Monday, 2019-11-18

« Sunday, 2019-11-17 Index Tuesday, 2019-11-19 »
*** ivve has quit IRC00:33
*** trungnv has joined #openstack-containers01:42
*** trungnv has quit IRC01:49
*** goldyfruit_ has quit IRC01:53
*** ramishra has joined #openstack-containers02:39
*** ykarel has joined #openstack-containers03:15
*** udesale has joined #openstack-containers04:02
*** yolanda has quit IRC06:45
*** ykarel is now known as ykarel|afk06:46
*** ykarel|afk is now known as ykarel|lunch06:55
*** rcernin has quit IRC07:04
*** ivve has joined #openstack-containers08:46
*** ykarel|lunch is now known as ykarel09:06
*** yolanda has joined #openstack-containers09:22
*** pcaruana has joined #openstack-containers10:10
openstackgerritSpyros Trigazis proposed openstack/magnum master: Fix cert_manager_api with x509keypair  https://review.opendev.org/69473910:14
*** ykarel_ has joined #openstack-containers10:28
*** ykarel has quit IRC10:30
*** rcernin has joined #openstack-containers10:53
*** ykarel_ is now known as ykarel10:56
dioguerraCan someone add some love on this MR? https://review.opendev.org/#/c/691646/11:01
*** ramishra has quit IRC11:14
*** udesale has quit IRC11:17
*** ykarel is now known as ykarel|afk12:14
dioguerrabrtknr: flwang1: ^^12:23
brtknrdioguerra: Looks fine :) what does the adapter do?12:25
*** ramishra has joined #openstack-containers12:26
dioguerrabrtknr: the adapter makes use of the custom.metrics.k8s.io api to expose user custom metrics.12:30
*** rcernin has quit IRC12:31
dioguerraBy leveraging Prometheus, the user can use or add metrics based on custom definitions to scale pods using the kubernetes HPA12:31
dioguerraThis way i can use (number of http connections per pod) for example, to scale pods accordingly12:31
brtknrI'm wondering if these should be enabled by default if monitoring_enabled is true12:33
brtknrdioguerra: ^12:34
*** namrata has joined #openstack-containers12:34
dioguerrai also though on setting it to false... mainly because we 'kinda' decided that components would be opt-in.12:35
dioguerraI can change it since the tests broke in python27, don know why12:35
*** lpetrut has joined #openstack-containers12:42
namrataHi folks,we have deployed a kubernetes cluster with magnum on Rocky but we see kube-system   kube-dns-autoscaler-57bd7f54d5-4cg9r   0/1     ImagePullBackOff   0          4d20h  Warning  Failed                  15s (x2 over 35s)  kubelet, cluster-test-xdu3aeoxp2ov-minion-0  Failed to pull image12:42
namrata"docker.io/googlecontainer/cluster-proportional-autoscaler-amd64:1.7.1": rpc error: code = Unknown desc = repository docker.io/googlecontainer/cluster-proportional-autoscaler-amd64 not found: does not exist or no pull access  Warning  Failed                  15s (x2 over 35s)  kubeletIn our opinion the issue is the image location. and the related12:42
namratapatches https://review.opendev.org/#/c/652057/https://review.opendev.org/#/c/690053/ which are not for rocky12:42
namratacan anybody help me with the workaround for rocky12:42
namrataHi folks,we have deployed a kubernetes cluster with magnum on Rocky but we see http://paste.openstack.org/show/786266/In our opinion the issue is the image location. and the related patches https://review.opendev.org/#/c/652057/ https://review.opendev.org/#/c/690053/ which are not for rocky12:44
namratacan anybody help me with the workaround for rocky12:44
dioguerrabrtknr^^ change to false then?12:47
brtknri prefer true12:48
*** namrata has quit IRC12:49
dioguerranamrata: edit your deployment image with the  gcr.io/google_containers/cluster-proportional-autoscaler-amd64:1.7.1 and check if it works.12:52
dioguerraIf not you have a problem elsewhere. (maybe flannel). do not use podman.12:53
dioguerraIf you try and it works, patch locally or submit a mr to fix for rocky12:53
*** namrata has joined #openstack-containers13:09
*** sapd1 has quit IRC13:16
*** KeithMnemonic has joined #openstack-containers13:40
openstackgerritTheodoros Tsioutsias proposed openstack/magnum master: nodegroup list with --limit gives wrong next URL  https://review.opendev.org/69423013:50
*** ramishra has quit IRC13:59
*** ramishra has joined #openstack-containers14:13
*** namrata has quit IRC14:19
brtknrdioguerra: do you know if masters can be resized?14:23
brtknrstrigazi: ^14:32
