Wednesday, 2021-05-05

*** dave-mccowan has quit IRC		00:08
*** dotnetted has joined #openstack-ansible		00:47
dotnetted	Hey all - Is the "cinder-manage" command available on a Victoria cinder install? If so, where? Thanks	00:50
*** spatel_ has joined #openstack-ansible		01:24
*** spatel_ is now known as spatel		01:24
poopcat	@dotnetted -- it's on the controller nodes. If your services are in containers, try logging into the cinder-api LXC container and sourcing '/openstack/venvs/cinder-*/bin/activate'	02:15
poopcat	otherwise, just do that on the baremetal controller	02:15
*** spatel has quit IRC		02:15
openstackgerrit	YuehuiLei proposed openstack/openstack-ansible-haproxy_server master: setup.cfg: Replace dashes with underscores https://review.opendev.org/c/openstack/openstack-ansible-haproxy_server/+/789692	02:18
*** spatel_ has joined #openstack-ansible		02:21
*** spatel_ is now known as spatel		02:21
*** evrardjp has quit IRC		02:33
*** evrardjp has joined #openstack-ansible		02:33
*** spatel has quit IRC		02:41
dotnetted	poopcat:- aha! thanks - was missing the venv activation	03:04
*** dotnetted has quit IRC		03:29
*** ChipOManiac has joined #openstack-ansible		04:01
ChipOManiac	Hey all, anyone know what the problem is when "Slurp up constraints file for later re-deployment" in python_venv_build goes "constraints file not found". I've come to believe it's just that the repo is still downloading the file, but it's been a whole day already and it still throws the same error.	04:03
*** mpjetta has joined #openstack-ansible		04:13
*** mpjetta has quit IRC		04:18
*** oleksandry has quit IRC		04:18
*** shyamb has joined #openstack-ansible		04:46
*** miloa has joined #openstack-ansible		04:59
*** miloa has quit IRC		05:21
*** shyamb has quit IRC		05:24
*** shyamb has joined #openstack-ansible		05:25
*** shyam89 has joined #openstack-ansible		05:39
*** oleksandry has joined #openstack-ansible		05:39
*** shyamb has quit IRC		05:41
*** poopcat has quit IRC		06:05
*** poopcat has joined #openstack-ansible		06:07
*** d34dh0r53 has quit IRC		06:18
*** d34dh0r53 has joined #openstack-ansible		06:20
*** gyee has quit IRC		06:32
*** oleksandry has quit IRC		06:48
*** oleksandry has joined #openstack-ansible		06:57
*** gokhani has joined #openstack-ansible		07:05
openstackgerrit	YuehuiLei proposed openstack/openstack-ansible-os_cinder master: setup.cfg: Replace dashes with underscores https://review.opendev.org/c/openstack/openstack-ansible-os_cinder/+/789712	07:05
openstackgerrit	YuehuiLei proposed openstack/openstack-ansible-os_cinder master: setup.cfg: Replace dashes with underscores https://review.opendev.org/c/openstack/openstack-ansible-os_cinder/+/789712	07:09
*** rpittau\|afk is now known as rpittau		07:12
*** SiavashSardari has joined #openstack-ansible		07:12
openstackgerrit	YuehuiLei proposed openstack/openstack-ansible-os_horizon master: setup.cfg: Replace dashes with underscores https://review.opendev.org/c/openstack/openstack-ansible-os_horizon/+/789713	07:14
openstackgerrit	YuehuiLei proposed openstack/openstack-ansible-os_glance master: setup.cfg: Replace dashes with underscores https://review.opendev.org/c/openstack/openstack-ansible-os_glance/+/789714	07:16
openstackgerrit	YuehuiLei proposed openstack/openstack-ansible-os_ironic master: setup.cfg: Replace dashes with underscores https://review.opendev.org/c/openstack/openstack-ansible-os_ironic/+/789715	07:20
jrosser	ChipOManiac: the file is grabbed from the repo server as part of building the venv, its not downloaded from the internet	07:22
jrosser	it's a file that should be created as part of the deployment, not an external file	07:22
*** andrewbonney has joined #openstack-ansible		07:22
openstackgerrit	YuehuiLei proposed openstack/openstack-ansible-os_tempest master: setup.cfg: Replace dashes with underscores https://review.opendev.org/c/openstack/openstack-ansible-os_tempest/+/789716	07:23
*** oleksandry has quit IRC		07:28
noonedeadpunk	jrosser: regarding min facts gathering (I think we already merged?) - do you recall how hardware facts are gathered to resolve ansible_facts['processor_vcpus'] ?	07:29
noonedeadpunk	As it's hardware facts, not min?	07:29
