Wednesday, 2020-10-14

« Tuesday, 2020-10-13 Index Thursday, 2020-10-15 »
*** k_mouza has joined #openstack-kolla00:27
*** k_mouza has quit IRC00:31
*** k_mouza has joined #openstack-kolla00:36
*** k_mouza has quit IRC00:40
*** k_mouza has joined #openstack-kolla00:45
*** k_mouza has quit IRC00:49
*** xinliang has joined #openstack-kolla00:51
*** brinzhang_ has quit IRC00:53
*** brinzhang_ has joined #openstack-kolla00:53
*** k_mouza has joined #openstack-kolla00:54
*** zzzeek has quit IRC00:58
*** k_mouza has quit IRC00:59
*** zzzeek has joined #openstack-kolla00:59
*** k_mouza has joined #openstack-kolla01:02
*** k_mouza has quit IRC01:07
*** k_mouza has joined #openstack-kolla01:11
*** k_mouza has quit IRC01:15
*** k_mouza has joined #openstack-kolla01:27
*** k_mouza has quit IRC01:31
*** k_mouza has joined #openstack-kolla01:35
*** k_mouza has quit IRC01:39
*** k_mouza has joined #openstack-kolla01:58
*** k_mouza has quit IRC02:03
*** k_mouza has joined #openstack-kolla02:07
*** k_mouza has quit IRC02:11
*** timss has quit IRC02:18
*** timss has joined #openstack-kolla02:18
*** dabukalam has quit IRC02:18
*** Nirtal has quit IRC02:19
*** Nirtal has joined #openstack-kolla02:20
*** k_mouza has joined #openstack-kolla02:32
*** k_mouza has quit IRC02:37
openstackgerritwu.chunyang proposed openstack/kolla-ansible master: update octavia doc  https://review.opendev.org/74640902:50
*** kevko has joined #openstack-kolla03:55
*** kevko has quit IRC04:04
*** xinliang has quit IRC04:04
*** kevko has joined #openstack-kolla04:06
*** kevko has quit IRC04:10
*** kevko has joined #openstack-kolla04:12
*** kevko has quit IRC04:17
*** brinzhang0 has joined #openstack-kolla04:26
*** brinzhang_ has quit IRC04:28
*** evrardjp has quit IRC04:33
*** evrardjp has joined #openstack-kolla04:33
*** jbalciunas has joined #openstack-kolla04:56
*** hongbin has quit IRC04:59
*** hongbin has joined #openstack-kolla05:09
*** hongbin has quit IRC05:19
*** shyamb has joined #openstack-kolla05:36
*** zzzeek has quit IRC05:50
shyambHi05:52
*** zzzeek has joined #openstack-kolla05:52
*** brinzhang0 has quit IRC05:52
*** cah_link has joined #openstack-kolla06:09
*** vishalmanchanda has joined #openstack-kolla06:19
*** shyamb has quit IRC06:30
*** brinzhang has joined #openstack-kolla06:30
*** zzzeek has quit IRC06:38
yoctozeptomorning06:39
yoctozeptomloza: how so?06:39
*** zzzeek has joined #openstack-kolla06:43
*** k_mouza has joined #openstack-kolla06:52
*** nikparasyr has joined #openstack-kolla06:54
*** k_mouza has quit IRC06:57
*** Luzi has joined #openstack-kolla06:58
*** bengates has joined #openstack-kolla07:09
*** wuchunyang has joined #openstack-kolla07:35
*** shyamb has joined #openstack-kolla07:41
*** gfidente has joined #openstack-kolla07:47
*** SmearedBeard has joined #openstack-kolla07:47
*** shyam89 has joined #openstack-kolla07:49
mgoddardmorning07:50
*** rpittau|afk is now known as rpittau07:52
*** shyamb has quit IRC07:52
*** jbadiapa has joined #openstack-kolla08:02
*** e0ne has joined #openstack-kolla08:02
*** e0ne has quit IRC08:04
*** SmearedBeard has quit IRC08:06
*** jbalciunas has quit IRC08:07
*** jbalciunas has joined #openstack-kolla08:08
*** SmearedBeard has joined #openstack-kolla08:08
mnasiadkamorning08:09
mgoddardyoctozepto: bad luck with TC. Still, it was a close run for 4th, and if the TC wasn't being shrunk you'd have made it in :)08:09
yoctozeptomgoddard: sure, last time I was right below the bar as well :-)08:10
mgoddardnext time08:10
mgoddarda lot of it is about familiarity. Keep making noise on the ML and you'll attract some followers08:11
mgoddardyoctozepto: it is also about how many colleagues you have...08:11
*** rohit02 has joined #openstack-kolla08:12
rohit02hi team does  ussuri kolla ansible supports all endpoints on ssl08:13
osmanlicilegimorning08:20
yoctozeptorohit02: nope, only mentioned in the release notes08:20
yoctozeptomgoddard: true that; though I'm not particularly fit for getting that kind of attention...08:21
rohit02yoctozepto: internal and admin endpoints on ssl works right?08:23
yoctozeptorohit02: ah, if you mean haproxy endpoints, then all support ssl, yes08:24
yoctozeptorohit02: I meant the backend endpoints08:24
yoctozeptorohit02: as in from haproxy to apis08:24
rohit02yoctozepto: thanx08:25
*** SmearedBeard has quit IRC08:39
openstackgerritMark Goddard proposed openstack/kolla-ansible stable/stein: Performance: use a single config file for fluentd  https://review.opendev.org/75781708:39
*** cah_link has quit IRC08:49
*** cah_link has joined #openstack-kolla08:50
*** zzzeek has quit IRC09:17
*** zzzeek has joined #openstack-kolla09:19
openstackgerritMark Goddard proposed openstack/kolla stable/stein: Bump versions for Stein  https://review.opendev.org/75756609:24
openstackgerritMark Goddard proposed openstack/kolla stable/train: Bump versions for Train  https://review.opendev.org/75804709:25
openstackgerritMerged openstack/kolla-ansible master: baremetal: Install iptables for Docker if enabled  https://review.opendev.org/75689109:35
openstackgerritMark Goddard proposed openstack/kolla stable/ussuri: Add sysfsutils to nova-compute ubuntu source  https://review.opendev.org/75805109:36
