Monday, 2017-09-18

« Sunday, 2017-09-17 Index Tuesday, 2017-09-19 »
*** neex has joined #openstack-kuryr00:32
*** dougbtv__ has quit IRC00:47
*** limao has joined #openstack-kuryr00:49
*** kiennt has joined #openstack-kuryr00:49
*** caowei has joined #openstack-kuryr00:53
*** kiennt has quit IRC00:55
*** neex has quit IRC01:32
*** edisonxiang has joined #openstack-kuryr01:57
*** gouthamr has quit IRC02:10
*** hongbin has joined #openstack-kuryr02:14
*** wangbo has joined #openstack-kuryr02:24
*** kiennt has joined #openstack-kuryr02:32
*** robust has quit IRC02:37
*** lakerzhou has joined #openstack-kuryr03:00
*** gouthamr has joined #openstack-kuryr03:01
*** gouthamr has quit IRC03:17
*** robust has joined #openstack-kuryr03:20
*** hongbin has quit IRC03:25
*** hongbin has joined #openstack-kuryr03:25
*** lakerzhou1 has joined #openstack-kuryr03:40
*** lakerzhou has quit IRC03:44
*** hongbin has quit IRC03:45
*** kiennt has quit IRC04:01
*** robust has quit IRC04:07
*** janki has joined #openstack-kuryr04:19
*** wangbo has quit IRC04:28
*** caowei has quit IRC04:53
*** wangbo has joined #openstack-kuryr05:04
*** caowei has joined #openstack-kuryr05:21
*** aojea has joined #openstack-kuryr06:16
*** kiennt has joined #openstack-kuryr06:51
*** limao has quit IRC07:05
*** limao has joined #openstack-kuryr07:06
*** kiennt has quit IRC07:13
apuimedodeepika08: did you try running some pods with kubectl?07:14
apuimedolivelace2: let me check07:14
*** kiennt has joined #openstack-kuryr07:15
apuimedolivelace2: you mean that if two pods talk to other two pods at the same time it fails?07:16
livelace2apuimedo, Hello. Yes, but not only other two pods, all network connectivity was broken for those pods. I suppose to forget what I wrote to you, I will recheck that case today, a little bit later.07:19
apuimedoirenab: thanks for merging the first containerized patch07:19
apuimedolivelace2: thanks. If that were indeed the case it would be a big bug in Neutron07:20
apuimedolivelace2: you are using ml2/ovs, right?07:20
livelace2yes07:20
apuimedoirenab: https://review.openstack.org/#/c/504027/07:21
apuimedolivelace2: which firewall driver? Hybrid or ovs?07:21
*** pcaruana has joined #openstack-kuryr07:21
livelace2apuimedo, Now I have one important question: in your installation, do you have multiple working pods on the same VM node ?07:22
livelace2apuimedo, I tried both07:22
apuimedolivelace2: how do you test it?07:22
livelace2apuimedo, More details will be later, I should be ensure07:23
apuimedothanks07:23
livelace2apuimedo, Could you answer my  question ?07:23
livelace2 apuimedo, Now I have one important question: in your installation, do you have multiple working pods on the same VM node ?07:23
irenabapuimedo, done07:23
apuimedolivelace2: let me try. I usually try it via services. I have three pods and I access through the service clusterip07:25
apuimedoand all the pods reply07:25
apuimedoone at a time07:25
apuimedois the malfunction you observed when multiple pods try to ping something outside at the same time?07:25
livelace2Yes07:26
apuimedook07:26
apuimedoso I'll try07:26
apuimedoI haven't tried that recently (I did try it for a previous demo in the summit)07:26
livelace2But I think it will be work fine, because you had access to service IPs07:27
livelace2apuimedo, + what are you using ? standard OVS/hybrid ?07:27
*** kiennt has quit IRC07:28
apuimedoovs+firewall. Hybrid doesn't work for me07:30
ltomasboyep, there is a problem with sg and non ovs-firewall for trunk ports07:30
ltomasbobut that is not on kuryr side, but neutron07:31
livelace2I tried both07:32
livelace2ltomasbo, Could you send a link to a bug/whatever ?07:32
livelace2I saw mention about firewall types on the page of Trunk Ports07:33
ltomasbolivelace2, let me check if I can find it!07:33
livelace2But there are no details07:33
livelace2+ I understand difference between OVS native vs OVS hybrid firewall types07:34
