Wednesday, 2020-10-28

« Tuesday, 2020-10-27 Index Thursday, 2020-10-29 »
*** avivgt has quit IRC00:12
*** zbsarashki has quit IRC00:15
*** hamalq has quit IRC00:26
*** macz_ has joined #openstack00:42
*** macz_ has quit IRC00:47
*** Yarboa has quit IRC00:51
*** cyberworm54 has joined #openstack00:55
*** Goneri has quit IRC01:03
*** Yarboa has joined #openstack01:03
*** metabsd has joined #openstack01:10
*** samuelbernardo has quit IRC01:29
*** weystrom has quit IRC01:33
*** boazel_ has joined #openstack02:02
*** boazel has quit IRC02:03
*** Yarboa has quit IRC02:11
*** Yarboa has joined #openstack02:19
*** boazel has joined #openstack02:24
*** boazel_ has quit IRC02:24
*** dsneddon has quit IRC02:29
*** dsneddon has joined #openstack02:33
*** dsneddon has quit IRC02:38
*** Yarboa has quit IRC02:42
*** brokencycle has quit IRC02:47
*** dsneddon has joined #openstack02:48
*** cyberworm54 has joined #openstack02:51
*** Yarboa has joined #openstack02:53
*** tips has quit IRC02:57
*** gyee has quit IRC02:57
*** dsneddon has quit IRC02:59
*** dsneddon has joined #openstack03:01
*** dsneddon has quit IRC03:06
*** dsneddon has joined #openstack03:07
*** tkajinam has quit IRC03:10
*** dsneddon has quit IRC03:12
*** dsneddon has joined #openstack03:13
*** macz_ has joined #openstack03:18
*** dsneddon has quit IRC03:19
*** macz_ has quit IRC03:22
*** hindret has quit IRC03:22
*** daMaestro has joined #openstack03:22
*** hindret has joined #openstack03:23
*** dexash has quit IRC03:23
*** dexash has joined #openstack03:25
*** Euph0ria has quit IRC03:34
*** rcernin has quit IRC03:48
*** rcernin has joined #openstack03:52
*** daMaestro has quit IRC03:57
*** bbowen has quit IRC04:11
*** dsneddon has joined #openstack04:17
*** malevolent has joined #openstack04:19
*** malevolent_ has quit IRC04:22
*** JamesBenson has quit IRC04:25
*** JamesBenson has joined #openstack04:26
*** links has joined #openstack04:29
*** JamesBenson has quit IRC04:31
*** dsneddon has quit IRC04:41
*** dsneddon has joined #openstack04:41
*** dsneddon has quit IRC04:59
*** dsneddon has joined #openstack05:04
*** dsneddon has quit IRC05:09
*** macz_ has joined #openstack05:11
*** Yarboa has quit IRC05:11
*** Yarboa has joined #openstack05:13
*** macz_ has quit IRC05:16
*** cyberworm54 has quit IRC05:19
*** bocaneri has joined #openstack05:22
*** jamesdenton has quit IRC05:23
*** jamesdenton has joined #openstack05:25
*** dsneddon has joined #openstack05:25
*** matt_kosut has joined #openstack05:26
*** suuuper has joined #openstack05:45
*** nurdie has quit IRC05:45
*** PabloMartinez has joined #openstack05:49
*** Yarboa has quit IRC06:01
*** Yarboa has joined #openstack06:03
*** arnoldoree has quit IRC06:04
*** saint_ has quit IRC06:12
*** arnoldoree has joined #openstack06:18
*** genekuo has joined #openstack06:18
*** Yarboa has quit IRC06:42
*** Yarboa has joined #openstack06:42
*** links has quit IRC06:45
*** saint_ has joined #openstack06:50
*** avivgta has joined #openstack06:50
*** tkajinam has joined #openstack06:53
*** dsneddon has quit IRC06:59
*** dsneddon has joined #openstack06:59
*** suuuper has quit IRC07:00
*** sshnaidm|afk is now known as sshnaidm|rover07:00
*** cah_link has joined #openstack07:05
*** miloa has joined #openstack07:06
*** dsneddon has quit IRC07:18
*** dsneddon has joined #openstack07:18
*** Yarboa has quit IRC07:22
*** Yarboa has joined #openstack07:23
*** macz_ has joined #openstack07:25
*** macz_ has quit IRC07:29
*** rcernin has quit IRC07:30
*** skyraven has joined #openstack07:39
*** skyraven has quit IRC07:44
*** rpittau|afk is now known as rpittau07:51
*** rcernin has joined #openstack07:53
*** eb0t has quit IRC07:56
*** eblip has quit IRC07:56
*** slaweq has joined #openstack08:00
*** Yarboa has quit IRC08:01
*** jcapitao has joined #openstack08:02
*** Yarboa has joined #openstack08:02
*** eblip has joined #openstack08:04
*** eb0t has joined #openstack08:04
*** tesseract has joined #openstack08:07
*** andrewbonney has joined #openstack08:10
*** lpetrut has joined #openstack08:11
*** rcernin has quit IRC08:15
*** Takios__ has joined #openstack08:15
*** zamba has joined #openstack08:17
zambahi!08:17
zambawe have an instance running on openstack.. we have attached quite a few volumes to it.. but now we don't have any idea which volume from the openstack side corresponds to which block device inside the instance08:18
zambaany way we can figure this out?08:18
zamba'openstack volume list' has an ID column, but i can't map that to anything inside the instance08:18
zambaafter a reboot the order has changed completely08:19
zamba| 9b6074f3-5c54-4f0f-aa52-fd6616e60456 | DATA5  | in-use | 2000 | Attached to b2-120-de1 on /dev/sdf  |08:20
zamba| 5b43854f-00c9-406e-83fb-8b01d6b1c019 | DATA4  | in-use | 4000 | Attached to b2-120-de1 on /dev/sde  |08:20
zambathe last column should say which block device it's attached to, but this is not correct after a reboot08:20
zamba# dmesg | grep sdf08:20
zamba[    6.153330] sd 2:0:0:7: [sdf] 8388608000 512-byte logical blocks: (4.29 TB/3.91 TiB)08:20
zambasdf is not 2TB, it's one of the 4TB ones08:20
*** Takios has joined #openstack08:21
*** Takios__ has quit IRC08:22
*** Yarboa has quit IRC08:22
*** bengates has joined #openstack08:30
*** bengates has quit IRC08:32
*** bengates has joined #openstack08:33
*** Yarboa has joined #openstack08:33
*** suuuper has joined #openstack08:48
*** sergiuw has joined #openstack08:55
*** arnoldoree has quit IRC08:59
*** krah has quit IRC09:04
*** brokencycle has joined #openstack09:05
*** arnoldoree has joined #openstack09:12
*** openstack has quit IRC09:21
*** openstack has joined #openstack09:22
*** ChanServ sets mode: +o openstack09:22
*** pipr has quit IRC09:27
*** logan- has quit IRC09:27
*** logan- has joined #openstack09:27
*** pipr has joined #openstack09:27
*** weystrom has joined #openstack09:28
*** Yarboa has quit IRC09:31
*** rcernin has joined #openstack09:36
*** benfelin has joined #openstack09:38
*** Yarboa has joined #openstack09:42
*** RickDeckard has joined #openstack09:47
*** macz_ has joined #openstack09:48
*** macz_ has quit IRC09:53
*** rcernin has quit IRC09:56
*** slaweq has quit IRC10:51
*** bengates has quit IRC10:51
*** RickDeckard has quit IRC10:51
*** RickDeckard has joined #openstack10:52
*** RickDeckard has quit IRC10:52
*** RickDeckard has joined #openstack10:53
*** slaweq has joined #openstack10:55
*** bengates has joined #openstack10:58
*** JamesBenson has joined #openstack11:01
*** rcernin has joined #openstack11:16
*** shyamb has joined #openstack11:19
*** lpetrut has quit IRC11:25
*** laurent\ has quit IRC11:26
*** lpetrut has joined #openstack11:26
*** lpetrut has quit IRC11:26
*** lpetrut has joined #openstack11:27
*** another_larsks has joined #openstack11:29
*** larsks has quit IRC11:31
*** jcapitao is now known as jcapitao_lunch11:31
*** arnoldoree has quit IRC11:36
* kmarc is away: "Auto-away"11:38
*** arnoldoree has joined #openstack11:49
PabloMartinezzamba: you have access to that information by using udev11:56
