Monday, 2017-12-04

« Sunday, 2017-12-03 Index Tuesday, 2017-12-05 »
*** sai_ has joined #puppet-openstack01:58
*** ilbot3 has quit IRC02:45
*** ilbot3 has joined #puppet-openstack02:57
*** ykarel has joined #puppet-openstack04:02
*** udesale has joined #puppet-openstack04:25
*** udesale has quit IRC04:25
*** udesale has joined #puppet-openstack04:25
*** skramaja has joined #puppet-openstack05:04
*** jaosorior has joined #puppet-openstack05:16
*** jaganathan has joined #puppet-openstack05:18
*** ratailor has joined #puppet-openstack05:46
*** ntpttr_laptop has joined #puppet-openstack05:51
*** sai_ has quit IRC06:00
*** jtomasek has joined #puppet-openstack06:08
*** ntpttr_laptop has quit IRC06:21
*** morazi has quit IRC06:33
*** jaganathan has quit IRC06:39
*** jaganathan_ has joined #puppet-openstack06:39
*** morazi has joined #puppet-openstack07:41
*** karthiks has joined #puppet-openstack07:44
*** shardy has joined #puppet-openstack07:48
*** rcernin has quit IRC07:49
*** ccamacho has joined #puppet-openstack07:55
*** jtomasek has quit IRC08:11
*** jtomasek has joined #puppet-openstack08:11
*** tesseract has joined #puppet-openstack08:13
*** agurenko has joined #puppet-openstack08:17
*** yprokule has joined #puppet-openstack08:18
*** rcernin has joined #puppet-openstack08:35
*** jpena|off is now known as jpena08:48
*** ykarel is now known as ykarel|lunch08:52
*** vnogin has joined #puppet-openstack08:57
*** vnogin has quit IRC09:01
*** Guest13268 is now known as zigo09:09
*** gfidente has joined #puppet-openstack09:13
openstackgerritDnyaneshwar proposed openstack/puppet-cinder stable/pike: Veritas HyperScale: Fixes image volume caching.  https://review.openstack.org/52510509:19
*** vnogin has joined #puppet-openstack09:24
*** derekh has joined #puppet-openstack09:38
*** jaganathan_ has quit IRC09:56
*** ykarel|lunch is now known as ykarel09:59
*** salmankhan has joined #puppet-openstack10:09
*** vnogin has quit IRC10:10
*** salmankhan has quit IRC10:12
*** vnogin has joined #puppet-openstack10:12
*** salmankhan has joined #puppet-openstack10:12
*** etingof has quit IRC10:17
*** vnogin has quit IRC10:23
*** vnogin has joined #puppet-openstack10:27
*** vnogin has quit IRC10:50
*** etingof has joined #puppet-openstack10:52
*** jaganathan has joined #puppet-openstack10:56
*** etingof has quit IRC10:59
*** vnogin has joined #puppet-openstack11:11
*** etingof has joined #puppet-openstack11:12
*** chem has joined #puppet-openstack11:17
*** dtantsur|afk is now known as dtantsur11:30
*** shardy has quit IRC11:44
*** shardy has joined #puppet-openstack11:45
*** ratailor has quit IRC11:52
*** jpena is now known as jpena|lunch11:57
*** makowals has joined #puppet-openstack12:10
*** oidgar has joined #puppet-openstack12:14
*** oidgar has quit IRC12:28
*** rcernin has quit IRC12:31
*** ansmith has quit IRC12:31
*** vnogin has quit IRC12:32
*** vnogin has joined #puppet-openstack12:32
*** derekh has quit IRC12:36
*** oidgar has joined #puppet-openstack12:42
*** skramaja has quit IRC12:42
*** vnogin has quit IRC12:42
*** gfidente has quit IRC12:57
*** vnogin has joined #puppet-openstack12:58
*** gfidente has joined #puppet-openstack13:00
*** dprince has joined #puppet-openstack13:02
*** dtantsur is now known as dtantsur|lunch13:03
*** jpena|lunch is now known as jpena13:04
*** gfidente has quit IRC13:05
*** trown|outtypewww has quit IRC13:06
*** trown has joined #puppet-openstack13:07
*** gfidente has joined #puppet-openstack13:07
*** gfidente has quit IRC13:07
*** gfidente has joined #puppet-openstack13:07
*** vnogin has quit IRC13:10
*** oidgar has quit IRC13:12
*** jaganathan has quit IRC13:14
*** colonwq has quit IRC13:23
*** ykarel_ has joined #puppet-openstack13:24
*** ykarel has quit IRC13:26
*** ykarel__ has joined #puppet-openstack13:30
*** vinsh_ has quit IRC13:32
*** ykarel_ has quit IRC13:32
*** vinsh has joined #puppet-openstack13:33
*** spredzy has quit IRC13:33
*** spredzy has joined #puppet-openstack13:33
*** ykarel_ has joined #puppet-openstack13:37
*** dtantsur|lunch is now known as dtantsur13:38
*** ykarel__ has quit IRC13:40
*** ykarel_ has quit IRC13:51
*** ykarel has joined #puppet-openstack13:51
*** ansmith has joined #puppet-openstack14:02
*** vnogin has joined #puppet-openstack14:02
*** fultonj has joined #puppet-openstack14:11
*** karthiks has quit IRC14:12
*** makowals has quit IRC14:28
*** makowals has joined #puppet-openstack14:32
dtantsurfolks, can someone please advise me on some non-trivial puppet?14:33
dtantsurI need something that will conditionally: 1. generate an SSH key, 2. put its private part on disk, 3. read its public part into a variable, 4. feed it into one of existing oslo.config variables.14:33
dtantsurhow crazy is this idea? especially, the conditional bit?14:34
* dtantsur looks at https://stackoverflow.com/questions/19694858/store-contents-of-a-file-in-a-variable14:36
*** ykarel is now known as ykarel|away14:38
*** ykarel|away has quit IRC14:43
dtantsurmmm, do I get it right that reading a file into a variable is so hard I better do it somewhere else? :(14:55
