Tuesday, 2019-05-21

*** joshualyle has joined #openstack-ansible		00:05
joshualyle	anyone have any idea why the playbook for the utility container would turn up "No file was found when using with_first_found" for "pip_install : Gather variables for each operating system" ?	00:05
joshualyle	it only does this on os-tempest and I don't have any tempest hosts defined	00:06
joshualyle	I honestly do not understand. I don't have tempest hosts defined. Why is OSA even trying to look inside of os-tempest if [u'(tempest_install \| default(False)) \| bool or (tempest_run \| default(False)) \| bool'] is false?	00:07
joshualyle	well running ansible all -m setup seemed to fix it? Idk what it was seeing as the OS before because it wasn't matching any of the include_vars ymls from pip_install but now it is? I have no idea what has changed	00:13
openstackgerrit	Merged openstack/openstack-ansible-os_swift master: Updated from OpenStack Ansible Tests https://review.opendev.org/658039	00:14
*** sreejithp has joined #openstack-ansible		00:18
*** sreejithp has quit IRC		00:32
snadge	so i figure.. i'll try the 19 rc1 tag.. and now I get an error systemd_service create temp run dir	00:34
snadge	"'dict object' has no attribute 'interface'"	00:34
snadge	back to trying the lastest branch master then i guess	00:36
*** markvoelker has joined #openstack-ansible		00:41
*** markvoelker has quit IRC		00:45
snadge	it would help if i knew how to use git.. i want to track remotes/origin/stable/stein	00:49
snadge	so git checkout remotes/origin/stable/stein ?	00:49
snadge	can just omit the remotes/origin it seems	00:53
openstackgerrit	Logan V proposed openstack/openstack-ansible stable/queens: Bump etcd role to v3 capable SHA https://review.opendev.org/659868	00:57
openstackgerrit	Logan V proposed openstack/openstack-ansible stable/queens: Zuul: Simplify the integrated test playbooks https://review.opendev.org/660224	00:57
openstackgerrit	Logan V proposed openstack/openstack-ansible stable/queens: Add Calico networking AIO scenario https://review.opendev.org/659869	00:57
snadge	i got the same error above systemd_service create temp run dir "'dict object' has no attribute 'interface'"	01:25
snadge	running scripts/bootstrap-aio.sh allowed it to progress past that and finish.. im not sure if running it twice is going to create other problems like duplicate configurations etc	01:26
openstackgerrit	Merged openstack/openstack-ansible stable/rocky: Bump etcd role to v3 capable SHA https://review.opendev.org/659713	01:29
*** hwoarang has quit IRC		02:04
*** hwoarang has joined #openstack-ansible		02:05
*** sreejithp has joined #openstack-ansible		02:13
*** sreejithp_ has joined #openstack-ansible		02:15
*** nicolasbock has quit IRC		02:16
*** sreejithp has quit IRC		02:19
*** joshualyle has quit IRC		02:38
*** joshualyle has joined #openstack-ansible		02:39
*** ckonstanski has joined #openstack-ansible		03:41
*** udesale has joined #openstack-ansible		03:47
*** yolanda_ has quit IRC		03:49
openstackgerrit	tonybrad proposed openstack/ansible-hardening master: Update requiment source https://review.opendev.org/657324	03:50
openstackgerrit	tonybrad proposed openstack/openstack-ansible-os_cloudkitty master: Change git to opendev https://review.opendev.org/657202	03:51
*** sreejithp_ has quit IRC		04:03
*** zerick has quit IRC		04:03
*** zerick has joined #openstack-ansible		04:04
openstackgerrit	Logan V proposed openstack/openstack-ansible stable/queens: Add Calico networking AIO scenario https://review.opendev.org/659869	04:54
*** pcaruana has joined #openstack-ansible		05:02
snadge	an AIO build should start horizon right? .. not sure why i can't log in	05:03
snadge	that part seems to be missing from the quickstart guide	05:03
*** raukadah is now known as chandankumar		05:06
*** pcaruana has quit IRC		05:11
snadge	ahh okay ansible has chosen the wrong interface to bind to .. which is probably configurable etc	05:15
mcarden	deploy-guide/source/verify-operation.rst	05:16
snadge	im tempted to just reorder the network interface.. ie.. host first then nat.. and presumably it just picks the first one :P	05:17
mcarden	Anyway, yes. A successful AIO build should let you log in to Horizon and clicky clicky on things.	05:18
snadge	yeah i just need to change external_lb_vip_address in openstack_user_config.yml	05:19
snadge	except im not sure which command to run to propagate that setting to the places it needs to go	05:20
mcarden	Heh. Back when I used to deploy AIOs all the time, I only ever fixed a missed config by nuking from orbit and rolling the dice again.	05:22
snadge	thats what im doing yeah.. i saved a snapshot immediately prior to its deployment for that reason	05:25
snadge	super handy	05:25
*** ivve has quit IRC		05:34
*** radeks_ has joined #openstack-ansible		05:36
*** udesale has quit IRC		05:44
*** udesale has joined #openstack-ansible		05:44
*** miloa has joined #openstack-ansible		06:02
miloa	Morning	06:02
jrosser	snadge: in theory just the haproxy playbook for the external vip, but beware that all of the services put entries in the keystone catalogue for their endpoints, so unfortunately that is something that really needs to be right from the outset	06:05
jrosser	So it’s either re-run haproxy + setup_openstack, or rewind to a snapshot and go again	06:07
*** cshen has joined #openstack-ansible		06:32
*** markvoelker has joined #openstack-ansible		06:36
*** ivve has joined #openstack-ansible		06:43
*** starborn has joined #openstack-ansible		06:47
openstackgerrit	Jean-Philippe Evrard proposed openstack/openstack-ansible-os_masakari master: Add integrated coverage for metal jobs https://review.opendev.org/660260	06:50
openstackgerrit	Jean-Philippe Evrard proposed openstack/openstack-ansible-os_masakari master: Use the dynamic aio scenario https://review.opendev.org/658445	06:52
*** luksky has joined #openstack-ansible		07:00
openstackgerrit	Dirk Mueller proposed openstack/openstack-ansible-galera_server master: Update package list for openSUSE Leap 15.0 https://review.opendev.org/660204	07:00
openstackgerrit	Dirk Mueller proposed openstack/openstack-ansible-galera_server master: Switch to openSUSE Leap 15 for functional testing https://review.opendev.org/660208	07:00
*** sreejithp has joined #openstack-ansible		07:03
*** trident has quit IRC		07:03
*** trident has joined #openstack-ansible		07:05
*** sreejithp has quit IRC		07:07
*** markvoelker has quit IRC		07:09
*** kopecmartin\|off is now known as kopecmartin		07:12
openstackgerrit	Jean-Philippe Evrard proposed openstack/openstack-ansible-os_mistral master: Use the dynamic aio scenario https://review.opendev.org/658448	07:15
openstackgerrit	Jean-Philippe Evrard proposed openstack/openstack-ansible-os_mistral master: Use the dynamic aio scenario https://review.opendev.org/658448	07:15
openstackgerrit	Jean-Philippe Evrard proposed openstack/openstack-ansible-os_mistral master: Add meta to mistral https://review.opendev.org/660265	07:21
*** pcaruana has joined #openstack-ansible		07:21
openstackgerrit	Chandan Kumar (raukadah) proposed openstack/openstack-ansible-lxc_hosts master: Install python-httplib2 on lxc-hosts from epel repo https://review.opendev.org/660266	07:21
openstackgerrit	Chandan Kumar (raukadah) proposed openstack/openstack-ansible-os_tempest master: Update openstack.org -> opendev.org https://review.opendev.org/654942	07:22
evrardjp	chandankumar: where is this python-httplib2 package used?	07:23
evrardjp	is it only in tempest?	07:23
evrardjp	I haven't seen the failure	07:23
chandankumar	evrardjp: http://codesearch.openstack.org/?q=python-httplib2&i=nope&files=.yml&repos=	07:24
chandankumar	evrardjp: http://logs.openstack.org/42/654942/8/check/openstack-ansible-functional-tempestconf-centos-7/72d4677/job-output.txt.gz#_2019-05-20_11_54_42_638097	07:24
chandankumar	evrardjp: yesterday I was discussing with logan- about the same, from #rdo folks appears centos extra repos are getting disabled at some places	07:25
chandankumar	which I donot know where it is so, we added this package to lxc host	07:25
chandankumar	as it is needed for os_neutron	07:25
* chandankumar is not sure it is the correct fix		07:25
evrardjp	let me check	07:26
evrardjp	reviewed	07:34
*** udesale has quit IRC		07:35
*** udesale has joined #openstack-ansible		07:36
*** pcaruana has quit IRC		07:39
openstackgerrit	Chandan Kumar (raukadah) proposed openstack/openstack-ansible-os_tempest master: Update openstack.org -> opendev.org https://review.opendev.org/654942	07:39
*** tosky has joined #openstack-ansible		07:41
jrosser	chandankumar: more interesting question is if python-httplib2 is actually required at all, being in the -devel package list is saying it is a requirement for building python wheels	07:43
evrardjp	jrosser: I suppose it tries to install it but fails to find the package	07:44
evrardjp	for the neutron role, as python-httplib2 is listed there	07:44
evrardjp	but I suppose you meant: "Is it really required?"	07:44
chandankumar	evrardjp: jrosser let me remove and see what happens	07:44
evrardjp	not really sure what you meant :)	07:45
jrosser	well here https://github.com/openstack/openstack-ansible-os_neutron/blob/master/vars/redhat-7.yml#L52	07:45
evrardjp	chandankumar: do that in a separate commit, I think https://review.opendev.org/#/c/654942/ is fine	07:45
jrosser	the -devel packages things needed for the venv build, rather than runtime	07:45
evrardjp	jrosser: yes precisely... you mean you want to remove it from the list to see what happens?	07:45
jrosser	yeah, it just seems a bit of an odd requirement	07:45
jrosser	and if it turns out to be required, we should add a comment as to why	07:46
evrardjp	I thought it was because those roles sometimes need to build with external things	07:46
evrardjp	neutron plugins, nova plugins/consoles	07:46
evrardjp	which could require this for building said things	07:46
jrosser	could be	07:46
evrardjp	if we could get hold of odyssey4me to ask why it was there, he probably remembers the context of why this was in the list for the building	07:47
evrardjp	we can then add it as comment	07:47
openstackgerrit	Jean-Philippe Evrard proposed openstack/openstack-ansible-os_neutron master: Clarify supported SUSE versions https://review.opendev.org/660270	07:51
cshen	Hi guys, I noticed that in openstack-ansible, there arey some *-em tags, like ocata-em, pike-em. Does that mean, ocata and pike are still supported?	07:55
openstackgerrit	Jean-Philippe Evrard proposed openstack/openstack-ansible-os_monasca-agent master: Fix monasca agent for leap 15 https://review.opendev.org/660272	07:56
openstackgerrit	Jean-Philippe Evrard proposed openstack/openstack-ansible-os_nova master: Clarify supported SUSE versions https://review.opendev.org/660273	07:58
evrardjp	cshen: they are not "supported"	07:58
evrardjp	cshen: they are under "extended maintenance"	07:58
evrardjp	which means no guarantees, probably no gating, just community efforts	07:59
cshen	evrardjp: Ok, thanks. Because ocata-em got its last commit about 1 month ago. I misunderstood it's still supported. Now I got it.	08:00
evrardjp	cshen: https://docs.openstack.org/project-team-guide/stable-branches.html#maintenance-phases	08:00
evrardjp	basically dying, and nobody cares.	08:00
cshen	Fine.	08:00
evrardjp	if you care, then don't hesitate to submit patches :)	08:00
*** hamzaachi has joined #openstack-ansible		08:00
evrardjp	cshen: you had somehting in mind?	08:01
cshen	No, it's already solved in the *-em tag. So I have nothing to commit yet.	08:01
