Friday, 2020-10-02

*** maharg101 has joined #openstack-kolla		00:04
*** k_mouza has joined #openstack-kolla		00:06
*** maharg101 has quit IRC		00:09
*** k_mouza has quit IRC		00:10
*** weshay\|ruck has quit IRC		00:54
*** weshay has joined #openstack-kolla		00:55
*** weshay is now known as weshay\|ruck		00:55
*** k_mouza has joined #openstack-kolla		01:05
*** k_mouza has quit IRC		01:09
*** zzzeek has quit IRC		01:17
*** zzzeek has joined #openstack-kolla		01:19
*** k_mouza has joined #openstack-kolla		01:33
*** k_mouza has quit IRC		01:38
*** zzzeek has quit IRC		01:51
*** zzzeek has joined #openstack-kolla		01:51
*** k_mouza has joined #openstack-kolla		01:51
*** k_mouza has quit IRC		01:56
*** kevko_ has quit IRC		01:58
*** maharg101 has joined #openstack-kolla		02:06
*** kevko_ has joined #openstack-kolla		02:08
*** maharg101 has quit IRC		02:10
*** k_mouza has joined #openstack-kolla		02:27
*** k_mouza has quit IRC		02:31
*** Tony31 has joined #openstack-kolla		02:32
*** kevko_ has quit IRC		02:33
*** kevko_ has joined #openstack-kolla		02:33
*** kevko_ has quit IRC		03:21
*** Tony31 has quit IRC		03:31
*** zzzeek has quit IRC		03:52
*** zzzeek has joined #openstack-kolla		03:52
*** maharg101 has joined #openstack-kolla		04:06
*** maharg101 has quit IRC		04:11
*** alanmeadows has quit IRC		04:28
*** alanmeadows has joined #openstack-kolla		04:28
*** evrardjp has quit IRC		04:33
*** evrardjp has joined #openstack-kolla		04:33
*** zzzeek has quit IRC		05:59
*** zzzeek has joined #openstack-kolla		06:01
*** cah_link has joined #openstack-kolla		06:07
*** maharg101 has joined #openstack-kolla		06:07
*** maharg101 has quit IRC		06:12
*** hjensas\|afk has joined #openstack-kolla		06:38
*** maharg101 has joined #openstack-kolla		07:38
*** mrunge has quit IRC		07:53
*** mrunge has joined #openstack-kolla		07:54
*** e0ne has joined #openstack-kolla		07:55
*** Fl1nt has joined #openstack-kolla		07:56
Fl1nt	Gooood morning fellows!!	07:56
mgoddard	morning Fl1nt	07:57
openstackgerrit	Mark Goddard proposed openstack/kolla-ansible master: octavia: generate certificates automatically https://review.opendev.org/754280	08:03
Fl1nt	mgoddard, are you familliar with ElasticSearch?	08:04
mgoddard	Fl1nt: sort of	08:04
mgoddard	I'm no expert	08:04
Fl1nt	do you know about the infamous include_type_name parameter issue that can occurs with ES 6.6+/7.x series ?	08:05
openstackgerrit	Mark Goddard proposed openstack/kolla-ansible master: octavia: support tenant management network https://review.opendev.org/755589	08:05
Fl1nt	I think we may hit it on cloudkitty: http://paste.openstack.org/show/d1dFwvdtSwBoexKYcmoH/	08:05
openstackgerrit	Mark Goddard proposed openstack/kolla-ansible master: CI: octavia: create and test a load balancer https://review.opendev.org/754285	08:07
mgoddard	Fl1nt: I thought we saw that with the 5.x -> 6.x upgrade	08:09
mgoddard	we have ansible/roles/kibana/tasks/migrate-kibana-index.yml	08:09
Fl1nt	I'm using Train branch, it's still using ES 5.6.16, did I missed something?	08:09
mgoddard	Fl1nt: maybe cloudkitty expects a newer ES?	08:11
Fl1nt	yep I think so, but 6.x should be fine tho, I'm just wondering why my installation isn't using ES6 yet.	08:12
*** kevko_ has joined #openstack-kolla		08:16
mgoddard	Fl1nt: CentOS7 has 5, CentOS 8 has 6 on Train	08:17
Fl1nt	aaaah that's it. ok, so I'm screwed ^^	08:17
Fl1nt	I'll update the images to 8 and make the update.	08:17
Fl1nt	thx	08:17
yoctozepto	morning	08:33
*** k_mouza has joined #openstack-kolla		08:36
*** k_mouza has quit IRC		08:41
*** k_mouza has joined #openstack-kolla		08:42
Fl1nt	morning @yoctozepto !	09:06
kevko_	morning guys !	09:14
Fl1nt	good morning kevko_ o/	09:15
kevko_	yoctozepto: i completly reworked my logging ... will push to another review ..as it is quite different ..but more kolla-ansible integrated	09:15
kevko_	and common for all services	09:15
*** gfidente has joined #openstack-kolla		09:19
yoctozepto	kevko_: that's great; but it could get moved to early wallaby...	09:32
