Monday, 2019-03-18

« Sunday, 2019-03-17 Index Tuesday, 2019-03-19 »
*** jamesgu has quit IRC00:05
*** cheng1 has joined #airshipit00:09
*** irclogbot_0 has quit IRC02:23
*** cheng1 has quit IRC04:55
*** jamesgu has joined #airshipit05:01
*** cheng1 has joined #airshipit05:44
*** cheng1 has quit IRC05:52
*** lemko has joined #airshipit06:54
*** jamesgu has quit IRC06:58
*** skatsaounis has joined #airshipit07:06
*** pkaralis has joined #airshipit07:58
*** dimitris_ has joined #airshipit08:22
*** nick_kar has joined #airshipit08:27
*** juhak has quit IRC09:03
*** juhak has joined #airshipit09:04
*** roman_g has joined #airshipit09:34
*** dimitris_ has quit IRC10:04
*** dimitris_ has joined #airshipit10:08
*** lemko has quit IRC12:34
*** hemanth_n_ has joined #airshipit12:38
*** aaronsheffield has joined #airshipit13:04
*** howell has joined #airshipit13:42
*** michael-beaver has joined #airshipit13:48
*** nishant__ has joined #airshipit13:51
*** dustinspecker has joined #airshipit14:06
*** jamesgu has joined #airshipit14:28
openstackgerritSandeep Reddy Thumma proposed openstack/airship-promenade master: setting .PEM files permissions to 640  https://review.openstack.org/64310214:30
openstackgerritRoman Gorshunov proposed openstack/airship-divingbell master: [WIP] Enhance docs rendering  https://review.openstack.org/63814414:32
openstackgerritSandeep Reddy Thumma proposed openstack/airship-promenade master: Setting .PEM files permissions to 640  https://review.openstack.org/64077514:35
*** lemko has joined #airshipit14:48
openstackgerritArijit Bose proposed openstack/airship-in-a-bottle master: [site update] fixing the json syntax  https://review.openstack.org/64423915:07
openstackgerritLev Morgan proposed openstack/airship-pegleg master: Fix multiple I/O issues in cert generation  https://review.openstack.org/64367815:10
openstackgerritMichael Beaver proposed openstack/airship-treasuremap master: Uplift HAProxy to address CVEs  https://review.openstack.org/64424515:28
openstackgerritSandeep Reddy Thumma proposed openstack/airship-promenade master: Set Least Previliage for .PEM files under directory /etc/genesis.  https://review.openstack.org/64077516:02
*** dustinspecker has quit IRC16:03
openstackgerritRoman Gorshunov proposed openstack/airship-divingbell master: Enhance docs rendering; update documentation  https://review.openstack.org/63814416:20
openstackgerritRoman Gorshunov proposed openstack/airship-divingbell master: Enhance docs rendering; update documentation  https://review.openstack.org/63814416:34
*** arunkant has quit IRC16:46
openstackgerritRoman Gorshunov proposed openstack/airship-divingbell master: Enhance docs rendering; update documentation  https://review.openstack.org/63814417:00
openstackgerritRoman Gorshunov proposed openstack/airship-divingbell master: Enhance docs rendering; update documentation  https://review.openstack.org/63814417:14
*** hemanth_n_ has quit IRC17:28
*** michaelbeaver has joined #airshipit18:06
*** sthussey has joined #airshipit18:06
*** michael-beaver has quit IRC18:09
openstackgerritJames Gu proposed openstack/airship-treasuremap master: Add missing labels to osh charts and ucp chart groups  https://review.openstack.org/63624018:11
openstackgerritMerged openstack/airship-in-a-bottle master: Cert/key related improvements to gate-multinode  https://review.openstack.org/64258518:19
*** juhak has quit IRC18:27
*** juhak has joined #airshipit18:28
*** michael-beaver has joined #airshipit18:33
*** michaelbeaver has quit IRC18:36
openstackgerritRoman Gorshunov proposed openstack/airship-divingbell master: Enhance docs rendering; update documentation  https://review.openstack.org/63814418:56
openstackgerritMerged openstack/airship-promenade master: Uplift default HAProxy to address CVEs  https://review.openstack.org/64347518:57
