Wednesday, 2020-07-15

« Tuesday, 2020-07-14 Index Thursday, 2020-07-16 »
*** k_mouza has joined #openstack-containers00:51
*** k_mouza has quit IRC00:56
*** k_mouza has joined #openstack-containers00:58
*** ricolin_ has joined #openstack-containers00:59
*** k_mouza has quit IRC01:04
*** k_mouza has joined #openstack-containers01:27
*** k_mouza has quit IRC01:31
*** xinliang has joined #openstack-containers01:32
*** sapd__x has joined #openstack-containers02:20
*** rcernin has quit IRC02:56
*** rcernin has joined #openstack-containers02:58
openstackgerritFeilong Wang proposed openstack/magnum stable/ussuri: Fix label fixed_network_cidr  https://review.opendev.org/73818303:04
openstackgerritFeilong Wang proposed openstack/magnum stable/ussuri: [k8s] Fix PreDeletionFailed if Heat stack is missing  https://review.opendev.org/74107603:07
openstackgerritFeilong Wang proposed openstack/magnum stable/ussuri: Fix ServerAddressOutputMapping for private clusters  https://review.opendev.org/73818403:12
*** ramishra has quit IRC03:13
*** ramishra has joined #openstack-containers03:14
*** k_mouza has joined #openstack-containers03:44
*** k_mouza has quit IRC03:48
*** xinliang has quit IRC04:01
*** sapd__x has quit IRC04:12
*** ykarel has joined #openstack-containers04:34
*** vishalmanchanda has joined #openstack-containers04:50
*** sapd__x has joined #openstack-containers04:58
*** k_mouza has joined #openstack-containers05:13
*** k_mouza has quit IRC05:18
*** udesale has joined #openstack-containers05:22
*** udesale has quit IRC06:07
*** udesale has joined #openstack-containers06:20
*** rcernin has quit IRC07:07
*** k_mouza has joined #openstack-containers07:09
*** born2bake has joined #openstack-containers07:13
*** k_mouza has quit IRC07:13
*** k_mouza has joined #openstack-containers07:18
*** rcernin has joined #openstack-containers07:18
*** k_mouza has quit IRC07:22
*** udesale has quit IRC07:47
*** udesale has joined #openstack-containers07:47
*** k_mouza has joined #openstack-containers07:54
*** k_mouza has quit IRC07:59
*** k_mouza has joined #openstack-containers08:03
*** rcernin has quit IRC08:27
*** rcernin has joined #openstack-containers08:49
*** xinliang has joined #openstack-containers08:50
*** flwang1 has joined #openstack-containers08:52
flwang1brtknr: around for weekly meeting?08:53
brtknrflwang1: o/08:53
brtknryes im around08:53
flwang1brtknr: seems we don't have spyros today08:55
brtknryes, seems that way08:56
flwang1#startmeeting magnum09:00
openstackMeeting started Wed Jul 15 09:00:16 2020 UTC and is due to finish in 60 minutes.  The chair is flwang1. Information about MeetBot at http://wiki.debian.org/MeetBot.09:00
openstackUseful Commands: #action #agreed #help #info #idea #link #topic #startvote.09:00
*** openstack changes topic to " (Meeting topic: magnum)"09:00
openstackThe meeting name has been set to 'magnum'09:00
flwang1#topic roll call09:01
*** openstack changes topic to "roll call (Meeting topic: magnum)"09:01
flwang1o/09:01
openstackgerritBharat Kunwar proposed openstack/magnum master: [docs] Bring user docs up to date with recent changes  https://review.opendev.org/71472109:01
brtknro/09:01
flwang1i think just us09:02
flwang1let's go through the topics for today09:02
flwang1#topic master_lb_enabled09:02
*** openstack changes topic to "master_lb_enabled (Meeting topic: magnum)"09:02
flwang1you guys merged the client side patch before merging the server side :)09:03
flwang1so i have to push you again  on this one09:03
brtknrflwang1: hehe its opt in on client side09:04
flwang1brtknr: can you revisit that one? https://review.opendev.org/#/c/726017/09:04
brtknrso no great harm, i see the server side merging imminently09:04
