Tuesday, 2016-08-16

« Monday, 2016-08-15 Index Wednesday, 2016-08-17 »
JayFthe 5pm monster has gotten me again00:00
JayFgrawr00:00
*** Goneri has quit IRC00:03
*** baoli has joined #openstack-ironic00:07
*** snizar_ has quit IRC00:25
*** snizar has quit IRC00:25
openstackgerritMerged openstack/ironic: Add nova scheduler_host_subset_size option to docs  https://review.openstack.org/35056900:27
openstackgerritMerged openstack/ironic: 'As of' in documentation is incorrect  https://review.openstack.org/35322700:29
*** fxpester has quit IRC00:30
*** amotoki has joined #openstack-ironic00:47
*** syed_ has quit IRC00:52
*** zhangjl has joined #openstack-ironic00:55
*** hoangcx has joined #openstack-ironic00:56
*** xuao has joined #openstack-ironic00:56
*** phuongnh has joined #openstack-ironic00:58
*** baoli has quit IRC01:10
*** baoli has joined #openstack-ironic01:12
*** wajdi has joined #openstack-ironic01:12
openstackgerritAndy Yan proposed openstack/ironic-specs: bug/1613198  https://review.openstack.org/35538901:13
openstackgerritAndy Yan proposed openstack/ironic-specs: bug/1613198  https://review.openstack.org/35538901:24
*** rajinir has quit IRC01:25
*** ijw has quit IRC01:32
*** ijw has joined #openstack-ironic01:38
*** hparekh has quit IRC01:40
*** baoli has quit IRC01:43
*** amotoki has quit IRC01:43
*** vishwanathj has quit IRC01:44
*** Sukhdev has quit IRC01:44
openstackgerritAndy Yan proposed openstack/ironic-specs: bug/1613198  https://review.openstack.org/35538901:45
openstackgerritTeng Fei proposed openstack/ironic-inspector: Modify the SQL's string from double quote to single quote.  https://review.openstack.org/34779501:47
*** ijw has quit IRC01:49
*** bfournie has joined #openstack-ironic01:51
*** baoli has joined #openstack-ironic01:51
*** hparekh has joined #openstack-ironic01:51
*** ijw has joined #openstack-ironic02:01
*** tiendc has joined #openstack-ironic02:02
*** ijw has quit IRC02:06
*** levelxplane has joined #openstack-ironic02:15
*** levelxplane has left #openstack-ironic02:16
openstackgerritDarren Chan proposed openstack/ironic: Update readme file  https://review.openstack.org/35529002:18
*** baoli has quit IRC02:21
*** rloo has quit IRC02:30
*** rbudden has quit IRC02:35
*** rama_y has joined #openstack-ironic02:35
*** ijw has joined #openstack-ironic02:40
*** fragatin_ has joined #openstack-ironic02:42
*** aNupoisc has quit IRC02:42
*** fragatina has quit IRC02:45
*** zhenguo has joined #openstack-ironic02:46
*** fragatin_ has quit IRC02:46
*** yuanying has quit IRC02:49
*** yuanying has joined #openstack-ironic02:52
*** ijw has quit IRC02:54
*** baoli has joined #openstack-ironic03:01
*** wajdi has quit IRC03:02
*** krtaylor has joined #openstack-ironic03:02
*** wajdi has joined #openstack-ironic03:02
*** xavierr has quit IRC03:04
*** gabriel-bezerra has quit IRC03:04
*** nicodemos has quit IRC03:04
*** xavierr has joined #openstack-ironic03:05
*** gabriel-bezerra has joined #openstack-ironic03:07
*** nicodemos has joined #openstack-ironic03:07
*** wajdi_ has joined #openstack-ironic03:09
*** ChubYann has quit IRC03:11
*** wajdi has quit IRC03:11
*** ChubYann has joined #openstack-ironic03:24
*** vishwanathj has joined #openstack-ironic03:25
*** baoli has quit IRC03:26
openstackgerritNguyen Hung Phuong proposed openstack/ironic: Clean imports in code  https://review.openstack.org/35570403:29
*** wlfightup has joined #openstack-ironic03:30
wlfightuphello03:30
*** tiendc has quit IRC03:31
*** tiendc has joined #openstack-ironic03:37
*** wajdi_ has quit IRC03:40
*** vikrant has joined #openstack-ironic03:42
openstackgerritTuan proposed openstack/ironic: Fix incorrect order of params of assertEqual() in test_objects.py  https://review.openstack.org/35570803:45
*** rajinir has joined #openstack-ironic03:45
*** yuanying has quit IRC03:48
openstackgerritTuan proposed openstack/ironic: Fix incorrect order of params of assertEqual()  https://review.openstack.org/35570803:49
*** yuanying has joined #openstack-ironic03:51
wlfightupthis is my question03:53
wlfightupCan Help me solve ?03:54
wlfightuphttp://stackoverflow.com/questions/38966404/how-to-add-ironic-db-version-file-now-install-dont-copying-db-version-file-ho03:54
*** vishwanathj has quit IRC03:54
wlfightup^-^03:55
*** hshiina has joined #openstack-ironic03:56
*** xuao has quit IRC04:00
*** vishwanathj has joined #openstack-ironic04:17
*** links has joined #openstack-ironic04:20
*** fragatina has joined #openstack-ironic04:24
*** fragatina has quit IRC04:29
*** Sukhdev has joined #openstack-ironic04:43
*** moshele has joined #openstack-ironic04:49
*** rama_y has quit IRC05:10
*** rama_y has joined #openstack-ironic05:10
*** tiendc has quit IRC05:25
*** stendulker has joined #openstack-ironic05:25
*** Sukhdev has quit IRC05:26
*** baoli has joined #openstack-ironic05:38
*** fragatina has joined #openstack-ironic05:40
*** ccamacho has joined #openstack-ironic05:40
*** baoli has quit IRC05:42
*** fragatina has quit IRC05:45
*** rama_y has quit IRC05:46
*** tiendc has joined #openstack-ironic05:51
*** rajinir has quit IRC05:55
openstackgerritlokesh s proposed openstack/ironic: Renaming audit map conf sample file  https://review.openstack.org/35039905:55
*** thrash|g0ne has quit IRC06:03
*** ccamacho is now known as ccamacho|afk06:04
*** thrash has joined #openstack-ironic06:05
*** thrash has quit IRC06:05
*** thrash has joined #openstack-ironic06:05
openstackgerritCao ShuFeng proposed openstack/ironic: Use node uuid rather than id when acquiring node lock  https://review.openstack.org/35573206:05
openstackgerritCao ShuFeng proposed openstack/ironic: Use node uuid rather than id when acquiring node lock  https://review.openstack.org/35573206:05
*** rcernin has joined #openstack-ironic06:14
openstackgerritShivanand Tendulker proposed openstack/ironic: Fix iLO drivers inconsistent boot mode default value  https://review.openstack.org/34523106:17
*** rama_y has joined #openstack-ironic06:19
openstackgerritChangBo Guo(gcb) proposed openstack/ironic: Use memory mode for sqlite in db test  https://review.openstack.org/35573806:25
openstackgerritChangBo Guo(gcb) proposed openstack/ironic: Use memory mode for sqlite in db test  https://review.openstack.org/35573806:38
*** rbartal has joined #openstack-ironic06:42
*** vsaienk0 has quit IRC06:42
*** vsaienk0 has joined #openstack-ironic06:49
*** Lord_Phoenix has joined #openstack-ironic06:54
*** jtomasek|afk is now known as jtomasek07:00
openstackgerritVasyl Saienko proposed openstack/ironic: Remove neutron client workarounds  https://review.openstack.org/35458807:08
*** jpich has joined #openstack-ironic07:11
*** ccamacho|afk is now known as ccamacho07:13
*** e0ne has joined #openstack-ironic07:28
*** ifarkas_afk is now known as ifarkas07:40
*** fragatina has joined #openstack-ironic07:41
*** rama_y has quit IRC07:44
*** fragatina has quit IRC07:46
*** baoli has joined #openstack-ironic07:50
*** chlong has quit IRC07:50
*** baoli has quit IRC07:54
*** zzzeek has quit IRC08:00
*** zzzeek has joined #openstack-ironic08:00
openstackgerritDavanum Srinivas (dims) proposed openstack/ironic: [WIP] Testing latest u-c  https://review.openstack.org/31844008:10
openstackgerrityolanda.robla proposed openstack/bifrost: Allow to define vms with independent names  https://review.openstack.org/35481308:10
*** athomas has joined #openstack-ironic08:14
openstackgerritFatih Degirmenci proposed openstack/bifrost: Introduce support for kvm acceleration  https://review.openstack.org/35543108:21
*** lucas-dinner is now known as lucasagomes08:21
openstackgerritVasyl Saienko proposed openstack/ironic: Fix test_find_node_by_macs test  https://review.openstack.org/35577608:22
lucasagomesjroll, rloo dansmith thanks for looking into the gate (it was quite late when I sa it was broken so I just reported here)08:22
openstackgerritRicardo Carrillo Cruz proposed openstack/bifrost: Only set hostname on 127.0.0.1 if not present in /etc/hosts  https://review.openstack.org/35577808:23
*** Goneri has joined #openstack-ironic08:27
*** sborkows has joined #openstack-ironic08:31
*** ohamada has joined #openstack-ironic08:32
*** electrofelix has joined #openstack-ironic08:33
openstackgerritNaohiro Tamura proposed openstack/python-ironicclient: Add soft reboot/poweroff power states.  https://review.openstack.org/24790408:36
*** xuao has joined #openstack-ironic08:37
xuaojroll08:40
openstackgerritYuiko Takada Mori proposed openstack/ironic: Add node serial console documentation  https://review.openstack.org/29387208:42
xuaoping lucasagomes,jroll for some help~08:43
*** tiendc has quit IRC08:44
xuaolucasagomes, we found another error while it's in the deploy-image, about I/O error to the disk.08:44
xuaoAnd this is the paste http://paste.openstack.org/show/557493/08:44
*** parlos has joined #openstack-ironic08:44
*** hshiina has quit IRC08:45
xuaoBut it continues after raising that, so we don't pay attention to it .08:46
parlosGood morning Ironic!08:49
vdrokmorning all!08:54
xuaomorning all~08:59
*** Goneri has quit IRC09:01
*** Goneri has joined #openstack-ironic09:01
*** derekh has joined #openstack-ironic09:03
*** sambetts|afk is now known as sambetts09:07
sambettsMorning all09:08
*** tiendc has joined #openstack-ironic09:11
vsaienk0morning all, vdrok, sambetts, lucasagomes, xuao, parlos, jroll, dtantus09:22
sambettso/ vsaienk009:22
vsaienk0folks grenade job is broken by nova cells09:22
vsaienk0I've just reported a bug https://bugs.launchpad.net/ironic/+bug/161362209:23
openstackLaunchpad bug 1613622 in OpenStack Compute (nova) "nova cellsv2 breaks ironic" [Undecided,New]09:23
sambettsvsaienk0: whole gate is broken by the cells change09:23
sambettsvsaienk0: lucasagomes is looking into it as far as I know09:23
lucasagomessambetts, vsaienk0 the devstack patch that caused it have been reverted I think09:24
lucasagomeshttps://review.openstack.org/#/c/355599/09:24
lucasagomesxuao, hmm no idea, I'll have to google about that error09:24
xuaolucasagomes, I think maybe we need to test if the disk is protected ?09:27
jrollmorning y'all09:30
jrollstrange error indeed, xuao09:30
sambettsMorning jroll09:30
xuaomorning jroll~09:30
vsaienk0lucasagomes: I  think the patch to grenade https://review.openstack.org/#/c/355813/ also should be reverted09:31
jrollvsaienk0: so only grenade jobs are broken now?09:31
lucasagomesvsaienk0, a-ha, let's put a patch in ironic with a depends-on that change09:32
jrollvsaienk0: lucasagomes: https://review.openstack.org/#/c/355603/09:32
lucasagomesjroll, apparently so09:32
jrollfor some real fixes instead of reverts, see depends-on there09:32
lucasagomesjroll, ++09:32
lucasagomesjroll, I wonder if we could make the ironic job voting in devstack09:38
jrolllucasagomes: it's worth the conversation, but I think the end of the cycle is bad timing, people won't trust it to not reset the integrated gate09:40
*** dtantsur|afk is now known as dtantsur09:40
dtantsurMorning Ironic, morning jroll, lucasagomes, sambetts, vsaienk0, xuao, vdrok09:40
jrollhey dtantsur09:40
xuaomorning ~ dtantsur09:41
dtantsurso, the gate is down, right?09:41
lucasagomesjroll, right :-/09:41
lucasagomesdtantsur, yup, grenade job is now busted09:42
dtantsurI've seen a lot of failures in regular jobs, is it fixed now?09:42
jrollyes, a devstack revert fixed most of them09:43
jrollthese two fix everything for real: https://review.openstack.org/#/c/355602/ https://review.openstack.org/#/c/355659/109:43
*** fragatina has joined #openstack-ironic09:43
jrollI think the devstack patch isn't urgent, actually, just need the nova patch coming down09:45
jrollI just rechecked it09:45
dtantsurso, which one are we waiting for?09:46
jrollthe nova patch09:46
dtantsurwe can't merge the fix unblocking tripleo CI, so this is a chain of breakages :(09:46
*** amoralej has quit IRC09:46
jrollis the tripleo break related?09:47
jrollor something different09:47
dtantsurwe can't merge this epic fix: https://review.openstack.org/35553709:47
dtantsurbecause why would a library check its incoming arguments instead of discarding unexpected ones?09:48
jrolloh ffs09:48
*** fragatina has quit IRC09:48
jrolldtantsur: well, anyway the fix has +W, so it's just a waiting game09:49
