Monday, 2019-02-11

« Sunday, 2019-02-10 Index Tuesday, 2019-02-12 »
*** markvoelker has joined #openstack-ansible00:21
mnaserdmsimard: send em our way00:36
*** markvoelker has quit IRC00:54
*** markvoelker has joined #openstack-ansible01:51
*** dave-mccowan has joined #openstack-ansible01:55
dmsimardI'm looking at the ssl stuff right now... it doesn't look like --insecure is working01:56
dmsimardbut curl does01:56
*** dave-mccowan has quit IRC02:00
dmsimardoh, yuck, my fault.. a stray manual haproxy config I did to troubleshoot that last patch -- it was double-listening with different configs02:12
dmsimardnova-status from https://github.com/openstack/openstack-ansible-os_nova/blob/466ab0aecd3efa44d8a78fe856ad0f2cad9d1425/tasks/nova_db_post_setup.yml#L33 doesn't have an --insecure comand02:24
dmsimardcommand argument*02:24
*** markvoelker has quit IRC02:24
dmsimardso it's failing on the self signed certificate02:25
dmsimardinsecure is set to true in nova.conf's keystone_authtoken but I don't think it's being taken into acconut02:27
*** sdake has quit IRC03:08
*** sdake has joined #openstack-ansible03:11
*** markvoelker has joined #openstack-ansible03:22
*** markvoelker has quit IRC03:54
*** udesale has joined #openstack-ansible04:02
openstackgerritMerged openstack/openstack-ansible-os_cinder master: Add missing CLI_OPTIONS when setting up qos volume types  https://review.openstack.org/63607104:06
*** aludwar has quit IRC04:12
openstackgerritChandan Kumar proposed openstack/openstack-ansible-os_tempest master: Use the correct heat tests  https://review.openstack.org/63069504:29
*** chandankumar is now known as chkumar|ruck04:32
*** ArchiFleKs has quit IRC04:42
*** markvoelker has joined #openstack-ansible04:51
*** ArchiFleKs has joined #openstack-ansible04:57
*** markvoelker has quit IRC05:24
*** sawblade6 has quit IRC05:29
openstackgerritKevin Carter (cloudnull) proposed openstack/openstack-ansible-ops master: Add the ability to enable or disable rollups / indexes  https://review.openstack.org/63609005:58
openstackgerritKevin Carter (cloudnull) proposed openstack/openstack-ansible-ops master: Add logstash ingestion for collectd  https://review.openstack.org/63541806:14
*** shyamb has joined #openstack-ansible06:19
*** markvoelker has joined #openstack-ansible06:22
openstackgerritKevin Carter (cloudnull) proposed openstack/openstack-ansible-ops master: Change the overlay service start vars  https://review.openstack.org/63609506:51
*** markvoelker has quit IRC06:55
*** shyamb has quit IRC06:57
*** DanyC has joined #openstack-ansible07:02
*** jbadiapa has joined #openstack-ansible07:04
openstackgerritMerged openstack/openstack-ansible-ops master: Add logstash ingestion for collectd  https://review.openstack.org/63541807:05
*** DanyC has quit IRC07:07
*** kopecmartin|off is now known as kopecmartin07:07
openstackgerritMerged openstack/openstack-ansible-ops master: Change the overlay service start vars  https://review.openstack.org/63609507:14
*** shyamb has joined #openstack-ansible07:24
openstackgerritChandan Kumar proposed openstack/openstack-ansible-os_heat master: Fixed the egg name of heat to openstack_heat  https://review.openstack.org/63551807:29
*** fnpanic has joined #openstack-ansible07:34
fnpanicgood morning07:34
*** rgogunskiy has joined #openstack-ansible07:44
*** markvoelker has joined #openstack-ansible07:52
*** shyamb has quit IRC07:52
*** shyamb has joined #openstack-ansible08:00
*** gkadam has joined #openstack-ansible08:01
*** electrofelix has joined #openstack-ansible08:18
*** Emine has joined #openstack-ansible08:18
*** markvoelker has quit IRC08:24
*** electrofelix has quit IRC08:35
*** electrofelix has joined #openstack-ansible08:37
*** Emine has quit IRC08:37
*** Emine has joined #openstack-ansible08:42
*** shyamb has quit IRC08:50
*** tosky has joined #openstack-ansible08:54
*** shardy has joined #openstack-ansible09:04
chkumar|ruckodyssey4me: need some help here http://logs.openstack.org/18/635518/5/check/openstack-ansible-functional-centos-7/aafb1d0/logs/ara-report/result/3b431320-b515-4e81-a763-da4167e217ed/09:10
*** DanyC has joined #openstack-ansible09:12
*** DanyC has quit IRC09:14
*** DanyC has joined #openstack-ansible09:14
*** shyamb has joined #openstack-ansible09:17
*** markvoelker has joined #openstack-ansible09:21
*** Emine has quit IRC09:29
*** Emine has joined #openstack-ansible09:36
fnpanicjust submitted this but https://bugs.launchpad.net/openstack-ansible/+bug/181543009:46
openstackLaunchpad bug 1815430 in openstack-ansible "ceph_client role fails verifing keys when deploying behind a proxy" [Undecided,New]09:46
fnpanici also added a diff for ubuntu in the bug report which works for ubuntu. i adopted it from the galera proxy patch09:47
fnpanichttps://review.openstack.org/#/c/625291/09:47
fnpaniclooks like i am the only guy in the world deploying OSA behind a proxy?09:47
