Wednesday, 2018-12-12

*** tosky has quit IRC		00:01
*** macza has quit IRC		00:23
*** weezS has quit IRC		00:44
*** jawad_axd has joined #openstack-ansible		00:47
*** jawad_axd has quit IRC		00:51
*** dave-mccowan has joined #openstack-ansible		01:15
*** ansmith has joined #openstack-ansible		01:38
*** markvoelker has quit IRC		01:41
*** hwoarang has quit IRC		01:48
*** jawad_axd has joined #openstack-ansible		01:49
*** ansmith has quit IRC		01:52
*** jawad_axd has quit IRC		01:53
*** hwoarang has joined #openstack-ansible		01:53
*** cshen has quit IRC		02:09
*** jawad_axd has joined #openstack-ansible		02:51
*** jawad_axd has quit IRC		02:55
*** dave-mccowan has quit IRC		03:52
*** hwoarang has quit IRC		03:56
*** hwoarang has joined #openstack-ansible		04:03
*** udesale has joined #openstack-ansible		04:17
*** dhellmann has quit IRC		05:19
*** dhellmann has joined #openstack-ansible		05:20
*** radeks has joined #openstack-ansible		05:20
*** cshen has joined #openstack-ansible		05:50
*** hamzaachi has quit IRC		05:58
*** ThiagoCMC has quit IRC		05:59
*** nurdie has joined #openstack-ansible		06:05
*** hamzaachi has joined #openstack-ansible		06:05
nurdie	I have an Openstack Ocata deployment that was bootstrapped with OSA and all controller services containerized (python envs, etc). It was just upgraded to Pike with yum. Is there any way to come back from that?	06:06
*** hwoarang has quit IRC		06:16
*** hwoarang has joined #openstack-ansible		06:22
*** cshen has quit IRC		06:25
*** hamzaachi has quit IRC		06:34
chandan_kumar	odyssey4me: jrosser evrardjp Hello	06:47
chandan_kumar	odyssey4me: jrosser evrardjp can we get reviews on this patch https://review.openstack.org/622999 ?	06:47
chandan_kumar	arxcruz: kopecmartin\|off odyssey4me: jrosser evrardjp will i merge this two patch https://review.openstack.org/623187 and https://review.openstack.org/623413 in a single patch?	06:48
*** aedc has joined #openstack-ansible		07:01
*** cshen has joined #openstack-ansible		07:11
*** aedc has quit IRC		07:14
*** cshen_ has joined #openstack-ansible		07:17
*** cshen has quit IRC		07:19
*** openstackgerrit has quit IRC		07:29
*** ivve has quit IRC		07:30
*** jawad_axd has joined #openstack-ansible		07:34
*** sum12 has quit IRC		07:35
jrosser	odyssey4me: they require each other?	07:36
*** sum12 has joined #openstack-ansible		07:37
*** hamzaachi has joined #openstack-ansible		07:48
*** kopecmartin\|off is now known as kopecmartin		07:48
*** trident has quit IRC		07:58
*** trident has joined #openstack-ansible		08:00
*** ahosam has joined #openstack-ansible		08:01
*** ahosam has quit IRC		08:01
*** ahosam has joined #openstack-ansible		08:01
*** ahosam has quit IRC		08:02
*** shardy has joined #openstack-ansible		08:05
evrardjp	chandan_kumar: having a look now	08:11
*** shardy has quit IRC		08:21
*** shardy has joined #openstack-ansible		08:22
jrosser	Oh, hmm ignore me, irc phone client confusion, I’m busy till late afternoon today	08:32
*** markvoelker has joined #openstack-ansible		08:44
*** tosky has joined #openstack-ansible		08:46
*** markvoelker has quit IRC		08:49
*** jonher_ has joined #openstack-ansible		08:57
*** fresta_ has joined #openstack-ansible		08:57
*** jonher has quit IRC		09:00
*** jonher_ is now known as jonher		09:00
*** fresta has quit IRC		09:01
*** ivve has joined #openstack-ansible		09:04
*** DanyC has joined #openstack-ansible		09:19
admin0	\o	09:26
admin0	morning all	09:27
admin0	nurdie, you meant an OSA deployment got (automatically) upgraded via yum upgrade ?	09:28
admin0	did it work :D ?	09:28
*** openstackgerrit has joined #openstack-ansible		09:37
openstackgerrit	Arx Cruz proposed openstack/openstack-ansible-os_tempest master: Better tempest black and whitelist management https://review.openstack.org/621605	09:37
*** markvoelker has joined #openstack-ansible		09:39
openstackgerrit	Christian Zunker proposed openstack/openstack-ansible-os_cloudkitty master: Add missing libxml2 packages https://review.openstack.org/624618	09:52
*** ivve has quit IRC		09:52
*** sm806 has quit IRC		09:54
*** sm806 has joined #openstack-ansible		09:55
*** sm806 has quit IRC		09:55
*** sm806 has joined #openstack-ansible		09:55
*** electrofelix has joined #openstack-ansible		10:04
*** gkadam has joined #openstack-ansible		10:05
*** gkadam has quit IRC		10:05
nurdie	admin0: No it definitely didn't work, lol. It's still broken	10:08
nurdie	Having to weed through all of the old Ocata bugs to even get the OSA play to run cleanly. It broke the network, services, alll of it	10:09
admin0	someone accidently nuked the galera cluster of an osa cluster which had paying customers .. not sure if your work is more or mine fixing this mess :)	10:14
admin0	so the instances are running .. rest all = gone	10:14
admin0	will make a nice blog post on how to re-add the base image as image and copy the disk delta to shift the workload from now defunt to new cluster	10:15
nurdie	admin0: ouch! We do nightly backups of our galera cluster	10:19
admin0	in mine, i do hourly	10:20
admin0	but i retain only 24 hours back	10:20
admin0	nurdie, why are you stil in ocata ?	10:24
admin0	what i have seen is .. during the told you hold to not upgrade, something changes in the OS (apt/yum update) that brings in new libs .. so later when you try to upgrade, it starts giving issues which are not documented because those use-changes or changes were not there when the new release was done .. so holding back for too long = more issues	10:25
admin0	during the period*	10:25
admin0	so now give or take its 1.5+ years .. if you say nothing has changed in your system during this time, then the same osa/ocata might play well ( with the original issues ) .. but if things have changed, you might be facing those issues which only you will face	10:28
