Tuesday, 2015-10-27

« Monday, 2015-10-26 Index Wednesday, 2015-10-28 »
*** openstackgerrit has quit IRC00:01
*** openstackgerrit has joined #openstack-ansible00:02
*** dolpher has joined #openstack-ansible00:19
openstackgerritKevin Carter proposed openstack/openstack-ansible: Updated container_images path  https://review.openstack.org/23955200:55
*** abitha has quit IRC01:08
*** harlowja has quit IRC01:09
bgmccollumcloudnull: juno downloads from a different url, which is still returning a 403 -- https://mirror.rackspace.com/rackspaceprivatecloud/rpc-trusty-container.tgz -- https://github.com/openstack/openstack-ansible/blob/juno/rpc_deployment/roles/lxc_common/tasks/lxc_container_cache.yml#L18 -- https://github.com/openstack/openstack-ansible/blob/juno/rpc_deployment/inventory/group_vars/all.yml#L5101:11
bgmccollumcloudnull: just say the review...01:12
bgmccollumsaw*01:12
cloudnullthe mirror will take a few hours to update01:12
cloudnullI updated the index and links to all be relative but to "resolve" the issue for real I updated the review01:13
cloudnullview-source:http://rpc-repo.rackspace.com/01:13
cloudnullthat should hit the mirror in the next 4-6 hours01:13
*** daneyon has joined #openstack-ansible01:14
bgmccollumcool01:14
cloudnullits frustrating that https://mirror.rackspace.com/rackspaceprivatecloud/rpc-trusty-container.tgz is broken w/ curl but works in a browser :)01:15
cloudnullbut all will be better soon01:15
*** sdake has joined #openstack-ansible01:16
*** sdake has quit IRC01:20
bgmccollumcloudnull: from the browser, because is HTML, its actually a different URL01:20
bgmccollumill hold for mirror sync01:21
bgmccollumthanks01:21
*** tlian has quit IRC01:22
*** daneyon_ has joined #openstack-ansible01:28
*** tlian has joined #openstack-ansible01:29
*** daneyon has quit IRC01:31
*** dolpher has quit IRC01:34
*** woodard has joined #openstack-ansible01:40
*** daneyon_ has quit IRC01:53
*** woodard has quit IRC01:57
*** daneyon has joined #openstack-ansible01:59
*** daneyon_ has joined #openstack-ansible02:02
*** daneyon has quit IRC02:04
*** daneyon has joined #openstack-ansible02:06
*** daneyon_ has quit IRC02:06
*** daneyon_ has joined #openstack-ansible02:15
*** daneyon has quit IRC02:17
*** markvoelker has joined #openstack-ansible02:18
openstackgerritMerged openstack/openstack-ansible: Small spelling fix in dynamic_inventory.py  https://review.openstack.org/23950902:30
*** daneyon has joined #openstack-ansible02:50
*** markvoelker has quit IRC02:50
*** daneyon_ has quit IRC02:51
*** markvoelker has joined #openstack-ansible02:56
*** rebase has joined #openstack-ansible02:58
*** rebase has quit IRC03:01
*** harlowja has joined #openstack-ansible03:01
*** harlowja has quit IRC03:02
openstackgerrityapeng Yang proposed openstack/openstack-ansible: Add source  into README.rst  https://review.openstack.org/23943803:05
*** spotz_zzz is now known as spotz03:10
*** rebase has joined #openstack-ansible03:11
*** dolpher has joined #openstack-ansible03:15
*** daneyon has quit IRC03:15
*** spotz is now known as spotz_zzz03:16
*** markvoelker has quit IRC03:16
*** rebase has quit IRC03:16
*** daneyon has joined #openstack-ansible03:17
*** markvoelker has joined #openstack-ansible03:30
*** daneyon_ has joined #openstack-ansible03:36
*** rebase has joined #openstack-ansible03:36
*** markvoelker has quit IRC03:37
*** daneyon has quit IRC03:37
*** skamithi13 has quit IRC03:39
*** jhesketh has quit IRC03:44
*** jhesketh has joined #openstack-ansible03:47
*** rebase has quit IRC03:47
*** rromans has quit IRC03:58
*** tlian has quit IRC04:04
*** abitha has joined #openstack-ansible04:16
*** daneyon_ has quit IRC04:21
*** rebase has joined #openstack-ansible04:44
*** rebase has quit IRC04:47
*** harlowja has joined #openstack-ansible04:49
*** harlowja has quit IRC04:50
*** abitha has quit IRC05:06
*** abitha has joined #openstack-ansible05:07
*** abitha has quit IRC05:11
*** harlowja has joined #openstack-ansible05:19
*** harlowja has quit IRC05:24
*** javeriak has joined #openstack-ansible05:42
*** javeriak has quit IRC05:54
*** shausy has joined #openstack-ansible05:56
*** openstackgerrit has quit IRC06:01
*** daneyon has joined #openstack-ansible06:14
*** openstackgerrit has joined #openstack-ansible06:14
*** daneyon_ has joined #openstack-ansible06:16
*** daneyon has quit IRC06:20
-openstackstatus- NOTICE: CI will be disrupted for an indeterminate period while our service provider reboots systems for a security fix06:28