jrossernot the only one. i mirror as many of the upstream repos locally as possible so havent tripped over the ansible apt-key module not obeying the proxy settings09:50
fnpanicwhat do you use for mirroring?09:53
fnpanicaptly?09:53
*** markvoelker has quit IRC09:54
jrosserdebmirror09:58
jrosserhrrm bionic/ceph integrated repo test is broken10:01
jrossercinder distro packages pull in librados and librbd before the ceph_client role has run and set up the ceph repo and apt pinning10:02
CeeMacmorning all10:15
fnpanichi10:24
*** mkuf_ has joined #openstack-ansible10:48
*** markvoelker has joined #openstack-ansible10:52
*** mkuf has quit IRC10:52
*** shyamb has quit IRC11:01
*** mkuf_ has quit IRC11:24
openstackgerritJonathan Rosser proposed openstack/openstack-ansible-os_cinder master: Ensure cinder-volumes tool packages install correct ceph dependancies  https://review.openstack.org/63611511:24
*** markvoelker has quit IRC11:25
openstackgerritJonathan Rosser proposed openstack/openstack-ansible master: Fix typo btrfs -> zfs  https://review.openstack.org/63603511:40
*** shyamb has joined #openstack-ansible11:42
*** sum12 has quit IRC11:44
*** sum12 has joined #openstack-ansible11:44
*** Emine has quit IRC11:46
CeeMacis it possible/probable that using a custom SSL cert for HAproxy will have broken heat?11:52
CeeMacI'm getting 504 gateway time-outs through both dashboard and cli11:53
mathlinhi, what could stop a dhcp reply from the network node from reaching the nova compute node. Only request on the nova side, request and reply on the network node. Other traffic like a few 'who-has' can pass freely.11:57
*** chhagarw has joined #openstack-ansible12:01
fnpanicCeeMac: looks like we are in the same boat12:02
CeeMacfnpanic, at least I'm not alone12:02
fnpanicif it is a custom from a none public ca i guess so12:02
CeeMacah, its from a public ca12:03
fnpanicok12:03
CeeMacbut different to the self-gen one created at deploymeny12:03
fnpanicgood to know12:03
fnpanicdifferent means?12:03
CeeMaci saw a bug that might have been related, but it doesn't seem to have gone anywhere12:03
CeeMacas in not the same :)12:03
CeeMacas in i used the override variable to provide a differnet cert12:04
CeeMachaproxy_user_ssl_cert etc12:04
CeeMacmathlin, is it a new deployment? I had a similar issue before12:04
*** udesale has quit IRC12:05
mathlinNew deployment, yes.12:06
*** udesale has joined #openstack-ansible12:06
openstackgerritJonathan Rosser proposed openstack/openstack-ansible-os_cinder master: Ensure cinder-volumes tool packages install correct ceph dependancies  https://review.openstack.org/63611512:06
CeeMacmathlin, are you using vxlan for your tenant network?12:08
*** shyamb has quit IRC12:10
*** shyamb has joined #openstack-ansible12:10
mathlinyes12:12
*** dave-mccowan has joined #openstack-ansible12:12
CeeMacdo you have multicast groups configured on your physical switches, or igmpsnooping enabled?12:13
*** mkuf has joined #openstack-ansible12:13
CeeMacfnpanic, do you get any specific error messages in any logs?  I can't seem to find anything that definitely pinpoints where the problem is12:14
mathlinunsure, need to check that12:15
CeeMacmathlin, i had to enable l2population as I don't have multicast set up on the switches12:15
CeeMacfnpanic, i see a few "ERROR heat-api IOError: write error" but they don't seem to coincide with any attempt to connect to heat12:17
*** markvoelker has joined #openstack-ansible12:21
fnpanicCeeMac: i in the logs that heat gets an ssl verify error when it talks to keystone public endpoint12:27
CeeMacdo you have debug enabled? or is that in the normal logs12:27
CeeMacif your cert is not public ca, do you have the appropriate ca certs installed so the cert chain can be validated?12:28
fnpanicyou can try. open the heat endpoint in a browser12:29
fnpanicwith debug it gives more details but error ist the same SSL verify error12:29
fnpanicyes12:29
fnpanicbut had a talk with jrosser this morning12:29
fnpanicpython does not use the ca-certificates by default12:30
CeeMachmm12:30
CeeMacmy endpoints are listed as http internally, but i cant load the page12:33
fnpanicit uses the extrnal api endpoint as far as i know12:34
CeeMactried that to, no dice12:34
CeeMacno error in logs12:34
*** Emine has joined #openstack-ansible12:35
jrosserhave you done simple debugging with wget/curl from the same container/host to the same endpoint to see if that works?12:39
CeeMacjust noticed a firewall block from my laptop, just opened up port 800012:39
CeeMacif i connect to the :8000/v1 address i get an error about signature not matching aws standard12:40
CeeMacnot sure if that url is supposed to work, or what it should show12:41
jrosseryou can debug ssl issues against any endpoint, like keystone on port 5000, it's the same haproxy for all of them12:42
fnpanic:-)12:42
CeeMacthe cert is working for the dashboard12:43
CeeMacjust when I navigate to Orchestration I get 504 gateway time-out12:44
