Tuesday, 2024-01-30

« Monday, 2024-01-29 Index Wednesday, 2024-01-31 »
opendevreviewMerged openstack/openstack-ansible master: Bump upstream SHAs on master  https://review.opendev.org/c/openstack/openstack-ansible/+/90614803:22
noonedeadpunkmornings08:16
noonedeadpunkok, yes, excludelist is just absent in aio08:16
jrossermorning08:44
jrosserdid i make some mistake in the tempest vars stuff?08:44
opendevreviewDmitriy Rabotyagov proposed openstack/openstack-ansible-os_tempest master: Fix condition of excludelist file removal  https://review.opendev.org/c/openstack/openstack-ansible-os_tempest/+/90718008:47
opendevreviewDmitriy Rabotyagov proposed openstack/openstack-ansible-os_ironic master: Allow to extend default ironic_driver_types  https://review.opendev.org/c/openstack/openstack-ansible-os_ironic/+/90715508:47
opendevreviewDmitriy Rabotyagov proposed openstack/openstack-ansible-os_ironic master: Fix a typo in pxe_redfish definition  https://review.opendev.org/c/openstack/openstack-ansible-os_ironic/+/90635308:47
opendevreviewDmitriy Rabotyagov proposed openstack/openstack-ansible-os_magnum master: Adopt for usage openstack_resources role  https://review.opendev.org/c/openstack/openstack-ansible-os_magnum/+/90118508:48
opendevreviewDmitriy Rabotyagov proposed openstack/openstack-ansible-os_magnum master: Move insecure param to keystone_auth section  https://review.opendev.org/c/openstack/openstack-ansible-os_magnum/+/90511008:48
jrosseroh doh :(08:49
jrosserso close to being right08:49
noonedeadpunkit was suuuuper close :D08:59
opendevreviewMerged openstack/ansible-hardening master: Use replace module instead of lineinfile for disabling dynamic motd  https://review.opendev.org/c/openstack/ansible-hardening/+/90709509:37
opendevreviewDmitriy Rabotyagov proposed openstack/ansible-hardening stable/2023.2: Use replace module instead of lineinfile for disabling dynamic motd  https://review.opendev.org/c/openstack/ansible-hardening/+/90689409:38
opendevreviewDmitriy Rabotyagov proposed openstack/ansible-hardening stable/2023.1: Use replace module instead of lineinfile for disabling dynamic motd  https://review.opendev.org/c/openstack/ansible-hardening/+/90689509:38
jrosserdid you see ceph-ansible got deprecated again10:11
kleiniand what should be the alternative? cephadm?10:16
jrosserit depends what the question is really10:19
jrosserto make a ceph cluster next to openstack-ansible then really any approach is fine10:19
jrosserbut openstack-ansible itself running ceph-ansible to make a production deployment, we said generally "don't do that, it's for CI/development"10:21
jrosserthe deb/rpm are all available for the newer releases anyway10:22
kleiniso I need to move my staging Ceph deployment from ceph-ansible away to something else. But ceph-ansible was easy to use in Ansible which does for me the Heat stack deployment for the staging environment.10:24
jrosseryou can go Q->R just by updating the packages on a ceph-ansible deployment10:25
jrosserthat is the recommended upgrade approach 10:25
jrossernot actually using the ansible at all10:26
jrosserand i think for my use, it will be less effort just now to fork ceph-ansible and fix up anything that breaks fresh Reef installs than migrate to anything else10:27
fricklerjrosser: I didn't see that, thx for the headsup10:27
fricklerand we are considering the same, maybe do a fork under the opendev umbrella?10:27
jrosseri would really like to clean up ceph-ansible - do you use it on bare metal, or containers?10:27
noonedeadpunkjrosser: yeah, you've posted that day or so ago10:27
fricklerjrosser: containers running on bare-metal10:28
noonedeadpunkops repo ?:D 10:28
jrosserfrickler: one of my team is working right now on getting making it work with Reef/Jammy10:28
jrosserand we were just getting all sorted out to make the required PR :/10:28
noonedeadpunkwe can create a repo for that actually 10:29
jrosserfrickler: the only thing we found was small areas of the Reef dashboard that actually require cephadm or they don't work10:30
fricklerjrosser: I didn't look at reef yet, but that sounds pretty promising. pretty sure some other deployers will also be interested10:36
jrosseri agree10:36
jrosserit would be pretty nice to convert it to a collection10:41