*** markvoelker has joined #openstack-ansible		08:06
*** luksky has quit IRC		08:11
openstackgerrit	Jean-Philippe Evrard proposed openstack/openstack-ansible-os_octavia master: Add integrated coverage https://review.opendev.org/660276	08:11
openstackgerrit	Jean-Philippe Evrard proposed openstack/openstack-ansible-os_panko master: Clarify supported OS versions https://review.opendev.org/660181	08:13
evrardjp	jrosser: if you could give this one a nudge that would be appreciated: https://review.opendev.org/#/c/660182/1	08:15
jrosser	done	08:15
evrardjp	thanks!	08:16
jrosser	could you take a look at this to keep logans stuff moving? https://review.opendev.org/#/c/659971/	08:16
openstackgerrit	Jean-Philippe Evrard proposed openstack/openstack-ansible-os_placement master: Add metal distro job template https://review.opendev.org/660279	08:19
*** priteau has joined #openstack-ansible		08:20
openstackgerrit	Jean-Philippe Evrard proposed openstack/openstack-ansible-os_placement master: Clarify supported SUSE versions https://review.opendev.org/660281	08:20
evrardjp	jrosser: sure	08:20
*** priteau has quit IRC		08:24
openstackgerrit	Jean-Philippe Evrard proposed openstack/openstack-ansible-os_monasca-agent master: Fix monasca agent for leap 15 https://review.opendev.org/660272	08:25
*** priteau has joined #openstack-ansible		08:28
openstackgerrit	Merged openstack/openstack-ansible-os_masakari master: Add integrated coverage https://review.opendev.org/660122	08:29
openstackgerrit	Jean-Philippe Evrard proposed openstack/openstack-ansible-os_rally master: Add integrated coverage https://review.opendev.org/660284	08:29
openstackgerrit	Jean-Philippe Evrard proposed openstack/openstack-ansible-os_rally master: Clarify supported SUSE versions https://review.opendev.org/660286	08:32
openstackgerrit	Jean-Philippe Evrard proposed openstack/openstack-ansible-os_swift master: Add integrated coverage https://review.opendev.org/660287	08:37
openstackgerrit	Jean-Philippe Evrard proposed openstack/openstack-ansible-os_swift master: Clarify supported SUSE versions https://review.opendev.org/660288	08:38
*** markvoelker has quit IRC		08:39
openstackgerrit	Jean-Philippe Evrard proposed openstack/openstack-ansible-os_tacker master: Add integrated coverage https://review.opendev.org/660289	08:43
CeeMac	morning	08:44
openstackgerrit	Jean-Philippe Evrard proposed openstack/openstack-ansible-os_tacker master: Clarify supported SUSE versions https://review.opendev.org/660291	08:44
evrardjp	CeeMac: morning	08:44
*** luksky has joined #openstack-ansible		08:46
*** PTO has joined #openstack-ansible		08:47
openstackgerrit	tonybrad proposed openstack/openstack-ansible-os_sahara master: Update tests git source to opendev https://review.opendev.org/657322	08:47
openstackgerrit	Jean-Philippe Evrard proposed openstack/openstack-ansible-os_tempest stable/stein: Clarify supported SUSE versions https://review.opendev.org/660294	08:48
openstackgerrit	tonybrad proposed openstack/openstack-ansible-os_monasca master: Change the tests source to opendev https://review.opendev.org/657212	08:48
openstackgerrit	tonybrad proposed openstack/openstack-ansible-os_monasca-agent master: Change tests source to opendev https://review.opendev.org/657216	08:49
openstackgerrit	tonybrad proposed openstack/openstack-ansible-os_blazar master: Update the git to opendev https://review.opendev.org/657209	08:50
openstackgerrit	Jean-Philippe Evrard proposed openstack/openstack-ansible-os_tempest master: Clarify supported SUSE versions https://review.opendev.org/660296	08:50
openstackgerrit	tonybrad proposed openstack/openstack-ansible-os_manila master: Update the tests source https://review.opendev.org/657296	08:51
openstackgerrit	tonybrad proposed openstack/openstack-ansible-rsyslog_client master: Move to opendev https://review.opendev.org/657297	08:51
openstackgerrit	tonybrad proposed openstack/openstack-ansible-os_panko master: Change tests source to opendev https://review.opendev.org/657293	08:52
openstackgerrit	tonybrad proposed openstack/openstack-ansible-repo_server master: Change the tests source to opendev https://review.opendev.org/657309	08:53
openstackgerrit	Jean-Philippe Evrard proposed openstack/openstack-ansible-os_trove master: Add integrated coverage https://review.opendev.org/660298	08:57
openstackgerrit	Jean-Philippe Evrard proposed openstack/openstack-ansible-os_trove master: Clarify supported SUSE versions https://review.opendev.org/660299	08:58
openstackgerrit	OpenStack Proposal Bot proposed openstack/openstack-ansible master: Imported Translations from Zanata https://review.opendev.org/658731	08:58
openstackgerrit	tonybrad proposed openstack/openstack-ansible-pip_install master: Update to opendev https://review.opendev.org/657318	08:59
openstackgerrit	Jean-Philippe Evrard proposed openstack/openstack-ansible-os_zun master: Add integrated coverage https://review.opendev.org/660301	09:00
openstackgerrit	Jean-Philippe Evrard proposed openstack/openstack-ansible-os_zun master: Clarify supported SUSE versions https://review.opendev.org/660302	09:00
openstackgerrit	Jean-Philippe Evrard proposed openstack/openstack-ansible-os_zun master: Add integrated coverage https://review.opendev.org/660301	09:01
openstackgerrit	Jean-Philippe Evrard proposed openstack/openstack-ansible-os_zun master: Clarify supported SUSE versions https://review.opendev.org/660302	09:01
CeeMac	guys, how does one tell if a particular patch features in a tagged branch?	09:03
*** sreejithp has joined #openstack-ansible		09:03
openstackgerrit	Chandan Kumar (raukadah) proposed openstack/openstack-ansible-os_neutron master: [DNM] remove python-httplib2 during venv build requires https://review.opendev.org/660307	09:04
openstackgerrit	Jean-Philippe Evrard proposed openstack/ansible-config_template master: Clarify supported SUSE versions https://review.opendev.org/660309	09:05
openstackgerrit	Jean-Philippe Evrard proposed openstack/ansible-hardening master: Clarify supported SUSE versions https://review.opendev.org/660311	09:06
evrardjp	CeeMac: could you clarify your question?	09:06
evrardjp	(for example with the patch in question?)	09:06
evrardjp	we don't tag roles anymore	09:07
CeeMac	evrardjp: in general i guess would be good to know, but specifically if 18.1.5 contained https://review.opendev.org/#/c/632118/1 (I've checked the file on my dep node and it looks like the changes are there)	09:07
*** sreejithp has quit IRC		09:07
CeeMac	for instance, I can see in the cherry-pick from master that its in branch stable/rocky, but then how would I be able to tell if that was just in the head or in one of the tagged branches (18.1.5, 18.1.6 etc)	09:09
evrardjp	so if you would like to know if a patch has been backported to a certain branch you can check in "included in" for example: https://review.opendev.org/#/c/621509/	09:09
evrardjp	if you want to see if this has been tagged recently, you can check in ansible-role-requirements sha	09:09
CeeMac	oooooh... theres a dropdown right there.	09:09
evrardjp	so check if it's older than a month, you should have it with your last tag	09:10
CeeMac	older than a month as in based on 'updated' field?	09:10
evrardjp	I generally do things every two weeks, but recently with summit and stuff I might be late	09:10
evrardjp	check the merged date	09:11
evrardjp	if not, ask me to push a new release :p	09:11
CeeMac	'merged by zuul'?	09:11
evrardjp	yeah	09:11
CeeMac	ok, thanks	09:11
CeeMac	just trying to take opportunities to get to grips with the system while I'm working through my pre-deploy checks :)	09:12
evrardjp	so it means the patch has landed in the git repo, which is required for the next "bump" to catch it	09:12
evrardjp	we bump every two weeks	09:12
CeeMac	the bump being a tag?	09:12
evrardjp	nope, we use shas	09:12
evrardjp	see ansible-role-requirements	09:12
CeeMac	ah, ok	09:12
*** phasespace has joined #openstack-ansible		09:12
evrardjp	the bump basically updates the sha to the latest it finds in the repos	09:13
CeeMac	so, tags are used for other reasons based on release stability for instance?	09:13
evrardjp	tags are used in OSA main repo to say "This has been tested and should be working fine"	09:13
CeeMac	ok	09:13
*** openstackstatus has quit IRC		09:13
*** openstackstatus has joined #openstack-ansible		09:14
*** ChanServ sets mode: +v openstackstatus		09:14
evrardjp	because we don't rely on a moving target for ansible-role-requirements (head of branch), but we rely on SHAs instead, it makes the installs very stable	09:14
CeeMac	presumably, if I were checked out stable/rocky, i'd need to do a pull periodically to get the latest 'bumps' then? (purely for informative purposes, i'm sticking with 18.1.5 for now)	09:14
evrardjp	if you come back in a month, 18.1.5 will still have the same roles content	09:15
CeeMac	but stable will have moved on?	09:15
evrardjp	yes, you should be doing minor updates	09:15
evrardjp	there is docs for that	09:15
CeeMac	i've seen them	09:15
evrardjp	so basically checkout the latest tag, rebootstrap ansible, and redeploy	09:15
CeeMac	followed the docs to get up to 18.1.5 from where I was	09:16
evrardjp	sounds good	09:16
CeeMac	happy with that process :)	09:16
evrardjp	being up to date is good	09:16
CeeMac	i've been reading up on git/gerrit so I'm just trying to correlate random facts with actual use cases	09:16
evrardjp	the fact we do a release every two weeks (in theory, some exceptional circumstances might happen) helps too	09:17
CeeMac	in between trying to prep for production roll out, and my other day job antics	09:17
chandankumar	http://logs.openstack.org/42/654942/10/check/openstack-ansible-functional-tempestconf-centos-7/4b8943c/job-output.txt.gz#_2019-05-21_08_27_10_139112 still not working for python-httlip2	09:17
chandankumar	let me try depends on with os_neutron patch	09:17
evrardjp	chandankumar: nope you have another problem to dig in	09:18
evrardjp	why isn't extras available? Why can't you install python-httplib2 ?	09:19
evrardjp	that's what you should dig	09:19
chandankumar	ok	09:19
evrardjp	check the repos that are enabled, etc.	09:19
evrardjp	I would also check why this starts to fail in lxc, while it works in distro based installs	09:20
*** electrofelix has joined #openstack-ansible		09:30
*** PTO has quit IRC		09:30
*** markvoelker has joined #openstack-ansible		09:35
*** gillesMo has quit IRC		09:38
openstackgerrit	Jean-Philippe Evrard proposed openstack/openstack-ansible-galera_client master: Add integrated coverage https://review.opendev.org/660319	09:42
openstackgerrit	Jean-Philippe Evrard proposed openstack/openstack-ansible-galera_client master: Clarify supported SUSE versions https://review.opendev.org/660320	09:43
openstackgerrit	Merged openstack/openstack-ansible-os_panko master: Use the dynamic aio scenario https://review.opendev.org/660182	09:45
CeeMac	jrosser: you know we talked about having the deployment node and the hosts on an out of band management network? Presumably I'll need to use the OOB IP in the o_u_c? (because it just failed with it populated using the br-mgmt ips....)	09:48
openstackgerrit	Jean-Philippe Evrard proposed openstack/openstack-ansible-memcached_server master: Add integrated coverage https://review.opendev.org/660322	09:52
nowster	chandankumar: Is https://review.opendev.org/#/c/660141/ related?	09:52
openstackgerrit	Jean-Philippe Evrard proposed openstack/openstack-ansible-memcached_server master: Clarify supported SUSE versions https://review.opendev.org/660323	09:53
