Tuesday, 2017-04-04

« Monday, 2017-04-03 Index Wednesday, 2017-04-05 »
*** hongbin has quit IRC00:11
*** nick171 has joined #openstack-containers00:12
*** catintheroof has joined #openstack-containers00:25
*** vijaykc4 has joined #openstack-containers00:39
*** adrian_otto has joined #openstack-containers00:41
*** catintheroof has quit IRC01:02
*** adrian_otto has quit IRC01:04
*** NikhilS has joined #openstack-containers01:07
*** dave-mccowan has quit IRC01:17
*** ramishra has joined #openstack-containers01:20
*** EricGonczer_ has joined #openstack-containers01:25
*** vijaykc4 has quit IRC01:27
*** EricGonczer_ has quit IRC01:40
*** ramishra has quit IRC01:50
*** harlowja has quit IRC02:06
*** adrian_otto has joined #openstack-containers02:10
*** adrian_otto has quit IRC02:23
*** adrian_otto has joined #openstack-containers02:25
*** swatson has quit IRC02:34
*** hongbin has joined #openstack-containers02:36
*** vijaykc4 has joined #openstack-containers02:38
*** Drago1 has quit IRC02:38
*** Drago1 has joined #openstack-containers02:38
*** Drago1 has quit IRC02:43
*** adrian_otto has quit IRC02:47
*** harlowja has joined #openstack-containers02:50
*** jwcroppe has quit IRC02:50
*** jwcroppe has joined #openstack-containers02:51
*** vijaykc4 has quit IRC03:05
*** jwcroppe_ has joined #openstack-containers03:11
*** jwcroppe has quit IRC03:13
*** ramishra has joined #openstack-containers03:14
*** vijaykc4 has joined #openstack-containers03:29
*** trinaths has joined #openstack-containers03:51
*** hongbin has quit IRC03:53
*** hongbin has joined #openstack-containers03:53
*** harlowja has quit IRC03:56
*** aparnav has joined #openstack-containers03:56
*** adrian_otto has joined #openstack-containers03:56
*** vijaykc4 has quit IRC03:57
*** hongbin has quit IRC04:07
*** harlowja has joined #openstack-containers04:07
*** Adri2000 has quit IRC04:17
*** Adri2000 has joined #openstack-containers04:17
*** harlowja has quit IRC04:33
*** janki has joined #openstack-containers04:37
*** rcernin has joined #openstack-containers04:46
*** dimtruck is now known as zz_dimtruck04:48
*** Jack_Iv has joined #openstack-containers04:56
*** Jack_Iv_ has joined #openstack-containers04:57
*** adrian_otto has quit IRC05:00
*** Jack_Iv has quit IRC05:01
*** jchhatbar has joined #openstack-containers05:05
*** vishwana_ has joined #openstack-containers05:05
*** Jack_Iv_ has quit IRC05:09
*** rcernin has quit IRC05:09
*** Jack_Iv has joined #openstack-containers05:10
*** rcernin has joined #openstack-containers05:11
*** harlowja has joined #openstack-containers05:11
*** janki has quit IRC05:14
*** vishwanathj has quit IRC05:14
*** zhenguo has quit IRC05:14
openstackgerrityatin proposed openstack/magnum master: Add kube dashboard and remove kube ui  https://review.openstack.org/44104605:15
*** adisky_ has joined #openstack-containers05:15
*** Jack_Iv has quit IRC05:15
*** ramishra has quit IRC05:24
*** vijaykc4 has joined #openstack-containers05:26
*** Jack_Iv has joined #openstack-containers05:29
*** mdnadeem has joined #openstack-containers05:31
*** deu_ has quit IRC05:34
*** deu_ has joined #openstack-containers05:34
*** Jack_Iv_ has joined #openstack-containers05:39
*** Jack_Iv has quit IRC05:43
openstackgerrityatin proposed openstack/magnum master: Add kube dashboard and remove kube ui  https://review.openstack.org/44104605:45
*** madgoat has joined #openstack-containers05:53
*** madgoat has left #openstack-containers05:53
openstackgerrityatin proposed openstack/magnum master: [k8s_coreos] Add kubernetes dashboard  https://review.openstack.org/44907305:55
*** mjura has joined #openstack-containers05:57
*** harlowja has quit IRC06:02
*** Oku_OS-away is now known as Oku_OS06:08
openstackgerritMerged openstack/magnum master: Format the quickstart doc  https://review.openstack.org/43141206:10
*** mjura has quit IRC06:17
openstackgerritMadhuri Kumari proposed openstack/python-magnumclient master: Make cluster name positional in ca-show  https://review.openstack.org/43143106:26
*** Serlex has joined #openstack-containers06:40
*** mjura has joined #openstack-containers06:43
*** vijaykc4 has quit IRC06:54
*** hishh has joined #openstack-containers06:59
*** mjura has quit IRC07:03
*** Jack_Iv_ has quit IRC07:04
*** Jack_Iv has joined #openstack-containers07:04
*** Jack_Iv has quit IRC07:05
*** vijaykc4 has joined #openstack-containers07:05
*** Jack_Iv has joined #openstack-containers07:05
*** Jack_Iv_ has joined #openstack-containers07:06
*** Jack_Iv has quit IRC07:10
*** fungusakafungus has joined #openstack-containers07:11
*** hishh has quit IRC07:12
*** zhenguo has joined #openstack-containers07:15
*** Jack_Iv has joined #openstack-containers07:16
*** Jack_Iv_ has quit IRC07:18
*** pcaruana has joined #openstack-containers07:19
*** yasemin_ has joined #openstack-containers07:21
yasemin_hi, do you know magnum is running successfully on ocata , devstack ?07:22
