Wednesday, 2016-03-09

« Tuesday, 2016-03-08 Index Thursday, 2016-03-10 »
*** Nepoc has joined #openstack-ansible00:02
*** thorst_ has joined #openstack-ansible00:02
*** sdake_ has joined #openstack-ansible00:02
*** sdake has quit IRC00:03
*** sdake has joined #openstack-ansible00:05
*** sdake_ has quit IRC00:07
*** raddaoui has quit IRC00:08
*** Mudpuppy has quit IRC00:13
*** Mudpuppy has joined #openstack-ansible00:14
*** raddaoui has joined #openstack-ansible00:16
*** scarlisle has quit IRC00:19
*** fawadkhaliq has joined #openstack-ansible00:23
*** jguy_ has joined #openstack-ansible00:25
*** Nepoc has quit IRC00:25
*** Nepoc has joined #openstack-ansible00:26
*** raddaoui has quit IRC00:30
*** woodard has quit IRC00:31
openstackgerritMerged openstack/openstack-ansible-os_neutron: Add radvd to neutron containers  https://review.openstack.org/28956100:33
*** fawadkhaliq has quit IRC00:35
openstackgerritMichael Davies proposed openstack/openstack-ansible-ironic: Setup tftp for all scenarios  https://review.openstack.org/29020600:37
*** bapalm has quit IRC00:37
*** ShannonM has quit IRC00:38
*** Mudpuppy has quit IRC00:46
*** Nepoc has quit IRC00:49
*** Nepoc has joined #openstack-ansible00:49
*** bapalm has joined #openstack-ansible00:54
*** Nepoc has quit IRC01:05
*** Nepoc has joined #openstack-ansible01:05
*** johnmilton has joined #openstack-ansible01:14
*** izaakk has quit IRC01:17
*** johnmilton has quit IRC01:19
*** sdake has quit IRC01:20
*** asettle has quit IRC01:20
*** weezS has quit IRC01:21
*** shanec has quit IRC01:25
*** Nepoc has quit IRC01:30
*** asettle has joined #openstack-ansible01:30
*** Nepoc has joined #openstack-ansible01:30
*** johnmilton has joined #openstack-ansible01:31
*** lykinsbd has quit IRC01:33
*** lykinsbd has joined #openstack-ansible01:34
*** asettle has quit IRC01:35
*** cloudtrainme has joined #openstack-ansible01:55
*** Nepoc has quit IRC01:56
openstackgerritJimmy McCrory proposed openstack/openstack-ansible-repo_server: Trim apt package list  https://review.openstack.org/28951001:59
*** Nepoc has joined #openstack-ansible02:06
*** asettle has joined #openstack-ansible02:08
*** johnmilton has quit IRC02:11
*** b3rnard0 is now known as b3rnard0_away02:21
*** gfa_ is now known as gfa02:24
*** john51 has quit IRC02:31
*** john51 has joined #openstack-ansible02:33
*** sdake has joined #openstack-ansible02:33
*** cemmason has quit IRC02:39
*** cemmason has joined #openstack-ansible02:39
*** network__ has quit IRC02:40
*** networkninja has joined #openstack-ansible02:43
*** jguy_ has quit IRC02:49
*** jguy_ has joined #openstack-ansible02:52
*** thorst_ has quit IRC03:05
*** thorst_ has joined #openstack-ansible03:06
*** thorst_ has quit IRC03:14
*** shanec has joined #openstack-ansible03:19
*** markvoelker has joined #openstack-ansible03:30
*** jguy_ has quit IRC03:32
*** sdake has quit IRC03:37
*** cloudtrainme has quit IRC03:43
*** sdake has joined #openstack-ansible03:43
*** cloudtrainme has joined #openstack-ansible03:44
*** raddaoui has joined #openstack-ansible03:46
*** raddaoui has quit IRC03:48
*** cloudtrainme has quit IRC03:49
*** jamielennox is now known as jamielennox|away03:54
*** shanec has quit IRC03:57
*** shausy has joined #openstack-ansible04:09
*** thorst_ has joined #openstack-ansible04:12
*** asettle has quit IRC04:14
*** thorst_ has quit IRC04:19
*** asettle has joined #openstack-ansible04:22
*** lykinsbd has quit IRC04:34
*** asettle has quit IRC04:36
*** asettle has joined #openstack-ansible04:44
*** asettle has quit IRC04:48
*** skamithi13 has quit IRC04:56
*** skamithi13 has joined #openstack-ansible04:57
*** jmckind_ is now known as jmckind05:17
*** thorst_ has joined #openstack-ansible05:17
*** jmckind has quit IRC05:19
*** thorst_ has quit IRC05:23
*** sdake_ has joined #openstack-ansible05:24
*** skamithi14 has joined #openstack-ansible05:27
*** sdake has quit IRC05:27
*** skamithi14 has quit IRC05:29
*** skamithi14 has joined #openstack-ansible05:30
*** skamithi13 has quit IRC05:31
*** skamithi13 has joined #openstack-ansible05:34
*** skamithi13 has quit IRC05:36
*** skamithi13 has joined #openstack-ansible05:37
*** skamithi14 has quit IRC05:37
*** skamithi14 has joined #openstack-ansible05:39
*** daneyon_ has quit IRC05:41
*** skamithi13 has quit IRC05:41
*** asettle has joined #openstack-ansible05:43
*** cemmason has quit IRC05:44
*** cemmason has joined #openstack-ansible05:45
*** javeriak has joined #openstack-ansible05:45
*** javeriak has quit IRC05:46
*** fawadkhaliq has joined #openstack-ansible05:47
*** asettle has quit IRC05:48
*** javeriak_ has joined #openstack-ansible05:49
*** TheIntern has joined #openstack-ansible05:56
*** gfa is now known as gfa_05:58
*** asettle has joined #openstack-ansible06:02
*** asettle has quit IRC06:07
*** networkninja has quit IRC06:07
*** javeriak has joined #openstack-ansible06:10
*** TheIntern has quit IRC06:11
*** admin0 has joined #openstack-ansible06:11
*** TheIntern has joined #openstack-ansible06:12
*** javeriak_ has quit IRC06:13
*** thorst_ has joined #openstack-ansible06:21
*** admin0 has quit IRC06:23
*** phiche has joined #openstack-ansible06:25
*** TheIntern has quit IRC06:26
*** thorst_ has quit IRC06:28
*** McMurlock1 has joined #openstack-ansible06:40
*** javeriak has quit IRC06:45
*** javeriak has joined #openstack-ansible06:46
*** phiche has quit IRC06:55
*** phiche has joined #openstack-ansible07:05
*** mathlin1 has joined #openstack-ansible07:06
openstackgerritMerged openstack/openstack-ansible-os_swift: [DOCS] Cleaned up Swift README  https://review.openstack.org/28784007:14
openstackgerritMerged openstack/openstack-ansible-os_neutron: Fix auth_url for neutron configuration  https://review.openstack.org/28741107:15
openstackgerritMerged openstack/openstack-ansible-os_tempest: Removing unneeded with_items usage for clarity  https://review.openstack.org/28908007:15
openstackgerritMerged openstack/openstack-ansible-os_neutron: Rootwrap configuration should be owned by root  https://review.openstack.org/28907707:17
openstackgerritMerged openstack/openstack-ansible: Adding Networking Information to Install Guide  https://review.openstack.org/29014507:21
openstackgerritMerged openstack/openstack-ansible-os_nova: Fix auth_url for nova configuration  https://review.openstack.org/28864207:22
openstackgerritMerged openstack/openstack-ansible-os_aodh: Fix auth_url for aodh configuration  https://review.openstack.org/28865507:22
openstackgerritMerged openstack/openstack-ansible-os_ceilometer: Fix auth_url for ceilometer configuration  https://review.openstack.org/28869307:22
openstackgerritMerged openstack/openstack-ansible-os_nova: Conditionally set UID/GID for nova user/group  https://review.openstack.org/29011007:24
openstackgerritMerged openstack/openstack-ansible-os_cinder: Enable developer mode  https://review.openstack.org/28985407:24
*** thorst_ has joined #openstack-ansible07:26
*** fawadkhaliq has quit IRC07:28
openstackgerritMerged openstack/openstack-ansible-rsyslog_server: Multi-distro support for rsyslog-server role  https://review.openstack.org/27429007:29
openstackgerritMerged openstack/openstack-ansible-galera_server: Removing unneeded with_items usage for clarity  https://review.openstack.org/28906207:33
*** mathlin1 has quit IRC07:33
*** thorst_ has quit IRC07:33
*** jwagner has quit IRC07:35
*** eglute has quit IRC07:35
*** d34dh0r53 has quit IRC07:36
*** palendae has quit IRC07:36
*** sigmavirus24_awa has quit IRC07:36
*** odyssey4me has quit IRC07:36
openstackgerritMerged openstack/openstack-ansible-os_cinder: Enable functional convergence testing  https://review.openstack.org/28985607:36
*** cloudnull has quit IRC07:38
*** asettle has joined #openstack-ansible07:40
*** b3rnard0_away has quit IRC07:41
*** bogeyon18 has quit IRC07:41
*** odyssey4me has joined #openstack-ansible07:41
*** asettle has quit IRC07:47
*** admin0 has joined #openstack-ansible08:00
*** phiche has quit IRC08:00
*** sdake_ is now known as sdake08:01
*** javeriak has quit IRC08:01
*** admin0 has quit IRC08:02
*** phiche has joined #openstack-ansible08:03
*** admin0 has joined #openstack-ansible08:04
*** asettle has joined #openstack-ansible08:05
admin0\o/ i managed to make 2 nice overview diagrams yesterday — one if physical, one if logical08:07
admin0how to you backup/sync objects from the object store ?08:08
admin0nvm08:12
admin0good morning all08:12
*** asettle has quit IRC08:13
bsvadmin0: mornings08:13
*** mikelk has joined #openstack-ansible08:18
openstackgerritMerged openstack/openstack-ansible: Run Liberty high level playbooks in upgrade script  https://review.openstack.org/28954008:19
*** mgoddard has joined #openstack-ansible08:22
bsvadmin0: so, did you finish that blog? ;) :D08:24
*** mgoddard has quit IRC08:29
*** thorst_ has joined #openstack-ansible08:31
*** lykinsbd has joined #openstack-ansible08:31
admin0almost sir :)08:32
admin0it will be up today :)08:32
stevelleodyssey4me: I might be able to put some time in on the ceilometer testing today08:36
*** lykinsbd has quit IRC08:36
bsvadmin0: really looking forward to it.08:38
*** thorst_ has quit IRC08:39
bsvA simple thing like a working openstack_user_conf.yml would be nice to see.08:39
*** asettle has joined #openstack-ansible08:41
admin0it will have it :)08:44
admin0a working lxc, kickstart, vyos config, nat, dhcp :D08:44
admin0a complete end-to-end setup08:44
admin0with floating and public ips08:44
admin0:D08:44
openstackgerritMerged openstack/openstack-ansible: Restart containers on network configuration change  https://review.openstack.org/28990408:46
openstackgerritMerged openstack/openstack-ansible: Restart containers on network configuration change  https://review.openstack.org/28990508:46
openstackgerritMerged openstack/openstack-ansible: Fix cinder client --insecure call when adding device types  https://review.openstack.org/28961508:46
*** openstackgerrit has quit IRC08:47
*** openstackgerrit has joined #openstack-ansible08:48
openstackgerritgit-harry proposed openstack/openstack-ansible: Update user variables to Liberty names  https://review.openstack.org/28743808:49
*** asettle has quit IRC08:49
*** mgoddard has joined #openstack-ansible08:51
openstackgerritgit-harry proposed openstack/openstack-ansible: Revert "Exit early from unfinished upgrade script"  https://review.openstack.org/29033308:57
bsvadmin0: I cant even run the basic playbooks without errors, so something weird is going on. Would be nice to see a working setup to compare against.09:05
admin0bsv, it will be there today :)09:06
bsvGood, spend 17 hours yesterday trying to track down a single error in the playbook.09:11
bsvDidn't find a solution >.<09:11
bsvBut I did learn an awfull lot about other parts of OpenStack ;)09:11
*** jguy_ has joined #openstack-ansible09:13
*** bapalm has quit IRC09:14
*** admin0 has quit IRC09:23
*** d34dh0r53 has joined #openstack-ansible09:23
*** b3rnard0 has joined #openstack-ansible09:23
*** admin0 has joined #openstack-ansible09:24
*** jwagner has joined #openstack-ansible09:24
*** eglute has joined #openstack-ansible09:24
*** palendae has joined #openstack-ansible09:24
*** bogeyon18 has joined #openstack-ansible09:25
*** sigmavirus24_awa has joined #openstack-ansible09:26
*** cloudnull has joined #openstack-ansible09:26
*** bapalm has joined #openstack-ansible09:27
matttbsv: 17 hours?  jeez, that's some persistence right there09:30
*** electrofelix has joined #openstack-ansible09:34
*** thorst_ has joined #openstack-ansible09:36
*** gfa_ is now known as gfa09:43
*** thorst_ has quit IRC09:44
*** neilus has joined #openstack-ansible09:45
*** neilus has quit IRC09:49
*** neilus has joined #openstack-ansible09:51
*** cemmason has quit IRC09:59
*** cemmason1 has joined #openstack-ansible09:59
odyssey4mestevelle excellent, that would be appreciated10:03
odyssey4mebsv I think we need to go back to basics here as I think you've been doing some things wonky10:04
odyssey4mebsv first things first - what tag are you using for the build?10:04
odyssey4mebsv you should be checking out 12.0.7 as it's the latest liberty tag10:05
odyssey4methe tags are an indicator of us setting a point at which we think the release is stable and ready for consumption10:06
odyssey4methe 12.x.x series is based on the OpenStack Liberty release, which is the latest stable release10:06
odyssey4mesecondly, you asked for a working openstack_user_config - there's one in the repo that's used for the AIO: https://github.com/openstack/openstack-ansible/blob/master/etc/openstack_deploy/openstack_user_config.yml.aio10:07
odyssey4meopenstack_release and openstack_repo_url are not settings you should be messing with at all... until you understand the consequences of doing so - start simple10:09
*** javeriak has joined #openstack-ansible10:09
odyssey4mebsv, so please pastebin your openstack_user_config and user_variables file when you get a chance and we can help you debug it10:10