jrosser	hmm	07:29
jrosser	iirc i did have to deal with this	07:30
*** tosky has joined #openstack-ansible		07:30
noonedeadpunk	ok-ok, just faced some issues with that on V, and can't recall what we did in regards of that in master	07:31
jrosser	oh well i think that there should be no changes on V, other than facts older than 24hours maybe leading to a surprise	07:33
openstackgerrit	Andrew Bonney proposed openstack/openstack-ansible-os_zun master: Use ansible_facts[] instead of fact variables https://review.opendev.org/c/openstack/openstack-ansible-os_zun/+/780733	07:41
ChipOManiac	jrosser which means that something went wrong during deployment for it not to be created?	07:42
jrosser	ChipOManiac: yes, thats right	07:42
jrosser	which release are you using?	07:42
noonedeadpunk	yeah, I think in my case it's just smth simple, just pushed me to some thoughts about current state:)	07:42
ChipOManiac	jrosser Upgraded from Train to Ussuri, it's a PoC. Would doing a venv_rebuild=True work?	07:42
jrosser	well, i'm suspecting that folklore advice to use venv_rebuild=True is actually what has made this break	07:43
ChipOManiac	I barely use it. I usually resort to that when a error of this sorts pops up.	07:44
jrosser	right, well it leaves these constraints files on the repo server in an inconsistent state	07:45
ChipOManiac	Which makes it worse?	07:46
jrosser	yeah well the trouble is for the one time you use venv_rebuild=true it does indeed sometimes 'fix' things for that run	07:47
jrosser	but it will then leave the state broken for any subsequent runs	07:47
ChipOManiac	Ohwell.	07:48
ChipOManiac	Constraints error popped up. Thought it was the repo server, so I reinstalled that. Then it got stuck at creating wheels. So tried it with a venv_rebuild=Tue, and it's still stuck at crating wheels.	07:49
jrosser	right yes, so this is the symptom of having used venv_rebuild=true	07:49
jrosser	if you attach to the repo container which it's using for the venv build	07:50
jrosser	and look in /var/www/repo/os-releases/<version-number>	07:50
jrosser	i think there you will find that for some of the venv there are missing .txt files, there should be four for each	07:51
*** shyam89 has quit IRC		07:53
*** shyamb has joined #openstack-ansible		07:58
jrosser	noonedeadpunk: on V i think this would be it https://github.com/openstack/openstack-ansible/blob/stable/victoria/scripts/openstack-ansible.rc#L38	07:59
noonedeadpunk	jrosser: well, just folks reported about having http://paste.openstack.org/show/804968/ while running 22.1.2	08:01
noonedeadpunk	which looks super weird for me tbh	08:01
noonedeadpunk	but yeah, I've already found that	08:02
jrosser	thats interesting	08:03
noonedeadpunk	can't reproduce though...	08:05
jrosser	stale facts would do it	08:06
noonedeadpunk	whatever though I think. I believe they might mix up cherry-picking with checkout ....	08:09
*** ianychoi_ has quit IRC		08:13
noonedeadpunk	would be great to have second pair of eyes on https://c98a6745a1bc52cbe8a6-6774f2c76ec10220eac79c064c510a87.ssl.cf5.rackcdn.com/789376/7/check/openstack-tox-docs/0fd26ec/docs/admin/upgrades/compatability-matrix.html as I'm not sure how valid these support matrix is...	08:13
noonedeadpunk	especially in terms of distro path	08:14
noonedeadpunk	probably centos for P and Q should be also marked in warning (as it was kind of experimental there iirc)	08:15
ChipOManiac	jrosser How'd i get those files added back?	08:15
*** shyamb has quit IRC		08:19
noonedeadpunk	jrosser: it apeeared to happen on master as there was really weird checkout	08:19
noonedeadpunk	that should be easy to reproduce	08:22
*** shyamb has joined #openstack-ansible		08:36
*** shyam89 has joined #openstack-ansible		08:38
*** shyam89 has quit IRC		08:40
*** shyam89 has joined #openstack-ansible		08:40
*** shyamb has quit IRC		08:41
*** shyam89 has quit IRC		08:51
*** ChipOManiac has quit IRC		09:00
openstackgerrit	Merged openstack/openstack-ansible-tests master: Use ansible_facts[] instead of fact variables https://review.opendev.org/c/openstack/openstack-ansible-tests/+/781059	09:07