CeeMacsame if i exectute openstack software cli commands12:44
CeeMacit could be complete coincident its not working after switch cert12:49
CeeMacor not, i can't work it out12:49
CeeMacif i curl from the host using the container IP it returns "versions" info, for both 8000 and 800412:50
CeeMacsame if i use the internal vip12:50
jrossercan you try using python as well?12:51
CeeMacwith guidance, sure12:51
CeeMaci don't python in general12:51
jrossersomething like this, just from the command line in your container http://paste.openstack.org/show/744838/12:52
jrosserobv. put in the url/port you want to test12:52
CeeMacsure :), 1 sec12:53
jrosserit'll either seem to do nothing, or blow up in a pile of SSL errors12:53
*** shyamb has quit IRC12:53
CeeMacImportError: No module named requests12:54
*** markvoelker has quit IRC12:54
jrosseroh...... centos?12:56
CeeMacubuntu12:57
CeeMactried in the container and on the host12:57
jrosserwell look - you've got errors in horizon and with the openstack cli12:57
jrosserit should be reasonable to debug both of those and find errors in logs somewhere12:58
jrosserwithout that this is all guesswork12:58
CeeMacyeah12:58
CeeMacnothing in the logs i've seen so far, that correlates anyway12:58
CeeMaci'll maybe double-check horizon logs and enable debug12:59
jrosserand once you find  roughly where the issue is, trying to hit the same endpoints by hand with either wget/curl or a python hack is the normal approach12:59
CeeMacthe only thing i can see in heat is an odd  IOError: write error, nut not concurrent with timings of tests13:00
CeeMac*but not13:00
CeeMaci'll keep poking it with a stick, thanks13:00
openstackgerritMichael Vollman proposed openstack/openstack-ansible-os_neutron master: Avoid distro installing unused services  https://review.openstack.org/63327713:20
guilhermespchkumar|ruck: did you see this happening with other centos jobs? http://logs.openstack.org/79/635579/3/check/openstack-ansible-functional-centos-7/fb8c54f/logs/ara-report/result/9f277fa7-ee2b-4380-b542-c2b66e0704da/13:42
fnpanicis it save to set pipelining = True for osa?13:42
odyssey4mefnpanic we already do it by default13:43
odyssey4mefnpanic https://github.com/openstack/openstack-ansible/blob/master/scripts/openstack-ansible.rc#L48-L5013:43
chkumar|ruckguilhermesp: it is a known issue, we need to fix vlan stuff on os_nova side13:44
chkumar|ruckguilhermesp: on tempest side, we have fixed with this https://review.openstack.org/#/c/633732/ fixed by jrosser13:44
jrosserwe need to talk with cloudnull about how to fix that centos bridge forwarding properly13:46
jamesdentonvollman submitted a patch here for networkd: https://review.openstack.org/#/c/635929/13:47
jrosseri had a look but they way the netoworks are set up in the tests repo is a bit awkward to slip that extra var in13:47
jamesdentonindeed13:47
jrosseryes i stared for too long at how that pile of jinja creates the networks data structure, and it just made my head hurt13:48
jamesdentonlol i was headed down that path right now. slowly backing away13:48
fnpanicodyssey4me: thanks13:49
vollmanjrosser: I was thinking this perhaps.  https://github.com/mvollman/openstack-ansible-tests/commit/9d74b3dfb847d91ccb3b5828507dcaff7bda2f63#diff-5abaef8c358fed2100bf9007e4556c7a13:49
*** mgariepy has joined #openstack-ansible13:51
mnasercould i get eyes on https://review.openstack.org/#/c/634991/ again :<13:51
vollmanstatically setting ipforward: true for all test bridges13:51
fnpanicthen it is strange that osa takes ages13:51
*** markvoelker has joined #openstack-ansible13:52
odyssey4mefnpanic ansible is slow, and we have *a lot* of tasks13:54
fnpanici know but more then 4 hours?13:54
odyssey4mefnpanic if you can find ways to optimise what we're doing, then please do submit patches / bug reposrts with recommendations13:54
fnpanicfor 3 controllers, 4 computes and 3 storage nodes?13:55
fnpanicthe controllers have /var on ssd13:55
odyssey4meyeah, most of the work is on the control plane - that's where time is taken, the work from then on is much quicker13:55
openstackgerritMerged openstack/openstack-ansible-nspawn_container_create master: Trivial: Fix the pep8 warning  https://review.openstack.org/61652713:55
fnpanicodyssey4me: i will take a deeper look were the time is lost and hope we can improve it13:57
*** bgmccollum has quit IRC13:57
*** bgmccollum has joined #openstack-ansible13:58
odyssey4mefnpanic FYI, the repo build process is one of those areas - I'm doing work in Stein to resolve that.14:04
*** aludwar has joined #openstack-ansible14:06
jrosserjamesdenton: i think the decision is either to set that forward flag everywhere using the tests repo, brute force14:06
jamesdentonpath of least resistance14:07
jrosseror to set it selectively in the roles just on br-mgmt <- but idk how to make that work in the test repo code14:07
jamesdentonIt's br-vlan, correct?14:07
jrosseroh sorry yes14:07
jamesdentonk14:07
