Friday, 2017-02-17

« Thursday, 2017-02-16 Index Saturday, 2017-02-18 »
*** mlavalle has quit IRC00:31
*** hoangcx has joined #openstack-dns00:38
*** EricGonc_ has quit IRC00:43
*** cuongnv has joined #openstack-dns01:00
iggyhey guys, having a problem with designate where when I delete an instance, the first time it errors out, but the second time it goes through fine01:03
iggy2017-02-17 00:40:26.312 93154 ERROR neutron.api.v2.resource [req-2d293d04-86b3-43ce-ac45-ab2817433e24 e56614194e504e709d46e74d0272cc39 927d1e83056743a1b1a309013c35b8a9 - - -] delete failed01:03
iggy2017-02-17 00:40:26.293 93154 ERROR neutron.callbacks.manager [req-2d293d04-86b3-43ce-ac45-ab2817433e24 e56614194e504e709d46e74d0272cc39 927d1e83056743a1b1a309013c35b8a9 - - -] Error during notification for neutron.plugins.ml2.extensions.dns_integration._delete_port_in_external_dns_service port, before_delete01:04
*** gatuus_ has quit IRC01:04
*** gatuus has quit IRC01:04
iggyI see those log lines along with a traceback spread out over a ton of log lines01:05
*** catintheroof has quit IRC01:13
*** cuongnv_ has joined #openstack-dns02:06
*** cuongnv has quit IRC02:06
*** tdink has quit IRC02:24
*** cuongnv_ is now known as cuong02:29
*** cuong is now known as cuongnv02:29
*** EricGonczer_ has joined #openstack-dns02:32
*** EricGonc_ has joined #openstack-dns02:39
*** EricGonczer_ has quit IRC02:40
*** EricGonc_ has quit IRC03:03
*** cuongnv has quit IRC03:05
*** ducttape_ has quit IRC03:24
*** deepbook5broo has joined #openstack-dns03:47
*** deepbook5broo has left #openstack-dns03:47
*** cuongnv has joined #openstack-dns03:52
*** faizy has joined #openstack-dns05:32
*** richm has quit IRC06:42
*** hoangcx_ has joined #openstack-dns06:57
*** hoangcx has quit IRC06:59
*** amoralej|off is now known as amoralej07:46
*** hoangcx has joined #openstack-dns07:59
*** hoangcx_ has quit IRC08:00
*** fandi has joined #openstack-dns08:14
*** pcaruana has joined #openstack-dns08:22
*** sonuk has quit IRC08:37
*** stanzgy has joined #openstack-dns09:16
*** sonuk has joined #openstack-dns09:17
*** cuongnv has quit IRC10:00
*** hoangcx has quit IRC10:02
*** haplo37_ has quit IRC10:03
*** haplo37_ has joined #openstack-dns10:03
*** faizy has quit IRC10:12
*** faizy has joined #openstack-dns10:13
*** sonuk has quit IRC10:16
*** sonuk has joined #openstack-dns10:42
*** Andrew_jedi has joined #openstack-dns11:09
Andrew_jediHello Folks!11:10
Andrew_jediI have just installed designate (Newton) and facing an issue.11:10
Andrew_jediDesignate complains that "zones" table is absent DB but it is present inthe DB. http://paste.openstack.org/show/599377/11:10
*** richm has joined #openstack-dns11:11
*** dmellado has joined #openstack-dns11:37
*** agarciam has joined #openstack-dns11:49
agarciamey there... quick question about neutron-designate integration... hopefully someone here can provide an answer. The documentation (https://docs.openstack.org/mitaka/networking-guide/config-dns-int.html) says you can set a dns_name on the neutron network that will be used to create the dns_name of the neutron port (and therefore, provisioned on designate). But the truth is that neutron gets the dns_name from neutron.conf.11:52
agarciam.. so I don't fully get what's the purpose of setting the domain name on the network if it's going to be ignored unless it is a subdomain of the one defined on configuration. Is that the expected behaviour (being able to have a single domain for the whole platform and rely on subdomains)?11:52
*** ducttape_ has joined #openstack-dns12:00
*** haplo37 has quit IRC12:13
*** fandi has quit IRC12:14
Kiallagarciam: you can set a dns_domain in neutron.conf, if you do, it's used..12:16