dtantsuryep09:49
lucasagomes:-(09:50
dtantsurbut we can land ironicclient patches in the meanwhile, it does not have grenade :)09:50
dtantsurjroll, as to 3rdparty drivers and the cinder thread, I kind of agree that just removing a bunch of drivers is a bit rude. I'd prefer we bulk-deprecate them in Newton, then remove at the standard deprecation period boundary09:52
jrolldtantsur: yeah, maybe, we should kick off an email thread09:56
lucasagomesdtantsur, ++ I like the idea of the "supported=True/False" flag09:57
stendulkerjroll: Hi09:59
jrollstendulker: hey there10:00
stendulkerjroll: What would be the procedure to obsolete a Ironic driver. With DIB ramdisk being deprecated, agent_ilo and iscsi_ilo are kind of same.10:00
stendulkerjroll: If we want to obsolete iscsi_ilo driver, then how it should be done?10:00
jrollstendulker: doesn't agent_ilo use swift/http? and iscsi_ilo uses iscsi?10:00
dtantsurthey are not the same10:00
stendulkerexccept for iscsi part everything else is same10:01
jrollthen we should refactor them to share more code :)10:01
jrollthe iscsi vs http part is a *major* difference10:01
stendulkerinitially agent driver was only for whole disk image and iscsi_ilo supported both10:01
stendulkerthere was some difference in boot mdoes and other features being supported. But now right from ramdisk to other features its all same except one uses iscsi whereas other uses agent to pull image10:02
jrollthere are users that prefer to use iscsi instead of http (why? I don't know), we should continue to support that10:02
dtantsurconverging to one deploy driver is a nice discussion to happen, but it should not be vendor-specific10:02
stendulkerAlso wanted to know if there is still value in keeping two drivers10:02
jrolldtantsur: ++10:03
dtantsurso if we drop iscsi family, it must happen everywhere10:03
stendulkerinitiating vendor specific as vendors may opt in for one over other based on underlying h/w capability10:03
dtantsurbtw, how does agent_* work in standalone environment?10:03
jrollyeah, I think we should get through the driver comp work first10:03
* dtantsur hides10:04
jrolldtantsur: image_info is just http://foo10:04
jrollinstead of glance uuid10:04
jrollit works great :D10:04
dtantsurso you must install an HTTP server, right? this is nice, but it's more complex than the iSCSI method...10:04
jrollwell, iscsi standalone also requires an http server, iirc10:04
jrollalso takes an http UTL10:05
jrollURL10:05
sambettsmyself and lucasagomes where actually talking about having Ironic serve http images for non-swift backed glance10:05
dtantsuronly for iPXE, no?10:05
stendulkerdtantsur, jroll: yes10:05
stendulkeryou can pass image as http10:05
jrolldtantsur: I can't remember if iscsi standalone can accept file://10:05
dtantsurwell, yeah, without glance...10:05
dtantsurok, even non-standalone it requires swift with temporary URLs, right?10:06
jrollor a web server10:06
sambettsyup, glance backed with files doesn't work10:06
stendulkerin iscsi_ilo we use web server10:06
jrolldtantsur: but yeah, in general, there is some amount of value for iscsi10:06
stendulkerweb server host these files10:06
dtantsurwell, once Ironic can manage files on this web server (like we do for iPXE), I'm fine with deprecating iSCSI deploy10:06
* lucasagomes gotta read the scrollback10:06
stendulkerOur management was asking if there is any value in keeping both10:06
jrollstendulker: yes, there is10:07
jroll(IMO)10:07
stendulkerexcept for memory requirement, they look same.10:07
dtantsurif we get <sambetts> myself and lucasagomes where actually talking about having Ironic serve http images for non-swift backed glance10:07
dtantsuronly then ^^^ they are the same10:07
dtantsurstendulker, you can help make ^^^ happen ;)10:07
jrolland even then... for some reason people like the iscsi protocol10:07
jrollor so I'm told :D10:07
* dtantsur is not one of these people :)10:07
stendulkeragent would need slightly more memory as it saves entire image whereas iscsi smaller memory would also suffice10:07
stendulkerjroll: yes10:08
jrolldtantsur: anyway, like I said, I think let's get through the driver composition stuff and then think about it10:08
sambettswell there is still kinda a difference, e.g. conductor doing the writing, vs agent doing the writing10:08
dtantsurstendulker, we've had image piping for quite some time, so memory is not a problem any more10:08
jrollit is if you don't use raw :)10:08
dtantsurtrue10:08
stendulkerjroll: unfortunately we do not have any real stastitics on theses drivers usage and ppl preferences10:08
jrollit's bandwidth vs memory10:08
jrollstendulker: I agree10:08
dtantsurI'm more worried about additional requirements (swift or manually configured web server) more than that10:08
jrollstendulker: and without data showing something is unused, I'm not really interested in removing drivers10:09
sambettsperhaps Ironic could download images from glance, like it does for iscsi, convert to raw then serve the stream10:09
sambettsfor the http case10:09
dtantsursambetts++10:09
dtantsuras for statistics, tripleo defaults to pxe_ipmitool, but that's not quite a conscious choice10:10
jrollokay, so we have iscsi users :)10:10
dtantsurI'd prefer to stop messing with iSCSI, to be honest. it sometimes gives strange bugs.10:10
dtantsurbut moving tripleo to agent_* is not on my radar10:10
stendulkerjroll: I agree, may be we shoudl wait for driver composition and we may get some more insight on how to go about this10:10
jrolldtantsur: I'd agree, but we need a new PTL first so that I'm not the one that gets attacked :D10:11
dtantsurLOL10:11
jrollstendulker: +110:11
stendulker:)10:11
lucasagomessambetts, yeah, raw stream is already supported in IPA btw10:11
dtantsurc'mon, being a PTL during the driver composition is going to be fun ;)10:11
stendulkerBut is there a challenger to jroll :)10:12
sambettslucasagomes: right which is why I'm suggesting converting qcow2 to raws on the Ironic side so we can take advantage of it10:12
lucasagomesyup yeah I got it10:12
sambettslucasagomes: not sure if feasible yet though10:12
sambetts:-P10:12
jrolldtantsur: I'm okay with that, just don't remove iscsi til I'm done :)10:12
lucasagomesyeah I think it all came down to the memory problem which the iscsi solves, once there's an alternative10:13
lucasagomesI think we can start to deprecate the iscsi drivers (or talk more serious about it)10:13
lucasagomesin the case of iLO only, I believe they can do it already if they feel it's not important for their product10:14
lucasagomesand are not willing to maintain10:14
lucasagomesmaintain the iscsi version*10:14
lucasagomesiMHO10:14
stendulkerlucasagomes: i agree, this should be more of wheher we need iscsi based driver or not10:14
stendulkeri mean need of iscsi based  drivers in Ironic10:15
zhangjlhey, lucasagomes and jroll, glad to see you10:15
stendulkerjroll, dtantsur: Another thing How do you want to treat this ? A defect or RFE https://bugs.launchpad.net/ironic/+bug/158817710:15
openstackLaunchpad bug 1588177 in Ironic "Allow ilo drivers to choose the ports to be inspected" [Undecided,In progress] - Assigned to Bharath kumar (bharath-kumar3)10:15
jrollhi zhangjl :)10:15
lucasagomesstendulker, yeah, it does solve a real problem10:15
lucasagomesspecially if you think about whole disk images with windows10:16
lucasagomesthat's a lot of memory required for the agent10:16
lucasagomeszhangjl, hi there10:16
zhangjlfollow lucasagomes` advice, i changed my node to only one disk with 600GB10:16
zhangjlbut now , it`s still hangs here10:17
stendulkerlucasagomes: ok. So is handling large images a only advantage with iscsi drivers?10:17
lucasagomesstendulker, off the top of my head, memory consumption would be it yes10:18
zhangjli try to change the boot mode to bios, uefi10:18
*** hoangcx has quit IRC10:18
zhangjlwhile still failed10:18
zhangjlem , any advices?10:18
stendulkerlucasagomes: when i was rationalizing to folks here, i could not think of any other reason :)10:18
lucasagomesstendulker, maybe parts of the iscsi work also help with the diskless deployment10:18
openstackgerritRicardo Carrillo Cruz proposed openstack/bifrost: Only set hostname on 127.0.0.1 if not present in /etc/hosts  https://review.openstack.org/35577810:18
stendulkerlucasagomes: yes, tht right10:18
stendulkerjroll, dtantsur, lucasagomes: thank you for your inputs10:20
zhangjlanyone help?10:20
stendulkerdtantsur, jroll: How should be this be treated? Defect or RFE https://bugs.launchpad.net/ironic/+bug/158817710:21
openstackLaunchpad bug 1588177 in Ironic "Allow ilo drivers to choose the ports to be inspected" [Undecided,In progress] - Assigned to Bharath kumar (bharath-kumar3)10:21
lucasagomeszhangjl, same problem? Hangs when booting the tenant iage?10:22
lucasagomesimage*10:22
zhangjlyes10:22
*** fxpester has joined #openstack-ironic10:22
xuaoT .T10:22
zhangjlnow , my node has only one disk , 600GB10:22
zhangjlbut.....10:23
dtantsurstendulker, good question. I remember devananda objection to the whole approach. So I'd say it's more of an RFE10:23
zhangjli have no idea how to resolve it10:23
stendulkerdtantsur: yes this is the same thing we discsussed when Inspection was first introduced in Ironic and was dropped10:23
*** tiendc has quit IRC10:24
stendulkerdtantsur: Its exactly same approach posted in the patch for this10:24
dtantsurstendulker, I'd really appreciate if you talk to him once more. I don't want this to get reverted as soon as it lands :)10:24
stendulkerdtantsur: True10:24
stendulkerdtantsur: I will change this to RFE and have word with deva on same10:25
zhangjlset boot_mode to bios, uefi, but .....also failed10:25
stendulkerdtantsur: thank you10:25
zhangjlit bothered me so long10:28
openstackgerritDmitry Tantsur proposed openstack/python-ironicclient: Add --wait flag for provision actions and wait_for_provision_state function  https://review.openstack.org/32819110:33
xuaoping jroll,sambetts, if you have some suggestion about it ? I think we are in a blind alley, and I am so sorry to give trouble to you T .T10:34
jrollxuao: all I've seen today is "node hangs when booting user image", going to need more info than that10:35
xuaowait a minute, I'll show you our all log paste10:35
jrollxuao: maybe put together a paste with the console log, the driver you are using, ironic settings, ironic version, IPA version, ironic-conductor logs, node-show, etc...10:36
jrollsounds like probably an image problem, though10:36
xuaoOK, we'll put all of them together, please wait for a moment ~10:37
jrollsure10:37
zhangjlping jroll, our ironic version is mitaka10:45
zhangjland IPA version is also mitaka10:45
zhangjlthe follow is our step to create deploy images and user images http://paste.openstack.org/show/558352/10:46
zhangjlour commands to create ironic node http://paste.openstack.org/show/557493/10:46
zhangjland our ironic configuration file http://paste.openstack.org/show/558353/10:46
zhangjlPhysical node infomation http://paste.openstack.org/show/558354/10:46
zhangjlPhysical node system log http://paste.openstack.org/show/558355/10:47
*** fragatina has joined #openstack-ironic10:47
jrollokay, thanks10:48
zhangjlthanks for your help10:49
jrollzhangjl: any chance you could boot up an agent on the machine and show the partition layout and such?10:49
*** phuongnh has quit IRC10:49
jrolland perhaps an "ironic node-show" for the node as well10:49
zhangjlthis is the result of ironic node-show http://paste.openstack.org/show/558357/10:52
zhangjljroll, and , you mean that i need to run agent on my physical node10:53
zhangjlwhile, there is no os in my node...10:53
jrollzhangjl: right, the agent, or some sort of rescue image or something10:54
jrolland while there *is* an OS10:54
jrollin other words, when it hangs at boot like this, we should boot some rescue image or an agent and look at the partition table10:55
zhangjlem , let me try10:57
xuaoI do it together with zhangjl, I wander if it works that, as it's running deploy-image we enter the deploy-os and fdisk for the partition table?10:58
rbartaldtantsur, Hi Dmitry, I just installed ospd10 and run introspection, What are the new there new properties? cpu_vt:true,cpu_hugepages:true,cpu_txt:true,cpu_aes:true,cpu_hugepages_1g:true10:59
