Wednesday, 2017-08-30

johnsomRunning the bonehead checks now00:01
openstackgerritMichael Johnson proposed openstack/octavia master: WIP: Floating IP Network Driver (spans L3s)
johnsomGive that a go while I read up on all of the subtleties of sqla transactions again.00:02
rm_worklol k00:03
rm_worki think that does it johnsom00:05
rm_workthe error messages are lulzy but00:05
rm_workit works00:05
johnsomWell, you can fix those00:05
johnsomWhat was the output of the debug log message?00:06
johnsomOut of curiousity00:06
johnsomAh, ok, that looks good00:06
rm_workso switching to specifically NoResultFound and going to make that look more sane00:07
rm_workbut yes00:07
johnsomWell, you need to handle a lock timeout and deadlock too, that is why I made it so open....00:07
openstackgerritAdam Harwell proposed openstack/octavia master: Make housekeeping build spares with an executor
rm_workwith this code it SHOULD just be that one, no?00:08
rm_worki guess maybe?00:08
rm_worksuppose I can leave it open00:08
johnsomI mean, pretty much if anything goes wrong there it's safer to skip it right?00:08
johnsomOk then, I will send my bill and call it a day.00:09
rm_workbut why that middle one....00:09
rm_work2017-08-29 17:05:36.957 6243 WARNING [-] VIP re-association ignored, amphora 76a5d63d-ba0f-44ef-ba9b-58c4b3cb4025 is busy.: NoResultFound: No row was found for one()00:09
rm_workwhy is it printing the error too00:10
rm_workit's not passed >_>00:10
johnsomI was wondering if you just added that to the message in your own code...  I thought that was odd myself00:10
rm_workyeah i did not00:10
rm_worki wonder if LOG.warning automatically appends when it's in an except block or something???00:10
rm_workbut it's super weird00:11
johnsomThat would be my guess.  I just don't remember seeing that before00:11
rm_workOH maybe i know00:11
johnsomIt means you don't really need the debug00:12
johnsomI just put it in to see what the exception details were00:12
rm_workyeah hmmm00:12
*** sshank has quit IRC00:32
*** fnaval has joined #openstack-lbaas00:49
*** basilAB has left #openstack-lbaas00:51
*** sticker has joined #openstack-lbaas01:21
rm_workyeah i don't understand why it prints that way but whatever02:07
*** cody-somerville has joined #openstack-lbaas02:12
*** cody-somerville has joined #openstack-lbaas02:12
*** yamamoto has joined #openstack-lbaas02:30
*** sapd_ has joined #openstack-lbaas02:45
*** yamamoto has quit IRC02:48
xgerman_ok, running Adam’s improved script…03:19
xgerman_also my ISP dropped me to 40MBs03:19
*** chlong has quit IRC03:21
*** yamamoto has joined #openstack-lbaas03:33
*** links has joined #openstack-lbaas03:40
*** yamamoto has quit IRC03:41
*** sanfern has joined #openstack-lbaas04:10
openstackgerritRajat Sharma proposed openstack/octavia master: Removes unnecessary utf-8 encoding
*** rstarmer has quit IRC04:43
*** rstarmer has joined #openstack-lbaas04:43
*** aojea has joined #openstack-lbaas04:52
*** gcheresh has joined #openstack-lbaas04:56
*** aojea has quit IRC04:57
*** armax has quit IRC05:01
*** cody-somerville has quit IRC05:53
*** aojea has joined #openstack-lbaas05:56
*** yamamoto has joined #openstack-lbaas05:59
*** aojea has quit IRC06:04
*** sapd_ has quit IRC06:15
*** eezhova has joined #openstack-lbaas06:20
*** rcernin has joined #openstack-lbaas06:42
*** pcaruana has joined #openstack-lbaas06:43
*** gtrxcb has quit IRC06:54
*** eezhova has quit IRC07:09
*** tesseract has joined #openstack-lbaas07:19
*** aojea has joined #openstack-lbaas07:20
*** eezhova has joined #openstack-lbaas07:34
*** yamamoto has quit IRC07:53
*** yuanying_ has joined #openstack-lbaas08:10
*** yuanying has quit IRC08:13
*** fnaval has quit IRC08:27
*** yamamoto has joined #openstack-lbaas08:37
openstackgerritJude Cross proposed openstack/octavia-tempest-plugin master: Create scenario tests for health monitors
openstackgerritJude Cross proposed openstack/octavia-tempest-plugin master: Create scenario tests for health monitors
