*** amoralej|off is now known as amoralej | 07:26 | |
Jerma | Hello Team | 08:02 |
---|---|---|
Jerma | Any idea on how to enable multi domain in openstack wallaby deployed with kolla-ansible | 08:02 |
Jerma | I have read the keystone and Horizon Documentation but with no much luck4 | 08:10 |
EugenMayer | yoctozepto i ditched freezer. I was not aware that it is agent based. For an agent based solution it is way to broken, dead. I rather would use Bacula which is made dedicated and also is agent based. | 09:09 |
opendevreview | Maksim Malchuk proposed openstack/kolla master: Unify curl use (customisation options) https://review.opendev.org/c/openstack/kolla/+/805640 | 09:23 |
hrw | mnasiadka, mgoddard: https://review.opendev.org/c/openstack/kolla/+/816374 for morning coffee? | 10:22 |
frickler | hrw: do you have a link to a job where that issue is being seen? /me is curious | 11:04 |
hrw | frickler: sure, moment | 11:15 |
hrw | frickler: https://zuul.opendev.org/t/openstack/build/e3386788a250465b8d03b986900f0451/logs | 11:16 |
opendevreview | Merged openstack/kolla master: Remove InfluxDB data source Grafana plugin https://review.opendev.org/c/openstack/kolla/+/812505 | 11:55 |
opendevreview | Mark Goddard proposed openstack/kayobe master: Ubuntu: add support for Apt repository configuration https://review.opendev.org/c/openstack/kayobe/+/816364 | 12:34 |
*** amoralej is now known as amoralej|lunch | 13:08 | |
*** kmasterson is now known as Guest4811 | 13:13 | |
opendevreview | Michal Nasiadka proposed openstack/kayobe master: disable-selinux: Set to permissive https://review.opendev.org/c/openstack/kayobe/+/813661 | 13:29 |
opendevreview | Michal Nasiadka proposed openstack/kolla master: docs: weekly meetings page https://review.opendev.org/c/openstack/kolla/+/815494 | 13:52 |
EugenMayer | When deploying tls, there is only a path to the certificate, but not the private key. How is that supposed to work? | 14:10 |
*** amoralej|lunch is now known as amoralej | 14:14 | |
mgoddard | EugenMayer: concatenated | 14:23 |
EugenMayer | what? the private key and the certificate? | 14:24 |
EugenMayer | well i found it https://docs.openstack.org/kolla-ansible/latest/admin/tls.html#back-end-tls-configuration | 14:24 |
EugenMayer | i guess the backend certificate (a wildcard for me) is used for the kolla_internal_fqdn_cert too, right | 14:25 |
mgoddard | EugenMayer: you're probably looking for https://docs.openstack.org/kolla-ansible/latest/admin/tls.html#tls-configuration-for-internal-external-vip | 14:30 |
EugenMayer | mgoddard might be yes, depends if the horizon service is not considered a backend, why so ever | 14:34 |
EugenMayer | mgoddard in your linked configuration it is still unclear how to provide the private key | 14:35 |
mgoddard | EugenMayer: backend is relative to haproxy. HAProxy VIP is the frontend, horizon container is the backend | 14:35 |
mgoddard | users only connect to the VIP. backend is just belt & braces | 14:36 |
mgoddard | (explained at the top of the page) | 14:36 |
mgoddard | cat cert.pem key.pem > haproxy.pem | 14:36 |
mgoddard | checking that there is suitable newlines between them | 14:37 |
EugenMayer | that's the first time ever i have seen concat certs with private keys | 14:48 |
EugenMayer | holy moly :) Is that haproxy specific? Cannot remember doing that in haproxy when i was using it. Nowdays it is all Traefik for me | 14:48 |
yoctozepto | EugenMayer: yes, it's just how haproxy likes it | 14:49 |
