| cardoe | https://review.opendev.org/c/openstack/networking-baremetal/+/929650 here or neutron? | 02:37 |
|---|---|---|
| cardoe | JayF: what's openstack-exporter? The gophercloud folks are pretty good to work with. I've submitted a bunch of changes and redesigned a few APIs. Though they're now locked in on being stable on v2 for a bit. Feel free to ping me on the auth side, I honestly don't know Go but what I can Google but I actually wrote the current auth plugin interface so you can do stuff like keystoneauth. | 02:38 |
| JayF | https://github.com/openstack-exporter/openstack-exporter -> it basically does API queries to pull information to send over prometheus | 02:39 |
| TheJulia | cardoe: here, I am confused, guess I need more context and not a migraine. | 02:40 |
| cardoe | So I blew it up somewhere in the pool_listener cause I derped. | 02:42 |
| cardoe | Sorry. I blew it up somewhere in pool_listener.start() in the start() | 02:43 |
| cardoe | And it called stop(). But there's no self.heartbeat yet. so stop() got mad. | 02:43 |
| cardoe | My RabbitMQ config line was bad. | 02:44 |
| cardoe | JayF: ah awesome it's late and totally forgot. | 02:44 |
| cardoe | https://github.com/gophercloud/gophercloud/blob/master/openstack/baremetal/noauth/doc.go | 02:51 |
| cardoe | JayF: ^ | 02:51 |
| JayF | oh, lame, so openstack exporter has to update how it's using it, it doesn't just work off clouds.yaml :( | 02:52 |
| JayF | adamcarthur5: ^ fyi I linked that in the issue and closed it | 02:53 |
| JayF | adamcarthur5: even if we want to improve it clearly we gotta understand that part better first | 02:53 |
| * JayF & | 02:53 | |
| cardoe | What's a noauth clouds.yaml look like? | 02:56 |
| adamcarthur5 | JayF ah okay. Thanks cardoe. | 02:59 |
| TheJulia | cardoe: ask me tomorrow, I think bifrost can generate that and I can point you to it… if I am reminded. In a car at the moment and will be walking the corgi and crashing once I’m back to my bus | 03:01 |
| cardoe | Will do. | 03:13 |
| cardoe | adamcarthur5: I got pretty good at coming up with handling the inflexible auth bits and they ultimately took my suggestion for gophercloud 2.0.0. So as long as openstack-exporter is using 2.0.0 I bet we can make it work. So you basically you can provide your own keystoneauth plugin like surface in your binary. I see that noauth bit hasn't been updated in 5+ years so it's probably not wired in correctly. | 03:17 |
| cardoe | You can probably carry a little struct externally and just rebase it away if they merge it in. | 03:18 |
| adamcarthur5 | cardoe sadly openstack-exporter doesn't use 1.0, but I have done a partial migration of ironic to 2.0, so it's technically possible | 03:19 |
| cardoe | No I mean gophercloud | 03:22 |
| cardoe | github.com/gophercloud/gophercloud v1.14.0 yeah sad | 03:23 |
| JayF | cardoe: I linked to the dock for python ironic client that shows you what it looks like in that GitHub issue. I'm on mobile so I can't grab it right now | 03:28 |
| JayF | **doc | 03:28 |
| JayF | The one I'm assuming you saw in gophercloud | 03:29 |
| cardoe | okay so it's a little bit tricky. | 03:31 |
| cardoe | https://github.com/gophercloud/utils/blob/80377eca5d56d1f07d0ebdd4c2a5ae000a66a90e/openstack/clientconfig/requests.go#L24-L42 those are the valid auth types. Which "none" isn't valid for. | 03:31 |
| cardoe | I can see openstack-exporter has to do the same fun workarounds gophercloud... set the env var for your clouds.yaml. Cause gophercloud doesn't let you provide an absolute path. | 03:33 |
| cardoe | So you can trick this all out via https://github.com/openstack-exporter/openstack-exporter/blob/4eaf89ce0293ed5994446ac502f063bd4a1101f8/cache/utils.go#L45 | 03:35 |
| cardoe | Instead of LoadCloudsYaml(), you call https://github.com/gophercloud/utils/blob/80377eca5d56d1f07d0ebdd4c2a5ae000a66a90e/openstack/clientconfig/requests.go#L186 | 03:36 |
| cardoe | oh sorry, you're trying to load the whole thing You have to call FindAndReadCloudsYAML() yourself and unmarshal it. | 03:38 |
| cardoe | Change this one line to give you more control. Provide your own LoadCloudsYaml() which changes auth_type = none to auth_type = "password" and the auth_url to something like noauth:// https://github.com/openstack-exporter/openstack-exporter/blob/4eaf89ce0293ed5994446ac502f063bd4a1101f8/exporters/exporter.go#L198 | 03:58 |
| cardoe | Then https://github.com/openstack-exporter/openstack-exporter/blob/4eaf89ce0293ed5994446ac502f063bd4a1101f8/exporters/utils.go#L83 make that conditional if you're connecting to noauth:// to skip it and just create yourself a blank openstack.ProviderClient | 03:59 |
