| *** zzzeek has quit IRC | 00:04 | |
| *** zzzeek has joined #openstack-lbaas | 00:05 | |
| *** yamamoto has joined #openstack-lbaas | 00:37 | |
| *** sapd1 has joined #openstack-lbaas | 00:53 | |
| *** sapd1 has quit IRC | 01:01 | |
| *** sapd1 has joined #openstack-lbaas | 01:02 | |
| *** spatel has joined #openstack-lbaas | 01:28 | |
| *** spatel has quit IRC | 01:28 | |
| *** sapd1 has quit IRC | 01:42 | |
| *** sapd1 has joined #openstack-lbaas | 01:47 | |
| *** rcernin has quit IRC | 02:21 | |
| *** rcernin has joined #openstack-lbaas | 02:36 | |
| *** yamamoto has quit IRC | 02:38 | |
| *** yamamoto has joined #openstack-lbaas | 02:39 | |
| *** rcernin has quit IRC | 02:45 | |
| *** rcernin has joined #openstack-lbaas | 02:45 | |
| *** yamamoto has quit IRC | 03:07 | |
| *** yamamoto_ has joined #openstack-lbaas | 03:07 | |
| *** rcernin has quit IRC | 04:00 | |
| *** rcernin has joined #openstack-lbaas | 04:02 | |
| *** vishalmanchanda has joined #openstack-lbaas | 04:14 | |
| *** rcernin has quit IRC | 04:27 | |
| *** rcernin has joined #openstack-lbaas | 04:35 | |
| *** sapd1 has quit IRC | 05:32 | |
| *** yamamoto_ has quit IRC | 05:33 | |
| *** yamamoto has joined #openstack-lbaas | 05:36 | |
| *** gcheresh has joined #openstack-lbaas | 06:38 | |
| *** gmann has quit IRC | 06:45 | |
| *** gmann has joined #openstack-lbaas | 06:46 | |
| *** ccamposr__ has joined #openstack-lbaas | 07:08 | |
| *** sapd1 has joined #openstack-lbaas | 07:09 | |
| *** ccamposr has quit IRC | 07:10 | |
| *** rcernin has quit IRC | 07:25 | |
| openstackgerrit | Merged openstack/python-octaviaclient master: Add ALPN support for pools https://review.opendev.org/c/openstack/python-octaviaclient/+/752096 | 07:58 |
|---|---|---|
| *** rcernin has joined #openstack-lbaas | 08:07 | |
| *** rpittau|afk is now known as rpittau | 08:11 | |
| *** rcernin has quit IRC | 08:24 | |
| *** rcernin has joined #openstack-lbaas | 08:26 | |
| *** rcernin has quit IRC | 08:31 | |
| *** rcernin has joined #openstack-lbaas | 08:37 | |
| *** rcernin has quit IRC | 09:27 | |
| openstackgerrit | Merged openstack/python-octaviaclient master: Add support for PROXYV2 protocol https://review.opendev.org/c/openstack/python-octaviaclient/+/756936 | 09:36 |
| *** rcernin has joined #openstack-lbaas | 09:39 | |
| *** rcernin has quit IRC | 10:06 | |
| *** sshnaidm|off is now known as sshnaidm|ruck | 10:35 | |
| *** sapd1 has quit IRC | 11:04 | |
| *** rcernin has joined #openstack-lbaas | 11:16 | |
| *** sapd1 has joined #openstack-lbaas | 11:17 | |
| *** sapd1 has quit IRC | 11:25 | |
| *** sapd1 has joined #openstack-lbaas | 11:39 | |
| *** sapd1 has quit IRC | 11:55 | |
| *** yamamoto has quit IRC | 12:16 | |
| *** ilush has joined #openstack-lbaas | 12:22 | |
| *** rcernin has quit IRC | 12:33 | |
| *** sapd1 has joined #openstack-lbaas | 12:40 | |
| *** yamamoto has joined #openstack-lbaas | 12:44 | |
| *** rcernin has joined #openstack-lbaas | 12:47 | |
| *** yamamoto has quit IRC | 13:23 | |
| *** rcernin has quit IRC | 13:38 | |
| *** yamamoto has joined #openstack-lbaas | 13:54 | |
| *** yamamoto has quit IRC | 14:05 | |
| *** ilush has quit IRC | 15:16 | |
| *** malymuwme has joined #openstack-lbaas | 15:30 | |
| *** malymuwme has quit IRC | 16:27 | |
| johnsom | rm_work Taskflow fix is merged, plan is to release this week. | 16:28 |
| rm_work | nice | 16:28 |
| rm_work | BTW my sleep schedule is flipped so I'll make the meeting this week hopefully :D | 16:29 |
| johnsom | Nice | 16:29 |
| johnsom | Darn, that probably means I can't slack on the bug review meeting before it now. You will be doing the agenda prep. | 16:30 |