*** yamamoto has quit IRC09:45
*** yamamoto has joined #openstack-lbaas09:52
*** sanfern has quit IRC10:34
*** rstarmer has quit IRC11:41
*** rstarmer has joined #openstack-lbaas11:42
*** numans has joined #openstack-lbaas11:44
*** ianychoi has quit IRC12:07
*** logan- has quit IRC12:07
*** dasanind has quit IRC12:07
*** redondo-mk has quit IRC12:07
*** amitry has quit IRC12:07
*** amotoki has quit IRC12:07
*** ianychoi_ has joined #openstack-lbaas12:07
*** rtjure has quit IRC12:09
*** kbyrne has quit IRC12:10
*** amotoki has joined #openstack-lbaas12:11
*** tesseract has quit IRC12:11
*** rtjure has joined #openstack-lbaas12:12
*** kbyrne has joined #openstack-lbaas12:12
*** logan- has joined #openstack-lbaas12:22
*** redondo-mk has joined #openstack-lbaas12:22
*** dasanind has joined #openstack-lbaas12:22
*** amitry has joined #openstack-lbaas12:22
*** amotoki has quit IRC12:25
*** tesseract has joined #openstack-lbaas12:26
*** amotoki has joined #openstack-lbaas12:27
*** sanfern has joined #openstack-lbaas12:36
*** slaweq has joined #openstack-lbaas12:41
*** fnaval has joined #openstack-lbaas12:48
*** links has quit IRC13:00
*** eezhova has quit IRC13:05
*** eezhova has joined #openstack-lbaas13:06
*** atoth has quit IRC13:10
*** fnaval has quit IRC13:11
*** catintheroof has joined #openstack-lbaas13:15
*** leitan has joined #openstack-lbaas13:35
*** fnaval has joined #openstack-lbaas13:36
*** ssmith has joined #openstack-lbaas13:44
*** cpusmith has joined #openstack-lbaas13:45
*** ssmith has quit IRC13:49
*** links has joined #openstack-lbaas14:05
*** links has quit IRC14:06
*** pcaruana has quit IRC14:06
*** rstarmer has quit IRC14:07
johnsomBummer the full diff didn't happen....14:13
*** armax has joined #openstack-lbaas14:14
*** aojea has quit IRC14:32
*** slaweq has quit IRC14:55
*** slaweq has joined #openstack-lbaas14:55
*** atoth has joined #openstack-lbaas14:57
*** slaweq has quit IRC15:00
*** gcheresh has quit IRC15:07
*** rcernin has quit IRC15:09
*** slaweq has joined #openstack-lbaas15:19
*** slaweq has quit IRC15:23
*** eezhova has quit IRC15:24
*** aojea has joined #openstack-lbaas15:39
*** aojea has quit IRC15:39
*** aojea has joined #openstack-lbaas15:39
johnsomNeat, in theory the DVR bug got fixed in neutron15:49
*** strigazi is now known as strigazi_AFK15:50
*** bbzhao has quit IRC15:52
*** bbzhao has joined #openstack-lbaas15:53
*** pcaruana has joined #openstack-lbaas15:54
*** sanfern has quit IRC15:57
*** sanfern has joined #openstack-lbaas15:57
*** eezhova has joined #openstack-lbaas15:58
openstackgerritMichael Johnson proposed openstack/octavia master: Update release notes theme to openstackdocs
*** atoth has quit IRC16:07
*** aojea has quit IRC16:15
tomtomtomhello, I ran into an issue creating a listener with barbican cert.  I know it should seem obvious but is the following error most likely due to ACL's on the barbican cert or an actual bad cert that can't be read: 2017-08-30 15:50:34.221 35890 ERROR oslo_messaging.rpc.server UnreadableCert: Could not read X509 from PEM16:28
*** tesseract has quit IRC16:33
tomtomtomok looks like it was the cert after all.16:46
johnsomYep, though I would have thought barbican would have failed validation on upload16:47
tomtomtomyeah I just thought maybe I was doing ACL's wrong, but I uploaded/used a different cert and it was readable by the octavia pool and the pool is online, so I guess there is some kind of difference in how that particular cert was uploaded into barbican.  I'll be able to research further in a bit.16:48
johnsomOctavia meeting starting in 5 minutes on #openstack-meeting16:55
*** rm_mobile has joined #openstack-lbaas16:59
*** JudeC has joined #openstack-lbaas17:00
*** strigazi_AFK is now known as strigazi17:03
*** aojea has joined #openstack-lbaas17:12
*** strigazi has quit IRC17:14
*** strigazi has joined #openstack-lbaas17:14
nmagnezijohnsom, that was a short meeting :P17:16
johnsomYeah, like record short17:17
johnsomI don't want to have people just hang around though, I want the meetings to be reasonably efficient...17:17
johnsomShameless plug for reviews:17:18
johnsomxgerman_ FYI, I will test the delete thing you mentioned, but pretty sure that already existed.  I opened a bug about that button being gone on some pages.  But I will confirm it wasn't a regression.17:19
xgerman_I figured so I +2’d but didn’t want to do +A until confirmation17:20
johnsomUgh, the gate queue is backed up today.  Waiting almost an hour and a half for my releasenotes patch to start17:20
