Tuesday, 2022-05-10

« Monday, 2022-05-09 Index Wednesday, 2022-05-11 »
opendevreviewTakashi Kajinami proposed openstack/tripleo-validations master: Remove six  https://review.opendev.org/c/openstack/tripleo-validations/+/84117600:29
opendevreviewMerged openstack/validations-libs master: Expand validations_logs table with reason of failure  https://review.opendev.org/c/openstack/validations-libs/+/80439200:46
opendevreviewTakashi Kajinami proposed openstack/tripleo-validations master: Remove six  https://review.opendev.org/c/openstack/tripleo-validations/+/84117600:48
opendevreviewTakashi Kajinami proposed openstack/puppet-tripleo master: Designate: Replace hiera by lookup  https://review.opendev.org/c/openstack/puppet-tripleo/+/84118301:07
opendevreviewJames Slagle proposed openstack/tripleo-ansible master: Add tripleo_container_standalone role  https://review.opendev.org/c/openstack/tripleo-ansible/+/83890501:08
opendevreviewJames Slagle proposed openstack/tripleo-ansible master: tripleo_keystone: Use tripleo_container_standalone  https://review.opendev.org/c/openstack/tripleo-ansible/+/83890601:08
opendevreviewJames Slagle proposed openstack/tripleo-ansible master: Add tripleo_iscsid role  https://review.opendev.org/c/openstack/tripleo-ansible/+/83890701:08
opendevreviewJames Slagle proposed openstack/tripleo-ansible master: Add tripleo_mysql_client role  https://review.opendev.org/c/openstack/tripleo-ansible/+/84032101:08
opendevreviewJames Slagle proposed openstack/tripleo-ansible master: Add initial standalone playbooks and inventory for a compute node  https://review.opendev.org/c/openstack/tripleo-ansible/+/84050901:08
opendevreviewJames Slagle proposed openstack/tripleo-ansible master: Add tripleo_bootstrap role to standlone install phase  https://review.opendev.org/c/openstack/tripleo-ansible/+/84067501:08
opendevreviewJames Slagle proposed openstack/tripleo-ansible master: Add tripleo_ssh_known_hosts role to standalone configure phase  https://review.opendev.org/c/openstack/tripleo-ansible/+/84067601:08
opendevreviewJames Slagle proposed openstack/tripleo-ansible master: Add standalone bootstrap phase and playbook  https://review.opendev.org/c/openstack/tripleo-ansible/+/84067701:08
opendevreviewJames Slagle proposed openstack/tripleo-ansible master: Add pre-network and network phase and playbooks  https://review.opendev.org/c/openstack/tripleo-ansible/+/84090301:08
opendevreviewMerged openstack/validations-common master: Setting default inventory to 0 length string  https://review.opendev.org/c/openstack/validations-common/+/83986201:13
opendevreviewTakashi Kajinami proposed openstack/puppet-tripleo master: Octavia: Replace hiera by lookup  https://review.opendev.org/c/openstack/puppet-tripleo/+/84118401:13
opendevreviewMerged openstack/validations-common master: Removing references to Babel  https://review.opendev.org/c/openstack/validations-common/+/84017801:13
opendevreviewTakashi Kajinami proposed openstack/puppet-tripleo master: Metrics/QDR: Replace hiera by lookup  https://review.opendev.org/c/openstack/puppet-tripleo/+/84118501:19
*** rlandy|bbl is now known as rlandy|out01:22
opendevreviewTakashi Kajinami proposed openstack/puppet-tripleo master: Octavia: Replace hiera by lookup  https://review.opendev.org/c/openstack/puppet-tripleo/+/84118401:30
opendevreviewTakashi Kajinami proposed openstack/puppet-tripleo master: Designate: Replace hiera by lookup  https://review.opendev.org/c/openstack/puppet-tripleo/+/84118301:30
opendevreviewTakashi Kajinami proposed openstack/puppet-tripleo master: Designate: Replace hiera by lookup  https://review.opendev.org/c/openstack/puppet-tripleo/+/84118301:31
opendevreviewJames Slagle proposed openstack/tripleo-ansible master: tripleo_keystone: Use tripleo_container_standalone  https://review.opendev.org/c/openstack/tripleo-ansible/+/83890601:32
opendevreviewJames Slagle proposed openstack/tripleo-ansible master: Add tripleo_iscsid role  https://review.opendev.org/c/openstack/tripleo-ansible/+/83890701:32
opendevreviewJames Slagle proposed openstack/tripleo-ansible master: Add tripleo_mysql_client role  https://review.opendev.org/c/openstack/tripleo-ansible/+/84032101:32
opendevreviewJames Slagle proposed openstack/tripleo-ansible master: Add initial standalone playbooks and inventory for a compute node  https://review.opendev.org/c/openstack/tripleo-ansible/+/84050901:32
opendevreviewJames Slagle proposed openstack/tripleo-ansible master: Add tripleo_bootstrap role to standlone install phase  https://review.opendev.org/c/openstack/tripleo-ansible/+/84067501:32
opendevreviewJames Slagle proposed openstack/tripleo-ansible master: Add tripleo_ssh_known_hosts role to standalone configure phase  https://review.opendev.org/c/openstack/tripleo-ansible/+/84067601:32
opendevreviewJames Slagle proposed openstack/tripleo-ansible master: Add standalone bootstrap phase and playbook  https://review.opendev.org/c/openstack/tripleo-ansible/+/84067701:32
