| damiandabrowski | hi everyone, I'm back ;) | 06:43 |
|---|---|---|
| noonedeadpunk | mornings! | 08:05 |
| noonedeadpunk | nice to see you back :) | 08:05 |
| jrosser | good morning | 08:19 |
| jrosser | so we have enough hands now to merge things | 08:23 |
| noonedeadpunk | ++ | 08:32 |
| noonedeadpunk | We also need to push thngs a bit I guess | 08:33 |
| jrosser | yeah the backlog of stuff is really pretty large | 08:34 |
| jrosser | noonedeadpunk: what should we do with this https://review.opendev.org/c/openstack/openstack-ansible-os_swift/+/877534 | 08:34 |
| jrosser | i *think* i fixed it up right but, omg the whole behaviour of that code is not totally clear | 08:35 |
| noonedeadpunk | ah, yeah, you're right | 08:53 |
| jrosser | damiandabrowski: it would be great if you could do some code review | 09:56 |
| jrosser | there is really loads of stuff backed up and we've not merged much at all for a week+ now | 09:57 |
| damiandabrowski | yeah, i'll do it today | 09:57 |
| jrosser | excellent thanks :) | 09:57 |
| noonedeadpunk | Would be also great if these inventory changes could be reviewed https://review.opendev.org/c/openstack/openstack-ansible/+/869762 and https://review.opendev.org/c/openstack/openstack-ansible/+/870113 | 12:32 |
| opendevreview | Merged openstack/ansible-config_template master: Replace deprecated whitelist_externals https://review.opendev.org/c/openstack/ansible-config_template/+/877570 | 12:54 |
| opendevreview | Merged openstack/openstack-ansible master: [doc] Fix compatability matrix wrt CentOS 9 Stream and Rocky 9 https://review.opendev.org/c/openstack/openstack-ansible/+/877940 | 14:21 |
| opendevreview | Dmitriy Rabotyagov proposed openstack/openstack-ansible master: Drop `else` condition in the container_skel_load loop https://review.opendev.org/c/openstack/openstack-ansible/+/878696 | 15:32 |
| opendevreview | Dmitriy Rabotyagov proposed openstack/openstack-ansible master: Add is_nest property for container_skel https://review.opendev.org/c/openstack/openstack-ansible/+/869762 | 15:33 |
| opendevreview | Merged openstack/openstack-ansible-openstack_hosts master: Add `acl` package to all hosts and containers https://review.opendev.org/c/openstack/openstack-ansible-openstack_hosts/+/877665 | 15:36 |
| opendevreview | Merged openstack/openstack-ansible-openstack_hosts master: Add openstack_hosts_file tag https://review.opendev.org/c/openstack/openstack-ansible-openstack_hosts/+/877824 | 15:36 |
| opendevreview | Merged openstack/openstack-ansible-os_nova master: Stop installing qemu-system on debian variants https://review.opendev.org/c/openstack/openstack-ansible-os_nova/+/877604 | 15:36 |
| opendevreview | Merged openstack/openstack-ansible-os_swift master: Fix role as a result of ANSIBLE_INJECT_FACT_VARS=false https://review.opendev.org/c/openstack/openstack-ansible-os_swift/+/877534 | 15:37 |
| jrosser | hmm again!? No package rabbitmq-server-3.9.28-1.el8.noarch available | 17:17 |
| noonedeadpunk | no way | 17:19 |
| jrosser | https://cloudsmith.io/~rabbitmq/repos/rabbitmq-server/packages/?sort=version | 17:22 |
| noonedeadpunk | it's sooo annoying and frustrating | 17:23 |
| jrosser | well | 17:25 |
| jrosser | there look to still be here https://github.com/rabbitmq/rabbitmq-server/releases/download/v3.9.28/rabbitmq-server-3.9.28-1.el8.noarch.rpm | 17:25 |
| jrosser | maybe they have to pay $$$$ for cloudsmith so keep pruning the older things out | 17:25 |
| jrosser | like we only just released a sha bump to fix all this from last time as well :( | 17:26 |
| jrosser | i wonder why the rocky-9 job does not fail | 17:31 |
