kolla | 09:49 | |
Tony31 | mgoddard any idea why I'd get `Template source files must be utf-8 encoded"}` when trying to deploy swift and using `kayobe overcloud swift rings generate` ? | 10:00 |
yoctozepto | Tony31: which task? | 10:05 |
yoctozepto | iniazi: yeah, this is pretty much what is required to be done | 10:07 |
yoctozepto | there is not auto reload | 10:07 |
*** pbing19 has quit IRC | 10:21 | |
openstackgerrit | Radosław Piliszek proposed openstack/kolla-ansible master: Fix RabbitMQ hostname address resolution precheck https://review.opendev.org/707892 | 10:24 |
Tony31 | yoctozepto `venvs\kayobe\share\kayobe\ansible\roleskolla-openstack\tasks\config.yml` | 10:28 |
Tony31 | `venvs\kayobe\share\kayobe\ansible\roles\kolla-openstack\tasks\config.yml` | 10:29 |
yoctozepto | Tony31 you running this from windows? ;o | 10:31 |
Tony31 | The error output led me to believe that the generated files with `kayobe overcloud swift rings generate` are not in utf-8 format. I tried to check on this but I dont fully understand. When I `cat` the `account.builder` generated files it does not print to the terminal very well and shows chars like `array | 10:31 |
Tony31 | K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K K` | 10:31 |
Tony31 | no it's centos 7 | 10:31 |
yoctozepto | Tony31 uff, I thought windows from that path separator | 10:32 |
yoctozepto | \ | 10:32 |
Tony31 | I had to type it manually 🤣 | 10:32 |
yoctozepto | lolz | 10:33 |
Tony31 | yoctozepto should I be able to cat the file and see readable contents? | 10:34 |
yoctozepto | about the ring files - they are binary | 10:34 |
Tony31 | ah ok | 10:34 |
yoctozepto | no, and never run cat on unknown files in general | 10:34 |
yoctozepto | it can break the terminal | 10:34 |
yoctozepto | always use at least less | 10:34 |
Tony31 | thanks for the tip :) | 10:34 |
Tony31 | could you suggest any reasons for the playbook fail with the error about "not utf-8" ? https://pastebin.com/LpJu9uf9 | 10:37 |
Tony31 | Actually, this error is different now. I've pasted it into notepad I can see the error text is different to before. | 10:39 |
Tony31 | I need to fix the red text error on blue, can't read it at all unless I copy and paste it out of terminal 🙈 | 10:39 |
Tony31 | .. no it is indeed same error further down `"msg": "Template source files must be utf-8 encoded"}` | 10:41 |
yoctozepto | Tony31: no wonder it breaks as it tries to template out these binary files | 10:41 |
yoctozepto | clearly a kayobe bug | 10:41 |
*** ricolin has quit IRC | 10:43 | |
Tony31 | I am not quite sure what is going on here. I tried to search the docs t oget more insight but I couldnt figure it out. Thanks for looking for me | 10:43 |
yoctozepto | Tony31: https://storyboard.openstack.org/#!/story/2007297 I reported it there | 10:44 |
Tony31 | thanks 👍🏻 | 10:46 |
openstackgerrit | Mark Goddard proposed openstack/kayobe master: Switch from shade to openstacksdk https://review.opendev.org/707689 | 10:48 |
openstackgerrit | Mark Goddard proposed openstack/kayobe master: WIP: CentOS 8 https://review.opendev.org/707690 | 10:48 |
*** pbing19 has joined #openstack-kolla | 11:08 | |
*** zhanglong has joined #openstack-kolla | 11:24 | |
*** sean-k-mooney has joined #openstack-kolla | 11:38 | |
*** zhanglong has quit IRC | 12:00 | |
*** zhanglong has joined #openstack-kolla | 12:01 | |
openstackgerrit | Radosław Piliszek proposed openstack/kolla-ansible master: Fix RabbitMQ hostname address resolution precheck https://review.opendev.org/707892 | 12:03 |
*** zhanglong has quit IRC | 12:14 | |
*** zhanglong has joined #openstack-kolla | 12:19 | |
*** zhanglong has quit IRC | 12:28 | |
*** zhanglong has joined #openstack-kolla | 12:39 | |
*** zhanglong has quit IRC | 13:45 | |
cosmicsound | Good day | 15:14 |
cosmicsound | Anyone has idea why Kolla mixes the TLS and it does not take the directive from globals.ym;l | 16:08 |
*** Tengu has quit IRC | 16:10 | |
*** Tengu has joined #openstack-kolla | 16:12 | |
yoctozepto | mixes how? | 16:15 |