*** fungusak_ has joined #openstack-containers07:36
*** fungusakafungus has quit IRC07:37
*** fungusak_ has quit IRC07:39
*** Jack_Iv has quit IRC07:44
yasemin_i have bugs always :/07:48
yatinkarelgoing for it07:50
yatinkarelyasemin_, it must be working07:51
*** vijaykc4 has quit IRC07:51
*** Drago1 has joined #openstack-containers07:52
*** amoralej|off is now known as amoralej07:53
yasemin_yatinkarel, nova instances not showing and error is "Unable to retrieve instances"07:53
*** ianychoi has quit IRC07:54
yatinkarelyasemin_, then it must be nova issue07:54
*** vijaykc4 has joined #openstack-containers07:57
yasemin_yatinkarel, in multinode devstack installation, magnum not install cluster on compute node ? is there any special services on compute nodes ?07:57
*** Drago2 has joined #openstack-containers07:57
yatinkarelno services related to magnum are required on compute node07:58
yatinkarelmagnum create cluster nodes, and these nodes can run on any compute node in the openstack setup07:59
*** Drago1 has quit IRC07:59
yasemin_but magnum not  create  cluster on compute node, it gives n-cell error08:00
*** fungusakafungus has joined #openstack-containers08:02
*** ssbarnea has joined #openstack-containers08:10
yatinkarelcan you try without n-cell08:10
yatinkarelyasemin_, if you try to create a nova instance(using nova boot, openstack server create) do you succeed08:12
yasemin_yatinkarel, yes, unless i add compute nodes, clusters are created08:14
*** ianychoi has joined #openstack-containers08:17
*** dsariel has joined #openstack-containers08:23
*** vijaykc4 has quit IRC08:25
*** hishh has joined #openstack-containers08:27
*** Jack_Iv has joined #openstack-containers08:28
*** Jack_Iv has quit IRC08:28
*** dsariel has quit IRC08:36
yatinkarelafter adding compute node, do nova boot works?08:38
yasemin_no08:39
yatinkarelthen it's a nova issue for sure08:39
yatinkarelyour local.conf for controller and compute node?08:39
strigaziyasemin_ magnum works fine in ocata08:40
yasemin_compute http://paste.openstack.org/show/605367/ , controller http://paste.openstack.org/show/605368/08:40
*** vijaykc4 has joined #openstack-containers08:41
*** dsariel has joined #openstack-containers08:43
*** fungusakafungus has quit IRC08:51
*** fungusakafungus has joined #openstack-containers08:52
*** kevinz has joined #openstack-containers08:52
*** fungusak_ has joined #openstack-containers08:54
*** fungusakafungus has quit IRC08:54
*** salmankhan has joined #openstack-containers08:56
*** kevinz has quit IRC09:03
*** kevinz has joined #openstack-containers09:04
openstackgerritMathieu Velten proposed openstack/magnum master: Fix usage of the trustee user in K8S Cinder plugin  https://review.openstack.org/44540409:05
*** vijaykc4 has quit IRC09:06
*** yatinkarel has left #openstack-containers09:12
*** yatinkarel has joined #openstack-containers09:12
yatinkarelyasemin_, Try with ENABLED_SERVICES=n-cpu,q-agt,dstat,placement-client in compute node09:13
*** vijaykc4 has joined #openstack-containers09:14
*** Jack_Iv has joined #openstack-containers09:15
*** Jack_Iv_ has joined #openstack-containers09:16
openstackgerritMathieu Velten proposed openstack/magnum master: Fix usage of the trustee user in K8S Cinder plugin  https://review.openstack.org/44540409:18
*** Jack_Iv has quit IRC09:19
*** nick171 has quit IRC09:24
yatinkarelstrigazi, ping09:29
strigaziyatinkarel hi09:29
yatinkarelstrigazi, i was trying latest image, swarm was working09:29
yatinkarelstrigazi, k8s atomic also09:29
strigaziok09:29
yatinkarelstrigazi, but kubectl logs gives error09:30
strigaziany problems?09:30
yatinkarelstrigazi, i remember it was fixed few days ago09:30
strigaziThis is a bit general09:30
strigaziwhat errors?09:30
yatinkareldns error the same that vijendra fixed few days ago09:30
yatinkarel[fedora@k8-abywpyo5b6-0-s6q76trpgyur-kube-master-ui72hds6uwf5 ~]$ kubectl logs kube-proxy-k8-icqu7ymrce-0-gum6irknh72f-kube-minion-zuuronasvbrw --namespace kube-system09:31
yatinkarelError from server: Get https://k8-icqu7ymrce-0-gum6irknh72f-kube-minion-zuuronasvbrw:10250/containerLogs/kube-system/kube-proxy-k8-icqu7ymrce-0-gum6irknh72f-kube-minion-zuuronasvbrw/kube-proxy: dial tcp: lookup k8-icqu7ymrce-0-gum6irknh72f-kube-minion-zuuronasvbrw on 8.8.8.8:53: no such host09:31