KiallIf you don't - it'll pick the name from the Neutron network/subnet12:16
Kiall(at least, that's how I remember it...)12:16
agarciamKiall I tried with the config param empty... and it didn't work12:17
agarciamKiall but... worth to try it out again... just in case I missed something12:17
*** haplo37 has joined #openstack-dns12:22
*** catintheroof has joined #openstack-dns12:23
*** Andrew_jedi has quit IRC12:36
*** faizy has quit IRC12:45
*** Andrew_jedi has joined #openstack-dns13:03
agarciamKiall it doesn't work... if you remove the config then the dns_name is not even constructed when you create a port13:08
*** stanzgy has quit IRC13:11
*** EricGonczer_ has joined #openstack-dns13:16
*** EricGonc_ has joined #openstack-dns13:23
*** EricGonczer_ has quit IRC13:24
*** faizy has joined #openstack-dns13:41
*** EricGonc_ has quit IRC13:47
*** trondham has joined #openstack-dns13:51
Andrew_jedifolks, i am running into this error "ERROR oslo_messaging.rpc.server NoServersConfigured". Can someone point me towards good documentation on configuring designate  please ?13:51
*** chlong has joined #openstack-dns14:15
timsimAndrew_jedi: https://docs.openstack.org/developer/designate/pools.html14:18
*** gatuus has joined #openstack-dns14:29
*** gatuus has quit IRC14:37
*** amoralej is now known as amoralej|lunch14:41
*** tdink has joined #openstack-dns14:44
*** Andrew_jedi has quit IRC15:00
*** agarciam has quit IRC15:01
*** nkinder has joined #openstack-dns15:05
*** agarciam has joined #openstack-dns15:11
*** sonuk has quit IRC15:16
*** amoralej|lunch is now known as amoralej15:18
*** faizy has quit IRC15:22
*** EricGonczer_ has joined #openstack-dns15:31
*** faizy has joined #openstack-dns15:32
*** mlavalle has joined #openstack-dns15:37
*** databus23_ has joined #openstack-dns15:39
*** kbyrne has joined #openstack-dns15:52
*** kbyrne has quit IRC16:04
*** kbyrne has joined #openstack-dns16:07
*** tdink has quit IRC16:11
*** tdink has joined #openstack-dns16:11
*** pcaruana has quit IRC16:21
*** shewless has joined #openstack-dns16:23
shewlessHello. Is there a way to make a "domain" accessible to all projects?16:23
*** Andrew_jedi has joined #openstack-dns16:26
*** tdink has quit IRC16:26
*** tdink has joined #openstack-dns16:27
*** gatuus has joined #openstack-dns16:40
*** shewless has quit IRC16:51
*** faizy has quit IRC16:54
*** shewless has joined #openstack-dns16:54
*** EricGonczer_ has quit IRC17:05
timsimshewless: Currently there isn't a way to share domains between tenants without being kind of hacky. You can allow all domains to be accessible to all tenants by always passing the all-tenants flag, and having everyone be an admin for example.17:06
timsimWhat you might also do is if you're having certain tenants working on certain subdomains, you can create sub.example.com from the original tenant, and then transfer sub.example.com to the tenant who needs to do things on it. Think labs.mycompany.com or something.17:07
*** EricGonczer_ has joined #openstack-dns17:08
*** Andrew_jedi has quit IRC17:09
*** Andrew_jedi has joined #openstack-dns17:11
openstackgerritMerged openstack/designate-tempest-plugin master: Remove tempest tests for APIv1 as smoke tests  https://review.openstack.org/43476117:42
*** Andrew_jedi has quit IRC17:51
shewlesstimsim: how do you "transfer" domains?17:54
shewlesstimsim: could I add a policy or something that would all all users to see all domains?17:55
shewlessotherwise.. I suppose I could create a "sub domain" for every user on their behalf17:55
shewlesskind of sketchy though17:56
shewlessI see in policy.json: "admin": "role:admin or is_admin:True",17:57
