| gurustacker | hi all, in globals.yml I added this: nova_compute_extra_volumes: - "/etc/kolla/config/nova/ceph/:/etc/ceph/:rw" and have keyring files in the ceph directory that will not be added to the nova_compute container during deployment. All permissions are rw, no apparmor, no fails, just the keyrings will not be added no matter what is tried, any ideas? | 03:29 |
|---|---|---|
| joelm21 | gurustacker: You've built the keys for your external ceph as per https://docs.ceph.com/en/latest/rbd/rbd-openstack/ ? Assuming you followed the external ceph configuration integration guide for kolla-ansible here https://docs.openstack.org/kolla-ansible/latest/reference/storage/external-ceph-guide.html ? | 04:48 |
| joelm21 | looking at https://github.com/openstack/kolla-ansible/blob/master/ansible/roles/nova-cell/defaults/main.yml it looks like nova_compute_extra_volumes just bolts on nicely to nova-compute: volumes: and your syntax is probably fine if kolla-ansible prechecks is not flagging any warnings. | 04:49 |
| mnasiadka | gurustacker: Is there a reason you're not using External Ceph support in Kolla-Ansible? It now has support for multiple keys/config files for multiple backends. | 05:51 |
| opendevreview | Pierre Riteau proposed openstack/kayobe master: Remove graphlib-backport requirement https://review.opendev.org/c/openstack/kayobe/+/942421 | 09:23 |
| opendevreview | Pierre Riteau proposed openstack/kayobe master: Remove graphlib-backport requirement https://review.opendev.org/c/openstack/kayobe/+/942421 | 09:38 |
| opendevreview | Michal Nasiadka proposed openstack/kolla master: CI: Add rocky support to process_build_logs.py https://review.opendev.org/c/openstack/kolla/+/942422 | 10:59 |
| opendevreview | Verification of a change to openstack/kolla master failed: CI: Use ansible-lint for CI roles and playbooks https://review.opendev.org/c/openstack/kolla/+/937614 | 12:24 |
| opendevreview | Grzegorz Koper proposed openstack/kolla-ansible master: Bump ansible-core versions to 2.17 and 2.18 https://review.opendev.org/c/openstack/kolla-ansible/+/941787 | 12:41 |
| opendevreview | Matt Anson proposed openstack/kolla-ansible master: prometheus: Support overriding address of scrape targets https://review.opendev.org/c/openstack/kolla-ansible/+/899615 | 14:21 |
| gurustacker | joelm21: thanks for the input. I have followed the guide. It's possible the value for user (nova-compute) of the ceph pool in the globals.yml is only allowing the one keyring "/etc/ceph/ceph.client.nova-compute.keyring" and ceph.conf. But from the errors when testing "ceph -s" from nova_compute container is "AuthRegistry(0x7f11f00650b0) no keyring found at /etc/ceph/ceph.client.admin.keyring, disabling cephx". | 14:35 |
| gurustacker | mnasiadka: I didn't see the guide for using External Ceph support in Kolla-Ansible, can you point me to the right direction, this sounds like exactly what I need since I have multiple backends in the ceph cluster? | 14:38 |
| opendevreview | Matt Anson proposed openstack/ansible-collection-kolla master: Add stats callback plugin https://review.opendev.org/c/openstack/ansible-collection-kolla/+/910347 | 14:40 |
| mnasiadka | gurustacker: https://docs.openstack.org/kolla-ansible/2024.1/reference/storage/external-ceph-guide.html - we have that from 2024.1 | 14:46 |
| gurustacker | What option is there in the globals.yml to add any file to a container, in my case a keyring, and maybe another case is having some scripts in the future? Is there a syntax to override any blocks I could use to force any file to one container group during deployment? For example nova_compute_extra_volumes: - "/etc/kolla/config/nova/script-to-check-then-ping-home-youre-okay.sh:/home/:ro | 14:47 |
| gurustacker | Thank you mnasiadka!! I'm starting to read now | 14:48 |
| mnasiadka | one additional volume to all of the containers? I don't think we have that, we have it per service surely | 14:49 |