*** atoth has joined #openstack-lbaas17:24
*** atoth has quit IRC17:24
*** atoth has joined #openstack-lbaas17:27
*** eandersson has quit IRC17:31
*** bbzhao has quit IRC17:40
xgerman_not good17:41
*** bzhao has joined #openstack-lbaas17:41
*** sanfern has quit IRC17:48
*** rcernin has joined #openstack-lbaas17:52
*** eezhova has quit IRC17:55
*** KeithMnemonic2 has quit IRC18:14
nmagnezijohnsom, your shameless plug for reviews was noted :P , I was not aware of all of those patches18:14
xgerman_nmagnezi if you like to make me happy:
xgerman_I also need to be more aggressive with adding my name to patches: didn’t make the cut on
johnsomxgerman_ You are there18:19
nmagnezixgerman_, with that one i don't even know where to begin :<18:19
nmagnezijohnsom, np18:20
xgerman_yeah, didn’t read left2right but top down18:20
xgerman_at least Aish made it finally18:20
johnsomOctavia was #15 for lines of code in Pike, not bad...18:21
johnsomThere we go...18:24
*** aojea has quit IRC18:35
*** yamamoto has quit IRC19:22
*** yamamoto has joined #openstack-lbaas19:28
*** catintheroof has quit IRC19:28
*** slaweq has joined #openstack-lbaas19:31
*** slaweq has quit IRC19:31
*** slaweq has joined #openstack-lbaas19:32
*** leitan has quit IRC19:32
*** leitan has joined #openstack-lbaas19:33
*** leitan has quit IRC19:33
*** leitan has joined #openstack-lbaas19:33
*** leitan has quit IRC19:34
*** gcheresh has joined #openstack-lbaas19:34
*** eezhova has joined #openstack-lbaas19:41
*** tongl has joined #openstack-lbaas20:00
*** rm_mobile has quit IRC20:01
*** rm_mobile has joined #openstack-lbaas20:01
*** rm_mobile has quit IRC20:05
*** yamamoto has quit IRC20:08
*** aojea has joined #openstack-lbaas20:09
rm_workjohnsom: we had a spec somewhere to take in an additional user-security-group to attach to LBs, didn't we?20:26
rm_workinterestingly this serves a dual purpose20:26
rm_workone, it lets users kinda sorta firewall their LB20:26
rm_worktwo, for situations where there's no tenant networks and traffic goes back out via VIP, it allows users to protect their VMs by allowing access by security group source20:27
rm_work(we can say "this security group lets traffic in, if it comes from a source tagged with this other security group)20:27
rm_workugh there's no way for me to fix the quoting/parens there in a sane way, i am going to tweak out about that for a while >_< fff20:28
*** catintheroof has joined #openstack-lbaas20:29
johnsomNope, we decided to add an ACL interface to the API.  But, either way, the spec never got posted/written20:29
rm_workso err20:31
rm_workif i were to just20:32
rm_workgo back and propose we do the SG thing again20:32
rm_workand actually write the spec20:32
rm_workwe might be fine with that?20:32
johnsomIs there a way we can accept a user defined SG but still protect the amphora?20:32
johnsomCan we layer them with a priority that says something like (inbound VIP and SSH only, outbound any) and then whatever the user wants?20:33
johnsomI mean, if someone can just open random ports on the amps it's not much of a "managed" service....20:34
johnsomI think we should still protect the amps the best we can20:34
xgerman_rm_work we had a discussion to assign some sec-grp to our ports to mark them20:38
rm_workjohnsom: hmmm yeah that's interesting...20:38
xgerman_I am willing to entertain the sec-grp source model20:38
xgerman_we can allow sec-grps for people and secure ourselves with fwaas20:39
xgerman_the first one that we slap a sec-grp on so vms can use it to protect themselves20:39
xgerman_(aka remote security group)20:39
*** pcaruana has quit IRC20:40
*** atoth has quit IRC20:40
xgerman_rm_work on eof the K8 guys asked for the remote-sec-grp as well20:40
rm_workxgerman_: right yeah that's what we want20:40
rm_workwe want the member VMs to be able to lock down traffic to only the LB20:41
rm_workwhich right now we have to tell people "just open up your VMs to 10.*"20:41
xgerman_ok, I am in support of that20:41
xgerman_but that means we need to add a column/row to the lb-show command to show the sec-grp we assigned for you20:41
johnsomI would almost rather turn on iptables in the amps than add fwaas into the mix20:42
xgerman_you have been assimilated. Why use an existing project if you cna use a competing tech20:42
xgerman_100% OpenStack20:42
