| noonedeadpunk | Yeah, I was thinking about static ips, but kinda don't like overriding all container networks... And there's no hardware firewall involved in this case... | 06:34 |
|---|---|---|
| noonedeadpunk | And software firewall.... Is a topic on it's own.... | 06:34 |
| opendevreview | Dmitriy Rabotyagov proposed openstack/openstack-ansible master: [doc] Add documentation on spawning HAProxy inside LXC https://review.opendev.org/c/openstack/openstack-ansible/+/924353 | 06:38 |
| noonedeadpunk | it would be really neat though to supply "static" ip in the dynamic_inventory though | 06:40 |
| noonedeadpunk | eventually.... if to have /32 cidr and an explicitly different static route... | 06:41 |
| noonedeadpunk | but nah, I think it won't work | 06:41 |
| noonedeadpunk | yeah. suggest edit is quite neat | 06:43 |
| noonedeadpunk | I can add your example to the doc though unless you wanna push your writing as a whole | 07:05 |
| jrosser | that was from very long ago and there might be a better way now, i would want to look at it again | 07:40 |
| jrosser | btw there is a huge number of jobs failing on some keystone/database interaction | 07:41 |
| opendevreview | Jonathan Rosser proposed openstack/openstack-ansible master: Fix healthcheck-infrastructure for distro install https://review.opendev.org/c/openstack/openstack-ansible/+/924384 | 07:46 |
| opendevreview | Jonathan Rosser proposed openstack/openstack-ansible-galera_server master: Remove installation of libaio1 https://review.opendev.org/c/openstack/openstack-ansible-galera_server/+/924355 | 07:47 |
| opendevreview | Jonathan Rosser proposed openstack/openstack-ansible-galera_server master: Update to version 10.11.8 https://review.opendev.org/c/openstack/openstack-ansible-galera_server/+/924357 | 07:47 |
| noonedeadpunk | yeah, spotted that as well | 08:09 |
| noonedeadpunk | though didn't check the maria logs yet | 08:10 |
| opendevreview | Jonathan Rosser proposed openstack/openstack-ansible-rabbitmq_server master: Add support for Ubuntu Noble https://review.opendev.org/c/openstack/openstack-ansible-rabbitmq_server/+/924390 | 09:44 |
| opendevreview | Jonathan Rosser proposed openstack/openstack-ansible master: Test on Ubuntu Noble https://review.opendev.org/c/openstack/openstack-ansible/+/924342 | 09:45 |
| opendevreview | Jonathan Rosser proposed openstack/openstack-ansible-repo_server master: Ensure python3-setuptools is present on debian/ubuntu systems. https://review.opendev.org/c/openstack/openstack-ansible-repo_server/+/924393 | 09:59 |
| opendevreview | Jonathan Rosser proposed openstack/openstack-ansible master: Test on Ubuntu Noble https://review.opendev.org/c/openstack/openstack-ansible/+/924342 | 10:00 |
| opendevreview | Jonathan Rosser proposed openstack/openstack-ansible-os_nova master: Install architecture specific efi firmware for qemu https://review.opendev.org/c/openstack/openstack-ansible-os_nova/+/924396 | 11:07 |
| opendevreview | Jonathan Rosser proposed openstack/openstack-ansible master: Test on Ubuntu Noble https://review.opendev.org/c/openstack/openstack-ansible/+/924342 | 11:07 |
| jrosser | the metal noble jobs gets as far as nova now, hopefully further with ^ | 11:22 |
| jrosser | something is still wrong with the apparmor setup (almost certainly that we use a custom lxc-openstack profile) and that needs fixing | 11:23 |
| jrosser | and even without any noble stuff there is something really wrong with the _infra_ jobs | 11:23 |
| jrosser | \o/ https://zuul.opendev.org/t/openstack/build/2f87a87db21d48599bbe573930b4e0ca | 13:06 |
| noonedeadpunk | sweet | 13:17 |
| noonedeadpunk | lxc is still unhappy with apparmor I assume? | 13:17 |
| jrosser | yeah i did not get chance to look at that again, need a fresh AIO | 13:17 |
| jrosser | also just tried SCENARIO=aio_lxc_infra here to reproduce those broken jobs..... but just worked :( | 13:18 |
| jrosser | it is possible that this is relevant to the apparmor issue https://github.com/lxc/lxc/commit/32f88c8fecaa1f909d0aeb5ff3132932138fe692 | 13:18 |
| jrosser | and our custom profile may need similar changes | 13:19 |
| jrosser | but this is kind of guessing | 13:19 |
| noonedeadpunk | infra_lxc looks jsut borked everywhere | 13:20 |
| jrosser | it does, and i really am not sure why | 13:22 |
| noonedeadpunk | 2024-07-17 21:40:53.598556+00:00 mariadb.service 2024-07-17 21:40:53 182 [Warning] Access denied for user 'keystone'@'aio1-keystone-container-5d6310a7.openstack.local' (using password: YES) | 13:23 |
| noonedeadpunk | https://zuul.opendev.org/t/openstack/build/79464496ca1d4df9a0d1283d3d45307b/log/logs/openstack/aio1-galera-container-bbb82f4b/mariadb.service.journal-21-43-57.log.txt#368 | 13:23 |
| noonedeadpunk | huh | 13:24 |
| noonedeadpunk | oh, https://zuul.opendev.org/t/openstack/build/79464496ca1d4df9a0d1283d3d45307b/log/job-output.txt#16235-16236 | 13:26 |
| jrosser | oh - right | 13:27 |
| noonedeadpunk | why it's skipped.... | 13:29 |
| noonedeadpunk | it has the only condition - _keystone_is_first_play_host | 13:30 |
