| tafkamax | Podman is daemon less so you can't bork something when you restart docker.service accidentally | 06:37 |
|---|---|---|
| tafkamax | But I think docker in kolla-ansible is more used, so more robust. | 06:38 |
| tafkamax | Hmm maybing using th example from kolla-toolbox.py with module_extra_vars might help | 07:21 |
| opendevreview | Taavi Ansper proposed openstack/kolla-ansible master: Fix keystone with IDP configured. https://review.opendev.org/c/openstack/kolla-ansible/+/975901 | 07:25 |
| tafkamax | Nobody has used the example from the kolla-toolbox.py docs though :D module_extra_vars. | 07:26 |
| tafkamax | Let's see if it will help. | 07:26 |
| opendevreview | Leonie Chamberlin-Medd proposed openstack/kayobe master: Add support for fail2ban in Kayobe https://review.opendev.org/c/openstack/kayobe/+/973090 | 08:09 |
| opendevreview | Pierre Riteau proposed openstack/kayobe master: CI: Add kayobe-ansible-control-host-configure jobs https://review.opendev.org/c/openstack/kayobe/+/972843 | 08:14 |
| blanson[m] | Moha_: we went with podman to avoid the spof that is an accidental docker restart. Podman is less used, but I've merged quite a few patches recently to get it to work nicely, and avoid regressions (mainly idempotence was broken for a bit). I'd say it's now just as good as docker (but less usage so, you're the one finding bugs lol) | 08:43 |
| tafkamax | We had unattended upgrades on docker pkgs | 08:45 |
| tafkamax | and had a hit :D | 08:45 |
| blanson[m] | there is still one issue if you're having the combo of debian 12 + podman where nova-compute cannot be idempotent because the version of podman shipped with debian 12 has an api bug. You can install a more recent version, or choose any other OS tho | 08:45 |
| tafkamax | after that we used blacklist to blacklist docker pkgs for updates | 08:45 |
| tafkamax | we use security pkgs only though for unattended | 08:45 |
| tafkamax | but hasnt happened after | 08:46 |
| tafkamax | in HCI we run cephadm with podman and docker for kolla to separate the two | 08:46 |
| blanson[m] | unattended upgrades is one thing, the other is if you ever need to update docker for a CVE for example | 08:46 |
| blanson[m] | that will restart your cluster | 08:46 |
| tafkamax | yes | 08:46 |
| blanson[m] | when we chose podman I kinda regretted it at first cause I spent 2 months fixing it, but now it works well :D | 08:48 |
| tafkamax | Why is my CI failing 🥲 | 08:49 |
| blanson[m] | oh no.. 975901 ? | 08:49 |
| blanson[m] | I can take a look maybe today | 08:49 |
| tafkamax | Seems that using the variable that nobody has used module_extra_vars didn't help. | 08:49 |
| tafkamax | I spent way too many hours debugging it yesterday to understand it comes from the toolbox, maybe fixes for the secret exposure will fix it though, but I haven't tested them with my patch. | 08:50 |
| opendevreview | Taavi Ansper proposed openstack/kolla-ansible master: Fix keystone with IDP configured. https://review.opendev.org/c/openstack/kolla-ansible/+/975901 | 09:16 |
| opendevreview | Merged openstack/kayobe-config master: Synchronise configuration with master https://review.opendev.org/c/openstack/kayobe-config/+/977436 | 09:38 |
| opendevreview | Leonie Chamberlin-Medd proposed openstack/kayobe master: Deploy more containers https://review.opendev.org/c/openstack/kayobe/+/922402 | 09:50 |
| *** jhorstmann is now known as Guest3489 | 10:09 | |
| opendevreview | Pierre Riteau proposed openstack/kolla master: Update Prometheus to version 3.5.1 https://review.opendev.org/c/openstack/kolla/+/977609 | 10:41 |
| opendevreview | Merged openstack/kayobe-config-dev master: Synchronise configuration with master https://review.opendev.org/c/openstack/kayobe-config-dev/+/977437 | 11:15 |
| opendevreview | Verification of a change to openstack/kolla-ansible master failed: Allow SNI frontend when using a single haproxy VIP https://review.opendev.org/c/openstack/kolla-ansible/+/975421 | 11:15 |
| opendevreview | Leonie Chamberlin-Medd proposed openstack/kayobe master: Add support for fail2ban in Kayobe https://review.opendev.org/c/openstack/kayobe/+/973090 | 11:17 |
| bbezak | Something changed in tempest, all CI is broken | 11:42 |
| bbezak | :) | 11:42 |
| bbezak | tempest: 'run --config-file etc/tempest.conf --regex .*smoke.*' is not a tempest command. See 'tempest --help'. | 11:42 |
| bbezak | Did you mean one of these? | 11:42 |
| bbezak | help | 11:42 |
| bbezak | init | 11:42 |
| tafkamax | woah | 11:48 |
| bbezak | checking | 11:48 |
| frickler | bbezak: I'm pretty sure nothing changed in tempest itself recently. at first sight this looks like maybe a quoting issue? | 11:52 |
| bbezak | I think this is because tempest 46.0 tag don’t include this https://opendev.org/openstack/tempest/commit/f9a7a6d2c08184c2cf03619f86ab49410d60ddc4 | 11:58 |
| bbezak | And recently bumped oslo.utils https://review.opendev.org/c/openstack/requirements/+/977444 doesn’t work with secretutils.md5. - it seems | 11:58 |