bsvodyssey4me: sure, almost have a scratched environment ready for trying again.10:15
*** johnmilton has joined #openstack-ansible10:20
*** johnmilton has quit IRC10:26
odyssey4meandymccr / mattt / hughsaunders if you can assist with helping get the config right once the configs are posted, please do...10:28
odyssey4mepabelanger congrats on your appointment to infra-core!10:29
matttyep10:29
openstackgerritHugh Saunders proposed openstack/openstack-ansible: Retry tempest cirros image creation  https://review.openstack.org/29038110:30
openstackgerritHugh Saunders proposed openstack/openstack-ansible: Retry tempest cirros image creation  https://review.openstack.org/29038210:32
*** lykinsbd has joined #openstack-ansible10:32
openstackgerritJesse Pretorius (odyssey4me) proposed openstack/openstack-ansible-os_nova: Add support for the nova_api db  https://review.openstack.org/28794510:33
openstackgerritJesse Pretorius (odyssey4me) proposed openstack/openstack-ansible: Add support for the nova_api db  https://review.openstack.org/27493210:35
*** lykinsbd has quit IRC10:37
*** mgoddard has quit IRC10:37
*** johnmilton has joined #openstack-ansible10:38
*** johnmilton has quit IRC10:40
bsvodyssey4me: configs pasted10:41
*** thorst_ has joined #openstack-ansible10:42
odyssey4meok, first up - I see you're referencing hostvars all over the place, but I see no host entry for 'burger', for instance10:43
bsvodyssey4me: https://etherpad.openstack.org/p/imhavingosadnightmares10:44
odyssey4mebsv, ok building from the head of liberty is ok - although as mentioned before, the appropriate convention for a production environment deployment is to use a tag10:45
bsvcan you give an example of how that would look?10:46
odyssey4mebsv: http://docs.openstack.org/developer/openstack-ansible/install-guide/deploymenthost.html#installing-source-and-dependencies10:47
bsvodyssey4me: sry, i just brainfarted... that is the config before hitting the deployment server >.<10:47
odyssey4mein your case you already have the clone done, so just execute 'git checkout 12.0.7'10:47
odyssey4mebsv, ok can you pastebin the result as what's there won't work as-is10:48
matttwhere is a gist of the specific error you're hitting?10:48
matttcoming in late in the game10:48
odyssey4memattt he's hitting a failure on the first pip packages to install10:48
bsvpad updated.10:49
odyssey4meyesterday we discovered that his repo servers weren't synchronising their contents - bsv did you ever get to a point where they were?10:49
bsvno, they never synced10:49
*** thorst_ has quit IRC10:49
matttok so kill a repo server for the time being10:49
matttor just ensure one is up10:49
odyssey4meok mattt andymccr hughsaunders the etherpad has the config10:50
*** javeriak_ has joined #openstack-ansible10:52
hughsaundersbsv did you find out why the repos weren't syncing? could you login as the nginx user from one to the other? Is the lsyncd process running on the primary repo container?10:52
odyssey4mebsv I see that you're using a high mtu on the storage network - I assume that your switches are set to handle the high MTU?10:52
bsvodyssey4me: mattt: Started this morning by wiping the entire setup, reinstalling fresh Ubuntu 14.04.4 on all servers.10:52
bsvStorage network and vxlan network is configured for jumboframes.10:53
hlkv6the repos were probably not syncing due to network issues, had pings working strangely, containers could ping deployment host, but not each other10:53
* hlkv6 is bsv's colleague10:53
bsv:)10:53
odyssey4meah10:54
odyssey4meok, so the config looks fine - I think - I can't speak to the network side of the config, but I don't see anything glaringly horrible10:54
odyssey4methe key issue here is the repo servers not syncing10:54
bsvgood thing :)10:54
hlkv6we have done multiple ansible -i hosts.odn1 -u root -a "ping  -c 1 10.50.41.4" all, green for all blades pinging deployment host, on all VLANs 401,402,403,40410:54
odyssey4menow, instead of running setup-infrastructure.yml every time - let's focus the work until each step gets it right10:55
hlkv6odyssey4me: currently we dont have any repo servers, since we reinstalled clean ubuntu this morning on all 6 blades10:55
odyssey4mehave you done the ansible bootstrap?10:55
*** javeriak has quit IRC10:55
odyssey4meis the user_secrets.yml file populated10:56
bsvodyssey4me: yes10:56
bsvboth :)10:56
bsvconfirmed.10:56
odyssey4mecan you post your user_variables.yml file as well please?10:56
bsvdone10:58
*** mgoddard has joined #openstack-ansible10:59
*** javeriak has joined #openstack-ansible11:01
bsvodyssey4me: just to verify, we should use git checkout 12.0.7 and NOT git checkout liberty (for stable)?11:02
odyssey4mebsv yes please - use the tag11:03
bsvok, updated pad11:03
*** javeriak_ has quit IRC11:03
odyssey4mewhile the branch is usually stable too, sometimes we hit factors which break it - the tag is a specific mark where we believe it's ready to be used for production11:03
hlkv6rerun scripts/bootstrap-ansible.sh then?11:04
odyssey4meyep, that just ensures that you have everything at the expected levels11:05
odyssey4mequestion - do you already have a mongodb setup on 10.50.41.16 ?11:05
hlkv6nope, but we have a small playbooks that does this, ceilometer-prepare.yml and aodh-prepare.yml added to bottom of etherpad11:06
hlkv6can run them now, if ppl are ready11:07
*** cemmason1 has quit IRC11:07
*** cemmason has joined #openstack-ansible11:07
openstackgerritMerged openstack/openstack-ansible-rabbitmq_server: Upgrade RabbitMQ Server to 3.6.1-1  https://review.openstack.org/28861711:08
odyssey4meok, go ahead and setup the MongoDB - it'll need to actually be present.11:09
hlkv6Create the ceilometer database and user, and Create the aodh database and user, done11:10
odyssey4methe glance store on the file system is not optimal, but you're not installing swift or ceph so I guess this is your only option11:10
hlkv6we have tried ceph once, it looks very nice, but huge - we ended up doing RIAK with S3 instead, another project11:11
hlkv6if we can avoid this for our current PoC it would be great11:11
odyssey4meyou should remove 'glance_notification_driver: noop' from user_variables as it will break the ceilometer metrics11:11
odyssey4meyeah, the glance file store should ideally be on shared storage of some sort11:12
odyssey4mebut that's something that can be worked on later11:12
hlkv6line 'glance_notification_driver: noop' - deleted11:12
odyssey4meok, are the appropriate bridges setup on your hosts? do you have time sync setup on all your hosts?11:14
odyssey4meie have all the bits in http://docs.openstack.org/developer/openstack-ansible/install-guide/targethosts-prepare.html been done?11:14
hlkv6date command on all hosts reported same to a second, bridges setup, and pinged back and forth11:14
odyssey4meis your deployment host on the same mgmt network?11:15
hlkv6Yes, OS is 14.04.4 - which is latest LTS but quite new, bonding modules etc. done11:15
odyssey4meis sshd_config on all the hosts setup to allow root access via a ssh key11:16
hlkv6yes, deployment host is on 10.50.{41|42|43|44}.4 and all 6 blades can ping that IP on each VLAN11:16
odyssey4meif you go into /opt/openstack-ansible/playbooks and execute: ansible hosts -m ping11:17
odyssey4medoes that work?11:17
hlkv6pong from 6 bladesd11:18
hlkv6amigo | success >> {samuel | success >> {china | success >> {burger | success >> {bacon | success >> {solo | success >> {11:19
odyssey4meok, looking good11:20
hlkv6names and layout/roles added in pad, from my local ansible hosts11:21
odyssey4mehave you checked the host partitions - is there enough tmp space, space in the other partitions for the data?11:21
hlkv6all blades have 100G SAN volume, used for root VG, default install gave /home 86G - we changed so /home is 12G, and / is 50G11:22
*** cemmason1 has joined #openstack-ansible11:23
odyssey4meyou might want to actually rather have /home just be part of the root partition11:23
*** cemmason has quit IRC11:23
odyssey4mebut 50G may be enough to work with for a PoC - I think it'll be fine11:24
hlkv6do you want me to change it now, or just make a note?11:24
odyssey4memake a note11:25
odyssey4meeffectively the containers will be create in /var/lib/lxc11:25
odyssey4meunless you setup a vg for them11:25
odyssey4meif it uses a file system, then they'll be sparse files - if it uses lvm backed containers then they will be thick11:26
odyssey4methen the containers bind mount into subfolders of /openstack on the hosts11:26
odyssey4methat's where all the crucial data (like your DB data), logs files, etc are kept11:26
odyssey4meso in terms of partitioning those are the things you should probably care about11:27
odyssey4meat least off the top of my head11:27
odyssey4mebut for a PoC we can ignore that11:27
hlkv6sorry, got interrupted11:27
hlkv6samuel, the storage host has two VGs lxc and cinder-volumes as described in docs11:28
hlkv6500G and 1Tb11:28
odyssey4meok, so the storage host doesn't need the lxc vg11:28
odyssey4meonly the cinder-volumes vg11:28
hlkv6ok11:29
odyssey4mewe switched running cinder-volume for lvm-backed storage to running on the host as there were all sorts of issues hit when running it in a container11:29
odyssey4menote that for production I would definitely recommend against using lvm-backed storage for cinder - it's a single point of failure11:29
*** admin0 has quit IRC11:30
odyssey4meit'd be better to make use of some sort of shared storage that you can upgrade online11:30
hlkv6noted11:30
odyssey4meotherwise you'd have to suspend any instances using it every time you want to upgrade your storage host11:30
hlkv6yeah, sounds like pain11:30
odyssey4meso ceph, or any nfs/iscsi shared storage back-end is best11:31
odyssey4menetapp, emc, ibm, etc - see the openstack docs for supported drivers11:31
*** admin0 has joined #openstack-ansible11:31
odyssey4meright, we're ready to get onto http://docs.openstack.org/developer/openstack-ansible/install-guide/install-foundation.html11:31
odyssey4mechange to /opt/openstack-ansible/playbooks11:32
odyssey4methen execute the setup-hosts.yml playbook11:32
odyssey4meusing the 'openstack-ansible' (not ansible-playbook)11:32
odyssey4meie execute: openstack-ansible setup-hosts.yml11:32
hlkv6I will let bsv run, and I will eat here at the kbd11:32
odyssey4me:)11:33
bsvback :)11:34
bsvjust had to read the backlog ;)11:34
odyssey4mehughsaunders FYI this is a blocker fixerator for the security role: https://review.openstack.org/29007111:34
*** skamithi13 has joined #openstack-ansible11:35
bsvrunning setup-hosts.yml now.11:36
*** skamithi14 has quit IRC11:36
*** skamithi13 has quit IRC11:38
*** skamithi13 has joined #openstack-ansible11:39
openstackgerritMerged openstack/openstack-ansible-security: Security: Disable AppArmor check  https://review.openstack.org/29007111:39
matttodyssey4me: bleh, can no longer build keystone in IRR :P11:40
matttodyssey4me: we need to use upper constraints like you said11:40
odyssey4memattt yeah :/11:41
matttodyssey4me: can you just pass the upper constraints file to pip ?11:42
bsvpip_install | Install pip is failing, but moving on.11:42
odyssey4memattt I think the developer mode would have to git clone both the keystone and the requirements repositories, then install using the keystone requirements with the upper-constraints as a constraint11:44
*** johnmilton has joined #openstack-ansible11:44
odyssey4mebsv is that the fail that's expected? the task doesn't fail11:44
mattt odyssey4me yeah let me try that now, the sucky thing is that we'll now have to jam a bunch of SHAs in these roles11:44
odyssey4memattt lemme find an example11:44
bsvodyssey4me: correct11:44
odyssey4memattt I think it'll likely be safe to use the branch for upper constraints, but we'll have to see11:45
matttodyssey4me: maybe the best thing is to clone openstack-ansible itself and then grab the SHAs from there11:45
odyssey4memattt that might be a pretty nifty way of doing it11:45
odyssey4methen we manage the SHA's in one place11:45
matttodyssey4me: or we work off master and fix bugs as we go11:45
odyssey4mewell, my intent is to get a proposal bot to maintain the SHA's for us - but that's going to take time to figure it out11:46
matttk11:46
matttlet me try the openstack-ansible clone route first11:46
bsvodyssey4me: fall back mode for pip worked.11:46
odyssey4memattt so essentially you want to clone the two repositories, then do this: https://github.com/openstack/openstack-ansible-repo_build/blob/master/tasks/repo_build_install.yml#L17-L2811:47
*** thorst_ has joined #openstack-ansible11:47
openstackgerritHugh Saunders proposed openstack/openstack-ansible-repo_server: Disable slave repo servers while syncing  https://review.openstack.org/27945211:47
odyssey4meI expect that in the case of building keystone, you'd want to feed it the keystone requirements file, with the upper-constraints file as a constraint11:48