openstackgerrit	Xinxin Shen proposed openstack/openstack-ansible-tests master: setup.cfg: Replace dashes with underscores https://review.opendev.org/c/openstack/openstack-ansible-tests/+/789761	09:14
noonedeadpunk	jrosser: reproduced http://paste.openstack.org/show/804970/	09:20
jrosser	is this an AIO?	09:21
noonedeadpunk	yep	09:21
jrosser	i expect that part of bootstrap_host role gathers * facts	09:21
noonedeadpunk	they do...	09:21
jrosser	and then subsequently in the playbook we only gather a subset	09:22
noonedeadpunk	so `!all,min` kind of break things out of ci now	09:22
noonedeadpunk	https://opendev.org/openstack/openstack-ansible/src/branch/master/tests/bootstrap-aio.yml#L18	09:24
jrosser	could you check which facts subset the mounts are in?	09:26
noonedeadpunk	I think hardware, but checking	09:26
jrosser	perhaps this all needs a sanity check for the vcpu stuff too	09:27
noonedeadpunk	yep, hardware, same as vcpu	09:27
noonedeadpunk	but adding hardware without filtering expands facts file from 6.5k to 36k	09:28
jrosser	we can use the filter, like i did on the dynamic_address_fact	09:32
jrosser	but that might need lots and lots of patches	09:32
noonedeadpunk	well, or just one but huge (in the integrated repo for playbooks)	09:32
jrosser	oh right yes, it's there isnt it	09:33
jrosser	https://github.com/openstack/openstack-ansible/blob/master/playbooks/common-tasks/dynamic-address-fact.yml#L19	09:34
noonedeadpunk	we also need to clean up facts after boostrap-aio I guess	09:35
jrosser	hopefully this https://github.com/openstack/openstack-ansible/blob/2aa71dfebcfd618b8ee937cbec428e6f35cb90e4/tests/bootstrap-aio.yml#L88	09:36
noonedeadpunk	oh, huh...	09:36
noonedeadpunk	why then it works....	09:36
jrosser	though i am wondering if that is clearing facts for localhost	09:36
jrosser	and not aio1	09:36
jrosser	as the play is targetting localhost	09:37
noonedeadpunk	yeah, I think it does... Should we just delegate it to all hosts?	09:37
noonedeadpunk	but we don't have inventory during this play, right	09:37
jrosser	we don't, but the hostname does get changed during the play	09:38
jrosser	that would be interesting to see if it has an effect	09:38
noonedeadpunk	we can actually run `ansible -m meta -a clear_facts all` after this playbook in gate-check-commit.sh	09:39
jrosser	needs some care, as the inventory will now be present but the hosts are not all there	09:40
noonedeadpunk	I think it's not running against hosts at all	09:41
jrosser	maybe instead add a second play at the end if bootstrap-aio.yml with just the clear_facts task, and have it target localhost,aio1	09:41
noonedeadpunk	meta is run locally	09:41
jrosser	oh hmm	09:42
noonedeadpunk	it cleans up /etc/openstack_deploy/ansible_facts/	09:42
jrosser	`causes the gathered facts for the hosts specified in the play's list of hosts to be cleared, including the fact cache`	09:42
openstackgerrit	Dmitriy Rabotyagov proposed openstack/openstack-ansible master: Clean up gathered facts during AIO bootstrap https://review.opendev.org/c/openstack/openstack-ansible/+/789769	09:47
openstackgerrit	Dmitriy Rabotyagov proposed openstack/openstack-ansible master: Clean up gathered facts during AIO bootstrap https://review.opendev.org/c/openstack/openstack-ansible/+/789769	09:49
*** shyamb has joined #openstack-ansible		09:53
*** shyamb has quit IRC		09:53
noonedeadpunk	tbh, doing filters for every playbook and extra facts gathering and maintaining it is kind of....	09:57
noonedeadpunk	not sure makes much sense comparing to just gather hardware facts additionally. as mounts add up to filesize of 12k (which is twice from just min) and considering we need also some cpu info...	10:13
noonedeadpunk	and considering that setup will run regardless of having facts or not, we probably won't gain any performance profit at the end	10:15
noonedeadpunk	*of having facts cache	10:15
openstackgerrit	Dmitriy Rabotyagov proposed openstack/openstack-ansible master: DNM Gather additional required facts to min https://review.opendev.org/c/openstack/openstack-ansible/+/789776	10:15
*** sshnaidm\|afk is now known as sshnaidm		10:34
*** tosky has quit IRC		10:38
*** tosky has joined #openstack-ansible		10:38
jrosser	hmm so using --tags rabbitmq-config,rabbitmq_server-config rewrites the config file if needed but doesnt restart the service	10:40