openstackgerritJim Rollenhagen proposed openstack/ironic: Add docs for node.resource_class and flavor creation  https://review.openstack.org/34508111:00
sambettsrbartal: those properties are the features supported by the nodes CPU, and if they are enabled or not11:00
dtantsurthis ^^^11:00
dtantsurrbartal, I don't think they're used in tripleo/ospd right now11:01
TheJuliaGood morning11:01
dtantsurmorning TheJulia11:01
jrollhey TheJulia11:01
sambettsrbartal: for example the cpu_vt flag, shows if the CPU has support for hardware accelerated virtualisation and if its enabled11:01
openstackgerritTang Chen proposed openstack/ironic: Split v1 API root unit and functional tests  https://review.openstack.org/34896511:01
openstackgerritTang Chen proposed openstack/ironic: Move api driver tests to functional dir  https://review.openstack.org/35036511:01
openstackgerritTang Chen proposed openstack/ironic: Prepare for functional tests  https://review.openstack.org/34942111:01
sambettso/ TheJulia11:01
rbartalsambetts, dtantsur but the are new right? I don't remember them in previous releases11:02
dtantsurrbartal, correct11:02
rbartaldtantsur, thanks11:02
sambettsrbartal: correct, http://docs.openstack.org/releasenotes/ironic-inspector/current-series.html#id311:03
openstackgerritJim Rollenhagen proposed openstack/ironic: Bring upgrade documentation up to date  https://review.openstack.org/35407511:10
jrollyay docs11:10
rbartalsambetts, thanks11:11
*** baoli has joined #openstack-ironic11:14
* TheJulia sips coffee in an attempt to wake up11:15
*** baoli has quit IRC11:19
*** fragatin_ has joined #openstack-ironic11:19
*** stendulker has quit IRC11:19
*** fragatina has quit IRC11:23
*** xuao-m has joined #openstack-ironic11:26
*** xuao has quit IRC11:26
mat128morning TheJulia11:26
TheJuliagood morning dtantsur jroll sambetts mat12811:26
*** xuao-m has quit IRC11:30
*** ccamacho is now known as ccamacho|lunch11:31
*** vmud213 has joined #openstack-ironic11:33
*** mbound has joined #openstack-ironic11:34
*** sdake has joined #openstack-ironic11:36
*** xuao has joined #openstack-ironic11:38
openstackgerritTang Chen proposed openstack/ironic: Move "server_profile_template_uri" to REQUIRED_ON_PROPERTIES  https://review.openstack.org/34712711:39
*** milan has joined #openstack-ironic11:42
milanmorning Ironic! :)11:43
sambettshi milan11:44
milanhi sambetts! :)11:44
*** xuao has quit IRC11:45
*** xuao has joined #openstack-ironic11:45
openstackgerritTang Chen proposed openstack/ironic: Split v1 API root unit and functional tests  https://review.openstack.org/34896511:45
openstackgerritTang Chen proposed openstack/ironic: Move api driver tests to functional dir  https://review.openstack.org/35036511:45
openstackgerritTang Chen proposed openstack/ironic: Prepare for functional tests  https://review.openstack.org/34942111:45
milanaarefiev, morning, I've found another issue with the states patch, so probably I'll put it on WIP  for a bit (locks not released in case the event/transition decorator prevents the decorated function to execute)11:46
dtantsureek folks, should we really have gate-tempest-dsvm-ironic-multitenant-network voting on Mitaka? jroll, vsaienk0?11:46
milanaarefiev, sambetts how do you guys feel about me organising some hangout w/r the review?11:47
*** xuao has quit IRC11:47
jrolldtantsur: lol! no11:48
sambettsmilan: that might help, I'm at a point where I'm a little lost going through it all11:48
sambettsdtantsur: errm, no :/ did I break another thing with my refactor :-P11:49
vsaienk0dtantsur: multitenancy functionality has been added at Newton11:49
dtantsurmaybe?11:49
dtantsurnow it's voting, so Mitaka is broken. can someone please propose a patch?11:49
milansambetts, cool, how about I explain there what the point of it is and we'll have some discussion afterwards?11:49
sambettsmilan: sounds good to me11:50
wlfightupgood moring11:50
dtantsurmorning wlfightup11:50
milansambetts, does hangouts work for you?11:50
sambettsmilan: yup :)11:50
milanmorning wlfightup11:50
milancool :)11:50
milansambetts, time preference? ;)11:50
milanalso aarefiev ^11:50
milan;)11:50
wlfightupyou are get up really early11:51
aarefievmilan: ahh, good idea, I'll be on pto on thursday and friday. other days work for me11:51
dtantsurwlfightup, who exactly? for us in Europe it's not so early :)11:51
* milan checks calendar11:51
wlfightupusa is seven11:52
dtantsurvsaienk0, do you want to propose a patch removing gate-tempest-dsvm-ironic-multitenant-network from stable branches or should I?11:52
wlfightupI have a problem, can help me resolve?11:52
dtantsurmaybe. tell us and we'll see11:53
sambettsvsaienk0, dtantsur: I can do it if you want, I have the code open in the right place11:53
dtantsursambetts, please11:53
TheJuliawell, it is almost 8 AM on the east coast of the united states11:53
*** baoli has joined #openstack-ironic11:53
vsaienk0sambetts: go ahead, please :)11:54
milanaarefiev, sambetts, how about 15:00 UTC?11:54
wlfightuphttp://stackoverflow.com/questions/38966404/how-to-add-ironic-db-version-file-now-install-dont-copying-db-version-file-ho11:54
* dtantsur is rarely up at 8am :)11:54
milan* today11:54
*** baoli_ has joined #openstack-ironic11:54
milanoops, actually, nope11:55
milansambetts, aarefiev 16:30 UTC today?11:56
sambettsmilan: I am free then11:56
TheJuliawlfightup: why are you running setup.py build?11:57
dtantsurwlfightup, I'm responding there, please stay tuned11:57
aarefievmilan: oky11:57
wlfightupoky11:57
wlfightupI want install ironic code, so setup.py11:57
lucasagomeswlfightup, I think I've answered your question in the ML no?11:58
*** baoli has quit IRC11:58
milansambetts, aarefiev OK cool, you guys mind sharing your gmails? mine: vetrisko@gmail.com11:58
lucasagomeswlfightup, did you take a look at the FAQ about creating a migration script?11:58
wlfightupdont't copying file when put file into db/version11:58
lucasagomeshttp://docs.openstack.org/developer/ironic/dev/faq.html#create-a-migration-script-template11:58
wlfightupwhereis FAQ?11:58
lucasagomeswlfightup, http://docs.openstack.org/developer/ironic/dev/faq.html#create-a-migration-script-template11:58
dtantsurwlfightup, http://stackoverflow.com/a/38974364/133668511:59
wlfightupI seem to be in accordance with official documents11:59
TheJuliawlfightup: fyi, as I understand it, setup.py shouldn't generally be used on openstack projects as it doesn't properly handle dependencies.  However, pip does properly handle dependencies.12:00
wlfightupo12:01
openstackgerritDmitry Tantsur proposed openstack/python-ironicclient: [WIP] Add --wait to OSC provisioning commands  https://review.openstack.org/35480612:01
jrolldtantsur: gate-tempest-dsvm-ironic-multitenant-network12:02
jrollurgh12:02
jrolldtantsur: https://review.openstack.org/35588012:02
wlfightupi create migration type is correct , but setup.py don't copy12:02
wlfightuphow to do12:02
sambettsjroll: literally just put up an identiacal patch XD12:02
dtantsurjroll, the regexp syntax is wrong there12:02
jrollis it?12:03
*** dprince has joined #openstack-ironic12:03
dtantsuryeah, so should be brackets around (liberty|mitaka)12:03
jrolloh oops12:03
jrollthanks12:03
dtantsursambetts' is correct, so figure out please which one to leave :)12:03
jrollI can abandon, heh12:04
sambettshehe12:04
jrolldone12:04
lucasagomessambetts, ur fix in project-config (hopefully fixing stable) is merged :-)12:04
lucasagomesw00t12:04
sambetts\o/12:04
dtantsurlucasagomes, unfortunately, we need one more fix :( this is what we're discussing right now12:04
lucasagomesdtantsur, yeah saw that12:04
lucasagomesbut they are 2 diff problems so12:05
sambettsI'm sure infra are getting board of seeing my name ;)12:05
dtantsurright12:05
lucasagomeshalf solved :D12:05
sambettsbored*12:05
*** bfournie has quit IRC12:05
dtantsurlol, maybe :) some time ago I was putting a lot of patches, while working on ironic-inspector gate12:05
*** fxpester|2 has joined #openstack-ironic12:06
*** tiendc has joined #openstack-ironic12:06
*** lucasagomes is now known as lucas-hungry12:06
*** tiendc has quit IRC12:06
* lucas-hungry go get some lunch12:06
*** fxpester has quit IRC12:08
*** moshele has quit IRC12:09
*** xuao has joined #openstack-ironic12:11
zhangjlping jroll12:20
zhangjlhttp://paste.openstack.org/show/558364/12:20
zhangjlthis is the partition layout of my node12:21
jrollzhangjl: you're using pxe, right?12:23
*** MattMan has quit IRC12:23
dtantsursambetts, aarefiev, ifarkas, milan, so here's the patch to make grenade voting: https://review.openstack.org/355894. Do we want the tempest job voting too?12:23
zhangjlyes12:23
*** MattMan has joined #openstack-ironic12:23
zhangjlonly pex12:23
zhangjlpxe12:24
* milan looks12:24
jrollzhangjl: can you check: ls /dev/disk/by-uuid/8894815e-0b90-40a5-b000-3629cc15dcfe12:24
dtantsurthe tempest one should replace the current -ipa one, so we have to think what to do about exercises.12:24
milandtantsur, btw what's the best way to check the stability of a job?12:24
dtantsurmilan, look at several patches? :) I don't think we're on any dashboard12:25
zhangjlclear12:25
zhangjlsorry12:25
* milan thought some zuul could be used but unsure12:25
openstackgerritTang Chen proposed openstack/ironic: Move "server_profile_template_uri" to REQUIRED_ON_PROPERTIES  https://review.openstack.org/34712712:25
zhangjljroll: yes, i can check12:25
milandtantsur, could we have both of them voting for the rest of Newton? Or is it an overkill?12:26
milan* exercises&tempest12:26
dtantsurwe could, but we anyway need a plan forward12:26
dtantsurtempest does not cover our client mostly12:26
dtantsurmaybe it's fine, dunno. but then we need a tempest job on the client, which is probably the next step12:26
ifarkasdtantsur, then maybe it's better to wait with replacing the ipa job?12:27
zhangjlthis my check result  http://paste.openstack.org/show/558365/12:27
dtantsurifarkas, that's my point12:27
sambettsmilan: http://status.openstack.org/openstack-health/#/12:27
sambettsdtantsur: ^12:27
ifarkasdtantsur, +1 then :-)12:27
wlfightup+012:28
jrollzhangjl: okay, so the root does exist... hm... maybe lucas-hungry has ideas :/12:28
milansambetts, thx12:28
dtantsursambetts, it does not seem to show our grenade job though..12:28
zhangjl:'(12:29
sambettsdtantsur: apprently the job has to produce subunit output to be picked up by this system, so we might need something like https://review.openstack.org/#/c/351806/12:30
aarefievmilan: sorry was on call, aarefiev@mirantis.com , please ping me when it starts12:30
dtantsurugh12:30
milanaarefiev, cool, I've sent you an invitation through calendar, I hope it arrived12:30
aarefievdtantsur: +1 for both12:31
sambettsdtantsur: infra are working on make the health system actually get the sucess/fail stats from zuul, but its not quite there yet so they have to rely on the subunit output12:31
aarefievmilan: thanks12:31
zhangjlanyone can help me ?12:32
aarefievone issue I saw it's races while ironic sync in basic test12:32
aarefievI've proposed  increase timeout https://review.openstack.org/#/c/350499/12:33
*** cdearborn has joined #openstack-ironic12:33
openstackgerritGalyna Zholtkevych proposed openstack/ironic: Refactoring code of generating temp_url  https://review.openstack.org/35228912:34
*** zhangjl has left #openstack-ironic12:36
*** xuao has quit IRC12:36
*** zhangjl has joined #openstack-ironic12:36
*** zhangjl has left #openstack-ironic12:37
*** rbudden has joined #openstack-ironic12:38
*** ccamacho|lunch is now known as ccamacho12:38
*** bfournie has joined #openstack-ironic12:39
milansambetts btw do you mind +w on aarefiev's  patch to make inspector--ironic sync timeout longer? https://review.openstack.org/#/c/350499/12:39
milangot +2 already from dtantsur ^12:40
sambettsmilan: done :)12:42
milancool :)12:42
* milan feels safer w/r gating on tempest stuff now :D12:43
*** rloo has joined #openstack-ironic12:45
*** mbound has quit IRC12:48
thiagopGood morning, Ironic12:49
*** ChubYann has quit IRC12:51
*** Guest14039 is now known as rook12:52
thiagopjroll: is the gate already back?12:56
jrollthiagop: see the whiteboard for current status12:56
jrollI don't have a real-time answer for you12:56