openstackgerrit	Jean-Philippe Evrard proposed openstack/openstack-ansible-galera_client master: Add integrated coverage https://review.opendev.org/660319	09:56
openstackgerrit	Jean-Philippe Evrard proposed openstack/openstack-ansible-openstack_openrc master: Add integrated coverage https://review.opendev.org/660331	09:58
openstackgerrit	Jean-Philippe Evrard proposed openstack/openstack-ansible-openstack_openrc master: Clarify supported SUSE versions https://review.opendev.org/660332	09:58
openstackgerrit	Jean-Philippe Evrard proposed openstack/openstack-ansible-os_manila master: Add integrated coverage https://review.opendev.org/660333	10:01
openstackgerrit	Merged openstack/openstack-ansible stable/queens: Use the correct branch name to clone tests repo https://review.opendev.org/659971	10:02
openstackgerrit	Dirk Mueller proposed openstack/openstack-ansible-galera_server master: Update package list for openSUSE Leap 15.0 https://review.opendev.org/660204	10:08
openstackgerrit	Dirk Mueller proposed openstack/openstack-ansible-galera_server master: Switch to openSUSE Leap 15 for functional testing https://review.opendev.org/660208	10:08
evrardjp	god doing this integrated testing is SOOOOO tedious	10:09
*** markvoelker has quit IRC		10:09
nowster	chandankumar: the mirror at http://mirror.dfw.rax.openstack.org/centos/7/ might be corrupt, perhaps?	10:09
dirk	evrardjp: who would have thought splitting into half a billion individual repos would have downsides? ;-)	10:10
openstackgerrit	Jean-Philippe Evrard proposed openstack/openstack-ansible-os_sahara master: Add integrated coverage https://review.opendev.org/660337	10:11
evrardjp	I regret nothing!	10:11
evrardjp	hahah	10:11
dirk	could any of the cores please review the piles of "move to opendev" patches? e.g. https://review.opendev.org/#/c/657254/ and friends	10:11
evrardjp	the problem is when we set up those tests with zuul v2... We are now in a better world	10:11
dirk	I believe those should be easy to land and makes the list of open reviews quite a bit more bearable	10:11
nowster	I'm not seeing python-httplib2 in http://mirror.dfw.rax.openstack.org/centos/7/os/x86_64/Packages/	10:11
*** aedc has joined #openstack-ansible		10:11
jrosser	CeeMac: yes you need to list whichever IP is used to ssh to the hosts, becasue at the end of the day it's creating an ansible inventory	10:12
evrardjp	tbh I was lazy dirk. I was hoping there would be the ML thread about using requirements's published constraints first, and get all of those in one swoop	10:12
evrardjp	I was lazy, dirk*	10:12
jrosser	the code will read the IP from br-mgmt when that is needed specifically	10:12
nowster	chandankumar: it's in "extras": http://mirror.dfw.rax.openstack.org/centos/7/extras/x86_64/Packages/python-httplib2-0.9.2-1.el7.noarch.rpm	10:12
nowster	chandankumar: might be an idea to check that "extras" is enabled	10:13
jrosser	if you use codesearch we are pretty much the only project needing it - i'm still unsure that it's an actual requirement	10:13
CeeMac	thanks jrosser it makes perfect sense in hind sight!	10:13
openstackgerrit	Jean-Philippe Evrard proposed openstack/openstack-ansible-os_sahara master: Clarify supported SUSE versions https://review.opendev.org/660338	10:14
CeeMac	on a semi-related note. Do the plays need to be run by root, or wil any user with sudo work fine? I just realised I'd locked SSH access down to prevent the root account logging in and wondered why I couldn't ssh from the deployment node using the root account......	10:14
* CeeMac facepalms		10:14
chandankumar	nowster: got stuck with something else on tripleo side, will look	10:15
openstackgerrit	Merged openstack/openstack-ansible-tests master: Rename opensuse functional jobs to opensuse-15 https://review.opendev.org/660207	10:17
evrardjp	noonedeadpunk: did you have a look at why https://review.opendev.org/#/c/653985/ is failing?	10:18
evrardjp	CeeMac: by default we use root to connect	10:18
evrardjp	it's probably doable with your inventory though	10:19
evrardjp	but it's not really tested and will be hard with delegation and the becoming with lower privileges and stuff	10:19
CeeMac	evrardjp: yeah, i fast forwarded to that conclusion and have slackened the security in my ssh config. Its limited to listening on the managment IP only, so the risk is low(er)	10:27
*** L_SR has joined #openstack-ansible		10:29
noonedeadpunk	evrardjp: xenial for master?	10:32
noonedeadpunk	I think we should probably update this job somehow...	10:33
evrardjp	wow I haven't seen that	10:34
evrardjp	yes we should :p	10:34
L_SR	Hello Guys, simply trying to demystify the fact that my deployment node is unable to complete the setup-openstack playbook. I have a pretty standard user config and variables (according to the test example). And many iterations have pin-pointed to problem to os-keystone-install, particularly an issue with MySQL.	10:34
noonedeadpunk	I'll try to handle this in another patch	10:34
noonedeadpunk	or anyone may, if have extra time on hands ofc :p	10:35
openstackgerrit	Dmitriy Rabotyagov (noonedeadpunk) proposed openstack/openstack-ansible-os_glance master: Replace git.openstack.org with opendev.org https://review.opendev.org/654003	10:36
evrardjp	L_SR: still not fixed?	10:36
evrardjp	:(	10:36
L_SR	checking HAProxy, galera's front and back are in status OPEN and UP, respectively. Keystone service front 1 and 2 are OPEN, while keystone service back is DOWN.	10:36
evrardjp	L_SR: so could you remind us what you're deploying? OS/Branch/stuff ?	10:37
L_SR	evrardjp: still does not yield. I have changed OS nodes to Bionic. Triple checked networking and all seems to be OK	10:37
evrardjp	bionic, and you're running stein or rocky?	10:37
L_SR	I have noticed that sometimes ansible galera_container -m shell \ -a "mysql -h localhost -e 'show status like \"%wsrep_cluster_%\";'" yields a CHANGED instead of a SUCCESS. But that does not seem to alter the result of the setup-openstack playbook	10:38
L_SR	evrardjp: currenlty in the master branch	10:38
L_SR	evrardjp: I have tried Rocky and Stein, both failing at the same point in the setup-openstack playbook	10:38
evrardjp	so master bionic, galera seems okay	10:39
evrardjp	oh wait	10:39
evrardjp	did you crush the DB/containers between your tests, clean your facts and rebootstrapped ansible?	10:39
L_SR	evrardjp: the authentication problem with mysql could be bypassed by modifying keystone_db_setup.yaml and specifying linux socket for mysql. But this feels wrong	10:39
L_SR	evrardjp: I have done lxc-container-destroy, rm -r /etc/ansible/*, rm -r /etc/openstack_deploy; i.e. bazooka approach	10:40
evrardjp	cores: for the requirements constriants url, I propose we merge everything we have right now, and we clear stuff afterwards	10:40
evrardjp	L_SR: that's what I would have odne	10:40
evrardjp	you still need to rebootstrap ansible	10:41
evrardjp	to have the right roles for your integrated repo	10:41
evrardjp	I would also check there is no galera artifacts on said machine	10:41
evrardjp	just to make sure :)	10:42
L_SR	sure, after the bazooking, I do /opt/openstack-ansible/scripts/bootstrap-ansible	10:42
jrosser	L_SR: what are you deploying onto? bare metal host / vmware / other.......?	10:42
evrardjp	that's good	10:42
L_SR	jrosser: deploying on bare-metal, i.e. Intel NUCs	10:42
jrosser	L_SR: it seems you have a consistent problem regardless of the branch you test, with the keystone db setup	10:44
jrosser	L_SR: do you run the deployment from the target host?	10:44
L_SR	just a though: I have another Openstack-Ansible deployment working OK. In that cloud the infra1 node has an LXD network range in the same range this new deployment would be (10.0.3.0/24 i believe): could this be an issue? (I am pretty sure NAT would block any kind of addressing/routing confusion, but just asking)	10:44
L_SR	jrosser: my deployment host is an LXC container on a separate computer in the same L2 segment	10:44
L_SR	in the same br-mgmt L2 segment	10:45
L_SR	evrardjp: how can I check if there are galera artifacts bugging around in my infra host?	10:45
*** udesale has quit IRC		10:46
L_SR	jrosser: this is my setup: https://imgur.com/huWQicd	10:48
jrosser	L_SR: ah yes i remember that from the other day	10:48
jrosser	so you are still stuck at the keystone db setup tasks?	10:48
L_SR	yes	10:49
jrosser	so - those tasks are delegated to the deployment host https://github.com/openstack/openstack-ansible-os_keystone/blob/master/tasks/keystone_db_setup.yml#L24	10:49
L_SR	when running setup-openstack for the first time I get a Mysql authentication error, subsequent executions of the same playbook yield the following error: https://pastebin.com/trUQdffZ	10:50
L_SR	jrosser: yes, you commented that on a previous occasion	10:50
nowster	chandankumar: the other possibility is that the python wheel for httplib2 isn't being fetched	10:50
jrosser	L_SR: ah well that task is not delegated	10:51
L_SR	jrosser: this is the error I get when I first run setup-openstack playbook: https://pastebin.com/1jmsDH24 subsequent executions yield the error I pasted above	10:51
L_SR	jrosser: should it be delegated to the setup host?	10:53
CeeMac	L_SR: you're not having a great time with this DB error :(	10:56
L_SR	CeeMac: it's personal now :)	10:56
L_SR	CeeMac: but it is true. The thing is that I have not a clear clue of how/where to proceed.	10:56
CeeMac	L_SR: you mentioned you have the same CIDR in another env. Is it worth checking the arp table in this env matches what you'd expect to see for the DB container IPs etc?	10:56
CeeMac	just incase there is some bleed through?	10:57
nowster	chandankumar: also there's no python-httplib2 in http://mirror.dfw.rax.openstack.org:8080/rdo/centos7/a4/b4/a4b4ae1f656d7eb86e641e04add5a9b6f3511781_85df50c7/	10:57
nowster	(but I don't think that one's relevant)	10:57
jrosser	L_SR: it's probably not worth pushing on beyond that first error, thats fairly fundamental	10:59
L_SR	CeeMac: just checked, and the new deployment cannot reach the lxcbr0 on the old deployment	11:00
L_SR	jrosser: just going to destroy and redeploy again	11:00
CeeMac	you checked it couldn't reach the old deployment or you checked the arp table entries are correct?	11:00
jrosser	the lxcbr0 1.0.3.0/24 should be local to each host	11:00
jrosser	*10.0.....	11:00
jrosser	they nat out of each host to provide eth0 in each container	11:01
L_SR	CeeMac: that it is not reachable and does not appear in the arp table	11:02
CeeMac	ok	11:02
L_SR	jrosser: exactly. So this IP range is only local	11:02
CeeMac	sorry, i misread, you said lxd network, i thought br-mgmt	11:02
CeeMac	my brain is not working today	11:02
L_SR	CeeMac :)	11:02
CeeMac	L_SR: when you blow away the containers, is the data in /openstack/<galera_container> being deleted?	11:05
CeeMac	on infra1	11:05
*** markvoelker has joined #openstack-ansible		11:06
*** nicolasbock has joined #openstack-ansible		11:16
openstackgerrit	Merged openstack/openstack-ansible-os_monasca-agent master: Change tests source to opendev https://review.opendev.org/657216	11:18
openstackgerrit	Merged openstack/openstack-ansible-os_monasca master: Change the tests source to opendev https://review.opendev.org/657212	11:19
*** sreejithp has joined #openstack-ansible		11:20
openstackgerrit	Merged openstack/openstack-ansible-pip_install master: Update to opendev https://review.opendev.org/657318	11:22
openstackgerrit	Merged openstack/openstack-ansible-rsyslog_client master: Move to opendev https://review.opendev.org/657297	11:23
