| rdogerrit | Dariusz Smigiel proposed rdo-infra/ci-config master: Sort jobs based on job status https://review.rdoproject.org/r/c/rdo-infra/ci-config/+/51370 | 00:13 |
|---|---|---|
| rdogerrit | Dariusz Smigiel proposed rdo-infra/ci-config master: Return sorted results by job status https://review.rdoproject.org/r/c/rdo-infra/ci-config/+/51371 | 00:13 |
| rdogerrit | rdo-trunk rdo-trunk proposed rdoinfo master: Promote CBS tags update for caracal-9s-testing https://review.rdoproject.org/r/c/rdoinfo/+/51372 | 00:52 |
| rdogerrit | rdo-trunk rdo-trunk proposed rdoinfo master: Promote CBS tags update for wallaby-8s-testing https://review.rdoproject.org/r/c/rdoinfo/+/51282 | 00:53 |
| rdogerrit | Merged rdoinfo master: Promote CBS tags update for caracal-9s-testing https://review.rdoproject.org/r/c/rdoinfo/+/51372 | 07:20 |
| rdogerrit | Merged openstack/keystone-distgit rpm-master: Stop shipping policy.json https://review.rdoproject.org/r/c/openstack/keystone-distgit/+/51365 | 07:21 |
| rdogerrit | Alfredo Moralejo proposed config master: Install some rdopkg dependencies from rpms https://review.rdoproject.org/r/c/config/+/51373 | 07:51 |
| amoralej | jcapitao[m], ^ see logs in https://logserver.rdoproject.org/periodic/review.rdoproject.org/rdoinfo/master/rdoinfo-upper-constraints-update/e8c6528/job-output.txt | 07:52 |
| rdogerrit | mathieu bultel proposed rdo-jobs master: WIP - Add os-diff step in adoption jobs https://review.rdoproject.org/r/c/rdo-jobs/+/48925 | 07:57 |
| jcapitao[m] | amoralej: I left a comment | 08:19 |
| jcapitao[m] | I should have found out the patch https://review.rdoproject.org/r/c/config/+/45614 | 08:19 |
| jcapitao[m] | yesterday | 08:20 |
| amoralej | lemme amend it | 08:20 |
| rdogerrit | Alfredo Moralejo proposed config master: Install some rdopkg dependencies from rpms https://review.rdoproject.org/r/c/config/+/51373 | 08:21 |
| rdogerrit | Merged config master: Install some rdopkg dependencies from rpms https://review.rdoproject.org/r/c/config/+/51373 | 08:36 |
| apevec | there isn't a way to disable PR tab in GitHub mirrors, is there? https://github.com/redhat-openstack/packstack/pull/23 | 09:28 |
| apevec | iirc opendev had a bot commenting on incoming PRs | 09:29 |
| rdogerrit | rdo-trunk rdo-trunk proposed openstack/octavia-distgit zed-rdo: openstack-octavia: failed to build 000b577f https://review.rdoproject.org/r/c/openstack/octavia-distgit/+/51374 | 13:04 |
| rdogerrit | mathieu bultel proposed rdo-jobs master: WIP - Add os-diff step in adoption jobs https://review.rdoproject.org/r/c/rdo-jobs/+/48925 | 13:18 |
| rdogerrit | Daniel Pawlik proposed config master: Print image_build_date file when available https://review.rdoproject.org/r/c/config/+/51375 | 13:30 |
| rdogerrit | mathieu bultel proposed rdo-jobs master: WIP - Add os-diff step in adoption jobs https://review.rdoproject.org/r/c/rdo-jobs/+/48925 | 13:47 |
| rdogerrit | mathieu bultel proposed rdo-jobs master: WIP - Add os-diff step in adoption jobs https://review.rdoproject.org/r/c/rdo-jobs/+/48925 | 14:20 |
| rdogerrit | Alfredo Moralejo proposed config master: Use ansible_distribution_major_version fact instead of centos_release https://review.rdoproject.org/r/c/config/+/51376 | 14:23 |
| amoralej | jcapitao[m], ^ please review | 14:23 |
| amoralej | jobs are still failing | 14:23 |
| jcapitao[m] | damn .. | 14:24 |
| matbu | hi folks, I have tox-linters job failing on this review (https://review.rdoproject.org/zuul/build/1e5ff4e6071b47a68ed09ec720cbcfaa) and I dont see why, can someone help me ? | 14:31 |
| amoralej | Fix End of Files.........................................................Failed | 14:44 |
| amoralej | - hook id: end-of-file-fixer | 14:44 |
| amoralej | - exit code: 1 | 14:44 |
| amoralej | - files were modified by this hook | 14:44 |