*** ChanServ changes topic to "CI will be disrupted for an indeterminate period while our service provider reboots systems for a security fix"06:28
*** javeriak has joined #openstack-ansible06:41
*** Sam-I-Am has quit IRC07:00
*** sura8257 has joined #openstack-ansible07:28
*** jhesketh has quit IRC07:29
*** jhesketh has joined #openstack-ansible07:32
*** javeriak has quit IRC07:34
*** javeriak_ has joined #openstack-ansible07:34
*** javeriak_ has quit IRC07:40
*** antonym has quit IRC07:43
*** mpavone has joined #openstack-ansible07:58
*** neilus1 has joined #openstack-ansible07:59
*** erikmwilson has quit IRC08:04
*** sura8257__ has joined #openstack-ansible08:11
*** daneyon_ has quit IRC08:12
*** gardenshed has joined #openstack-ansible08:14
*** gardenshed has quit IRC08:14
*** gardenshed has joined #openstack-ansible08:15
*** sura8257 has quit IRC08:15
*** metral_zzz is now known as metral08:19
evrardjpFYI, the talk about optimizing rabbitmq of this morning is also talking about the clustering of rabbitmq, that maybe worth checking08:25
*** metral is now known as metral_zzz08:29
*** dolpher has quit IRC08:30
*** karimb has joined #openstack-ansible09:13
*** sura8257__ has quit IRC09:15
*** subscope has joined #openstack-ansible09:22
tiagogomescloudnull I'll test it, but I doubt that it will help debugging the cinder problem09:25
tiagogomesevrardjp are you on the OpenStack submit?09:26
*** openstackgerrit_ has joined #openstack-ansible09:43
*** javeriak has joined #openstack-ansible09:52
openstackgerritMatt Thompson proposed openstack/openstack-ansible: Allow scripts-library.sh to be sourced anywhere  https://review.openstack.org/23963110:01
*** sura8257_ has joined #openstack-ansible10:11
*** gparaskevas has joined #openstack-ansible10:23
*** subscope has quit IRC10:26
*** javeriak has quit IRC10:26
*** javeriak has joined #openstack-ansible10:28
*** subscope has joined #openstack-ansible10:33
*** subscope has quit IRC10:37
tiagogomescloudnull, my haproxy log http://paste.openstack.org/show/477450/ for the cinder problem10:38
openstackgerritMerged openstack/openstack-ansible-security: Add theme fix for browsable source code  https://review.openstack.org/23804510:44
openstackgerritMerged openstack/openstack-ansible-specs: Add theme fix for browsable source code  https://review.openstack.org/23806111:07
*** openstackgerrit_ has quit IRC11:16
*** Mudpuppy has joined #openstack-ansible11:24
*** sura8257_ has quit IRC11:30
matttcloudnull odyssey4me : hey guys, can you have a peek at https://bugs.launchpad.net/openstack-ansible/+bug/1509837 ?11:30
openstackLaunchpad bug 1509837 in openstack-ansible "Ceph python libraries are missing - liberty" [High,Confirmed]11:30
*** gardenshed has quit IRC11:36
*** javeriak_ has joined #openstack-ansible11:43
*** javeriak has quit IRC11:46
*** javeriak_ has quit IRC11:50
*** javeriak has joined #openstack-ansible11:51
*** woodard has joined #openstack-ansible11:53
*** woodard has quit IRC11:54
*** Mudpuppy has quit IRC11:54
*** woodard has joined #openstack-ansible11:54
*** javeriak has quit IRC11:56
*** javeriak has joined #openstack-ansible11:56
*** subscope has joined #openstack-ansible11:56
*** javeriak_ has joined #openstack-ansible12:07
mhaydenmorning folks12:09
mhaydenmattt: if jenkins returns "NOT_REGISTERED", is that a recheck kinda moment?12:09
matttmhayden: i want to say that's an infra problem, but i could be wrong :(12:10
*** javeriak has quit IRC12:11
matttmhayden: from my irc logs12:11
mattt2015-07-22 14:13:35     --      Notice(openstackstatus): NOTICE: CI is currently recovering from an outage overnight. It is safe to recheck results with NOT_REGISTERED errors. It may take some time for zuul to work through the backlog.12:11
mhaydengotcha12:11
mhaydencan i make a 'recheck' comment on the review for the gate job?12:11
mhaydeni have only done it for check jobs before12:11
mhaydenah yeah that does work12:14
* mhayden woots12:14
mhaydenthanks mattt12:14
*** javeriak_ has quit IRC12:16
matttmhayden: that was an old message, but you get the idea :)12:17
*** woodard has quit IRC12:17
mhaydeni ended up burning the midnight oil trying to figure out macvlans and ipv612:17
matttmhayden: that sounds like a poor life choice right there12:19
mhaydenugh12:19
mhaydenso it will use the IP it gets via SLAAC w/o issue12:19
mhaydenbut if you add a second one, the traffic never makes it to the vm :|12:20