openstackgerritMark Goddard proposed openstack/kolla stable/train: Add sysfsutils to nova-compute ubuntu source  https://review.opendev.org/75805209:36
openstackgerritMark Goddard proposed openstack/kolla stable/stein: Add sysfsutils to nova-compute ubuntu source  https://review.opendev.org/75805309:36
*** shyam89 has quit IRC09:36
*** gfidente has quit IRC09:39
openstackgerritMark Goddard proposed openstack/kolla stable/ussuri: Improve pip install process for offline deployment.  https://review.opendev.org/75805409:39
openstackgerritMark Goddard proposed openstack/kolla stable/train: Improve pip install process for offline deployment.  https://review.opendev.org/75805709:43
openstackgerritMark Goddard proposed openstack/kolla stable/ussuri: Checks for heat_user_domain explicitly  https://review.opendev.org/75805809:44
openstackgerritMark Goddard proposed openstack/kolla stable/train: Checks for heat_user_domain explicitly  https://review.opendev.org/75805909:44
openstackgerritMark Goddard proposed openstack/kolla stable/stein: Checks for heat_user_domain explicitly  https://review.opendev.org/75806009:45
*** shyamb has joined #openstack-kolla09:45
*** jonaspaulo has joined #openstack-kolla09:54
mnasiadkabackports flood ;)09:57
mgoddardthat's just kolla10:02
openstackgerritMichal Nasiadka proposed openstack/kolla-ansible master: Fix fernet cron path on Ubuntu/Debian  https://review.opendev.org/75707610:09
openstackgerritMark Goddard proposed openstack/kolla-ansible stable/ussuri: Delete the /var/log/kolla directory should use sudo  https://review.opendev.org/75806410:14
openstackgerritMark Goddard proposed openstack/kolla-ansible stable/train: Delete the /var/log/kolla directory should use sudo  https://review.opendev.org/75806510:14
openstackgerritMark Goddard proposed openstack/kolla-ansible stable/stein: Delete the /var/log/kolla directory should use sudo  https://review.opendev.org/75806610:15
openstackgerritMark Goddard proposed openstack/kolla-ansible stable/ussuri: Fix glance-tls-proxy logrotate and fluentd log permissions  https://review.opendev.org/75806710:16
openstackgerritMark Goddard proposed openstack/kolla-ansible stable/ussuri: replace internal with openstack_interface  https://review.opendev.org/75806810:17
openstackgerritMark Goddard proposed openstack/kolla-ansible stable/train: replace internal with openstack_interface  https://review.opendev.org/75806910:17
openstackgerritMichal Nasiadka proposed openstack/kolla-ansible master: Add log for cron script fernet-rotate.sh  https://review.opendev.org/75608310:17
openstackgerritMark Goddard proposed openstack/kolla-ansible stable/ussuri: baremetal: Install iptables for Docker if enabled  https://review.opendev.org/75807010:18
openstackgerritMark Goddard proposed openstack/kolla-ansible stable/train: baremetal: Install iptables for Docker if enabled  https://review.opendev.org/75807110:18
*** dougsz has joined #openstack-kolla10:19
*** gfidente has joined #openstack-kolla10:22
*** wuchunyang has quit IRC10:25
*** shyamb has quit IRC10:25
openstackgerritMark Goddard proposed openstack/kayobe stable/ussuri: Performance: skip LVM configuration if no groups configured  https://review.opendev.org/75807310:29
openstackgerritMark Goddard proposed openstack/kayobe stable/train: Performance: skip LVM configuration if no groups configured  https://review.opendev.org/75807410:29
openstackgerritMark Goddard proposed openstack/kayobe stable/stein: Performance: skip LVM configuration if no groups configured  https://review.opendev.org/75807510:29
*** k_mouza has joined #openstack-kolla10:30
openstackgerritMark Goddard proposed openstack/kayobe stable/ussuri: Add missing barbican.conf support  https://review.opendev.org/75807610:35
openstackgerritMark Goddard proposed openstack/kayobe stable/train: Add missing barbican.conf support  https://review.opendev.org/75807710:36
openstackgerritMerged openstack/kolla-ansible stable/train: docs: Add information on migrating to CentOS 8  https://review.opendev.org/75713310:40
*** shyamb has joined #openstack-kolla10:45
openstackgerritMerged openstack/kolla-ansible stable/train: docs: more info on migrating from CentOS 7 to 8  https://review.opendev.org/75751910:45
*** shyamb has quit IRC10:47
*** shyamb has joined #openstack-kolla10:47
openstackgerritMark Goddard proposed openstack/kolla-ansible master: docs: add info on adding and removing hosts  https://review.opendev.org/75808510:51
yoctozeptowell, that was a flood10:53
*** brinzhang has quit IRC11:03
*** dougsz has quit IRC11:07
*** k_mouza has quit IRC11:08
*** vishalmanchanda has quit IRC11:08
*** k_mouza has joined #openstack-kolla11:10
openstackgerritRafael Weingärtner proposed openstack/kolla-ansible master: Feature to manage public endpoints via DNS names  https://review.opendev.org/75784711:15
*** dougsz has joined #openstack-kolla11:20
*** zzzeek has quit IRC11:29
*** zzzeek has joined #openstack-kolla11:32
*** JamesBenson has joined #openstack-kolla11:32
*** priteau has joined #openstack-kolla11:39
*** shyamb has quit IRC11:41
*** rohit02 has quit IRC11:42
*** rohit02 has joined #openstack-kolla11:43
priteauIs there a way to skip service registration tasks when we know nothing's going to change? (for example when deploying a new hypervisor)11:44