kevko_	yoctozepto: it's ok .. i will cherry pick locally inside our company	09:32
yoctozepto	mgoddard: so, re octavia, basically I'm proposing to keep another live-updated yaml with generated values that is always around	09:34
yoctozepto	mgoddard: and you seemingly prefer to make it a separate command	09:35
yoctozepto	I guess that's ok with me	09:35
*** cz3 is now known as ntoskrnl		09:38
*** ntoskrnl is now known as cz3		09:38
*** Tony31 has joined #openstack-kolla		09:38
Tony31	morning!	09:43
Tony31	@mgoddard thanks for your help yesterday. There was some config issue on the node so the error was coming from there	09:44
Tony31	I couldnt figure it out, it all looked ok to me when going through the individual ifcfg files. So I just removed them all, restarted network successfully then reconfigured the hosts through kayobe and all good now	09:44
mgoddard	Tony31: that's not ideal, but glad it's working now	09:45
Tony31	It may have happened because I was trying to get the config right through ansible and it stuffed something up	09:45
mgoddard	yoctozepto: the thing I'd like to avoid is the deploy command making changes to your local config	09:45
yoctozepto	mgoddard: yup, deploy should not be touching localhost, as this might come as surprising	09:46
mgoddard	yoctozepto: also if we did that unconditionally, then didn't update the resources, it would prevent changing them	09:46
Tony31	Could anyone help me with regards to OVS? I've deployed a "physnet3" now but there's no ovs for it. So in my ml2_conf.ini I've just mentioned the actual bridge but I dont think this will be successful as the other phsnet1 and physnet2 have br-ovs	09:46
Tony31	any pointers on this?	09:47
*** hjensas\|afk has quit IRC		09:49
openstackgerrit	Pierre Riteau proposed openstack/kayobe master: Disable overcloud networks for Ironic when unused https://review.opendev.org/755015	10:03
openstackgerrit	Pierre Riteau proposed openstack/kayobe master: dev: fix test scripts when ironic is disabled https://review.opendev.org/755474	10:03
openstackgerrit	dalekseev proposed openstack/kolla-ansible stable/train: Add 'baremetal' to mechanism_drivers when using ironic+linuxbridge https://review.opendev.org/755754	10:12
*** ricolin_ has joined #openstack-kolla		10:17
openstackgerrit	Radosław Piliszek proposed openstack/kolla-ansible master: Implement automatic deploy of octavia https://review.opendev.org/740180	10:56
openstackgerrit	Radosław Piliszek proposed openstack/kolla-ansible master: Implement automatic deploy of octavia https://review.opendev.org/740180	11:01
yoctozepto	mgoddard, mnasiadka: ^	11:06
yoctozepto	mgoddard: which next?	11:06
yoctozepto	headphoneJames: any luck with neutron on your side?	11:07
*** jbalciunas has joined #openstack-kolla		11:10
mgoddard	yoctozepto: commented	11:30
mgoddard	yoctozepto: top of the chain is https://review.opendev.org/#/c/754285/	11:30
patchbot	patch 754285 - kolla-ansible - CI: octavia: create and test a load balancer - 15 patch sets	11:30
yoctozepto	headphoneJames: I found https://bugs.launchpad.net/neutron/+bug/1864418	11:30
openstack	Launchpad bug 1864418 in neutron "has wrong with use apache to start neutron api in docker container" [Undecided,New]	11:30
yoctozepto	so it is independetly shown it does not work, at least with the current packaging	11:30
yoctozepto	looks like missing monkeypatching	11:31
openstackgerrit	Michal Arbet proposed openstack/kolla-ansible master: Use native fluent-logger instead of tail - Fluent central_logging https://review.opendev.org/755775	11:49
kevko_	yoctozepto: https://review.opendev.org/755775	11:49
patchbot	patch 755775 - kolla-ansible - Use native fluent-logger instead of tail - Fluent ... - 1 patch set	11:49
kevko_	yoctozepto: https://ibb.co/rt94FmJ	11:53
kevko_	yoctozepto: https://ibb.co/KNNL5T6 ... very nice ? no ? :)	11:53
yoctozepto	kevko_: whoa! I'm buying it	11:56
kevko_	yoctozepto: cool right ?	11:56
