| *** klamath_atx has quit IRC | 00:09 | |
| *** nurdie_ has joined #openstack-ansible | 00:16 | |
| *** sshnaidm|afk has joined #openstack-ansible | 00:20 | |
| *** sshnaidm|afk is now known as sshnaidm|off | 00:20 | |
| *** nurdie_ has quit IRC | 00:21 | |
| *** nurdie_ has joined #openstack-ansible | 00:49 | |
| *** spatel has joined #openstack-ansible | 00:52 | |
| *** nurdie_ has quit IRC | 00:53 | |
| *** guilhermesp has quit IRC | 00:56 | |
| *** jungleboyj has quit IRC | 00:56 | |
| *** jungleboyj has joined #openstack-ansible | 00:57 | |
| *** gouthamr has quit IRC | 00:57 | |
| *** nicolasbock has quit IRC | 00:57 | |
| *** bl0m1 has quit IRC | 00:57 | |
| *** gundalow has quit IRC | 00:57 | |
| *** guilhermesp has joined #openstack-ansible | 00:58 | |
| *** bl0m1 has joined #openstack-ansible | 00:58 | |
| *** nicolasbock has joined #openstack-ansible | 00:58 | |
| *** gouthamr has joined #openstack-ansible | 00:58 | |
| *** gundalow has joined #openstack-ansible | 01:00 | |
| *** tosky has quit IRC | 01:01 | |
| *** rfolco has joined #openstack-ansible | 01:02 | |
| *** cshen has quit IRC | 01:04 | |
| *** macz_ has quit IRC | 01:05 | |
| *** waverider has quit IRC | 01:10 | |
| *** rfolco has quit IRC | 01:18 | |
| *** openstackgerrit has quit IRC | 01:38 | |
| *** spatel has quit IRC | 01:54 | |
| *** macz_ has joined #openstack-ansible | 02:10 | |
| *** macz_ has quit IRC | 02:15 | |
| *** snadge has joined #openstack-ansible | 02:29 | |
| *** spatel has joined #openstack-ansible | 02:37 | |
| *** nurdie_ has joined #openstack-ansible | 02:50 | |
| *** nurdie_ has quit IRC | 02:55 | |
| *** nurdie_ has joined #openstack-ansible | 04:12 | |
| *** nurdie_ has quit IRC | 04:14 | |
| *** nurdie_ has joined #openstack-ansible | 04:14 | |
| *** nurdie_ has quit IRC | 04:15 | |
| *** lemko has quit IRC | 04:26 | |
| *** lemko has joined #openstack-ansible | 04:26 | |
| dmsimard | noonedeadpunk, jrosser: I investigated and created this issue for the sqlite database lock issue: https://github.com/ansible-community/ara/issues/195 | 04:28 |
|---|---|---|
| dmsimard | for now you can workaround by pinning to 1.5.1 or export ARA_ARGUMENT_LABELS="" | 04:28 |
| dmsimard | I need to spend more time on it but it won't be tonight :) | 04:32 |
| *** nurdie_ has joined #openstack-ansible | 04:50 | |
| *** nurdie_ has quit IRC | 04:56 | |
| *** spatel has quit IRC | 05:16 | |
| *** nurdie_ has joined #openstack-ansible | 05:29 | |
| *** evrardjp has quit IRC | 05:33 | |
| *** evrardjp has joined #openstack-ansible | 05:33 | |
| *** nurdie_ has quit IRC | 05:35 | |
| *** spatel has joined #openstack-ansible | 06:33 | |
| *** spatel has quit IRC | 06:37 | |
| *** miloa has joined #openstack-ansible | 06:39 | |
| *** cshen has joined #openstack-ansible | 07:11 | |
| *** pto has quit IRC | 07:29 | |
| *** nurdie_ has joined #openstack-ansible | 07:30 | |
| *** nurdie_ has quit IRC | 07:35 | |
| *** luksky has joined #openstack-ansible | 07:55 | |
| noonedeadpunk | dmsimard: ok, thanks for having a look! | 08:07 |
| *** pcaruana has joined #openstack-ansible | 08:35 | |
| *** waverider has joined #openstack-ansible | 08:43 | |
| admin0 | morning \o | 08:50 |
| *** tosky has joined #openstack-ansible | 09:05 | |
| noonedeadpunk | \o | 09:06 |
| *** nurdie_ has joined #openstack-ansible | 09:32 | |
| *** nurdie_ has quit IRC | 09:37 | |
| *** spatel has joined #openstack-ansible | 10:05 | |
| *** waverider has quit IRC | 10:08 | |
| *** waverider has joined #openstack-ansible | 10:09 | |
| *** spatel has quit IRC | 10:11 | |
| *** pto has joined #openstack-ansible | 10:26 | |
| pto | The linux bridge agent i broken in ussuri 21.2.0 on Ubuntu 20.04 LTS: http://paste.openstack.org/show/800728/ | 10:27 |
| pto | Does the os_neutron role link to neutron/master? | 10:35 |
| *** cshen has quit IRC | 10:45 | |
| *** cshen has joined #openstack-ansible | 10:47 | |
| *** cshen has quit IRC | 10:56 | |
| *** cshen has joined #openstack-ansible | 11:00 | |
| pto | Aparently the change have not been merged into neutron ussuri/stable yet - I guess it needs reviewers: https://review.opendev.org/c/openstack/neutron/+/765408 | 11:15 |
| pto | Is it possible to cherry pick the fix? | 11:15 |
| *** nurdie_ has joined #openstack-ansible | 11:33 | |
| *** waverider has quit IRC | 11:35 | |
| *** waverider has joined #openstack-ansible | 11:35 | |
| *** rfolco has joined #openstack-ansible | 11:36 | |
| *** nurdie_ has quit IRC | 11:38 | |
| *** waverider has quit IRC | 11:41 | |
| kleini | How can grafana, prometheus and elk_mectrics_7x be integrated into OSA setup or what is the best way to integrate that somehow? | 11:49 |
| admin0 | i use graylog, zabbix+grafana | 11:52 |
| admin0 | i would like to see a howto of what you are trying kleini | 11:53 |
| *** spatel has joined #openstack-ansible | 11:54 | |
| kleini | I try to get the prometheus node exporter deployed on every host | 11:55 |
| kleini | to collect host metrics. I am not providing a public cloud but a private one, where we need to squeeze every little bit of resource out of the hosts and we need to see resource bottlenecks | 11:57 |