livelace2But without much details about problems with Trunk Ports07:35
ltomasbothere was also some problem with same macs for trunk ports: https://bugs.launchpad.net/neutron/+bug/162601007:35
openstackLaunchpad bug 1626010 in neutron "OVS Firewall cannot handle non unique MACs" [High,Fix released] - Assigned to Thomas Morin (tmmorin-orange)07:35
ltomasbothough that one was already fixed07:36
openstackgerritMerged openstack/kuryr-kubernetes master: Fix local.conf.sample in without Octavia  https://review.openstack.org/50402707:40
*** janki is now known as janki|lunch07:42
*** kiennt has joined #openstack-kuryr07:45
apuimedoirenab: are you going to try to run today https://review.openstack.org/#/c/490378/ ?07:51
apuimedoI just fired it up07:51
apuimedowith devstack-heat07:51
*** janki|lunch is now known as janki07:55
irenabapuimedo, just take it and run devstack?07:56
apuimedoyeah07:58
apuimedoto verify the branch07:58
apuimedoand get it all in finally07:58
irenabsure, will verify asap07:59
apuimedothanks irenab!08:00
vikasci verifed apuimedo and that worked08:03
openstackgerritMerged openstack/fuxi master: Don't access etcd via localhost  https://review.openstack.org/50084808:11
*** egonzalez has joined #openstack-kuryr08:12
*** kiennt has quit IRC08:14
*** wangbo has quit IRC08:15
*** wangbo has joined #openstack-kuryr08:16
openstackgerritMerged openstack/kuryr-kubernetes master: Add support to install Kuryr as a network addon  https://review.openstack.org/46667508:18
*** wangbo has quit IRC08:18
openstackgerritMerged openstack/kuryr-kubernetes master: CNI container: parametrize and clean up  https://review.openstack.org/49037708:18
openstackgerritMerged openstack/kuryr-kubernetes master: devstack: optionally run kuryr containerized  https://review.openstack.org/49037808:18
*** wangbo has joined #openstack-kuryr08:27
apuimedovikasc: great08:46
*** limao has quit IRC09:27
*** jchhatbar has joined #openstack-kuryr10:21
*** jchhatbar has quit IRC10:22
*** jchhatbar has joined #openstack-kuryr10:22
*** janki has quit IRC10:24
*** jchhatbar is now known as janki10:25
*** caowei has quit IRC10:29
*** egonzalez has quit IRC10:29
*** jchhatbar has joined #openstack-kuryr10:33
*** jchhatbar has quit IRC10:33
*** jchhatbar has joined #openstack-kuryr10:33
*** janki has quit IRC10:35
*** egonzalez has joined #openstack-kuryr10:45
*** gsagie has joined #openstack-kuryr10:48
*** gsagie has quit IRC10:49
*** jchhatbar is now known as janki11:04
*** limao has joined #openstack-kuryr11:18
openstackgerritLuis Tomas Bolivar proposed openstack/kuryr-kubernetes master: Avoid port update neutron call during pods boot up  https://review.openstack.org/50491511:25
*** egonzalez has quit IRC11:26
ltomasboapuimedo, ^^11:28
ltomasbothis is the first version of the modification to not need port/subports naming during pod creation11:28
ltomasboI'll adapt the kuryr-manager patch sets so that they are also aware of this11:29
apuimedoltomasbo: thanks11:29
apuimedoI'll check11:29
ltomasboand still need to fix the unittests, but wanted to get it available for early comments11:29
*** wangbo has quit IRC11:39
*** lakerzhou1 has quit IRC11:44
*** wangbo has joined #openstack-kuryr11:48
*** limao_ has joined #openstack-kuryr11:51
*** limao has quit IRC11:52
*** atoth has joined #openstack-kuryr12:01
*** mattmceuen has quit IRC12:05
*** egonzalez has joined #openstack-kuryr12:07
*** janki is now known as janki|afk12:28
*** limao_ has quit IRC12:42
openstackgerritLuis Tomas Bolivar proposed openstack/kuryr-kubernetes master: Add Pool Manager to handle subports  https://review.openstack.org/49869812:49
*** lakerzhou has joined #openstack-kuryr12:51
irenabltomasbo, I posted some comments on pools manager patch on previous patchset12:59
ltomasbogreat! thanks! I was just rebasing it (and putting it on top of the new one that does not require the ports-name)13:00
irenabI was lazy to repost them :-)13:01
