| *** ianychoi__ has joined #openstack-lbaas | 00:14 | |
| *** ianychoi_ has quit IRC | 00:17 | |
| *** sapd1 has joined #openstack-lbaas | 01:24 | |
| *** zzzeek has quit IRC | 02:12 | |
| *** zzzeek has joined #openstack-lbaas | 02:12 | |
| *** rcernin has quit IRC | 02:37 | |
| *** rcernin has joined #openstack-lbaas | 02:51 | |
| *** xgerman has quit IRC | 03:52 | |
| *** lemko2 has joined #openstack-lbaas | 04:28 | |
| *** lemko has quit IRC | 04:29 | |
| *** lemko2 is now known as lemko | 04:29 | |
| *** ramishra has quit IRC | 05:29 | |
| *** ramishra has joined #openstack-lbaas | 05:29 | |
| *** ramishra has quit IRC | 05:30 | |
| *** ramishra has joined #openstack-lbaas | 05:30 | |
| *** ramishra has quit IRC | 05:32 | |
| *** ramishra has joined #openstack-lbaas | 05:32 | |
| *** lemko has quit IRC | 05:46 | |
| *** lemko7 has joined #openstack-lbaas | 05:46 | |
| *** sapd1 has quit IRC | 05:54 | |
| *** ramishra has quit IRC | 05:55 | |
| *** ramishra has joined #openstack-lbaas | 05:55 | |
| *** rcernin has quit IRC | 06:08 | |
| *** rcernin has joined #openstack-lbaas | 06:08 | |
| *** rcernin has quit IRC | 06:17 | |
| *** rcernin has joined #openstack-lbaas | 06:17 | |
| *** rcernin has quit IRC | 06:17 | |
| *** rcernin has joined #openstack-lbaas | 06:19 | |
| *** gcheresh has joined #openstack-lbaas | 06:26 | |
| *** sapd1 has joined #openstack-lbaas | 06:49 | |
| *** dasp has joined #openstack-lbaas | 07:00 | |
| *** dasp_ has quit IRC | 07:01 | |
| *** ccamposr__ has joined #openstack-lbaas | 07:10 | |
| *** ccamposr has quit IRC | 07:13 | |
| *** vishalmanchanda has joined #openstack-lbaas | 07:33 | |
| *** sapd1 has quit IRC | 07:37 | |
| openstackgerrit | Gregory Thiemonge proposed openstack/octavia-tempest-plugin master: Add new scenario test to create LB in specific AZ https://review.opendev.org/c/openstack/octavia-tempest-plugin/+/695349 | 07:37 |
|---|---|---|
| *** sapd1 has joined #openstack-lbaas | 07:42 | |
| *** psachin has joined #openstack-lbaas | 08:11 | |
| *** rpittau|afk is now known as rpittau | 08:41 | |
| openstackgerrit | Gregory Thiemonge proposed openstack/octavia-tempest-plugin master: Add new scenario test to create LB in specific AZ https://review.opendev.org/c/openstack/octavia-tempest-plugin/+/695349 | 08:53 |
| *** psachin has quit IRC | 09:40 | |
| *** psachin has joined #openstack-lbaas | 09:44 | |
| *** yamamoto_ has quit IRC | 10:04 | |
| *** psachin has quit IRC | 10:04 | |
| *** rcernin has quit IRC | 10:24 | |
| *** sshnaidm|afk is now known as sshnaidm|ruck | 10:35 | |
| *** rcernin has joined #openstack-lbaas | 10:55 | |
| rm_work | eugh well I ALMOST made it to a Wednesday with the right sleep schedule to be awake for the meeting... | 11:15 |
| rm_work | I'll try :) | 11:15 |
| *** rcernin has quit IRC | 11:15 | |
| *** yamamoto has joined #openstack-lbaas | 11:23 | |
| *** yamamoto has quit IRC | 11:46 | |
| *** sapd1 has quit IRC | 11:49 | |
| *** yamamoto has joined #openstack-lbaas | 12:00 | |
| *** rcernin has joined #openstack-lbaas | 12:01 | |
| *** sapd1 has joined #openstack-lbaas | 12:33 | |
| openstackgerrit | Ann Taraday proposed openstack/octavia master: Add option to set default ssl ciphers in haproxy https://review.opendev.org/c/openstack/octavia/+/685337 | 12:37 |
| *** rcernin has quit IRC | 12:43 | |
| *** sapd1 has quit IRC | 13:10 | |
| *** sapd1 has joined #openstack-lbaas | 13:22 | |
| openstackgerrit | Gregory Thiemonge proposed openstack/octavia-tempest-plugin master: DNM WIP Trying to fix two-node job https://review.opendev.org/c/openstack/octavia-tempest-plugin/+/773888 | 13:34 |
| *** bcafarel has quit IRC | 14:58 | |
| *** bcafarel has joined #openstack-lbaas | 14:59 | |
| mchlumsky | Hi there folks! Just wanted to report that we found a solution to our host route on the vip-subnet issue that we hit after the upgrade to ussuri. Switching to using a bionic image instead of centos 8 did it. Thanks for helping me troubleshoot this issue johnsom | 15:25 |
| *** sapd1 has quit IRC | 15:26 | |