thiagopjroll: ack12:57
* dtantsur updates with ironicclient breakage12:57
*** vikrant has quit IRC12:59
*** ChubYann has joined #openstack-ironic13:07
*** lucas-hungry is now known as lucasagomes13:10
*** lifeless has quit IRC13:11
lucasagomesjroll, you have the error he's seen handy there ? (he's not on irc atm)13:15
jrolllucasagomes: it's the same thing with it hanging looking for some partition13:16
jrollhttp://paste.openstack.org/show/558365/13:16
jrollhttp://paste.openstack.org/show/558364/13:16
jrollhttp://paste.openstack.org/show/558357/13:16
jrollhttp://paste.openstack.org/show/558355/13:16
jrollall relevant13:16
lucasagomescheerios13:16
jrollnp, thanks for looking13:17
lucasagomesjroll, I think I told 'em yesterday to add a "debug" parameter to the kernel cmdline13:17
jrollI googled a bit and also found something about swap weirdness, could be related I guess? dunno13:17
jrollah yeah13:17
lucasagomesand another systemd debug13:17
lucasagomesjroll, not sure, anyway will tell 'em again when they get back online13:18
jrollsure, thanks13:18
*** lifeless has joined #openstack-ironic13:29
openstackgerritMerged openstack/ironic-inspector: Tempest: increase ironic sync timeout  https://review.openstack.org/35049913:31
aarefievmilan dtantsur sambetts: grenade http://pasteboard.co/9lsKZB47d.png13:32
aarefievhttp://graphite.openstack.org/ doesn't create link for me13:32
milanaarefiev, nice pic :)13:32
aarefievmilan sambetts: :) thanks for +w13:32
milanaarefiev, np :)13:33
aarefievmilan: sorry didn't get invitation (13:33
rloohi everyone, milan, aarefiev, jroll, lucasagomes, thiagop, dtantsur13:33
milanaarefiev, I'll resend13:33
thiagopmorning rloo13:33
jrollmorning rloo13:33
TheJuliagood morning rloo13:33
milanhi rloo :)13:33
aarefievmorning rloo13:33
dtantsurmorning rloo13:33
rloolooks like a good morning for documentation. Is that the only thing that could merge? :-(13:34
jrollfor now, yeah13:34
rloomorning TheJulia13:34
jrollor unit test only changes13:34
jrollgate fix #2 is in the gate queue, though13:34
rloojroll: Oh, I didn't realize that there were smarts for only unit tests. My favorite stuff to review. NOT.13:35
dtantsuranybody figuring out ironicclient?13:35
dtantsurI can do it after the current meeting13:35
rloodtantsur: oh, I thought that was figured out.13:35
jrollrloo: heh13:35
jrolldtantsur: I haven't had a chance to look13:35
dtantsurbut tbh it looks like a zuul problem. I can't find an error in the logs..13:35
* jroll futzing around with nova-api-metadata this morning13:35
jrollI'll bug infra about the client dtantsur13:36
openstackgerritAnton Arefiev proposed openstack/python-ironicclient: Add baremetal port set command to OSC plugin  https://review.openstack.org/34728713:36
rloois the gate also broken for ipa?13:36
*** catintheroof has joined #openstack-ironic13:36
*** vmud213 has quit IRC13:37
jrollipa should be okay I think?13:37
jrollironic just has grenade broken13:37
rloojroll: ok. i updated the etherpad to make it clearer what was broken13:38
rloodtantsur: i looked at that log for the osc plugin, it seems like it might have something to do with python-designateclient.13:38
* rloo wonders why our ironicclient plugin needs to be tested against other osc plugins...13:40
*** bathris has joined #openstack-ironic13:40
openstackgerritAnton Arefiev proposed openstack/python-ironicclient: Add baremetal port set command to OSC plugin  https://review.openstack.org/34728713:40
bathrishi all13:40
dtantsurrloo, this only tests co-installation, e.g. that the plugins don't conflict13:40
jrollit's something with zuul, looking with monty right now13:41
aarefievdtantsur: rebased ^^13:41
rloodtantsur: oh, i guess that's a good reason then...13:41
rlooaarefiev: thx for rebasing.13:41
aarefievnp13:41
*** catintheroof has quit IRC13:43
*** mbound has joined #openstack-ironic13:48
jrolldtantsur: rloo: so this is a timeout, infra is looking into why that ran so slow but it shouldn't be a "100% broken" thing, might instead be the pypi mirror bogged down in that cloud or something13:49
dtantsurso worth rechecking?13:49
rloojroll: ok, so rechecks should be fine. thx.13:49
jrollyeah, rechecks are okay13:49
jrollwe hit the same cloud twice in a row on 32895513:49
jrollso probably something going on there13:50
rloojroll, dtantsur: I updated the etherpad to reflect ^^13:51
jrollthanks13:51
*** hshiina has joined #openstack-ironic13:53
*** permalac has joined #openstack-ironic13:53
*** mbound has quit IRC13:53
*** vikrant has joined #openstack-ironic13:55
*** vikrant has quit IRC13:57
*** wajdi has joined #openstack-ironic13:57
*** anush_ has joined #openstack-ironic14:00
*** Lord_Phoenix has quit IRC14:02
*** jistr is now known as jistr|debug14:03
rlooaarefiev: i didn't realize you had pushed up another revision; see my comments in revision 514:06
aarefievrloo: yep, there was rebasing issue14:07
*** parlos has quit IRC14:15
openstackgerritMichael Turek proposed openstack/ironic: Add classes for Portgroups API enablement  https://review.openstack.org/34754914:18
*** jcoufal has joined #openstack-ironic14:20
rloolucasagomes: if you have a few min, let me know what you think wrt 'show_configdrive': https://review.openstack.org/#/c/326768/14:21
rlooor anyone else that has an opinion on show_configdrive vs show_password...14:22
lucasagomesrloo, hi there, will take a look14:23
lucasagomesrloo, oh good pointes, yeah the name "show_configdrive" might be misleading14:26
lucasagomesrloo, what happens is that, both passwords and configdrive are considered secrets14:26
rloolucasagomes: who considers them secrets? I mean, do operators think that?14:26
jrollwell that's a ball of wax :|14:26
lucasagomeswhat about an option 4. "show_secrets" that would hide passwords + configdrive14:27
lucasagomesrloo, I thought we all did, devs and operators14:27
jrollconfigdrives have the root password in them, and potentially other user secrets14:27
lucasagomesfor ^ reason yeah14:27
jrolllucasagomes: ++ for show_secrets14:27
jrollwell14:27
rloolucasagomes: yeah, i'm fine with a different name. show_secrets or show_sensitive_info or ...14:27
jrollhrm, I could come up with a use case to give someone IPMI creds but not configdrives14:27
* jroll needs to step away14:27
lucasagomesrloo, cool I will comment on the patch14:28
rloolucasagomes: thx. although i guess jroll might be noodling about it :)14:28
lucasagomesrloo, it gets into a grey area when it comes to things that can be included in a configdrive14:29
lucasagomesroot password is one that nova might inject14:29
lucasagomesbut you could inject any other files into it as well14:29
rloolucasagomes: so maybe we should have a separate show_configdrive?14:29
rloolucasagomes: seems like 2 questions. 1. do we want one thing to control showing configdrive/passwords/other secrets; 2. what to call these things/rules.14:30
lucasagomesrloo, that's what deva's patch propose right? But at the moment it's just using the oslo function to mask stuff so it masks everything14:30
rloolucasagomes: right. so first i need to understand what we want to do; then i can review the code to see if it does that :)14:30
lucasagomesrloo, IMHO I would prefer to just have 1 flag, show/hide_secrets (or something along these lines)14:30
openstackgerritAnton Arefiev proposed openstack/python-ironicclient: Add baremetal port set command to OSC plugin  https://review.openstack.org/34728714:32
rloolucasagomes: i am fine with 1 flag. as long as that provides enough flexibility for operators. jroll did make a comment above, but i don't know how flexible we need/ought to be...14:32
*** rajinir has joined #openstack-ironic14:34
*** michauds has joined #openstack-ironic14:35
lucasagomesrloo, right, I may be failing to see why an operator may want to hide passwords but keep configdrive in the API responses14:36
rloolucasagomes: me too, but I'm not an operator. Let's see if others have opinions :)14:36
lucasagomesIMHO they both should be treated as sensitive information (but maybe there's a case, let's see what others think in that review)14:37
lucasagomesrloo, ++14:37
*** links has quit IRC14:39
milanaarefiev, sambetts, have you guys received the invitation?14:40
sambettsmilan: yup14:40
milancool :)14:41
aarefievmilan: yes, thanks14:41
milan;)14:41
openstackgerritDmitry Tantsur proposed openstack/python-ironicclient: Add --wait flag for provision actions and wait_for_provision_state function  https://review.openstack.org/32819114:42
dtantsurrloo, ^^^14:42
rloodtantsur: you so fast!14:42
dtantsurthese were small issues :)14:42
*** rama_y has joined #openstack-ironic14:44
openstackgerritMichael Turek proposed openstack/ironic: Add portgroups to support LAG interfaces - API  https://review.openstack.org/33217714:47
*** dprince has quit IRC14:49
jrolllucasagomes: I was thinking the other way - a datacenter tech might need IPMI creds for troubleshooting, but I might not want to give them user data14:49
*** mbound has joined #openstack-ironic14:49
openstackgerritImre Farkas proposed openstack/ironic: DRAC RAID configuration  https://review.openstack.org/17631914:49
*** jistr|debug is now known as jistr14:50
lucasagomesjroll, right so you would hide all configdrive but not the passwords14:50
*** hatTip has joined #openstack-ironic14:50
lucasagomeshmm14:50
jrolllucasagomes: right14:51
jrollI'm okay with hiding all of instance_info14:51
jrollso maybe one thing for driver_info things and another for instance_info?14:51
milanaarefiev, sambetts if you guys wanna hang-out sooner, let's do it even right now actually14:51
sambettsmilan: I'm free if you guys are14:52
lucasagomesbut is it a real use case? Cause there are other means, if one needs a password to troubleshoot a machine I would say that the operator could send the tech person a email or something14:52
lucasagomesjroll, yeah that's one way too, I think that's deva's #3 suggestion14:52
aarefievmilan: free14:53
jrolldepends how much the deployment's techs rely on ironic for management :)14:53
milanI am, I've actually screwed the invite a bit because of daylight saving time  O:-) but I'm free right now and that time too :)14:53
milancool, let's do it in 7min then14:53
* milan pushes latest revision14:53
dtantsurtimezones are too hard, let's go shopping14:54
lucasagomesjroll, yeah, getting data about usage is always hard :D14:54
lucasagomesjroll, another point is, the configdrive may or may not be in the instance_info depending on the configuration14:54
milan:D dtantsur let's get to beers14:54
lucasagomesit's possible to configure ironic to save it in swift instead14:54
dtantsur2 hours more, wait a bit ;)14:54
*** mbound has quit IRC14:54
jrolllucasagomes: indeed14:54
sambettslucasagomes: if you get the URL from the instance_info can you download it?14:55
sambettsif you can then it might as well be considered the same14:55
lucasagomessambetts, do we add the url to the instance_info?14:55
lucasagomesif so yeah that's the same14:56
lucasagomestho, when uploading to swift we do have a expire time14:56
lucasagomesthe swift object will be deleted in X seconds, where X is the dpeloyment timeout14:56
openstackgerritDavid Lenwell proposed openstack/ironic: Add REST API for volume connector and volume target operation  https://review.openstack.org/21458614:56
*** rbartal has quit IRC14:56
rloolucasagomes: but that's still a security issue, even for those X seconds. Anyway, I'd rather not special case it.14:57
*** _milan_ has joined #openstack-ironic14:57
lucasagomesrloo, yup totally14:57
lucasagomeslooking at the code to see if we do actually add the configdrive to instance_info in case of storing it in swift14:57
*** permalac has quit IRC14:58
openstackgerritMilan Kováčik proposed openstack/ironic-inspector: Introducing node introspection state management  https://review.openstack.org/34894314:58
jrollI think we store the url so we can re-generate a tempurl if we need to14:58
lucasagomesrloo, we do :-(14:58
jrolllucasagomes: we store the regular url or temp url?14:58
sambettsdo we store the tempurl or do we just store the swift object reference?14:58
lucasagomesjroll, temp url14:58
lucasagomesconfigdrive = swift_api.get_temp_url(container, object_name,14:59
* lucasagomes opens in github14:59