openstackgerritLuis Tomas Bolivar proposed openstack/kuryr-kubernetes master: Add list and show pool commands to Pool Manager  https://review.openstack.org/50441013:05
*** wangbo has quit IRC13:06
ltomasboirenab, :D don't worry!13:12
ltomasboI'll reply asap13:12
openstackgerritMerged openstack/kuryr-libnetwork master: Fix post gate hook to accommodate for new os-testr  https://review.openstack.org/50434213:26
ltomasboirenab, I replied to you questions/comments. Thanks for the feedback!13:27
*** deepika has joined #openstack-kuryr13:34
apuimedoltomasbo: did you see the comments on https://review.openstack.org/#/c/504915/113:48
apuimedo?13:48
ltomasboyep13:48
ltomasboapuimedo, even reply to them!13:48
ltomasboapuimedo, what do you prefer for the BM case?13:49
ltomasboalso double check with k8s API?13:49
ltomasboports should be down (for now) if not in use by the containers13:49
apuimedoltomasbo: not sure I get it13:51
apuimedoltomasbo: yes, yes, BM should also check with k8s api13:51
ltomasbowhy?13:51
ltomasborace-condition?13:51
apuimedoltomasbo: do you have any idea how slow is changing port names?!13:51
ltomasbono idea, but I assume a couple of second each...13:52
apuimedoI'm doing it now for a lot of ports and the averagae speed is 0.225ports/s13:52
ltomasbonormal ports? or subports?13:52
apuimedodoes it make a difference? I'd hope not13:53
apuimedosince it's only a darned name change13:53
ltomasboahh, ok13:53
ltomasboI was thinking about delete13:53
ltomasbonot update13:53
ltomasboupdate is just changing a field in the db13:54
ltomasboit should be faster...13:54
apuimedoyeah13:54
irenabltomasbo, I am not sure about pool manager security. Who is allowed to call it?13:54
apuimedoit definitely should13:54
apuimedoirenab: can you try it in DF?13:54
ltomasboand getting back to the BM case, why do you want the k8s API check also for BM?13:54
apuimedoltomasbo: why do you think it not necessary?13:54
irenabapuimedo, try what?13:55
apuimedoirenab: port name change speed13:55
ltomasbofor the nested case, as the ports are connected, you don't know if they are in use by containers or not (as they are active)13:55
ltomasbobut for the BM, if there is no container using the port, the status is down13:55
ltomasboso you already know there is no container there, no need to ask k8s13:56
*** zengchen1 has joined #openstack-kuryr13:56
irenablet me know what you measure and I will back with the number13:56
irenabapuimedo, so we will compare apples to apples13:56
apuimedoltomasbo: my point was that it doesn't need to be down in the future if it is kept as a veth in a namespace13:58
apuimedoltomasbo: have you timed how long it takes to filter?13:58
ltomasboapuimedo, no, but I don't have a big env to test it13:59
apuimedook, let me check13:59
apuimedoif this port renaming ever ends14:00
ltomasboI can check with a few ports and containers and let you know14:00
apuimedothat is14:00
irenabapuimedo, let me know what is your test for the name change speed14:00
ltomasboand I'll change the patch to also do the checking for the BM, to make it ready for the future!14:00
apuimedoirenab: I have 900 ports14:01
apuimedoand then I do this14:01
apuimedofor port in $(openstack port list --device-owner compute:kuryr -f value -c ID -c Status -c Name | awk '/demo-/ {print $1}'); do echo openstack port set --name "available-port" $port; openstack port set --name "available-port" $port; done14:01
*** dimak has joined #openstack-kuryr14:02
ltomasboapuimedo, are you changing the name twice?14:02
apuimedodulek_: how's it going with janonymous' cni split?14:02
apuimedoltomasbo: no, no. First I just print the command I execute afterwarsd14:03
apuimedo:-)14:03
ltomasboahh, I see the echo now :D14:03
*** janonymous_ has joined #openstack-kuryr14:04
dulek_apuimedo: DevStack is spinning once again - I hope I've enabled it correctly this time. Meanwhile I'm learning how this thing works.14:04
