Thursday, 2017-08-31

« Wednesday, 2017-08-30 Index Friday, 2017-09-01 »
*** salv-orlando has joined #openstack-kuryr00:22
*** yuanying has joined #openstack-kuryr01:00
*** yuanying_ has quit IRC01:04
*** yuanying_ has joined #openstack-kuryr01:04
*** yuanying has quit IRC01:05
*** caowei has joined #openstack-kuryr01:37
*** hongbin has joined #openstack-kuryr01:50
*** yuanying_ has quit IRC02:01
*** yuanying has joined #openstack-kuryr02:04
*** wangbo has joined #openstack-kuryr02:11
*** kiennt has joined #openstack-kuryr02:20
*** wangbo has quit IRC02:41
*** wangbo has joined #openstack-kuryr02:44
*** wangbo has quit IRC03:10
*** wangbo has joined #openstack-kuryr03:15
*** gouthamr has quit IRC03:49
*** janki has joined #openstack-kuryr04:10
*** hongbin has quit IRC04:11
*** wangbo has quit IRC04:21
*** salv-orlando has quit IRC04:37
*** caowei has quit IRC04:57
*** wangbo has joined #openstack-kuryr04:57
*** salv-orlando has joined #openstack-kuryr05:09
*** aojea has joined #openstack-kuryr05:16
*** caowei has joined #openstack-kuryr05:37
*** aojea has quit IRC05:41
openstackgerrit张东杰 proposed openstack/kuryr-kubernetes master: Configure kuryr-cni:"bindir = /path/to/env/libexec/kuryr",route description is not suitable;"bindir = {path_to_env}/libexec/kuryr" is suitable in "Configure kuryr-k8s-controller"  https://review.openstack.org/49946105:46
*** aojea has joined #openstack-kuryr05:50
openstackgerrit张东杰 proposed openstack/kuryr-kubernetes master: Configure kuryr-cni:"bindir = /path/to/env/libexec/kuryr",route description is not suitable;"bindir = {path_to_env}/libexec/kuryr" is suitable in "Configure kuryr-k8s-controller"  https://review.openstack.org/49946106:01
*** aojea has quit IRC06:07
*** aojea has joined #openstack-kuryr06:07
*** aojea has quit IRC06:12
*** pcaruana has joined #openstack-kuryr06:22
openstackgerrit张东杰 proposed openstack/kuryr-kubernetes master: "Install kuryr-cni a virtualenv"->"Install kuryr-cni in a virtualenv"  https://review.openstack.org/49947206:41
*** yboaron has joined #openstack-kuryr06:42
openstackgerrit张东杰 proposed openstack/kuryr-kubernetes master: "Install kuryr-cni a virtualenv"->"Install kuryr-cni in a virtualenv"  https://review.openstack.org/49947206:42
*** livelace has joined #openstack-kuryr06:45
openstackgerrit张东杰 proposed openstack/kuryr-kubernetes master: "Install kuryr-cni a virtualenv"->"Install kuryr-cni in a virtualenv"  https://review.openstack.org/49947206:47
ltomasbohi apuimedo07:09
ltomasboI've checked how octavia l2 handles the traffic towards the loadbalancer07:10
ltomasboand a new security group is created for each lbaas07:10
ltomasboso, I think the addition needs to be done on code, rather than devstack07:11
ltomasboany thoughts?07:16
*** aojea has joined #openstack-kuryr07:21
*** vikasc has quit IRC07:26
*** vikasc has joined #openstack-kuryr07:39
*** egonzalez has joined #openstack-kuryr07:45
openstackgerritKien Nguyen proposed openstack/kuryr-libnetwork master: [WIP] Support specifying existing subnet uuid/name  https://review.openstack.org/49949307:54
apuimedoltomasbo: I think it is weird08:10
apuimedoxD08:10
ltomasboapuimedo, so, any other (better) solution in mind?08:12
apuimedoltomasbo: you mean that you need to create a rule in the SG of the octavia port?08:13
apuimedocause if that is the case, it is very strange indeed08:13
ltomasboI meant that, when you expose a service08:14
ltomasboa new amphora is created08:14
ltomasboand the port in the k8s-service-net has a newly created (by octavia) security group08:15
