Thursday, 2017-03-23

*** DimGR2 is now known as DimGR		00:00
*** Jack_Iv has joined #openstack-ansible		00:14
*** Jack_Iv has quit IRC		00:19
*** woodard_ has joined #openstack-ansible		00:20
*** woodard has quit IRC		00:20
*** gouthamr has joined #openstack-ansible		00:27
*** dxiri has quit IRC		00:32
*** adrian_otto has joined #openstack-ansible		00:33
*** Jack_Iv has joined #openstack-ansible		00:35
*** Jack_Iv has quit IRC		00:40
*** h16mara_ has quit IRC		00:41
*** agrebennikov has quit IRC		00:42
*** cuongnv has joined #openstack-ansible		00:48
*** h16mara_ has joined #openstack-ansible		00:49
*** rmelero has quit IRC		00:49
*** SerenaFeng has joined #openstack-ansible		00:56
*** DimGR has quit IRC		00:58
*** adrian_otto has quit IRC		00:59
*** esberglu has quit IRC		01:13
*** gouthamr has quit IRC		01:16
*** MasterOfBugs has quit IRC		01:23
*** SerenaFeng has quit IRC		01:24
*** japestinho has joined #openstack-ansible		01:32
*** Jack_Iv has joined #openstack-ansible		01:36
*** SerenaFeng has joined #openstack-ansible		01:40
*** pmannidi_ has joined #openstack-ansible		01:40
*** Jack_Iv has quit IRC		01:40
*** weezS has quit IRC		01:43
*** pmannidi has quit IRC		01:43
*** Andrew_jedi has joined #openstack-ansible		01:44
*** mpotdar has joined #openstack-ansible		01:44
*** ianychoi has quit IRC		01:48
*** Andrew_jedi has quit IRC		01:50
*** weezS has joined #openstack-ansible		01:51
*** ianychoi has joined #openstack-ansible		01:54
*** SerenaFeng has quit IRC		01:58
openstackgerrit	Jimmy McCrory proposed openstack/openstack-ansible master: [WIP] Support cidr_networks in L3 network environments https://review.openstack.org/448850	02:07
*** NostawRm has quit IRC		02:23
*** NostawRm has joined #openstack-ansible		02:23
*** agrebennikov_ has joined #openstack-ansible		02:27
*** Jack_Iv has joined #openstack-ansible		02:36
*** Jack_Iv has quit IRC		02:41
*** Mahe has quit IRC		02:42
*** Mahe has joined #openstack-ansible		02:43
*** manheim has joined #openstack-ansible		02:45
*** manheim has quit IRC		02:50
*** agrebennikov has joined #openstack-ansible		02:58
*** gouthamr has joined #openstack-ansible		02:59
*** sanfern has joined #openstack-ansible		03:00
*** lihi has quit IRC		03:06
*** lihi has joined #openstack-ansible		03:07
*** acormier has joined #openstack-ansible		03:14
openstackgerrit	Ravi Kumar Boyapati proposed openstack/openstack-ansible-lxc_hosts master: Fix the lock type variable https://review.openstack.org/448872	03:18
*** gouthamr has quit IRC		03:19
openstackgerrit	Jimmy McCrory proposed openstack/openstack-ansible master: Support cidr_networks in L3 network environments https://review.openstack.org/448850	03:33
*** acormier has quit IRC		03:36
*** Jack_Iv has joined #openstack-ansible		03:37
*** Jack_Iv has quit IRC		03:42
*** h16mara_ has quit IRC		03:53
*** h16mara_ has joined #openstack-ansible		03:58
*** udesale has joined #openstack-ansible		04:07
*** Amit82 has joined #openstack-ansible		04:11
Amit82	Hi All, can we create multiple FLAT tenant networks?	04:11
sc`	it would seem systemd-resolve comes about in newer releases of systemd, which centos 7 does not have. fun.	04:11
*** pmannidi_ has quit IRC		04:11
*** NikhilS has joined #openstack-ansible		04:19
*** pmannidi_ has joined #openstack-ansible		04:28
*** manheim has joined #openstack-ansible		04:30
*** manheim has quit IRC		04:34
*** jrobinson has quit IRC		04:36
*** pmannidi_ has quit IRC		04:43
*** MasterOfBugs has joined #openstack-ansible		04:44
*** agrebennikov has quit IRC		04:46
*** agrebennikov_ has quit IRC		04:46
*** Jeffrey4l has joined #openstack-ansible		04:55
*** Jeffrey4l_ has quit IRC		04:55
*** pmannidi_ has joined #openstack-ansible		05:00
*** Jack_Iv has joined #openstack-ansible		05:02
*** shashank_t_ has joined #openstack-ansible		05:03
*** Jack_Iv has quit IRC		05:06
*** markvoelker has quit IRC		05:08
*** markvoelker has joined #openstack-ansible		05:09
*** markvoelker has quit IRC		05:13
*** jrobinson has joined #openstack-ansible		05:14
*** Jack_Iv has joined #openstack-ansible		05:23
*** cuongnv has quit IRC		05:25
*** Jack_Iv has quit IRC		05:28
*** cuongnv has joined #openstack-ansible		05:32
*** asmaa has joined #openstack-ansible		05:41
*** SerenaFeng has joined #openstack-ansible		05:53
*** arif-ali has quit IRC		05:56
*** shashank_t_ has quit IRC		05:57
*** Jack_Iv has joined #openstack-ansible		05:58
*** arif-ali has joined #openstack-ansible		05:58
*** fxpester has joined #openstack-ansible		06:00
*** qiliang28 has joined #openstack-ansible		06:04
*** askb_ has joined #openstack-ansible		06:08
*** bpetit has quit IRC		06:08
*** bpetit has joined #openstack-ansible		06:08
*** markvoelker has joined #openstack-ansible		06:09
*** Jack_Iv has quit IRC		06:10
*** jrobinson has quit IRC		06:11
*** lkoranda_ has joined #openstack-ansible		06:12
*** Jack_Iv has joined #openstack-ansible		06:12
*** fedruantine has joined #openstack-ansible		06:12
*** lkoranda has quit IRC		06:13
*** askb has quit IRC		06:13
*** fedruantine_ has quit IRC		06:13
*** qiliang27 has quit IRC		06:13
*** lkoranda_ is now known as lkoranda		06:13
*** qiliang28 is now known as qiliang27		06:13
*** markvoelker has quit IRC		06:13
*** john51 has quit IRC		06:14
*** jrobinson has joined #openstack-ansible		06:15
*** john51 has joined #openstack-ansible		06:15
*** tonytan4ever has quit IRC		06:26
*** tonytan4ever has joined #openstack-ansible		06:26
*** weezS has quit IRC		06:27
*** tonytan4ever has quit IRC		06:31
*** weezS has joined #openstack-ansible		06:37
*** shashank_t_ has joined #openstack-ansible		06:47
*** shashank_t_ has quit IRC		06:50
*** udesale__ has joined #openstack-ansible		06:53
*** udesale has quit IRC		06:56
openstackgerrit	Jimmy McCrory proposed openstack/openstack-ansible master: Support cidr_networks in L3 network environments https://review.openstack.org/448850	06:59
*** weezS has quit IRC		07:01
*** weezS has joined #openstack-ansible		07:01
*** z- has quit IRC		07:02
*** z- has joined #openstack-ansible		07:03
*** jasondotstar has quit IRC		07:03
*** dmellado has quit IRC		07:03
*** bpetit has quit IRC		07:03
*** admin0- has quit IRC		07:04
*** bpetit has joined #openstack-ansible		07:05
*** jasondotstar has joined #openstack-ansible		07:08
*** dmellado has joined #openstack-ansible		07:08
*** admin0 has joined #openstack-ansible		07:09
*** Jack_Iv has quit IRC		07:10
*** Jack_Iv has joined #openstack-ansible		07:10
*** jrobinson has quit IRC		07:11
openstackgerrit	Markos Chandras (hwoarang) proposed openstack/openstack-ansible-galera_server master: Add support for the openSUSE Leap distributions https://review.openstack.org/445248	07:12
*** udesale has joined #openstack-ansible		07:19
*** udesale__ has quit IRC		07:23
*** cuongnv has quit IRC		07:29
*** manheim has joined #openstack-ansible		07:33
*** manheim has quit IRC		07:36
*** manheim has joined #openstack-ansible		07:36
*** Jack_Iv has quit IRC		07:40
*** Jack_Iv has joined #openstack-ansible		07:40
*** askb_ has quit IRC		07:43
openstackgerrit	Jimmy McCrory proposed openstack/openstack-ansible master: Support cidr_networks in L3 network environments https://review.openstack.org/448850	07:49
*** Amit82 has quit IRC		07:58
*** cuongnv has joined #openstack-ansible		07:58
*** Mahe has quit IRC		08:00
*** askb has joined #openstack-ansible		08:00
openstackgerrit	Andy McCrae proposed openstack/openstack-ansible master: SHA Bump on Master as at 22 March 2017 https://review.openstack.org/448674	08:02
andymccr	FYI ^ worked - but we just need the dependent patch to merge and to adjust the SHA	08:02
*** Mahe has joined #openstack-ansible		08:02
*** askb has quit IRC		08:02
*** askb has joined #openstack-ansible		08:04
*** shardy has joined #openstack-ansible		08:05
*** pcaruana has joined #openstack-ansible		08:06
*** vnogin has quit IRC		08:09
openstackgerrit	Andy McCrae proposed openstack/openstack-ansible-tests stable/ocata: Bump Tempest SHA for stable/ocata https://review.openstack.org/448984	08:09