odyssey4memattt I would suggest keeping it simple and on-point now... just have a SHA in the repo11:48
odyssey4mecloning openstack-ansible is quite a bit of complexity to be adding right now11:48
odyssey4mebut it's up to you11:48
*** neilus has quit IRC11:49
odyssey4mebsv yes, so before the repo container is there the initial pip task will fail because the initial task tries to install from the repo11:49
odyssey4meso that's an expected failure - we should try to make that more elegant11:49
odyssey4mebsv it seems to be taking pretty long?11:51
bsvmeh, it usualy takes about 5 minutes.11:51
*** neilus has joined #openstack-ansible11:53
*** thorst_ has quit IRC11:53
bsvCreating containers now.11:54
odyssey4mebsv as a side note, you may wish to implement a local apt mirror for production11:55
odyssey4meone that you update when you're ready to update11:55
bsvodyssey4me: we have that now, but did not want to use it for this PoC11:55
odyssey4meok cool, that's fine11:56
bsvi assume you are talking about the rackspace repo?11:56
bsvnot standard ubuntu packages.11:56
odyssey4mebsv the rackspace ubuntu mirror is just a mirror - nothing special about it11:57
odyssey4mewe use it as a point of reference11:57
odyssey4meyou could use any ubuntu archive mirror11:57
odyssey4methe mariadb mirror is quite important - we use the rackspace one because other mirrors are rate limited11:58
bsvwe have a mirror for dev, staging and production11:58
odyssey4methat's good practise11:58
bsvbut right now, for this test, we are not using any local mirror.11:58
bsvodyssey4me: good practice, and will save your ass at some point ;)11:59
hlkv6usually we debmirror stuff, reprepro to a current mirror, and then rsync to staging, and sometimes rsync staging to prod mirror11:59
hlkv6odyssey4me: how can we mirror the "container stuff"? or is that not needed?12:00
bsvodyssey4me: playbook done, no errors12:02
odyssey4mehlkv6 for the moment you can mirror http://rpc-repo.rackspace.com/container_images/rpc-trusty-container.tgz to a local web server - we'll be changing how the image is prepped some time soon, hopefully for the Mitaka release12:03
odyssey4mebut it may slip12:03
hlkv6ok, I wont worry now then12:03
bsvodyssey4me: so, next one would be haproxy?12:03
*** cloudtrainme has joined #openstack-ansible12:03
odyssey4meok, now instead of executing the setup-infrastructure playbook, we'll execute each playbook in there in turn12:04
odyssey4mebut yeah, haproxy first12:04
odyssey4meopenstack-ansible haproxy-install.yml12:04
bsvrunning now.12:04
bsvdone12:05
odyssey4meok, you'll see each playbook to run in sequence here: https://github.com/openstack/openstack-ansible/blob/liberty/playbooks/setup-infrastructure.yml12:06
odyssey4mefirst memcache, then repo12:06
odyssey4meonce the repo is done, we'll need to confirm that it's all working right12:06
bsvok12:06
bsvrunning memcached-install now12:07
bsvdone12:08
bsvrunning repo-install now12:08
bsvodyssey4me: just passed the expected pip-error12:10
*** cloudtrainme has quit IRC12:13
*** jguy_ has quit IRC12:16
bsvodyssey4me: I think Akamai is using a filter on us ;)  slow fetcing repo12:22
bsvbeen doing this multiple times each day for the last 14 days :D12:22
odyssey4mebsv the git clones take around 5 mins (some of the repositories have a lot of history)12:23
*** cemmason1 has quit IRC12:23
odyssey4methe first repo build takes the longest though, so yeah - we're trying to find ways of making it quicker12:23
*** toddnni_ has joined #openstack-ansible12:24
hughsaunderspalendae: mhayden: I would appreciate it if you could have a look at https://review.openstack.org/#/c/279452/612:25
*** eric_lopez has joined #openstack-ansible12:25
*** MCoLo__ has joined #openstack-ansible12:26
*** dank__ has joined #openstack-ansible12:26
*** toddnni has quit IRC12:27
*** alextricity25_ has quit IRC12:27
*** dank_ has quit IRC12:27
*** bogeyon18 has quit IRC12:27
*** elo has quit IRC12:27
*** neillc has quit IRC12:27
*** MCoLo___ has quit IRC12:27
*** toddnni_ is now known as toddnni12:27
*** dank__ is now known as dank_12:27
*** bapalm has quit IRC12:27
*** neillc has joined #openstack-ansible12:27
*** bapalm has joined #openstack-ansible12:27
*** alextricity25 has joined #openstack-ansible12:31
*** bogeyon18 has joined #openstack-ansible12:31
*** neilus has quit IRC12:33
tiagogomesHi, why is rabbitmq installed from a deb packaged instead of using apt. Can't you pin the the package to a certain version?12:33
*** lykinsbd has joined #openstack-ansible12:33
tiagogomesSame for mariadb12:34
openstackgerritMatt Thompson proposed openstack/openstack-ansible-os_keystone: [WIP] Use contraints file in developer mode  https://review.openstack.org/29044612:35
openstackgerritJesse Pretorius (odyssey4me) proposed openstack/openstack-ansible: Make the purpose of the example user_variables file clearer  https://review.openstack.org/29044712:35
odyssey4metiagogomes the apt repository provided at https://www.rabbitmq.com/ is a testing repository which only ever has the latest version12:36
openstackgerritMatt Thompson proposed openstack/openstack-ansible-os_keystone: [WIP] Use contraints file in developer mode  https://review.openstack.org/29044612:37
odyssey4meso you can't pin to that version, nor can you be guaranteed to be at a certain version because it changes whenever they want it to change12:37
odyssey4mefor mariadb and the associated packages there is a similar issue, which is why packages are downloaded from fixed pin points12:37
*** lykinsbd has quit IRC12:38
openstackgerritMatt Thompson proposed openstack/openstack-ansible-os_keystone: [WIP] Use contraints file in developer mode  https://review.openstack.org/29044612:38
*** neilus has joined #openstack-ansible12:39
*** thorst_ has joined #openstack-ansible12:39
*** admin0 has quit IRC12:44
bsvodyssey4me: status= repo_build | Move wheels into place and ensure permissions, is taking a loooooong time12:45
*** admin0 has joined #openstack-ansible12:46
odyssey4mebsv yeah, the repo build process is very IO bound12:46
odyssey4mehow fast is the storage access?12:46
bsv8Gbps FC12:47
odyssey4memattt comment in https://review.openstack.org/290446 :)12:47
odyssey4mebsv it may be interesting to check where the bottleneck is (CPU, RAM, Disk IO, etc)12:47
*** cemmason has joined #openstack-ansible12:48
matttodyssey4me: yeah, saw that ... i'm not entirely sure either, that was added by cloudnull12:48
matttodyssey4me: but this change does seem to allow keystone to build at least12:48
*** retreved has joined #openstack-ansible12:49
odyssey4meit seems odd to me that the requirements are fed using the --constraints parameter12:49
bsvodyssey4me: 2xCPU w/16 cores, 128 GB RAM, should suffice12:49
odyssey4mealthough it's probably likely that anything given in those two options is merged into a single set anyway12:50
odyssey4mebsv should do - I suspect that the underlying tooling probably doesn't multithread very well12:50
odyssey4mebsv, interestingly though - our last gate check shows this sort of time for the repo_build on a heavily constrained cloud instance: http://logs.openstack.org/15/289615/2/gate/gate-openstack-ansible-dsvm-commit/e4f8efa/console.html#_2016-03-09_07_56_54_24312:52
bsvyou think? :) its major overkill for the role, but we wanted to test on real hardware.12:52
odyssey4mebsv, that's a good spec for production I think12:52
bsvyeah, for compute-nodes i would agree12:54
odyssey4memattt I see that it works :) it's likely that it'll also work with --requirements... and I think that makes what it's doing clearer, don't you?12:54
bsvrepo-install done12:54
*** skamithi14 has joined #openstack-ansible12:54
odyssey4mebsv bear in mind that your control plane is running a lot of stuff, so it needs some grunt12:54
odyssey4meok, now check whether the rsync copies between the repo servers are executing successfully12:55
bsvplaybook complete, no errors12:55
bsvlook at the pad.12:55
bsvunless im testing it in a wrong way, there is no sync happening.12:57
odyssey4mesee my comparison in the etherpad12:57
odyssey4meinterestingly - I see you have no lsync process12:57
*** skamithi13 has quit IRC12:58
odyssey4meok, let's figure out how that happened12:58
odyssey4methis is the crux of the issues you've been experiencing12:58
bsvi saw something about aptitude and lsync flying by at some point during the previous playbooks.12:58
bsvnot an error... but12:58
bsvgreen text ;)12:58
odyssey4mebsv, ok hang on a minute12:59
odyssey4mebsv, execute ansible repo_all[0] -m shell -a 'ps aux | grep sync'13:01
odyssey4merecord the results of each in the etherpad13:01
odyssey4meexecute: ansible repo_all[0] -m shell -a 'df -h'13:01
odyssey4meexecute: ansible repo_all[0] -m shell -a 'cat /etc/lsyncd/lsyncd.conf.lua'13:02
bsvodyssey4me: pad updated13:02
*** jguy_ has joined #openstack-ansible13:03
*** retreved has quit IRC13:04
odyssey4mepastebin the result of this one: execute: ansible repo_all[0] -m shell -a 'cat /var/log/lsyncd/lsyncd.log'13:04
*** retreved has joined #openstack-ansible13:04
bsvBingo13:05
bsvunexplained error13:05
bsvsee output in pad13:05
odyssey4meok, to the containers can't ssh to each other13:05
odyssey4mego to the host of that container, lxc-attach -n <container name> to attach to the console, then test connectivity13:06
odyssey4meif that's fine, try and restart the lsync service and check the log again13:06
odyssey4meI see thatyou already verified connectivity13:07
bsvyes, ill check ssh from within the container13:07
*** markvoelker_ has joined #openstack-ansible13:08
bsvodyssey4me: ssh just hangs.13:09
bsvrunning with debugging13:09
bsvso13:11
odyssey4mebsv check MTU's?13:11
*** retreved has quit IRC13:11
odyssey4methe container may be using a higher MTU than the host or something like that13:11
bsvMTU 150013:11
odyssey4methis is where we need Apsu :p13:11
*** retreved has joined #openstack-ansible13:11
*** markvoelker has quit IRC13:11
bsvodyssey4me: so, the container is using mtu 150013:14
odyssey4meI'm not quite sure what the best course of action is to narrow down the ssh connectivity issue, but that's a blocker before we can continue.13:14
bsvodyssey4me: the br-mgmt is also using mtu 150013:14
bsvthe underlying bond (bond0.402) is mtu 150013:14
mhaydenmorning folks13:14
mhaydenhughsaunders: i'll gander13:15
hughsaundersmhayden: thanks :)13:15
bsvodyssey4me: the physical nic's are also set at mtu 150013:15
mhaydenhughsaunders: this idea intrigues me13:15
bsvWhat type of encapsulation does the LXC use?13:15
odyssey4mebsv it does not - the container plugs directly into the bridge on the host13:16
mhaydenwhoa, that's a lotta lua13:16
odyssey4melol13:17
mhaydenenough for a luau13:17
odyssey4mebsv so ping works between the repo containers, in both directions?13:18
odyssey4memaybe it's worth tcpdumping the connections to see where the data gets to?13:18
*** weshay has joined #openstack-ansible13:19
bsvodyssey4me: now ping is not working anymore. from primary to any of the two slaves.13:19
bsvodyssey4me: already dumping :)13:19
*** markvoelker_ has quit IRC13:20
openstackgerritJesse Pretorius (odyssey4me) proposed openstack/openstack-ansible: [DO NOT MERGE] Diagnostics  https://review.openstack.org/29048613:28
*** woodard has joined #openstack-ansible13:29
*** neilus1 has joined #openstack-ansible13:36
*** neilus has quit IRC13:36
*** v1k0d3n has quit IRC13:38
bsvodyssey4me: mysterious ARP going on13:38
*** markvoelker has joined #openstack-ansible13:39
mhaydenhughsaunders: as nolan said, a release note in there would be appreciated13:40
*** woodard has quit IRC13:41
*** woodard has joined #openstack-ansible13:41
bsvodyssey4me: in my notes, only networks for VXLAN and Storage should use >1500 mtu13:42
bsvcan you confirm that the container-network only use default (mtu 1500) settings?13:42
odyssey4mebsv, yes I think so13:43
matttodyssey4me: does the cross role dependency stuff work yet ?13:44
odyssey4memattt nope13:44
odyssey4methat's next on my hit list13:44
bsvso, status. If you generate IP traffic from the repo-container towards the repo_slave, the primary repo_container will drop its arp entry for that slave.13:45
hlkv6user_variables.yml:   apply_security_hardening: true    <- does this have any influence on this?13:45
odyssey4mehlkv6 nope, that playbook hasn't run yet13:46
hlkv6ok13:46
odyssey4mein fact, that playbook doesn't exist in the liberty branch :p13:46
odyssey4mespeaking of which, mhayden I see that only run-playbooks executes that playbook? it's not included in any of the setup- playbooks at all13:46
mhaydenodyssey4me: should we include it automatically?13:47
odyssey4memhayden I'm thinking for mitaka we should include it automatically in one of the meta playbooks - it's controlled by a setting anywa13:47
odyssey4memhayden also, I think we should be ebaling it by default13:48
odyssey4me*enabling13:48
bsvodyssey4me: okay, just discovered something weird.13:48