jingvar | :) | 14:49 |
mnasiadka | mgoddard mnasiadka hrw egonzalez yoctozepto rafaelweingartne cosmicsound osmanlicilegi bbezak parallax Fl1nt frickler adrian-a - meeting in 10 | 14:50 |
EugenMayer | yoctozepto not going to aks how i would no need add the bundle chain if needed | 14:51 |
yoctozepto | EugenMayer: the same way (-: | 14:51 |
EugenMayer | so cert first, chain later, key last? | 14:51 |
EugenMayer | scary stuff | 14:51 |
yoctozepto | I think it can actually figure it, concatenated pem files is something generally understandable | 14:52 |
EugenMayer | pem files in terms of certs, yes, keys - never have seen that before (mabye not) | 14:55 |
mnasiadka | yoctozepto: https://review.opendev.org/c/openstack/kolla/+/815494 - changed language to 'none' ;-) | 14:56 |
mnasiadka | But I guess it would make sense to go through all code blocks to make sure highlighting looks properly | 14:56 |
mnasiadka | #startmeeting kolla | 15:00 |
opendevmeet | Meeting started Wed Nov 3 15:00:02 2021 UTC and is due to finish in 60 minutes. The chair is mnasiadka. Information about MeetBot at http://wiki.debian.org/MeetBot. | 15:00 |
opendevmeet | Useful Commands: #action #agreed #help #info #idea #link #topic #startvote. | 15:00 |
opendevmeet | The meeting name has been set to 'kolla' | 15:00 |
mnasiadka | #topic rollcall | 15:00 |
mnasiadka | o/ | 15:00 |
mgoddard | \o | 15:02 |
adrian-a | o/ | 15:02 |
parallax | \o | 15:03 |
frickler | o/ | 15:04 |
yoctozepto | o/ | 15:05 |
yoctozepto | mnasiadka: remember about the extra agenda in etherpad :-) | 15:05 |
mnasiadka | #topic agenda | 15:05 |
mnasiadka | * Announcements | 15:06 |
mnasiadka | * Review action items from the last meeting | 15:06 |
mnasiadka | * CI status | 15:06 |
mnasiadka | * Release tasks | 15:06 |
mnasiadka | * Yoga cycle planning | 15:06 |
mnasiadka | * Security bugs to squash | 15:06 |
mnasiadka | * Switch docs to recommend installing from git repo; re: https://review.opendev.org/c/openstack/kolla-ansible/+/815043 | 15:06 |
mnasiadka | * New core-reviewer | 15:06 |
mnasiadka | * Open discussion | 15:06 |
mnasiadka | #topic Announcements | 15:06 |
mnasiadka | I'm off next week, any volunteer to run the meeting next Wed? | 15:06 |
yoctozepto | let me check | 15:07 |
yoctozepto | ok, I'm available | 15:07 |
mnasiadka | Ok then | 15:07 |
mnasiadka | #action yoctozepto to run the meeting next week | 15:07 |
mnasiadka | Thanks! | 15:07 |
yoctozepto | yw :-) | 15:07 |
mnasiadka | #topic Review action items from the last meeting | 15:07 |
mnasiadka | Seems none last week | 15:08 |
mnasiadka | #topic CI status | 15:08 |
mnasiadka | seems green | 15:09 |
mnasiadka | Kayobe is amber on Wallaby (disk issues) | 15:09 |
mnasiadka | change was merged, should we update back to green? | 15:09 |
mnasiadka | I'll check history later and see if it's green again (and check with priteau) | 15:10 |
mnasiadka | #topic Release tasks | 15:10 |
mnasiadka | mgoddard, yoctozepto: is it time to cut RC2? | 15:10 |
mgoddard | sure | 15:10 |
mnasiadka | https://review.opendev.org/c/openstack/kolla-ansible/+/814942 this was merged (mentioned on last weeks meeting) | 15:11 |
mnasiadka | and I think we reverted the problematic patch | 15:11 |
mnasiadka | ok then | 15:11 |
yoctozepto | what about mariadb patch? | 15:11 |
mnasiadka | which one? | 15:11 |
yoctozepto | the one I mentioned yesterday | 15:11 |
yoctozepto | https://review.opendev.org/c/openstack/kolla-ansible/+/814276 | 15:11 |