| gurustacker | That would be a great feature to have. How would I script it per service? | 14:52 |
| gurustacker | mnasiadka: I did read that before but I didn't think it would apply in my case I only needed the admin keyring added. So I guess I would create a new admin-ceph.conf referencing the admin keyring, maybe that'll do it | 14:57 |
| kevko | gurustacker: you can mount your extra volume as you wrote above ... So where is problem ? Regarding keyring question ... Read docs and your keyring will be copied | 14:57 |
| gurustacker | Thanks kevko | 14:58 |
| kevko | gurustacker: just set your cinder nova glance users to be admin and that's it ..admin keyring will be copied | 14:58 |
| gurustacker | okay I'll try, so in globals.yml I'll just have them all set as the admin user and forget about each service key for now | 14:59 |
| kevko | gurustacker: no extra steps needed ..if you have admin keyring and ceph.conf ..this is easy | 14:59 |
| kevko | gurustacker: yeah ...if you want to do it ... | 14:59 |
| gurustacker | so I thought, but for the life of me it would not be added as an extra keyring, it only would take the nova-compute.keyring | 15:00 |
| kevko | gurustacker: read the manual and ask if anything will.not be clear | 15:00 |
| kevko | gurustacker: so you had wrong config ... | 15:01 |
| gurustacker | yeah probably, just a mind$uck to figure out | 15:01 |
| opendevreview | Matt Anson proposed openstack/ansible-collection-kolla master: Add stats callback plugin https://review.opendev.org/c/openstack/ansible-collection-kolla/+/910347 | 15:04 |
| opendevreview | Grzegorz Koper proposed openstack/kolla-ansible master: Bump ansible-core versions to 2.17 and 2.18 https://review.opendev.org/c/openstack/kolla-ansible/+/941787 | 15:05 |
| opendevreview | Pierre Riteau proposed openstack/kayobe master: CI: Use libpod/registry for registry https://review.opendev.org/c/openstack/kayobe/+/940713 | 15:26 |
| gurustacker | What I'm finding is that the docker exec -u root -it nova_compute cat /var/lib/kolla/config_files/config.json does not have the reference to the file even when in the mounts it shows, docker exec -it nova_compute ls -l /etc/ceph total 8 -rw------- 1 nova nova 70 Feb 21 15:20 ceph.client.nova-compute.keyring -rw------- 1 nova nova 486 Feb 21 15:20 ceph.conf docker inspect nova_compute | grep -A 60 "Mounts" "Mounts": [ { | 15:36 |
| gurustacker | "bind", "Source": "/etc/kolla/config/nova/ceph/ceph.client.admin.keyring", "Destination": "/etc/ceph", "Mode": "rw", "RW": true, "Propagation": "rprivate" }, | 15:36 |
| opendevreview | Grzegorz Koper proposed openstack/kolla-ansible master: Bump ansible-core versions to 2.17 and 2.18 https://review.opendev.org/c/openstack/kolla-ansible/+/941787 | 15:50 |
| opendevreview | Grzegorz Koper proposed openstack/kolla-ansible master: Bump ansible-core versions to 2.17 and 2.18 https://review.opendev.org/c/openstack/kolla-ansible/+/941787 | 15:53 |
| opendevreview | Michal Nasiadka proposed openstack/kolla-ansible master: fluentd: Add ovn logs to input https://review.opendev.org/c/openstack/kolla-ansible/+/942467 | 15:59 |
| opendevreview | Jack Hodgkiss proposed openstack/kayobe master: Add support for making `Bifrost` optional https://review.opendev.org/c/openstack/kayobe/+/942468 | 16:06 |
| opendevreview | Merged openstack/kolla master: CI: Add rocky support to process_build_logs.py https://review.opendev.org/c/openstack/kolla/+/942422 | 16:49 |
| opendevreview | Doug Szumski proposed openstack/kolla stable/2024.2: Prometheus update all exporters to the latest versions https://review.opendev.org/c/openstack/kolla/+/942479 | 16:54 |
| opendevreview | Doug Szumski proposed openstack/kolla stable/2024.1: Prometheus update all exporters to the latest versions https://review.opendev.org/c/openstack/kolla/+/942480 | 16:54 |
| kevko | gurustacker: in config.json should be the ceph directory included | 17:01 |
| opendevreview | Merged openstack/kolla master: CI: Use ansible-lint for CI roles and playbooks https://review.opendev.org/c/openstack/kolla/+/937614 | 17:02 |
