Wednesday, 2018-04-18

*** yamamoto has joined #openstack-kuryr		00:03
*** yamamoto has quit IRC		00:07
*** yamamoto has joined #openstack-kuryr		00:24
*** yamamoto has quit IRC		00:29
*** kiennt2680 has joined #openstack-kuryr		00:30
*** yamamoto has joined #openstack-kuryr		00:44
*** yamamoto has quit IRC		00:51
*** salv-orlando has joined #openstack-kuryr		01:02
*** salv-orl_ has quit IRC		01:04
*** yamamoto has joined #openstack-kuryr		01:07
*** yamamoto has quit IRC		01:12
*** yamamoto has joined #openstack-kuryr		01:28
*** yamamoto has quit IRC		01:32
*** janki has joined #openstack-kuryr		01:33
*** kiennt2680 has quit IRC		01:38
*** hongbin_ has joined #openstack-kuryr		01:40
*** salv-orlando has quit IRC		01:41
*** salv-orlando has joined #openstack-kuryr		01:42
*** kiennt2680 has joined #openstack-kuryr		01:43
*** kiennt2680 has quit IRC		01:44
*** kiennt2695 has joined #openstack-kuryr		01:45
*** kiennt2695 has quit IRC		01:46
*** kiennt2651 has joined #openstack-kuryr		01:46
*** kiennt2651 has quit IRC		01:47
*** yamamoto has joined #openstack-kuryr		01:49
*** kiennt2609 has joined #openstack-kuryr		01:49
*** yamamoto has quit IRC		01:55
*** salv-orl_ has joined #openstack-kuryr		02:00
*** salv-orlando has quit IRC		02:03
*** yamamoto has joined #openstack-kuryr		02:12
*** yamamoto has quit IRC		02:17
*** maysamacedos has quit IRC		02:27
*** yamamoto has joined #openstack-kuryr		02:32
*** yamamoto has quit IRC		02:39
*** jchhatbar has joined #openstack-kuryr		02:51
*** janki has quit IRC		02:53
*** yamamoto has joined #openstack-kuryr		02:55
*** yamamoto has quit IRC		03:00
*** kiennt2609 has quit IRC		03:13
*** kiennt2609 has joined #openstack-kuryr		03:13
*** yamamoto has joined #openstack-kuryr		03:16
*** yamamoto has quit IRC		03:21
*** gcheresh_ has joined #openstack-kuryr		03:31
*** yamamoto has joined #openstack-kuryr		03:37
*** yamamoto has quit IRC		03:43
*** yamamoto has joined #openstack-kuryr		04:00
*** salv-orl_ has quit IRC		04:04
*** yamamoto has quit IRC		04:04
*** salv-orlando has joined #openstack-kuryr		04:04
*** kiennt2609 has quit IRC		04:05
*** hongbin_ has quit IRC		04:07
*** janonymous has joined #openstack-kuryr		04:17
openstackgerrit	wangqi proposed openstack/kuryr-kubernetes master: fix a typo https://review.openstack.org/562108	04:20
*** yamamoto has joined #openstack-kuryr		04:21
*** gcheresh_ has quit IRC		04:24
*** yamamoto has quit IRC		04:25
*** yamamoto has joined #openstack-kuryr		04:41
*** yamamoto has quit IRC		04:48
*** yamamoto has joined #openstack-kuryr		04:48
*** gcheresh_ has joined #openstack-kuryr		04:52
*** jchhatbar has quit IRC		04:59
*** jchhatbar has joined #openstack-kuryr		05:00
*** jchhatbar has quit IRC		05:01
*** jchhatbar has joined #openstack-kuryr		05:01
*** jchhatbar has quit IRC		05:02
*** jchhatbar has joined #openstack-kuryr		05:03
*** pcaruana has joined #openstack-kuryr		05:05
*** pcaruana has quit IRC		05:19
*** yboaron_ has joined #openstack-kuryr		06:11
*** kiennt2609 has joined #openstack-kuryr		06:24
*** jchhatba_ has joined #openstack-kuryr		06:30
*** jchhatbar has quit IRC		06:33
*** kiennt2609 has quit IRC		06:38
dmellado	dulek: that shouldn't be it	06:41
dmellado	I've tried it on BM with that tarballed amphorae and works just fine	06:41
*** jchhatba_ is now known as janki		06:44
*** pcaruana has joined #openstack-kuryr		06:50
openstackgerrit	Yossi Boaron proposed openstack/kuryr-kubernetes master: Kuryr controller - pluggable handlers documentation https://review.openstack.org/561447	07:09
