Saturday, 2017-10-21

« Friday, 2017-10-20 Index Sunday, 2017-10-22 »
openstackgerritKevin Carter (cloudnull) proposed openstack/openstack-ansible master: Improve execution time by using dynamic groups  https://review.openstack.org/51387600:14
snowman4839cloudnull: I mean should it fail out of the playbook if haproxy doesn't come up since other things like the pip install rely on the haproxy address to work correctly?00:18
snowman4839I've had two separate installs that failed to bring up haproxy correctly (one because of conflicting listening ports and one I don't remember why) and the subsequent playbooks failed because of it but kept on marching00:19
snowman4839Also just a note for others, my problems with the memcached slowing down everything on my test environment seems to have disappeared on my production install. Running the stock playbook works great on my 64GB/32 core nodes but my 16GB/8 core nodes had trouble with it00:23
snowman4839keystone is responding fine and memcached servers and databases are running great00:24
*** markvoelker_ has quit IRC00:38
*** woodard_ has joined #openstack-ansible00:40
*** woodard has quit IRC00:40
*** thorst has joined #openstack-ansible00:49
*** thorst has quit IRC00:51
logan-cloudnull snowman4839: i might not be a good example because i collapse everything into mgmt network so i don't have a storage bridge00:59
*** newmember has joined #openstack-ansible01:11
*** markvoelker has joined #openstack-ansible01:23
snowman4839logan-: Not trying to come off as rude, but isn't that a security risk?01:27
*** markvoelker has quit IRC01:27
*** acormier has joined #openstack-ansible01:28
*** markvoelker has joined #openstack-ansible01:32
*** markvoelker has quit IRC01:36
*** markvoelker has joined #openstack-ansible01:41
*** acormier has quit IRC01:45
*** acormier has joined #openstack-ansible01:45
logan-snowman4839: how so?01:49
*** acormier has quit IRC01:50
logan-snowman4839: same control plane hosts/communicating with each other either way, so i don't quite follow. but i do think you should apply firewall rules everywhere to prevent any unnecessary traffic between control plane hosts/containers01:55
*** acormier has joined #openstack-ansible01:56
*** markvoelker has quit IRC02:14
*** acormier has quit IRC02:15
*** acormier has joined #openstack-ansible02:16
SamYaplesnowman4839: anything on the mgmt network should be considered secure, because memcache itself has no security02:18
*** vnogin has joined #openstack-ansible02:18
SamYaplesnowman4839: if you have clients talking to your ceph cluster outside of the openstack cluster, then you would want a seperate storage network. otherwise, no real added security sperating them02:19
openstackgerritKevin Carter (cloudnull) proposed openstack/openstack-ansible-os_neutron stable/pike: Add support for Neutron FWaaS v2  https://review.openstack.org/50955102:19
openstackgerritKevin Carter (cloudnull) proposed openstack/openstack-ansible master: Improve execution time by using dynamic groups  https://review.openstack.org/51387602:20
*** acormier has quit IRC02:20
*** vnogin has quit IRC02:23
logan-yeah i think the big drivers for a separate storage network would be if you had an existing san that you were trying to integrate with cinder and you wanted to bridge into that storage network02:27
logan-or if you had separate physical nics for storage in your openstack env (maybe higher speed than your mgmt network nics) and wanted to separate the traffic by bridging them separately02:27
cloudnull^ we do this frequently. 1gib mgmt, 10gib for storage, network, etc02:29
*** acormier has joined #openstack-ansible02:50
SamYapleyep thats my setup as well02:52
*** thorst has joined #openstack-ansible02:52
*** dave-mccowan has quit IRC02:54
*** thorst has quit IRC02:57
snowman4839ah I guess that makes sense03:05
*** markvoelker has joined #openstack-ansible03:05
snowman4839you don't know pain until you've gone through an entire install until you've gone through an entire install just to realize you swapped the external and internal lb vip :-(03:05
* snowman4839 facepalms03:06
*** gkadam has joined #openstack-ansible03:10
*** markvoelker has quit IRC03:10
*** dxiri has joined #openstack-ansible03:11
*** markvoelker has joined #openstack-ansible03:14
*** snowman4839 has quit IRC03:14
cloudnull‎snowman4839‎ you should be able to just change it and rerun the plays03:17