| amoralej | Fixing playbooks/data_plane_adoption/run_os_diff_tests.yaml | 14:44 |
| amoralej | matbu ^ | 14:44 |
| amoralej | missing empty line at the end ? | 14:45 |
| jcapitao[m] | sounds like | 14:47 |
| jcapitao[m] | https://review.rdoproject.org/r/c/rdo-jobs/+/48925/109..110/playbooks/data_plane_adoption/run_os_diff_tests.yaml | 14:47 |
| jcapitao[m] | "No newline at end of right file." | 14:47 |
| rdogerrit | Merged config master: Use ansible_distribution_major_version fact instead of centos_release https://review.rdoproject.org/r/c/config/+/51376 | 15:24 |
| rdogerrit | Yatin Karel proposed openstack/neutron-lib-distgit antelope-rdo: [Stable Only] Re enable unit tests https://review.rdoproject.org/r/c/openstack/neutron-lib-distgit/+/51377 | 15:31 |
| matbu | jcapitao[m]: oh great thank you | 15:38 |
| rdogerrit | mathieu bultel proposed rdo-jobs master: WIP - Add os-diff step in adoption jobs https://review.rdoproject.org/r/c/rdo-jobs/+/48925 | 15:38 |
| jcapitao[m] | matbu: well credits to amoralej ;) | 15:39 |
| matbu | amoralej++ :) | 15:49 |
| amoralej | thanks :) | 15:49 |
| eagles0513875 | good afternoon All I need some help regarding Open stack which is being run by OVH on their public cloud. | 16:05 |
| eagles0513875 | I have some very strange issues which I am totally stumped on as they logically at this point dont make much sense to me | 16:05 |
| eagles0513875 | would anyone be able to assist? | 16:05 |
| amoralej | what kind of issues? | 16:06 |
| amoralej | probably ovh guys are the right ones to help | 16:07 |
| eagles0513875 | amoralej: they are pushing me to reach out to an ovh partner | 16:14 |
| eagles0513875 | so basically i have my setup with Gateway --> Load Balancer --> x2 webserver for the moment then probably need another LB to the 3 instances for databases | 16:14 |
| eagles0513875 | then I have a jumpbox with a floating ip and private ip | 16:14 |
| eagles0513875 | all these instances fyi are on a VRACK (VLAN) with a private ip subnet | 16:15 |
| eagles0513875 | so the jumpbox bypasses the Gateway and LB to ssh directly into the instances or so one would think | 16:15 |
| eagles0513875 | I made changes to allow for SSH etc in the default security group | 16:15 |
| eagles0513875 | yet when i come to SSH into the instance that has a private ip (FYI jumpbox is also on the VLAN with a private ip) I get public key denied. | 16:16 |
| eagles0513875 | the strange thing here is the same SSH key pair im using is successful to ssh into the jumpbox | 16:16 |
| eagles0513875 | so I am not sure what I am missing | 16:16 |
| eagles0513875 | I can share a screenshot I have of the default security group | 16:17 |
| eagles0513875 | also should there be an egress rule from the VLAN subnet to the security group? | 16:17 |
| amoralej | so, you ssh to the jumpbox using floating ip -> that goes ok | 16:17 |
| amoralej | right? | 16:17 |
| jcapitao[m] | if you're getting "public key denied" then network and L4 are ok at least | 16:18 |
| amoralej | correct | 16:19 |
| jcapitao[m] | by L4 I mean firewall rules (i.e security group) | 16:19 |
| amoralej | note you need the ssh key in the jumpbox host | 16:20 |
| amoralej | or use ssh -A when you ssh initially to the jumpbox | 16:20 |
| eagles0513875 | amoralej: correct | 16:22 |
| eagles0513875 | jumpbox host i have the private key there as well in order to ssh into the back end instances | 16:23 |
| amoralej | then it fails to ssh from jumpbox to other instances in the private vlan | 16:23 |
| eagles0513875 | correct | 16:23 |
| eagles0513875 | the jumpbox also has an IP from that vlan as well | 16:23 |
| amoralej | to all of them? | 16:23 |
| amoralej | yes | 16:23 |
| eagles0513875 | yes to all of them with the same issue | 16:23 |