PabloMartinez$ sudo udevadm info /dev/sde11:57
PabloMartinezthe output should show you an ID_SERIAL that matches the beginning of the volume UUID11:58
PabloMartinezthen you could use udevrules to map those devices11:59
PabloMartinez(at least in theory :) )11:59
zambaPabloMartinez: ah, thanks :)12:02
*** SecOpsNinja has joined #openstack12:02
*** avivgta has quit IRC12:03
*** shyamb has quit IRC12:05
* kmarc is back (gone 00:28:21)12:06
*** yann-kaelig has joined #openstack12:08
*** nsegkos has joined #openstack12:09
*** nsegkos has joined #openstack12:15
* kmarc is away: "Auto-away"12:16
*** chicocvenancio has quit IRC12:26
*** jcapitao_lunch is now known as jcapitao12:27
*** macz_ has joined #openstack12:27
*** Yarboa has quit IRC12:31
*** macz_ has quit IRC12:31
*** tbonds has quit IRC12:33
*** Yarboa has joined #openstack12:33
*** samuelbernardo has joined #openstack12:39
*** rcernin has quit IRC12:43
*** nsegkos has quit IRC12:54
*** wallacer3 has quit IRC12:54
*** jangutter_ has joined #openstack12:56
*** tips has joined #openstack12:57
*** jangutter has quit IRC12:58
*** jangutter has joined #openstack12:58
*** bengates has quit IRC12:59
*** nsegkos has joined #openstack12:59
*** bengates has joined #openstack13:00
*** jangutter_ has quit IRC13:02
*** bengates has quit IRC13:04
*** nsegkos has quit IRC13:06
*** nsegkos has joined #openstack13:07
*** pto has joined #openstack13:11
*** Yarboa has quit IRC13:12
*** bbowen has joined #openstack13:12
*** Yarboa has joined #openstack13:12
*** sshnaidm|rover has quit IRC13:25
*** bengates has joined #openstack13:30
*** bengates has quit IRC13:31
*** bengates has joined #openstack13:32
*** bengates has quit IRC13:32
*** bengates has joined #openstack13:32
*** bengates has quit IRC13:37
*** bengates has joined #openstack13:38
*** sshnaidm|rover has joined #openstack13:39
*** sshnaidm|rover is now known as sshnaidm|mtg13:44
*** nurdie has joined #openstack13:47
*** nsegkos has quit IRC13:51
*** Yarboa has quit IRC14:02
*** Yarboa has joined #openstack14:02
*** chicocvenancio has joined #openstack14:13
*** NewJorg has quit IRC14:14
*** NewJorg has joined #openstack14:16
*** nsegkos has joined #openstack14:20
*** nsegkos has joined #openstack14:20
*** nurdie has quit IRC14:23
*** nurdie has joined #openstack14:24
*** JamesBenson has quit IRC14:25
*** Yarboa has quit IRC14:31
*** Yarboa has joined #openstack14:32
*** nsegkos has quit IRC14:33
*** nksegkos has joined #openstack14:34
*** zamba has left #openstack14:35
*** nksegkos is now known as nsegkos14:36
*** zbsarashki has joined #openstack14:37
*** shibboleth has joined #openstack14:42
*** macz_ has joined #openstack14:43
*** Goneri has joined #openstack14:48
*** Goneri has quit IRC14:52
*** Unixeng has joined #openstack14:54
*** Unixeng has left #openstack14:54
*** arnoldoree has quit IRC15:00
*** Euph0ria has joined #openstack15:00
*** shibboleth has quit IRC15:07
*** sergiuw has quit IRC15:13
*** imega has quit IRC15:16
*** lpetrut has quit IRC15:19
*** gyee has joined #openstack15:24
*** sergiuw has joined #openstack15:27
*** pramchan has joined #openstack15:34
*** Takios has quit IRC15:34
*** bengates has quit IRC15:37
*** imega has joined #openstack15:39
*** skyraven has joined #openstack15:42
*** bengates has joined #openstack15:42
*** takamatsu has quit IRC15:45
*** skyraven has quit IRC15:46
*** sergiuw has quit IRC15:50
*** takamatsu has joined #openstack15:56
*** sauloasilva1 has joined #openstack15:58
sauloasilva1Hi anyone here already faced an error that happens in horizon and glance that when we get images panel the forbidden error when it start to list admin public images . Same does not happen when run openstack image list .16:00