openstackgerrit	Jesse Pretorius (odyssey4me) proposed openstack/openstack-ansible-galera_server stable/queens: Fix SSL support https://review.openstack.org/624633	10:30
openstackgerrit	Jesse Pretorius (odyssey4me) proposed openstack/openstack-ansible-galera_server stable/queens: Fix Galera self-signed SSL functionality https://review.openstack.org/624482	10:31
*** DanyC has quit IRC		10:33
odyssey4me	nurdie the only thing that really matters in the openstack deployment if openstack is hosed is the database - if that's safe, you can recover it	10:34
odyssey4me	nurdie so you have a choice - but personally I'd recommend upgrading from ocata to pike, then pike to rocky asap... rocky really is the first stable centos deployment we've had	10:35
nurdie	odyssey4me: If I have a copy of the the database after all VMs were shutdown, can I redeploy and use that DB? It has a Ceph backend, and I'm terrified of losing all of the VMs	10:36
odyssey4me	nurdie you may hit trouble if your repositories were upgraded to the new centos 7.6 or even 7.5 - we might have to port back some fixes for that to work in ocata or pike	10:37
odyssey4me	if they're on 7.0 then I think you're ok, but I don't use centos so I can't fully vouch for it	10:37
odyssey4me	nurdie ok, so are all the vm's running and they still have network connectivity?	10:38
nurdie	odyssey4me: Everything is down except Ceph	10:38
nurdie	We turned off all VMs before upgrade attempt, then backed up the DB, again, when we realized it was going south	10:39
nurdie	Multiple compute hosts, 3 controllers (all running containerized services)	10:39
odyssey4me	nurdie ok, and is ceph deployed with the OSA deployment or seperately?	10:40
*** DanyC has joined #openstack-ansible		10:42
nurdie	separately	10:42
odyssey4me	nsmeds I noticed that https://review.openstack.org/624482 brought in part of https://review.openstack.org/572939, so I've ported that back ( https://review.openstack.org/624633 ) and done a clean pick of your patch on top of it	10:43
odyssey4me	nurdie well, if you have some way of testing the process to iron out the kinks and to understand what you're in for then I'd encourage you to do that first - otherwise you're in for a risky and wild ride and could lose things	10:46
admin0	when does 18.1.1 be released .. so that i do not have to cherry pick that ovs patch again and again	10:46
admin0	plus there might be more changes	10:47
odyssey4me	admin0 whenever https://review.openstack.org/624406 is approved, 18.1.1 will be released	10:47
odyssey4me	once that's done, then https://review.openstack.org/624407 will be clear to merge	10:47
odyssey4me	nurdie what exactly happened - you did 'yum upgrade' from 7.0 to 7.6 and everything fell apart?	10:48
nurdie	yum install centos-openstack-pike; yum update	10:50
nurdie	lol	10:50
nurdie	On an OSA deploy*	10:50
odyssey4me	nurdie oh dear	10:50
odyssey4me	nurdie was that done on all the hosts, or only part of them?	10:50
nurdie	All of them	10:50
odyssey4me	well, that was silly :p	10:51
nurdie	Mhmm. Wasn't my idea	10:51
odyssey4me	I don't know what 'yum install centos-openstack-pike' actually installs, but is it possible to remove it?	10:51
odyssey4me	And then does 'yum update' do an upgrade to 7.6, or what does it do exactly?	10:52
nurdie	But I learned a lot about OSA today lol	10:52
nurdie	Yes, yum update pulled in the openstack pike updates + the centos updates	10:53
odyssey4me	nurdie ok, so as long as your /etc/openstack_deploy folder is intact, and your database is intact, the control plane can pretty much be rebuilt from scratch - if you rebuild the hosts using the same MAC/IP's then it should be fine	10:54
odyssey4me	from there your concern is the compute hosts	10:55
odyssey4me	there you should be able to uninstall the openstack packages and make sure you purge all their config, then run the OSA deployment over the top of them to get them running again	10:55
nurdie	I still need to go through the upgrade process, because of DB schemas, etc, right? Which means I still need a working OS deployment lol	10:56
nurdie	Je pense, but je ne connais pas	10:56
odyssey4me	I would recommend just going with Pike - OSA will handle the database upgrades and all that.	10:56
nurdie	hmm	10:56
odyssey4me	You'll probably have to handle the OSA changes yourself by hand though.	10:56
odyssey4me	these parts: https://docs.openstack.org/openstack-ansible/pike/user/manual-upgrade.html	10:57
nurdie	Haha! I just saw a page like that a little while ago that had a disclaimer about the upgrade script being not production safe	10:58
nurdie	Safer than a yum update on a CentOS box? :p	10:58
odyssey4me	the upgrade process is a one size fits all, so it's not guaranteed for every environment which is why we had that disclaimer	10:58
odyssey4me	and, quite honestly, I don't know if it works on CentOS - it's quite possible that one or two things will fall apart	10:59
odyssey4me	but in your case if you're wiping the env, then there's only a small part of that process which matters...	11:00
odyssey4me	https://docs.openstack.org/openstack-ansible/pike/user/manual-upgrade.html#clean-up-old-facts	11:00
odyssey4me	https://docs.openstack.org/openstack-ansible/pike/user/manual-upgrade.html#update-configuration-and-environment-files	11:00
odyssey4me	https://docs.openstack.org/openstack-ansible/pike/user/manual-upgrade.html#update-user-secrets-file	11:00
odyssey4me	https://docs.openstack.org/openstack-ansible/pike/user/manual-upgrade.html#clean-up-the-ceph-ansible-galaxy-namespaced-roles	11:00
odyssey4me	with that your /etc/openstack_deploy will be prepped	11:01
odyssey4me	everything else is just the same as a standard deployment - except in your case you'll be stopping after setup-hosts.yml to ensure that you restore your database to the galera containersbefore continuing with setup-infrasructure/setup-openstack	11:02
