Tuesday, 2023-03-21

jrosser	good morning	08:13
jrosser	seems we are a bit stuck on merging things	08:13
jrosser	but this https://review.opendev.org/c/openstack/openstack-ansible-openstack_hosts/+/877665	08:13
jrosser	and https://review.opendev.org/c/openstack/openstack-ansible-os_swift/+/877534	08:14
jrosser	could use another look	08:14
opendevreview	Jonathan Rosser proposed openstack/openstack-ansible-rabbitmq_server stable/zed: Do not use 'always' tag in inappropriate places https://review.opendev.org/c/openstack/openstack-ansible-rabbitmq_server/+/878015	08:21
opendevreview	Jonathan Rosser proposed openstack/openstack-ansible-rabbitmq_server stable/yoga: Do not use 'always' tag in inappropriate places https://review.opendev.org/c/openstack/openstack-ansible-rabbitmq_server/+/878016	08:21
opendevreview	Jonathan Rosser proposed openstack/openstack-ansible-rabbitmq_server stable/xena: Do not use 'always' tag in inappropriate places https://review.opendev.org/c/openstack/openstack-ansible-rabbitmq_server/+/878017	08:21
noonedeadpunk	mornings	08:59
ThiagoCMC	Morning! =P	09:00
noonedeadpunk	yeah, things with reviews are bad indeed since both Damian and Andrew are out for a while...	09:20
noonedeadpunk	But I've finally managed to deploy a compute! I needed roughly 3 weeks for that :D	09:39
jrosser	wow!	09:40
jrosser	was that some unusual situation?	09:40
noonedeadpunk	Well. I dropped around 70% of manual for compute deployment as a reuslt	09:41
noonedeadpunk	(internal one)	09:41
noonedeadpunk	So a new collection, couple of new roles, huge refactoring...	09:41
noonedeadpunk	Including zuul with required projects and dummy CI	09:41
noonedeadpunk	So mainly trying to adopt gitops rails to ansible	09:42
noonedeadpunk	But it's still not perfect and there's room for improvement...	09:43
noonedeadpunk	I think next step that it's not done - is fetching and parsing diff for the last change, so that zuul could run this add-compute.sh command and supplying it with compute names from the last diff. And actually undesrtanding that diff did add compute and not removed it, for example	09:50
jrosser	i have been trying the ceph read and write caches	10:01
noonedeadpunk	any luck with these?	10:43
jrosser	i have them both working, by seeing that there is stuff in the drives for both	10:43
jrosser	but coming up with a convincing benchmark is not so obvious	10:43
noonedeadpunk	oh, sweet, given there're barely docs even configuring is quite a challange I assume	10:46
jrosser	the parent read cache is pretty undocumented and no-one on the internet describes using it	10:49
jrosser	so configuration was complete mystery but actually simple in the end, needing umask=002 and setting the daemon to run with user=ceph group=libvirt-qemu otherwise it was all just permission denied type errors	10:50
jrosser	needed a ton of `strace` to figure out what was failing though :/	10:50
noonedeadpunk	doh... Yeah, I'd likely just gave up there....	10:59
jrosser	noonedeadpunk: what do you think about this https://github.com/openstack/openstack-ansible-os_nova/blob/master/defaults/main.yml#L251	12:36
jrosser	should it be something like	12:36
jrosser	`"{{ (openstack_service_publicuri_proto \| default('http')) \| ternary('ws', 'wss') }}"`	12:37
jrosser	becuase certainly at the moment 'ws' is wrong	12:37
noonedeadpunk	I'm not sure I did use serialconsole - I assume it's for ironic?	12:39
noonedeadpunk	But I think I'd do some mapping maybe to say that http is ws, https is wss...	12:41
noonedeadpunk	rather then use ternary, as it would be like "{{ (openstack_service_publicuri_proto \| default('http') == 'http') \| ternary('ws', 'wss') }}"	12:42
noonedeadpunk	uh, closing bracket in the wrong place	12:42
jrosser	oh hrrm yes i just typo that	12:42
jrosser	well also we have an odd situation with consoles	12:43
jrosser	arm hosts are serial console	12:43
jrosser	and in my deployment that is only working because by luck i have ironic deployed as well	12:43
jrosser	which enables the serial console proxies	12:43
jrosser	for a mixed deployment of x86 and arm today i think consoles are broken, as nova_console_type can only be one thing when deploying the console proxy and setting up haproxy	12:44