openstackgerrit	Merged openstack/openstack-ansible-os_panko master: Clarify supported OS versions https://review.opendev.org/660181	11:23
*** dave-mccowan has joined #openstack-ansible		11:28
*** kplant has joined #openstack-ansible		11:29
openstackgerrit	Jean-Philippe Evrard proposed openstack/openstack-ansible master: Fix mistral metal deploy https://review.opendev.org/660355	11:39
logan-	o/	11:39
*** markvoelker has quit IRC		11:39
evrardjp	logan-: jrosser noonedeadpunk ^	11:39
jrosser	evrardjp: i think a bunch of these "use integrated test" changes result in the role not actually being tested, zun was an example	11:39
*** joshualyle has quit IRC		11:40
evrardjp	that's bad, but I think it's fair that we move to this, and fix appropriately	11:40
*** sreejithp has quit IRC		11:40
evrardjp	what I just ping is the problem with mistral running with lxc	11:40
*** sreejithp has joined #openstack-ansible		11:40
evrardjp	there are these small gaps we will have to fix	11:40
jrosser	yes, there needs to be corresponding support in the integrated repo to insert the right config for each role test	11:41
evrardjp	(I suppose for zun we need to have the right inventory)	11:41
logan-	all of these are ready for review: https://review.opendev.org/#/q/status:open+owner:logan2211%2540gmail.com+(topic:calico3+OR+topic:osa/opendev+OR+topic:percona-release)+label:Verified:%252B1	11:41
logan-	jrosser: yeah we definitely need to check the logs on the "use integrated testing" patches to fish out those issues. I figured we'd run across a few issues like that	11:43
logan-	I guess that will be a problem for any role we haven't integrated yet, right?	11:43
evrardjp	yes.	11:43
evrardjp	but, if you recall what mnaser told during the PTG, he said "all the roles are integrated now"	11:44
jrosser	i expect we've merged a few like that	11:44
*** cshen has quit IRC		11:44
logan-	evrardjp: gotcha	11:44
evrardjp	so I think there is a gap	11:44
*** sreejithp has quit IRC		11:44
evrardjp	but I think there are many gaps in those roles	11:45
evrardjp	See here: https://docs.google.com/spreadsheets/d/1coiPHGqaIKNgCGYsNhEgzswqwp4wedm2XoBCN9WMosY/edit#gid=752070695	11:45
evrardjp	some only supprt one distro, some don't support package installs	11:45
logan-	i think we should template that aio_metal file based on the bootstrap services list	11:45
evrardjp	logan-: probably	11:45
evrardjp	but I went for the shortest route now	11:45
logan-	yep	11:45
logan-	np	11:45
evrardjp	jrosser: if you could vote here: https://review.opendev.org/#/c/660355/ that would close a gap for the mistral integration	11:46
jrosser	sure - i've been doing them as they pass	11:46
evrardjp	one of the things we will have to do, is update the constraints for master.	11:46
evrardjp	in tox.ini	11:46
evrardjp	(or maybe other files too)	11:46
evrardjp	when we'll be doing this, I think we should ensure the roles are running correctly in the integrated	11:47
evrardjp	at least the jobs will be consistent and all :)	11:47
openstackgerrit	Jean-Philippe Evrard proposed openstack/openstack-ansible master: Fix mistral metal deploy https://review.opendev.org/660355	11:48
evrardjp	logan-: moved even more of the things ^	11:48
logan-	haha yeah i just noticed that after i pushed comment	11:48
logan-	but oyu left the original mistral too btw	11:48
openstackgerrit	Jean-Philippe Evrard proposed openstack/openstack-ansible master: Fix mistral metal deploy https://review.opendev.org/660355	11:48
evrardjp	and made a poo poo yeah	11:48
evrardjp	fixed it	11:49
logan-	there	11:49
logan-	thx	11:49
*** cshen has joined #openstack-ansible		11:50
openstackgerrit	Merged openstack/openstack-ansible-os_cloudkitty master: Change git to opendev https://review.opendev.org/657202	11:50
*** mkuf_ has joined #openstack-ansible		11:55
*** mkuf has quit IRC		11:58
*** ansmith has quit IRC		12:03
*** sreejithp has joined #openstack-ansible		12:06
L_SR	Hey guys, what could be the reason why I'm getting this status from the galera container? https://pastebin.com/vaxEDKvJ	12:06
L_SR	setup-hosts and setup-infrastructure finished successfuly	12:06
evrardjp	are you running single node galera?	12:06
evrardjp	that's weird and very risky	12:06
evrardjp	but it's okay we do it in different places	12:07
*** markvoelker has joined #openstack-ansible		12:08
L_SR	yes, I only have a single infrastructure node	12:08
L_SR	I have also noticed that different branches give different results for ansible galera_container -m shell \ > -a "mysql -h localhost -e 'show status like \"%wsrep_cluster_%\";'"	12:09
evrardjp	did you change your inventory for that?	12:09
L_SR	I destroyed everything and started over	12:09
evrardjp	is this a PoC or somehting?	12:09
L_SR	yes	12:10
evrardjp	because you know there is an AIO scenario that can probably do what you are looking for?	12:10
evrardjp	:)	12:10
L_SR	it is a test environment I want to build, but is giving me headaches	12:10
L_SR	evrardjp, I know, but this test requires multiple compute nodes	12:10
evrardjp	openstack-ansible -e galera_ignore_cluster_state=true galera-install.yml	12:11
evrardjp	https://docs.openstack.org/openstack-ansible/latest/user/aio/quickstart.html#rebooting-an-aio	12:11
evrardjp	you can also check rebuilding an AIO	12:12
*** sreejithp has quit IRC		12:12
evrardjp	but basically you're saying your networking is fine, you're running master as your own AIO (not using predefined scripts), haproxy is fine, galera is fine, but keystone fails	12:12
evrardjp	you're installing on bionic	12:12
evrardjp	did I summarize things correctly?	12:12
L_SR	yes	12:13
evrardjp	and you say that by default keystone cannot connect with the credentials that are in user_secrets	12:13
L_SR	in the first run it complains about it, if I try running the same playbook again it fails migrating the keystone db	12:14
evrardjp	let's focus on that first run	12:14
L_SR	user_secrets is generated according to the documentation	12:14
L_SR	shall I destroy and create the keystone container again to get the error?	12:14
evrardjp	could you run mysql commands on that galera cluster, with the appropriate user, see how it goes?	12:14
openstackgerrit	Merged openstack/openstack-ansible master: Fix mistral metal deploy https://review.opendev.org/660355	12:15
evrardjp	yes, and I would delete once again galera :)	12:15
L_SR	well, at the moment I stopped at setup-infrastructure because galera does not give the SUCESS state, but only CHANGED	12:15
openstackgerrit	Merged openstack/openstack-ansible-tests stable/queens: Fix clone list for opendev changes https://review.opendev.org/659930	12:15
evrardjp	L_SR: I would follow this: https://docs.openstack.org/openstack-ansible/latest/user/aio/quickstart.html#rebuilding-an-aio	12:15
L_SR	ok. I assume the erasing happens on my infra node	12:16
evrardjp	you only have one node you told me (except compute I suppose)	12:16
L_SR	exactly	12:16
*** udesale has joined #openstack-ansible		12:16
L_SR	one infra, one compute, one storage	12:16
openstackgerrit	OpenStack Proposal Bot proposed openstack/ansible-hardening stable/queens: Updated from OpenStack Ansible Tests https://review.opendev.org/660365	12:22
openstackgerrit	Jean-Philippe Evrard proposed openstack/openstack-ansible-os_octavia master: [WIP] Add SUSE support https://review.opendev.org/660367	12:29
openstackgerrit	Merged openstack/openstack-ansible-os_blazar master: Update the git to opendev https://review.opendev.org/657209	12:29
*** mkuf has joined #openstack-ansible		12:31
*** mkuf_ has quit IRC		12:35
openstackgerrit	Jean-Philippe Evrard proposed openstack/openstack-ansible-galera_client master: Clarify supported SUSE versions https://review.opendev.org/660320	12:35
*** priteau has quit IRC		12:36
*** priteau has joined #openstack-ansible		12:38
*** tuxjohnson has joined #openstack-ansible		12:48
*** tuxjohnson has left #openstack-ansible		12:48
L_SR	evrardjp: same issue with galera after setup-infrastructure	12:48
*** priteau has quit IRC		12:51
guilhermesp	morning all!	12:51
evrardjp	L_SR: could you rephrase that?	12:52
evrardjp	You mean you know have an issue at setup-infrastructure?	12:52
evrardjp	instead of keystone?	12:52
L_SR	evrardjp: after running setup-infrastructure, this is the status of the galera cluster: https://pastebin.com/zTGx9mUr	12:52
guilhermesp	btw cores, I was discussing with mnaser yesterday about the role retirement. We just have monasca ones to review and delete https://review.opendev.org/#/q/topic:retire-osa-unused-roles+status:+open	12:53
guilhermesp	ppl have shown interest in maintain but till now we didn't hear back from them?	12:53
L_SR	evrardjp: I have seen this previously, but minded not much as the playbook executed successfully	12:53
guilhermesp	I think we should move on and if someone is interested in maintain those roles, it can revert the retirement	12:53
evrardjp	wait I am confused L_SR	12:54
evrardjp	do you mean it ran correctly or not? (setup-infrastructure)	12:54
L_SR	it ran correctly	12:54
evrardjp	ok	12:54
evrardjp	and your haproxy state says?	12:54
evrardjp	everything galera is fine?	12:54
evrardjp	and now you have to run the setup-openstack, but everything seems alright till now	12:55
L_SR	evrardjp: galera front -1 open, galera back up	12:55
L_SR	evrardjp: running setup-openstack and got the mysql auth error again	12:56
evrardjp	could you paste me that error?	12:56
L_SR	evrardjp: this time I forgot to allow logging, https://pastebin.com/ijjjKXZt	12:56
L_SR	I can destroy the keystone container and try again to see the error	12:57
evrardjp	nope it won't matter	12:57
L_SR	ok	12:57
evrardjp	creating the db is not in keystone	12:57
evrardjp	https://github.com/openstack/openstack-ansible-os_keystone/blob/master/tasks/keystone_db_setup.yml#L24	12:57
L_SR	exactly	12:58
L_SR	that's the task	12:58
L_SR	jrosser was highlighting the fact that the first two tasks are delegated	12:58
evrardjp	but you didn't change anything in plugins or stuff	12:58
evrardjp	or env var	12:59
L_SR	nope	12:59
evrardjp	or ansible.cfg in /etc or in home	12:59
L_SR	nope	12:59
evrardjp	could you run	12:59
L_SR	I have destroyed and re-created the deployment hosts several times and the error is the same all the time	12:59
evrardjp	ansible -m ping galera_all	12:59
*** ansmith has joined #openstack-ansible		12:59
L_SR	ping to galera containers success: https://pastebin.com/Q6F8sTRK	13:00
evrardjp	could you extract this into its own play and run it?	13:01
evrardjp	https://github.com/openstack/openstack-ansible-os_keystone/blob/master/tasks/keystone_db_setup.yml#L16-L25	13:02
evrardjp	oh wait	13:02
evrardjp	before that	13:02
evrardjp	could you connect to that galera container, and see if the db for keystone is there?	13:02
L_SR	evrardjp: going back to the mysql error, this is the rest of the execution of setup-openstack after the error: https://pastebin.com/GRrFShcy	13:03
evrardjp	that's terribly wrong	13:03
evrardjp	if you container had an issue it should not be running more tasks	13:04
evrardjp	oh these are handlers	13:04
evrardjp	ok I want to test something else too	13:05
L_SR	evrardjp: I'm at the galera container now, inside Mysql with root user I see no Keystone DB	13:05
evrardjp	ok	13:05
evrardjp	could you check the galera container ip?	13:05
evrardjp	172.10.10.116?	13:06
L_SR	yes	13:06
evrardjp	ok	13:06
evrardjp	go back to your ansible	13:06
L_SR	ok	13:06
evrardjp	ansible -m shell -a "ping -c 2 172.10.10.116" infra1_keystone_container-c43ef6bb	13:06
openstackgerrit	Merged openstack/openstack-ansible-os_horizon master: Replace git.openstack.org URLs with opendev.org URLs https://review.opendev.org/657254	13:06