ltomasboso that happen at run time and not while deploying the environment08:15
*** openstackgerrit has quit IRC08:17
apuimedoand which rule do you need to add?08:29
ltomasboapuimedo, that is what I'm checking08:35
ltomasboI'm digging08:36
ltomasboI see the amphora VM has 3 connection, and the one in the k8s-service-subnet is the vrrp one08:36
ltomasbothen, the lbaas port (also in k8s-service-subnet) also has the same security group, the newly created08:36
ltomasbolb-XXXX08:37
ltomasboso, I'm assuming I need to add a rule to that one allowing traffic from k8s-pod-subnet08:37
*** vikasc has quit IRC08:37
ltomasboapuimedo, this is what this sg includes: http://paste.openstack.org/show/619990/08:39
apuimedoltomasbo: what I'm saying is, try to create the rule manually, see if you get it to work08:40
apuimedothen report which rule (and to which group) fixed it08:40
ltomasbook08:40
ltomasboI'll find the solution, and then we discuss how/where to add it08:40
ltomasbomy point was that most probably we need to do it in code, rather than devstack as it is being created at service exposing time08:41
apuimedodepends on where it falls08:42
ltomasboyep08:42
ltomasbomy concern is that port 80 is already included, not sure why it is not working08:42
ltomasboI'll dig a big more...08:42
*** garyloug has joined #openstack-kuryr08:49
apuimedo:-)08:50
apuimedoltomasbo: you're starting to see why I excluded L208:50
apuimedoI just couldn't figure it out in a day08:50
ltomasboyep08:51
apuimedogot mad and rage quit08:51
ltomasboyesterday I was thinking, this was soo easy08:51
ltomasbohow come apuimedo didn't included both directly08:51
ltomasbonow I see why08:51
ltomasboI added ping, ssh and port 80, and still no connectivity... tcpdump to the rescue...08:51
apuimedoltomasbo: ovs firewall or hybrid?08:52
ltomasboit is the default one, so hybrid08:53
ltomasbomaybe I should change to firewall08:53
apuimedoltomasbo: what I meant to say is08:54
apuimedoyou can try to flush the iptables08:54
apuimedoand see if it works08:54
apuimedo:P08:54
ltomasboI see ping from container to the amphora VM arrives to the amphora tap on k8s-service-subnet08:55
ltomasboso, it should not be iptables (at least not on the server, perhaps inside the VM)08:55
ltomasboapuimedo, icmp request reaches amphora VM tap device, but not the amphora-haproxy namespace inside the amphoraVM09:04
ltomasboapuimedo, wait, it does reach the namespace! http://paste.openstack.org/show/620003/09:07
apuimedoltomasbo: ain't it nice how tcpdump in the namespace is somehow delayed?09:17
ltomasboyep, I would like to have live output instead of having to stop it09:19
apuimedoxD09:23
ltomasboapuimedo, and iptables in the namespace are empty, I wonder why this is not working...09:23
apuimedoit's retarded09:23
apuimedoI wonder what causes it09:23
apuimedo(the delay)09:23
ltomasbono idea09:31
*** vikasc has joined #openstack-kuryr09:50
*** wangbo has quit IRC09:52
*** wangbo has joined #openstack-kuryr10:02
*** wangbo has quit IRC10:25
*** wangbo has joined #openstack-kuryr10:58
*** wangbo has quit IRC10:59
*** salv-orlando has quit IRC11:00
*** wangbo has joined #openstack-kuryr11:01
*** salv-orlando has joined #openstack-kuryr11:36
*** garyloug has quit IRC11:39
*** aojea has quit IRC11:56
apuimedoltomasbo: any advance on octavia l2?12:06
*** kiennt has quit IRC12:14
*** garyloug has joined #openstack-kuryr12:20
*** yboaron_ has joined #openstack-kuryr12:29
*** yboaron has quit IRC12:32
ltomasbono, I did not find the reason for traffic dropping12:33