cloudnullno need to start from scratch03:17
cloudnullif your playbooks ran through the openstack parts03:17
cloudnulldrop the keystone db and just rerun setup-everything.yml03:17
cloudnullmuch faster than starting from 003:17
*** ianychoi_ has joined #openstack-ansible03:19
*** ianychoi has quit IRC03:21
*** xar- has quit IRC03:27
*** snowman4839 has joined #openstack-ansible03:31
*** xar- has joined #openstack-ansible03:32
*** acormier has quit IRC03:45
*** acormier has joined #openstack-ansible03:46
*** markvoelker has quit IRC03:48
*** acormier has quit IRC03:50
*** xar- has quit IRC04:13
openstackgerritKevin Carter (cloudnull) proposed openstack/openstack-ansible master: Improve execution time by using dynamic groups  https://review.openstack.org/51387604:14
*** xar- has joined #openstack-ansible04:17
*** germs has quit IRC04:17
*** markvoelker has joined #openstack-ansible04:38
*** markvoelker has quit IRC04:45
*** markvoelker has joined #openstack-ansible04:50
*** markvoelker has quit IRC04:51
*** thorst has joined #openstack-ansible04:53
*** thorst has quit IRC05:00
*** gouthamr has joined #openstack-ansible05:22
*** armaan has joined #openstack-ansible05:42
*** gkadam has quit IRC05:49
*** armaan has quit IRC05:49
*** armaan has joined #openstack-ansible05:50
*** armaan has quit IRC05:51
*** gouthamr has quit IRC05:53
*** armaan has joined #openstack-ansible06:55
*** thorst has joined #openstack-ansible06:56
*** thorst has quit IRC07:01
*** armaan has quit IRC07:02
*** snowman4839 has quit IRC07:23
*** dxiri has quit IRC07:39
*** mma has joined #openstack-ansible08:09
*** armaan has joined #openstack-ansible08:13
*** mma has quit IRC08:21
*** mma has joined #openstack-ansible08:21
openstackgerritJean-Philippe Evrard proposed openstack/openstack-ansible master: Initial integrated zuulv3 jobs  https://review.openstack.org/51340608:23
openstackgerritJean-Philippe Evrard proposed openstack/openstack-ansible-os_glance stable/pike: Initial OSA zuul v3 role jobs  https://review.openstack.org/51342108:24
*** mma has quit IRC08:25
*** mma has joined #openstack-ansible08:30
*** mma has quit IRC08:32
*** yolanda has quit IRC08:33
*** snowman4839 has joined #openstack-ansible08:37
*** dxiri has joined #openstack-ansible08:40
*** dxiri has quit IRC08:44
*** thorst has joined #openstack-ansible08:57
*** dxiri has joined #openstack-ansible09:01
*** thorst has quit IRC09:02
*** taseer2 is now known as Taseer09:05
*** armaan has quit IRC09:05
*** dxiri has quit IRC09:06
*** dxiri has joined #openstack-ansible09:18
*** dxiri has quit IRC09:22
*** dxiri has joined #openstack-ansible09:30
*** Neptu has quit IRC09:34
*** dxiri has quit IRC09:35
*** gunix has joined #openstack-ansible09:36
gunixwhich bridge is for provider networks for the vms?09:37
*** pbandark has joined #openstack-ansible09:38
*** dxiri has joined #openstack-ansible09:41
*** dxiri has quit IRC09:45
*** armaan has joined #openstack-ansible09:55
*** dxiri has joined #openstack-ansible09:55
*** pbandark has quit IRC09:55
*** dxiri has quit IRC10:00
*** Neptu has joined #openstack-ansible10:09
*** dxiri has joined #openstack-ansible10:10
*** dxiri has quit IRC10:14
*** dxiri has joined #openstack-ansible10:24
*** dxiri has quit IRC10:28
*** armaan has quit IRC10:34
*** dxiri has joined #openstack-ansible10:39
*** dxiri has quit IRC10:43
Tahvokodyssey4me: hope you can find a minute to reply on this case: https://bugs.launchpad.net/openstack-ansible/+bug/168759410:44
openstackLaunchpad bug 1687594 in openstack-ansible "no configuration for osa neutron to configure external dns yet" [Wishlist,In progress] - Assigned to Albert Mikaelyan (tahvok)10:44
*** dxiri has joined #openstack-ansible10:57
*** thorst has joined #openstack-ansible10:58
*** dxiri has quit IRC11:02
*** thorst has quit IRC11:02
*** dxiri has joined #openstack-ansible11:12
*** dxiri has quit IRC11:17
*** thorst has joined #openstack-ansible11:21
*** thorst has quit IRC11:21
*** dxiri has joined #openstack-ansible11:26
*** armaan has joined #openstack-ansible11:27
*** dxiri has quit IRC11:31
*** armaan has quit IRC11:31
*** dave-mccowan has joined #openstack-ansible11:35
*** dxiri has joined #openstack-ansible11:41
*** dxiri has quit IRC11:45
*** dxiri has joined #openstack-ansible11:55
*** cshen has joined #openstack-ansible11:56
*** dxiri has quit IRC12:00
*** armaan has joined #openstack-ansible12:04
*** dxiri has joined #openstack-ansible12:10
*** dxiri has quit IRC12:14
*** dxiri has joined #openstack-ansible12:43
*** dxiri has quit IRC12:48
*** dxiri has joined #openstack-ansible12:58
*** dxiri has quit IRC13:02
*** dxiri has joined #openstack-ansible13:12
*** dxiri has quit IRC13:17
*** thorst has joined #openstack-ansible13:22
*** thorst has quit IRC13:27
gunixi am following this tutorial: https://docs.openstack.org/project-deploy-guide/openstack-ansible/newton/app-config-prod.html#production-environment-config13:28