*** rodolof has joined #openstack-ansible		11:02
*** udesale has quit IRC		11:02
openstackgerrit	Jesse Pretorius (odyssey4me) proposed openstack/openstack-ansible-os_glance stable/rocky: Fix permissions on /var/lib/glance/cache https://review.openstack.org/624662	11:03
*** udesale has joined #openstack-ansible		11:03
odyssey4me	nurdie I would definitely recommend putting together a few VM's for a test environment to work through the process to make sure you're familiar with it.	11:04
nurdie	Much gratitude for the tips, odyssey4me! We may stab that route, because the Ocata OSA repos seem like a giant rabbit hole	11:05
odyssey4me	nurdie yeah, it's old	11:05
odyssey4me	nurdie as admin0 recommended earlier, it's better to keep up with releases as quickly as possible - and especially when something like a new centos releases, make sure you're up to date before using it... best to actually maintain your own centos mirrors and only update when you're ready for it	11:06
nurdie	We have DB copies of the Galera cluster and critical infra VMs before the upgrade. Our stack is already essentially a giant test environment now o_0	11:07
admin0	nurdie, i still find my cluster with a nuked db more fun :)	11:07
odyssey4me	admin0 that, sir, is a mess	11:07
nurdie	admin0: hahahaha you have fun with that, and your hourly rates :p	11:08
odyssey4me	hehehe, yeah - when paid by the hour in that situation, as tough as it is, there is a silver lining	11:08
odyssey4me	mnaser jrosser I wonder whether it'd be prudent for us to backport https://review.openstack.org/623515 so that centos builds using pike/queens also work with centos 7.6	11:09
odyssey4me	let me just do it	11:10
admin0	the silver lining here is that you can re-upload the base file as an image, create a new instance with the same name and just copy the disk	11:10
*** jawad_axd has quit IRC		11:10
admin0	now i am inclined to create a test cluster with ceph, nuke the db and see how far we can go	11:10
openstackgerrit	Jesse Pretorius (odyssey4me) proposed openstack/openstack-ansible-lxc_hosts stable/queens: prep: remove old machinectl workarounds https://review.openstack.org/624665	11:11
odyssey4me	admin0 hopefully the networks in the projects aren't too complex	11:12
odyssey4me	but still - restoring the VM is the easy part... getting all the networking back to what it was, and all the security groups, etc is only really possible if they have some sort of documentation, which they always do - right?! :p	11:13
*** sum12 has quit IRC		11:18
jrosser	odyssey4me: i think it would be good yes - we're on 7.6 hosts for everything arent we now?	11:18
*** sum12 has joined #openstack-ansible		11:19
*** sum12 has quit IRC		11:19
*** sum12 has joined #openstack-ansible		11:20
admin0	lots of scripting .. to dumpxml every running instance, to get the username project and image and then map the security groups using iptables	11:20
admin0	a lot of work, but turned out not to be scary .. as all the client instances are running	11:21
openstackgerrit	lei zhang proposed openstack/openstack-ansible master: Add a note about stale env.d files https://review.openstack.org/624667	11:22
openstackgerrit	Chandan Kumar proposed openstack/openstack-ansible-os_tempest master: Added support for running tempestconf from packages https://review.openstack.org/622999	11:29
*** markvoelker has quit IRC		11:30
openstackgerrit	Jesse Pretorius (odyssey4me) proposed openstack/openstack-ansible-lxc_hosts stable/pike: prep: remove old machinectl workarounds https://review.openstack.org/624674	11:30
*** ansmith has joined #openstack-ansible		11:50
*** jamesdenton has quit IRC		11:56
*** jamesdenton has joined #openstack-ansible		12:00
*** markvoelker has joined #openstack-ansible		12:05
*** ansmith has quit IRC		12:05
gundalow	https://github.com/ansible/ansible/pull/37113 `Added support for missing options capabilities and root_device in properties of os_ironic.py ansible module` Could I get a final review from someone here? Thanks in advance.	12:06
odyssey4me	gundalow looking, although I may not have enough understanding to know whether it's the right thing to do	12:30
gundalow	Thanks :)	12:31
odyssey4me	ah, I see that julia has verified it which works as a SME review for me	12:31
odyssey4me	gundalow I see you've done some feedback, do you want a revision before merging? the functionality seems right to me	12:32
gundalow	OK, I'll edit that and merge. Thanks :)	12:33
jamesdenton	odyssey4me Quick chat about https://review.openstack.org/#/c/454450/ if you have a sec. I could not find the referenced (upcoming) documentation for post-upgrade (P->Q), specifically how to migrate from container to bare metal. Seems to me like nothing changes w/r/t existing containers, but NEW network_hosts will have agents deployed on BM. This sort of conflicts with the language of the release notes IMO. ->	12:35
jamesdenton	https://docs.openstack.org/releasenotes/openstack-ansible/queens.html#relnotes-17-0-0-stable-queens-upgrade-notes	12:35
odyssey4me	jamesdenton yeah, unfortunately cloudnull never put anything together as a guide - and it would be really nice to have something in docs to help people	12:37
odyssey4me	as I understand it, there will - after the upgrade, be agents on bare metal and in containers - although when I was working on the patch to remove the old containers I did not see that	12:38
odyssey4me	I'm not all that familiar with neutron, so I decided to leave it to others to figure out.	12:38
odyssey4me	in theory you should already have new agents and can work through scheduling (using the at&t tool perhaps, or native tooling) all routers/networks/etc to the ones on bare metal, disable the ones in containers, then once they're all moved over you can wipe the old container	12:39