priteauI trying skipping the always tag, but that skips all roles11:44
yoctozeptopriteau: that sounds like a good topic for the ptg - what should be easier to skip - operators might know what to usually optimize away12:37
yoctozeptopriteau: please add12:38
priteauYes sir!12:38
mgoddardI like the idea of reconfigure doing this12:47
mgoddardskip bootstrap and register12:47
yoctozepto^ +212:47
priteau^ -1? If a configuration change implies changing the endpoint URLs (e.g. enable tls), I would expect reconfigure to handle it.12:55
*** skramaja has joined #openstack-kolla12:55
mgoddardpriteau: then use deploy12:56
mgoddardmy main arguments against it are that it would be a behaviour change, and could be confusing12:57
yoctozeptowe also don't remove old endpoints really12:57
mgoddardalternatively we add tags12:57
yoctozeptowhy not both12:57
yoctozeptowe have upgrade notes for that reason12:57
priteauDo you envision that reconfigure should only be limited to update the on-disk configuration? (nova.conf, etc.)12:57
mgoddardyes12:58
yoctozeptoit could also be a different command12:58
yoctozeptoif you can imagine the name12:58
mgoddardkolla-ansible reconfigure-without-register-or-bootstrap12:58
priteauThe use case I have in mind is to deploy a new hypervisor, there's no need to check all endpoints for that13:02
priteauBut it would feel a bit odd to run reconfigure to deploy a fresh hypervisor13:02
priteauUnless you view it as a reconfiguration (extension) of the cloud as a whole13:02
yoctozeptomgoddard: nice one13:05
mgoddardpriteau: true13:05
mgoddardI'd be happy with tags13:05
yoctozeptopriteau, mgoddard: we could also just deprecate the 'reconfigure' alias13:05
yoctozeptoand go with tags13:05
yoctozeptoand docs for them13:05
yoctozeptomore docs - less questions13:06
priteauConfusion between deploy and reconfigure is something that comes up frequently13:06
yoctozeptoyeah, in the simplest questions13:06
yoctozeptoshould I run ...13:06
mgoddardit's a bit mean to just remove it though13:06
yoctozeptoand the answer is: it does not matter13:06
yoctozeptomgoddard: deprecate and stop mentioning in docs13:06
mgoddardwe could do that13:07
yoctozeptoand alias completely to deploy internally13:07
mgoddardliterally make it an alias, and document it as such13:07
yoctozeptoto avoid last bastions of confusion13:07
yoctozepto+213:07
yoctozeptodo we want it to happen already in Victoria? ;p13:07
mgoddardwe might need to finally fit swift to the "new" format13:07
yoctozeptoah, right13:08
yoctozeptoand what about bifrost?13:08
mgoddarddifferent commands13:15
dougszI know the oldskool Swift role frequently bites people with not restarting containers after new config is applied13:17
mgoddardI don't know why it got left behind13:17
mgoddardmaybe we should push on it for W13:17
mgoddardadded to PTG agenda13:19
*** engel75 has joined #openstack-kolla13:23
*** Luzi has quit IRC13:23
*** TrevorV has joined #openstack-kolla13:24
*** wuchunyang has joined #openstack-kolla13:31
* osmanlicilegi bbl13:35
*** vishalmanchanda has joined #openstack-kolla13:43
*** engel75 has quit IRC13:48
*** bengates has quit IRC14:03
*** e0ne has joined #openstack-kolla14:04
*** bengates has joined #openstack-kolla14:04
*** rafaelweingartne has joined #openstack-kolla14:09
*** priteau has quit IRC14:09
*** priteau has joined #openstack-kolla14:19
*** nikparasyr has left #openstack-kolla14:27
*** skramaja has quit IRC14:31
*** bengates has quit IRC14:35
*** bengates has joined #openstack-kolla14:36
*** bengates has quit IRC14:40
openstackgerritMerged openstack/kayobe master: Fix failures in Docker storage driver check  https://review.opendev.org/75795214:45
*** rafaelweingartne has quit IRC14:48
*** rohit02 has quit IRC14:50
mgoddardmgoddard mnasiadka hrw egonzalez yoctozepto rafaelweingartne cosmicsound osmanlicilegi bbezak14:51
mgoddard^ meeting in 10 minutes14:51
*** rafaelweingartne has joined #openstack-kolla14:53
*** bengates has joined #openstack-kolla14:56
wuchunyangit seems much quiet today14:58
*** JamesBenson has quit IRC15:01
yoctozeptoo/15:01
*** engel75 has joined #openstack-kolla15:01
yoctozeptooh, no meeting yet15:01
yoctozeptoxD15:01
*** JamesBenson has joined #openstack-kolla15:01
yoctozeptomgoddard15:01
mgoddardwake up mgoddard15:02
mgoddard#startmeeting kolla15:02
openstackMeeting started Wed Oct 14 15:02:14 2020 UTC and is due to finish in 60 minutes.  The chair is mgoddard. Information about MeetBot at http://wiki.debian.org/MeetBot.15:02
openstackUseful Commands: #action #agreed #help #info #idea #link #topic #startvote.15:02
*** openstack changes topic to " (Meeting topic: kolla)"15:02
openstackThe meeting name has been set to 'kolla'15:02
mgoddard#topic rollcall15:02
yoctozeptoo/15:02
*** openstack changes topic to "rollcall (Meeting topic: kolla)"15:02
mgoddard\o15:02
rafaelweingartne\o15:02
yoctozepto\o/15:02
engel75\o15:02
priteauo/15:03
wuchunyang\o15:03
mgoddard#topic agenda15:04
