| opendevreview | James Denton proposed openstack/openstack-ansible-ops master: Correct OVNL3RouterPlugin path https://review.opendev.org/c/openstack/openstack-ansible-ops/+/856569 | 00:02 |
|---|---|---|
| *** ysandeep|out is now known as ysandeep | 00:08 | |
| opendevreview | James Denton proposed openstack/openstack-ansible-os_ironic master: Replace pxe_append_params with kernel_pxe_params in ironic.conf https://review.opendev.org/c/openstack/openstack-ansible-os_ironic/+/856590 | 00:49 |
| prometheanfire | cloudnull: yo :D | 02:05 |
| prometheanfire | not bugging you about what I'm going to bring up, though removing apache might fix it :D | 02:06 |
| prometheanfire | if you curl the public openstack endpoint on a recent deploy (last release) you'll probably get the wrong options returned by keystone for versions available (it'll be http, not https) | 02:08 |
| prometheanfire | https://github.com/openstack/openstack-ansible-os_keystone/commit/6fae2bdade459c85dba55aae64c9f6f4e485a782 is setting the x-forward-proto in the apache config when it should be trusting what's sent by haproxy (it stomps on what haproxy says) | 02:10 |
| prometheanfire | curl https://endpoint:5000 and recent release will return http://endpoint:5000/v3 as an option | 02:11 |
| cloudnull | prometheanfire the uwsgi process is setting x-forward too so it should be ok -- at least its working in my deployment? | 02:19 |
| cloudnull | https://paste.openstack.org/show/bIWaUbb1Tf1CbiH27iwJ/ | 02:24 |
| cloudnull | checked in a couple places both those vips are my internal and public vips on the LB, and it seems to be working. so i think im good? | 02:27 |
| prometheanfire | ya, looks right | 02:52 |
| prometheanfire | that's with your patch? | 02:52 |
| prometheanfire | it's just apache that's stomping on whatever is sent by haproxy | 02:53 |
| *** ysandeep is now known as ysandeep|out | 03:42 | |
| cloudnull | Yup that’s all running Apache free. | 03:52 |
| cloudnull | Same for horizon. | 03:53 |
| prometheanfire | ok, I'm going to have to remember to make a review to fix / revert that | 04:41 |
| *** chkumar|ruck is now known as chandankumar | 06:29 | |
| *** ysandeep|out is now known as ysandeep | 06:49 | |
| *** arxcruz|rover is now known as arxcruz | 08:10 | |
| *** ysandeep is now known as ysandeep|lunch | 08:29 | |
| *** ysandeep|lunch is now known as ysandeep | 09:48 | |
| opendevreview | Magnus Bergman proposed openstack/openstack-ansible master: Add weight decrease to keepalived checks https://review.opendev.org/c/openstack/openstack-ansible/+/856721 | 10:52 |
| dokeeffe85 | Hey noonedeadpunk and jamesdenton, we have lift off :) there was a misconfiguration on the interface that I found after you asked me about keepalived yesterday. I now have a working openstack deploy. Thanks a million for the advice | 11:08 |
| jamesdenton | dokeeffe85 nice find! good luck with the rest of the deploy | 11:30 |
| dokeeffe85 | Thanks jamesdenton | 11:35 |
| anskiy | hey! so I have this patch on haproxy_server role: https://paste.opendev.org/show/bM89LDRRKyMPRgJvrSKI/ to get Lets Encrypt certificate issue working. I have `external_lb_vip_address` set to hostname and `haproxy_bind_external_lb_vip_address` set to IP/PREFIX. Does anyone else use Lets Encrypt? | 11:41 |
| jamesdenton | i don't, but there are some here who do. perhaps they'll be able to chime in later | 11:50 |
| anskiy | jamesdenton: btw, do you have any more questions regarding: https://review.opendev.org/c/openstack/openstack-ansible-os_neutron/+/855829? | 11:53 |
| jamesdenton | anskiy no, i spent some time yesterday with an MNAIO making sure it worked as expected (it does) | 12:37 |
| jamesdenton | it would also appear that openvswitch-switch is no longer a dependency, which you may have already known | 12:39 |
| anskiy | jamesdenton: I didn't know, thank you. But it could mean, that it's explicitly pulled to ovn-northd group somewhere else, and I probably should remove that in this change too, so here's one addition to that | 12:50 |
| jamesdenton | oh, well what i meant by that was openvswitch-switch is not installed on the northd group nodes, but the nb/sb database service is, and things appear to work | 12:51 |
| jamesdenton | in ~18.04 it was a dependency of ovn-central or ovn-common, can't recall which. not the case anymore, it seems. Anyway, LGTM. | 12:52 |
| anskiy | so, you mean, you don't see openvswitch-switch installed on a fresh control-plane node at all on 20.04? | 12:54 |
| jamesdenton | right | 12:55 |