| johnsom | Hmmm, we should open a story (bug) against the centos 8 support not working with host routes | 15:27 |
| mchlumsky | Sure, I'll write it up | 15:27 |
| mchlumsky | Are both CentOS 8 and Ubuntu Bionic officially supproted? I got the feeling Ubuntu was "favored" but I see centos 8 tests in zuul too so not 100% sure | 15:29 |
| johnsom | Yes, CentOS8 and bionic/focal | 15:29 |
| mchlumsky | Cool | 15:31 |
| stand | Maybe documentation should be updated as well, it says "Current support is with an Ubuntu base OS and HAProxy". It's a bit confusing if CentOS images are considered as supported as well | 15:34 |
| johnsom | It follows the OpenStack supported platforms definition: https://governance.openstack.org/tc/reference/project-testing-interface.html#linux-distributions | 15:35 |
| johnsom | #startmeeting Octavia | 16:01 |
| openstack | Meeting started Wed Feb 3 16:01:10 2021 UTC and is due to finish in 60 minutes. The chair is johnsom. Information about MeetBot at http://wiki.debian.org/MeetBot. | 16:01 |
| openstack | Useful Commands: #action #agreed #help #info #idea #link #topic #startvote. | 16:01 |
| *** openstack changes topic to " (Meeting topic: Octavia)" | 16:01 | |
| openstack | The meeting name has been set to 'octavia' | 16:01 |
| johnsom | #chair rm_work | 16:01 |
| openstack | Current chairs: johnsom rm_work | 16:01 |
| gthiemonge | hi | 16:01 |
| haleyb | o/ | 16:01 |
| johnsom | Hi everyone | 16:01 |
| cgoncalves | o/ | 16:01 |
| johnsom | #topic Announcements | 16:02 |
| *** openstack changes topic to "Announcements (Meeting topic: Octavia)" | 16:02 | |
| johnsom | My weekly nag about the upcoming feature freeze: | 16:02 |
| johnsom | Final client release is first week in March | 16:02 |
| johnsom | Feature freeze for everything else is the second week in March | 16:02 |
| johnsom | #link https://releases.openstack.org/wallaby/schedule.html | 16:02 |
| johnsom | Any other announcements this week? | 16:02 |
| *** sapd1 has joined #openstack-lbaas | 16:03 | |
| johnsom | #topic Brief progress reports / bugs needing review | 16:03 |
| *** openstack changes topic to "Brief progress reports / bugs needing review (Meeting topic: Octavia)" | 16:03 | |
| johnsom | I am mostly focused on TripleO things currently, so a bit distracted. Mostly just doing reviews and helping folks with questions, etc. | 16:04 |
| gthiemonge | Hey, FYI I cleaned up and have updated the Priority Review list | 16:04 |
| gthiemonge | #link https://etherpad.opendev.org/p/octavia-priority-reviews | 16:04 |
| johnsom | Oh, nice! | 16:04 |
| johnsom | Yep, quite the list, but we have done it before! | 16:05 |
| gthiemonge | lots of merge conflicts, I don't know whether the owners will update their patches | 16:06 |
| johnsom | Thank you gthiemonge! | 16:06 |
| johnsom | Feel free to ask folks on IRC. | 16:06 |
| * johnsom notes he probably has a few in that category as well | 16:06 | |
| johnsom | Any other updates this week? | 16:08 |
| johnsom | #topic vip_subnet_id access bug (gthiemonge) | 16:09 |
| *** openstack changes topic to "vip_subnet_id access bug (gthiemonge) (Meeting topic: Octavia)" | 16:09 | |
| johnsom | You have the floor.... | 16:09 |
| gthiemonge | thanks | 16:09 |
| gthiemonge | So a bug was reported this week: a user can create a load balancer plugged into the subnet of another user, by using the subnet UUID | 16:10 |
| gthiemonge | there was an attempt to fix it in the past, but only the vip_network_id and vip_port_id were fixed | 16:11 |
| gthiemonge | I have a small patch that fixes this issue: https://review.opendev.org/c/openstack/octavia/+/773798 | 16:11 |
| gthiemonge | basically it verifies that the user provided vip_subnet_id belongs to the user | 16:12 |
| gthiemonge | but this patch triggers an interesting bug in octavia-tempest-plugin | 16:12 |
| johnsom | Thank you for the patch | 16:12 |
| gthiemonge | octavia-tempest-plugin uses a private subnet that is owned by the admin user for its IPv6 VIP test | 16:13 |
