Wednesday, 2016-09-14

« Tuesday, 2016-09-13 Index Thursday, 2016-09-15 »
cloudnullfrom setup-infra?00:00
hughmFLEXinyea00:00
cloudnullI know that bug, but i thought that was fixed.00:03
cloudnull-cc stevelle00:03
*** thorst_ has joined #openstack-ansible00:04
cloudnullhughmFLEXin:  you mind doing a git branch ?00:04
cloudnullare you on (detached from 14.0.0.0b3) ?00:05
hughmFLEXinhmmm apparently im on no branch00:05
cloudnullthe file to modify is playbooks/inventory/group_vars/utility_all.yml:44:00:06
cloudnulland then remove the gnocchiclient entry00:06
cloudnullon line 44 that is00:06
cloudnullbut in "master" that was fixed00:06
cloudnullwhich is only slightly ahead from that tag00:06
hughmFLEXinhmm ok removed it00:07
cloudnullyou can just run ``openstack-ansible utility-install.yml`` and you'll be done with the setup infra part00:07
*** woodard has quit IRC00:07
* hughmFLEXin dances00:08
cloudnullstevelle: Matias: if you get a chance would you mind reviewing https://review.openstack.org/#/c/352054/00:10
cloudnullonce that's in we can update the ceilo role to allow for list overrides in nested yaml files00:10
cloudnullwhich would finally give us the ability to change things in those nested lists of lists..00:11
*** thorst_ has quit IRC00:11
* cloudnull shakes fist at ceilometer.00:11
hughmFLEXinaw yisss, on to the final playbook00:12
stevellehughmFLEXin: can you taste it? does it taste like bitter?00:12
hughmFLEXinno just taste like the usual openstack00:12
cloudnullthe bitter bite of OpenStack00:12
hughmFLEXinexactly ^ lmao00:12
hughmFLEXinneed to install mosh so i can run it and go home00:13
cloudnulltmux00:14
cloudnullfor the win00:14
*** jcannava has quit IRC00:14
hughmFLEXinsame thing :-P00:14
cloudnullI like mosh though00:16
cloudnullits kinda amazing00:16
hughmFLEXinMIT fellas are pretty smart eh00:16
stevellecloudnull: the os_glance thing may just be an ansible problem00:16
stevelletrying out a fix00:16
cloudnull:(00:16
cloudnull:)00:16
*** sdake_ has quit IRC00:17
*** sdake has joined #openstack-ansible00:17
*** psilvad has joined #openstack-ansible00:20
hughmFLEXinso if physically, my eth3 is the external (outbound/public) , but i've shoved all the OSA network vlan stuff on eth200:20
hughmFLEXinis there any special ip forwarding / natting i need to do afterwards?00:20
hughmFLEXinor will the external_vip thing handle it (i assigned it a public ip)00:20
cloudnullthat should handle it00:21
hughmFLEXinsweet00:21
cloudnullthe handoff is in haproxy and we use multiple backends to get it done.00:21
cloudnullso "it should just work"-tm00:21
hughmFLEXin*waits for the ymmv00:22
* hughmFLEXin waits for the ymmv00:22
hughmFLEXin:-(00:22
*** schwicht has joined #openstack-ansible00:25
cloudnullits less ymmv and more https://www.youtube.com/watch?v=StTqXEQ2l-Y00:27
*** adrian_otto has quit IRC00:27
hughmFLEXinlmao00:29
hughmFLEXinalright ill catch you tmrw and let you know00:30
openstackgerritSteve Lewis (stevelle) proposed openstack/openstack-ansible-os_glance: Fix os_glance role functional testing  https://review.openstack.org/36972600:30
cloudnullhughmFLEXin: cheers !00:30
*** hughmFLEXin has quit IRC00:31
stevelledigging into list extensions now...00:31
*** woodard has joined #openstack-ansible00:33
*** woodard has quit IRC00:34
*** woodard has joined #openstack-ansible00:34
*** nwonknu has quit IRC00:38
*** itsuugo has quit IRC00:40
*** itsuugo has joined #openstack-ansible00:40
*** smatzek has joined #openstack-ansible00:44
cloudnullfinally relocating home but like for real this time .00:44
cloudnull:) bbl00:44
*** oben has joined #openstack-ansible00:45
*** itsuugo has quit IRC00:45
*** itsuugo has joined #openstack-ansible00:46
*** schwicht has quit IRC00:47
*** itsuugo has quit IRC00:51
*** schwicht has joined #openstack-ansible00:51
*** nwonknu has joined #openstack-ansible00:52
*** itsuugo has joined #openstack-ansible00:53
*** asettle has joined #openstack-ansible00:59
*** asettle has quit IRC01:04
*** schwicht has quit IRC01:04
*** smatzek has quit IRC01:07
*** thorst_ has joined #openstack-ansible01:09
*** itsuugo has quit IRC01:10
*** itsuugo has joined #openstack-ansible01:11
*** thorst_ has quit IRC01:12
*** thorst_ has joined #openstack-ansible01:14
*** gouthamr has quit IRC01:17
*** albertcard1 has joined #openstack-ansible01:23
*** poopcat has quit IRC01:23
*** albertcard1 has quit IRC01:23
*** poopcat has joined #openstack-ansible01:25
Matiasstevelle: new issue: http://paste.openstack.org/show/575585/01:25
Matias2 pipeline queues are getting stuck with this01:26
*** itsuugo has quit IRC01:26
*** jamielennox is now known as jamielennox|away01:26
*** itsuugo has joined #openstack-ansible01:27
Matiasstevelle: i'm surprised by SSLV3_ALERT_BAD_RECORD_MAC01:27
Matiassslv3???01:27
stevelleMatias: all of the stuff on master *except* ceilometermiddleware should be using some kind of SSL for rabbit, and I think the default protocol is SSLv3 :((01:30
Matiassslv3 O_o01:31
stevelleI remember seeing something ugly when I was digging...01:33
stevellehttps://github.com/openstack/oslo.messaging/blob/master/oslo_messaging/_drivers/impl_rabbit.py#L64001:33
stevelleMatias: ^^01:33
*** poopcat has quit IRC01:33
*** poopcat has joined #openstack-ansible01:34
stevellenot updated since 201401:34
*** schwicht has joined #openstack-ansible01:34
Matiaswell, what surprises me is that sslv3 is chosen by default by.. kombu maybe?01:35
stevellemaybe01:36
Matiasoslo.messaging itself does not choose a default..01:36
stevellelooks like we can override by specifying kombu_ssl_version = tlsv1_201:36
Matiashttps://github.com/celery/kombu/search?utf8=%E2%9C%93&q=ssl_version01:37
Matiasmaybe it just passes as-is to ampq01:37
*** schwicht has quit IRC01:37
stevelleunder the [oslo_messaging_rabbit] section01:38
stevelleMatias: wondering if there is an underlying network issue causing that issue01:39
*** itsuugo has quit IRC01:39
Matiasno, it is passed to https://docs.python.org/2/library/ssl.html#ssl.wrap_socket01:39
Matiaslooks like python itself is choosing sslv3 as default O_o01:39
Matiasmaybe we should change from ubuntu to openbsd01:40
stevelleor even py301:40
stevelleas radical as that idea is :P01:41
*** itsuugo has joined #openstack-ansible01:41
stevelleodyssey4me: ^ see above about specifying [oslo_messaging_rabbit] kombu_ssl_version = tlsv1_2 to get around use of SSLv301:42
stevellewill let him pipe in on that tomorrow01:42
*** sdake_ has joined #openstack-ansible01:45
*** sdake_ has quit IRC01:45
*** sdake_ has joined #openstack-ansible01:45
cloudnullhttps://review.openstack.org/#/c/369726/ -- is that all that's needed to make glance happy ?01:47
*** woodard has quit IRC01:47
stevellecloudnull: yeah seems like01:47
*** sdake has quit IRC01:47
stevellejust needed to rub some ansible on it01:47
cloudnullha01:48
*** itsuugo has quit IRC01:52
*** thorst_ has quit IRC01:52
*** thorst_ has joined #openstack-ansible01:53
openstackgerritKevin Carter (cloudnull) proposed openstack/openstack-ansible: Ensure that gnocchi uses keystone authentication  https://review.openstack.org/36961001:54
*** itsuugo has joined #openstack-ansible01:54
*** thorst_ has quit IRC02:02
openstackgerritMerged openstack/openstack-ansible-security: Add network conf auditing on CentOS  https://review.openstack.org/36899102:02
Matiascloudnull: already moved? :D02:03
cloudnullyup, i'm quick like that :P02:03
Matiascloudnull: so do you think it is better to created systemd files only if the system really uses systemd?02:04
*** dragonmaster has joined #openstack-ansible02:04
cloudnulli do02:05
cloudnullif thats possible02:05
stevelle+1, but I'm rollin out for the night02:05
Matiasstevelle: good evening02:06
cloudnullhave a good one stevelle02:06
Matiasgood night02:06
Matiasgood sleep?02:06
stevelleonly 7pm, going out for a couple hours before sleep02:06
Matiasrepo-install now takes an eternity (unless you are on a fresh install)02:06
Matias23h here02:07
*** weezS has joined #openstack-ansible02:07
cloudnullrepo-install now takes an eternity (unless you are on a fresh install)?02:12
cloudnullMatias: ^02:12
cloudnullwhat is it taking too long on?02:12
Matiasjust testing your PR once more02:14
Matiasrecusing into the fully populated git repos is really slow02:14
Matiasrecursing*02:14
Matiasbut there is nothing we can do02:15
openstackgerritKevin Carter (cloudnull) proposed openstack/openstack-ansible-repo_server: Convert role testing to use Ansible 2.1.1  https://review.openstack.org/36978202:19
cloudnullI wonder if its the ansible task being slow with recurse02:19
cloudnullor if its the bash task ?02:19
cloudnullfind should be super quick02:19
cloudnullbut I guess either could be terrible02:19
*** thorst_ has joined #openstack-ansible02:20
*** thorst_ has quit IRC02:21
Matiasargh, ran repo-install accidentally instead of repo-server02:21
Matiaslet me run it again to get the stats02:21
Matiascloudnull: if owner is already ok, the file module with recurse is neatly instantaneous, which is good02:22
openstackgerritMerged openstack/openstack-ansible-os_tempest: Ensure tempest runs independently in testing  https://review.openstack.org/36633502:22
Matiasit only takes long if it needs to write to the disk02:22
Matiasat least in my system02:22
Matiasprobably because the entire repo is cached in RAM02:22
Matiass/neatly/nearly/02:23
cloudnullinteresting.02:23
MatiasTASK: repo_server : Ensure git directory permissions ------------------- 81.00s02:23
Matiasthat's how long it takes02:23
Matiasnow let me measure again the ansible task when it has to change the owner02:24
cloudnulleverytime ?02:24
Matiasprobably yes, but just a sec I will measure when it needs to change something02:24
Matiascloudnull: unrelated, the memcached containers seem to be logging the entire memcached traffic to /var/log/syslog02:28
Matiasthis is probably a huge hog02:28
Matias-vv           very verbose (also print client commands/reponses)02:30
Matiasprobably because of this02:30
Matiascloudnull: https://github.com/openstack/openstack-ansible-memcached_server/blob/master/templates/memcached.conf.debian.j2#L702:31
MatiasI think here it should be -v02:31
Matiashttps://github.com/openstack/openstack-ansible-memcached_server/commit/c99d1debe905c06a71c457f60045428533988d5e02:32
MatiasI don't get why it was increased here02:32
Matias/dev/lxc/controller-02_memcached_container-18575240  4.8G  4.6G     0 100% /02:33
cloudnullhum.02:34
cloudnullso we should turn that log facility off ?02:34
Matiaswell, it is easily filling up the container disk until the rotation kicks in and compresses the log02:35
cloudnullok02:35
MatiasI think memcached traffic is overly intense to log every message02:36
*** thorst_ has joined #openstack-ansible02:36
Matiaslogging every sql statement in galera would be less of a hog than logging memcached, I think02:37
MatiasTASK: repo_server : Git service data folder setup --------------------- 371.70s02:37
MatiasTASK: repo_server : Ensure git directory permissions ------------------- 82.54s02:37
Matiascloudnull: ^02:37
Matiasthat's when it needs to change both owner/group and permissions02:38
Matiasso changing the mode is like a constant 80 seconds02:38
Matiasand changing the owner is slow like hell, but ansible is smart enough to only write to disk if needed02:38
openstackgerritKevin Carter (cloudnull) proposed openstack/openstack-ansible-memcached_server: Lower verbosity on memcached server  https://review.openstack.org/36978402:39
cloudnullMatias: ^ memcached02:39
Matiasso that if the metadata is in RAM cache it is instantaneous02:39
cloudnullso I think we need to remove recurse from 'Git service data folder setup'02:40
Matiasnice, thanks for the memcached patch02:40
cloudnulland then just add the chmod into 'Ensure git directory permissions'02:40
Matiaswell, it is a compromise you make02:40
cloudnull**chown02:41
Matiaschown is faster when you actually need to change stuff02:41
Matiashowever it is slower when you are only checking if it is OK02:41
Matiasanother thing I just noticed is that to compute state we are calling ls -l02:42
cloudnullbut it looks like the additional recurse function is SUPER slow02:42
Matiaswhich would list files twice02:42
Matiasone for the dir which contains the file, another for the file itself02:42
Matiaswe could do find -type d, or find -exec ls -ld02:42
Matiascloudnull: "Git service data folder setup" runs in a few milliseconds if the owner/group is already correct02:43
Matiasit only takes 370s if it needs to change the owner/group of every file02:43
Matiasso it's a single-time wait02:44
Matiase.g. when upgrading from mitaka to newton02:44
cloudnullfair point02:44
cloudnulland going from here those perms should not be broken02:44
Matiasbut again, if caches are clean it would take longer, didn't measure how much02:44
cloudnulland if they are they'll be corrected02:44
Matiasbut find would need to go across the entire tree anyway02:45
cloudnullI'm good with the single hit when upgrading02:46
Matiashowever, the 80s hit of "Ensure git directory permissions" will always occur02:46
*** hblah has quit IRC02:46
Matiasbut I can't think of anything we could do about that02:46
cloudnullwe could only run that if the previous task changed02:48
Matiascloudnull: wow02:49
MatiasTASK: repo_server : Ensure git directory permissions ------------------- 28.62s02:49
Matiascloudnull: that was changing from find "${GIT_DIR}" -exec ls -l {} \;02:50
Matiasto find "${GIT_DIR}" -type d -exec ls -l {} \;02:50
Matiasso that files are listed only once02:50
Matiassent as comments in the PR02:54
Matiasstevelle: it would be strange that the 3 nodes would have the same issue if it was a networking issue02:57
Matiasstevelle: also no other sympton arises in the other containers, other rabbit queues, nor other protocols running over the management network02:58
Matiasstevelle: it's just ceilometer-agent-notification, and if I restart it, it consumes the messages stuck in the queue02:58
Matiasonly to get stuck again after a few hours02:58
*** dragonmaster has quit IRC03:01
Matiaswell, need to get some sleep03:01
Matiasit's already midnight here03:01
Matiascloudnull: thanks, see you tomorrow03:02
cloudnullMatias: cool so lets change that in the task03:18
openstackgerritKevin Carter (cloudnull) proposed openstack/openstack-ansible-repo_server: Set permissions on the openstackgit directory  https://review.openstack.org/36899703:20
cloudnull^ done03:20
*** itsuugo has quit IRC03:21
*** itsuugo has joined #openstack-ansible03:23
openstackgerritmelissaml proposed openstack/openstack-ansible: Modify use of assertTrue(A in B)  https://review.openstack.org/36980303:24
*** schwicht has joined #openstack-ansible03:27
openstackgerritKevin Carter (cloudnull) proposed openstack/openstack-ansible-repo_server: Convert role testing to use Ansible 2.1.1  https://review.openstack.org/36978203:28
*** adrian_otto has joined #openstack-ansible03:31
*** itsuugo has quit IRC03:32
*** itsuugo has joined #openstack-ansible03:34
*** hughmFLEXin has joined #openstack-ansible03:35
hughmFLEXindu -a /var | sort -n -r | head -n 1003:42
hughmFLEXinoops03:42
openstackgerritKevin Carter (cloudnull) proposed openstack/openstack-ansible-plugins: Implement distro package lookups and index  https://review.openstack.org/36302203:45
cloudnullnot enough space ?03:45
cloudnulli like du -ah /var | sort -n -r | head -n 10 -- because i'm a dumb human03:47
cloudnull:)03:47
*** itsuugo has quit IRC03:48
*** itsuugo has joined #openstack-ansible03:49
*** thorst_ has quit IRC03:50
openstackgerritKevin Carter (cloudnull) proposed openstack/openstack-ansible: Remove assumption that the neutron_lbaas var is set  https://review.openstack.org/36890503:51
openstackgerritKevin Carter (cloudnull) proposed openstack/openstack-ansible: [TESTING] Ansible Devel  https://review.openstack.org/35116503:53
*** adrian_otto has quit IRC03:56
*** adrian_otto has joined #openstack-ansible03:56
*** itsuugo has quit IRC03:59
*** itsuugo has joined #openstack-ansible04:00
*** thorst_ has joined #openstack-ansible04:02
*** hblah has joined #openstack-ansible04:06
*** dragonmaster has joined #openstack-ansible04:07
*** hj-hpe has quit IRC04:08
*** hblah has quit IRC04:08
*** hj-hpe has joined #openstack-ansible04:08
*** hj-hpe has quit IRC04:09
*** hblah has joined #openstack-ansible04:10
*** itsuugo has quit IRC04:10
*** Fenuks has joined #openstack-ansible04:11
*** itsuugo has joined #openstack-ansible04:12
openstackgerritKevin Carter (cloudnull) proposed openstack/openstack-ansible-lxc_container_create: Change the container prep into a single task  https://review.openstack.org/35412004:14
*** adrian_otto has quit IRC04:18
*** weezS has quit IRC04:18
*** itsuugo has quit IRC04:19
*** weezS has joined #openstack-ansible04:20
*** thorst_ has quit IRC04:20
*** itsuugo has joined #openstack-ansible04:22
*** thorst_ has joined #openstack-ansible04:28
*** Fenuks has quit IRC04:32
*** Fenuks has joined #openstack-ansible04:32
*** thorst_ has quit IRC04:33
*** itsuugo has quit IRC04:42
*** itsuugo has joined #openstack-ansible04:44
*** askb has quit IRC04:48
*** askb has joined #openstack-ansible04:49
*** itsuugo has quit IRC04:51
*** thorst_ has joined #openstack-ansible04:52
*** itsuugo has joined #openstack-ansible04:53
*** thorst_ has quit IRC04:56
*** Jeffrey4l_ has joined #openstack-ansible05:00
*** thorst_ has joined #openstack-ansible05:03
*** Jeffrey4l has quit IRC05:04
*** thorst_ has quit IRC05:08
openstackgerritKevin Carter (cloudnull) proposed openstack/openstack-ansible-lxc_container_create: Change the container prep into a single task  https://review.openstack.org/35412005:11
*** weezS has quit IRC05:11
openstackgerritKevin Carter (cloudnull) proposed openstack/openstack-ansible-lxc_container_create: Change the container prep into a single task  https://review.openstack.org/35412005:14
*** thorst_ has joined #openstack-ansible05:15
*** phschwartz has quit IRC05:15
*** phschwartz has joined #openstack-ansible05:18
*** thorst_ has quit IRC05:20
openstackgerritKevin Carter (cloudnull) proposed openstack/openstack-ansible-lxc_container_create: Change the container prep using more intelligent commands  https://review.openstack.org/35412005:23
*** dragonmaster has quit IRC05:25
*** hughmFLEXin has quit IRC05:26
openstackgerritKevin Carter (cloudnull) proposed openstack/openstack-ansible-lxc_container_create: Change the container prep using more intelligent commands  https://review.openstack.org/35412005:26
*** dragonmaster has joined #openstack-ansible05:27
*** itsuugo has quit IRC05:28
*** itsuugo has joined #openstack-ansible05:29
SamYaplecloudnull: go to bed05:32
cloudnullha!05:32
cloudnullyou go to bed.05:32
cloudnull:)05:32
SamYaplei am in bed05:32
SamYaplecheckmate05:32
cloudnullim on the couch05:32
cloudnullthats close05:32
cloudnull:P05:32
SamYapleso ive been working on the snappy packaging thing. there is a small little group that has formed05:33
SamYapleincluding the guys that do the openstack juju stuff05:34
SamYaplebeen trying to think of a way to add that in as an lxc alternative. i think i see a few entry points05:34
SamYaplegotta refresh myself on the project more05:34
cloudnullhows snappy been shaping up?05:35
SamYapleive been hammering on the python plugin and its in good shape (as of today)05:35
SamYaplegood enough for openstack anyway05:35
cloudnullsweet!05:35
cloudnullshipit!05:35
cloudnull:P05:35
SamYaplethere are still some daemon stuff things that im worried about05:35
SamYapleits merged upstream, yea05:35
SamYapleactually funny story about that, they have coverage tests for merging and I failed the coverage test, overall coverage dropped05:36
SamYapleHOWEVER, i raised the coverage of all the files I was working on to 100%05:36