*** chenyb4 has joined #openstack-kuryr		07:49
ltomasbo	dmellado, https://review.openstack.org/#/c/561244/	07:49
ltomasbo	can you +W that one, it is needed to do other backports	07:49
*** yamamoto has quit IRC		07:49
*** yamamoto has joined #openstack-kuryr		07:49
*** yamamoto_ has joined #openstack-kuryr		07:56
*** yamamoto has quit IRC		08:00
dmellado	ltomasbo: there you go	08:01
ltomasbo	dmellado, thanks!	08:01
*** garyloug has joined #openstack-kuryr		08:47
openstackgerrit	Luis Tomas Bolivar proposed openstack/kuryr-kubernetes master: Add namespace handler https://review.openstack.org/562159	09:22
openstackgerrit	Michał Dulko proposed openstack/kuryr-kubernetes master: Gate with containerized deployment and OpenShift https://review.openstack.org/557313	09:46
*** gcheresh has joined #openstack-kuryr		09:51
*** yboaron_ has quit IRC		09:51
*** celebdor1 has joined #openstack-kuryr		09:55
*** gcheresh_ has quit IRC		09:55
*** celebdor1 is now known as apuimedo		09:55
*** garyloug has quit IRC		10:02
*** garyloug has joined #openstack-kuryr		10:02
*** chenyb4 has quit IRC		10:17
*** pcaruana has quit IRC		10:27
*** rh-jelabarre has joined #openstack-kuryr		11:05
*** gcheresh has quit IRC		11:08
openstackgerrit	Luis Tomas Bolivar proposed openstack/kuryr-kubernetes master: Add namespace subnet driver for namespace creation https://review.openstack.org/562247	11:19
*** yamamoto_ has quit IRC		11:36
openstackgerrit	Luis Tomas Bolivar proposed openstack/kuryr-kubernetes master: Namespace deletion functionality for namespace_subnet driver https://review.openstack.org/562249	11:38
*** gcheresh has joined #openstack-kuryr		11:58
*** atoth has joined #openstack-kuryr		11:59
*** yamamoto has joined #openstack-kuryr		12:03
*** maysamacedos has joined #openstack-kuryr		12:17
*** pcaruana has joined #openstack-kuryr		12:19
*** janonymous has quit IRC		13:06
*** apuimedo has quit IRC		13:07
openstackgerrit	Luis Tomas Bolivar proposed openstack/kuryr-kubernetes master: Add namespace subnet driver for namespace creation https://review.openstack.org/562247	13:28
openstackgerrit	Luis Tomas Bolivar proposed openstack/kuryr-kubernetes master: Namespace deletion functionality for namespace_subnet driver https://review.openstack.org/562249	13:28
*** fabian_ has joined #openstack-kuryr		13:33
*** apuimedo has joined #openstack-kuryr		13:35
dulek	dmellado, ltomasbo: Probably better place to discuss Kuryr DevStack issues.	13:45
dmellado	ltomasbo: dulek yep	13:46
dmellado	ltomasbo: let's dig in your vm	13:46
*** fabian_ is now known as chenyb4		13:46
dulek	ltomasbo: https://gist.githubusercontent.com/dulek/518e7ef3685a1a08c39a684bd5ade28d/raw/5e483b039b1847a237942e57a139e673f0ac8e73/gistfile1.txt	13:46
dmellado	ltomasbo: https://github.com/danielmellado.keys	13:47
dulek	dmellado: Oh, that's cool, I can share my key like that?	13:48
dmellado	dulek: totally, it'll share whichever keys you got there on github	13:48
dulek	AWESOME.	13:48
dmellado	xD	13:48
dmellado	we might fail in discovering what's up but at least you got to learn something new xD	13:49
ltomasbo	dulek, dmellado stack@38.145.33.129	13:49
dulek	ltomasbo: Hm, almost no iptables rules?	13:50
ltomasbo	dulek, dmellado I have a tmux session	13:50
ltomasbo	if you want to join!	13:50
dmellado	ltomasbo: yep, I'm in	13:51
ltomasbo	see, the cni crash	13:51
