| opendevreview | Merged openstack/ansible-role-python_venv_build stable/zed: Drop unneeded become overrides https://review.opendev.org/c/openstack/ansible-role-python_venv_build/+/898063 | 00:07 |
|---|---|---|
| opendevreview | likui proposed openstack/openstack-ansible-os_tempest master: Drop deprecated project https://review.opendev.org/c/openstack/openstack-ansible-os_tempest/+/898156 | 06:26 |
| gokhani | Hello folks, When we prepare network bridges, there is a parameter bridge_stp off (disable spanning protocol) in prod env example. do we really need disable STP ? What is advantage or disadvantage of this? | 07:20 |
| noonedeadpunk | NeilHanlon: FWIW we got rocky 503 again but now downstream, when trying to build the image: error: Status code: 503 for https://mirrors.rockylinux.org/mirrorlist?arch=x86_64&repo=BaseOS-9 (IP: 151.101.86.132) (https://mirrors.rockylinux.org/mirrorlist?arch=x86_64&repo=BaseOS-9) | 07:22 |
| noonedeadpunk | gokhani: iirc there was quite some overhead involved when stp is enabled | 07:23 |
| noonedeadpunk | and you get throughput and potential IO reduced IIRC | 07:24 |
| gokhani | noonedeadpunk, is it possible to effect badly physical networking on switch side ? is it possible disable stp on bridges and enable stp on physical switches ? May be this is silly question,I am not good at networking :( | 07:28 |
| noonedeadpunk | I think I'm not best person to ask either tbh as my knowledge is slightly vague. But from what I recall, is that with STP it's building alternative tree/path between hosts in case smth is going wrong, but that kinda adds an unnecessary overload on all your networking infrastructure, especially each time you extend it | 07:37 |
| noonedeadpunk | So at scale it's smth not worth doing from what I recall | 07:37 |
| noonedeadpunk | But for specifics - it's better to ask someone else, like James :) | 07:37 |
| gokhani | thanks noonedeadpunk | 07:49 |
| opendevreview | Dmitriy Rabotyagov proposed openstack/openstack-ansible master: [doc] Add documentation on running as non-root https://review.opendev.org/c/openstack/openstack-ansible/+/897999 | 08:25 |
| opendevreview | Merged openstack/openstack-ansible-os_neutron master: Update VPNaaS package for RHEL https://review.opendev.org/c/openstack/openstack-ansible-os_neutron/+/898008 | 09:27 |
| opendevreview | Dmitriy Rabotyagov proposed openstack/openstack-ansible-os_neutron stable/2023.1: Update VPNaaS package for RHEL https://review.opendev.org/c/openstack/openstack-ansible-os_neutron/+/898169 | 09:29 |
| opendevreview | Dmitriy Rabotyagov proposed openstack/openstack-ansible-os_neutron stable/zed: Update VPNaaS package for RHEL https://review.opendev.org/c/openstack/openstack-ansible-os_neutron/+/898170 | 09:29 |
| opendevreview | Dmitriy Rabotyagov proposed openstack/openstack-ansible-os_neutron stable/yoga: Update VPNaaS package for RHEL https://review.opendev.org/c/openstack/openstack-ansible-os_neutron/+/898171 | 09:29 |
| opendevreview | Merged openstack/openstack-ansible-lxc_hosts master: Stop installing openssh and rsync to containers https://review.opendev.org/c/openstack/openstack-ansible-lxc_hosts/+/889945 | 09:51 |
| opendevreview | Dmitriy Rabotyagov proposed openstack/openstack-ansible stable/2023.1: Define install_method default when hosts resolution depend on it https://review.opendev.org/c/openstack/openstack-ansible/+/898072 | 10:23 |
| opendevreview | Dmitriy Rabotyagov proposed openstack/openstack-ansible stable/zed: Define install_method default when hosts resolution depend on it https://review.opendev.org/c/openstack/openstack-ansible/+/898073 | 10:24 |
| opendevreview | Dmitriy Rabotyagov proposed openstack/openstack-ansible stable/yoga: Define install_method default when hosts resolution depend on it https://review.opendev.org/c/openstack/openstack-ansible/+/898074 | 10:24 |
| opendevreview | Dmitriy Rabotyagov proposed openstack/openstack-ansible stable/xena: Define install_method default when hosts resolution depend on it https://review.opendev.org/c/openstack/openstack-ansible/+/898075 | 10:24 |
| admin1 | gokhani, there is no need to enable stp on openstack cluster .. the chances of loop is almost nil .. and unless your controller/compute is connected to 4 different switches etc for equal path costs,the need for it does not come | 10:49 |
| admin1 | with standard 2/3 nics on a lacp bond on diff switches, not needed to think about it | 10:49 |
| admin1 | if the workload is voip or streming or tv etc where broadcast, multicast and multipath is essential, then stp is required as it prevents loops | 10:50 |
| noonedeadpunk | Another pair of eyes would be great to check if I haven't made any silly mistake in https://review.opendev.org/q/topic:bugfix-2034583 | 12:03 |
| NeilHanlon | noonedeadpunk: *sigh* - yeah, I tracked down what is happening yesterday. Should have it 'fixed' in the next couple hours. the long story (really long) short is that tech debt sucks and my life is annoying. lol | 13:37 |
| noonedeadpunk | lol | 13:44 |
| noonedeadpunk | but at least you've found it I assume :) | 13:44 |
| NeilHanlon | yea, i think so | 13:44 |