*** markvoelker has joined #openstack-ansible		08:10
*** pmannidi_ has quit IRC		08:13
*** markvoelker has quit IRC		08:14
*** manheim has quit IRC		08:21
*** Andrew_jedi has joined #openstack-ansible		08:21
*** manheim has joined #openstack-ansible		08:21
*** tonytan4ever has joined #openstack-ansible		08:27
*** DimGR has joined #openstack-ansible		08:28
*** vnogin has joined #openstack-ansible		08:52
*** qiliang28 has joined #openstack-ansible		08:56
*** SerenaFeng has quit IRC		08:56
*** SerenaFeng has joined #openstack-ansible		08:57
*** shardy has quit IRC		08:58
*** qiliang27 has quit IRC		08:59
*** qiliang28 is now known as qiliang27		08:59
*** shardy has joined #openstack-ansible		09:00
*** openstackgerrit has quit IRC		09:03
*** lemroid has joined #openstack-ansible		09:08
*** david-lyle has quit IRC		09:11
*** david-lyle has joined #openstack-ansible		09:13
*** h16mara_ has quit IRC		09:15
*** h16mara_ has joined #openstack-ansible		09:16
*** esberglu has joined #openstack-ansible		09:16
*** esberglu has quit IRC		09:20
*** lemroid has left #openstack-ansible		09:22
*** Mahe has quit IRC		09:24
*** david-lyle_ has joined #openstack-ansible		09:27
*** Mahe has joined #openstack-ansible		09:27
*** david-lyle has quit IRC		09:27
*** tonytan4ever has quit IRC		09:27
*** manheim has quit IRC		09:37
*** manheim has joined #openstack-ansible		09:37
*** electrofelix has joined #openstack-ansible		09:39
*** karimb has joined #openstack-ansible		09:39
*** SerenaFeng has quit IRC		09:46
*** udesale has quit IRC		09:48
*** ildikov has joined #openstack-ansible		09:49
*** MasterOfBugs has quit IRC		09:59
*** rgogunskiy has joined #openstack-ansible		10:04
*** Andrew_jedi has quit IRC		10:09
*** markvoelker has joined #openstack-ansible		10:11
*** Jack_Iv has quit IRC		10:11
*** sanfern has quit IRC		10:16
*** markvoelker has quit IRC		10:16
*** cuongnv has quit IRC		10:18
pjm6	Good morning guys :)	10:24
pjm6	andymccr: do you have the ETA of Ocata 15.0.1 ?	10:24
pjm6	or you know if it's possible to update only nova (to solve that quota problem)	10:25
admin0	morning pjm6	10:33
odyssey4me	pjm6 15.1.0 will release next week if I remember correctly	10:34
*** manheim has quit IRC		10:35
*** Jack_Iv has joined #openstack-ansible		10:35
pjm6	admin0: odyssey4me o/	10:49
pjm6	thank you odyssey4me :)	10:49
*** rabel has joined #openstack-ansible		10:49
*** esberglu has joined #openstack-ansible		11:05
*** esberglu has quit IRC		11:10
*** manheim has joined #openstack-ansible		11:21
*** stuartgr has joined #openstack-ansible		11:23
*** tonytan4ever has joined #openstack-ansible		11:28
*** retreved has joined #openstack-ansible		11:30
*** mpotdar has quit IRC		11:36
*** Jack_Iv has quit IRC		11:41
*** Jack_Iv has joined #openstack-ansible		11:41
pjm6	with a server of 32GB, running XenServer it's possible to make a "good" testbed with OSA? using like 3 controller nodes, 1 log node and 1 compute node	11:45
pjm6	probably the recommended were 64GB !?	11:45
*** Jack_Iv has quit IRC		11:45
pjm6	i'm trying to figure out what's the best way to make a testbed for OSA deployment	11:46
pjm6	or it's more preferable to have bare metals (even if they had lower hardware requirements)	11:54
*** Jack_Iv has joined #openstack-ansible		11:58
*** esberglu has joined #openstack-ansible		11:59
admin0	pjm6: what tests do you want to do ?	12:02
*** esberglu has quit IRC		12:04
*** askb has quit IRC		12:05
*** karimb has quit IRC		12:06
*** shardy is now known as shardy_lunch		12:08
pjm6	admin0: testing upgrades and see if the minimal things works	12:09
mgariepy	FAILURE in 5h 00m 48s that's a long time to run	12:09
pjm6	like networking, create VMs, etc	12:09
pjm6	just to test if a upgrade wents good	12:09
admin0	pjm6: i use this , which I documented	12:09
admin0	http://www.openstackfaq.com/openstack-dev-server-setup-ubuntu/	12:09
admin0	for every cluster i have, I also have one server where the same ip/network/setup is identical .. so once it passes this closed system, its applied in the real one ..	12:10
admin0	this acts as acceptance environment	12:10
pjm6	yes that's something i want	12:10
admin0	and because those are multiple VMS but under a vyos router, i can have real ips inside this .. so zero changes to playbooks	12:11
*** markvoelker has joined #openstack-ansible		12:13
*** sanfern has joined #openstack-ansible		12:13
admin0	in smaller ones, i have min of 4 vms .. vyos, controller, storage, compute .. bigger ones have the full virtual setup, including ceph	12:13
*** openstackgerrit has joined #openstack-ansible		12:13
openstackgerrit	Marc Gariépy proposed openstack/openstack-ansible-tests master: Stop removing epel https://review.openstack.org/449105	12:13
mgariepy	odyssey4me, do you mind if I restore : https://review.openstack.org/#/c/443108/ and then backport https://review.openstack.org/44910 in ocata, just to sync up both branches.	12:16
*** markvoelker has quit IRC		12:17
*** mrtenio has quit IRC		12:18
mgariepy	i would also need another vote if a core have time : https://review.openstack.org/#/c/448756/	12:27
mgariepy	it would be needed in ocata as well.	12:27
evrardjp	mgariepy: could you ping me them all? I've kinda missed what's happening on the chan	12:28
evrardjp	is there a topic?	12:28
*** tonytan4ever has quit IRC		12:28
mgariepy	evrardjp, there is only a few patches ;) https://review.openstack.org/#/c/448756/	12:29
mgariepy	and i would like to restore https://review.openstack.org/#/c/443108/ to sync up ocata with master for the epel stuff.	12:29
evrardjp	so your goal is RDO release pkg and epel removed by default for nodepool	12:30
evrardjp	because	12:30
evrardjp	https://review.openstack.org/#/c/449105/	12:30
evrardjp	shouldn't we just do a combined backport?	12:30
mgariepy	ok i'll do a combined backport.	12:31
evrardjp	sorry it's because I'm easily lost :)	12:31
mgariepy	haha well it's not that bad ;)	12:31
mgariepy	I don't have much time for OSA this week. and probably next week won't be much better.	12:32
openstackgerrit	Merged openstack/openstack-ansible-pip_install master: yum-utils is needed to configure repos https://review.openstack.org/448756	12:32
evrardjp	it happens to everyone, I've been quite away too recently	12:32
openstackgerrit	Marc Gariépy proposed openstack/openstack-ansible-tests stable/ocata: Replace EPEL with RDO https://review.openstack.org/443108	12:32
evrardjp	do we need to take over some of the work for you mgariepy?	12:33
evrardjp	if we can	12:33
*** tonytan4ever has joined #openstack-ansible		12:33
mgariepy	it's kinda close since : https://review.openstack.org/#/c/448499/ passed :D	12:34
mgariepy	i would like to cleanup as much as possible epel stuff.	12:34
*** woodard_ has quit IRC		12:35
evrardjp	well it makes sense, it's been a while we've been discussing this	12:35
evrardjp	:p	12:35
evrardjp	thanks for the work there btw	12:35
evrardjp	sorry for not stepping up	12:35
*** woodard has joined #openstack-ansible		12:35
evrardjp	I leave you to it because I know RDO is in good hands with you :p	12:36
evrardjp	(because EPEL can't be in good hands of everyone :p)	12:36
evrardjp	#terriblejokepoorlyexecuted	12:36
mgariepy	lol	12:37
openstackgerrit	Marc Gariépy proposed openstack/openstack-ansible-tests stable/ocata: Install RDO, stop removing EPEL. https://review.openstack.org/443108	12:38
mgariepy	^^ like this :D	12:38
openstackgerrit	Marc Gariépy proposed openstack/openstack-ansible-tests stable/ocata: Install RDO, stop removing EPEL. https://review.openstack.org/443108	12:40
*** qiliang27 has quit IRC		12:41
*** Andrew_jedi has joined #openstack-ansible		12:43
*** markvoelker has joined #openstack-ansible		12:46
*** klamath has joined #openstack-ansible		12:46
*** klamath has quit IRC		12:47
*** klamath has joined #openstack-ansible		12:47
*** schwicht has joined #openstack-ansible		12:52
*** h16mara_ is now known as hachi		12:53
*** DimGR has quit IRC		12:54
*** shardy_lunch is now known as shardy		12:57
*** udesale has joined #openstack-ansible		13:01
hachi	Hi,	13:04
hachi	I have a SSL problem within HAProxy	13:05
hachi	I added ceph object storage to the existing ceph related things but RGW only responds to the request coming from the internal VIP. The RGW through the external VIP is not working, I have this error message in haproxy.log:	13:06
hachi	Mar 23 12:48:59 localhost haproxy[39014]: 10.1.4.10:37290 [23/Mar/2017:12:48:59.400] ceph-front-1/1: SSL handshake failure	13:07
hachi	Any idea how to fix this ?	13:07
*** esberglu has joined #openstack-ansible		13:15
fdegir	all the attempts I made to deploy using openstack-ansible from master failed	13:16
fdegir	I appreciate if someone can pass me a specific version that works	13:17
fdegir	trying the ones with sha bumps but they fail too	13:17
*** jwitko has joined #openstack-ansible		13:18
*** esberglu has quit IRC		13:19
*** gouthamr has joined #openstack-ansible		13:20
Andrew_jedi	fdegir: Have you tried the stable/ocata branch ?	13:26
fdegir	Andrew_jedi: that works	13:27
fdegir	Andrew_jedi: but I want master :)	13:27