L_SR	I think the ping succeeded: https://pastebin.com/hwTU6qb3	13:07
evrardjp	ok	13:08
evrardjp	Yes I would run a different play to just focus on the db creation	13:08
L_SR	ok, will do that	13:08
evrardjp	L_SR: you can run this: https://gist.github.com/evrardjp/c9c336a3dc46ad4d17d2db44aa6cd4d2	13:11
evrardjp	woops sorry	13:12
evrardjp	refresh :)	13:12
evrardjp	openstack-ansible test.yml should do (please put that playbook into the osa playbooks folder	13:12
openstackgerrit	Merged openstack/openstack-ansible-os_panko master: Change tests source to opendev https://review.opendev.org/657293	13:13
L_SR	evrardjp: auth issue https://pastebin.com/8sZsZxRG	13:13
evrardjp	replace login_host's value by 172.10.10.116 ?	13:14
L_SR	evrardjp: weird, because I can use user_secrets to get into mysql in the galera container	13:14
L_SR	evrardjp: changing the variable for the IP succeeded	13:15
evrardjp	you have a problem with haproxy	13:15
L_SR	https://pastebin.com/nKqr0vVM	13:15
*** zhongjun2_ has quit IRC		13:15
L_SR	evrardjp: any hint of the reason?	13:15
L_SR	evrardjp the haproxy is running on my infra1 host, right?	13:16
evrardjp	you assured me it was working :)	13:16
evrardjp	yes	13:16
evrardjp	in a container most likely	13:16
evrardjp	can you show me your o_u_c again?	13:16
L_SR	I thought so: https://imgur.com/Wzp4sLS	13:17
L_SR	evrardjp: https://pastebin.com/bf6tDhCb	13:18
evrardjp	first can you show me your haproxy config?	13:18
openstackgerrit	Guilherme Steinmuller Pimentel proposed openstack/openstack-ansible-os_glance master: db_setup: refactor database setup to a common file https://review.opendev.org/657029	13:18
evrardjp	the o_u_c looks perfectly fine	13:18
L_SR	I have no extra config for the haproxy	13:19
evrardjp	but I might have missed something it's easy to make mistakes	13:19
evrardjp	can you show me the generated haproxy config?	13:19
noonedeadpunk	I'm wondering, why https://review.opendev.org/#/c/659754 fails...	13:19
L_SR	evrardjp any hint on where is that?	13:19
evrardjp	in the haproxy container I would say	13:19
L_SR	ok	13:20
evrardjp	in /etc/haproxy	13:20
evrardjp	or something	13:20
L_SR	there is no haproxy container!	13:20
L_SR	galera maybe?	13:21
openstackgerrit	Guilherme Steinmuller Pimentel proposed openstack/openstack-ansible-os_nova master: db_setup: refactor database setup to a common file https://review.opendev.org/657038	13:21
evrardjp	L_SR: nope that was expected. It's on your host then	13:21
evrardjp	infra host	13:21
evrardjp	it's on bare metal	13:21
evrardjp	ok it's further closer :)	13:21
evrardjp	ss -lntp \| grep 3306	13:21
evrardjp	could you do this ?	13:21
*** hwoarang has quit IRC		13:21
evrardjp	on that infra host?	13:21
L_SR	evrardjp haproxy config: https://pastebin.com/xULCnnbK	13:22
openstackgerrit	Guilherme Steinmuller Pimentel proposed openstack/openstack-ansible-os_keystone master: db_setup: refactor database setup to a common file https://review.opendev.org/657036	13:22
*** hwoarang has joined #openstack-ansible		13:23
L_SR	evrardjp checking mysql port: https://pastebin.com/M4bfzv5e	13:23
evrardjp	is that haproxy or do you have another service on that node on 3306?	13:24
L_SR	I wiped this node clean this morning	13:25
evrardjp	ok	13:25
evrardjp	so	13:25
L_SR	it has a fresh bionic installation	13:25
evrardjp	doing mysql operations through the LB fails, directly works	13:25
L_SR	no lvm, though. That's only configured on the storage host	13:25
L_SR	yes	13:25
evrardjp	backend is not faulty	13:26
evrardjp	and you're listening correctl	13:26
evrardjp	y	13:26
*** sreejithp has joined #openstack-ansible		13:26
evrardjp	mmm	13:27
evrardjp	that's unusual	13:27
evrardjp	mmm	13:28
evrardjp	OOOOH	13:29
evrardjp	what's your private ip range again?	13:29
L_SR	10.1.14.0/24	13:29
evrardjp	nopenopenope :)	13:30
L_SR	jaja	13:30
L_SR	172.10.10.0/24 is mgmt	13:30
evrardjp	this one!	13:30
evrardjp	you don't find something weird in there?	13:30
L_SR	in the range itself?	13:31
evrardjp	yes	13:31
evrardjp	(I will explain the whole story after)	13:31
L_SR	don't tell me is a multicast addressing issue	13:31
evrardjp	nope	13:31
evrardjp	but you're close	13:31
evrardjp	if I tell you RFC1918	13:31
L_SR	reserved?!	13:31
L_SR	oh, public address	13:32
evrardjp	correct.	13:32
L_SR	omg	13:32
evrardjp	172.16.0.0/12 is the expectations	13:32
L_SR	gonna change to 172.16.10.0/24	13:33
evrardjp	because we want the cloud to run behind the load balancer, the rest would be private	13:33
evrardjp	but let me tell you why it fails	13:33
L_SR	please	13:33
evrardjp	https://pastebin.com/xULCnnbK	13:33
evrardjp	it's in there :)	13:33
evrardjp	around L65.	13:33
evrardjp	L65-L67 to be precise	13:33
L_SR	acl white_list src 127.0.0.1/8 192.168.0.0/16 172.16.0.0/12 10.0.0.0/8	13:33
L_SR	GOT IT	13:34
evrardjp	yw :)	13:34
L_SR	Thanks!!!! I will redeploy now	13:34
evrardjp	so it's not an OSA problem :D	13:34
L_SR	please, celebrate with me if it work :)	13:34
evrardjp	s/if/when/	13:34
L_SR	:)	13:34
evrardjp	you need to clean everything though	13:35
evrardjp	your inventory is broken to the wrong ips and stuff	13:35
CeeMac	evrardjp: you're like some kind of troubleshooting ninja!	13:35
evrardjp	just step by step :)	13:35
CeeMac	i feel like a dufus, I'm a network guy and I didn't spot the non-RFC address space.	13:35
* CeeMac hangs up network-guy hat		13:35
evrardjp	0 ressembles to 6 when you read fast	13:36
CeeMac	i'll take that :)	13:36
L_SR	CeeMac Mee too!! I should retire	13:37
L_SR	disgracefully	13:37
kplant	revoke all 172.10.0.0/16 assignments and declare it squat-space	13:37
kplant	problem solved	13:37
evrardjp	kplant: haha	13:38
evrardjp	use ipv6 only	13:38
CeeMac	ipv6 hurts my head	13:39
CeeMac	i can't cope with everything in the world getting subnet equal to the entire IPv4 space at a minimum	13:39
evrardjp	it's better than being allergic to the character ':'	13:41
kplant	i like how ipv6 was necessary due to exhaustion and yet... one of the first practices is everyone gets a /64	13:41
kplant	or a /48 if you ask nicely with pd hints	13:42
CeeMac	i also like how most of the ISPs are still pushing out home routers with public IPv4 address, so if you want to run IPv6 on the edge you need to dual-stack so anyone can get to you.....	13:43
jrosser	L_SR: i was away - good you found it	13:43
jrosser	L_SR: there is a useful debug pattern which is to telnet to the backend service container port, then try the same to the LB vip to test that connectivity is good	13:44
jrosser	may well have been useful here	13:44
CeeMac	jrosser: another good tip I completely missed	13:44
openstackgerrit	Jean-Philippe Evrard proposed openstack/openstack-ansible-rabbitmq_server master: Add integrated coverage https://review.opendev.org/660394	13:45
evrardjp	jrosser: I think I wrote a play for that	13:45
kplant	'nc -z' is a good one for that too	13:45
kplant	easy to determine success after 14 hours of debugging :)	13:45
evrardjp	healthcheck-infrastructure.yml	13:46
evrardjp	and healthcheck-hosts	13:46
evrardjp	maybe I can add a test in healthcheck-hosts	13:46
CeeMac	hindsight is 20-20 etc	13:48
logan-	wonder why https://review.opendev.org/#/c/660141/ isn't in the gate	13:48
kplant	this may be more of a style question than anything but, do you guys use nova volumes at all?	13:49
kplant	or do you leave the root disk size at zero in the flavors and just use cinder for all block storage	13:49
jrosser	logan-: i was wondering that too - i wonder if the depends-on change-id isnt so smart after all?	13:50
logan-	jrosser: i just tried abandoning the ocata/pike versions of the depends-on to see	13:50
logan-	iirc other branches can hold it up	13:50
logan-	yep sure enough	13:51
logan-	ther eit goes	13:51
jrosser	doh	13:51
openstackgerrit	Jean-Philippe Evrard proposed openstack/openstack-ansible master: Add rfc1918 healthcheck https://review.opendev.org/660399	13:53
evrardjp	L_SR: ^	13:54
evrardjp	logan-: yeah this needs to be slowly done :p don't rush backports :p	13:56
evrardjp	logan-: also that would be fixed if you were to use the new form of urls	13:56
evrardjp	(Depends-On with the change url)	13:56
logan-	ah right	13:56
jrosser	evrardjp: not sure the commit message is right there? https://review.opendev.org/660399	13:57
evrardjp	jrosser: I was lacking proper ideas, feel free to adapt :)	13:57
jrosser	well it just seems opposite to what i think you did (!)	13:57
*** ansmith_ has joined #openstack-ansible		13:57
openstackgerrit	Jean-Philippe Evrard proposed openstack/openstack-ansible master: Add rfc1918 healthcheck https://review.opendev.org/660399	13:58
evrardjp	jrosser: good catch	13:58
*** miouge3 has joined #openstack-ansible		13:59
*** gary_perkins_ has joined #openstack-ansible		14:00
*** Anticime1 has joined #openstack-ansible		14:01
*** _nwonknu has joined #openstack-ansible		14:05
*** phasespace has quit IRC		14:05
*** tosky__ has joined #openstack-ansible		14:05
*** tosky has quit IRC		14:06
*** ckonstanski has quit IRC		14:06
*** jamesdenton has quit IRC		14:06
*** joabdearaujo has quit IRC		14:06
*** nwonknu has quit IRC		14:06
*** bradm has quit IRC		14:06
*** ansmith has quit IRC		14:06
*** udesale has quit IRC		14:06
*** markvoelker has quit IRC		14:06
*** electrofelix has quit IRC		14:06
*** aspiers has quit IRC		14:06
*** miouge has quit IRC		14:06
*** gary_perkins has quit IRC		14:06
*** Anticimex has quit IRC		14:06
*** redkrieg has quit IRC		14:06
*** masterpe has quit IRC		14:06
*** nsmeds has quit IRC		14:06
*** udesale has joined #openstack-ansible		14:07
*** electrofelix has joined #openstack-ansible		14:07
CeeMac	ok, i've been hit by the keystone curse	14:08
CeeMac	i can ping the galera container IPs from the LB node	14:09
CeeMac	and I can telnet on port 3306	14:09
CeeMac	if i go into hatop and put the node into maintenance then back, it come up for a second then goes in to SOCKERR	14:09
CeeMac	help?	14:09
CeeMac	setup-hosts, setup-inf both ran fine	14:09
CeeMac	running the setup-os plays individually, and the os-keystone-install.yml fails	14:10
CeeMac	obvs if the haproxy backend is down, thats why the play is failing	14:10
CeeMac	galera cluster looks fine http://paste.openstack.org/show/751870/	14:12
CeeMac	extract from haproxy log http://paste.openstack.org/show/751871/	14:14
*** aspiers has joined #openstack-ansible		14:17
*** aludwar has joined #openstack-ansible		14:19
CeeMac	cant see anything specific in the galera_server_error.log	14:22
*** aedc has quit IRC		14:22
jrosser	CeeMac: https://bugs.launchpad.net/openstack-ansible/+bug/1784230	14:26
openstack	Launchpad bug 1784230 in openstack-ansible "Error while running setup-openstack.yml" [Undecided,Expired]	14:26
openstackgerrit	Merged openstack/openstack-ansible-galera_server stable/queens: Update percona-release package https://review.opendev.org/660141	14:27
openstackgerrit	Jean-Philippe Evrard proposed openstack/openstack-ansible-repo_server master: Clarify supported SUSE versions https://review.opendev.org/660402	14:34
CeeMac	jrosser: good find.	14:37
CeeMac	interestingly, the only_from IPs for the LB nodes is set to use the OOB IP not the br-mgmt ip	14:37
CeeMac	any idea where this is defined from?>	14:38
openstackgerrit	Jean-Philippe Evrard proposed openstack/openstack-ansible-rsyslog_client master: Add integrated coverage https://review.opendev.org/660403	14:38
openstackgerrit	Jean-Philippe Evrard proposed openstack/openstack-ansible-rsyslog_client master: Clarify supported SUSE versions https://review.opendev.org/660404	14:39
