Friday, 2025-10-31

opendevreview	Michal Nasiadka proposed openstack/kolla-ansible master: manila: Automate DHSS-related configuration https://review.opendev.org/c/openstack/kolla-ansible/+/963274	06:00
opendevreview	Michal Nasiadka proposed openstack/kolla-ansible master: CI: Enable manila in cephadm scenario https://review.opendev.org/c/openstack/kolla-ansible/+/963272	06:02
opendevreview	Michal Nasiadka proposed openstack/kolla-ansible master: manila: Automate DHSS-related configuration https://review.opendev.org/c/openstack/kolla-ansible/+/963274	06:02
opendevreview	Michal Nasiadka proposed openstack/kolla-ansible master: manila: Automate DHSS-related configuration https://review.opendev.org/c/openstack/kolla-ansible/+/963274	06:03
opendevreview	Pierre Riteau proposed openstack/kayobe master: Add seed-images jobs https://review.opendev.org/c/openstack/kayobe/+/954626	06:45
opendevreview	Pierre Riteau proposed openstack/kayobe master: Add centos/rocky 10 seed-images jobs https://review.opendev.org/c/openstack/kayobe/+/954626	08:41
opendevreview	Michal Nasiadka proposed openstack/kolla-ansible master: manila: Automate DHSS-related configuration https://review.opendev.org/c/openstack/kolla-ansible/+/963274	09:04
opendevreview	Michal Nasiadka proposed openstack/kolla master: CI: Fix publish secret for arm64 https://review.opendev.org/c/openstack/kolla/+/965453	09:31
opendevreview	Merged openstack/kolla master: CI: Fix publish secret for arm64 https://review.opendev.org/c/openstack/kolla/+/965453	09:56
opendevreview	Michal Nasiadka proposed openstack/kolla-ansible master: WIP: Switch federation tasks to Ansible modules https://review.opendev.org/c/openstack/kolla-ansible/+/965457	10:00
opendevreview	Bartosz Bezak proposed openstack/kolla-ansible master: CI: ironic - stop using tinyipa https://review.opendev.org/c/openstack/kolla-ansible/+/965244	10:05
opendevreview	Michal Nasiadka proposed openstack/kolla master: Bump versions of packages in sources.py https://review.opendev.org/c/openstack/kolla/+/965458	10:08
opendevreview	Michal Nasiadka proposed openstack/kolla master: Bump versions of packages in sources.py https://review.opendev.org/c/openstack/kolla/+/965458	10:15
opendevreview	Michal Nasiadka proposed openstack/kolla-ansible master: manila: Automate DHSS-related configuration https://review.opendev.org/c/openstack/kolla-ansible/+/963274	10:18
opendevreview	Michal Nasiadka proposed openstack/kolla-ansible master: Replace Redis with Valkey https://review.opendev.org/c/openstack/kolla-ansible/+/959539	10:53
opendevreview	Michal Arbet proposed openstack/kolla-ansible master: Make Ceph keyring extraction compatible with variable substitution https://review.opendev.org/c/openstack/kolla-ansible/+/965471	11:03
opendevreview	Michal Nasiadka proposed openstack/kolla master: Bump versions of packages in sources.py https://review.opendev.org/c/openstack/kolla/+/965458	11:33
opendevreview	Michal Nasiadka proposed openstack/kolla stable/2024.2: CI: Drop upgrade jobs - 2024.1 is going unmaintained https://review.opendev.org/c/openstack/kolla/+/965489	11:37
opendevreview	Michal Nasiadka proposed openstack/kolla-ansible stable/2024.2: CI: Drop upgrade jobs - 2024.1 is going unmaintained https://review.opendev.org/c/openstack/kolla-ansible/+/965501	11:39
opendevreview	Michal Nasiadka proposed openstack/kolla-ansible stable/2025.1: CI: Drop slurp upgrade jobs - 2024.1 is going unmaintained https://review.opendev.org/c/openstack/kolla-ansible/+/965502	11:43
opendevreview	Michal Arbet proposed openstack/kolla-ansible master: Make Ceph keyring extraction compatible with variable substitution https://review.opendev.org/c/openstack/kolla-ansible/+/965471	11:43
opendevreview	Michal Nasiadka proposed openstack/kolla-ansible master: manila: Automate DHSS-related configuration https://review.opendev.org/c/openstack/kolla-ansible/+/963274	11:50
opendevreview	Michal Nasiadka proposed openstack/kolla-ansible master: manila: Automate DHSS-related configuration https://review.opendev.org/c/openstack/kolla-ansible/+/963274	11:59
mnasiadka	bbezak, frickler: raised patches to drop upgrade jobs related to 2024.1 going unmaintained - https://review.opendev.org/q/topic:%22kolla_2024_1_unmaintained%22	12:13
greatgatsby	Good day. Is there a way to globally set an environment variable for all containers with kolla-ansible? That's possibly an XY problem question, as what I'm really trying to do is set the cacert file globally for all the python virtual environments within all the containers.	12:18
Vii	greatgatsby: /etc/kolla/certificates/ca/	12:21
Vii	and globals.yaml .... kolla_copy_ca_into_containers: "yes"	12:22
greatgatsby	right, but requests specifically uses it's own cacert.pem within the venv. This caused us issues initially, has this been fixed in later releases?	12:22
