Thursday, 2020-02-13

« Wednesday, 2020-02-12 Index Friday, 2020-02-14 »
*** nicolasbock has quit IRC00:03
*** stevenglasford has quit IRC00:25
*** armax has quit IRC01:07
*** armax has joined #openstack-lbaas01:22
*** yamamoto has joined #openstack-lbaas02:04
openstackgerritMichael Johnson proposed openstack/octavia master: WIP - Refactor the failover flows  https://review.opendev.org/70531702:06
*** vishalmanchanda has joined #openstack-lbaas02:59
*** goldyfruit has quit IRC03:05
*** goldyfruit has joined #openstack-lbaas03:05
*** ramishra has joined #openstack-lbaas03:15
*** ramishra has quit IRC03:25
*** spatel has joined #openstack-lbaas03:39
*** spatel has quit IRC03:44
*** ramishra has joined #openstack-lbaas03:55
*** gcheresh_ has joined #openstack-lbaas05:42
*** gcheresh_ has quit IRC05:53
*** spatel has joined #openstack-lbaas06:00
*** gcheresh_ has joined #openstack-lbaas06:01
*** spatel has quit IRC06:05
*** gcheresh_ has quit IRC06:14
*** gcheresh_ has joined #openstack-lbaas06:25
*** spatel has joined #openstack-lbaas06:55
*** spatel has quit IRC07:00
*** gcheresh_ has quit IRC07:26
*** ccamposr has joined #openstack-lbaas07:36
*** gcheresh_ has joined #openstack-lbaas07:40
*** ramishra has quit IRC07:45
*** maciejjozefczyk has joined #openstack-lbaas07:57
*** gcheresh_ has quit IRC07:59
*** ramishra has joined #openstack-lbaas08:02
*** gcheresh_ has joined #openstack-lbaas08:19
*** tesseract has joined #openstack-lbaas08:20
*** ivve has joined #openstack-lbaas08:24
*** ivve has quit IRC08:27
*** tkajinam has quit IRC08:29
cgoncalvesYAP2 (yet-another-python-2) issue. the one of today is installing stackviz after tempest run09:00
cgoncalvesdulek, no need to recheck https://review.opendev.org/70605209:33
cgoncalvesthere's a new py2 drop bug. see ^^09:33
cgoncalvesI pinged gmann in #openstack-qa for help09:34
dulekcgoncalves: Okay, thanks!09:34
*** yamamoto has quit IRC10:04
*** yamamoto has joined #openstack-lbaas10:16
*** spatel has joined #openstack-lbaas10:41
*** spatel has quit IRC10:46
*** ivve has joined #openstack-lbaas11:39
*** vishalmanchanda has quit IRC11:58
*** nicolasbock has joined #openstack-lbaas12:07
*** xakaitetoia has joined #openstack-lbaas12:34
openstackgerritMerged openstack/octavia stable/train: Use stable upper-constraints.txt in Amphora builds  https://review.opendev.org/70592712:58
openstackgerritMerged openstack/octavia master: Add docs warning for PING health monitors  https://review.opendev.org/70742613:18
xakaitetoiaHello team, when deploying a LB, does the amphra instances need to have a secondary interface pointing to the client's network? (apart from first interface which will be the lbaas network)13:31
cgoncalvesxakaitetoia, correct. the second interface will be plugged to the VIP network13:33
xakaitetoiathanks a lot :) Seems during my lb deployment i do not see that interface. I only have the lbaas network interface. Which makes the provisionig stauts ok but the operational status as error. Still trying to find out where i can check this in logs configs etc13:35
cgoncalvesxakaitetoia, the VIP interface is in a network namespace. check if it shows up in "ip netns exec amphora-haproxy ip a"13:36
xakaitetoiaI do see that client's network interface as attached in openstack in amphra instance though. Just not from inside the amphra13:36
xakaitetoiacool i ll check that13:37
xakaitetoiaaah correct, i can see it there13:38
cgoncalvesxakaitetoia, as for the ERROR operating status, check the octavia worker and health manager service logs13:40
*** laerlingSAP has joined #openstack-lbaas13:40
xakaitetoiaPerfect, thanks a lot. Appreciate it. I got that in my head now, so i will go check these logs as you mentioned.13:43
cgoncalvescool. please let us know if you need help understanding the log messages13:44
xakaitetoiaSure will do. I ll check them in a bit13:47
xakaitetoiahealth monitors look ok. It's the members that are in operating status = error.. but i'll find out :P13:56
*** laerlingSAP has quit IRC14:00
dulekI'm trying to debug an issue with IPv6 connectivity on a gate VM. At this point I'm sure the Amp is unable to connect to the member because of: "curl: (7) Failed to connect to fdb5:1732:e99f:1::1c0 port 6443: Permission denied".14:11
dulekAnyone seen that? Internet says it might be selinux, but that amp is Ubuntu.14:12
cgoncalvesxakaitetoia, which health monitor type have you created? PING, TCP, HTTP, ...?14:19
cgoncalvesdulek, dumb question but have you checked firewall/security groups?14:20
dulekcgoncalves: Yeah, but I'll keep digging. Anyway SG issues should just produce a timeout, not "permission denied".14:22
dulekWell, disabling apparmor doesn't help either.14:22
