| NeilHanlon | spatel: https://github.com/kubernetes/autoscaler/blob/master/cluster-autoscaler/cloudprovider/magnum/README.md | 00:05 |
|---|---|---|
| NeilHanlon | basically: it is a hook into this kube scaler | 00:05 |
| spatel | hmm | 00:06 |
| spatel | so autoscale is k8s deployment service running inside k8s right? | 00:06 |
| spatel | magnum talk to k8s autoscale to learn about load? | 00:06 |
| spatel | what is the workflow here? who talk to who and how ? | 00:07 |
| NeilHanlon | specifically, you're looking for the Cluster Autoscaler -- which controls how many nodes belong to a cluster | 00:08 |
| NeilHanlon | the autoscaler runs (as a Deployment) inside k8s, and speaks to whatever API its configured to (e.g., Magnum, for OpenStack clouds) | 00:08 |
| NeilHanlon | in other words, you must configure the kubernetes cluster with the cluster autoscaler -- i don't know if it just works by default with Magnum or how it's deployed. In AWS there's setup that has to be done, e.g. -- you have to create a service account for the user, give it permissions to manage the entities (node groups), etc | 00:09 |
| spatel | Our customer looking for autoscaling option where worker node go up and down based on workload demand | 00:19 |
| spatel | whatever you are saying that make little sense.. autoscale feed information to magnum and magnum take action based on provided data by autoscaler. right? | 00:20 |
| NeilHanlon | Well, not really. It *all* happens inside the autoscaler. The autoscaler runs, and receives feedback from kubernetes about the pods, and will call magnum if it thinks that changing the nodegroup size would alleviate a situation where a pod is not schedulable. I'd recommend giving the FAQ here a read: | 00:29 |
| NeilHanlon | https://github.com/kubernetes/autoscaler/blob/master/cluster-autoscaler/FAQ.md#frequently-asked-questions | 00:29 |
| NeilHanlon | notably, it depends heavily on your workloads being properly setup (with limits/requests) so that the kube cluster is able to understand what the extents of the resources are, and when it should request more resources from magnum | 00:30 |
| spatel | hmm | 00:40 |
| jrosser | NeilHanlon: spatel: https://cluster-api.sigs.k8s.io/tasks/automated-machine-management/autoscaling | 08:47 |
| jrosser | andrewbonney: https://github.com/vexxhost/ansible-collection-kubernetes/issues/96#issuecomment-1870155317 | 08:50 |
| noonedeadpunk | talking about that, how far we are from moving capi out of wip? | 09:16 |
| kleini | I just upgraded to Antelope and since then we have issues, that application credentials do not work at all any more. New role member without underscore is assigned correctly but e.g. Nova refuses with "Policy doesn't allow". Do you have any pointers where I can start searching for the cause? Is that caused by dropping support for the _member_ role? | 09:29 |
| andrewbonney | kleini: this sounds like https://bugs.launchpad.net/keystone/+bug/2030061 | 09:32 |
| kleini | hmm, didn't notice anywhere in the release notes, that now reader is required additionally. will try that. | 09:34 |
| kleini | andrewbonney, many thanks for the pointer | 09:34 |
| andrewbonney | No problem. We're patching Keystone with https://review.opendev.org/c/openstack/keystone/+/893737 in the meantime | 09:34 |
| kleini | using additionally the role reader for the application credentials make them working again. many thanks! | 09:37 |
| noonedeadpunk | kleini: there was quite some ML threads regarding that | 09:40 |
| noonedeadpunk | I think you haven't seen that since any role was acting as a member | 09:40 |
| noonedeadpunk | but then keystone has fixed ACL basically | 09:41 |
| jrosser | noonedeadpunk: I am back at work next week but really want to push capi stuff forward | 09:44 |