| gthiemonge | #link https://opendev.org/openstack/octavia-tempest-plugin/src/branch/master/octavia_tempest_plugin/tests/test_base.py#L328-L329 | 16:13 |
| gthiemonge | so now, tempest is failing because it cannot create an IPv6 LB | 16:13 |
| gthiemonge | I would like to have your opinion about that | 16:14 |
| gthiemonge | if someone sees a way to fix or to work around this issue | 16:14 |
| johnsom | Ah, yeah, we preference the IPv6 subnet that the tempest framework creates. I think this is because tempest also makes sure that subnet is routable (but I might be remembering that part wrong). | 16:14 |
| haleyb | gthiemonge: can we do the obvious and create an ipv6 subnet owned by the user? | 16:14 |
| gthiemonge | haleyb: yeah this is what I was thinking about | 16:15 |
| johnsom | Yeah, that might be the right answer | 16:15 |
| gthiemonge | haleyb: we can create it in the octavia-tempest-plugin's devstack plugin.sh file | 16:15 |
| johnsom | No | 16:15 |
| gthiemonge | it needs to be routable | 16:16 |
| johnsom | It should be created in the tempest plugin setup so it is removed correctly and is present for runs outside of devstack. | 16:16 |
| haleyb | can we create it right there in that code? just rip-out the private check? | 16:16 |
| johnsom | it would go in here: | 16:17 |
| gthiemonge | but we need to add a route from the tempest controller to the ipv6 subnet | 16:17 |
| johnsom | #link https://github.com/openstack/octavia-tempest-plugin/blob/master/octavia_tempest_plugin/tests/test_base.py#L143 | 16:17 |
| johnsom | Yeah, that is going to be the tricky part really. | 16:17 |
| johnsom | It may require a change in tempest proper | 16:17 |
| gthiemonge | yes that's not easy | 16:18 |
| johnsom | The question is really, should tempest be setting that IPv6 subnet to "shared" | 16:18 |
| gthiemonge | johnsom: the name of the network is "private" | 16:18 |
| johnsom | In that case the user would have access | 16:18 |
| johnsom | Yeah, but private networks can be marked as "shared" too.... | 16:19 |
| gthiemonge | yes, but I guess the intent is to have a non-shared private network :D | 16:19 |
| johnsom | Is there a "public" ipv6 we should be using instead? | 16:20 |
| johnsom | I vaguely remember there was a tempest bug that caused only that private network to be routable, so the tests failed when using public | 16:20 |
| gthiemonge | there is a public ipv6 network | 16:20 |
| johnsom | So, maybe give that a go and see if it works, if so, public is probably the right answer anyway. I think we use public for the IPv4 test VIPs | 16:22 |
| gthiemonge | ok, I'm going to try the public network | 16:22 |
| gthiemonge | anyways | 16:22 |
| haleyb | there is an ipv6-public-subnet by default in devstack, but it's not directly viewable by a user | 16:22 |
| gthiemonge | it will probably fix the tests in devstack, but octavia-tempest-plugin might start failing with other deployment tools | 16:23 |
| haleyb | shared=False | 16:23 |
| haleyb | i still don't understand why we can't just create a lb_member_vip_ipv6_subnet, someone will have to hit me with the clue bat | 16:24 |
| haleyb | we already create an ipv4 one... | 16:24 |
| gthiemonge | haleyb: we are sending requests to the VIP address from the devstack node, so the ipv6 address have to be routable | 16:24 |
| gthiemonge | haleyb: it would require an explicity 'ip route add' call | 16:25 |
| gthiemonge | explicit | 16:25 |
| haleyb | oh, because the ipv4 one is for floating IPs? | 16:25 |
| gthiemonge | yes, we have FIPs for ipv4 | 16:25 |
| johnsom | Our plugin should not be messing with the test host routes, that should be managed by tempest, etc. | 16:25 |
| * haleyb has smoke coming out his ears trying to think about an IPv6 fix | 16:27 | |
| johnsom | Well, if the public subnet doesn't work, maybe take the root of that issue to the qa team for ideas. | 16:28 |
| johnsom | public is supposed to be reachable from the tempest tests | 16:28 |
| gthiemonge | ok Guys, I will explore the many options we have listed here | 16:29 |
| gthiemonge | thank you | 16:29 |
