| *** yamamoto has joined #openstack-lbaas | 00:06 | |
| *** yamamoto has quit IRC | 00:11 | |
| *** rcernin has joined #openstack-lbaas | 00:22 | |
| *** Vorrtex has quit IRC | 00:32 | |
| *** trown has quit IRC | 00:32 | |
| *** trown has joined #openstack-lbaas | 00:33 | |
| *** rcernin has quit IRC | 00:59 | |
| *** sapd1 has quit IRC | 00:59 | |
| *** sapd1 has joined #openstack-lbaas | 00:59 | |
| *** rcernin has joined #openstack-lbaas | 01:09 | |
| *** sapd1 has quit IRC | 01:13 | |
| *** sapd1 has joined #openstack-lbaas | 01:14 | |
| *** yamamoto has joined #openstack-lbaas | 02:02 | |
| *** kmadac has quit IRC | 02:05 | |
| *** kmadac has joined #openstack-lbaas | 02:07 | |
| *** yamamoto has quit IRC | 02:09 | |
| *** yamamoto has joined #openstack-lbaas | 02:25 | |
| *** yamamoto has quit IRC | 02:26 | |
| *** yamamoto has joined #openstack-lbaas | 02:32 | |
| *** hongbin has joined #openstack-lbaas | 03:03 | |
| *** psachin has joined #openstack-lbaas | 03:09 | |
| *** KeithMnemonic has quit IRC | 03:12 | |
| *** sapd1 has quit IRC | 03:25 | |
| *** sapd1 has joined #openstack-lbaas | 03:26 | |
| *** gcheresh has joined #openstack-lbaas | 03:45 | |
| *** ramishra has joined #openstack-lbaas | 03:48 | |
| *** gcheresh has quit IRC | 03:51 | |
| *** hongbin has quit IRC | 04:05 | |
| *** sapd1 has quit IRC | 04:07 | |
| *** sapd1 has joined #openstack-lbaas | 04:08 | |
| *** ricolin has joined #openstack-lbaas | 04:10 | |
| *** sapd1 has quit IRC | 04:28 | |
| *** sapd1 has joined #openstack-lbaas | 04:29 | |
| *** sapd1 has quit IRC | 04:37 | |
| *** sapd1 has joined #openstack-lbaas | 04:44 | |
| *** lemko has joined #openstack-lbaas | 04:59 | |
| *** gcheresh has joined #openstack-lbaas | 05:06 | |
| *** sapd1 has quit IRC | 05:11 | |
| *** sapd1 has joined #openstack-lbaas | 05:25 | |
| *** sapd1 has quit IRC | 05:29 | |
| *** sapd1 has joined #openstack-lbaas | 05:29 | |
| *** sapd1 has quit IRC | 05:36 | |
| *** sapd1 has joined #openstack-lbaas | 05:37 | |
| openstackgerrit | Adit Sarfaty proposed openstack/octavia master: Fix catching driver exceptions https://review.openstack.org/648853 | 05:41 |
|---|---|---|
| cgoncalves | s/Octavia provider/Amphora provider/ ;-) | 05:42 |
| *** sapd1 has quit IRC | 05:46 | |
| *** sapd1 has joined #openstack-lbaas | 05:47 | |
| *** yamamoto has quit IRC | 05:50 | |
| *** yamamoto has joined #openstack-lbaas | 05:52 | |
| *** dulek has quit IRC | 05:56 | |
| *** fnaval has quit IRC | 05:56 | |
| *** fnaval has joined #openstack-lbaas | 05:56 | |
| *** sapd1 has quit IRC | 05:57 | |
| *** sapd1 has joined #openstack-lbaas | 05:58 | |
| *** ramishra has quit IRC | 05:58 | |
| *** fnaval has quit IRC | 06:01 | |
| *** ccamposr has joined #openstack-lbaas | 06:03 | |
| *** dulek has joined #openstack-lbaas | 06:05 | |
| *** sapd1 has quit IRC | 06:07 | |
| *** ramishra has joined #openstack-lbaas | 06:10 | |
| *** yetiszaf has quit IRC | 06:13 | |
| *** yamamoto has quit IRC | 06:18 | |
| *** yamamoto has joined #openstack-lbaas | 06:20 | |
| *** yamamoto has quit IRC | 06:20 | |
| *** yamamoto has joined #openstack-lbaas | 06:20 | |
| *** yamamoto has quit IRC | 06:25 | |
| *** ivve has joined #openstack-lbaas | 06:52 | |
| *** sapd1 has joined #openstack-lbaas | 06:52 | |
| *** yamamoto has joined #openstack-lbaas | 06:59 | |
| *** yamamoto has quit IRC | 07:04 | |
| *** gthiemonge has quit IRC | 07:04 | |
| *** rpittau|afk is now known as rpittau | 07:06 | |
| *** luksky has joined #openstack-lbaas | 07:07 | |
| *** dayou_ has quit IRC | 07:07 | |
| *** lemko has quit IRC | 07:09 | |
| *** ataraday has joined #openstack-lbaas | 07:11 | |
| *** dayou_ has joined #openstack-lbaas | 07:26 | |
| *** happyhemant has joined #openstack-lbaas | 07:42 | |
| *** gthiemonge has joined #openstack-lbaas | 08:02 | |
| *** yamamoto has joined #openstack-lbaas | 08:08 | |
| *** lemko has joined #openstack-lbaas | 08:10 | |
| *** salmankhan has joined #openstack-lbaas | 09:32 | |
| *** luksky has quit IRC | 09:42 | |
| *** yamamoto has quit IRC | 09:56 | |