*** gcheresh_ has quit IRC14:22
*** yamamoto has quit IRC14:23
cgoncalvesdulek, double check it isn't firewall in the member14:25
*** maciejjozefczyk has quit IRC14:26
*** gcheresh_ has joined #openstack-lbaas14:26
dulekcgoncalves: Hm, now that I think of it, that might be one place where gate VM differs from my local setup (which works)…14:26
dulekThanks for pointer!14:26
*** spatel has joined #openstack-lbaas14:27
cgoncalvesalways a pleasure also helping with non-Octavia related questions! :P14:27
dulekHey, my question had Octavia background! :D14:29
*** spatel has quit IRC14:32
xakaitetoiai have created an http one14:33
gmanncgoncalves: virtualenv issue is fixed now. looking at stackviz thing.14:34
xakaitetoiaand really appreciate your swift responses here. Great effort14:34
cgoncalvesgmann, thanks! I see there's a patch, cool14:36
cgoncalvesxakaitetoia, would it be possible to check the haproxy logs in the amphora?14:38
cgoncalveshmm. now that I think better about it, there was someone the other day with a similar problem, I guess...?14:38
xakaitetoiaInteresting14:39
cgoncalvesjohnsom helped that user but he shouldn't be online yet. let me check the IRC logs14:39
cgoncalvesxakaitetoia, mind checking the octavia health manager service logs please?14:41
cgoncalvescheck if you have error or warning messages14:41
*** yamamoto has joined #openstack-lbaas14:42
xakaitetoiasure will do. Interesting here .. i created a nother pool with ping check this time and operational status is online14:42
cgoncalvesthe other user had members in OFFLINE, though14:44
*** maciejjozefczyk has joined #openstack-lbaas14:48
xakaitetoiaok i have an update14:50
xakaitetoialooks like security groups. I was able to curl the http from ampohra namespace into that client instance14:50
cgoncalvesI'd have expected the health monitor to report member OFFLINE, not ERROR14:52
cgoncalvesanything in haproxy log?14:52
xakaitetoiathe default security groups. I had to allow port 80 from anywhere but we don't want that in the future. Allowing by the default sec group.  didn't work though. Yes and they went to offline14:52
xakaitetoiaforgot to mention14:52
xakaitetoiaso i am in a good place so far :) almost there :P14:52
*** TrevorV has joined #openstack-lbaas14:55
cgoncalvesxakaitetoia, you could configure the security group of the members to allow only incoming traffic from the load balancer IP15:05
xakaitetoiayeap that's what i am doing ;)15:07
xakaitetoiathanks a lot hehe15:07
dulekcgoncalves: So it was iptables on the member. My problem was I was checking iptables, not ip6tables.15:12
cgoncalvesdulek, there you go!15:14
dulekYeah, thanks again!15:14
xakaitetoiahmm in the end i had to allow the whole internal network for port 8015:35
xakaitetoiaas i allowed the vip address only and it didn't work15:36
xakaitetoiahttps://ask.openstack.org/en/question/122858/octavia-health-check-ip-and-security-group/15:37
xakaitetoiaso you can leverage fwaas in that case15:38
*** gcheresh_ has quit IRC15:47
xakaitetoiaperfect all good. Next step is to enable the https termination to work with barbican.. LEt's see ;P cheers guys.. thanks a lot15:53
*** Trevor_V has joined #openstack-lbaas15:55
*** TrevorV has quit IRC15:58
*** gcheresh_ has joined #openstack-lbaas16:10
*** gcheresh_ has quit IRC16:20
cgoncalvesglad it worked out for you!16:25
*** maciejjozefczyk has quit IRC16:25
openstackgerritBrian Haley proposed openstack/octavia stable/stein: Fix pep8 failures on stable/stein branch  https://review.opendev.org/70768716:48
*** tesseract has quit IRC16:59
openstackgerritCarlos Goncalves proposed openstack/octavia stable/stein: Use stable upper-constraints.txt in Amphora builds  https://review.opendev.org/70605017:19
*** maciejjozefczyk has joined #openstack-lbaas17:28
*** gcheresh_ has joined #openstack-lbaas17:50
*** maciejjozefczyk has quit IRC18:06
*** gcheresh_ has quit IRC18:10
*** armax has quit IRC18:11
*** gcheresh_ has joined #openstack-lbaas18:37
*** ramishra has quit IRC19:02
*** armax has joined #openstack-lbaas19:02
*** yamamoto has quit IRC19:32
*** gcheresh_ has quit IRC19:43
*** yamamoto has joined #openstack-lbaas20:12
*** yamamoto has quit IRC20:23
*** Trevor_V has quit IRC21:55
openstackgerritBrian Haley proposed openstack/octavia master: Allow multiple VIPs per LB  https://review.opendev.org/66023922:06
openstackgerritBrian Haley proposed openstack/octavia master: Allow multiple VIPs per LB  https://review.opendev.org/66023923:01
*** tkajinam has joined #openstack-lbaas23:04
*** ivve has quit IRC23:11
*** armax has quit IRC23:26
*** spatel has joined #openstack-lbaas23:30
*** spatel has quit IRC23:34
*** xakaitetoia has quit IRC23:55
« Wednesday, 2020-02-12 Index Friday, 2020-02-14 »

Generated by irclog2html.py 2.15.3 by Marius Gedminas - find it at mg.pov.lt!