odyssey4mebsv that's odd, but this stuff is out of my depth13:48
mhaydenodyssey4me: i'm not opposed to either -- want me to create a bug or do you want to?13:49
bsvthe above scenario with dropping ARP, only applies if I try to communicate with another LXC host.13:49
odyssey4meI'm not sure if mhayden has the skills to help, but I'm pretty sure that Apsu does.13:49
odyssey4memhayden no need for a bug, just put in the review :)13:49
mhaydenhaha, i am reviewing legal addendums to contracts right now -- i'm sure i'll forget :P13:49
odyssey4memhayden also, see the change in https://review.openstack.org/290447 - the default should be set in group_vars, with a commented note on how to change the default in user_variables13:50
*** keedya has joined #openstack-ansible13:50
*** javeriak has quit IRC13:50
odyssey4methat patch clearly isn't working, so I'm going to need to work through whatever issues arise13:50
bsvodyssey4me: Status: sending IP-traffic between containers will cause the initiating container to drop its arp entry for the target container.13:51
bsvany changes in LXC for the 14.04.4 release? mm13:51
odyssey4mebsv that is very strange behaviour, and not behaviour we're seeing anywhere13:53
bsvMaybe some arp-spoofing feature...13:54
bsvarp-filtering13:55
openstackgerritMajor Hayden proposed openstack/openstack-ansible: Docs/Reno: Make default_schedule_zone configurable  https://review.openstack.org/29016113:57
odyssey4meafk - meeting13:58
mhaydenodyssey4me: ah, good idea on the user_variables.yml13:58
*** markvoelker has quit IRC13:58
*** automagically_ has joined #openstack-ansible13:59
*** automagically_ has left #openstack-ansible14:02
automagicallymorning all14:03
bsvo/14:04
mhaydenodyssey4me: would it make sense for the security hardening to happen as part of the setup-hosts.yml playbook?14:15
*** automagically_ has joined #openstack-ansible14:17
git-harryodyssey4me: d34dh0r53 Please review https://review.openstack.org/#/c/287438/ the only change since your +2/+W was to fix a linting failure.14:23
openstackgerritMajor Hayden proposed openstack/openstack-ansible: Include security role in setup-hosts.yml  https://review.openstack.org/29052614:25
*** b3rnard0 is now known as b3rnard0_away14:26
mhaydenodyssey4me: i'm not sure i can enable OSAS by default until we get rid of the "fail" tasks in there14:26
*** b3rnard0_away is now known as b3rnard014:26
*** skamithi14 has quit IRC14:26
mhaydeni'd hate to derail a deployment because the base OS isn't compliant14:26
*** skamithi13 has joined #openstack-ansible14:27
odyssey4memhayden I guess so?14:27
mhaydenhah14:27
mhaydenwhat's your take?14:27
*** asettle has joined #openstack-ansible14:30
mhaydenif the environment isn't configured properly, we need some way to let the user know that14:32
mhaydenbut i don't really want to derail the playbook14:32
mhaydenwith a hard failure14:32
mhaydeni think we had an email thread on this14:33
* mhayden searches14:33
mhaydenhttp://lists.openstack.org/pipermail/openstack-dev/2016-January/083988.html14:34
*** asettle has quit IRC14:35
*** KLevenstein has joined #openstack-ansible14:36
*** jthorne has joined #openstack-ansible14:36
bsvodyssey4me: pick a bug https://bugs.launchpad.net/ubuntu?field.searchtext=arp&search=Search&field.status%3Alist=NEW&field.status%3Alist=INCOMPLETE_WITH_RESPONSE&field.status%3Alist=INCOMPLETE_WITHOUT_RESPONSE&field.status%3Alist=CONFIRMED&field.status%3Alist=TRIAGED&field.status%3Alist=INPROGRESS&field.status%3Alist=FIXCOMMITTED&field.assignee=&field.bug_reporter=&field.omit_dupes=on&field.has_patch=&field.has_no_package=14:37
*** TheIntern has joined #openstack-ansible14:37
bsvit seems that Ubuntu have very serious issues with ARP and bridges/bonding interface.14:37
*** scarlisle has joined #openstack-ansible14:39
odyssey4mebsv, the thing is that RAX deploys on bonded interfaces, I think, and it works just fine14:41
odyssey4mealso I think logan- also has this working14:42
logan-yes br-mgmt on my controllers is attached to a bond14:42
*** automagically_ has left #openstack-ansible14:42
bsvI'll try to "draw" our network to the host on the pad.14:43
odyssey4mebsv perhaps sharing the content of the network interfaces file from the hosts and the repo containers would help?14:44
*** markvoelker has joined #openstack-ansible14:48
*** cemmason has quit IRC14:48
logan-yeah a bunch of pastes with like brctl show, interface files from host/container, ip route and ip addr output, cat /proc/net/bonding/bond*, etc would help to look thru14:49
*** sdake_ has joined #openstack-ansible14:50
*** ShannonM has joined #openstack-ansible14:52
*** sdake has quit IRC14:53
bsvlogan-: the weird thing is, the "bug" seems to be triggered if a container tries to communicate with IP to another container (on another host).14:53
*** admin0 has quit IRC14:54
*** cloudtrainme has joined #openstack-ansible14:54
bsvlogan-: it will drop the arp-entry of the remote container14:54
logan-can you ping between those 2 repo containers at all? or is it only happening when you start generating traffic ie rsync/ssh14:54
bsvPing works (once the arp-tables is populated correct, it will fix itself after a while), then you can ping all you want...14:55
*** admin0 has joined #openstack-ansible14:56
bsvthe moment you send IP traffic from the container, it will drop the arp-entry of the destination container (this is only a container-to-container issue).14:56
bsvThen the container will send arp who-has request, the remote container see it, reply with a correct arp-reply.14:57
bsvThe arp-reply will leave the remote host, travel over the physical network, into the server of the container who sent the arp who-has request.14:58
*** sdake has joined #openstack-ansible14:58
bsvtcpdump confirms the arp-reply on the bond-interface, bond0.402 interface, br-mgmt bridge.. and then.. pufff gone.14:59
*** cloudtrainme has quit IRC14:59
bsvthe arp-reply never enters the tap-interface of the container.14:59
logan-interesting14:59
*** sdake_ has quit IRC15:00
bsvFrom what I see, the only change to interfaces we have done, is putting the host-management on a tagged vlan.15:01
bsvBut this is happening over the container-network.15:01
logan-i wonder if there is some sysctl setting on the host causing it to filter that arp for some reason15:01
*** cloudtrainme has joined #openstack-ansible15:01
bsvlogan-: precise...15:01
bsvBut then everyone else using Ubuntu would have the same problem.15:02
bsvimho15:02
*** cemmason has joined #openstack-ansible15:03
odyssey4melogan- FYI https://etherpad.openstack.org/p/imhavingosadnightmares15:03
*** kencjohnston has joined #openstack-ansible15:03
bsvodyssey4me: we are going to remove the bond from the equation.15:04
*** xek_ is now known as xek15:05
odyssey4mebsv wait a minute, perhaps logan- can spot a problem?15:05
logan-thanks odyssey4me. bsv: not necessarily.. I can't speak for everyone's setup but my deploy is different in that I am using lacp as bonding proto and no dot1q tags.. I may be an edge case on that. I ran across this right now https://serverfault.com/questions/518254/linux-container-bridge-filters-arp-reply so I wonder if it is something specific to the tagging15:05
logan-i don't see anythign specifically wrong with that config though15:05
logan-everything seems mapped correctly, it just seems like some kernel setting (ie netfilter) is filtering the arps. removing the bonds to simplify things for now isnt a bad idea15:06
*** sigmavirus24_awa is now known as sigmavirus2415:09
bsvlets just make it work, then tweak it later ;)15:09
bsvThat would make the nightmares go away, I think ;)15:10
*** Mudpuppy has joined #openstack-ansible15:13
bsvWhat OS do you use logan- ?15:14
ApsuMorning.15:14
ApsuThis looks fun15:14
bsv>.<15:14
Apsubsv: So, which neighbor table are you looking in that you see an entry disappearing?15:16
logan-bsv: 14.04.415:17
bsvApsu: im executing a arp -an on the container itself (lxc-attach)15:17
*** networkninja has joined #openstack-ansible15:19
bsvI have to run now, workday ended 20 mins ago, but I will be back again in 3-4 hours. Do you expect to be online at that time Apsu?15:19
bsvlogan-: okay, all in sync then ;)15:19
Apsubsv: Would strongly recommend using "ip neigh" instead, but I'd like to see the "before" table, when you can ping the other container, and the "after" when you send IP traffic.15:20
ApsuAnd also "ip neigh" on the host. Filtered for the container IPs in question15:20
ApsuBut yeah I'll be here15:20
openstackgerritMatt Thompson proposed openstack/openstack-ansible-os_keystone: [WIP] Use contraints file in developer mode  https://review.openstack.org/29044615:20
andrei_hi, can someone explain conditions at https://github.com/openstack/openstack-ansible/blob/eca0f5ddfba5ac12fc0199d854b3f18504f9ccd3/playbooks/roles/ceph_client/tasks/ceph_auth.yml#L20-L40 ? If one has cinder-backup and cinder-volume in one container keyring for cinder-backup was not copied. Is it a bug or a feature?15:21
cloudnullmorning15:21
bsvcloudnull o/15:22
Apsubsv: I suspect you have duplicate MACs or IPs somewhere, and are getting bridge port MAC mappings swapping around15:22
Apsubrctl showmacs $bridge can help track that kind of issue down15:22
ApsuWhen the port # for a MAC switches15:23
matttandrei_: sec15:23
ApsuSometimes after container creating/destroying or even stopping/starting, on particular versions of linux/lxc, you can get some dangling veths leftover with the same MACs15:23
ApsuI made a script to check for that15:23
hlkv6Apsu: more like, broadcast packets getting repeated/looped around and then getting that swap around?15:24
odyssey4meApsu this issue is on a fresh install15:24
*** spotz_zzz is now known as spotz15:24
logan-Apsu: I don't know much about the non-lacp bonding options in linux but maybe the active-backup mode he is using created a bridging loop15:24
Apsuhlkv6: logan-: Could easily be something like that, yes. Bonding/bridging/VEPA/reflection issues causing MAC->port mappings to move.15:25
logan-yep15:25
logan-will be interesting to see if anything changes when the bonds are removed15:25
ApsuLinux bridges are actually pretty serious switches, in more ways than are immediately obvious.15:25
ApsuGotta dig in there deep :P15:25
spotzo/15:26
*** phalmos has joined #openstack-ansible15:26
matttandrei_: this was all deliberate, i vaguely remember writing it :)  trying to recall the details15:27
cloudnullbsv: did you make it work ?15:28
cloudnullRE: the repo bits?15:28
hlkv6cloudnull: he probably left work now, I left before him, and in train now15:29
hlkv6blades are reboted15:29
cloudnullah.15:29
hlkv6currently testing with ansible -i hosts.odn1 -u root all -a "ping -c 1 10.50.41.4"15:30
hlkv6on all VLANs15:30
odyssey4mecloudnull my brain has stopped working and I need an idea15:31
odyssey4meI want to read a list of files from the deployment host, then put together a dict based on that15:31
odyssey4methoughts on how best to do it?15:31
cloudnullusing python?15:32
cloudnullalso a list of files?15:32
*** skamithi13 has quit IRC15:32
odyssey4mecloudnull I'd rather not implement another filter, so preferably ansible15:32
cloudnullok15:32
hlkv6all blades can ping deployment host .4  and .20 future compute node on all 4 VLANs without bond15:32
palendaehughsaunders: Will take a look at that today hopefully15:32
cloudnullodyssey4me: whats the key in the dict15:33
odyssey4mebut basically I'd like to grab a list of files in a directory, then create a list of dicts which uses the file names15:33
hlkv6all lxc seem to be STOPPED? just wait or start manually?15:33
hlkv6server been up for 10min15:33
*** phalmos has quit IRC15:33
*** raddaoui has joined #openstack-ansible15:33
cloudnullhlkv6: the lxc container start is slow, you can manually start them if you like.15:33
*** mgoddard has quit IRC15:33
odyssey4mecloudnull a simple list of dicts with: { src: /foo/path/file1, dest: /foo/path/file1 }15:33
cloudnullah.15:34
*** mgoddard has joined #openstack-ansible15:34
cloudnullodyssey4me:  so you can use a lookup with a *15:34
cloudnullis foo/path always known in this case ?15:34
cloudnullwell... thatt wont work because you cant add to a dict in an ansible task .15:35
odyssey4mecloudnull yes, it's a fixed path15:35
cloudnullyou can do a command call to: ls -115:36
cloudnullregister that15:36
odyssey4meand the source and dest values will be the same15:36
odyssey4meso yeah, that's what I've got so far15:36
odyssey4methen the stdout needs to be split somehow into a list15:36
cloudnulland if there is more than one dir you can use the union filter to merge the lists.15:36
cloudnulluse stdout_lines15:37
cloudnullregister: things.stdout_lines15:37
cloudnullls -1 will put all files on a newline15:37
cloudnullwhich will work if the file has a \s in it15:37
odyssey4meyou know, I thought of that but it wasn't showing in a verbose output15:38
odyssey4mesilly hidden feature15:38
cloudnullyup...15:38