openstackgerrit	Jean-Philippe Evrard proposed openstack/openstack-ansible-rsyslog_server master: Add integrated coverage https://review.opendev.org/660405	14:40
jrosser	CeeMac: which config file is that in?	14:40
openstackgerrit	Jean-Philippe Evrard proposed openstack/openstack-ansible-rsyslog_server master: Clarify supported SUSE versions https://review.opendev.org/660406	14:41
CeeMac	jrosser: how do you mean?	14:41
jrosser	CeeMac> interestingly, the only_from IPs for the LB nodes is set to use the OOB IP not the br-mgmt ip	14:42
jrosser	^ that	14:42
CeeMac	the only_from? I'm picking that up from cat /etc/xinetd.d/mysqlchk \| grep only in the galera container	14:42
CeeMac	as per the bug you sent :)	14:42
CeeMac	so, what is populating the mysqlchk file, and what criteria is being used to extrapolate the ip it uses	14:43
jrosser	CeeMac: http://codesearch.openstack.org/?q=galera_monitoring_allowed_source&i=nope&files=&repos=	14:43
openstackgerrit	Jean-Philippe Evrard proposed openstack/ansible-role-systemd_service master: Add integrated coverage https://review.opendev.org/660407	14:43
CeeMac	jrosser: and i suppose its pulling groups['haproxy'] from the ansible inventory, which is configured to use the OOB IP.	14:44
jrosser	yes, so i have an override for this	14:44
CeeMac	ah.	14:44
CeeMac	good.	14:44
jrosser	galera_monitoring_allowed_source: "10.31.128.0/24 10.11.128.0/24 127.0.0.1/32"	14:44
jrosser	^ adjust to suit	14:44
CeeMac	in u_v ?	14:45
openstackgerrit	Jean-Philippe Evrard proposed openstack/ansible-role-systemd_mount master: Add integrated coverage https://review.opendev.org/660408	14:45
jrosser	yep	14:45
CeeMac	any other overrides I should be aware of while we're at it?	14:45
openstackgerrit	Jean-Philippe Evrard proposed openstack/ansible-role-systemd_networkd master: Add integrated coverage https://review.opendev.org/660409	14:46
*** chandankumar is now known as raukadah		14:46
jrosser	i would carry on and override as necessary, so long as you're logical about finding where things don't look right then it'll be ok	14:47
openstackgerrit	Jean-Philippe Evrard proposed openstack/ansible-role-python_venv_build master: Add integrated coverage https://review.opendev.org/660411	14:48
*** luksky has quit IRC		14:49
CeeMac	jrosser: presumably you've whitelisted your whole br-mgmt network for future proofing against adding more galera nodes?	14:49
jrosser	CeeMac: well the proper answer is that this should probably be improved https://opendev.org/openstack/openstack-ansible/src/branch/master/inventory/group_vars/galera_all.yml#L33	14:54
jrosser	becasue that just takes the inventory ip rather than finding br-mgmt ip for those nodes	14:55
CeeMac	well yeah, but then how many people use oob management? Is it corner-case or mainstream? /devils-advocate	14:56
jrosser	i think it is normal in rackspace deployments	14:56
jrosser	the AIO and examples are just simplified for mortals to be able to get started	14:57
CeeMac	pesky mortals >_>	14:57
jrosser	but you are quite right to ask "why is this internal API network the one i use to manage my hosts?"	14:58
*** tosky__ is now known as tosky		14:59
CeeMac	ok, i'll throw in an override and run the galera-install.yml play and see how it goes	14:59
openstackgerrit	Merged openstack/openstack-ansible-os_placement master: Add metal distro job template https://review.opendev.org/660279	15:00
jrosser	you can make that specific or try to make it pick up the br-mgmt ip automagically by refactoring the existing galera group_var a bit	15:00
*** tuxjohnson has joined #openstack-ansible		15:05
CeeMac	hmm, not sure how that would work as its the haproxy ips that need picking up correctly	15:05
CeeMac	i'll hardcode a couple of ranges for now, and play around in test/rc once i've got prod deployed	15:06
*** aedc has joined #openstack-ansible		15:06
*** hamzy has quit IRC		15:07
tuxjohnson	I am using "glance_default_store: cinder" in our installation and the OSA scripts never install a glance_sudoers file in the glance container. I looked in my deployment server and there isn't a sudoers.j2 file that I can see. Am I missing something?	15:09
CeeMac	ok cool the galera backend is showing up now in hatop	15:11
CeeMac	re-running keystone play	15:11
CeeMac	new error :( http://paste.openstack.org/show/751879/	15:16
CeeMac	verbose error: http://paste.openstack.org/show/751881/	15:20
*** starborn has quit IRC		15:20
jrosser	CeeMac: i would guess that if you take the exact command it ran there and try it yourself on the keystone container there might be a better error message	15:22
logan-	could i get a last review on this stein patch https://review.opendev.org/#/c/659711/	15:22
jrosser	done	15:23
logan-	ty	15:23
*** priteau has joined #openstack-ansible		15:23
logan-	jrosser: also this one if you have a moment https://review.opendev.org/#/c/659869/ since the stein patch will not gate until it merges	15:25
*** cshen has quit IRC		15:27
jrosser	logan-: done, this is all very cool btw getting calico 1st class citizen here	15:27
*** sreejithp_ has joined #openstack-ansible		15:28
logan-	thanks! I agree -- will be nice to finally have the tests for it worked out	15:29
*** sreejithp__ has joined #openstack-ansible		15:30
*** sreejithp has quit IRC		15:31
*** sreejithp_ has quit IRC		15:32
CeeMac	log entry for keystone container http://paste.openstack.org/show/751886/	15:33
CeeMac	looks like auth issue	15:34
CeeMac	i'm getting dejavu	15:34
*** hamzy has joined #openstack-ansible		15:35
*** miloa has quit IRC		15:40
CeeMac	ack, i'll comb through the role tasks in the morning see if i can work out which command it is failing on and run that manually from utility container	15:43
CeeMac	l8rs	15:43
dirk	evrardjp: I missed the context, most of the patches are about removing references to git.openstack.org. yes, there is also a small part of it (the tox.ini upperconstraints) but I think thats a minor part of it	15:46
evrardjp	dirk: yeah. Don't worry, we'll merge stuff and verify the rest afterwards	15:47
*** ivve has quit IRC		15:49
mnaser	reviews on https://review.opendev.org/#/c/660224/2 would help land the patch above itw	15:52
mnaser	gah	15:55
mnaser	gerrit is so slow here	15:55
logan-	ah yes thanks mnaser	15:55
mnaser	turns out 250-300ms isn't fun	15:55
*** macza has joined #openstack-ansible		15:55
*** macza has quit IRC		15:56
*** macza has joined #openstack-ansible		15:56
* mnaser waits for wiki page to load		16:00
*** hamzaachi_ has joined #openstack-ansible		16:00
evrardjp	hey	16:00
mnaser	anytime now..	16:00
evrardjp	do we have meeting?	16:00
mnaser	yes im waiting for the wiki page to load so I can do the start meeting	16:00
* mnaser is in china so .. things are slow		16:01
evrardjp	I want to discuss about releases/current state of jobs/constraints url	16:01
evrardjp	:D	16:01
mnaser	..anytime now wiki	16:01
mnaser	ok	16:01
mnaser	can someone please just paste the start meeting string here	16:01
mnaser	the wiki is not accessible for me right now	16:02
mnaser	oooh	16:02
mnaser	wait	16:02
evrardjp	#startmeeting openstack_ansible_meeting	16:02
openstack	Meeting started Tue May 21 16:02:14 2019 UTC and is due to finish in 60 minutes. The chair is evrardjp. Information about MeetBot at http://wiki.debian.org/MeetBot.	16:02
openstack	Useful Commands: #action #agreed #help #info #idea #link #topic #startvote.	16:02
*** openstack changes topic to " (Meeting topic: openstack_ansible_meeting)"		16:02
openstack	The meeting name has been set to 'openstack_ansible_meeting'	16:02
mnaser	#topic office hours	16:02
mnaser	oh im not cool enough to do that right now	16:02
evrardjp	#chair mnaser	16:02
openstack	Current chairs: evrardjp mnaser	16:02
*** hamzaachi has quit IRC		16:02
mnaser	#topic office hours	16:02
*** openstack changes topic to "office hours (Meeting topic: openstack_ansible_meeting)"		16:02
mnaser	ok now im cool enough	16:02
guilhermesp	o/	16:02
logan-	o/	16:03
mnaser	evrardjp: btw, awesome patches on the integrated stuff on top of odyssey4me work	16:03
evrardjp	https://docs.google.com/spreadsheets/d/1coiPHGqaIKNgCGYsNhEgzswqwp4wedm2XoBCN9WMosY/edit#gid=752070695	16:03
jrosser	o/	16:03
mnaser	welp	16:03
evrardjp	that's the map of where we are. Focusing on metal. then metal distro. then lxc.	16:03
mnaser	I gotta vpn for that link :)	16:03
mnaser	ethercalc's aren't blocked :p	16:03
evrardjp	I guessed	16:04
mnaser	all good, I have it open here now	16:04
evrardjp	It doesn't matter for the conversation, basically there are reviews up, and things needs improvement	16:04
*** errr has left #openstack-ansible		16:04
evrardjp	I see a few red dots in the horizon, for example, ironic, congress, blazar	16:04
evrardjp	octavia, rally, tacker, trove, zun	16:04
evrardjp	those are either not ready for distro installs, or they are not ready for multi distro, or both	16:05
evrardjp	(there are others I didn't mention)	16:05
mnaser	hmm, I think its mostly just adding some vars/<os>.yaml file?	16:05
*** hamzaachi_ has quit IRC		16:05
mnaser	or is it quite a bit more complicated than that	16:05
evrardjp	some of it is just that.	16:05
mnaser	obviously I'm making it far more trivial but yeaeh	16:06
evrardjp	some are not just that, for example the packages don't exist for that distro	16:06
evrardjp	or need to refactor the code to get to a point that's similar to other roles	16:06
evrardjp	anyway this deserves love, and help is mostly welcomed	16:06
*** luksky has joined #openstack-ansible		16:06
evrardjp	there is a "if you want to help" on top of this page, so it should help ppl understand what's going on	16:07
mnaser	ill try to do my part in reviewing, and anything failing debian/centos I can try and make a patch 'underneath'	16:07
guilhermesp	evrardjp: I will take a look carefully	16:07
* raukadah didnot getting time to look on python-httplib2 failure on centos		16:07
guilhermesp	I will also continue mnaser 's work of db refactor https://review.opendev.org/#/q/topic:osa/db-refactor	16:07
evrardjp	mnaser: I think the most annoying is not the patch underneath for metal support for distro x, but more getting to support distro package isntalls	16:07
*** hamzaachi_ has joined #openstack-ansible		16:08
mnaser	yeah. that's quite a lot more work to be done there	16:08
evrardjp	anyway, sometimes there are patches "underneath" those links, so don't hesitate to look at the "related" patches	16:08
evrardjp	that's all I have on that topic	16:09
evrardjp	the other topic I have is linked to reviews, should I just continue?	16:09
logan-	may as well. thanks for putting up the spreadsheet and patches for the integrated tests stuff!	16:10
mnaser	sure. I think what you discussed in on-going anyways and doesn't have anything actionable in specific other than: pay attention to reviews, try to help land some of these changes	16:10
evrardjp	yes	16:10
evrardjp	we'll need a map, basically, for another thing too:	16:10
evrardjp	We'll have to use the constraints url file that are published by releases. I guess we'll discuss whether to use /master or /train for master (I don't have an opinion yet). But for stable branches, we're gonna have to do it too.	16:12
evrardjp	The thing is... We shouldn't use that url everywhere, because that will always represent the head of the branch. So we'll have to be careful in the reviews.	16:12
mnaser	don't we already pin commit hash for constraints. right now?	16:12
evrardjp	correct.	16:13
evrardjp	so those shouldn't change.	16:13
evrardjp	the ones who can change are the test ones basically	16:13