openstackgerritJames Gu proposed openstack/airship-treasuremap master: Add missing labels to osh charts and ucp chart groups  https://review.openstack.org/63624019:34
openstackgerritLev Morgan proposed openstack/airship-pegleg master: Fix multiple I/O issues in cert generation  https://review.openstack.org/64367819:55
openstackgerritSandeep Reddy Thumma proposed openstack/airship-promenade master: Setting .PEM files permissions to 640  https://review.openstack.org/64077520:04
*** irclogbot_0 has joined #airshipit20:11
roman_gPlease, review https://review.openstack.org/#/c/638144/ - Enhance docs rendering; update documentation - openstack/airship-divingbell20:18
roman_gThank you.20:18
*** kranthikirang has joined #airshipit20:24
openstackgerritMerged openstack/airship-in-a-bottle master: [site update] fixing the json syntax  https://review.openstack.org/64423920:25
*** irclogbot_0 has quit IRC20:25
*** irclogbot_0 has joined #airshipit20:26
kranthikirangHi All, We have a requirement to deploy Akraino which uses old Airship code; hence trying to deploying latest Airship code. However I have following question at creation of certificates; https://airship-treasuremap.readthedocs.io/en/latest/authoring_and_deployment.html20:27
kranthikirangDo you have a list of endpoints with FQDNs to be used while creating certificates? I guess we use these for ingress right20:28
kranthikirangAlso do we have to define DNS before deployment if so with which node IP we have to register?20:28
kranthikirangAppreciate your help to answer these question;20:28
*** michaelbeaver has joined #airshipit20:38
*** michael-beaver has quit IRC20:41
*** michaelbeaver has quit IRC20:42
roman_gkranthikirang: Configure certificates in site/${NEW_SITE}/secrets/certificates/ingress.yaml, they need to be issued for domain configured in a section data.dns.ingress_domain of a file ./site/${NEW_SITE}/networks/common-addresses.yaml. A list of endpoints which will be used with these certificates can be found in the following file ./site/${NEW_SITE}/software/config/endpoints.yaml20:50
roman_ghttps://airship-treasuremap.readthedocs.io/en/latest/authoring_and_deployment.html#update-passphrases20:50
roman_gQ: do we have to define DNS before deployment?20:50
roman_gA: yes20:50
roman_gHope it helps :)20:51
roman_gNeed to go home. Ask more questions here, some people should be online.20:51
* roman_g ZzzZzz20:51
kranthikirangroman_g: Thank you for answering. I have read that paragraph. Does my below understanding correct? for an exmaple i have following domain ingress_domain: reg1.company.com and now do I have to put this suffix to each endpoint? Certificate team is asking for FQDNs20:55
kranthikirangexmaple like cloudformation.reg1.company.com, compute.reg1.company.com ..etc?20:55
kranthikirangcoming to DNS, to which FQDNs and what ip address I have to use to register DNS records ?20:56
kranthikirangThese cloud be basic but gives me good understanding on how Airship works. So far I have used kubespray and deploy openstac-helm20:57
*** irclogbot_0 has quit IRC21:05
evgenylkranthikirang: You don't have to change every single endpoint, there is a substitution, that will do it for you https://github.com/openstack/airship-treasuremap/blob/master/site/airship-seaworthy/software/config/endpoints.yaml#L361-L39021:05
*** irclogbot_0 has joined #airshipit21:06
kranthikirangso just sign the cert using ca with that domain name as CN? that's all?21:07
kranthikirangevgenyl: so just sign the cert using ca with that domain name as CN? that's all?21:07
evgenylkranthikirang: You will need a wildcard cert (i.e. signed for *.reg1.company.com) or for roughly these domains http://paste.openstack.org/show/747983/21:10
kranthikirangevgenyl: thanks a lot; I will talk to them21:10
kranthikirangcan you please tell me on DNS?21:11
kranthikirangwhich ip I should register the DNS against before deployment? any node ip or genensis ip?21:11