| eagles0513875 | question thoug | 16:23 |
| eagles0513875 | thoug | 16:23 |
| eagles0513875 | on the security group. I have just 1 ssh rule an ingress rule from my ip address | 16:23 |
| amoralej | as jcapitao[m] mentioned, if you are getting an error "public key denied" it's not related to network or firewall | 16:23 |
| eagles0513875 | this is what i cannot understand | 16:24 |
| amoralej | it's pure ssh authentication | 16:24 |
| eagles0513875 | if i had to go and put a floating IP in front of any of the other instances I would be able to ssh | 16:24 |
| eagles0513875 | there is some funny business going on with instances with private ip's only | 16:24 |
| amoralej | i doubt that's the problem | 16:24 |
| amoralej | check that the private key is in the right place with the right permissions | 16:24 |
| amoralej | it's the same operating system and version? | 16:25 |
| eagles0513875 | all these instances are debian 12 | 16:25 |
| eagles0513875 | from jumpbox which works with the same private public key pair to the remaining instances | 16:25 |
| eagles0513875 | this is what doesnt make any sense | 16:26 |
| amoralej | yes but, to the jumpbox you are doing ssh from your laptop | 16:26 |
| amoralej | using the key local in your laptop | 16:26 |
| amoralej | when you ssh from jubmpox to the other instances | 16:26 |
| rdogerrit | Dariusz Smigiel proposed rdo-infra/ci-config master: Return sorted results by job status https://review.rdoproject.org/r/c/rdo-infra/ci-config/+/51371 | 16:26 |
| amoralej | you are using the one in the jumpbox | 16:26 |
| eagles0513875 | im doign ssh -i private key debian@VLAN PRIVATE IP | 16:26 |
| amoralej | so make sure it's in the right path, etc... | 16:26 |
| amoralej | do -v to make sure it's using the file | 16:26 |
| eagles0513875 | let me try that now give me a moment | 16:26 |
| amoralej | i've seen problems in the past because of the cryto type | 16:27 |
| amoralej | i.e. not supporting the type of crypto of the key | 16:27 |
| amoralej | rsa, dsa, all that mess | 16:27 |
| eagles0513875 | mine is an rsa key pair | 16:27 |
| eagles0513875 | i think i might have found part of my mistake as i was doing this at 230am and reinstalled the instance forgot to upload the ssh key | 16:27 |
| amoralej | run ssh with -v and look for errors | 16:27 |
| amoralej | that could be a good reason :) | 16:28 |
| eagles0513875 | on an ssh key the permissions should be what 600 or 700 as right now i have it at 700 | 16:28 |
| eagles0513875 | after uploading the private key over SFTP to the server | 16:28 |
| eagles0513875 | still the same | 16:29 |
| amoralej | you copied it to ~/.ssh ? | 16:30 |
| amoralej | tbh, i have no much idea about where are looked by default in debian | 16:31 |
| eagles0513875 | uploaded it from my pc to the server via sftp | 16:31 |
| eagles0513875 | then moved it to .ssh | 16:31 |
| eagles0513875 | https://dpaste.org/z41gd | 16:31 |
| eagles0513875 | that is the verbose output | 16:31 |
| eagles0513875 | amoralej: coudl gssapi be causing a problem | 16:31 |
| amoralej | i'd say not | 16:32 |
| amoralej | what's the file name for the key ? | 16:32 |
| eagles0513875 | not the standard id_rsa.key its got another name | 16:32 |
| eagles0513875 | starting with node | 16:32 |
| amoralej | i don't see nothing in https://dpaste.org/z41gd that points that it's trying any rsa key, tbh | 16:33 |
| eagles0513875 | node_pri_SSHKey.key | 16:33 |
| eagles0513875 | that is the key name | 16:34 |
| amoralej | Load key "node_pri_SSHKey.key": error in libcrypto | 16:34 |
| amoralej | there is something weird in that key | 16:34 |
| amoralej | make sure it's the right private key file | 16:34 |
| amoralej | debug1: Trying private key: node_pri_SSHKey.key | 16:34 |
| amoralej | Load key "node_pri_SSHKey.key": error in libcrypto | 16:34 |