| johnsom | grin | 16:30 |
| *** vishalmanchanda has quit IRC | 16:32 | |
| rm_work | lol | 16:32 |
| rm_work | cgoncalves: so we're moving away from having a driver/plugin for UDP handling and cementing in LVS? then reusing it for other types? https://review.opendev.org/c/openstack/octavia/+/753247 | 16:46 |
| johnsom | If I remember right, the conversation went along the lines of hanging a driver inside a driver is of little value at the moment. The abstraction is at the amphora API, so whatever is implemented behind that is up to the amphora implementation. | 16:48 |
| *** sapd1 has quit IRC | 16:48 | |
| johnsom | But I will let Carlos/Greg also chime in | 16:48 |
| rm_work | k, guess I'm fine with that then | 16:49 |
| rm_work | i halted my review because I wasn't sure if that's really what we wanted | 16:49 |
| rm_work | but I think I see the argument | 16:49 |
| rm_work | complexity probably isn't worth it considering I can't even think of a viable alternative at the moment :D | 16:49 |
| johnsom | Yeah, HAProxy is coming, but ... Slowly | 16:50 |
| cgoncalves | the proposed SCTP code was originally mixed with the UDP driver so I was of the opinion to s/UDP/LVS the driver | 16:50 |
| johnsom | Yeah | 16:51 |
| cgoncalves | such approach has its trade-offs, I know | 16:51 |
| rm_work | yeah, i think it's ... fine | 16:51 |
| rm_work | we can leave it as the "Lvs" driver, and swap UDP off LVS to HAProxy if we want | 16:52 |
| cgoncalves | I'm happy to discuss more, I can be easily convinced/manipulated :D | 16:52 |
| rm_work | but I think likely generic UDP will stay LVS and any UDP handled by HAProxy will be application-specific, from what I can tell | 16:52 |
| rm_work | was doing a bit of reading over the weekend | 16:52 |
| rm_work | Willy seemed very against doing generic UDP :P | 16:53 |
| rm_work | I don't know for sure but the points he and others raised made some sense | 16:53 |
| johnsom | Yeah, Willy is pretty heavy on the by-protocol approach, which I agree with. | 16:54 |
| rm_work | 5 day | 16:54 |
| rm_work | err | 16:54 |
| rm_work | wrong window | 16:54 |
| rm_work | do you understand wtf is breaking here? https://zuul.opendev.org/t/openstack/build/e41109f82f474e1faff674415d7e68ce/log/controller/logs/devstacklog.txt | 17:01 |
| rm_work | that's from the scenario gate on https://review.opendev.org/c/openstack/octavia/+/752864 | 17:01 |
| rm_work | stable/train | 17:01 |
| rm_work | it seems like ... it looks for the ssh key, it isn't there, so it makes it? and then breaks | 17:01 |
| rm_work | weirdness | 17:01 |
| haleyb | rm_work: that's failing in DIB | 17:02 |
| haleyb | https://4b0f853d1681e8f27e36-70474520a2e562b88d6ff63e0bb37737.ssl.cf1.rackcdn.com/752864/1/gate/octavia-v2-dsvm-scenario/e41109f/controller/logs/dib-build/amphora-x64-haproxy.qcow2_log.txt | 17:02 |
| haleyb | search for the last ERROR | 17:02 |
| haleyb | https://review.opendev.org/c/openstack/diskimage-builder/+/772254 is the answer | 17:03 |
| rm_work | ah for that too? | 17:03 |
| haleyb | stein and train are at least affected | 17:03 |
| rm_work | and victoria? | 17:04 |
| rm_work | per your comment in https://review.opendev.org/c/openstack/octavia/+/770476 | 17:04 |
| haleyb | i don't think so, only py2 | 17:04 |
| *** vishalmanchanda has joined #openstack-lbaas | 17:05 | |
| rm_work | you commented "Failing in DIB", it's a different cause then? | 17:05 |
| haleyb | rm_work: maybe ussuri too, because grenade does the -1 release | 17:06 |
| rm_work | oh, right. well that'd do it | 17:06 |
| haleyb | yup, same SyntaxError :( | 17:06 |