jamesdenton	RIGHT. My experience so far is that the old containers remained (expected) and nothing changed in the inventory, so agents were not deployed on BM. I did add a new network_host, though, and agents were deployed on BM to that. I suspect that some inventory munging will need to be done to force BM deploy to existing infra nodes during the upgrade, and then the container removal exercise post-upgrade	12:39
odyssey4me	it should be totally automatable, but it needs someone with the time and expertise to work that out	12:40
jamesdenton	the router and network shuffle, as you say	12:40
*** dave-mccowan has joined #openstack-ansible		12:40
jamesdenton	well, i'll give the docs a workup. and the automation may need to be left to more capable hands	12:41
odyssey4me	aha, ok - that sort of makes sense... so the issue is that there is already an inventory entry for that network_host... so it keeps deploying to the same one	12:41
odyssey4me	hmm, I wonder if there's a way we can do it online somehow	12:41
jamesdenton	I'm trying to get some additional info from this bug report to see if/how they deviated from the upgrade notes: https://bugs.launchpad.net/openstack-ansible/+bug/1804770	12:42
openstack	Launchpad bug 1804770 in openstack-ansible "Pike -> Queens Upgrade: Documentation for OVS setup and neutron agent rebalancing missing" [High,Confirmed] - Assigned to James Denton (james-denton)	12:42
odyssey4me	It seems that it'd be possible to remove the container from the inventory, and with the new env.d when re-running ansible it won't recreate the inventory entry for the container - but then we lose any ways of running ansible against it. :/	12:42
jamesdenton	so you think removing the neutron_agents_containers from inventory won't result in a new entry for the respective BM host?	12:44
odyssey4me	jamesdenton I don't think it will - but the trick is that we need to ensure that the new agents are on the BM host before we remove the cotainer.	12:45
pabelanger	morning! Do you think we can approve https://review.openstack.org/624407/ today, to update SHAs for stable/rocky for 18.1.2? I guess that needs a release patch first?	12:45
odyssey4me	pabelanger that won't go into gate until https://review.openstack.org/624406 merges	12:45
odyssey4me	and it's likely that will only happen once tonyb has seen it, which is likely late tonight for you	12:46
odyssey4me	early morning for him :)	12:46
odyssey4me	jamesdenton that's a nice bug report :)	12:48
pabelanger	odyssey4me: ack, thanks	12:49
openstackgerrit	Jesse Pretorius (odyssey4me) proposed openstack/openstack-ansible-ops master: MNAIO: Recovery the galera cluster with no gvwstate.dat file https://review.openstack.org/624687	12:53
openstackgerrit	Merged openstack/openstack-ansible stable/rocky: nspawn: correct task names https://review.openstack.org/622183	12:53
*** vakuznet has joined #openstack-ansible		13:07
*** hamzaachi has quit IRC		13:19
*** hamzaachi has joined #openstack-ansible		13:20
*** markvoelker has quit IRC		13:28
*** vollman has joined #openstack-ansible		13:30
openstackgerrit	Merged openstack/openstack-ansible-ops master: MNAIO: Recovery the galera cluster with no gvwstate.dat file https://review.openstack.org/624687	13:31
*** rjgibson has joined #openstack-ansible		13:44
*** ansmith has joined #openstack-ansible		13:45
*** markvoelker has joined #openstack-ansible		14:01
arxcruz	odyssey4me: evrardjp do you guys mind take a look at https://review.openstack.org/#/c/621605/ ?	14:13
arxcruz	when you have time	14:13
odyssey4me	arxcruz um, what the heck? I get the impression that you're not aware of how to make use of group_vars/host_vars/extra_vars ...	14:14
odyssey4me	arxcruz also, part of the point of the joint working on this role is to have a common black/whitelist rather than managing two	14:15
*** fresta has joined #openstack-ansible		14:17
arxcruz	odyssey4me: okay... sorry...	14:17
*** jonher_ has joined #openstack-ansible		14:17
arxcruz	we can have a common black/whitelist	14:18
*** maharg101 has joined #openstack-ansible		14:19
*** rodolof has quit IRC		14:20
*** jonher has quit IRC		14:21
*** jonher_ is now known as jonher		14:21
*** rodolof has joined #openstack-ansible		14:21
*** fresta_ has quit IRC		14:21
openstackgerrit	Andy Smith proposed openstack/openstack-ansible master: Add qdrouterd role for rpc messaging backend deployment https://review.openstack.org/624184	14:22
maharg101	hi, just reading https://bugs.launchpad.net/openstack-ansible/+bug/1657518 regarding firewalld, has anyone built up a list of firewall requirements for openstack that could be shared ?	14:32
openstack	Launchpad bug 1657518 in openstack-ansible "Hosts role should disable or remove firewalld" [High,Fix released] - Assigned to Major Hayden (rackerhacker)	14:32
*** irclogbot_0 has quit IRC		14:36
*** irclogbot_0 has joined #openstack-ansible		14:51
*** cshen_ has quit IRC		14:54
*** Miouge has quit IRC		14:55
*** Miouge has joined #openstack-ansible		14:57
*** DanyC has quit IRC		15:07
*** DanyC has joined #openstack-ansible		15:07
*** DanyC has quit IRC		15:11
openstackgerrit	Jesse Pretorius (odyssey4me) proposed openstack/openstack-ansible master: Remove the log container in the AIO config https://review.openstack.org/619526	15:14
noonedeadpunk	I've got a bunch of small patches for review, so if someone has time for it - you're welcome https://goo.gl/8QpssC	15:14
*** markvoelker has quit IRC		15:18
odyssey4me	noonedeadpunk I'll look through them now.	15:18
openstackgerrit	Dmitriy Rabotjagov (noonedeadpunk) proposed openstack/openstack-ansible-os_masakari stable/rocky: Add missing docs/releasenotes tests https://review.openstack.org/616635	15:23
*** sum12 has quit IRC		15:28
*** sum12 has joined #openstack-ansible		15:28
openstackgerrit	Dmitriy Rabotjagov (noonedeadpunk) proposed openstack/openstack-ansible-os_horizon master: Adds ability to enable domain dropdown list on login page https://review.openstack.org/622256	15:32