jrosser	i am not totally sure what to do about this - other than `nova_console_type` currently controls too many things which are not always the same	12:46
noonedeadpunk	yeah. I recall that but didn't have chance to look what can be done there	12:46
noonedeadpunk	and to be frank I'm not aware about all possible options that are present	12:46
jrosser	i was wondering if we should just install the console proxies unconditionally - i.e simplifly	12:46
jrosser	i need to think about it more really	12:47
noonedeadpunk	any reason why we can't convert it to the list?	12:48
jrosser	well ultimately it's a role default for os_nova https://github.com/openstack/openstack-ansible-os_nova/blob/master/defaults/main.yml#L286	12:49
jrosser	that specifies the console type for each host/group/whatever	12:49
jrosser	so that cant really be changed	12:49
jrosser	it's basically a mistake to use that var to drive haproxy or the console proxy deployment	12:50
jrosser	becasue it can and will vary by host	12:50
noonedeadpunk	so for haproxy we basically need to have another one which will be constructed based on hostvars for all hosts in some groups?	12:51
jrosser	right - or even just a list of all enabled types	12:51
noonedeadpunk	Well, yeah, but you think to define it manually?	12:52
noonedeadpunk	or try to calculate?	12:52
jrosser	not sure tbh	12:52
jrosser	feels like getting near needing all facts for all hosts to be valid in order to calculate it	12:53
noonedeadpunk	set default to one element that would be nova_console_type?	12:53
jrosser	^ yes something like this	12:53
jrosser	`{{ ([ nova_console_type ] + [ ironic_console_type ]) \| unique }}"`	12:54
jrosser	maybe like that	12:54
jrosser	that wouldnt automatically cover a mixed x86/arm deployment though, but maybe thats a valid case for an override anyway	12:54
noonedeadpunk	I'm quite confused about having nova_ironic_console_type and ironic_console_type as fully independant things	12:55
noonedeadpunk	and also - should be reject `disabled` then?	12:56
noonedeadpunk	or what are we gonna do with it....	12:56
jrosser	hah yes	12:56
noonedeadpunk	and we're also comparing nova_console_type to ironic_console_type	12:57
noonedeadpunk	https://opendev.org/openstack/openstack-ansible/src/branch/master/inventory/group_vars/haproxy/haproxy.yml#L403	12:57
noonedeadpunk	so these should be mappings then or smth... ugh	12:57
jrosser	right becasue there is horrible logic if they are same or different	12:58
jrosser	due to the bad definition of the existing vars	12:58
noonedeadpunk	aha, ok, so that's what we're trying to get rid of	12:58
jrosser	some of it, yes	12:58
jrosser	it's like independant things	12:59
jrosser	(compute nodes may have different nova_console_type) + (console proxy for each enabled type must be deployed) + (ironic might use serial consoles) + (correct haproxy parts need deploying depending on all this)	12:59
noonedeadpunk	so you can have a mix of spice + novnc ?	13:17
noonedeadpunk	Or it's jsut about novnc or spic + serial for arm?	13:17
jrosser	i would think you can do that if you really wanted to	13:17
admin1	using haproxy_frontend_raw: , if i manually do backends like nova.domain.com, keystone.domain.com etc, do i just put keystone.domain.com in keystone_service_publicuri ?	13:35
admin1	without http or https or the port right .. just confirming	13:36
admin1	hmm.. will deploy an aio and test	13:39
admin1	have to manually do service.domain.com -> service-back	13:40
noonedeadpunk	yeah I don't think we have straight way of doing that as of today	14:16
jrosser	should be something for next cycle - we can do this nicely with the haproxy maps in future	14:18
noonedeadpunk	++	14:24
opendevreview	Jonathan Rosser proposed openstack/openstack-ansible master: Convert haproxy_security_headers_csp to a multiline string https://review.opendev.org/c/openstack/openstack-ansible/+/878082	14:41
opendevreview	Jonathan Rosser proposed openstack/openstack-ansible master: Define individual haproxy serices for each console type https://review.opendev.org/c/openstack/openstack-ansible/+/878083	14:41