yoctozepto	mgoddard: commented back	11:59
yoctozepto	mgoddard: restore the empty defaults? or use the if-defined constructs?	11:59
yoctozepto	I feel leaving default is cleaner	11:59
yoctozepto	so would go the 2nd option	11:59
mgoddard	yoctozepto: yeah, leave defaults. We could probably add some prechecks, but that is another thing	12:03
yoctozepto	mgoddard: k, amending	12:03
openstackgerrit	Radosław Piliszek proposed openstack/kolla-ansible master: Implement automatic deploy of octavia https://review.opendev.org/740180	12:05
yoctozepto	mgoddard, mnasiadka: https://review.opendev.org/755328 <- important to restore previously working and fix a bug	12:08
patchbot	patch 755328 - kolla-ansible - Control Neutron migrations - 4 patch sets	12:08
mgoddard	will look later	12:09
yoctozepto	mgoddard: OK	12:09
yoctozepto	headphoneJames: honestly I find it quite suspicious neutron refrains from running behind mod_wsgi AND neutron having the memcache issues	12:16
yoctozepto	smeels like threading funkiness	12:16
yoctozepto	smells*	12:16
jbalciunas	:)	12:19
jbalciunas	yoctozepto: https://bugs.launchpad.net/oslo.cache/+bug/1883659	12:20
openstack	Launchpad bug 1883659 in oslo.cache "keystonemiddleware connections to memcached from neutron-server grow beyond configured values" [Undecided,Confirmed]	12:20
yoctozepto	jbalciunas: thanks for the link, I was looking for it	12:21
yoctozepto	https://bugs.launchpad.net/neutron/+bug/1864418	12:21
openstack	Launchpad bug 1864418 in neutron "Cannot run neutron-api via mod_wsgi" [Undecided,Confirmed]	12:21
openstackgerrit	Merged openstack/kayobe stable/ussuri: Performance: avoid set_fact in Kolla Ansible host vars https://review.opendev.org/755548	12:21
yoctozepto	cross-commented	12:22
yoctozepto	anyone volunteering to massage neutrinos about the issue? :-)	12:22
yoctozepto	(and there is no typo in there ^)	12:23
*** cah_link has quit IRC		12:36
*** k_mouza has quit IRC		12:54
*** k_mouza has joined #openstack-kolla		12:55
*** ricolin_ has quit IRC		13:05
*** ricolin_ has joined #openstack-kolla		13:06
*** greuceanu has joined #openstack-kolla		13:10
*** greuceanu is now known as Manheim		13:10
openstackgerrit	Michal Arbet proposed openstack/kolla-ansible master: Use native fluent-logger instead of tail - Fluent central_logging https://review.opendev.org/755775	13:18
*** dougsz has joined #openstack-kolla		13:27
*** dciabrin has joined #openstack-kolla		13:28
*** ricolin_ has quit IRC		13:30
*** ricolin_ has joined #openstack-kolla		13:52
*** priteau has joined #openstack-kolla		13:52
*** priteau has quit IRC		13:58
*** priteau has joined #openstack-kolla		14:19
openstackgerrit	Mark Goddard proposed openstack/kayobe master: Disable overcloud networks for Ironic when unused https://review.opendev.org/755015	14:23
*** Fl1nt has quit IRC		14:24
openstackgerrit	Mark Goddard proposed openstack/kayobe master: dev: fix test scripts when ironic is disabled https://review.opendev.org/755474	14:24
openstackgerrit	Mark Goddard proposed openstack/kayobe stable/ussuri: When EPEL install flag is not set https://review.opendev.org/755804	14:26
openstackgerrit	Mark Goddard proposed openstack/kayobe stable/train: When EPEL install flag is not set https://review.opendev.org/755805	14:26
*** vkmc has quit IRC		14:27
*** alanmeadows has quit IRC		14:27
*** alanmeadows has joined #openstack-kolla		14:28
*** vkmc has joined #openstack-kolla		14:29
openstackgerrit	Mark Goddard proposed openstack/kayobe stable/train: When EPEL install flag is not set https://review.opendev.org/755805	14:29
openstackgerrit	Mark Goddard proposed openstack/kayobe master: Add documentation for routed control plane networks https://review.opendev.org/755067	14:37
openstackgerrit	Mark Goddard proposed openstack/kolla-ansible master: octavia: generate certificates automatically https://review.opendev.org/754280	14:44
openstackgerrit	Mark Goddard proposed openstack/kolla-ansible master: add octavia openrc file https://review.opendev.org/745997	14:51