| johnsom | +1 | 16:29 |
| gthiemonge | I'll probably ping haleyb ;-) | 16:29 |
| johnsom | #topic Open Discussion | 16:29 |
| *** openstack changes topic to "Open Discussion (Meeting topic: Octavia)" | 16:29 | |
| haleyb | just don't ask for floating IPv6 :) | 16:29 |
| johnsom | Any other topics today? | 16:29 |
| johnsom | haleyb That is easy, it's a no-op. grin | 16:30 |
| gthiemonge | nothing here | 16:30 |
| haleyb | nothing from me | 16:31 |
| johnsom | Ok then, thanks for joining and the conversation. Have a great week! | 16:32 |
| johnsom | #endmeeting | 16:32 |
| *** openstack changes topic to "Discussions for OpenStack Octavia | Priority bug review list: https://etherpad.openstack.org/p/octavia-priority-reviews" | 16:32 | |
| openstack | Meeting ended Wed Feb 3 16:32:31 2021 UTC. Information about MeetBot at http://wiki.debian.org/MeetBot . (v 0.1.4) | 16:32 |
| openstack | Minutes: http://eavesdrop.openstack.org/meetings/octavia/2021/octavia.2021-02-03-16.01.html | 16:32 |
| openstack | Minutes (text): http://eavesdrop.openstack.org/meetings/octavia/2021/octavia.2021-02-03-16.01.txt | 16:32 |
| openstack | Log: http://eavesdrop.openstack.org/meetings/octavia/2021/octavia.2021-02-03-16.01.log.html | 16:32 |
| gthiemonge | thanks johnsom | 16:32 |
| openstackgerrit | Gregory Thiemonge proposed openstack/octavia-tempest-plugin master: Fix two-node job configuration https://review.opendev.org/c/openstack/octavia-tempest-plugin/+/773888 | 16:36 |
| *** sapd1 has quit IRC | 16:50 | |
| *** sshnaidm|ruck is now known as sshnaidm | 16:52 | |
| *** rpittau is now known as rpittau|afk | 18:08 | |
| *** rcernin has joined #openstack-lbaas | 19:49 | |
| *** rcernin has quit IRC | 20:20 | |
| *** rcernin has joined #openstack-lbaas | 20:20 | |
| *** sshnaidm is now known as sshnaidm|afk | 20:52 | |
| *** xgerman has joined #openstack-lbaas | 21:08 | |
| *** gcheresh has quit IRC | 21:20 | |
| *** rcernin has quit IRC | 21:22 | |
| *** rouk has joined #openstack-lbaas | 21:52 | |
| rouk | johnsom: was there a bug in train that caused things like.... http://paste.openstack.org/show/nu8jEPQ3NdJoDxBfj8xX/ this to work? | 21:52 |
| rouk | got a user complaining that we "broke the api", as theyre getting "insert-headers is not a valid option for a TCP protocol listener.", which sounds right, but theres tcp listeners in my db which are marked for x-forwarded-for somehow. the code all the way back to stein doesnt look different. | 21:53 |
| johnsom | rouk I'm not sure I understand the question | 21:53 |
| johnsom | Ah, yeah, just a second, I think someone worked on that recently | 21:54 |
| rouk | im unsure how a tcp listener could do x-forwarded-for, and the code seems to not allow it, even looking back to 2019 | 21:54 |
| rouk | the current behavior seems like what id expect, but i just wonder how it allowed it before. | 21:57 |
| johnsom | rouk https://review.opendev.org/q/I4ec2299b64b180f8b2d8f0b8485a6be9fe32d2eb | 21:57 |
| rouk | nice, this is exactly what i needed. | 21:58 |
| rouk | also explains why it looked fine in stable/train, we were running an older unpatched version at the time. | 21:58 |
| johnsom | It is also included in the release notes. | 21:58 |
| johnsom | You could open a bug against us to have an upgrade check for that. | 21:59 |
| rouk | well, whats an invalid listener... do... exactly? they claim it worked before, but how could you add a header to tcp. | 21:59 |
| johnsom | Yeah, according to the story, it accepted it, but then ignored it. | 21:59 |
| rouk | silently do nothing, is what id expect. yeah | 21:59 |
| *** rcernin has joined #openstack-lbaas | 22:05 | |
| *** ccamposr has joined #openstack-lbaas | 22:05 | |
| *** rcernin has quit IRC | 22:06 | |
| *** rcernin has joined #openstack-lbaas | 22:07 | |
| *** ccamposr__ has quit IRC | 22:08 | |
| *** openstackgerrit has quit IRC | 22:11 | |
| *** vishalmanchanda has quit IRC | 22:30 | |
| *** rcernin has quit IRC | 22:45 | |
Generated by irclog2html.py 2.17.2 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!