flwang1and it can make our life easier09:05
flwang1at this moment, we're maintaining 6 templates09:05
flwang1with this one, we can reduce it to 309:05
brtknrflwang1: nice are you guys already using the server side patch?09:06
flwang1no, we only maintain private patch when we have to09:06
flwang1as long as this one merged, i will propose a patch on magnum ui to add a checkbox for this09:07
brtknrflwang1: sounds good09:07
flwang1brtknr: i will bug you again if i didn't see your comments by this Friday :D09:08
brtknrflwang1: yes things have been quite busy recently so not had a chance to work on much upstream stuff09:09
flwang1i understand and I appreciate any contribution when people are busy on internal work09:09
flwang1let's move on?09:10
brtknrflwang1: actually the reason I proposed the cluster template clone patch was to test your cluster upgrade patch09:10
brtknras i was too lazy to create a new template from scratch everytime09:10
flwang1brtknr: that's a clever command, i like it TBH09:11
flwang1i will test it before +209:11
brtknrflwang1: one thing i noticed was that after the upgrade fails, i cannot upgrade the cluster09:11
brtknris that expected?09:11
flwang1you mean the cluster will be in update_failed?09:12
brtknryeah09:12
flwang1and can't be upgrade again?09:12
brtknre.g. if i try to upgrade to 2.19 and the update_failed09:12
brtknrlooks like we are already talking about the next topic btw09:12
flwang1#topic upgrade disallow minor version skipped09:13
*** openstack changes topic to "upgrade disallow minor version skipped (Meeting topic: magnum)"09:13
flwang1yep, so noticed that as well. so i'm thinking if we should move this logic to api layer09:13
flwang1or when there is an error, just reset the status back09:14
flwang1or when there is a upgrade failed error, just reset the status09:14
brtknrflwang1: yes that would make sense09:15
flwang1i will dig it09:15
brtknror allow upgrade even when state is update_failed?09:15
brtknrotherwise how will the user know?09:16
flwang1brtknr: or allow upgrade even when state is update_failed?  --- yes, that one should be fixed as well09:16
flwang1brtknr: good point09:16
*** rcernin has quit IRC09:17
flwang1i think we just need to allow upgrade a cluster which in 'update_failed' status09:17
flwang1very efficient discussion09:17
flwang1next one?09:17
brtknrflwang1: may I make a request btw09:17
flwang1sure09:17
brtknrwhen i test your changes, your topics are often story/xxxxxx-xxxx09:18
brtknrwhile this is good for the commit messsage, it is difficult to see what this change is about when i do `git branch`09:19
flwang1haha09:19
brtknrespecially when there are lots of branches  already09:19
brtknrmay i suggest that you use a semantic topic :)09:19
flwang1i will replace the 'story' withe a meaningful name09:19
brtknrflwang1: thanks09:20
flwang1btw, as your comment about major version, i don't mind to add it, but i prefer to see spyros's opinion on the existing code before i putting much effort on that09:21
brtknrflwang1: understood09:22
flwang1brtknr: your docs patch looks good for me, i will +2, easy one09:23
flwang1brtknr: btw, it would be nice if you can revisit the ca rotate patch. Spyros gave some good comments and I think i have already addressed that. so please revisit it when you have time09:25
*** xinliang has quit IRC09:27
brtknrflwang1: no problem i will test it by the end of this week09:29
flwang1thank you very much09:29
brtknrflwang1: probably just a basic test to make sure it works as expected09:29
brtknrflwang1: btw have you tried the k8s cluster API?09:30
flwang1no, why?09:30
brtknrflwang1: i had a quick look at it recently: https://github.com/kubernetes-sigs/cluster-api-provider-openstack09:31