*** openstack changes topic to "agenda (Meeting topic: kolla)"15:04
mgoddard* Roll-call15:04
mgoddard* Announcements15:04
mgoddard  ** OpenStack Victoria released15:04
mgoddard  ** Kolla now in feature freeze15:04
mgoddard  ** Submit Virtual PTG topic proposals: https://etherpad.opendev.org/p/kolla-wallaby-ptg15:04
mgoddard* Review action items from the last meeting15:04
mgoddard* CI status15:04
mgoddard* DNS-based endpoint naming https://review.opendev.org/#/c/757847/15:04
patchbotpatch 757847 - kolla-ansible - Feature to manage public endpoints via DNS names - 4 patch sets15:04
mgoddard* Victoria release planning15:05
mgoddard  ** Review deprecations and other planned removals15:05
mgoddard* Wallaby PTG planning15:05
mgoddard#topic announcements15:05
*** openstack changes topic to "announcements (Meeting topic: kolla)"15:05
mgoddard#info OpenStack Victoria released15:05
*** alistarle has joined #openstack-kolla15:06
mgoddard#link http://lists.openstack.org/pipermail/openstack-discuss/2020-October/017959.html15:06
mgoddard#info Kolla now in feature freeze15:06
mgoddard#info Submit Virtual PTG topic proposals15:06
mgoddard#link https://etherpad.opendev.org/p/kolla-wallaby-ptg15:06
mgoddardAny others?15:06
yoctozeptona-ah15:07
mgoddard#topic Review action items from the last meeting15:07
*** openstack changes topic to "Review action items from the last meeting (Meeting topic: kolla)"15:07
mgoddardmgoddard get octavia CI job passing in order to merge patches15:07
mgoddarddone15:07
*** jovial[m] has joined #openstack-kolla15:08
mgoddard#topic CI status15:09
*** openstack changes topic to "CI status (Meeting topic: kolla)"15:09
mgoddardkolla15:09
mgoddardNFV job broken due to lack of Aodh for Tacker/Heat15:09
mgoddardI wonder if its as simple as enabling aodh15:09
mgoddardanyone care to try?15:09
mgoddardok15:11
*** engel75 has quit IRC15:11
mgoddardBifrost should be fixed on stein once we merge https://review.opendev.org/75756615:11
patchbotpatch 757566 - kolla (stable/stein) - Bump versions for Stein - 3 patch sets15:11
mgoddardRocky is probably a no go15:11
mgoddardKolla Ansible15:12
yoctozeptorocky is em15:12
yoctozeptono care15:12
mgoddardclaims to be AMBER, but I can't see why15:12
yoctozeptolemme seeeee15:12
yoctozeptonoo, it's GREEEN15:13
mgoddardgood15:14
mgoddardkayobe is also green15:14
mgoddard#topic DNS-based endpoint naming https://review.opendev.org/#/c/757847/15:14
patchbotpatch 757847 - kolla-ansible - Feature to manage public endpoints via DNS names - 4 patch sets15:14
*** openstack changes topic to "DNS-based endpoint naming https://review.opendev.org/#/c/757847/ (Meeting topic: kolla)"15:14
mgoddardrafaelweingartne proposed this patch15:14
rafaelweingartneyes15:14
*** engel75 has joined #openstack-kolla15:14
mgoddardcould you give a quick overview?15:14
rafaelweingartneyes, this is a second step of a series of proposals that we have prepared. I guess you remember we did a major review of the URLs in Kolla-ansible, to normalize their uses15:15
yoctozeptoyes15:16
yoctozeptounforgettable15:16
yoctozepto:-)15:16
rafaelweingartne:)15:16
rafaelweingartnefor me too15:16
rafaelweingartneThe idea is to allow/enable operators to configure URLs/endpoints that are standard from a user perspective15:16
rafaelweingartneby standard here, I mean, using standard ports 80/44315:16
rafaelweingartneTherefore, to deal with that, we need to execute redirects/forward HTTP requests based on DNS names of the components/services15:17
yoctozeptooh, that would be awesome15:17
yoctozeptoyeah, proxy them15:17
rafaelweingartneWe all of this working internally, but to avoid the nightmare of another mega huge patch15:17
rafaelweingartnewe will be introducing bit by bit15:17
rafaelweingartnethe first step if to enable us to generate/configure public endpoints based on a basic company DNS name15:18
rafaelweingartnethat is what this patch is introducing15:18
rafaelweingartneof course, the patchset is not self contained, as it would depend on an operator to configure a proxy to handle the names15:18
rafaelweingartnebut, after we introduce mechanisms  to handle the URL/endpoints generation, we can introduce a role to do exactly that15:19
rafaelweingartnewith HAproxy or some other web proxy15:19
rafaelweingartne"We all of this working internally" -> "We already have this working internally"15:19
*** also_stingrayza has joined #openstack-kolla15:19
yoctozeptohmm, hmm; would not it be better to expose these on different paths though15:20
yoctozeptobut yeah, names are acceptable too15:20
mgoddardso that question is why I wanted to discuss this here15:20
yoctozeptoweb-wise names are better separation15:21
rafaelweingartnethat is a good question, for us, it felt more natural to use the server name instead of query paths15:21
mgoddardthere are various ways this could be done15:21
yoctozeptobut these are not really strictly web services15:21
yoctozeptoso paths are just as fine15:21
yoctozeptoand probably easier in regular maintenance15:21
yoctozepto(and also to implement)15:21
yoctozeptodevstack does paths15:21
yoctozeptowe should encourage the move away from magic ports, yes15:21