cosmicsound | Well I explictily setup only external TLS | 16:30 |
cosmicsound | And i added my .pem cert in kolla/certificates/ | 16:30 |
cosmicsound | When I redeployed I get a self signed SSL on Internal VIP Floating ip 172.x.x.10 and the site runs on https://cloud.uhlhost.net | 16:31 |
cosmicsound | Thus giving me a https://mdb.uhlhost.net/uploads/0bcd249a290673cd/image.png | 16:31 |
cosmicsound | Local SSL self generated instead of the TLS global config defined in globals.yml | 16:32 |
cosmicsound | kolla_enable_tls_external: "yes" | 16:32 |
cosmicsound | kolla_external_fqdn_cert: "{{ node_config }}/certificates/cloud_uhlhost_net.pem" | 16:32 |
cosmicsound | I did not setup kolla_internal_fqdn_cert | 16:33 |
cosmicsound | https://mdb.uhlhost.net/uploads/3000ef9b35494803/image.png | 16:33 |
yoctozepto | odd, it certainly works for me | 16:33 |
cosmicsound | I am wondering what I miss | 16:33 |
cosmicsound | Maybe some changes in past versions? | 16:33 |
yoctozepto | which release? | 16:34 |
cosmicsound | Train her | 16:34 |
yoctozepto | same here | 16:34 |
cosmicsound | Not sure if my network is not doing this | 16:35 |
cosmicsound | Il try a redeploy | 16:35 |
cosmicsound | And maybe to remove the self signed serts | 16:35 |
cosmicsound | certs* | 16:35 |
cosmicsound | Il rerun deplopy containers | 16:37 |
cosmicsound | and a new deploy will see maybe it helps. | 16:37 |
cosmicsound | I guess later we could look at my globals.yml file it starts to get heavier | 16:38 |
cosmicsound | Would be great to get some hints on what approach to use to properly grasp the network from my providers side | 16:38 |
cosmicsound | Because I have network like eno1 ipv4 MAIN provider LAN, and eno2 Management LAN where VLANS and all Vrack ips are configured. | 16:40 |
cosmicsound | I just wish to make a best scenario and use ENO1 where is possible. So I made eno1 as a DNS / FQDN | 16:40 |
cosmicsound | Since these are static and do not change. | 16:41 |
openstackgerrit | Mark Goddard proposed openstack/kayobe master: WIP: CentOS 8 https://review.opendev.org/707690 | 16:45 |
*** pbing19 has quit IRC | 16:57 | |
*** dave-mccowan has joined #openstack-kolla | 17:24 | |
*** factor has quit IRC | 17:27 | |
Tony31 | I just installed TLS on on mine but I use kayobe Train. I have in kolla globals: `kolla_enable_tls_external: True` `kolla_external_fqdn_cacert: "/etc/kolla/config/certificates/cacert.pem"` And I have both internal API VIP and external API VIP set. | 17:30 |
Tony31 | I mean "set" as in the IP configured. TLS is only configured for external VIP at the moment. | 17:30 |
*** dave-mccowan has quit IRC | 17:34 | |
*** evrardjp has quit IRC | 17:34 | |
*** evrardjp has joined #openstack-kolla | 17:34 | |
*** pbing19 has joined #openstack-kolla | 17:51 | |
*** dking_desktop has joined #openstack-kolla | 18:14 | |
*** pbing19 has quit IRC | 18:48 | |
*** Tengu has quit IRC | 18:57 | |
*** negronjl has quit IRC | 19:02 | |
*** negronjl has joined #openstack-kolla | 19:03 | |
*** pbing19 has joined #openstack-kolla | 19:12 | |
*** Tengu has joined #openstack-kolla | 19:18 | |
*** pbing19 has quit IRC | 19:37 | |
*** pbing19 has joined #openstack-kolla | 19:37 | |
*** igordc has joined #openstack-kolla | 19:46 | |
*** igordc has quit IRC | 20:20 | |
*** vedup19 has joined #openstack-kolla | 20:26 | |
*** pbing19 has quit IRC | 20:29 | |
*** Tengu has quit IRC | 20:42 | |
*** Tengu has joined #openstack-kolla | 20:43 | |
yoctozepto | ^ | 21:07 |
iniazi | yoctozepto, thanks. I need to figure out the ceph volumes to create (going to do a erasure coding but separating the metadata with the normal data technique) | 21:09 |
iniazi | I mean after I do the ceph stuff, I should be ready to deploy. hopefully... | 21:10 |
*** vedup19 has quit IRC | 21:52 | |
*** sorin-mihai has quit IRC | 23:54 | |
*** tumble has quit IRC | 23:54 | |
*** sorin-mihai has joined #openstack-kolla | 23:55 |
Generated by irclog2html.py 2.15.3 by Marius Gedminas - find it at mg.pov.lt!