| jrosser | we have it working in pretty complex lab with air gap / http proxies / private registry / isolated control plane | 09:45 |
| kleini | we mostly use the member role. I still try to get rid of the _member_ role. most application credentials unfortunately used the _member_ role and need to be recreated. that's why I am stumbling now. I am not really able to understand all the details around that. | 09:45 |
| jrosser | like all the things that make it production ready rather than some toy deployment | 09:45 |
| noonedeadpunk | kleini: if you're having magnum, you should also check trusts in keystone - it's another thing using _member_ | 09:46 |
| noonedeadpunk | jrosser: yeah, would be nice to have that in | 09:46 |
| jrosser | but I worry we have introduced quite some barrier to use with putting it in a ops repo collection rather than more direct integration | 09:46 |
| jrosser | like kolla is out of the box for some of it | 09:46 |
| jrosser | anyway, something to think about how we should make it easy to use | 09:47 |
| noonedeadpunk | from other side I've heard that kolla was not going to bother with handling botstrap cluster creation | 09:47 |
| noonedeadpunk | ? | 09:47 |
| jrosser | would like to get a few others osa cores trying my stuff out | 09:47 |
| kleini | noonedeadpunk: good to know. we're not using that currently but a Terraform and Kube One based kubernetes deployment because we need Istio as ingress. I was not able yet to get Istio working in a Kubernetes deployed with Magnum. | 09:47 |
| jrosser | yeah, mine is “batteries included” approach, everything is done from scratch by the playbooks | 09:48 |
| noonedeadpunk | I'm quite interested in tryng out, but like 0 time until march for that potentially | 09:48 |
| noonedeadpunk | but indeed, would be nice to hear more voices | 09:48 |
| noonedeadpunk | (and if I pushed to the wrong direction with ops repo) | 09:49 |
| opendevreview | Dmitriy Rabotyagov proposed openstack/openstack-ansible master: Modify RGW client format https://review.opendev.org/c/openstack/openstack-ansible/+/904741 | 12:09 |
| opendevreview | Dmitriy Rabotyagov proposed openstack/openstack-ansible master: Ensure tempest include and exclude lists all use unique names https://review.opendev.org/c/openstack/openstack-ansible/+/893968 | 12:11 |
| opendevreview | Dmitriy Rabotyagov proposed openstack/ansible-config_template master: [doc] Document limitation and workaround for variables in mapping keys https://review.opendev.org/c/openstack/ansible-config_template/+/904744 | 12:42 |
| opendevreview | Dmitriy Rabotyagov proposed openstack/ansible-config_template master: [doc] Document limitation and workaround for variables in mapping keys https://review.opendev.org/c/openstack/ansible-config_template/+/904744 | 12:45 |
| opendevreview | Dmitriy Rabotyagov proposed openstack/openstack-ansible master: Modify RGW client format https://review.opendev.org/c/openstack/openstack-ansible/+/904741 | 14:04 |
| opendevreview | Dmitriy Rabotyagov proposed openstack/openstack-ansible master: Modify RGW client format https://review.opendev.org/c/openstack/openstack-ansible/+/904741 | 14:06 |
| opendevreview | Dmitriy Rabotyagov proposed openstack/openstack-ansible-lxc_hosts master: Fix permissions for base directories https://review.opendev.org/c/openstack/openstack-ansible-lxc_hosts/+/904756 | 14:31 |
| noonedeadpunk | this is very basic but very nasty bug ^ | 14:32 |
| opendevreview | Dmitriy Rabotyagov proposed openstack/openstack-ansible master: Modify RGW client format https://review.opendev.org/c/openstack/openstack-ansible/+/904741 | 14:42 |
| opendevreview | Dmitriy Rabotyagov proposed openstack/openstack-ansible master: Ensure tempest include and exclude lists all use unique names https://review.opendev.org/c/openstack/openstack-ansible/+/893968 | 15:15 |