mgoddardmy feeling is we should expose the variables to be able to do this in various ways15:22
yoctozepto+215:22
mgoddardthe current patch looks to me like it forces quite a specific pattern, and adds quite a lot of overhead to do so15:22
engel75a flexible solution sounds good15:22
rafaelweingartneyes, it forces that pattern of server names15:22
mgoddardthe alternative would require more work for the operator, as they would need to override more variables15:23
engel75kolla-ansible is already ver flexible15:23
mgoddardbut would be more flexible15:23
mgoddardif we could easily specify the FQDN, port and path per-service, would that be enough?15:23
*** stingrayza has quit IRC15:23
mgoddarddo your later patches depend on a specific format?15:23
rafaelweingartneyes, everything we did so far is based on server names15:24
mgoddardwhile its nice to have bite sized things to review, in terms of a design it would help if we could see the big picture in more detail15:25
mgoddard"bite sized" for anyone who reviewed the last patch :D15:26
rafaelweingartneI am looking at the patch now, and we already extracted the URLs, with the first patch we introduced "<component>_<interface>_base_endpoint"15:26
rafaelweingartnetherefore, it is already possible to override them15:26
mgoddardright15:27
rafaelweingartneThe only said thing is that the person doing the job would have to do it manually (either for server name or context path)15:27
rafaelweingartnesad*15:27
mgoddardif we can come up with a nice pattern, it could be documented15:28
mgoddardI think in order to change my mind I'd want to see a few people saying yes, I want to deploy OpenStack this way, and I'd like it to be really easy to do15:28
priteauI've done customisation of URLs in this pattern a while ago for a deployment, as early as Queens15:29
mgoddard(of course my opinion is just one of many)15:29
priteauIt was customising the HAProxy template which was the more complex part, not customising endpoint variables15:29
rafaelweingartneat least now, it is easier to work with these URLs, as we are consistently using the same variables around the code15:29
mgoddardright15:29
rafaelweingartneWhat if we only document the way we manage these URLs for the endpoints, and then we introduce a variable to indicate for kolla-ansible what is the configurations we want in the proxy15:30
mgoddardif we don't have this patch, and just set the URLs, is it possible to do what you want with HAProxy, to avoid the issue priteau had?15:30
rafaelweingartnethen, we would have something like "server_name_based_proxy: true" or "context_path_redirects: true" or something similar15:31
rafaelweingartnemgoddard: yes, it is15:31
rafaelweingartneI just wanted to facilitate the URLs generation, but as long as they are already externalized, if we document it, it is easy to work with it15:32
mgoddardwould it have to dissect the URL to determine the FQDN/path to match on?15:32
rafaelweingartneKolla-ansible no, basically, we would just register the URLs as it is done already, and then we need a new role to configure the proxy server15:33
rafaelweingartnethat would either work with server names or context paths15:33
mgoddardwhat proxy server would be used?15:34
rafaelweingartnewe are using HAproxy, but I guess we can use any one of the available out there15:34
rafaelweingartnein the containers we already use HTTPD, but Kolla-ansible has a role for HAproxy15:35
priteauI don't understand what role plays a new proxy in this. Why can't this be integrated directly in the HAProxy external API config?15:35
engel75it should be possible to deploy a 2nd proxy15:35
rafaelweingartnepriteau: are you asking about the current HAproxy role?15:36
mgoddardI think this needs a write up15:36
rafaelweingartneyes, that might be a good idea15:36
engel75from a security perspective it is good practice to run that "external" proxy in a DMZ15:36
priteauI meant role not in an Ansible way.15:37
mgoddardcould you write up an overview of the changes you'd like to make, and how you see the feature working overall?15:37
rafaelweingartneengel75: you mean, placing the proxy out of the control nodes, but we could do that right now? couldn't we? If we define a custom set of hosts for that role15:37
mgoddardit doesn't need to be a full spec, just enough to let us see what you are aiming for15:38
rafaelweingartnemgoddard: yes, I can15:38
rafaelweingartneI will prepare a brief spec, and then we can move on from there15:38
mgoddardthanks15:38
mgoddardif we have it in time for the PTG, we can discuss it there15:39
mgoddardI'll add it to the agenda15:39
*** muhaha has joined #openstack-kolla15:39
engel75rafaelweingartne yes but if a FW is sitting in between  access from all those services to the Haproxy would be blocked15:39
rafaelweingartnemgoddard: Sure, I guess, it is possible.15:40
engel75so I would like to be able to deploy two haproxys15:40
mgoddardI think we should move on15:41
engel75ok15:41
mgoddardthanks for discussing this, we can take it to the PTG15:41
rafaelweingartnesure15:41
mgoddardengel75: feel free to add your thoughts to the item in https://etherpad.opendev.org/p/kolla-wallaby-ptg15:41
mgoddard#topic Victoria release planning15:42