openstackgerrit	kourosh vivan proposed openstack/openstack-ansible-os_trove stable/rocky: Add segmentation option https://review.openstack.org/624741	15:33
*** DanyC has joined #openstack-ansible		15:33
*** DanyC has quit IRC		15:34
*** DanyC has joined #openstack-ansible		15:35
*** rodolof has quit IRC		15:38
*** rodolof has joined #openstack-ansible		15:39
noonedeadpunk	odyssey4me: regarding your comment here https://review.openstack.org/#/c/623643/ - I've faced with the problem during upgrade to the Rocky, and this workaround worked for me, and didn't brought any problems. However offered option will be defenitely safer.	15:39
odyssey4me	noonedeadpunk ok, I can approve it - but if you think my suggestion is safer then could you push up a patch to change it in master	15:39
noonedeadpunk	So, should I abandon this cherry-pick, place offered patch for the master, and then squash them and backport to rocky?	15:39
noonedeadpunk	yep, sure:)	15:40
openstackgerrit	caoyuan proposed openstack/openstack-ansible-os_zaqar stable/rocky: Add description section https://review.openstack.org/624743	15:41
odyssey4me	noonedeadpunk after testing that it works for you, of course :)	15:41
*** vollman has quit IRC		15:52
*** kopecmartin is now known as kopecmartin\|off		16:05
*** cshen has joined #openstack-ansible		16:05
*** gyee has joined #openstack-ansible		16:19
*** udesale has quit IRC		16:19
nsmeds	odyssey4me: saw your change - understood. thanks for helping	16:20
noonedeadpunk	odyssey4me: I've tried offered option (and several common as well), and every ends up with this error: http://paste.openstack.org/show/737147/	16:24
odyssey4me	noonedeadpunk argh.. must be a bug in it somewhere - if you're concerned enough to figure it out, please do - I don't mind either way	16:26
spotz	about if needed	16:27
spotz	had 2 days where the channel was broke for me:(	16:27
noonedeadpunk	Actually, I ended up with these quotes, as wasn't able to find more proper solution. But I'll do another try	16:28
*** cshen has quit IRC		16:30
noonedeadpunk	I think, the point is, that when jinja tries to get an address from dict, ansible_ib1.87d2 should be quoted (or dot somehow escaped) that it was interpreted as a single key	16:32
*** macza has joined #openstack-ansible		16:34
*** cshen has joined #openstack-ansible		16:46
*** radeks has quit IRC		16:49
*** cshen has quit IRC		16:51
jrosser	mnaser: one for you here https://review.openstack.org/#/c/624336/	16:52
*** electrofelix has quit IRC		16:53
*** cshen has joined #openstack-ansible		16:56
mnaser	jrosser: thats perfect thanks	17:18
jrosser	that should unlock lxc_container_create tests i think	17:19
*** DanyC has quit IRC		17:22
openstackgerrit	Merged openstack/openstack-ansible-os_masakari stable/rocky: Add missing docs/releasenotes tests https://review.openstack.org/616635	17:23
openstackgerrit	Merged openstack/openstack-ansible-os_cloudkitty master: Add missing libxml2 packages https://review.openstack.org/624618	17:26
mnaser	jrosser: it will	17:27
mnaser	i think it will just unlock the patch that removes that tho	17:27
openstackgerrit	Merged openstack/openstack-ansible-os_horizon master: Adds ability to enable domain dropdown list on login page https://review.openstack.org/622256	17:29
openstackgerrit	Merged openstack/openstack-ansible-os_keystone stable/rocky: Ensure that LDAP config is deployed on all keystone hosts https://review.openstack.org/624430	17:30
openstackgerrit	Merged openstack/openstack-ansible-lxc_hosts master: Ensure that systemd-resolved is present in the Centos container https://review.openstack.org/624336	17:37
*** spatel has joined #openstack-ansible		17:38
openstackgerrit	Jonathan Rosser proposed openstack/openstack-ansible-lxc_hosts stable/rocky: Ensure that systemd-resolved is present in the Centos container https://review.openstack.org/624771	17:38
spatel	jamesdenton: morning!	17:38
*** ianychoi has joined #openstack-ansible		17:38
spatel	i have neutron VLAN question if you around	17:39
openstackgerrit	Merged openstack/openstack-ansible-os_keystone stable/queens: Ensure that LDAP config is deployed on all keystone hosts https://review.openstack.org/624433	17:40
spatel	I should say afternoon :)	17:40
openstackgerrit	Merged openstack/openstack-ansible-os_cinder master: Fix ansible deprecation warnings https://review.openstack.org/621656	17:41
openstackgerrit	Merged openstack/openstack-ansible-os_neutron master: Adds ability to set no-resolv for dnsmasq. https://review.openstack.org/620076	17:44
openstackgerrit	Merged openstack/openstack-ansible-lxc_hosts stable/queens: prep: remove old machinectl workarounds https://review.openstack.org/624665	17:44
jamesdenton	hello spatel. whats up?	17:44
jrosser	mnaser: http://logs.openstack.org/34/624434/1/gate/openstack-ansible-functional-centos-7/1dc28e7/logs/host/lxc-cache-prep-commands.log.txt.gz	17:45
openstackgerrit	Dmitriy Rabotjagov (noonedeadpunk) proposed openstack/openstack-ansible-os_ceilometer master: Add ability to override meters.yaml and event_definitions.yaml https://review.openstack.org/623239	17:47
spatel	jamesdenton: I have vlan_200 on my openstack for public and its near to full and i am working with ISP to get new public pool, so is it possible i can add new public subnet to existing vlan ?	17:49
spatel	If not that i have to create new VLAN on all physical switch ( I have 200 switches in network :( )	17:49
jamesdenton	you can. the upstream router/gateway for that network needs to be able to handle multiple L3 subnets on a single interface, though.	17:50
jamesdenton	most routers can do that. firewall devices (like Cisco ASA) maybe not so much	17:50