vollmanjrosser jamesdenton Ubuntu is defaulting forwarding=1 for all bridges so the brute force approach should be a noop14:09
*** bgmccollum has quit IRC14:10
jamesdentonvollman are the neutron tests passing for you with a distro install?14:23
vollmanneutron or nova?14:23
*** ArchiFleKs has quit IRC14:23
*** partlycloudy has quit IRC14:23
*** asettle has joined #openstack-ansible14:24
*** markvoelker has quit IRC14:24
jamesdentonneutron14:25
vollmanjamesdenton: Yea.  all of the voting gate jobs passed on an os_neutron changeset last week14:26
vollmanI just pushed another patch and the gates are running again now. should have fresh results in an hour or less14:27
jamesdentonyeah, i saw that. locally, i see that after it creates the router it tries to ping the qg interface, but all networks are 'vxlan' and there's no way to get there from the host. Just curious what it might have looked like for you14:28
jamesdentonthis is related more to the distro patch than the ipforward thing.14:28
*** ArchiFleKs has joined #openstack-ansible14:29
jamesdentonmay be a difference in the way i ran it compared to gate. running again14:30
vollmanjamesdenton: I haven't manually run the neutron gate for this patch. I tested it with an integrated test and when that passed I let the gate run the neutron specific testing14:32
openstackgerritMerged openstack/openstack-ansible-nspawn_container_create master: Fix the misspelling of "container"  https://review.openstack.org/63264414:33
jrossercores: bionic/ceph is broken due to cinder package install trouble, slightly ugly fix in https://review.openstack.org/#/c/636115/ validated with a depends-on here https://review.openstack.org/#/c/636035/14:41
jrosser^ everything is blocked on master right now due to that14:42
*** bgmccollum has joined #openstack-ansible14:44
odyssey4mejrosser does that block rocky too?14:44
jrosserodyssey4me: no, it looks like only master14:46
odyssey4meok, thankfully14:46
* jrosser thinks about why that is, though.......14:46
chkumar|ruckodyssey4me: Hello14:47
odyssey4meI guess the re-ordering we've done in the installs is affecting things14:47
jrosseralso rocky may still be installing luminous, but i'd only expect that to do the same/worse14:47
chkumar|ruckodyssey4me: need some help on http://logs.openstack.org/18/635518/5/check/openstack-ansible-functional-centos-7/aafb1d0/logs/ara-report/result/3b431320-b515-4e81-a763-da4167e217ed/ mpi4py issue14:48
odyssey4mechkumar|ruck right, the missing deps - did you push a patch to change deps?14:48
odyssey4meor are these deps only for tempest plugins, perhaps?14:48
chkumar|ruckodyssey4me: sorry did not get change-deps part?14:49
odyssey4mechkumar|ruck well, there are missing distro packages to make those installs work - last we chatted I thought you were going to figure out which they were and do a patch to add them14:49
chkumar|ruckodyssey4me: for missing distro packages14:49
dmsimardI'm trying to get networking to work the way I want to in an AIO I set up last weekend and I'm not 100% sure I understand what is meant to be used where14:49
chkumar|ruckodyssey4me: https://review.openstack.org/#/c/635518/ i have added it here14:50
chkumar|ruckodyssey4me: or i need to put patches at some other place?14:50
dmsimardAt the switch/firewall level, I have vlans 10, 20 and 30 set up and my network interfaces are similar to https://docs.openstack.org/openstack-ansible/latest/user/ceph/full-deploy.html#host-network-configuration14:51
dmsimardIt would be pretty convenient if I could put everything on the same bond so I tried to do that but could get an instance to ping -- although I did see pings when doing a tcpdump on the bridge interface14:51
odyssey4mechkumar|ruck hmm, ok - I'll need to spend some time looking through what's going on there then if that's failing... I'm tied up with other work now, but will try to look at it in 2-3 hours.14:52
jamesdentondmsimard Single bond is usually not an issue. The br-vlan bridge would need to have bond0 in it, in that case.14:54
dmsimardjamesdenton: yeah but I'm a bit confused as to what is meant to be routable or not14:54
dmsimardfor example, should I be able to have a external network for 172.29.240.0/22 ? do I need to create a tenant network and set up a router between the two ?14:55
dmsimardI guess I'm confusing the vxlan and vlan networks14:56
jamesdentonThe example assumes that VLAN 10 (mgmt) will be the primary interface of the node itself, with the default gateway off that interface. VLAN 20 and VLAN 30 are not usually routable. The br-vlan bridge connects to bond0 (untagged), and you would build out tagged provider networks with Neutron API. That provider network would need to have some kind of physical gateway (ie. router/firewall)14:56
dmsimardthe "public" IPs for the VMs are meant to be on the vxlan subnet ?14:56
dmsimardyeah vlan 10 and mgmt is no issue, that works perfectly14:57