jrollwhomp14:59
*** milan has quit IRC14:59
lucasagomeshttps://github.com/openstack/ironic/blob/master/ironic/conductor/manager.py#L2292-L229714:59
lucasagomesjroll, boomer yeah14:59
*** sborkows has quit IRC15:02
* lucasagomes wonders why we need to keep the configdrive in the node15:02
JayFThere's a bugfix patch up related to this, actually15:03
JayFI thought it was what you were all talking about until I read scrollback15:04
* lucasagomes looks15:04
lucasagomeshttps://bugs.launchpad.net/ironic/+bug/161247615:04
openstackLaunchpad bug 1612476 in Ironic "Keep config drive in swift until server deletion" [High,In progress] - Assigned to xiaobin (jxiaobin)15:04
*** ifarkas is now known as ifarkas_afk15:04
lucasagomesright yeah it makes sense, we keep it because of nova rebuild15:04
JayFlucasagomes: nice, you got the link before i could get there15:04
*** fumie has quit IRC15:04
JayFlucasagomes: well, I dug into this some yesterday, it seems like on nova rebuild nova could just re-ship the configdrive over15:05
lucasagomeshmm and the swift version is broken cause it will be deleted and not available when rebuilding15:05
lucasagomesfun15:05
JayFlucasagomes: but given *ironic* has a rebuild verb, we probably have to persist it for the no-nova case15:05
lucasagomesJayF, yeah, def something to investigate15:05
dtantsurmorning JayF15:05
JayFgm15:05
lucasagomesif nova rebuild sends the configdrive again, we don't even need to keep it in Ironic15:05
JayFit doesn't currently in our driver15:06
JayFbut it certainly could15:06
lucasagomesJayF, but did you patch it locally or?15:06
JayFI read a lot of code :)15:06
JayFthis isn't a bug I care about, just a review I saw and dug into yesterday15:06
* lucasagomes adds a todo in his list to investigate nova rebuild15:07
*** thrash is now known as thrash|biab15:09
TheJuliaJayF: I have reservations regarding persisting the configdrive in swift, but I think it is reasonable for non nova users to have to re-submit, although I don't remember if nova submits a new config drive or not when it issues a rebuild15:10
*** syed_ has joined #openstack-ironic15:10
openstackgerritJulia Kreger proposed openstack/ironic: [WIP] Add storage_interface DB field and object  https://review.openstack.org/34800515:11
openstackgerritJulia Kreger proposed openstack/ironic: [WIP] Add storage_interface to base driver class  https://review.openstack.org/34800615:11
openstackgerritJulia Kreger proposed openstack/ironic: [WIP] Add base cinder common interface  https://review.openstack.org/35562515:12
*** [1]cdearborn has joined #openstack-ironic15:13
*** jcoufal has quit IRC15:13
*** michauds has quit IRC15:15
JayFTheJulia: it currently doesn't, but afaict it could if we made it15:15
TheJuliaJayF: That is what I thought, I remember looking at it ~9 months ago15:15
*** ElCoyote_ has quit IRC15:16
JayFTheJulia: I'm going to comment in the bug that I think nova should re-submit it, do you mind putting your POV in there too?15:16
TheJuliaJayF: oh, any user submitted files for inclusion wouldn't be in the new drive15:16
JayFnova has to store it somewhere, right?15:16
TheJuliaI don't think it does15:16
TheJulia_think_, I haven't dug through that part of the code in a while15:17
* JayF looks at libvirt driver in nova15:17
wznoinskdid anyone see a situation where in static-network-up is emitted earlier than all the interfaces get their IPs and their /run/network/ifup.* get created? that's ubuntu 14.04, troubleshooting cloud-init init kicking off to early (before the network is actually up)15:17
*** Goneri has quit IRC15:17
*** dprince has joined #openstack-ironic15:18
JayFwznoinsk: I'm not sure what you're talking about, but if the image is on the disk and the configdrive (if enabled) is there, Ironic did its job. I'd suggest #openstack might be a good audience for a more general question :)15:18
*** jcoufal has joined #openstack-ironic15:18
*** Goneri has joined #openstack-ironic15:18
*** athomas has quit IRC15:20
*** hatTip has quit IRC15:20
wznoinskJayF: sure, I was asking because some here may have experienced this on ironic nodes rather than blaming ironic itself :)15:20
*** mtanino has joined #openstack-ironic15:20
TheJuliawznoinsk: what do you mean by network is actually up?15:21
wznoinskTheJulia: I see this at first boot http://paste.openstack.org/show/558409/15:22
wznoinskand a few moments later http://paste.openstack.org/show/558410/15:23
JayFTheJulia: the only nova drivers that implement the "rebuild" method are ones that support preserve_ephemeral, aka ironic *facepalm*15:23
*** derekh has quit IRC15:24
*** athomas has joined #openstack-ironic15:24
TheJuliaJayF: ugh15:24
*** ccamacho is now known as ccamacho|out15:24
TheJuliawznoinsk: will look in a minute15:24
*** cdearborn has quit IRC15:24
wznoinskTheJulia: thanks15:27
JayFTheJulia: https://github.com/openstack/nova/blob/0da6c6461177539cf69c7c2998f3ce8914112b0a/nova/compute/manager.py#L257615:28
JayFTheJulia: tl;dr default rebuild just ends up calling spawn on the virt driver, so the configdrive has to be able to be recomputed on rebuild ... right?15:28
TheJuliawznoinsk: sounds like your expecting the OS to bring up all the interfaces, but I think if what I remember is true from digging around cloud images is that they expect eth0 to be the only interface and that it is always connected since they are for VMs, cloud-init brings up the rest afaik15:29
*** michauds has joined #openstack-ironic15:30
TheJuliaJayF: I think that is correct, and I think you have to offer stuff up on the nova client if you want files included...  otherwise it just passes network_info and other data in15:31
JayFso realistically, by preserving the exact configdrive, it's a difference in behavior from other drivers?15:31
TheJuliaI think so yes15:32
TheJuliaI think we just need to get it reconstructed and submitted upon rebuild15:33
JayFand if you pass in more new configdrive stuff on rebuild, we ignore it15:33
JayFin b4 this breaks tripleo15:33
openstackgerritThiago Paiva Brito proposed openstack/ironic: [WIP] Testing tests removal from tempest  https://review.openstack.org/35559115:36
wznoinskTheJulia: I'm using dhcp-all-interfaces dib element15:37
wznoinskwhich does: http://paste.openstack.org/show/558413/15:37
JayFTheJulia: https://bugs.launchpad.net/ironic/+bug/1612476 summarized that all in here, if you wanna drop in a word about the standalone/bifrost use case15:39
openstackLaunchpad bug 1612476 in Ironic "Keep config drive in swift until server deletion" [High,In progress] - Assigned to xiaobin (jxiaobin)15:39
*** amotoki has joined #openstack-ironic15:40
*** amotoki has quit IRC15:43
*** amotoki has joined #openstack-ironic15:43
*** rpioso has joined #openstack-ironic15:45
*** rcernin has quit IRC15:46
*** e0ne has quit IRC15:49
*** athomas has quit IRC15:50
*** athomas has joined #openstack-ironic15:56
TheJuliawznoinsk: sorry, context switching way too much at the moment.  :\  Seems like a question of which part should own interface init15:59
*** Sukhdev has joined #openstack-ironic16:01
*** anush_ has quit IRC16:02
*** jcoufal_ has joined #openstack-ironic16:03
*** Sukhdev has quit IRC16:05
*** snizar has joined #openstack-ironic16:05
*** snizar_ has joined #openstack-ironic16:05
lucasagomesJayF, TheJulia jroll so, rebuild does not send the configdrive16:05
lucasagomesnow, I thin we could change it, because it's up the the driver to generate it16:05
lucasagomesthat's what we do at spawn() https://github.com/openstack/nova/blob/master/nova/virt/ironic/driver.py#L770-L79016:05
lucasagomeswe could have something similar on rebuild()16:06
*** jcoufal has quit IRC16:06
lucasagomesand change the ironic rebuild command to accept the configdrive as a parameter as well16:06
lucasagomeswith that, I think we won't need to keep it anywhere16:07
JayFlucasagomes: yep, exactly16:07
JayFlucasagomes: I commented on the bug with exactly that16:07
lucasagomes(apart from the standalone version)16:07
JayFlucasagomes: tl;dr all other nova virt drivers implement rebuild as a second call to spawn16:07
lucasagomesJayF, cool16:07
lucasagomesJayF, worth checking if it's something Nova will accept too16:07
lucasagomesJayF, oh they do? Great16:07
lucasagomesok16:07
JayFlucasagomes: code is linked in the bug comment16:07
*** amotoki has quit IRC16:07
lucasagomesJayF, will take a look, thanks for that16:07
JayFlucasagomes: but an additional -1 on the code and an agreement in the bug would be appreciated :D16:07
lucasagomes++16:08
*** sdake has quit IRC16:09
*** hshiina has quit IRC16:15
NobodyCammorning Ironic'ers16:15
thiagopmorning NobodyCam16:15
NobodyCammorning thiagop :)16:15
dtantsurmorning NobodyCam16:18
dtantsurand g'night everyone else :)16:18
NobodyCammorning dtantsur :)16:18
NobodyCamhight dtantsur :p16:18
*** dtantsur is now known as dtantsur|afk16:18
dtantsur|afk:)16:18
NobodyCamnight even16:18
openstackgerritStephanie Miller proposed openstack/ironic: Add volume_connector table to save connector information  https://review.openstack.org/20098316:21
*** Sukhdev has joined #openstack-ironic16:23
d0ugalDoes Ironic test the database migrations?16:23
*** bathris has quit IRC16:24
jrolld0ugal: yes, why?16:24
d0ugaljroll: I am curious to know how it works, do you happen to know where it is setup?16:24
* d0ugal is failing at grep16:25
jrolld0ugal: idk all the details but this is a good starting point https://github.com/openstack/ironic/blob/master/ironic/tests/unit/db/sqlalchemy/test_migrations.py16:25
jrollit'll skip it if db isn't present and such16:25
d0ugaljroll: lol, that file couldn't have been any more obviously named.16:25
jroll:D16:25
d0ugaljroll: sorry I missed it, but thanks!16:25
jrollno worries!16:25
*** jpich has quit IRC16:30
*** baoli_ has quit IRC16:31
jlvillaljroll: In working on the multi-node testing. We have run into this issue: http://logs.openstack.org/32/296432/96/experimental/gate-tempest-dsvm-ironic-ipa-partition-pxe_ssh-tinyipa-multinode-nv/351eb00/logs/screen-n-cpu.txt.gz?level=ERROR16:50
jlvillaljroll: vsaienk0 thinks it is related to moving from 1 VM to 3 VMs, which makes sense to me.16:51
jlvillalJust wondering if you had any thoughts on it. I'm looking into it today.16:51
jrollO_o16:51
jlvillalyeah...16:52
jrolloh, that reminds me of a bug we had filed16:52
jrollbut in a meeting so idk if I can find it right now16:52
jrollbut sounds like a reschedule + didn't clean up the previous node16:52
mat128jlvillal: it seems like nova thinks the instance should go on that node but Ironic is refusing because that UUID is already associated with another node16:52
jlvillaljroll: No worries, whenever you have some free time :)  Thanks.16:52
jlvillalmat128: Yeah. We weren't sure if it had to do with the multi-compute host work or not.16:53
* sambetts -> home16:53
jrolljlvillal: search that error in LP16:53
jlvillaljroll: Will do16:53
sambettsnight all o/16:53
*** _milan_ has quit IRC16:53
mat128cya sambetts16:53
jlvillalsambetts: Good night!16:53
*** sambetts is now known as sambetts|afk16:53
jrolljlvillal: definitely unrelated to any recent work :)16:53
jlvillaljroll: Good to hear :)16:53
*** _milan_ has joined #openstack-ironic16:55
*** _milan_ has quit IRC16:58
*** thrash|biab is now known as thrash16:59
openstackgerritPavlo Shchelokovskyy proposed openstack/ironic: Allow changing lock purpose on lock upgrade  https://review.openstack.org/35606417:00
lucasagomescalling it a day folks, have a great evening all17:02
lucasagomessee you tomorrow17:02
*** sabeen has joined #openstack-ironic17:02
*** lucasagomes is now known as lucas-dinner17:02
jlvillallucas-dinner: Good night17:03
NobodyCamnight lucas-dinner17:03
NobodyCamnight sambetts|afk17:03
jlvillaljroll: This looks similar:  https://bugs.launchpad.net/ironic/+bug/140411617:04
openstackLaunchpad bug 1404116 in Ironic "nova/virt interactions could race leading to double-assigned instance" [Medium,Confirmed]17:04
jrolljlvillal: +117:04
*** david-lyle_ has joined #openstack-ironic17:09
*** manjeets_ has joined #openstack-ironic17:11
*** e0ne has joined #openstack-ironic17:11
manjeets_hello folks I am seeing huge failure on this job17:12