*** woodard has joined #openstack-ansible12:20
*** subscope has quit IRC12:21
*** slotti has joined #openstack-ansible12:28
*** shausy has quit IRC12:29
*** rromans has joined #openstack-ansible12:36
*** subscope has joined #openstack-ansible12:37
*** javeriak has joined #openstack-ansible12:37
*** javeriak has quit IRC12:40
*** tlian has joined #openstack-ansible12:45
*** javeriak has joined #openstack-ansible12:46
*** openstackgerrit has quit IRC12:46
*** openstackgerrit has joined #openstack-ansible12:47
*** Mudpuppy has joined #openstack-ansible12:50
*** javeriak_ has joined #openstack-ansible12:50
*** javeriak has quit IRC12:51
*** Mudpuppy has quit IRC13:05
openstackgerritMerged openstack/openstack-ansible-security: V-3865{6,7}: Samba  https://review.openstack.org/23321513:11
openstackgerritMerged openstack/openstack-ansible-security: V-38699: Public directories exception  https://review.openstack.org/23423513:17
*** dolpher has joined #openstack-ansible13:19
*** mattoliverau has quit IRC13:34
*** sigmavirus24_awa is now known as sigmavirus2413:41
*** mattoliverau has joined #openstack-ansible13:48
*** woodard has quit IRC13:49
*** harlowja has joined #openstack-ansible13:50
*** woodard has joined #openstack-ansible13:52
*** Mudpuppy has joined #openstack-ansible13:56
*** Mudpuppy has quit IRC13:56
*** darrenc has quit IRC13:57
*** Mudpuppy has joined #openstack-ansible13:57
*** mrda has quit IRC13:57
*** jhesketh has quit IRC13:58
*** jhesketh has joined #openstack-ansible14:01
openstackgerritMajor Hayden proposed openstack/openstack-ansible-security: V-38660: SNMPv3  https://review.openstack.org/23322614:06
*** Mudpuppy has quit IRC14:07
mhaydenmattt: ^^ rebase for 23322614:07
*** erikmwilson_ has joined #openstack-ansible14:07
*** darrenc has joined #openstack-ansible14:07
*** Mudpuppy has joined #openstack-ansible14:07
*** erikmwilson_ is now known as erikmwilson14:08
openstackgerritMajor Hayden proposed openstack/openstack-ansible-security: V-3864{2,5,7,9}, V-38651: Umask adjustments  https://review.openstack.org/23312014:09
mhaydenmattt: https://review.openstack.org/#/c/233120/ <-- tidied up14:09
*** matt___ has joined #openstack-ansible14:12
openstackgerritMajor Hayden proposed openstack/openstack-ansible-security: V-3857{4,6,7}: Password hashing algorithms  https://review.openstack.org/23307114:13
mhaydenmattt: also cleaned up ^^14:14
gparaskevashello14:16
*** k_stev has joined #openstack-ansible14:16
mhaydenohai gparaskevas14:16
gparaskevasdidnt you go to the summit?14:17
mhaydennot i :/14:17
gparaskevasme neither :/14:18
gparaskevasmaybe next year!14:18
*** harlowja has quit IRC14:19
javeriak_hey guys14:21
javeriak_doing an install from kilo head, and ive hit something, in https://github.com/openstack/openstack-ansible/blob/kilo/playbooks/os-nova-install.yml, line 115 should use 'management_address' instead of 'container_address'. Am i missing something, beacuse thats what my hostvars looks like14:21
tiagogomesregarding https://review.openstack.org/#/c/233389, should enabling l3ha based on l2_population depend on the tenant network type? In the networking guide it only mentions problems using l3ha+l2_population for gre and vxla14:22
javeriak_sorry meant line 117*14:22
gparaskevasi think container address is management14:24
gparaskevascontainers are bind to management network14:25
matttmhayden: two questions on https://review.openstack.org/#/c/233226/7/tasks/misc.yml14:27
mhaydenah yeah, the dreaded snmp14:27
matttmhayden: why don't we just check if snmpd is installed w/ dpkg, and also why are we checking for 'community' when https://www.stigviewer.com/stig/red_hat_enterprise_linux_6/2015-03-06/finding/V-38660 makes no mention of that?14:27
mhaydenmattt: that was eric's suggestion since he had some SME experience with snmp14:28
mhaydensomeone could use the 'rocommunity' configuration option, which is terrible for security14:28
matttah yeah, i see his comment now14:29
mhaydeni can do a pkg check instead of a config file check if needed14:29
*** sawangpongm has joined #openstack-ansible14:30
javeriak_gparaskevas, yes but the host_vars[container_networks] json doesn't contain a 'container_address' key..14:30
matttmhayden: ubuntu only has 1 snmpd server, so i'd imagine it's ok to check w/ dpkg ?14:30
*** phalmos has joined #openstack-ansible14:31
mhaydenprobably so14:32
* mhayden fixes14:32
matttmhayden: the reason why i mentioned it is because you rely on dpkg's exit code in https://github.com/openstack/openstack-ansible-security/blob/master/tasks/auth.yml#L250-L25814:33
mhaydenoh damn, that's a bug then14:33
mhaydenthe vsftpd one14:33
matttah ok14:33
* mhayden wanders over to launchpad14:34
mhaydenmattt: i'll fix up the snmp stuff and fix that vsftpd check after14:35
*** jhesketh has quit IRC14:36
matttmhayden: nice, will review when they're up14:37
openstackgerritMajor Hayden proposed openstack/openstack-ansible-security: V-38660: SNMPv3  https://review.openstack.org/23322614:38