jamesdentonYou can put VMs on that provider network, in which case they'd be right on the VLAN. Or, you build out tenant networks (may be vxlan by default), in which case you'd need a neutron router in the middle (one end connected to provider net, the other to tenant net)14:57
jamesdentonThe IP configured on a VM is referred to as a 'fixed IP'. That would NOT be directly accessible if vxlan network type is used14:57
dmsimardjamesdenton: fwiw I'm pretty familiar with openstack, just my first time really trying OSA :p14:58
mgariepycan i have a final nudge on : https://review.openstack.org/#/c/632907/ and https://review.openstack.org/#/c/632908/ please :D14:58
jamesdentonSo you create the router, plugin to both nets, create a floating IP and associate with the fixed IP, and bob's your uncle14:58
jamesdentonok cool - sorry for the remediation then14:59
jamesdentonSo in the example, 172.29.240.0/22 is the network used for VTEPs only. Not routable.15:01
dmsimardI think I may have seen that tempest uses 172.29.248.0/22 for the "public" subnet15:02
jamesdentonbr-vxlan in OSA is just a consistent placeholder for vtep addrs. And when neutron agents are deployed in containers on the infra nodes, the container connects to br-vxlan via a veth pair. There's an interface inside the container, eth10 i think, that would have the vtep addr on it.15:02
jamesdentonI could be wrong, but i think tempest sets up 10.1.3.0/2415:07
jrosserwell role tests vs AIO vs whatever-you-want-in-your-lab may be a factor here15:08
dmsimardjamesdenton: found it here: http://git.openstack.org/cgit/openstack/openstack-ansible/tree/tests/roles/bootstrap-host/templates/user_variables.aio.yml.j2#n2815:08
jrosserdoesnt AIO set up all sorts of NAT for the "public" network, that might not be needed15:09
jamesdentonoh, right on15:09
dmsimardcodesearch.openstack is my best friend :)15:09
openstackgerritDavid Moreau Simard proposed openstack/openstack-ansible master: Remove an extra comment about Tempest settings  https://review.openstack.org/63614815:11
openstackgerritMichael Vollman proposed openstack/ansible-role-systemd_networkd master: Add ipforward option to configure IPForward  https://review.openstack.org/63592915:13
dmsimardjrosser: something that is confusing -- and I haven't had the time to look it up yet is that it sets up a bunch of stuff in /etc/systemd/network which might conflict with stuff from /etc/network/interfaces15:13
*** TxGirlGeek has joined #openstack-ansible15:13
dmsimardI had to take the br-vxlan and br-vlan stuff out of there15:14
jamesdentonYou were having issues with an AIO as-is?15:19
*** markvoelker has joined #openstack-ansible15:22
cloudnullmornings15:22
jrossero/ cloudnull15:24
jrossercloudnull: question about this https://github.com/openstack/openstack-ansible-ops/blob/master/overlay-inventories/osa-integration-inventory.yml#L12315:24
jrosserthat quite likley ends up with log1 already in log_hosts in a lot of deploys15:25
jrosserthen the log1 host gets a ton of elk installed all over it15:25
dmsimardjamesdenton: it was a bumpy ride but I'm almost there15:25
jamesdentonWhich OS?15:26
dmsimardubuntu 18.04 with the latest rocky checkout15:26
dmsimardmy problems started even before OSA though, the ubuntu server image ships with netplan which is kind of bad15:27
jrosserdmsimard: on 18.04 /etc/network/interfaces doesnt do anything unless you install ifupdown15:27
dmsimardyup15:27
jamesdentonnetplan, that's all you had to say15:27
dmsimardI purged netplan and went ifupdown15:27
jrosserremember that an AIO does a bunch of stuff you might not want, like preparing the host in a particular way15:28
dmsimardI think my main complaint was around ssl (or lack thereof)15:29
dmsimardthe defaults with aio aren't sufficient to provide something that works out of the box15:29
dmsimardthis is what I have right now but I sort of lost track if they are really relevant with the trials/errors that I did http://paste.openstack.org/raw/744849/15:31
*** TxGirlGeek has quit IRC15:33
dmsimardI'm probably going to end up re-deploying in a single go once I figure everything out15:34
jamesdentonjrosser i think this could be breaking some builds: https://review.openstack.org/#/c/633883/15:34
jrosserjamesdenton: that is quite possible15:36
jrosserdo you have an example?15:36
jamesdentonhttps://review.openstack.org/#/c/633277/15:37
jamesdentonAnd locally having the same failures15:37
jamesdentoni just rechecked that, so those logs may disappear15:37
chkumar|ruckodyssey4me: sure15:38
jrosserjamesdenton: so, further on in that test would we expect it to create a VM and try to ssh to it, like the nova tests?15:39
jamesdentonNot from what i've seen. At that point it is just trying to ping the qg interface of the router15:39
jamesdentonlocally, both networks (public and private) appear to be 'vxlan' type, which is likely the issue15:39
openstackgerritChandan Kumar proposed openstack/openstack-ansible-os_heat master: Fixed the egg name of heat to openstack_heat  https://review.openstack.org/63551815:45