noonedeadpunk	ummmmm	10:41
noonedeadpunk	we don't handlers here https://opendev.org/openstack/openstack-ansible-rabbitmq_server/src/branch/master/tasks/rabbitmq_post_install.yml#L37 doh	10:41
noonedeadpunk	that's stupid....	10:42
noonedeadpunk	ah, well, we reastart not with handlers https://opendev.org/openstack/openstack-ansible-rabbitmq_server/src/branch/master/tasks/rabbitmq_post_install.yml#L77-L78	10:42
*** tosky_ has joined #openstack-ansible		10:45
*** tosky has quit IRC		10:47
noonedeadpunk	so seems the way more trickier	10:48
*** tosky_ is now known as tosky		10:49
jrosser	oh, isnt it missing tags off here https://opendev.org/openstack/openstack-ansible-rabbitmq_server/src/branch/master/tasks/rabbitmq_post_install.yml#L77-L78	10:53
noonedeadpunk	yeah, and actually I'm not sure if we should also add them to https://opendev.org/openstack/openstack-ansible-rabbitmq_server/src/branch/master/tasks/rabbitmq_started.yml	10:55
noonedeadpunk	as tags doesn't seem to pass through https://opendev.org/openstack/openstack-ansible-rabbitmq_server/src/branch/master/tasks/rabbitmq_restart.yml#L16 as well	10:56
openstackgerrit	Andrew Bonney proposed openstack/openstack-ansible-os_zun master: Use ansible_facts[] instead of fact variables https://review.opendev.org/c/openstack/openstack-ansible-os_zun/+/780733	10:58
openstackgerrit	Dmitriy Rabotyagov proposed openstack/openstack-ansible master: Gather hardware facts by default https://review.opendev.org/c/openstack/openstack-ansible/+/789784	11:07
*** mgariepy has quit IRC		11:08
noonedeadpunk	btw, galera tags doesn't work as expected as well	11:09
jrosser	rabbit is another role with too many small files including each other	11:12
openstackgerrit	Dmitriy Rabotyagov proposed openstack/openstack-ansible-galera_server master: Add galera devel packages installation https://review.opendev.org/c/openstack/openstack-ansible-galera_server/+/789786	11:22
openstackgerrit	Dmitriy Rabotyagov proposed openstack/openstack-ansible-galera_server master: Add galera devel packages installation https://review.opendev.org/c/openstack/openstack-ansible-galera_server/+/789786	11:22
openstackgerrit	Jonathan Rosser proposed openstack/ansible-role-pki master: WIP - create certificate authorities https://review.opendev.org/c/openstack/ansible-role-pki/+/787404	11:26
openstackgerrit	Jonathan Rosser proposed openstack/ansible-role-pki master: WIP - Create server certificates https://review.opendev.org/c/openstack/ansible-role-pki/+/788021	11:26
openstackgerrit	Jonathan Rosser proposed openstack/openstack-ansible-rabbitmq_server master: DNM - Test PKI role https://review.opendev.org/c/openstack/openstack-ansible-rabbitmq_server/+/788032	11:27
openstackgerrit	Jonathan Rosser proposed openstack/openstack-ansible-rabbitmq_server master: Fix service restart when using tags https://review.opendev.org/c/openstack/openstack-ansible-rabbitmq_server/+/789788	11:27
openstackgerrit	Jonathan Rosser proposed openstack/openstack-ansible-rabbitmq_server master: Modernise TLS configuration https://review.opendev.org/c/openstack/openstack-ansible-rabbitmq_server/+/789789	11:27
*** premkumarar has joined #openstack-ansible		11:29
*** recyclehero has quit IRC		11:35
jrosser	noonedeadpunk: do you remember where we had the trouble with rabbitmq/ssl? would i see it with keystone in just an infra AIO?	11:35
premkumarar	hi all while creating stack i got this issues.	11:35
premkumarar	Create Failed	11:35
premkumarar	Resource Create Failed: Resourceinerror: Resources.My Instance: Went To Status Error Due To "Message: No Valid Host Was Found. , Code: 500	11:35
noonedeadpunk	jrosser: iirc we saw that only in tempest when instance was spawned and some service was rejecting to connect to rabbit (like nova-conductor)	11:36
noonedeadpunk	premkumarar: what's in nova-scheduler log?	11:37
noonedeadpunk	is nova-compute service is up in openstack compute service list?	11:38
noonedeadpunk	(and present in openstack hypervisor list)	11:38
premkumarar	noonedeadpunk nova-compute aio1 nova Enabled Up	11:41