| eagles0513875 | amoralej: this is the public key at the start shows it as ssh-rsa | 16:35 |
| eagles0513875 | amoralej: that is the funny thing i was getting that before i fixed the security group | 16:35 |
| amoralej | you need to use the private one | 16:36 |
| eagles0513875 | its an rsa key pair as you said you arent seeing anything rsa related | 16:36 |
| eagles0513875 | i am using the private key | 16:36 |
| eagles0513875 | the above private key | 16:36 |
| eagles0513875 | is the same pair im using to access the jumpbox | 16:36 |
| amoralej | then there may be some issue with rsa in devian12, dunno | 16:37 |
| amoralej | but that's where the problem is | 16:37 |
| amoralej | you may try doing ssh -A | 16:37 |
| amoralej | when ssh from your laptop to the jumpbox | 16:37 |
| amoralej | that may help | 16:38 |
| amoralej | as it forwards your keys | 16:38 |
| amoralej | but, it seems there is some issue while trying to load the key file | 16:38 |
| eagles0513875 | i tried debian 11 same issue | 16:40 |
| amoralej | i need to leave now | 16:40 |
| eagles0513875 | can i try ssh -A from jumpbox to instances | 16:40 |
| amoralej | actually what would help is | 16:41 |
| amoralej | -A from your laptop to jumpbox | 16:41 |
| amoralej | then regular ssh frmo jumbpox to instances | 16:41 |
| rdogerrit | rdo-trunk rdo-trunk proposed openstack/swift-distgit rpm-master: openstack-swift: failed to build a16e1f55a https://review.rdoproject.org/r/c/openstack/swift-distgit/+/51378 | 16:49 |
| eagles0513875 | for the love of god doing -A permission denied with the -A | 16:54 |
| eagles0513875 | so I am super confused | 16:54 |
| eagles0513875 | anyone able to help me with this | 17:01 |
| eagles0513875 | as im totally lost | 17:01 |
| amoralej | eagles0513875, i'm leaving now but my recomendation is to debug it as a general ssh issue, not as cloud or network thing | 17:03 |
| eagles0513875 | amoralej: this is what I am stuck on why the ssh key's are working on the jumpbox | 17:03 |
| eagles0513875 | yet not from the jumpbox | 17:03 |
| eagles0513875 | could it be an ssh config issue? | 17:03 |
| amoralej | could be | 17:03 |
| eagles0513875 | cuz if i boot the instance into rescue mode i can ssh into it with the root user with out issue | 17:03 |
| amoralej | ssh client config, issues with the file | 17:03 |
| amoralej | version of ssh or os ... | 17:03 |
| amoralej | try to copy the file with scp instead of sftp, i.e | 17:04 |
| amoralej | also using -vvv may give you more info | 17:04 |
| jcapitao[m] | maybe the remote instance is FIPS ? | 17:31 |
| jcapitao[m] | I hit issue couple of months ago with FIPS instance which was refusing my ed25519 SSH key | 17:31 |
| jcapitao[m] | I had to generate a RSA one in order to authenticate successfully | 17:32 |
| eagles0513875 | jcapitao[m]: this is an rsa key i have | 17:32 |
| eagles0513875 | the strange thing it works on the jumpbox | 17:33 |
| eagles0513875 | permission denied public key on the subsequent instances that have a vlan private ip only | 17:33 |
| eagles0513875 | how can i check if fips is enabled | 17:33 |
| eagles0513875 | and what is fips anyway | 17:33 |
| jcapitao[m] | https://en.wikipedia.org/wiki/Federal_Information_Processing_Standards | 17:34 |
| jcapitao[m] | so there is chance that your instance is not FIPS | 17:34 |
| jcapitao[m] | what's the ouput of ssh -vvv ... command ? | 17:35 |
| eagles0513875 | jcapitao[m]: | 17:37 |
| eagles0513875 | https://dpaste.org/pW9QK | 17:37 |
| eagles0513875 | I am wondering if its the key type | 17:38 |
| eagles0513875 | debug3: record_hostkey: found key type ED25519 in file | 17:38 |
| eagles0513875 | jcapitao[m]: does the key need to be a particular n ame for it to work | 17:39 |
