Friday, 2018-12-07

« Thursday, 2018-12-06 Index Saturday, 2018-12-08 »
*** shrasool has quit IRC00:16
*** hongbin has quit IRC00:16
*** shrasool has joined #openstack-containers00:16
*** shrasool has quit IRC01:17
*** dave-mccowan has quit IRC02:00
*** hongbin has joined #openstack-containers02:41
*** ramishra has joined #openstack-containers03:50
*** ykarel|away has joined #openstack-containers03:52
*** lbragstad has quit IRC04:23
*** ykarel|away has quit IRC04:46
*** janki has joined #openstack-containers04:46
*** ykarel|away has joined #openstack-containers05:04
*** hongbin has quit IRC06:32
*** rcernin has quit IRC07:01
*** belmoreira has quit IRC07:21
*** belmoreira has joined #openstack-containers07:24
*** ykarel|away is now known as ykarel07:35
*** dims has quit IRC07:44
*** dims has joined #openstack-containers07:47
*** ykarel is now known as ykarel|lunch08:02
*** ppetit has joined #openstack-containers08:04
*** ppetit has quit IRC08:06
*** ppetit has joined #openstack-containers08:06
*** ppetit has quit IRC08:44
*** ykarel|lunch is now known as ykarel09:00
*** ttsiouts has joined #openstack-containers10:16
*** salmankhan has joined #openstack-containers10:21
*** ttsiouts has quit IRC10:31
*** ttsiouts has joined #openstack-containers10:31
*** salmankhan1 has joined #openstack-containers10:38
*** PagliaccisCloud has quit IRC10:38
*** salmankhan has quit IRC10:38
*** salmankhan1 is now known as salmankhan10:38
*** danil has quit IRC11:10
*** PagliaccisCloud has joined #openstack-containers11:21
*** shrasool has joined #openstack-containers11:26
mkufis there a way to deploy a specific CA-Certificate on the kubernetes master/nodes with magnum? I'm using a geotrust certificate for all my api endpoints but cloudprovider doesn't seem to know that CA when kube-apiserver is starting. http://paste.openstack.org/show/736812/11:46
*** shrasool has quit IRC12:03
*** shrasool has joined #openstack-containers12:07
*** shrasool has quit IRC12:16
*** ricolin_ has quit IRC12:22
*** shrasool has joined #openstack-containers12:42
*** shrasool has quit IRC12:45
*** janki has quit IRC13:24
*** ttsiouts has quit IRC14:01
*** ttsiouts has joined #openstack-containers14:01
*** dave-mccowan has joined #openstack-containers14:05
*** ttsiouts has quit IRC14:06
*** lbragstad has joined #openstack-containers14:06
*** dave-mccowan has quit IRC14:10
*** ttsiouts has joined #openstack-containers14:12
*** ttsiouts has quit IRC14:18
*** lbragstad has quit IRC14:25
*** lbragstad has joined #openstack-containers14:29
*** hongbin has joined #openstack-containers14:44
*** shrasool has joined #openstack-containers14:54
*** mordred has joined #openstack-containers15:03
brtknrstrigazi: im trying to assign neutron lbaas vip to k8s service, do the two work seamlessly or does it require any extra config?15:05
brtknrthe last instructions on the docs is from ocata15:05
*** ramishra has quit IRC15:06
*** ykarel is now known as ykarel|away15:11
*** ttsiouts has joined #openstack-containers15:12
*** ykarel|away has quit IRC15:18
brtknrstrigazi: this link seems to imply that i need to create a cloud.conf somewhere but the location is unclear https://kubernetes.io/docs/concepts/cluster-administration/cloud-providers/#openstack15:24
*** ykarel|away has joined #openstack-containers15:33
brtknrthese docs only have instructuctions for lbaas v1: https://docs.openstack.org/magnum/queens/user/index.html#kubernetes-external-load-balancer15:36
*** shrasool has quit IRC15:37
strigazibrtknr: you shouldn't need anything extra15:38
brtknrstrigazi: does it need to be enabled?15:39
strigazibrtknr: I'm testing this in master and it works for me15:39
brtknrstrigazi: does it need to be enabled in some way?15:39
brtknrim using neutron lbaas v2, not octavia15:39
strigaziOh, try with v1.11.5-1 or v1.11.2-115:39
brtknrstrigazi: oh, im using v1.11.215:40
brtknrwhats changed between v1.11.2 and 1.11.2-115:41