*** cmorey has joined #openstack16:04
*** sauloasilva1 has quit IRC16:05
*** sauloasilva1 has joined #openstack16:06
cmoreyHi All, i've got a tripleo deployed stack, to which i'm trying to add magnum to, it mostly seems to be going well, however when it tries to start a docker-swam cluster, it's trying to talk to the keystone service on the internal IP address, which as an instance it can't, what's the right place to look for a fix?16:06
*** metabsd has quit IRC16:20
jrossercmorey: that sounds like it is related to this https://review.opendev.org/#/c/650967/16:22
*** cah_link has quit IRC16:25
*** Warped has quit IRC16:31
*** sergiuw has joined #openstack16:36
*** sergiuw has quit IRC16:38
*** sergiuw has joined #openstack16:38
*** jab416171 has quit IRC16:47
*** hamalq has joined #openstack16:51
*** jab416171 has joined #openstack16:52
cmoreyjrosser, i'm not sure, it sounds like it, but i've discovered that the public and internal endpoints for the keystone service are set to the internal IP17:06
*** jab416171 has quit IRC17:08
cmoreyjrosser, i'm going to try and change the endpoint to another ip on that host (same network, see which one magnum is using17:08
*** rpittau is now known as rpittau|afk17:09
*** jab416171 has joined #openstack17:13
*** pramchan has quit IRC17:14
*** miloa has quit IRC17:16
*** SecOpsNinja has left #openstack17:18
cmoreyjrosser, it's trying to use the public ip17:20
jrossercmorey: the patch i linked changes heat so that it reads the endpoint from the service catalog17:23
jrosserdepending on which openstack version you run this may already be in place17:24
*** bengates has quit IRC17:26
*** Euph0ria has quit IRC17:27
cmoreyi'm running train17:30
cmoreybut I think it's more a case of reconfiguring keystone to listen on an IP address the compute instances can get to17:30
*** jcapitao has quit IRC17:31
jrosserthere are two sides to the problem yes, you'd need a public address for keystone17:34
jrosserand the data that gets put into the VM instances by heat/cloud-init needs to refer to that public address17:34
*** Euph0ria has joined #openstack17:35
cmoreyjrosser, I think the latter is o.k. (if i change the public endpoint url, that's what cloud-init picks up), so i just need to get keystone visible to compute instances17:37
jrossercool, sounds good17:37
cmoreyjrosser, however, i'm stuggling a little with that17:42
*** skyraven has joined #openstack17:43
*** sshnaidm|mtg is now known as sshnaidm|rover17:46
*** skyraven has quit IRC17:48
*** Yarboa has quit IRC17:52
*** Yarboa has joined #openstack17:53
*** spiral has joined #openstack17:55
cmoreyjrosser, so i've got the ip layer working17:55
*** andrewbonney has quit IRC17:57
cmoreyjrosser, just need to get haproxy to listen on it18:19
*** thorre has quit IRC18:20
*** Yarboa has quit IRC18:21
*** Yarboa has joined #openstack18:23
*** bocaneri has quit IRC18:23
*** tesseract has quit IRC18:24
*** nurdie has quit IRC18:38
*** dsneddon has quit IRC18:39
*** dsneddon has joined #openstack18:39
*** cah_link has joined #openstack18:44
*** psyton has quit IRC18:47
*** sshnaidm_ has joined #openstack18:57
*** sshnaidm|rover has quit IRC19:00
*** sshnaidm_ is now known as sshnaidm|rover19:06
*** yann-kaelig has quit IRC19:17
*** kwazar has quit IRC19:17
*** ianychoi__ has joined #openstack19:17
*** ianychoi_ has quit IRC19:21
*** sshnaidm|rover is now known as sshnaidm|afk19:28
*** cyberworm54 has joined #openstack19:29
*** nurdie has joined #openstack19:32
*** dsneddon has quit IRC19:43
*** dsneddon has joined #openstack19:45
*** cah_link has quit IRC19:46
*** cah_link has joined #openstack19:50
*** dsneddon has quit IRC19:50
*** dsneddon has joined #openstack19:57
*** cmorey has quit IRC20:01
*** dsneddon has quit IRC20:02
*** vesper has quit IRC20:02
*** dsneddon has joined #openstack20:03
*** nuxdie_ has joined #openstack20:14
*** nuxdie_ has quit IRC20:14
*** nurdie has quit IRC20:16
*** nsegkos has quit IRC20:17
*** nuxdie has joined #openstack20:17
*** thorre has joined #openstack20:20
*** vesper11 has joined #openstack20:21
*** Yarboa has quit IRC20:22
*** NewJorg has quit IRC20:23
*** Yarboa has joined #openstack20:24
*** NewJorg has joined #openstack20:24
*** vesper has joined #openstack20:27
*** another_larsks is now known as larsks20:27
*** genekuo has quit IRC20:29
*** vesper11 has quit IRC20:30
*** thorre has quit IRC20:31
*** nurdie has joined #openstack20:32
*** DeekGeek has quit IRC20:32
*** nurdie has quit IRC20:37
*** thorre has joined #openstack20:39
*** vesper11 has joined #openstack20:48
*** vesper has quit IRC20:48
*** suuuper has quit IRC20:59
*** RickDeckard has quit IRC21:13
*** servagem has quit IRC21:22
*** servagem has joined #openstack21:25
*** bshephar has joined #openstack21:27
*** hetii has joined #openstack21:27
hetiiHi :)21:27
hetiiI use kubernets on top of openstack. I use there a service with type of NodePort and defined externalIp to floating ip attached to one of my vm used by this cluster. The point is that I need to disable port security otherwise I cannot establish connection on port 80 or node port selected to this service.21:29
hetiiAllowing in security group all ports not allowed communication so probably this is releated to anispoofing protecion21:31
hetiibut I wonder why21:31
marsthetii: Hi. You can disable port-security with neutron cli. neutron --help port-update if I remember right21:31
hetiimarst, when I disable port security by using my provider openstack website I can connect to my service on both port so all that work then.21:32
hetiiThe point is to trace why it is required or is there any other way to establish this connection without disabling port-security.21:33
*** stee has joined #openstack21:34
*** dsneddon has quit IRC21:35
marsthetii: sorry for confusion. yes, port-security is antispoofing protection mechanism. if you have several IP addresses on the same port (most likely the case with K8s LB) you'll have to tinker with it.21:39
marsthetii: you might want to check iptables -L on the compute node where you're running your workload21:41
marsthetii: before and after disabling port-security21:41
marsthetii: to see what kind of changes are applied21:41
hetiiwell I can just see what is on my nodes, so settings about port security mode are not visible from my nodes that I run there21:45
*** skyraven has joined #openstack21:45
marsthetii: do you have a guide you're following?21:46
hetiiall that is a bit odd as I understand the kube-proxy should take care about mapping and forwarding the traffic. What's more odd is that I cannot even connect on NodePort directly so one of the port from range 30000 - 3276721:47
*** slaweq has quit IRC21:48
hetiiwell you can read about setup that I use for eg here https://kubernetes.github.io/ingress-nginx/deploy/baremetal/21:48
hetii(the last option there with externalIP)21:49