opendevreviewJames Slagle proposed openstack/tripleo-ansible master: Add pre-network and network phase and playbooks  https://review.opendev.org/c/openstack/tripleo-ansible/+/84090301:32
opendevreviewTakashi Kajinami proposed openstack/puppet-tripleo master: Ironic: Replace hiera by lookup  https://review.opendev.org/c/openstack/puppet-tripleo/+/84118601:35
opendevreviewTakashi Kajinami proposed openstack/puppet-tripleo master: Ironic-inspector: Replace hiera by lookup  https://review.opendev.org/c/openstack/puppet-tripleo/+/84118701:35
opendevreviewTakashi Kajinami proposed openstack/puppet-tripleo master: RabbitMQ: Replace hiera by lookup  https://review.opendev.org/c/openstack/puppet-tripleo/+/84118801:44
opendevreviewTakashi Kajinami proposed openstack/puppet-tripleo master: haproxy: Enable httplog for horizon endpoint  https://review.opendev.org/c/openstack/puppet-tripleo/+/84119202:22
opendevreviewTakashi Kajinami proposed openstack/puppet-tripleo master: Horizon: Support Strict-Transport-Security header  https://review.opendev.org/c/openstack/puppet-tripleo/+/84119402:38
opendevreviewTakashi Kajinami proposed openstack/tripleo-heat-templates master: Horizon: Support Strict-Transport-Security header  https://review.opendev.org/c/openstack/tripleo-heat-templates/+/84119602:46
opendevreviewTakashi Kajinami proposed openstack/tripleo-heat-templates master: dnm: test hsts header configuration  https://review.opendev.org/c/openstack/tripleo-heat-templates/+/84119702:46
opendevreviewSteve Baker proposed openstack/openstack-virtual-baremetal master: Remove centos-7 support  https://review.opendev.org/c/openstack/openstack-virtual-baremetal/+/84119903:32
opendevreviewSteve Baker proposed openstack/openstack-virtual-baremetal master: WIP Also start a redfish based BMC for OVB nodes  https://review.opendev.org/c/openstack/openstack-virtual-baremetal/+/84120003:32
*** soniya29 is now known as soniya29|ruck04:38
*** ysandeep|out is now known as ysandeep|rover04:42
opendevreviewTakashi Kajinami proposed openstack/tripleo-heat-templates master: Horizon: Support Strict-Transport-Security header  https://review.opendev.org/c/openstack/tripleo-heat-templates/+/84119604:49
opendevreviewTakashi Kajinami proposed openstack/tripleo-heat-templates master: dnm: test hsts header configuration  https://review.opendev.org/c/openstack/tripleo-heat-templates/+/84119704:49
opendevreviewSteve Baker proposed openstack/openstack-virtual-baremetal master: Also start a redfish based BMC for OVB nodes  https://review.opendev.org/c/openstack/openstack-virtual-baremetal/+/84120004:53
*** pojadhav|afk is now known as pojadhav05:23
opendevreviewTakashi Kajinami proposed openstack/tripleo-common master: Remove reference to Undercloud services  https://review.opendev.org/c/openstack/tripleo-common/+/84120305:31
opendevreviewTakashi Kajinami proposed openstack/python-tripleoclient master: Undercloud: Deprecate options for removed services  https://review.opendev.org/c/openstack/python-tripleoclient/+/84120505:57
opendevreviewTakashi Kajinami proposed openstack/tripleo-heat-templates master: Remove leftover of Undercloud-specific services  https://review.opendev.org/c/openstack/tripleo-heat-templates/+/84120606:06
opendevreviewTakashi Kajinami proposed openstack/tripleo-heat-templates master: Remove unused environment files for undercloud  https://review.opendev.org/c/openstack/tripleo-heat-templates/+/84120706:08
opendevreviewTakashi Kajinami proposed openstack/puppet-tripleo master: haproxy: Enable httplog for horizon endpoint  https://review.opendev.org/c/openstack/puppet-tripleo/+/84119206:10
opendevreviewTakashi Kajinami proposed openstack/python-tripleoclient master: Remove unused object storage client implementation  https://review.opendev.org/c/openstack/python-tripleoclient/+/84120806:29
opendevreviewTakashi Kajinami proposed openstack/python-tripleoclient master: Remove unused object storage client implementation  https://review.opendev.org/c/openstack/python-tripleoclient/+/84120806:32
opendevreviewTakashi Kajinami proposed openstack/tripleo-heat-templates master: Horizon: Support Strict-Transport-Security header  https://review.opendev.org/c/openstack/tripleo-heat-templates/+/84119606:37
opendevreviewTakashi Kajinami proposed openstack/tripleo-heat-templates master: dnm: test hsts header configuration  https://review.opendev.org/c/openstack/tripleo-heat-templates/+/84119706:37
opendevreviewFrancesco Pantano proposed openstack/tripleo-heat-templates master: Do not deploy ceph-nfs during the overcloud deploy  https://review.opendev.org/c/openstack/tripleo-heat-templates/+/83947406:42
opendevreviewTakashi Kajinami proposed openstack/python-tripleoclient master: Fix typo in heat.conf for standalone heat  https://review.opendev.org/c/openstack/python-tripleoclient/+/84121407:23
opendevreviewTakashi Kajinami proposed openstack/python-tripleoclient master: Remove ineffective parameter from standalone/ephemeral heat.conf  https://review.opendev.org/c/openstack/python-tripleoclient/+/84121507:23