premkumarar	cinder-scheduler aio1-cinder-api-container-845d8e39 nova Enabled Up	11:41
premkumarar	but cinder volume is down	11:42
premkumarar	cinder-volume aio1@lvm nova Enabled Down 2 days, 2 hours	11:42
*** gokhani has quit IRC		11:42
*** gokhani has joined #openstack-ansible		11:56
*** jbadiapa has joined #openstack-ansible		12:02
*** mgariepy has joined #openstack-ansible		12:13
premkumarar	Hi i have a basic question. Installed openstack aio using the ansible in Ussuri. Everything is working fine. Once i restart the system. My service are going down. After heat service completely went down and cinder volume also down.	12:26
premkumarar	Do we have any steps or document what i need to do after the restart	12:27
*** rh-jelabarre has joined #openstack-ansible		12:29
openstackgerrit	Dmitriy Rabotyagov proposed openstack/openstack-ansible-os_adjutant master: Install mysql client libraries https://review.opendev.org/c/openstack/openstack-ansible-os_adjutant/+/777607	12:32
noonedeadpunk	premkumarar: nope, I don't think we have one. This happens, because we don't do persistant loop mounts for aio	12:33
noonedeadpunk	and we create loop drives for cinder/glance/etc	12:33
noonedeadpunk	without loop drive being present, lvm group can't activate and thus cinder-volume is down	12:33
noonedeadpunk	that's smth that worth fixing, but never have time on that, as aio is used mainly for testing and not like prod envs	12:34
noonedeadpunk	I have devices set like this in aio http://paste.openstack.org/show/804973/	12:35
noonedeadpunk	and `/dev/loop3` is used as cinder-volumes volume group on LVM	12:36
jrosser	noonedeadpunk: maybe we should convert the creation of the loop devices to systemd units	12:54
jrosser	then they should come back at reboot	12:54
*** premkumarar has quit IRC		13:10
openstackgerrit	Arx Cruz proposed openstack/openstack-ansible-os_tempest master: Moving tripleo train job to non-voting https://review.opendev.org/c/openstack/openstack-ansible-os_tempest/+/789830	13:18
arxcruz	noonedeadpunk: jrosser ^	13:19
arxcruz	we are working to fix the train job, meanwile, moving it to nv	13:19
*** akahat\|ruck has quit IRC		13:21
*** dpawlik has quit IRC		13:22
*** jbadiapa has quit IRC		13:23
*** jbadiapa has joined #openstack-ansible		13:23
*** akahat has joined #openstack-ansible		13:33
*** macz_ has joined #openstack-ansible		14:05
*** macz_ has quit IRC		14:09
*** dpawlik5 has joined #openstack-ansible		14:27
*** dpawlik5 is now known as dpawlik		14:32
MrClayPole	Hi All, we are currently running OSA Rocky and have a single infrastructure node running 3 x lxc Rabbit and Galera instances. We deployed 2 additional servers and deploy Galera and rabbit on these so we now have 5 Rabbit and Galera configured. We would now like to scale down the 3 x lxc Rabbitt and Galera instances to 1 on the original server.	14:42
MrClayPole	We are just wondering on the best/safest way to do this?	14:42
noonedeadpunk	That's really interesting question :)	14:43
jrosser	galera is in some way easier as you have the loadbalancer in the way	14:43
noonedeadpunk	yeah, for rabbit things might be tough, as you need to adjust all services configuration	14:44
jrosser	i guess for rabbit you'd need to remove the unwanted ones from the inventory but not delete them	14:44
jrosser	redeploy all the services to get the configs updated	14:44
noonedeadpunk	well, I'd do with galera exactly the same I guess	14:44
jrosser	then drop the old containers	14:44
noonedeadpunk	redeploy in terms of re-running roles	14:45
jrosser	yeah	14:45
noonedeadpunk	for rabbit I'd first changed services configs and only after re-configured rabbit	14:45
jrosser	then i guess also the rabbit/galera roles need re-running last to reduce the size of the clusters in their config	14:47
noonedeadpunk	oh, but for galera I'd probably run haproxy role first	14:47
noonedeadpunk	so that "master" didn't appear on dropped node	14:48
jrosser	MrClayPole: lots of handwaving here ^^^ :) - so i guess the take-away is to get the ordering right	14:48
noonedeadpunk	jrosser: btw it seems we do gather facts somewhere after bootstrap-aio....	14:51
noonedeadpunk	in terms of all facts	14:51