ltomasbo	dmellado, and if I start it manually	13:51
ltomasbo	I doubt it is sg, since it should not connect if the traffic is blocked	13:52
dulek	WTF is LB VIP port down?	13:52
dmellado	dulek: ltomasbo it looks to me like some issue on the cert, but I'm not familiar with that	13:52
ltomasbo	it could be that something drops the connection?	13:52
dulek	s/VIP/VIF	13:52
ltomasbo	dulek, that is normal, right?	13:52
ltomasbo	it is a port that gets added to the amphora as allows-address-pair, right?	13:53
dulek	ltomasbo, dmellado: It's not certificate issue.	13:53
dulek	I mean it is - curl don't get the server cert.	13:53
dulek	But that's due to connection issue, not certificate.	13:53
*** janonymous has joined #openstack-kuryr		13:53
dulek	Just don't think about certificates, trust me.	13:53
ltomasbo	dulek, see the tmux	13:53
dulek	Sec.	13:54
ltomasbo	10.0.0.129 is attached to octavia-lb-vrrp as allowed_address_pairs	13:54
dulek	This one's down? :P	13:54
ltomasbo	dulek, curl gets the ca.crt, right?	13:54
ltomasbo	dulek, yep, but that is how octavia works	13:55
dulek	Lemme show you the real issue.	13:55
ltomasbo	it is normal that the lbaas VIP is down	13:55
ltomasbo	apuimedo, ^^ can you confirm?	13:55
dulek	ltomasbo, dmellado: See?	13:55
dulek	Container has host networking.	13:55
dmellado	a-ha	13:55
dmellado	so it doesn't fetch a *****	13:55
dulek	So if LB is not accessible from the host we're screwed.	13:55
dulek	And it is not for some reason.	13:56
dulek	Now in the gate that worked even for Octavia.	13:56
dulek	I'll check some more recent runs.	13:56
ltomasbo	dulek, perhaps is a bug on ovs-firewall with allow-address-pairs...	13:57
ltomasbo	it won't be the first time...	13:57
dulek	Oh, waaaait… There's no gate with both Octavia and containers.	13:57
dulek	Fuck.	13:57
ltomasbo	so, that is why it is broken... xD	13:57
ltomasbo	now it will be difficult to know when...	13:58
dulek	Anything that's not tested is broken. :D	13:58
ltomasbo	yep, that is the golden rule!	13:58
dulek	Eh, okay, so what now.	13:58
ltomasbo	I can try another thing	13:58
dmellado	lol	13:58
ltomasbo	maybe I can re-stack, with ovs-hybrid	13:58
dulek	ltomasbo: Might be a good idea.	13:58
ltomasbo	to see if that is the culprit or not	13:58
dmellado	ltomasbo if you're using ovs-firewall that might be it	13:58
ltomasbo	ok, it will take 10 min or so, let's try it out	13:59
ltomasbo	dulek, dmellado: I'll ping you when it finishes...	13:59
ltomasbo	not sure if I prefer it to be an ovs-firewall issue or not...	13:59
dmellado	ltomasbo: ack, thanks!	13:59
dmellado	dulek: in any case, TODO: add octavia + containers gate	14:00
dmellado	xD	14:00
dmellado	oh, FYI ian's patch got merged	14:00
dulek	dmellado: DIB?	14:00
dulek	dmellado: Is Octavia cloning DIB or we need to wait for a release?	14:01
dmellado	that's what I'm trying to figure out now	14:01
dmellado	probably they'll just pip it, but let's check	14:01
dmellado	https://review.openstack.org/#/c/561479/10	14:01
dmellado	to be clear	14:01
*** kiennt26_ has joined #openstack-kuryr		14:04
*** apuimedo has quit IRC		14:06
dmellado	dulek: it's cloned	14:11
dmellado	so we'd be able to check it out now	14:11
dulek	dmellado: Rechecing.	14:11
dmellado	awesome	14:12
dulek	Fingers crossed. ;)	14:12
*** chenyb4 has quit IRC		14:15
dmellado	ltomasbo: dulek all right, devstack completed! xD	14:18
dulek	ltomasbo: Finished.	14:18
dmellado	heh, we both saw that	14:18