| haleyb | which explains why https://review.opendev.org/c/openstack/octavia-tempest-plugin/+/771888 is red on ussuri/train/stein | 17:07 |
| haleyb | and there is no victoria job (yet) | 17:07 |
| haleyb | the gate is unrelenting in its ability to create failures | 17:08 |
| rm_work | yes | 17:10 |
| rm_work | i played this game for years :D | 17:10 |
| haleyb | you're still in the matrix | 17:10 |
| *** rpittau is now known as rpittau|afk | 17:21 | |
| openstackgerrit | Gregory Thiemonge proposed openstack/octavia master: Small fix in loadbalancer POST api-ref https://review.opendev.org/c/openstack/octavia/+/773460 | 18:01 |
| *** yamamoto has joined #openstack-lbaas | 18:02 | |
| *** yamamoto has quit IRC | 18:07 | |
| *** rm_work has quit IRC | 18:10 | |
| *** rm_work has joined #openstack-lbaas | 18:22 | |
| *** rm_work has quit IRC | 18:22 | |
| *** rm_work has joined #openstack-lbaas | 18:23 | |
| *** rm_work has quit IRC | 18:23 | |
| *** rm_work has joined #openstack-lbaas | 18:25 | |
| *** rm_work has quit IRC | 18:25 | |
| *** rm_work has joined #openstack-lbaas | 18:25 | |
| *** rm_work has quit IRC | 18:26 | |
| *** rm_work has joined #openstack-lbaas | 18:27 | |
| *** rm_work has quit IRC | 18:27 | |
| *** rm_work has joined #openstack-lbaas | 18:28 | |
| *** rm_work has quit IRC | 18:28 | |
| *** rm_work has joined #openstack-lbaas | 18:32 | |
| *** rm_work has quit IRC | 18:32 | |
| *** rm_work has joined #openstack-lbaas | 18:39 | |
| *** rm_work has quit IRC | 18:39 | |
| *** rm_work has joined #openstack-lbaas | 18:50 | |
| *** rm_work has quit IRC | 18:50 | |
| *** rm_work has joined #openstack-lbaas | 18:53 | |
| *** rm_work has quit IRC | 18:54 | |
| *** gcheresh has quit IRC | 18:54 | |
| openstackgerrit | Ghanshyam proposed openstack/octavia master: [goal] Deprecate the JSON formatted policy file https://review.opendev.org/c/openstack/octavia/+/764578 | 18:55 |
| *** rm_work has joined #openstack-lbaas | 19:00 | |
| *** rm_work has quit IRC | 19:01 | |
| *** rm_work has joined #openstack-lbaas | 19:04 | |
| *** rm_work has quit IRC | 19:04 | |
| *** gcheresh has joined #openstack-lbaas | 19:10 | |
| *** rm_work has joined #openstack-lbaas | 19:15 | |
| *** rm_work has quit IRC | 19:15 | |
| *** rm_work has joined #openstack-lbaas | 19:22 | |
| *** rm_work has quit IRC | 19:22 | |
| cgoncalves | hmm, ^ this looks familiar... https://review.opendev.org/c/openstack/octavia/+/732453 | 19:34 |
| johnsom | Yeah, I said the same. See the comments on the new patch | 19:35 |
| *** rm_work has joined #openstack-lbaas | 19:47 | |
| *** rm_work has quit IRC | 19:48 | |
| *** jrosser_ has joined #openstack-lbaas | 20:18 | |
| *** guilhermesp__ has joined #openstack-lbaas | 20:18 | |
| *** fyx_ has joined #openstack-lbaas | 20:18 | |
| *** rm_work has joined #openstack-lbaas | 20:23 | |
| *** andy__ has joined #openstack-lbaas | 20:23 | |
| *** jrosser has quit IRC | 20:26 | |
| *** guilhermesp has quit IRC | 20:26 | |
| *** fyx has quit IRC | 20:26 | |
| *** f0o has quit IRC | 20:26 | |
| *** andy_ has quit IRC | 20:26 | |
| *** zigo has quit IRC | 20:26 | |
| *** sorrison has quit IRC | 20:26 | |
| *** andy__ is now known as andy_ | 20:26 | |
| *** f0o has joined #openstack-lbaas | 20:26 | |
| *** jrosser_ is now known as jrosser | 20:26 | |
| *** guilhermesp__ is now known as guilhermesp | 20:26 | |
| *** fyx_ is now known as fyx | 20:26 | |
| *** zigo has joined #openstack-lbaas | 20:32 | |
| openstackgerrit | Merged openstack/octavia master: Add default value for enabled column in l7rule table https://review.opendev.org/c/openstack/octavia/+/761283 | 21:05 |