*** jpena|off is now known as jpena07:30
opendevreviewJiri Podivin proposed openstack/validations-libs master: Validation help improvement  https://review.opendev.org/c/openstack/validations-libs/+/80782807:45
opendevreviewMarios Andreou proposed openstack/tripleo-ci master: Remove centos-7 job definitions and zuul layouts  https://review.opendev.org/c/openstack/tripleo-ci/+/83951807:56
opendevreviewMarios Andreou proposed openstack/tripleo-ci master: Revert "Adds tripleo-repos/-operator-ansible collection push jobs"  https://review.opendev.org/c/openstack/tripleo-ci/+/84122307:56
*** soniya29|ruck is now known as soniya29|ruck|lunch08:09
*** ykarel is now known as ykarel|away08:25
opendevreviewTakashi Kajinami proposed openstack/tripleo-heat-templates master: Add back FRR to Undercloud  https://review.opendev.org/c/openstack/tripleo-heat-templates/+/84123508:31
opendevreviewTakashi Kajinami proposed openstack/tripleo-heat-templates master: Add back FRR to Undercloud  https://review.opendev.org/c/openstack/tripleo-heat-templates/+/84123508:33
opendevreviewTakashi Kajinami proposed openstack/tripleo-heat-templates master: Add back FRR to Undercloud  https://review.opendev.org/c/openstack/tripleo-heat-templates/+/84123508:34
opendevreviewTakashi Kajinami proposed openstack/python-tripleoclient master: Undercloud: Deprecate options for removed services  https://review.opendev.org/c/openstack/python-tripleoclient/+/84120508:37
opendevreviewKhomesh Thakre proposed openstack/tripleo-upgrade master: Install pkgs required to apply workarounds  https://review.opendev.org/c/openstack/tripleo-upgrade/+/83968308:37
opendevreviewKhomesh Thakre proposed openstack/tripleo-upgrade master: Install pkgs required to apply workarounds  https://review.opendev.org/c/openstack/tripleo-upgrade/+/83968308:46
*** ysandeep|rover is now known as ysandeep|rover|lunch08:49
opendevreviewMarios Andreou proposed openstack/tripleo-heat-templates master: DNM TESTING tripleo-ci/+/839518  https://review.opendev.org/c/openstack/tripleo-heat-templates/+/84124209:13
opendevreviewKhomesh Thakre proposed openstack/tripleo-upgrade master: Install pkgs required to apply workarounds  https://review.opendev.org/c/openstack/tripleo-upgrade/+/83968309:17
opendevreviewMarios Andreou proposed openstack/tripleo-common master: DNM testing tripleo-ci/+/839518  https://review.opendev.org/c/openstack/tripleo-common/+/84124309:18
opendevreviewMarios Andreou proposed openstack/tripleo-heat-templates stable/wallaby: DNM TESTING tripleo-ci/+/839518  https://review.opendev.org/c/openstack/tripleo-heat-templates/+/84094509:20
*** soniya29|ruck|lunch is now known as soniya29|ruck09:21
opendevreviewMarios Andreou proposed openstack/tripleo-heat-templates stable/train: DNM TESTING tripleo-ci/+/839518  https://review.opendev.org/c/openstack/tripleo-heat-templates/+/84124409:25
opendevreviewMarios Andreou proposed openstack/tripleo-common stable/wallaby: DNM testing tripleo-ci/+/839518  https://review.opendev.org/c/openstack/tripleo-common/+/84094609:30
*** bhagyashris is now known as bhagyashris|out09:33
opendevreviewMarios Andreou proposed openstack/tripleo-common stable/train: DNM testing tripleo-ci/+/839518  https://review.opendev.org/c/openstack/tripleo-common/+/84124509:33
*** ysandeep|rover|lunch is now known as ysandeep|rover09:47
slaweqTengu: I have the same issue with iptables rules on OSP-17 on rhel 909:59
slaweqso it's not only on master09:59
Tenguslaweq: iptables, or iptables-nft ?10:01
slaweqiptables-nft10:01
Tenguok..10:02
TenguI'm checking the nftables content, with the default things we're supposed to have. also, I'll check to switch to nftables in tripleo.10:02
Tenguapparently, there are things in neutron that are already hitting it anyway.10:02
Tengutime to switch away from iptables imho.10:02
opendevreviewA R proposed openstack/diskimage-builder master: Preserve local mirrors when using Ubuntu element  https://review.opendev.org/c/openstack/diskimage-builder/+/84124710:09
*** rlandy|out is now known as rlandy10:33
slaweqTengu: I think that I found something and I'm one step closer11:08
Tenguslaweq: oh?? please, share :)11:09
slaweqTengu: it seems that we our icmp packets are for some reason first hitting rule from raw table to "notrack" them (it's only for geneve tunnels but for some reason it hits it) and because of that they aren't matched later in INPUT chain11:09
Tenguo_O11:10
slaweqif You would remove those 2 rules from raw table or add rule to match all UNTRACKED traffic in INPUT table, it should works - at least it works in my lab like that11:10
bogdandorlandy: https://review.opendev.org/c/openstack/openstack-tempest-skiplist/+/831259 is likely good to go11:10
Tenguand then they hit the chain policy but not the actual drop rule ?11:10
slaweqI still don't understand exactly why it's like that but, as I said, it's one step closer at least11:10
slaweqfor some reason yes, but I don't know exactly why11:11
slaweqahh, righ11:11
slaweqit's because DROP rule at the end is only for conntrack NEW packets11:11
slaweqand those are UNTRACKED11:11
Tenguyep11:11