openstackgerritMathieu Velten proposed openstack/magnum master: Fix usage of the trustee user in K8S Cinder plugin  https://review.openstack.org/44540409:31
strigaziI don't think it related to the updated though09:32
strigazis/updated/update09:32
yatinkarelMay be09:33
yatinkareldo you have a k8s cluster with latest image09:34
strigaziin a bit I will09:34
yatinkarelstrigazi, ok try kubectl logs09:34
openstackgerritMathieu Velten proposed openstack/magnum master: Fix usage of the trustee user in K8S Cinder plugin  https://review.openstack.org/44540409:37
openstackgerritMathieu Velten proposed openstack/magnum master: Fix usage of the trustee user in K8S Cinder plugin  https://review.openstack.org/44540409:38
strigaziyatinkarel in my devstack works09:39
yatinkarelwith latest image and hyperkube 1.5.309:40
strigaziyatinkarel recreating09:43
yatinkarelstrigazi, Ok09:45
*** NikhilS has quit IRC10:01
*** NikhilS has joined #openstack-containers10:01
*** NikhilS has quit IRC10:02
*** rpi has joined #openstack-containers10:04
strigaziyatinkarel I can't exec with -it but I can do cat for example10:05
yasemin_yatinkarel, okey i try it10:06
strigaziyatinkarel I can do exec from insied the master10:08
strigaziyatinkarel I can do exec from inside the master10:08
strigaziyatinkarel with -it10:08
strigaziyatinkarel it was something on my host. I can do it fine now10:10
strigaziyatinkarel works fine for me10:11
strigaziyatinkarel going out for lunch10:11
yatinkarelstrigazi, Ok then10:12
yatinkarelstrigazi, then there might be some issue with my environment, i will check that10:13
*** vijaykc4 has quit IRC10:25
*** vijaykc4 has joined #openstack-containers10:25
*** vijaykc4 has quit IRC10:26
*** vijaykc4 has joined #openstack-containers10:26
*** vijaykc4 has quit IRC10:27
*** vijaykc4 has joined #openstack-containers10:27
*** dsariel has quit IRC10:27
*** vijaykc4 has quit IRC10:27
*** Jack_Iv_ has quit IRC10:29
*** Jack_Iv has joined #openstack-containers10:30
*** Jack_Iv has quit IRC10:35
*** fungusak_ has quit IRC10:44
*** Jack_Iv has joined #openstack-containers10:47
*** trinaths has left #openstack-containers10:49
yatinkarelstrigazi, i tried with old image and hyperkube 1.5.2 and exec/log working. I will try again with latest image and hyperkube 1.5.310:55
*** Jack_Iv_ has joined #openstack-containers10:59
*** Jack_Iv_ has quit IRC10:59
*** Jack_Iv_ has joined #openstack-containers10:59
*** Jack_Iv has quit IRC11:02
*** manikanta_tadi has joined #openstack-containers11:10
*** askb has quit IRC11:15
yasemin_yatinkarel : i try it, but again error the same; Error: Failed to perform requested operation on instance "demo", the instance has an error status: Please try again later [Error: Host 'devstack-magnum-compute-4' is not mapped to any cell].11:18
*** dave-mccowan has joined #openstack-containers11:21
*** fungusakafungus has joined #openstack-containers11:21
*** vijaykc4 has joined #openstack-containers11:28
*** chhavi has joined #openstack-containers11:29
yatinkarelyasemin_, nova and devstack guys can help you out in this. Can you check with them11:31
yatinkarelyasemin_, i am not getting why n-cells is enabled in your environment with the configuration shared by you11:34
yatinkarelyasemin_, nova service-list can tell where your nova services lie11:34
*** mdnadeem has quit IRC11:36
openstackgerritOpenStack Proposal Bot proposed openstack/magnum master: Updated from global requirements  https://review.openstack.org/45102111:39
yatinkarelstrigazi, i tried again with latest image and hyperkube 1.5.3, this time also same error11:41
strigaziyatinkarel which pod exactly?11:43
yatinkarelkubectl log kube-proxy-k8-aj4iynqn7s-0-lw5df6tikldo-kube-minion-dmoxgl53kbxw --namespace kube-system11:44
strigaziyatinkarel so the minion kube-proxy11:44
strigaziyatinkarel this is what I see http://paste.openstack.org/show/605388/11:46
strigaziyatinkarel serivces are accessible in my cluster, from inside and with kube proxy and with nodeport11:49
*** mdnadeem has joined #openstack-containers11:51
*** Jack_Iv_ has quit IRC11:54
*** EricGonczer_ has joined #openstack-containers11:54
*** Jack_Iv has joined #openstack-containers11:54
*** dsariel has joined #openstack-containers12:04
*** vijaykc4 has quit IRC12:05
*** catintheroof has joined #openstack-containers12:05
*** vijaykc4 has joined #openstack-containers12:07
*** amoralej is now known as amoralej|lunch12:08
*** foutatoro has joined #openstack-containers12:09
openstackgerritColleen Murphy proposed openstack/magnum master: Fix database grant instructions in install guide  https://review.openstack.org/45314912:11