opendevreview	Jonathan Rosser proposed openstack/openstack-ansible master: Define individual haproxy services for each console type https://review.opendev.org/c/openstack/openstack-ansible/+/878083	14:42
jrosser	noonedeadpunk: ^ this should leave the existing behavour the same but make it easier to refactor for multiple console types	14:42
jrosser	ok and also this is the root cause of the existence of `nova_ironic_console_type` https://opendev.org/openstack/openstack-ansible-os_nova/src/branch/master/defaults/main.yml#L512-L525	14:48
jrosser	currently we have a group `nova_console` and also `ironic_console` - and the only point of `ironic_console` is to deploy more nova_serial_console services	14:49
jrosser	and those get installed in the `ironic_compute` container, rather than where the normal nova console proxies would go /o\	14:49
jrosser	there is another possible simplification, which would be to get rid entirely of `ironic_console` group and just use the regular nova console proxies instead of something special for ironic (which aren't special at all, it's just another 3 nova-serialproxy processes running)	14:51
opendevreview	Jonathan Rosser proposed openstack/openstack-ansible master: Define individual haproxy services for each console type https://review.opendev.org/c/openstack/openstack-ansible/+/878083	15:01
noonedeadpunk	#startmeeting openstack_ansible_meeting	15:03
opendevmeet	Meeting started Tue Mar 21 15:03:02 2023 UTC and is due to finish in 60 minutes. The chair is noonedeadpunk. Information about MeetBot at http://wiki.debian.org/MeetBot.	15:03
opendevmeet	Useful Commands: #action #agreed #help #info #idea #link #topic #startvote.	15:03
opendevmeet	The meeting name has been set to 'openstack_ansible_meeting'	15:03
noonedeadpunk	#topic rollcall	15:03
noonedeadpunk	o/	15:03
NeilHanlon	o/	15:03
admin1	o/	15:03
jrosser	o/ hello	15:05
noonedeadpunk	#topic office hours	15:05
noonedeadpunk	I messed up this week and haven't done what I've promised I will do - talking about sending ML regarding PTG and working on haproxy	15:06
noonedeadpunk	And releases :(	15:06
noonedeadpunk	Will cover all my debt till EOD	15:06
noonedeadpunk	Regarding PTG. Last week during TC meeting it was proposed for projects to have operators hours as previous year	15:07
noonedeadpunk	To be frank for me that decision has come too late thus I'm not sure if we should have one or not	15:08
noonedeadpunk	wdyt?	15:09
jrosser	are they well attended?	15:09
noonedeadpunk	well, were mixed feedback from last one	15:10
noonedeadpunk	*was	15:10
jrosser	well - i don't know	15:13
noonedeadpunk	iirc there were couple of unique nicnames in zoom last year for us	15:13
jrosser	well we should do it	15:14
noonedeadpunk	In my report I've sent I've mentioned that around 50% were new ppl on operator hours comparing to PTG	15:15
noonedeadpunk	But given we were 12 ppl, so around 50% could mean 4-5 new folks	15:15
noonedeadpunk	ok. then let's do it :) what time we want to schedule that?	15:15
noonedeadpunk	I assume wednesday?	15:16
jrosser	thats ok for me	15:16
NeilHanlon	I'll try to get a few folks to join that might be interested from Rocky	15:17
noonedeadpunk	like... 17 utc? least occupied slot in terms of intersection	15:17
jrosser	this is next week right?	15:17
noonedeadpunk	Yup	15:18
NeilHanlon	good w/ me	15:18
noonedeadpunk	Awesome NeilHanlon, that would be great	15:18
* noonedeadpunk still regrets we didn't catched up on FOSDEM for some beer		15:18
NeilHanlon	me too :( that weekend was so crazy	15:18
noonedeadpunk	Ok, then I'll book an operator hours slot and will include that in email	15:19
noonedeadpunk	Where are we with haproxy topic?	15:23
noonedeadpunk	Since Damian is not around for next couple of weeks (hopefully), I'm going to pick up his part	15:23
jrosser	pretty stalled i think	15:24
jrosser	looking at the topmost-ish patch there is a bit of a mess in the stack https://review.opendev.org/c/openstack/openstack-ansible/+/871189	15:25
jrosser	this is just needing a extra section in the releasenote https://review.opendev.org/c/openstack/openstack-ansible-haproxy_server/+/871188	15:29
noonedeadpunk	aha, but at least we've merged stepca	15:29