openstackgerrit	Mark Goddard proposed openstack/kolla-ansible master: CI: octavia: create and test a load balancer https://review.opendev.org/754285	14:51
mgoddard	yoctozepto: new chain, testing LB on the external network	14:52
openstackgerrit	Merged openstack/kolla-ansible master: Implement automatic deploy of octavia https://review.opendev.org/740180	15:04
yoctozepto	mgoddard: ^ yay!	15:08
mgoddard	mhm	15:08
yoctozepto	mgoddard: was on a meeting, will look	15:08
yoctozepto	mgoddard: docs are priority now	15:09
* yoctozepto on food hunt now		15:09
mgoddard	yoctozepto: not certificate generation?	15:09
openstackgerrit	Mark Goddard proposed openstack/kolla-ansible master: octavia: support tenant management network https://review.opendev.org/755589	15:10
*** TrevorV has joined #openstack-kolla		15:11
kevko_	guys, is this still actual ?	15:13
kevko_	Python Requests library will not trust self-signed or privately signed CAs even if they are added into the OS trusted CA folder and update-ca-trust is executed. For services that rely on the Python Requests library, either CA verification must be explicitly disabled in the service or the path to the CA certificate must be configured using the openstack_cacert parameter.	15:13
kevko_	(ussuri)	15:13
*** also_stingrayza has joined #openstack-kolla		15:14
*** stingrayza has quit IRC		15:16
*** k_mouza has quit IRC		15:33
*** Manheim has quit IRC		15:42
openstackgerrit	Merged openstack/kolla-ansible stable/train: Add 'baremetal' to mechanism_drivers when using ironic+linuxbridge https://review.opendev.org/755754	15:43
*** e0ne has quit IRC		15:45
*** priteau has quit IRC		15:45
yoctozepto	mgoddard: in a sense, yes; I meant that now that we merged the new code, we need it documented :-)	15:48
yoctozepto	mgoddard: so tenant is oos for victoria?	15:49
yoctozepto	makes sense to me	15:49
openstackgerrit	dalekseev proposed openstack/kolla-ansible stable/stein: Add 'baremetal' to mechanism_drivers when using ironic+linuxbridge https://review.opendev.org/755834	15:49
*** e0ne has joined #openstack-kolla		15:50
*** e0ne has quit IRC		15:52
*** priteau has joined #openstack-kolla		15:53
yoctozepto	mgoddard: An unhandled exception occurred while templating '{{ 'octavia_network' \| kolla_address }}'. Error was a <class 'kolla_ansible.exception.FilterError'>, original message: Address family 'ipv4' undefined on interface 'vxlan1' for host: 'primary'	15:53
mgoddard	doh	15:57
*** k_mouza has joined #openstack-kolla		15:57
*** k_mouza has quit IRC		16:02
*** k_mouza has joined #openstack-kolla		16:04
yoctozepto	mgoddard: octavia-certificates does not look production-level, no?	16:05
mgoddard	yoctozepto: well	16:05
mgoddard	it follows the octavia guide	16:05
yoctozepto	which is an example	16:05
yoctozepto	and we are not making it too configurable	16:05
johnsom	If it follows this guide: https://docs.openstack.org/octavia/latest/admin/guides/certificates.html It is good.	16:06
mgoddard	then it is good :)	16:07
mgoddard	yoctozepto: it's just for internal comms	16:07
mgoddard	yoctozepto: I had thought an easy win would be to allow overriding openssl.cnf	16:07
mgoddard	but didn't want to guild the lily yet	16:08
johnsom	Yeah, it's purely system-to-system, so doing the dual self signed CA is perfectly fine.	16:08
yoctozepto	mgoddard: well, it also resets the serial each time	16:08
mgoddard	bug	16:09
yoctozepto	ok, so it's only meant to be run once ever	16:09
yoctozepto	correct?	16:09
*** k_mouza has quit IRC		16:09
yoctozepto	then let's just patch that and allow openssl.cnf override I guess	16:09
yoctozepto	and we can ship	16:09
mgoddard	well it has 'creates' that should make it idempotent	16:09
yoctozepto	does it?	16:10
mgoddard	and ideally, if you delete the right set of certs it would recreate them, although I haven't tested that	16:10
yoctozepto	- name: Create serial files for server_ca and client_ca	16:10
yoctozepto	copy:	16:10