mhaydenmattt: there's one ^^14:38
openstackgerritMajor Hayden proposed openstack/openstack-ansible-security: Fixing vsftpd install check  https://review.openstack.org/23967714:41
mhaydenmattt: and the vsftpd fix ^^14:41
matttmhayden: when: v38660_snmpd_conf.stat.exists == True14:41
matttmhayden: that is no longer getting registered14:42
mhaydenah, good call14:42
openstackgerritMajor Hayden proposed openstack/openstack-ansible: Enable encryption for all RabbitMQ connections  https://review.openstack.org/23869114:43
mhaydenjenkins has it out for me today14:43
mhaydenwait, i have two vsftpd checks in different places14:44
mhaydenthat makes little sense14:44
*** dolpher has quit IRC14:45
matttmhayden: wuuuut14:45
*** sawangpongm has left #openstack-ansible14:45
mhaydenin auth.yml and misc.yml14:45
mhaydenimma corral those together14:45
*** sawangpongm has joined #openstack-ansible14:45
*** jimchou has joined #openstack-ansible14:45
*** jhesketh has joined #openstack-ansible14:48
openstackgerritMajor Hayden proposed openstack/openstack-ansible-security: V-38660: SNMPv3  https://review.openstack.org/23322614:50
gparaskevasjaveriak_: let me check14:50
*** sawangpongm has quit IRC14:52
openstackgerritMajor Hayden proposed openstack/openstack-ansible-security: Fixing vsftpd install check  https://review.openstack.org/23967714:56
mhaydenhughsaunders: grepgrepgrepgrepgrep14:56
hughsaundersmhayden: grep pam_unix.so /etc/pam.d/common-password | grep sha512 | grep -v '^#'" --> grep '^\s*password.*pam_unix.*sha512' /etc/pam.d/common-password14:56
mhaydenbut but, i lose the pipes14:57
mhaydenpipes are fun14:57
mhaydenthey're like slashes but vertical14:57
hughsaundersfork, do it m04R14:57
mhaydenMOAR14:57
mhaydenbut if i use pipes, it makes it looks like i'm doing something amazing14:58
mhaydenkinda like when i use lambdas14:58
hughsaundersabout that...14:58
mhayden:P14:58
mhaydenhughsaunders: i'm totally being facetious14:58
mhaydenas mattt can attest, i'm full of crap most of the time :)14:58
hughsaundersmhayden: you seem to do well out of it14:59
*** gus has quit IRC15:00
mhaydenawww :)15:00
hughsaundersnow get out of my office and eradicate all those multi-greps :p15:01
* mhayden is trying to push that (hopefully) last SNMPv3 fixyfix15:01
openstackgerritMajor Hayden proposed openstack/openstack-ansible-security: V-38660: SNMPv3  https://review.openstack.org/23322615:01
mhaydenhughsaunders: still one pipe left ^^15:02
*** jimchou_ has joined #openstack-ansible15:03
*** jimchou has quit IRC15:03
hughsaundersmhayden: better though15:04
mhaydenwhew15:04
mhaydenonly four osas reviews left -- so much excitement15:04
*** javeriak_ has quit IRC15:06
*** woodard has quit IRC15:07
matttmhayden: that snmpd grep is no good15:08
*** ysm has joined #openstack-ansible15:08
matttmhayden: actually wait, maybe i herped15:08
matttmhayden: ah yeah15:08
* mhayden is in another irc meeting and is moving slowly15:09
matttmhayden: https://gist.githubusercontent.com/mattt416/d34f1e67e3a8a5c91540/raw/c11d34cd6f017fc352341c40dead87dcbae8037e/gistfile1.txt15:10
*** woodard has joined #openstack-ansible15:10
*** gus has joined #openstack-ansible15:11
matttmhayden: there's also a rocommunity in the stock config :(15:11
*** jwagner_away is now known as jwagner15:13
*** woodard has quit IRC15:15
*** woodard has joined #openstack-ansible15:16
*** woodard has quit IRC15:16
hughsaundersmattt: ah yes :(15:16
*** neillc has quit IRC15:16
openstackgerritRadoslaw Smigielski proposed openstack/openstack-ansible: Fix docs build unknown target name error  https://review.openstack.org/23969115:17
*** woodard has joined #openstack-ansible15:17
mhaydendarn, this regex is a tricky one15:17
hughsaundersmhayden: egrep 'v1|v2c|com2sec|community' /etc/snmp/snmpd.conf | grep -v '^\s*#'15:17
hughsaundershaven't managed to eliminate the double yet :/15:17
mhaydenhah, alrighty15:19
mhaydenthat one works?15:19
hughsaundersmhayden: seems to.15:21
*** woodard_ has joined #openstack-ansible15:22
*** mcarden has quit IRC15:23
*** woodard has quit IRC15:25
mhaydeni shall go and do the fixing15:25
*** gparaskevas has quit IRC15:26
*** phalmos has quit IRC15:27
*** neilus1 has quit IRC15:29
openstackgerritMajor Hayden proposed openstack/openstack-ansible-security: V-38660: SNMPv3  https://review.openstack.org/23322615:30
openstackgerritRadoslaw Smigielski proposed openstack/openstack-ansible: Fix docs build "literal block expected" warning  https://review.openstack.org/23969415:32