openstackgerritKevin Lefevre proposed openstack/magnum master: Fix CoreOS cluster creation and heat notify  https://review.openstack.org/44593412:12
*** zz_dimtruck is now known as dimtruck12:16
foutatorohi all, I've installed magnum in Prod environment using openstack-ansible but I always get this error "Failed to create certificates for Cluster" when trying to create a cluster12:18
foutatorodoes someone know what could cause this error ?12:19
ArchiFleKsfoutatoro: is your external API network on another network as the internal one ?12:20
ArchiFleKsfoutatoro: which branch ?12:20
foutatoroArchiFleKs: I'm using stable/newton12:22
ArchiFleKsfoutatoro: Magnum is sending the KEYSTONE_URL to the internal one, I think it is also the case for MAGNUM_URL, if you're instanecs cannot access the cluster internal URL, which is necessary to generate the certs it does not work12:22
foutatoroArchiFleKs: the external net is the one attached to linux bridge br-vlan12:23
ArchiFleKsfoutatoro: yes by default, can your instances reach keystone and magnum API via internal URL endpoints ?12:24
ArchiFleKsif you are on fedora you can try try running the make-cert script in /var/lib/cloud/instance/ if think it is part-004 or part-005 with a bash -x part-00X and see a more detail error12:25
*** mdnadeem has quit IRC12:27
foutatoroArchiFleKs: yes my instances can reach internal URL endpoints. openstack-ansible uses default self signed cert. does magnum use that ?12:28
foutatoroI'm using ubuntu 16.0412:29
*** ramishra has joined #openstack-containers12:29
*** jchhatbar has quit IRC12:30
*** EricGonczer_ has quit IRC12:32
*** EricGonczer_ has joined #openstack-containers12:32
ArchiFleKsfoutatoro: the curl command inside the scripts should be insecured but I do not know if thats the case in newton i'll check, can you run the script ?12:33
foutatoroArchiFleKs: whichscript ?12:34
openstackgerritColleen Murphy proposed openstack/magnum master: Install client in install guide instructions  https://review.openstack.org/45315312:35
*** EricGonc_ has joined #openstack-containers12:36
*** aparnav has quit IRC12:36
ArchiFleKsfoutatoro: https://github.com/openstack/magnum/blob/stable/newton/magnum/drivers/common/templates/kubernetes/fragments/make-cert.sh I think in newton the curl are not insecure, one think you can do as a workaround is buil a custom fedora image with youe openstack-ansible custom CA inside for now :/ that what I did at first, now in master every request is insecure I think. If you're willinkg to12:36
ArchiFleKsmake loca patch you can use magnum_developer_mode with OSA12:36
*** EricGonczer_ has quit IRC12:37
*** dimtruck is now known as zz_dimtruck12:40
*** Jack_Iv has quit IRC12:43
*** Jack_Iv has joined #openstack-containers12:43
foutatoroArchiFleKs: I don't understand what's this script is supposed to do. how to set magnum_developer_mode with OSA ?12:44
*** mdnadeem has joined #openstack-containers12:45
*** janki has joined #openstack-containers12:45
*** Jack_Iv has quit IRC12:51
*** jwcroppe_ has quit IRC12:52
*** Jack_Iv has joined #openstack-containers12:52
*** Jack_Iv has quit IRC12:53
*** Jack_Iv has joined #openstack-containers12:53
*** vijaykc4 has quit IRC13:02
*** Jack_Iv has quit IRC13:02
*** jchhatbar has joined #openstack-containers13:05
*** belmoreira has joined #openstack-containers13:07
*** janki has quit IRC13:07
ArchiFleKsfoutatoro: the script is talking to keystone to get a token and then to magnum to generate the TLS requiered for Kubernetes and ETCD13:08
*** Jack_Iv has joined #openstack-containers13:11
*** zul has quit IRC13:12
yatinkarelstrigazi, this is what i get with latest image and your patch: http://paste.openstack.org/show/605401/13:12
*** jwcroppe has joined #openstack-containers13:12
*** Jack_Iv has quit IRC13:12
strigaziyatinkarel You are in devstack? It look in 8.8.8.8 for the host. I'm surpirsed that it works with the old image13:14
*** amoralej|lunch is now known as amoralej13:14
yatinkarelstrigazi, yes it works13:14
strigaziyatinkarel Try do delete that proxy13:14
strigazikubelet will recreate is13:15
strigazikubelet will recreate it13:15
*** Jack_Iv has joined #openstack-containers13:15
yatinkarelearlier i used to get the same error, but after vijendra's patch https://review.openstack.org/#/c/439906/ it got resolved13:16
yatinkarelOk will try deleting13:16
yatinkarelI deleted and it got recreated13:17
yatinkarelstrigazi, still same dns error when i run kubectl logs13:18
yatinkarelfoutatoro, did you got any nova instance after running cluster-create?13:18