*** openstack changes topic to "Victoria release planning (Meeting topic: kolla)"15:42
mgoddardSubtopic Review deprecations and other planned removals15:42
mgoddardI guess this was yoctozepto?15:43
yoctozeptoyesss15:43
mgoddard#link https://docs.openstack.org/releasenotes/kolla/ussuri.html15:43
mgoddardstart will kolla15:44
yoctozeptoI noticed we have the vmware revert proposed15:44
mgoddard*with15:44
yoctozeptoI mean vmware deprececation reno*15:44
alistarleHi15:44
mgoddard#link https://review.opendev.org/74751215:45
patchbotpatch 747512 - kolla-ansible - Revert VMware deprecated note - 1 patch set15:45
mgoddardhi alistarle, we're just in a meeting currently15:45
mgoddardfinished in 1515:45
*** bengates has quit IRC15:45
alistarleYup no problem, it was just for discussing about the VMware deprecation if it is needed15:45
alistarleas you mention in the patch set15:45
mgoddardoh right, cool15:46
mgoddardso, we have 3 options15:46
mgoddard1. remove vmware support15:46
mgoddard2. keep vmware support deprecated and wait for $something15:46
mgoddard3. undeprecate vmware15:47
*** rafaelweingartne has quit IRC15:47
mgoddardanyone have strong feelings?15:47
yoctozeptoonly weak15:47
alistarleOn our side, we already have KVM-based deployment and we need to expose vmware services too, that's why we wanted to continue using Openstack and kolla15:48
alistarlewe are currently building the platform using vmware in kolla but it still require more effort our side to fully open in production, but it looks very promising15:49
alistarlewe until here only see two little bugs, one is already merged and the other will be submitted soon (and it concern all non-OVS deployment actually)15:49
*** e0ne has quit IRC15:49
mgoddardmy opinion is that vmware support does not require much maintenance from us, and if it is useful to someone then we should keep it15:50
wuchunyangagree15:50
mgoddardwas there some discussion about nova dropping vmware support, or have I made that up?15:50
*** muhaha has quit IRC15:51
alistarlevmware itself propose an openstack distribution, which is not even deprecated, so I think it is still up to date15:51
yoctozeptomgoddard: there was15:51
yoctozeptonot remember what the decision was15:51
mgoddardok15:52
mgoddardwell I suppose that would be out of our hands15:52
alistarleLatest version from VMware is from July, based on train : https://docs.vmware.com/en/VMware-Integrated-OpenStack/7.0/rn/VMware-Integrated-OpenStack-70-Release-Notes.html15:52
yoctozeptohttps://etherpad.opendev.org/p/nova-victoria-ptg15:52
yoctozeptoline 38815:52
yoctozepto    AGREED: enahnce the deprecation signal to say it is not just deprecated but it is also marked for deletion in a coming cycle. Ask the VMware folks to make the 3pp CI working. gibi will start the communication.15:53
mgoddardseems like they are pushing vmware to fix the CI15:54
yoctozeptomight be15:55
yoctozeptoso undeprecate? rephrase?15:55
mgoddardnova v renos: VMWare virt driver is now supported again in Victoria after being deprecated during the Ussuri release, as testing issues have been addressed.15:56
mgoddardhttps://docs.openstack.org/releasenotes/nova/victoria.html15:56
mgoddardtheir plan worked15:56
mgoddardany objections to kolla undeprecating VMWare support?15:56
openstackgerritPierre Riteau proposed openstack/kayobe master: Fix "Wait for the ironic node to be inspected" task  https://review.opendev.org/75820215:57
yoctozeptonone, it's low maintenance, and if we break anything, then, well, that's life on the edge of no testing coverage :-)15:58
mgoddard#action undeprecate VMware15:58
mgoddard#topic Wallaby PTG15:58
*** openstack changes topic to "Wallaby PTG (Meeting topic: kolla)"15:58
mgoddardPlease add topics https://etherpad.opendev.org/p/kolla-wallaby-ptg15:58
mgoddard#topic Open discussion15:58
*** openstack changes topic to "Open discussion (Meeting topic: kolla)"15:58
mgoddardDoes anyone have anything else to discuss?15:58
priteauWhat is the plan for https://review.opendev.org/#/c/751795/15:59
patchbotpatch 751795 - kolla-ansible - Disable Docker iptables and bridge networking by d... - 2 patch sets15:59
priteauI believe we have in-tree some warnings about default behaviour change in Victoria15:59
priteauAnd some release notes of course15:59
mgoddardit didn't work for me in CI: https://review.opendev.org/75198215:59
patchbotpatch 751982 - kolla-ansible - DNM: test kolla build without iptables or bridge - 3 patch sets15:59
priteauAnd that's with host networking?16:00
mgoddardyes16:00
mgoddardCI always uses host networking16:00
priteauI'll give it a try in a local env16:00
priteauShould we revert the mentions of behaviour change in Victoria then?16:01
priteauAnd leave it to Wallaby when more tested16:01
mgoddardyes, we should revert mentions of behaviour change, and add them tohttps://review.opendev.org/#/c/751795/16:02
patchbotpatch 751795 - kolla-ansible - Disable Docker iptables and bridge networking by d... - 2 patch sets16:02
mgoddard(or work out why that doesn't pass, fix it, then merge)16:02
priteauEven if we fixed the issue in the coming days, it could be too close to release?16:03