| anskiy | but that would mean, that without this patch, the run would fail on control node, when it would try to start openvswitch-switch service... | 12:57 |
| jamesdenton | without the patch, it's getting installed here: https://github.com/openstack/openstack-ansible-os_neutron/blob/master/vars/main.yml#L23 | 12:59 |
| jamesdenton | but with the patch, it's not getting installed or started, which is the expectation? | 12:59 |
| *** ysandeep is now known as ysandeep|brb | 13:19 | |
| *** ysandeep|brb is now known as ysandeep | 13:30 | |
| anskiy | jamesdenton: well, yes, eventually :) | 13:47 |
| opendevreview | James Denton proposed openstack/openstack-ansible-os_ironic master: Ensure ironic inspector dhcp server listen address is defined https://review.opendev.org/c/openstack/openstack-ansible-os_ironic/+/852173 | 14:12 |
| prometheanfire | cloudnull: looks like keystone fixed it after my checkout but before my deploy lol | 14:21 |
| prometheanfire | https://github.com/openstack/openstack-ansible-os_keystone/commit/7995449f3de8f553bc4a2a8b4e1c8cd38f19808c | 14:21 |
| *** ysandeep is now known as ysandeep|out | 14:37 | |
| *** dviroel is now known as dviroel|lunch | 14:52 | |
| NeilHanlon | jamesdenton: random question--have you seen any interop issues with openvswitch and juniper switches? I am currently having some problem where after some time of it working fine, ICMP6 traffic (echo-request and neighbor solicitations) reaches the server, but nothing responds. network setup is two x 25GbE in an active-backup bond, where that bond | 15:50 |
| NeilHanlon | is part of an ovs bridge with the L3 configuration. Traffic is over the native vlan (which OVS is also configured to know about). The same setup reportedly works fine with Cisco hardware | 15:50 |
| *** dviroel|lunch is now known as dviroel | 15:53 | |
| opendevreview | Merged openstack/openstack-ansible-plugins master: Introduce variables for rocky linux 9 support in gluster https://review.opendev.org/c/openstack/openstack-ansible-plugins/+/852183 | 16:11 |
| jamesdenton | NeilHanlon Doesn't ring any bells, we're mainly Cisco and Arista over here. But i do recall some unique juniper issues many moons ago; have no recollection what it was | 16:28 |
| jamesdenton | if there's a way to search the eavesdrop logs it could be in there | 16:29 |
| opendevreview | James Denton proposed openstack/openstack-ansible-os_ironic master: Ensure ironic inspector dhcp server listen address is defined https://review.opendev.org/c/openstack/openstack-ansible-os_ironic/+/852173 | 16:49 |
| opendevreview | Matthew Thode proposed openstack/openstack-ansible master: Bump keepalived role back https://review.opendev.org/c/openstack/openstack-ansible/+/856855 | 19:23 |
| opendevreview | Matthew Thode proposed openstack/openstack-ansible stable/yoga: Bump keepalived role back https://review.opendev.org/c/openstack/openstack-ansible/+/856856 | 19:24 |
| prometheanfire | seems to hit the current stable/yoga | 19:30 |
| *** dviroel is now known as dviroel|out | 20:02 | |
| prometheanfire | not sure why the original patch was for xena only | 20:17 |
| jamesdenton | if anyone has a sec... https://review.opendev.org/c/openstack/openstack-ansible-os_ironic/+/852173 | 20:20 |
| prometheanfire | looks like my core on the os_ironic role was finally taken away lol | 20:25 |
| jamesdenton | the fixed the glitch | 20:30 |
| jamesdenton | :D | 20:30 |
| jamesdenton | *they | 20:30 |
| prometheanfire | smart | 20:35 |
| damiandabrowski | jamesdenton: not sure if i understand it correctly, but didn't we just create circular dependency? | 20:40 |
| damiandabrowski | 852122 depends on 852173 according to relation chain | 20:44 |
| jamesdenton | i'm not sure? but i think dependencies are broken without 852173 | 20:44 |
| damiandabrowski | but at the same time, 852173 has "Depends-On: https://review.opendev.org/c/openstack/openstack-ansible-os_ironic/+/852122" | 20:44 |
| jamesdenton | i only see 852122 depending on 852174 and 854231? unless i'm missing something | 20:45 |
| jamesdenton | oh i see "relation chain"... | 20:45 |
| jamesdenton | how do you fix something like that? | 20:52 |
| damiandabrowski | ouh, i think it would be a bit tricky. i'd probably try to remove `Depends-On` everywhere and re-create relation chain from scratch with `git rebase` | 20:57 |
| damiandabrowski | but i'm not the expert here though, never struggled with this issue before :D | 20:57 |
| jamesdenton | let's leave it for the experts then? :D | 20:58 |
| damiandabrowski | sounds like a plan :D | 21:27 |
Generated by irclog2html.py 2.17.3 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!