ildikov	Andrew_jedi: the idea here would be to deploy master as part of a bigger stack	13:27
Andrew_jedi	ildikov: ohhhh okay!	13:28
*** kstev has joined #openstack-ansible		13:30
ildikov	Andrew_jedi: there's an initiative in OPNFV (another open source community focusing on NFV) to deploy a full stack from the latest master of open source components, where OpenStack provides the cloud infrastructure	13:30
ildikov	Andrew_jedi: this would help end-to-end testing of new features along with the integration of the components	13:30
odyssey4me	mgariepy shouldn't we ensure that EPEL is actually added?	13:31
odyssey4me	I know it's already there in the gating as infra puts it there, but perhaps we should check if it's there and add it if it is not?	13:31
Andrew_jedi	ildikov: sounds really great ...	13:31
ildikov	Andrew_jedi: so we are looking for ways to deploy OpenStack from master	13:31
odyssey4me	fdegir master is broken right now due to some issues with the upstream service repositories	13:32
odyssey4me	the fix is in progress, but we're stuck waiting for them	13:32
ildikov	Andrew_jedi: that would help much with feedback as OPNFV deploys OpenStack from stable, but if we start testing features at that point than we are loosing time	13:32
sc`	odyssey4me: i may have accidentally gotten a centos Vagrantfile functioning	13:32
*** DimGR has joined #openstack-ansible		13:32
fdegir	odyssey4me: any earlier version you might know:	13:32
fdegir	?	13:32
odyssey4me	sc` oh really? I was about to push a patch with a working change to the vagrantfile	13:32
sc`	osa still fails because of systemd-resolve not existing	13:32
odyssey4me	fdegir yes, use a stable branch	13:32
odyssey4me	it seems to work fine for me so far	13:33
fdegir	odyssey4me: yes, that works	13:33
odyssey4me	but I'm not all that far along	13:33
fdegir	in case if anyone is interested: https://build.opnfv.org/ci/job/xci-deploy-virtual-xenial-daily-ocata/20/consoleFull	13:33
fdegir	but we are after master...	13:33
odyssey4me	fdegir alternatively, see if you can figure out the problem that's causing tempest to fail	13:33
sc`	odyssey4me: i probably went about it a different way :D	13:33
fdegir	odyssey4me: it is not tempest failure as I excluded tempest from the playbook	13:34
odyssey4me	sc` lemme push this patch up, then perhaps you can review?	13:34
sc`	odyssey4me: for sure	13:34
openstackgerrit	Ravi Kumar Boyapati proposed openstack/openstack-ansible-lxc_hosts master: Add lxc_net_manage_iptables variable https://review.openstack.org/449149	13:34
fdegir	odyssey4me: keystone error: https://build.opnfv.org/ci/job/xci-deploy-virtual-xenial-daily-master/3/consoleFull	13:35
openstackgerrit	Jesse Pretorius (odyssey4me) proposed openstack/openstack-ansible master: Update Vagrantfile to include CentOS7 https://review.openstack.org/449150	13:35
odyssey4me	fdegir so have you done any debugging to figure out the cause?	13:36
fdegir	I'm looking	13:36
fdegir	but before going further, I jsut wanted to check if anyone has a known good version which I could try	13:37
odyssey4me	sc` boo, it failed for me too - but it's not a vagrantfile problem, rather it's some missing dep somewhere as you say	13:37
*** cathrichardson has joined #openstack-ansible		13:37
sc`	systemd-resolve comes in systemd-230 i think	13:37
sc`	c7 has 219	13:37
sc`	i chased the ubuntu side of things last night	13:37
sc`	~surprise!~	13:38
*** esberglu has joined #openstack-ansible		13:38
odyssey4me	sc` ah, you're tracking a red herring I think	13:39
odyssey4me	anything after exit_fail in the dialog is diagnostic info and has nothing to do with the failure itself	13:39
mgariepy	odyssey4me, on gates epel is installed, and it will be added by either pip_install or openstack_hosts	13:39
odyssey4me	mgariepy ok then why do we do https://review.openstack.org/443108 when it's already done by other roles?	13:40
odyssey4me	unless we're not always executing the other roles?	13:40
*** cathrich_ has joined #openstack-ansible		13:41
odyssey4me	sc` I think you might be seeing the output of https://github.com/openstack/openstack-ansible/blob/master/scripts/scripts-library.sh#L191 and thinking that's where the failure is	13:41
*** cathrichardson has quit IRC		13:41
odyssey4me	lemme pastebin my bits and show you where the real error is	13:41
odyssey4me	sc` this is the last portion of my failure output: http://pastebin.com/9t2jVHBi	13:42
sc`	could be. i've been working with osa for but a short time	13:42
odyssey4me	line 39 onwards is all diagnostic, where we try to output a bunch of stuff to help figure out what went wrong	13:42
sc`	oh! that one was dealt with by my vagrantfile	13:42
odyssey4me	line 3 is the thing that actually failed	13:43
cloudnull	mornings	13:43
mgariepy	morning cloudnull	13:43
cloudnull	hows everything on this fine day ?	13:44
odyssey4me	sc` blast, I see there's no growroot in the centos7 image :/	13:44
sc`	odyssey4me: :D	13:44
sc`	odyssey4me: i have that working	13:44
mgariepy	odyssey4me, i want to sync up tests on both master and ocata for the epel stuff.	13:44
odyssey4me	sc` can you paste your vagrantfile?	13:44
sc`	let me dedup the unnecessary comments	13:44
*** agrebennikov_ has joined #openstack-ansible		13:45
sc`	you know what... it's not on this machine	13:45
sc`	it's on another workstation	13:45
*** manheim has quit IRC		13:45
sc`	i'll have to get that later this morning	13:45
sc`	tl;dr create a second disk, then shell out to a helper script that shoves it in the lvm and extends it	13:46
*** manheim has joined #openstack-ansible		13:46
odyssey4me	sc` yeah ok, that makes sense	13:47
odyssey4me	lemme adjust and try again	13:47
*** fguillot has joined #openstack-ansible		13:50
sc`	it's xfs, so no resize2fs	13:51
*** NikhilS has quit IRC		13:59
*** schwicht has quit IRC		13:59
*** DimGR2 has joined #openstack-ansible		13:59
*** DimGR has quit IRC		14:00
*** DimGR2 is now known as DimGR		14:00
*** cjloader_ has joined #openstack-ansible		14:01
*** phalmos has joined #openstack-ansible		14:05
*** rabel_b1 has joined #openstack-ansible		14:05
*** cjloader_ has quit IRC		14:06
*** Jack_Iv has quit IRC		14:07
*** jamesdenton has joined #openstack-ansible		14:07
*** Jack_Iv has joined #openstack-ansible		14:07
*** lucasxu has joined #openstack-ansible		14:08
*** rabel has quit IRC		14:08
*** acormier has joined #openstack-ansible		14:11
*** Jack_Iv has quit IRC		14:12
*** karimb has joined #openstack-ansible		14:13
*** Jack_Iv has joined #openstack-ansible		14:18
*** Jack_Iv has quit IRC		14:24
*** fguillot has quit IRC		14:25
*** shashank_t_ has joined #openstack-ansible		14:28
*** Andrew_jedi has quit IRC		14:34
*** galstrom_zzz is now known as galstrom		14:34
*** shashank_t_ has quit IRC		14:36
*** shashank_t_ has joined #openstack-ansible		14:36
openstackgerrit	Nolan Brubaker proposed openstack/openstack-ansible master: Restructure lib directory to install via pip https://review.openstack.org/418076	14:39
*** Andrew_jedi has joined #openstack-ansible		14:41
*** rgogunskiy has quit IRC		14:41
*** fandi has joined #openstack-ansible		14:42
*** gouthamr has quit IRC		14:44
*** phalmos_ has joined #openstack-ansible		14:45
*** phalmos has quit IRC		14:48
*** shashank_t_ has quit IRC		14:49
*** schwicht has joined #openstack-ansible		14:50
*** vnogin has quit IRC		14:51
*** vnogin has joined #openstack-ansible		14:52
*** Andrew_jedi has quit IRC		14:53
*** manheim has quit IRC		14:54
*** fandi has quit IRC		14:58
openstackgerrit	Markos Chandras (hwoarang) proposed openstack/openstack-ansible-memcached_server master: Add SUSE support https://review.openstack.org/449183	14:59
*** DimGR2 has joined #openstack-ansible		14:59
*** DimGR has quit IRC		15:00
*** cathrich_ is now known as cathrichardson		15:00
*** marst has joined #openstack-ansible		15:03
*** adrian_otto has joined #openstack-ansible		15:03
*** DimGR2 has quit IRC		15:03
*** Andrew_jedi has joined #openstack-ansible		15:09
openstackgerrit	German Eichberger proposed openstack/openstack-ansible-os_octavia master: Adds iptables rules to protect octavia server container https://review.openstack.org/447151	15:10
*** weezS has quit IRC		15:18
*** muxdaemon has joined #openstack-ansible		15:18
*** shashank_t_ has joined #openstack-ansible		15:19
*** DanyC has joined #openstack-ansible		15:22
*** woodard has quit IRC		15:24
*** manheim has joined #openstack-ansible		15:25
openstackgerrit	Logan V proposed openstack/openstack-ansible master: [DOCS] Add checklist item for ceph_stable_release https://review.openstack.org/449195	15:30