mnasiadka | Ah, I did not look into that, since mgoddard reviewed that earlier - so I waited for him to act upon it ;-) | 15:12 |
mgoddard | I'll try to have a look later | 15:13 |
yoctozepto | so wait for this for rc2 | 15:13 |
yoctozepto | this should get mariadb to its regular glory | 15:13 |
mnasiadka | added rc2-blocker hashtag and will keep an eye for that | 15:13 |
mnasiadka | and once it merges (and is backported) will post rc2 releases patches | 15:13 |
mnasiadka | ok, let's move on | 15:14 |
mnasiadka | #topic Yoga cycle planning | 15:14 |
mnasiadka | I haven't been able to populate Priorities on the whiteboard yet | 15:14 |
mnasiadka | But will do at latest tomorrow | 15:15 |
mnasiadka | Any other things that we need to consider at this point? | 15:15 |
yoctozepto | nothing specific from me | 15:17 |
mnasiadka | Other day I was thinking if we shouldn't follow what some other projects do - post ,,bugs'' with [RFE] prefix and target them to Yoga milestone in Launchpad - but I think priorities on the whiteboard worked quite OK | 15:18 |
mnasiadka | yoctozepto, mgoddard: opinions? (sometimes I feel the whiteboard is a bit ,,overcrowded'') | 15:19 |
mgoddard | mnasiadka: you're basically reintroducing the blueprints that we dropped the other week? | 15:20 |
mnasiadka | not really reintroducing, but fair point - let's stick to whiteboard for now :) | 15:21 |
mnasiadka | #topic Security bugs to squash | 15:21 |
mnasiadka | yoctozepto: do we have any? | 15:21 |
adrian-a | Whiteboard is crashing Chrome on Android :) and some prefixes or tags (in a similar idea like in Gitlab https://ibb.co/RpRjNng ) could be useful | 15:22 |
yoctozepto | mnasiadka: we do | 15:22 |
yoctozepto | mnasiadka: this topic to make you look at them | 15:23 |
mnasiadka | well, where do I find them in launchpad? | 15:24 |
yoctozepto | gimme a sec | 15:24 |
yoctozepto | kolla https://bugs.launchpad.net/kolla/+bugs?field.searchtext=&orderby=-importance&search=Search&field.status%3Alist=NEW&field.status%3Alist=CONFIRMED&field.status%3Alist=TRIAGED&field.status%3Alist=INPROGRESS&field.status%3Alist=FIXCOMMITTED&field.status%3Alist=INCOMPLETE_WITH_RESPONSE&field.status%3Alist=INCOMPLETE_WITHOUT_RESPONSE&field.informat | 15:25 |
yoctozepto | ion_type%3Alist=PRIVATESECURITY&field.information_type%3Alist=USERDATA&assignee_option=any&field.assignee=&field.bug_reporter=&field.bug_commenter=&field.subscriber=&field.structural_subscriber=&field.tag=&field.tags_combinator=ANY&field.has_cve.used=&field.omit_dupes.used=&field.omit_dupes=on&field.affects_me.used=&field.has_patch.used=&field.has_ | 15:25 |
yoctozepto | branches.used=&field.has_branches=on&field.has_no_branches.used=&field.has_no_branches=on&field.has_blueprints.used=&field.has_blueprints=on&field.has_no_blueprints.used=&field.has_no_blueprints=on | 15:25 |
yoctozepto | kolla-ansible https://bugs.launchpad.net/kolla-ansible/+bugs?field.searchtext=&orderby=-importance&search=Search&field.status%3Alist=NEW&field.status%3Alist=CONFIRMED&field.status%3Alist=TRIAGED&field.status%3Alist=INPROGRESS&field.status%3Alist=FIXCOMMITTED&field.status%3Alist=INCOMPLETE_WITH_RESPONSE&field.status%3Alist=INCOMPLETE_WITHOUT_RESPONS | 15:25 |
yoctozepto | E&field.information_type%3Alist=PRIVATESECURITY&field.information_type%3Alist=USERDATA&assignee_option=any&field.assignee=&field.bug_reporter=&field.bug_commenter=&field.subscriber=&field.structural_subscriber=&field.tag=&field.tags_combinator=ANY&field.has_cve.used=&field.omit_dupes.used=&field.omit_dupes=on&field.affects_me.used=&field.has_patch. | 15:25 |