*** neillc has joined #openstack-ansible15:33
hughsaundersgrep -P  '(?=^((?!#).)*$).*(v1|v2c|com2sec|community)' /etc/snmp/snmpd.conf in this case the single grep approach is so hideous that double is actually better for readability15:37
sigmavirus24hughsaunders: don't be ridiculous15:50
*** mgoddard has quit IRC15:50
*** ysm has quit IRC16:01
*** alop has joined #openstack-ansible16:04
*** metral_zzz is now known as metral16:05
mhaydenmattt: https://review.openstack.org/#/c/238691/ <-- check finished... i think it might just need a W+1 if i'm reading it correctly16:05
mhaydenor hughsaunders16:05
*** metral is now known as metral_zzz16:05
openstackgerritMajor Hayden proposed openstack/openstack-ansible-security: V-38660: SNMPv3  https://review.openstack.org/23322616:06
*** mgoddard has joined #openstack-ansible16:08
*** phalmos has joined #openstack-ansible16:11
*** Bjoern_ has joined #openstack-ansible16:12
*** jimchou has joined #openstack-ansible16:13
*** alextricity_w has joined #openstack-ansible16:15
alextricity_wHey16:15
*** jimchou_ has quit IRC16:15
alextricity_wDoes anybody know how to tell the openstack client to use a certain IP for it's endpoint throughout the entire auth process?16:15
alextricity_wI'm trying to access my APIs through a floating IP, but the client seems to revert back to what's configured as my public endpoint16:16
*** Bjoern_ is now known as BjoernT16:17
hughsaundersalextricity_w: you are trying to access openstack APIs via a neutron floating ip?16:17
BjoernTIs the triaging meeting taking place ?16:17
alextricity_wYeah16:17
alextricity_wSo this environment is build on another cloud16:17
alextricity_whughsaunders: The floating IP is public, but the client always refers me back to my public endpoint IP: https://gist.github.com/elextro/76da737d4d9858cf18c816:18
*** neilus1 has joined #openstack-ansible16:22
hughsaundersalextricity_w: you could use --os-endpoint for the specific service you want to use, but thats post auth.16:25
*** mpavone has quit IRC16:27
alextricity_whughsaunders: What do you mean post-auth? The client is making the auth request to the right ip (the floating ip), but after that it uses the public endpoint(which is not the floating ip). I need a way to override what it uses16:28
alextricity_wAfter auth16:28
hughsaundersalextricity_w: I mean, if you use --os-endpoint I think you need to have a token already to supply to the service16:28
alextricity_whughsaunders. Oh I see. So you would have to get a token before requesting any resources...hmm..16:31
alextricity_whughsaunders I'm still surprised there is no easy way to override this16:32
*** javeriak has joined #openstack-ansible16:37
*** javeriak_ has joined #openstack-ansible16:45
*** javeriak has quit IRC16:45
*** subscope has quit IRC16:46
*** ysm has joined #openstack-ansible16:48
*** javeriak has joined #openstack-ansible16:49
*** javeriak_ has quit IRC16:50
*** phalmos has quit IRC16:54
*** neilus1 has quit IRC17:02
*** ysm has quit IRC17:04
mhaydenmattt / hughsaunders: thanks for the hlep today17:09
mhaydenecho "hlep" | grep -v help | sed 's/le/el/' | sort17:10
mhaydenbah, the rabbitmq job failed **again** but this time due to a failed apt-get update :P17:16
* mhayden looks at jenkins with consternation17:16
*** jwagner is now known as jwagner_lunch17:18
sigmavirus24mhayden: don't have the job runner, hate the infrastructure17:21
*** abitha has joined #openstack-ansible17:24
*** woodard_ has quit IRC17:25
*** woodard has joined #openstack-ansible17:25
*** slotti has quit IRC17:33
*** ysm has joined #openstack-ansible17:34
*** karimb has quit IRC17:52
*** phalmos has joined #openstack-ansible17:55
*** woodard has quit IRC17:56
*** greg_a has joined #openstack-ansible17:56
mhaydenso i'm converting the bootstrap-aio.sh script to ansible but i can't seem to get the fallocate right... i run out of disk space immediately18:08
*** ysm has quit IRC18:08
mhaydenoh nvm18:09
mhaydencan'tread18:09
*** alextricity_w has quit IRC18:13
sigmavirus24mhayden: more like failocate, amirite?18:13
*** jwagner_lunch is now known as jwagner18:16
*** ysm has joined #openstack-ansible18:26
openstackgerritMerged openstack/openstack-ansible: Updated ansible version  https://review.openstack.org/23951618:27
mhaydenoooh new shiny18:27
odyssey4meo/ mhayden18:28
mhaydenhowdy odyssey4me  -- how is tokyo?18:28
odyssey4meyes, I should be asleep - the story of my life :p18:28
mhayden3:28AM there? ouch18:28
odyssey4meit's a bit crazy at first - being in an entirely foreign city makes me feel like an alien18:29
odyssey4mebut it's also a great reset in your brain to make you realise that there are places in the world that have a completely different base premise in their cultures, beliefs, body language, etc18:30