| opendevreview | Dmitriy Rabotyagov proposed openstack/openstack-ansible-os_ironic stable/2023.2: Stop generating ssh keypair for ironic user https://review.opendev.org/c/openstack/openstack-ansible-os_ironic/+/903543 | 15:22 |
| opendevreview | Andrew Bonney proposed openstack/openstack-ansible stable/2023.1: Fix shallow_since for rabbitmq_server on 2023.1 https://review.opendev.org/c/openstack/openstack-ansible/+/904758 | 15:24 |
| opendevreview | Dmitriy Rabotyagov proposed openstack/openstack-ansible-plugins stable/2023.2: Ensure consistent ordering of network_mappings https://review.opendev.org/c/openstack/openstack-ansible-plugins/+/904732 | 15:26 |
| opendevreview | Dmitriy Rabotyagov proposed openstack/openstack-ansible-plugins stable/2023.1: Ensure consistent ordering of network_mappings https://review.opendev.org/c/openstack/openstack-ansible-plugins/+/904733 | 15:27 |
| opendevreview | Dmitriy Rabotyagov proposed openstack/openstack-ansible-plugins stable/zed: Ensure consistent ordering of network_mappings https://review.opendev.org/c/openstack/openstack-ansible-plugins/+/904734 | 15:27 |
| opendevreview | Dmitriy Rabotyagov proposed openstack/openstack-ansible master: Ensure disable/enable haproxy backends exists for all services https://review.opendev.org/c/openstack/openstack-ansible/+/904452 | 15:33 |
| opendevreview | Dmitriy Rabotyagov proposed openstack/openstack-ansible-os_nova master: Improve Blazar integration with Nova https://review.opendev.org/c/openstack/openstack-ansible-os_nova/+/904779 | 17:13 |
| opendevreview | Dmitriy Rabotyagov proposed openstack/openstack-ansible-os_nova master: Improve Blazar integration with Nova https://review.opendev.org/c/openstack/openstack-ansible-os_nova/+/904779 | 17:16 |
| opendevreview | Dmitriy Rabotyagov proposed openstack/openstack-ansible-os_tempest master: Add blazar tempest support https://review.opendev.org/c/openstack/openstack-ansible-os_tempest/+/904785 | 18:16 |
| opendevreview | Dmitriy Rabotyagov proposed openstack/openstack-ansible master: Add tempest tests for Blazar https://review.opendev.org/c/openstack/openstack-ansible/+/904786 | 18:20 |
| opendevreview | Dmitriy Rabotyagov proposed openstack/openstack-ansible master: Add tempest tests for Blazar https://review.opendev.org/c/openstack/openstack-ansible/+/904786 | 18:31 |
| opendevreview | Dmitriy Rabotyagov proposed openstack/openstack-ansible-os_blazar master: Fix Blazar authentication and endpoints defenition https://review.opendev.org/c/openstack/openstack-ansible-os_blazar/+/904791 | 18:42 |
| opendevreview | Dmitriy Rabotyagov proposed openstack/openstack-ansible master: Add tempest tests for Blazar https://review.opendev.org/c/openstack/openstack-ansible/+/904786 | 18:43 |
| opendevreview | Merged openstack/ansible-config_template master: [doc] Document limitation and workaround for variables in mapping keys https://review.opendev.org/c/openstack/ansible-config_template/+/904744 | 20:37 |
| opendevreview | Merged openstack/openstack-ansible-lxc_hosts master: Fix permissions for base directories https://review.opendev.org/c/openstack/openstack-ansible-lxc_hosts/+/904756 | 22:32 |
| opendevreview | Dmitriy Rabotyagov proposed openstack/openstack-ansible-lxc_hosts stable/2023.2: Fix permissions for base directories https://review.opendev.org/c/openstack/openstack-ansible-lxc_hosts/+/904738 | 22:43 |
| opendevreview | Merged openstack/openstack-ansible master: abstract bootstrap host disk partition names https://review.opendev.org/c/openstack/openstack-ansible/+/901106 | 22:59 |
| opendevreview | Merged openstack/openstack-ansible stable/2023.1: Fix shallow_since for rabbitmq_server on 2023.1 https://review.opendev.org/c/openstack/openstack-ansible/+/904758 | 22:59 |
Generated by irclog2html.py 2.17.3 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!