| eagles0513875 | maybe it sa key name issue but doesnt make much sense | 17:39 |
| eagles0513875 | not a key name issue | 17:41 |
| jcapitao[m] | yeah, name should not be a problem | 17:44 |
| jcapitao[m] | Load key "node_pri_SSHKey.key": error in libcrypto | 17:44 |
| jcapitao[m] | ^ could be the reason | 17:45 |
| jcapitao[m] | sounds like the node_pri_SSHKey.key is not well formatted | 17:45 |
| eagles0513875 | ii googled this | 17:50 |
| eagles0513875 | and it looks like a debian bug | 17:50 |
| eagles0513875 | but then jcapitao[m] | 17:50 |
| eagles0513875 | im using the same key pair on my jumpbox and i can get in no issue | 17:50 |
| jcapitao[m] | weird | 17:52 |
| eagles0513875 | my other instances are private ip only | 17:52 |
| eagles0513875 | so i dunno if this is a quirk at this point of openstack | 17:52 |
| eagles0513875 | maybe security group issue | 17:52 |
| jcapitao[m] | can you compare the hash of node_pri_SSHKey.key to check if it's exactly the same ? | 17:52 |
| eagles0513875 | compare the hash how | 17:53 |
| jcapitao[m] | with sha256sum node_pri_SSHKey.key | 17:53 |
| eagles0513875 | on the jumpbox at the moment and compare to what is in the verbose output im guessing | 17:53 |
| eagles0513875 | i have the hash | 17:54 |
| eagles0513875 | but what am i comparing it against | 17:54 |
| eagles0513875 | the ssh keys were deployed automatically when i deployed the instances | 17:54 |
| eagles0513875 | what i have a question on is the security group | 17:54 |
| eagles0513875 | Ingress IPv4 TCP 22 (SSH) MY PUBLIC IP /32 - SSH Jumpbox Access Inbound | 17:55 |
| eagles0513875 | Ingress IPv4 TCP 22 (SSH) 10.1.0.0/16 - SSH to VLAN Instances | 17:55 |
| eagles0513875 | now the 2nd rule covers the entire VLAN subnet | 17:55 |
| eagles0513875 | do i need egress rules as well? | 17:55 |
| eagles0513875 | as I do not have an egress rule setup at the moment | 17:55 |
| jcapitao[m] | nope, rules are ok | 17:55 |
| jcapitao[m] | as you can see in the logs, your client is discussing to the remote server to agree on authentication method | 17:56 |
| eagles0513875 | ok let me show you the ssh config that is installed by default | 17:56 |
| jcapitao[m] | so network and firewall rules are ok, otherwise you would not have replies from remote instance | 17:56 |
| jcapitao[m] | so you have the hash of the private key of the jumpbox | 17:57 |
| eagles0513875 | noted but i have another issue i can no longer update my jumpbox and probably not the servers either | 17:57 |
| eagles0513875 | yes | 17:57 |
| eagles0513875 | https://dpaste.org/aNsk9 this is the config that ovh install with the image | 17:57 |
| jcapitao[m] | and from the jumpbox, you can ssh to the remote machine, right ? | 17:58 |
| eagles0513875 | i cannot ssh to any other instances on the VLAN only | 17:59 |
| eagles0513875 | that is the issue | 17:59 |
| eagles0513875 | i get that ssh error provided before | 17:59 |
| eagles0513875 | i ironically can ping the instances | 17:59 |
| eagles0513875 | i have redeployed | 17:59 |
| eagles0513875 | tried debian 11 and ubuntu 22.04 | 17:59 |
| eagles0513875 | all with this blessed ssh issue | 17:59 |
| jcapitao[m] | from which machine you can ssh to those instances ? | 18:00 |
| jcapitao[m] | earlier you said you were able to ssh from somewhere | 18:00 |
| eagles0513875 | so i can ssh into the jumpbox only so from home pc to jumpbox | 18:01 |
| eagles0513875 | then using the jumpbox to try and get into the other instances with only private ip | 18:01 |
| eagles0513875 | jumpbox has a floating ip | 18:01 |
| eagles0513875 | let me get you the network diagram from horizon | 18:02 |
| jcapitao[m] | understood | 18:02 |
| jcapitao[m] | so you are not able to connect to any of those instances from anywhere | 18:03 |
| jcapitao[m] | ? | 18:03 |