strigazibrtknr: yeap the -1 was to fix this issue in particular15:41
brtknrso until now, neutron lbaas-v2 was not supported?15:42
strigazibrtknr: was disabled15:42
brtknrah fair enough15:42
strigazibrtknr: use 1.11.5, for the recent k8s CVE15:43
strigazibrtknr: use v1.11.5-1, for the recent k8s CVE15:43
strigaziskopeo inspect docker://docker.io/openstackmagnum/kubernetes-apiserver:v1.11.5-1 to see all tags15:44
*** shrasool has joined #openstack-containers15:49
*** shrasool has quit IRC15:52
*** shrasool has joined #openstack-containers15:59
*** janki has joined #openstack-containers16:00
*** shrasool has quit IRC16:05
*** ttsiouts has quit IRC16:06
brtknrstrigazi: cool! I'm doing the upgrade now, will let you know if it works16:07
brtknrstrigazi: I still see external-IP pending16:10
brtknr(venv-openstack) ➜  pangeo git:(master) ✗ kubectl describe svc/proxy-public16:10
brtknrName:                     proxy-public16:10
brtknrNamespace:                pangeo16:10
brtknrLabels:                   app=jupyterhub16:10
brtknr                          chart=jupyterhub-0.7.016:10
brtknr                          component=proxy-public16:10
brtknr                          heritage=Tiller16:10
brtknr                          release=pangeo16:11
brtknrAnnotations:              <none>16:11
brtknrSelector:                 component=proxy,release=pangeo16:11
brtknrType:                     LoadBalancer16:11
brtknrIP:                       10.254.34.24916:11
brtknrIP:                       10.60.253.2216:11
brtknrPort:                     http  80/TCP16:11
brtknrTargetPort:               8000/TCP16:11
brtknrNodePort:                 http  31277/TCP16:11
brtknrEndpoints:                172.17.0.6:800016:11
brtknrSession Affinity:         None16:11
brtknrExternal Traffic Policy:  Cluster16:11
brtknrEvents:                   <none>16:11
brtknrsorry, automatically copy pasted, my apologies16:11
*** ttsiouts has joined #openstack-containers16:13
brtknr(neutron) lbaas-loadbalancer-list16:14
brtknr+--------------------------------------+--------+----------------------------------+--------------+---------------------+----------+16:14
brtknr| id                                   | name   | tenant_id                        | vip_address  | provisioning_status | provider |16:14
brtknr+--------------------------------------+--------+----------------------------------+--------------+---------------------+----------+16:14
brtknr| 2b444d19-1d1a-4795-8de3-95b876ffb9ae | k8s-lb | 5638e8577bc84379baba4bfb66177086 | 10.60.253.22 | ACTIVE              | haproxy  |16:14
brtknrthats what my loadbalancer looks like16:14
brtknri must be doing something incorrectly16:14
strigaziso, it hasn't created a new one?16:15
brtknrdont think so16:15
strigazicheck the controller manager logs16:15
brtknrevent.go:221] Event(v1.ObjectReference{Kind:"Service", Namespace:"pangeo", Name:"proxy-public", UID:"4858e8a3-f894-11e8-83a7-246e9648913c", APIVersion:"v1", ResourceVersion:"4142481", FieldPath:""}): type: 'Normal' reason: 'LoadbalancerIP' 10.60.253.151 -> 10.60.253.2216:17
brtknrthis is theonly reference to the ip address16:17
brtknrin the controller manager log16:17
*** ttsiouts has quit IRC16:18
brtknrhere's what the service config looks like: http://paste.openstack.org/show/736830/16:20
brtknram I right in assigning the vip ip address (10.60.253.22) as loadBalancerIP ?16:21
brtknrstrigazi: ^16:21
strigaziyou want to select the IP?16:25
brtknrI dont mind what IP is assigned16:26
brtknrbut I'd like to be on the same subnet as the host node16:27
strigazijust setting the type LoadBalancer is enough16:27
strigazihttps://github.com/openstack/magnum/blob/master/magnum/drivers/common/templates/kubernetes/fragments/write-kube-os-config.sh#L2016:27
brtknrproxy-public   LoadBalancer   10.254.34.249    <pending>     80:31277/TCP   2d16:28
brtknrstill pending16:29