| opendevreview | Michal Nasiadka proposed openstack/kolla-ansible master: WIP: CI: Test for log files missing in fluentd config https://review.opendev.org/c/openstack/kolla-ansible/+/942482 | 17:08 |
| opendevreview | Jack Hodgkiss proposed openstack/kayobe master: Add support for making `Bifrost` optional https://review.opendev.org/c/openstack/kayobe/+/942468 | 17:10 |
| opendevreview | Michal Nasiadka proposed openstack/kolla master: WIP: Switch back to aarch64 nodes https://review.opendev.org/c/openstack/kolla/+/932451 | 17:11 |
| opendevreview | Michal Nasiadka proposed openstack/kolla master: DNM: Run fio tests https://review.opendev.org/c/openstack/kolla/+/927210 | 17:11 |
| opendevreview | Michal Nasiadka proposed openstack/kolla master: DNM: Run fio tests https://review.opendev.org/c/openstack/kolla/+/927210 | 17:13 |
| opendevreview | Jack Hodgkiss proposed openstack/kayobe master: Add support for making `Bifrost` optional https://review.opendev.org/c/openstack/kayobe/+/942468 | 17:13 |
| gurustacker | kevko: yes I tried that route but the files were being disregarded when trying to mount the entire directory. Tried adding the file from the directory and this is referenced in the config.json. There seems to be some limiting factor where nothing else is allowed to be added to the /etc/ceph directory. If there's a flag to bypass that or something else please share, otherwise this is a feature request! | 17:14 |
| gurustacker | sorry, is not referenced in config.json | 17:15 |
| opendevreview | Michal Arbet proposed openstack/kolla-ansible master: [CI] Fix swift disk preparation https://review.opendev.org/c/openstack/kolla-ansible/+/913942 | 17:27 |
| opendevreview | Michal Arbet proposed openstack/kolla-ansible master: [CI] Make demo router and network shared https://review.opendev.org/c/openstack/kolla-ansible/+/922899 | 17:27 |
| opendevreview | Michal Arbet proposed openstack/kolla-ansible master: Add rally role https://review.opendev.org/c/openstack/kolla-ansible/+/922900 | 17:27 |
| opendevreview | Michal Arbet proposed openstack/kolla-ansible master: Try to test via rally https://review.opendev.org/c/openstack/kolla-ansible/+/922901 | 17:27 |
| kevko | gurustacker: what are u talking about ..you are not supposed to mount anything ...why ? | 17:48 |
| kevko | gurustacker: did you read the docs ? | 17:48 |
| kevko | gurustacker: you should have | 17:50 |
| kevko | olla@deploy:~$ ls -la /etc/kolla/config/nova/ | 17:50 |
| kevko | total 16 | 17:50 |
| kevko | drwxr-xr-x 2 kolla kolla 4096 Feb 3 14:40 . | 17:50 |
| kevko | drwxr-xr-x 11 kolla kolla 4096 Feb 3 17:34 .. | 17:50 |
| kevko | -rw-r--r-- 1 kolla kolla 243 Feb 3 14:40 ceph.client.cinder.keyring | 17:50 |
| kevko | -rw-r--r-- 1 kolla kolla 287 May 15 2024 ceph.conf | 17:50 |
| kevko | gurustacker: you should not have any mount in container ... so you didn't read the docs ... | 17:51 |
| kevko | gurustacker: only mounted directory is /var/lib/kolla/config_files | 17:51 |
| kevko | gurustacker: then config.json is read and files (ceph.conf and kyering) are copied to direction where it should have | 17:52 |
| kevko | gurustacker: you are still trying to mount something ..and didn't read the docs | 17:52 |
| gurustacker | kevko: I did read the docs, and this has a purpose no? --> nova_compute_extra_volumes: - "/etc/kolla/config/nova/ , so then this doesn't allow adding volumes? Why can't we add custom files in the containers wherever we want? This is a poor limitation and should have an override for other use cases. I know we can configure after deployment, but from deployment this option should be available | 18:11 |
| opendevreview | Jack Hodgkiss proposed openstack/kayobe master: Add support for making `Bifrost` optional https://review.opendev.org/c/openstack/kayobe/+/942468 | 22:46 |
Generated by irclog2html.py 2.17.3 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!