odyssey4meok, then I expect that this can be converted into a list of dicts using something like the map filter?15:38
odyssey4methe trick is that I want to set one fact as a result15:39
hlkv6ok, it seems lxcbr0 is not running, when I try to start an LXC, ifup lxcbr0 does not start it15:39
odyssey4meie one var, which is a list of dicts15:39
cloudnullhlkv6: can you ifup lxcbr0 ?15:39
hlkv6Ignoring unknown interface lxcbr0=lxcbr0.15:40
cloudnullit should have an interface file in the /etc/network/interfaces.d15:40
hlkv6there is a config in /etc/network/interfaces.d/lxc-net-bridge.cfg15:40
cloudnullhlkv6: do you have https://github.com/openstack/openstack-ansible/blob/master/etc/network/interfaces#L7 in the main interfaces file?15:40
cloudnullodyssey4me: i've had mixed success with the map filter.15:41
cloudnullbut that should work15:41
hlkv6cloudnull: nope, will add15:41
*** sdake_ has joined #openstack-ansible15:41
*** sdake has quit IRC15:41
matttandrei_: that should copy it, if i'm reading correctly -- do you have cinder-backup fully enabled ?15:44
hlkv6cloudnull: TY, now ifup lxcbr0 works15:45
*** weezS has joined #openstack-ansible15:46
*** raddaoui has quit IRC15:49
openstackgerritTravis Truman (automagically) proposed openstack/openstack-ansible-os_heat: [WIP] Enable functional testing  https://review.openstack.org/28945415:49
hlkv6cloudnull: and I can see lxc being started now15:51
cloudnullnice!15:51
*** raddaoui has joined #openstack-ansible15:52
*** phalmos has joined #openstack-ansible15:52
openstackgerritMajor Hayden proposed openstack/openstack-ansible: Docs/Reno: Make default_schedule_zone configurable  https://review.openstack.org/29016115:52
palendaecloudnull: RE you comment on https://review.openstack.org/#/c/289540/ about the ignore cluster state - git-harry tested without it and it worked. I originally had it in there, but can easily be added back15:52
cloudnulli wasnt sure if it was needed.15:52
cloudnulli just thought id mention it15:52
palendaeYeah15:52
palendaeI was copying it from your master work15:53
palendaeI don't know that it hurts to be there15:53
palendaeBut this next week should be about testing that stuff15:53
*** raddaoui has quit IRC15:54
*** michaelgugino has joined #openstack-ansible15:55
michaelguginohello all.  Thanks for merging that rsyslog commit, and thanks for the kind words.15:55
automagicallyo/15:56
cloudnullhi michaelgugino15:57
*** cemmason has quit IRC15:57
openstackgerritTravis Truman (automagically) proposed openstack/openstack-ansible-rabbitmq_server: Removing unused default role variable  https://review.openstack.org/29061215:58
*** ametts has joined #openstack-ansible16:01
openstackgerritTravis Truman (automagically) proposed openstack/openstack-ansible-rabbitmq_server: Removing unneeded with_items usage for clarity  https://review.openstack.org/29061516:01
*** raddaoui has joined #openstack-ansible16:03
*** thorst_ is now known as thorst_afk16:03
automagicallyThis is the last of what I believe was 4 patchs to various roles that all exhibited the same security issue: https://review.openstack.org/#/c/289079/ Any opinions on whether this is relevant to backport into Liberty?16:05
openstackgerritHugh Saunders proposed openstack/openstack-ansible-repo_server: Disable slave repo servers while syncing  https://review.openstack.org/27945216:05
cloudnullautomagically: idk that we should backport it.16:07
cloudnullits a good sec improvement.16:07
cloudnulli can go both ways on that.16:07
automagicallyI’ve been reading through the guidelines for stable branches and it seems like their is a definite bias against backporting anything16:08
palendaeautomagically: Yep.16:08
palendaeOSA's pretty liberal16:08
automagicallyWhich TBH, worries me only because I’m going to be using OSA to install Liberty and yet I’m going to want a bunch of work that is currently only available in master16:09
automagicallyThe SSL termination stuff for example16:09
hlkv6Apsu: without bond I see icmp pings, but was not immediately and did loose some packets on testing16:09
palendaeautomagically: That's been our ongoing problem internally :)16:09
cloudnullautomagically: +116:09
palendaePeople want the new hotness, but don't want to upgrade the major version16:10
cloudnullim on both sides of that argument, so lots of arguing with myself.16:10
Apsucloudnull: At least you always win when you argue with yourself16:10
automagicallycloudnull: I can definitely appreciate both sides. Stability _is_ king afterall16:10
cloudnullApsu:  this is not always true :P_16:10
automagicallyWould just like to see us reach a point where we can more comfortably guarantee that backported changes are not impacting stability16:10
Apsucloudnull: Well sometimes it's a war of attrition. Nobody wins ;P16:11
*** andrei__ has joined #openstack-ansible16:11
michaelguginostability and new features at the same time?  That's what the whole world wants.  If you can figure out a way, you'll be the first ;)16:12
cloudnullhahaha, i have this bridge...16:12
automagicallymichaelgugino: Well, to some extent, its about strict definitions of compatibility16:13
automagicallymhayden is running into this with the proposed backport of the security role16:13
automagicallyMaking the feature available, but feature flagging it in such a way that backward compatibility is maintained by default16:14
palendaeYep16:14
*** sdake has joined #openstack-ansible16:14
cloudnullautomagically: I'm pro-backport in most cases, which is one reason that the branches dont have "stable/" in-front of them. however thats not something shared by most.16:14
cloudnullbut changes can cause instability16:15
michaelguginoI think part of the issue is trying to tightly couple to an upstream version16:15
*** cemmason has joined #openstack-ansible16:15
*** sdake_ has quit IRC16:15
spotzWho can answer a cinder question for documentation? Need to know if you are required to configure the cinder api or just the cinder volume so I can figure out wording16:16
cloudnullmichaelgugino: i've pondered running Master Ansible code w/ liberty SHAs16:16
*** cemmason has quit IRC16:16
openstackgerritTravis Truman (automagically) proposed openstack/openstack-ansible-os_heat: Enable functional testing  https://review.openstack.org/28945416:16
michaelguginoSay, OSA v1 supports Kilo, Liberty, Mitaka with a certain feature set.  OSA v2 supports Liberty, Mitaka with a certain feature set.  OSA v3 supports a different feature set, etc16:16
cloudnullin most cases it should work16:16
automagicallyHmm…I like that notion16:16
*** shausy has quit IRC16:16
michaelguginobut, that sounds like a lot more work ;)16:17
*** sdake_ has joined #openstack-ansible16:17
*** b3rnard0 is now known as b3rnard0_away16:18
*** asettle has joined #openstack-ansible16:19
automagicallyReviews on https://review.openstack.org/#/c/289454 very much welcome. Last gate check succeeded, so I’m no longer considering it WIP. Link to the check log if you don’t want to wait ~20 minutes: http://logs.openstack.org/54/289454/6/check/gate-openstack-ansible-os_heat-ansible-func-ubuntu-trusty/777aeef/16:19
*** sdake has quit IRC16:19
*** sdake_ is now known as sdake16:21
spotzautomagically just looked, now you need to answer my cinder api question:)16:22
automagicallyspotz: I would if I could16:22
spotzheheh16:22
*** asettle has quit IRC16:23
openstackgerritJesse Pretorius (odyssey4me) proposed openstack/openstack-ansible: Gate: Use OpenStack-CI apt mirrors  https://review.openstack.org/29048616:25
spotzexample yml says API required, I wonder why it's missing out of the doc totally16:25
automagicallyQuestion about the OSA main repo checks/gate…is there any way for us to not run the full AIO build piece when the only modified files in a patch are rst files? We have been churning through a bunch of doc updates lately and we are hammering infra building AIOs when the outcome is completely irrelevant for an RST only commit16:26
openstackgerritMatt Thompson proposed openstack/openstack-ansible-os_keystone: [WIP] Use contraints file in developer mode  https://review.openstack.org/29044616:27
*** javeriak has joined #openstack-ansible16:28
openstackgerritMerged openstack/openstack-ansible-os_nova: Rootwrap configuration should be owned by root  https://review.openstack.org/28907916:28
*** javeriak has quit IRC16:29
*** javeriak has joined #openstack-ansible16:29
matttautomagically: i thought docs changes didn't trigger a full test16:29
odyssey4meautomagically hmm, .rst files should not trigger a full gate job16:30
odyssey4mecan you share an example?16:30
odyssey4methey may have busted up our rules again16:30
automagicallyLet me double-check, thought I saw it happening yesterday16:30
*** skamithi13 has joined #openstack-ansible16:30
automagicallyAh, this was it: https://review.openstack.org/#/c/290075/ and its a .example file16:31
odyssey4meyep, that will trigger a full built16:31
automagicallybummer16:31
openstackgerritAla Raddaoui proposed openstack/openstack-ansible: Test if dynamic inventory catches some bad configs  https://review.openstack.org/29001116:32
odyssey4meso be it - those are few and far between and we should be rid of them :p16:32
odyssey4meon backports, if we can improve our gate checks to the degree that we have more confidence that they're testing many more code paths... then we can confidently allow backporting16:33
odyssey4meright now we're not testing enough, so we need to err on the side of caution16:33
*** cloudtrainme has quit IRC16:34
*** lykinsbd has joined #openstack-ansible16:35
odyssey4meAlso, I'd rather drive people forward.16:35
palendaeraddaoui: https://review.openstack.org/#/c/290011/1..2/tests/test_inventory.py appears to have removed all your code; I left a comment on there, but checking to see if that was intentional16:36
*** javeriak has quit IRC16:36
odyssey4meAnother things is that backporting often creates a pretty severe review backlog. It would be nice if we could put together some sort of stable-maint team that focuses on testing and approving backports so that the core team can focus on driving improvement in the master branch instead of backport testing/reviews.16:36
*** galstrom_zzz is now known as galstrom16:39
*** lykinsbd has quit IRC16:40
odyssey4mesomething else that would also be really good is if the major stakeholders of the project implement external CI to provide feedback on patches - the external CI should test their specific use-cases to verify that the patch works for their needs... if that was in place for the major stakeholders, then I'd be far happier to support proactive backporting16:41
automagicallyNice idea that ^16:41
automagicallyI’d have to think through what that could look like for my org16:41
*** javeriak has joined #openstack-ansible16:41
palendaeI've been thinking about that for rackspace16:42
palendaeUpgrades in particular could benefit from an external CI that has a longer time out16:42
-cloudnull- these patches are still in "merge conflict" after the great IRR migration. If you have a patch that needs to be updated after the migration please update it so that itll be considered / reviewed. If you need help updating the patch please let us know as many of us would be happy to lend a hand to resolve the issues: https://review.openstack.org/#/q/project:%255Eopenstack/openstack-ansible.*+-is:mergeable+is:open,n,z16:44
openstackgerritMerged openstack/openstack-ansible-galera_client: Implement human readable logging for functional tests  https://review.openstack.org/28933516:44
openstackgerritMatt Thompson proposed openstack/openstack-ansible-os_keystone: Use contraints file in developer mode  https://review.openstack.org/29044616:44
openstackgerritMerged openstack/openstack-ansible-galera_client: [DOCS] Cleanup the role docs for consistency and clarity  https://review.openstack.org/28904416:44
openstackgerritMerged openstack/openstack-ansible-plugins: [DOCS] Cleanup the role docs for consistency and clarity  https://review.openstack.org/28959816:44
*** admin0 has quit IRC16:45
*** mikelk has quit IRC16:45
*** cloudtrainme has joined #openstack-ansible16:46
odyssey4mepalendae git-harry and others, excellent work on getting the kilo>liberty upgrades working16:47
odyssey4meit's great that we have the last two patches merging a week ahead of the next tag, so there's time to test them16:47
palendaeodyssey4me: Yep. Hopefully any changes will be small16:47
odyssey4meit'd be great if we could put a basic framework in place in master so that we can incrementally add stuff as we go instead of having to do it as a block of work16:48
palendaeStill need to get the manual process documented, but that's mostly running down the upgrade script and putting a little bit of prose around it16:48
palendaeThat'd be swell :)16:48
openstackgerritMerged openstack/openstack-ansible-security: Add curl to bindep requirements  https://review.openstack.org/28869116:48