yoctozepto | used=&field.has_branches.used=&field.has_branches=on&field.has_no_branches.used=&field.has_no_branches=on&field.has_blueprints.used=&field.has_blueprints=on&field.has_no_blueprints.used=&field.has_no_blueprints=on | 15:25 |
yoctozepto | I'm open to explaining/discussing mine in there if you need more details | 15:26 |
yoctozepto | as for the others, I guess we should decide whether not to open them | 15:26 |
yoctozepto | or close entirely (-: | 15:26 |
mnasiadka | oh boy, nice links - I'll make some shortened urls and look through them ;-) | 15:26 |
yoctozepto | that's launchpad for ye | 15:27 |
mnasiadka | ok, the first two (haproxy and horizon dir listings) seem self explanatory | 15:27 |
mnasiadka | do we have any volunteers to work on those? | 15:27 |
yoctozepto | yeah, need to check if they happen still | 15:28 |
yoctozepto | I hoped you could spend some resources :-) I'm overloaded these days | 15:28 |
mnasiadka | and the last time seems not so trivial, because we would need to skim the logs in search of those passwords | 15:28 |
adrian-a | yoctozepto, can you please shorten that URL? I can't concat it to something meaningful | 15:28 |
mnasiadka | Ok, let me at least triage those - and get back with some updates to those bugs. | 15:29 |
mnasiadka | adrian-a: it's a private list, I don't think you have access. | 15:29 |
adrian-a | o, mkay | 15:29 |
yoctozepto | yeah, he does not | 15:29 |
mnasiadka | #action mnasiadka to triage security bugs and update them with resolution plan (if needed) | 15:29 |
yoctozepto | great, mnasiadka :-) | 15:30 |
mnasiadka | #topic Switch docs to recommend installing from git repo; re: https://review.opendev.org/c/openstack/kolla-ansible/+/815043 | 15:30 |
mnasiadka | yoctozepto: that's yours? | 15:30 |
yoctozepto | mnasiadka: always mine | 15:30 |
yoctozepto | there is some discussion as to how to handle the recommendation on the source of kolla-ansible code | 15:30 |
yoctozepto | I argue we are better off recommending git | 15:31 |
yoctozepto | as this is what we test and I guess also run in production as we don't release often enough | 15:31 |
yoctozepto | moreover, the versioning is confusing | 15:31 |
yoctozepto | each component has a different version so hard to tell what has been installed from the version only | 15:32 |
yoctozepto | unless reading renos | 15:32 |
yoctozepto | which folks don't do (-: | 15:32 |
yoctozepto | or at least not often enough to make me glad they do | 15:32 |
mnasiadka | well, from one perspective I'm ok with that, from other - maybe we should do releases more often | 15:33 |
mnasiadka | but it's fine for the docs to point to git instead of pypi | 15:34 |
mnasiadka | any other voices of reason? | 15:34 |
adrian-a | sounds good | 15:34 |
mnasiadka | mgoddard, frickler? | 15:35 |
mgoddard | fine by me | 15:35 |
frickler | git is good | 15:36 |
mnasiadka | #agreed to recommend installing from git repo in the docs | 15:36 |
yoctozepto | frickler: I'll print that quote and frame it | 15:36 |
yoctozepto | "git is good" | 15:36 |
mnasiadka | yoctozepto: are you going to follow up? | 15:36 |
yoctozepto | yeah, action me on that to keep this flowing on | 15:37 |
mnasiadka | well, I think the author is adrian-a, right? | 15:37 |
adrian-a | I'll add a comment to the review and link to IRC log and I'll complete the commit with git | 15:37 |