gunixmy question is: what if i do not specify the rsyslog?13:29
gunixwhat if i just don't want to deploy that server?13:29
gunixcan i just leave it out?13:29
gunixor will something crash because the nodes expect an rsyslog?13:29
*** dxiri_ has joined #openstack-ansible13:30
*** dxiri_ has quit IRC13:35
*** dxiri has joined #openstack-ansible13:41
*** dxiri has quit IRC13:45
cloudnullgunix: sorry if this is double posting, my connection dropped and IDK what got sent13:45
cloudnullgunix: re- bridges for provider networks, that's totally up to you13:45
cloudnulltypically we use br-vlan13:45
cloudnullre- rsyslog, you can leave it out.13:45
cloudnullnothing will crash however no logging will be shipped to a central localtion13:45
openstackgerritKevin Carter (cloudnull) proposed openstack/openstack-ansible master: Improve execution time by using dynamic groups  https://review.openstack.org/51387613:50
openstackgerritMerged openstack/openstack-ansible-os_glance stable/pike: Initial OSA zuul v3 role jobs  https://review.openstack.org/51342113:53
*** dxiri has joined #openstack-ansible13:55
*** aaron has joined #openstack-ansible13:56
openstackgerritKevin Carter (cloudnull) proposed openstack/openstack-ansible master: Improve execution time by using dynamic groups  https://review.openstack.org/51387613:56
lagmanHi, I made a localise mirror of pip modules, all the modules are there, but when i run the openstack-infrastructre playbook, I get this error on "pip_install : Install pip packages" No matching distribution found for pyasn1==modules13:56
*** aaron is now known as Guest3169113:56
lagmancan someone shed somelight on what I've done wrong?13:56
cloudnullcan you paste the error ?13:57
cloudnullis this happening on all of your hosts?13:57
lagmancloudnull https://pastebin.com/myYfBbha13:58
lagmanIm running the all-in-one for testing13:59
*** dxiri has quit IRC14:00
cloudnullcan you hit14:01
cloudnullhttp://172.29.236.100:8181/os-releases/15.1.10/ubuntu-16.04-x86_64/requirements_absolute_requirements.txt14:01
lagmancloudnull yeah i can14:01
cloudnullits odd that its trying to use "modules" as the version number.14:02
lagmancloudnull also python==memcached14:02
cloudnulltry just rerunning repo-build.yml with the force rebuild flag: `openstack-ansible repo-build.yml -e repo_build_git_reclone=true -e repo_build_wheel_rebuild=true -e repo_build_venv_rebuild=true`14:04
cloudnullthen rerun the failing play14:04
*** Jeffrey4l has quit IRC14:05
lagmancloudnull the same error14:05
*** Jeffrey4l has joined #openstack-ansible14:06
cloudnullwhats the task name where it fails?14:06
lagmancloudnull TASK [pip_install : Install pip packages]14:07
*** Guest31691 has quit IRC14:11
cloudnullwhat checkout are you using ?14:13
cloudnullit looks like its installing https://github.com/openstack/openstack-ansible-pip_install/blob/stable/ocata/vars/ubuntu-16.04.yml#L29-L3314:14
cloudnullusing the following command: /usr/local/bin/pip2 install -U --constraint http://172.29.236.100:8181/os-releases/15.1.10/ubuntu-16.04-x86_64/requirements_absolute_requirements.txt --trusted-host --index-url=http://openstack.org/simple pyasn1 pyOpenSSL requests urllib314:15
cloudnullwhich is pulling from pypi with that constraint file14:15
lagmancloudnull stable/ocata14:15
cloudnullare you seeing the busted versions in your constraint file too ?14:15
cloudnullor is this potentially something coming from pypi ?14:16
lagmanlet me check14:17
lagmancloudnull no in my constraint file is  pyasn1<=0.1.914:18
cloudnullin that requirement file14:20
cloudnullwhat does requirements_absolute_requirements.txt (line 147)) say  ?14:21
cloudnullis there a duplicate ?14:21
cloudnullyou could try destroying the repo containers, then rebuild them  ?14:21
cloudnull`openstack-ansible lxc-container-destory.yml --limit repo_all`14:21
lagmani have i still get this erro14:22