shewlessCould I just change that to role:user or role:admin?17:58
shewlessI will try17:58
timsimshewless: https://developer.openstack.org/api-ref/dns/#zone-ownership-transfers-requests17:58
timsimYeah you can try that, it's just that everyone will be an admin17:58
timsimI'm blanking on whether "admins" can just by default see other tenants zones.17:58
timsimI don't think so.17:58
timsimI guess if you supply the sudo tenant id maybe.17:59
shewlesstimsim: thanks for the link. What do you mean by "sudo tenant id"?18:01
timsimyeah no admins can't just see other tenants zones without passing the all-projects flag18:04
shewlesswow thanks for checking18:05
shewlessI hadn't gotten to it yet18:05
timsimIf you check the headers under here https://developer.openstack.org/api-ref/dns/?expanded=create-zone-detail you can see all of them18:05
timsimThey're http headers that you can pass that will (if you're an admin usually) give you some extra powers.18:05
timsimI'm assuming you're using keystone, if you're not using keystone, it's even easier to impersonate. Just pass 'x-auth-project-id: tenantname'18:06
shewlesstimsim: interesting.. I am using keystone but I don't "have" to use keystone18:06
shewlessnot sure I could do that x-auth trick from heat though.. which I guess is my end goal18:07
shewlesstimsim: is designate designed to support only 1 project/tenant?18:19
timsimThe opposite18:19
timsimBut it's designed to have a zone belong to a tenant18:20
shewlesstimsim: by zone do you mean "designate domain-create" ?18:21
timsimAh.18:21
timsimDomain is the "old, deprecated" term for zone. Using the v1 API, you'll see domains. You really should try to use v2 (and the openstackclient)18:22
*** mlavalle has quit IRC18:22
timsimThey map to the same thing but the v1 API and the "designate" Cli are deprecated18:22
shewlesstimsim: cool.. I didn't know which openstack commands to use.. I assume they are the "zone" subset  now that you have clarified :)18:25
shewlessOddly enough when I try and use the openstack cli it says it can't find the endpoint18:25
timsimYeah it's not super intuitive18:26
timsimThere's some docs for it in the python-designate client docs18:26
timsimThe designate stuff is a plugin you have to install.18:26
shewlessI have en endpoint like so:  https://designate.foo.com:900118:27
shewlessI have designate installed and working from the command line18:27
timsimIt uses keystone to find the endpoint so it has to be created in there right.18:27
timsimOr I think you can supply it18:27
timsimOk, next week is an openstack event, I'm going to write some good docs for all of this crap. That's like all I'm gonna do. That's what we're doing next week mugsie18:28
timsim1. Find new contributors. 2. Write docs.18:29
shewless:)18:29
shewlessI feel like I'm so close to having it work18:29
shewlessit works from "designate" but not from openstack zone :(18:29
shewlessmaybe that means v1 works but not v2?18:29
shewlessDo I have to specify v2 in the name of the endpoint?18:29
*** EricGonc_ has joined #openstack-dns18:32
* mugsie_ agrees with timsim 18:34
*** EricGonczer_ has quit IRC18:34
mugsie_But will read ^ when I get off this plane18:34
shewlesstimsim: do I need to explicity set "enabled_extensions_v2" or can I leave it blank?18:36
shewlesstimsim: man.. if I explicitly set enabled_api_v2 to True then it works! weird that it was commented out as True so I assumed that was the default18:37
timsimWhat version of designate are you using?18:37
shewless2.0.0 - default for ubuntu 16.0418:38
timsimHm18:39
timsimWell. I'm glad it works anyway18:39
shewlesstimsim: still need to figure out how I'm going to provide this service to my users18:40