noonedeadpunk	as otherwise I'd expect this to fail really badly https://review.opendev.org/c/openstack/openstack-ansible/+/789769	14:51
*** Premkumarar has joined #openstack-ansible		14:52
Premkumarar	noonedeadpunk is there any work around to reslove that issue	14:52
openstackgerrit	Oleksandr Yeremko proposed openstack/openstack-ansible-specs master: Protecting plaintext configs https://review.opendev.org/c/openstack/openstack-ansible-specs/+/788829	14:52
MrClayPole	Thanks guys I had a feel this wouldn't be straight forward	14:53
noonedeadpunk	Premkumarar: nope, not really. we just were discussing that it would be great to get this fixed, but not high prio for me personally (and I guess for nobody)	14:53
*** mobuntu has joined #openstack-ansible		14:54
jrosser	noonedeadpunk: looks like all facts are present for aio1 https://aa62d61626cb9330e709-81a8be848ef91b58aa974b4cb791a408.ssl.cf2.rackcdn.com/789769/2/check/openstack-ansible-deploy-aio_lxc-ubuntu-focal/01b1208/logs/etc/host/openstack_deploy/ansible_facts/index.html	14:55
noonedeadpunk	yep	14:55
jrosser	hmm so maybe we are hiding broken things for multinode	14:55
jrosser	i was concerned about this tbh	14:55
noonedeadpunk	and we do this somewhere between bootstrap aio and hardening	14:56
noonedeadpunk	so should be not that hard to track it down	14:56
jrosser	when i was messing with this i had a terminal open with "watch ls -l /etc/openstack_deploy/ansible_facts"	14:56
jrosser	and just ran the plays through one by one	14:56
noonedeadpunk	sounds not so fun	14:56
jrosser	it was very obvious when one fo the files went huge	14:57
*** macz_ has joined #openstack-ansible		14:57
noonedeadpunk	yeah, will try to find where we collect things	14:57
jrosser	wtf is Connection failed: [SSL: WRONG_VERSION_NUMBER] wrong version number	14:57
noonedeadpunk	do we use smth like tls1.0 or ssl3?	14:58
noonedeadpunk	I thought actually we even set ciphers....	14:58
noonedeadpunk	but we probably used tls1.1	14:58
noonedeadpunk	(might be worth switching to smth more descent)	14:59
mobuntu	Hey guys, noob here. I'm trying to create two targetable host groups for my compute. But I can't seem to get the host groups to be created properly in my inventory. This is how i have them defined in my openstack_user_config.yml https://pastebin.com/qJdiddyd anyone have a working example of this?	14:59
jrosser	noonedeadpunk: ah for the TLS setup for rabbit previously it was pretty undefined so i made this https://review.opendev.org/c/openstack/openstack-ansible-rabbitmq_server/+/789789	14:59
jrosser	so i am trying to use tls1.2	15:00
noonedeadpunk	mobuntu: you alse need to create env.d files. spatel does have and already published that here one day...	15:00
noonedeadpunk	jrosser: ah! I believe tls1.1 shoudl be valid nowadays? Or it's already not?	15:01
noonedeadpunk	https://support.umbrella.com/hc/en-us/articles/360033350851-End-of-Life-for-TLS-1-0-1-1- hm	15:01
noonedeadpunk	seems it's eol as well	15:01
*** mgariepy has quit IRC		15:14
*** SiavashSardari has quit IRC		15:15
jrosser	mobuntu: from your paste you've got an identation problem with the yaml	15:24
jrosser	mobuntu: you should have something like this http://paste.openstack.org/show/804975/	15:25
*** mgariepy has joined #openstack-ansible		15:46
*** rpittau is now known as rpittau\|afk		15:52
* jrosser has TLS connection to rabbitmq \o/		16:02
jrosser	helps if you actually connect to port 5671 instead of 5672..... doh	16:02
noonedeadpunk	haha	16:06
noonedeadpunk	yeah, that's true)	16:06
noonedeadpunk	jrosser: should we also filter here? https://opendev.org/openstack/openstack-ansible/src/branch/master/playbooks/openstack-hosts-setup.yml#L49	16:17
noonedeadpunk	hm.... interesting...	16:20
noonedeadpunk	feels like we don't need virtual there o_O	16:28
openstackgerrit	Dmitriy Rabotyagov proposed openstack/openstack-ansible master: Don't collect virtual facts https://review.opendev.org/c/openstack/openstack-ansible/+/789926	16:31
noonedeadpunk	sooooo. what have we decided in terms of hardware facts - gather them all or do a hook for each playbook?	16:31