| kleini | I do setup-hosts, setup-infrastructure, setup-openstack and then what for getting prometheus node exporters every where deployed from openstack-ansible-ops? | 11:58 |
| *** pto has quit IRC | 11:58 | |
| *** pto_ has joined #openstack-ansible | 11:58 | |
| *** spatel has quit IRC | 11:58 | |
| jrosser | here we have two sets of ansible, one for “before osa” to get all the hosts sorted out, then we run osa | 11:58 |
| kleini | oh, my initial question is missing this openstack-ansible-ops repository. sorry for that | 11:59 |
| jrosser | in the “before osa” ansibke we do all the Prometheus exporter stuff | 11:59 |
| kleini | I have "before OSA", too. But e.g. Grafana should run in infra container, so I have dependency to OSA inventory | 12:00 |
| kleini | and setup-hosts, of course | 12:00 |
| jrosser | only if you do it that way.... our elk stack is so significant now it’s treated as a separate thing | 12:01 |
| jrosser | so not deployed on the infra hosts at all | 12:01 |
| jrosser | but we use all the tooling from openstack-ansible-ops still | 12:01 |
| kleini | and the tooling from OSA regarding LXC containers is very useful but it is hard for me to use OSA inventory stuff | 12:02 |
| jrosser | imho for something more than trivial you will be looking for dedicated elasticseach nodes anyway, the cpu and memory requirements can be large | 12:02 |
| jrosser | you don’t have to use the inventory, and in fact the openstack-ansible-ops elk deployment is decoupled from the OSA inventory | 12:03 |
| jrosser | again you can choose how that works by using an “integration inventory” | 12:03 |
| jrosser | we have a separate inventory for the elk cluster which is nothing to do with OSA, then import the OSA json with a python script to allow elk beats to be deployed to things that only exist in the OSA dynamic inventory | 12:06 |
| kleini | okay, so a lot of integration work is necessary | 12:06 |
| jrosser | yes, the ops repo is a suggestion really | 12:06 |
| jrosser | you can follow the recipie in the ops repo docs and you should get a tightly coupled OSA/elk setup | 12:07 |
| jrosser | but as you’ve seen that can then be difficult if you want to add Prometheus and more things as well | 12:08 |
| jrosser | this is a bit similar to the integrated/separate ceph cluster question | 12:08 |
| kleini | but at some point ceph cluster was integrated, too, and to be honest, this helped me a lot initially | 12:12 |
| kleini | today I separate it, as we already have a productive Ceph cluster, that OSA deployment re-uses | 12:13 |
| jrosser | sure, everyone has different needs... our elk stack currently gathers from two clouds for example | 12:13 |
| jrosser | which was another reason to break it out separately | 12:14 |
| kleini | makes sense | 12:14 |
| jrosser | I did loads of work on the ops repo elk code in my lab, just like you say with everything on the infra/log nodes | 12:15 |
| jrosser | but that’s not really scaled when things got bigger and more complicated | 12:15 |
| jrosser | so depending on the use case, doing it all with OSA, lxc fully integrate could be just fine | 12:16 |
| *** pto_ has quit IRC | 12:20 | |
| *** nurdie_ has joined #openstack-ansible | 12:45 | |
| *** nurdie_ has quit IRC | 12:59 | |
| *** spatel has joined #openstack-ansible | 13:00 | |
| *** spatel has quit IRC | 13:05 | |
| *** macz_ has joined #openstack-ansible | 13:08 | |
| kleini | I would like to contribute, too, but mostly I still get not further than deploying things and testing reviews | 13:08 |
| kleini | Hopefully I can gain the knowledge to contribute. | 13:09 |
| *** macz_ has quit IRC | 13:12 | |
| admin0 | when i use br-lbaas on only containers, the lbaas containers fail to start saying: Failed to attach "br-lbaas" to openvswitch bridge "c865e4e3_eth14" | 14:07 |
| admin0 | but i am not using openvswitch | 14:07 |
| *** miloa has quit IRC | 14:08 | |
| *** fanfi has quit IRC | 14:19 | |
| *** spatel has joined #openstack-ansible | 14:28 | |
| spatel | where is my victoria!!! | 14:29 |
| ThiagoCMC | LOL | 14:29 |
| noonedeadpunk | spatel: ʘ︵ʘ | 14:29 |
| noonedeadpunk | any core around for reviews? | 14:30 |
| spatel | Silence is painful :) | 14:30 |
| spatel | noonedeadpunk: what is blocking us to release victoria ? | 14:30 |
| spatel | any specific issue or gate? | 14:30 |
| noonedeadpunk | not much tbh | 14:30 |
| noonedeadpunk | https://review.opendev.org/q/(project:%2522%255Eopenstack/(openstack-ansible%257Cansible-).*%2522)+NOT+project:openstack/ansible-role-openstack-operations+NOT+project:openstack/ansible-role-chrony+NOT+project:%2522%255Eopenstack/ansible-role-.*-hsm%2522+NOT+project:%2522%255Eopenstack/ansible-role-(k8s%257Ctripleo).*%2522+NOT+project:%2522%255Eopenstack/(ansible-collections-openstack).*%2522+NOT+project:%2522%255Eopenstack/(ansible-role- | 14:31 |
| noonedeadpunk | collect-logs).*%2522+status:open+++NOT+label:Workflow%253C%253D-1+NOT+label:Workflow%253E%253D1+label:Verified%253E%253D1+NOT+label:Code-Review%253C%253D-1+label:Code-Review%253E%253D2+branch:master+ | 14:31 |
| noonedeadpunk | ooops | 14:31 |