odyssey4meheh, I'm surprised this made it all the way through to tempest before flaking out: https://review.openstack.org/29044716:50
palendaegit-harry: Looks like we'll need to wait for those last 2 patches to merge - they were based on liberty before it got the bug fix patch merged. e.g. https://review.openstack.org/#/c/290333/1/scripts/run-upgrade.sh still says "SCRIPTS", not "SCRIPTS_PATH" on L151/14116:50
palendaeActually nm, I'll do a cherry pick onto liberty instead of a checkout16:52
*** izaakk has joined #openstack-ansible16:52
palendaeMaybe I should actually install Kilo on this AIO before running the upgrade scripts >.>16:54
spotzheheh16:54
*** mathlin1 has joined #openstack-ansible16:56
odyssey4meit's good to see that https://review.openstack.org/290486 is doing what it was intended to do :)16:57
*** mgoddard_ has joined #openstack-ansible16:58
*** cluster444 has joined #openstack-ansible16:58
matttcloudnull: was hoping you would have a look at https://review.openstack.org/290446 before it merged17:01
matttwhich is about to happen any second :)17:01
matttmind having a quick look?17:01
*** mgoddard has quit IRC17:02
cluster444Hi, having some trouble getting my compute nodes going. Did a fresh install of kilo, run-playbooks seemed to complete ok. Each compute node has nova-compute and  neutron-linuxbridge-agent running, but nova service-list says the state is down17:02
* cloudnull looking17:02
openstackgerritMerged openstack/openstack-ansible-galera_server: Initial commit for bindep requirements  https://review.openstack.org/28787017:02
* odyssey4me removes +w so that cloudnull can look and approve17:02
odyssey4mecluster444 do you have an ntp service on all nodes?17:03
cluster444Another wierd thing is that glance fails when trying to add an image, it gets to 2%, hangs and then errors with a Broken Pipe error17:03
*** raddaoui has quit IRC17:03
*** fawadkhaliq has joined #openstack-ansible17:03
openstackgerritAla Raddaoui proposed openstack/openstack-ansible: Test if dynamic inventory catches some bad configs  https://review.openstack.org/29001117:03
cluster444I'll check that17:03
odyssey4mecluster444 check that your time is all in sync and that your rabbitmq and mariadb clusters are in a healthy state17:03
*** raddaoui has joined #openstack-ansible17:03
*** fawadkhaliq has quit IRC17:03
odyssey4mecloudnull should the pip install not have the requirements implemented through --requirements and the upper-contraints through --constraints?17:04
odyssey4meit doesn't appear to make a difference, functionally17:05
cluster444rabbitmq cluster_status looks good, how do i check that mariadb cluster is healthy?17:05
odyssey4mecluster444 some hints here: http://docs.openstack.org/developer/openstack-ansible/install-guide/ops-galera-recovery.html17:05
cluster444mariadb cluster looks ok, checking on the time sync17:07
openstackgerritMatt Thompson proposed openstack/openstack-ansible-os_keystone: Use contraints file in developer mode  https://review.openstack.org/29044617:08
*** cloudtra_ has joined #openstack-ansible17:08
*** thorst_afk is now known as thorst_17:09
*** fawadkhaliq has joined #openstack-ansible17:10
*** cloudtrainme has quit IRC17:10
matttcloudnull: what are your thoughts?  are we approaching this incorrectly?17:11
matttafk, back online in a bit17:14
*** andrei__ has quit IRC17:15
*** asettle has joined #openstack-ansible17:15
*** asettle has quit IRC17:20
cloudnullmattt: LGTM -- sorry I was pondering how to do this better. however I cant think of one.17:20
openstackgerritNolan Brubaker proposed openstack/openstack-ansible: Clarify run-upgrade.sh failure message  https://review.openstack.org/29070717:21
openstackgerritJesse Pretorius (odyssey4me) proposed openstack/openstack-ansible: Set apt sources to use a configured list of components  https://review.openstack.org/28983517:22
cloudnulli dont like the additional dep and the requirement to track yet another branch/sha however it kinda looks like its required.17:22
openstackgerritJesse Pretorius (odyssey4me) proposed openstack/openstack-ansible: Set apt sources to use a configured list of components  https://review.openstack.org/28983317:23
*** keedya has quit IRC17:25
odyssey4mecloudnull yeah, I think it's pretty essential - hopefully we can get a proposal bot to update the sha's from time to time17:25
cluster444ok, got ntp installed on compute nodes, compute nodes are all +/- 4ms now17:26
cluster444they weren't really off by much to begin with, maybe 200ms on the worst node17:27
*** mathlin1 has quit IRC17:29
*** raddaoui has quit IRC17:32
*** raddaoui has joined #openstack-ansible17:32
openstackgerritgit-harry proposed openstack/openstack-ansible-galera_server: Re-initialise when restarting 1-node cluster  https://review.openstack.org/29071617:33
odyssey4meodd - two different patches, both producing nova API errors in the tempest phase: https://review.openstack.org/290486 / https://review.openstack.org/29044717:34
odyssey4megit-harry good patch, can I ask whether it's possible to actually have the cluster automatically initialise if the container is restarted?17:35
odyssey4megit-harry ie perhaps --wsrep-new-cluster can go into the initi script if there's only one node17:35
odyssey4methat will be a massive help to the usability in a single galera node (usually test environment) use-case17:36
*** admin0 has joined #openstack-ansible17:36
palendaeraddaoui: Ok, I'll slow down with the reviews on that patch now so you can get a chance to look at them :)17:36
git-harryodyssey4me: if we add it to the init script we make that node special17:36
odyssey4megit-harry but if there's only one node, then it is special :)17:37
git-harryodyssey4me: True. I guess it just seems like we're doing something unexpected to work around something that isn't an issue, it's just the way it works.17:39
*** cloudtra_ has quit IRC17:39
git-harryodyssey4me: I'd be opposed to that but I guess we can discuss it in the review and see what everyone else thinks17:39
odyssey4megit-harry sure, but it would be quite useful to have a developer AIO that's cut down as a simple use-case for the entry-level17:39
cluster444is there something i do to enable a compute node? or does it just auto-enable itself when nova-compute starts on that node?17:40
spotzodyssey4me I was working https://bugs.launchpad.net/openstack-ansible/+bug/1550041 and the more I read the configure-cinder documentation page and the more it seems the page is only about setting up netapp. There is a section talking about API but it's the netapps17:40
openstackLaunchpad bug 1550041 in openstack-ansible "Chapter 4, configure Block Storage missing storage-infra_hosts" [Low,Confirmed] - Assigned to Amy Marrich (amy-marrich)17:40
odyssey4mecluster444 it registers itself and its state17:40
raddaouiyes palendae, I will look at it after lunch17:40
palendaeraddaoui: Yep, no rush.17:40
odyssey4mespotz yeah, we should actually improve the page to show examples for ceph, netapp and perhaps an NFS back-end17:40
cluster444so if its not doing that, then it must not be able to talk to whatever it registers with?17:41
odyssey4mecluster444 it communicates through rabbitmq, the conductor service and to the db17:41
spotzodyssey4me As long as I'm not going nuts as I wasn't seeing a clean way to just insert the storage-infra_hosts in and talk about cinder api17:41
git-harryodyssey4me: yeah, I get what you're aiming for. It's a reasonable goal but I think I'd prefer better documentation than doing something that wouldn't exist in 'real life'.17:42
*** cloudtrainme has joined #openstack-ansible17:42
cluster444and all of which seem to be running fine, but the computes are not coming up17:43
odyssey4mespotz you're not going nuts - I was looking at that the other day and it made me sad17:44
openstackgerritMerged openstack/openstack-ansible: Update user variables to Liberty names  https://review.openstack.org/28743817:44
openstackgerritMerged openstack/openstack-ansible: Revert "Exit early from unfinished upgrade script"  https://review.openstack.org/29033317:44
openstackgerritMerged openstack/openstack-ansible: Retry tempest cirros image creation  https://review.openstack.org/29038117:44
openstackgerritMerged openstack/openstack-ansible: Minor fixes for App-PLUMgrid doc entry  https://review.openstack.org/28990017:44
odyssey4meheh, let the games begin :)17:45
spotzodyssey4me ok, I'll see what I can do to get it in order and add more info17:45
*** raddaoui has quit IRC17:45
odyssey4methanks spotz17:45
*** skamithi14 has joined #openstack-ansible17:47
odyssey4meok, time for me to go offline for the night17:47
odyssey4mesee y'all tomorrow!17:47
automagicallyLater odyssey4me17:48
*** skamithi14 has quit IRC17:48
*** skamithi14 has joined #openstack-ansible17:49
*** skamithi13 has quit IRC17:49
openstackgerritAndrew Mitry proposed openstack/openstack-ansible: Fix: AODH sort rabbitmq hosts pre-task should use 'aodh_all' group  https://review.openstack.org/29072517:53
*** kencjohnston has quit IRC17:54
cluster444should there be more logging after the line 'Auditing locally available compute resources' in the nova-compute output?17:55
openstackgerritAndrew Mitry proposed openstack/openstack-ansible: Fix: AODH sort rabbitmq hosts pre-task should use 'aodh_all' group  https://review.openstack.org/29072517:55
openstackgerritTravis Truman (automagically) proposed openstack/openstack-ansible-os_horizon: Enable functional convergence testing  https://review.openstack.org/29003418:00
openstackgerritgit-harry proposed openstack/openstack-ansible-galera_server: Use var galera_cluster_members to identify cluster  https://review.openstack.org/29072918:00
cluster444i added some extra logging into nova compute resource tracker, it seems the call to get_available_resources never returns18:05
*** rohanp_ has joined #openstack-ansible18:05
rohanp_Hi folks, i am facing an issue wherein i am trying to test my ansible changes using AIO..i am failing at bootstrap ansible step itself..i am using liberty18:06
rohanp_the bootstrap ansible doesnot thrown any errors though it just stops executing18:06
rohanp_https://usercontent.irccloud-cdn.com/file/SrtxuR8j/18:07
rohanp_it doesnot run to completion and hence i cannot run next steps of bootstrap aio18:07
*** TheIntern has quit IRC18:09
*** andyhky` has joined #openstack-ansible18:11
*** sdake has quit IRC18:11
*** andyhky` is now known as andyhky18:11
*** flaviosr has joined #openstack-ansible18:11
*** michaelgugino has quit IRC18:12
*** michaelgugino has joined #openstack-ansible18:12
openstackgerritJimmy McCrory proposed openstack/openstack-ansible-rabbitmq_server: [WIP] Multi-distro support for rabbitmq_server role  https://review.openstack.org/28628218:14
*** iurygregory has joined #openstack-ansible18:14
*** mgoddard_ has quit IRC18:15
openstackgerritNolan Brubaker proposed openstack/openstack-ansible: Move inventory environment loading to function  https://review.openstack.org/29074018:15
flaviosrHi people, i'm testing ansible to deploy a cloud and i'm facing this bug https://bugs.launchpad.net/openstack-ansible/+bug/155525618:15
openstackLaunchpad bug 1555256 in openstack-ansible "os_neutron: no service or tool found for: neutron-lbaas-agent" [Undecided,New] - Assigned to Flávio Ramalho (flaviosr)18:15
flaviosri've fixed locally, this bug is valid upstream?18:16
cloudnullflaviosr: looks like a real bug18:19
cloudnullseems valid18:20
cloudnulli assume its because the lbaas agent isint installed at that point and the check is failing.18:20
cloudnullmhayden: ^18:20
flaviosrexactly18:21
*** cloudtrainme has quit IRC18:22
openstackgerritJimmy McCrory proposed openstack/openstack-ansible-rabbitmq_server: [WIP] Multi-distro support for rabbitmq_server role  https://review.openstack.org/28628218:22
cloudnullodyssey4me: looking into the keystone issues you we're mentioning earlier.18:22
cloudnullim not seeing any issues18:22
cloudnulli moved my install to keystone using the head of master18:22
cloudnulland its working fine18:22
cloudnullI even applied it to an existing env to upgrade it and see if something was there and nothing.18:23
cloudnullmaybe the reporter was using keystone client and not openstack client which caused the issues?18:23
openstackgerritTravis Truman (automagically) proposed openstack/openstack-ansible-os_heat: Account for oslo_config deprecations in heat.conf template  https://review.openstack.org/29074818:23
flaviosrthanks cloudnull, i will send a patch asap!18:24
cloudnulltyvm flaviosr18:24
cloudnullthats great18:24
*** phiche has quit IRC18:25
jmccrorymattt looks like requirements capped pysaml2 a few weeks after the SHAs in openstack-ansible https://review.openstack.org/#/c/280968/18:26
*** keedya has joined #openstack-ansible18:26
*** cloudtrainme has joined #openstack-ansible18:27
openstackgerritJimmy McCrory proposed openstack/openstack-ansible-rabbitmq_server: [WIP] Multi-distro support for rabbitmq_server role  https://review.openstack.org/28628218:30
