Monday, 2024-03-04

« Sunday, 2024-03-03 Index Tuesday, 2024-03-05 »
opendevreviewIvan Halomi proposed openstack/kolla-ansible master: Refactor of docker worker  https://review.opendev.org/c/openstack/kolla-ansible/+/90829508:01
opendevreviewMichal Nasiadka proposed openstack/kolla master: WIP: Fix arm builds  https://review.opendev.org/c/openstack/kolla/+/90991508:49
opendevreviewWill Szumski proposed openstack/kayobe master: WIP: Add podman support  https://review.opendev.org/c/openstack/kayobe/+/90968609:35
opendevreviewMichal Nasiadka proposed openstack/kolla master: WIP: Fix arm builds  https://review.opendev.org/c/openstack/kolla/+/90991509:44
opendevreviewMerged openstack/kolla-ansible stable/2023.2: Fix gnocchi-metricd when TLS and Swift enabled  https://review.opendev.org/c/openstack/kolla-ansible/+/90955610:32
opendevreviewMerged openstack/kolla-ansible stable/zed: Fix gnocchi-metricd when TLS and Swift enabled  https://review.opendev.org/c/openstack/kolla-ansible/+/90955810:32
opendevreviewMerged openstack/kolla-ansible stable/2023.1: Fix gnocchi-metricd when TLS and Swift enabled  https://review.opendev.org/c/openstack/kolla-ansible/+/90955710:32
opendevreviewIvan Halomi proposed openstack/kolla-ansible master: Refactor of docker worker  https://review.opendev.org/c/openstack/kolla-ansible/+/90829511:25
opendevreviewMartin Hiner proposed openstack/kolla-ansible master: Add container engine migration scenario  https://review.opendev.org/c/openstack/kolla-ansible/+/83694112:40
opendevreviewMichal Nasiadka proposed openstack/kolla master: WIP: Fix arm builds  https://review.opendev.org/c/openstack/kolla/+/90991512:42
opendevreviewMichal Arbet proposed openstack/kolla-ansible master: Refactor external ceph  https://review.opendev.org/c/openstack/kolla-ansible/+/90716612:51
kevkomnasiadka bbezak I added you to my ceph refactor review ..could you please then check ? 12:54
mnasiadkawill try, but this week might be complicated12:55
opendevreviewMichal Nasiadka proposed openstack/kolla master: WIP: Fix arm builds  https://review.opendev.org/c/openstack/kolla/+/90991512:57
jovialAnyone have any idea why a container would stay in the created state when using podman (seem to hit this with bifrost on ubuntu)? See: https://zuul.opendev.org/t/openstack/build/f6c36340679345ab9d8597d7d7aa0c24/log/primary/ansible/seed-deploy#14265-1431012:58
mnasiadkaUbuntu? Old Podman?12:59
mnasiadkayeah, I see it's ubuntu12:59
jovialI also see this: https://zuul.opendev.org/t/openstack/build/f6c36340679345ab9d8597d7d7aa0c24/log/primary/system_logs/podman-info.txt#10512:59
jovialSeemed to work for the overcloud job :(13:00
fricklerjovial: https://storage.gra.cloud.ovh.net/v1/AUTH_dcaab5e32b234d56b626f72581e3644c/zuul_opendev_logs_f6c/909686/20/check/kayobe-seed-ubuntu-jammy-podman/f6c3634/primary/podman_logs/bifrost_deploy.txt ?13:00
mnasiadkapodman                                3.4.4+ds1-1ubuntu1.22.04.213:01
mnasiadkaah, invalid syntax13:01
mnasiadkawould make sense13:01
jovialfrickler, Ooh, nice find, thanks. I also meant to thank you for the ret: -13 ansible.cfg tweaks. 13:01
greatgatsbyGood day.  I'm wondering if there's a nice solution for the certificate bundle used by requests within the venv in kolla images?  Currently we're using the extra volumes to inject our own kolla_copy_cacerts file that also appends our certs into venv bundle, but we're hoping there's a more elegant solution.  Is there a nice way to set REQUESTS_CA_BUNDLE for all containers?  Maybe we're doing 13:06
greatgatsbysomething wrong entirely.13:06
jovialgreatgatsby, Does kolla_copy_ca_into_containers do what you need?13:07
greatgatsbyjovial: kolla_copy_cacerts does not copy the certs into the venv, only the system cert bundle, but certifi.where() within the venv points to the venv cacert.pem, so any requests calls from the venv will fail with invalid cert.  13:10
jovialOuch, I forgot that requests doesn't use the system trust store.13:12