| jrosser | oh wait - i think i didnt run setup-openstack here | 13:30 |
| jrosser | just doing that now to get keystone | 13:30 |
| noonedeadpunk | hehe | 13:30 |
| noonedeadpunk | I think it could be related to ansible version bump somehow | 13:31 |
| noonedeadpunk | and smth like - `"_keystone_is_first_play_host"` being not treated as a var now | 13:31 |
| noonedeadpunk | due to quotes or smth.... | 13:32 |
| noonedeadpunk | but then everything would fail likeyl.... | 13:32 |
| noonedeadpunk | or now order in groups is random, so there's a 1/3 chance it will pass | 13:35 |
| jrosser | oh well, it's not that it always fails | 13:42 |
| jrosser | sometimes it passes, sometimes not | 13:42 |
| noonedeadpunk | 1/3 chance?:) | 13:44 |
| noonedeadpunk | then all our _is_first_host evaluations are broken | 13:44 |
| jrosser | and of course in AIO there normally is one of everything | 13:47 |
| jrosser | so coverage of that is pretty much == 0 | 13:47 |
| nixbuilder | Quick question... I have cinder setup to use our SAN via fiber channel. If I want to add an additional backend such as iSCSI do I run 'openstack-ansible os-cinder-install.yml -t cinder-config'? | 14:06 |
| noonedeadpunk | if it would be same cinder-volume instances handling another backend - yes | 14:18 |
| noonedeadpunk | though you might also prefer to create another set of cinder-volume containers/hosts to handle this another backend | 14:19 |
| nixbuilder | noonedeadpunk: Thank you! | 14:20 |
| jrosser | noonedeadpunk: the `intersect` in the first/last play hosts vars seems to change the order | 14:30 |
| jrosser | https://paste.opendev.org/show/b36Y1XDgrdc890e0HD8O/ | 14:31 |
| * jrosser double checks | 14:32 | |
| jrosser | omg it's not deterministic | 14:35 |
| jrosser | i've put some debug: in and a fail: to stop it and is_first_play_host is switching true/false between runs | 14:36 |
| jrosser | well intersect docs say `Items in the resulting list are returned in arbitrary order.` so yes thats not good | 14:38 |
| noonedeadpunk | yeah, so as Isaid, ansible-core 2.17 has changed smth... | 14:41 |
| noonedeadpunk | and we were relying that it's not arbitrary.... | 14:41 |
| noonedeadpunk | (and it wasn't) | 14:42 |
| noonedeadpunk | good that we've included keystone to infra,,,, | 14:42 |
| noonedeadpunk | and good that we moved logic to a variable back then :D | 14:44 |
| jrosser | https://github.com/ansible/ansible/issues/82554 | 14:47 |
| noonedeadpunk | bad that last commenter havent' reported intersect | 14:48 |
| noonedeadpunk | crap, we kind of need to look through all these filters in our code and check if we expect somewhere it to be determenistic except this usecase | 14:51 |
| jrosser | yeah | 14:51 |
| jrosser | i wonder if we should write an is_first_host and is_last_host filter in the plugins repo | 14:51 |
| jrosser | it would be simple and not have any surprises | 14:51 |
| jrosser | the expressions we have in the vars currently are not the simplest | 14:51 |
| noonedeadpunk | might be, depending on how much we'd need to pass into the filter | 14:52 |
| noonedeadpunk | as passing there nova_services would be weird | 14:53 |
| opendevreview | Merged openstack/openstack-ansible master: Update ssh service name for modern debian based systems. https://review.opendev.org/c/openstack/openstack-ansible/+/924306 | 15:51 |
| spatel | I want to move one of VM from openstack_A to openstack_B (Yes I can snapshot it and download image and import to other openstack) but can i just copy /var/lib/nova/instances/7e5e93a7-9838-4cf5-805f-3da30b88dc3d/disk file and import to other openstack as a image? | 16:01 |
| noonedeadpunk | no, you can do that only with volumes. | 16:28 |
| noonedeadpunk | not with ephemeral drives | 16:28 |
| mgariepy | and maybe you need to flatten the files. | 16:29 |
| spatel | Ok got it.. | 16:30 |
| mgariepy | but otherwise probably can create an image from the vm. but it won't save epehemral data. | 16:30 |
| spatel | I have snapshot the image and its showing QCOW2 format. But when I check doc its saying run this command to download - openstack image save --file snapshot.raw <snapshot_image> | 16:31 |
| noonedeadpunk | in cinder you can do volume manage and unmanage to move file physically between storages | 16:31 |
| spatel | do I need to use .raw format? | 16:31 |
| spatel | or openstack use only raw format to download/save image ? | 16:32 |
| noonedeadpunk | I think it would be in a same format as image is stored | 16:32 |
| noonedeadpunk | so should depend, imo | 16:32 |
| spatel | Image showing QCOW2 :) | 16:32 |
| spatel | let me try and check | 16:32 |
| noonedeadpunk | well, it's easy to check what format is once you download :D | 16:33 |
| spatel | hehe! file <foobar> | 16:36 |
| spatel | will do once its ready | 16:36 |
| noonedeadpunk | qemu-img info ? | 17:08 |
| spatel | QEMU QCOW2 Image (v3), 21474836480 bytes | 20:48 |
| spatel | its in same format | 20:48 |
Generated by irclog2html.py 2.17.3 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!