jamesdentonactually - i retract that. let me dig a little. the qg interface is built in the namespace, but there's no bridge setup for it15:47
jamesdentonand the external net IS flat. I just saw two vxlan interfaces, for private and HA.15:47
chkumar|ruckodyssey4me: actually packages were not getting installed15:47
chkumar|ruckmight be because of comments I have given, updated it again15:48
*** gkadam has quit IRC15:49
jamesdentonjrosser This may be related to the distro patch itself. Ignore me for now.15:49
openstackgerritMerged openstack/ansible-role-systemd_networkd master: Add ipforward option to configure IPForward  https://review.openstack.org/63592915:49
*** spatel has joined #openstack-ansible15:51
dmsimardjamesdenton, jrosser: IT'S ALIVE! \o/15:54
jamesdentonnice job :D15:54
openstackgerritMichael Vollman proposed openstack/openstack-ansible-tests master: Ensure ipforward is set on all test bridges  https://review.openstack.org/63616215:54
dmsimardI ended up creating a vlan tagged network for the public network, easier to manage from my network gear15:55
dmsimardno floating ips or routers15:55
jamesdentoneasy peasy15:55
*** markvoelker has quit IRC15:56
dmsimardnow I even get to see the real mac addresses and hosts in my ubiquiti dashboard :p15:58
vollmanjamesdenton: i'm seeing the same thing in the neutron gate on master. no route from localhost to the namespace to ping the gateway16:05
*** electrofelix has quit IRC16:05
jamesdentonvollman The bridge for the external network doesn't appear to be setup.16:06
vollmanYea only br-mgmt is configured16:07
jamesdentonyep. may wanna poke at it. If you run it locally, you can run 'toxenvs=docs,linters,functional; tox -e distro_install'. May be easier/faster than trying to gate it16:08
*** macza has joined #openstack-ansible16:08
jamesdentonJust be aware that there are some bugs that may keep you from easily repeating the test when it fails16:09
*** macza has joined #openstack-ansible16:09
*** udesale has quit IRC16:15
*** TxGirlGeek has joined #openstack-ansible16:16
*** Emine has quit IRC16:21
*** chkumar|ruck is now known as chandankumar16:24
openstackgerritMerged openstack/openstack-ansible-os_cinder master: Ensure cinder-volumes tool packages install correct ceph dependancies  https://review.openstack.org/63611516:27
odyssey4mecloudnull https://review.openstack.org/#/c/636036/1/inventory/group_vars/all/all.yml :) nice - although perhaps that could just go into the venv build role itself?16:30
*** spatel has quit IRC16:34
openstackgerritJesse Pretorius (odyssey4me) proposed openstack/openstack-ansible-plugins master: Remove the config_template module  https://review.openstack.org/63583816:44
openstackgerritJesse Pretorius (odyssey4me) proposed openstack/openstack-ansible-os_glance master: [TEST] Role test with config_template repo  https://review.openstack.org/63617116:46
*** dmsimard6 has joined #openstack-ansible16:48
*** dmsimard has quit IRC16:51
*** dmsimard6 is now known as dmsimard16:51
*** markvoelker has joined #openstack-ansible16:52
cloudnullodyssey4me sure I can go add that to the venv build role itself17:03
cloudnullits testing well enough on the home lab which is ubuntu, opensuse, centos17:04
odyssey4mecloudnull excellent, I was hoping that someone would figure out a way to make that work - as I understand it, it'll use a same-distro repo server if one is available, but use the target host if not... that way we no longer need to mix up the control plane any more?17:05
odyssey4mecloudnull I think the only missing part now would be to make the repo servers sync their data between each other dynamically, rather than it being a one way sync from the first one.17:06
cloudnullyes that's the hope. I was having issues with the lsync things with master so i ended up disabling it. now builds just points at the appropriate repo server for the os family .17:07
cloudnullhaving just thought about it, I guess it would be good to add cpu arch to that tag as well17:08
cloudnullto ensure it would work with arm / power17:08
odyssey4mecloudnull yes, that'd be important17:08
cloudnullI'll abandon that patch and go make one for the python_venv  role17:08
odyssey4mecloudnull I know what I need to do to further the work - I'll be working on it on Friday again. I'm fairly certain we'll be able to ditch repo-build quite soon.17:08
cloudnullsweet!17:09
odyssey4meHowever, if you can come up with a way to handle that sync better for the repo servers, then I look forward to seeing a patch.17:10
cloudnullI had to disable it17:10
cloudnullI worked on it a bit, cent and suse configs were so wildly different I found that it was better to simply turn it off17:11
odyssey4meUgh. Maybe there's some other mechanism we can use instead.17:11
cloudnullNFS?17:11
* cloudnull ^ not trolling 17:12
odyssey4meYeah - a common file system source would work just fine - with some sort of backup and failover if a repo server goes down.17:12