mnasiadka | great, case solved | 15:37 |
mnasiadka | let's move on | 15:38 |
mnasiadka | #topic New core-reviewer | 15:38 |
mnasiadka | I think it's time to add a new core reviewer - especially if that person is outside of StackHPC - out of the list of contributors - I think kevko is a good candidate (with proper review stats and good knowledge of kolla/kolla-ansible code) | 15:39 |
yoctozepto | adrian-a: many thanks! | 15:40 |
adrian-a | yoctozepto, yw :) | 15:40 |
mnasiadka | If there are no objections - I'll propose him through the mailing list. | 15:40 |
mnasiadka | And the question is - first kolla or kolla-ansible or both? | 15:40 |
mgoddard | both | 15:40 |
yoctozepto | mnasiadka: both | 15:40 |
frickler | +2 ... oh wait, I can only +1 ... ;) | 15:41 |
mnasiadka | ok then, both | 15:41 |
yoctozepto | frickler needs to work a bit more to gain the core title :-) | 15:41 |
frickler | yes, I plan on doing that, but that'll take some time I agree | 15:42 |
yoctozepto | no rush, quality over quantity :-) | 15:42 |
mnasiadka | yup | 15:42 |
mnasiadka | #topic Open discussion | 15:43 |
mnasiadka | Phew, we made to open discussion this time ;-) | 15:43 |
yoctozepto | oh noez | 15:43 |
yoctozepto | let's check if we have not missed some point in the agenda (-: | 15:43 |
yoctozepto | c'est impossible ! | 15:44 |
yoctozepto | we have gone through all of 'em | 15:44 |
yoctozepto | congrats mnasiadka | 15:44 |
mnasiadka | ok, no open discussion points from anybody? ;-) | 15:46 |
yoctozepto | c'est impossible aussi ! | 15:48 |
headphoneJames | well, I have a FYI that I'm trying to make a minimal change for switching over service configs in keystone_authtoken from project scoped tokens to system scope. | 15:49 |
headphoneJames | should be ready soon | 15:49 |
adrian-a | I see 3 options on this (last comment), what do you think? https://review.opendev.org/c/openstack/kolla-ansible/+/816076 | 15:49 |
yoctozepto | headphoneJames: sounds wonderful | 15:50 |
mgoddard | adrian-a: A2 or C | 15:50 |
mnasiadka | yoctozepto: haven't we tried to get rid of init-runonce from tools/ at some point? | 15:51 |
mgoddard | where C is pip install python-openstackclient -c <upper constraints URL> | 15:51 |
yoctozepto | mnasiadka: we did | 15:51 |
yoctozepto | mgoddard: ++, in docs only though | 15:51 |
yoctozepto | adrian-a: ^ | 15:51 |
yoctozepto | mnasiadka: I guess we should then hurry | 15:52 |
yoctozepto | and amend the docs not to recommend that as something necessary | 15:52 |
mnasiadka | Well, hurry or not - I think we should discuss if init-runonce is the toolset we want to maintain and if users should be really running it ;-) | 15:52 |
mgoddard | well, it kind of works, and we recommend against running it in production | 15:53 |
mgoddard | but we need something like it for testing | 15:53 |
yoctozepto | mnasiadka: let's discuss then - we should not recommend it :D who objects? | 15:53 |
yoctozepto | no objections | 15:55 |
mnasiadka | I think we already recommend against it, I'm fine in adding a message to post-deploy to install python-openstackclient (and some other clients - preferably in a venv ) or in docs | 15:55 |
mnasiadka | but not really to automate that part | 15:55 |
yoctozepto | action me to hide it properly | 15:55 |
yoctozepto | and go-go-go | 15:55 |
mnasiadka | #action yoctozepto hide properly init-runonce | 15:56 |
mnasiadka | (whatever that means) | 15:56 |