odyssey4mequite a mind blower18:30
odyssey4mecloudnull and I had an interesting chat with a AU government rep who was using OSA (Juno) and who raised something I thought would pique your interest18:30
mhaydenwait, did i screw up here? https://review.openstack.org/#/c/238691/18:31
mhaydenit ran the check again, then ran the gate18:31
mhaydenor is that normal18:31
odyssey4mehe basically said that it would be really great if we could do some sort of security audit (which you're doing) and to publish the hit list of items to do... then anyone can pick up those items to work on them, but also deployers are informed of the current shortfalls and can see when they get addressed18:32
odyssey4memhayden so you did a recheck - the recheck starts the whole process from scratch18:33
mhaydenodyssey4me: ah, i have some of that listed privately, but it might be nice to open it up18:33
*** sdake has joined #openstack-ansible18:33
mhaydenodyssey4me: should i have put something else in the comment?18:33
odyssey4meso yeah, it's normal - it's already kicked into the next phase18:33
odyssey4memhayden we used to be able to do 'reverify' and it would only retry the last bit - but reverify now restarts the process from scratch too18:33
odyssey4meso no, you did it all good :)18:33
mhaydenalrighty18:34
mhaydenodyssey4me: good food there?18:34
odyssey4meI have yet to find sashimi, because every sushi shop only does nigiri.18:34
odyssey4meBut good ramen is easy to find.18:34
odyssey4meSome of the local beers are surprisingly good.18:34
mhaydengetcha some of this -> https://en.wikipedia.org/wiki/Katsudon18:35
mhaydenchanged my life18:35
odyssey4meI got lbragstad and mancdaz to have some Fugu this evening.18:35
odyssey4me:)18:35
mhaydennot sure if i could do that18:35
odyssey4meheh, it is quite frightening if you think of it too much... but meh :p18:36
odyssey4meanyway , let me try and get back to sleep - I just thought I'd give you that feedback18:37
*** manas has joined #openstack-ansible18:37
*** manas has quit IRC18:38
openstackgerritMerged openstack/openstack-ansible: Update reference for rpc-maas repo  https://review.openstack.org/23905718:46
mhaydenthanks, odyssey4me18:46
*** Sam-I-Am has joined #openstack-ansible18:51
cloudnullTiagogomes I think we need to improve he api up check that is being done for cinder to give it better insight on if the api is up or not. In tracking down that issue the only thing I found was to give the api backends more time to come online so the wait_for assertion on a functional cinder api needs to do a bit more to guarantee all is well.19:10
cloudnullMorning / afternoon BTW19:10
*** sura8257 has joined #openstack-ansible19:26
*** sdake has quit IRC19:27
*** phalmos has quit IRC19:30
odyssey4melol, cloudnull you can't sleep either?19:39
cloudnullNope :-/19:39
sigmavirus24So sorry odyssey4me and cloudnull19:40
openstackgerritMerged openstack/openstack-ansible: Enable encryption for all RabbitMQ connections  https://review.openstack.org/23869119:40
cloudnullHow's it BTW ?19:40
openstackgerritMerged openstack/openstack-ansible: Make the container cache resolvers configurable  https://review.openstack.org/23896219:40
Sam-I-Amcloudnull: sleep is optional19:42
cloudnullSigmavirus24 is a bitch my internal clock is all jacked up.19:42
sigmavirus24yeah I get it cloudnull, it's the worst19:43
Sam-I-Ami dont shift time zones well19:45
cloudnullI already don't sleep ...19:46
mhaydenholy mackerel, the rabbitmq SSL thing finally merged19:47
Sam-I-Amopenstack less, sleep more19:47
* mhayden woots19:47
mhaydeni take back about 40% of what i said about jenkins19:47
sigmavirus24mhayden: bad choice19:50
logan2awesome @ #238962, i have been using a custom container base just because of that exact issue19:50
cloudnull++ logan2 hope it ends up helping out.19:56
cloudnullMhayden that's awesome. Rabbit SSL is fantastic and something most aren't doing.19:57
mhaydenit hasn't broken anything for me yet19:57
mhaydeni'd still like to figure out how to assemble a CA first, though19:57
mhaydenbut i'm wallowing in that bootstrap-aio.sh -> ansible spec :P19:58
cloudnullHaha. Hope its not so terribad19:58
mhaydenit's okay19:59
mhaydeni'm on line 312 of the aio script now19:59
cloudnullMhayden do you think you can cherry pick that SSL change to liberty ?19:59
cloudnullWow nice progress.19:59
mhaydenit should be straightfoward enough to cherry picicicicicic19:59
mhaydenthe ssl listener stuff is in kilo, so it should already be in liberty20:00
mhaydencloudnull: https://review.openstack.org/#/c/239744/20:00