*** McMurlock1 has quit IRC18:33
*** leifmadsen has left #openstack-ansible18:40
*** electrofelix has quit IRC18:40
*** grumpycatt has quit IRC18:43
*** gayathri has joined #openstack-ansible18:43
*** grumpycatt has joined #openstack-ansible18:45
*** b3rnard0_away is now known as b3rnard018:45
*** bsv has quit IRC18:50
*** bsv has joined #openstack-ansible18:53
openstackgerritSteve Lewis proposed openstack/openstack-ansible-os_ceilometer: Remove unused galera_client and related vars  https://review.openstack.org/29077018:54
bsvadmin0: url? :D18:54
admin0https://www.openstackfaq.com/18:55
admin0under private cloud18:55
gayathriHi All. I m trying to setup ovs manually after installing all the services using community playbook. when i install openvswitch package m getting only 2.0.2 which is not suitable for liberty18:55
admin0BUT it not yet published :D18:55
admin0workign on it sir18:55
admin0working on it18:55
admin0it wil be today :D18:55
admin0allow me to work :D18:55
gayathrifrom the repo which is been pointed (i.e.rackspace) only this version is getting downloaded..18:56
*** McMurlock1 has joined #openstack-ansible18:56
gayathriHow cani get the latest version 2.4.0 for ovs18:56
*** sdake has joined #openstack-ansible18:57
openstackgerritFlávio Ramalho proposed openstack/openstack-ansible-os_neutron: Ignore error when neutron-lbaas-agent is not installed  https://review.openstack.org/29077218:57
gayathriwhich sources.list I need to update18:57
gayathriCan anybody please help on my query18:57
openstackgerritSteve Lewis proposed openstack/openstack-ansible: Remove unused galera_address from playbook  https://review.openstack.org/29077318:57
cloudnullgayathri: we dont support OVS. be let me have a look to see what is recommended.18:57
*** mgoddard has joined #openstack-ansible18:58
gayathrisure..thanks cloudnull.. please let me know your suggestion18:59
openstackgerritTravis Truman (automagically) proposed openstack/openstack-ansible-os_horizon: Enable functional convergence testing  https://review.openstack.org/29003419:00
bsvadmin0: you wont even notice me, I will leave you the lonest of alones... :p19:01
admin0:D19:01
*** markvoelker has quit IRC19:01
cloudnullgayathri: looks like cloud archive has 2.4 in it for their liberty release19:02
cloudnullhttps://wiki.ubuntu.com/ServerTeam/CloudArchive19:02
cloudnullrun: add-apt-repository cloud-archive:liberty && apt-get update19:02
cloudnulland you should be able to install 2.4.019:02
cloudnullactual package 2.4.0-0ubuntu4~cloud019:02
cloudnulldocs on cloud archive https://wiki.ubuntu.com/ServerTeam/CloudArchive19:03
*** markvoelker has joined #openstack-ansible19:03
*** kencjohnston has joined #openstack-ansible19:04
*** asettle has joined #openstack-ansible19:04
gayathriafter installing neutron service..inside that container i tried adding repo and apt-get update..in the node I was able to get 2.4.019:04
gayathribut not inside the container :(19:04
gayathrii got some error with respect to version19:06
gayathrissl sync error19:06
*** unlaudable has joined #openstack-ansible19:07
*** asettle has quit IRC19:08
*** metral_zzz is now known as metral19:09
*** phiche has joined #openstack-ansible19:09
openstackgerritHugh Saunders proposed openstack/openstack-ansible: Fix command not found in scripts lib  https://review.openstack.org/29077819:09
*** metral is now known as metral_zzz19:09
cloudnullgayathri: can you paste that ?19:10
gayathrisorry.. i do not have the error log now..19:10
cloudnullah sorry for the late reply19:11
*** skamithi14 has quit IRC19:12
gayathriThanks for your suggestions cloudnull.. I will try again and get back19:13
*** gayathri has quit IRC19:13
cloudnulllet me know if theres something i can help with :)19:15
*** markvoelker has quit IRC19:17
*** markvoelker has joined #openstack-ansible19:18
openstackgerritTravis Truman (automagically) proposed openstack/openstack-ansible-os_ceilometer: Account for oslo_config deprecation in ceilometer.conf template  https://review.openstack.org/29078719:19
stevellehah, I thought I did that already automagically19:19
stevelleguess not19:19
openstackgerritTravis Truman (automagically) proposed openstack/openstack-ansible-os_horizon: Enable functional convergence testing  https://review.openstack.org/29003419:26
*** sdake_ has joined #openstack-ansible19:30
openstackgerritTravis Truman (automagically) proposed openstack/openstack-ansible-os_cinder: Account for oslo_config deprecation in cinder.conf template  https://review.openstack.org/29079919:30
*** sdake has quit IRC19:32
openstackgerritTravis Truman (automagically) proposed openstack/openstack-ansible-os_aodh: Account for oslo_config deprecations in aodh.conf template  https://review.openstack.org/29080119:35
*** thorst__ has joined #openstack-ansible19:36
*** michaelgugino has quit IRC19:38
openstackgerritTravis Truman (automagically) proposed openstack/openstack-ansible-os_ceilometer: Account for oslo_config deprecation in ceilometer.conf template  https://review.openstack.org/29078719:39
*** thorst_ has quit IRC19:40
automagicallyCan I get some +2s on https://review.openstack.org/#/c/287571/ please19:40
*** raddaoui has joined #openstack-ansible19:43
automagicallyOr, rather reviews, vote as you wish clearly19:44
hughsaundershaha three-line whip19:45
*** cloudtrainme has quit IRC19:48
*** sigmavirus24 is now known as sigmavirus24_awa19:48
openstackgerritTravis Truman (automagically) proposed openstack/openstack-ansible-os_glance: Account for oslo_config deprecations in glance config templates  https://review.openstack.org/29081119:50
hughsaundersAnyone else seen gate failures on "ensure service tenant"? I'm pretty sure its unrelated to my patch as that code isn't executed before the failure. kibana tells me that other jobs aren't having the same error though. (kibana query: build_name:"gate-openstack-ansible-dsvm-commit" AND message:"keystoneclient.openstack.common.apiclient.exceptions.ServiceUnavailable") https://review.openstack.org/#/c/290382/119:51
automagicallyI’ve seen maybe one in the last week19:52
automagicallyDon’t recall where19:52
automagicallyIt rings a bell though19:52
*** skamithi13 has joined #openstack-ansible19:55
automagicallyHere’s a puzzler. Check fails due to http://logs.openstack.org/34/290034/5/check/gate-openstack-ansible-os_horizon-ansible-func-ubuntu-trusty/82d32ef/console.html#_2016-03-09_19_48_43_143, and yet: http://logs.openstack.org/34/290034/5/check/gate-openstack-ansible-os_horizon-ansible-func-ubuntu-trusty/82d32ef/console.html#_2016-03-09_19_47_52_40419:56
automagicallyTLDR - keystone module complains that python-keystoneclient isn’t installed, but log shows Ansible installing python-keystoneclient just prior19:57
hughsaundersautomagically: hmm, so is the keystone module activating the venv properly?19:59
automagicallyAh right, Ansible itself isn’t running in that venv20:01
automagicallyI see that the Keystone role handles this with a var keystone_requires_pip_packages which get installed in the container outside of the venv20:03
automagicallyGuess I’ll give that a shot with Horizon20:03
hughsaunderssounds good, I couldn't think of a way to get ansible to activate a venv before executing a module.20:04
automagicallyHmm, its already doing that…which would make sense20:04
mhaydencloudnull / flaviosr: i'll check on that bug20:05
automagicallyhttp://logs.openstack.org/34/290034/5/check/gate-openstack-ansible-os_horizon-ansible-func-ubuntu-trusty/82d32ef/console.html#_2016-03-09_19_46_20_58720:05
flaviosrk, thanks mhayden :)20:05
openstackgerritTravis Truman (automagically) proposed openstack/openstack-ansible-os_horizon: Enable functional convergence testing  https://review.openstack.org/29003420:07
mhaydenflaviosr: i see your patch there in gerrit, but it may make more sense to reorder the includes in main.yml20:09
spotzFell behind on the channel poke me with links for any reviews I'm needed on20:09
mhaydenor well, i guess i am confused... the actual neutron lbaas service scripts should be in place by the time neutron_lbaas.yml is executed20:09
automagicallyAll the reviews spotz, all the reviews. Otherwise how are you going to stay ahead of mhayden20:09
mhaydenso many reviews, i'm seeing spotz20:10
flaviosrhahaha20:10
spotztrue that automagically. Need to do something in *gasp* chef then I'll look for reviews:)20:10
*** raddaoui has quit IRC20:11
mhaydenwhen i hear chef, i /quit20:11
flaviosrmhaydenm you mean by the time the task to stop lbaas-agent run, it should have already installed the agent?20:12
*** mgoddard has quit IRC20:12
flaviosrI think this task is just for the case that you already have an lbaas-agentv1 running and is installing a lbass-agentv2, so you need to stop the other agent20:13
openstackgerritMerged openstack/openstack-ansible-os_nova: Add support for the nova_api db  https://review.openstack.org/28794520:16
openstackgerritMerged openstack/openstack-ansible-os_ceilometer: Account for oslo_config deprecation in ceilometer.conf template  https://review.openstack.org/29078720:18
openstackgerritMerged openstack/openstack-ansible-os_aodh: Account for oslo_config deprecations in aodh.conf template  https://review.openstack.org/29080120:18
*** sdake has joined #openstack-ansible20:21
*** kencjohnston has quit IRC20:21
*** sdake_ has quit IRC20:23
mhaydenflaviosr: oh, i think i see what the problem is20:27
mhaydenservice_en ends up being false, so the whole service doesn't get deployed20:27
mhaydeni think might adjust the neutron_lbass.yml playbook to check for the service and take action *if* it exists20:28
mhaydenso that the appropriate action is taken if the deployer has deployed that service in the past20:28
flaviosri see20:29
flaviosrI think i can do that, i just start learning ansible, so it will be good to learn20:29
mhaydenflaviosr: ah, okay -- you're welcome to!20:30
flaviosrmhayden: so i should check if the service exist, if so stop it right?20:30
openstackgerritSteve Lewis proposed openstack/openstack-ansible-os_nova: Resolve oslo_config deprecations in nova.conf  https://review.openstack.org/29083420:31
mhaydenflaviosr: right -- i just put comments in your review20:31
openstackgerritMerged openstack/openstack-ansible-os_cinder: Account for oslo_config deprecation in cinder.conf template  https://review.openstack.org/29079920:32
flaviosrthats great! thanks mhayden!20:32
mhaydenyou're welcome20:32
mhaydenthanks for finding the bug i (accidentally) created, flaviosr! :P20:33
flaviosrthats fine :)20:33
automagicallyone hopes you aren’t creating bugs on purpose mhayden ;)20:33
*** kencjohnston has joined #openstack-ansible20:33
* mhayden does like smashing them20:33
mhaydenperhaps i thought the services would be deployed automagically20:34
mhaydenbut now it's turned into an odyssey4me20:34
automagicallyAs one does...20:34
mhaydenbut i'm learning new spotz of the OSA code20:34
mhaydenright now, i seem to be beating a d34dh0r5320:34
spotzhehehe20:34
d34dh0r53ba dum cha20:34
*** lykinsbd has joined #openstack-ansible20:36
*** cloudtrainme has joined #openstack-ansible20:41
*** lykinsbd has quit IRC20:41
bsvAnyone using Emulex NIC's with their OpenStack setup?20:41
*** raddaoui has joined #openstack-ansible20:43
*** asettle has joined #openstack-ansible20:46
matttpysaml2 released a fast follow to 4.0.4 which broke keystone in master20:50
matttso thankfully our IRR tests are passing now20:50
*** asettle has quit IRC20:50
openstackgerritTravis Truman (automagically) proposed openstack/openstack-ansible: OpenStack services should reach Glance via the internal LB VIP  https://review.openstack.org/29084420:51
palendaeIs anyone else getting consistent apt failures, or is it just https://review.openstack.org/#/c/290707/ ?20:56
*** raddaoui has quit IRC20:57
*** sigmavirus24_awa is now known as sigmavirus2420:58
spotzhttps://review.openstack.org/#/q/status:open+openstack-ansible is my friend:)21:00
cloudnullpalendae:  oddly enough, gayathri was talking about apt failures21:01
cloudnullmaybe their repo is syncing ?21:01
palendaecloudnull: Hm, ok21:01
matttdid odyssey4me flip over to infra's apt servers yet?21:02
palendaemattt: I think so21:02
matttwonder if it's related to that21:02
openstackgerritTravis Truman (automagically) proposed openstack/openstack-ansible-os_nova: OpenStack services should reach Glance via the internal LB VIP  https://review.openstack.org/29085121:02
stevelleautomagically: https://review.openstack.org/#/c/290834/121:05
stevelleI'm curious if you get a deprecation msg for api_servers as well21:05
automagicallyAh, whoops21:06
stevellelets see what the gate tells us on yours21:06
openstackgerritJimmy McCrory proposed openstack/openstack-ansible-rabbitmq_server: [WIP] Multi-distro support for rabbitmq_server role  https://review.openstack.org/28628221:06