opendevreviewchandan kumar proposed openstack/tripleo-ansible master: Rename jobs to centos-stream and use stream9 image as base  https://review.opendev.org/c/openstack/tripleo-ansible/+/83968811:11
Tenguwas about to say that :)11:11
slaweqthat makes sense11:11
Tenguhmm... can't we track that UNTRACKED?11:12
Tengusounds terrible.11:12
slaweqI only don't understand why those packets are encapsulated11:12
slaweqthat "notrack" rule was added there on purpose11:12
slaweqand we should have it for the geneve tunnel traffic11:12
slaweqanyway, I'm going for lunch now but I will later update LP and will continue work on that11:13
rlandybogdando: thank - checking testproject11:14
bogdandorlandy: ok, I've also linked a testproject job there it had been tested11:15
Tenguslaweq: soooo - we may allow UNTRACKED icmp only?11:15
rlandybogdando; yep  - thank you  - merging11:15
rlandyysandeep|rover: soniya29|ruck: ^^ fyi11:15
rlandyfs039 on train11:15
Tenguouch... nope. it's.. well. it's for UDP, not icmp anyway ?11:15
bogdandoone little fixed tempest test, one huge step for tripleo :D11:16
soniya29|ruckrlandy, ack11:18
opendevreviewMerged openstack/openstack-tempest-skiplist master: Revert "Skip failing test on train c8"  https://review.opendev.org/c/openstack/openstack-tempest-skiplist/+/83125911:25
*** dviroel|afk is now known as dviroel11:28
opendevreviewJames Slagle proposed openstack/tripleo-ansible master: Add tripleo_iscsid role  https://review.opendev.org/c/openstack/tripleo-ansible/+/83890711:39
opendevreviewJames Slagle proposed openstack/tripleo-ansible master: Add tripleo_mysql_client role  https://review.opendev.org/c/openstack/tripleo-ansible/+/84032111:39
opendevreviewJames Slagle proposed openstack/tripleo-ansible master: Add initial standalone playbooks and inventory for a compute node  https://review.opendev.org/c/openstack/tripleo-ansible/+/84050911:39
opendevreviewJames Slagle proposed openstack/tripleo-ansible master: Add tripleo_bootstrap role to standlone install phase  https://review.opendev.org/c/openstack/tripleo-ansible/+/84067511:39
opendevreviewJames Slagle proposed openstack/tripleo-ansible master: Add tripleo_ssh_known_hosts role to standalone configure phase  https://review.opendev.org/c/openstack/tripleo-ansible/+/84067611:39
opendevreviewJames Slagle proposed openstack/tripleo-ansible master: Add standalone bootstrap phase and playbook  https://review.opendev.org/c/openstack/tripleo-ansible/+/84067711:39
opendevreviewJames Slagle proposed openstack/tripleo-ansible master: Add pre-network and network phase and playbooks  https://review.opendev.org/c/openstack/tripleo-ansible/+/84090311:39
opendevreviewFrancesco Pantano proposed openstack/tripleo-ansible stable/wallaby: Avoid failing if no pools/keys are specified  https://review.opendev.org/c/openstack/tripleo-ansible/+/84125211:44
opendevreviewTakashi Kajinami proposed openstack/tripleo-heat-templates master: Horizon: Support Strict-Transport-Security header  https://review.opendev.org/c/openstack/tripleo-heat-templates/+/84119611:46
opendevreviewTakashi Kajinami proposed openstack/tripleo-heat-templates master: dnm: test hsts header configuration  https://review.opendev.org/c/openstack/tripleo-heat-templates/+/84119711:46
opendevreviewTakashi Kajinami proposed openstack/puppet-tripleo master: Horizon: Support Strict-Transport-Security header  https://review.opendev.org/c/openstack/puppet-tripleo/+/84119411:50
opendevreviewTakashi Kajinami proposed openstack/tripleo-heat-templates master: Horizon: Support Strict-Transport-Security header  https://review.opendev.org/c/openstack/tripleo-heat-templates/+/84119611:52
opendevreviewTakashi Kajinami proposed openstack/tripleo-heat-templates master: dnm: test hsts header configuration  https://review.opendev.org/c/openstack/tripleo-heat-templates/+/84119711:52
opendevreviewTakashi Kajinami proposed openstack/tripleo-heat-templates master: Add back FRR to Undercloud  https://review.opendev.org/c/openstack/tripleo-heat-templates/+/84123511:53
opendevreviewTakashi Kajinami proposed openstack/python-tripleoclient master: Undercloud: Deprecate options for removed services  https://review.opendev.org/c/openstack/python-tripleoclient/+/84120511:54
*** soniya29|ruck is now known as soniya29|ruck|break11:58
opendevreviewSlawek Kaplonski proposed openstack/tripleo-heat-templates master: Iptables rule for geneve traffic should match UNTRACKED state  https://review.opendev.org/c/openstack/tripleo-heat-templates/+/84125912:26
opendevreviewSlawek Kaplonski proposed openstack/tripleo-ansible master: Get all of the INPUT rules in a dedicated chain  https://review.opendev.org/c/openstack/tripleo-ansible/+/83916312:26
slaweqTengu: I proposed patch which should fix that issue ^^12:27
*** soniya29|ruck|break is now known as soniya29|ruck12:27
slaweqand I already updated Your patch and rechecked testproject's patch12:27
slaweqso lets see if that will work with default policy DROP12:27
slaweqTBH I think that it always worked only because geneve traffic was matching default policy which was ACCEPT12:28