| *** vishalmanchanda has quit IRC | 21:45 | |
| *** ccamposr has joined #openstack-lbaas | 21:45 | |
| *** ccamposr__ has quit IRC | 21:48 | |
| *** gcheresh has quit IRC | 21:49 | |
| *** xgerman has joined #openstack-lbaas | 21:55 | |
| *** yamamoto has joined #openstack-lbaas | 22:10 | |
| *** rouk has joined #openstack-lbaas | 22:13 | |
| *** yamamoto has quit IRC | 22:17 | |
| *** rcernin has joined #openstack-lbaas | 22:20 | |
| rouk | johnsom: so i have a potential exploit a user managed to do, apparently with a project-scoped appcred, someone was able to make a LB with a vip network of another tenant, by mentioning the network by id, even though they dont have access to that network. | 22:20 |
| rouk | is there no verification that the requesting user has adequate perms on the network requested before sending it off? | 22:21 |
| johnsom | You must have an older release | 22:21 |
| rouk | uhh, i just updated to fix the last issue regarding rebuilds, im running ussuri/master as of a few days ago. | 22:22 |
| johnsom | Hmm, give me a minute to find the patch I added for the token issue | 22:22 |
| rouk | maybe didnt get backported? | 22:22 |
| johnsom | Well, maybe it didn't get merged in the backport. | 22:23 |
| johnsom | Ok, forgot, I didn't do that one, it is here: https://review.opendev.org/c/openstack/octavia/+/721550 | 22:24 |
| johnsom | It does appear to be in Ussuri. | 22:25 |
| johnsom | I'm going to look at the code and see if there was a mistake there | 22:26 |
| rouk | yeah, i for sure have a newer release than april 2020, heh. | 22:27 |
| rouk | could there perhaps also be a hole for appcreds? as these were made with appcreds. | 22:32 |
| johnsom | Yeah, ok, he missed the path where they pass a network, but not a subnet ID. So this is a valid bug. | 22:34 |
| rouk | Oops. | 22:35 |
| johnsom | This was previously deemed class C1 issue as the other person must know the UUID of the other network/subnet. | 22:35 |
| johnsom | So it wasn't a CVE or such. | 22:36 |
| johnsom | Whelp, that needs fixed. | 22:36 |
| johnsom | rouk Can you open a story for it? | 22:36 |
| rouk | tenants are divisions of prod/pte/dev by product for us, so users work across many tenants | 22:36 |
| rouk | so... someone entered the wrong id and made a mess. | 22:37 |
| johnsom | Yeah, I get it. | 22:37 |
| rouk | yeah i can open a story. | 22:37 |
| johnsom | rm_work Do you have some cycles to fix this? | 22:37 |
| johnsom | Hmm, he might be off for the day | 22:40 |
| rouk | nice, internal server error when logging into storyboard, thanks ubuntu one. | 22:44 |
| johnsom | Sigh, reload and try again, it usually works | 22:44 |
| johnsom | We will get someone on it. | 22:45 |
| rouk | i have 2 ubuntu one accounts cause one randomly breaks, currently both dont work.. | 22:47 |
| johnsom | Sigh, can you paste.openstack.org some reproduction steps? I can open it for you | 22:47 |
| rouk | yeah, waiting for user to send me whatever they used, but its probably some trashy terraform nonsense. | 22:51 |
| johnsom | lol | 22:51 |
| johnsom | It seems straight forward, but I want to capture it just in case there is something odd | 22:51 |
| rouk | yeah, ill get you what they actually used whenever they send it to me in 0 to infinite time. | 22:56 |
| openstackgerrit | Brian Haley proposed openstack/octavia master: Use more inclusive language for amphora roles https://review.opendev.org/c/openstack/octavia/+/763481 | 23:07 |
| *** mchlumsky has quit IRC | 23:55 | |
Generated by irclog2html.py 2.17.2 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!