openstackgerritKevin Carter proposed openstack/openstack-ansible: Added logging for haproxy to rsyslog  https://review.openstack.org/23950520:01
openstackgerritMerged openstack/openstack-ansible: Add source  into README.rst  https://review.openstack.org/23943820:01
*** openstackgerrit has quit IRC20:01
*** openstackgerrit has joined #openstack-ansible20:02
cloudnullIdk if we should back port that to kilo but liberty for sure. Odyssey4me thoughts?20:02
odyssey4meI would strongly recommend that we do not proactively backport any 'feature' into kilo without a specific request to do so and a very good reason.20:03
mhaydeni'm fine with leaving it in liberty only20:04
odyssey4meLiberty, on the other hand - I'd say we can happily pull back any work until mitaka-1, then we need to be more picky.20:04
odyssey4meKilo should be considered stable in my view.20:04
sigmavirus24odyssey4me: define stable20:05
sigmavirus24;)20:05
odyssey4mesigmavirus24 :p20:05
odyssey4methe code base should only receive bug fixes20:05
sigmavirus24I wonder if its stable if we should call the branch "stable/kilo"20:05
odyssey4mesigmavirus24 we can't now - it affects documentation, deployments, etc - but for Mitaka we can20:06
odyssey4meI would like to do both that, and actually shift to a full stable branch model.20:07
odyssey4meIf our deployers want repeatability, reliability and stable delivery - then there should be no major code base changes once the branch is cut.20:08
sigmavirus24odyssey4me: I was mostly trolling but *shrug*20:12
sigmavirus24Anyway, we've already fixed all the tooling to use our current branch naming strategy20:12
odyssey4mesigmavirus24 the supertroll is back :)20:12
sigmavirus24And people are becoming familiar with our naming so I don't see a reason to bother changing it at this point20:12
sigmavirus24But yeah, I don't disagree about repeatability, reliability and stability except that we'll have to start adopting new features in openstack cycles a lot earlier than we historically have20:13
odyssey4mesigmavirus24 agreed, but I don't see that it would be too hard20:13
sigmavirus24We can add support for new features without breaking things (e.g., add support for Federation without switching to Keystone v3 in a .1 release)20:14
sigmavirus24odyssey4me: it's more work than we currently have capacity to deal with20:14
sigmavirus24We can't be on top of all the services and accomodating their new features/etc so quickly with so few active contributors and reviewers20:14
sigmavirus24Also we'll need to be testing those features to see if we actually want to support their deployment, no?20:14
sigmavirus24I would not (in the next 2 or 3 cycles) bother supporting Artifacts until its API finishes changing and it actually works20:15
odyssey4mesigmavirus24 sure, but also bear in mind that we have the config_template overrides now... ao 'new features' are largely figuring out how to configure things, documenting that, perhaps implementing some conveniences, and then moving through an organisational preparation process20:15
sigmavirus24(Artifacts being v3 in Glance)20:15
sigmavirus24odyssey4me: true, but that's not always the only work to be done either20:16
sigmavirus24fernet tokens for example required us to set up rsync between keystone containers when we're using fernet20:16
odyssey4meyep, so I'd like us to think about implementing tooling to also make that sort of stuff simple and not require a dev cycle if at all possible20:17
odyssey4melet's try to work smarter and do things in simpler ways20:17
*** greg_a has quit IRC20:21
*** woodard has joined #openstack-ansible20:25
*** phalmos has joined #openstack-ansible20:27
*** sura8257__ has joined #openstack-ansible20:31
*** sura8257 has quit IRC20:35
*** sura8257__ has quit IRC20:40
*** jwagner is now known as jwagner_away20:40
*** ChanServ changes topic to "Topic: Launchpad: https://launchpad.net/openstack-ansible Weekly Meetings: https://wiki.openstack.org/wiki/Meetings/openstack-ansible || Repo rename from stackforge/os-ansible-deployment to openstack/openstack-ansible happens Sept 11 2015 23:00 to 23:30. See https://review.openstack.org/#/c/200730/"20:45
odyssey4mecloudnull ping?20:47
odyssey4memhayden sorry for the distraction, but I took a peek through https://review.openstack.org/239525 and made some comments :)20:47
matttisn't it like 6 AM in tokyo right now?20:53
*** javeriak has quit IRC20:53
openstackgerritMajor Hayden proposed openstack/openstack-ansible: [WIP] AIO bootstrap in Ansible  https://review.openstack.org/23952520:54
mhaydenodyssey4me: just saw your msg :P20:54
mhaydenand pushed up a boatload of changes20:54