Tenguslaweq: more than probably, yep. Wow. that was a good hunt at least!12:30
Tenguslaweq: finger crossed :). In parallel, I'm working on moving to nftables. Shouldn't be THAT hard, especially with the dedicated chain.12:30
Tenguthough I see we're hitting some other tables than "filter", such as that "raw" one, and iirc I saw some "nat" as well.12:31
Tengumight be good to get some dedicated chains in there as well.12:31
slaweqI'm not nftables expert but IIRC it shouldn't be mixed e.g. nftables and iptables-nft and neutron is only working with iptables-nft currently12:32
slaweqbut maybe I'm wrong there12:32
Tenguhmm, I see the neutron things in nft list ruleset at least.12:32
Tengubuuut... humpf. yeah. I think I've seen something about that in the nftables doc.12:32
Tenguthough I suspect it wouldn't be that hard to make neutron nftables-aware.12:32
slaweqI'm not so sure, I know ralonsoh was working on that some time ago and he had some troubles with it12:35
slaweqbut I don't remember now exactly what was the problem there12:35
slaweqprobably at some point we will have to move to it, or we will not use iptables in neutron when we will move completly to OVN but that's not current state for sre12:36
slaweq*sure12:36
Tengu^^12:37
Tenguso my goal here is to expose this new possibility, and make it switchable (i.e. toggle a var to switch from iptables_nft to nftables). Same interface in the end, just the engine under the hood.12:37
Tenguthat will allow some nice testing capabilities.12:37
ysandeep|roverhjensas: following yesterday conversation, looks like the ANSIBLE_SSH_RETRIES is already set to 3 in tripleoclient. https://opendev.org/openstack/python-tripleoclient/src/branch/master/tripleoclient/utils.py#L48112:53
slaweqTengu++12:54
ysandeep|roverhjensas, I think there is no option to enhance ansible verbosity in node provision command, I think I need to set "ANSIBLE_VERBOSITY" and "ANSIBLE_DEBUG" in node_provision script before calling node provision - if I want to check debug logs.12:56
ysandeep|roverhttps://logserver.rdoproject.org/openstack-periodic-integration-main/opendev.org/openstack/tripleo-ci/master/periodic-tripleo-ci-centos-9-ovb-3ctlr_1comp-featureset035-master/0222a8a/logs/undercloud/home/zuul/tripleo_overcloud_node_provision.sh.txt.gz12:57
ysandeep|roverhjensas, We are still hitting node provisioning issue in master with ssh timeout but not seeing same in wallaby c9.12:58
hjensasysandeep|rover: I think adding '--verbose' to the overcloud node provision command will give you debug logs?12:58
ysandeep|roverthanks, let me try that 12:59
ysandeep|roverwe are still awaiting today's load input from vexx, but not seeing same issue in wallaby c9 which also run on same env - is a bit weird.13:00
ysandeep|roverhjensas: --verbose worked thanks!13:02
hjensasysandeep|rover: yes, if it was a performance issue in infra we should see it with wallaby as well.13:07
opendevreviewA R proposed openstack/diskimage-builder master: Preserve local mirrors when using Ubuntu element  https://review.opendev.org/c/openstack/diskimage-builder/+/84124713:07
ysandeep|roverhjensas, for ex. fs020 node provisioning failed in master vs passed in wallaby13:15
ysandeep|roverhttps://logserver.rdoproject.org/openstack-periodic-integration-main/opendev.org/openstack/tripleo-ci/master/periodic-tripleo-ci-centos-9-ovb-1ctlr_2comp-featureset020-master/69a4390/logs/undercloud/home/zuul/overcloud_node_provision.log.txt.gz13:15
ysandeep|roverhttps://logserver.rdoproject.org/openstack-periodic-integration-stable1/opendev.org/openstack/tripleo-ci/master/periodic-tripleo-ci-centos-9-ovb-1ctlr_2comp-featureset020-wallaby/de43aed/logs/undercloud/home/zuul/overcloud_node_provision.log.txt.gz13:15
ysandeep|roverhjensas, to debug this issue further I am thinking about rerunning wallaby and master in single testproject so that we know load on infra is equal for both release jobs with 2 changes:- 1) Increased ANSIBLE_SSH_RETRIES B) With --verbose in node provisioning command.. 13:17
ysandeep|roverand see in logs if for master - ssh_retries connect after few more retries 13:19
ysandeep|roverhjensas, please let me know if you have any other pointers to debug in any alternative way.13:19
hjensasysandeep|rover: Looking at recent patches, https://review.opendev.org/c/openstack/diskimage-builder/+/840825 is ssh related. But dib is branchless so should see in Wallaby as well.13:24
ysandeep|roverhjensas, we currently don't call cloud-init element in image so I think that will not affect us.13:26
ysandeep|roverhttps://review.opendev.org/c/openstack/tripleo-common/+/841067/1/image-yaml/overcloud-hardened-images-uefi-python3.yaml is not merged yet.13:26
hjensasysandeep|rover: ah, yes you are right. Just saw the comment on that review.13:26
opendevreviewDouglas Viroel proposed openstack/tripleo-quickstart master: Update centos-compose dependecy config  https://review.opendev.org/c/openstack/tripleo-quickstart/+/84126813:30