| admin0 | :0 | 14:31 |
| noonedeadpunk | https://bit.ly/39PqDDc | 14:31 |
| noonedeadpunk | cores another vote would be awesome ^ | 14:32 |
| noonedeadpunk | spatel: jsut trying to get merged as much as possible | 14:33 |
| noonedeadpunk | the only thing that is broken in terms of ci is openstack-ansible-plugins I guess but it's ok I think | 14:34 |
| spatel | noonedeadpunk: we can cut the beta release right and coming week add remaining stuff. | 14:34 |
| noonedeadpunk | the annoying stuff that we will need to backport all of that | 14:34 |
| spatel | hmm | 14:34 |
| *** nurdie_ has joined #openstack-ansible | 14:35 | |
| noonedeadpunk | mgariepy: you you're around, would be awesome if you could look through patches in https://bit.ly/39PqDDc | 14:35 |
| spatel | In that list some of commit are very tiny and can merge easily like this one - https://review.opendev.org/c/openstack/openstack-ansible-os_octavia/+/765351 | 14:37 |
| spatel | sorry wrong copy paste | 14:37 |
| spatel | I meant this one - https://review.opendev.org/c/openstack/openstack-ansible-os_magnum/+/765320 | 14:37 |
| noonedeadpunk | we can even avoid mergning that tbh | 14:37 |
| spatel | totally | 14:38 |
| spatel | how do i rebase this patch - https://review.opendev.org/c/openstack/openstack-ansible-os_octavia/+/765351 | 14:38 |
| spatel | I am not git ninja :( | 14:38 |
| noonedeadpunk | `git review -d 765351; git rebase origin/master; solve conflicts; git rebase --continue; git review -f | 14:39 |
| noonedeadpunk | I can help you out with it if you wish | 14:39 |
| spatel | just copy paste that command in my git checkout right? | 14:40 |
| noonedeadpunk | except solving conflicts part :p | 14:41 |
| spatel | go ahead..do it :) noonedeadpunk | 14:41 |
| *** openstackgerrit has joined #openstack-ansible | 14:44 | |
| openstackgerrit | Dmitriy Rabotyagov proposed openstack/openstack-ansible-os_octavia master: Removing spare_amphora_pool_size option https://review.opendev.org/c/openstack/openstack-ansible-os_octavia/+/765351 | 14:44 |
| spatel | Thanks | 14:50 |
| openstackgerrit | Merged openstack/openstack-ansible-os_tempest master: Fix stackviz for failed tempest runs https://review.opendev.org/c/openstack/openstack-ansible-os_tempest/+/764055 | 14:51 |
| noonedeadpunk | you're welcome! | 14:51 |
| openstackgerrit | Dmitriy Rabotyagov proposed openstack/openstack-ansible master: Add Octavia SSH key creation test https://review.opendev.org/c/openstack/openstack-ansible/+/765544 | 14:54 |
| openstackgerrit | Dmitriy Rabotyagov proposed openstack/openstack-ansible-os_octavia master: Removing spare_amphora_pool_size option https://review.opendev.org/c/openstack/openstack-ansible-os_octavia/+/765351 | 14:55 |
| *** jbadiapa has joined #openstack-ansible | 15:00 | |
| mgariepy | noonedeadpunk, reviewing | 15:11 |
| openstackgerrit | Satish Patel proposed openstack/openstack-ansible-os_nova master: Support for virtio-net rx/tx queue sizes https://review.opendev.org/c/openstack/openstack-ansible-os_nova/+/765547 | 15:11 |
| mgariepy | the new gerrit.. | 15:12 |
| mgariepy | it's strange.. | 15:12 |
| mgariepy | and.. slow. | 15:12 |
| spatel | noonedeadpunk: wish we can merge this one at some point in victoria - https://review.opendev.org/c/openstack/openstack-ansible-os_nova/+/765547 | 15:18 |
| mgariepy | having a +2 code review would be nice to have directly in the page. | 15:26 |
| *** spatel has quit IRC | 15:47 | |
| *** spatel has joined #openstack-ansible | 15:48 | |
| jamesdenton | spatel i added a comment to that, btw | 15:52 |
| *** odyssey4me has quit IRC | 15:52 | |
| spatel | +1 totally valid point | 15:53 |
| noonedeadpunk | jamesdenton: you read my thoughts for sure - going to place there -2 tbh | 15:58 |
| noonedeadpunk | mgariepy: thanks a lot! yep, it's super slow... | 16:00 |
| *** macz_ has joined #openstack-ansible | 16:05 | |
| *** macz_ has joined #openstack-ansible | 16:06 | |
| noonedeadpunk | spatel: does https://review.opendev.org/c/openstack/openstack-ansible-haproxy_server/+/765348 works for you after I "adjusted" it? | 16:06 |
| *** gyee has joined #openstack-ansible | 16:07 | |
| openstackgerrit | Dmitriy Rabotyagov proposed openstack/openstack-ansible-os_keystone master: Move openstack-ansible-uw_apache centos job to centos-8 https://review.opendev.org/c/openstack/openstack-ansible-os_keystone/+/754122 | 16:07 |
| spatel | noonedeadpunk: i didn't run build yet but just download tar to verify.. give me few min to re-run build and verify | 16:07 |
| openstackgerrit | Dmitriy Rabotyagov proposed openstack/openstack-ansible-os_keystone master: Add openstack-ansible-uw_apache focal job https://review.opendev.org/c/openstack/openstack-ansible-os_keystone/+/754123 | 16:08 |
| openstackgerrit | Dmitriy Rabotyagov proposed openstack/openstack-ansible-tests master: Bump ansible-base to match integrated repo https://review.opendev.org/c/openstack/openstack-ansible-tests/+/765565 | 16:14 |
| noonedeadpunk | I really want to branch badly.... | 16:14 |