jrosserthat would make integrating it into specific environments a whole lot easier10:41
fricklerjrosser: so what is your idea, rather do a fork on github or under the osa umbrella or a dedicated project in opendev?10:41
jrosseri've not really thought about it tbh10:41
jrosserwe already have a fork on github for historical reasons10:42
jrosserlike taking forever to get anything merged10:42
jrosserthe scope is likley wider that just OSA really10:43
fricklerjrosser: ok so maybe discuss this internally and let me know if you want help with setting up something in opendev10:51
jrosserfrickler: looks like my held node might be ready, https://github.com/jrosser.keys11:41
fricklerjrosser: ack, root@199.204.45.6512:07
farbodHi Guys. I stuck at `openstack-ansible setup-infrastructure.yml` in this step https://paste.opendev.org/show/bpB0Wkpltap9dCEsaYt2/ 12:07
farbodWhat can i do?12:07
farbodAlso i had a question. Should we configure disks for Ceph OSDs when using OSA?12:10
farbodHere is the full logs:  https://paste.opendev.org/show/bdlZUc8FfJ7jP4TwTUMY/12:13
noonedeadpunkfarbod: well. It's kinda tricky. In fact, we jsut have a "layer" right now to connect osa with ceph-ansible project12:33
noonedeadpunkwith that we usally suggest to manage these 2 independently12:33
noonedeadpunkbut yes, by output it looks like there're no OSDs for ceph were found/configured12:34
noonedeadpunkI personally not 100% aware of ceph-ansible code, but I assume there should be some kind of variable to define which drives should be used as OSDs12:35
farbodSo its better to deploy Ceph independently?12:37
farbodWhat do you suggest? cephadm or ceph-ansile?12:37
farbodAnd also how can i configure my self deployed ceph(I mean connecting it to ceph) when configuring OSA?12:37
jrosserfarbod: there is an ansible role we use to connect openstack components into the ceph cluster https://docs.openstack.org/openstack-ansible-ceph_client/latest/12:39
noonedeadpunkfarbod: I guess cephadm at this point, as ceph-ansible got deprecated 12:39
jrosserfarbod: when you deploy OSA with "its own" ceph via ceph-ansible there is some automatic setting of things like cinder / glance to use RBD backends, you will have to make some of this config manually when the ceph cluster is external to openstack-ansible12:42
jrosserfarbod: but in the simplest case you set this variable to point to the monitors of the external ceph https://github.com/openstack/openstack-ansible-ceph_client/blob/master/defaults/main.yml#L5012:43
kleininoonedeadpunk, thank you very much for your hint regarding filter_tenant_id. post-filtering works now for my setup.12:49
noonedeadpunksweet!12:49
jrosserwell thats pretty sad, you can't just specify name: <blah> state: absent on openstack.cloud.coe_cluster in order to delete one12:59
jrosserit wants all the parameters you would have needed to create it as well12:59
noonedeadpunkSo, original linkage to template made sense then?13:02
noonedeadpunkbut it's weird requirement for a module....13:02
jrossernot really, just seems wierd to not be able to delete a thing given only the name13:02
jrossermodule parameter validation not understanding the difference between present/absent state i assume13:03
jrosseroh no actaully, it passes bogus data (like zero node count) for the things you leave out13:03
jrosserand magnum is 400 at you in reply13:03
noonedeadpunkugh13:04
jrosseri would hope that this is some pattern baked in fundamentally to all those modules (present -> lots of options) (absent -> name|uuid)13:05
opendevreviewJonathan Rosser proposed openstack/openstack-ansible-ops master: WIP - Add collection to deploy magnum cluster-api with vexxhost driver  https://review.opendev.org/c/openstack/openstack-ansible-ops/+/90145013:14
opendevreviewJonathan Rosser proposed openstack/openstack-ansible-ops master: WIP - Bootstrapping playbook  https://review.opendev.org/c/openstack/openstack-ansible-ops/+/90217813:14
opendevreviewJonathan Rosser proposed openstack/openstack-ansible-ops master: Add role to install and run sonobouy k8s validation tests  https://review.opendev.org/c/openstack/openstack-ansible-ops/+/90605413:14
opendevreviewJonathan Rosser proposed openstack/openstack-ansible-ops master: Add playbook to run functional test of magnum capi driver  https://review.opendev.org/c/openstack/openstack-ansible-ops/+/90636113:14