*** woodard_ has joined #openstack-ansible		15:36
*** jascott1 has joined #openstack-ansible		15:37
*** manheim has quit IRC		15:38
*** electrofelix has quit IRC		15:38
*** schwicht has quit IRC		15:39
*** mpotdar has joined #openstack-ansible		15:40
*** electrofelix has joined #openstack-ansible		15:41
*** Spokozord has joined #openstack-ansible		15:42
Spokozord	Hi! Pip installation is breaking everything! Halp! :L	15:42
*** weezS has joined #openstack-ansible		15:46
*** shasha_t_ has joined #openstack-ansible		15:48
openstackgerrit	Jesse Pretorius (odyssey4me) proposed openstack/openstack-ansible master: Update Vagrantfile to include CentOS7 https://review.openstack.org/449150	15:49
*** karimb has quit IRC		15:50
odyssey4me	sc` ^ updated to include resizing the root LV	15:50
*** shashank_t_ has quit IRC		15:52
odyssey4me	fdegir a while ago I suggested to yolanda that you guys implement a pin for the roles in your implementation which gets updated once in a while so that the deployment will be more stable, is that done yet?	15:52
*** karimb has joined #openstack-ansible		15:53
odyssey4me	my suggestion was that the role pins in ansible-role-requirements get updated every time anything changes in https://github.com/openstack/openstack-ansible/tree/master/playbooks/defaults/repo_packages	15:53
*** foutatoro has joined #openstack-ansible		15:54
fdegir	odyssey4me: right	15:54
fdegir	odyssey4me: if we can catch a working version, we will go that way	15:54
*** shashank_t_ has joined #openstack-ansible		15:54
fdegir	hwoarang: yolanda: ^	15:55
*** rmelero has joined #openstack-ansible		15:55
fdegir	odyssey4me: you also mentioned you test stuff	15:56
fdegir	odyssey4me: did you mean usual openstack ci	15:56
sc`	odyssey4me: lgtm. doesn't work on mac, but linux doesn't have a problem with it i think	15:56
fdegir	odyssey4me: or you have another ci system where you test stuff and then you bump openstack component versions?	15:57
*** david-lyle_ is now known as david-lyle		15:58
odyssey4me	sc` I'm using it on a Mac	15:58
odyssey4me	sc` I have a Macbook Pro and the execution is going through now - busy with the security role implementation	15:59
sc`	odyssey4me: peculiar. i seem to recall the controller needing to be "IDE" instead of "IDE Controller". i'll check it out in a bit	15:59
odyssey4me	sc` I'm using recent versions of VirtualBox and vagrant, if that helps	15:59
* sc` => commute();		15:59
*** jmckind has joined #openstack-ansible		16:00
evrardjp	cloudnull, mattt, andymccr, d34dh0r53, hughsaunders, b3rnard0, palendae, Sam-I-Am, odyssey4me, serverascode, rromans, erikmwilson, mancdaz, _shaps_, BjoernT, claco, echiu, dstanek, jwagner, ayoung, prometheanfire, evrardjp, arbrandes, mhayden, scarlisle, luckyinva, ntt, javeriak, automagically, spotz, vdo, jmccrory, alextricity25, jasondotstar, admin0, michaelgugino, ametts, v1k0d3n, severion, bgm	16:02
evrardjp	ccollum, darrenc, JRobinson__, asettle, colinmcnamara, thorst, adreznec, eil397, qwang,nishpatwa_, cathrichardson, drifterza, sc68cal	16:02
evrardjp	community meeting in #openstack-meeting-4	16:03
*** foutatoro_ has joined #openstack-ansible		16:03
*** foutatoro has quit IRC		16:03
*** foutatoro has joined #openstack-ansible		16:03
*** Spokozord has quit IRC		16:04
*** DanyC has quit IRC		16:05
*** bgmccollum_ is now known as bgmccollum		16:07
foutatoro	Hi , I would like to create 2 flat providers network for OS. how to configure the openstack_user_config to do that	16:09
foutatoro	I tried this config http://paste.openstack.org/show/603953/ but I doesn't work	16:09
xdfil	foutatoro: I think you will need another bridge defined if you want a second flat network	16:10
*** Andrew_jedi has quit IRC		16:11
xdfil	you have both flat networks on the same bridge	16:11
*** udesale has quit IRC		16:12
foutatoro	xdfil: I define a new veth (eth15) to avoid confite with the other flat net	16:14
xdfil	foutatoro: on your host you are adding which phisical interface to br-vlan? you can use a vlan tag off that same device like eth0.15 or whatever vlan makes sense and then ad that interface to the br-public bridge	16:15
*** manheim has joined #openstack-ansible		16:16
xdfil	use a vlan outside the range: "1:1"	16:16
xdfil	do you have VLAN support on your network?	16:16
*** acormier has quit IRC		16:19
*** jlockwood has joined #openstack-ansible		16:19
sc`	odyssey4me: here's how i did it - like i said, a different way than you did http://paste.openstack.org/show/603958/	16:20
sc`	virtualbox 5.1.18 and vagrant 1.9.2	16:20
foutatoro	xdfil: I don't have vlan support on my net but I will try your suggestion to add new bridge	16:21
foutatoro	xdfil: so I wonder if we are already in prod and we want to add one more provider net. how could we do that ?	16:23
*** jamesden_ has joined #openstack-ansible		16:23
sc`	odyssey4me: with your Vagrantfile, i get VBoxManage: error: Could not find a controller named 'IDE Controller'	16:27
sc`	odyssey4me: in newer releases, the name gets an abbreviation. the Controller word gets dropped	16:28
*** jamesden_ has quit IRC		16:28
*** jamesden_ has joined #openstack-ansible		16:29
*** tonytan4ever has quit IRC		16:31
*** jamesden_ has quit IRC		16:31
*** tonytan4ever has joined #openstack-ansible		16:31
sc`	odyssey4me: other than that, lgtm	16:32
*** lucasxu has quit IRC		16:32
*** SerenaFeng has joined #openstack-ansible		16:32
*** Andrew_jedi has joined #openstack-ansible		16:33
*** SerenaFeng has quit IRC		16:33
jamesdenton	Hey jmccrory - have a sec to look at https://github.com/openstack/openstack-ansible-openstack_openrc/commit/6848f7d1b7312b296beec5deba85399937af11dc ?	16:39
jmccrory	jamesdenton sure, what's up?	16:40
jamesdenton	Running the os-neutron-install playbook, and I'm hitting an error during the [os_neutron : Ensure neutron user] task. Turns out, by removing the single quotes from the openrc.j2 file, authentication is successful	16:42
jamesdenton	https://gist.github.com/busterswt/538558eda8a6cdf661063848a57a16e5	16:42
jamesdenton	https://gist.github.com/busterswt/538558eda8a6cdf661063848a57a16e5#file-gistfile1-txt-L941	16:42
jamesdenton	I confirmed in the other containers running older master branch, there are no quotes around the password	16:43
jmccrory	there was a corresponding change needed in the plugins repo https://review.openstack.org/#/c/433991/	16:43
jamesdenton	oye, ok	16:44
jamesdenton	thanks!	16:44
jmccrory	no prob	16:46
*** adrian_otto1 has joined #openstack-ansible		16:46
agrebennikov_	folks, please, somebody vote for https://review.openstack.org/#/c/448743/2 and https://review.openstack.org/#/c/425997/29	16:48
*** acormier has joined #openstack-ansible		16:48
*** foutatoro has quit IRC		16:49
*** adrian_otto has quit IRC		16:49
evrardjp	cloudnull: due to the light shed by jmccrory on 2.3 connection plugins, maybe we should spend some time to make our lxc connection plugin more robust for 2.3 or maybe spend time on alternatives... what do you think?	16:59
evrardjp	maybe refactor the "super" of the existing 2.3 connection plugin	16:59
evrardjp	class	16:59
cloudnull	evrardjp: jmccrory: looking at the error it looks like the issue is contained within only the ssh plugin? is that right? are seeing this in the lxc_container module too ?	17:00
*** DimGR has joined #openstack-ansible		17:02
evrardjp	I didn't have a look at it, merely just refreshing memories about what 2.3 changed.	17:02
*** schwicht has joined #openstack-ansible		17:06
cloudnull	I'll have a look at it to see what's what.	17:08
*** pbandark has joined #openstack-ansible		17:12
*** pcaruana has quit IRC		17:14
openstackgerrit	Merged openstack/openstack-ansible-os_rally stable/newton: Update missing database exception text https://review.openstack.org/445334	17:17
jmccrory	cloudnull: oh sorry , right. it's just in the OSA ssh connection plugin	17:17
*** lostrhino has joined #openstack-ansible		17:21
luzC	odyssey4me just a heads up, earlier today we had some issues with our BME environment, as soon as we have it back online we will try the upgrade flow (with galera patch) N to O...	17:24
cloudnull	++ thanks luzC	17:24
luzC	cloudnull any time ;)	17:26
lostrhino	I was wondering if someone could help me - I’ve having difficulty with the openstack ansible play setup_hosts, we have our own apt-cache repo, I’ve been trying to test. I’ve added the line user_external_repo_keys_list:	17:26
lostrhino	url: https://fqdn/my-key.asc	17:26
lostrhino	to the user_variables.yml file	17:26
lostrhino	and I have been unsuccessful - is there anyone who can give me some guidance	17:26
