| opendevreview | Steve Baker proposed openstack/ironic stable/train: Extend power sync timeout for Ericsson SDI https://review.opendev.org/c/openstack/ironic/+/815572 | 00:04 |
|---|---|---|
| TheJulia | cvstealth: So, it is really up to you. The intent is untagged to the physical machines, but how you handle that in your deployment doesn't really matter as long as neutron can offer dhcp addresses | 02:03 |
| cvstealth | TheJulia: What I was going to aim for was to have the provisioning/clean network on 1 interface then creating a port group of 2 separate interfaces for the network that the user would interact with. I just wanted to make sure that this config would work between Ironic/Neutron. | 02:29 |
| TheJulia | cvstealth: yeah, you can definitely do that. Typically people have set those up as routed networks and just use firewalling to avoid having to try and actually manually attach the controllers to the network | 02:32 |
| TheJulia | Nothing in ironic predicates how you achieve getting the traffic to the conductors, the network configuration and parameters is used for which network to ask neutron to bind the interfaces to | 02:34 |
| TheJulia | and, ultimately what dhcp configuration is used governed by the network in neutron. | 02:34 |
| cvstealth | TheJulia: Thanks for the confirmation, I have the routed networks currently working for the cleaning/provisioning network just fine. What raised the question was from the docs it said the clean/prov network shouldn't be exposed to non-admins. | 02:36 |
| TheJulia | cvstealth: generally yeah, you don't want it, but firewall rules are likely advisable from a security point of view so untrusted infrastructure users can't reach the machines. As long as your using a more recent version, we have added extra logic into the agent to improve security and the risk if someone is able to access the endpoints. | 02:39 |
| cvstealth | TheJulia: much appreciate for the help, will certainly give it a try. | 02:41 |
| TheJulia | The controller/conductor side risk is TFTP/HTTP(s) endpoints for the boot bootloader/image asset download and generally if your running a split horizon sort of security posture possibly disable the IPA specific (heartbeat, lookup) endpoints | 02:41 |
| TheJulia | in ironic's api, that is | 02:42 |
| TheJulia | (There is also virtual media, but not universally possible with all vendors hardware.) | 02:42 |
| cvstealth | I was going to the virtual media route but the hardware that's being used only can be driven by ipmi. | 02:43 |
| TheJulia | cvstealth: ugh :( | 02:43 |
| cvstealth | The other question was how cloud-init would render the interface files in this setup when paired with a configdrive. Would it only write out the files associated with the service network or would it also try to write the artifacts for the provisoning network to. | 02:45 |
| TheJulia | Anyway, going to go see if there is some ice cream in the freezer and wind down for the evening. | 02:45 |
| cvstealth | Have a good rest of the evening and thanks. | 02:45 |
| TheJulia | cvstealth: for provisioning it is all dhcp, which is default to be attempted with cloud-init on the first interface on some distributions, and others tend to try and dhcp on all interfaces | 02:45 |
| TheJulia | for instances though, I honestly haven't looked at it in ages. | 02:46 |
| cvstealth | I was on the instance side that was the concern but I'll find out shortly | 02:47 |
| opendevreview | Steve Baker proposed openstack/ironic master: WIP Capture [pxe]loader_file_paths for distros https://review.opendev.org/c/openstack/ironic/+/815392 | 03:17 |
| opendevreview | Steve Baker proposed openstack/ironic master: Write master grub config on startup https://review.opendev.org/c/openstack/ironic/+/815580 | 03:17 |