SamYaple:)05:36
SamYapleif snapcraft as a whole had 100% coverage, my test would not have failed05:37
*** thorst_ has joined #openstack-ansible05:37
cloudnullits the wheel of progress.05:38
cloudnull:)05:38
cloudnullima go sleep now. i needed to get a few more things done so i could put my mind at rest. and its gfn .05:39
cloudnullhave a good night SamYaple ttys05:39
*** jamielennox|away is now known as jamielennox05:40
*** itsuugo has quit IRC05:43
*** itsuugo has joined #openstack-ansible05:45
SamYapleyou too cloudnull nigh05:46
*** itsuugo has quit IRC05:52
*** itsuugo has joined #openstack-ansible05:53
*** hughmFLEXin has joined #openstack-ansible06:01
*** galstrom_zzz is now known as galstrom06:06
*** itsuugo has quit IRC06:07
*** itsuugo has joined #openstack-ansible06:09
odyssey4meo/06:10
openstackgerritMerged openstack/openstack-ansible-os_glance: Fix os_glance role functional testing  https://review.openstack.org/36972606:17
*** itsuugo has quit IRC06:27
*** itsuugo has joined #openstack-ansible06:29
*** pcaruana has joined #openstack-ansible06:32
*** itsuugo has quit IRC06:34
*** itsuugo has joined #openstack-ansible06:35
*** dragonmaster has quit IRC06:37
*** itsuugo has quit IRC06:40
odyssey4merelocating06:40
*** itsuugo has joined #openstack-ansible06:41
*** dragonmaster has joined #openstack-ansible06:46
*** itsuugo has quit IRC06:49
*** itsuugo has joined #openstack-ansible06:50
*** hblah026 has joined #openstack-ansible07:04
*** hblah has quit IRC07:06
*** hblah has joined #openstack-ansible07:07
*** hblah026 has quit IRC07:11
*** thorst_ has quit IRC07:12
*** pmannidi has quit IRC07:13
*** drifterza has joined #openstack-ansible07:14
*** hblah469 has joined #openstack-ansible07:16
*** galstrom is now known as galstrom_zzz07:16
*** hblah has quit IRC07:17
drifterzaHello peeps07:20
*** karimb has joined #openstack-ansible07:22
*** hughmFLEXin has quit IRC07:25
*** fxpester has joined #openstack-ansible07:35
*** itsuugo has quit IRC07:39
odyssey4meback07:40
*** itsuugo has joined #openstack-ansible07:41
*** bgmccollum has quit IRC07:41
*** homerp_ has quit IRC07:42
*** bgmccollum has joined #openstack-ansible07:42
*** homerp has joined #openstack-ansible07:42
*** karimb has quit IRC07:46
*** hughmFLEXin has joined #openstack-ansible07:47
Attillaodyssey4me: I've checked and haproxy is running, listening on all interfaces for the keystond admin port07:50
AttillaSo that should be forwarded to the correct container07:51
AttillaGoodmorning by the way :-)07:51
AttillaSo it is still unclear to me why that auth error is occuring07:53
*** schwicht has quit IRC07:53
odyssey4meAttilla did you try enabling debug logging on keystone, then monitoring the logs while the heat playbook executes?07:54
*** jascott1 has quit IRC07:55
*** thorst_ has joined #openstack-ansible07:56
AttillaI'm kinda an openstack newbie, because I only want to play around with the networking side of it. I'm just running the "run-playbook" script that takes about 90minutes to get where I am now07:57
AttillaI can't really turn on anything, because it simply never completed a build07:58
*** thorst_ has quit IRC07:59
*** thorst_ has joined #openstack-ansible08:01
*** jwitko has quit IRC08:01
*** schwicht has joined #openstack-ansible08:02
*** permalac has joined #openstack-ansible08:03
AttillaSo it is hard to debug any further than that.08:06
*** admin0 has joined #openstack-ansible08:07
*** qiliang27 has joined #openstack-ansible08:15
*** thorst_ has quit IRC08:16
*** thorst_ has joined #openstack-ansible08:21
odyssey4meAttilla OK, let me help you get it done08:24
odyssey4meAttilla are you using an AIO for this build?08:24
*** hblah469 has quit IRC08:25
*** ikalnitsky is now known as ikalnytskyi08:27
openstackgerritJesse Pretorius (odyssey4me) proposed openstack/openstack-ansible-repo_build: Add binary package lookup output for repo build tests  https://review.openstack.org/36545808:28
*** asettle has joined #openstack-ansible08:29
pjm6Hi there :)08:35
*** thorst_ has quit IRC08:38
*** thorst_ has joined #openstack-ansible08:39
Attillaodyssey4me: I based my config on the AIO example08:39
odyssey4meAttilla ok, to enable debug logging set 'debug: yes' or 'debug: true' in /etc/openstack_deploy/user_variables.yml08:40
odyssey4mewhen that's done, execute this: cd /opt/openstack-ansible/playbooks; openstack-ansible os-keystone-install.yml08:40
odyssey4methat will reconfigure keystone to use debug logging08:41
Attillaok, have to run to a customer, back in a bit08:41
odyssey4methen open a session to each keystone container, and in each container tail the keystone logs08:41
odyssey4mehughsaunders could you review https://review.openstack.org/363022 please if you have a moment?08:44
*** thorst_ has quit IRC08:44
hughsaundersodyssey4me: yep08:44
odyssey4mehughsaunders note my review comment to see the sample output08:44
*** thorst_ has joined #openstack-ansible08:46
*** thorst_ has quit IRC08:48
*** itsuugo has quit IRC08:51
*** itsuugo has joined #openstack-ansible08:52
openstackgerritJesse Pretorius (odyssey4me) proposed openstack/openstack-ansible: Reduce minimum data disk size for the AIO to 55GB  https://review.openstack.org/36994408:53
odyssey4meandymccr evrardjp ^ we're getting bluebox failures because their disk size is 58GB - that patch should bypass that issue08:53
odyssey4mein master it's already reduced to 50GB thanks to overlayfs usage08:54
*** thorst_ has joined #openstack-ansible08:54
openstackgerritMerged openstack/openstack-ansible: Ensure that gnocchi uses keystone authentication  https://review.openstack.org/36961008:56
*** oben has quit IRC08:58
*** oneswig has joined #openstack-ansible08:59
*** thorst_ has quit IRC08:59
*** kstev has quit IRC09:00
*** kstev has joined #openstack-ansible09:00
*** itsuugo has quit IRC09:02
openstackgerritMerged openstack/openstack-ansible-plugins: Add option to toggle list extensions  https://review.openstack.org/35205409:02
openstackgerritJesse Pretorius (odyssey4me) proposed openstack/openstack-ansible: [TESTING] Ansible Devel  https://review.openstack.org/35116509:02
*** itsuugo has joined #openstack-ansible09:03
odyssey4measettle a docs patch for review: https://review.openstack.org/36462709:04
hughsaundersodyssey4me: so is the idea of that lookup patch to list all the required distro packages for a version so they can be artefacts or precached etc?09:04
odyssey4mehughsaunders yep09:04
asettleodyssey4me: gracias09:04
odyssey4meit'll allow us to use the lookup data to prep container base images without actually building a running container09:04
odyssey4mewe can install all the apt and python packages in a chroot, and ignore all config implementation09:05
*** thorst_ has joined #openstack-ansible09:09
*** thorst__ has joined #openstack-ansible09:12
*** thorst_ has quit IRC09:13
openstackgerritMerged openstack/openstack-ansible-plugins: Implement distro package lookups and index  https://review.openstack.org/36302209:16
*** karimb has joined #openstack-ansible09:17
odyssey4meevrardjp https://review.openstack.org/#/c/367521/09:18
odyssey4meor look at any of the number of patches currently open for the role09:18
*** thorst__ has quit IRC09:20
pjm6I have a doubt, normally in OS deployments exists redundancy of instances?09:20
*** sdake_ has quit IRC09:28
*** thorst_ has joined #openstack-ansible09:28
*** itsuugo has quit IRC09:33
*** itsuugo has joined #openstack-ansible09:35
odyssey4mepjm6 I don't think I understand the question?09:35
*** thorst_ has quit IRC09:35
*** permalac has quit IRC09:38
*** b3rnard0 has joined #openstack-ansible09:41
*** haojing has joined #openstack-ansible09:42
haojing#openstack-meeting09:43
pjm6odyssey4me, lets imagine that my compute-node01 (which has 5 instances)09:44
pjm6die09:44
pjm6i loose that 5 instances, if are in a local storage09:44
odyssey4mehaojing ?09:44
pjm6my question was if its normal using shared storage, in that way, it's possible to recover those instances in the new compute noed09:45
haojingsorry, ignore that09:45
odyssey4mepjm6 yes, unless you have configured shared storage for nova's ephemeral storage (for example, using nfs or ceph)09:45
pjm6odyssey4me, nfs performance with KVM is good?09:45
odyssey4mepjm6 that would depend on your networking09:46
odyssey4mepjm6 the options are to configure shared storage if you care about all your instance ephemeral disks, or if you don't care about them all - to set the instance to boot from volume (and your volume back-end must be networked storage and safe from disaster), or you configure the application to be able to run in a case of a disaster (ie if you lose the instance it does not matter)09:47
vnoginpjm6, also as another option to use disaster recovery tool :)09:47
*** hughmFLEXin has quit IRC09:48
vnoginmorning osa :) o/09:48
pjm6thanks odyssey4me vnogin09:48
pjm6vnogin, o/09:48
pjm6odyssey4me, one thing, in KVM its possible to configure a shared storage connection to a Storage09:48
pjm6with icqn?09:48
odyssey4mepjm6 yes, as vnogin said - another option is to backup instances and restore them09:48
vnoginpjm6, we are trying to use freezer now09:48
pjm6vnogin, freezer?09:49
odyssey4mepjm6 generally it is done by simply mounting the /var/lib/nova/instances folder onto shared storage - or using the ceph back-end configuration09:49
vnoginpjm6, https://wiki.openstack.org/wiki/Freezer09:49
odyssey4mepjm6 it has nothing to do with KVM - it's a file system mount09:49
pjm6vnogin, thanks, i will take a look to it :)09:50
*** hughmFLEXin has joined #openstack-ansible09:50
pjm6odyssey4me, yes I see, but correct me if I'm wrong09:50
*** haojing has quit IRC09:50
pjm6if I use a ICQN connection individually for each compute node, that would cause problems right?09:51
pjm6if exists concurrent access's09:51
*** hughmFLEXin has quit IRC09:53
odyssey4mepjm6 well - not really - each host is exclusively writing to their own files... no two compute hosts can be trying to write to the same files... but yes, that is a risk09:55
odyssey4methat is why using ceph is a better model09:55
pjm6yes, i could just create a icqn to that specific host09:55
pjm6but if I understood well09:55
pjm6the ceph is good if we have many disks09:56
pjm6 right?09:56
odyssey4mepjm6 one method is to set each host to have their own exclusive storage space on a storage unit - this is essentially just offloading the storage from local disk to somewhere else which perhaps has better DR and is easier to re-mount to another server if need be09:56
odyssey4meusing ceph it's nice because you get the liver-migration benefits that a shared storage unit gives you, but you don't have to deal with the issue of multiple compute units trying to access the same LUN09:57
Attillaodyssey4me: Had to redeploy it, so have to wait for it to finish to start some more debugging.09:58
AttillaThanks already :-)09:58
odyssey4meAttilla it may be best to actually use a built and working AIO for reference09:59
pjm6I see odyssey4me, but with shared storage live migration works too, no?10:01
*** thorst_ has joined #openstack-ansible10:02
odyssey4mepjm6 yes it does, but only if two compute hosts have access to the same LUN10:03
pjm6hmm I see :) thanks odyssey4me10:03
pjm6one last question for now xD how do you deal with OS ugprades ?10:03
pjm6for instance, updating the compute host10:04
pjm6sometimes needs to reboot (because kernel)10:04
pjm6a possible scenario I see is migrating all compute nodes from that host to another one, reboot, and then just put it again10:04
odyssey4mepjm6 ideally, live migrate the instances to another host, disable the compute agent on the host you want to upgrade, upgrade the compute host, then verify that it's fine, then enable the compute agent again10:05
odyssey4methen migrate the instances back10:05
pjm6seems simple and straightforward :D10:05
vnoginodyssey4me, pjm6 as option bifrost and ironic ansible driver can be used for provisioning :)10:05
odyssey4mevnogin well, yes - whatever your provisioning system is is rather immaterial10:06
*** oneswig has quit IRC10:06
odyssey4mefor example, logan- has a system where the compute OS is PXE booted so it is always rebuilt from the latest software on reboot10:06
vnoginodyssey4me, agree :) as I said - as option ))10:06
pjm6vnogin, i was seeing, the bifrost is a clean install of a base image pre configured ?10:07
odyssey4mepersonally I would rather be using cobbler - trying to use pre-built images would require fairly homogenous hardware, whereas a scripted build may take longer but more easily handles disparate hardware10:07
odyssey4mebut each to their own10:07
odyssey4meinstead of bifrost you could implement a standalone ironic install using out ironic role too... bifrost is just a standalone ironic implementation10:08
odyssey4meour role caters for both a standalone and an integrated build10:08
vnoginpjm6, yep10:08
pjm6I was thinking in adding  pxe on boot, but I think that could be manual tasks to do, like networking bonding and other stuff10:10
pjm6(like Mirantis do)10:10
*** thorst_ has quit IRC10:11
vnoginodyssey4me, I've sent you how I use bifrost in private message :)10:11
vnoginpjm6, do you mean in fuel?10:12
pjm6Yeah10:12
*** thorst_ has joined #openstack-ansible10:12
vnoginpjm6, yep, it can be done :)10:16
Attillaodyssey4me: I can't even get AIO to work or any setup for that matter :P10:16
pjm6But you use PXE on boot to have a clean OS installed with openstack services running, or just with network setup10:16
pjm6and after it10:16
pjm6run openstack-ansible?10:17
odyssey4meAttilla in that case, I would recommend starting with a standard AIO - get that working before trying to customise anything10:17
odyssey4meAttilla the AIO is an opportunity for you to figure out what bits may need to be configured to cater for firewalling, proxies, etc - it's a known good configuration10:17
*** thorst_ has quit IRC10:20
Attillaodyssey4me: Already tried that, but even a plain AIO setup didn't work. But I'm trying this on VM's, would that be the issue?10:22
openstackgerritAndy McCrae proposed openstack/openstack-ansible-openstack_openrc: Add alias for OS_ENDPOINT_TYPE  https://review.openstack.org/37000910:23
AttillaAnd my config that I have is almost the same as AIO, just with two different compute nodes10:24
odyssey4meAttilla if a plain AIO is not working, then you need to resolve that before trying to build out a multi-node deployment... whatever issue you hit for an AIO is going to hit you for multi-node too... but multi-node will also be plagued by other possible config issues10:25
vnoginpjm6, only basic network configuration. Then ansible configures what I need on the node and then openstack-ansible :)10:25
odyssey4meAttilla from what I saw your config is an AIO anyway, but with your own config attempt... so you may as well get it right on an AIO first10:25
odyssey4me(using our known AIO config)10:26
pjm6vnogin, so you just use PXE to acelerate the preparation of host and then run your ansible script and then openstack-ansible10:26
vnoginodyssey4me, installation guide for AIO should be reviewed :)))) First time I also faced a lot of issues :)10:26
Attillavnogin: There are some parts of the guide that aren't really clear if you start with all of this.10:27
vnoginAttilla, totally agree with you :)10:27
pjm6I just updated to last openstack-ansible and i'm getting error in "Get remove venv checksum"10:27
pjm6it gives me a 404 Not found page10:27
odyssey4meAttilla this is why the AIO is a great tool with a known configuration to explore things10:28
pjm6forget, I just forgot to update the other playbooks10:28
odyssey4meand yes, we've done a ton of stuff to the guide and are looking for feedback for improvements - please register bugs for anything needed... points of clarity, example configs, etc10:28
vnoginpjm6, correct. I don't want to provision each node using IPMI manually :)10:28
pjm6I just need to excecute boostrap-ansible after updating the openstack-ansible, right ?10:28
odyssey4meideally then once you have the right understanding, help us to improve the install guide to make it better for newcomers10:29
Attillaodyssey4me: Will do,, in general there is a lot of documentation10:29
pjm6vnogin, yes, it make sense :D10:29
AttillaBut I'm just trying to get it running in our reference topology to test with vxlan overlay etc.10:29
odyssey4mepjm6 http://docs.openstack.org/developer/openstack-ansible/mitaka/install-guide/app-minorupgrade.html10:29
Attillahttps://raw.githubusercontent.com/CumulusNetworks/cldemo-vagrant/master/cldemo_topology_l3.png10:29
pjm6thanks odyssey4me, after a while i didn't remember10:30
*** qiliang27 has quit IRC10:33
vnoginodyssey4me, evrardjp guys are you going to summit? :)10:35
openstackgerritMerged openstack/openstack-ansible: Fix log path option  https://review.openstack.org/36764910:35
openstackgerritMerged openstack/openstack-ansible: Reduce minimum data disk size for the AIO to 55GB  https://review.openstack.org/36994410:35
FenuksHello. Anyone know if it's possible to enable Swift3 and EC2 credentials with OSA?10:35
*** itsuugo has quit IRC10:36
evrardjpvnogin: we are10:37
*** itsuugo has joined #openstack-ansible10:37
openstackgerritMerged openstack/openstack-ansible: Use correct version when creating backup dir  https://review.openstack.org/36965010:37
evrardjpvnogin: will you?10:37
evrardjpI'd be happy to meet you!10:37
vnoginevrardjp, yep :) confirmed :) so I'd be happy to meet you too :)10:37
odyssey4meFenuks as far as I recall, those options are out of tree now for the respective projects - and no-one's done the integration work to bring the new out of tree options back to work in OSA10:38
odyssey4meuntil someone does, support will diminish10:38
Fenuksodyssey4me: Out of tree in OSA or in Openstack in general?10:38
pjm6nice :D i will go to10:38
*** thorst_ has joined #openstack-ansible10:39
evrardjpwe'll have to coordinate this10:39
evrardjpif that's the proper term10:39
odyssey4meFenuks openstack in general - the options are there, but they are no longer part of the swift, keystone, nova code trees... they are now independent projects10:39
*** karimb has quit IRC10:40
*** karimb has joined #openstack-ansible10:41
Fenuksodyssey4me: Is there anything to replace them? I need a way to store objects in swift from within virtual instances, but any user in openstack has access to entire project and is a huge security risk should it be compromised10:41
*** rk4n has joined #openstack-ansible10:41
odyssey4meFenuks ok, so digging into the current state - the thing I was thinking about was the ec2 api which is now in https://github.com/openstack/ec2-api and has been pulled out of nova's code tree10:41
odyssey4metrying to find whther keystone/swift support any amazon bits these days10:42
pjm6odyssey4me, that link: ec2-api its for using the ec2 API in the openstack, right?10:44
odyssey4mepjm6 yes10:45
odyssey4meah, so I see that swift has its own repo for s3 support too: http://docs.openstack.org/mitaka/config-reference/object-storage/configure-s3.html10:47
odyssey4meandymccr ^ FYI10:47
odyssey4meso yes, at this point we have no s3 support - but it'd likely be fairly trivial to instrument it10:47
*** rk4n has quit IRC10:48
*** rk4n has joined #openstack-ansible10:48
*** itsuugo has quit IRC10:48
*** itsuugo has joined #openstack-ansible10:49
Fenuksodyssey4me: Trivial? Any guess how soon can that be? Or, perhaps, you can kick me in the right direction so I can try to implement it myself?10:49
*** thorst_ has quit IRC10:51
*** rk4n has quit IRC10:53
*** itsuugo has quit IRC10:56
*** rk4n has joined #openstack-ansible10:58
*** itsuugo has joined #openstack-ansible10:58
*** thorst_ has joined #openstack-ansible10:59
*** psilvad has quit IRC11:01
*** electrofelix has joined #openstack-ansible11:04
odyssey4meFenuks you could learn from the integration of the lxd and powervm drivers for nova, but apply it to swift11:05