strigaziall components are using v1.11.5-1?16:29
strigazikubelet, api, cm?16:30
strigazitry to delete the service and create again a k8s svc monitoring the k8s cm16:30
brtknrNothing showed up on k8s cm logs related to LoadBalancer16:35
strigazianything related to openstack?16:36
brtknrusing all the right images: >  docker.io/openstackmagnum/kubernetes-controller-manager   v1.11.5-1   cd7a72d6a5ad   2018-12-07 16:07   32.35 MB       ostree16:37
brtknr>  docker.io/openstackmagnum/kubernetes-scheduler            v1.11.5-1   2597333f0774   2018-12-07 16:08   14.59 MB       ostree16:37
brtknr>  docker.io/openstackmagnum/kubernetes-proxy                v1.11.5-1   2b65ca736aa8   2018-12-07 16:07   32.01 MB       ostree16:37
brtknr>  docker.io/openstackmagnum/kubernetes-apiserver            v1.11.5-1   c9ab73c65d29   2018-12-07 16:07   63.13 MB       ostree16:37
strigazilooks correct16:39
strigazips aux | grep apiserver | grep openstacl16:40
strigazips aux | grep apiserver | grep openstacl16:40
strigazips aux | grep apiserver | grep openstack16:40
brtknrwhich apiserver? kube-apiserver?16:42
strigaziyes, inthe master ndoe16:43
strigaziyes, in the master node16:43
brtknrdo you mean ps aux?16:44
*** shrasool has joined #openstack-containers16:44
strigaziyes16:44
brtknrno nothing there16:45
brtknrsounds like im missing some config16:45
strigaziin /etc/kubernetes/controller-manager ?16:46
brtknrnope empty16:46
brtknroh wait16:46
strigaziyou miss smth then16:46
brtknrKUBE_CONTROLLER_MANAGER_ARGS="--leader-elect=true  --service-account-private-key-file=/etc/kubernetes/certs/server.key --root-ca-file=/etc/kubernetes/certs/ca.crt"16:47
brtknrI'm using queens16:47
strigazi/etc/magnum/magnum.conf16:47
strigazi[trust]16:47
strigazicluster_user_trust = True16:47
strigaziis it set?16:47
brtknrin master node?16:48
strigaziin the all ckuster nodes: cat /etc/sysconfig/heat-params | grep TRUST_ID16:48
brtknrne sec16:48
brtknroh you mean magnum config16:49
brtknrTRUST_ID=""16:49
strigazithis is the issue16:49
*** shrasool has quit IRC16:49
brtknrthanks! I will set this to true  and retry16:50
*** shrasool has joined #openstack-containers17:10
*** dims has quit IRC17:21
*** janki has quit IRC17:33
*** salmankhan has quit IRC17:36
*** ykarel|away has quit IRC18:17
*** udesale has joined #openstack-containers18:26
*** udesale has quit IRC18:27
openstackgerritSpyros Trigazis proposed openstack/magnum master: Updating cloud-controller arguments for external providers  https://review.openstack.org/57747718:38
*** shrasool has quit IRC18:46
*** dims has joined #openstack-containers18:50
*** shrasool has joined #openstack-containers19:20
*** shrasool has quit IRC19:22
openstackgerritMohammed Naser proposed openstack/magnum master: kubernetes: add retry logic for atomic installs  https://review.openstack.org/62356719:25
openstackgerritMohammed Naser proposed openstack/magnum master: kubernetes: add retry logic for atomic installs  https://review.openstack.org/62356719:26
openstackgerritMohammed Naser proposed openstack/magnum master: functional: retrieve cluster to get stack_id  https://review.openstack.org/62357520:17
*** shrasool has joined #openstack-containers20:22
eanderssonAnyone going to KubeCon in Seattle?20:30
*** shrasool has quit IRC21:13
*** shrasool has joined #openstack-containers21:15
*** shrasool_ has joined #openstack-containers21:23
*** shrasool has quit IRC21:23
*** shrasool_ is now known as shrasool21:23
*** shrasool has quit IRC21:30
*** brtknr has quit IRC22:03
*** shrasool has joined #openstack-containers22:09
*** brtknr has joined #openstack-containers22:18
*** brtknr has quit IRC22:46
*** brtknr has joined #openstack-containers22:59
*** hongbin has quit IRC23:01
*** shrasool has quit IRC23:29
« Thursday, 2018-12-06 Index Saturday, 2018-12-08 »

Generated by irclog2html.py 2.15.3 by Marius Gedminas - find it at mg.pov.lt!