| jrosser | maybe we have that using the distro rabbitmq as a hangover from getting rocky working in the first place | 17:31 |
| jrosser | also we have a lot of fail on master/centos-9 with `Could not find the requested service systemd-tmpfiles-setup-dev` | 17:35 |
| noonedeadpunk | I'd really wish they'd publish debs in github as well... | 17:35 |
| jrosser | ? | 17:36 |
| jrosser | https://github.com/rabbitmq/rabbitmq-server/releases/download/v3.9.28/rabbitmq-server_3.9.28-1_all.deb | 17:36 |
| noonedeadpunk | ah, wait | 17:36 |
| noonedeadpunk | it wasn't there | 17:36 |
| noonedeadpunk | was it erlang maybe... | 17:37 |
| jrosser | oh well that is a different mess entirely | 17:38 |
| noonedeadpunk | but we can totally replace at least rabbit now | 17:38 |
| jrosser | here is erlang stuff https://github.com/esl/packages/issues/15 | 17:41 |
| noonedeadpunk | just in case - packagecloud does have way more releases... | 17:44 |
| noonedeadpunk | so likely we can switch back to it.... | 17:44 |
| noonedeadpunk | the only problem was that specifically packagecloud did not have erlang for ubuntu | 17:45 |
| noonedeadpunk | as erlang was the reason to switch to cloudsmith, to be consistent... But seems it was a bad idea | 17:46 |
| noonedeadpunk | Yeah, so that's what I meant about gihub packages for rpms only https://github.com/rabbitmq/erlang-rpm/releases/tag/v25.3 | 17:47 |
| noonedeadpunk | As https://github.com/rabbitmq/erlang-debian-package is only published to launchpad and cloudsmith | 17:48 |
| jrosser | /o\ | 17:48 |
| jrosser | thats also amd64 only | 17:49 |
| noonedeadpunk | yep | 17:49 |
| noonedeadpunk | So that's why cloudsmith sounded like an option - it kinda contained everything.... | 17:50 |
| noonedeadpunk | maybe we can leave erlang coming from cloudsmith, but fix only major version for it, and return rabbit to be from packagecloud... | 17:51 |
| noonedeadpunk | it still sucks though | 17:51 |
| noonedeadpunk | but current situation is defenitely unbearable | 17:52 |
| noonedeadpunk | let's maybe disucuss this tomorrow again... | 17:57 |
| Mohaa | Hi, In VMWare documentation it's told that Jumbo frame should be enabled for NSX with MTU>1600; Should we set MTU larger than 1500 in OVN-based setup too? | 19:21 |
| Mohaa | jamesdenton: By https://paste.opendev.org/show/bQcG2uoiBGVibuwH54nP, we have Flat, Vlan And Geneve to select as provider type when we're going to create an external network in Horizon: | 19:30 |
| Mohaa | 0. Why Geneve is there while it's not configured as provider in the yaml file? | 19:31 |
| Mohaa | 1. By choosing a VLAN, we depend on the network team because they have to define this VLAN on the trunk in the upstream network, right? | 19:33 |
| Mohaa | 1.1. Is adding VXLAN the way to become independent? | 19:34 |
| Mohaa | 2. Is VXLAN deployed using the same config as VLAN/FLAT: https://paste.opendev.org/show/bti8MF0jmEi1NuGA3i5i ? | 19:38 |
| admin1 | 1. vlan is the most used as many providers provide ip ranges using different vlans and also most/all network equipment understand them | 19:41 |
| Mohaa | 3. Here: https://paste.opendev.org/show/bjWwPwdUkk8n78u5FbPF/, why the tenant network is called "br-vxlan", while the type and its alias is named "geneve"? | 19:41 |
| admin1 | vxlan and geneve can also be used, but your network team/equipment may not support it | 19:41 |
| admin1 | Mohaa, the alias is just a name .. it could be called br-east-west for example .. but we decided to stick up with br-vxlan | 19:42 |
| admin1 | as vxlan is widely used | 19:42 |
| admin1 | it has nothing to do with what is used | 19:42 |
| admin1 | its just a name/placeholder to name an interface that carries east-west traffic | 19:42 |