adrian-a | So should I leave pip install python-openstackclient + maybe add a note this installs the latest stable client and some example pip commands with git URL and tags for other releases? | 15:56 |
yoctozepto | lol | 15:56 |
adrian-a | *in docs (leave) | 15:56 |
yoctozepto | adrian-a: see mgoddard's message about -c | 15:56 |
EugenMayer | mnasiadka since i really automated a lot of this in the last 3 weeks. I find installing the client is entirely mandatory since openstack is useless with GUI only. init-runonce i ack that it is just not the right thing and instead of running it (what i did in the start) i did something like | 15:56 |
EugenMayer | https://github.com/EugenMayer/openstack-lab/blob/stable/ovn/README.setup.md | 15:56 |
mnasiadka | leave in docs, add upper constraints | 15:56 |
adrian-a | yoctozepto: I haven't found a '-c' flag in pip, not sure what that does | 15:56 |
yoctozepto | adrian-a: constrains versions | 15:57 |
yoctozepto | it will do the right thing (TM) | 15:57 |
adrian-a | and it's not documented? haven't found it, e.g. https://manpages.debian.org/stretch/python-pip/pip.1 | 15:57 |
mgoddard | yoctozepto: kayobe uses init-runonce, so at a minimum please add a symlink to avoid breaking us | 15:57 |
mnasiadka | EugenMayer: sure, but it depends on users environment - we can fix the example in docs how to install the openstack client - but I don't think we should be automating that in post-deploy | 15:57 |
yoctozepto | mgoddard: oh my, you mean in CI, right? | 15:58 |
yoctozepto | RIGHT?! :D | 15:58 |
EugenMayer | mnasiadka: i would say, that installing the openstack client,when using kolla, on the deployer is an key concept. It cannot be really optional IMHO | 15:58 |
mgoddard | yoctozepto: well, testing, yes | 15:58 |
yoctozepto | mgoddard: ok | 15:58 |
mnasiadka | EugenMayer: but we can't cover all cases, and sometimes you don't use the deployment host as the client host, I still prefer docs :) | 15:58 |
mnasiadka | ok then, I think it's enough for today | 15:59 |
yoctozepto | EugenMayer: it can, the deployment machine might not ever be used as the client | 15:59 |
mnasiadka | Thanks for attending! | 15:59 |
yoctozepto | ;-) | 15:59 |
mnasiadka | #endmeeting | 15:59 |
opendevmeet | Meeting ended Wed Nov 3 15:59:19 2021 UTC. Information about MeetBot at http://wiki.debian.org/MeetBot . (v 0.1.4) | 15:59 |
opendevmeet | Minutes: https://meetings.opendev.org/meetings/kolla/2021/kolla.2021-11-03-15.00.html | 15:59 |
opendevmeet | Minutes (text): https://meetings.opendev.org/meetings/kolla/2021/kolla.2021-11-03-15.00.txt | 15:59 |
opendevmeet | Log: https://meetings.opendev.org/meetings/kolla/2021/kolla.2021-11-03-15.00.log.html | 15:59 |
yoctozepto | thanks mnasiadka for chairing | 15:59 |
yoctozepto | :-) | 15:59 |
yoctozepto | enough of kolla! | 15:59 |
* yoctozepto off | 15:59 | |
EugenMayer | mnasiadka: i started with kolla about 2 or 2.5 weeks, so i'am a newcomer by defintion. My experience with the quickstart guide was fairly nice. In terms that it had it all lined up. There were a couple of mistakes but all over - it was a full sequential guide which really showed me a lot. | 16:00 |
EugenMayer | So i'am full all in for the docs for sure, but the docs should have a 'best practice optionion' when it is called a quickstart guide | 16:00 |
adrian-a | EugenMayer, what mistakes? | 16:00 |
EugenMayer | if you are a veteran, you will pick what you need anyway (and maybe not read the quickstarter at all) | 16:01 |
adrian-a | (besides latest kolla-ansible currently having a command to install ver. 9 now :P) | 16:01 |