dulek	ltomasbo: HA!	14:18
dmellado	so f*** ovs-firewall	14:19
dmellado	\o/	14:19
dulek	dmellado: List the pods please.	14:19
dulek	ltomasbo: ^ :P	14:19
dulek	Looks good	14:19
ltomasbo	yep	14:19
ltomasbo	again...	14:19
dulek	ltomasbo: Will you file a bug that K8s API LB is broken with ovs-firewall?	14:20
ltomasbo	dulek, sure!	14:20
*** celebdor1 has joined #openstack-kuryr		14:20
*** celebdor1 is now known as apuimedo		14:20
apuimedo	ltomasbo: did you read my response on VIP active status?	14:21
dmellado	apuimedo: I guess we didn't	14:21
dmellado	apuimedo: go for it xD	14:21
apuimedo	I was saying that it is normal	14:21
apuimedo	since it is never bound	14:21
apuimedo	it only gets added to allows ip addresses of the amphorae ports	14:21
ltomasbo	apuimedo, I did not...	14:21
apuimedo	so nothing sets it active	14:21
ltomasbo	apuimedo, that is what I thought	14:21
ltomasbo	thanks!	14:22
dmellado	yeah, that was our idea	14:22
ltomasbo	dulek, dmellado apuimedo I'm pinging kuba about the ovs-firewall issue	14:22
dmellado	ltomasbo: this brings back memories	14:23
ltomasbo	xD	14:24
apuimedo	which issue?!	14:24
apuimedo	we have a new issue?	14:24
dmellado	apuimedo: lazy emerit PTL, read the backlog xD xD	14:25
* dmellado can't but think about mamastova when hearing emerit		14:25
apuimedo	dmellado: I got disconnected	14:26
dulek	apuimedo: eavesdrop.openstack.org/irclogs ;)	14:27
dulek	apuimedo: ltomasbo tried containerzied with Octavia and ovs-firewall.	14:28
dulek	apuimedo: We've hit K8s API LB connection issue.	14:28
dulek	apuimedo: Same as the one you've debugged on gate vm.	14:28
dmellado	related to ovs-firewall this time	14:29
*** hongbin_ has joined #openstack-kuryr		14:40
dmellado	btw apuimedo irenab ltomasbo dulek related to next PTG it'll be on NA, September 10-14, 2018.	14:43
dmellado	there's a lot of time still but we might need to be aware of these dates	14:43
dmellado	(and need to vote whether we do that virtual or attend)	14:43
apuimedo	dmellado: where?	14:43
dmellado	personally I think it was worth going there f2f, besides the blizzard and so	14:44
apuimedo	NA is like saying "Asia"	14:44
dmellado	that's still not known	14:44
dmellado	probably Canada, IIUC	14:44
apuimedo	dmellado: not even if coast or middle?	14:44
dmellado	but still not disclosed	14:44
dmellado	not for now, I guess I'll be able to get more info soon	14:45
dmellado	will discuss there	14:45
dmellado	I'd vote for Montreal, if it were my call xD	14:45
dulek	dmellado: Montreal was on the list as alternative for Denver.	14:46
dulek	dmellado: So it might be it.	14:46
apuimedo	reusing visa	14:46
dulek	dmellado: Kuryr team is mostly in EMEA. It might be hard to get all of us to NA.	14:47
apuimedo	xD	14:47
apuimedo	if dmellado doesn't wash his passport again	14:47
apuimedo	dulek: I'd rather do a KTG in Brno, TLV or Barcelona	14:47
dmellado	dulek: that's partially why I was thinking about VTG	14:47
dmellado	and maybe some internal mid-cycle	14:47
dmellado	but we'll get to that	14:48
dmellado	apuimedo: LOL	14:48
dulek	dmellado: You've washed your passport?	14:48
dmellado	I kept that safe this time	14:48
dmellado	dulek: YEAH	14:48
apuimedo	dulek: twice	14:48
dulek	Nice. BTW I needed no visa to get to Canada.	14:48
dmellado	it was on my pants after coming from Sydney and as I was really tired I dropped everything on the washing machine without realizing xD	14:48
apuimedo	xD	14:48