manjeets_http://logstash.openstack.org/#/dashboard/file/logstash.json?query=build_name:%5C%22gate-tempest-dsvm-ironic-ipa-partition-pxe_ssh-tinyipa%5C%22%20AND%20build_status:FAILURE17:12
manjeets_in last 12 hours17:13
manjeets_not sure if a patch in ironic or neutron broke this17:13
manjeets_so just checking out17:13
*** david-lyle has quit IRC17:13
openstackgerritMerged openstack/bifrost: Set OS_AUTH_TOKEN to dummy string, instead of empty space  https://review.openstack.org/35461517:13
*** david-lyle_ is now known as david-lyle17:13
jrollmanjeets_: yeah, that was broken, should be okay now, but our grenade job is still a bit fuabr17:20
jrollmanjeets_: see https://etherpad.openstack.org/p/IronicWhiteBoard for latest gate status17:20
manjeets_jroll, was that ironic or neutron which broke ?17:20
jrollmanjeets_: devstack17:20
jrollmanjeets_: https://bugs.launchpad.net/devstack/+bug/161341717:21
openstackLaunchpad bug 1613417 in devstack "gate-tempest-dsvm-cells broken with cell v2 setup: "No hosts found to map to cell, exiting."" [Undecided,Fix released]17:21
manjeets_ok jroll thank you very much I had some patches in neutron which were crashing this regularly17:23
jrollmanjeets_: ah, yeah, should be fine now if you recheck17:23
jrollmanjeets_: and thanks for looking at non-voting jobs :)17:23
manjeets_jroll, it did'nt say not voting on https://review.openstack.org/#/c/348757/17:25
jrollmanjeets_: I think it was non-voting in the past, hmm17:25
manjeets_gate-tempest-dsvm-ironic-ipa-partition-pxe_ssh-tinyipa i don't see (non voting)17:25
manjeets_jroll, I am noticing it for past week17:26
jrollright, it should be, I think we messed that up17:27
JayFthe partition image job is supposed to be voting, on ipa at least17:28
manjeets_jroll, is there any doc where I can learn more info about job details gate-tempest-dsvm-ironic-ipa-partition-pxe_ssh-tinyipa17:29
jrollJayF: not on neutron17:29
jrollmanjeets_: not really17:29
jrollmanjeets_: I'm making it non-voting now17:30
JayFjroll: yikes, that job maybe shouldn't even run on neutron?17:30
jrollJayF: it should, neutron's broken us quite a few times17:30
jrolldhcp is hard (tm)17:30
manjeets_jroll, what does it exactly checks ?17:30
jrollmanjeets_: in short, it makes sure ironic works17:30
manjeets_neutron + baremetal ?17:31
jrollironic only works with neutron, yes17:31
jrollso it's nova/neutron/ironic17:31
manjeets_jroll just deployment or spinning some nova instance on baremetal using neutron net ?17:32
jrollmanjeets_: the latter17:32
*** baoli has joined #openstack-ironic17:33
jrollmanjeets_: thanks for bringing this to my attention, this patch makes it non-voting again https://review.openstack.org/35607217:33
*** electrofelix has quit IRC17:37
*** snizar_ has quit IRC17:38
*** ccamacho|out has quit IRC17:38
*** snizar has quit IRC17:38
manjeets_jroll thanks17:38
openstackgerritMerged openstack/bifrost: Remove auth line to fallback on default(omit) behaviour  https://review.openstack.org/35399017:39
*** ohamada has quit IRC17:41
*** athomas has quit IRC17:42
*** snizar_ has joined #openstack-ironic17:43
*** snizar has joined #openstack-ironic17:43
openstackgerritAnkit Kumar proposed openstack/proliantutils: Fix log message for exception in Gen7  https://review.openstack.org/35386017:47
*** Sukhdev has quit IRC17:53
*** sdake has joined #openstack-ironic17:55
*** mhayden has joined #openstack-ironic17:56
*** baoli has quit IRC17:56
*** ccamacho has joined #openstack-ironic17:57
*** aNupoisc has joined #openstack-ironic17:57
*** baoli has joined #openstack-ironic17:57
*** rcernin has joined #openstack-ironic18:01
mhaydenjroll: kudos to whomever wrote these flow diagrams in the ironic user guide -- makes the PXE boot process much easier to grok18:05
jrollmhayden: +118:05
jrollJayF: ^ look who showed up :)18:05
* mhayden hides18:06
JayFWhat a major addition to our channel!18:06
mhaydenhaha18:06
NobodyCamwelcome mhayden :)18:06
mhaydenwhich method of deployment is more predominant in the community? iscsi or direct deploy?18:06
JayFI always think of it as use-case driven18:06
JayFif you have local conductors (network-wise) to the servers, iscsi can often do more servers in parallel faster18:07
JayFif you have a scaled out swift cluster you can use, and the conductors don't have as good of network to the nodes, agent is often faster18:07
*** dprince has quit IRC18:07
mhaydenthat makes sense18:07
jrollwe were just talking this morning about how iscsi can present stranger bugs, too18:08
*** ccamacho has quit IRC18:08
* mat128 was wondering why I was the only one who appeared not to know mhayden, but then I found https://www.linkedin.com/in/majorhayden18:08
mat128welcome aboard :)18:08
mhaydenhaha, thanks18:09
mhaydeni'm trying to understand ironic so i can help with the OSA integration18:09
mhaydenOSA = OpenStack-Ansible18:09
JayFAre you asking the "what should we enable by default" question?18:09
mhaydenthis deploy process reminds me of the internal stuff antonym and i were cooking up, except this looks much nicer :P18:09
jrollmhayden: I always wanted to converge those :)18:10
mhaydenJayF: i'm looking at it from a private cloud scenario where the environment may start small and then grow over time18:10
JayFmhayden: I tried to talk ant into using ironic for all that back a year or so ago, and didn't get anywhere ;( I think I caught you all too late in the process18:10
JayFmhayden: Honestly, if most of our priv clouds already have swift deployments, I'd use agent18:10
JayFmhayden: if not, agent deployments require swift, so clearly iscsi is the one to pick18:10
mhaydenah, so that's the kicker, i guess -- if swift isn't available, iscsi is the only method available?18:11
mat128JayF: you can get around without swift, no?18:11
JayFmat128: I think we support swift + radosgw for agent driver18:11
JayFmat128: but if you're talking integrated-with-nova, you have to have one of those18:11
JayFif you're using ironic standalone, you can just pass through an http url18:11
JayFbut I don't /think/ that works with nova18:11
mat128hmm18:11
mat128you're right18:11
jrollI agree with that assertion18:11
JayFmhayden: ^ see above; swift || radosgw (ceph) required for nova+ironic w/agent deploy driver18:12
JayFmhayden: if you're just doing ironic, or bifrost+ironic, you can just pass thruogh an http url for the image that the agent can hit18:12
JayF(swift/ceph needs tempurls enabled as well fwiw)18:12
* mhayden begs for forgiveness with such noob questions18:14
jrollwe <3 noobs here18:14
mat128@here maybe we could have a metadata in glance for an alternate URL18:14
mat128that ironic could use?18:14
mhaydento be fair, jroll said there was candy available here18:14
mat128avoiding swift =)18:14
mhaydenso i had to come by18:14
jrollNobodyCam has the candy18:15
JayFmat128: we are not slack :P18:15
mat128haha18:15
NobodyCamlol :)18:15
jrollmat128: yeah, sounds like some sort of cross-project thing to work out18:15
mat128I was thinking those "private cloud deployments without swift" are configured as such because they do not want a full blown swift18:15
JayFI sorta question if there's enough pain to be worth it :) but if you want it, have fun :P18:15
jrollJayF: shouldn't be too bad18:16
JayFAnother option for without swift18:16
JayFwould be locally caching the image on a conductor18:16
JayFand having the agent pull it from there18:16
* jroll needs a nice big break, bbl18:16
jrollah yeah18:16
mat128off-topic, but while you guys are around, what do you think of https://review.openstack.org/#/c/312626/2/specs/newton/approved/multiple-fixed-ips-network-information.rst ?18:21
mat128guys here despair that it will take too long to land upstream but I'm trying to convince them otherwise18:21
*** fragatin_ has quit IRC18:24
JayFmorgabra: ^ you might find that interesting18:24
*** fragatina has joined #openstack-ironic18:24
*** dprince has joined #openstack-ironic18:27
*** baoli has quit IRC18:29
*** baoli has joined #openstack-ironic18:29
*** michauds has quit IRC18:34
*** fragatina has quit IRC18:35
*** aarefiev_ has joined #openstack-ironic18:38
*** _vsaienko has joined #openstack-ironic18:40
*** amotoki has joined #openstack-ironic18:45
*** michauds has joined #openstack-ironic18:46
openstackgerritVasyl Saienko proposed openstack/ironic: DO NOT REVIEW  https://review.openstack.org/29643218:47
*** amotoki has quit IRC18:48
*** snizar_ has quit IRC18:54
*** snizar has quit IRC18:54
*** Goneri has quit IRC18:55
*** Sukhdev has joined #openstack-ironic18:59
*** e0ne has quit IRC19:01
*** Goneri has joined #openstack-ironic19:01
*** baoli has quit IRC19:01
*** rbudden has quit IRC19:05
TheJuliaHmm... no bot announcing revs posted for ironic-ui :(19:06
TheJuliabetherly: ^ *nudge* ;)19:06
TheJuliaNobody promised me candy :(19:08
*** causten_ has quit IRC19:08
mat128TheJulia: thats why you didnt get any19:08
mat128:)19:08
*** causten has joined #openstack-ironic19:09
*** causten_ has joined #openstack-ironic19:09
*** fragatina has joined #openstack-ironic19:13
*** fragatina has quit IRC19:13
*** causten has quit IRC19:13
*** fragatina has joined #openstack-ironic19:13
*** sdake_ has joined #openstack-ironic19:14
*** sdake has quit IRC19:14
TheJuliabetherly: jroll: fixed https://review.openstack.org/356022 so it passes locallly19:14
*** sdake_ has quit IRC19:15
* TheJulia does her best sad pouty face possible19:16
*** sdake has joined #openstack-ironic19:16
*** Goneri has quit IRC19:36
*** e0ne has joined #openstack-ironic20:05
betherlyTheJulia: thanks so much for fixing that!20:15
openstackgerritMerged openstack/python-ironicclient: Verify JSON response of driver commands  https://review.openstack.org/33660020:17
thiagopjroll: found something interesting in tempest while looking to remove tests20:18
*** e0ne has quit IRC20:18
jrollthiagop: do tell20:18
thiagophttps://github.com/openstack/tempest/blob/master/tempest/scenario/test_network_v6.py#L5420:18
thiagopare we skipping tests with ipv6 intetionally?20:19
thiagopintentionally*20:19
thiagopor did we forget to flip this switch?20:19
jrollmmm, we could probably do those in the multitenant job20:20
jrollbut pxe doesn't work with ipv6, is the history there20:21
thiagopouch..20:21
jrollit'd be interesting to run those tests in the multitenant job, but let's leave it for now20:22
thiagopjroll: I can change the message on my patch to be more specific if needed20:22
jrollthiagop: might be helpful20:23
*** baoli has joined #openstack-ironic20:24
*** _vsaienko has quit IRC20:36
jlvillalJayF: Regarding https://review.openstack.org/#/c/355288/    I also see this: https://review.openstack.org/#/c/355704/20:38
jlvillalJayF: Do you think we should try to get these into one patch?  And possibly other related changes.20:39
JayFI basically look at the conflicts-with20:39
JayFand if a small patch like that conflicts with nothing that's ready to merge20:39
JayFI am OK with landing it20:39
JayFif not, then maybe ask the questino if it should be smashed into one bigger change20:39
JayFit's a tradeoff, right?20:39
JayFthe smaller change is less likely to conflict, but means if it does you have it happen more often (because more changes)20:40
*** aNupoisc has quit IRC20:40
jlvillalJayF: My gut feeling is one patch for this type of change. But I won't block the change.20:41
* jlvillal goes back to gertty :)20:41
JayFI mean, it is what it is? Do what you feel like is right20:41
JayFI'm more of a "merge it now" type, maybe you aren't20:41
JayFpart of why we have a variety of people as core is so that a variety of viewpoints can get evaluated :)20:42
jlvillalJayF: I don't have strong feelings about it. Thanks.20:43
*** e0ne has joined #openstack-ironic20:45
*** aarefiev_ has quit IRC20:49
rloohi JayF. With the changes to keystone policy, did we give everyone read-only access to ironic?20:53
JayFrloo: baremetal_observer + observer role has r/o access20:54
rlooJayF: so if a user is not in any role they won't have any access?20:54
JayFrloo: unauthenticated users continue to have no access if authentication is configured20:54
JayFrloo: yep, and that's been true for keystone users forever20:54
*** aNupoisc has joined #openstack-ironic20:54
rlooJayF: ok. was wondering why in devstack, as 'demo', i could do an ironic list.20:55
JayFHmm.20:55
JayFAre they an observer or admin of any kind?20:55