foutatoroyatinkarel: no I didn't get instancew13:19
yatinkarelArchiFleKs, ^^13:20
yatinkarelfoutatoro, what's the exact error you saw13:20
foutatoroI get "Failed to create certificates for Cluster" after running cluster-create13:22
yatinkarelany logs from magnum-conductor?13:23
yatinkareland in barbican?13:23
*** Drago2 has quit IRC13:24
foutatoroyatinkarel: here are logs http://paste.openstack.org/show/605404/13:28
ArchiFleKsfoutatoro: oh ok for the instances, that make sens ^^13:29
yatinkarelAuthorizationFailure: unexpected keystone client error occurred: internalURL endpoint for key-manager service not found13:30
yatinkarelfoutatoro,  output of, openstack catalog list13:31
foutatoroI don't know why magnum use certs to run clusters ?13:31
foutatoroyatinkarel: http://paste.openstack.org/show/605405/13:32
*** zul has joined #openstack-containers13:32
*** jchhatbar has quit IRC13:32
*** jmlowe has quit IRC13:32
yatinkarelfoutatoro, you don't have endpoint for barbican service13:34
yatinkarelthat's why it failed13:34
foutatoroyatinkarel: Is barbican  to run cluster ?13:34
yatinkarelfor storing certs13:35
ArchiFleKsfoutatoro: redploy magnum using x509keypair, you can do it with user_variables in osa, magnum_cert_manager_type: x509keypair13:35
yatinkarelfor now you can try without barbican13:35
yatinkarelArchiFleKs, is correct try this13:35
yatinkareli think it's not required to redeploy, try updating magnum.conf and restarting magnum-api and magnum-conductor13:36
ArchiFleKsfoutatoro: it is fix in ocata but not in newton https://review.openstack.org/#/c/408627/13:36
foutatoroyatinkarel ArchiFleKs: Ok thanks I will redeploy magnum. So cloud you explain why magnum required certs to run cluster ?13:37
ArchiFleKsfoutatoro: just redeploy magnum or if you are in AIO you can fix it inside magnum container13:37
foutatoroArchiFleKs: yes I'm in AIO now13:38
ArchiFleKsfoutatoro: yatinkarel correct me if i'm wrong, magnum is managing a custom CA per cluster to enable TLS inside your cluster (for kubernetes API and ETCD), so your master and worker get a token from keystone, then ask magnum to sign some CSR with the cluster CA13:38
yatinkarelfoutatoro, may be this answers https://docs.openstack.org/developer/magnum/dev/quickstart.html#using-a-kubernetes-cluster13:38
ArchiFleKsyatinkarel, strigazi : sorry for the delay I finally did the changes to fix CoreOS https://review.openstack.org/#/c/445934/13:41
yatinkarelArchiFleKs, certs description looks correct.13:44
*** dsariel has quit IRC13:45
yatinkarelstrigazi, can confirm more on this13:45
yatinkarelstrigazi, do cluster ca created for tls-disabled cluster as well13:45
*** jmckind has joined #openstack-containers13:46
*** kevinz has quit IRC13:50
yatinkarelstrigazi, do you know for what ca is created in tls-disabled cluster13:51
openstackgerritJason Dunsmore proposed openstack/python-magnumclient master: Make --cluster option required for ca-rotate  https://review.openstack.org/45194213:54
strigaziyatinkarel AFAIK it doesn't13:54
*** jwcroppe has quit IRC14:00
*** jwcroppe has joined #openstack-containers14:02
*** janki has joined #openstack-containers14:03
*** jasond has joined #openstack-containers14:04
*** jmlowe has joined #openstack-containers14:05
*** mdnadeem has quit IRC14:07
yatinkarelstrigazi, what does following command do, magnum ca-show --cluster <tls-disabled-cluster>14:08
foutatoroyatinkarel ArchiFleKs: I still get the same error after redeploying magnum with magnum_cert_manager_type: x509keypair14:12
foutatorohttp://paste.openstack.org/show/605411/14:12
yatinkarelfoutatoro, your magnum.conf?14:17
foutatoroyatinkarel: http://paste.openstack.org/show/605412/14:18
yatinkarelfoutatoro, [certificates] section is missing, there must be some bug in your deployment method14:21
*** jmlowe has quit IRC14:21
*** jmlowe has joined #openstack-containers14:21
yatinkarel[certificates]14:21
yatinkarelcert_manager_type = barbican14:21
yatinkarelbarbican --> local14:21
foutatoroyatinkarel: barbian is not running in my env14:22
foutatoroit should be : cert_manager_type =local ?14:22
yatinkarelyes14:22
yatinkarelpost this restart magnum-api and magnum-conductor14:22
foutatorook thanks. But is there a guide explaining how to deploy magnum with openstack-ansible ?14:23
*** janki has quit IRC14:23
yatinkarelNo idea, ArchiFleKs do you know ^^14:24
*** dsariel has joined #openstack-containers14:24
*** janki has joined #openstack-containers14:29
ArchiFleKsfoutatoro: I'm not sure there is full guide, but you have the role https://docs.openstack.org/developer/openstack-ansible-os_magnum/14:31