dmellado	and after that it happened again because I left that with a lot of clothings and my GF didn't realize	14:48
dulek	dmellado: Well, 10 hour flight is an acceptable excuse.	14:48
dmellado	after that	14:49
dmellado	I keep the latest one inside a safe place	14:49
dmellado	xD	14:49
dmellado	dulek: if only 10, the longest flight back to Sydney was 15 hours xD	14:49
dulek	I'm glad it's not Sydney then.	14:49
dmellado	dulek: for me it was first 7 hours to Abu-Dhabi, 3 hours layover	14:50
dmellado	and then 15 hours	14:50
dmellado	yeepee	14:50
dmellado	xD	14:50
dmellado	after reading, watching films, finishing newest mario and sleeping I still had like 8 hours left	14:51
dmellado	xD	14:51
dulek	apuimedo, irenab: Fix for pip 10 in stable/queens for Kuryr: https://review.openstack.org/#/c/562295/	14:52
dulek	dmellado: Probably you have rights as well. ^	14:52
*** yamamoto has quit IRC		14:53
dmellado	dulek: I should but looks like I don't	14:54
dmellado	dulek: we've got the new cli command	14:55
dmellado	apudo	14:55
dmellado	which is the equivalent of sudo for that repo	14:55
dmellado	apudo merge it xD	14:55
dmellado	apuimedo: ^^xD	14:55
dulek	dmellado: I've added the comment.	14:57
apuimedo	I agree with dmellado's comment	14:58
apuimedo	on needing comment in the tox install	14:58
dulek	apuimedo: Fixed. ;)	14:58
dmellado	apuimedo: would you do the honors now?	14:58
apuimedo	dmellado has merge rights	14:58
apuimedo	dulek: dmellado: I'll merge it when zuul posts the test results and they are +1	15:01
apuimedo	gotta go afk for 10 minutes	15:01
dmellado	fair enough	15:01
dulek	Sure.	15:01
dmellado	I'll be afk from today one, gotta go to my favorite place again	15:02
dmellado	so tired of hospitals, meh	15:02
dmellado	today on	15:02
dmellado	heh, somthing's odd with the gerrit groups https://review.openstack.org/#/admin/groups/996,members	15:03
dmellado	anyways, folks, I'm off, good afternoon!	15:05
apuimedo	bak	15:09
*** gcheresh has quit IRC		15:17
dulek	apuimedo: Success again: https://review.openstack.org/#/c/562295/	15:18
apuimedo	gotcha	15:19
*** kiennt26_ has quit IRC		15:22
openstackgerrit	Luis Tomas Bolivar proposed openstack/kuryr-kubernetes master: Add namespace subnet driver for namespace creation https://review.openstack.org/562247	15:27
openstackgerrit	Luis Tomas Bolivar proposed openstack/kuryr-kubernetes master: Namespace deletion functionality for namespace_subnet driver https://review.openstack.org/562249	15:27
*** gcheresh has joined #openstack-kuryr		15:40
*** premsankar has joined #openstack-kuryr		15:46
*** gcheresh has quit IRC		15:46
openstackgerrit	Antoni Segura Puimedon proposed openstack/kuryr-kubernetes master: devstack: Fix octavia api lb kubelet iface access https://review.openstack.org/562322	15:47
dulek	ltomasbo: Are you able to confirm if this solves the issue. ^	15:53
dulek	?	15:53
*** yamamoto has joined #openstack-kuryr		15:53
apuimedo	dulek: is https://review.openstack.org/#/c/561974/1..2/playbooks/tempest-kuryr-kubernetes-base/run.yaml cheating?	15:54
apuimedo	xD	15:54
dulek	OH MY, SOMEONE NOTICED!?	15:54
apuimedo	dulek: xD	15:55
dulek	apuimedo: Idea is simple - Octavia installs diskimage-builder from git if it's in LIBS_FROM_GIT.	15:55
dulek	apuimedo: https://github.com/openstack/octavia/blob/master/devstack/plugin.sh#L33-L38	15:55
dulek	apuimedo: If it's not… well I don't know how it installs it. :D	15:55
apuimedo	dulek: ok. I can live with it	15:55
ltomasbo	dulek, testing it right now	15:55