* JayF does not have a booted devstack handy20:56
JayFI think that user is still an admin, but just a different tenant20:56
JayFbut imbw20:56
rlooJayF: my knowledge of keystone is limited. and of osc more limited. if i do 'openstack user role list' i see only admin but i'm not totally sure what that command does.20:56
JayFdevananda:20:56
JayFdevananda: ^20:57
JayFrloo: https://github.com/openstack/ironic/blob/7f4c9a5924abeed320ca519e6cc8582b75bafa36/ironic/common/policy.py#L4620:57
thiagoprloo: I think that depending on the project, user 'demo' has admin role on devstack20:58
JayFhttps://github.com/openstack-dev/devstack/blob/ab7e062f5d1d4a923645d2bb3a1477a366b02be9/lib/nova_plugins/hypervisor-ironic#L51\20:58
JayFyeah20:58
rlooJayF: so i'm assuming demo is in tenant:demo. but i don't know if demo is_observer20:59
JayFlooking at the combo of these, it looks like demo is an admin20:59
JayFI can't find the smoking gun where it's setup, but if we're using demo tenant in nova it certainly is working as intended20:59
rloothiagop: would like to verify that. someone asked me why they couldn't get a node in maintenance, but they could 'ironic node-list' and it looked like it was cuz they were 'demo'.20:59
*** dprince has quit IRC21:00
rloothiagop: i mean, put a node in maintenance.21:00
JayFrloo: https://github.com/openstack/ironic/blob/76c107429a2a1c1e7ea2bbec905651ad296c1219/devstack/lib/ironic#L75121:00
JayFrloo: demo is a baremetal_observer at the least21:00
rlooJayF: ok, that explains it then.21:01
JayFgithub code search on "demo" is less spammy than I expected :)21:01
rlooJayF: I just need to learn what the openstackclient keystone-related commands are... thx.21:01
JayFI need to learn ... all the openstack client commands :(21:01
* JayF still uses `ironic` everywhere21:02
thiagoplol21:02
devanandarloo: is there a place you think I could/should document that change in devstack default accounts?21:03
rloodevananda: don't know. We should update http://docs.openstack.org/developer/ironic/dev/dev-quickstart.html#deploying-ironic-with-devstack21:04
devanandaI separated those accounts as had been discussed in the spec - but perhaps it would be better for hte devstack 'demo' account to have no access to ironic?21:04
rloodevananda: oh. it is 'demo', i don't see any reason not to give it access. but if we want to keep the previous behavior, then we shouldn't.21:04
devanandarloo: good point - i'll take a shot at updating that page21:05
rloodevananda: devstack isn't production. so i am fine with demo having the new role.21:05
devanandarloo: k :)21:05
*** ricardoas has joined #openstack-ironic21:07
rloothx devananda. wrt that dev-quickstart page, there is a "Note that 'ironic' calls must be made with admin credentials" which is not quite right21:07
devanandathat's out of date now, indeed21:07
mrdaMorning Ironic21:09
thiagopmorning mrda21:10
mrdao/21:11
*** rbudden has joined #openstack-ironic21:15
*** wajdi_ has joined #openstack-ironic21:16
openstackgerritThiago Paiva Brito proposed openstack/ironic: [WIP] Testing tests removal from tempest  https://review.openstack.org/35559121:16
*** rbudden has quit IRC21:18
*** wajdi has quit IRC21:19
*** e0ne has quit IRC21:20
*** wajdi_ has quit IRC21:21
*** jcoufal_ has quit IRC21:22
*** rcernin has quit IRC21:27
openstackgerritDevananda van der Veen proposed openstack/ironic: Update documentation for keystone policy support  https://review.openstack.org/34555621:31
*** bfournie has quit IRC21:31
devanandarloo: that should address the policy-in-devstack issue ^21:31
*** bathris has joined #openstack-ironic21:31
rloodevananda: ok. i was waiting for the decision on show_configdrive before reviewing that again :)21:32
devanandaI've also made it not based on that so it's not blocked21:32
devanandayea...21:32
*** baoli has quit IRC21:33
openstackgerritAlexander Bashmakov proposed openstack/ironic: Rewrite devstack/tools/ironic/scripts/create-node.sh in Python.  https://review.openstack.org/34683221:34
JayFrloo: devananda: I may have a different path out from under teh configdrive problem long term...21:34
JayFbasically, no other nova virt driver "carrys over" old configdrives on rebuild; a user, on rebuild, has to re-pass-in any configdrive assets they want in21:34
rlooJayF: oh. well, as long as what we decide short term can morph easily into your long term desires to rule the world21:35
JayFso I'm thinking, Ironic should stop storing the configdrive on the node post-deployment21:35
JayFand follow the pattern of other nova hyps: you have to provide a new configdrive when you're rebuilding21:35
mat128JayF: +121:35
JayFobviously it'd take a deprecation period, but it seems way more sane than Ironic holding that info around forever21:35
devanandaJayF: that complicates things for bifrost a little21:35
rlooJayF: but there is still a period of time that the config drive is available via the node, right?21:35
mat128it also causes a bug right now: if a user changes the IP address in his neutron port21:36
mrdaJayF: Good idea!21:36
JayFTheJulia seemed on board from a standalone use case21:36
mat128a rebuild will take the old stuff21:36
JayFrloo: absolutely; but the concerns about it change when it's shorter-lived, I guess21:36
devanandayea - a little. I think it's easy to work around that in bifrost's rebiuld command21:36
rlooJayF: doesn't matter, the concern still exists and we still ought to address it.21:36
JayFrloo: and I know one of my (and devananda's) big concerns was doing an ironic node list --detail, you get $active_nodes with a giant ugly blob21:36
devanandaJayF: do they? a smaller window of time doesn't make the risk of password/data exposure go away21:36
devanandaJayF: it reduces the noise in nova's logs -- yes21:37
JayFdevananda: rloo: you're both right that it doesn't eliminate the question on the policy support21:37
devanandawhich I would be delighted by21:37
devanandabut that ^ :)21:37
rlooJayF: so there seem to be 2 problems with the configdrive. 1: even w/o any secrets, it is a big blob so we shouldn't show it? 2. it has secrets/passwords/sensitive-date.21:38
rlooJayF: and 1 isn't a concern if it is a URL to the configdrive.21:38
JayFYeah.21:39
JayFI do think #2 is a significant concern21:39
JayFI'm not sure I understood the disagreement with just blocking out the configdrive based on the show_passwords option though?21:39
rlooJayF: right. So is it valid to assume that any/most/all configdrives will have sensitive information?21:39
JayFAbsolutely.21:39
JayFEven if it doesn't contain passwords, if you have access to ironic but not neutron, should you be able to divine what the IP address of a node is, for instance?21:40
JayFIronic is just a passhthrough for that information.21:40
mat128JayF, rloo: We have the same "risk" with an image temp_url, don't we?21:40
rlooJayF: I think it is fine to have one setting that is used to bleep out sensitive info.  'show_passwords' may not be the best description of that though.21:41
mat128A customer could have sensitive data in their image and we get an unauthenticated "temporary" access to the data21:41
mat128s/customer/user21:41
JayFmat128 wins the "way to complicate the question with your logic" award for the day :P21:41
mat128Hahaha21:41
JayFmat128: I actually agree with you, too.21:41
mat128Maybe we can just accept that baremetal_observer will actually see those?21:42
rloomat128: so do you think we should have one 'show_sensitive_info' that is used to bleep out *everything* that we can think of that might be sensitive, from ironic responses?21:42
mat128rloo: it's probably what was meant by the ones who invented "show_password", no?21:42
JayFmat128: similar to configdrive, that has the benefit of being 1) sensitive and 2) not-very-useful21:42
JayFmat128: so I think it's easy to block out21:42
rloomat128: i don't think we should guess what the original was for. this is an opportunity to do it 'the way you think it ought to work'.21:43
mat128JayF: agreed21:43
mat128rloo: ok, in that case21:43
JayFso we all agree the toggle should take out all sensitive info, the question is what should the toggle be called?21:43
* rloo asks mat128 what he wants; then i'll just say NO ...21:43
mat128any PII should be left out21:43
devanandaI should point out that the current default blocks out passwords even from admin users21:44
JayFI'm fine with show_passwords, I'm fine with show_sensitive_data, I'm fine with show_me_ur_secrets (okay, maybe not that)21:44
mat128image data / unauth links, configdrive blob / unauthenticated links21:44
devanandaif this were expanded to block out image url's as well, they would be blocked out from all users21:44
mat128what else is there?21:44
devanandaeven you (the user who thinks s/he is doing a deployment to a node)21:44
JayFdevananda: we'd have to make sure, in the case of image_url and configdrive, that they were still sent "plaintext" during lookup21:44
mat128devananda: do you see a use case where you need to *read* the image url?21:44
mat128other than the agent21:44
devanandathat is going to significantly alter the stand alone use cases that start incorporating authentication soon21:45
JayFdevananda: so maybe it's sensible to separate BMC credentials (driver_info) from instance-secrets?21:45
mat128oh wait21:45
mat128devananda: does that mean even the agent doesnt get the ipmi_password right now?21:45
JayFkinda a longtime secrets (bmc creds) vs instance secrets21:45
devanandamat128: the image url is sent to the agent in response to a(n unauthenticated) callback21:45
mat128hmm21:45
mat128then we're back to that CVE21:45
devanandamat128: correct - the agent does not get ipmipass right now. no one does21:45
mat128if we consider image url as sensitive21:45
JayFwell that's why I propose multiple levels of sensitivity21:46
mat128devananda: so it's only code running in Ironic that has access, interesting21:46
JayFlong-lived credentials, like ipmi passwords, are a separate category from information that'll be /on disk on the node anyway/ like configdrive/image[_url]21:46
mat128maybe we could pass the configdrive and image url as a "deploy" call on the agent21:46
devanandamat128: that was the original intent of that option -- node.driver_info[*password*] is write-only to all clients21:46
mat128instead of having it read node.driver_info21:46
devanandamat128: it already does that ;)21:46
JayFbut it does mean post-deploy we should probably explicitly nuke any tempurls21:46
mat128devananda: so marking both fields as passwords shouldn't break tests, correct?21:47
mat128JayF: and configdrive (back to that bug report ;))21:47
devanandamat128: I don't _think_ it'll break tests.21:47
JayFHonestly, we do some really, really crazy stuff downstream, and I can't think of one valid usecase we've ever had for viewing configdrive and image_url in a node response21:48
mat128so, even considering standalone cases, who/what needs to read image_url?21:48
JayFAlthough I do think instance-secrets should be a different policy toggle than node-secrets21:48
mat128^this :)21:48
JayFconfigdrive, image_url are secrets that are unique to the instnace deployed on the node21:49
mat128oh21:49
JayFnode credentials are unique to the node, forever (unless you're rotating them oob, etc)21:49
mat128maybe we can introduce node.secrets and node.instance_secrets21:49
JayFso both off by default +121:49
JayFa single option for both -.521:49
JayFmat128: well, or at least use that distinction, today, to name the things better21:50
JayFmat128: show_node_passwords ; show_instance_secrets21:50
devanandaJayF: that was one of my proposals on the review21:50
mat128if we are to introduce new names, I suggest show_node_secrets21:50
JayFdevananda: well +1, good proposal21:50
JayFI can go say that on the review21:50
* JayF put that on the review21:52
mat128excellent :)21:52
JayFdevananda: rloo: So what do we need to do to change proposals into "we agree, land this"?21:52
openstackgerritDevananda van der Veen proposed openstack/ironic: Update documentation for keystone policy support  https://review.openstack.org/34555621:53
rlooJayF: I dunno. what did devananda need to do to add show_configdrive? Maybe change/update the bug associated with that? Is it an rfe?21:53