| TheJulia | stevebaker[m]: the default for ipxe uefi binary is now snponly.efi | 03:27 |
| stevebaker[m] | TheJulia: for this? https://review.opendev.org/c/openstack/ironic/+/815392 that is what I've attempted | 03:50 |
| TheJulia | stevebaker[m]: for the capture pie loader file paths change you've got | 03:59 |
| TheJulia | pxe | 03:59 |
| TheJulia | yay autocorrect | 03:59 |
| stevebaker[m] | TheJulia: I've specified ipxe-snponly-x86_64.efi for ipxe.efi, which I assume is the same thing? suse has a /usr/share/ipxe/snp-x86_64.efi which I assume is the same thing | 04:02 |
| stevebaker[m] | same same thing thing | 04:03 |
| TheJulia | stevebaker[m]: I mean the file ironic expects/sends is snponly | 04:24 |
| stevebaker[m] | <TheJulia> "stevebaker: I mean the file..." <- Ah right yes. I'll update it tomorrow | 04:42 |
| hemanth_n | Hi, I am looking for reviews for https://review.opendev.org/c/openstack/ironic/+/809966 which is a clean backport from stable/victoria to stable/ussuri, appreciate any help, thank you! | 06:05 |
| opendevreview | Verification of a change to openstack/ironic master failed: There is no aim, we do deploy/manage baremetal. https://review.opendev.org/c/openstack/ironic/+/814239 | 06:17 |
| arne_wiebalck | Good morning, Ironic! | 06:26 |
| iurygregory | good morning arne_wiebalck and Ironic o/ | 06:45 |
| arne_wiebalck | hey iurygregory o/ | 06:45 |
| arne_wiebalck | Quite intriguing how https://review.opendev.org/c/openstack/ironic/+/814239 reflects what I just put on a slide deck to for an Ironic update here at CERN: the evolution of Ironic from a provisioning driver in Nova to a a bare metal management platform in our data center. TheJulia | 06:49 |
| *** pmannidi is now known as pmannidi|AFK | 07:02 | |
| rpittau | good morning ironic! o/ | 07:16 |
| iurygregory | morning rpittau o/ | 07:20 |
| rpittau | hey iurygregory :) | 07:20 |
| janders | good morning arne_wiebalck rpittau rpittau and Ironic o/ | 07:30 |
| rpittau | hey janders :) | 07:30 |
| iurygregory | janders, o/ | 07:30 |
| opendevreview | Merged openstack/sushy master: Remove deprecated Task monitors and Volume methods https://review.opendev.org/c/openstack/sushy/+/814124 | 07:36 |
| arne_wiebalck | hey janders o/ | 07:42 |
| *** pmannidi|AFK is now known as pmannidi | 08:28 | |
| opendevreview | Dmitry Tantsur proposed openstack/ironic-python-agent stable/xena: Respect global parameters when downloading a configdrive https://review.opendev.org/c/openstack/ironic-python-agent/+/815448 | 08:51 |
| opendevreview | Dmitry Tantsur proposed openstack/sushy master: Prepare the ground to use enums instead of strings https://review.opendev.org/c/openstack/sushy/+/815103 | 09:08 |
| opendevreview | Dmitry Tantsur proposed openstack/sushy master: Migrate common constants to enums https://review.opendev.org/c/openstack/sushy/+/815107 | 09:10 |
| opendevreview | Dmitry Tantsur proposed openstack/sushy master: Migrate Protocol constants to enums https://review.opendev.org/c/openstack/sushy/+/815475 | 09:10 |
| opendevreview | Dmitry Tantsur proposed openstack/sushy master: Add some VirtualMedia fields from 1.3.0 and 1.4.0 https://review.opendev.org/c/openstack/sushy/+/814191 | 09:11 |
| dtantsur | a mass rebase after the recent changes, please review | 09:11 |
| opendevreview | Merged openstack/ironic stable/ussuri: Fix ipmitool timing argument calculation https://review.opendev.org/c/openstack/ironic/+/809966 | 09:12 |
| iurygregory | morning dtantsur o/ | 09:23 |
| opendevreview | Dmitry Tantsur proposed openstack/ironic-python-agent stable/xena: Fix error messages in burnin code https://review.opendev.org/c/openstack/ironic-python-agent/+/815630 | 10:42 |