| openstackgerrit | Merged openstack/openstack-ansible-os_nova master: Fix templating issue due to conditional https://review.opendev.org/c/openstack/openstack-ansible-os_nova/+/765332 | 16:21 |
| spatel | noonedeadpunk: re-running hatop build soon let you know result | 16:22 |
| noonedeadpunk | sure, no hurry I guess:) | 16:23 |
| *** ajg20 has joined #openstack-ansible | 16:24 | |
| ajg20 | Hello, I just setup my first openstack ansible AIO. Any pointers for setting up my first instance and get it accessible to internet? | 16:24 |
| ajg20 | I was able to create a private 10.0.0.0/8 subnet for an instance and connected 10.0.0.0/8 network to the default public 172.29.248.0/22 | 16:26 |
| ajg20 | but the instance cannot get out to the internet | 16:26 |
| spatel | noonedeadpunk: it ran successfully but didn't update /usr/local/bin/hatop file, looking into logs | 16:33 |
| spatel | this looks strange - command: "install -m 755 bin/hatop /usr/local/bin" | 16:33 |
| noonedeadpunk | why so? | 16:34 |
| spatel | why it doesn't have full path? | 16:34 |
| spatel | where is this located bin/hatop ? | 16:34 |
| noonedeadpunk | there's chdir as argument | 16:35 |
| spatel | hm | 16:35 |
| spatel | let me debug and see.. | 16:35 |
| noonedeadpunk | ajg20: well we did not make real public network there. I think you might want to create another network which will be public one, but all depends on where you run aio | 16:35 |
| noonedeadpunk | spatel: does it fail? | 16:35 |
| noonedeadpunk | chdir for command does `cd` into the provided directory and run command afterwards | 16:36 |
| spatel | no it didn't fail, ran successful but didn't change original file located at /usr/local/bin/hatop | 16:36 |
| noonedeadpunk | ah, well | 16:36 |
| noonedeadpunk | it's probably because of creates argument.... | 16:36 |
| ajg20 | noonedeadpunk Thanks, I will look at making a new public network and connect the private to it; to see if the instance can get out to the internet then. | 16:37 |
| noonedeadpunk | it means that command won't run in case there's a file under /usr/local/bin/hatop | 16:37 |
| spatel | let me remove it and re-run | 16:38 |
| openstackgerrit | Merged openstack/openstack-ansible-os_swift master: Stop to use the __future__ module. https://review.opendev.org/c/openstack/openstack-ansible-os_swift/+/732883 | 16:38 |
| spatel | noonedeadpunk: it works after removing /usr/local/bin/hatop :) | 16:40 |
| noonedeadpunk | well, removal of the current hatop might be an idea for ajustment of the upgrade script | 16:43 |
| spatel | we should change logic to force upgrade | 16:44 |
| spatel | what action we take commit like this - https://review.opendev.org/c/openstack/openstack-ansible-os_nova/+/765547 | 16:47 |
| *** chandankumar is now known as raukadah | 16:47 | |
| spatel | abandon ? | 16:47 |
| noonedeadpunk | if you don't want to reflect docs - yes | 16:56 |
| openstackgerrit | Merged openstack/openstack-ansible-os_nova master: Fix use of deprecated image_cache_manager_interval https://review.opendev.org/c/openstack/openstack-ansible-os_nova/+/765338 | 16:58 |
| openstackgerrit | Merged openstack/openstack-ansible-os_octavia master: Reduce number of processes on small systems https://review.opendev.org/c/openstack/openstack-ansible-os_octavia/+/764647 | 17:01 |
| openstackgerrit | Merged openstack/openstack-ansible-os_swift master: Use synchronize module for rings distribution https://review.opendev.org/c/openstack/openstack-ansible-os_swift/+/765354 | 17:32 |
| openstackgerrit | Dmitriy Rabotyagov proposed openstack/openstack-ansible-lxc_hosts master: Install sysctl package in container for debian https://review.opendev.org/c/openstack/openstack-ansible-lxc_hosts/+/765573 | 17:37 |
| noonedeadpunk | jrosser: mgariepy we super need this patch ^ otherwise we get https://zuul.opendev.org/t/openstack/build/cdef505dd8cd44e1b00235d24e08d77d/log/job-output.txt#4186 | 17:38 |
| jrosser | done - i expect thats something i removed in cleaning up the lxc image packages | 18:02 |
| openstackgerrit | James Denton proposed openstack/openstack-ansible-os_neutron master: Make VLAN ranges option when defining provider networks https://review.opendev.org/c/openstack/openstack-ansible-os_neutron/+/765581 | 18:16 |
| openstackgerrit | James Denton proposed openstack/openstack-ansible-os_neutron master: Make VLAN ranges option when defining provider networks https://review.opendev.org/c/openstack/openstack-ansible-os_neutron/+/765581 | 18:21 |
| openstackgerrit | Merged openstack/openstack-ansible master: Do not print btrfs error in log https://review.opendev.org/c/openstack/openstack-ansible/+/765318 | 18:21 |
| openstackgerrit | Merged openstack/openstack-ansible master: Do not warn about incorrect group naming https://review.opendev.org/c/openstack/openstack-ansible/+/760952 | 18:21 |
| openstackgerrit | Merged openstack/openstack-ansible master: Set reasonable default for octavia_ceilometer_enabled https://review.opendev.org/c/openstack/openstack-ansible/+/765167 | 18:21 |
| noonedeadpunk | yeah it was indeed removed previously during cleanup | 18:40 |
| noonedeadpunk | once it merge I hope https://review.opendev.org/c/openstack/openstack-ansible-plugins/+/763041 will be passing which unlock role | 18:41 |