| *** yamamoto has joined #openstack-lbaas | 10:02 | |
| *** yamamoto has quit IRC | 10:06 | |
| *** luksky has joined #openstack-lbaas | 10:18 | |
| *** yamamoto has joined #openstack-lbaas | 10:32 | |
| *** sapd1_x has joined #openstack-lbaas | 10:47 | |
| *** yamamoto has quit IRC | 10:54 | |
| *** ricolin has quit IRC | 11:37 | |
| *** sapd1_x has quit IRC | 11:38 | |
| *** yamamoto has joined #openstack-lbaas | 12:01 | |
| *** boden has joined #openstack-lbaas | 12:21 | |
| *** trown has quit IRC | 12:39 | |
| *** yamamoto has quit IRC | 13:08 | |
| *** rcernin has quit IRC | 13:18 | |
| *** pcaruana has quit IRC | 13:20 | |
| *** gthiemon1e has joined #openstack-lbaas | 13:22 | |
| *** gthiemonge has quit IRC | 13:24 | |
| *** yamamoto has joined #openstack-lbaas | 13:26 | |
| *** psachin has quit IRC | 13:30 | |
| *** pcaruana has joined #openstack-lbaas | 13:42 | |
| *** ricolin has joined #openstack-lbaas | 13:55 | |
| openstackgerrit | Kobi Samoray proposed openstack/octavia master: Fix catching driver exceptions https://review.openstack.org/648853 | 14:00 |
| openstackgerrit | Reedip proposed openstack/octavia-tempest-plugin master: Add config option for pool algorithms https://review.openstack.org/643416 | 14:13 |
| openstackgerrit | Reedip proposed openstack/octavia-tempest-plugin master: Support skipping APP_COOKIE and HTTP_COOKIE if L7 Protocol is disabled https://review.openstack.org/645495 | 14:13 |
| *** ianychoi has quit IRC | 14:13 | |
| *** ianychoi has joined #openstack-lbaas | 14:14 | |
| *** gthiemon1e is now known as gthiemonge | 14:14 | |
| *** gthiemonge has quit IRC | 14:33 | |
| *** gthiemonge has joined #openstack-lbaas | 14:33 | |
| *** fnaval has joined #openstack-lbaas | 14:44 | |
| *** sapd1_x has joined #openstack-lbaas | 14:47 | |
| *** gcheresh has quit IRC | 14:48 | |
| *** gthiemonge has quit IRC | 14:55 | |
| *** gthiemonge has joined #openstack-lbaas | 14:56 | |
| *** Vorrtex has joined #openstack-lbaas | 15:02 | |
| *** ivve has quit IRC | 15:36 | |
| *** luksky has quit IRC | 15:36 | |
| *** gthiemonge has quit IRC | 15:36 | |
| *** yamamoto has quit IRC | 15:41 | |
| *** pcaruana has quit IRC | 15:42 | |
| *** sapd1_x has quit IRC | 15:58 | |
| *** ccamposr has quit IRC | 16:03 | |
| *** ramishra has quit IRC | 16:14 | |
| *** rpittau is now known as rpittau|afk | 16:15 | |
| *** ianychoi has quit IRC | 16:20 | |
| canori01 | For terminated https to work with octavia, what kind of permissions do I need to set on the barbican certificate container/secrets? | 16:42 |
| canori01 | cgoncalves: | 16:44 |
| *** ricolin has quit IRC | 16:44 | |
| johnsom | canori01 What version of Octavia are you using? | 16:49 |
| canori01 | This is rocky | 16:50 |
| johnsom | canori01 If you have Rocky or newer, Octavia handles this for you now, you no longer have to set ACLs in barbican. | 16:50 |
| johnsom | See the release note here: https://docs.openstack.org/releasenotes/octavia/rocky.html#relnotes-3-0-0-stable-rocky | 16:50 |
| canori01 | hmm | 16:51 |
| johnsom | The load balancer cookbook has also been updated to reflect that: https://docs.openstack.org/octavia/rocky/user/guides/basic-cookbook.html#deploy-a-tls-terminated-https-load-balancer | 16:51 |
| canori01 | I keep getting this in the api logs | 16:52 |
| canori01 | Forbidden: Secret retrieval attempt not allowed - please review your user/project privileges: HTTPClientError: Forbidden: Secret retrieval attempt not allowed - please review your user/project privileges | 16:52 |
| canori01 | oh, I should point out I'm trying to do it from horizon | 16:52 |
| johnsom | When you create the listener, are you using the same project ID that created the certificate? | 16:52 |
| canori01 | Maybe it works if I use the client? | 16:53 |
| johnsom | Hmmm, maybe? That would be in an interesting bug in the horizon plugin if the client does work. | 16:53 |
| canori01 | Yeah, i am in the same tenant where I created the secret | 16:53 |
| johnsom | Ok. | 16:53 |
| canori01 | I'll try the steps in the cookbook | 16:54 |
| *** salmankhan has quit IRC | 16:54 | |