| janders | dtantsur further to yesterday's dramas caused by ipv6.disable=1 kernel params: having it enabled in the kernel but disabled using "sysctl -w net.ipv6.conf.all.disable_ipv6=1" seems to make issues go away | 10:59 |
| janders | (now we'll see if I can actually deploy something without IPA failing out on DNS not working) | 10:59 |
| dtantsur | interesting! | 11:00 |
| janders | it seems like quite a few python libraries nowadays do not like having IPv6 completely disabled in-kernel | 11:01 |
| janders | https://bugzilla.redhat.com/show_bug.cgi?id=1829071 is another example | 11:02 |
| janders | I've seen quite a few googling around solutions to yesterday's problem | 11:02 |
| janders | (and consensus seemed to be not disabling IPv6 in-kernel) | 11:02 |
| janders | it almost feels like ipv6.disable=1 should be no longer supported | 11:02 |
| janders | (although it's not at fault, it just triggers a lot of faults in potentially poorly written software) | 11:03 |
| janders | well, deploy running, let's see what happens | 11:03 |
| dtantsur | heh | 11:05 |
| dtantsur | fwiw our JSON RPC defaults to :: | 11:06 |
| *** dviroel|rover|afk is now known as dviroel|rover | 11:15 | |
| opendevreview | Bernd Mueller proposed openstack/ironic-python-agent-builder master: new element burn-in for package stress-ng, added fio https://review.opendev.org/c/openstack/ironic-python-agent-builder/+/815453 | 11:15 |
| opendevreview | Merged openstack/ironic stable/train: Extend power sync timeout for Ericsson SDI https://review.opendev.org/c/openstack/ironic/+/815572 | 11:24 |
| opendevreview | Merged openstack/ironic master: Trivial: do not stop None rpcserver https://review.opendev.org/c/openstack/ironic/+/815422 | 11:39 |
| opendevreview | Merged openstack/ironic-python-agent bugfix/8.1: Assert EFI part UUID is not None before editing fstab https://review.opendev.org/c/openstack/ironic-python-agent/+/814769 | 11:39 |
| janders | see you tomorrow Ironic o/ | 11:57 |
| dtantsur | o/ | 12:02 |
| dtantsur | fg | 12:21 |
| dtantsur | I wonder why my desktop switches windows randomly.. | 12:21 |
| opendevreview | Dmitry Tantsur proposed openstack/ironic-python-agent master: Stop requiring mocking of utils.execute if ironic-lib execute is mocked https://review.opendev.org/c/openstack/ironic-python-agent/+/815629 | 12:26 |
| opendevreview | Dmitry Tantsur proposed openstack/ironic-python-agent master: Move manage_uefi from the image extension to a public location https://review.opendev.org/c/openstack/ironic-python-agent/+/815651 | 12:30 |
| * TheJulia awaits for the caffine carrier to cool | 13:06 | |
| * dtantsur TheJulia.coffee_carrier.add_callback("cooled", lambda: dtantsur.say("TheJulia: good morning!")) | 13:15 | |
| TheJulia | Good Morning! | 13:15 |
| rpittau | good morning TheJulia :) | 13:16 |
| opendevreview | Riccardo Pittau proposed openstack/ironic-python-agent-builder master: [WIP] Build tinyipa on ARM64 https://review.opendev.org/c/openstack/ironic-python-agent-builder/+/815664 | 13:22 |
| dtantsur | \o/ | 13:24 |
| dtantsur | rpittau: have you had success with rpi? :) | 13:24 |
| rpittau | dtantsur: ehm... no :P | 13:24 |
| dtantsur | I see :) I'm pondering getting an rpi for testing. The top model may even survive bifrost :) | 13:25 |
| rpittau | the rpi4 is an ok testing machine, if you get the 8GB model | 13:27 |
| rpittau | works as a charm for retro-gaming :) | 13:27 |
| dtantsur | okay, a potential birthday gift is planned :) | 13:28 |
| TheJulia | NobodyCam: arne_wiebalck: eandersson: zer0c00l: And anyone who run a decently sided ironic deployment. Auto shutdown of idle machines. Thoughts? Feelings? Interest? | 14:04 |
| arne_wiebalck | TheJulia: how do you identify idle machines? | 14:05 |
| TheJulia | to be determined! | 14:05 |
| arne_wiebalck | TheJulia: non-instantiated? | 14:05 |