| noonedeadpunk | so would be greate to vote for it as well :p | 18:41 |
| *** jbadiapa has quit IRC | 18:51 | |
| ajg20 | I need some advice, I am using a local virtual machine that has openstack ansible installed with all defaults for AIO and it runs well. I am running into issues with networking for instances to get out to the internet. My external VIP is 192.168.1.99, and to get to the internet the default gateway is 192.168.1.1. I am not sure what to set my | 19:08 |
| ajg20 | Openstack public subnet to, I am assuming it was 192.168.1.0/24 using virtual machine ethernet interface of ens160 but this does not allow me to create it. I "receive Error: Failed to create network External network" | 19:08 |
| ajg20 | I want to make sure i am going down the right path or not, any advice will help | 19:09 |
| *** yann-kaelig has joined #openstack-ansible | 19:10 | |
| *** yann-kaelig has quit IRC | 19:11 | |
| ajg20 | If I can figure out network. I plan to have one phyiscal server(64 CPU with 187GB memory) using one network directly connected to the Internet. I was looking at deploying openstack-ansible to it and have instances use SNAT and floating point IP's addresses since i have a range of 8 public IP paddresses. | 19:11 |
| ajg20 | local vm test networks | 19:17 |
| ajg20 | IPv4 address for br-dbaas: 172.29.232.100 | 19:17 |
| ajg20 | 192.168.1.99 | 19:17 |
| *** pcaruana has quit IRC | 19:22 | |
| *** luksky has quit IRC | 19:46 | |
| *** luksky has joined #openstack-ansible | 19:46 | |
| spatel | ajg20: you have to create router and attach it to your physical LAN | 19:58 |
| spatel | and add floating IP to assign your AIO vms to use them to get out | 19:58 |
| ajg20 | What should I use for public "physical network"? | 20:01 |
| spatel | you do have physical IP on AIO right just use that | 20:03 |
| ajg20 | Creating a new "Networks" from admin area with ens160 which is the external network provides an error "Failed to create network". Where would i see the error for this? in the container? | 20:06 |
| jrosser | ajg20: it would help to put some more detailed output at paste.openstack.org | 20:07 |
| jrosser | i'm also a bit confused between your current AIO and wanting instances to get to the internet via probably an external router/NAT | 20:08 |
| ajg20 | Not a problem, I will add details there. | 20:08 |
| jrosser | and then also asking about what to do with your 8 public IP addresses, not sure what context this is | 20:09 |
| spatel | ajg20: These are good notes to just understand process - https://gist.github.com/lbragstad/133dc2ddb1e8a8051e25f7cfde893ac7 | 20:11 |
| ajg20 | I am working in a local virtual machine with openstack ansible setup to test before setting it up on our production server. | 20:17 |
| ajg20 | AIO is development local vm | 20:18 |
| ajg20 | production is 64 CPU with 187GB memory with 8 public addresses using one physicals network interface. | 20:18 |
| ajg20 | I am only working on my development only right now. | 20:19 |
| ajg20 | The development AIO works as expected until it comes to network then i am confused between container networks and host network to get to the internet for instances. | 20:21 |
| ThiagoCMC | ajg20, let's say that your 8 public IP is in a flat ethernet, no VLANs, plugged at the eth4 of your server, then, our openstack_user_config.yml can have: | 20:23 |
| ThiagoCMC | # Flat Network | 20:24 |
| ThiagoCMC | - network: | 20:24 |
| ThiagoCMC | container_bridge: "eth4" | 20:24 |
| ThiagoCMC | type: "flat" | 20:24 |
| ThiagoCMC | net_name: "lan" | 20:24 |
| ThiagoCMC | group_binds: | 20:24 |
| ThiagoCMC | - neutron_linuxbridge_agent | 20:24 |
| ThiagoCMC | Oops, sorry about the flood! pastebin next time | 20:24 |
| ThiagoCMC | Then, in OpenStack, you refer to this network as "lan", its name. | 20:25 |
| ThiagoCMC | So you can create a "network" and a "subnet" on top of it. | 20:25 |
| ajg20 | I am putting more detail into the paste.openstack.org | 20:26 |
| ThiagoCMC | Liek this: http://paste.openstack.org/show/800755/ | 20:27 |
| ThiagoCMC | I'm using "os_network" and "os_subnet" because of Ansible but, the names are the same if you use the `openstack network / subnet` command | 20:28 |
| ThiagoCMC | ajg20, don't be confused by the var name "container_bridge"! It isn't actually a container bridge. | 20:32 |
| ThiagoCMC | Since the neutron linuxbridge agent runs on metal. | 20:32 |
| *** waverider has joined #openstack-ansible | 20:33 | |
| ThiagoCMC | Hey guys, after an sucessiful OSA+Ceph deployment, I go to my ceph-mon to change the Ceph `pg_num` of my pools. However, in a second run of OSA playbooks, it change back the pg_num to 8! Like this: | 20:37 |
| ThiagoCMC | TASK [ceph-osd : create openstack pool(s)] = changed: [cosstor-4 -> 10.232.197.89] => (item={'name': 'images', 'pg_num': '8', 'pgp_num': '8', 'rule_name': 'replicated_rule', 'type': 1, 'erasure_profile': '', 'expected_num_objects': '', 'application': 'rbd', 'size': '3', 'min_size': '0', 'pg_autoscale_mode': False}) | 20:37 |
| ThiagoCMC | Where is this configured!? It's nowhere within my /etc/openstack_deploy | 20:37 |