*** goldyfruit has joined #openstack-containers14:40
*** goldyfruit_ has joined #openstack-containers14:51
*** goldyfruit has quit IRC14:53
*** udesale has joined #openstack-containers15:22
*** udesale has quit IRC16:06
*** jmlowe has joined #openstack-containers16:07
*** ykarel|afk is now known as ykarel16:08
*** namrata has joined #openstack-containers16:16
namratadioguerra now I dont see ImagePullBackOff issue now but i have all the pods in CrashLoopBackOff http://paste.openstack.org/show/786287/16:33
namratacan anybody help me with this I am running on openstack rocky16:34
*** namrata has quit IRC16:48
*** jmlowe has quit IRC17:04
brtknrnamrata17:08
*** namrata has joined #openstack-containers17:35
namratabrtknr hi17:36
brtknruse stein17:37
brtknrnamrata:17:37
namrataany workaround for rocky our regions are on release rocky17:38
namrataor we cant get it work on rocky17:38
namratais this known in rocky any changes which can be backported for rocky17:39
namratabrtknr17:39
brtknrnot sure, havent used rocky in a while17:39
brtknrmagnum stein will work with other openstack services running on rocky17:40
brtknrwhat version of fedora atomic are you using?17:40
brtknryou need stein to use fa2917:40
brtknrand fa27 is EOL, its no longer maintained17:41
namratacurrently using fedora atomic 2717:41
brtknrhmm then your setup should work, so not sure17:41
brtknrwhat output do you get when you describe the failing pods?17:42
namrataI see http://paste.openstack.org/show/786288/17:43
namratabrtknr it was earlier working in rocky in our regions started seeing the issue from last 3-4 days17:47
brtknrI though you said your dns autoscaleer was running?17:48
brtknrwhich version of k8s?17:49
namratano its not running it was only able to pull of the image successfully then it says same error like other pods Back-off restarting failed container17:51
namratabrtknr I have tried all the kube_tag versions v1.14.8,  v1.15.4 v1.15.5 and v1.16.3 and http://paste.openstack.org/show/786290/17:53
namratasorry v1.16.217:58
*** ykarel is now known as ykarel|away18:15
brtknrUse v1.14.618:19
brtknr1.14.6+ is not compatible with rocky18:19
*** ykarel|away has quit IRC18:20
brtknrnamrata18:32
namratabrtknr I am trying with lower versions but then it will be exposed to billion laughs vulerability18:33
namrataso cant use in production I guess18:33
*** gouthamr_ is now known as gouthamr18:51
*** namrata has quit IRC19:13
*** namrata has joined #openstack-containers19:18
namratabrtknr I tried versions below v1.14.6 and it runs sucessfully but after billion laughs vulnerability I ran v1.15.5 and v1.14.8 and they were running fine but what happened in the interim that now they are not supported19:33
brtknrnamrata: i dont know how you were running 1.14.8, none of us have been able to19:34
brtknryou need train to support 1.14.819:34
namrataI am sure as I was running my gitlab CI/CD pipeline in kubernetes cluster with versions v1.14.8 and v1.15.5 but it stopped working some days before19:36
namratabrtknr so what do you say about if rocky dosent support v1.14.6+ then its not ideal for production19:38
brtknrif you care about CVEs, no, its not idea for prod19:40
brtknrbut again, you can run magnum train in prod19:40
brtknrindependent of other openstack services...19:40
brtknrthe only issue is if you want to run fedora coreos, you need heat from train too19:41
namratabrtknr thanks for your help and time.19:47
*** jmlowe has joined #openstack-containers20:16
*** namrata has quit IRC20:22
*** dim79 has joined #openstack-containers20:56
*** mgariepy has quit IRC20:57
dim79hi all20:58
dim79I'm trying to get CSI and found, that 1.14 is not compatible with latest magnum etcd  (at least k8s matrix says this)20:58
dim79any plans to update the etd image?20:59
dim79*etcd20:59
dim79or any guide how to build it - I'll try to get 3.3.10 than21:00
*** goldyfruit_ has quit IRC21:02
flwangdim79: where's the magnum version you're using?21:09
dim79stein21:10
flwangit's tricky21:10
flwangfor stein, you have to use the etcd atomic system container21:10
flwangbut so far, i think we only have 3.2.721:11
dim79yep21:11
dim79any guide how to prepare a new one?21:11
flwangwait a sec, let me check21:11
flwangdim79: try this one21:15
flwanghttps://github.com/projectatomic/atomic-system-containers/tree/master/etcd21:15