ArchiFleKsand you also can get some example in the openstack ansible repo, in the case of your AIO you can check inside /etc/openstack_deploy/conf.d there is also example for each service in the openstack ansible-ansible repo in ./etc/conf.d i think14:32
ArchiFleKsfoutatoro: https://github.com/openstack/openstack-ansible/tree/master/etc/openstack_deploy/conf.d14:33
*** ssbarnea has quit IRC14:34
ArchiFleKsfoutatoro: prefer x509keypair, local is working but only in AIO because you have only one magnum container14:34
*** EricGonc_ has quit IRC14:34
*** chhavi has quit IRC14:34
ArchiFleKsfoutatoro: is there a particular for you to deploy neutron and not ocata ? there were lot of fixes between openstack-ansible_os-magnum and magnum on ocata14:35
foutatoroArchiFleKs yatinkarel: cluster creation fails after setting cert_manager_type = local but the logs are differents. It seems thats magnum can not store certs http://paste.openstack.org/show/605415/14:35
ArchiFleKss/neutron/newton14:35
*** EricGonczer_ has joined #openstack-containers14:36
ArchiFleKsfoutatoro: maybe try to create the directory inside the magnum container, or add magnum_cert_manager_type: x509keypair inside /etc/openstack_deploy/user_variables.yml and then run openstack-ansible os-magnum.yml14:36
*** zz_dimtruck is now known as dimtruck14:37
*** fungusakafungus has left #openstack-containers14:37
*** hongbin has joined #openstack-containers14:37
foutatoroArchiFleKs yatinkarel: Thanks guys. I will upgrade to ocata14:38
foutatoroto avoid certs issues14:38
*** jmlowe has quit IRC14:44
*** jmlowe has joined #openstack-containers14:44
*** janki has quit IRC14:48
*** jmlowe has quit IRC14:51
*** jmlowe has joined #openstack-containers14:52
*** janki has joined #openstack-containers14:52
ArchiFleKsyatinkarel: strigazi : we are not testing multi master in jenkins ? I've run some test and report this bug I was telling you about laste week https://bugs.launchpad.net/magnum/+bug/167972414:53
openstackLaunchpad bug 1679724 in Magnum "multi master cluster creation fails with ETCD LB" [Undecided,New]14:53
ArchiFleKsabout etcd LB being hardcoded to HTTP14:53
strigaziArchiFleKs no14:53
strigaziArchiFleKs we didn't have resources14:53
strigaziArchiFleKs no with multinode jobs we might be able to test but it's still difficult14:54
ArchiFleKsOk so I'm not 100% percent sure but I think that multi master with LB with TLS enable and ETCD LB with HTTP might have never work, do you know if it ever has ?14:54
strigaziArchiFleKs I haven't tested etcd with lb and tls14:56
yatinkarelArchiFleKs, i am also not sure about this14:56
strigaziArchiFleKs, yatinkarel we maybe able to remove etcd lb14:56
strigaziArchiFleKs, yatinkarel in recent etcd versions you can specify all etcd endpoints14:57
strigaziArchiFleKs, yatinkarel no need for lb14:57
ArchiFleKsI have just tested with fedora14:57
yatinkarelstrigazi, if it works we can14:57
ArchiFleKsstrigazi: yes but you have to deal with master update non ?14:57
yatinkarelstrigazi, we need to specify in kube, swarm config14:58
strigaziArchiFleKs we don't scale the masters at the moment. In that case maybe it's a problem14:58
ArchiFleKsI think we can keep lb for ETCD, like the LB for the kubernetes API (https://review.openstack.org/#/c/450841/)14:58
ArchiFleKsWe have to find a way to add the VIP to the certificates, but that should be an issue because when we generate certs on master node we already now the etcd lb ip right ?14:59
strigaziArchiFleKs etcd lb works in coreos?14:59
ArchiFleKsstrigazi: nope it is hardcoded in HTTP in every template14:59
strigaziArchiFleKs I mean with your pathc15:00
strigaziArchiFleKs I mean with your patch15:00
strigaziArchiFleKs we know the etcd lb ip15:00
ArchiFleKsTLS is working yes but the certs is not valid because we do not add the IP of the etcd lb vip in the make-cert scripts15:00
yatinkarelArchiFleKs, VIP must be added with current code15:00
ArchiFleKsyes i'll try that15:00
strigaziArchiFleKs ok15:01
strigaziArchiFleKs you can add it :)15:01
ArchiFleKsi'm not sure it passed as heat param for the master, just for the minions15:01
yatinkarelArchiFleKs, Yes it might be. Ok go on with the fix15:01
ArchiFleKsoh and another thing i'll file a bug to but since grafan has been merged it also breaks Coreos because we share the K8s_template_def.py between drivers and the label are only available in fedora but not for Coreos so cluster creation is failing, maybe we can move label specific to drivers inside fedora-template-def.py ?15:05
*** jwcroppe has quit IRC15:05
ArchiFleKsstrigazi: yatinkarel http://paste.openstack.org/show/605422/15:06