openstackgerrit	Jesse Pretorius (odyssey4me) proposed openstack/openstack-ansible master: [WIP] Clean-up and simplify the major upgrade https://review.openstack.org/624773	17:51
*** hamzaachi has quit IRC		17:51
noonedeadpunk	folks, does anyone know if ceilometer and telemetry projects are alive? As nobody cares about reviews and, actually, filled bugs there...	17:51
spatel	Yes. new subnet i have to setup on my gateway switches..	17:51
jamesdenton	spatel so then it's just a matter of 'openstack subnet create --network EXISTING_VLAN_NET ...'	17:52
spatel	This is what i did to create my first VLAN network and subnet	17:52
spatel	neutron subnet-create net_pub_vlan_200 71.xxx.xxx.0/24 --name sub_pub_vlan_200 --allocation-pool start=71.xxx.xxx.2,end=71.xxx.xxx.254 --dns-nameservers 8.8.8.8 --gateway=71.xxx.xxx.1	17:52
spatel	Can i use same command to add 72.xxx.xxx.0/24 subnet?	17:52
jamesdenton	yes. just give it a different name	17:53
jamesdenton	gateway will be different, start/end, etc.	17:53
spatel	Different name for subnet right but keep "net_pub_vlan_200" same ?	17:53
jamesdenton	right	17:53
spatel	something like this..	17:54
spatel	neutron subnet-create net_pub_vlan_200 71.xxx.xxx.0/24 --name sub_new_vlan_200 --allocation-pool start=72.xxx.xxx.2,end=72.xxx.xxx.254 --dns-nameservers 8.8.8.8 --gateway=72.xxx.xxx.1	17:54
openstackgerrit	Merged openstack/openstack-ansible-os_trove master: Add segmentation option https://review.openstack.org/623533	17:54
jamesdenton	be mindful of the cidr you're passing, that would need to be 72.xxx also	17:54
spatel	jamesdenton: typo..... :)	17:55
spatel	yes it should be 72....	17:55
spatel	jamesdenton: thank you!!!	17:55
jamesdenton	looks good to me. sure	17:55
spatel	I have almost 175 compute node in openstack :) how do i find out what will be the limit of cloud?	17:56
*** rodolof has quit IRC		17:56
jamesdenton	push it till it breaks, then N-1	17:56
spatel	touch wood everything looks good so far.. load on infra nodes around 2 to 3%..	17:56
jrosser	spatel: you doing any vrrp or anything for the gateway of those subnets? allocating .2 to .254 leaves you little wiggle room for that sort of thing	17:57
spatel	I have place order for 100 more compute nodes... so wondering should i build new cloud or keep adding in existing one :)	17:57
jamesdenton	good catch jrosser	17:57
jrosser	i tend to leave .1 to .9 for such things and have a rule that .5 is vrrp gateway in all /24's	17:58
spatel	jrosser: 1, 2, 3 first ip will be used by HRSP or VRRP..	17:58
jrosser	then you have room for two routers, and spare to add/change if you need to upgrade or stuff like that	17:58
noonedeadpunk	odyssey4me: It seems, that 'ansible_{{ hostvars[inventory_hostname] \| json_query(find_bridge) \| replace('-','_') }}' has to be quoted, as the problem occurs inside json_query(), when it see extra dot inside of the interface name (like ansible_ib1.87d2.ipv4.address), while the query should be kinda "'ansible_ib1.87d2'.ipv4.address"	17:58
jrosser	i guess in this case i'm a little old-school in assigning actual ip to the router interfaces in addition to the vrrp vip	18:00
openstackgerrit	Merged openstack/openstack-ansible-os_keystone stable/ocata: Ensure that LDAP config is deployed on all keystone hosts https://review.openstack.org/624436	18:00
spatel	jrosser: is that VRRP for DHCP?	18:01
jamesdenton	spatel your physical gateway device	18:02
jamesdenton	is it HA?	18:02
jrosser	no, to make the subnet gateway H/A	18:02
spatel	i am using physical router gateway so i don't need any VRRP for routing..	18:02
openstackgerrit	Merged openstack/openstack-ansible-os_keystone master: Force force-tlsv12 only https://review.openstack.org/623240	18:03
spatel	I don't have any vRouter on openstack..	18:03
jrosser	no this is on your hardware	18:03
jrosser	if you have two routers you really should arrange with something like VRRP that the gw ip will fail over between them	18:03
spatel	Yes that is true... floating ip ( I have HSRP setup )	18:04
spatel	but you only need 3 ip address to setup VRRP or HSRP	18:04
spatel	just trying to understand i am on same page.. or i am missing details here	18:05
jamesdenton	yeah, what he's implying is that make sure your dhcp allocation range doesn't overlap with those IPs	18:05
jamesdenton	otherwise neutron may have out an IP configured on the router itself	18:05
spatel	jamesdenton: :) got it..	18:05
jamesdenton	*hand	18:05
spatel	That command i posted was just example.. i didn't realized .2 to .254 range i specified there	18:06
jamesdenton	ahh ok	18:06
spatel	jamesdenton: also DHCP instance also take 3 IPs right from public pool?	18:06
spatel	in 3 node cluster	18:06
jamesdenton	if you have 3 DHCP agents, yes	18:07
spatel	perfect! that is what i thought	18:07
spatel	jamesdenton: how do i measure openstack limit ? any components i should keep eye on it.. before i say NOT MORE compute node	18:08
spatel	right now i am keep adding compute node every weeks...	18:08
jamesdenton	others may be better equipped to answer that. if you're not using l3 agent, l2 pop, etc. then the number would be higher. i would say watch DB and Rabbit	18:09
jamesdenton	i've always heard ~250 is a good spot	18:09
spatel	hmm! okay.. currently i have 175 so i will keep eye..	18:10
spatel	jamesdenton: at some point i want to migrate my existing LinuxBridge to OVS (to use dpdk )	18:11
spatel	don't know how hard its going to be but.. i have to go that path.. SR-IOV is just extra pain with performance :)	18:11
jamesdenton	i think we're a ways out from that.	18:11
jamesdenton	have you kicked the tires on OVS+DPDK to see if you get performance close to that of SR-IOV?	18:12
spatel	No i didn't	18:12
spatel	i will soon but.. 2019 goal	18:13
*** maharg101 has quit IRC		18:14
*** maharg101 has joined #openstack-ansible		18:17
openstackgerrit	Dmitriy Rabotjagov (noonedeadpunk) proposed openstack/openstack-ansible-os_neutron stable/rocky: Adds ability to set no-resolv for dnsmasq. https://review.openstack.org/624779	18:23