*** goldyfruit has joined #openstack-containers21:17
dim79flwang - thank you very much, it looks like the same guide. do you know what version of etcd is used in fedora rawhide now?21:18
dim79and - if I would be on 'master' branch of magnum - what do you recommend to use - podman? what etcd image is used there?21:19
flwangwith podman, at least the 3.2.26 works, and i think you can use any etcd image from gcr, i didn't try higher version21:21
flwangdim79: is it a prod env?21:21
dim79not yet21:21
flwangok, i know it's tricky, but please blame k8s :) it's releasing so fast21:21
flwangwe can't make v1.15.4 and above works for fedora atomic with the atomic system container21:22
flwangthat's why we switch to podman21:22
flwangand another reason is the fedora coreos driver can be benefited from the new podman support21:22
flwangsince there is no atomic system container on fedora coreos21:23
flwangthat's the background, just FYI21:23
flwangdo you mean CSI need at least etcd 3.3.10?21:23
flwangmy team is going to work on CSI  soon, so i'm happy to support you to get your work done21:24
dim79I've build CSI out of cloud-provider-openstack, fixed manifests in a way they are defined in magnum - and stucked with attach/detach issue21:25
dim79so, volume is created but is not attached automatically21:25
dim79and that, investigating further, I've seen that I have k8s 1.13 running from my k8s v1.14.x images :(21:26
dim79this means some of CSI-related features are not enabled or working differently21:27
flwangdim79: for stein, i think you should be able to run v1.15.221:27
flwangi tested and it works21:27
dim79good to know21:27
flwangi can't see a strong depedency between etcd and csi21:27
flwangso i would suggest using v1.15.2 and test again21:28
dim79ok, than my deduction today is wrong - any other reason why kubectl reports 1.13, whilst k8s images are v1.14 ?21:29
dim79> v1.15.221:29
dim79I'll try21:29
dim79I've deducted that kubectl reports 1.13 due to k8s compatibility matrix - where etcd 3.3.10 is required for k8s 1.1421:31
dim79from k8s sources, cmd/kubeadm/app/constants/constants.go:21:32
dim79    // SupportedEtcdVersion lists officially supported etcd versions with corresponding Kubernetes releases21:32
dim79    SupportedEtcdVersion = map[uint8]string{21:32
dim79        12: "3.2.24",21:32
dim79        13: "3.2.24",21:32
dim79        14: "3.3.10",21:32
dim79    }21:32
dim79likely I'm mistaken, but I have no other idea21:34
flwangi don't really understand your current issue, sorry. what do you mean "kubectl reports 1.13 due to k8s compatibility matrix - where etcd 3.3.10 is required for k8s 1.14"?21:36
flwangyou have to use correct kubectl version with your k8s api version21:37
dim79flwang - the fact that nobody else except me have/had this issue - votes that the reason is in my images build procedure21:38
dim79so, now I have aanother idea, thank you :)21:38
brtknrflwang: the coredns patch also requires fa2921:39
flwangdim79: np21:40
flwangbrtknr: sorry, what do you mean?21:40
brtknrthis one: https://review.opendev.org/#/c/692834/521:40
brtknrbtw hello :)21:40
flwanghttps://review.opendev.org/#/c/693140/3 ?21:40
brtknryyep21:41
brtknrthanks!21:42
brtknrearlier you said stein supports 1.15.x21:42
brtknrto dim7921:42
brtknrbut for 1.15.x suppport, stein needs this backport https://review.opendev.org/#/c/694032/321:42
brtknrim happy to leave the other OCCM and multi-NIC patches off stein 8.2.021:43
brtknrim happy to drop the other OCCM and multi-NIC patches off stein 8.2.0 as only stackhpc requires it, and not an urgent issue for most users21:44
brtknrbut we may need to consider supporting podman in stein21:45
brtknrin order to allow users to remain up to date21:45
flwangyep, you're correct, we need https://review.opendev.org/#/c/694032/ to support at least v1.15.3 for stein21:47
flwangi just +2 ed21:47
brtknrthanks21:48
brtknrflwang: iirc master cannot be resized right?21:53
flwangbrtknr: no, master can't be resized at this moment21:54
*** dim79 has quit IRC22:05
*** pcaruana has quit IRC22:26
*** rcernin has joined #openstack-containers22:46
*** ivve has quit IRC23:26
*** goldyfruit has quit IRC23:36
« Sunday, 2019-11-17 Index Tuesday, 2019-11-19 »

Generated by irclog2html.py 2.15.3 by Marius Gedminas - find it at mg.pov.lt!