dulek	apuimedo: But lets see if this passes tests.	15:56
apuimedo	yes, yes. I'm holding on the w	15:56
dulek	apuimedo: If it will that would mean DIB workaround is solving the issue and we can think what's the proper way of including it.	15:56
*** yamamoto has quit IRC		16:00
dulek	apuimedo: Is it normal that my env is missing service_pod_access SG?	16:05
apuimedo	dulek: nope. It is not	16:06
apuimedo	dulek: paste me `openstack security group list`	16:06
dulek	It's created only for Octavia.	16:06
apuimedo	really?	16:07
apuimedo	I forgot that	16:07
apuimedo	you're right	16:07
*** maysamacedos has quit IRC		16:08
dulek	Yup. Anyway LBaaS v2 was working fine for ltomasbo.	16:08
ltomasbo	dulek, yep	16:08
apuimedo	so I'll put the test	16:08
apuimedo	for it being octavia and l3 mode	16:09
ltomasbo	apuimedo, I can give it a try to l2 mode after this one...	16:09
ltomasbo	(it is taking a bit more than the 10 minutes I said)	16:09
apuimedo	ltomasbo: in l2 mode the origin of the communication is from the same subnet as kubelet	16:10
apuimedo	so it'll work	16:10
openstackgerrit	Antoni Segura Puimedon proposed openstack/kuryr-kubernetes master: devstack: Fix octavia api lb kubelet iface access https://review.openstack.org/562322	16:10
ltomasbo	apuimedo, probably, I remember a different sg rule being added for l2	16:12
ltomasbo	but maybe was to the pod itself	16:12
apuimedo	ltomasbo: none should be necessary	16:12
apuimedo	that's for pods	16:12
apuimedo	and in fact, for l2 mode that one should not be necessary either	16:12
ltomasbo	\o/ it worked	16:13
ltomasbo	apuimedo, actually, based on devstack/plugin	16:16
ltomasbo	it maybe be needed to add the octavia_pod_access_sg_id	16:16
ltomasbo	apuimedo, rule --> "k8s pod subnet allowed from k8s-pod-subnet"	16:17
ltomasbo	ahh, no, that is needed for the pods to be reached from the amphora	16:18
ltomasbo	probably not for the kubelet	16:18
*** maysamacedos has joined #openstack-kuryr		16:21
dulek	ltomasbo: How about restacking your LBaaS v2 VM with OpenShift instead of Kubernetes?	16:26
dulek	ltomasbo: I have similar issue on my local env.	16:26
dulek	Works fine with K8s but not with OpenShift.	16:26
dulek	And I'm using LBaaS + iptables_hybrid, so it's not SG.	16:27
ltomasbo	LBaasV2 + Kubernetes (without apuimedo's patch?)	16:27
ltomasbo	dulek, ^^	16:27
ltomasbo	dulek, just the local.conf.openshift config?	16:28
dulek	ltomasbo: What I do is comment out all enable_service kubernetes-* and enable_service kubelet.	16:29
ltomasbo	umm	16:29
dulek	ltomasbo: And then: enable_service openshift-master openshift-node	16:29
dulek	DOCKER_CGROUP_DRIVER="systemd"	16:29
ltomasbo	I think you need to leave the kuryr-kubernetes, right?	16:29
dulek	ltomasbo: kuryr-kubernetes doesn't match kubernetes-*. :D	16:30
ltomasbo	sorry, you/re right	16:30
ltomasbo	ok, that I have it	16:31
ltomasbo	I need to go, but I'll restack it and take a look later/tomorrow	16:31
*** yamamoto has joined #openstack-kuryr		16:56
*** yamamoto has quit IRC		17:00
dulek	Whooo, I've got a really nice bug!	17:03
dulek	apuimedo: Interested?	17:03
apuimedo	dulek: if it's nice I am	17:03
dulek	apuimedo: I've had hard time reproducing this on my env: http://logs.openstack.org/13/557313/5/experimental/kuryr-kubernetes-tempest-daemon-containerized-openshift-lbaasv2/0158ebb/controller/logs/kubernetes/pod_logs/kube-system-kuryr-controller-3371820712-z69zv.txt.gz#_2018-04-18_10_32_19_946	17:04