mnasiadkagreatgatsby: which container needs to connect somewhere outside with certs?13:13
greatgatsbyyeah we're hoping we're just missing something obvious.  It's not a huge deal to use a custom volume, but we can't be the only ones having this issue.  I think the REQUESTS_CA_BUNDLE would be cleaner, but I can't find a way to set an env var globally for all containers (like we can with volumes)13:13
greatgatsbymnasiadka: I'll have to double-check, it was so long that we had to implement this, but we were definitely having SSL validation failures.  Possibly with our pure storage backend?  I'll double-check when the rest of the team gets online13:14
* greatgatsby goes to see if he can find the ticket13:15
opendevreviewWill Szumski proposed openstack/kayobe master: Vagrant: Add support for ubuntu  https://review.opendev.org/c/openstack/kayobe/+/91089913:19
opendevreviewWill Szumski proposed openstack/kayobe master: WIP: Add podman support  https://review.opendev.org/c/openstack/kayobe/+/90968613:23
opendevreviewRoman Krček proposed openstack/kolla-ansible master: Update cell0 database connection  https://review.opendev.org/c/openstack/kolla-ansible/+/91092413:48
kevkomnasiadka: thanks14:08
greatgatsbystill hunting down that ticket.  FWIW, we have kolla_enable_tls for internal, external, and backend14:32
greatgatsbyit could also be keystone doing LDAPS queries.  I can't seem to find the specifics, but we definitely needed to do this to resolve SSL verification issues.  14:40
opendevreviewMerged openstack/kayobe master: Skip buggy release of docker PyPI package  https://review.opendev.org/c/openstack/kayobe/+/90991314:55
opendevreviewMartin Hiner proposed openstack/kolla-ansible master: Add container engine migration scenario  https://review.opendev.org/c/openstack/kolla-ansible/+/83694115:04
opendevreviewRoman Krček proposed openstack/kolla-ansible master: Update cell0 database connection  https://review.opendev.org/c/openstack/kolla-ansible/+/91092415:28
jovialJust to follow up on my podman on ubuntu issue. I found: "Error: OCI runtime error: unable to start container 94f34a7a2ad74969ea4a8330637ab28338134161fae268cfc0df48b5c516918f: chmod `run/shm`: Operation not supported" in syslog. Looks like a known issue with crun: https://noobient.com/2023/11/15/fixing-ubuntu-containers-failing-to-start-with-systemd/15:59
mnasiadkajovial: mhiner / ihalomi might have some pointers, they did the initial kolla-ansible implementation - do you want to tell me bifrost does not work on podman in k-a? ;-)16:02
jovialAnnoyingly its working for me locally, so I'm wondering if there is kernel / crun version difference16:04
opendevreviewUwe Jäger proposed openstack/kolla-ansible master: Skyline configure Prometheus  https://review.opendev.org/c/openstack/kolla-ansible/+/91051416:40
opendevreviewWill Szumski proposed openstack/kayobe master: WIP: Add podman support  https://review.opendev.org/c/openstack/kayobe/+/90968616:54
opendevreviewWill Szumski proposed openstack/kayobe master: WIP: Add podman support  https://review.opendev.org/c/openstack/kayobe/+/90968617:14
SvenKieskecan anybody who has been longer around educate me about the original reason for "kolla_toolbox"? the use case is to avoid ansible modules being installed in different containers I guess? or is there more to it?18:11
mnaseri'm playing around with the kolla image build process and it seems that it doesnt do something like multi-staged builds, so it is leaving a lot of 'stuff' around, such as build-essential, gcc, etc .. has there been effort/ideas in cleaning that up somehow with multistage?20:47
simondodsleyCan I get reviews for https://review.opendev.org/c/openstack/kolla-ansible/+/879844 please?21:24
simondodsleyand https://review.opendev.org/c/openstack/kolla-ansible/+/87984621:25
« Sunday, 2024-03-03 Index Tuesday, 2024-03-05 »

Generated by irclog2html.py 2.17.3 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!