cloudnull`openstack-ansible lxc-container-create.yml --limit repo_all`14:22
cloudnullthen14:22
cloudnull`openstack-ansible repo-install.yml`14:22
*** dxiri has joined #openstack-ansible14:28
gunixcloudnull: thank you for the help. i don't know who financed OSA, but it's incredible work14:29
gunixif i managed to get this working, there might be another company on the openstack sponsor list14:29
*** dave-mccowan has quit IRC14:32
*** dxiri has quit IRC14:33
cloudnullwoot!14:37
cloudnullit's been a community effort, so welcome to the community :)14:38
cloudnulllagman: I'm trying to reproduce that error, and im at a loss.14:38
cloudnullI think the best bet is to nuke and rebuild the repo infra14:39
*** dxiri has joined #openstack-ansible14:43
*** cshen has quit IRC14:44
*** dxiri has quit IRC14:45
*** dxiri has joined #openstack-ansible14:45
spotzWoot!14:58
*** aaron has joined #openstack-ansible15:00
*** aaron is now known as Guest4605715:00
*** Guest46057 has quit IRC15:02
lagmancloudnull i think its my fault for messing to much with the repos, I'm just gonna discard the changes to the pip15:05
*** thorst has joined #openstack-ansible15:23
*** aaron__ has joined #openstack-ansible15:26
*** thorst has quit IRC15:27
*** aaron__ has quit IRC15:33
*** aaron__ has joined #openstack-ansible15:41
*** aaron__ has quit IRC15:44
openstackgerritMerged openstack/openstack-ansible-os_nova master: Update upgrade role for Queens from P  https://review.openstack.org/49667915:58
evrardjpwow. Nova merged.16:06
*** dave-mccowan has joined #openstack-ansible16:47
*** newmember has quit IRC16:49
*** Adri2000 has joined #openstack-ansible16:57
*** Adri2000 has quit IRC16:57
*** Adri2000 has joined #openstack-ansible16:57
*** vnogin has joined #openstack-ansible16:58
openstackgerritMerged openstack/openstack-ansible-os_keystone stable/pike: Initial OSA zuul v3 role jobs  https://review.openstack.org/51362317:14
*** vnogin has quit IRC17:25
*** vnogin has joined #openstack-ansible17:33
*** mma has joined #openstack-ansible17:39
gunixshould i run osa with sudo or give my user rights to access the files or make a special user for osa?17:45
*** germs has joined #openstack-ansible17:47
*** dave-mccowan has quit IRC17:50
*** vnogin has quit IRC17:55
gunixnevermind that last question, that is irelevant18:03
gunixhere is a real question: i don't have an IP/subnet for haproxy_keepalived_external_vip_cidr and i am kind of confused to why this IP/range is different from the one on br-mgmt18:04
gunixalso i don't understand why VIP has a range and not just an IP18:04
gunixif i am missing some basic knowledge about openstack, feel free to point me to an article without explaining much :D18:04
*** thorst has joined #openstack-ansible18:05
*** thorst has quit IRC18:06
*** rodolof has joined #openstack-ansible18:14
*** mma has quit IRC18:46
*** rodolof has quit IRC19:10
*** cshen has joined #openstack-ansible19:22
*** snowman4839 has quit IRC19:50
*** snowman4839 has joined #openstack-ansible19:54
*** thorst has joined #openstack-ansible20:07
*** dxiri has quit IRC20:07
*** dxiri has joined #openstack-ansible20:08
*** thorst has quit IRC20:11
*** snowman4839 has quit IRC21:14
*** snowman4839 has joined #openstack-ansible21:15
*** snowman48391 has joined #openstack-ansible21:17
*** snowman4839 has quit IRC21:17
openstackgerritKevin Carter (cloudnull) proposed openstack/openstack-ansible master: Improve execution time by using dynamic groups  https://review.openstack.org/51387621:33
*** cshen has quit IRC21:39
*** snowman48391 has quit IRC21:55
*** snowman4839 has joined #openstack-ansible22:03
*** markvoelker has joined #openstack-ansible22:04
*** thorst has joined #openstack-ansible22:08
*** thorst has quit IRC22:12
*** jbadiapa has quit IRC22:15
*** jbadiapa has joined #openstack-ansible22:31
*** markvoelker has quit IRC22:48
*** dxiri has quit IRC22:49
*** markvoelker has joined #openstack-ansible22:53
*** markvoelker has quit IRC23:06
*** thorst has joined #openstack-ansible23:08
*** thorst has quit IRC23:09
*** armaan has quit IRC23:12
openstackgerritJean-Philippe Evrard proposed openstack/openstack-ansible-os_swift stable/pike: Initial OSA zuul v3 role jobs  https://review.openstack.org/51381323:37
*** mma has joined #openstack-ansible23:48
*** mma has quit IRC23:52
« Friday, 2017-10-20 Index Sunday, 2017-10-22 »

Generated by irclog2html.py 2.15.3 by Marius Gedminas - find it at mg.pov.lt!