*** dulek_ is now known as dulek14:04
janonymous_apuimedo: Hi, Meeting today?14:05
apuimedocool14:05
apuimedoright!14:05
apuimedoI was forgetting14:05
janonymous_:D14:06
*** kiennt has joined #openstack-kuryr14:24
*** zengchen1 has quit IRC14:29
*** hongbin has joined #openstack-kuryr14:32
*** robust has joined #openstack-kuryr14:34
*** yasha has joined #openstack-kuryr14:37
janonymous_apuimedo: https://etherpad.openstack.org/p/kuryr-queens-vPTG , can we set this in this channel's topic? for easy access14:38
apuimedojanonymous_: I don't know how xD14:39
janonymous_apuimedo: :D14:40
*** robust has quit IRC14:45
*** yasha has quit IRC14:51
*** livelace has joined #openstack-kuryr14:55
*** yasha has joined #openstack-kuryr14:59
*** janonymous_ has quit IRC15:01
*** gouthamr has joined #openstack-kuryr15:06
*** janki|afk is now known as janki15:14
livelaceapuimedo, ping15:20
livelaceNow, I have a problem with a ping of one host15:20
livelaceI created two ns, a21 and a2215:21
livelaceinside VM created two VLAN, eth0.201, eth0.20215:21
livelaceset those VLANs to NS, eth0.201/a21, eth0.202/a2215:22
livelaceVLAN with appropriate MAC addresses, for port_security avoiding15:22
apuimedowhich is the problem?15:23
livelaceproblem is, that I can ping only one host (full VM) inside this network15:24
livelacehttps://paste.fedoraproject.org/paste/StM5z7vXNTMWRXyfBaZKUA15:25
*** yasha has quit IRC15:25
livelacehttps://paste.fedoraproject.org/paste/Md9CSVgewzenIXaOhHxiSA15:26
apuimedolivelace: who has 172.16.2.815:27
livelacehttps://paste.fedoraproject.org/paste/tTc6CTTShKHL2geSZCsNIw15:27
livelace2.8 in the same net as 2.915:27
apuimedolivelace: and in which host do the containers run? 2.8 or 2.9?15:28
livelacethere is no containers at all15:28
livelaceI'm trying to reproduce the problem in clean environment15:28
livelacewithout any abstraction layers15:29
apuimedolivelace: right, sorry. I meant namespaces15:29
apuimedoon which host did you create the namespaces15:29
livelaceOn moment, with a diagram it will much simpler15:30
apuimedothanks!15:32
livelacehttps://ibb.co/fYC2B515:34
livelaceCENTRAL works with TRUNK, both subport inside one NET, 2.8 and 2.9 sit in NET15:35
*** kiennt has quit IRC15:53
livelaceapuimedo, two Pods on one VM, https://paste.fedoraproject.org/paste/7g0L0SYQXxdO7tM7v8Ze4w15:56
livelaceapuimedo, Did you try this situation in your environment ?15:56
*** dougbtv__ has joined #openstack-kuryr16:01
*** egonzalez has quit IRC16:16
livelacebrb16:16
*** pcaruana has quit IRC16:16
*** dougbtv__ has quit IRC16:16
*** janki has quit IRC16:49
*** robust has joined #openstack-kuryr16:56
*** c00281451_ has joined #openstack-kuryr16:57
*** zengchen has quit IRC17:00
*** gouthamr has quit IRC17:04
livelaceapuimedo, ping17:08
*** livelace has quit IRC17:44
*** egonzalez has joined #openstack-kuryr18:02
*** deepika has quit IRC18:23
*** yasha has joined #openstack-kuryr18:47
*** atoth has quit IRC19:37
yashaapuimedo: I have gone through the code on github ( https://github.com/openstack/kuryr-kubernetes )and the bugs on launchpad(https://bugs.launchpad.net/kuryr-kubernetes). Moreover , According to the First timers' documentation (https://wiki.openstack.org/wiki/Documentation/HowTo/FirstTimers),I have cloned the repository and setup respective virtualenvs. Could you pls help with a issue to start with ?20:13
*** yasha has quit IRC21:16
*** lakerzhou has quit IRC21:29
*** gouthamr has joined #openstack-kuryr21:30
*** aojea has quit IRC21:47
*** gouthamr has quit IRC22:05
*** egonzalez has quit IRC22:39
openstackgerritHongbin Lu proposed openstack/kuryr-libnetwork master: [WIP][NOT_READY_TO_REVIEW] Support create with unaddresses port  https://review.openstack.org/50479823:31
*** hongbin has quit IRC23:34
*** yamamoto has joined #openstack-kuryr23:36
*** lakerzhou has joined #openstack-kuryr23:56
« Sunday, 2017-09-17 Index Tuesday, 2017-09-19 »

Generated by irclog2html.py 2.15.3 by Marius Gedminas - find it at mg.pov.lt!