| cardoe | https://github.com/openstack-exporter/openstack-exporter/blob/4eaf89ce0293ed5994446ac502f063bd4a1101f8/exporters/utils.go#L106 fix that line up to actually copy in the endpoint_override | 04:00 |
| rpittau | good morning ironic! o/ | 07:05 |
| cid | dtantsur: When you can, can you drop a few lines of feedback on this change https://review.opendev.org/c/openstack/ironic/+/918303. | 09:00 |
| cid | Possibly, even how we can test it out in Devstack. | 09:00 |
| dtantsur | putting on my queue | 09:17 |
| opendevreview | Verification of a change to openstack/networking-generic-switch master failed: cumulus_nvue: Use generic netmiko device as base https://review.opendev.org/c/openstack/networking-generic-switch/+/928488 | 09:25 |
| opendevreview | Dmitry Tantsur proposed openstack/ironic master: trivial: fix http result code on ImageInvalid https://review.opendev.org/c/openstack/ironic/+/929574 | 09:25 |
| opendevreview | Merged openstack/metalsmith master: Update master for stable/2024.2 https://review.opendev.org/c/openstack/metalsmith/+/928365 | 09:29 |
| opendevreview | Merged openstack/bifrost stable/2024.2: Update TOX_CONSTRAINTS_FILE for stable/2024.2 https://review.opendev.org/c/openstack/bifrost/+/930032 | 09:55 |
| opendevreview | Merged openstack/metalsmith stable/2024.2: Update .gitreview for stable/2024.2 https://review.opendev.org/c/openstack/metalsmith/+/928361 | 10:50 |
| opendevreview | Merged openstack/metalsmith stable/2024.2: Update TOX_CONSTRAINTS_FILE for stable/2024.2 https://review.opendev.org/c/openstack/metalsmith/+/928362 | 10:50 |
| iurygregory | good morning Ironic | 11:28 |
| tkajinam | dtantsur, thanks for reviewing/merging these changes. honestly speaking I wasn't aware it's unused now and don't need a new release soon, but I guess we can create one after adding deprecation note (so that it also appears in pypi). | 11:59 |
| tkajinam | if that makes sense I'll propose a change to add deprecation warning | 12:00 |
| opendevreview | Adam Rozman proposed openstack/ironic bugfix/26.0: implement custom reboot support https://review.opendev.org/c/openstack/ironic/+/930565 | 12:17 |
| tkajinam | proposed https://review.opendev.org/c/openstack/python-dracclient/+/930572 fyi... | 12:38 |
| cid | dtantsur: thanks | 12:47 |
| rpittau | cid: that looks good at a glance, can you please add a release note? | 13:00 |
| TheJulia | good morning | 13:08 |
| rpittau | hey TheJulia :) | 13:08 |
| cid | rpittau: noted. | 13:25 |
| opendevreview | Adam Rozman proposed openstack/ironic master: implement custom reboot support https://review.opendev.org/c/openstack/ironic/+/925703 | 13:34 |
| opendevreview | Adam Rozman proposed openstack/ironic master: implement custom reboot support https://review.opendev.org/c/openstack/ironic/+/925703 | 13:38 |
| TheJulia | so it looks like I need to spend time making 4k block devices a first-class thing | 13:46 |
| TheJulia | I'm going to add another topic to the PTG because configuration of such machines makes me nervous | 13:46 |
| rpittau | moaaarrr topics | 13:48 |
| TheJulia | yuuuup | 13:50 |
| TheJulia | sorry | 13:50 |
| TheJulia | cardoe: so looking at bifrost, I'm not sure we enerated it, but we functioanlly would set the auth_type to None in python and auth would only have "endpoint" which points to ironic's api url | 14:26 |
| cardoe | yeah that makes sense. | 14:26 |
| TheJulia | I think that was the happy path we came up with ages ago, but it implied special meaning as a generalize override | 14:27 |
| TheJulia | to basically say "I've got nothing here, but here is your general override" | 14:27 |
| cardoe | none is just not valid in the version of gophercloud that openstack-exporter uses. That version is considered EOL so they won't patch it. | 14:27 |
| TheJulia | in bifrost, playbooks/roles/bifrost-cloud-config/tasks/main.yml | 14:27 |
| TheJulia | yeah | 14:27 |
| TheJulia | ... I thought they did something, but maybe they added basic auth at some point/ | 14:28 |
| TheJulia | ? | 14:28 |
| JayF | cardoe: What I suggested to adamcarthur5 (it's ultimately up to him), is that we punt on worrying about standalone/basic auth until we have more of the ironic stuff hooked up to the exporter (which should mean more of it using v2, I think) | 14:31 |
| JayF | honestly the impetus for hooking it up now() was to make local api a reasonable path for dev | 14:31 |
| cardoe | They did add basic auth but its a totally different entrypoint to instantiate it. | 14:32 |