odyssey4meyou'd need to optionally include the swift3 repo, optionally include the configs for it11:06
Fenuksodyssey4me: Thanks, will try11:07
Fenuksodyssey4me: But I see nothing about lxd or powervm in ansible roles or OSA playbooks…11:10
*** itsuugo has quit IRC11:10
*** thorst_ has quit IRC11:11
odyssey4meFenuks the facilitation is in https://github.com/openstack/openstack-ansible-os_nova11:11
*** itsuugo has joined #openstack-ansible11:11
odyssey4meFenuks you can see some of the patches in the whiteboard here: https://blueprints.launchpad.net/openstack-ansible/+spec/nova-lxd-support11:12
odyssey4mesome more here: https://blueprints.launchpad.net/openstack-ansible/+spec/powervm-virt-driver11:13
FenuksAh, that's an upcomming feature, not in mitaka yet?11:13
odyssey4meFenuks yes, it'll be part of the NEwton release11:13
odyssey4meall development starts at the master branch, so if you want a feature to be included in the next release then that's where you build it11:14
FenuksOh, alright, looks like it is going to be feature-rich11:14
*** thorst_ has joined #openstack-ansible11:16
Matiasmorning11:18
Matiasodyssey4me: sorry for the crazy "recheck"11:19
* Matias poluting the gate11:19
odyssey4meMatias ?11:20
openstackgerritJean-Philippe Evrard proposed openstack/openstack-ansible-os_neutron: Ensure the nets, subnets and ports are present  https://review.openstack.org/37004611:20
Matiasodyssey4me: that one where I tought Depends-On pulled the repo with the referenced PR11:21
*** thorst_ has quit IRC11:21
odyssey4meMatias ah ok, no that's a common thing - no worries... I do hope to make that work at some point11:21
*** rk4n has quit IRC11:22
*** itsuugo has quit IRC11:24
*** arbrandes has joined #openstack-ansible11:26
*** itsuugo has joined #openstack-ansible11:26
FenuksOne more silly question — after I've installed Openstack with OSA I did not change anything by hand. Since then, OSA has 50 new commits. Is it safe to pull them, bootstrap again and run OSA?11:27
FenuksIt should update everything that has changed?11:28
*** arbrandes1 has quit IRC11:28
MatiasFenuks: usually yes, but to have >99.9% guarantee in a production env, you would need to checkout only stable tags, and update only across them11:29
FenuksMatias: I'm using stable/mitaka11:29
MatiasFenuks: are you checking out the branch directly, or the version tags?11:30
FenuksMatias: Branch11:30
Matiasit is recommended to checkout version tags to guarantee you do not get something somewhat WIP in the middle11:31
Matiashowever usually you shouldn't have problems11:31
FenuksAlright, I'll switch to tags, there should be some ahead11:32
Matiasnice11:32
*** retreved has joined #openstack-ansible11:34
*** openstackgerrit has quit IRC11:34
*** openstackgerrit has joined #openstack-ansible11:35
Matiasgnocchi is generating enough swift traffic to fill up my swift-proxy-container disk11:35
Matiasand that's because I only have 2 instances running11:35
drifterzaI had to do filtering11:35
Matiasdrifterza: share please :D11:36
Matiasdude are you only online during late night in new zealand? :P11:37
drifterzalol its 13:37 here11:37
Matiasah, then you are not in new zealand11:38
Matiasas I supposed from your nickname11:38
drifterzaza=south africa11:38
Matiasah lol11:38
Matiasnew zealand = nz11:38
Matiasmental bug11:39
drifterzahehe11:39
drifterzajeeze trying to find where i did it11:39
drifterzaone sec.11:39
Matiasdrifterza: I partially found my problem.. OSA was not being able to set the fd limit in systemd, so the rabbit servers were getting full of connections11:41
drifterzaah, bug in the systemd scripts ?11:41
drifterza[dispatcher_gnocchi]11:41
drifterzafilter_project = gnocchi_swift11:41
drifterzafilter_service_activity = True11:41
drifterzaarchive_policy = low11:41
drifterzalet me check if thats in master.11:42
Matiasyes, i'm working on it now11:42
Matiasdrifterza: I included this using an override11:42
Matiassaw it in gnocchi docs11:42
*** asettle has quit IRC11:42
Matiasproblem is, i'm using archive_policy medium11:42
Matiasso probably my gnocchi is handling 5x more data than yours11:43
drifterzaaah riight11:43
*** asettle has joined #openstack-ansible11:43
drifterzayes that is true11:43
drifterzaNote that it configures a filter to filter out all samples generated by Gnocchi. Otherwise each time we write to Swift that will generate samples to write again to Swift and this will create a storm of samples that grows indefinitely. The filter breaks this infinite loop.11:43
Matiasyes11:43
Matiasthis is being integrated into the playbook by stevelle11:43
Matiasthere are some pending PRs for taht11:43
drifterzaAh right sweet.11:44
drifterzai haven't looked at the gnocchi role in a while11:44
drifterza:P11:44
Matiashe did it in another way, on which he filters directly into the swift ceilometermiddleware11:44
Matiasso that generates less rabbit traffic11:44
drifterzanice, I should of checked before spreading my lies then :)11:44
Matiasbut in the meantime I'm using the same method as yours, using an ceilometer_ceilometer_conf_override11:44
*** karimb has quit IRC11:44
Matiasdrifterza: the stevelle sweetness is not in master yet11:45
Matiasstill a PR11:45
Matiasunmerged11:45
drifterzacool at least its been tagged then11:45
drifterzaso thats good.11:45
Matiasnow my issue is lots of swift traffic, even if the positive feedback loop is already cutted11:45
drifterzawhich metric ?11:46
MatiasI think I need to logrotate once per hour, maybe11:46
drifterzaodyssey4me, you around ?11:47
Matiasjust default metrics11:47
Matiasfrom the ceilometer's default pipeline11:47
*** asettle has quit IRC11:47
Matiasbut I reduced the interval from 600 to 15 seconds11:47
drifterzaso with the gnocchiclient you do metric list, can you see which one is the noisy one ?11:48
drifterzaor is it all in general11:48
Matiasit's all in general11:48
drifterzaah, then its your sample rate then11:48
drifterzamost likely11:48
Matias22M     /var/log/swift/proxy.log11:48
Matiasthat with 7min running11:48
drifterzayeah you could turn the verbose off on the swift-prox11:49
drifterzayeah you could turn the verbose off on the swift-proxy11:49
drifterzaperhaps that would save some space11:49
Matiashowever I would not be able to log e.g. IP addr / time for external access to public swift containers11:50
drifterzahmm true11:50
Matiaspersonally I'd prefer to use ceph as storage for gnocchi11:50
Matiasbut that you take some time to get to work11:50
Matiasthat would*11:51
*** askb has quit IRC11:51
*** schwicht has quit IRC11:52
*** itsuugo has quit IRC11:54
Matiasdrifterza: now my real issue is that: http://paste.openstack.org/show/576118/11:54
*** hughmFLEXin has joined #openstack-ansible11:54
*** dragonmaster has quit IRC11:54
Matiasdrifterza: after some minutes or a few hours working, my ceilometer-agent-notification disconnects from some rabbit queues11:55
Matiasand data gets stuck there11:55
Matiashave you ever seen something like this?11:55
*** drifterza has quit IRC11:55
*** itsuugo has joined #openstack-ansible11:56
*** hughmFLEXin has quit IRC11:59
*** psilvad has joined #openstack-ansible12:03
odyssey4meFenuks yep, the minor upgrade process is documented here: http://docs.openstack.org/developer/openstack-ansible/mitaka/install-guide/app-minorupgrade.html12:03
odyssey4medrifterza yep, around now - was just out for a lunch break12:05
*** schwicht has joined #openstack-ansible12:06
*** drifterza has joined #openstack-ansible12:07
Matiasdrifterza: now my real issue is that: http://paste.openstack.org/show/576118/12:07
Matiasdrifterza: after some minutes or a few hours working, my ceilometer-agent-notification disconnects from some rabbit queues, and data gets stuck there12:07
Matiasdrifterza: have you ever seen something like this?12:07
*** asettle has joined #openstack-ansible12:07
drifterzaI haven't no, but that sounds like fd limit on rabbitmq12:09
drifterzaor it could be the middleware12:09
*** thorst_ has joined #openstack-ansible12:10
odyssey4medrifterza Matias yeah, that's very possibly an issue with rabbit - if it runs out of memory, or fd's, or disk space, then it'll block all queue processing until they clear12:10
*** gouthamr has joined #openstack-ansible12:10
Matiasdrifterza: odyssey4me: http://i.imgur.com/DYNW5Hk.png12:10
Matiasfds were an issue before we detected it, but it is now fixed by my preliminary PR12:10
odyssey4mehmm, ok - that's odd12:11
drifterzadoes that solve the hangup of ceilometer-agent-notification ?12:11
Matiasnot completely.. see, before the fd fix, I barely got it to start working12:11
Matiasnow it works for some minutes or even a few hours before getting stuck12:11
drifterzaand a HUP of the service fixes it ?12:12
Matiasrestarting it fixes it until it gets stuck again12:12
drifterzastrace it when it happens12:13
drifterzamaybe we can get clues from that12:13
Matiasother services in the same container, e.g. the central ceilometer-polling, don't have any issues with rabbit12:13
Matiashmm let's try, it is stuck right now12:14
drifterzaI think you can do strace inside lxc12:14
drifterzaI know docker blocks that12:14
drifterzaodyssey4me, you still there12:15
*** psilvad has quit IRC12:15
odyssey4medrifterza yep12:16
*** schwicht has quit IRC12:16
drifterzaSo still trying to get hold of that upstream dev, no luck so far. I've updated my repo to include the requirements for gateing. How can I commit a PR so that the CI builds ?12:17
drifterzaif I don't have a repo that is12:17
drifterzaim talking about prometheus12:18
evrardjpodyssey4me: could you help me merge this? https://review.openstack.org/#/c/370046/12:18
evrardjpandymccr: ^12:19
Matiasdrifterza: select(0, NULL, NULL, NULL, {999993005, 746148}12:19
Matiasjust endless select on a null fd set12:19
Matiasmaybe that is the problem12:19
Matiaslook at this timeout12:19
drifterzahmm so its getting no feeds12:19
*** psilvad has joined #openstack-ansible12:20
Matiashow is it supposed to return from the syscall in a reasonable time?12:20
Matias999993005 is in seconds ,right?12:20
Matiaswith nfds=0, it is effectively a sleep12:20
mgariepygood morning everyone12:21
Matiasgood morning12:21
drifterzastrace -c >/dev/null ls12:22
Matiashm?12:22
drifterzacan you do that, it should give you a list of syscalls12:22
drifterzaand there time12:22
drifterzatheir*12:22
Matiasshould I do that in the ceilometer-agent-notification pid?12:23
drifterzanot on the pid, in the container12:23
Matiasah, you want to strace ls, not ceilometer12:23
Matiasok12:23
drifterzayes12:23
drifterzawant to see which syscall is hanging12:23
Matiasnothing weird: http://paste.openstack.org/show/576125/12:24
*** schwicht has joined #openstack-ansible12:24
odyssey4mehughsaunders if you have a moment, can you peek at https://review.openstack.org/370046 ?12:24
Matiasmy hypothesis is that something in ampq or kombu lib is setting a huge timeout for reconnecting to rabbit in case of error, which is never reached12:25
Matiasthis does not explain why the error occurred in the first place, but such a timeout is asking to make the service unreliable12:25
*** psilvad has quit IRC12:25
*** psilvad has joined #openstack-ansible12:25
drifterzahmm12:25
*** karimb has joined #openstack-ansible12:29
*** psilvad has quit IRC12:29
andymccrevrardjp: https://review.openstack.org/#/c/369547/12:31
andymccrsimilar for swift https://review.openstack.org/#/c/369353/ (although there is no cool way to get that var from a running cluster)12:31
*** itsuugo has quit IRC12:32
*** itsuugo has joined #openstack-ansible12:33
*** d3n14l_ has joined #openstack-ansible12:34
*** d3n14l_ has quit IRC12:34
*** psilvad has joined #openstack-ansible12:35
*** itsuugo has quit IRC12:38
* hughsaunders is too slow at peeking12:39
*** itsuugo has joined #openstack-ansible12:39
odyssey4meandymccr comment in the swift patch12:39
andymccrodyssey4me: cool sounds good - will fix12:40
*** schwicht has quit IRC12:40
*** d3n14l_ has joined #openstack-ansible12:42
*** d3n14l_ has left #openstack-ansible12:42
*** d3n14l has joined #openstack-ansible12:42
*** spotz_zzz is now known as spotz12:42
odyssey4meandymccr the only downside to putting that check into the role is that if that condition is ever hit, many things have already happened to the environment to change it - so it'll fail an upgrade or deployment after all sorts of changes have happened12:43
odyssey4meI do think, at some point, we need to figure out a way to do pre-requisite checks.12:44
andymccrodyssey4me: yeah thats true - i think it also opens it up to some other checks we could add in12:44
andymccrthe galera role does a few more, so i think other roles could do similar things for values that should be immutable (effectively)12:44
*** Fenuks has quit IRC12:44
odyssey4meperhaps a way to do it would be to have a pre-requisite playbook which executes a the 'pre-requisite checks' for all the roles without changing anything.12:44
*** schwicht has joined #openstack-ansible12:44
*** jamesdenton has joined #openstack-ansible12:44
odyssey4meso basically each role has a pre-requisite check lifecycle phase which is activated by a lifecycle var (similar to the swift setup vs swift sync var)12:45
odyssey4meI guess that could be added as part of https://review.openstack.org/34603812:45
*** d3n14l has left #openstack-ansible12:46
*** d3n14l1 has joined #openstack-ansible12:46
openstackgerritAndy McCrae proposed openstack/openstack-ansible-os_swift: Add check for swift_hash_path_ variables  https://review.openstack.org/36935312:47
*** schwicht has quit IRC12:49
*** d3n14l1 has quit IRC12:49
*** d3n14l has joined #openstack-ansible12:50
*** itsuugo has quit IRC12:50
*** itsuugo has joined #openstack-ansible12:52
*** jheroux has joined #openstack-ansible12:53
openstackgerritMerged openstack/openstack-ansible-os_neutron: Ensure the nets, subnets and ports are present  https://review.openstack.org/37004612:54
openstackgerritJesse Pretorius (odyssey4me) proposed openstack/openstack-ansible-os_neutron: Update paste, policy and rootwrap configurations 2016-09-08  https://review.openstack.org/36752112:54
*** kylek3h has joined #openstack-ansible12:55
openstackgerritJesse Pretorius (odyssey4me) proposed openstack/openstack-ansible-os_neutron: Remove Calico qemu configuration  https://review.openstack.org/36828612:55
*** drifterza has quit IRC13:04
*** schwicht has joined #openstack-ansible13:04
*** afred312 has joined #openstack-ansible13:04
*** d3n14l has left #openstack-ansible13:05
openstackgerritAndy McCrae proposed openstack/openstack-ansible-os_swift: Add check for swift_hash_path_ variables  https://review.openstack.org/36935313:06
openstackgerritMerged openstack/openstack-ansible-openstack_openrc: Add alias for OS_ENDPOINT_TYPE  https://review.openstack.org/37000913:07
openstackgerritJesse Pretorius (odyssey4me) proposed openstack/openstack-ansible: Update SHA for openstack_openrc role  https://review.openstack.org/37010913:13
openstackgerritJesse Pretorius (odyssey4me) proposed openstack/openstack-ansible: Update SHA for openstack_openrc role  https://review.openstack.org/37010913:13
odyssey4meandymccr evrardjp ^ that should do it13:13
*** afred312 has quit IRC13:14
openstackgerritJesse Pretorius (odyssey4me) proposed openstack/openstack-ansible: Update SHA for openstack_openrc role  https://review.openstack.org/37010913:14
openstackgerritMarc Gariépy proposed openstack/openstack-ansible-os_keystone: Remove requiretty for sudo on centos  https://review.openstack.org/36885013:19
openstackgerritMerged openstack/openstack-ansible-galera_server: Prevent galera_cluster_name from changing.  https://review.openstack.org/36954713:23
*** hblah has joined #openstack-ansible13:23
*** poopcat has quit IRC13:26
openstackgerritTravis Truman (automagically) proposed openstack/openstack-ansible-os_aodh: Ansible 2.1.1 role testing  https://review.openstack.org/35356313:30
*** KLevenstein has joined #openstack-ansible13:37
openstackgerritTravis Truman (automagically) proposed openstack/openstack-ansible-os_glance: Ansible 2.1.1 role testing  https://review.openstack.org/35358913:37
openstackgerritTravis Truman (automagically) proposed openstack/openstack-ansible-os_ceilometer: Ansible 2.1.1 role testing  https://review.openstack.org/35356113:38
*** TxGirlGeek has joined #openstack-ansible13:39
*** itsuugo has quit IRC13:42
*** markvoelker has joined #openstack-ansible13:43
*** itsuugo has joined #openstack-ansible13:44
*** poopcat has joined #openstack-ansible13:44
*** tomjosekal has quit IRC13:48
openstackgerritAndy McCrae proposed openstack/openstack-ansible-galera_server: Prevent galera_cluster_name from changing.  https://review.openstack.org/37013313:49
Matiasstevelle: got again the stuck queues from yesterday, now for another reason13:49
Matiasstevelle: it looks like the py-amqp is unable to handle rates in the order of 100 messages per second without blowing itself up13:50
*** itsuugo has quit IRC13:50
Matiasstevelle: that when using ssl13:51
*** itsuugo has joined #openstack-ansible13:52
Matiasodyssey4me: I remember vaguely about ssl being disabled in OSA's rabbitmq and reenabled some days ago, does it had something to do with this?13:53
*** afred312 has joined #openstack-ansible13:56
*** sdake has joined #openstack-ansible13:58
*** hj-hpe has joined #openstack-ansible13:59
mgariepyodyssey4me, I would like to tests https://review.openstack.org/#/c/320542/ gate-openstack-ansible-os_glance-ansible-func-centos-7-nv with https://review.openstack.org/#/c/368850/ is is possible ?14:02
odyssey4memgariepy not right now - you'd have ot test it yourself14:04
mgariepyok how do I do that ?14:04
odyssey4memgariepy build a centos-7 instance/vm, then pull down the repo14:05
*** hblah has quit IRC14:05
odyssey4methen look at the contents of run_tests.sh and tox.ini and you'll see how the test executes14:05
odyssey4meexecute the steps one by one, and once you have the roles cloned down, put the edit from the other role into the role clone14:05
odyssey4methen continue the execution14:06
odyssey4meit's painful :/14:06
mgariepyok, i'll wait for mhayden input on https://review.openstack.org/#/c/368850/ then14:09
mgariepyit will be easier haha14:09
* mhayden ganders14:09
cloudnullmornings14:10
mgariepythe sudoers stuff might need to be moved in the keystone role tho.14:10
shasha_tavilmorning everyone14:10
openstackgerritMerged openstack/openstack-ansible-os_swift: Add check for swift_hash_path_ variables  https://review.openstack.org/36935314:11
mhaydenmgariepy: i'm +2 on that14:12
*** jperry has joined #openstack-ansible14:12
*** kstev has quit IRC14:13
openstackgerritMerged openstack/openstack-ansible-repo_server: Set permissions on the openstackgit directory  https://review.openstack.org/36899714:14
*** spedione|AWAY is now known as spedione14:16
openstackgerritJean-Philippe Evrard proposed openstack/openstack-ansible-os_neutron: Add container logs to the build  https://review.openstack.org/37015014:17
*** rk4n has joined #openstack-ansible14:17
openstackgerritJean-Philippe Evrard proposed openstack/openstack-ansible-os_neutron: Add container logs to the build  https://review.openstack.org/37015014:18
evrardjpcould this one get some votes ^ ?14:19
openstackgerritTravis Truman (automagically) proposed openstack/openstack-ansible-lxc_container_create: Address ansible_ssh_* var deprecation  https://review.openstack.org/37015614:21
*** kstev has joined #openstack-ansible14:21
*** rk4n has quit IRC14:21
odyssey4meevrardjp sure, once we see that it does what it says on the tin :p14:22