*** dasm|off is now known as dasm13:31
opendevreviewMerged openstack/tripleo-heat-templates stable/wallaby: Set rx permissions for all in /var/lib/config-data  https://review.opendev.org/c/openstack/tripleo-heat-templates/+/83875513:35
opendevreviewMerged openstack/validations-common master: Normalizing VF metadata  https://review.opendev.org/c/openstack/validations-common/+/84046013:35
hjensasysandeep|rover: We may want to try to capture journal on the node we fail SSH connection to? 13:57
ysandeep|roverhjensas, https://logserver.rdoproject.org/openstack-periodic-integration-main/opendev.org/openstack/tripleo-ci/master/periodic-tripleo-ci-centos-9-ovb-1ctlr_2comp-featureset020-master/69a4390/logs/overcloud-controller-0/var/log/extra/journal.txt.gz14:01
ysandeep|rover"controller-0: Failed to connect to the host via ssh: ssh: connect to host" failed on controller-0 14:02
slaweqTengu: test job failed but I don't think it failed due to my patch14:03
slaweqcan You check it maybe?14:03
slaweqas You know those tripleo bits much better than me :)14:03
Tenguslaweq: gimme a minute14:10
* Tengu sticks his head out of nftables dark places14:10
hjensasysandeep|rover: oh, thanks. Cool, I thought we had failed to capture that. *looking*14:10
slaweqthx Tengu 14:11
Tenguslaweq: ah. you just hit the RDO issue with node provisionning.14:11
slaweqgood, that it's not my patch's fault this time :)14:11
Tenguit's known. and under review right now. maybe rlandy and/or ysandeep|rover have info about that one?14:11
Tenguysandeep|rover, rlandy any news for RDO node provision issue? :)14:12
ysandeep|roverTengu, not yet, that's what I am discussing with hjensas currently.14:13
Tenguysandeep|rover: ah, good - sorry, didn't really pay attention to the backlog..14:13
Tenguslaweq: I may be able to run a test here with both patches in. though tomorrow morning will be a bit terrible for me, have different appointments.14:14
slaweqTengu: no problem, I'm pretty confident that my patch should help (it did for me locally for sure)14:15
slaweqand I think I know why there wasn't that problem in Your lab14:15
Tenguconntrack is a mess.14:15
slaweqthe reason is that You had only one controller so no L3HA and because of that this geneve traffic wasn't needed14:15
Tenguoh.14:16
Tenguyay small infra right? :)14:16
slaweqyeah, try lab with 2 controllers and You will reproduce the same issue :)14:16
TenguI can run the deploy on the big builder and get 3 controllers :). 2 aren't actually a great idea.14:16
hjensasysandeep|rover: Wonder if the legacy network service is causing a blipp - https://paste.opendev.org/show/bzM0IYC23hcCNKycWWlj/14:30
hjensasysandeep|rover: May 10 06:12:38 overcloud-controller-0 NetworkManager[1130]: <info>  [1652177558.7952] device (enp3s0): Activation: successful, device activated.14:30
hjensasysandeep|rover: and then May 10 06:13:38 Starting LSB: Bring up/down networking...14:31
hjensasysandeep|rover: ansible failed 2022-05-10 06:13:37.28997514:31
rlandyTengu: sorry - rotating meetings - what ysandeep|rover said14:32
Tengurlandy: no problem - thanks for jumping in :)14:33
ysandeep|roverhjensas, let me check c9 wallaby journal logs for comparision14:34
hjensasysandeep|rover: also cloud-init is creating the head-admin user after the ansible login failure?14:35
hjensasMay 10 06:13:39 overcloud-controller-0 useradd[1493]: new user: name=heat-admin, UID=1000, GID=1001, home=/home/heat-admin, shell=/bin/bash, from=none14:35
ysandeep|roverhjensas: sry was in a mtg, reading back14:38
hjensasysandeep|rover: :) No worries.14:38
ysandeep|roverhjensas, if we can trust the ntp is in sync right away after boot between undercloud and overcloud nodes, then looks like cloud-init was still running and by the time ansible failed.14:42
hjensasysandeep|rover: yes, looks like chrony already started14:43
hjensasMay 10 06:12:43 overcloud-controller-0 chronyd[953]: Selected source 206.108.0.133 (2.centos.pool.ntp.org)14:43
hjensasMay 10 06:12:43 overcloud-controller-0 chronyd[953]: System clock TAI offset set to 37 seconds14:43
* hjensas is not sure if chrony would immideatly sync time at that point.14:45
ysandeep|roverhttps://opendev.org/openstack/tripleo-ansible/src/branch/master/tripleo_ansible/playbooks/cli-overcloud-node-growvols.yaml#L48-L52 14:45
ysandeep|roverI need to check wait_for_connection: --> what does it test if ssh or something else.14:45
Tenguslaweq: also, it seems the ansible "iptables" module wants to use contrack for every single rule, and is adding the --state NEW when nothing is set, instead of just ignoring the state.14:49
Tenguslaweq: this also leads to the issue we just hit imho.14:49
TenguI'm not sure I'll do the same thing within my nftables role....14:49
Tengustate is nice, but..14:49
Tenguthough, if there are package with the NOTRACK, it may lead to some issues... ?14:50
hjensasysandeep|rover: also, ANSIBLE_SSH_RETRIES - does it wait between retries? Is it tunable?14:50
ysandeep|roverhjensas, I was doing some testing in my lab, I killed overcloud node and reran the playbook: http://pastebin.test.redhat.com/1050814 14:52