*** gyee has joined #openstack-ansible		16:33
noonedeadpunk	I think I'd vote for gathering all hardware facts - there're not too much of them I think... well, it's actually 6 times more... but dunno about having all these filters. probably we can add it to the common-tasks and just do simple include	16:34
jrosser	the filter could also be a var defined in group_vars	16:38
jrosser	that would make maintainance eaiser	16:38
noonedeadpunk	well, yeah, agree	16:38
noonedeadpunk	I just not really like that setup will run each time - despite we have things already cached or not	16:43
*** oleksandry has joined #openstack-ansible		16:44
fridtjof[m]	hmmm, trying to run an OSA deployment right now (osa 22.1.2), and specifically glance and cinder containers are failing to start	16:46
fridtjof[m]	starting them manually in foreground mode gives me this error over and over:	16:47
fridtjof[m]	lxc-start: infra1_glance_container-3965f658: cgroups/cgfsng.c: cgfsng_monitor_create: 1264 Failed to create cgroup "(null)"	16:47
fridtjof[m]	all other containers are running fine	16:47
fridtjof[m]	weird thing is that this happens on two separate infrastructure hosts (albeit VMs on the same physical machine, but...) for exactly glance and cinder_api containers	16:48
fridtjof[m]	hosts are all running ubuntu 20.04	16:49
*** oleksandry has quit IRC		16:50
openstackgerrit	Dmitriy Rabotyagov proposed openstack/openstack-ansible master: DNM Gather additional required facts to min https://review.opendev.org/c/openstack/openstack-ansible/+/789776	16:56
fridtjof[m]	update: rebooted both hosts, now it works	17:07
fridtjof[m]	strange	17:07
*** Premkumarar has quit IRC		17:15
fridtjof[m]	ugh it's happening again	17:25
*** andrewbonney has quit IRC		17:31
fridtjof[m]	oh, both cinder-api and glance want connectivity to br-storage?	17:34
fridtjof[m]	i kind of get that for glance, as I set it up to use cinder as a backing store (which does explain the new requirement), but why does cinder-api have to get directly onto the storage network?	17:34
jrosser	fridtjof[m]: if it's the same place that cinder-volume would go when that component is not on metal, it may explain it	17:38
fridtjof[m]	I based my configuration off of this: https://docs.openstack.org/openstack-ansible/victoria/user/prod/example.html	17:40
fridtjof[m]	it's worked before on stein, but I think I did connect the infra hosts to the storage network too back then	17:40
fridtjof[m]	(i didn't this time)	17:40
jrosser	cinder-volume runs on the infra hosts, so that will almost certainly need to be on the storage network	17:41
jrosser	unless you change the config to make it containerised	17:42
fridtjof[m]	I do see a discrepancy on that page - the "IP Assignments" table implies you don't have to connect the infra host(s) to br-storage, but the following openstack_user_config then binds cinder-api and glance-api to that network	17:42
fridtjof[m]	cinder-volume in my case is only running on a separate storage host	17:43
jrosser	oh right in that example it tells you to make the adjustments in "Environment customizations" to put the cinder-volume service in containers	17:43
fridtjof[m]	infra hosts are only running cinder-api, which (from what i've read) is supposed to just control cinder-volume through br-mgmt, right?	17:43
jrosser	the cinder-volume service (as which isnt necessarily where the storage is) is also on the infra hosts	17:44
jrosser	in the example those services are using the NFS server at 172.29.244.15	17:45
*** oleksandry has joined #openstack-ansible		17:45
fridtjof[m]	mhm	17:45
fridtjof[m]	I get why cinder-volume needs to be on br-storage, does cinder-api need to be on there though?	17:46
fridtjof[m]	(same question for glance-api)	17:46
jrosser	i think that glance would need to talk to a ceph backend for example to upload images to the storage	17:47
jrosser	the same would go for NFS i expect	17:47
fridtjof[m]	ah, yep	17:47
jrosser	and really i think that the storage network connected to the cinder-api container is a generalisation, it's not strictly necessary	17:47
fridtjof[m]	previously I only ever ran the file backend (which i realized wasn't the best idea after i reinstalled an infra host lol) for glance	17:48
jrosser	unless like in the example the cinder-volume service is also in that container	17:48