noonedeadpunk	and have votes for map files	15:29
* NeilHanlon has minor edits for his writings because of StepCA... but that's not a "problem"		15:30
jrosser	well we can maybe try to move things on a bit there after the meeting?	15:30
noonedeadpunk	Well, thinking about extra section, I think maybe it's not needed after all...	15:30
noonedeadpunk	because we're keeping old behaviour for now...	15:32
noonedeadpunk	so deprecation might be enough...	15:32
jrosser	i wonder also if we should consider the scope for this cycle	15:32
noonedeadpunk	yeah, we totally should	15:33
jrosser	like if we don't want a huge rush we could push TLS backends to next cycle	15:33
noonedeadpunk	Except of this haproxy thing I really want to fix systemd_service bug, as it's nasty...	15:33
jrosser	feels like we could land the current haproxy changes and also address the large amount of unmerged stuff	15:33
noonedeadpunk	Well, we're going to have a deployment where internal TLS is going to be an acceptance criteria...	15:34
noonedeadpunk	I'm not sure how good reason is that to land TLS though...	15:34
jrosser	i wonder how close we are with a big set of overrides to enable	15:35
noonedeadpunk	Likely we can use local forks with backports for that...	15:35
jrosser	certainly for haproxy, not the roles though i guess	15:35
jrosser	also nasty is the adding a compute node bug	15:37
noonedeadpunk	I haven't hit that on Xena though	15:37
jrosser	stuarts workaround was to run the playbook with no --limit until it gathered facts from all the compute nodes, CTRL-C at that point and re-run with the limit	15:37
jrosser	and you're sure you don't have facts for the * other compute nodes?	15:38
noonedeadpunk	Well. I've added https://opendev.org/openstack/openstack-ansible/src/branch/master/playbooks/common-tasks/gather-hardware-facts.yml as a standalone playbook to the local collection...	15:38
noonedeadpunk	I _think_ I don't but I will double-check that tomorrow	15:38
jrosser	i think there was someone else also comment on the bug about having the same thing	15:39
noonedeadpunk	yup	15:39
noonedeadpunk	also on Zed jsut in case	15:39
jrosser	hmm ok	15:39
noonedeadpunk	but well. I;ve jsut realized we're having `echo` in front of command for all these years...	15:40
noonedeadpunk	in add-compute.sh	15:40
noonedeadpunk	So it didn't look like being used at all	15:40
noonedeadpunk	but yes, it's quite nasty	15:41
noonedeadpunk	And yeah, I'd try to scope bug fixing mostly this release.	15:42
noonedeadpunk	Eventually, we also need to add n-2 upgrades. It's not a hard requirement this time, but highly appreciated practise	15:42
* jrosser looks at current upgrade jobs....		15:43
jrosser	why do we bother running the centos ones :)	15:43
noonedeadpunk	well, they're passing, aren;'t they?	15:45
noonedeadpunk	NV but green	15:45
noonedeadpunk	I think we'd need to add some logic to or extra option to run-upgrade.sh	15:46
noonedeadpunk	as it's not flexible at all about source/target releases	15:46
jrosser	actually the failing ones are distro upgrade jobs	15:46
jrosser	and we don't run any regular non upgrade distro jobs alongside those	15:47
noonedeadpunk	well. distro for ubuntu was passing lately...	15:47
noonedeadpunk	as well as for centos	15:47
jrosser	i was looking here https://review.opendev.org/c/openstack/openstack-ansible/+/877813	15:47
NeilHanlon	i've been meaning to look at distro jobs for rocky soon	15:47
* NeilHanlon makes a note		15:47
noonedeadpunk	`'ansible_os_family' is undefined`	15:47
noonedeadpunk	Well, it's caused by quite recent change	15:48
jrosser	my fault :)	15:48
noonedeadpunk	I'm trying to keep an eye on distro from time to time	15:48
jrosser	NeilHanlon: it should be a case of adding a correctly formed job name to the stuff in zuul.d and it should run one	15:49
jrosser	so really small effort to see how far it does/doesnt get	15:49
noonedeadpunk	Given how we're critisized for using u-c - having distro as argument why osa is still good is quite handy	15:49
jrosser	hmm yes well i do notice those comments too	15:49
noonedeadpunk	I still see using packages as a nightmare deployment	15:50