cloudnulllike enable if there's a shared storage backend available (ceph/nfs)17:12
odyssey4meI'd rather avoid DRBD if we can help it.17:12
*** sdake has quit IRC17:12
cloudnull++17:13
cloudnullgluster FTW!17:13
* cloudnull ^ is trolling 17:13
odyssey4me:troll:17:13
*** sdake has joined #openstack-ansible17:16
openstackgerritMichael Vollman proposed openstack/openstack-ansible-os_neutron master: Add br-vlan and br-vxlan bridges to gates  https://review.openstack.org/63617917:24
*** gyee has joined #openstack-ansible17:24
chandankumarodyssey4me: my review does not worked on os_heat, I am doing something wrong there17:24
*** markvoelker has quit IRC17:24
openstackgerritJesse Pretorius (odyssey4me) proposed openstack/openstack-ansible master: Use the config_template module from the dedicated repo  https://review.openstack.org/63618217:32
openstackgerritJesse Pretorius (odyssey4me) proposed openstack/openstack-ansible master: Use the config_template module from the dedicated repo  https://review.openstack.org/63618217:33
odyssey4mechandankumar ok, unfortunately I'm not able to look at it now - but will do so in the morning first thing17:34
guilhermespdoes someone have seen this happening across metal jobs? http://logs.openstack.org/32/634032/2/check/openstack-ansible-deploy-aio_metal_heat-centos-7/ada9736/logs/ara-report/result/cad94618-c912-470b-88ef-6b1709380f32/17:35
guilhermesphttps://review.openstack.org/#/c/634032/17:35
chandankumarguilhermesp: yes we are fixing here https://review.openstack.org/63551817:37
chandankumarguilhermesp: it is also blocked on mpi4py stuff17:37
chandankumarwhich is not working for me17:38
chandankumarguilhermesp: feel free to take a look17:38
guilhermespnice thanks chandankumar17:38
* guilhermesp looking17:38
jrosseri've seen this a couple of times for upgrades, git fails to checkout gnocchi at the specified SHA http://paste.openstack.org/show/744876/17:39
jrosseranyone else seen that? adjusting the SHA forward/back by a commit usually makes it work17:39
jrosser["fatal: reference is not a tree: 1e506094949d68b452d044941c0d6f85ef997b9e"]17:40
odyssey4mejrosser yeah, I've seen that once in a while too - not consistently - the solution always seems to be to initiative a git fetch or replace the repo clone17:40
jrosserah, so on the repo server delete it and rerun17:41
odyssey4mejrosser yeah17:41
dmsimardHmm, I think the last remaining thing to get to work are cinder volumes. Horizon is failing to retrieve the volume list due to self-signed ssl cert but OPENSTACK_SSL_NO_VERIFY is properly set to true in /etc/horizon/local_settings.py17:41
*** macza has quit IRC17:42
*** macza_ has joined #openstack-ansible17:42
jrosserand similarly the repo build is blowing up on molterniron which is probably legacy17:42
jrosseri need to dig into why it still thinks it needs to fetch that for rocky17:42
*** DanyC has quit IRC17:42
*** shardy has quit IRC17:43
guilhermespchandankumar: https://review.openstack.org/#/c/635518/ I think you need to address mnaser 's commnet17:44
dmsimardodyssey4me, cloudnull: I've been meaning to try syncthing for synchronizing data between hosts :)17:45
dmsimardprobably overkill for your repo server though17:46
chandankumarguilhermesp: updated it not working check patchset 217:48
openstackgerritKevin Carter (cloudnull) proposed openstack/ansible-role-python_venv_build master: Add venv build target hosts data structure  https://review.openstack.org/63619217:51
cloudnullodyssey4me ^17:51
odyssey4methanks cloudnull17:52
odyssey4meI'll peek at it in the morning. I take it that you've validated that it's working in your test lab?17:52
openstackgerritMichael Vollman proposed openstack/openstack-ansible-os_cinder master: Avoid distro installing unused services  https://review.openstack.org/63327617:53
cloudnullI had the other one working in my test env, I've not specifically tested that PR in my local lab (is at the office where I dont have access )17:54
cloudnullodyssey4me with that PR we should be able to simply point the pip config ( https://review.openstack.org/#/c/620339 ) at the build target ?17:54
odyssey4mecloudnull I had https://review.openstack.org/#/c/620340/ working with https://review.openstack.org/#/c/620339/ and https://review.openstack.org/#/c/620331/ - but on friday I'm going to tweak it up to be a little better... with that, no pip.conf is needed any more at all17:56
cloudnullcool!17:57
odyssey4methe basic plan will be to push up the AIO roles in a working state for role tests, and when we're there I'll just remove all pip.conf config from the integrated repo entirely17:57
odyssey4meWe'll also be able to remove pypiserver, because it's not needed - we use find-links instead, because anything from a found link is preferred above an index17:57
openstackgerritKevin Carter (cloudnull) proposed openstack/openstack-ansible-os_keystone master: Fix multi-OS support  https://review.openstack.org/63603917:58