yoctozepto	content: 1000	16:10
yoctozepto	dest: "{{ octavia_certs_work_dir }}/{{ item.item }}/serial"	16:10
yoctozepto	loop: "{{ serial_info.results \| selectattr('stat.exists', 'equalto', false) \| list }}"	16:10
mgoddard	yeah, as I just said that's a bug	16:10
yoctozepto	ok	16:10
mgoddard	ideally we would have some argument to the command saying 'regenerate'	16:11
mgoddard	but that would need testing	16:11
mgoddard	mk2	16:11
yoctozepto	not worth it atm	16:11
mgoddard	needs care to ensure existing certs remain valid	16:11
yoctozepto	so fixing the idempotency of serial	16:11
mgoddard	I tried once and it complained that there was already a cert for the host	16:11
yoctozepto	gmm	16:12
mgoddard	hold up	16:12
yoctozepto	hmm*	16:12
mgoddard	loop: "{{ serial_info.results \| selectattr('stat.exists', 'equalto', false) \| list }}"	16:12
yoctozepto	does it ever use this serial?	16:12
mgoddard	only creates those that don't exist	16:12
yoctozepto	good catch	16:12
yoctozepto	makes sense	16:12
yoctozepto	I can't see serial and index being used there further	16:13
mgoddard	https://review.opendev.org/#/c/754280/12/ansible/roles/octavia-certificates/files/openssl.cnf	16:13
patchbot	patch 754280 - kolla-ansible - octavia: generate certificates automatically - 12 patch sets	16:13
yoctozepto	I mean, this info is immediately discarde	16:14
yoctozepto	I know openssl writes to it	16:14
yoctozepto	but it could as well write to /dev/null	16:14
johnsom	serial numbers are used if you need to revoke a certificate.	16:14
*** ricolin_ has quit IRC		16:14
mgoddard	I like this octavia expert as a service	16:15
johnsom	So, some deployers use a central CA location. Others will set the start serial number on each controller to blocks, like 10,000 on one, 20,000, etc.	16:15
johnsom	mgoddard lol, that is what we are here for. Helping people out	16:15
yoctozepto	yeah, it has to be a regular service	16:16
mgoddard	appreciated	16:16
yoctozepto	johnsom: that's very welcome!	16:16
yoctozepto	hmm, so we are doing this a bit differently	16:16
yoctozepto	creating one set of CAs and deploying these everywhere	16:16
johnsom	Sorry I don't have a deep understanding of kolla, but I can answer most Octavia questions.	16:16
yoctozepto	it's the other way around here :-)	16:17
*** k_mouza has joined #openstack-kolla		16:17
* yoctozepto reading octavia docs now		16:18
johnsom	Yeah, so if you are doing the distributed CA approach, maybe have a step that goes through and sets each instance to have a certain serial starting point. That way you won't end up with overlapping serial numbers.	16:18
yoctozepto	ok, "Certificate Lifecycles" pretty much answered my questions	16:19
yoctozepto	"The server certificates are uniquely generated for each amphora by the controller using the server certificate authority certificates and keys. These server certificates are automatically rotated by the Octavia housekeeping controller process as they near expiration."	16:19
johnsom	I will say, operationally, overlapping serial numbers don't break anything. It just limits your ability to issue a revoke	16:19
yoctozepto	johnsom: we don't feed starting serials to control hosts at all	16:20
yoctozepto	I guess we should then	16:20
johnsom	Good to know my doc is useful, lol	16:20
yoctozepto	so does this apply to the server certificates?	16:20
yoctozepto	like, octavia is not coordinating the serial numbers between them?	16:20
yoctozepto	them=controllers	16:20
johnsom	Right, Octavia does not coordinate the openssl CAs.	16:21
*** k_mouza has quit IRC		16:22
*** k_mouza has joined #openstack-kolla		16:23
mgoddard	so, just to be clear - we are generating 4 files (server CA key & cert, client CA cert, client combined cert & key), and copying these to each controller	16:24
mgoddard	rather than doing anything specific for each controller	16:24
johnsom	Yeah, that is good. The only potential enhancement would be to give each controller openssl CA a unique serial number block by "echo 100000 > serial" or something similar.	16:25