jrosser	but thats a univeral problem for all community deployment tools that dont have a huge army of QA people keeping packages updated	15:50
noonedeadpunk	yeah, so then you should rely on your distro and unattended-upgrades...	15:51
noonedeadpunk	(no)	15:51
noonedeadpunk	eventually one more thing that raised couple of times - if we want to make some migration guide from tripleo to have a good picture and hopefully get more users/maintainers for rhel distros	15:52
noonedeadpunk	That could be quite profitable but I struggle having even very humble estimate of time for that...	15:53
opendevreview	Jonathan Rosser proposed openstack/openstack-ansible master: Fix openstack client installs for 'distro' method https://review.opendev.org/c/openstack/openstack-ansible/+/878114	15:54
NeilHanlon	noonedeadpunk: i'll take a stab at that.. might have a coworker who would be interested	15:57
noonedeadpunk	oh rly?	15:57
NeilHanlon	have a few technical sales people who like writing :P	15:57
NeilHanlon	when do 'experimental' jobs run? i see a rocky distro metal job configured right now	15:58
noonedeadpunk	Because eventually transfer to osa might be more straightforward as we're having distro path, which is same rdo.	15:58
noonedeadpunk	NeilHanlon: you need to comment on some change `check experimental`	15:59
NeilHanlon	ah.. i will move to check then for 'fun' :)	15:59
opendevreview	Jonathan Rosser proposed openstack/openstack-ansible master: Add rockylinux-9 distro metal job to check pipeline https://review.opendev.org/c/openstack/openstack-ansible/+/878115	16:00
NeilHanlon	darn you beat me to it :P	16:00
jrosser	oh!	16:00
NeilHanlon	no worries.. afk for a bit anyways :)	16:01
noonedeadpunk	yeah, that would work as well :D	16:01
jrosser	i wonder why we have check pipeline on those jobs but not gate	16:01
jrosser	that is odd	16:01
noonedeadpunk	Maybe we should actually replace distro job with rocky - as we've agreed some time ago to make more focus on rocky comparing to c9s	16:01
NeilHanlon	#yolo ... yolo	16:01
noonedeadpunk	but never had time to follow up on that	16:02
jrosser	hopefully that would be pretty easy, and bring some more stability	16:02
opendevreview	Jonathan Rosser proposed openstack/openstack-ansible master: Add rockylinux-9 distro metal job to check pipeline https://review.opendev.org/c/openstack/openstack-ansible/+/878115	16:03
noonedeadpunk	yeah, or at least ways to fix will be around faster :)	16:03
noonedeadpunk	#endmeeting	16:03
opendevmeet	Meeting ended Tue Mar 21 16:03:48 2023 UTC. Information about MeetBot at http://wiki.debian.org/MeetBot . (v 0.1.4)	16:03
opendevmeet	Minutes: https://meetings.opendev.org/meetings/openstack_ansible_meeting/2023/openstack_ansible_meeting.2023-03-21-15.03.html	16:03
opendevmeet	Minutes (text): https://meetings.opendev.org/meetings/openstack_ansible_meeting/2023/openstack_ansible_meeting.2023-03-21-15.03.txt	16:03
opendevmeet	Log: https://meetings.opendev.org/meetings/openstack_ansible_meeting/2023/openstack_ansible_meeting.2023-03-21-15.03.log.html	16:03
jrosser	noonedeadpunk: if you like we can run through the haproxy stuff a bit?	16:04
noonedeadpunk	Give me 2-3 mins to push release patches	16:04
jrosser	maybe it's all ok - just shout if you want to discuss any of it	16:04
noonedeadpunk	yup, done with releases	16:08
noonedeadpunk	Well, it's hard to tell if it's ok or not, as I was trying not to dig too deep and offload this thing and just review once it's done...	16:08
noonedeadpunk	I think I'm kind of clear with scope of what needs to be done at least to split haproxy config into parts	16:10
noonedeadpunk	but I kind of missed your discussion about rebasing and reworking some bits to respect maps	16:11
noonedeadpunk	And what excatly should be simplified with them	16:12
opendevreview	Jonathan Rosser proposed openstack/openstack-ansible master: Convert haproxy_security_headers_csp to a multiline string https://review.opendev.org/c/openstack/openstack-ansible/+/878082	16:16
jrosser	noonedeadpunk: i think that was this one https://review.opendev.org/c/openstack/openstack-ansible-haproxy_server/+/871188	16:17
jrosser	so now looking at the comment we can probably merge that	16:18