odyssey4meautomagically stevelle I saw in the IRC logs something about SSL connectivity issues relating to SSLv314:23
automagicallyFor Rabbit?14:23
odyssey4meand a suggestion was made to implement https://github.com/openstack/oslo.messaging/blob/master/oslo_messaging/_drivers/impl_rabbit.py#L56 as an option in all our configs, with the value of TLSv1_2 or osmething14:24
odyssey4me*something14:24
odyssey4meautomagically yeah14:24
odyssey4melemme try and find the log on eavesdrop14:24
stevelleodyssey4me: the oslo.messaging driver for rabbit defaults to SSLv3, yes14:24
automagicallyYeah, I believe it was Matias talking about issues with message consumption just dying after awhile14:24
odyssey4mehttp://eavesdrop.openstack.org/irclogs/%23openstack-ansible/%23openstack-ansible.2016-09-14.log.html#t2016-09-14T01:27:5314:25
stevellethat too, automagically. either way I don't think we want to use SSLv314:25
MatiasI'm not sure if it defaults to SSLv3 or if the log message is only some artifact of the connection failure14:25
automagicallyAh, okay, thanks for digging up the log14:26
odyssey4meso it appears that python is defaulting to SSLv314:26
cloudnull++ to change to TLS1.*14:26
odyssey4meand we need to override that14:26
* automagically putting it on my todo list14:26
odyssey4meand this will likely have to be done across all roles14:26
* automagically which is quite long currently14:26
odyssey4meso I guess we need a namespaced var per role, and a group var global var to switch it14:26
stevellemain thing automagically is making sure we raise visibility and decide if we want to address it14:26
odyssey4meok, best thing right now is to raise a bug14:27
mgariepyodyssey4me, mhayden for the sudo stuff, we might be better putting it on in main.yml as if the fernet key stuff is skipped, the next tasks that need to sudo will break.14:27
automagicallystevelle: Do we have enough information for a bug14:27
stevelleautomagically: probably14:27
automagicallyodyssey4me: ++14:27
odyssey4meMatias could you register a bug please?14:27
odyssey4meat the very least we can register it as a known issue and include the config override to address it14:27
evrardjpso, question (for the tests repo), do you see a reason why the bind mounts should be defined globally vs locally (i.e. dependent of the role that will be tested) ?14:28
odyssey4methat will certainly be q cuick and easy way to address it for now, until we get the time to automate it in code14:28
* lbragstad lurks at the mention of fernet14:28
Matiasi'd first inspect the ssl negotiation using tcpdump to see if it is really SSLv314:28
odyssey4meMatias for now, go ahead and register the bug with what we know now - you can add to the bug any further triage that you do14:28
Matiasok14:29
odyssey4methat at least ensures that it hits our bug triage process and is tracked in some way other than a passing conversation14:29
Matiaswell, there is a bug surely, py-amqp is unstable like hell with ssl enabled in the ceilometer containers14:29
Matiasbut i'm not sure if it is really SSLv3 or not14:29
Matiasthe log message seems to say so, but the python bugtracker says SSLv3 was discontinued in py2.714:30
odyssey4memgariepy uh? which review are you talking about?14:30
odyssey4meMatias SSLv3 was discontinued everywhere14:30
openstackgerritNish Patwa(IRC: nishpatwa) proposed openstack/openstack-ansible: [install-guide] Merge install guide configure content into a single page  https://review.openstack.org/36966514:30
mgariepyhttps://review.openstack.org/#/c/368850/14:30
Matiaswe digged a little in kombu and py-amqp code yesterday, and it seems to use py2.7 default settings for ssl if you don't specify anything14:32
openstackgerritTravis Truman (automagically) proposed openstack/openstack-ansible-pip_install: Ansible 2.1.1 role testing  https://review.openstack.org/37017014:32
openstackgerritNish Patwa(IRC: nishpatwa) proposed openstack/openstack-ansible: [install-guide] Merge install guide configure content into a single page  https://review.openstack.org/36966514:33
Matiasi'll open the bug after lunch, in a few hours14:33
Matiasbbl14:33
automagicallyThanks Matias14:33
Matiass/hours/minutes/14:33
mgariepyhttp://paste.openstack.org/show/576193/14:33
mgariepyodyssey4me, mhayden ^^14:33
odyssey4memgariepy yes, if there are other elements which require the use of sudo then the sudoers file drop should be done much earlier and unconditionally14:33
odyssey4memgariepy considering that both fernet and credentials make use of it, and I think the db sync also does - this needs to be unconditionally done14:34
*** spotz is now known as spotz_zzz14:34
cloudnull++14:35
odyssey4memgariepy part of keystone_post_install perhaps?14:35
cloudnulla little late to this convo but cant the sudoers things be done in the lxc_container_create template?14:35
mgariepykeystone_pre_ ?14:35
openstackgerritMarc Gariépy proposed openstack/openstack-ansible-os_keystone: Remove requiretty for sudo on centos  https://review.openstack.org/36885014:36
odyssey4meif we want to apply it to all containers, then we should rather do it in the cache creation in the lxc_hosts role14:36
mgariepyi can resubmit with post if you like14:36
cloudnullthat's what i mean odyssey4me, in the lxc_hosts role.14:36
cloudnullnot container create.14:36
odyssey4mecloudnull the question is whether this is only needed by some services, or all of them14:37
cloudnullubuntu does not have requiretty in their default config14:37
cloudnullonly cent does14:37
odyssey4mealso, to be fair, if the role is executed against an on-metal host then it needs this config14:37
openstackgerritMerged openstack/openstack-ansible-pip_install: Make pip_install honour pip_install_options  https://review.openstack.org/36912114:37
cloudnullso we could just make one standard template and use that across the distros14:38
cloudnullfrom within the container that is14:38
automagicallyQuick and easy review for any cores who have a minute: https://review.openstack.org/#/c/370156/14:38
odyssey4mecloudnull for the moment I'm happy as-is - this is surgical, and security changes should be as minimal and surgical as possible14:39
automagicallyty cloudnull14:39
automagicallyAmen odyssey4me14:39
odyssey4mewhen it gets out of hand and becomes something done all over the place, we can reconsider14:39
cloudnullok.14:39
mgariepyis keystone_pre_install with the user creation stuff ok ?14:39
odyssey4meyeah, I think pre or post install will do just fine14:40
odyssey4melooking through install now to verify that statement properly14:40
*** jamesden_ has joined #openstack-ansible14:41
*** jperry has quit IRC14:41
cloudnullrequiretty is not really a security change even though its in the sudoers file. https://bugzilla.redhat.com/show_bug.cgi?id=1020147#c7 -- from RHEL folks. it's likely this is just getting in the container due to how the base image was created.14:41
openstackbugzilla.redhat.com bug 1020147 in sudo "default requiretty is problematic and breaks valid usage" [High,Closed: rawhide] - Assigned to dkopecek14:41
cloudnullIE https://bugzilla.redhat.com/show_bug.cgi?id=1020147#c514:42
odyssey4mecloudnull yeah, but we need to cater for on_metal deployments too - so changing the container doesn't really help much14:42
mgariepymost of the os-* will need sudoers file.14:42
odyssey4meit can only help by changing the task from an implementation to a verification14:42
cloudnullwhat mgariepy said.14:42
cloudnullwe can add the surgical bits to the openstack-hosts role14:43
cloudnullwhich will then cater to onmetal14:43
cloudnullbut i get the point of it's good enough for now.14:43
cloudnulljust playing devils advocate.14:43
*** jamesde__ has joined #openstack-ansible14:43
odyssey4mefair enough - so two changes - one to openstack_hosts, the other to lxc_hosts... only for redhat though... and all we're doing is disabling requiretty for root?14:44
mgariepyi would rather not having to add the sudoers.j2 and tasks on all the roles. and some tests needs it as well.14:44
odyssey4memhayden need your input here, automagically jmccrory thoughts?14:44
* mhayden is reading now14:45
odyssey4meone question, of course, would then be - what do we name the sudoers file?14:45
odyssey4meor do we change the implementation to be different - perhaps a lineinfile change or something14:45
mgariepyopenstack-ansible ?14:45
*** jamesden_ has quit IRC14:45
cloudnullsudoers14:46
mgariepyas in /etc/sudoers.d/openstack-ansible ?14:46
cloudnullodyssey4me: that said, we could add -t to our base ssh-command in https://github.com/openstack/openstack-ansible/blob/master/playbooks/inventory/group_vars/all.yml#L41114:46
cloudnullwhich would then always set a tty14:46
sdakeis jessie around?14:47
cloudnullohai sdake.14:48
cloudnulljessie == odyssey4me14:48
mhaydencloudnull: ah good point on the -t14:48
cloudnulllots of ways to skin this cat.14:49
sdakehey cloudnull14:51
openstackgerritMerged openstack/openstack-ansible-lxc_container_create: Address ansible_ssh_* var deprecation  https://review.openstack.org/37015614:51
openstackgerritKevin Carter (cloudnull) proposed openstack/openstack-ansible-lxc_container_create: Change the container prep using more intelligent commands  https://review.openstack.org/35412014:51
*** jwitko has joined #openstack-ansible14:53
odyssey4mecloudnull yeah, that's an option - although I don't think that will help the rsync jobs for key sync... although those should have their own requiretty/sudo bits14:54
*** itsuugo has quit IRC14:54
cloudnullyea, we'd have to add -t to all the things that use ssh outside of ansible14:55
cloudnullso that's a less supportable solution overall.14:55
cloudnullIMO, removing it from the container and adding a lineinfile option for openstack_hosts is the best way forward.14:55
* cloudnull my 2cents14:55
*** itsuugo has joined #openstack-ansible14:56
mhaydenmgariepy: what are your thoughts on using -t as cloudnull suggested?14:57
openstackgerritNish Patwa(IRC: nishpatwa) proposed openstack/openstack-ansible: [DOCS] Added HAProxy example to Production environment document.  https://review.openstack.org/37018714:57
*** rk4n has joined #openstack-ansible14:58
cloudnullnishpatwa_: ^ nice!14:58
cloudnullasettle: rromans: ^14:58
nishpatwa_Thanks..:) cloudnull14:58
*** jamesde__ has quit IRC14:58
mgariepyI think any solution that will fix all the roles at onces it better than individual patches.14:58
odyssey4memgariepy ++14:59
openstackgerritNish Patwa(IRC: nishpatwa) proposed openstack/openstack-ansible: [docs] Merge install guide configure content into a single page  https://review.openstack.org/36966514:59
odyssey4memgariepy so I think the key sync jobs which run as non-root will need a special sudoers file regardless, and those should be per rsync implementation14:59
odyssey4mebut if we can implement something that works for ansible in a simple, clean way - then let's do it15:00
cloudnullmgariepy: ++15:00
mgariepywill the -t option fix tests that need becomes as well ?15:00
odyssey4memgariepy no, I don't think it will :/15:02
*** TxGirlGeek has quit IRC15:02
*** BjoernT has joined #openstack-ansible15:03
odyssey4mecloudnull the dynamic inventory is giving me grief - I need some advise on how to resolve this15:04
*** TxGirlGeek has joined #openstack-ansible15:05
odyssey4meI've made changes in https://review.openstack.org/369485 to make it easier to designate each os-infra bit to live on a host instead of forcing the use of affinities... but now I'm seeing that all the groups I've broken out have the host included as a target in groups like 'horizon_all' :/ ... are you able to see how to fix this at a glance?15:05
*** michaelgugino has joined #openstack-ansible15:06
*** david-lyle_ has joined #openstack-ansible15:06
openstackgerritMerged openstack/openstack-ansible: Update SHA for openstack_openrc role  https://review.openstack.org/37010915:06
*** david-lyle_ has quit IRC15:06
odyssey4mebasically I want to be able to put 'horizon_hosts' into the openstack_user_config/conf.d and it'll build a horizon container on the designated host15:06
odyssey4mecores - we need a second review of https://review.openstack.org/36978415:07
openstackgerritMarc Gariépy proposed openstack/openstack-ansible: Add -t option to create a pseudo TTY  https://review.openstack.org/37019715:09
*** TxGirlGeek has quit IRC15:09
*** weezS has joined #openstack-ansible15:09
BjoernTFolks just a heads up. If you are not using galera-server  10.0.27+maria-1~trusty or higher you run into nasty SST race conditions per https://jira.mariadb.org/browse/MDEV-9423, https://jira.mariadb.org/browse/MDEV-10497 and https://bugs.launchpad.net/percona-xtrabackup/+bug/1570560.15:09
openstackLaunchpad bug 1570560 in Percona XtraBackup 2.4 "xtrabackup-v2 SST is broken on MariaDB 10.1/Galera w/ binary logs enabled" [High,New] - Assigned to Sergei Glushchenko (sergei.glushchenko)15:09
*** TxGirlGeek has joined #openstack-ansible15:09
*** weezS has quit IRC15:10
*** hughmFLEXin has joined #openstack-ansible15:10
cloudnullodyssey4me: il look at it15:12
cloudnull*i'll15:12
cloudnullBjoernT: good lookin out.15:12
openstackgerritMichael Gugino proposed openstack/openstack-ansible-os_nova: [DOCS] Update docs for mixed lxd hypervisors  https://review.openstack.org/36509815:13
BjoernTyeah I pulled my hair out yesterday, took me like 5 attempts to get a database restored which only worked if I did manual flush prior to SST15:13
hughmFLEXincloudnull: morning15:13
cloudnullhughmFLEXin: o/15:13
cloudnulland an upgrade to the latest 10.0.x fixed it15:14
cloudnull?15:14
openstackgerritMerged openstack/openstack-ansible-memcached_server: Lower verbosity on memcached server  https://review.openstack.org/36978415:15
cloudnullMatias: ^15:15
BjoernTI hope it does, I had manually fixed the situation with manual flushes. https://jira.mariadb.org/browse/MDEV-10497 seems to address this issue quite well.15:16
openstackgerritTravis Truman (automagically) proposed openstack/openstack-ansible-os_rally: Remove duplicate container prep from role test  https://review.openstack.org/37020115:16
*** rk4n has quit IRC15:17
*** TxGirlGeek has quit IRC15:20
*** TxGirlGeek has joined #openstack-ansible15:20
hughmFLEXincloudnull: does OSA have test plays to validate the deployment?15:21
cloudnullwe have tempest15:21
cloudnullwhich can be used to validate a deployment15:22
*** jperry has joined #openstack-ansible15:22
cloudnullbut tempest isn't great as it'll leave crufty bits around.15:22
hughmFLEXingotcha...15:22
cloudnullwhich is just a tempest-ism not really an issue with the role.15:22
hughmFLEXinso most of my previous deploys use flat network for the floating (external) network. What is segmentation id?15:24
*** TxGirlGeek has quit IRC15:24
hughmFLEXinfor some reason i went with vxlan...15:24
cloudnullsegmentation_id == vlan tag15:24
*** TxGirlGeek has joined #openstack-ansible15:24
odyssey4mecloudnull palendae ok, we seem to have an inventory bug here - I'll fix up the patch, and you'll see what works and what doesn't15:24
cloudnullwe support vxlan, flat, and vlan all at the same time.15:25
cloudnullso in general we use vlan for provider networks and vxlan for tenant networks15:25
hughmFLEXinah15:26
cloudnullso admin creates a couple provider networks for cluster use, maybe attach them to a router if thats needed, and share the networks so all tenant can attach to them.15:26
cloudnullthen tenants create vxlan networks and routers which attach to the shared provider networks giving the tenant access to floating IPs15:27
openstackgerritMajor Hayden proposed openstack/openstack-ansible-security: [Docs] More cleanup  https://review.openstack.org/37021315:27
*** adrian_otto has joined #openstack-ansible15:27
cloudnullthat's a fairly basic, but common setup.15:27
*** TxGirlGeek has quit IRC15:27
*** rk4n has joined #openstack-ansible15:27
*** TxGirlGeek has joined #openstack-ansible15:28
hughmFLEXinim spoiled by mirantis fuel doing all the networking for me...15:28
palendaeodyssey4me, You're referring to https://review.openstack.org/#/c/369485/ ?15:29
odyssey4mepalendae yep15:30
odyssey4meso the issue now is that with the patch in the current state, the host ends up in all the groups, for example horizon_all15:31
palendae'the host' being aio1?15:31
odyssey4mepalendae yep15:31
*** TxGirlGeek has quit IRC15:32
*** TxGirlGeek has joined #openstack-ansible15:32
palendaeIn the horizon scenario, wouldn't you want it there?15:33
odyssey4meif I change 'horizon_containers', 'horizon_hosts' in the end.d entry to 'dashboard_containers' and 'dashboard_hosts' and obviously fix the conf.d entry then it all works the right way15:34
odyssey4mefor example, this is a working inventory: https://gist.github.com/evrardjp/165e00f19fbb553fbb3221d1d622ddc9#file-openstack_inventory-json-L1223-L123315:34
cloudnullhughmFLEXin: yea. we're all about choose your own misadventure. :)15:34
logan-maybe we should be using the 'service' group instead of the 'service_all' group15:34
cloudnullhughmFLEXin: but maybe this will help https://github.com/os-cloud/osic-ref-impl/blob/master/post-deployment-setup.sh15:35
logan-it seems the only difference is the physical host inclusion in _all? is that a bug or intentional for some reason? :)15:35
cloudnullits a simple script to create networks, secgroup rules, and upload images15:35
*** TxGirlGeek has quit IRC15:36
odyssey4mepalendae this is the output from the horizon config in that patch: http://pastebin.com/e15FxcCA15:36
*** TxGirlGeek has joined #openstack-ansible15:37
hughmFLEXincloudnull: ill take a look thanks15:37
odyssey4mewe target horizon_all in our playbooks... that gets both the horizon container and the container host, which from the keystone output in a working inventory you can see is not what it should be15:37
odyssey4meand it seems that for some reason the name of the group is what makes it work or not work, so there is some sort of bad assumption happening here15:38
palendaeSure15:38
logan-I observed that same behavior with unbound yesterday odyssey4me so yeah I'm thinking the same thing.. it seems like when the service name is the same as the container group name it does that.15:38
palendaeOh, right15:38
palendaeYes.15:38
palendaeevrardjp had this problem with haproxy15:38
openstackgerritMerged openstack/openstack-ansible-ops: Updated the readme file to add missing commands.  https://review.openstack.org/36954815:39
*** admin0 has quit IRC15:39
hughmFLEXincloudnull: qq, is the "range" in user_config for vlan and vxlan require physical switch config for those tags, or are those container-based network tags only15:39
odyssey4mehmm, of course - there's a group called 'horizon' (ie the service name)15:39
odyssey4methat's from the component_skel15:40
palendaeWe ran into this before when the service name is name the same as container group15:40
*** TxGirlGeek has quit IRC15:40
cloudnullhughmFLEXin: for vxlan no, those are tenant specific ranges and are only used internally.15:40
*** pcaruana has quit IRC15:40
cloudnullfor vlan yes. you should have those vlans trunked15:41
hughmFLEXingot it15:41
palendaeodyssey4me, The intent was to allow the services to be installed on the hosts, right?15:41
openstackgerritMerged openstack/openstack-ansible-openstack_hosts: Convert role testing to use Ansible 2.1.1  https://review.openstack.org/36952415:41
cloudnullif flat then you can use a native vlan if you have that setup.15:41
evrardjpyes I remember having that15:41
odyssey4mepalendae so I don't really see how this has anything to do with a property in the dict15:42
jamesdentondoes anyone know if v14 has any mechanism to create bgp_dragent.ini for the BGP agent? Or if there's a way to arbitrarily create that file w/ respective config via existing openstack-ansible mechanisms?15:42