shewlessI could ask them to manually create a zone18:41
shewlessand then manually create records for each of their instances in that zone18:41
timsimWhat exactly is it that you want? Can you describe the whole use case?18:41
shewlesstimsim: We have some predefined heat templates. When a user launches a stack I want the instances in that stack to have a DNS name pointing to the floating IP.  I want the DNS name to be unique so I was thinking of including the project name as part of the dns (either as a zone or a record)18:42
shewlessI can't think of a good way to do that automatically18:44
shewlessI know I could tie it into neutron but I don't know how it would ensure uniqueness.. since you can only specify one domain/zone in the config18:48
mugsie_Heat can create domains and records18:48
mugsie_You can also assign a zone to each neutron network18:49
shewlessmugsie_ yes heat can do domains and records.. but I would need to know the project name to create both I guess18:58
shewlessmugsie_ any info on how to assign a zone to each neutron network? not sure how that would work18:58
-openstackstatus- NOTICE: Restarting gerrit due to performance problems19:02
*** mlavalle has joined #openstack-dns19:27
*** stanzgy has joined #openstack-dns19:42
shewlesswhen using OS::Designate::Record:20:16
shewlesscan the "domain" specified by the "name" of the domain instead of the ID?20:16
shewlessOtherwise this is just getting crazy20:16
*** Andrew_jedi has joined #openstack-dns20:17
shewlessI'm getting this error which is worrisome: ERROR: Property error: : resources.device_dns.properties.domain: : NotFound20:18
shewlessbut I have created a domain which is accessible for this project.20:18
shewlesshmm.. If I try and reference the domain by ID instead I still get the same error.. so I guess the problem is not with the name vs id.. but somewhere else20:20
shewlessI think heat is defaulting to v1 api instead of v2 :(20:21
shewlessis there anyway to change that?20:21
shewlessFor now I re-enabled the v1 API in designate.. now my heat seems to be happier with me20:23
*** amoralej is now known as amoralej|off20:37
shewlessThanks for the help mugsie_ and timsim: Right now I have a "working" solution. It assumes that each user will have a zone created in their project and that they will pass their project name as a parameter in the heat template.20:39
shewlessIt's a start20:40
*** stanzgy has quit IRC20:40
shewlessI may try and expose the project name somehow in the heat template. I think that will make it simpler20:40
*** ducttape_ has quit IRC20:57
*** ducttape_ has joined #openstack-dns20:57
*** haplo37 has quit IRC21:06
*** ducttape_ has quit IRC21:09
*** haplo37_ has quit IRC21:09
*** haplo37 has joined #openstack-dns21:18
*** haplo37_ has joined #openstack-dns21:19
*** ducttape_ has joined #openstack-dns21:56
*** ducttape_ has quit IRC22:56
*** ftpd has quit IRC23:02
*** gatuus has quit IRC23:04
*** ducttape_ has joined #openstack-dns23:06
*** catintheroof has quit IRC23:21
*** catintheroof has joined #openstack-dns23:22
mugsieshewless: sorry, just saw this (finally landed and away from airports for a day of two :( )23:24
mugsieyeah - heat is v1 only right now23:25
mugsieand needs an id23:25
mugsiebut, we will need to implment v2 in heat this cycle23:25
mugsieand allow for name based look up - which is kind of done already in the client23:26
*** ducttape_ has quit IRC23:26
*** catintheroof has quit IRC23:26
*** ducttape_ has joined #openstack-dns23:38
*** chlong has quit IRC23:46
*** tdink has quit IRC23:56
« Thursday, 2017-02-16 Index Saturday, 2017-02-18 »

Generated by irclog2html.py 2.14.0 by Marius Gedminas - find it at mg.pov.lt!