ysandeep|roverlooks like the wait increase in each loop14:52
ysandeep|roverpausing for 0 seconds .... pausing for 1 seconds ... pausing for 3 seconds14:53
*** dviroel is now known as dviroel|lunch|afk14:53
hjensasysandeep|rover: yes, looks like incremental retries. indeed.14:53
ysandeep|roverhjensas, I am scratching my head on how this worked for same controller: " OK | Wait for provisioned nodes to boot | overcloud-controller-0" 14:56
ysandeep|rovermay be wait_for_connection don't test for ssh connection or cloud-init restarted networking after this task in between.14:56
hjensasysandeep|rover: network is up, and wait_for_connection does not try to log-in? It may just ping, or try to connect to SSH server without logging in?14:57
ysandeep|roverack, and login fail because cloud-init is creating the heat-admin after ansible already failed.14:59
ysandeep|roveryeah https://docs.ansible.com/ansible/latest/collections/ansible/builtin/wait_for_connection_module.html : This module makes use of internal ansible transport (and configuration) and the ping/win_ping module to guarantee correct end-to-end functioning. 15:00
slaweqTengu: yes, that also can be the problem15:00
Tenguslaweq: I'll do a 1:1 version, and we'll be able to iterate.15:01
Tengunow I just need to extract the "chain" and "table" passed in the rules so that I can create them as custom beforehand, and edit the actual original chain in order to push the traffic through the custom chain.15:01
Tengui.e. "map" INPUT -> TRIPLEO_INPUT, and redirect INPUT into TRIPLEO_INPUT (and same for any other mentioned chain in any mentioned table)15:02
opendevreviewAlan Bishop proposed openstack/tripleo-heat-templates stable/wallaby: Manila: Deprecate ineffctive *DriverHandlesShareServers  https://review.opendev.org/c/openstack/tripleo-heat-templates/+/84058215:04
opendevreviewAlan Bishop proposed openstack/tripleo-heat-templates stable/wallaby: Deprecate ineffective ManilaCephFSCephFSEnableSnapshots  https://review.opendev.org/c/openstack/tripleo-heat-templates/+/84058115:04
hjensasysandeep|rover: do we get "UNREACHABLE" if the wrong user is used by ansible?15:05
hjensaswrong as in "non existing" user?15:05
ysandeep|roverhjensas, let me do a quick test on my env15:07
ysandeep|roverhjensas, hah.. i don't see cloud-init logs in wallaby: https://logserver.rdoproject.org/openstack-periodic-integration-stable1/opendev.org/openstack/tripleo-ci/master/periodic-tripleo-ci-centos-9-ovb-1ctlr_2comp-featureset020-wallaby/de43aed/logs/overcloud-controller-0/var/log/extra/journal.txt.gz 15:08
ysandeep|rovermay be rotated..15:08
ysandeep|roverignore clou-init ran https://logserver.rdoproject.org/openstack-periodic-integration-stable1/opendev.org/openstack/tripleo-ci/master/periodic-tripleo-ci-centos-9-ovb-1ctlr_2comp-featureset020-wallaby/de43aed/logs/overcloud-controller-0/var/log/cloud-init-output.log.txt.gz 15:10
*** afaranha__ is now known as afaranha15:11
ysandeep|roverhjensas: unreachable with permission denied:  http://pastebin.test.redhat.com/105082415:20
*** soniya29|ruck is now known as soniya29|out15:20
hjensasysandeep|rover: ok, so looks different from port 22: Connection refused. 15:26
ysandeep|roverhjensas: yeah.. if wait_for_connection don't test for ssh connection.. may be in pre_tasks we should also retry for ssh connection to become available.15:33
ysandeep|roverhttps://opendev.org/openstack/tripleo-ansible/src/branch/master/tripleo_ansible/playbooks/cli-overcloud-node-growvols.yaml#L4715:33
ysandeep|roveror we can just increase ANSIBLE_SSH_RETRIES15:34
hjensasysandeep|rover: I wonder if network-scripts blips the network? I wonder if we should ensure 'systemctl disable network.service' in the image?15:34
ysandeep|roverI am not in sync about status of network.service in recent version, but if we don't need it anymore we can disable in image itself.15:38
ysandeep|roverWe can test that in third party check itself - if we plan to disable via diskimage-builder patch15:39
ysandeep|roverhjensas: looks like we use env['ANSIBLE_SSH_RETRIES'] = 3 from tripleoclient: https://opendev.org/openstack/python-tripleoclient/src/branch/master/tripleoclient/utils.py#L481 , let me try if bumping it works in parallel.15:41
ysandeep|rover^^ as a dnm patch15:42
hjensasysandeep|rover: we need it later, when os-net-config is used to configure networking. But at this stage NetworkManager is doing a good job. the tripleo_network_config ansible role will enable network service when it is required in case it is disabled in the image.15:43
opendevreviewAlan Bishop proposed openstack/python-tripleoclient master: Undercloud: Deprecate options for removed services  https://review.opendev.org/c/openstack/python-tripleoclient/+/84120515:44
hjensasysandeep|rover: afict package openstack-network-scripts provide network-scripts, it enables the service in post script.15:44
hjensasysandeep|rover: but, I assume the same package is used on Wallaby C9.15:44
hjensasysandeep|rover: so would make sense if we saw the same error there.15:45