| bbezak | https://review.opendev.org/c/openstack/tempest/+/947714 | 12:04 |
| bbezak | frickler | 12:04 |
| bbezak | https://review.opendev.org/c/openstack/oslo.utils/+/975048 | 12:16 |
| bbezak | https://review.opendev.org/c/openstack/releases/+/976958 | 12:16 |
| bbezak | (Posted info on #openstack-qa) | 12:17 |
| bbezak | It is not directly seen, but easily reproducable https://paste.openstack.org/show/831117/ | 12:20 |
| opendevreview | Doug Szumski proposed openstack/kolla-ansible master: Support multiple Nova Compute Ironic instances https://review.opendev.org/c/openstack/kolla-ansible/+/973881 | 12:35 |
| bbezak | https://review.opendev.org/c/openstack/releases/+/977624 | 12:42 |
| frickler | bbezak: oh, so you (we?) are using tagged tempest with master u-c? that sounds like a bad combination | 12:58 |
| tafkamax | for master it should be non-tagged, just latest? | 13:00 |
| bbezak | Well, upper-constraints combinations for each branch should work :) | 13:03 |
| bbezak | But you may be right, as tempest is not in upper-constraints | 13:06 |
| bbezak | In any case latest tempest tag is broken with latest oslo-utils tag | 13:06 |
| bbezak | Let’s fix it | 13:06 |
| mnasiadka | Just add tempest in required projects and install from the checkout - I didn’t think it through properly ;) | 13:12 |
| mnasiadka | This way we’ll get depends-on support | 13:13 |
| bbezak | ok | 13:14 |
| opendevreview | Taavi Ansper proposed openstack/kolla-ansible master: Fix keystone with IDP configured. https://review.opendev.org/c/openstack/kolla-ansible/+/975901 | 13:21 |
| opendevreview | Bartosz Bezak proposed openstack/kolla-ansible master: CI: use Tempest checkout in master jobs https://review.opendev.org/c/openstack/kolla-ansible/+/977665 | 14:21 |
| opendevreview | Bartosz Bezak proposed openstack/kolla-ansible master: CI: use Tempest checkout in master jobs https://review.opendev.org/c/openstack/kolla-ansible/+/977665 | 14:22 |
| bbezak | Yet another breakage :) - https://zuul.opendev.org/t/openstack/build/75820ae4876b4135bd1490d87d1af903 | 14:29 |
| bbezak | The conflict is caused by: | 14:29 |
| bbezak | kolla-ansible 21.1.0.dev446 depends on bcrypt<5 and >=4.3.0 | 14:29 |
| bbezak | The user requested (constraint) bcrypt===5.0.0 | 14:29 |
| tafkamax | It's break city in here! | 14:33 |
| bbezak | https://review.opendev.org/c/openstack/requirements/+/965873 | 14:34 |
| bbezak | Brypt bumped here | 14:34 |
| bbezak | Potential fix in WIP - https://review.opendev.org/c/openstack/kolla-ansible/+/969867 | 14:37 |
| opendevreview | Michal Nasiadka proposed openstack/kolla-ansible master: WIP: Switch from passlib to internal bcrypt filter https://review.opendev.org/c/openstack/kolla-ansible/+/969867 | 14:39 |
| opendevreview | Will Szumski proposed openstack/kayobe master: Bump stackhpc.openstack to 0.10.0 https://review.opendev.org/c/openstack/kayobe/+/976985 | 18:58 |
| opendevreview | Will Szumski proposed openstack/kayobe master: Template disabled repositories https://review.opendev.org/c/openstack/kayobe/+/976615 | 18:58 |
| opendevreview | Will Szumski proposed openstack/kayobe master: Adds dnf_repo_state_overrides https://review.opendev.org/c/openstack/kayobe/+/977028 | 18:58 |
| opendevreview | Will Szumski proposed openstack/kayobe master: WIP: Adds ansible-inventory wrapper https://review.opendev.org/c/openstack/kayobe/+/977714 | 19:39 |
| opendevreview | Will Szumski proposed openstack/kayobe master: WIP: Adds ansible-inventory wrapper https://review.opendev.org/c/openstack/kayobe/+/977714 | 20:01 |
| opendevreview | Pierre Riteau proposed openstack/kolla-ansible master: WIP: Switch from passlib to internal bcrypt filter https://review.opendev.org/c/openstack/kolla-ansible/+/969867 | 20:18 |
| opendevreview | Pierre Riteau proposed openstack/kolla-ansible master: WIP: Switch from passlib to internal bcrypt filter https://review.opendev.org/c/openstack/kolla-ansible/+/969867 | 20:24 |
| opendevreview | Verification of a change to openstack/kolla-ansible master failed: Allow SNI frontend when using a single haproxy VIP https://review.opendev.org/c/openstack/kolla-ansible/+/975421 | 20:25 |
| opendevreview | Pierre Riteau proposed openstack/kolla-ansible master: WIP: Switch from passlib to internal bcrypt filter https://review.opendev.org/c/openstack/kolla-ansible/+/969867 | 20:29 |
| opendevreview | Pierre Riteau proposed openstack/kolla-ansible master: WIP: Switch from passlib to internal bcrypt filter https://review.opendev.org/c/openstack/kolla-ansible/+/969867 | 20:35 |
| opendevreview | Pierre Riteau proposed openstack/kolla-ansible master: WIP: Switch from passlib to internal bcrypt filter https://review.opendev.org/c/openstack/kolla-ansible/+/969867 | 21:15 |
| opendevreview | Michal Arbet proposed openstack/kolla-ansible master: Add service-api-paste role for api-paste.ini management https://review.opendev.org/c/openstack/kolla-ansible/+/952700 | 22:29 |
Generated by irclog2html.py 4.0.0 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!