cloudnull^ anyone want to give that a nudge :)17:58
odyssey4meOnce that's all done, we can radically simplify the venv build role again to remove all the funky paths and things which are on the repo server right now... and the repo server can just have a flat folder for all wheels17:58
cloudnullalso - https://review.openstack.org/#/c/635997 - I'd greatly appreciate a review there too18:00
cloudnull-cc mnaser18:00
odyssey4meI'm out for the night - chat again tomorrow.18:00
cloudnulltake care odyssey4me18:00
cloudnullhave a good one18:00
*** sdake has quit IRC18:01
*** sdake has joined #openstack-ansible18:03
*** DanyC has joined #openstack-ansible18:11
*** kopecmartin is now known as kopecmartin|off18:12
*** DanyC has quit IRC18:16
*** markvoelker has joined #openstack-ansible18:21
openstackgerritKevin Carter (cloudnull) proposed openstack/openstack-ansible-ops master: Update overlay inventory to resovle circular dep  https://review.openstack.org/63620418:25
*** sdake has quit IRC18:27
*** sdake has joined #openstack-ansible18:30
*** sdake has quit IRC18:32
openstackgerritMerged openstack/openstack-ansible master: Fix typo btrfs -> zfs  https://review.openstack.org/63603518:32
openstackgerritMerged openstack/openstack-ansible stable/pike: Bump SHAs for stable/pike  https://review.openstack.org/63600518:32
openstackgerritMerged openstack/openstack-ansible stable/queens: Bump SHAs for stable/queens  https://review.openstack.org/63600418:32
*** chhagarw has quit IRC18:41
openstackgerritMerged openstack/openstack-ansible stable/rocky: Bump SHAs for stable/rocky  https://review.openstack.org/63600318:43
openstackgerritJames Denton proposed openstack/openstack-ansible master: [docs] Apply provider network config on per-group basis  https://review.openstack.org/63501318:51
*** openstackgerrit has quit IRC18:51
*** markvoelker has quit IRC18:55
*** sdake has joined #openstack-ansible18:56
cjloaderin master i'm seeing this error  Could not find a version that satisfies the requirement heat (from versions: )\nNo matching distribution found for heat", "stderr_lines": ["  Could not find a version that satisfies the requirement heat (from versions: )", "No matching distribution found for heat"18:57
cjloaderTASK [python_venv_build : Upgrade the wheel build virtualenv pip/setuptools/wheel to the versions we want]18:58
cjloaderon heat api container18:59
*** sdake has quit IRC19:09
*** openstackgerrit has joined #openstack-ansible19:20
openstackgerritGuilherme  Steinmuller Pimentel proposed openstack/openstack-ansible-os_heat master: Fixed the egg name of heat to openstack_heat  https://review.openstack.org/63551819:20
cjloaderhttps://review.openstack.org/#/c/635518/ should fix my above issue19:34
*** aedc has quit IRC19:39
*** gyee has quit IRC19:52
*** markvoelker has joined #openstack-ansible19:52
openstackgerritJames Denton proposed openstack/openstack-ansible master: [docs] Apply provider network config on per-group basis  https://review.openstack.org/63501319:53
jamesdentonsorry cloudnull - one more time19:53
cloudnulldone :)19:54
guilhermespchandankumar: we have some progress https://review.openstack.org/#/c/635518/19:57
*** gyee has joined #openstack-ansible20:00
openstackgerritMichael Vollman proposed openstack/openstack-ansible-os_tempest master: Add option to disable router ping  https://review.openstack.org/63621120:12
*** markvoelker has quit IRC20:24
openstackgerritMerged openstack/openstack-ansible master: [docs] Apply provider network config on per-group basis  https://review.openstack.org/63501320:39
*** marst has joined #openstack-ansible20:41
*** asettle has quit IRC20:50
cloudnulljamesdenton nice!20:59
jamesdentonwee21:00
*** markvoelker has joined #openstack-ansible21:22
*** hwoarang has quit IRC21:32
*** hwoarang has joined #openstack-ansible21:34
*** DanyC has joined #openstack-ansible21:52
*** markvoelker has quit IRC21:55
*** ArchiFleKs has quit IRC21:59
*** ArchiFleKs has joined #openstack-ansible22:05
*** sdake has joined #openstack-ansible22:19
*** markvoelker has joined #openstack-ansible22:20
*** sdake has quit IRC22:51
*** sdake has joined #openstack-ansible22:54
*** sdake has quit IRC22:59
*** sdake has joined #openstack-ansible23:07
*** macza_ has quit IRC23:22
*** macza has joined #openstack-ansible23:26
*** marst has quit IRC23:29
*** sdake has quit IRC23:31
*** ironfoot_ has joined #openstack-ansible23:40
*** hwoarang_ has joined #openstack-ansible23:40
*** hwoarang has quit IRC23:46
*** mhayden has quit IRC23:46
*** mrhillsman has quit IRC23:46
*** ironfoot has quit IRC23:46
*** preece has quit IRC23:46
*** yetiszaf has quit IRC23:46
*** FrankZhang has quit IRC23:46
*** fyx has quit IRC23:46
*** Nick_A has quit IRC23:46
*** macza has quit IRC23:53
« Sunday, 2019-02-10 Index Tuesday, 2019-02-12 »

Generated by irclog2html.py 2.15.3 by Marius Gedminas - find it at mg.pov.lt!