| ThiagoCMC | Must be hidden somewhere... Is it the `/etc/ansible/roles/ceph-ansible/roles/ceph-defaults/defaults/main.yml` file? | 20:38 |
| ajg20 | http://paste.openstack.org/show/800756/ | 20:40 |
| *** waverider has quit IRC | 20:47 | |
| *** waverider has joined #openstack-ansible | 20:47 | |
| *** jamesdenton has quit IRC | 20:51 | |
| *** jamesdenton has joined #openstack-ansible | 20:52 | |
| openstackgerrit | Merged openstack/openstack-ansible-lxc_hosts master: Install sysctl package in container for debian https://review.opendev.org/c/openstack/openstack-ansible-lxc_hosts/+/765573 | 21:04 |
| *** rfolco has quit IRC | 21:07 | |
| *** cshen has quit IRC | 21:14 | |
| masterpe | We are doing our galera backups with mariabackup with only the --backup --target-dir options. But this locks the database | 21:17 |
| masterpe | And so so it fails for example octavia | 21:17 |
| jrosser | ThiagoCMC: OSA just is a thin wrapper around ceph-ansible for the ceph components | 21:18 |
| jrosser | so the defaults in ceph-ansible will be used, unless you override or provide config_template variables that ceph-ansible understands | 21:19 |
| *** cshen has joined #openstack-ansible | 21:19 | |
| ThiagoCMC | jrosser, but it also provides a lot of default vars for ceph, right? | 21:19 |
| jrosser | i wouldnt say a lot really | 21:19 |
| ThiagoCMC | For example, to create the openstack pools, pg_num, not install the Ceph's dashboard, not use docker and etc... | 21:20 |
| jrosser | those are overrides of defaults set in ceph-ansible | 21:20 |
| ThiagoCMC | Hmm... I see | 21:20 |
| jrosser | and some probably are there to make things work out right for all OS and the AIO | 21:20 |
| masterpe | When I use --no-lock I don't get any consistence databases | 21:21 |
| spatel | I have question related octavia | 21:21 |
| spatel | On horizon LB section i am not seeing option to select flavor | 21:22 |
| ThiagoCMC | jrosser, let's say that I have a ceph deployed somewhere else, with just ceph-ansible (no OSA). Which files do I have to copy from my OSA deployment server, into this isolated ceph, to make it deploy just like running from openstack-ansible? | 21:22 |
| jrosser | nothing at all | 21:23 |
| jrosser | if the deploy host can ssh into the mon of the external ceph the only thing you have to provide to OSA is the ip addresses of the mon nodes | 21:23 |
| jrosser | if the deploy host cannot do that, you have to put the contents of ceph.conf and the required keyrings into the OSA deploy host | 21:23 |
| ThiagoCMC | Sure | 21:24 |
| ThiagoCMC | But I would like to fully isolate those two, and today I can't, because my isolated Ceph doesn't create the OpenStack pools, like images, vms, backups and etc, it comes "empty"... So I would like to copy the files from my OSA deployment server, into the ceph deployment ceph, to make it behave just like when "under" OSA umbrella | 21:25 |
| jrosser | ceph-ansible can create the openstack pools | 21:25 |
| jrosser | defined here https://github.com/ceph/ceph-ansible/blob/master/tests/functional/all_daemons/group_vars/all#L12-L25 | 21:27 |
| jrosser | oh sort of | 21:28 |
| jrosser | sorry here https://github.com/ceph/ceph-ansible/blob/master/group_vars/all.yml.sample#L589 | 21:29 |
| openstackgerrit | Merged openstack/openstack-ansible-os_ironic master: Define condition for the first play host one time https://review.opendev.org/c/openstack/openstack-ansible-os_ironic/+/756340 | 21:33 |
| ThiagoCMC | jrosser, right, thanks! So, in OSA, this is pre-configured here: `/etc/ansible/roles/ceph-ansible/roles/ceph-defaults/defaults/main.yml`, correct? | 21:34 |
| jrosser | OSA enables the pool creation here https://github.com/openstack/openstack-ansible/blob/master/etc/openstack_deploy/user_variables.yml.prod-ceph.example#L22-L23 | 21:34 |
| ThiagoCMC | Hmmm | 21:35 |
| ThiagoCMC | Ok | 21:35 |
| jrosser | well no, thats part of ceph-ansible | 21:35 |
| ThiagoCMC | damn lol | 21:35 |
| ThiagoCMC | ok | 21:35 |
| jrosser | OSA clones ceph-ansible into /etc/ansible/roles and just calls the same roles | 21:35 |
| ThiagoCMC | Got it... It doesn't do anything inside of `/etc/ansible/roles/ceph-ansible` ? | 21:35 |
| jrosser | so really what you need to do is make sure that the things that get set/enabled in OSA group vars which are relevant to ceph-ansible are also set when you do that seperate deployment | 21:36 |
| jrosser | but they would be in the group_vars for your seperate ceph-ansible setup instead | 21:36 |
| jrosser | so really all OSA does is have some playbooks which call the ceph-ansible roles | 21:37 |
| jrosser | and it sets a very small number of vars that ceph-ansible understands | 21:37 |
| ThiagoCMC | Perfect! | 21:37 |
| ThiagoCMC | I'll try to deploy my isolated Ceph and make it behave like when under OSA umbrella! :-D | 21:38 |
| ThiagoCMC | Thank you! | 21:38 |
| jrosser | no problem :) openstack_config: true will get you most of the way there i think | 21:38 |
| ThiagoCMC | Niiice! | 21:38 |
| jrosser | if you allow ssh into a mon then there almost nothing else to do | 21:38 |