openstackgerrit	Matthew Thode proposed openstack/openstack-ansible-ops master: Chage cpu model to allow for nested virt to work https://review.openstack.org/624780	18:23
prometheanfire	odyssey4me: if around, this should fix things... https://review.openstack.org/624780	18:24
openstackgerrit	Dmitriy Rabotjagov (noonedeadpunk) proposed openstack/openstack-ansible-os_neutron stable/queens: Adds ability to set no-resolv for dnsmasq. https://review.openstack.org/624781	18:29
openstackgerrit	Dmitriy Rabotjagov (noonedeadpunk) proposed openstack/openstack-ansible-os_neutron stable/queens: Adds ability to set no-resolv for dnsmasq. https://review.openstack.org/624781	18:31
*** shardy has quit IRC		18:35
*** goldenfri has joined #openstack-ansible		18:44
openstackgerrit	Merged openstack/openstack-ansible master: Added masakari-dashboard repo to openstack_services https://review.openstack.org/619062	18:55
jrosser	noonedeadpunk: I don’t think it’s true that no one cares about the ceilometer roles, it’s just they’ve been in a bad place for so long that core reviewers like me don’t necessarily have it running in our labs, so it’s hard to get up to speed and be able to make a judgement on patches	18:58
jrosser	FWIW I think it’s really great that they are getting some attention	18:59
openstackgerrit	Dmitriy Rabotjagov (noonedeadpunk) proposed openstack/openstack-ansible-os_neutron stable/pike: Adds ability to set no-resolv for dnsmasq. https://review.openstack.org/624786	19:01
openstackgerrit	Merged openstack/openstack-ansible stable/pike: Update all SHAs for 16.0.24 https://review.openstack.org/624427	19:05
openstackgerrit	Merged openstack/openstack-ansible stable/queens: Update all SHAs for 17.1.6 https://review.openstack.org/624414	19:05
openstackgerrit	Merged openstack/openstack-ansible stable/rocky: Add retries for utility container distro package installs https://review.openstack.org/624024	19:05
openstackgerrit	Merged openstack/openstack-ansible stable/rocky: Zuul: Simplify the integrated test playbooks https://review.openstack.org/624385	19:05
noonedeadpunk	jrosser: I meant about ceilometer itself to be honest:) I will never say that anyone here doesn't care about smth	19:05
*** spatel has quit IRC		19:07
noonedeadpunk	IRC #openstack-telemetry is deserted, bugs are not reviewed for month, even if they have related fixes in gerrit...	19:08
jrosser	Oh that’s sad	19:08
noonedeadpunk	So I'm just became worried about the destiny of the project, as we're building billing based on it right now.	19:09
jrosser	I would like to have more of this working in my cloud	19:09
jamesdenton	https://julien.danjou.info/lessons-from-openstack-telemetry-deflation/	19:09
jamesdenton	i wouldn't put your eggs in that basket	19:11
noonedeadpunk	jamesdenton: That's really sad...	19:12
jamesdenton	agreed	19:12
mnaser	noonedeadpunk: you should start getting more involved with the project and take the lead :D	19:13
*** AB2019 has joined #openstack-ansible		19:14
jamesdenton	cheers for noonedeadpunk - OpenStack Telemetry PTL	19:15
noonedeadpunk	I'm not so perfect at Python to take a leadership:) I'd wish I had	19:16
jrosser	You might find even small involvement surprisingly fruitful, particularly with as a deployer with a use case, and a foot here in a deployment project. A lot could get fixed quickly....	19:17
noonedeadpunk	Yep, probably you're right	19:20
noonedeadpunk	Oh, I've read the book written by this guy - never knew that he's a telemetry PTL	19:21
*** spatel has joined #openstack-ansible		19:24
spatel	Folks... i have quick question, i want to change something in /etc/rsyslog.d/50-default.conf file so how do i rollout my change?	19:25
spatel	I am seeing this file is static file and not using any template variables	19:25
spatel	# /etc/ansible/roles/rsyslog_client/files/50-default.conf	19:26
spatel	what are the options i have to edit this file and rollout to make sure next update won't wipe out my changes?	19:26
jamesdenton	what are you needing to change?	19:27
spatel	.;local7,auth,authpriv,cron,daemon,mail,news.none -/var/log/syslog	19:28
spatel	CentOS using /var/log/messages ( my monitoring agent reading this files )	19:29
spatel	i want to change /var/log/syslog to /var/log/messages	19:29
*** vollman has joined #openstack-ansible		19:29
spatel	i want to change /var/log/syslog to /var/log/messages	19:29
jamesdenton	Hmm. symlink?	19:29
-spatel- [root@ostack-compute-75 ~]# ls -l /var/log/syslog		19:30
-spatel- ls: cannot access /var/log/syslog: No such file or directory		19:30
spatel	Something is broken in syslog deployment of OSA	19:30
spatel	its not logging any logs..	19:30
spatel	This is what i found if i remove "$PrivDropToUser syslog" & "$PrivDropToGroup syslog" from /etc/rsyslog.conf file then it start logging..	19:32
spatel	We have all centOS folks and when they see no /var/log/messages they freaked out :(	19:33
jamesdenton	may be an oversight for centos deploys on our part.	19:34
spatel	why don't in OSA make simple variable to symlink it or change path of file..	19:34
jamesdenton	https://bugs.launchpad.net/openstack-ansible/+filebug	19:34
*** maharg101 has quit IRC		19:35
spatel	I have find /etc/ansible/roles/rsyslog_client/templates/rsyslog.conf.j2 where i can change that but no variable :(	19:35
spatel	jamesdenton: i did file bug last week but no activity.. yet	19:36
*** maharg101 has joined #openstack-ansible		19:38
jamesdenton	who is the owner of /var/log/messages?	19:41
jamesdenton	root:root?	19:41
vakuznet	spatel related bug https://bugs.launchpad.net/openstack-ansible/+bug/1805239 what bug did you file?	19:42
openstack	Launchpad bug 1805239 in openstack-ansible "missing logrotate of the syslog, daemon.log " [Medium,Confirmed] - Assigned to Vadim Kuznetsov (vakuznet)	19:42