odyssey4mebasically if I change an entry called 'horizon_containers' to 'dashboard_containers' and 'horizon_hosts' to 'dashboard_hosts' then it suddenly applies the group memberships in the right way...15:42
odyssey4meif for some reason the service property is being used and '_containers' or '_hosts' appended to it, then we're being daft15:43
hughmFLEXincloudnull: hah, is it too late to go back and add the flat network back into the user_config?15:43
cloudnullno15:43
odyssey4meI can see how we possibly might be grabbing part of the component skel, then appending _... to it15:43
odyssey4meie a bad assumption15:43
openstackgerritMajor Hayden proposed openstack/openstack-ansible-ops: Remove osa-differ  https://review.openstack.org/37023415:44
cloudnulljust add it in, rerun the lxc-container-create play15:44
evrardjpjamesdenton: bgp-dragent is part of osa15:44
hughmFLEXincloudnull: will do...15:44
palendaeThe problem before was that using a host named 'haproxy' collided with the existing dict entry15:44
evrardjpit works with overrides likes the others15:44
palendaeSo this is different15:44
palendaeThe '_all' groups are implicit15:44
evrardjpjamesdenton: the name of the override is neutron_bgp_dragent_ini_overrides15:44
palendaeLooks like we're also creating '_hosts' groups15:45
jamesdentonevrardjp ahh perfect. much thanks! And to enable the service_plugin just add a neutron_conf override?15:45
odyssey4mepalendae yeah, so what I think might be going on here is that we're not taking the env.d entries as the source of truth - we're instead adding some assumptions about things that should be there15:45
*** BjoernT has quit IRC15:45
odyssey4meso for instance we're being forgiving about where someone forgot to add a _hosts group, so we create one15:46
*** eon` has quit IRC15:47
*** eon` has joined #openstack-ansible15:47
evrardjpjamesdenton: put in your variables neutron_bgp: True15:48
jamesdentonahh ok15:48
openstackgerritKevin Carter (cloudnull) proposed openstack/openstack-ansible-os_aodh: Ansible 2.1.1 role testing  https://review.openstack.org/35356315:49
*** TxGirlGeek has joined #openstack-ansible15:49
openstackgerritMerged openstack/openstack-ansible-pip_install: Ansible 2.1.1 role testing  https://review.openstack.org/37017015:49
evrardjpjamesdenton: simple, right? :p15:50
jamesdentonit is! Does only 1 agent get installed?15:50
evrardjpwell my knowledge stops here I guess15:50
evrardjpjust let me check15:50
openstackgerritKevin Carter (cloudnull) proposed openstack/openstack-ansible-pip_install: Add role linking to tox tests  https://review.openstack.org/37024115:52
openstackgerritMerged openstack/openstack-ansible-os_neutron: Remove Calico qemu configuration  https://review.openstack.org/36828615:52
*** BjoernT has joined #openstack-ansible15:52
evrardjpjamesdenton: it looks like it's gonna be installed when neutron_bgp_dragent is in the group names ... let me check a second more15:53
jamesdentonk15:53
*** TxGirlGeek has quit IRC15:53
openstackgerritJesse Pretorius (odyssey4me) proposed openstack/openstack-ansible-os_neutron: Add functional testing for Calico  https://review.openstack.org/36828715:53
*** TxGirlGeek has joined #openstack-ansible15:53
jamesdentonevrardjp do we know if anyone has done an implementation and peered with an external router?15:54
openstackgerritKevin Carter (cloudnull) proposed openstack/openstack-ansible-repo_server: Convert role testing to use Ansible 2.1.1  https://review.openstack.org/36978215:54
evrardjpjamesdenton: guess what15:54
evrardjpwe have docs for that!15:54
evrardjphttp://docs.openstack.org/developer/openstack-ansible-os_neutron/configure-network-services.html#bgp-dynamic-routing-service-optional15:54
openstackgerritKevin Carter (cloudnull) proposed openstack/openstack-ansible-os_ceilometer: Ansible 2.1.1 role testing  https://review.openstack.org/35356115:55
jamesdentonevrardjp good deal! i'll mess around with it and try and make it go. thanks for the pointers!15:55
openstackgerritKevin Carter (cloudnull) proposed openstack/openstack-ansible-os_sahara: Convert role testing to use Ansible 2.1.1  https://review.openstack.org/35361215:55
evrardjpjamesdenton: well I never tried myself , but don't hesitate to ping15:56
evrardjpme15:56
jamesdentonsure15:56
jamesdentonthanks!15:56
openstackgerritTravis Truman (automagically) proposed openstack/openstack-ansible-repo_build: Ansible 2.1.1 role testing  https://review.openstack.org/37024515:57
evrardjpjamesdenton: I think the doc is too simple, there is probably a patchset or two to be done there :15:58
evrardjp:p15:58
jamesdentonyeah i don't see any mention of neutron_bgp: True15:58
jamesdentonbut i'll figure it out15:58
openstackgerritKevin Carter (cloudnull) proposed openstack/openstack-ansible-os_keystone: Add role linking to tox tests  https://review.openstack.org/37024615:58
openstackgerritAlexandra Settle proposed openstack/openstack-ansible: [docs] Merge install guide configure content into a single page  https://review.openstack.org/36966515:59
automagicallycloudnull: The role link changes are because of the ordering of items within the ANSIBLE_ROLE_PATH var correct?16:01
openstackgerritKevin Carter (cloudnull) proposed openstack/openstack-ansible-os_zaqar: Add role linking to tox tests  https://review.openstack.org/37024816:01
automagicallyi.e. there is some risk that the role could be found in the first path16:01
openstackgerritSteve Lewis (stevelle) proposed openstack/openstack-ansible: Configure Ceilometer middleware for Gnocchi-Swift  https://review.openstack.org/36627916:01
cloudnullyes.16:01
automagicallyNice catch, subtle problem that would cause some real issues if triggered16:01
cloudnullalso if there's an existing clone of the role on the disk it'll use that instead16:01
cloudnullso yea, it's a minimal rick16:02
cloudnull*risk16:02
cloudnullbut could cause some issues.16:02
cloudnullalso some of our changes already have it16:02
cloudnulli was just doing an audit to make sure they all do16:02
openstackgerritKevin Carter (cloudnull) proposed openstack/openstack-ansible-os_zaqar: Add role linking to tox tests  https://review.openstack.org/37024816:03
openstackgerritKevin Carter (cloudnull) proposed openstack/openstack-ansible-os_barbican: Ansible 2.1.1 role testing  https://review.openstack.org/35356716:04
evrardjpjamesdenton: apparently you don't have to set the variable, it's auto set if you follow the docs!16:04
openstackgerritKevin Carter (cloudnull) proposed openstack/openstack-ansible-os_designate: Ansible 2.1.1 role testing  https://review.openstack.org/35358716:06
openstackgerritKevin Carter (cloudnull) proposed openstack/openstack-ansible-os_rally: Add role linking to tox tests  https://review.openstack.org/37025316:07
openstackgerritKevin Carter (cloudnull) proposed openstack/openstack-ansible-os_cinder: Ansible 2.1.1 update  https://review.openstack.org/35356916:08
*** rk4n has quit IRC16:08
*** TxGirlGeek has quit IRC16:09
openstackgerritKevin Carter (cloudnull) proposed openstack/openstack-ansible-os_neutron: Ansible 2.1.1 role testing  https://review.openstack.org/35360816:09
openstackgerritKevin Carter (cloudnull) proposed openstack/openstack-ansible-os_gnocchi: Ansible 2.1.1 role testing  https://review.openstack.org/35359016:09
*** TxGirlGeek has joined #openstack-ansible16:09
openstackgerritKevin Carter (cloudnull) proposed openstack/openstack-ansible-os_horizon: Ansible 2.1.1 role testing  https://review.openstack.org/35359616:10
palendaeodyssey4me, https://github.com/openstack/openstack-ansible/blob/master/playbooks/inventory/dynamic_inventory.py#L323-L327 is the line that's adding entries to the _all groups16:10
openstackgerritKevin Carter (cloudnull) proposed openstack/openstack-ansible-memcached_server: Add role linking to tox tests  https://review.openstack.org/37026116:11
openstackgerritKevin Carter (cloudnull) proposed openstack/openstack-ansible-os_tempest: Ansible 2.1.x role testing  https://review.openstack.org/35361616:12
*** galstrom_zzz is now known as galstrom16:12
cloudnullso automagically so i think that covers all of them now.16:12
*** TxGirlGeek has quit IRC16:13
hughmFLEXinhmm even with flat, cant seem to create the external network16:13
odyssey4mepalendae and I see the _all group name assumption here: https://github.com/openstack/openstack-ansible/blob/master/playbooks/inventory/dynamic_inventory.py#L29416:14
palendaeRight16:14
*** TxGirlGeek has joined #openstack-ansible16:14
palendaeIt's doing the right thing for neutron16:14
palendaeBut neutron has neutron_all and network_all16:14
palendaeKeystone has keystone_all and identity_all16:14
odyssey4meyep, as long as the physical grouop names are different, it works16:14
odyssey4mehmm, it has both names... that tells us something16:15
palendaeBoth names?16:15
jamesdentonhughmFLEXin what is the error?16:15
odyssey4meso there must be a collision between the component/container_skel names and the physical_skel name16:15
hughmFLEXinjamesdenton: Error: Failed to create network admin_floating_net16:16
palendaeMost likely16:16
odyssey4methis is why they have to, right now, be different16:16
jamesdentonhughmFLEXin very descriptive :)16:16
hughmFLEXinjamesdenton: i know right16:16
palendaeSimilar to what I was saying for haproxy, but differnt keys16:16
hughmFLEXinjamesdenton: cli doesn't help either, it throws up ssl error16:16
jamesdentonhughmFLEXin Ok that was from Horizon? Check the neutron server log. You ought to see the reason there16:17
odyssey4mepalendae yeah, there I understand what was going on - because we create a name based on the prefix before the '_', and that clashed with a host name16:17
palendaeRight16:17
palendaeHere something else is colliding16:17
palendaeI'm not exactly sure what though16:17
odyssey4melemme write this up as a bug at least16:17
odyssey4meI know how to progress my patch, but it is going to require implementing some group names I'd rather do without.16:18
jamesdentonhughmFLEXin If you're getting SSL errors with CLI, try 'neutron --insecure <command'16:18
odyssey4meIf we can find a solution before release, that'd be great - because then we don't have to carry the names for a cycle.16:18
hughmFLEXinjamesdenton: tried that too16:18
palendaeI'll poke at it16:18
hughmFLEXinConnection failure that may be retried.16:18
hughmFLEXinEND return value: 116:18
odyssey4methanks palendae16:18
palendaeRaises concerns about https://review.openstack.org/#/c/369599/ though16:19
palendaeIn case someone wants to name a group 'lxc_hosts'16:19
hughmFLEXinjamesdenton: from neutron-server log https://gist.github.com/bbyhuy/d0ed9dc6b044a8f6f4e1b2cdc20280f716:19
palendaeBut I don't want people having to manually specify that, either, cause it's purely redundant16:19
jamesdentonhughmFLEXin checking...16:19
*** TxGirlGeek has quit IRC16:20
odyssey4mepalendae I would recommend adding a check for that, and erroring out if someone has that name specified in any configs16:20
palendaeYeah16:20
odyssey4meit should be a dynamic group, only - and never overwritteb16:20
odyssey4me*overwritten16:20
*** TxGirlGeek has joined #openstack-ansible16:20
jamesdentonhughmFLEXin that's it? It appears both Horizon and CLI are unable to properly communicate with Neutron API i guess?16:20
jamesdentonhughmFLEXin I assume only your public endpoints are HTTPS? Can you confirm with 'openstack endpoint list'? If so, check to see that the openrc file you're using has OS_ENDPOINT_TYPE set to 'internalURL' and not public. Does the 'net-list' command work OK?16:22
hughmFLEXinexport OS_AUTH_URL=http://172.29.236.10:5000/v316:23
jamesdentonWhat about OS_ENDPOINT_TYPE16:23
hughmFLEXininternalURL16:24
hughmFLEXinopenstack user list works, network list gives ssl error16:24
openstackgerritMerged openstack/openstack-ansible: [docs] Merge install guide configure content into a single page  https://review.openstack.org/36966516:24
*** karimb has quit IRC16:25
*** dragonmaster has joined #openstack-ansible16:25
*** hybridpollo has joined #openstack-ansible16:26
*** TxGirlGeek has quit IRC16:26
jamesdentondo you mind posting that ssl error somewhere?16:27
*** TxGirlGeek has joined #openstack-ansible16:27
hughmFLEXinjamesdenton: its super descriptive....not...https://gist.github.com/bbyhuy/f3d87785a60a3be35b7786842409177f16:27
jamesdentonhmm, try the neutron client instead16:28
jamesdenton'neutron net-list'16:28
hughmFLEXinah that one actually worked16:29
openstackgerritTravis Truman (automagically) proposed openstack/openstack-ansible-tests: Fix container destroy host group  https://review.openstack.org/37028216:29
jamesdentontry creating your external provider network with the neutron client16:30
kylek3hodyssey4me: Do you have time for a os_trove question?16:30
jamesdentonhughmFLEXin I don't know that all features have been baked into openstack client yet for networking. I, too, get the SSL error in v1416:30
*** TxGirlGeek has quit IRC16:32
*** TxGirlGeek has joined #openstack-ansible16:33
odyssey4mekylek3h sure16:33
odyssey4mepalendae https://bugs.launchpad.net/openstack-ansible/+bug/162358416:33
openstackLaunchpad bug 1623584 in openstack-ansible "Dynamic inventory clash between host group name and container group name" [Undecided,New]16:33
palendaeThanks16:33
odyssey4menot sure if the title is a good description, feel free to change at will16:33
kylek3hodyssey4me: I started playing around it with and I'm finding a lot of issues...is it actively being developed?16:34
odyssey4meI've noted the sample config to replicate it, the expected output and also the workaround with its output16:34
odyssey4mekylek3h yeah, it has basically just been started and has the basic plumbing down16:34
kylek3hodyssey4me: Ok..is it for Newton or Ocata?16:34
odyssey4meso it's open for patches by anyone who wants to see it included in Ocata16:34
odyssey4meyeah, it's way too late to get it into Newton - it needs to be integrated by Ocata Milestone 2 to be released in Ocata16:35
hughmFLEXinjamesdenton: ah much more helpful16:35
*** retreved has quit IRC16:35
hughmFLEXinBadRequest: Invalid input for operation: Flat provider networks are disabled.16:35
kylek3hok, i can throw up a few patches for what I've seen but i haven't gotten it all working in an AIO yet.16:35
kylek3hthe patches would be baby steps16:35
odyssey4mekylek3h that'd be fantastic :) ideally we can get it up and working with functional testing ASAP16:36
cloudnullkylek3h: doit()16:36
odyssey4me++16:36
kylek3hsure...i'll just have to find good points to break off a review...got a lot of patches now.16:36
kylek3hthanks for the info.16:36
*** TxGirlGeek has quit IRC16:37
*** TxGirlGeek has joined #openstack-ansible16:38
*** kylek3h is now known as kylek3h_away16:38
jamesdentonhughmFLEXin yeah, it's probably either that the configuration wasn't laid down in ml2 config or neutron server didn't get restarted. In the ml2_conf.ini in server container you should see '[ml2]\n type_drivers = flat,vlan,vxlan' or some combination. Flat should be there. Then you would see '[ml2_type_flat]\n flat_networks = *'16:39
jamesdentonwithout that it won't work16:39
jamesdentonneutron server service may need to be restarted for the changes to take effect16:39
hughmFLEXinjamesdenton: alright let me make the changes and see what happens16:40
hughmFLEXinjamesdenton: so the type_drivers is there16:41
*** Matias has quit IRC16:41
hughmFLEXinbut the flat_networks = is missing the asterisk16:41
jamesdentonok. so you would either need to specify the wildcard or the name(s) of the provider bridge labels that have been defined16:41
openstackgerritMatt Thompson proposed openstack/openstack-ansible-ceph_client: Restart OS services when symlinks are created  https://review.openstack.org/37029616:42
*** TxGirlGeek has quit IRC16:42
automagicallyWould like to get https://review.openstack.org/#/c/370282/ reviewed and merged as its blocking getting rabbitmq_server role testing up to Ansible 2.1.1 <— cloudnull and odyssey4me16:42
jamesdentoni'm sorry, i don't know the openstack-ansible overrides and bits offhand16:42
*** TxGirlGeek has joined #openstack-ansible16:42
jamesdentonhughmFLEXin also, here's the bug related to the openstack client issues: https://bugs.launchpad.net/python-openstackclient/+bug/159236816:42
openstackLaunchpad bug 1592368 in python-openstackclient "Endpoint type is ignored for network commands" [Undecided,Fix released] - Assigned to Stuart McLaren (stuart-mclaren)16:42
*** michaelgugino has quit IRC16:42
cloudnullautomagically: done16:42
openstackgerritJesse Pretorius (odyssey4me) proposed openstack/openstack-ansible: Implement scenario capability for AIO  https://review.openstack.org/36948516:42
jamesdentonit's ignoring the OS_INTERFACE override in the rc file. That override may also not be properly configured, though16:42
hughmFLEXinjamesdenton: would it be the net_name? or container_bridge?16:43
jamesdentonthat's a bug for another time with OSA16:43
jamesdentonno, it would be something similar to what's been defined for vlan. In fact, it would be the same label by default (ie. vlan)16:43
openstackgerritJesse Pretorius (odyssey4me) proposed openstack/openstack-ansible: Implement scenario capability for AIO  https://review.openstack.org/36948516:44
hughmFLEXinjamesdenton: awkwardly enough vlan only shows the vlan_ranges16:44
*** M00nr41n has joined #openstack-ansible16:44
jamesdentonhonestly, though, flat networks may be problematic. i have not used them, since on the compute nodes the br-vlan bridge is used and vlan subinterfaces hang off that and are placed into brq bridges. The bridge br-vlan, without tags, can['t be placed in another bridge16:45
jamesdentonyeah - vlan is just a name for what is effectively bond1 or whatever the actual provider interface is. That's why a wildcard will suffice. It means any provider label that is defined anywhere16:45
jamesdentonhughmFLEXin since you should now be able to create external network with the neutron client, try using a VLAN and see if that goes16:46
hughmFLEXininteresting, i tried net-create and used vlan and it worked16:46
openstackgerritJesse Pretorius (odyssey4me) proposed openstack/openstack-ansible: Implement scenario capability for AIO  https://review.openstack.org/36948516:46
hughmFLEXinwithout specifying seg_id16:46
jamesdentonyeah it's going to choose one from the range16:47
*** TxGirlGeek has quit IRC16:47
jamesdentonwhich may or may not be desirable behavior, depending on the circumstances16:47
openstackgerritJesse Pretorius (odyssey4me) proposed openstack/openstack-ansible: Implement scenario capability for AIO  https://review.openstack.org/36948516:47
jamesdentonIt's Complicatedâ„¢16:47
*** TxGirlGeek has joined #openstack-ansible16:47
hughmFLEXinjamesdenton: hah...looked up openstack in the thesasurus, Complicated was a synonym16:47
jamesdentonIt's flexible. :P16:48
hughmFLEXinjamesdenton: so the network is actually a little different than when I last spoke with you last week. When you gave me the interface file to throw everything on 1 eth16:48
jamesdentonoh right16:49
hughmFLEXineth3 (10g) is public outbound, while eth2(10g) is everything OSA16:49
openstackgerritMatt Thompson proposed openstack/openstack-ansible-ceph_client: Restart OS services when symlinks are created  https://review.openstack.org/37029616:49
odyssey4meautomagically cloudnull the role linking will actually make role test execution a bit easier16:50
hughmFLEXinso really the only difference is i left eth3 static ip in the interface file and threw yours below it16:50
odyssey4mewe can just target the role name as it normally is, instead of toxinidir16:50
automagicallyodyssey4me: Yeah, we should be able to remove the -e role_name business now16:50