Vii	You would probably have to describe exactly what your problem is, I use a custom CA and I don't remember having any problems with it (that some service wouldn't use it)	12:23
greatgatsby	we've had our certs in /etc/kolla/certificates/ca and enabled kolla_copy_ca_into_containers, however, python in the venv would still through SSL errors due to requests using it's own bundle. That's why there's a REQUESTS_CA_BUNDLE that people often have to use with python.	12:24
greatgatsby	what we've been doing is modifying the KA script that copies the certs on container startup and having it also append the certs to the requests cacert.pem file. However, we don't like this approach, and unless something has actually been fixed in kolla-ansible, we're looking at other options, such as setting REQUESTS_CA_BUNDLE globally for all containers.	12:25
Vii	I think it depends on the service, in some you need to provide the path to the CA file in the configuration	12:26
greatgatsby	yes, we're also going to do that, so far we've found that keystone and designate support that, but we'd also like a catch-all. So I guess it wasn't so much of an XY problem question, as our current plan is to provide per service config when available, but also set the REQUESTS_CA_BUNDLE env var if possible	12:27
Vii	for example: https://docs.openstack.org/barbican/latest/install/barbican-backend.html#vault-plugin	12:27
opendevreview	Bartosz Bezak proposed openstack/kolla-ansible master: CI: ironic - stop using tinyipa https://review.opendev.org/c/openstack/kolla-ansible/+/965244	12:28
greatgatsby	So I guess, is it possible with kolla-ansible to set an env vars for all containers? Google AI answer mentioned some kolla_extra_environment_variables option, but I can't find anything about it, probably an AI hallucination.	12:28
Vii	I don't know, you can definitely add a custom line when building the image where you can specify it	12:29
opendevreview	Michal Nasiadka proposed openstack/kolla-ansible master: Replace Redis with Valkey https://review.opendev.org/c/openstack/kolla-ansible/+/959539	12:32
greatgatsby	we're not building all the images, we're using the quay.io images. Thanks for your help so far though, appreciated.	12:33
opendevreview	Michal Nasiadka proposed openstack/kolla-ansible master: WIP: Switch federation tasks to Ansible modules https://review.opendev.org/c/openstack/kolla-ansible/+/965457	12:33
Vii	try adding in ansible/group_vars/all/common.yml	12:35
Vii	docker_common_options:	12:35
Vii	auth_email: "{{ docker_registry_email }}"	12:35
Vii	auth_password: "{{ docker_registry_password }}"	12:35
Vii	auth_registry: "{{ docker_registry }}"	12:35
Vii	auth_username: "{{ docker_registry_username }}"	12:35
Vii	environment:	12:36
Vii	REQUESTS_CA_BUNDLE	12:36
Vii	i'm talking about "environment" safely to add	12:36
greatgatsby	nice, thanks! I'll give that a try	12:39
Vii	greatgatsby: look but only kolla-toolbox https://github.com/openstack/kolla-ansible/blob/stable/2025.1/ansible/roles/common/defaults/main.yml#L20	12:58
dcapone2004	I have a question about long term support and what everyone currently does ... It seems like a major OS version is only supported for around ~2 years...essentially once a new major release of a distribution comes out, support for older releases is dropped ... is everyone using Kolla actually updating their infrastructure every 2 years to keep this pace?	13:03
dcapone2004	I work for a smaller company, but in my past experiences at larger companies, the whole point of 5 and 10 year lifecycles and the major pushback with CentOS 8 having its lifespan abruptly cut short was because, most enterprises DO NOT like to immediately move to what is perceived as "untested" new OS distributions	13:03
luchaaijer[m]	dcapone2004: In general the previous LTS OS release is usually supported	13:12
luchaaijer[m]	OS devs would obviously prefer for you to be on the newest OS version, but in practice a lot of people run older OS versions	13:13
luchaaijer[m]	At the FOSDEM openstack meeting i believe the majority of people were still on older OS versions	13:13
luchaaijer[m]	* In general the previous LTS operating system release is usually supported	13:13
luchaaijer[m]	s/OS/openstack/, s/a/_a/, s/lot/lot_/	13:13
luchaaijer[m]	s/OS/openstack/	13:13
luchaaijer[m]	* openstack devs would obviously prefer for you to be on the newest openstack version, but in practice a lot of people run older openstack versions	13:14
* luchaaijer[m] just realized shortening openstack to OS was not a great idea		13:14
dcapone2004	KA 2025.2 appears to drop support for rocky 9, despite rocky 10 just being released 5 months ago (or less) ... that is what I am trying to navigate through and understand	13:15