| ThiagoCMC | Sounds easier than I though! lol | 21:39 |
| jrosser | when you have OSA deploy ceph you define a group in the OSA inventory for the mons, osd, rgw and so on | 21:39 |
| ThiagoCMC | yep | 21:39 |
| jrosser | when you have an external ceph none of that is needed in the OSA side | 21:40 |
| ThiagoCMC | got it | 21:40 |
| jrosser | instead you pass a list of where the monitors are, like this https://docs.openstack.org/openstack-ansible-ceph_client/latest/configure-ceph.html#monitors | 21:40 |
| ThiagoCMC | I also have to give the Ceph keys to OSA, right? | 21:40 |
| ThiagoCMC | I think I have this page somewhere here in my thousand tabs lol | 21:41 |
| jrosser | you only have to do that yourself if the OSA deployment host cannot ssh to the mon | 21:41 |
| ThiagoCMC | Yes, I don't want to allow OSA to do that. | 21:41 |
| jrosser | it will retrieve ceph.conf and the keys automatically if you allow that | 21:41 |
| jrosser | if you don't want to do that then you need more variables on the OSA side, like this https://docs.openstack.org/openstack-ansible-ceph_client/latest/config-from-file.html | 21:42 |
| jrosser | you must provide the content for ceph.conf and the keyrings manually | 21:42 |
| ThiagoCMC | Amazing! | 21:44 |
| jrosser | this is the OSA side config to prevent it trying to use ssh to the mon https://github.com/openstack/openstack-ansible-ceph_client/blob/master/defaults/main.yml#L63-L72 | 21:47 |
| spatel | Any idea why octavia not showing flavor list here - https://ibb.co/LpjrQnX | 21:47 |
| spatel | Do you guys can see drop-down list of its just me | 21:48 |
| ThiagoCMC | Hmm... Okdok | 21:49 |
| jrosser | spatel: i have a flavor listed there | 21:49 |
| spatel | jrosser: did you create flavor different way? | 21:52 |
| spatel | I meant using this method - https://docs.openstack.org/octavia/latest/admin/flavors.html | 21:53 |
| jrosser | spatel: http://paste.openstack.org/show/800760/ | 21:57 |
| spatel | hmm | 21:58 |
| spatel | johanssone: my list is empty "openstack loadbalancer flavor list" | 21:58 |
| spatel | so what is this "m1.amphora" which OSA created? | 21:58 |
| jrosser | h well loadbalancer flavor != instance flavor iirc | 21:58 |
| jrosser | isn't it more like "ha loadbalancer" flavor vs. "non-ha loadbalancer" | 21:59 |
| jrosser | rahter than instance size | 21:59 |
| spatel | hmm | 22:00 |
| spatel | that is where i got confused | 22:00 |
| spatel | can i create loadbalancer flavor with HugePage property or CPUpinning? | 22:01 |
| jrosser | for me m1.amphora corresponds to the flavor is given in octavia.conf/amp_flavor_id | 22:01 |
| jrosser | i guess you set whatever parameters you need on m1.amphora | 22:02 |
| * jrosser late here, done for today | 22:02 | |
| spatel | jrosser: Thank you!!! | 22:03 |
| spatel | enjoy your weekend | 22:03 |
| jrosser | you too | 22:03 |
| ThiagoCMC | Just out of curiosity... Does Octavia needs QEMU to create load balancers?! O_O | 22:05 |
| ThiagoCMC | Do the whole network traffic pass thought the Ocatavia instances?! | 22:06 |
| johnsom | The Amphora driver creates instances via nova. Yes, tenant traffic passes through the service vm instances. | 22:07 |
| spatel | johnsom: i have one more question if you have time | 22:12 |
| *** ajg20 has quit IRC | 22:12 | |
| spatel | lets saying i reboot my compute node and while its rebooting amphora think VM is dead and start rebuilding one on other compute node in that case how it will handle | 22:12 |
| johnsom | Sure ansible related or should we chat in the lbaas channel? | 22:12 |
| spatel | lets talk in lbaas | 22:13 |
| johnsom | Cool | 22:13 |
| admin0 | with br-lbaas in compute/network nodes, octavia refused to even install .. when the playbooks ran succesfully, it created network etc .. it gives this error: https://gist.githubusercontent.com/a1git/2adeb761200b4c9a49674a906cf7b69e/raw/dc6a7403d8bac4446144de2bbdd82a65652d9621/gistfile1.txt | 22:13 |
| admin0 | which is cannot enslave bridge to a bridge | 22:13 |
| admin0 | without br-lbaas in compute/network node* | 22:14 |
| openstackgerrit | Merged openstack/openstack-ansible-plugins master: Fix linters https://review.opendev.org/c/openstack/openstack-ansible-plugins/+/763041 | 22:20 |
| *** spatel has quit IRC | 22:22 | |
| masterpe | admin0: we are using a neutron_agent.yml in the group_vars with a neutron_linuxbridge_agent_ini_overrides | 22:26 |
| admin0 | masterpe, is it possible to paste your configs | 22:27 |
| admin0 | i have been stuck with this for days now | 22:27 |
| masterpe | https://gist.github.com/mpiscaer/03c5a212a51abd05ce889abda7f9390e | 22:30 |
| admin0 | masterpe, 2nd question .. in what servers do you have your br-lbaas ? | 22:30 |
| admin0 | only in controllers ? | 22:30 |
| admin0 | is your controller also your network node ? | 22:31 |
| masterpe | And don't for get to create a neutron network for the lbaas. | 22:33 |
| admin0 | masterpe, yours and mine look identical .. https://gist.github.com/a1git/6ddcb0d3c0a274fd031b16a7babf7258 | 22:33 |
| masterpe | neutron net-create lbaas-mgmt --provider:network_type flat --provider:physical_network lbaas | 22:34 |