odyssey4mewe should not that somewhere actually16:50
odyssey4me*note16:50
odyssey4mesomewhere in the test role16:51
odyssey4meie note that the execution of the role with the role name relies on the role link mechanism being in place via tox16:51
cloudnullodyssey4me: ++16:51
automagicallyLaunchPad wishlist bug?16:51
automagicallyI just opened https://bugs.launchpad.net/openstack-ansible/+bug/162359216:52
openstackLaunchpad bug 1623592 in openstack-ansible "RabbitMQ upgrade test should be a scenario test" [Wishlist,New]16:52
automagicallyCause there is a lot of cleanup stuff that we should really start tracking16:52
openstackgerritJean-Philippe Evrard proposed openstack/openstack-ansible-os_neutron: Add container logs to the build  https://review.openstack.org/37015016:53
openstackgerritMerged openstack/openstack-ansible-os_neutron: Update paste, policy and rootwrap configurations 2016-09-08  https://review.openstack.org/36752116:53
*** TxGirlGeek has quit IRC16:53
odyssey4meyeah, we should use bugs as TODO items, really16:54
jamesdentonhughmFLEXin and so far everything is OK? If eth3 is intended to be managed by Neutron, then you can't have a static IP on it. You can create eth3.vlan interfaces and put an IP on that, though. Then Neutron can create other vlan interfaces off that interface for provider networks16:54
*** TxGirlGeek has joined #openstack-ansible16:54
odyssey4medon't triage them, so the triage meeting exposes them to anyone looking for work16:54
*** galstrom is now known as galstrom_zzz16:54
automagicallyodyssey4me: Ah, fair enough16:54
automagicallyI put it back to Undecided16:55
*** jcannava has joined #openstack-ansible16:55
*** TxGirlGeek has quit IRC16:56
*** TxGirlGeek has joined #openstack-ansible16:57
hughmFLEXinjamesdenton: hmmm, if i was the networking guy i would have a smarter reply, unfortunately, ill have to wait for him to come in16:58
openstackgerritTravis Truman (automagically) proposed openstack/openstack-ansible-tests: Fix container destroy host group  https://review.openstack.org/37028216:58
cloudnullautomagically: done -- odyssey4me: ^16:59
odyssey4mehttps://bugs.launchpad.net/openstack-ansible/+bug/162359716:59
openstackLaunchpad bug 1623597 in openstack-ansible "[doc] Ensure that the reason for using the role link mechanism in role tests is documented" [Undecided,New]16:59
jamesdentonhughmFLEXin no worries. Sounds like you have somewhere to go now with the neutron client. Sorry Horizon isn;t working. What version are you using, anyway? v13?17:00
hughmFLEXin14b317:00
odyssey4meautomagically we should also add https://github.com/openstack/openstack-ansible/blob/master/playbooks/lxc-containers-destroy.yml#L4917:01
hughmFLEXinhorizon seems to work (except for creating that vlan network), im just 95% sure the VM's won't have connectivity17:01
odyssey4mealthough, I'm not entirely sure why we don't just grab the whole of https://github.com/openstack/openstack-ansible/blob/master/playbooks/lxc-containers-destroy.yml17:01
automagicallyodyssey4me: Good catch17:01
hughmFLEXinuploading images and all that jazz seem to be fine17:01
stevellecloudnull: any idea why this isn't working? https://review.openstack.org/#/c/366931 patch set 4 should have worked afaict but I might be blind to something obvious17:01
odyssey4methat said, why don't we just use the integrated repo's playbook17:01
jamesdentonhughmFLEXin Dangerous must be your middle name17:02
hughmFLEXinjamesdenton: the docs specify 14!17:02
hughmFLEXini told cloudnull that yesterday!17:02
irtermitecloudnull: lives too far in the future17:02
cloudnullodyssey4me: i think it needs to be http://cdn.pasteraw.com/6cxtwtadca2do7lw688xctobj6v0gl917:03
irtermitehe will never come back. we miss him in the now17:03
*** adrian_otto has quit IRC17:03
*** TxGirlGeek has quit IRC17:03
automagicallyodyssey4me: Yeah, good point. Maybe I’ll give a go. The downside is every test run will end up cloning the integrated repo17:03
automagicallyAFK for a bit17:03
cloudnullhughmFLEXin: we have docs per release though i dont believe openstack does a good job letting folks know that master == unstable17:04
cloudnullhttp://docs.openstack.org/developer/openstack-ansible/17:04
cloudnullif folsk just go to http://docs.openstack.org/developer/openstack-ansible/install-guide/index.html you get master17:05
cloudnullwhile stable is http://docs.openstack.org/developer/openstack-ansible/mitaka/17:05
openstackgerritMerged openstack/openstack-ansible-repo_server: Convert role testing to use Ansible 2.1.1  https://review.openstack.org/36978217:05
cloudnullasettle rromans: is there a banner header or something that can be added?17:05
irtermitecloudnull: I think hughmFLEXin is talking about "Replace TAG with the current stable release tag : 14.0.0.0b3"17:06
cloudnullwhen on master docs so folks know they're woking on unstable ?17:06
*** jperry has quit IRC17:06
odyssey4mestevelle I think you meant http://cdn.pasteraw.com/6cxtwtadca2do7lw688xctobj6v0gl9 for stevelle ?17:06
irtermitehttp://docs.openstack.org/developer/openstack-ansible/install-guide/deploymenthost.html17:06
cloudnullodyssey4me stevelle^17:06
*** weezS has joined #openstack-ansible17:06
*** jperry has joined #openstack-ansible17:06
stevellecloudnull: both syntax are supposed to work and I did have that inline syntax working when I modeled it :(17:07
cloudnullirtermite: i think that's generated http://docs.openstack.org/developer/openstack-ansible/install-guide/deploymenthost.html#installing-source-and-dependencies17:07
cloudnullstevelle: i think for 1.9 it works and 2.1 it doesn't17:07
irtermitegenerated or not... that's the (default) doc that pops up for people. If they don't know any better... they will follow.17:07
irtermite<317:07
hughmFLEXin</317:07
irtermitehahahaa17:07
irtermitewe broke hughmFLEXin17:08
cloudnullhttps://github.com/openstack/openstack-ansible/blob/master/doc/source/install-guide/deploymenthost.rst#installing-source-and-dependencies17:08
cloudnullirtermite: hughmFLEXin ^ that value just inherits whatever most recent tag is,17:08
irtermiteThe doc should probably have a second line that lists all versions?17:09
irtermiteone sec...17:09
cloudnullyea. something.17:09
asettlecloudnull: I actually think odyssey4me removed that banner17:09
hughmFLEXinyea...cloudnull didn't you file a bug on that yesterday17:09
asettleBut the docs aren't unstable? Or do you mean the branch is unstable17:10
asettleWhat flexy hughmFLEXin just said17:10
cloudnullodyssey4me: ^17:10
cloudnullI did17:10
cloudnulldocs are not unstable17:10
irtermitecloudnull: you filed already? I was about to grab, edit, pull...17:10
cloudnullthe checkout is17:10
cloudnullI filed a bug17:10
cloudnulli didn't fix it17:10
irtermitekk17:10
openstackgerritMerged openstack/openstack-ansible-os_zaqar: Add role linking to tox tests  https://review.openstack.org/37024817:11
asettlecloudnull: sorry, i'm not sure I understand your question/issue then17:11
*** Matias has joined #openstack-ansible17:11
cloudnullpeeople reading the docs from master take |my_conf_val| and try to use it17:11
cloudnullwhich in this case is 14.0.0.0b317:11
asettleOh *facepalm* right, right.17:11
cloudnullor the beta release of newton17:12
Matiasdid someone talk to me? my screen+weechat pack died17:12
irtermite^^ asettle so, you could leave that, but add a sub-note to use stable17:12
irtermiteand maybe even list others17:12
cloudnull^ the problem there is that others may not apply to the current docs17:12
irtermitefair17:13
cloudnullI think a banner or something similar to let folks know master docs == headache is a better solution17:13
asettleThat, exactly. So, I can add a note later. I'm probably about to leave work.17:13
irtermitethen, it should have both current and stable17:13
irtermiteoh nvm, that won't work17:13
irtermitethe rest of the doc won't make sense...17:13
irtermitehahaa I know...17:14
asettleEither odyssey4me will have a solution, or I'll implement one tonight :)17:14
cloudnullthanks asettle: go home :)17:14
asettlethanks cloudnull :)17:14
asettleI swear I'll do the thing with the note17:14
* asettle scribbles it on a post-it17:14
irtermiteThe headache banner should read... "You are about to deploy unstable. Please click {here} to escape this land and restart in stable land."17:14
asettleirtermite: you should write it ;)17:14
cloudnullasettle: no worries. whenever's clever17:15
irtermiteasettle: just cloned17:15
irtermitecan do17:15
asettleHAHAH OMG DONT WRITE "STABLE LAND" :P17:15
*** Attilla has quit IRC17:15
irtermiteheheheh17:15
irtermitebut, but but17:15
asettleHahahah you're fired from the docs role17:15
cloudnullhahahaha17:15
irtermitedang it17:16
asettleSo much promise *shakes head*17:16
irtermiterise so high so quick. fall harder17:16
cloudnullthat's my constant threat. someone write the docs or deal with the nonsense I create.17:16
irtermitecloudnull: so many times... so many times...17:17
asettlecloudnull: I mean, it works, it keeps me in a job.17:17
openstackgerritPaulo Matias proposed openstack/openstack-ansible-repo_build: Drop privileges before running the git clone script  https://review.openstack.org/36628017:17
asettleBut there is an awful lot of shit that happened pre-me.17:17
asettleOkay, I really gotta go. I can feel my bottom melding with the seat.17:17
asettleo/17:17
cloudnullhave a good one asettle17:17
*** asettle has quit IRC17:17
*** adrian_otto has joined #openstack-ansible17:17
*** asettle has joined #openstack-ansible17:18
openstackgerritMajor Hayden proposed openstack/openstack-ansible-security: [Docs] More cleanup  https://review.openstack.org/37021317:18
cloudnullodyssey4me: Matias: mgariepy: we may need a sudoers solution to make  https://review.openstack.org/366280 work17:19
*** adrian_otto has quit IRC17:19
cloudnullidk but potentially related.17:19
*** adrian_otto has joined #openstack-ansible17:20
Matiascloudnull: for the test?17:20
openstackgerritMerged openstack/openstack-ansible-os_aodh: Ansible 2.1.1 role testing  https://review.openstack.org/35356317:20
cloudnullto use become on cent systems may require a tty17:20
cloudnullwhich is dropped by default.17:20
cloudnullit might work out of the box17:21
cloudnullwe we're just talking about it this morning though17:21
evrardjphttps://review.openstack.org/#/c/370150/17:21
cloudnullevrardjp: can we add that to the common tests repo ?17:22
cloudnullso that it happens for all of the containers we create?17:22
*** jlockwood has joined #openstack-ansible17:22
evrardjpcloudnull: I just asked this question a little above17:22
openstackgerritMajor Hayden proposed openstack/openstack-ansible-ops: Remove osa-differ  https://review.openstack.org/37023417:22
cloudnulloh , i missed it sorry17:23
evrardjpcloudnull: I think it could work if we never override this17:23
hughmFLEXincloudnull: https://s12.postimg.org/3m9h615m5/Screen_Shot_2016_09_14_at_10_18_13_AM.png17:23
evrardjpno my bad it was just one question that disappeared in the flow17:23
evrardjpso17:23
evrardjpeither we do a include in the tests repo17:23
cloudnullhughmFLEXin: great success!17:23
cloudnull:)17:23
openstackgerritMajor Hayden proposed openstack/openstack-ansible-ops: Remove osa-differ  https://review.openstack.org/37023417:23
evrardjpbut then no override in each role17:23
hughmFLEXinunfortunately won't have external access, but this is a good first step lol17:24
odyssey4mecloudnull yeah, I asked evrardjp to work on that in the os_neutron repo so long so that we can diagnose the issue - if we could push a patch for the common tests repo and consume it for all container setups then that would be amazing17:24
cloudnullevrardjp: we can add it to the tests repo as a test-var17:24
*** TxGirlGeek has joined #openstack-ansible17:24
evrardjp(except if we go through a different variable name, which starts to be ugly)17:24
odyssey4meyeah, actually, that could work17:24
hughmFLEXincloudnull: Matias: jamesdenton: thanks for all the help though17:24
evrardjpcloudnull: yes, that was my first thought17:24
openstackgerritAdam Reznechek proposed openstack/openstack-ansible-os_nova: Update PowerVM driver documentation  https://review.openstack.org/36462717:24
evrardjpthat's why I asked: do you think we would have to override that at some point for a role17:25
evrardjpthen I thought of many different weird shit to overlap inventories17:25
odyssey4meno, but if we do - then we can always override with the inclusion of the default content17:25
jamesdentonhughmFLEXin no problem. Good luck living on the edge! ;)17:25
openstackgerritAdam Reznechek proposed openstack/openstack-ansible-os_nova: [DOCS] Update PowerVM driver documentation  https://review.openstack.org/36462717:25
odyssey4mewe already have a mechanism for the centralised tests to override those test vars17:25
odyssey4meit just uses -e for CLI overrides17:26
evrardjpyes, fine for me17:26
*** asettle has quit IRC17:26
evrardjpso I'll put that in test repo too17:26
odyssey4meif we need something more complex than that, let's cross that bridge when we get there17:26
odyssey4methe idea is to keep things as simple as possible to make it easy to use17:26
cloudnullyea i think adding it to test-vars.yml makes sense.17:27
cloudnullwhich will pick up logs for all containers as we move tests to that rep o17:27
openstackgerritMerged openstack/openstack-ansible-ceph_client: Restart OS services when symlinks are created  https://review.openstack.org/37029617:28
cloudnullodyssey4me: https://review.openstack.org/#/c/370253/17:28
cloudnullautomagically:  ^17:28
cloudnullfor the role linking bits17:28
hughmFLEXinjamesdenton: have you configured any setups where one of the eth interfaces are taken up by PXE?17:29
MatiashughmFLEXin: I have PXE running in the same interface as br-mgmt17:30
openstackgerritMerged openstack/openstack-ansible-memcached_server: Add role linking to tox tests  https://review.openstack.org/37026117:31
hughmFLEXinMatias: is your pxe also providing the dhcp for external connectivity?17:31
MatiashughmFLEXin: yes17:31
cloudnullin my setup i have pxe running on em117:31
jamesdentonhughmFLEXin yeah it should be a problem to have that same interface (or vlan interface) handle DHCP/TFTP17:31
jamesdenton*should NOT be a problem, rather17:32
hughmFLEXinhm well fk17:33
MatiashughmFLEXin: https://web-dev.ufscar.br/0bin/paste/EcjpfjGN#yeXZbAvmrJaaOG6t5Ku2jgeSLvJlqPZy94s6wMgQmfs17:34
*** adrian_otto has quit IRC17:34
jamesdentonWhatever VLAN is used for PXE must be the native VLAN to the PXE client17:34
jamesdenton(in most cases, anyway)17:35
*** michaelgugino has joined #openstack-ansible17:35
hughmFLEXinMatias: how is your br-ex being utilized?17:38
MatiashughmFLEXin: I use it to add the external network to neutron17:38
openstackgerritJean-Philippe Evrard proposed openstack/openstack-ansible-os_neutron: [DO NOT MERGE] More logging for neutron  https://review.openstack.org/37033517:39
Matiasneutron net-create --provider:network_type flat --provider:physical_network external --router:external=True public17:39
hughmFLEXinah so you defined br-ex in your global overrides for flat?17:39
Matiasbr-ex is declared as a flat network, named external, in provider_networks (openstack_user_config.yml)17:39
Matiasyes17:40
hughmFLEXinnamed == net_name?17:40
Matiasyes17:40
hughmFLEXindoood its all starting to make sense17:40
MatiashughmFLEXin: http://paste.openstack.org/show/576306/17:41
* hughmFLEXin sobs quietly17:41
openstackgerritKevin Carter (cloudnull) proposed openstack/openstack-ansible: Remove assumption that the neutron_lbaas var is set  https://review.openstack.org/36890517:41
jamesdentonMatias I assume that the br-bgp bridge is used for a dedicated peering network for Neutron BGP?17:42
*** michaelgugino has quit IRC17:42
Matiasjamesdenton: yes17:42
openstackgerritMerged openstack/openstack-ansible-os_nova: [DOCS] Update PowerVM driver documentation  https://review.openstack.org/36462717:42
*** michaelgugino has joined #openstack-ansible17:43
jamesdentongreat. I was intending on doing to same thing. Didn't see any docs related to that configuration, necessarily. Do you know of anything?17:43
Matiasjamesdenton: I followed this docs when setting up: https://cloudbau.github.io/openstack/neutron/networking/2016/05/17/neutron-ipv6.html17:43
Matiasyou can ask if you need any detail17:43
jamesdentonok fair enough. And you just added the OSA bits to get the interface in the agents container17:44
Matiasin my case, I'm setting up the eth13 ip address using a custom playbook I run after OSA, because we are setting up an ipv6 address for it17:44
jamesdenton<thumbs up>17:44
Matiaswhich is not supported by the current inventory script17:44
openstackgerritMerged openstack/openstack-ansible-repo_build: Ansible 2.1.1 role testing  https://review.openstack.org/37024517:44
Matiasbut you could just use an ipv4 address17:45
*** thorst_ has quit IRC17:45
Matiasin this case you could just use ip_from_q in provider_networks17:45
Matiasand declare a queue with a small range17:45
hughmFLEXinman...people willingly want to be networking engineers?17:46
*** thorst_ has joined #openstack-ansible17:46
jamesdentonMatias is there only 1 speaker that can advertise the networks? Is it one speaker per scope? Or do you know if you can configure multiple speakers for HA17:46
Matiasjamesdenton: http://paste.openstack.org/show/576307/17:46
Matiasthe last line setups it for HA17:47
Matias3 speakers in my case17:47
jamesdentonyeah i was intending on creating a new cidr and everything17:47
evrardjpMatias: would you mind submitting this to the docs?17:47
Matiasheck17:47
MatiasI will need to change the bgp session password17:47
jamesdentonperfect17:47
Matiasjust published it17:47
MatiasLOL17:47
jamesdentonlol17:47
evrardjpshit lol17:47
* jamesdenton promises to forget17:47
Matiaspaste.openstack.org will never forget :P17:48
evrardjptrue17:48
jamesdentonnice work Matias. I haven't gotten that far into it :(17:48
Matiasevrardjp: I submitted a link to the cloudbau doc to the docs17:48
evrardjphave fun with the change of passwords :p17:48
MatiasI was going to write up my own experience later, but the only difference is the multiple speaker setup, I think17:49
* odyssey4me enters the password into is dictionaries :)17:49
Matiaswhich is just adding more than one speaker17:49
jamesdentonyeah. but what could also be helpful is the peer-side configuration too, depending on what you're using. And of course your openstack_user_config changes and playbook runs17:50
jamesdentonthere's a lot of hand-wavey black magic docs out there17:50
*** retreved has joined #openstack-ansible17:50
openstackgerritJesse Pretorius (odyssey4me) proposed openstack/openstack-ansible: Implement scenario capability for AIO  https://review.openstack.org/36948517:51
*** electrofelix has quit IRC17:51
* jamesdenton commissions Matias for Neutron book v317:51
Matias179/tcp closed bgp17:51
Matiasyokatta ne17:52
Matiasthe bgp port is not open for the external world :P17:52
Matiasthe password is just additional security17:52
hughmFLEXinif i have br-vxlan set as the internal network in horizon, technically i should be able to ping from one of the controller nodes right?17:54
*** adrian_otto has joined #openstack-ansible17:54
*** thorst_ has quit IRC17:54
Matiascloudnull: http://logs.openstack.org/80/366280/3/check/gate-openstack-ansible-repo_build-ansible-func-ubuntu-trusty/012f4bb/console.html17:55
Matiasops17:55
Matiascloudnull: http://logs.openstack.org/80/366280/3/check/gate-openstack-ansible-repo_build-ansible-func-ubuntu-trusty/012f4bb/console.html#_2016-09-14_17_32_04_60140517:55
Matias"sudo: unknown user: {{" this is funny, it is not even trying to replace for the variable17:56