jamesdenton	https://bugs.launchpad.net/openstack-ansible/+bug/1807268	19:42
openstack	Launchpad bug 1807268 in openstack-ansible "CentOS rsyslog bug" [Undecided,New]	19:42
spatel	vakuznet: looking..	19:48
spatel	jamesdenton:	19:48
-spatel- [root@ostack-osa templates(keystone_admin)]# ls -l /var/log/messages		19:48
-spatel- -rw------- 1 root root 710528 Dec 12 14:40 /var/log/messages		19:48
jrosser	Wasn’t there a patch for that?	19:50
spatel	https://bugs.launchpad.net/openstack-ansible/+bug/1807268	19:53
openstack	Launchpad bug 1807268 in openstack-ansible "CentOS rsyslog bug" [Undecided,New]	19:53
spatel	Here you go vakuznet	19:53
redkrieg	Does anyone know if this is still the best way to do multiple regions? I'd be fine with only having one keystone and pointing the other region to it if that's practical, I just don't see a good way to do it. https://developer.rackspace.com/blog/keystone-to-keystone-federation-with-openstack-ansible/	19:53
*** Adri2000 has quit IRC		19:54
*** Adri2000 has joined #openstack-ansible		19:56
*** rodolof has joined #openstack-ansible		19:56
spatel	jamesdenton: you got it	19:57
spatel	what are the option i have now ?	19:57
spatel	Or should i write custom ansible module to roll out my change outside OSA ?	19:58
spatel	it will be ugly!	19:58
*** nurdie has quit IRC		20:07
*** cshen has quit IRC		20:34
*** cshen has joined #openstack-ansible		20:36
openstackgerrit	James Denton proposed openstack/openstack-ansible-rsyslog_client master: [WIP] Templatize rsyslog configuration files https://review.openstack.org/624805	20:36
jamesdenton	spatel You can try that: https://review.openstack.org/624805	20:37
jamesdenton	but i can't guarantee it's the right approach, or there may be something in the works	20:37
*** nurdie has joined #openstack-ansible		20:38
spatel	oh! i got it what you did, looks good	20:40
spatel	should i do that by hand until patch get merge ?	20:40
jrosser	mnaser: i'm sure there was some discussion previously about this rsyslog/centos stuff - was there a patch?	20:40
spatel	all your changes..	20:40
jamesdenton	spatel there may already be something in the works by mnaser so it may be in vain at this point.	20:41
spatel	hmm!	20:42
jrosser	i've not found anything so might have been imagining it - but it was certainly discussed - maybe in the meeting bug triage actually	20:43
*** nurdie has quit IRC		20:43
jamesdenton	For you, today, you might need to roll changes by hand until something official comes down. I think you can create a symlink for /var/log/syslog, and it would appear in /var/log/messages	20:43
spatel	I am writing quick ansible module to roll out those changes..	20:46
spatel	jamesdenton: thanks again!	20:47
jamesdenton	sure. lemme know!	20:47
spatel	jamesdenton: this is what i did.. and rollout to all node http://paste.openstack.org/show/737166/	21:04
jamesdenton	after adding the vars?	21:06
jamesdenton	or that was your playbook after downloading the patch	21:07
spatel	I did quick hack.. manually rollout those file.. i didn't use your patch	21:10
spatel	i thought may be something in on the way so waiting for final merge	21:10
jamesdenton	ok so you changed the values in the files then	21:10
spatel	in short create ansible module outside OSA and rollout two files and restart rsyslog	21:11
jamesdenton	cool	21:11
spatel	Yes!! i did	21:11
spatel	everything working now	21:11
spatel	logs are flowing now	21:11
jamesdenton	subsequent playbook runs may overwrite that, just FYI	21:11
spatel	Yes i know that :) so for now i made those changes in role/rsyslog_client module	21:13
spatel	so new box will get correct fix.. until we have something in upstream	21:14
jamesdenton	good deal	21:14
spotz	noonedeadpunk: I thought ceilometer was dead, at least the API was removed. How long have things been sitting? Folks may be on holiday	21:15
spatel	I have internal git to check-in those changes so later i can review what changes i mad overtime..	21:15
*** vakuznet has quit IRC		21:21
*** vnogin has joined #openstack-ansible		21:25
*** hw_wutianwei_ has quit IRC		21:25
*** vnogin has quit IRC		21:30
*** rodolof has quit IRC		21:32
*** rodolof has joined #openstack-ansible		21:32
*** ansmith has quit IRC		21:33
*** spatel has quit IRC		21:53
*** DanyC has joined #openstack-ansible		22:02
*** dcdamien has joined #openstack-ansible		22:02
*** mmercer has quit IRC		22:22
*** AB2019_ has joined #openstack-ansible		22:22
*** DanyC_ has joined #openstack-ansible		22:25
openstackgerrit	Merged openstack/openstack-ansible stable/rocky: Fixed ability of usage interfaces/bridges with dots (aliases) https://review.openstack.org/623643	22:27
*** AB2019 has quit IRC		22:29
*** andreykurilin has quit IRC		22:29
*** eumel8 has quit IRC		22:29
*** logan- has quit IRC		22:29
*** AB2019_ is now known as AB2019		22:29
*** DanyC has quit IRC		22:29
*** logan- has joined #openstack-ansible		22:31
*** trident has quit IRC		22:32
*** trident has joined #openstack-ansible		22:34
*** cshen has quit IRC		22:40
openstackgerrit	Antony Messerli proposed openstack/openstack-ansible-ops master: Better handling for resuming leapfrog upgrade https://review.openstack.org/624455	23:14
*** dave-mccowan has quit IRC		23:19
*** rodolof has quit IRC		23:21
*** rodolof has joined #openstack-ansible		23:21
*** DanyC_ has quit IRC		23:24
*** mmercer has joined #openstack-ansible		23:35
*** rodolof has quit IRC		23:35
*** rodolof has joined #openstack-ansible		23:35
*** rodolof has quit IRC		23:37
*** rodolof has joined #openstack-ansible		23:38
*** DanyC has joined #openstack-ansible		23:40
*** DanyC has quit IRC		23:44
*** dcdamien has quit IRC		23:47
*** mmercer is now known as Daemoen		23:57

Generated by irclog2html.py 2.15.3 by Marius Gedminas - find it at mg.pov.lt!