*** skyraven has quit IRC21:49
*** jab416171 has quit IRC21:49
hetiion openstack side my network topology is typical so  floating_ip -> router -> privet_net where my kubernetes nodes exist21:50
*** Yarboa has quit IRC21:51
*** Yarboa has joined #openstack21:54
marsthetii: do you have root access to the openstack compute nodes?21:56
marsthetii: you could try to check iptables and/or tcpdump both inside and outside your VM. if the source IP address of outgoing packets changes (like in mac address spoofing) -> port-security policy will drop them.21:58
*** nsmeds has quit IRC21:59
*** dansmith has quit IRC21:59
*** jrosser has quit IRC21:59
*** tdmonkey has quit IRC21:59
*** probonic has quit IRC21:59
*** jpward has quit IRC21:59
*** kplant has quit IRC21:59
*** jrosser has joined #openstack21:59
*** dansmith has joined #openstack21:59
hetiimarst, unfortunate I don't have access to openstack compute node ;(22:00
*** bshephar has quit IRC22:00
*** jpward has joined #openstack22:01
*** kplant has joined #openstack22:01
marsthetii: you might also want to chat with Kuryr folks: https://wiki.openstack.org/wiki/Kuryr22:01
*** bshephar has joined #openstack22:02
marsthetii: they should have a lot more experience and will be able to explain why and reasons )22:02
*** slaweq has joined #openstack22:04
hetiiok thx22:05
hetiiI also wonder if "Allowed Address Pairs" section could help here somehow22:07
hetiiif yes then the question here is with mac I should use there22:07
*** cyberworm54 has quit IRC22:09
marsthetii: yes, it could help. does your VM has multiple MACs?22:11
*** slaweq has quit IRC22:14
*** cah_link has quit IRC22:14
*** matt_kosut has quit IRC22:14
*** matt_kosut has joined #openstack22:14
hetiimarst this are my nics: https://pastebin.com/n8Syn2Fz22:16
hetiieth0 has floating ip attached in openstack side, the rest are from k8s22:17
marsthetii: ah ok.. only eth0 is relevant from openstack point of view, others are sitting inside your VM22:17
*** matt_kosut has quit IRC22:19
*** dsneddon has joined #openstack22:33
*** dsneddon has quit IRC22:39
*** dsneddon has joined #openstack22:40
*** dsneddon has quit IRC22:45
*** dsneddon has joined #openstack22:46
*** rcernin has joined #openstack22:46
*** sergiuw has quit IRC22:49
*** dsneddon has quit IRC22:51
hetiiehh something crash on openstack side when I add few cidrs like 0.0.0.0/0 witf macs of e nics from my vm. General each field are added to "Allowed Address Pairs" but all macs on the list set to the lates mac I add and now I cannot remove them or edit port :/22:51
*** dsneddon has joined #openstack22:52
hetiicheck if can destroy everything by terraform22:53
*** shibboleth has joined #openstack22:55
*** arnoldoree has joined #openstack22:56
*** Yarboa has quit IRC23:02
*** Yarboa has joined #openstack23:04
*** cyberworm54 has joined #openstack23:05
*** gmoro has quit IRC23:10
*** shibboleth has quit IRC23:12
*** samuelbernardo has quit IRC23:19
*** Yarboa has quit IRC23:21
*** dsneddon has quit IRC23:23
*** Yarboa has joined #openstack23:24
*** dsneddon has joined #openstack23:24
*** cyberworm54 has quit IRC23:34
*** shibboleth has joined #openstack23:43
*** skyraven has joined #openstack23:47
*** macz_ has quit IRC23:47
*** illuminated has quit IRC23:48
*** illuminated has joined #openstack23:48
*** skyraven has quit IRC23:51
*** cyberworm54 has joined #openstack23:52
« Tuesday, 2020-10-27 Index Thursday, 2020-10-29 »

Generated by irclog2html.py 2.17.2 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!