MatiasI wonder if including the variable in test-vars.yml would help17:56
openstackgerritMerged openstack/openstack-ansible-os_rally: Add role linking to tox tests  https://review.openstack.org/37025317:58
odyssey4meMatias yes, if you're doing that in the test-install-server.yml playbook (which doesn't know the role defaults), then you must17:58
odyssey4meMatias but ideally that fix should work without touching the playbook, surely?17:58
odyssey4meanyway, keep on trucking - let's see if we can find a solution there17:59
*** rk4n has joined #openstack-ansible18:00
Matiasodyssey4me: it's because the playbook precaches 2 git repos as root after running repo_server18:00
Matiasunless I move them to be precached before repo_server18:00
odyssey4meMatias yep - and that is how we do it in the integrated repo too18:00
odyssey4meMatias if there's a pre-cached git folder on the host, we bind mount it: https://github.com/openstack/openstack-ansible/blob/master/playbooks/repo-server.yml#L3918:01
Matiasodyssey4me: the cloudnull's permission fix is done in the repo_server role, it needs to be run before repo_install if there any git repos owner by root18:01
*** adrian_otto has quit IRC18:01
Matiasif there are *18:02
Matiasowned by root*18:02
odyssey4meMatias then we either symlink it or synchronise it - depending on the location of the git repo cache: https://github.com/openstack/openstack-ansible/blob/master/playbooks/repo-build.yml#L81-L10118:02
*** adrian_otto has joined #openstack-ansible18:02
odyssey4methe repo_server role is executed before repo_build18:02
*** BjoernT has quit IRC18:03
*** drifterza has joined #openstack-ansible18:03
Matiasodyssey4me: in test-install-server.yml, it is not18:04
odyssey4meMatias ah, I see in the tests for repo_build we don't do it in the same order18:04
Matiasyep18:04
Matiasthe precache is in the post_tasks18:04
odyssey4meMatias ok, then perhaps we should rather move those tasks to pre_tasks18:04
Matiasok, let me try18:04
stevelleodyssey4me: for changes on the "shared-apache-host" topic is that something you expect to merge for Newton?18:04
MatiasI will use the infra to run the tests18:04
* Matias lazy to run them locally18:04
odyssey4meMatias ah no - I see what those tests were for and where they're targeting... your approach is right18:04
odyssey4mestevelle not highly motivated, no - but if you want to get them in then you can happily motivate them along18:05
stevelleodyssey4me: just checking because I may introduce another use of mod_wsgi in Newton b/c of upstream changes18:05
stevelledidn't want to pile on ork18:05
cloudnullautomagically: are you working on any of these currently https://review.openstack.org/#/q/status:open+topic:bp/ansible-2-1-support ?18:05
*** retreved has quit IRC18:05
Matiasodyssey4me: which of the approaches is right? post_tasks with become or pre_tasks?18:06
odyssey4mestevelle no worries - do your thing, I'll rvise my patches at a later time18:06
cloudnulli wanted to help out in getting more of those up and running and dont want to step on works in progress.18:06
*** retreved has joined #openstack-ansible18:06
odyssey4mecloudnull I think that andymccr mentioned that he's working on nova & swift18:07
cloudnullok18:07
odyssey4mebut he's trying to solve the centos networking issue at the same time18:07
odyssey4meMatias leave the patch as is - just add the var to the test vars so that the playbook knows which user to use18:09
*** rk4n has quit IRC18:09
*** adrian_otto has quit IRC18:10
openstackgerritSteve Lewis (stevelle) proposed openstack/openstack-ansible-os_ceilometer: Serve the ceilometer-api using mod_wsgi  https://review.openstack.org/37035218:10
*** rk4n has joined #openstack-ansible18:10
*** adrian_otto has joined #openstack-ansible18:11
openstackgerritKevin Carter (cloudnull) proposed openstack/openstack-ansible-lxc_container_create: Change the container prep using more intelligent commands  https://review.openstack.org/35412018:12
*** rk4n has quit IRC18:12
*** drifterza has quit IRC18:13
openstackgerritKevin Carter (cloudnull) proposed openstack/openstack-ansible-lxc_container_create: Change the container prep using more intelligent commands  https://review.openstack.org/35412018:13
*** poopcat has quit IRC18:18
*** galstrom_zzz is now known as galstrom18:19
*** itsuugo has quit IRC18:19
*** poopcat has joined #openstack-ansible18:19
*** itsuugo has joined #openstack-ansible18:20
openstackgerritJean-Philippe Evrard proposed openstack/openstack-ansible-os_neutron: [DO NOT MERGE] More logging for neutron  https://review.openstack.org/37033518:21
openstackgerritJesse Pretorius (odyssey4me) proposed openstack/openstack-ansible: Add -t option to create a pseudo TTY  https://review.openstack.org/37019718:21
*** galstrom is now known as galstrom_zzz18:21
odyssey4meMatias want me to tweak https://review.openstack.org/366280 for you?18:23
openstackgerritPaulo Matias proposed openstack/openstack-ansible-repo_build: Drop privileges before running the git clone script  https://review.openstack.org/36628018:24
odyssey4meah, you did it already18:24
Matiasodyssey4me: if this time it doesn't work feel free to fix, please18:25
*** retreved has quit IRC18:26
odyssey4meandymccr take a peek at https://review.openstack.org/#/c/354120/ for some ideas regarding the tests play for network setup18:29
odyssey4mecloudnull did you see the regressions mentioned in https://review.openstack.org/365458 ?18:31
cloudnullno18:32
cloudnullhttps://review.openstack.org/#/c/363022/ that was with this change18:33
cloudnull?18:33
cloudnullrather after that change?18:33
odyssey4mecloudnull nope - that issue was in a previous change18:33
odyssey4mecloudnull that's why I didn't block that patch due to that regression18:34
cloudnullok18:36
cloudnullso the regression was before then18:36
* cloudnull looking18:36
odyssey4meI suspect https://github.com/openstack/openstack-ansible-plugins/commit/c8e25f50e4e5bf4ed6071745542de334a7dc80bd, considering that we had to do https://github.com/openstack/openstack-ansible-plugins/commit/523afbd0142dcb40ef3265499944f178c601dddf immediately after it18:38
openstackgerritMerged openstack/openstack-ansible-os_keystone: Add role linking to tox tests  https://review.openstack.org/37024618:40
odyssey4meMatias good news, I see that https://review.openstack.org/366280 has passed 2 of 3 func tests - the other one is just waiting for a node18:44
odyssey4mecloudnull ^ you may wish to re-add your vote there18:44
hughmFLEXinMatias: do you think there is anyway i can salvage the current deployment, maybe do some magic on the network switch?18:45
openstackgerritMerged openstack/openstack-ansible: Configure Ceilometer middleware for Gnocchi-Swift  https://review.openstack.org/36627918:49
*** jwitko has quit IRC18:49
*** hughmFLEXin has quit IRC18:50
odyssey4meanyone around that can respond on the openstack-dev ML about http://lists.openstack.org/pipermail/openstack-dev/2016-September/103671.html ?18:51
*** hughmFLEXin has joined #openstack-ansible18:52
*** thorst_ has joined #openstack-ansible18:53
cloudnullodyssey4me: yes he'll need to redeploy18:54
cloudnulli can reply later today.18:54
cloudnullright now im looking into the plugin issues18:54
odyssey4meawesome, thanks cloudnull18:54
cloudnullif cinder volumes are running in containers and they need to attach to isci that wont work18:55
odyssey4meyep, we recently added notes all over the place about that, but I don't think we backported them to Mitaka18:55
stevelleMatias: https://review.openstack.org/#/c/366279/ merged. Thanks for poking the bear :)18:55
*** thorst_ has quit IRC19:00
openstackgerritSteve Lewis (stevelle) proposed openstack/openstack-ansible-os_ceilometer: WIP Serve the ceilometer-api using mod_wsgi  https://review.openstack.org/37035219:00
*** e-vad has quit IRC19:02
*** AnarchyAo has joined #openstack-ansible19:03
cloudnullodyssey4me: do we have a bug for the regression ?19:05
*** TxGirlGeek has quit IRC19:05
cloudnullalso we may need to backport the fix19:05
openstackgerritKevin Carter (cloudnull) proposed openstack/openstack-ansible-plugins: Fix regression for proprietary packages  https://review.openstack.org/37038419:06
odyssey4mecloudnull no we don't have a bug for it19:07
cloudnullok19:07
cloudnull^ fix if you dont mind giving that a spin19:07
odyssey4melemme test that out19:07
*** pcaruana has joined #openstack-ansible19:07
odyssey4mecloudnull oh actually we do have a bug for it19:08
odyssey4mecloudnull  https://bugs.launchpad.net/openstack-ansible/+bug/162227519:09
openstackLaunchpad bug 1622275 in openstack-ansible "repo_build_wheel_selective: no breaks repo_build" [High,Confirmed] - Assigned to Jesse Pretorius (jesse-pretorius)19:09
odyssey4meshall I tweak the commit msg quickly19:09
odyssey4me?19:09
cloudnullgo right ahead19:09
openstackgerritJesse Pretorius (odyssey4me) proposed openstack/openstack-ansible-plugins: Fix regression for proprietary packages  https://review.openstack.org/37038419:09
*** kylek3h_away is now known as kylek3h19:19
openstackgerritMerged openstack/openstack-ansible-repo_build: Drop privileges before running the git clone script  https://review.openstack.org/36628019:19
odyssey4meMatias ^ w00t - thanks for figuring that out and helping get it right!19:19
odyssey4mecloudnull when you have a bit of time, please take a look through https://review.openstack.org/369485 - to try and combat the consistent timeouts I'd like to break apart the current integrated job a bit and need that to proceed19:22
*** adrian_otto has quit IRC19:22
odyssey4mejmccrory automagically cloudnull d34dh0r53 stevelle mattt19:24
odyssey4mehughsaunders andymccr mhayden evrardjp asettle rromans the RC1 deadline submission is tomorrow, so we need everything ready to do a role pin by the US morning to ensure that we can merge it in time for a release request by COB19:24
*** sdake_ has joined #openstack-ansible19:29
openstackgerritJesse Pretorius (odyssey4me) proposed openstack/openstack-ansible-repo_build: Update py_pkgs output data for binary package lookup  https://review.openstack.org/36545819:31
*** sdake has quit IRC19:33
openstackgerritJesse Pretorius (odyssey4me) proposed openstack/openstack-ansible-repo_build: Update py_pkgs output data for binary package lookup  https://review.openstack.org/36545819:33
mgariepycloudnull, odyssey4me, mhayden http://paste.openstack.org/show/576315/19:34
mgariepy-t doesnt do the job afterall...19:34
mgariepyopps, need to remove -T..19:35
odyssey4mecloudnull yes, that does it - very happy - can you review https://review.openstack.org/365458 as it's now final19:35
odyssey4mewe need another core review on https://review.openstack.org/370384 to fix the regression please19:36
openstackgerritNish Patwa(nishpatwa_) proposed openstack/openstack-ansible: [DOCS] Added HAProxy example to Production environment document.  https://review.openstack.org/37018719:40
*** dragonmaster has quit IRC19:42
*** asettle has joined #openstack-ansible19:43
openstackgerritSteve Lewis (stevelle) proposed openstack/openstack-ansible-os_ceilometer: WIP Serve the ceilometer-api using mod_wsgi  https://review.openstack.org/37035219:46
SamYapleCan I get some help with this issue? http://paste.openstack.org/show/576318/ . not sure where to start troubleshooting further now19:48
SamYapleLiberty, 12.2.319:48
*** hughmFLEXin has quit IRC19:48
mgariepystill doesn't work whitout the -T (and the socket being kill for ssh.) http://paste.openstack.org/show/576319/19:48
openstackgerritMerged openstack/openstack-ansible-plugins: Fix regression for proprietary packages  https://review.openstack.org/37038419:48
*** hughmFLEXin has joined #openstack-ansible19:48
openstackgerritLogan V proposed openstack/openstack-ansible: Aodh should inherit service_region  https://review.openstack.org/37040519:50
*** johnmilton has quit IRC19:53
*** can8dnSix has joined #openstack-ansible19:55
*** thorst_ has joined #openstack-ansible19:58
*** pcaruana has quit IRC20:00
openstackgerritMerged openstack/openstack-ansible-security: [Docs] More cleanup  https://review.openstack.org/37021320:00
cloudnullmgariepy: bummer about -t20:04
*** thorst_ has quit IRC20:04
cloudnullso then I guess the next best option is to update the base lxc container image and update the openstack-hosts repo to ensure the requiretty option is removed20:05
*** pjm6 has quit IRC20:05
*** gouthamr has quit IRC20:07
*** can8dnSix has quit IRC20:08
*** e-vad has joined #openstack-ansible20:10
*** can8dnSix has joined #openstack-ansible20:13
*** Attilla has joined #openstack-ansible20:14
odyssey4meSamYaple it looks like you're using Ansible 2.x with Liberty?20:17
openstackgerritMerged openstack/openstack-ansible: Add collect_statistics_interval, rates_mode in rabbitmq.config template  https://review.openstack.org/36304620:17
SamYapleodyssey4me: oh I am not sure. is that no a thing? let me check20:17
odyssey4meSamYaple yeah, Ansible 2.x is only supported from Newton forward - Liberty/Mitaka need Ansible 1.9.420:18
SamYapleodyssey4me: let me check if thats what the env is using20:18
odyssey4meSamYaple the actual failure though is a mismatch between the repo's wheels and the requirements of the component it's trying to build a venv for (Ironic)20:19
odyssey4meSamYaple ie Ironic needs things that aren't provided in the Liberty u-c file, or something to that affect - are you using a mix of versions? something like Liberty OSA with Mitaka Ironic?20:19
SamYapleodyssey4me: not intentionally I promise20:21
SamYaplebut this is a recycled lab, so probably20:21
odyssey4meSamYaple when using the repo, you have to ensure that the upstream branch versions are the same and the SHA's are from that branch... if you want to use a later branch service then you have to activate developer_mode for that service so that there is no venv built for it... and even then I'm not sure that it'll work (untested code path)20:21
SamYaplealso, am using ansible 2.x, will roll back20:21
michaelguginois anyone else here having issues running tox on OSX?20:22
odyssey4meyeh, Ansible 2.x *might* work - but it's an untested set and we've done a ton of stuff for Ansible 2.1 to work - so it's probably best not to go there20:22
michaelguginopip is bound and determined to install cryptography from source instead of using the wheel.20:22
SamYapleodyssey4me: since i have only git cloned and checked out tag 12.2.3 for openstack-ansible, im not sure where the other stuff is coming from20:22
SamYaplemichaelgugino: is wheel installed? :)20:23
michaelguginoyes20:23
SamYaplegotta ask the simple questinos20:23
odyssey4meSamYaple check whether /etc/ansible is populated with anything on the deploy host - and remove it all20:23
SamYapleodyssey4me: it is and will do20:23
SamYapleodyssey4me: do i need to reset the env? remove all containers and what not?20:24
SamYapleor can i just run the playbooks again20:24
odyssey4meSamYaple hmm, it all depends on whether Ansible executed any of those roles20:24
odyssey4meprobably best to use lxc-containers-destroy to ditch the containers20:24
odyssey4methe hosts should be fine20:24
SamYapleis lxc-containers-destroy a playbook?20:25
odyssey4meyep - you'll find it in /opt/openstack-ansible/playbooks20:25
Attillaodyssey4me: And I thought I was online a lot ;-)20:26
SamYapleodyssey4me: thanks, will be back in a bit should more trouble arise20:27
*** galstrom_zzz is now known as galstrom20:27
odyssey4mecloudnull Matias oh dear: http://logs.openstack.org/05/370405/1/check/gate-openstack-ansible-openstack-ansible-aio-ubuntu-trusty/a62f511/console.html#_2016-09-14_20_17_40_86281220:27
odyssey4meAttilla tomorrow is the deadline to request the first RC, so today will be a long hour day20:28
Attillaodyssey4me: good luck, I have to present at OpenstackUK20:28
Attillatomorrow20:28
openstackgerritSteve Lewis (stevelle) proposed openstack/openstack-ansible-os_gnocchi: Install required packages in identity only mode  https://review.openstack.org/37041520:29
Matiaswat20:29
cloudnullthat looks like an ansible trace20:29
*** galstrom is now known as galstrom_zzz20:30
cloudnulllike "shit broke son"20:30
hughmFLEXinlmao20:30
Matiasis that a symbolic link?20:30
cloudnulli believe so .20:31
cloudnullwhich should be ok because we added follow20:31
Matiasit appears to be a link to an inexistant file20:31
Matiasmaybe follow is what broke it20:31
Matiasthe question is why do we have a link to an inexistant file there20:32
odyssey4meMatias cloudnull so to clue you in - for OpenStack CI we use a pre-existing folder as a git cache to help reduce CI time20:32
odyssey4methe pre-existing folder is symlinked on the host to the data folder for the container, then the data folder for the container is bind mounted20:32
odyssey4meie https://github.com/openstack/openstack-ansible/blob/master/playbooks/repo-server.yml#L23-L4920:33
cloudnullMatias: so maybe we need to add a specific "become: true" there?20:35
MatiasI think some file exists inside /opt/git/openstack/packetary-specs/doc/source in the gate box which is a symbolic link to ../../policy20:35
Matiasbut as ../../policy does not exist, follow: true causes the ansible task to fail20:36
mhaydenhah, i think i just bumped into that proprietary package business20:36
odyssey4meah, yes - we have no control over the data that goes into that folder20:37
cloudnullmhayden: is that still an issue?20:37
cloudnullfrom the fix earlier20:37
mhaydencloudnull: Could not find a version that satisfies the requirement nuage_openstack_neutron (from -r /var/www/repo/os-releases/13.3.1/requirements.txt (line 36)) (from versions: )20:37
mhaydeni don't have the fix applied, obviously20:37
cloudnulloh.20:37
cloudnullis that master?20:37
mhaydenmitaka20:37
cloudnull:'(20:38
odyssey4meoh dear - so yes you were right cloudnull ... time for backports20:38
Matiasodyssey4me: I think the file module has no way to skip this kind of error, perhaps the only way to get around is to remove follow: true20:38
odyssey4meMatias yes, or convert that task into a shell command20:38
Matiaswhy do we have follow: true? because /var/www/repo/openstackgit might be a symlink?20:39
odyssey4meyes, because it is a symlink20:39
openstackgerritMatt Thompson proposed openstack/openstack-ansible: Restart OS services when symlinks are created  https://review.openstack.org/37041820:39
openstackgerritNolan Brubaker proposed openstack/openstack-ansible: Add lxc_host dynamic group to inventory.  https://review.openstack.org/36959920:39
odyssey4methat's why https://github.com/openstack/openstack-ansible-repo_server/commit/f1705ace9f7c1297db5a1432616f3e055a31adf4 added a condition to check what sort of directory it is20:39
Matiasdoes the realpath come into the stat?20:40
Matiaswe could recurse into the realpath without follow20:40
odyssey4meso we should add that condition back, and do something different for a symlink - or replace it all with something that works with both options20:40
odyssey4mebeing able to use a pre-cached git repo is important for offline installs, or staged repositories20:41
odyssey4meand useful for gating too20:41
Matiasthere is a realpath filter in jinja220:41
Matiaswe could use it20:41
odyssey4merealpath sounds like it may be an option20:42
odyssey4meno idea whether it is picked up or not20:42
Matiaswe don't really need to follow more than one level of symlinks20:42
odyssey4melnk_source20:42
odyssey4meno we don't20:42
*** gouthamr has joined #openstack-ansible20:44
openstackgerritKevin Carter (cloudnull) proposed openstack/openstack-ansible-plugins: Fix proprietary regression in py_pkgs.py  https://review.openstack.org/37042020:44
Matiaslet me do a quick PR20:44
odyssey4methanks Matias20:44
odyssey4meMatias we need to cater for conditions where the dir doesn't exist, the dir exists and is a folder, and the dir exists but is a link20:44