| NobodyCam | That’s a tuff one. | 14:05 |
| TheJulia | We would likely need to have multiple possible qualifiers or disqualifiers | 14:05 |
| NobodyCam | And good morning | 14:05 |
| TheJulia | Also, Good morning NobodyCam! | 14:05 |
| TheJulia | For example, if I have an idle compute node, do I *really* need it up all the time? | 14:06 |
| dtantsur | If you have an idle compute node, you don't have enough clients ;) | 14:06 |
| TheJulia | (conversely, as the software managing the metal, we may need to be smart enough to turn power back on | 14:06 |
| NobodyCam | I would hate to have someone lease. System, get half way thru setup, go to lunch, and come back to a powered down system | 14:07 |
| arne_wiebalck | non-reachable nodes will drop off batch systems I would think | 14:07 |
| arne_wiebalck | so, if we switch off an idle compute node, the batch system will stop considering it | 14:07 |
| TheJulia | arne_wiebalck: I guess in your case, each batch node goes and gets work, works on it, and posts results someplace, and those last two steps may take a while() | 14:08 |
| dtantsur | it sounds like we're talking about a higher-level orchestration service based on ironic | 14:08 |
| dtantsur | which is something I would be interested to have | 14:08 |
| NobodyCam | Some of our dev trouble shoot things like after being on for three days the systems becomes unstable | 14:08 |
| arne_wiebalck | dtantsur: ++ | 14:08 |
| TheJulia | dtantsur: possibly, yes | 14:08 |
| dtantsur | (although it competes with Nova nad Metal3) | 14:08 |
| dtantsur | Nova+Heat even | 14:08 |
| dtantsur | anyway, it may be cool to have | 14:08 |
| dtantsur | FYI my plans for metalsmith did include some sort of a "deployment plan API" | 14:09 |
| dtantsur | (I think it ended up being implemented in TripleO proper) | 14:09 |
| TheJulia | Well, customers are becoming a bit more conscious of power being used by idle machines to support bursting | 14:10 |
| dtantsur | a powered off machine will not support bursting | 14:11 |
| dtantsur | unless you have very slow bursts :) | 14:11 |
| TheJulia | I've said it for a while, when somebody looks at the power bills, as the rates increase across the globe, people are going to freak | 14:11 |
| TheJulia | or you know when you need to begin returning some machines to service, or you keep x amount of reserve | 14:11 |
| dtantsur | well, fair | 14:12 |
| TheJulia | there are maybe ?6? different major flows here | 14:12 |
| TheJulia | but all around the same central theme I guess | 14:12 |
| dtantsur | I think writing down these flows somewhere could be a good start | 14:13 |
| TheJulia | ++ | 14:13 |
| dtantsur | and then trying to find operators with matching flows | 14:13 |
| TheJulia | I should be writing specs today anyway | 14:14 |
| NobodyCam | I think as long as I could set or unset it per node. | 14:14 |
| TheJulia | NobodyCam: I think that is super fair and one thing I was thinking as a prime thing to do | 14:14 |
| TheJulia | some things, you'll never want to "idle down" | 14:14 |
| TheJulia | other things you'll be okay with that in a heartbeat | 14:15 |
| TheJulia | ... if only bmc reported CPU load was actually accurate. ;) | 14:15 |
| NobodyCam | Oh a agent? | 14:15 |
| NobodyCam | A lot of our systems are pdu based | 14:16 |
| TheJulia | true, and that would make it super hard, but maybe if we account for a model *where* we could have a remote reporting agent.... | 14:16 |
| dtantsur | A related thought: I'd like to support an optional agent that will poke Ironic when the instance *actually* boots | 14:17 |
| NobodyCam | +1 | 14:17 |
| dtantsur | so that we can set the node to active on first boot (and handle things like "it never booted") | 14:17 |
| TheJulia | That could make a ton of sense, I think | 14:23 |