| cardoe | basically you build up an AuthOptions struct. It can be from getopt style build up, they have a built in helper to read the OS_ env vars to build one. They also have one that reads clouds.yaml and makes AuthOptions. | 14:33 |
| TheJulia | rpittau: so dialed back the item I added, looks like my patch from last august does the needful, but it might not work in some cases, really don't know :( | 14:58 |
| JayF | cardoe: yeah, tbh I think it'd be nice to get the clouds.yaml stuff we have documented around supported in more places, but it's somewhat low on my list | 15:10 |
| JayF | cardoe: I don't currently have use cases for standalone ironic beyond 'it makes development of some things easier'; but investing in it to hedge for long term is something we're doing too | 15:11 |
| JayF | so we want the story to be better overall but there's no specific rush or impetus beyond trying to clean things up where we find it and it's time-efficient | 15:11 |
| rpittau | TheJulia: maybe we need more eyes, or just a quick discussion, it's ok to have the topic there | 15:42 |
| TheJulia | yeah, I think there is an underlying question we need to ask ourselves and then see if there are directions we shoudl be trying to steer in | 15:43 |
| TheJulia | VMs are super insulated from this stuff, where as we're painfull aware | 15:43 |
| TheJulia | so... if we want to see change/evolution, we're going to need to drive for it | 15:43 |
| JayF | TheJulia: are you seeing a particular brand or style of gear/raid cards doing this? | 15:49 |
| TheJulia | Dell PERCs | 16:06 |
| TheJulia | The newest generation stuffs | 16:06 |
| JayF | thank you | 16:35 |
| JayF | I'm currently executing the permissions changes required for us to officially be VMT managed | 17:03 |
| JayF | it appears on launchpad.net/networking-baremetal that vsaienko has special access | 17:04 |
| JayF | is that intentional or still needed? should it be removed? | 17:04 |
| JayF | similarly for NGS | 17:05 |
| dtantsur | I think he hasn't been active for a long time, so his access can be removed regardless of the initial intention | 17:08 |
| JayF | that was my assumption, but just didn't want to take action alone/in the dark :D | 17:19 |
| JayF | will fix both NBM + NGS now | 17:19 |
| JayF | https://launchpad.net/~ironic-coresec also has some bonus access | 17:20 |
| JayF | I suggest we update the membership? Remove Ruby, add me+Riccardo? | 17:20 |
| JayF | dtantsur would have to execute any changes there as the leader of the group | 17:21 |
| JayF | alternatively I can replace all references to that group in lp configs with ironic-drivers | 17:21 |
| JayF | but editing the group membership would save me doing a foreach bugtracker against a launchpad that is very slow this morning :D | 17:21 |
| TheJulia | JayF: seems reasonable to me | 17:58 |
| JayF | I just discovered something unfortunate https://github.com/openstack/ironic/commit/c996aafa6d2fb7cb90da6f6126bf385635cdf32e references CVE-2024-44982 but the actual number is https://nvd.nist.gov/vuln/detail/CVE-2024-44082 | 21:58 |
| JayF | can't be fixed now, but I'll ensure the related docs are using the correct number | 21:58 |
| TheJulia | Yeah, I spotted it when it was too late too. | 21:58 |
| JayF | yeah can confirm only place it's wrong is the commit message | 21:58 |
| TheJulia | Oh well! | 21:59 |
| JayF | I just saw it linked when I was showing someone this as an example (someone was claiming less code == more secure, and smoeone pointed out that's almost always inversely true, and that fix is an A++ example) | 21:59 |
| JayF | we're going to /really/ confuse someone if they come looking for the linux kernel fix in the ironic repo :D | 21:59 |
| TheJulia | I’ll add confusion maker to my job title | 22:00 |
| TheJulia | We have three weapons! Cats! confusion! And a cute corgi who rolls around on the bed. | 22:00 |
| opendevreview | Julia Kreger proposed openstack/ironic master: CI: Enable the ability to have test VMs with different block sizes https://review.opendev.org/c/openstack/ironic/+/928285 | 23:49 |
| opendevreview | Julia Kreger proposed openstack/ironic master: WIP: Add a 4k disk CI job https://review.opendev.org/c/openstack/ironic/+/930655 | 23:49 |
| TheJulia | crossing fingers! | 23:49 |
| opendevreview | Julia Kreger proposed openstack/ironic master: WIP: Add a 4k disk CI job https://review.opendev.org/c/openstack/ironic/+/930655 | 23:57 |
Generated by irclog2html.py 2.17.3 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!