xgerman_anyhow, my position is remote sec-hrps yes; user defined no; ACLs for acccess control20:43
johnsomWell, I'm just saying we depend on a bunch of other projects already and adding one more just makes our gates even more volatile.  Nothing against fwaas, it's just....20:43
*** eezhova has quit IRC20:46
rm_workprobably this is something i'd like to discuss in Denver if we have time20:49
xgerman_I am on board with us assigning sec-grps and making them available as remote ones20:49
rm_workxgerman_: BTW it's looking like for Sydney I will probably have to share my airbnb with other GD folks :/20:50
johnsomWe have time in Denver, put it on the etherpad20:50
*** slaweq has quit IRC20:50
rm_workk just need to find the etherpad lol20:51
*** sshank has joined #openstack-lbaas20:53
*** gcheresh has quit IRC20:54
xgerman_I will fire up our travel tool and see how much things cost20:55
johnsomxgerman_ Can you give me a better sequence on that delete thing?21:13
xgerman_1) Create LB with everyhting21:14
johnsomgot it21:14
xgerman_2) Navigate to health monitor21:14
xgerman_3) Delete HealthMonitor21:14
xgerman_4) It should bring you back to Pool WITHOUT an Edit button21:15
xgerman_5) Go to Listener, back to pool21:15
xgerman_6) Delete21:15
xgerman_7) same…21:15
johnsomYeah, ok.  That happened before the patch21:15
johnsomYeah, I think I captured that in a bug yesterday, let me double check.21:15
johnsomThe delete button is like always missing on listener....  Ugh21:16
openstackLaunchpad bug 1714096 in octavia "octavia-dashboard Pool Edit/Delete button missing after health monitor delete" [High,Triaged]21:18
johnsomOk, explicit bug....21:18
johnsomNot a regression, just old broken stuff21:19
xgerman_then feel free to +A21:23
xgerman_or do I need to gp back?21:23
johnsomThey are my patches, so technically I should not +A them21:23
*** johnsom changes topic to "Welcome to LBaaS / Octavia - Queens development is now open."21:24
johnsomDon't need the Pike bug list there anymore21:24
johnsomThanks.  I am ready to attempt to switch it over to Octavia21:24
*** sapd has quit IRC21:26
*** armax has quit IRC21:35
openstackgerritMerged openstack/octavia-dashboard master: Remove old unused code.
openstackgerritMerged openstack/octavia-dashboard master: Remove neutron-lbaas checks and rename "slug"
xgerman_mmh, they have some airbnb for $50 in Sydney21:36
xgerman_rm_work no chance you get a 3 bed room so we can start an Octavia commune?21:37
tomtomtomhello, I'm running OS newton, from the unified client when I add an tls cert it DOES NOT get added into the listnener21:42
tomtomtomDB I have to run it manually. you guys see anything like this before?21:42
johnsomtomtomtom What do you mean by unified client?21:45
*** cpusmith has quit IRC21:47
tomtomtomopenstack listener create https listener with tls cert defined21:54
johnsomtomtomtom and you are running what version of Octavia?  master?21:54
tomtomtomyes just download last week21:54
johnsomtomtomtom That should work, can you post the output of "openstack --debug listener create ...."21:55
johnsomIt doesn't give an error?21:55
tomtomtomno it creates the listener, but I have to run a mysql command and update the tls field in the db manually.  It's just the href to the barbican container that I have to insert.21:57
tomtomtomok well now I get a conflict when running the command again I changed the name of the listener but I guess that's not allowed21:58
johnsomIf it has the exact same port it will conflict21:59
johnsom(If my patch ever lands it will give a useful error message21:59
*** aojea has quit IRC22:02
*** aojea has joined #openstack-lbaas22:02
*** aojea has quit IRC22:06
*** fnaval has quit IRC22:17
*** rcernin has quit IRC22:28
*** fnaval has joined #openstack-lbaas22:28
*** rstarmer has joined #openstack-lbaas22:35
*** armax has joined #openstack-lbaas22:39
*** kbyrne has quit IRC22:40
*** kbyrne has joined #openstack-lbaas22:41
rm_workwhelp finally booked airbnb and got my visa for australia22:41
xgerman_we need a Visa?22:44
*** ssmith has joined #openstack-lbaas23:03
*** ssmith has quit IRC23:19
*** rstarmer has quit IRC23:38
*** kbyrne has quit IRC23:51
*** sshank has quit IRC23:51
*** kbyrne has joined #openstack-lbaas23:54

Generated by 2.15.3 by Marius Gedminas - find it at!