| lmcgann | Hello, I am trying to set up a serial console to use with my node, but Im a bit confused. I set the 'ipmi_terminal_port' to a port I just create with netcat that prints to stdout. I can validate the node but then the 'console show' command tells me that console_enabled is False. What is the value of ipmi_terminal_port supposed to be exactly? | 14:39 |
| iurygregory | lmcgann, should be just the value of the port maybe https://opendev.org/openstack/ironic/src/branch/master/doc/source/admin/console.rst can provide more info (not sure if you followed all steps) | 14:46 |
| opendevreview | Riccardo Pittau proposed openstack/ironic-python-agent-builder master: [WIP] Build tinyipa on ARM64 https://review.opendev.org/c/openstack/ironic-python-agent-builder/+/815664 | 14:49 |
| dtantsur | see you tomorrow folks o/ | 14:54 |
| rpittau | bye dtantsur :) | 14:54 |
| lmcgann | I think I figured out the answer. Twas a bit dumb | 14:58 |
| opendevreview | Riccardo Pittau proposed openstack/ironic-python-agent-builder master: [WIP] Build tinyipa on ARM64 https://review.opendev.org/c/openstack/ironic-python-agent-builder/+/815664 | 14:58 |
| rpittau | bye everyone! o/ | 16:07 |
| *** pmannidi is now known as pmannidi|AFK | 16:20 | |
| arne_wiebalck | bye everyone o/ | 16:32 |
| TheJulia | lmcgann: it happens :) | 16:40 |
| opendevreview | Arun S A G proposed openstack/ironic master: Fix various issues in the anaconda deploy interface https://review.opendev.org/c/openstack/ironic/+/814087 | 17:42 |
| stevebaker[m] | morning | 19:30 |
| opendevreview | Julia Kreger proposed openstack/ironic-specs master: WIP: Agent log retrieval https://review.opendev.org/c/openstack/ironic-specs/+/815740 | 19:46 |
| TheJulia | stevebaker[m]: question to ponder, what if deleting an entry from UEFI firmware after the fact is a bad idea... | 19:51 |
| * TheJulia goes to the eye doctor | 19:51 | |
| stevebaker[m] | TheJulia: ponders | 19:52 |
| TheJulia | stevebaker[m]: pondering because of the reported case on lenovo gear. | 20:43 |
| stevebaker[m] | TheJulia: what do you mean "after the fact"? like an entry should never be deleted? | 20:48 |
| * stevebaker[m] is reading shim c code | 20:52 | |
| TheJulia | stevebaker[m]: easier to show you | 21:56 |
| stevebaker[m] | oki | 21:56 |
| TheJulia | stevebaker[m]: https://github.com/openstack/ironic-python-agent/blame/master/ironic_python_agent/extensions/image.py#L309-L314 | 21:57 |
| opendevreview | Steve Baker proposed openstack/ironic master: Write master grub config on startup https://review.opendev.org/c/openstack/ironic/+/815580 | 21:57 |
| opendevreview | Steve Baker proposed openstack/ironic master: Capture [pxe]loader_file_paths for distros https://review.opendev.org/c/openstack/ironic/+/815392 | 21:57 |
| TheJulia | stevebaker[m]: it is the only realistic difference in that case and I guess it is causing uefi firmware to reset | 22:00 |
| stevebaker[m] | TheJulia: yeah it might be more correct to detect an entry with the intended label, and if it exists do -b instead of -a | 22:03 |
| *** dviroel|rover is now known as dviroel|rover|afk | 22:08 | |
| TheJulia | stevebaker[m]: I suspect it is not going to entirely fix that issue | 22:21 |
| stevebaker[m] | TheJulia: this would be mitigating a bug in the firmware right? like this should work | 22:23 |
| TheJulia | well, lenovo's advice is just set, not delete the loader | 22:24 |
| TheJulia | so... umm. uyeah | 22:24 |
| TheJulia | but maybe delete does it | 22:24 |
| TheJulia | maybe | 22:24 |
| TheJulia | no way to test it | 22:24 |
| stevebaker[m] | hmm | 22:24 |
| *** pmannidi|AFK is now known as pmannidi | 23:56 | |
Generated by irclog2html.py 2.17.2 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!