devanandarloo: since you were asking about openstack client -- I've updated ^ to use it now ;)21:53
rloothx devananda!21:53
JayFrloo: it was a spec, I'll gladly update the spec and post it up for review if that's how we'd like to decide21:53
rlooJayF: oh, if it was mentioned in the spec, then yes, we should probably update that.21:54
rlooJayF: a spec that has been implemented I'm guessing? ;)21:54
JayFImplement specific restrictions for sensitive information, including configdrives and passwords. Default to hide all sensitive information.21:54
JayFis exactly what it says21:54
JayFwhich to me is generic enough already to cover the proposed solution21:55
JayFhttp://specs.openstack.org/openstack/ironic-specs/specs/6.1/keystone-policy-support.html (and yes, it's marked as implemented in 6.1)21:55
JayFso adding configdrive + image_url to "passwords" is kinda a piece not spelled out in the spec, but I think that's OK?21:55
rlooJayF: (Ok, I admit, I didn't quite read it.)21:55
JayFI just want to get things unblocked :) this is an important feature, including the bits with blocking sensitive information, so I wanna get past whatever decision point we're at so we can merge stuff :D21:56
rlooJayF: that sentence in the spec is general enough that any of deva's proposals would address it. I think.21:56
mat128JayF: IMO that falls under "read-only access to non-secret information"21:56
* devananda thinks we should do a 6.1.1 that includes the last couple patches on this, since, well, the spec isn't actually quite done in 6.1.021:56
JayFdevananda: ++21:57
rlooJayF: I agree, I'd like it unblocked too. I don't have too much opinion on it, except that whatever is decided needs to be worded/implemented so it makes sense to users.21:57
JayFI like good reviews, and you are the commander in chief of good reviewing :)21:57
JayFSometimes we're bad about making decisions, so I'm just trying to force it to one while the relevent folks are paying attention :)21:58
*** thiagop has quit IRC21:58
rlooJayF: ha ha. So again, I don't care if we have one switch or several switches. But whatever we have, needs to make sense. I'm not an operator, I don't know whether 1 big switch is sufficient or not.21:59
*** sabeen has quit IRC21:59
rlooJayF: one big switch would be easier for us.21:59
JayFrloo: yeah; and I think you're right. I could see cases where I'd want to see the node creds (like if I had an external monitoring service using ironic's creds to poll bmcs) but would like the ability to hide my customers' secrets from that credential22:00
JayFI can't think of many reasonable use cases for wanting to read that instance after the fact22:00
rlooJayF: so, like two different levels of admin?22:00
JayFtoday: admin cannot see bmc passwords22:01
JayFif you want to see passwords, change the show_password policy in config to permit the appropriate folks to see it22:01
JayFtomorrow; admin cannot see bmc passwords or instance secrets (configdrive/image url)22:02
JayFif you want to see bmc passwords, change show_password policy, if you want to see instance secrets, change (name TBD) show_instance_secrets policy locally22:02
*** michauds has quit IRC22:02
devanandarloo: since you suggested changing the name of the policy setting, I need to point out that that will create an upgrade problem22:02
*** bathris has quit IRC22:02
rloodevananda: can't we deprecate show_password?22:03
devanandapolicy doesn't support deprecation periods, afaik22:03
devananda*oslo.policy22:03
JayFI'm OK with putting node passwords under show_password, and instance secrets under $new-name22:03
devanandanot in the same way as oslo.config (which makes it really easy)22:03
JayFand I think as an operator it makes sense, and I think it takes a bit of understanding to know that configdrive/image_url are "passwords"22:03
rloodevananda, JayF: so for instance stuff, we're talking about node.instance_info (for now anyway).22:04
*** snizar_ has joined #openstack-ironic22:04
*** snizar has joined #openstack-ironic22:04
JayFrloo: fields inside instance_info, yes22:04
devanandaAIUI, if we remove the 'show_password' policy and create one (or more) AND an operator has changed the default 'show_password' setting in their /etc/ironic/policy.json THEN we will not be able to detect it in ironic and they will get unexpected behavior upon upgrade22:04
rloodevananda, JayF: so if we want a separate one for that (and not only for configdrive, which is the proposed 'show_configdrive'), what about 'show_instance_secrets' or 'show_instance_sensitive_info'22:05
JayFI like show_instance_secrets22:05
JayFbecause I think it's pretty easy to see how that's different than the existing show_passwords22:05
rloodevananda: can we keep 'show_password' and have a new 'show_node_secrets' that does the same thing, or would that be confusing.22:05
devanandarloo: very confusing22:05
JayFrloo: that'd be confusing22:06
rloodevananda: forget it, let's just keep 'show_password' or whatever it is.22:06
devanandaas an operator, which one should I change? what happens if htey're different?22:06
rloodevananda: yeah.22:06
devanandawe either: a) expand the effect of show_password b) add a new option that affects instance_info c) rename show_password (and maybe add another field too) and cause upgrade pains to operators22:08
* JayF votes (b)22:08
JayFand I strongly prefer a name that doesn't indicate instance_info specifically, so if we ever move that around it still makes sense (i.e. show_instance_secrets)22:08
* rloo votes (b)22:10
devanandathanks. I'll rework the patch22:10
JayF\o/ decisionmaking22:11
jrollJayF | devananda: so maybe it's sensible to separate BMC credentials (driver_info) from instance-secrets? <- yes this so much this yes pls22:11
rloothx devananda and JayF!22:11
* jroll still reading scrollback though22:11
JayFjroll: you just agreed with what we decided on, congrats22:12
JayFlol22:12
jrollJayF: yay, everyone is equally sane22:12
jrollor not sane22:12
jrollI'm happy with that22:12
* jroll meant to post this on the patch earlier but feels like he's been in three conversations at once all day22:13
*** rpioso has quit IRC22:15
*** syed_ has quit IRC22:22
*** bfournie has joined #openstack-ironic22:26
*** sdake has quit IRC22:27
*** [1]cdearborn has quit IRC22:28
jlvillalI think we need this patch to fix our gate: https://review.openstack.org/#/c/355602/22:28
*** sdake has joined #openstack-ironic22:28
* jlvillal wonders if we should go begging for reviews on that from the devstack cores.22:29
jrolljlvillal: we do not22:29
jlvillalThen I won't :)22:30
jrollthat adds new feature (which broke our gate the first time)22:30
jrollwe reverted, this puts it back hopefully in a better place22:30
*** syed_ has joined #openstack-ironic22:30
jlvillaljroll: Do you think our gate is unbroken then?22:30
* jlvillal goes looks at some patches22:30
jrolljlvillal: no, grenade is busted, this fixes https://review.openstack.org/#/c/355659/22:30
jrollgrenade/multitenant22:30
jroll(anything with multiple nodes)22:30
jrollit's in the gate but the gate queue is FUBAR today :)22:31
JayFjroll: so our grenade is still broken by that?22:31
jrollJayF: I believe so, yes22:31
jrollmaybe not multitenant22:31
JayFthe whiteboard was lying last night :( else I wouldn't have landed all the stuff22:31
jroll(they still set up cells in grenade jobs, we didn't revert that)22:31
jlvillalThanks jroll22:31
jrollJayF: sorry, misinfo happens :(22:32
JayFit's fine, just wasteful of gate22:32
JayFat least now !core could recheck once it's fixed and have it all land22:32
JayFI don't feel like it's a waste of my time, it's a waste of computers22:32
jlvillalWow, that gate queue is long.22:32
jrollJayF: heh, yeah22:33
openstackgerritDevananda van der Veen proposed openstack/ironic: Mask instance secrets in API responses  https://review.openstack.org/32676822:34
* NobodyCam shakes fist at his ipmi sol terminal22:35
JayFdevananda: ^ do you wanna add the doc updates for the new show_instance_secrets stuff in that same patch?22:36
jlvillalNobodyCam: Is that before the IPMI console patches or after?22:36
JayFdevananda: well, nevermind, it's not chained with the docs at all anymore22:36
NobodyCambefore22:37
JayFipmi serial console can be fun, all on it's own, with some hardware22:37
* NobodyCam is learning to love ctrl-L22:39
JayFNobodyCam: I found a world of issues, at least on my hardware, can be avoided if you set your terminal size to exactly 80x2422:39
JayFNobodyCam: but that may be specific to my gear22:40
NobodyCami'm getting some strange thing where I only get the payload (screen update) upon a key press... I feel like I have dealt with this in the past22:41
JayFA few general rules I followed when doing serial consoles all the time:22:43
JayFTERM=dumb # set in your terminal22:43
JayF80x2422:43
JayFand never run inside screen (screen broke them a lot for me)22:44
* mat128 signs off for the night22:44
mat128see y'all tomorrow :)22:44
NobodyCamnight mat12822:44
JayFo/22:45
NobodyCamyea22:46
NobodyCamnone of that going on here22:46
jlvillalmat128: ciao22:47
openstackgerritMerged openstack/ironic: Bring upgrade documentation up to date  https://review.openstack.org/35407522:55
devanandaJayF: oops. yea, I should include that doc update with it23:01
JayFdevananda: also I have a -1 on it unrelated to this comment23:02
JayFdevananda: tl;dr image_url is also an instance_secret that I don't think the oslo lib does23:02
devanandaJayF: I see. no, it doesn't23:02
devanandaJayF: I would prefer to defer to olso for sanitizing secrets at the moment23:03
devanandawhile I agree with you in principle, I don't want to bikeshed on what else is a secret23:03
JayFI don't think we'll be able to get them to accept a patch to blanket call image_url a secret.23:03
JayFAnd I think mat128 brought up a good point about how images can contain customer information as easily as configdrives can.23:03
devanandaJayF: is the node's deploy_ramdisk a secret?23:03
JayFit might be if it was a temporary url to download it23:04
JayFthat's the issue, not that we know what the iamge is23:04
devanandais the image_checksum a secret?23:04
JayFbut that you're giving someone an auth-pass to download a potentially secret image23:04
JayFI don't think it's in the same realm of something like a checksum or an image uuid23:04
JayFthis is actual authentiction bypass information.23:05
JayFI'm fine marking it as a todo, filing a bug, and doing it later23:05
devanandaJayF: the right way to fix this is to allow IPA to authenticate when downloading the user image23:05
JayFbut I don't think we should punt on making the decision altogether about what is secret, when we're the ones building the temp url23:05
devanandanot to hide the image url or uuid in API responses23:06
devanandauh - when do we build a temp url for the user's image???23:06
* devananda grep's a bit23:07
JayFinstance_info['image_url'23:08
devanandaoh. I see23:08
JayFis where it is23:08
JayFcan you link the code?23:08
JayFI was trying to find it as well23:08
devanandayea, one sec23:08
devanandahttps://github.com/openstack/ironic/blob/master/ironic/drivers/modules/agent.py#L9223:09
openstackgerritDarren Chan proposed openstack/ironic: Update readme file  https://review.openstack.org/35529023:12
*** aNupoisc has quit IRC23:21
*** fumie has joined #openstack-ironic23:22
devanandajroll: do you plan to branch newton from 6.1.0 or $next ?23:33
*** mbound has joined #openstack-ironic23:34
*** mbound has quit IRC23:39
openstackgerritNaohiro Tamura proposed openstack/python-ironicclient: Add soft reboot/poweroff power states.  https://review.openstack.org/24790423:40
*** rloo has quit IRC23:42
*** bfournie has quit IRC23:44
*** bfournie has joined #openstack-ironic23:44
openstackgerritDevananda van der Veen proposed openstack/ironic: ask instance secrets in API responses  https://review.openstack.org/32676823:50
devanandaJayF: updated ^23:50
devanandaI dont have time right now to get to the apiref review - will do that first thing tomorrow23:51
JayFmy comment is just commit msg, but dtantsur|afk had more substantive stuff23:51
« Monday, 2016-08-15 Index Wednesday, 2016-08-17 »

Generated by irclog2html.py 2.14.0 by Marius Gedminas - find it at mg.pov.lt!