| eagles0513875 | correct | 18:04 |
| eagles0513875 | this is the topology | 18:04 |
| eagles0513875 | https://pasteboard.co/YVXu6nZGMEV7.png | 18:04 |
| eagles0513875 | what doesnt show from is the load balancer which sits behind the gateway | 18:04 |
| eagles0513875 | that is the whole point of having the jumpbox | 18:04 |
| jcapitao[m] | yep understood | 18:05 |
| jcapitao[m] | so | 18:05 |
| jcapitao[m] | when creating the moodle instances | 18:05 |
| eagles0513875 | i deployed all 5 servers at once. set them in private mode on ovh with no public ip | 18:05 |
| jcapitao[m] | did you declare the pubkey of jumbox as authentication ? | 18:05 |
| eagles0513875 | and attached them to the VLAN (VRACK) with private ip subnet and that was it | 18:06 |
| jcapitao[m] | or maybe OVH provides a user/passord as authentication ? | 18:06 |
| eagles0513875 | jcapitao[m]: public key is same across all 5 servers | 18:06 |
| eagles0513875 | only in rescue mode | 18:06 |
| eagles0513875 | normally the username is sent via email and password is obtained via a secure links | 18:06 |
| eagles0513875 | what pisses me off about OVH support is they keep saying the issue is not something covered by their support | 18:06 |
| eagles0513875 | to reach out to an ovh partner for assistance | 18:07 |
| eagles0513875 | Unfortunately not; if you require any assistance managing your server because you do not have a system administrator, you may consider contacting an OVHCloud partner for support using the following link: https://partner.ovhcloud.com/en-gb/directory/ | 18:07 |
| eagles0513875 | 18:07 | |
| eagles0513875 | You're responsible for the configuration of your network and firewall (this includes IP address configuration and DNS settings). | 18:07 |
| eagles0513875 | 18:07 | |
| eagles0513875 | - Default settings for basic configuration will be set up after the initial server setup, but any further changes or amendments are your responsibility, this includes keeping your password safe, up-to-date, and making sure you remember it. | 18:07 |
| eagles0513875 | 18:08 | |
| eagles0513875 | We manage the following for you: | 18:08 |
| eagles0513875 | - Server hardware | 18:08 |
| eagles0513875 | - Power and network availability | 18:08 |
| eagles0513875 | - Console access availability | 18:08 |
| eagles0513875 | - Control panel license availability (if the license has been ordered with us) | 18:08 |
| eagles0513875 | 18:08 | |
| eagles0513875 | But you will need to look after and configure: | 18:08 |
| jcapitao[m] | yeah, but you need to set the public key of the user in jumbox you are logged in into the .ssh/authorized_keys located in the user home directory of the remote machine | 18:08 |
| eagles0513875 | - All server software, operating systems, and performance | 18:08 |
| eagles0513875 | - Backup of your data | 18:08 |
| eagles0513875 | - Configuring hosting and email settings | 18:08 |
| eagles0513875 | - Securing your server outside of our DDoS protection | 18:08 |
| eagles0513875 | - Network configuration | 18:08 |
| eagles0513875 | that is what their support told me jcapitao[m] | 18:08 |
| eagles0513875 | its the same key pair | 18:08 |
| eagles0513875 | and the pub key was automatically deployed when I setup and configured the instances as well as the jumpbox instance at the later stage | 18:08 |
| eagles0513875 | all i needed to get on the jumpbox was my private key which i did via sftp | 18:08 |
| jcapitao[m] | yeah but this pubkey needs to be in .ssh/authorized_keys on moddle machines | 18:09 |
| eagles0513875 | they are already | 18:09 |
| jcapitao[m] | hmm, but how can you confirm if you are not able to connect into moodle machines ? | 18:10 |
| eagles0513875 | i can in rescue with root | 18:10 |
| jcapitao[m] | ah ! | 18:11 |