odyssey4mecloudnull it may exist in liberty too?20:44
cloudnullyea...20:45
cloudnullwas just about to do it there too20:45
odyssey4mecloudnull are we able to ditch the distro package stuff out of that review?20:46
cloudnullwe could...20:46
odyssey4methis needs to be as surgical as possible20:46
cloudnulli'll need to rewrite parts of the patch20:47
odyssey4meit looks like I have test vars to validate for the repo_build role in mitaka, so we do have some regression protection there20:47
openstackgerritSteve Lewis (stevelle) proposed openstack/openstack-ansible-os_gnocchi: Install required packages in identity only mode  https://review.openstack.org/37041520:47
odyssey4meif you can keep the key sorting in, that'd be helpful for this and future patches20:48
cloudnulli'd rather do a full backport for mitaka20:48
cloudnulland bring in only the bits needed for liberty20:48
odyssey4meyeah, maybe we should just do that20:48
Matiasrealpath does not assume the path already exists20:48
Matiasso it seems like a good option20:48
openstackgerritSteve Lewis (stevelle) proposed openstack/openstack-ansible-os_gnocchi: Install required packages in identity only mode  https://review.openstack.org/37041520:48
odyssey4meok, is that other review a full backport?20:48
cloudnullit is20:48
odyssey4meok, let me put up a test PR for the repo build to validate the results20:48
cloudnullim looking at liberty now to see if its even needed.20:49
cloudnullits not needed in liberty20:50
cloudnullliberty doesn't have propriatary packages as a var20:50
cloudnullso nothing to do there.20:50
odyssey4mecloudnull doesn't seem so - we only have the optional stuff: https://github.com/openstack/openstack-ansible/blob/liberty/playbooks/roles/os_neutron/defaults/main.yml#L38020:51
cloudnullso i think liberty is all good20:51
odyssey4meyeah, good thing20:51
odyssey4memhayden a review of https://review.openstack.org/365458 would be marvellous20:52
mhaydenoh just a little one-liner there, eh?20:53
odyssey4mejust a data validation of a patch that's already in the plugins repo :p20:54
adreznecJust a nice, quick review :)20:54
matttmhayden: have fun!20:54
mattt:)20:54
openstackgerritSteve Lewis (stevelle) proposed openstack/openstack-ansible: Gnocchi identities created before Swift playbook  https://review.openstack.org/36693120:55
mhaydenodyssey4me: this is just so we have good, representative data for testing, right?20:56
mhaydeni figured this wasn't manually generated20:57
*** johnmilton has joined #openstack-ansible20:58
*** can8dnSix has quit IRC20:59
odyssey4memhayden yes - I generated it from the plugins changes for that patch20:59
mhaydengot it20:59
odyssey4meit was a tool to validate that the output from the patches was good20:59
odyssey4meI'm about to do the same for mitaka20:59
mhaydenodyssey4me: doesn't https://review.openstack.org/370420 need to go in first for mitakatown?21:01
odyssey4memhayden nope - I'm putting a review up to show what the data looks like when we use that patch21:01
*** TxGirlGeek has joined #openstack-ansible21:01
odyssey4metwo side-by-side reviews for validation that we aren't going to break things21:01
mhaydenodyssey4me: you are a smart feller21:02
mhaydenand i'm not saying that because cloudnull told me to21:02
*** hybridpollo has quit IRC21:03
*** thorst_ has joined #openstack-ansible21:03
*** jheroux has quit IRC21:03
*** admin0 has joined #openstack-ansible21:04
openstackgerritMichael Gugino proposed openstack/openstack-ansible-ceph_client: Support deployment of extra ceph.conf files  https://review.openstack.org/37043121:04
* mhayden is headed out for soccer coaching time21:05
openstackgerritJesse Pretorius (odyssey4me) proposed openstack/openstack-ansible-repo_build: Update py_pkgs output data for updated lookup plugin  https://review.openstack.org/37043221:05
*** psilvad has quit IRC21:05
odyssey4meugh, it's not pretty because the previous data wasn't sorted - and it's all in json :/21:06
odyssey4memaybe I should just convert this to yaml too21:06
*** askb has joined #openstack-ansible21:06
*** thorst_ has quit IRC21:09
openstackgerritJesse Pretorius (odyssey4me) proposed openstack/openstack-ansible-repo_build: Update py_pkgs output data for updated lookup plugin  https://review.openstack.org/37043221:10
odyssey4methat looks better21:11
odyssey4mecloudnull  looks good to me - we're even fixing some other regressions (lower case package names)21:12
openstackgerritJesse Pretorius (odyssey4me) proposed openstack/openstack-ansible-plugins: Fix proprietary regression in py_pkgs.py  https://review.openstack.org/37042021:13
openstackgerritMerged openstack/openstack-ansible-repo_build: Update py_pkgs output data for binary package lookup  https://review.openstack.org/36545821:13
odyssey4mecloudnull perhaps you can validate my thoughts that the data output looks good? https://review.openstack.org/37043221:14
odyssey4methen we'll need one other core to make a call on both patches - I've added a dep from the one to the other21:15
Matiasodyssey4me: {{ _git_folder.stat.exists and _git_folder.stat.islnk | ternary(_git_folder.stat.lnk_source, repo_service_home_folder + '/repo/openstackgit') }}21:15
Matiasodyssey4me: should I break this into multiple lines?21:15
openstackgerritJesse Pretorius (odyssey4me) proposed openstack/openstack-ansible-repo_build: Update py_pkgs output data for updated lookup plugin  https://review.openstack.org/37043221:15
Matiascode style question21:15
odyssey4meMatias you'll need to add () around the stuff before the ternary filter21:16
odyssey4mebut no - one line should do21:16
Matiasodyssey4me: it is working without (), I think | has less precedence than and21:16
odyssey4meyeah, we've seen some odd behaviour between versions - rather be safe21:17
Matiasok21:17
odyssey4meit's possibly working because you have a link - try it without a folder at all :)21:17
odyssey4mebut anyway - short version, add the ()21:17
Matiasnevermind, my test with nonexistant dir just failed21:17
Matias() is really needed21:17
hughmFLEXinMatias: does this look correct? https://gist.github.com/bbyhuy/ae3a3a0e6aca420a904ac48ccca6052921:18
Matiasodyssey4me: LOL it created a dir named /root/False21:19
MatiashughmFLEXin: yes, but weren't you going to use dhcp?21:19
hughmFLEXinsorta, its a DHCP that allows for assign static ip to nodes based on mac-addr21:21
Matiashmm cobbler does just like that21:21
hughmFLEXinyea im using Stacki21:21
*** galstrom_zzz is now known as galstrom21:21
MatiasI choose cobbler because there was a ready-to-go inventory script for ansible21:21
Matiashowever I needed to modify the inventory script anyway because it didn't implement variable inheritance21:22
hughmFLEXinin your setup do you use br-vlan or br-vxlan for your internal openstack network21:22
hughmFLEXinsince br-ex is the floating net21:22
MatiasI currently don't use br-vlan21:22
Matiasit is there in case we want to create a pure-vlan network21:23
Matiasbut by default neutron allocs the project networks into vxlan tunnels21:23
*** galstrom is now known as galstrom_zzz21:24
hughmFLEXinhmm, so i created an internal net using vxlan and would assuming i can at least ping it from my compute node21:24
hughmFLEXinwonder if im missing something21:24
Matiasping what? the internal net's router?21:24
hughmFLEXininternal net vm21:25
Matiasping one vm from another?21:25
*** asettle has quit IRC21:25
hughmFLEXinfrom compute to vm21:25
Matiasno21:26
Matiascompute does not see the vm's network21:26
Matiasit is just some flat tun21:26
*** johnmilton has quit IRC21:26
hughmFLEXinah21:26
Matiasyou might ping it from the neutron-agents container21:26
Matiasbut you would need to go inside the network namespace21:26
Matiasusing "ip netns NAME exec"21:27
Matiasit creates one namespace per each project network21:27
Matiasif you are running HA, you need to check which one of the neutron-agent currently has the master router21:27
Matiasthen you can get into the namespace and ping21:28
Matiasit is easier to just spawn 2 vms and ping between them21:28
Matiasunless you are debugging some issue21:28
odyssey4mecloudnull yep, it looks like it works21:28
cloudnullwhich?21:28
hughmFLEXinhmm k let me add br-ex to the config and re-run lxc-create and try again21:29
hughmFLEXinwith floating21:29
odyssey4mecloudnull https://review.openstack.org/#/c/370432/21:29
Matiasodyssey4me: one last test before submitting the PR: ln -s /nonexistant /var/www/repo/openstackgitx/lolol21:29
odyssey4methe updated repo data output21:29
cloudnullexcellent21:29
MatiashughmFLEXin: you will not be able to ping a floating IP unless you add a security group allowing for ICMP21:29
hughmFLEXinyea that is already added21:29
odyssey4meinteresting to see that mitaka takes around 12 mins while master takes around 8 mins21:30
openstackgerritPaulo Matias proposed openstack/openstack-ansible-repo_server: Fix error when the git folder contains broken symlinks  https://review.openstack.org/37044321:34
Matiasodyssey4me: cloudnull: ^ please do the needful :P21:35
odyssey4meMatias yeah, will monitor the CI output21:35
MatiasI hope it solves the issue21:35
cloudnulldone.21:37
cloudnull:)21:37
Matiaslol thanks21:38
odyssey4mecloudnull any thoughts on https://review.openstack.org/369485 ?21:40
cloudnullthank you Matias. it'll be nice to see this fixed.21:40
Matiasi'm going out for the evening.. need to do some tasks unrelated to openstack tonight.. I'll try to come back later, otherwise see you tomorrow.. still need to open that rabbit+ssl bug, will that as soon as possible21:41
Matiasthank you guys21:41
odyssey4methanks Matias :)21:41
odyssey4mehave a good evening21:41
hughmFLEXinthx Matias bb21:41
cloudnullodyssey4me: LGTM21:42
odyssey4mecloudnull  so I was thinking - a full metal scenario would be good21:42
cloudnullI agree21:43
odyssey4memaybe do a split out of swift so that we have one scenario with swift+telemetry and another with compute + tlemetry21:43
odyssey4mewe can do glance + swift in the glance role21:43
cloudnullmakes sense to me21:44
odyssey4meit seems like the main code path to do in the integrated gate instead of the roles is the telemetry integration21:44
cloudnulli'd like to have swift basically always be tested.21:45
* cloudnull is a swift fanboi21:45
*** michaelgugino has quit IRC21:45
*** AnarchyAo has quit IRC21:45
odyssey4medoing those above would mean we can leave the default 'aio' scenario for dev only testing and drop it from the gate21:45
cloudnullthe more scenarios the better imo.21:45
odyssey4mehopefully that will then bring us under the 90 min build time always21:45
cloudnull++21:45
odyssey4meyeah, then we can also do magnum, sahara and others21:46
cloudnull+900021:47
cloudnulla zaqar gate would be outstanding21:47
odyssey4meargh - a centralised test repo failure? http://logs.openstack.org/43/370443/1/check/gate-openstack-ansible-repo_server-ansible-func-ubuntu-xenial/0a47e8a/console.html#_2016-09-14_21_46_19_91177121:47
*** admin0 has quit IRC21:48
cloudnullodyssey4me: looks lke an undefined var21:49
odyssey4meah, different failure: http://logs.openstack.org/43/370443/1/check/gate-openstack-ansible-repo_server-ansible-func-ubuntu-xenial/0a47e8a/console.html#_2016-09-14_21_45_18_63376921:50
odyssey4meit worked on trusty, so probably a transient failure21:51
odyssey4mewaiting for centos to build, then we can recheck21:51
odyssey4meI do wish that centos minimum size would be increased21:52
odyssey4meminimum nodepool size I mean21:52
*** TxGirlGeek has quit IRC21:53
*** asettle has joined #openstack-ansible21:53
*** KLevenstein has quit IRC21:56
mrdaMorning OSA22:01
odyssey4meo/ mrda22:02
odyssey4meany progress on figuring out how to test Ironic in the gate?22:02
odyssey4mewe have both role and integrated gate scenario testing available - so I'm quite keen to get all the things tested per commit22:02
mrdao/22:02
cloudnull++22:03
cloudnullthat'd be awesome22:03
nishpatwa_Hi I am facing Gate failure22:04
nishpatwa_https://review.openstack.org/#/c/370187/22:04
nishpatwa_Is there something I can do?22:04
*** jperry has quit IRC22:05
csmartmrda: \o22:06
mrdao/22:06
odyssey4menishpatwa_ just hang ten - we have a fix busy being tested right now which should unblock that22:06
nishpatwa_Sure Thanks22:07
odyssey4menishpatwa_ I'll do a recheck on your patch once it's unblocked22:07
nishpatwa_Okay sure odyssey4me22:07
*** thorst has joined #openstack-ansible22:08
*** asettle has quit IRC22:12
*** spedione is now known as spedione|AWAY22:13
*** thorst has quit IRC22:15
openstackgerritMerged openstack/openstack-ansible: Restart OS services when symlinks are created  https://review.openstack.org/37041822:17
*** galstrom_zzz is now known as galstrom22:17
*** galstrom is now known as galstrom_zzz22:18
openstackgerritKevin Carter (cloudnull) proposed openstack/openstack-ansible-lxc_container_create: Change the container prep using more intelligent commands  https://review.openstack.org/35412022:20
stevellecloudnull: stuck on  https://review.openstack.org/370352 --  logs http://paste.openstack.org/show/576564/ any ideas?22:26
*** itsuugo has quit IRC22:26
odyssey4mestevelle so ceilometer did a wholesale switch?22:27
stevelleyeah, that was the last service in the group to switch22:27
odyssey4memaybe dstanek can help? or andymccr if he's around?22:27
*** itsuugo has joined #openstack-ansible22:28
stevellelooking at the find_file method it's probably complaining because there is no _namespace22:29
odyssey4meapache2/uwsgi seems rather heavy handed - why not just switch th uwsgi only?22:30
odyssey4meuwsgi only is kinda equivalent to the current service model I would guess?22:30
stevelleodyssey4me: I'm going with mod_wsgi because the pattern is pervasive in osa22:31
odyssey4meyeah, fair enough22:32
*** hj-hpe has quit IRC22:33
odyssey4mestevelle will it absolutely no longer work with the current model for Newton?22:33
odyssey4meor is this work for post Newton?22:33
stevelleodyssey4me: they murdereated werkzeug22:34
odyssey4meoh, how nice of them22:34
*** sdake_ has quit IRC22:40
openstackgerritMerged openstack/openstack-ansible-galera_server: Prevent galera_cluster_name from changing.  https://review.openstack.org/37013322:47
*** hblah has joined #openstack-ansible22:47
*** itsuugo has quit IRC22:52
*** itsuugo has joined #openstack-ansible22:53
*** adrian_otto has joined #openstack-ansible22:56
*** johnmilton has joined #openstack-ansible22:57
*** jamesdenton has quit IRC23:01
*** weezS has quit IRC23:02
openstackgerritKevin Carter (cloudnull) proposed openstack/openstack-ansible-lxc_container_create: Change the container prep using more intelligent commands  https://review.openstack.org/35412023:03
*** itsuugo has quit IRC23:10
*** itsuugo has joined #openstack-ansible23:11
*** thorst has joined #openstack-ansible23:12
openstackgerritMerged openstack/openstack-ansible-repo_server: Fix error when the git folder contains broken symlinks  https://review.openstack.org/37044323:14
openstackgerritJesse Pretorius (odyssey4me) proposed openstack/openstack-ansible: [DOCS] Added HAProxy example to Production environment document.  https://review.openstack.org/37018723:14
openstackgerritJesse Pretorius (odyssey4me) proposed openstack/openstack-ansible: [TESTING] Ansible Devel  https://review.openstack.org/35116523:16
*** thorst has quit IRC23:20
*** pmannidi has joined #openstack-ansible23:20
*** johnmilton has quit IRC23:20
openstackgerritJesse Pretorius (odyssey4me) proposed openstack/openstack-ansible: Remove assumption that the neutron_lbaas var is set  https://review.openstack.org/36890523:21
*** jamielennox is now known as jamielennox|away23:22
openstackgerritJesse Pretorius (odyssey4me) proposed openstack/openstack-ansible-tests: Fix container destroy host group  https://review.openstack.org/37028223:24
*** johnmilton has joined #openstack-ansible23:25
openstackgerritKevin Carter (cloudnull) proposed openstack/openstack-ansible-lxc_container_create: Change the container prep using more intelligent commands  https://review.openstack.org/35412023:25
odyssey4mepalendae you around? see comments in https://review.openstack.org/36959923:25
*** kylek3h has quit IRC23:27
stevelleodyssey4me: https://review.openstack.org/#/c/369485/ seems like it will have some significant upgrade implications23:32
stevelleat least for environments that have tailored their inventory at all23:33
odyssey4mestevelle I tried to ensure that it's additive, and takes nothing away. Have I missed anything?23:33
odyssey4meany existing env.d should work - we'll find out when doing upgrade tests I guess23:34
stevelleprobably missed a release note but it's hard to say for sure if anything else is without spending a lot of time on it23:35
odyssey4mestevelle yeah, no release note there - kinda on purpose because it's additive23:37
odyssey4mealso because I don't like the new group names and hope we can ditch them asap23:37
stevellewell that's a factor at least23:38
odyssey4meI'm thinking of them as 'experimental' in the hope that palendae can make a magic pill in the inventory23:38
odyssey4meI dunno if you noticed the chat earlier about the issue I found23:38
odyssey4mehttps://bugs.launchpad.net/openstack-ansible/+bug/162358423:38
openstackLaunchpad bug 1623584 in openstack-ansible "Dynamic inventory clash between host group name and container group name" [Undecided,Confirmed] - Assigned to Nolan Brubaker (nolan-brubaker)23:38
openstackgerritKevin Carter (cloudnull) proposed openstack/openstack-ansible-lxc_container_create: Change the container prep using more intelligent commands  https://review.openstack.org/35412023:39
stevelleewww23:39
*** hblah has quit IRC23:40
odyssey4meyeah, so for now I'm kinda hoping to keep the new names as dev only, although I know if we release with it we'll need a deprecation cycle23:40
odyssey4meMatias cloudnull good news https://review.openstack.org/370443 is working in the integrated build23:40
odyssey4meit takes 90 secs to complete that task in CI23:41
odyssey4meopenstack-infra puts a *lot* of git repositories in the image23:41
cloudnullthat aint bad at all23:41
odyssey4mestevelle did you notice that https://review.openstack.org/370420 depends on https://review.openstack.org/370432 ?23:42
stevelleodyssey4me: yeah, thought I voted on that already23:43
* stevelle is tired23:43
odyssey4mestevelle maybe the master version, this is the mitaka one23:43
stevelleI specifically reviewed the mitaka23:43
stevelleI remember giving it the eyeball since not a backport23:44
odyssey4mestevelle sounds like you need an afternoon nap?23:44
stevelleyeah, shifting my schedule to start at 7am again23:44
stevelleby 4:30 or so I'm dragging23:45
odyssey4mea mid day nap of 30-45 mins works wonders for me23:45
odyssey4meif I'm feeling tired I do that when working from home23:46
stevellewhen I get my schedule adjusted for a week I'll be fine again23:47
odyssey4mewhat was your schedule before?23:47
stevellestarted about 8:30 or so23:48
stevellethe killer is the morning workout before that23:48
stevelleearlier start means I don't get those crucial light rays in my eyeballs to get me going23:49
cloudnullhttps://review.openstack.org/#/c/354120/ -- odyssey4me stevelle23:51
cloudnullif you have a moment23:51
cloudnullnow lxc container config is done using the container PID instead of the lxc module23:51
odyssey4mecloudnull  busy looking through it - looking good so far23:52
*** johnmilton has quit IRC23:55
*** johnmilton has joined #openstack-ansible23:56
*** itsuugo has quit IRC23:57
*** itsuugo has joined #openstack-ansible23:58
« Tuesday, 2016-09-13 Index Thursday, 2016-09-15 »

Generated by irclog2html.py 2.14.0 by Marius Gedminas - find it at mg.pov.lt!