flwang1brtknr: how do you think?09:32
brtknrI was surprised it required a kubernetes cluster for bootstrapping09:32
brtknrwell the image that i uploaded to glance did not boot so i havent had a chance to try it fully09:32
brtknrthe documentation is lacking too09:32
flwang1yep, it needs a "root" k8s cluster09:33
flwang1one day, if EKS or GKE start to use cluster API, then i think Magnum can think about it, otherwise. it doesn't fit our scope09:34
brtknrflwang1: it is a long way from being stable actually09:35
brtknre.g. i cannot delete the clusters ive created09:35
flwang1without many people's hard work, hard to get it stable09:36
brtknrit complains about a security group that is in use but the controller manager should delete things in the correct order09:36
flwang1btw, did you guys using designate in your cloud?09:37
flwang1s/did/are09:37
brtknrwe do on one of the sites but i didnt deploy it09:38
flwang1right09:40
flwang1i'm doing some research work now09:40
flwang1anything else you would like to discuss?09:40
brtknrflwang1: what are you hoping to do with designate?09:41
flwang1basic integration with VM layer and integrate with k8s with external-dns09:42
brtknrflwang1: i see09:43
flwang1cool, let's call this one done09:45
flwang1brtknr: thanks for joining09:45
brtknrflwang1: can i quickly clarify something09:46
flwang1sure09:46
brtknrhttps://docs.openstack.org/magnum/latest/user/#keystone-authentication-and-authorization-for-kubernetes09:46
brtknrhttps://docs.openstack.org/magnum/latest/user/#keystone-authn-and-authz09:47
brtknrflwang1: these two sections seems to serve a similar purpose09:47
brtknrflwang1: shall we keep the first and remove the second?09:47
brtknror merge the two together?09:48
flwang1i will take a look and see if they can be merged09:48
*** ricolin_ has quit IRC09:49
flwang1seems the 2nd part can be merged into the 1st part09:50
flwang1brtknr: anything else?09:50
brtknrshall I update the docs PS with this change in that case?09:51
brtknrI was also thinking about moving #keystone-authentication-and-authorization-for-kubernetes to #kubernetes as a subsection09:51
brtknralso Kubernetes Health Monitoring which is currecntly H109:51
brtknrbut I think it should be H2 under kubernetes section09:52
flwang1i would suggest put it into a separate patch09:52
brtknrhttps://docs.openstack.org/magnum/latest/user/#kubernetes-external-load-balancer also seems out of date since neutron lbaas is now completely removed09:53
brtknrOk separate patch sounds good09:54
brtknrAs it will involve some reorganisation09:55
flwang1yep09:55
flwang1thanks for putting time on the docs work09:55
flwang1appreciate that09:55
brtknrflwang1: np, it needs some love09:56
flwang1true09:56
flwang1ok, i'm going to close this meeting09:56
flwang1#endmeeting09:57
*** openstack changes topic to "OpenStack Containers Team | Meeting: every Wednesday @ 9AM UTC | Agenda: https://etherpad.openstack.org/p/magnum-weekly-meeting"09:57
openstackMeeting ended Wed Jul 15 09:57:11 2020 UTC.  Information about MeetBot at http://wiki.debian.org/MeetBot . (v 0.1.4)09:57
openstackMinutes:        http://eavesdrop.openstack.org/meetings/magnum/2020/magnum.2020-07-15-09.00.html09:57
openstackMinutes (text): http://eavesdrop.openstack.org/meetings/magnum/2020/magnum.2020-07-15-09.00.txt09:57
openstackLog:            http://eavesdrop.openstack.org/meetings/magnum/2020/magnum.2020-07-15-09.00.log.html09:57
flwang1brtknr: thanks for joining, have a good day09:57
brtknrflwang1: you too!09:57