| jcapitao[m] | did you try to update the system ? | 18:12 |
| jcapitao[m] | maybe by bulling latest packages, it will solve the problem ? | 18:12 |
| eagles0513875 | tried that ran into issues updating the kernel in terms of unresolved dependencies | 18:12 |
| jcapitao[m] | but yeah, looks like an issue with ssh-agent or so | 18:12 |
| jcapitao[m] | ouch | 18:13 |
| eagles0513875 | jcapitao[m]: across other distros as well | 18:13 |
| eagles0513875 | as i tried to downgrade to debian 11 | 18:13 |
| eagles0513875 | same issue | 18:13 |
| eagles0513875 | tried ubuntu 22.04 same issue | 18:13 |
| jcapitao[m] | damn, and fedora ? | 18:13 |
| eagles0513875 | didnt try fedora i guess i coudl at this point | 18:13 |
| jcapitao[m] | yeah .. | 18:14 |
| eagles0513875 | trying fedora 38 | 18:14 |
| eagles0513875 | still reinstalling | 18:16 |
| eagles0513875 | on fedora its hanging Next authentication method: gssapi-with-mic | 18:17 |
| eagles0513875 | im suspecting in the config | 18:17 |
| eagles0513875 | its the gssapi stuff which is enabled | 18:17 |
| eagles0513875 | that is breaking this | 18:17 |
| eagles0513875 | I have not quite understood what gssapi is | 18:17 |
| eagles0513875 | jcapitao[m]: | 18:17 |
| eagles0513875 | is that safe to comment out ont he config | 18:18 |
| rdogerrit | Dariusz Smigiel proposed rdo-infra/ci-config master: Reworked component function https://review.rdoproject.org/r/c/rdo-infra/ci-config/+/51215 | 18:18 |
| rdogerrit | Dariusz Smigiel proposed rdo-infra/ci-config master: Print component with a new function https://review.rdoproject.org/r/c/rdo-infra/ci-config/+/51216 | 18:18 |
| rdogerrit | Dariusz Smigiel proposed rdo-infra/ci-config master: Renamed function to correspond with its use https://review.rdoproject.org/r/c/rdo-infra/ci-config/+/51228 | 18:18 |
| rdogerrit | Dariusz Smigiel proposed rdo-infra/ci-config master: Simplified printing of results https://review.rdoproject.org/r/c/rdo-infra/ci-config/+/51320 | 18:18 |
| rdogerrit | Dariusz Smigiel proposed rdo-infra/ci-config master: Removed unused 'history' function https://review.rdoproject.org/r/c/rdo-infra/ci-config/+/51321 | 18:18 |
| rdogerrit | Dariusz Smigiel proposed rdo-infra/ci-config master: Removed unused AttributeDict class https://review.rdoproject.org/r/c/rdo-infra/ci-config/+/51322 | 18:18 |
| rdogerrit | Dariusz Smigiel proposed rdo-infra/ci-config master: Changed function names to be more descriptive https://review.rdoproject.org/r/c/rdo-infra/ci-config/+/51323 | 18:18 |
| rdogerrit | Dariusz Smigiel proposed rdo-infra/ci-config master: Separate logic from presentation https://review.rdoproject.org/r/c/rdo-infra/ci-config/+/51324 | 18:18 |
| rdogerrit | Dariusz Smigiel proposed rdo-infra/ci-config master: Removed get_diff_package https://review.rdoproject.org/r/c/rdo-infra/ci-config/+/51325 | 18:18 |
| rdogerrit | Dariusz Smigiel proposed rdo-infra/ci-config master: Removed duplicated code https://review.rdoproject.org/r/c/rdo-infra/ci-config/+/51352 | 18:18 |
| rdogerrit | Dariusz Smigiel proposed rdo-infra/ci-config master: Combine processing of dlrn results https://review.rdoproject.org/r/c/rdo-infra/ci-config/+/51353 | 18:18 |
| rdogerrit | Dariusz Smigiel proposed rdo-infra/ci-config master: Added json option to return results https://review.rdoproject.org/r/c/rdo-infra/ci-config/+/51354 | 18:18 |
| rdogerrit | Dariusz Smigiel proposed rdo-infra/ci-config master: Sort jobs based on job status https://review.rdoproject.org/r/c/rdo-infra/ci-config/+/51370 | 18:18 |
| rdogerrit | Dariusz Smigiel proposed rdo-infra/ci-config master: Return sorted results by job status https://review.rdoproject.org/r/c/rdo-infra/ci-config/+/51371 | 18:18 |
| eagles0513875 | jcapitao[m]: if you look at https://dpaste.org/aNsk9 it says gssapi authentication yes | 18:21 |