*** wangbo has quit IRC12:46
apuimedoltomasbo: nmagnezi neither?12:46
ltomasboI think I didn't explain myself enough, and he only checked what is was working (qrouter namespace to service, not pod to service)12:47
*** wangbo has joined #openstack-kuryr12:48
apuimedo:-)12:52
*** yboaron_ has quit IRC12:52
apuimedoltomasbo: I call this the curse of the reference implementaiton12:52
apuimedoyou all like it a bit too much to go to the qrouter namespace12:52
ltomasbo:D12:53
*** yboaron_ has joined #openstack-kuryr12:53
*** salv-orlando has quit IRC12:54
*** wangbo has quit IRC12:57
*** gouthamr has joined #openstack-kuryr13:18
*** salv-orlando has joined #openstack-kuryr13:33
*** garyloug has quit IRC13:40
*** yboaron_ has quit IRC13:52
*** vikasc has quit IRC14:05
*** hongbin has joined #openstack-kuryr14:07
*** garyloug has joined #openstack-kuryr14:37
*** janki has quit IRC14:55
*** salv-orlando has quit IRC15:08
*** salv-orlando has joined #openstack-kuryr15:21
*** pcaruana has quit IRC15:32
*** vikasc has joined #openstack-kuryr15:32
*** salv-orlando has quit IRC15:35
*** vikasc has quit IRC15:50
*** egonzalez has quit IRC16:02
*** salv-orlando has joined #openstack-kuryr16:36
*** garyloug has quit IRC16:40
*** salv-orlando has quit IRC16:41
*** aojea has joined #openstack-kuryr17:07
*** aojea has quit IRC17:10
*** aojea has joined #openstack-kuryr17:10
*** aojea has quit IRC17:19
*** aojea has joined #openstack-kuryr17:20
*** aojea has quit IRC17:24
*** salv-orlando has joined #openstack-kuryr17:37
*** salv-orlando has quit IRC17:41
*** livelace has quit IRC18:24
*** salv-orlando has joined #openstack-kuryr18:38
*** salv-orlando has quit IRC18:43
*** salv-orlando has joined #openstack-kuryr19:39
*** salv-orlando has quit IRC19:43
*** egonzalez has joined #openstack-kuryr19:54
*** salv-orlando has joined #openstack-kuryr20:39
*** salv-orlando has quit IRC20:45
*** egonzalez has quit IRC21:38
*** salv-orlando has joined #openstack-kuryr21:40
*** salv-orlando has quit IRC21:45
*** openstackgerrit has joined #openstack-kuryr22:07
openstackgerritHongbin Lu proposed openstack/kuryr-libnetwork master: [WIP] Make capability_scope configurable in devstack  https://review.openstack.org/49982722:07
*** gouthamr has quit IRC22:08
*** aojea has joined #openstack-kuryr22:20
*** aojea has quit IRC22:25
*** salv-orlando has joined #openstack-kuryr22:29
*** aojea has joined #openstack-kuryr22:37
*** jgriffith has quit IRC22:43
*** jgriffith has joined #openstack-kuryr22:44
openstackgerritHongbin Lu proposed openstack/kuryr-libnetwork master: Change config file directory in gate  https://review.openstack.org/49984422:47
*** aojea has quit IRC22:58
*** aojea has joined #openstack-kuryr22:58
*** vikasc has joined #openstack-kuryr22:59
*** salv-orlando has quit IRC23:01
*** salv-orlando has joined #openstack-kuryr23:02
*** aojea has quit IRC23:03
*** salv-orlando has quit IRC23:06
*** salv-orlando has joined #openstack-kuryr23:06
*** hongbin has quit IRC23:22
*** salv-orlando has quit IRC23:23
*** salv-orlando has joined #openstack-kuryr23:23
*** salv-orlando has quit IRC23:28
*** yamamoto_ has joined #openstack-kuryr23:31
*** yamamoto_ has quit IRC23:31
*** yamamot__ has joined #openstack-kuryr23:31
*** salv-orlando has joined #openstack-kuryr23:47
« Wednesday, 2017-08-30 Index Friday, 2017-09-01 »

Generated by irclog2html.py 2.15.3 by Marius Gedminas - find it at mg.pov.lt!