hrw | forgot that meeting is hour earlier now... | 16:01 |
EugenMayer | adrian-a some frickler has already fixed (pip3 vs pip on pyenv installation), some are still inside (missing -i a couple of times, makes you entire miss the inventory and the commands will start doing strange things) | 16:02 |
adrian-a | hrw, yeah new winter time here too :-) | 16:02 |
EugenMayer | adrian-a the current docs aree not fit to install wallaby e.g., they are xena only. But the way the docs are written, you cannot install xena. One of the hazzles for starters | 16:03 |
adrian-a | you're talking about this, right? https://docs.openstack.org/kolla-ansible/latest/user/quickstart.html | 16:03 |
EugenMayer | so the cli interface used is xena only, but using `pip install kolla` will install the stable (wallaby) and that will not work | 16:03 |
EugenMayer | adrian-a absolute that one (i really liked it) | 16:03 |
adrian-a | yeah, will update it with pip install from git url with tags like @master or stabe/wallaby | 16:04 |
adrian-a | it's on the way https://review.opendev.org/c/openstack/kolla-ansible/+/816076 | 16:04 |
EugenMayer | the problem with all that is, that is easy as pie for anybody here, since it becomes obvious if you used kolla a couple of times | 16:04 |
EugenMayer | but for starters those things kind of are bigger then they seem | 16:05 |
EugenMayer | great! I found the quickstart guide one of the docs that gave me the most in the beginning. They are really worth any word and we should polish and cherrish them | 16:06 |
EugenMayer | who ever worked on them - i thank you :) | 16:06 |
adrian-a | yes, it's good, I'm just doing some polishing to not scare newcomers :) | 16:07 |
adrian-a | ok, then, have a great evening / day; see you | 16:07 |
*** amoralej is now known as amoralej|off | 16:17 | |
EugenMayer | nice. Deployting TLS after one has deployed it without just works. Nice work! | 17:09 |
EugenMayer | any way to easily have an redreict from controller.fqdn:80 to :443 out of the box (just pure luxury) | 17:10 |
EugenMayer | is it possible to change all the passwords of a kolla deployment? | 17:46 |
EugenMayer | seen https://bugs.launchpad.net/kolla-ansible/+bug/1793323 not sure it is the current way of doing this | 17:48 |
EugenMayer | not sure this could be used https://bugs.launchpad.net/kolla-ansible/+bug/1793323 | 17:49 |
mnasiadka | Ussuri getting EM, probably we should check Ussuri branch for patches and transition to ussuri-em | 18:17 |
EugenMayer | EM? extended maintenance? | 18:33 |
EugenMayer | mnasiadka is it allowed to regenerate the passwords and run reconfigure or deploy to apply those? | 18:34 |
EugenMayer | or will that render the cluster brroken? | 18:34 |
EugenMayer | (since the users have been created already and changing the passwords is something else | 18:34 |
dmsimard | FYI, upstream EOL of ansible 2.9 and ansible-base 2.10 have been announced: https://groups.google.com/g/ansible-announce/c/kegIH5_okmg/ | 19:04 |
opendevreview | Adrian Andreias proposed openstack/kolla-ansible master: docs: Get release name dynamically https://review.opendev.org/c/openstack/kolla-ansible/+/816582 | 21:15 |
opendevreview | Adrian Andreias proposed openstack/kolla-ansible master: docs: Get release name dynamically https://review.opendev.org/c/openstack/kolla-ansible/+/816582 | 21:35 |
Generated by irclog2html.py 2.17.2 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!