| jcapitao[m] | right | 18:24 |
| jcapitao[m] | worth disabling it to test | 18:24 |
| jcapitao[m] | it's widely used for authentication with kerberos | 18:25 |
| eagles0513875 | which i dont have in this case unless openstack does some funny shit excuse the language | 18:25 |
| eagles0513875 | then why dont i have the same issue on the jumpbox | 18:25 |
| eagles0513875 | only difference is that it has a floating public ip instead vs only private | 18:26 |
| jcapitao[m] | is it working ? | 18:29 |
| eagles0513875 | there is something very strange goign on | 18:29 |
| eagles0513875 | on the console grub was still showing debian O_o yet the ovh contorl panel shows fedora | 18:29 |
| eagles0513875 | just dropping out of rescue mode | 18:29 |
| eagles0513875 | actually debian is probably their default rescue image | 18:29 |
| eagles0513875 | jcapitao[m]: fedora hangs | 18:30 |
| eagles0513875 | Next authentication method: gssapi-with-mic | 18:30 |
| eagles0513875 | that is where it hangs | 18:30 |
| eagles0513875 | not sure where that is specified | 18:30 |
| eagles0513875 | will have to google but i think im heading in the right direction | 18:31 |
| eagles0513875 | if i can get this workign for fedora i know what i need to do in debian | 18:31 |
| jcapitao[m] | ok | 18:32 |
| eagles0513875 | jcapitao[m]: im goign to have to call it here | 18:32 |
| eagles0513875 | i need to figure out how to disable gssapi-with-mic | 18:32 |
| eagles0513875 | unless there is some kerberos interaction between instances on openstack | 18:32 |
| jcapitao[m] | and do you have a ~/.ssh/config in your jumbox ? | 18:32 |
| jcapitao[m] | which would override your /etc/ssh/ssh_config file | 18:33 |
| eagles0513875 | nope | 18:33 |
| jcapitao[m] | ok | 18:33 |
| jcapitao[m] | and you set GSSAPIAuthentication to no ? | 18:33 |
| eagles0513875 | i commented it out | 18:34 |
| eagles0513875 | on the remote machine | 18:34 |
| eagles0513875 | i shared the ssh config earlier | 18:34 |
| jcapitao[m] | ok and check what's in /etc/ssh/ssh_config.d/ | 18:35 |
| eagles0513875 | nothing on debian | 18:35 |
| jcapitao[m] | ok | 18:35 |
| eagles0513875 | im brain dead ive been up since 0230am this morning | 18:35 |
| eagles0513875 | appreciate the help but at least I know what to try | 18:36 |
| jcapitao[m] | no worries | 18:36 |
| jcapitao[m] | get some rest | 18:36 |
| eagles0513875 | will try again when i wake up at what ever time tomorrow morning | 18:36 |
| jcapitao[m] | you'll find the solution in like 10 min afterward ;) | 18:36 |
| rdogerrit | Dariusz Smigiel proposed rdo-infra/ci-config master: Split jobs based on job status https://review.rdoproject.org/r/c/rdo-infra/ci-config/+/51370 | 19:52 |
| rdogerrit | Dariusz Smigiel proposed rdo-infra/ci-config master: Return job results by job status https://review.rdoproject.org/r/c/rdo-infra/ci-config/+/51371 | 19:52 |
| rdogerrit | Dariusz Smigiel proposed rdo-infra/ci-config master: Renamed script to monitoring https://review.rdoproject.org/r/c/rdo-infra/ci-config/+/51379 | 20:01 |
| rdogerrit | Dariusz Smigiel proposed rdo-infra/ci-config master: Enable Flask application https://review.rdoproject.org/r/c/rdo-infra/ci-config/+/51380 | 20:39 |
| rdogerrit | Dariusz Smigiel proposed rdo-infra/ci-config master: Removed "console" output https://review.rdoproject.org/r/c/rdo-infra/ci-config/+/51381 | 20:39 |
| rdogerrit | Dariusz Smigiel proposed rdo-infra/ci-config master: Enable Flask application https://review.rdoproject.org/r/c/rdo-infra/ci-config/+/51380 | 21:45 |
| rdogerrit | Dariusz Smigiel proposed rdo-infra/ci-config master: Removed "console" output https://review.rdoproject.org/r/c/rdo-infra/ci-config/+/51381 | 21:45 |
Generated by irclog2html.py 2.17.3 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!