lostrhino	I feel like I’ve tried everything	17:26
lostrhino	to no avail	17:26
*** manheim has quit IRC		17:27
lostrhino	I get the following error failed: [server1] (item=url) => {"failed": true, "item": "url", "msg": "needed a URL but was not specified"}	17:28
lostrhino	even though I’ve specified it	17:28
*** lucasxu has joined #openstack-ansible		17:32
odyssey4me	lostrhino so, unfortunately evrardjp has not updated the defaults documentation to match the other change - and we didn't pick it up in review	17:33
evrardjp	try with another -	17:33
cloudnull	lostrhino: do you know which task is failing?	17:33
odyssey4me	change 'url: https://fqdn/my-key.asc' to '- url: https://fqdn/my-key.asc' and it should work	17:34
evrardjp	cloudnull: I think we need a list, and it looks like it's only a dict	17:34
lostrhino	yes - TASK [pip_install : Install external repo key manually (apt)] ******************	17:34
evrardjp	odyssey4me: where is the docs?	17:34
odyssey4me	shame on us for not picking that up in review :(	17:34
odyssey4me	evrardjp make fix please :)	17:34
evrardjp	odyssey4me: nobody got the time to review this	17:34
evrardjp	it was in a hurry during ptg IIRC	17:35
lostrhino	if that is it ….. oh man….	17:35
evrardjp	it's written list on it!	17:35
lostrhino	I’m runnin the lay again with another change i madetesting - I’l update in 3 minutes	17:35
evrardjp	not my fault!	17:35
lostrhino	play*	17:35
evrardjp	:p	17:35
odyssey4me	lostrhino if you're using user_external_repos_list then also make sure it's a list	17:35
lostrhino	I used a asc file since I got a deprecation warning and needed it… I thought (key word thought) it would be ok	17:36
odyssey4me	mgariepy mhayden sc` so the good news is that https://review.openstack.org/449150 appears to be working quite well, my deployment is busy completing the designate service which is quite far down the list	17:38
sc`	odyssey4me: mine is on rabbit	17:38
sc`	i had to adapt it to newer virtualbox, but it's humming along	17:39
*** dxiri has joined #openstack-ansible		17:39
evrardjp	for a rabbit it seems slower.	17:39
evrardjp	#terriblejoke	17:39
odyssey4me	sc` you have a newer virtualbox and something changed?	17:39
sc`	odyssey4me: i'm running 5.1.18	17:39
sc`	"IDE Controller" changes to "IDE", ditto for other controllers	17:40
odyssey4me	the thing should probably do more detection before adjusting things	17:40
odyssey4me	ie it should detect the default controller, then re-use that later	17:40
sc`	ya	17:40
mgariepy	odyssey4me, cool :)	17:40
odyssey4me	if you could work up a patch for that it'd be awesome :)	17:41
odyssey4me	I guess it'd be nice to also be able to give it some CLI options, so you could test alternative scenarios or actions	17:41
odyssey4me	scenario = aio/whatever, action = deploy/upgrade	17:42
odyssey4me	that would then mean you could do exactly what we do in gate testing	17:42
lostrhino	so who do I buy a beer for in boston and whom do I yell at for not updating the docs???	17:42
odyssey4me	lostrhino :) not sure I'll be in boston, but I'm sure that andymccr will take the beer ;)	17:43
odyssey4me	you can yell at us all for not updating docs, because that's all our responsibilities to check before approving a patch	17:43
sc`	odyssey4me: looks like maybe a bug in 5.1	17:43
sc`	https://www.virtualbox.org/ticket/16387	17:43
sc`	if it's not intentional, it's a regression, natch	17:44
odyssey4me	sc` if you don't get to it first then I'll push a patch some time to do the detection and consumption	17:45
*** messy has quit IRC		17:45
odyssey4me	that'll make it work regardless	17:45
odyssey4me	I'd like to also add optional caching through a file that's durable and re-usable across multiple VM's	17:45
sc`	word. given the newness of that ticket, i'd be willing to believe it be fixed in 5.1	17:45
cloudnull	jmccrory: evrardjp: this is what breaks us w/ 2.3 https://github.com/ansible/ansible/blob/devel/lib/ansible/plugins/connection/ssh.py#L756-L782	17:45
odyssey4me	it'll help cut down the time to deploy	17:45
*** retreved has quit IRC		17:46
cloudnull	its running the "piped" method first	17:46
*** karimb has quit IRC		17:46
*** retreved has joined #openstack-ansible		17:46
cloudnull	before it was https://github.com/ansible/ansible/blob/v2.2.1.0-1/lib/ansible/plugins/connection/ssh.py#L626-L635	17:46
openstackgerrit	Jean-Philippe Evrard proposed openstack/openstack-ansible-pip_install master: Fix documentation for external repos and keys https://review.openstack.org/449250	17:46
odyssey4me	lostrhino ^ your review of that would be nice :)	17:47
lostrhino	how would I go about that - I’m new to reviewing …. or you just kidding?	17:48
evrardjp	lostrhino: no I think he was serious :)	17:49
evrardjp	it's fine, we are not monsters	17:49
odyssey4me	lostrhino if you've registered and have the ability to login to gerrit, then go to https://review.openstack.org/449250	17:49
evrardjp	it's basically saying what you think of the change :)	17:49
*** vnogin has quit IRC		17:50
odyssey4me	lostrhino https://docs.openstack.org/infra/manual/developers.html may be handy	17:50
evrardjp	cloudnull: what is piped?	17:50
cloudnull	its new	17:50
evrardjp	Thanks captain	17:50
evrardjp	p	17:51
evrardjp	:p *	17:51
cloudnull	lol	17:51
*** deadnull has joined #openstack-ansible		17:51
evrardjp	I mean maybe we should improve our support of this new shiny thing.	17:51
cloudnull	or kill it.	17:51
cloudnull	:)	17:51
evrardjp	"runs faster on my machine"	17:51
evrardjp	haha	17:51
*** adrian_otto1 has quit IRC		17:52
odyssey4me	mgariepy sc` unfortunately it failed to download the cirros image when executing the tempest role - retrying now	17:54
jmccrory	cloudnull evrardjp this change too https://github.com/ansible/ansible/commit/1fe67f9f436595003f7951dd88159731e6d82498, OSA plugin is overriding _exec_command, it's removed there	17:55
*** electrofelix has left #openstack-ansible		17:55
evrardjp	I think it's time for a connection plugin refactor	17:55
lostrhino	+1’d	17:57
odyssey4me	lostrhino :) thanks	17:57
*** adrian_otto has joined #openstack-ansible		17:57
sc`	odyssey4me: womp womp. i'm not to that point yet	17:58
jrosser_	i liked that proposed change for the container ready check to use ping module	17:58
evrardjp	woot!	17:58
jrosser_	currently it doesnt work through an ssh bastion	17:58
*** messy has joined #openstack-ansible		17:58
odyssey4me	jrosser_ the current discussion around refactoring the connection plugins also relates to the similar thing	17:58
jrosser_	which imho would be good thing to aim at	17:58
odyssey4me	sc` mgariepy well, I had to retry 3 times but it eventually pulled it down	17:59
mgariepy	weird	17:59
openstackgerrit	Marc Gariépy proposed openstack/openstack-ansible-pip_install stable/ocata: yum-utils is needed to configure repos https://review.openstack.org/449256	18:01
*** MasterOfBugs has joined #openstack-ansible		18:02
odyssey4me	mgariepy sc` it looks like we could do with some retries here: https://github.com/openstack/openstack-ansible-os_tempest/blob/master/tasks/tempest_post_install.yml#L46	18:03
*** Andrew_jedi has quit IRC		18:03
odyssey4me	I'll patch it up now	18:03
odyssey4me	so the tempest tests failed, but the same as they do in master right now - so I think that Vagrantfile is good as-is	18:04
odyssey4me	mgariepy I'll add CentOS deployments to the periodics in infra now too FYI	18:05
mgariepy	cool	18:05
mgariepy	the periodics will be ran every day ?	18:05
mgariepy	or week ?	18:05
odyssey4me	every day	18:05
mgariepy	how do i check the result ?	18:06
*** muxdaemon has quit IRC		18:06
odyssey4me	mgariepy all periodics post their log results here: http://logs.openstack.org/periodic/	18:07
odyssey4me	you just need to find the job name, then look in there	18:07
odyssey4me	for example: http://logs.openstack.org/periodic/periodic-openstack-ansible-upgrade-aio-master-ubuntu-xenial/	18:07
jamesdenton	Quick question.. what is used to distribute the fernet keys across containers?	18:07
*** muxdaemon has joined #openstack-ansible		18:07
odyssey4me	jamesdenton magic!	18:08
lbragstad	s/magic/voodoo magic/	18:08
*** muxdaemon has quit IRC		18:08
odyssey4me	jamesdenton actually, when the keys are rotated by the cron job on node 1, they're pushed via rsync to the other nodes	18:08
mgariepy	odyssey4me, cool thanks	18:08
evrardjp	haha voodoo magic.	18:09
evrardjp	It's because you never practiced it.	18:09
lbragstad	https://github.com/openstack/openstack-ansible-os_keystone/blob/master/tasks/keystone_fernet_keys_autorotate.yml	18:09