jrosser	as it provides forward<>backward compatbility with old and new service data formats	16:18
noonedeadpunk	I've changed it to be only related to the var format change	16:18
noonedeadpunk	yeah	16:18
jrosser	then i think this should be removed from the stack / abandoned https://review.opendev.org/c/openstack/openstack-ansible-haproxy_server/+/875779	16:20
noonedeadpunk	are you sure about that?	16:21
jrosser	nope :)	16:21
jrosser	i keep confusing that one with the "temporary" stuff	16:21
noonedeadpunk	at very least it solves issue with triggering pki handlers	16:21
noonedeadpunk	I think that temporary stuff has been already abandoned	16:22
noonedeadpunk	at least I don't see it	16:22
jrosser	hmm 875779 is actually two completely distinct changes	16:23
noonedeadpunk	This one? https://review.opendev.org/c/openstack/openstack-ansible/+/872328	16:23
jrosser	one to use the custom named handler for PKI role	16:23
jrosser	and the other to add the extra tasks file for calling with tasks_from:	16:23
noonedeadpunk	Ok, let me fix that then	16:23
jrosser	the subtle one is the PKI one and that really deserves it's own commit message to explain, so yeah	16:24
noonedeadpunk	yeah, fair	16:24
opendevreview	Dmitriy Rabotyagov proposed openstack/openstack-ansible-haproxy_server master: Provide custom handler name to PKI role https://review.opendev.org/c/openstack/openstack-ansible-haproxy_server/+/875779	16:27
opendevreview	Dmitriy Rabotyagov proposed openstack/openstack-ansible-haproxy_server master: Add tasks to configure external services only https://review.opendev.org/c/openstack/openstack-ansible-haproxy_server/+/878131	16:31
opendevreview	Dmitriy Rabotyagov proposed openstack/openstack-ansible-haproxy_server master: Provide custom handler name to PKI role https://review.opendev.org/c/openstack/openstack-ansible-haproxy_server/+/875779	16:31
admin1	jrosser, noonedeadpunk, does this look ok ? https://gist.githubusercontent.com/a1git/eafad4f7234bd5972cdcaa7a315f9eba/raw/1f657028d28063e3abf9b9391b18e93031aba7c9/gistfile1.txt	18:13
noonedeadpunk	have no idea	18:15
noonedeadpunk	never tried to do that	18:15
admin1	:D	18:15
admin1	i will run and report	18:15
admin1	my guess is it will work, but will add 1 more line on the publcuri	18:16
admin1	which when it works, i have to manually delete the older ones	18:16
admin1	i am missing console there	18:16
jrosser	not sure you need placement externally?	18:16
admin1	openstack endpoint list \| grep public shows placement as well	18:16
admin1	when you login to horzon and click api access, that is shown	18:17
admin1	so not sure how its used	18:17
jrosser	well anyway, it looks reasonable what you have..... interesting to know if it works	18:18
admin1	will report success in a bit :D	18:18
jrosser	just rememeber you are replaceing what is already here https://opendev.org/openstack/openstack-ansible/src/branch/stable/zed/inventory/group_vars/haproxy/haproxy.yml#L240	18:19
admin1	haproxy playbook runs, but does not add any entries	18:23
admin1	error detected while parsing switching rule : no such ACL : 'cloud_keystone' ...	18:28
admin1	i will continue on this	18:28
admin1	this is someone i want to have	18:28
admin1	all public endpoints on 443 so that it works from even restrictive firewalls where 80/443 is allowed	18:29
opendevreview	Jonathan Rosser proposed openstack/openstack-ansible master: Convert haproxy_security_headers_csp to a multiline string https://review.opendev.org/c/openstack/openstack-ansible/+/878082	18:29
opendevreview	Merged openstack/openstack-ansible-haproxy_server master: Simplify haproxy_service_configs structure https://review.opendev.org/c/openstack/openstack-ansible-haproxy_server/+/871188	18:33
admin1	keystone seems to have worked :)	18:35
admin1	doing the rest	18:35
admin1	it did an inplace update of the public url in the database	18:35
jrosser	NeilHanlon: \o/ https://zuul.opendev.org/t/openstack/build/0ad0606489ad4bed9d935cd2607fc2e4	18:47
NeilHanlon	🥳	18:47
opendevreview	Jonathan Rosser proposed openstack/openstack-ansible master: Define individual haproxy services for each console type https://review.opendev.org/c/openstack/openstack-ansible/+/878083	18:59