| NeilHanlon | also re: bug/2034583 -- got my +2 on the smaller ones.. deploying my lab now to review and test the larger change | 13:45 |
| noonedeadpunk | this actually can be potentially troublesome outside of any aios... | 13:47 |
| NeilHanlon | how do you mean? | 13:52 |
| jamesdenton | noonedeadpunk re: https://bugs.launchpad.net/openstack-ansible/+bug/2027854 - i followed your advice and updated ovs python package in the neutron venvs to 3.0 (to match openvswitch 3.0.3) and that resolved the GreenSSLSocket errors | 13:58 |
| opendevreview | Merged openstack/openstack-ansible-os_magnum stable/zed: Ensure service is restarted on unit file changes https://review.opendev.org/c/openstack/openstack-ansible-os_magnum/+/882057 | 14:53 |
| opendevreview | Merged openstack/openstack-ansible master: Remove requirement to have id_rsa.pub https://review.opendev.org/c/openstack/openstack-ansible/+/897957 | 15:03 |
| opendevreview | Merged openstack/openstack-ansible-os_tempest master: Drop deprecated project https://review.opendev.org/c/openstack/openstack-ansible-os_tempest/+/898156 | 16:25 |
| opendevreview | Jonathan Rosser proposed openstack/openstack-ansible-os_magnum master: Add tag for creating magnum resources https://review.opendev.org/c/openstack/openstack-ansible-os_magnum/+/893362 | 16:28 |
| opendevreview | Merged openstack/openstack-ansible-os_neutron stable/zed: Update VPNaaS package for RHEL https://review.opendev.org/c/openstack/openstack-ansible-os_neutron/+/898170 | 16:37 |
| opendevreview | Merged openstack/openstack-ansible-os_neutron stable/yoga: Update VPNaaS package for RHEL https://review.opendev.org/c/openstack/openstack-ansible-os_neutron/+/898171 | 16:41 |
| opendevreview | Merged openstack/openstack-ansible stable/xena: Switch roles to track stable/xena https://review.opendev.org/c/openstack/openstack-ansible/+/884926 | 17:01 |
| opendevreview | Merged openstack/ansible-role-python_venv_build stable/yoga: Drop unneeded become overrides https://review.opendev.org/c/openstack/ansible-role-python_venv_build/+/898064 | 17:11 |
| opendevreview | Merged openstack/openstack-ansible-os_neutron stable/2023.1: Update VPNaaS package for RHEL https://review.opendev.org/c/openstack/openstack-ansible-os_neutron/+/898169 | 18:42 |
| mgariepy | hhttps://www.openwall.com/lists/oss-security/2023/10/11/3 | 18:53 |
| mgariepy | https://megamansec.github.io/Squid-Security-Audit/ | 18:53 |
| mgariepy | that's not quite good.. | 18:54 |
| opendevreview | Dmitriy Rabotyagov proposed openstack/openstack-ansible-os_nova master: Stop generating ssh keypair for nova user https://review.opendev.org/c/openstack/openstack-ansible-os_nova/+/898247 | 19:13 |
| opendevreview | Dmitriy Rabotyagov proposed openstack/openstack-ansible-os_zun master: Stop generating ssh keypair for zun and kuryr user https://review.opendev.org/c/openstack/openstack-ansible-os_zun/+/898248 | 19:26 |
| noonedeadpunk | Does anybody knows if Ironic does need an SSH keypairs for `ironic` user in it's home directory under ${HOME}/.ssh/id_rsa | 19:33 |
| noonedeadpunk | wrt https://opendev.org/openstack/openstack-ansible-os_ironic/src/branch/master/tasks/ironic_pre_install.yml#L22-L41 | 19:34 |
| noonedeadpunk | As I'm not sure... This looks like be needed for Swift... But I'm not sure about Ironic to be frank | 19:34 |
| noonedeadpunk | FWIW, master CI is broken after merge of https://review.opendev.org/c/openstack/openstack-ansible-lxc_hosts/+/889945 | 19:35 |
| noonedeadpunk | this topic should unblock these https://review.opendev.org/q/topic:osa%252Fgenerate_ssh_key | 19:36 |
| opendevreview | Dmitriy Rabotyagov proposed openstack/openstack-ansible stable/yoga: Bump SHAs for Yoga https://review.opendev.org/c/openstack/openstack-ansible/+/898250 | 19:40 |
| jrosser | that ironic task gets rid of old keys doesn’t it? | 19:40 |
| noonedeadpunk | Well... `generate_ssh_key: "yes"` | 19:41 |
| noonedeadpunk | L41 | 19:41 |
| jrosser | hrrm | 19:42 |
| noonedeadpunk | I think that could be a copy/paste thing. As from what I see the only place where it was _really_ needed is swift | 19:43 |
| jrosser | I don’t think the way we use ironic needs one | 19:43 |
| noonedeadpunk | But not really sure... | 19:43 |
| jrosser | but it is gigantically configurable so that’s not definitive | 19:43 |
| noonedeadpunk | empty [ssh] section in ironic.conf kinda confuses me as well | 19:44 |
| opendevreview | Dmitriy Rabotyagov proposed openstack/openstack-ansible stable/zed: Bump SHAs for Zed https://review.opendev.org/c/openstack/openstack-ansible/+/898252 | 19:53 |
| noonedeadpunk | the problem is - there's no testing for ironic now... | 20:03 |
| opendevreview | Dmitriy Rabotyagov proposed openstack/openstack-ansible-os_zun master: Stop generating ssh keypair for zun and kuryr user https://review.opendev.org/c/openstack/openstack-ansible-os_zun/+/898248 | 20:06 |
| opendevreview | Dmitriy Rabotyagov proposed openstack/openstack-ansible-os_ironic master: Stop generating ssh keypair for ironic user https://review.opendev.org/c/openstack/openstack-ansible-os_ironic/+/898253 | 20:06 |
Generated by irclog2html.py 2.17.3 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!