jamesdenton	so at all times, the contents of /etc/keystone/fernet_keys should be consistent across nodes, right?	18:09
evrardjp	<- voodoo 2 user.	18:09
mgariepy	magic ^^ https://www.youtube.com/watch?v=w0JCw1dWIMA	18:09
jamesdenton	thanks lbragstad - good blog btw!	18:09
odyssey4me	jamesdenton supposed to be, yes	18:10
lbragstad	jamesdenton some more magic lives here https://github.com/openstack/openstack-ansible-os_keystone/blob/master/templates/keystone-fernet-rotate.sh.j2	18:10
evrardjp	ahah mgariepy love your references. I could add a arrested development one, but then it's becoming... weird!	18:10
lbragstad	jamesdenton thanks! on fernet key rotation?	18:10
jamesdenton	odyssey4me you see where this is going, right? Trying to figure out why they're inconsistent in my env :P	18:10
jamesdenton	yes	18:10
lbragstad	jamesdenton if you find anything inconsistent/wrong let me know ;)	18:11
lbragstad	or confusing	18:11
lbragstad	jamesdenton a more evolved version of those posts is available here - https://docs.openstack.org/admin-guide/identity-fernet-token-faq.html	18:12
jamesdenton	thanks!	18:12
*** lostrhino has left #openstack-ansible		18:12
*** pbandark has quit IRC		18:16
*** adrian_otto has quit IRC		18:16
*** adrian_otto has joined #openstack-ansible		18:16
openstackgerrit	Jesse Pretorius (odyssey4me) proposed openstack/openstack-ansible-os_tempest master: Retry the cirros image download https://review.openstack.org/449260	18:20
odyssey4me	sc` mgariepy ^ that should help	18:20
cloudnull	evrardjp: jmccrory: looks like changing over to the new execute method seems to fix it	18:22
*** rboyapat has joined #openstack-ansible		18:22
mgariepy	odyssey4me, delay 5?	18:22
odyssey4me	mgariepy I'm open to suggestion	18:23
mgariepy	25 sec instead of 50.	18:23
odyssey4me	I took that from lines 27-28	18:23
cloudnull	evrardjp: jmccrory: http://cdn.pasteraw.com/fqd53i83fuaqiqpltzns7il73g5mwno	18:24
odyssey4me	mgariepy yeah, I'm more a fan of delay 5, retries 12	18:24
odyssey4me	ie 60 secs total	18:24
cloudnull	and it looks like that methdo will work in 2.1	18:24
mgariepy	yeah, issues if we start adding retry everywhere and wait 10 sec it quickly add up :)	18:25
openstackgerrit	Jesse Pretorius (odyssey4me) proposed openstack/openstack-ansible-os_tempest master: Retry the cirros image download https://review.openstack.org/449260	18:26
odyssey4me	mgariepy now 30 secs max	18:26
evrardjp	cloudnull: ahah great.	18:26
evrardjp	we can also use this new connection method	18:26
evrardjp	maybe it's gonna be super fast	18:26
mgariepy	nice	18:27
openstackgerrit	Kevin Carter (cloudnull) proposed openstack/openstack-ansible-plugins master: Updated connection plugin for ansible 2.3 support https://review.openstack.org/449263	18:27
cloudnull	evrardjp: jmccrory: if you have a moment to test this it'd be great to get some validation there.	18:27
evrardjp	I'll test that at home soon	18:28
evrardjp	do we have tests of our connection plugin?	18:29
evrardjp	I am not sure we have	18:29
evrardjp	else manual testing I guess	18:29
odyssey4me	evrardjp every role and the integrated build test it ;)	18:31
cloudnull	evrardjp: what odyssey4me said,	18:33
*** manheim has joined #openstack-ansible		18:36
openstackgerrit	Jean-Philippe Evrard proposed openstack/openstack-ansible-plugins master: Add Packages file parsing lookup https://review.openstack.org/449267	18:36
sc`	odyssey4me: woo :D	18:37
*** lucasxu has quit IRC		18:38
sc`	my build is still going, but i forgot to put it in a tmux so i could observe it from afar	18:38
*** cjloader_ has joined #openstack-ansible		18:39
openstackgerrit	Jean-Philippe Evrard proposed openstack/openstack-ansible-plugins master: Add list of packages to install lookup https://review.openstack.org/449274	18:40
evrardjp	odyssey4me: the 2 new lookups have been uploaded ^	18:41
odyssey4me	mgariepy logan- andymccr FYI https://review.openstack.org/449272 (more periodics)	18:42
openstackgerrit	Jesse Pretorius (odyssey4me) proposed openstack/openstack-ansible-os_tempest master: Retry the cirros image download https://review.openstack.org/449260	18:44
odyssey4me	evrardjp ^ good catch, thanks	18:44
openstackgerrit	Merged openstack/openstack-ansible master: Update Vagrantfile to include CentOS7 https://review.openstack.org/449150	18:45
openstackgerrit	Merged openstack/openstack-ansible-os_rally stable/newton: Bring consistency to tags https://review.openstack.org/423244	18:46
*** stuartgr has quit IRC		18:50
sc`	odyssey4me: i got lucky and the cirros download seems to have worked on the first try	18:53
*** dxiri has quit IRC		18:53
openstackgerrit	Logan V proposed openstack/openstack-ansible-lxc_container_create master: Use ping module instead of wait_for to check container https://review.openstack.org/386835	18:55
evrardjp	logan-: interesting, I thought wait_for could wait for a socket open now	18:55
evrardjp	ahah	18:56
evrardjp	it's wait_for_connection	18:56
logan-	oh really	18:56
evrardjp	2.3 :(	18:56
evrardjp	sorry	18:56
logan-	dang	18:56
evrardjp	http://docs.ansible.com/ansible/wait_for_connection_module.html	18:56
logan-	that's cool	18:56
evrardjp	problem is python dependency on ping	18:57
evrardjp	for hosts that don't have python yet	18:57
evrardjp	(not really a problem for us I think, because the containers are auto bootstrapped with python)	18:57
evrardjp	FYI :p	18:57
logan-	yeah	18:57
*** shashank_t_ has quit IRC		18:59
odyssey4me	mgariepy can you add your review to https://review.openstack.org/443108 please?	19:03
mgariepy	odyssey4me, done	19:05
*** dxiri has joined #openstack-ansible		19:08
*** deadnull has quit IRC		19:09
*** shashank_t_ has joined #openstack-ansible		19:09
openstackgerrit	Nolan Brubaker proposed openstack/openstack-ansible-os_cinder master: Adjust cinder init restart times, provide variable https://review.openstack.org/448777	19:14
*** Jack_Iv has joined #openstack-ansible		19:14
*** shardy is now known as shardy_afk		19:18
*** Andrew_jedi has joined #openstack-ansible		19:19
*** shashank_t_ has quit IRC		19:20
*** shashank_t_ has joined #openstack-ansible		19:20
sc`	odyssey4me: is it worth respinning until 449260 is merged?	19:21
*** fxpester has quit IRC		19:21
odyssey4me	sc` master is busted due to other reasons right now - something's causing tempest to fail	19:22
sc`	fun	19:22
sc`	i don't even want master, just a stable branch :D	19:23
*** shashank_t_ has quit IRC		19:23
sc`	but, if i'm blocked on testing, then my focus switches back to chef	19:23
odyssey4me	sc` there're a few patches going into ocata right now which will fix ocata after a role sha bump	19:24
odyssey4me	once they merge we can implement that sha bump	19:24
*** adrian_otto has quit IRC		19:24
sc`	word. sounds like i'll just get in the way	19:24
odyssey4me	at least for now your master-based deploy gives you something to look at	19:25
*** adrian_otto has joined #openstack-ansible		19:26
*** cmart has joined #openstack-ansible		19:33
*** adrian_otto has quit IRC		19:34
openstackgerrit	Merged openstack/openstack-ansible-tests master: Stop removing epel https://review.openstack.org/449105	19:44
openstackgerrit	Merged openstack/openstack-ansible-tests stable/ocata: Install RDO, stop removing EPEL. https://review.openstack.org/443108	19:44
odyssey4me	mgariepy should https://review.openstack.org/448756 also be included in openstack_hosts and lxc_hosts ?	19:46
agrebennikov_	odyssey4me, 2 minutes please for https://review.openstack.org/#/c/448743/2 ;(	19:47
odyssey4me	agrebennikov_ ok, discussing with evrardjp quickly	19:48
agrebennikov_	sure	19:48
agrebennikov_	also seems andymccr is not in today	19:49
agrebennikov_	I just don't know what to do with https://review.openstack.org/#/c/425997/29	19:49
*** vnogin has joined #openstack-ansible		19:50
mgariepy	odyssey4me, it's already in lxc_host	19:50
*** cmart has quit IRC		19:50
*** shashank_t_ has joined #openstack-ansible		19:51
mgariepy	wouldn't hurt to be in opesntack_host	19:51
mgariepy	i'll patch up.	19:51
odyssey4me	evrardjp https://review.openstack.org/425997 and https://review.openstack.org/448743 need to be reviewed together	19:53
evrardjp	sure	19:53
openstackgerrit	Marc Gariépy proposed openstack/openstack-ansible-openstack_hosts master: yum-utils is needed to configure repos https://review.openstack.org/449299	19:54
openstackgerrit	Merged openstack/openstack-ansible-os_nova stable/ocata: CentOS pkg cleanup https://review.openstack.org/448578	19:54