luchaaijer[m]	that's for base images though	13:18
luchaaijer[m]	* that's for container images though, so is it a problem?	13:18
opendevreview	Michal Nasiadka proposed openstack/kolla-ansible master: manila: Automate DHSS-related configuration https://review.opendev.org/c/openstack/kolla-ansible/+/963274	13:19
luchaaijer[m]	I agree that it is an interesting choice, but i wouldn't see too much into it. It's still open software and you can't test everything	13:20
dcapone2004	luchaaijer[m], I was unaware that was containers, docs seems to indicate host OS, https://docs.openstack.org/kolla-ansible/latest/user/support-matrix.html	13:23
luchaaijer[m]	It's all ansible and containers so your host OS doesn't really matter too much	13:23
dcapone2004	that was my general thinking, but I figured it had more to do with supported python and ansible versions and what they targeted in KA scripts	13:24
luchaaijer[m]	I guess so. I've at least never had any issues running one OS realease behind	13:26
dcapone2004	and supported docker / podman versions for that matter as docker has gone a little crazy recently with breaking changes between versions	13:26
dcapone2004	luchaaijer[m], good to know.... a 3 to 5 year lifecycle is more manageable than 1 to 3 (depending on when in an OS lifecycle a node is deployed)	13:28
mnasiadka	dcapone2004: Rocky 9 has python 3.9, which is EOL and not supported by Flamingo onwards	13:39
dcapone2004	even with a venv created with python 3.12?	13:41
opendevreview	Michal Nasiadka proposed openstack/kolla-ansible master: Replace Redis with Valkey https://review.opendev.org/c/openstack/kolla-ansible/+/959539	13:55
opendevreview	Michal Nasiadka proposed openstack/kolla-ansible master: Replace Redis with Valkey https://review.opendev.org/c/openstack/kolla-ansible/+/959539	14:04
opendevreview	Pierre Riteau proposed openstack/kolla-ansible master: [DNM] Revert "Support ironic-pxe-filter" https://review.opendev.org/c/openstack/kolla-ansible/+/965824	16:50
opendevreview	Pierre Riteau proposed openstack/kayobe master: [DNM] Test upgrade with revert https://review.opendev.org/c/openstack/kayobe/+/965825	16:52
opendevreview	Michal Nasiadka proposed openstack/kolla-ansible master: Replace Redis with Valkey https://review.opendev.org/c/openstack/kolla-ansible/+/959539	17:11
tonyb	So I discovered recently that I need to template a bunch of containers (not OpenStack specific) to work with a variety of distros and distro releases. Can I use kolla as a generic templating engine or shoudl I "roll my own"?	17:18
opendevreview	Michal Nasiadka proposed openstack/kolla-ansible master: Replace Redis with Valkey https://review.opendev.org/c/openstack/kolla-ansible/+/959539	17:30
mnasiadka	tonyb: we have support for ,,external dockerfiles’’ where you can use Kolla templating language - should be somewhere in the docs	18:24
mnasiadka	tonyb: I can look it up on Monday - I’ve shut my laptop lid already ;)	18:25
tonyb	oh cool. I can look. it was an idea and to be honest I thought I'd be a little lazy and ask before I looked	18:25
tonyb	thank you	18:26
mnasiadka	tonyb: https://docs.openstack.org/kolla/latest/admin/image-building.html#custom-docker-templates	18:37
tonyb	awesome thanks	18:38
tonyb	..... weren't you getting a beer or two?	18:38
mnasiadka	tonyb: yeah, thanks for reminding me :)	18:57
opendevreview	Hollie Hutchinson proposed openstack/kayobe master: Refactor baremetal compute registration https://review.opendev.org/c/openstack/kayobe/+/952979	18:58
opendevreview	Pierre Riteau proposed openstack/kayobe master: [DNM] Test upgrade with ironic_pin_release_version https://review.opendev.org/c/openstack/kayobe/+/965853	19:02
senan	Hello guys, can someone please help to understand why the kolla-ansible prechecks keeps throwing errors like "object of type 'dict' has no attribute 'ironic-neutron-agent'" effectivelly forcing me to add a group for every possible service in my hosts file even though I didn't activate them in globals.yml?	20:46
senan	Hello guys, can someone please help to understand why the kolla-ansible prechecks keeps throwing errors like "object of type 'dict' has no attribute 'ironic-neutron-agent'" effectivelly forcing me to add a group for every possible service in my hosts file even though I didn't activate them in globals.yml?	21:33
senan	one example of group inclusion check is in https://github.com/openstack/kolla-ansible/blob/master/ansible/roles/prechecks/tasks/service_checks.yml#L7	21:34
senan	when: inventory_hostname in groups['baremetal']	21:34
senan	it forces one to add empty baremetal group into the hosts file otherwise there's a 'has no attribute' error	21:35
senan	am I still in there?	22:05

Generated by irclog2html.py 4.0.0 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!