mgoddardpossibly16:03
mgoddardthe issue is quite annoying though16:03
mgoddardok, let's leave it there16:04
mgoddardThanks all16:04
mgoddard#endmeeting16:04
*** openstack changes topic to "IRC meetings on Wednesdays @ 15:00 UTC - agenda @ https://goo.gl/OXB0DL | Whiteboard: https://bit.ly/2MM7mWF | IRC channel is *LOGGED* @ http://goo.gl/3mzZ7b"16:04
openstackMeeting ended Wed Oct 14 16:04:43 2020 UTC.  Information about MeetBot at http://wiki.debian.org/MeetBot . (v 0.1.4)16:04
openstackMinutes:        http://eavesdrop.openstack.org/meetings/kolla/2020/kolla.2020-10-14-15.02.html16:04
openstackMinutes (text): http://eavesdrop.openstack.org/meetings/kolla/2020/kolla.2020-10-14-15.02.txt16:04
openstackLog:            http://eavesdrop.openstack.org/meetings/kolla/2020/kolla.2020-10-14-15.02.log.html16:04
*** cah_link has quit IRC16:05
*** rpittau is now known as rpittau|afk16:05
*** alistarle has quit IRC16:07
wuchunyangmgoddard i noticed that ansible gathers facts is too slow  when we have huge vm tap devices.16:12
openstackgerritMark Goddard proposed openstack/kolla-ansible master: Revert VMware deprecation  https://review.opendev.org/74751216:12
mgoddardwuchunyang: fact gathering can be slow, yes16:13
mgoddardmore of an ansible issue though16:13
priteaufact caching can help16:13
mgoddard+116:14
mgoddardwe do make things worse when you use --limit though16:14
priteauAnd mgoddard put a lot of work in making fact caching work well :-)16:14
wuchunyangyeah,,it there a good way to improve this ?16:14
mgoddardfact caching16:14
wuchunyangis there docs about caching ?16:15
wuchunyangthanks :-)16:15
mgoddardhttps://docs.openstack.org/kayobe/latest/configuration/reference/ansible.html#fact-caching16:15
mgoddardI should translate that for kolla-ansible16:15
wuchunyangthanks mgoddard16:15
mgoddardbut it is close enough16:15
wuchunyangi know, just alter the ansible.cfg file.16:17
priteauI am seeing an issue in a-universe-from-nothing master branch, where provisioning overcloud nodes fails with a big backtrace from bifrost. In the middle there are hints about SSH issues: Please login as the user \"centos\" rather than the user \"root\"16:20
priteauIt looks like Ansible is SSH'ing from inside the bifrost container to the host running the container16:21
mgoddardpriteau: hmm, are we missing connection=local somewhere?16:21
openstackgerritMark Goddard proposed openstack/kolla-ansible master: docs: Add information on tuning Ansible  https://review.opendev.org/75820516:22
wuchunyangmgoddard. though we have not  decide whether to merge this ps https://review.opendev.org/#/c/755589/ . but i would be nice for ci or test purpose. i want to work on this, bu  i don't know wheter this is no meaning.16:22
patchbotpatch 755589 - kolla-ansible - octavia: support tenant management network - 11 patch sets16:22
wuchunyangbu - but16:23
mgoddardwuchunyang: I think we agreed to merge it16:23
mgoddardwith a 'tech preview' flag16:23
mgoddardand change the default to provider16:23
wuchunyangok, thanks ,, i will alter the patch  for test purpost ..16:24
yoctozeptomore 'experimental' though; with no compatibility promise ever16:25
priteaumgoddard: I am not familiar with the ansible parts of bifrost. I see there is a python script as inventory, but it hasn't changed since 201516:25
wuchunyangyoctozepto  yeah.  just for CI, test or poc16:26
mgoddardpriteau: I think it has changed since then?16:26
priteaucommit 8d878e6268d969618f56449bd033a442da2086f416:26
priteauAuthor:     Julia Kreger <juliaashleykreger@gmail.com>16:26
priteauAuthorDate: Wed Nov 4 15:58:31 2015 -050016:26
priteauThat's the last change I see16:26
priteauOh, there's another file16:27
priteauI was looking at playbooks/inventory/bifrost_inventory.py16:28
priteauBut there is bifrost/inventory.py16:28
mgoddardsymlink16:28
priteauheh, good catch16:29
priteauSo there is a playbooks/inventory/localhost file in bifrost source, but I don't find it in the deployed service16:30
*** dougsz has quit IRC16:33
priteauI see `--connection local` is not used in the call for provisioning16:34
priteauI'll try adding it16:35
openstackgerritwu.chunyang proposed openstack/kolla-ansible master: update octavia doc  https://review.opendev.org/74640916:37
openstackgerritwu.chunyang proposed openstack/kolla-ansible master: update octavia doc  https://review.opendev.org/74640916:40
openstackgerritwu.chunyang proposed openstack/kolla-ansible master: update octavia doc  https://review.opendev.org/74640916:41
priteauIt fails in a different way16:41
priteauLooking at a train deployment, the output of the inventory script is similar anyway16:41
*** wuchunyang has quit IRC16:44
*** gfidente is now known as gfidente|afk16:46
*** muhaha has joined #openstack-kolla16:51
*** Fl1nt has joined #openstack-kolla16:56
Fl1ntHi everyoen16:56
Fl1nteveryone :D16:56
priteaumgoddard: I traced it to this change, once I revert just this one line, it proceeds further: https://review.opendev.org/#/c/748230/4/playbooks/roles/bifrost-cloud-config/tasks/main.yml16:58
patchbotpatch 748230 - bifrost - Move services to internal_ip by default and refact... (MERGED) - 4 patch sets16:58