mgoddard	would that result in a separate server CA cert for each controller?	16:26
yoctozepto	we don't set the serial on controllers at all	16:26
yoctozepto	mgoddard: we would need a common CA parent on them to trust each other though	16:27
johnsom	If you don't set it, it automatically starts at 1	16:27
yoctozepto	ok, so we need to point octavia at serial too	16:27
johnsom	So, sorry this is a bit complicated, but two-way TLS authentication is... just complicated.	16:27
*** k_mouza has quit IRC		16:27
yoctozepto	well, it's not that complicated when you get to know how octavia deals with it :-)	16:28
yoctozepto	your insight was very helpful	16:28
johnsom	The CA cert and key should be shared for both client and server side.	16:28
johnsom	Then, in theory you would issue a certificate for each controller using the "client" CA. Though some just share them (again, limits revoke options and means they all expire at the same time).	16:29
johnsom	A highlight in the doc is the controllers are the "client" talking to the "servers" on the amphora.	16:29
*** suryasingh has quit IRC		16:29
mgoddard	I see	16:30
mgoddard	so it's the client CA where we would modify the serial	16:30
yoctozepto	johnsom: I've got an issue - I can't see how to set the serial file for octavia to use, or openssl.cnf	16:30
johnsom	Then, Octavia will use the "server" CA to issue certs to the amphora as they are booted or if they need to be rotated for a policy.	16:30
johnsom	This issue of certs to the amphora, each are unique to the amphora, the CN is the amphora uuid.	16:30
johnsom	The serial file comes into play in this "server" cert issue to the amphora. If it's not set, each controller will start at 1 and you will have amps with duplicate serial 1. The CN will still be unique though, which is how our validate checks if the cert is from the right amphora.	16:32
*** dougsz has quit IRC		16:32
johnsom	yoctozepto It's step five in this section: https://docs.openstack.org/octavia/latest/admin/guides/certificates.html#creating-the-certificate-authorities	16:32
yoctozepto	johnsom: but this one is used only for the initial generation	16:33
*** k_mouza has joined #openstack-kolla		16:33
johnsom	Oh, step 8 actually for the client side	16:33
yoctozepto	nah, we are about the server side now	16:33
yoctozepto	I mean	16:33
johnsom	Right, sorry. multi-tasking.	16:33
yoctozepto	we are giving our octavia controllers only the CA cert/key	16:33
yoctozepto	not openssl.cnf, not serial	16:34
yoctozepto	octavia does not seem to have config to provide their paths	16:34
yoctozepto	so it cannot really use them	16:34
yoctozepto	:-)	16:34
johnsom	Oh, doh, yeah, you are right, this is using the local cert generator. It creates a serial off the uuid: https://github.com/openstack/octavia/blob/master/octavia/certificates/generator/local.py#L40\	16:35
johnsom	Stop listening to me	16:35
johnsom	grin	16:35
yoctozepto	ALL CLEAR	16:36
yoctozepto	:D	16:36
yoctozepto	so fine	16:36
yoctozepto	we've got this sorted out	16:36
yoctozepto	we have central location for client CA	16:36
yoctozepto	the ansible deployment host	16:37
yoctozepto	that drives it all	16:37
yoctozepto	so we have our serial nice and dandy	16:37
yoctozepto	and we can in fact not care about server CA serial because server CA is never controlled by us	16:37
*** k_mouza has quit IRC		16:38
yoctozepto	johnsom: thank you for your cooperation :-)	16:38
johnsom	Thank you for your patience	16:39
yoctozepto	how awesome it would be to have this responsiveness from each project :-)	16:39
yoctozepto	mgoddard: are you sitting down to the certs or want to let me take a bite at them?	16:39
yoctozepto	(or want to finish current iteration and then let me)	16:39
mgoddard	yoctozepto: I'm probably not going to get to it today, feel free to have a go	16:42
yoctozepto	mgoddard: ok, I've still got my batteries on :-)	16:43
mgoddard	running low	16:43
yoctozepto	I felt worse yesterday	16:43