*** Oku_OS is now known as Oku_OS-away15:06
strigaziArchiFleKs I prefer to put the paremetes in coreos and default to ""15:06
ArchiFleKsstrigazi: ok :)15:07
*** jwcroppe has joined #openstack-containers15:07
*** flwang has quit IRC15:07
yatinkarelArchiFleKs, i can't find change id: Ibcb694eddc20a9344f2d951d6664b32adad3c3d5, for what was it?15:10
yatinkarelArchiFleKs, Got it.15:11
*** Guest52040 has joined #openstack-containers15:12
yatinkarelArchiFleKs, it's the same thing we discussed on: https://review.openstack.org/#/c/426291/15:16
ArchiFleKsyatinkarel: oh yes I did catch up with everything :)15:18
ArchiFleKsnot15:18
*** jmlowe has quit IRC15:19
*** jmlowe has joined #openstack-containers15:19
*** hishh has quit IRC15:20
*** flwang has joined #openstack-containers15:20
*** jmlowe has quit IRC15:22
*** Jack_Iv_ has joined #openstack-containers15:22
*** jmlowe has joined #openstack-containers15:22
*** Jack_Iv__ has joined #openstack-containers15:22
*** Jack_Iv__ has quit IRC15:24
*** belmoreira has quit IRC15:24
*** Jack_Iv has quit IRC15:24
*** Jack_Iv has joined #openstack-containers15:24
*** Jack_Iv_ has quit IRC15:25
*** Jack_Iv has quit IRC15:25
*** Jack_Iv has joined #openstack-containers15:25
*** jmlowe has quit IRC15:31
*** jmlowe has joined #openstack-containers15:32
*** foutatoro has quit IRC15:33
*** ssbarnea has joined #openstack-containers15:38
ArchiFleKsstrigazi: I have heat dependencies issue when trying https://github.com/ArchiFleKs/magnum/commit/1c5d47b4e16e30caf478ebbdddd56940107c704c http://paste.openstack.org/show/605427/ I think because de lb_switch need the master created and I need to path the lb private ip to master15:38
*** Jack_Iv has quit IRC15:48
*** jmlowe has quit IRC15:51
*** EricGonczer_ has quit IRC15:53
*** juggler has joined #openstack-containers15:54
*** tonanhngo has joined #openstack-containers15:54
*** tonanhngo has quit IRC15:54
*** tonanhngo has joined #openstack-containers15:56
*** hieulq_ has joined #openstack-containers15:56
*** aparnav has joined #openstack-containers15:57
*** vijaykc4 has joined #openstack-containers15:58
openstackgerritSpyros Trigazis proposed openstack/magnum master: [WIP] Add cluster_attributes table and migrate data  https://review.openstack.org/39501215:58
*** hieulq__ has joined #openstack-containers15:58
*** EricGonczer_ has joined #openstack-containers15:59
*** aparna has joined #openstack-containers16:00
*** pcaruana has quit IRC16:01
*** aparnav has quit IRC16:02
*** hieulq_ has quit IRC16:02
*** aparna has quit IRC16:03
*** swatson has joined #openstack-containers16:03
swatson#openstack-meeting-alt16:03
swatson...I forgot /join, my bad16:03
*** ArchiFleKs has quit IRC16:04
*** EricGonc_ has joined #openstack-containers16:06
*** ArchiFleKs has joined #openstack-containers16:06
*** EricGonczer_ has quit IRC16:06
*** Jack_Iv has joined #openstack-containers16:09
*** EricGonczer_ has joined #openstack-containers16:11
*** EricGonc_ has quit IRC16:12
*** aparnav has joined #openstack-containers16:19
*** hieulq__ has quit IRC16:21
*** hieulq__ has joined #openstack-containers16:22
*** hieulq__ has quit IRC16:25
*** janki has quit IRC16:26
*** Jack_Iv has quit IRC16:27
strigaziWe can update update master and ocata first. We can see for newton. yatinkarel Push a patch if you want. I'll do it as soon as I can16:31
yatinkarelstrigazi, In newton do we need :Z16:33
strigaziwith f25 yes16:33
yatinkarelhttps://review.openstack.org/#/c/452763/16:33
strigaziswarm can work with f25 without any chnages onlt :Z16:33
strigaziswarm can work with f25 without any chnages only :Z16:33
strigazihence https://review.openstack.org/#/c/452763/16:34
yatinkarelhave you tried this change in newton with fedora 25?16:35
strigaziyatinkarel no, but the changes are almost none16:36
*** juggler has quit IRC16:36
yatinkarelstrigazi, i told you about 2 bugs earlier, i think they are required in newton for 25 to work16:37
*** chhavi has joined #openstack-containers16:38
strigaziyatinkarel About the disk space?16:38
yatinkarelno16:39
strigaziyatinkarel can you send them again?16:39
yatinkarelOk16:39
*** mtanino has joined #openstack-containers16:39
yatinkarelhttps://bugs.launchpad.net/magnum/+bug/165804916:40
openstackLaunchpad bug 1658049 in Magnum "swarm node error, swarm-agent.service: Failed at step EXEC spawning /usr/local/bin/notify-heat: Permission denied" [Undecided,Confirmed]16:40
yatinkarelhttps://bugs.launchpad.net/magnum/+bug/165801016:40
openstackLaunchpad bug 1658010 in Magnum "swarm-docker status dead" [Undecided,New]16:40
strigaziyatinkarel 165804916:40