*** k_mouza has quit IRC10:07
*** k_mouza has joined #openstack-containers10:10
*** nikparasyr has joined #openstack-containers10:13
*** cyrilleb has joined #openstack-containers10:56
*** flwang1 has quit IRC11:05
*** sapd__x has quit IRC11:22
*** udesale_ has joined #openstack-containers11:31
*** rcernin has joined #openstack-containers11:32
*** udesale has quit IRC11:34
*** rcernin has quit IRC11:47
*** cyrilleb has quit IRC11:48
*** mgariepy has joined #openstack-containers12:09
*** nikparasyr has quit IRC13:12
*** nikparasyr has joined #openstack-containers13:13
*** ramishra has quit IRC13:59
*** ramishra has joined #openstack-containers14:19
*** ramishra has quit IRC14:28
*** dave-mccowan has quit IRC14:43
*** dave-mccowan has joined #openstack-containers14:47
*** ramishra has joined #openstack-containers14:48
*** nikparasyr has left #openstack-containers14:52
*** ykarel is now known as ykarel|away15:13
*** ykarel|away has quit IRC15:43
*** ramishra has quit IRC15:46
*** k_mouza has quit IRC15:55
*** k_mouza has joined #openstack-containers16:11
*** k_mouza has quit IRC16:16
*** mgariepy has quit IRC16:22
*** ramishra has joined #openstack-containers16:24
*** k_mouza has joined #openstack-containers16:24
*** k_mouza has quit IRC16:24
*** k_mouza has joined #openstack-containers16:24
*** k_mouza has quit IRC16:29
*** ykarel|away has joined #openstack-containers16:35
*** udesale_ has quit IRC16:38
*** mgariepy has joined #openstack-containers17:09
*** ykarel|away has quit IRC17:25
*** vishalmanchanda has quit IRC18:20
*** arkan has joined #openstack-containers18:58
arkanhi guys, when I'm trying to create kubernetes cluster on magnum I'm receiving18:59
arkanreason: Resource CREATE failed: AuthorizationFailure: resources.kube_masters.resources[0].resources.kube-master: Authorization failed.18:59
arkanI'm on stable/train OSA19:00
arkanjournalctl -xf --> magnum container http://paste.openstack.org/show/795953/19:00
arkanjournalctl -xf ---> keyston container http://paste.openstack.org/show/795956/19:04
arkanjournalctl -xf ---> heat api container http://paste.openstack.org/show/795957/19:05
*** KeithMnemonic has joined #openstack-containers19:12
brtknrarkan: Sounds like authorisation failed21:00
arkanyes, and I read now the doc21:00
arkanhttps://docs.openstack.org/heat/train/install/install-ubuntu.html21:00
arkanI installed openstack using Openstack Ansible, and the above doc I used it to verify the config that I have21:01
arkanit seems that this line openstack role add --domain heat --user-domain heat --user heat_domain_admin admin21:02
arkanwhich is in my case with OSA (stable/train), it's not heat_domain_admin but stack_domain_admin21:03
brtknrarkan: sorry I’m not too familiar with OSA21:04
arkanafter I did this openstack role add --domain heat --user-domain heat --user stack_domain_admin admin21:04
brtknrIt works?21:04
arkanthe error disappeared21:04
brtknrgreat!21:04
arkanI think the user was not authorised that manages the stack21:05
arkannow I'm having a problem related to cinder volume21:05
arkanI saw this bug https://bugs.launchpad.net/openstack-ansible/+bug/187742121:06
openstackLaunchpad bug 1877421 in openstack-ansible "Cinder-volume is not able to recognize a ceph cluster on OpenStack Train." [Undecided,New]21:06
arkanI think I solved the problem with authorisation with magnum, the user stack_domain_admin was not added to the heat domain with a role admin21:10
*** logan- has quit IRC22:17
*** logan- has joined #openstack-containers22:19
*** rcernin has joined #openstack-containers22:20
*** rcernin has quit IRC22:20
*** rcernin has joined #openstack-containers22:21
*** born2bake has quit IRC23:28
« Tuesday, 2020-07-14 Index Thursday, 2020-07-16 »

Generated by irclog2html.py 2.17.2 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!