mhaydeni think i have about 95% of what's in the script done, but there are probably plenty of bugs and prettying-up required20:54
cloudnullOdyssey4me yes ?20:55
*** woodard has quit IRC20:58
*** woodard has joined #openstack-ansible20:59
mhaydenodyssey4me: new WIP review coming with all of your changes addresses but one21:02
mhaydenany moment now21:02
mhaydenat the speed of gerrit21:02
mhaydenthen again, this is a fairly fat commit21:02
*** ysm has quit IRC21:02
mhaydensigh21:04
openstackgerritMajor Hayden proposed openstack/openstack-ansible: [WIP] AIO bootstrap in Ansible  https://review.openstack.org/23952521:05
mhaydenthere we go21:05
mhaydenodyssey4me: obviously this thing needs tubloads of polish, too21:05
Sam-I-Ammhayden: aaaaack filenames with cap letters21:06
mhaydenah, i meant to toss a lower in there21:06
Sam-I-Ammhayden: how come swap creation uses dd instead of fallocate?21:08
mhaydenfallocate was giving me trouble there21:08
mhaydeni need to revisit it21:08
Sam-I-Amwhat sort of trouble?21:08
mhaydeni can't quite remember now -- but i'll try to revisit it tomorrow21:09
mhaydenfeel free to toss in a comment to remind me :)21:09
Sam-I-Ammhayden: dun21:11
mhaydenthanks21:12
*** woodard has quit IRC21:14
openstackgerritMajor Hayden proposed openstack/openstack-ansible: [WIP] AIO bootstrap in Ansible  https://review.openstack.org/23952521:15
mhaydenSam-I-Am: seems to work for me now21:15
Sam-I-Ammhayden: magic21:16
mhaydenhttps://pbs.twimg.com/media/CSWl6akVEAAi_NX.jpg:large21:16
mhayden^^ gave me a chuckle21:16
mhaydengot an openstack recruiter email that said something similar to that today21:16
Sam-I-Amsounds about right21:17
Sam-I-Amor just 30 years experience on something that's only 5 years old21:17
mhaydenwhoa, that commit is exactly 1,000 lines21:18
mhaydendefinitely not planned21:18
sigmavirus24mhayden: yeah sure =P21:19
mhaydengotta make it 1337 lines by the end21:19
mhaydenperhaps some eye-pleasing ascii art for odyssey4me21:20
*** ysm has joined #openstack-ansible21:21
mhaydenbreaking news -> Intel x86 considered harmful http://blog.invisiblethings.org/papers/2015/x86_harmful.pdf21:21
odyssey4memhayden we used to use dd, but fallocate was cleaner - but then fallocate doesn't work on ext3/4 I think it was21:22
mhaydenit works on ext4 now21:22
mhaydenperhaps that's why i got hosed21:22
odyssey4mebut hey - I just thought I'd peek through it... great job so far!21:22
mhaydenln -s /usr/bin/fallocate /usr/bin/faillocate21:22
mhaydenthanks21:22
mhaydeni'll pick back up on it tomorrow and clean it up a bit21:23
sigmavirus24mhayden: is it a carcinogen?21:23
Sam-I-Ami've been using fallocate on ext4 for a while21:23
Sam-I-Ammaybe its ext3?21:23
odyssey4meand yeah, mhayden  I personally prefer | lower: https://github.com/odyssey4me/ansible-openvas/blob/master/tasks/install_common.yml#L16-L2021:23
*** phalmos has quit IRC21:24
odyssey4meit means all the file names are perdy :p21:24
mhaydenodyssey4me: check the latest patch21:24
odyssey4mehaha, nice!21:25
odyssey4meanyway, time for me to get on with my day - time for breakfast!21:26
*** ysm has quit IRC21:31
*** sigmavirus24 is now known as sigmavirus24_awa21:31
*** mcarden has joined #openstack-ansible21:32
*** Mudpuppy has quit IRC21:40
*** sdake has joined #openstack-ansible21:55
openstackgerritBjoern Teipel proposed openstack/openstack-ansible: [WIP] AIO bootstrap in Ansible  https://review.openstack.org/23952522:00
openstackgerritRadoslaw Smigielski proposed openstack/openstack-ansible: Fix docs build unknown target name error  https://review.openstack.org/23969122:07
*** karimb has joined #openstack-ansible22:07
*** karimb has quit IRC22:08
*** karimb has joined #openstack-ansible22:08
*** karimb has quit IRC22:09
*** karimb has joined #openstack-ansible22:10
*** karimb has quit IRC22:10
*** karimb has joined #openstack-ansible22:11
*** sdake has quit IRC22:26
openstackgerritBjoern Teipel proposed openstack/openstack-ansible: [WIP] AIO bootstrap in Ansible  https://review.openstack.org/23952522:28
*** jimchou has quit IRC22:40
*** dolpher has joined #openstack-ansible22:55
*** erikmwilson has quit IRC23:13
*** erikmwilson has joined #openstack-ansible23:14
*** openstackgerrit has quit IRC23:16
*** openstackgerrit has joined #openstack-ansible23:16
*** alop has quit IRC23:31
*** tlian has quit IRC23:40
*** sdake has joined #openstack-ansible23:48
*** dolpher has quit IRC23:50
*** k_stev has quit IRC23:52
*** tlian has joined #openstack-ansible23:59
« Monday, 2015-10-26 Index Wednesday, 2015-10-28 »

Generated by irclog2html.py 2.14.0 by Marius Gedminas - find it at mg.pov.lt!