strigaziyatinkarel 1658049 will be closed with the new image, without any change16:41
yatinkarelOk16:41
yatinkareland 165801016:42
strigaziI'll have to check if that fix is enough.16:42
yatinkarelOk16:42
strigaziSome chnages will be required. But only a few I believe16:43
yatinkarelhmm16:43
yatinkarelis the CVE fix isn't backported to fedora 23?16:43
yatinkarelwe can create it again and add it to fedorapeople16:43
*** Jack_Iv has joined #openstack-containers16:45
strigaziyatinkarel I am not sure what fixes are included in f23. I think they don't support f23 for long16:45
strigaziyatinkarel https://fedoraproject.org/wiki/End_of_life they don't support f23 any more16:46
yatinkarelOk then we should add support for latest fedora16:46
strigaziyeap16:47
strigaziWhat ever fix we need we must backport to not force users use an oudated OS16:47
yatinkarelOk16:48
strigaziyatinkarel I have to go, see you later or tomorrow16:48
yatinkarelMe too. Bye16:48
*** Jack_Iv has quit IRC16:50
*** aparnav has quit IRC16:51
*** jmckind_ has joined #openstack-containers17:03
*** jmckind has quit IRC17:05
*** Jack_Iv has joined #openstack-containers17:09
*** vijaykc4 has quit IRC17:14
*** Jack_Iv has quit IRC17:15
*** salmankhan has quit IRC17:16
*** amoralej is now known as amoralej|off17:20
*** vijaykc4 has joined #openstack-containers17:26
*** Guest52040 has quit IRC17:28
*** tonanhngo has quit IRC17:29
*** jvgrant_ has quit IRC17:35
*** jvgrant has joined #openstack-containers17:35
*** randallburt has joined #openstack-containers17:35
*** chhavi has quit IRC17:36
*** dsariel has quit IRC17:44
*** vijaykc4 has quit IRC18:03
*** vijaykc4 has joined #openstack-containers18:07
*** vijaykc4 has quit IRC18:13
*** Jain has joined #openstack-containers18:22
*** Jain is now known as Guest1655318:22
*** Guest321 has quit IRC18:24
*** yatinkarel has quit IRC18:24
*** salmankhan has joined #openstack-containers18:27
*** salmankhan has quit IRC18:31
*** Jack_Iv has joined #openstack-containers18:34
*** Drago1 has joined #openstack-containers18:34
*** Jack_Iv_ has joined #openstack-containers18:35
*** Jack_Iv has quit IRC18:36
*** yatinkarel has joined #openstack-containers18:37
*** Jack_Iv has joined #openstack-containers18:37
*** Jack_Iv_ has quit IRC18:37
*** Jack_Iv_ has joined #openstack-containers18:38
*** Jack_Iv has quit IRC18:40
*** jwcroppe has quit IRC18:47
*** jwcroppe has joined #openstack-containers18:48
*** salmankhan has joined #openstack-containers18:49
*** Jack_Iv has joined #openstack-containers18:50
*** Jack_Iv_ has quit IRC18:51
*** jwcroppe has quit IRC18:52
*** salmankhan has quit IRC19:05
*** Jack_Iv_ has joined #openstack-containers19:05
*** dimtruck is now known as zz_dimtruck19:05
*** Jack_Iv__ has joined #openstack-containers19:08
*** Jack_Iv has quit IRC19:09
*** Jack_Iv_ has quit IRC19:11
*** salmankhan has joined #openstack-containers19:13
*** EricGonczer_ has quit IRC19:13
*** harlowja has joined #openstack-containers19:24
*** Jack_Iv__ has quit IRC19:28
*** Jack_Iv has joined #openstack-containers19:28
openstackgerritOpenStack Proposal Bot proposed openstack/magnum stable/newton: Updated from global requirements  https://review.openstack.org/45331019:30
*** Jack_Iv has quit IRC19:32
*** Jack_Iv has joined #openstack-containers19:35
*** Jack_Iv has quit IRC19:36
*** kbyrne has quit IRC19:46
*** kbyrne has joined #openstack-containers19:50
*** dave-mccowan has quit IRC20:03
*** jmckind_ has quit IRC20:52
*** zz_dimtruck is now known as dimtruck20:53
*** rcernin has quit IRC20:55
*** jmlowe has joined #openstack-containers21:01
*** salmankhan has quit IRC21:02
*** salmankhan has joined #openstack-containers21:08
*** dave-mccowan has joined #openstack-containers21:15
*** Serlex has quit IRC21:19
*** randallburt has quit IRC21:24
*** askb has joined #openstack-containers21:30
*** salmankhan has quit IRC21:35
*** dimtruck is now known as zz_dimtruck21:41
*** Drago1 has quit IRC21:43
*** Drago1 has joined #openstack-containers21:44
*** foutatoro has joined #openstack-containers21:46
*** Drago1 has quit IRC21:48
*** jmlowe has quit IRC21:48
*** jmlowe has joined #openstack-containers21:50
*** jasond has quit IRC22:06
*** zz_dimtruck is now known as dimtruck22:08
*** ssbarnea has quit IRC22:49
*** catintheroof has quit IRC22:57
*** foutatoro has quit IRC23:00
*** dimtruck is now known as zz_dimtruck23:35
*** mtanino has quit IRC23:39
*** zz_dimtruck is now known as dimtruck23:46
*** yuanying_ has quit IRC23:53
« Monday, 2017-04-03 Index Wednesday, 2017-04-05 »

Generated by irclog2html.py 2.14.0 by Marius Gedminas - find it at mg.pov.lt!