| Mohaa | (vxlan is supported by the team and equipments; then it's meaningfull to deploy(add) VXLAN to get rid of the network guys for creating vlans in switches and firewall.) By VXLAN we just need one VLAN configured, right? | 19:47 |
| admin1 | are you talking about east-west (tenant) or north-south ( vms <-> internet/external network) ? | 19:49 |
| Mohaa | The provider network, where the packets leave OPS. | 19:50 |
| Mohaa | exactly the "external network" | 19:50 |
| Mohaa | question 1 & 2 are related to Provider network (as you answered). The question 3 is for tenant network (internal network) | 19:52 |
| admin1 | i have yet to see any 1 single provider who is providing ip space over vxlan | 19:52 |
| Mohaa | The last one, "By VXLAN we just need one VLAN configured, right?", is again for the provider network. | 19:52 |
| admin1 | so until your provider has equipments that can talk vxlan , no .. is not an option | 19:52 |
| admin1 | no | 19:52 |
| admin1 | to send packets outside of openstack, your provider defines the terms .. not you .. they can say flat ( no vlan tags ) .. some tagged vlan .. or ( i doubt this will happen, vxlan/geneve) | 19:53 |
| admin1 | so commercially, vlan is the only option | 19:53 |
| jrosser | Mohaa: I also don’t understand how vxlan would make you “independent” | 19:54 |
| Mohaa | Oops, I was thinking VXLANs pass through a VLAN; then my miss-understanding on the concepts. | 19:55 |
| admin1 | 0. geneve is use when ovn is used .. and then geneve/ovn or vxlan/ovs pair is used for east-west | 19:55 |
| admin1 | for north-south, when you have a provider, its either flat or vlan | 19:55 |
| jrosser | Mohaa: remember that creating an external network is a thing you do infrequently (maybe only once?) at the point you build your cloud. it’s not something your users can do. | 20:01 |
| Mohaa | It was at this point that it became problematic because typically, a straightforward request from the network team causes a commotion. We had to create distinct VLANs for the Kubernetes team because they required access to CEPH and also for the external network to have access to internal services. | 20:11 |
| Mohaa | Anyway; admin1: By the question 0, I mean why Geneve is in this list: https://i.ibb.co/GnYcPyK/Screenshot-20230327-233207.png while you said for north-south, when you have a provider, its either flat or vlan. | 20:13 |
| jrosser | a provider network does not have to be external | 20:16 |
| Mohaa | Isn't 'Provider' equal to 'External'? | 20:18 |
| admin1 | provider means a network that is "external" to your project | 20:21 |
| admin1 | from where traffic leaves your project to somewhere else ( defined by your provider a.k.a operator ) | 20:21 |
| jrosser | a provider network is “owned” | 20:22 |
| jrosser | by the cloud operator, not an end user | 20:22 |
| jrosser | it may happen that one is marked also as “external” | 20:23 |
| admin1 | for example, i have multiple external networks ext-sandbox ( where its one way .. you can reach it, but nothing comes out .. this is to ensure you can examine hamrful content without it reaching your network or coming back at you ) ext-net ( for company intranet/vpn, ext-pubA ext-pubB ext-pubC etc | 20:23 |
| admin1 | where pubA could be terminating to the load balancer, while C and D could be to aws and datacenter etc | 20:23 |
| admin1 | there are many ways on how u can set it up and work on it based on your use-case | 20:24 |
| Mohaa | `"external" to your project`: enlightened me | 20:26 |
| *** spotz_ is now known as spotz | 23:34 | |
Generated by irclog2html.py 2.17.3 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!