yoctozepto	so can relate :-)	16:44
*** k_mouza has joined #openstack-kolla		16:45
openstackgerrit	Radosław Piliszek proposed openstack/kolla-ansible master: octavia: generate certificates automatically https://review.opendev.org/754280	16:47
yoctozepto	just rebased for now	16:47
*** k_mouza has quit IRC		16:50
*** k_mouza has joined #openstack-kolla		16:56
*** k_mouza has quit IRC		17:01
*** k_mouza has joined #openstack-kolla		17:08
*** k_mouza has quit IRC		17:13
*** k_mouza has joined #openstack-kolla		17:25
*** k_mouza has quit IRC		17:30
*** k_mouza has joined #openstack-kolla		17:35
*** dswebb has joined #openstack-kolla		17:38
*** k_mouza has quit IRC		17:39
born2bake	Hi guys, I am getting this error https://access.redhat.com/solutions/5100681 ; I am wondering, is there any setting in neutron which I can verify that MTU is not bigger than 1500?	17:46
*** gfidente has quit IRC		17:46
*** Tengu has quit IRC		17:48
openstackgerrit	Merged openstack/kayobe stable/train: Performance: Parallelise Kolla Ansible host vars generation https://review.opendev.org/754064	17:49
openstackgerrit	Merged openstack/kolla-ansible stable/ussuri: Performance: use a single config file for logrotate https://review.opendev.org/752964	18:02
openstackgerrit	Radosław Piliszek proposed openstack/kolla-ansible master: octavia: generate certificates automatically https://review.opendev.org/754280	18:04
openstackgerrit	Radosław Piliszek proposed openstack/kolla-ansible master: octavia: generate certificates automatically https://review.opendev.org/754280	18:04
*** Tengu has joined #openstack-kolla		18:25
*** k_mouza has joined #openstack-kolla		18:45
*** kevko_ has quit IRC		18:46
*** k_mouza has quit IRC		18:49
openstackgerrit	Radosław Piliszek proposed openstack/kolla-ansible master: octavia: generate certificates automatically https://review.opendev.org/754280	18:51
*** k_mouza has joined #openstack-kolla		19:00
*** k_mouza has quit IRC		19:04
*** k_mouza has joined #openstack-kolla		19:17
*** priteau has quit IRC		19:17
*** k_mouza has quit IRC		19:22
openstackgerrit	Merged openstack/kolla-ansible stable/stein: Add 'baremetal' to mechanism_drivers when using ironic+linuxbridge https://review.opendev.org/755834	19:25
*** TrevorV has quit IRC		19:26
*** e0ne has joined #openstack-kolla		19:37
openstackgerrit	Pedro Henrique Pereira Martins proposed openstack/kolla-ansible master: Add support to OpenID Connect Authentication flow https://review.opendev.org/695432	19:53
*** e0ne has quit IRC		19:55
*** waxfire2 has joined #openstack-kolla		19:56
*** e0ne has joined #openstack-kolla		19:56
openstackgerrit	Pedro Henrique Pereira Martins proposed openstack/kolla-ansible master: Add support to OpenID Connect Authentication flow https://review.opendev.org/695432	19:57
*** crindi has quit IRC		19:57
*** _Cyclone_ has quit IRC		19:57
*** crindi has joined #openstack-kolla		19:57
*** _Cyclone_ has joined #openstack-kolla		19:57
*** waxfire has quit IRC		19:57
*** waxfire2 is now known as waxfire		19:57
*** k_mouza has joined #openstack-kolla		19:59
*** maharg101 has quit IRC		19:59
*** k_mouza has quit IRC		20:03
*** k_mouza has joined #openstack-kolla		20:07
openstackgerrit	Paul Leimer proposed openstack/kolla stable/train: Add collectd-libpod-stats to image https://review.opendev.org/755873	20:09
*** k_mouza has quit IRC		20:11
*** maharg101 has joined #openstack-kolla		20:39
*** e0ne has quit IRC		20:41
*** maharg101 has quit IRC		20:52
*** e0ne has joined #openstack-kolla		21:25
*** e0ne has quit IRC		21:42
*** e0ne has joined #openstack-kolla		21:48
*** e0ne has quit IRC		21:57
*** kevko_ has joined #openstack-kolla		22:03
*** k_mouza has joined #openstack-kolla		22:28
*** k_mouza has quit IRC		22:32
*** maharg101 has joined #openstack-kolla		22:49
*** maharg101 has quit IRC		22:54
*** ricolin_ has joined #openstack-kolla		23:49

Generated by irclog2html.py 2.17.2 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!