evrardjp	(tox, etc.)	16:13
mnaser	so on release, we would freeze that commit, but in CI, we point to tip of requirements branch matching the release	16:14
evrardjp	I just want to raise awareness we shouldn't just change everything :)	16:14
mnaser	right?	16:14
evrardjp	I think we can keep the things frozen for requirements/repo build and many	16:14
evrardjp	and bump regularily	16:14
evrardjp	but the tox and all should be using the new urls.	16:14
noonedeadpunk	o/ missed start	16:14
evrardjp	So basically don't use the new urls everywhere :p	16:15
mnaser	ah yes, I agree, that's fine	16:15
mnaser	use the new urls in tox only because we want to keep our pinned requirements	16:15
*** vnogin has joined #openstack-ansible		16:15
evrardjp	yes.	16:15
mnaser	ok, makes sense to me!	16:15
*** gyee has joined #openstack-ansible		16:15
evrardjp	there might be some other places we need adapting, but we need to do it smartly basically :)	16:15
evrardjp	that's all I had on this topic	16:15
mnaser	fairz	16:16
evrardjp	the last topic I had was releases. I am late on releasing due to summit and travels and stuff.	16:16
evrardjp	and broken jobs	16:16
evrardjp	and many others	16:16
logan-	one other note on the new integrated testing rework stuff, you can actually implement scenarios in the roles downstream while still inheriting the integrated repo jobs	16:16
logan-	https://opendev.org/openstack/openstack-ansible-os_nova/commit/8f55c68d8371a50625c3fdb5b82cbeb62f2808c4	16:16
logan-	any pre-run playbooks in the job will run after the AIO has already been bootstrapped	16:17
evrardjp	but logan helped on fixing things in Rocky/Queens, so thanks to him! I hope we'll have new releases soon	16:17
mnaser	ack, yes, stein patch I had to recheck now	16:17
mnaser	I don't think we back ported the placement integration stuff, did we?	16:17
evrardjp	logan-: yeah that's a cool feature	16:17
logan-	yes thanks for pushing the reviews through.. queens is almost unblocked as of now	16:17
logan-	mnaser: no it is not backported	16:18
mnaser	yeah, that's all in master right now..	16:18
guilhermesp	no we didn't mnaser	16:18
mnaser	what a mess it was to land it :<	16:18
logan-	yeah	16:18
guilhermesp	and I think we haven't worked in the upgrade stuff for placement	16:18
logan-	^ right	16:18
mnaser	I'm thinking: we land most recent bump and push rc2, backport the placement stuff (so we at least have Greenfield placement in stable/stein)	16:19
guilhermesp	i still have a picture of odyssey4me 's pseudo code :P	16:19
mnaser	and then we can work on the upgrade stuff afterwards.. as we usually don't release with the expectation of functional upgrades (generally)	16:19
mnaser	thoughts.. complaints..? :p	16:19
evrardjp	we have until june to do so	16:20
guilhermesp	I'd be ok as first step just try to have stable/stein greenfield for placement	16:20
evrardjp	or july?	16:20
noonedeadpunk	sounds reasonable	16:20
evrardjp	can't remember let me check	16:20
logan-	i think we should focus on getting stein released and then revisit the placement backport since it is optional for stein	16:20
guilhermesp	I can take care of this backport anyways	16:20
evrardjp	11 July, 2019	16:20
mnaser	logan-: if we release stein without placement, then we don't backport placement	16:21
evrardjp	I think we could, as a community, agree on backporting afterwards	16:21
logan-	backporting placement in its current state would probably set us back quite a bit on R->S upgrade readiness right?	16:21
evrardjp	as long as we are clear in the ML/renos/versions	16:21
mnaser	it is a very invasive upgrade step so as someone who is going to update openstack, I'd be in for a mean surprise	16:21
mnaser	we do things like create new databases, shut off services and migrate data from one db to another	16:22
logan-	yeah I think a backport is more palatable when we have code at least proposed if not landed to enable upgrades	16:22
guilhermesp	yes, you're right evrardjp logan- mnaser	16:22
mnaser	many things can go wrong™	16:22
mnaser	I think odyssey4me suggestion at the time was that we never release OSA with the expectation of upgrades working from day 1, so that was kind at the story there.	16:22
mnaser	the placement changes are pretty major, I would either release with them or without, I would not think making this back portable is good for our users	16:23
evrardjp	I agree with you, I just insist on deadlines	16:24
evrardjp	:)	16:24
mnaser	if we agree that we can release without upgrades, then I think we should be (relatively) ok	16:24
mnaser	if we agree that a we must release with upgrades support, we might have to drop it	16:24
mnaser	I know odyssey4me mentioned that he volunteered to help with that upgrade effort.. so it'd be nice to hear if he can still do it (or not)	16:25
evrardjp	If we don't provide the upgrade, it will be a hard mess for many, and I am not sure who will make the effort for doing so	16:25
evrardjp	(or when)	16:25
*** mgoddard has quit IRC		16:25
jrosser	can we have a "placement is present but dormant" situation then if the migration tooling appears then we are good	16:26
mnaser	nope, because it uses an entirely different database	16:26
mnaser	so if it does get deployed, it'll probably want to take over the service catalog entry too	16:26
mnaser	running the playbook will effectively update the service catalog entry to point @ the new placement	16:27
evrardjp	it makes sense to release stein with it, right?	16:27
openstackgerrit	Merged openstack/openstack-ansible stable/rocky: Use opendev links https://review.opendev.org/659933	16:27
evrardjp	it's in that cycle that it was extracted	16:27
mnaser	I think so. we would save a lot of trouble for ourselves by doing it now than later	16:27
evrardjp	so it's easier for us to remember that's when you'll see it appear	16:27
mnaser	I can't remember but Jesse had a very good reason for including it in stein too	16:28
mnaser	I really don't remember it off the top of my head now	16:28
logan-	it seems like we're not saving ourselves trouble, it is the same amount of trouble but we're accelerating it for <some gain> (i'm not sure what the gain is yet)	16:28
*** mgoddard has joined #openstack-ansible		16:28
mnaser	yes, that <some gain> was something Jesse mentioned that got me thinking at the PTG, not remembering though :(	16:28
mnaser	hopefully when he reads buffer, he can chime in	16:28
logan-	++	16:29
evrardjp	odyssey4me: ^	16:29
evrardjp	I guess I will propose an rc2 soon, but wait for the final release, and we can discuss this later.	16:30
evrardjp	that's all I had for today	16:30
logan-	thanks evrardjp	16:30
mnaser	evrardjp: yes, I rechecked your most recent bump	16:30
mnaser	it passed check but failed gate so it should be ok.	16:30
logan-	on a separate topic, this is not urgent at all but I would like to get some thoughts on credential scoping in roles, I pushed some POC patches for nova. if these are adopted, this concept would likely apply to a number of other roles as well.	16:31
logan-	#link https://review.opendev.org/#/q/topic:fix-credentials-scoping	16:31
* mnaser looks		16:31
mnaser	logan-: I looked over that, I was hoping if you took maybe sometime to ask the nova/neutron team about possible side effects	16:32
mnaser	I'm thinking places where the resource was owned by X and now it is owned by Y	16:32
mnaser	generally all openstack install guides have kinda historically mentioned to use users of the other service (but I totally agree with your approach tbh)	16:32
logan-	yep, gotcha, I will do that	16:32
mnaser	but I think that's really neat, reduce the # of vars and it just makes sense that nova uses its own user to talk to neutron, rather than the neutron user	16:33
evrardjp	logan-: gosh this is amazing	16:33
evrardjp	all those vars will go away	16:34
noonedeadpunk	can't agree more, looks nice:)	16:34
mnaser	-54 in group_vars/all is a win	16:34
evrardjp	imagine if the rest would be in a simple etcd? :p	16:35
evrardjp	or local facts?	16:35
evrardjp	wow	16:35
mnaser	#thanks logan- awesome efforts in cleaning up and unblocking OSA gates	16:35
openstackstatus	mnaser: Added your thanks to Thanks page (https://wiki.openstack.org/wiki/Thanks)	16:35
mnaser	#thanks evrardjp dealing with OSA's painful release process!	16:35
openstackstatus	mnaser: Added your thanks to Thanks page (https://wiki.openstack.org/wiki/Thanks)	16:35
guilhermesp	++	16:36
logan-	thanks for looking at those. glad the concept makes sense, it seems like the main concerns are upgrade impact, so I'll look into that some more	16:36
mnaser	this should be interesting to watch - https://review.opendev.org/#/q/topic:osa/db-refactor	16:36
mnaser	I don't think I have time to push more on those but the 'general' concept is there	16:36
guilhermesp	yeah I started t look at the topic today	16:37
guilhermesp	just did a small fix in linters but I haven't look yet at the failures	16:37
guilhermesp	gonna be working on this	16:37
mnaser	just needs a little bit of cleanup and then needs to be done across all roles, then we can use the proposal bot to keep it in sync :)	16:37
mnaser	big win	16:37
mnaser	it also re-orders things so the db and rabbit are ready before we deploy	16:38
guilhermesp	++	16:38
mnaser	no more crash error looping forever while we configure stuff	16:38
evrardjp	mnaser: commented on https://review.opendev.org/#/c/657029/2	16:38
logan-	yeah that will be nice	16:38
mnaser	I'm going to be a bit 'more' back in service when I come back home on the 29th	16:39
mnaser	apologies for my MIA-ness, dealing with this fairly complex deployment and being in a different timezone/space/world	16:39
evrardjp	I think the reason we used different names for those tasks was to easily compare those, and see what this task was doing. But with ARA we don't need it anymore	16:39
mnaser	yupp	16:41
guilhermesp	I'd rename this as glance_db_sync https://review.opendev.org/#/c/657029/2/tasks/glance_db_setup.yml	16:41
*** mgoddard has quit IRC		16:42
guilhermesp	if this is a pattern across other roles btw	16:42
evrardjp	guilhermesp: +1 for me	16:42
*** mgoddard has joined #openstack-ansible		16:43
guilhermesp	but that's not the case for nova tough https://github.com/openstack/openstack-ansible-os_nova/blob/master/tasks/nova_db_setup.yml :P	16:43
openstackgerrit	Merged openstack/openstack-ansible stable/rocky: Add Calico networking AIO scenario https://review.opendev.org/659712	16:43
openstackgerrit	Merged openstack/openstack-ansible stable/queens: Use opendev links https://review.opendev.org/659936	16:43
mnaser	yeah id work on the more simpler ones first and then clean up those other ones	16:44
evrardjp	guilhermesp: but we could be consistent in the future	16:44
evrardjp	more consistent*	16:44
guilhermesp	yeah evrardjp I agree refactoring stuff that makes more sense is a great first step	16:44
*** hamzaachi_ has quit IRC		16:46
jrosser	ansible 2.8.0 for master is very close to done, it needs the ceph-ansible 4.0.0 work to merge first though	16:46
evrardjp	jrosser: how is that last part?	16:46
evrardjp	I think it would be pretty early in the cycle to move to 2.8, so that's a good move	16:46
jrosser	the ceph patch is looking reasonable, except that it fails tempest on some swift stuff	16:47
evrardjp	:(	16:47
jrosser	it wasnt a very obvious failure, i bring this up in case anyone has an idea where to look next http://logs.openstack.org/03/656503/10/check/openstack-ansible-deploy-aio_ceph-ubuntu-bionic/3bfd9d8/logs/openstack/aio1_utility_container-78e37705/utility/stestr_results.html	16:48
