| opendevreview | Damian DÄ…browski proposed openstack/openstack-ansible master: Explicitly add localhost to inventory.ini https://review.opendev.org/c/openstack/openstack-ansible/+/899523 | 00:33 |
|---|---|---|
| *** hindret_ is now known as hindret | 08:57 | |
| *** mnasiadka_ is now known as mnasiadka | 08:57 | |
| opendevreview | Damian DÄ…browski proposed openstack/openstack-ansible-os_nova master: Always disable libvirt default network https://review.opendev.org/c/openstack/openstack-ansible-os_nova/+/899768 | 09:11 |
| gokhani | hello folks, when I try to use real ips for public net, I can't connect to internet. also I am trying to ping gateway from dhcp namespace it is not working. But when I use lan ips for public net, with nats I can connect to internet. what can be the problem? | 10:58 |
| gokhani | I also tried to assign real ip to vlan interface on compute node, it can connect to internet | 11:00 |
| jamesdenton | gokhani there is no real differentiator from Neutron's perspective. If you can't ping the gateway from the DHCP namespace then that VLAN might not be available from that particular node (ie. is it missing from the trunk). But it's hard to say without more details | 12:22 |
| gokhani | thanks jamesdenton it is weird situation. we need to check all of the nodes. we give permission from all of the nodes. Host can ping gateway of public net but in dhcp namespace we can not ping. | 12:34 |
| jrosser | gokhani: that suggests that there is a misconfiguration in neutron such that it does not wire the right bridge or interface? | 13:38 |
| jrosser | also if you can ping the public network gateway from the host take care about what services you expose on the host (i guess you have a public IP on it) | 13:39 |
| spatel | Folks, Do you guys enable hugepages on your compute nodes? | 14:26 |
| jrosser | spatel: kind of no, but yes | 14:39 |
| jrosser | we have transparent huge pages enabled i think | 14:40 |
| spatel | jrosser hmm ? | 14:40 |
| jrosser | https://www.kernel.org/doc/html/next/admin-guide/mm/transhuge.html | 14:41 |
| spatel | If HugePage always improve performance then why don't everyone not enable by default? | 14:41 |
| spatel | This is what I do in most case to enable HugePage - GRUB_CMDLINE_LINUX="$GRUB_CMDLINE_LINUX default_hugepagesz=1GB hugepagesz=1GB hugepages=36 transparent_hugepage=never" | 14:43 |
| spatel | you are saying just enable transparent only? | 14:43 |
| jrosser | if you get yourself into a situation where there is not sufficient unfragmented memory to allocate a hugepage, the allocation will fail | 14:43 |
| spatel | How to find that out in general workload where you have all kind of application running on top of computes | 14:47 |
| jrosser | we ran a script that showed that 94% of our VM were running entirely with hugepages using THP | 14:47 |
| spatel | Where is the script :) | 14:48 |
| jrosser | so we already get all the benefits of HP without any of the downsides of forcing it | 14:48 |
| spatel | I would like to understand my usage of hugepages | 14:48 |
| spatel | You did turn on HP on compute + vm right? | 14:50 |
| jrosser | no we didnt, we determined that it was not necessary | 14:50 |
| jrosser | that THP had the same effect for the vast majority of what was running | 14:51 |
| nixbuilder | Has anyone seen this error when running the os-keystone-install.yml script? Seems like I may be missing a variable somewhere. https://paste.openstack.org/show/bNMz2bqhmDKhb5UK7tQa | 15:28 |
| nixbuilder | This is using scripts from 27.1.0 | 15:29 |
| frickler | nixbuilder: I don't know the answer but notice that you leaked a password in that paste, just in case it is being used for real somewhere | 15:41 |
| nixbuilder | Yeah... it's just a temporary non-production password. | 15:45 |
| *** promethe- is now known as prometheanfire | 16:49 | |
| *** prometheanfire is now known as Guest5452 | 16:49 | |
| *** Guest5452 is now known as prometheanfire | 16:51 | |
| nixbuilder | Also getting this error: https://paste.openstack.org/show/bdWgJoUs5ObLGb7qf012/ | 17:16 |
| jrosser | nixbuilder: this is a metal deployment? | 17:38 |
| nixbuilder | Yes... all metal. | 17:40 |
| jrosser | you can easily compare your config with one of our CI jobs which mostly all run like that too | 17:41 |
| jrosser | here would be those jobs https://review.opendev.org/q/project:openstack%252Fopenstack-ansible+status:open | 17:42 |
| nixbuilder | jrosser: Thanks... I'll try. | 17:45 |
| jrosser | i would guess that either the db setup failed somehow and youve moved on to keystone rather than fix that | 17:45 |
| jrosser | or there is some inventory/variables issue thats resulted in the db permissions being wrong (i.e not allowing admin@infra) | 17:46 |
| jrosser | as always, building an all-in-one as reference is very useful as these are hugely tested | 17:46 |
| jrosser | it should be possible to use the mysql cli on the db node (infra01) to look at the db permissions / tables etc | 17:47 |
| jrosser | if that doesnt work then it's an issue with the way the db has been installed and the local admin credentials written out | 17:48 |
| jrosser | nixbuilder: actually have you defined the utility host group? | 17:48 |
| jrosser | the mysql client (required by the ansible modules) is set up targetting the utility host, which in your case of all metal should also be the infra nodes | 17:51 |
| nixbuilder | jrosser: I will check on that utility group. | 18:26 |
| nixbuilder | jrosser: I will also build an AIO system as well. | 18:33 |
Generated by irclog2html.py 2.17.3 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!