| masterpe | and a subnet for that lbaas network | 22:34 |
| masterpe | The amphora loadbalancer is a is a instance. So you also need a amphora image in glane. | 22:35 |
| admin0 | actually in my case, the playbook created it automatically | 22:35 |
| masterpe | ok | 22:35 |
| admin0 | it created it correctly: https://gist.githubusercontent.com/a1git/439682c98334bd1952b41d0f6f7f2361/raw/e1d929d4605b34a498edf205bc3307bc39dbccc1/gistfile1.txt | 22:36 |
| admin0 | the amphora image is also built and is there | 22:36 |
| admin0 | because br-lbaas alrady exists in my network/compute nodes, i get an error saying cannot add bridge to bridge | 22:36 |
| admin0 | so which is the most imp qustion .. where do you have br-lbaas created | 22:37 |
| masterpe | We had to remove the br-lbaas bridge from the compute nodes. | 22:37 |
| admin0 | in controllers and in network nodes ? but not in compute nodes ? | 22:37 |
| admin0 | but that will make neutron give an error saying lbaas not found | 22:37 |
| admin0 | as its listed in the physical mapping | 22:37 |
| admin0 | oh oh | 22:38 |
| admin0 | insead of physical interface mapping lbaas:br-lbaas, yours is under bridge mapping | 22:38 |
| admin0 | meaning you are saying its already a bridge ? | 22:38 |
| masterpe | That is why we use neutron_linuxbridge_agent_ini_overrides | 22:38 |
| admin0 | so br-lbaas is only in your network and in controllers | 22:39 |
| masterpe | The physical_interface_mappings is our neurton vlan bridge. br-vlan | 22:39 |
| masterpe | on the compute nodes | 22:39 |
| masterpe | and so br-lbaas is only on the controllers and network. | 22:39 |
| *** jamesdenton has quit IRC | 22:40 | |
| openstackgerrit | Merged openstack/openstack-ansible-os_keystone master: Move keystone sp_idp setup to it's own tasks file https://review.opendev.org/c/openstack/openstack-ansible-os_keystone/+/760429 | 22:40 |
| *** jamesdenton has joined #openstack-ansible | 22:40 | |
| admin0 | masterpe, in my case, my compute node is also a network node :) | 22:41 |
| admin0 | so i have to now split up a few nodes to be only network and check those | 22:41 |
| masterpe | ah, in our case the controller is also a network node. | 22:42 |
| admin0 | what does this bridge overrride do .. it tells the system that the bridge is already exists, so don't bother to create it, just plug stuff in this bridge ? | 22:42 |
| masterpe | Good question. Guilherme Steinmüller from Vexxhosts configured this for use. | 22:45 |
| masterpe | We also had to patch amphora with https://review.opendev.org/#/c/761805/ & https://review.opendev.org/#/c/756597/ | 22:47 |
| admin0 | masterpe, i will try your setup and check | 22:48 |
| admin0 | one final question .. how does an amphora instance look into the compute node ( in terms of brctl ) | 22:48 |
| admin0 | to which networks does it connect to | 22:48 |
| admin0 | one ext-net and one lbaas-mgmt ? | 22:48 |
| masterpe | amphora image will boot up as a instance with octavia_spare_amphora_pool_size you have a number of instances standby. That instance gets a nic interface in lbaas-mgmt. | 22:50 |
| masterpe | for the provisioning communication and when the user creates a loadbalancer, it will also create a nic in the external network and interal network. | 22:51 |
| *** macz_ has quit IRC | 22:51 | |
| masterpe | The only thing is what I encounter is that I backup the galera database with mariabackup, but that does a locked backup. En the Octavia service did not like that. | 22:54 |
| openstackgerrit | Merged openstack/openstack-ansible-os_octavia master: Define condition for the first play host one time https://review.opendev.org/c/openstack/openstack-ansible-os_octavia/+/754411 | 23:01 |
| *** rfolco has joined #openstack-ansible | 23:01 | |
| *** rfolco has quit IRC | 23:06 | |
| admin0 | masterpe, thanks | 23:11 |
| admin0 | i am trying to implement it here | 23:11 |
| admin0 | how long more are you online for ? | 23:11 |
| masterpe | Was planning in going to bed soon. | 23:12 |
| admin0 | then its fine .. i will update tomorrow | 23:12 |
| admin0 | host_bind_override: "bond0.812" - your br-lbaas is on top of this right ? | 23:13 |
| admin0 | in network/controllers | 23:13 |
| admin0 | and none in computes | 23:13 |
| admin0 | but computes also will need access to bond0.812 ( just not have the br-lbaas) | 23:13 |
| masterpe | yes | 23:14 |
| masterpe | Neurton creates a brides on top of bond0.812 | 23:16 |
| masterpe | on the compute | 23:16 |
| admin0 | masterpe, thank you .. i will report/update tomorrow on success/failure | 23:17 |
| admin0 | thank you and have a nice weekend | 23:17 |
| *** luksky has quit IRC | 23:20 | |
| masterpe | you too | 23:21 |
| openstackgerrit | Merged openstack/openstack-ansible-os_magnum master: Fix magnum_service_user_domain_name https://review.opendev.org/c/openstack/openstack-ansible-os_magnum/+/765320 | 23:39 |
| *** cshen has quit IRC | 23:46 | |
| *** tosky has quit IRC | 23:54 | |
| *** cshen has joined #openstack-ansible | 23:57 | |
Generated by irclog2html.py 2.17.2 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!