opendevreviewJonathan Rosser proposed openstack/openstack-ansible-ops master: Add hook playbook install and test magnum capi driver  https://review.opendev.org/c/openstack/openstack-ansible-ops/+/90636313:14
jrosserfrickler: i am done with the held node, can we go again with a hold on the same job?13:16
fricklerjrosser: set up, do you need to change anything or just do a recheck?14:01
jrosserfrickler: i've updated the depends-on patches so it should just need a recheck14:02
jrosseris it right that X-Auth-Token gets printed unredacted in debug logs?14:09
jrosserlike this https://zuul.opendev.org/t/openstack/build/5b8fdb4272c646cf8d72df0d6ad6616b/log/logs/host/magnum-api.service.journal-10-25-08.log.txt#11014:11
noonedeadpunkthat looks quite bad....14:32
jrosserseems to be just glanceclient14:33
jrosserfor novaclient i see things like "X-Auth-Token: {SHA256}7ee335fad4314c128bc8c15b40425f288674156cda1181374e86fbbebb6e3680"14:35
spatelnoonedeadpunk jrosser admin1 Here is the trove DBaaS blog - https://satishdotpatel.github.io/trove-dbaas-openstack/ 14:44
spatelI will create next one with dedicated rabbitMQ way.. 14:44
noonedeadpunk#startmeeting openstack_ansible_meeting15:00
opendevmeetMeeting started Tue Jan 30 15:00:16 2024 UTC and is due to finish in 60 minutes.  The chair is noonedeadpunk. Information about MeetBot at http://wiki.debian.org/MeetBot.15:00
opendevmeetUseful Commands: #action #agreed #help #info #idea #link #topic #startvote.15:00
opendevmeetThe meeting name has been set to 'openstack_ansible_meeting'15:00
noonedeadpunk#topic rollcall15:00
noonedeadpunko/15:00
damiandabrowskihi!15:00
opendevreviewDmitriy Rabotyagov proposed openstack/openstack-ansible-os_tempest master: Fix condition of excludelist file removal  https://review.opendev.org/c/openstack/openstack-ansible-os_tempest/+/90718015:04
opendevreviewDmitriy Rabotyagov proposed openstack/openstack-ansible-os_tempest master: Fix condition of excludelist file removal  https://review.opendev.org/c/openstack/openstack-ansible-os_tempest/+/90718015:05
noonedeadpunk#topic office hours15:05
noonedeadpunkSo we got couple of roles, like ironic and magnum due to this small nit ^15:05
noonedeadpunk*broken 15:05
noonedeadpunk*failing CI15:05
* noonedeadpunk needs to get himself together15:05
noonedeadpunkSo I don't actually have many updates for the previous week15:06
noonedeadpunkI'd eventually need to go through bug reports, as while most of them got some first reply, I'm not sure they all were properly triaged15:07
noonedeadpunkHopefully to have some time on Friday for that15:07
noonedeadpunkI guess main 2 things that are in progress - openstack_resources and capi driver for magnum15:07
noonedeadpunkI was not able to work on openstack_resources to implement suggested improvements for image management.15:07
noonedeadpunkIt also might be worth doing that in follow-up, not sure15:08
noonedeadpunkfor magnum capi I see some quite good progress, but apparently work is still in progress. Likely very close to the finish line15:09
jrossero/ hello15:13
jrosseryes for cluster api it is very close15:14
jrosserworking in my AIO locally, just need to allow some more time for the cluster to create in the CI node i think15:14
jrosserbut there are a *ton* of dependant patches15:14
jrossersome of which are good to go, some of which might need some discussion about the best approach15:14
noonedeadpunkdespite beeing super short on time this season, I'm ready to check through things when they're ready :)15:16
noonedeadpunkI can recall there were some "volunteers" to test it out as well15:16
jrosseryeah, that would be good15:18
jrossergetting the AIO going is a little subtle though so i need to document that15:18
jrossersome of the dependancies are generally moving stuff out of openstack-ansible repo into plugins collection15:19
jrosserthose are low-hanging fruit15:19
noonedeadpunkactually moving to things to plugins, I was wondering what's up with https://review.opendev.org/q/topic:%22osa/collectify%22 ?15:21
noonedeadpunkLike I was thinking it can be trivial to move all playbooks to plugins while get some benefits (potentially)15:21
noonedeadpunkAnd that should not take dramatical time to move15:22