openstackgerrit	Merged openstack/openstack-ansible stable/queens: Restore linters job to voting https://review.opendev.org/660018	16:50
logan-	jrosser: same ceph version as we currently run in master right?	16:50
openstackgerrit	Dmitriy Rabotyagov (noonedeadpunk) proposed openstack/openstack-ansible-os_keystone master: Update uw_apache to run against bionic https://review.opendev.org/660455	16:52
jrosser	logan-: that patch brings it up to nautilus	16:52
jrosser	which is guess could be optional, perhaps i should try the same patch deploying mimic to separate the problems	16:53
logan-	if 4.0 supports mimic maybe we should split up the ceph-ansible upgrade from the ceph ugprade	16:53
*** udesale has quit IRC		16:53
openstackgerrit	Merged openstack/openstack-ansible stable/queens: Bump etcd role to v3 capable SHA https://review.opendev.org/659868	16:53
logan-	because i suspect its a m->n radosgw keystone auth issue that will need to be worked out, probabyl unrelated to ceph-ansible v4	16:53
jrosser	yes i think thats quite possible, i'll redo the patch just to bring ceph-ansible up to 4.0.0	16:54
mnaser	Neat	16:57
*** goldenfri has joined #openstack-ansible		16:57
openstackgerrit	Jonathan Rosser proposed openstack/openstack-ansible master: Update to ceph-ansible 4.0.0 https://review.opendev.org/656503	16:58
*** ivve has joined #openstack-ansible		16:59
logan-	thanks jrosser, if we can get ceph-ansible 4 in that will at least unblock the ansible 2.8 stuff and then we can work out the ceph upgrade separately. ill look thru the nautilius release notes to see if I can spot the change	17:01
logan-	last thing i've got is https://review.opendev.org/#/q/status:open+owner:logan2211%2540gmail.com+(topic:calico3+OR+topic:osa/opendev) -- only a few more reviews needed to finish up fixing the gates + getting calico both working and tested from Q->master (previously calico was working on P and earlier but broken Q->master)	17:01
logan-	jrosser: i wonder if the broken pipe requests in radosgw line up with the tempest fails http://logs.openstack.org/03/656503/10/check/openstack-ansible-deploy-aio_ceph-ubuntu-bionic/3bfd9d8/logs/openstack/aio1_ceph-rgw_container-2cdc0de2/ceph/ceph-rgw-aio1-ceph-rgw-container-2cdc0de2.rgw0.log.txt.gz	17:13
logan-	hopefully there is a debug mode where we can get some more output there because that's useless :/	17:15
jrosser	yes that’s possibly it	17:15
jrosser	Agreed!	17:15
jrosser	That should be on by default in for these tests if there is one	17:15
mnaser	#endmeeting	17:15
*** openstack changes topic to "Launchpad: https://launchpad.net/openstack-ansible \|\| Weekly Meetings: https://wiki.openstack.org/wiki/Meetings/openstack-ansible \|\| Review Dashboard: http://bit.ly/2xA1eZC"		17:15
openstack	Meeting ended Tue May 21 17:15:53 2019 UTC. Information about MeetBot at http://wiki.debian.org/MeetBot . (v 0.1.4)	17:15
openstack	Minutes: http://eavesdrop.openstack.org/meetings/openstack_ansible_meeting/2019/openstack_ansible_meeting.2019-05-21-16.02.html	17:15
openstack	Minutes (text): http://eavesdrop.openstack.org/meetings/openstack_ansible_meeting/2019/openstack_ansible_meeting.2019-05-21-16.02.txt	17:15
openstack	Log: http://eavesdrop.openstack.org/meetings/openstack_ansible_meeting/2019/openstack_ansible_meeting.2019-05-21-16.02.log.html	17:15
openstackgerrit	Merged openstack/openstack-ansible-os_swift master: Add integrated coverage https://review.opendev.org/660287	17:25
openstackgerrit	Merged openstack/openstack-ansible-os_magnum master: Add distro install jobs https://review.opendev.org/660086	17:26
*** kopecmartin is now known as kopecmartin\|off		17:31
openstackgerrit	Merged openstack/openstack-ansible-os_swift master: Clarify supported SUSE versions https://review.opendev.org/660288	17:31
*** vnogin has quit IRC		17:34
*** electrofelix has quit IRC		17:36
*** tuxjohnson has left #openstack-ansible		17:36
openstackgerrit	Merged openstack/openstack-ansible-os_tacker master: Add integrated coverage https://review.opendev.org/660289	17:37
openstackgerrit	Georgina Shippey proposed openstack/openstack-ansible master: Amend repo_all-back check to verify sync https://review.opendev.org/660477	17:41
*** priteau has quit IRC		17:42
goldenfri	Hello all, If I update the provider network config and add provider groups, what do I need to re-run to deploy that to my compute nodes? setup-openstack doesn't seem to be enough	17:47
goldenfri	nevermind, found a typo	17:51
guilhermesp	cores, that's something I forgot to mention in the meeting too... we are almost done with the role retirement process https://review.opendev.org/#/q/topic:drop_private+(status:open+OR+status:merged). I've seen ppl manifesting interest in maintain searchlight and monasca roles, but I understood that the ppl were trying to find time to confirm it	17:52
guilhermesp	that's why I proceeded with the retirement process, we have most of the other roles deleted	17:53
guilhermesp	now we just need to merge the open prs	17:53
guilhermesp	I sent an email to the thread regarding the retirement but no replies. I believe if ppl really want to maintain, they could revert some of the patches to bring desired roles back to life	17:54
*** hwoarang has quit IRC		18:27
*** hwoarang has joined #openstack-ansible		18:28
openstackgerrit	Merged openstack/openstack-ansible-tests stable/queens: Restore CentOS voting job https://review.opendev.org/660166	18:29
openstackgerrit	Merged openstack/openstack-ansible-rabbitmq_server master: Add integrated coverage https://review.opendev.org/660394	18:55
*** ansmith has joined #openstack-ansible		19:04
*** ansmith_ has quit IRC		19:05
*** gyee has quit IRC		19:07
*** gyee has joined #openstack-ansible		19:19
*** ansmith has quit IRC		19:29
*** ansmith has joined #openstack-ansible		19:32
*** kplant has quit IRC		19:43
*** radeks_ has quit IRC		19:48
*** logan- has quit IRC		19:55
*** pnull has joined #openstack-ansible		20:07
openstackgerrit	Jonathan Rosser proposed openstack/openstack-ansible master: Update ansible to 2.8.0 https://review.opendev.org/659656	20:08
*** ansmith has quit IRC		20:08
*** ansmith has joined #openstack-ansible		20:16
*** ansmith has quit IRC		20:38
openstackgerrit	Jonathan Rosser proposed openstack/openstack-ansible master: Improve repo server haproxy healthcheck to verify repo synchronisation https://review.opendev.org/660477	20:40
*** Talion has joined #openstack-ansible		20:42
*** hamzy has quit IRC		20:45
*** dave-mccowan has quit IRC		20:50
*** dave-mccowan has joined #openstack-ansible		20:56
*** aedc has quit IRC		21:00
*** djhankb has quit IRC		21:02
openstackgerrit	Merged openstack/openstack-ansible stable/stein: Bump SHAs for stable/stein https://review.opendev.org/659966	21:03
*** ut2k3 has joined #openstack-ansible		21:06
ut2k3	Hi guys, how can I tell OSA to install neutron-server on the controller node only as shown here: https://docs.openstack.org/security-guide/_images/1aa-network-domains-diagram.png - I've defined my two network-nodes as `network_hosts` ... and removed already via `inventory-manage.py -r LXC-container-name` but when I run again the `os-neutron-install.yml` it tries to install neutron-server again on the network-nodes.	21:10
*** logan- has joined #openstack-ansible		21:13
cloudnull	ut2k3 the neutron agents and server are connected in the environment config. to separate them you can create an env.d override file in /etc/openstack_deploy/env.d/ called neutron-server.yml with the following content - https://pasted.tech/pastes/b906226d245238d6c9c83d52fd60fd84cd9ce7aa - that will put the neutron server process (contianer) on the i	21:16
cloudnull	nfra hosts	21:16
openstackgerrit	Merged openstack/openstack-ansible stable/queens: Zuul: Simplify the integrated test playbooks https://review.opendev.org/660224	21:17
ut2k3	Awesome will check that	21:17
cloudnull	you'll need to clean up the inventory with the `inventory-manage.py` script again, that override should get you there.	21:17
ut2k3	cloudnull, thank you for your help.	21:21
cloudnull	hope it works :D	21:21
ut2k3	yep	21:21
ut2k3	I am just running it :)	21:22
* cloudnull holds the beer		21:22
openstackgerrit	Merged openstack/openstack-ansible stable/queens: Add Calico networking AIO scenario https://review.opendev.org/659869	21:24
*** goldenfri has quit IRC		21:37
*** dave-mccowan has quit IRC		21:40
ut2k3	Ok, next problem after upgrading to 19.0.0 / location movement of the neutron-server is now that it cries with " No 'neutron.service_plugins' driver found, looking for 'firewall'"	21:48
*** sreejithp__ has quit IRC		21:59
*** sreejithp has joined #openstack-ansible		21:59
openstackgerrit	Merged openstack/ansible-role-systemd_mount master: Add integrated coverage https://review.opendev.org/660408	22:03
*** sreejithp has quit IRC		22:04
openstackgerrit	Merged openstack/ansible-role-python_venv_build master: Add integrated coverage https://review.opendev.org/660411	22:06
openstackgerrit	Guilherme Steinmuller Pimentel proposed openstack/openstack-ansible-os_glance master: db_setup: refactor database setup to a common file https://review.opendev.org/657029	22:10
cloudnull	ut2k3 did it work ?	22:11
ut2k3	Yep it worked. Having now another problem with the neutron-server but I am quite sure thats not related.	22:12
cloudnull	cool!	22:12
ut2k3	> Error loading class by alias: NoMatches: No 'neutron.service_plugins' driver found, looking for 'firewall'	22:12
cloudnull	likely the firewall driver name / path has changed	22:13
cloudnull	I assume you had firewall as a service running	22:13
cloudnull	likely need to figure out whatever the new driver name / path is and update that in your overrides.	22:14
ut2k3	Yep, will Digg into it.	22:14
cloudnull	I generally fire-up the venv python interpreter using ipython and go poke around to figure things like that out	22:15
cloudnull	if its not easy to find in the upstream docs that is	22:15
ut2k3	Ok good idea	22:16
openstackgerrit	Merged openstack/openstack-ansible-rsyslog_client master: Add integrated coverage https://review.opendev.org/660403	22:17
openstackgerrit	Merged openstack/openstack-ansible-rsyslog_server master: Add integrated coverage https://review.opendev.org/660405	22:19
*** nsmeds_ has joined #openstack-ansible		22:21
openstackgerrit	Merged openstack/ansible-role-systemd_networkd master: Add integrated coverage https://review.opendev.org/660409	22:24
*** hamzaachi has joined #openstack-ansible		22:25
*** hamzaachi has quit IRC		22:26
*** hamzaachi has joined #openstack-ansible		22:27
*** hamzaachi has quit IRC		22:28
openstackgerrit	Merged openstack/ansible-role-systemd_service master: Add integrated coverage https://review.opendev.org/660407	22:28
*** hamzaachi has joined #openstack-ansible		22:28
*** tosky has quit IRC		22:42
*** hamzaachi has quit IRC		22:44
*** hamzaachi has joined #openstack-ansible		22:45
*** hamzaachi has quit IRC		22:45
*** hamzaachi has joined #openstack-ansible		22:46
*** Talion has quit IRC		22:52
*** hamzaachi has quit IRC		22:54
*** pnull has quit IRC		23:03
*** pnull has joined #openstack-ansible		23:05
*** sreejithp has joined #openstack-ansible		23:09
*** sreejithp_ has joined #openstack-ansible		23:11
*** sreejithp has quit IRC		23:14
*** joshualyle has joined #openstack-ansible		23:14
*** ut2k3 has quit IRC		23:19
*** luksky has quit IRC		23:26
*** macza has quit IRC		23:39
*** macza has joined #openstack-ansible		23:40
*** macza has quit IRC		23:47

Generated by irclog2html.py 2.15.3 by Marius Gedminas - find it at mg.pov.lt!