ysandeep|roveropenstack-network-scripts.x86_64              10.11.1-1.el9s                        @delorean-wallaby-testing  15:46
hjensasysandeep|rover: have a Wallaby C9 logs handy?15:47
ysandeep|roverhjensas, https://logserver.rdoproject.org/openstack-periodic-integration-stable1/opendev.org/openstack/tripleo-ci/master/periodic-tripleo-ci-centos-9-ovb-1ctlr_2comp-featureset020-wallaby/de43aed/15:47
hjensasysandeep|rover: :( looks like logs rotated, I don't see the initial NetworkManager/network.service stuff in journals there.15:50
ysandeep|roverhjensas: Its getting late here.. I will be out soon.. If you get anything please left a note on https://bugs.launchpad.net/tripleo/+bug/1970400 or ping rlandy, I will pick up in my morning.15:50
rlandyysandeep|rover: hjensas: thanks for the investigation here15:50
ysandeep|roverhjensas, let me see a different job for wallaby and see if logs from boot time are available15:51
hjensasysandeep|rover: ack, I can dig for one myself as well.15:51
hjensasysandeep|rover: +1 on trying to increase ANSIBLE_SSH_RETRIES.15:51
ysandeep|roverhjensas, https://opendev.org/openstack/python-tripleoclient/src/branch/master/tripleoclient/utils.py#L481 i am bumping here for now, We can figure our later if that can be done at playbook level.15:53
opendevreviewSandeep Yadav proposed openstack/python-tripleoclient master: [DNM ]bump ANSIBLE_SSH_RETRIES for a test  https://review.opendev.org/c/openstack/python-tripleoclient/+/84130416:01
ysandeep|roverahh, all the jobs i have checked so far for wallaby have journal logs rotated16:01
ysandeep|roverhjensas, rlandy fyi.. testing with ANSIBLE_SSH_RETRIES bump here: https://review.rdoproject.org/r/c/testproject/+/31954 16:04
*** marios is now known as marios|out16:17
ysandeep|roverhjensas, o/ I am leaving for the day, will catch up with you tomorrow, Thank you for the help and have a great rest of your day.16:23
*** ysandeep|rover is now known as ysandeep|out16:23
opendevreviewMerged openstack/tripleo-validations master: Setting default inventory for multinode job to 0 length string  https://review.opendev.org/c/openstack/tripleo-validations/+/84018616:43
opendevreviewMerged openstack/validations-libs master: Validation help improvement  https://review.opendev.org/c/openstack/validations-libs/+/80782816:43
*** jpena is now known as jpena|off17:17
*** artom_ is now known as artom17:24
*** dasm is now known as dasm|bbl17:27
*** tweining is now known as tweining|off18:00
opendevreviewMerged openstack/tripleo-heat-templates master: Fix manila policy override config  https://review.opendev.org/c/openstack/tripleo-heat-templates/+/84044018:01
opendevreviewMerged openstack/tripleo-heat-templates master: Remove legacy network-isolation env files  https://review.opendev.org/c/openstack/tripleo-heat-templates/+/84111218:04
*** dviroel|lunch|afk is now known as dviroel\18:53
*** dviroel\ is now known as dviroel18:53
opendevreviewMerged openstack/tripleo-docs master: fix yaml typo and add syntax highlighting  https://review.opendev.org/c/openstack/tripleo-docs/+/82460218:56
opendevreviewMerged openstack/tripleo-heat-templates master: Add IPA client service to Cell ctrlr role  https://review.opendev.org/c/openstack/tripleo-heat-templates/+/83949719:04
opendevreviewMerged openstack/tripleo-image-elements stable/wallaby: Migrate from testr to stestr, disable auto discovery  https://review.opendev.org/c/openstack/tripleo-image-elements/+/83568419:04
opendevreviewMerged openstack/tripleo-puppet-elements stable/wallaby: Migrate from testr to stestr, disable auto discovery  https://review.opendev.org/c/openstack/tripleo-puppet-elements/+/83579219:04
*** dviroel is now known as dviroel|out21:22
opendevreviewMerged openstack/openstack-virtual-baremetal master: Add bmc host support for centos-9-stream  https://review.opendev.org/c/openstack/openstack-virtual-baremetal/+/83461221:59
*** rlandy is now known as rlandy|bbl22:17
opendevreviewSofer Athlan-Guyot proposed openstack/tripleo-heat-templates stable/train: Ensure container's image get updated if their name stay the same.  https://review.opendev.org/c/openstack/tripleo-heat-templates/+/84134722:35
opendevreviewSofer Athlan-Guyot proposed openstack/tripleo-heat-templates stable/train: Ensure container's image get updated if their name stay the same.  https://review.opendev.org/c/openstack/tripleo-heat-templates/+/84134722:47
opendevreviewMerged openstack/tripleo-ansible stable/train: Wrap stopping podman -t with systemd timeouts (squash)  https://review.opendev.org/c/openstack/tripleo-ansible/+/84066323:03
opendevreviewMerged openstack/tripleo-heat-templates master: Don't cleanup catalog entries in check mode  https://review.opendev.org/c/openstack/tripleo-heat-templates/+/84046323:03
opendevreviewMerged openstack/tripleo-heat-templates master: Remove parameter to run stunnel by systemd  https://review.opendev.org/c/openstack/tripleo-heat-templates/+/83929223:58
« Monday, 2022-05-09 Index Wednesday, 2022-05-11 »

Generated by irclog2html.py 2.17.3 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!