openstackgerritMerged openstack/kolla master: rally: Add rally-openstack  https://review.opendev.org/75754216:58
openstackgerritMerged openstack/kolla-ansible master: Revert VMware deprecation  https://review.opendev.org/74751216:58
priteauNext error is "When setting an instance to present, instance_info is a required variable."16:59
*** e0ne has joined #openstack-kolla17:00
Fl1nthum... does anyone already had an issue with neutron-l3-agent and neutron-openvswitch-agent on a CentOS-8 distribution where those containers aren't able to perform iptables actions?17:02
*** Trevor_V has joined #openstack-kolla17:02
*** TrevorV has quit IRC17:03
*** engel75 has quit IRC17:03
priteauI've not seen thi17:04
priteauthis17:04
priteauIs selinux disable on the host?17:05
Fl1ntyes as well as firewalld, it make me crazy, I can't find why that error is poping up.17:05
*** muhaha has quit IRC17:06
Fl1ntI find out that we call update-alternatives, but I don't know if it is contained on CentOS 8 image.17:06
*** muhaha has joined #openstack-kolla17:08
*** k_mouza has quit IRC17:30
*** k_mouza has joined #openstack-kolla17:35
*** k_mouza has quit IRC17:40
*** k_mouza has joined #openstack-kolla17:46
openstackgerritMerged openstack/kolla-ansible stable/ussuri: Performance: optimize genconfig  https://review.opendev.org/75779917:46
*** e0ne has quit IRC17:50
*** k_mouza has quit IRC17:50
*** e0ne has joined #openstack-kolla17:52
*** muhaha has quit IRC17:53
*** e0ne has quit IRC18:01
*** k_mouza has joined #openstack-kolla18:01
*** k_mouza has quit IRC18:06
ozzzoFl1nt: I don't think centos 8 has iptables; they have nft and firewall-cmd instead18:06
ozzzoyou can install iptables on 7; i'm not sure about 8, but it for sure isn't there by default18:09
ozzzoit's a link to nft, and your iptables rules will probably need to be updated to work with nft18:11
mgoddardFl1nt: are you still mixing C7 and C8?18:15
*** k_mouza has joined #openstack-kolla18:16
mgoddardpriteau: perhaps we need to set internal_ip to localhost?18:17
mgoddardpriteau: unsure why it doesn't work via the api interface though18:20
*** k_mouza has quit IRC18:21
*** k_mouza has joined #openstack-kolla18:22
*** k_mouza has quit IRC18:26
*** k_mouza has joined #openstack-kolla18:29
*** k_mouza has quit IRC18:33
*** k_mouza has joined #openstack-kolla18:37
*** e0ne has joined #openstack-kolla18:39
*** k_mouza has quit IRC18:42
*** cah_link has joined #openstack-kolla18:48
Fl1nt@ozzzo, yes, but that exactly why there is a test that use update-alternative to test for iptables existance.18:50
Fl1ntmgoddard, yep unfortunately, I can't migrate to host C8 until we don't get podman support as we've a hyperconverged installation with CEPH and Openstack on the same hosts, which mean that ceph-ansible being nuts it doesn't let you choose for the container runtime on C8 and use podman.18:51
Fl1ntwhile technically I can run docker and podman on the same host in parallel, I'm not really kine to do it as I feel there will be more weird behavior involved.18:52
Fl1ntI think I'll just rollback everything on C7 and better plan our migration to C818:55
*** jonaspaulo has quit IRC18:59
*** k_mouza has joined #openstack-kolla19:05
*** dougsz has joined #openstack-kolla19:07
*** e0ne has quit IRC19:09
*** k_mouza has quit IRC19:10
*** k_mouza has joined #openstack-kolla19:13
*** k_mouza has quit IRC19:15
*** k_mouza has joined #openstack-kolla19:17
*** dougsz has quit IRC19:17
*** priteau has quit IRC19:20
*** Trevor_V has quit IRC19:30
*** TrevorV has joined #openstack-kolla19:31
*** cah_link has quit IRC19:38
*** k_mouza has quit IRC19:42
*** k_mouza has joined #openstack-kolla19:49
*** k_mouza has quit IRC19:54
*** k_mouza has joined #openstack-kolla19:59
openstackgerritMerged openstack/kayobe stable/ussuri: Performance: skip LVM configuration if no groups configured  https://review.opendev.org/75807320:02
*** vishalmanchanda has quit IRC20:08
*** k_mouza has quit IRC20:36
*** jbadiapa has quit IRC20:45
*** k_mouza has joined #openstack-kolla20:47
*** k_mouza has quit IRC20:59
openstackgerritPierre Riteau proposed openstack/kayobe master: Fix overcloud provisioning with newer Bifrost  https://review.opendev.org/75825221:06
*** k_mouza has joined #openstack-kolla21:12
*** k_mouza has quit IRC21:17
*** k_mouza has joined #openstack-kolla21:29
*** k_mouza has quit IRC21:34
*** k_mouza has joined #openstack-kolla21:37
*** k_mouza has quit IRC21:41
*** k_mouza has joined #openstack-kolla21:46
*** k_mouza has quit IRC21:50
*** vkmc has quit IRC22:10
*** vkmc has joined #openstack-kolla22:10
*** k_mouza has joined #openstack-kolla22:11
*** k_mouza has quit IRC22:15
*** gfidente|afk has quit IRC22:25
*** JamesBenson has quit IRC22:31
*** JamesBenson has joined #openstack-kolla22:31
*** JamesBenson has quit IRC22:36
*** TrevorV has quit IRC22:45
*** JamesBenson has joined #openstack-kolla23:06
*** JamesBenson has quit IRC23:12
*** Fl1nt has quit IRC23:25
*** JamesBenson has joined #openstack-kolla23:39
*** JamesBenson has quit IRC23:44
« Tuesday, 2020-10-13 Index Thursday, 2020-10-15 »

Generated by irclog2html.py 2.17.2 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!