dulek	apuimedo: But I finally got it!	17:04
dulek	apuimedo: You know when it happens? When pod is created on its own and not through deployment.	17:04
dulek	apuimedo: (this is OpenShift specific)	17:04
apuimedo	:O	17:04
apuimedo	did you file a bug on both lp and bz?	17:05
dulek	apuimedo: I assume this means that it doesn't ring a bell. :D	17:05
dulek	apuimedo: Not yet, I was still thinking it's my patch fault.	17:05
dulek	apuimedo: This happens in containerized deployment only, so I assume this is related to SA missing something.	17:06
apuimedo	dulek: it does not	17:07
apuimedo	ring a bell	17:07
apuimedo	dulek: such a big wall of text	17:08
apuimedo	it's hard to see the actual problem	17:08
apuimedo	oh	17:08
dulek	apuimedo: List of fields that can be edited, metadata is not one of them.	17:08
apuimedo	spec: Forbidden: pod updates may not change fields other than `spec.containers[].image`, `spec.initContainers[].image`, `spec.activeDeadlineSeconds` or `spec.tolerations`	17:08
apuimedo	wtf	17:08
apuimedo	why would metadata not be editable	17:09
apuimedo	openshift version?	17:09
dulek	apuimedo: 3.7.1, this is what we run in the gate.	17:09
dulek	I've just annotated that pod manually through `kubectl annotate`.	17:10
dulek	This is definitely some ServiceAccount permissions issue.	17:10
apuimedo	probably	17:13
apuimedo	dulek: and we should move to 3.8	17:13
apuimedo	sorry, 3.9	17:13
apuimedo	the binaries are finally there https://github.com/openshift/origin/releases/tag/v3.9.0	17:13
dulek	apuimedo: Okay, retest that with 3.9 and if it's still failing I'll start filing bugs.	17:14
dulek	I'll retest	17:14
apuimedo	thanks dulek	17:15
*** garyloug has quit IRC		17:28
*** janki has quit IRC		17:37
*** yamamoto has joined #openstack-kuryr		17:56
*** yamamoto has quit IRC		18:02
dulek	Looks like stuff's working for 3.9, I'll follow up in an hour or two.	18:06
*** pcaruana has quit IRC		18:12
celebdor	Cool	18:43
*** yamamoto has joined #openstack-kuryr		18:57
*** yamamoto has quit IRC		19:03
*** apuimedo has quit IRC		19:03
*** apuimedo has joined #openstack-kuryr		19:09
*** pcaruana has joined #openstack-kuryr		19:13
*** pcaruana has quit IRC		19:20
openstackgerrit	Michał Dulko proposed openstack/kuryr-kubernetes master: Gate with containerized deployment and OpenShift https://review.openstack.org/557313	19:28
openstackgerrit	Michał Dulko proposed openstack/kuryr-kubernetes master: Raise OpenShift version to 3.9.0 https://review.openstack.org/562366	19:28
*** atoth has quit IRC		19:30
*** premsankar has quit IRC		19:55
*** yamamoto has joined #openstack-kuryr		19:59
*** yamamoto has quit IRC		20:04
openstackgerrit	Antoni Segura Puimedon proposed openstack/kuryr-kubernetes master: devstack: fix octavia allocation ranges https://review.openstack.org/562067	20:20
*** yamamoto has joined #openstack-kuryr		20:44
*** dmellado has quit IRC		20:45
*** rh-jelabarre has quit IRC		21:42
*** premsankar has joined #openstack-kuryr		21:59
*** yamamoto_ has joined #openstack-kuryr		22:04
*** yamamoto has quit IRC		22:08
*** pmannidi has joined #openstack-kuryr		22:19
*** apuimedo has quit IRC		23:04
*** maysamacedos has quit IRC		23:13
*** maysamacedos has joined #openstack-kuryr		23:13
*** maysamacedos has quit IRC		23:15
*** hongbin_ has quit IRC		23:18
*** maysamacedos has joined #openstack-kuryr		23:42

Generated by irclog2html.py 2.15.3 by Marius Gedminas - find it at mg.pov.lt!