| johnsom | Another question, do you have different URLs for your barbican endpoints? I.e. The admin endpoint for barbican is different than the internal endpoint? If so, there was a bug in the python-barbicanclient package that could cause this error. The bug has been fixed, but you may need to update your python-barbicanclient package. | 16:55 |
| *** ivve has joined #openstack-lbaas | 16:56 | |
| canori01 | My admin and internal enpoint are the same, but the public endpoint uses https | 16:56 |
| canori01 | johnsom: It worked fine using the python client following the instructions in the cookbook | 17:02 |
| canori01 | In horizon, it won't even let me pick the secret unless it's in a "certiicate" container | 17:02 |
| johnsom | Ok, so we probably have a dashboard bug. Would you mind opening a story for us to get that fixed? https://storyboard.openstack.org/#!/dashboard/stories | 17:03 |
| johnsom | The project will be openstack/octavia-dashboard | 17:03 |
| canori01 | sure, I'll do that | 17:03 |
| johnsom | Thanks! | 17:04 |
| *** boden has quit IRC | 17:04 | |
| *** pcaruana has joined #openstack-lbaas | 17:05 | |
| *** yamamoto has joined #openstack-lbaas | 17:08 | |
| johnsom | Lol, It is a bit wet here: https://www.usatoday.com/videos/news/nation/2019/04/11/boat-speeds-over-flooded-oregon-highway/3432834002/ | 17:08 |
| johnsom | That is in my town, but we are not in a flood area. | 17:09 |
| *** ivve has quit IRC | 17:15 | |
| canori01 | johnsom: one more thing. Where could I look if whenever I create a pool it gets stuck in Operating Status Offline? When I look inside the amphora, the config does not have the pool members added in the haproxy config | 17:16 |
| *** yamamoto has quit IRC | 17:17 | |
| johnsom | Is the pool bound to a listener or L7 policy? If not, it's not active. | 17:17 |
| johnsom | If you do a show on the pool, does it have a listener listed in the listeners field? | 17:18 |
| canori01 | Sorry, that's what it was. It wasn't bound to a listener | 17:19 |
| johnsom | Yeah, if it is just bound to the load balancer, that means it is ready to be attached to an L7 policy. | 17:19 |
| *** boden has joined #openstack-lbaas | 17:39 | |
| *** luksky has joined #openstack-lbaas | 17:41 | |
| openstackgerrit | German Eichberger proposed openstack/octavia master: Refactor the unplugging of the VIP https://review.openstack.org/613685 | 18:11 |
| cgoncalves | catching up here. could it be the issue fixed in https://review.openstack.org/#/q/Ib09c954180d4b545d05344dc2c318a48c9b8d4e4 ? | 18:15 |
| cgoncalves | the associated story is https://storyboard.openstack.org/#!/story/2005101 | 18:16 |
| cgoncalves | canori01, ^ | 18:17 |
| cgoncalves | sorry, reading more carefully your story I don't think it's the same issue. you can reach to Barbican | 18:18 |
| canori01 | yeah, I can reach it | 18:18 |
| canori01 | What happens is it won't list my secrets in ui as option in the SSL certificates pane of octavia unless I put the secrets in a "container" certificate. | 18:19 |
| canori01 | If I do that, it lets me select them, but then errors out when creating the listener | 18:20 |
| *** happyhemant has quit IRC | 18:21 | |
| canori01 | I made this: https://storyboard.openstack.org/#!/story/2005436 | 18:21 |
| cgoncalves | thanks for opening a story | 18:32 |
| cgoncalves | I'm a complete stranger to the dashboard. I'm afraid I can't be of much help there | 18:32 |
| *** pcaruana has quit IRC | 19:02 | |
| *** Vorrtex has quit IRC | 20:17 | |
| *** gcheresh has joined #openstack-lbaas | 20:35 | |
| *** gcheresh has quit IRC | 20:48 | |
| *** boden has quit IRC | 21:29 | |
| *** lemko has quit IRC | 21:30 | |
| *** luksky has quit IRC | 22:08 | |
| *** fnaval has quit IRC | 22:22 | |
| *** rcernin has joined #openstack-lbaas | 22:26 | |
| *** fnaval has joined #openstack-lbaas | 23:11 | |
| *** fnaval has quit IRC | 23:13 | |
| *** kmadac has quit IRC | 23:21 | |
| *** kmadac has joined #openstack-lbaas | 23:27 | |
Generated by irclog2html.py 2.15.3 by Marius Gedminas - find it at mg.pov.lt!