*** Andrew_jedi has quit IRC		19:57
*** kstev has quit IRC		20:03
*** Jack_Iv has quit IRC		20:03
*** Jack_Iv has joined #openstack-ansible		20:04
*** rabel_b1 has quit IRC		20:04
*** Jack_Iv has quit IRC		20:04
openstackgerrit	Bjoern Teipel proposed openstack/openstack-ansible stable/newton: Bump Keepalived https://review.openstack.org/449305	20:07
odyssey4me	agrebennikov_ do you mind if we tweak these two patches a bit?	20:08
odyssey4me	two things we'd prefer to change, apologies for the revision (again) but we're working out a pattern which we'd ideally like to replicate to other ssl things	20:08
*** kstev has joined #openstack-ansible		20:08
odyssey4me	1 - the cert generation should happen on the deploy node if none are provided	20:09
odyssey4me	2 - the certs are always distributed using the user_provided vars... no special vars for self signed stuff	20:09
*** manheim has joined #openstack-ansible		20:10
openstackgerrit	Merged openstack/openstack-ansible-pip_install stable/ocata: yum-utils is needed to configure repos https://review.openstack.org/449256	20:12
*** askb has joined #openstack-ansible		20:17
agrebennikov_	crap... seriously? :)	20:20
rboyapat	core members please review - https://review.openstack.org/#/c/449149/	20:20
*** cjloader_ has quit IRC		20:30
openstackgerrit	Jean-Philippe Evrard proposed openstack/openstack-ansible-rabbitmq_server master: Reload systemd-daemon in all cases https://review.openstack.org/440463	20:37
evrardjp	rboyapat: there is an issue with an extra whitespace	20:39
evrardjp	should I fix it?	20:39
evrardjp	if you fix it, I can adapt my review to a positive one right now.	20:40
*** karimb has joined #openstack-ansible		20:40
rboyapat	fixing it	20:41
openstackgerrit	Ravi Kumar Boyapati proposed openstack/openstack-ansible-lxc_hosts master: Add lxc_net_manage_iptables variable https://review.openstack.org/449149	20:43
*** karimb has quit IRC		20:43
rboyapat	evrardjp: fixing it would you mind reviewing this https://review.openstack.org/#/c/448872/	20:43
*** jrobinson has joined #openstack-ansible		20:44
openstackgerrit	Kevin Carter (cloudnull) proposed openstack/openstack-ansible-os_nova master: Ensure the components are isolated from the system https://review.openstack.org/449315	20:45
odyssey4me	rboyapat I think cloudnull and logan- should be reviewing that	20:45
odyssey4me	or jmccrory perhaps	20:45
rboyapat	odyssey4me: ok.	20:45
cloudnull	rboyapat: are we just changing the case of USE_IPTABLES_LOCK ?	20:47
rboyapat	cloudnull: yep. updating the case actually allows to acquire the lock	20:48
rboyapat	as the commands already have upper case USE_IPTABLES_LOCK	20:49
rboyapat	but the variable where it set is in lower case	20:49
cloudnull	evrardjp: odyssey4me: logan-: jmccrory: others-if-interested: https://review.openstack.org/#/c/449315/ -- this is a change i'd like to implement across the board if aproved. if you have a moment it'd be appreciated.	20:49
cloudnull	rboyapat: okiedokie. makes sense .	20:50
*** jwitko_ has joined #openstack-ansible		20:51
agrebennikov_	odyssey4me, evrardjp so essentially you want me to not create the dir separately at all, and if user_cert is not specified by the user - just silently create the self-sign bundle in the default place and distribure?	20:52
agrebennikov_	*distribute	20:52
*** manheim has quit IRC		20:53
*** jwitko has quit IRC		20:55
*** jwitko_ has quit IRC		20:57
*** adrian_otto has joined #openstack-ansible		20:58
*** jmckind has quit IRC		20:59
openstackgerrit	Kevin Carter (cloudnull) proposed openstack/openstack-ansible-os_nova master: Ensure the components are isolated from the system https://review.openstack.org/449315	20:59
*** galstrom is now known as galstrom_zzz		21:01
*** kstev has quit IRC		21:02
*** galstrom_zzz is now known as galstrom		21:05
cloudnull	jmccrory: odyssey4me: evrardjp: https://review.openstack.org/#/c/449263/	21:07
openstackgerrit	Merged openstack/openstack-ansible-openstack_hosts master: yum-utils is needed to configure repos https://review.openstack.org/449299	21:08
cloudnull	seems to get through the gate, which is executing a playbook. so i suspect the change does not break anything in ansible <2.3	21:08
*** kstev has joined #openstack-ansible		21:10
*** retreved has quit IRC		21:14
lbragstad	o/	21:17
cloudnull	lbragstad: o/	21:18
lbragstad	curious if a few folks in here have their operator hats strapped on and would like to take a gander at the upgrade process we've got outlines for https://review.openstack.org/#/c/438701/13	21:18
lbragstad	outlines*	21:18
cloudnull	new hashing algo ?	21:18
lbragstad	ideally - it's a change that allows keystone to store password hashes that are better	21:18
lbragstad	cloudnull yessir	21:18
cloudnull	interesting.	21:19
* cloudnull reading		21:19
lbragstad	very	21:19
lbragstad	its a tricky one	21:19
lbragstad	especially when considering rolling upgrades	21:19
*** rboyapat has quit IRC		21:20
cloudnull	seems like at a min we could just set password_hash_algorithm to keep old pw hashing compatibility on older clouds. Flipping rolling_upgrade_password_hash_compat=true during an upgrade and false after seems like an entry point for pain. could this potentially be an option in a given sync command ?	21:23
* cloudnull just spitballing.		21:23
openstackgerrit	Merged openstack/openstack-ansible-lxc_hosts master: Fix the lock type variable https://review.openstack.org/448872	21:23
lbragstad	right	21:24
lbragstad	that's the part that kinda threw me for a loop because at some point there is going to have be a play/recipe to flip that bit	21:24
lbragstad	back to false	21:24
cloudnull	i mean we can make it go in an upgrade script.	21:25
cloudnull	but in my mind it seems like it might be better suited as a cli switch	21:25
cloudnull	others may have different thoughts on that though	21:25
*** galstrom is now known as galstrom_zzz		21:25
lbragstad	cloudnull cli switch? like a bulk migration?	21:25
cloudnull	yea. i guess that wouldn't do for a rolling upgrade	21:26
lbragstad	currently we store a hash of the password	21:26
*** galstrom_zzz is now known as galstrom		21:26
lbragstad	its an old hash, but a hash non-the-less	21:26
lbragstad	in order to do a bulk migration, wouldn't we need the original value of the password?	21:27
bgmccollum	was there any resolution on Horizon doing API calls to Glance directly from the browser, and it using the wrong API endpoint?	21:27
bgmccollum	and the fact that you need to manually configure CORS in Glance if i recall correctly	21:27
cloudnull	lbragstad: i believe so . we'd have to decrypt and reencrypt. so just ignore me :)	21:28
cloudnull	bgmccollum: I'm unaware of such things	21:28
cloudnull	is there a bug for that?	21:28
bgmccollum	cloudnull have you tried uploading an image via horizon?	21:28
cloudnull	in ocata?	21:28
*** esberglu has quit IRC		21:29
bgmccollum	at some point, horizon stopped proxying glance API calls to Glance, and instead sends them directly to glance to upload images	21:29
bgmccollum	i havent tried ocata	21:29
cloudnull	hum.	21:29
bgmccollum	im trying to find the old bug report	21:29
bgmccollum	cloudnull https://bugs.launchpad.net/openstack-ansible/+bug/1639080	21:29
openstack	Launchpad bug 1639080 in openstack-ansible "Image uploads fail in Horizon if upload mode is set to direct if endpoint set to internal." [Low,Confirmed]	21:29
bgmccollum	looks like it might be fixed in horizon...	21:30
bgmccollum	hmm	21:30
cloudnull	maybe it needs a cherry-pick to newton too ?	21:30
bgmccollum	i need to see what the fix was, cause half was in horizon, half to fix CORS support in glance	21:31
bgmccollum	https://bugs.launchpad.net/openstack-ansible/+bug/1639080/comments/4	21:31
openstack	Launchpad bug 1639080 in openstack-ansible "Image uploads fail in Horizon if upload mode is set to direct if endpoint set to internal." [Low,Confirmed]	21:31
kencjohnston	Hi OSA team, I work with OSIC and our QA/CI team members ( dankolbrs ) identified this bug in our nightly N->O upgrade job. It is presently unassigned, can you take a look?	21:31
kencjohnston	https://bugs.launchpad.net/openstack-ansible/+bug/1673889	21:31
openstack	Launchpad bug 1673889 in openstack-ansible "Nova services do not restart on N->O upgrade" [Critical,Confirmed]	21:31
cloudnull	lbragstad: so the ident flag for backward compat hashes during rolling upgrade, would that have to be done for every upgrade ?	21:32
cloudnull	or just the initial one from ocata to pike ?	21:32
cloudnull	kencjohnston: lookin	21:32
lbragstad	cloudnull that's a good question - i think it's there for the ocata -> pike upgrade though	21:33