jrosseryeah so some of those things actually are needed for the capi work15:22
jrosserbut i have done "whatever it takes" so interested in feedback15:23
noonedeadpunkbut I can recall not all of these worked like expected?15:23
noonedeadpunkI just though of creating playbooks like openstack.osa.nova, openstack.osa.glance, etc and move content from integrated repo15:24
jrosserright - particularly the one to set vars for source installs i think15:24
noonedeadpunkwhile leaving just import_playbook: openstack.osa.glance for compatability15:24
noonedeadpunkin the integrated15:25
noonedeadpunkoh15:25
noonedeadpunkanother thing we might want to land "early"15:25
noonedeadpunkI had couple of patches to the inventory script...15:26
jrosseryeah15:26
jrosserfactoring out playbooks/common-* would be a really good start15:26
noonedeadpunkso this might be useful for your capi hussle I assume: https://review.opendev.org/c/openstack/openstack-ansible/+/905433/215:27
noonedeadpunkas I can recall you said before about inconsistent hostnames/inventory names for containers15:27
noonedeadpunkand this https://review.opendev.org/c/openstack/openstack-ansible/+/905438/2 should let us get rid of ANSIBLE_TRANSFORM_INVALID_GROUP_CHARS15:28
noonedeadpunkbasically making `-` and `_` interchangable15:28
noonedeadpunkwhich I dunno if good or terribly bad idea frankly speaking15:28
noonedeadpunkbut that means we should be able to jsut rename groups in env.d to be only underscores, and hopefully not breaking anybody during upgrade....15:29
noonedeadpunkbut that might be actually good to leave for the next cycle even....15:30
noonedeadpunkas I can see how playbooks might be using or relying on current group names15:30
jrosserit does sound like we should try to land a bunch of this stuff as soon as possible15:33
jrosserit’s all quite big and don’t want to leave it too late15:33
jrosseryes capi would benefit from the underscores change15:34
jrosseras there’s a bit of a break/fix cycle keeps happening with external collections there15:35
noonedeadpunkWith that we should still keep internal logic of converting hostnames for older deployments...15:38
noonedeadpunkas basically only new containers will be generated this way - inventory won't (or should not) be altered otherwise15:38
noonedeadpunk#endmeeting16:00
opendevmeetMeeting ended Tue Jan 30 16:00:58 2024 UTC.  Information about MeetBot at http://wiki.debian.org/MeetBot . (v 0.1.4)16:00
opendevmeetMinutes:        https://meetings.opendev.org/meetings/openstack_ansible_meeting/2024/openstack_ansible_meeting.2024-01-30-15.00.html16:00
opendevmeetMinutes (text): https://meetings.opendev.org/meetings/openstack_ansible_meeting/2024/openstack_ansible_meeting.2024-01-30-15.00.txt16:00
opendevmeetLog:            https://meetings.opendev.org/meetings/openstack_ansible_meeting/2024/openstack_ansible_meeting.2024-01-30-15.00.log.html16:00
jrosserfrickler: would you be able to put my key on the held node again?16:35
fricklerjrosser: seems I messed up earlier and deleted the fresh autohold instead of the old one. so this is still the old one that we see, will trigger another recheck now16:52
jrosseris the old node still there?16:52
fricklerjrosser: no, I deleted it now16:53
jrosserno problem16:53
fricklerI can add access to the new node once the job starts running, assuming it will fail at the end. you just shouldn't interfere with the job too early, then16:54
jrosserthat would be great, thanks16:55
fricklerjrosser: root@199.19.213.12318:18
opendevreviewDmitriy Rabotyagov proposed openstack/openstack-ansible-os_neutron master: Do not configure RPC for Neutron with OVN driver  https://review.opendev.org/c/openstack/openstack-ansible-os_neutron/+/90724518:18
jrosserthankyou18:18
opendevreviewDmitriy Rabotyagov proposed openstack/openstack-ansible-os_neutron master: Do not configure RPC for Neutron with OVN driver  https://review.opendev.org/c/openstack/openstack-ansible-os_neutron/+/90724518:34
opendevreviewDmitriy Rabotyagov proposed openstack/openstack-ansible-os_neutron master: Do not configure RPC for Neutron with OVN driver  https://review.opendev.org/c/openstack/openstack-ansible-os_neutron/+/90724519:08
« Monday, 2024-01-29 Index Wednesday, 2024-01-31 »

Generated by irclog2html.py 2.17.3 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!