openstackgerritJimmy McCrory proposed openstack/openstack-ansible-rabbitmq_server: [WIP] Multi-distro support for rabbitmq_server role  https://review.openstack.org/28628221:08
bsvcloudnull Apsu: https://access.redhat.com/solutions/77474321:10
bsvperhaps?21:10
ApsuGot Emulex NICs?21:11
openstackgerritTravis Truman (automagically) proposed openstack/openstack-ansible-os_cinder: OpenStack services should reach Glance via the internal LB VIP  https://review.openstack.org/29085621:11
bsvApsu: yep21:11
Apsubsv: Worth checking into, then! Not familiar with them21:12
bsvMore from the same dept.; http://support.citrix.com/article/CTX13759821:12
bsvOpenVS tho21:12
rohanp_Folks, 1 question regrading providing an option for own neutron plugin similar to plumgrid..while testing this shud the overriding neutron plugin be specified in "/etc/openstack_deploy/user_variables.yml" file or it can be any file like user_xxx_vars.yml under /etc/openstack_deploy21:13
*** Mudpuppy has quit IRC21:13
automagicallyDone for the day, see you all tomorrow21:13
mhaydennight automagically21:13
rohanp_the goal here is to override the ml2 plugin option and provide own neutron option similar to plumgrid21:13
bsvApsu: I just contacted HPE and asked them for a set of Intel NIC's to test with. Expect to have them tomorrow or the day after.21:13
mhaydendarn -- just tried a master build and discovered i need a user secret from https://review.openstack.org/#/c/274932/12 :P21:14
bsvWould be nice to find out if this is the source of all our pain and agony ;)21:14
Apsubsv: Indeed!21:14
*** cloudtrainme has quit IRC21:14
Apsumhayden: First rule of user secrets, don't talk about them21:15
* mhayden hugs Apsu21:15
bsvI asked in #openstack-neutron if anyone was using Emulex, but the silence is strong on that channel ;)21:16
Apsumhayden: d'awww21:16
openstackgerritJimmy McCrory proposed openstack/openstack-ansible-rabbitmq_server: [WIP] Multi-distro support for rabbitmq_server role  https://review.openstack.org/28628221:16
mhaydenbsv: what's unique about the emulex cards?21:17
mhaydenApsu: imma pour out a vuka in your honor21:17
bsvmhayden: the chipet is supported by OpenBSD.21:17
*** jguy_ has quit IRC21:17
openstackgerritSteve Lewis proposed openstack/openstack-ansible-os_nova: Resolve oslo_config deprecations in nova.conf  https://review.openstack.org/29083421:18
*** raddaoui has joined #openstack-ansible21:18
bsvmhayden: and we use OpenBSD... ;)21:18
*** markvoelker has quit IRC21:20
Apsumhayden: Do it for the homies21:22
Apsubsv: Wait, you're running OpenStack on OBSD?21:22
bsvApsu: no...21:22
bsv...not yet...21:22
ApsuOr just saying you use OBSD in your org... gotcha21:22
bsv:D21:22
ApsuSame NICs across the board. Makes sense21:23
bsvYeah, all servers are identical21:23
bsvApsu: but I would really like to have OpenBSD as my 'Network Node' for OpenStack, that would be nice.21:24
bsvWith the changes comming up, that goal will be very close.21:25
ApsuI prefer Linux for networking these days, but I'm a lot more equipped and informed about the minutia of Linux Networking than most, so yeah21:25
*** cloudtrainme has joined #openstack-ansible21:25
admin0bsv: https://www.openstackfaq.com/openstack-liberty-private-cloud-howto/21:26
admin0just the basics are up21:26
bsvadmin0: (thumbsup)21:27
bsv:D21:27
admin0tomorrow i will add how to make that develppment box . with just run.sh and it will delete and re-create c11 .. c25 for re-runs21:28
bsvApsu: im only touching linux networking because of OpenStack. I'd rather stay in BSD land ;)21:28
bsvBut if I have to learn OpenStack, I need to know Linux networking.. end of story.21:29
*** thorst__ is now known as thorst_21:30
admin0i wanted to use pfsense insetad of vyos, but pfsense put my 24 core 128gb mem test machine to lockup . so vyos :D21:30
ApsuJust make sure you learn the appropriate tools. ip, bridge, ss, lnstat21:30
bsvApsu: And most maps directly over, except you have to install stuff to make anything work on Linux :)21:30
ApsuRather than ifconfig/brctl/route/netstat21:30
ApsuThe latter are broken, abandoned and lie to you21:30
bsvHey wait a minute, the OpenStack doc says 'use brctl'21:30
bsv:)21:30
palendaeApsu has Opinions :)21:31
admin0bsv: curl gw.am .. this is one domain i have that i use to check if my outgoing ips are correct21:31
ApsuI'm sure it does. But the common distros still haven't fully abandoned net-tools or bridge-utils, despite the code itself correctly having moved on.21:31
admin0youc an do that to check your outbound ip to verify if you have a real nat working and the outgoing ip is the ip you were expecting21:31
admin0cirros has curl, so perfect to test21:32
*** keedya has quit IRC21:32
bsvApsu: noted.21:32
*** raddaoui has quit IRC21:33
bsvadmin0: i have a setup for that too :) nice to have.21:33
admin0i added geoip stuff there ..sometimes i am in NL and i see my ip is RU :D21:33
bsvgeoip is broken :)21:34
admin0i made network name as DHCP and FLOATING .. youcan add ranges like test, office, dev, prod, guests21:34
*** raddaoui has joined #openstack-ansible21:34
admin0vyos will allow you to do site-2-site vpn, so everything on DHCP could be seamlessly accessible from office21:35
openstackgerritAla Raddaoui proposed openstack/openstack-ansible: Test if dynamic inventory catches some bad configs  https://review.openstack.org/29001121:35
bsvApsu: do you have some tool/way to quickly verify container inter-connectivity?21:37
Apsubsv: We usually run ad-hoc ping checks between all the IPs via ansible.21:38
ApsuI think our support team has some scripts for it...21:38
Apsucloudnull: You have anything along those lines that could be linked?21:38
cloudnulllike can the neutron container get to the galera container?21:39
cloudnullor like can the deploy host get to everythoing?21:39
ApsuThink the former is what they mean21:39
cloudnullnothing that im aware of.21:40
ApsuCould probably grab the IP list from inventory-manage.py and do something clever21:42
spotzAnyone have a cinder NFS example?21:43
*** sdake has quit IRC21:44
bsvcloudnull: just a way to verify that all containers indeed can reach each other.21:45
bsvi would have saved us a few days ;)21:46
cloudnullthat sounds very useful. however i dont have anything in my tool belt for that right now.21:46
cloudnullwe could make it :)21:47
Apsubsv: You could workup a playbook to do it. Target the host group of all containers, then use a loop in the task over the same group, except when the iteration matches the current host21:47
ApsuRun a ping against it21:47
ApsuLimit to 3 pings or so, fail the task when it errors21:47
ApsuShould be pretty short and quick21:48
openstackgerritJimmy McCrory proposed openstack/openstack-ansible-rabbitmq_server: [WIP] Multi-distro support for rabbitmq_server role  https://review.openstack.org/28628221:49
bsvApsu: I would make it myself, if you did not have any exising :D21:52
bsvexisting*21:52
ApsuI bet our support guys have stuff, just not sure where it'd be or if I could share, offhand lol21:53
ApsuSeems easy to do21:53
bsvBut a simple ICMP echo-reply test is not enough, actual IP packets have to be exchanged.21:53
bsvIn our case, all containers can ping each other, but if you try to establish an TCP stream.. boom, drop arp, all dead.21:54
bsvA basic ssh $remote-container "time" would do it.21:55
admin0bsv: mtu ?21:55
openstackgerritAmy Marrich (spotz) proposed openstack/openstack-ansible: Added configuration information for using Ceph with Cinder  https://review.openstack.org/29087321:55
bsvadmin0: mtu is 1500 all over, and no headers added21:56
*** cloudtrainme has quit IRC21:57
Apsubsv: ICMP still requires ARP and rides on IP. If you're specifically having TCP issues, sounds like packet size, so I'm wondering about MTUs and checksums now.21:58
ApsuICMP is IP protocol #121:58
ApsuCould be an offloading issue21:59
*** cloudtrainme has joined #openstack-ansible21:59
bsvApsu: my fault, when I wrote IP... i meant to write tcp.22:00
ApsuNo worries22:00
ApsuHave you tried very large payload pings?22:00
bsvif the container have the arp-entry for the remote host, you can ping all day long...it works.22:00
stevellemhayden: you think that tempest flavors thing is transient?22:01
ApsuIf those fail, MTU is more likely. If not, TCP offloading is suspect22:01
*** skamithi14 has joined #openstack-ansible22:01
bsvBut try and do ex. ssh, the arp-entry gets dropped right away, and arp who-has is issued at once.22:01
*** javeriak has quit IRC22:02
openstackgerritJimmy McCrory proposed openstack/openstack-ansible-rabbitmq_server: [WIP] Multi-distro support for rabbitmq_server role  https://review.openstack.org/28628222:02
ApsuSounds like duplicate MACs or IPs or bridging loops or Something...22:02
*** thorst_ has quit IRC22:02
bsvif you try and ssh to a host (not container host), it all works fine.22:02
ApsuThe ARP entry shouldn't "drop" immediately, ever, but it could be replaced if the IP stays the same but MAC changes on seeing the traffic22:02
*** skamithi15 has joined #openstack-ansible22:03
mhaydenstevelle: beginning to wonder if it isn't22:04
bsvBut it does :) intriguing huh? :)22:04
*** skamithi13 has quit IRC22:04
Apsubsv: Sounds loopy or duplicatey is all :)22:04
stevellemhayden: I found a critical error in nova api when I was hunting, and https://review.openstack.org/#/c/290834/ might fix it but I haven't jiggled the parts yet to see22:05
*** thorst_ has joined #openstack-ansible22:05
stevellecritical msg said it couldn't find auth_type in config22:05
mhaydenstevelle: ah okay -- i got bitten by the missing nova api user password earlier :|22:05
*** skamithi14 has quit IRC22:05
bsv (╯°□°)╯︵ ┻━┻22:06
* mhayden ducks to avoid the table22:06
stevelle(°_°) ┬─┬ please respect tables22:06
mhaydenlittle bobby tables?22:06
stevellenah, you can drop him22:07
mhaydenhttps://xkcd.com/327/22:07
*** retreved has quit IRC22:07
Apsumhayden: <322:07
mhaydenstevelle: actually, i got the tempest failure here with something totally unrelated -> https://review.openstack.org/#/c/290526/22:08
openstackgerritSteve Lewis proposed openstack/openstack-ansible: Remove unused galera_address from playbook  https://review.openstack.org/29077322:09
*** thorst_ has quit IRC22:09
*** Mudpuppy has joined #openstack-ansible22:10
stevellemhayden: I think nova is going to fail all tempest until this is fixed "http://logs.openstack.org/26/290526/1/check/gate-openstack-ansible-dsvm-commit/db5b788/logs/aio1_nova_api_os_compute_container-3bfadf28/nova-api-os-compute.log22:10
stevellesearch for CRITICAL nova [-] MissingRequiredOptions22:10
stevellewe just need to get that auth_url in which seems to be missing for some reason22:11
*** raddaoui has quit IRC22:17
openstackgerritSteve Lewis proposed openstack/openstack-ansible-os_nova: Revert "Fix auth_url for nova configuration"  https://review.openstack.org/29088122:18
*** phalmos has quit IRC22:19
openstackgerritSteve Lewis proposed openstack/openstack-ansible-os_nova: Revert "Fix auth_url for nova configuration"  https://review.openstack.org/29088122:20
*** raddaoui has joined #openstack-ansible22:20
openstackgerritSteve Lewis proposed openstack/openstack-ansible: Remove unused galera_address from playbook  https://review.openstack.org/29077322:21
*** jguy_ has joined #openstack-ansible22:23
*** admin0 has quit IRC22:23
*** thorst_ has joined #openstack-ansible22:24
flaviosrmhayden, can you give me a hand?22:25
*** McMurlock1 has quit IRC22:27
*** automagically_ has joined #openstack-ansible22:28
mhaydenstevelle: ugh that's weird22:29
mhaydenflaviosr: yes sir22:29
mhaydenflaviosr: i have 5-10 minutes until i must go, though22:29
flaviosroh thats fine, i got it nvm. thanks anyway for being reachable :)22:30
*** b3rnard0 is now known as b3rnard0_away22:30
*** KLevenstein has quit IRC22:32
*** kencjohnston has quit IRC22:32
*** woodard has quit IRC22:33
mhaydenhaha okay22:33
*** asettle has joined #openstack-ansible22:34
stevellecloudnull: d34dh0r53 any other cores? https://review.openstack.org/29088122:36
*** johnmilton has quit IRC22:37
*** lykinsbd has joined #openstack-ansible22:38
*** galstrom is now known as galstrom_zzz22:38
*** asettle has quit IRC22:39
*** lykinsbd has quit IRC22:42
*** aslaen has quit IRC22:45
*** aslaen has joined #openstack-ansible22:46
*** aslaen has quit IRC22:46
*** aslaen has joined #openstack-ansible22:46
*** aslaen has quit IRC22:48
*** aslaen has joined #openstack-ansible22:49
*** aslaen has quit IRC22:49
*** raddaoui has quit IRC22:50
*** thorst_ has quit IRC22:51
*** thorst_ has joined #openstack-ansible22:52
*** weezS has quit IRC22:52
*** networkninja has quit IRC22:57
*** skamithi15 has quit IRC23:01
*** skamithi13 has joined #openstack-ansible23:01
*** lunarlamp is now known as mariusv23:01
*** weezS has joined #openstack-ansible23:01
*** thorst_ has quit IRC23:01
« Tuesday, 2016-03-08 Index Thursday, 2016-03-10 »

Generated by irclog2html.py 2.14.0 by Marius Gedminas - find it at mg.pov.lt!