kranthikirangfor all these FQDNs21:11
roman_gall node IPs21:11
kranthikirangroman_g: didn't get that; all node IPs?21:12
evgenylkranthikirang: Regarding to what DNS to register, it really depends on your networking layout, and if you e.g. use BGP VIPs for HA, for non-ha configuration you can use management IP of genesis or any other controller node https://github.com/openstack/airship-treasuremap/blob/master/site/airship-seaworthy/networks/physical/networks.yaml#L1221:13
kranthikirangevgenyl: ok; Does Airship support BGP VIPs? I ask this I do not see that VIP configuration in manifests; Also for ingress there is not VIP right?21:15
kranthikirangevgenyl: Also another question; these endpoints looks like only for openstack. Do we have to add any DNS for airship components as well? like shipyard.DOMAIN?21:15
*** michael-beaver has joined #airshipit21:19
evgenylkranthikirang: There is a way to configure external peers, but you will need to make sure that the switches are configured accordingly, here is some information on configuration configuring BGP peers for Calico https://github.com/openstack/openstack-helm-infra/blob/master/calico/values.yaml#L203-L21921:20
evgenylkranthikirang: In the list there shipyard.DOMAIN, the rest is being accessed using internal *.cluster.local DNS names, unless if you want to configure it differently.21:22
kranthikirangevgenyl: Thanks a lot for clarifying; I will include shipyard and ask to configure DNS with genesis OAM ip and certificate with wildcard21:23
kranthikirangevgenyl: coming to bgp peer that's not while building site documents right in Airship; thats in openstack-helm-infra project. So, if I don't make any config then will it use just mesh21:24
kranthikirang?21:24
openstackgerritRoman Gorshunov proposed openstack/airship-divingbell master: Enhance docs rendering; update documentation  https://review.openstack.org/63814421:26
*** howell has quit IRC21:26
openstackgerritSandeep Reddy Thumma proposed openstack/airship-promenade master: Setting .PEM files permissions to 640  https://review.openstack.org/64077521:26
*** irclogbot_0 has quit IRC21:26
*** irclogbot_0 has joined #airshipit21:27
evgenylkranthikirang: As far as I remember by default it will have mesh configuration.21:27
kranthikirangevgenyl: Will give a try with these details and get back to you21:28
kranthikirangevgenyl, roman_g: Appreciate your help and time21:29
evgenylkranthikirang: Sure, np.21:31
openstackgerritSandeep Reddy Thumma proposed openstack/airship-promenade master: Set Least Previliage for .PEM files under directory /etc/genesis.  https://review.openstack.org/64077521:33
openstackgerritRoman Gorshunov proposed openstack/airship-divingbell master: Enhance docs rendering; update documentation  https://review.openstack.org/63814421:43
openstackgerritRoman Gorshunov proposed openstack/airship-divingbell master: Enhance docs rendering; update documentation  https://review.openstack.org/63814421:47
*** kranthikirang has quit IRC22:28
*** kranthikirang has joined #airshipit22:42
openstackgerritKaspars Skels proposed openstack/airship-in-a-bottle master: Mount ~/.ssh to allow Pegleg to clone repos  https://review.openstack.org/64444422:45
openstackgerritDan Crank proposed openstack/airship-deckhand master: Log client-id in UCP API endpoints  https://review.openstack.org/63406823:08
openstackgerritDan Crank proposed openstack/airship-promenade master: Log client-id in UCP API endpoints  https://review.openstack.org/63407123:10
*** kranthikirang has quit IRC23:12
*** michael-beaver has quit IRC23:23
*** aaronsheffield has quit IRC23:33
*** kranthikirang has joined #airshipit23:34
*** kranthikirang has quit IRC23:39
« Sunday, 2019-03-17 Index Tuesday, 2019-03-19 »

Generated by irclog2html.py 2.15.3 by Marius Gedminas - find it at mg.pov.lt!