*** karimb has joined #openstack-ansible		21:34
*** pbandark has joined #openstack-ansible		21:34
cloudnull	lbragstad: looking at https://review.openstack.org/#/c/438701/13/keystone/identity/backends/sql_model.py looks like its only there for O>P	21:37
cloudnull	so its not so bad, add the one key for hash compat roll forward to P and remove the compat option	21:37
cloudnull	we can do that within the config_template	21:38
cloudnull	we simply would have to detect an upgrade from O>P	21:38
lbragstad	cloudnull but you can only remove the compat option once all your users have created new passwords with the new hash algo?	21:38
*** lucasxu has joined #openstack-ansible		21:40
cloudnull	in the RENO -- https://review.openstack.org/#/c/438701/13/releasenotes/notes/bug_1543048_and_1668503-7ead4e15faaab778.yaml -- it seems like it only needs to be their for the initial upgrade.	21:40
cloudnull	I guess we'd have to do a deplpoyment wide password reset ?	21:40
cloudnull	or will the old hash continue to function and the new users (or folks who reset) will have a better hash algo	21:41
cloudnull	?	21:41
cloudnull	kencjohnston: seems odd.	21:41
cloudnull	going from N>O would create new files and drop new code. which should restart the init scripts (systemd unit files)	21:41
cloudnull	the containers would not necessarily restart.	21:42
cloudnull	in fact we do our best not to restart containers in an effort to maintain uptime.	21:42
lbragstad	cloudnull well - the option would have to be True even if a single person hasn't reset their password	21:45
openstackgerrit	Merged openstack/openstack-ansible-tests stable/ocata: Bump Tempest SHA for stable/ocata https://review.openstack.org/448984	21:45
cloudnull	kencjohnston: i commented in the bug.	21:47
*** adrian_otto has quit IRC		21:47
kencjohnston	cloudnull thanks	21:47
cloudnull	if you might be able to get the QE team to forward on the logs from that run or another one I'd be happy to see about digging into this	21:48
cloudnull	lbragstad: so then my next question would be why does that need to be set at all and why does it need special handling?	21:50
cloudnull	seems like that op would have to be there for the life time of any user running an old password ?	21:51
lbragstad	cloudnull good question	21:51
lbragstad	would it be a better/easier approach to just make it so all new passwords are hashed with bcrypt and then incrementally force people to change their passwords?	21:51
cloudnull	it'd be easier on the endusers that for sure.	21:52
lbragstad	cloudnull enduser as in operator, right?	21:52
cloudnull	maybe there needs to be a notice in the reno stating that keystone requires all users of the cloud to reset their password within the PIKE cycle.	21:52
lbragstad	yeah	21:52
lbragstad	cloudnull you should leave that as a comment on the review	21:53
cloudnull	also would this not be a CVE?	21:53
lbragstad	cloudnull i think it was deemed a security hardening measure	21:54
cloudnull	lbragstad: I was thinking of the cloud consumers. as an operator its easy for me to tell folks to reset their passwords.	21:54
cloudnull	but to the conusmers this may mean dealing many things outside of the cloud	21:54
dstanek	mass password resets are good times	21:54
cloudnull	^	21:55
cloudnull	I know i love them	21:55
cloudnull	lbragstad: i ask a couple questions in the review	21:55
cloudnull	thanks for passing this along	21:55
cloudnull	:)	21:55
*** galstrom is now known as galstrom_zzz		21:55
lbragstad	cloudnull anytime	21:55
lbragstad	cloudnull what about something like a `keystone-manage password-hash` command that gave you a list of users that haven't changed their password?	21:56
lbragstad	cloudnull would that be helpful?	21:56
cloudnull	was just about to ask for that :)	21:56
lbragstad	cloudnull https://review.openstack.org/#/c/438701/13/keystone/common/password_hashing.py	21:57
*** shashank_t_ has quit IRC		22:00
cloudnull	lbragstad: would folks be open to backporting this to OCATA with the option rolling_upgrade_password_hash_compat set to true for that release? asking because if folks will be forced to reset their passwords before their able to go to QUEEN it may be of some benefit to give users more time? or maybe this option is removed in U instead of Q?	22:01
cloudnull	sorry...	22:02
lbragstad	cloudnull yeah - that's an idea, too	22:02
cloudnull	... .option is removed in R instead of Q?	22:02
*** kstev has quit IRC		22:15
dmsimard	cloudnull, odyssey4me, mhayden, mgariepy: Just curious, have you come across any RDO repository instability in the past couple days ?	22:15
*** pmannidi has joined #openstack-ansible		22:15
sc`	womp womp. build failed in tempest. some nigh decipherable blob of awful and sad times. probably the aforementioned broken that odyssey4me enlightened me to	22:16
dmsimard	sc`: ohai	22:17
dmsimard	sc`: my question above ^ you see anything out of the ordinary ?	22:18
sc`	dmsimard: ohai. nothing thus far, no	22:20
dmsimard	thank you sir	22:20
sc`	as you can see, i picked up another shiny ;)	22:20
dmsimard	sc`: you fleeing chef ?	22:21
sc`	no	22:21
sc`	broadening my horizons	22:21
*** weezS has quit IRC		22:24
cloudnull	dmsimard: i've not.	22:25
cloudnull	though i may not have been looking	22:25
cloudnull	I did read your manifesto. I failed to comment on it as of yet.	22:25
dmsimard	cloudnull: you would know, some users are experiencing problems since march 14th or so	22:25
cloudnull	but it looks great!	22:25
dmsimard	cloudnull: oh, no worries	22:25
cloudnull	we've had a crazy dance of RDO >< EPEL these last few weeks.	22:26
cloudnull	if there was an issue with the repo mgariepy would probably be the one in the know	22:26
cloudnull	sc`: do you have a sample of the nasty tempest blob ?	22:27
sc`	cloudnull: unfortunately, no. i had to restart iterm2 and i didn't have the run in a tmux	22:27
cloudnull	though I'd suspect if odyssey4me said there was something broken it probably was :)	22:28
sc`	i tried understanding it, but mandatory patchening put a stop to that	22:28
sc`	my focus is on chef right now anyway. it's not like i don't have a todo list miles long	22:31
openstackgerrit	Kevin Carter (cloudnull) proposed openstack/openstack-ansible-os_nova master: Ensure the components are isolated from the system https://review.openstack.org/449315	22:32
*** lucasxu has quit IRC		22:39
*** manheim has joined #openstack-ansible		22:43
*** marst has quit IRC		22:50
*** jamesden_ has joined #openstack-ansible		22:50
*** jamesden_ has quit IRC		22:50
openstackgerrit	Luz Cazares proposed openstack/openstack-ansible-os_tempest master: (WIP) Copy tempest subunit result files to log folder https://review.openstack.org/449352	22:59
logan-	cloudnull: was just thinking-- any reason we can't expose the unit file to ops thru config_template as ini file type?	23:00
cloudnull	hum...	23:01
cloudnull	checking	23:01
logan-	i'm trying to think of situations where systemd might break from ini syntax and cant think of any offhand	23:01
cloudnull	nope, seems like it'll work	23:02
cloudnull	i just needed to make sure a unit file would allow for k = v instead of k=v	23:03
cloudnull	and it does	23:03
logan-	nice!	23:05
cloudnull	so we could add these options, as well as others, and then change the template engine to config_template and anything would be possible	23:07
logan-	yep. saves you from having to add a var for the slice too	23:07
cloudnull	++	23:07
*** manheim has quit IRC		23:18
*** MasterOfBugs has quit IRC		23:19
openstackgerrit	Kevin Carter (cloudnull) proposed openstack/openstack-ansible-os_nova master: Ensure the components are isolated from the system https://review.openstack.org/449315	23:23
cloudnull	logan-: ^	23:23
* cloudnull fingers crossed :)		23:23
*** klamath has quit IRC		23:23
openstackgerrit	Luz Cazares proposed openstack/openstack-ansible master: WIP do not merge https://review.openstack.org/449358	23:24
*** karimb has quit IRC		23:27
*** pbandark has quit IRC		23:31
*** adrian_otto has joined #openstack-ansible		23:42
*** vishwanathj has quit IRC		23:43
xdfil	so, I'm confused. I set up an LDAP domain in keystone and I think it's working but,	23:43
xdfil	I'm not understanding how to "map" the LDAP user to a user in keystone	23:44
cloudnull	lbragstad: dstanek: ^	23:45
*** DimGR2 has joined #openstack-ansible		23:49
*** DimGR has quit IRC		23:51
cloudnull	palendae: you around ?	23:54
coolj	xdfil: there's an id_mapping table in keystone that correlates the ldap user id with the keystone user id iirc	23:58

Generated by irclog2html.py 2.14.0 by Marius Gedminas - find it at mg.pov.lt!