jrosser	so rather than overcomplicate the "if this else this...." documentaion it's easier to just connect it to the bridge	17:48
fridtjof[m]	in any case, seems like i'll have to connect br-storage in any case for glance-api to work with cinder	17:49
jrosser	glace will use its own space on the NFS i think	17:49
fridtjof[m]	(not using NFS, just cinder-volume with a local LVM store)	17:50
jrosser	oh well thats the case when you have to run cinder-volume on the infra host itself	17:50
jrosser	becasue the iscsi stuff doesnt work containerised iirc	17:50
jrosser	assuming we're talking about the same thing :)	17:51
fridtjof[m]	i think i'm not running into _that_ problem :)	17:52
fridtjof[m]	(i have a single "storage" physical server with a bunch of drives for this deployment, those are one LVM VG, and cinder-volume runs on metal there)	17:52
fridtjof[m]	but for glance-api to be able to use cinder as a backend, it'll need access to the storage network (which I still have) to be able to store images there, right?	17:53
fridtjof[m]	or would iscsi not work with glance-api containerised?	17:55
jrosser	i think it's the server part of cinder-volume that needs to be on the host, as you have it now	17:57
jrosser	and yes i think you'll need the storage interface in the glance container in order to access it directly	17:58
fridtjof[m]	alright	18:01
*** oleksandry has quit IRC		18:09
*** gokhani has quit IRC		18:13
admin0	how do I override network interfaces for a flat networking when diff hypervisors have diff network interface names	18:14
*** MrClayPole_ has joined #openstack-ansible		18:19
*** MrClayPole has quit IRC		18:23
jrosser	admin0: one simple way round that is to use a veth and a new interface, thats why you see eth12 all over the example configs, to give a well defined interface name to neutron	18:26
jrosser	alternatively, depending on how many different combinations you have this could be useful too https://docs.openstack.org/openstack-ansible/latest/user/prod/provnet_groups.html	18:27
admin0	jrosser, exactly what i needed	18:28
mgariepy	what are you using for the network configuration ?	18:28
admin0	many thansk	18:28
admin0	simple bridges	18:28
admin0	lb	18:28
admin0	not ovs	18:29
admin0	mgariepy, or was the question diff and i did not understand	18:29
mgariepy	i thend to just rename the interface to something like : 25G-1 , 25G-2 etc.	18:29
admin0	netplan	18:29
mgariepy	netplan ? systemd-networkd ?	18:29
admin0	focal 20	18:29
admin0	yep	18:29
admin0	hmm..so just rename from udev :)	18:30
admin0	3 methods to chose from \o/	18:30
mgariepy	http://paste.openstack.org/show/804980/	18:31
*** recyclehero has joined #openstack-ansible		18:32
mgariepy	netplan can rename them. but sometimes you can have ussues with the file generation (because netplan only do file generation for other backend) the match might not work on some corner case that might be fixed now.	18:32
*** Jeffrey4l has quit IRC		18:44
*** Jeffrey4l has joined #openstack-ansible		18:47
*** Adri2000 has joined #openstack-ansible		18:52
*** oleksandry has joined #openstack-ansible		19:01
openstackgerrit	Dmitriy Rabotyagov proposed openstack/openstack-ansible-os_glance master: [goal] Deprecate the JSON formatted policy file https://review.opendev.org/c/openstack/openstack-ansible-os_glance/+/780749	19:13
openstackgerrit	Dmitriy Rabotyagov proposed openstack/openstack-ansible-os_aodh master: [goal] Deprecate the JSON formatted policy file https://review.opendev.org/c/openstack/openstack-ansible-os_aodh/+/780844	19:15
*** oleksandry has quit IRC		19:26
admin0	thanks mgariepy	19:32
openstackgerrit	Merged openstack/openstack-ansible-os_glance master: setup.cfg: Replace dashes with underscores https://review.opendev.org/c/openstack/openstack-ansible-os_glance/+/789714	19:34
*** oleksandry has joined #openstack-ansible		19:39
mgariepy	admin0, you are welcome if you have issues, do not hesitate to ping me,	19:40
*** oleksandry has quit IRC		20:26
*** mobuntu has quit IRC		21:41
*** gyee has quit IRC		22:41
*** tosky has quit IRC		23:03
*** macz_ has quit IRC		23:06

Generated by irclog2html.py 2.17.2 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!