opendevreview	Jonathan Rosser proposed openstack/openstack-ansible-os_ironic master: Remove deprecated support for cisco ucs and cims ironic drivers. https://review.opendev.org/c/openstack/openstack-ansible-os_ironic/+/877606	19:00
opendevreview	Jonathan Rosser proposed openstack/openstack-ansible-os_ironic master: Install socat and configure ipmtool-socat console interface https://review.opendev.org/c/openstack/openstack-ansible-os_ironic/+/877618	19:00
opendevreview	Jonathan Rosser proposed openstack/openstack-ansible-os_ironic master: Rename idrac interfaces to idrac-wsman https://review.opendev.org/c/openstack/openstack-ansible-os_ironic/+/877627	19:00
opendevreview	Jonathan Rosser proposed openstack/openstack-ansible-os_ironic master: Enable raid interface implementations for ironic hardware drivers https://review.opendev.org/c/openstack/openstack-ansible-os_ironic/+/877628	19:00
opendevreview	Jonathan Rosser proposed openstack/openstack-ansible-os_ironic master: Add a no_driver ironic driver type https://review.opendev.org/c/openstack/openstack-ansible-os_ironic/+/877629	19:00
opendevreview	Jonathan Rosser proposed openstack/openstack-ansible-os_ironic master: Update IPA version for 2023.1 release of Ironic https://review.opendev.org/c/openstack/openstack-ansible-os_ironic/+/877538	19:01
opendevreview	Jonathan Rosser proposed openstack/openstack-ansible-os_ironic master: Install socat and configure ipmtool-socat console interface https://review.opendev.org/c/openstack/openstack-ansible-os_ironic/+/877479	19:01
admin1	i had to change the endpoint for barbican, placement and magnum manually .. but the rest are all working fine :)	19:36
admin1	wil do a complete check again to iron out any bugs	19:36
admin1	figured out why .. those services have _service_publicurl and rest have publicuri uri vs url	19:41
admin1	only thing left is the console link	19:47
admin1	as it does not have a backend	19:48
jrosser	it should do....	19:48
jrosser	like this https://zuul.opendev.org/t/openstack/build/0ad0606489ad4bed9d935cd2607fc2e4/log/logs/etc/host/haproxy/conf.d/nova_console.txt	19:49
admin1	there is a variable nova_serialconsoleproxy_base_url .but in the config it also has a port 6080	19:52
admin1	will try to override only nova_serialconsoleproxy_base_url first and see what it gives	19:52
admin1	i put nova_novncproxy_base_uri: https://console.domain.net and it is what is set, and the actual url is https://console.domain.net/vnc_lite.html?path=%3Ftoken%3D780ac59b-4254-474a-b10b-9548676b3066&*** . .but does not work	20:06
admin1	i think the 6080 has to be somewhere	20:06
admin1	manually adding 6080 there works	20:06
admin1	my mistake .ran only nova and not haproxy :)	20:11
admin1	running	20:11
admin1	i think it will work . and then this is completely on https://	20:11
admin1	without any ports	20:11
admin1	it worked :D	20:11
admin1	jrosser, noonedeadpunk .. in case you guys want to replicate https://gist.githubusercontent.com/a1git/2ed8f628a60c61bfe6e1249dce05ba8e/raw/798b8ab9322a0a9501a43481e86a0471346afbf7/gistfile1.txt	20:14
admin1	all ports are gone ..	20:14
admin1	this is how the endpoints look : https://gist.githubusercontent.com/a1git/092e7efecf5fed1ae4c36c3c1e4384ce/raw/57cb4c088a83c5aa0cf4f78def771c661645a825/gistfile1.txt	20:16
jrosser	what did you have to do for the console?	20:17
admin1	nothing .. i only ran nova and checked, but had forgotton to run haproxy playbook	20:20
admin1	so nova updated with console, but the haproxy entry was missing	20:20
admin1	the setting pasted works .. and there is no extra step	20:20
admin1	setup haproxy, followed by setup-openstack .. i did not checked if there were any tags that will only update/target the endpoint creation	20:21
admin1	24(last) -> 25(last) fails on installing rabbitmq .. erlang-base-hipe	21:08
admin1	i think a fix was out and already backported	21:08
admin1	upgrade to 25.3.0 error on setup-infra -> https://gist.githubusercontent.com/a1git/3d30ce247ca56afb96a92cb4fcd11f60/raw/ddc56964328251a376621a5e6248d62529707b2d/gistfile1.txt	21:29

Generated by irclog2html.py 2.17.3 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!