dtantsurmwhahaha or EmilienM ^^^14:55
mwhahahawould need a provider to do such things14:55
*** vnogin has quit IRC14:56
mwhahahait does sound quite complex, could ironic be updated to accept a path instead of the contents?14:56
dtantsurmwhahaha: it's not about ironic, really..14:56
dtantsurmwhahaha: it's about auto-configuring this beast: https://docs.openstack.org/diskimage-builder/latest/elements/dynamic-login/README.html14:57
mwhahahacause i don't think the pub part really should be a file location and not a var in a conf14:57
dtantsura ramdisk cannot read a file on the host14:57
mwhahahaugh14:57
mwhahahabut what feeds it to ramdisk?14:57
dtantsurmwhahaha: the pub key content, see "sshkey" variable there14:58
mwhahahadtantsur: no what part of the process does that15:00
mwhahahadtantsur: what gives it to the ramdisk var, i assume this comes from the pxe stuff?15:00
dtantsurmwhahaha: ironic defines kernel parameter via the pxe_append_params option15:01
mwhahahadtantsur: right so why can't ironic accept a file15:01
dtantsurmwhahaha: and feed it where? the sshkey variable is specific to this particular DIB element, it does not come from ironic15:01
dtantsurso such feature will depend on 1. using DIB for building ramdisk, 2. using this particular element15:02
mwhahahai guess i don't have a clear understanding of this whole process15:02
mwhahahait seems like it would be better if the pub key wasn't rolled into the image itself15:02
mwhahahabut rather something fed in at pxe boot time15:02
dtantsurthat's what we do, yes15:02
mwhahaha...15:02
dtantsurwe can ask ironic to insert arbitrary parameters to the kernel command line15:03
*** vnogin has joined #puppet-openstack15:03
dtantsurthis dynamic-login element injects a boot-time script that takes "sshkey" parameter and adds it in authorized_keys15:03
dtantsurnow, a problem: ironic is not aware of the existance of the dynamic-login element15:03
mwhahahaso why can't ironic read a file, to get the pub key to pass in at boot time15:03
mwhahahaironic reads file, puts key in cmd line params, ..., profit?15:04
dtantsurbecause ironic does not have a feature "inject public key into IPA". it's provided by DIB15:04
dtantsurif we do that, we have to make "sshkey" kernel variable work with all the ways we build IPA15:04
dtantsurand make it mandatory for DIB15:04
mwhahahaso that is what i was asking15:05
mwhahahabecause ironic doesn't currently support this15:05
mwhahahabut that's why i'm asking what if that was the feature rather than having to do a bunch of random shenanigans to get the pub key into a conf15:06
dtantsuryeah, ironic does not have this feature. I'm trying to use a feature provided by DIB15:06
mwhahahai'm tring to figureout how you're trying to exercise the DIB feather15:06
mwhahahaand how that plays into the whole workflow15:06
dtantsurside note: reading a file is not "random shenanigans" in modern programming15:06
*** alee has quit IRC15:07
dtantsurthis feature is completely within DIB. it does not exists anywhere else.15:07
mwhahahadtantsur: but it is in deployment, which is why i was poing to doing that in a programing language15:07
dtantsurwe can talk about introducing an ironic feature, but that's a whole other story, that will go way beyond what I'm trying to achieve for tripleo15:08
*** alee has joined #puppet-openstack15:09
dtantsurthere is an option of doing it in instack-undercloud, of course15:11
mwhahahadtantsur: so i assume you're doing an ssh key gen as part of the deployment process then you need to capture the output and drop it into an ironic config15:12
dtantsurcorrect15:12
mwhahahaso for proper puppet, you'd need a provider15:13
mwhahahaor add a custom part in the ironic_config15:14
mwhahahadtantsur: where is the oslo.config setting you're trying to do adjust? ironic_config?15:14
dtantsurmwhahaha: yep, this one https://github.com/openstack/puppet-ironic/blob/afac29a623e20161cef56e09d4ebcd87786e0e47/manifests/drivers/pxe.pp#L11115:15
mwhahahadtantsur: so you could add a custom bit of code in ironic_config to custom handle ssh key gen & var updates15:16
dtantsurmwhahaha: anything to do with https://github.com/openstack/puppet-ironic/blob/afac29a623e20161cef56e09d4ebcd87786e0e47/lib/puppet/type/ironic_config.rb#L19-L34 ?15:17
mwhahahano necessarily15:20
mwhahahanot15:20
mwhahahai'll see if i can dig up an example15:20
dtantsurthanks, that would be handy15:21
*** agurenko has quit IRC15:23
*** oidgar has joined #puppet-openstack15:25
*** vnogin has quit IRC15:34
*** sai_ has joined #puppet-openstack15:40
*** vnogin has joined #puppet-openstack15:40
*** colonwq has joined #puppet-openstack15:43
*** vinsh has quit IRC15:50
*** vinsh has joined #puppet-openstack15:50
*** vinsh_ has joined #puppet-openstack15:52
openstackgerritEmilien Macchi proposed openstack/puppet-cinder stable/pike: Veritas HyperScale: Fixes image volume caching.  https://review.openstack.org/52510515:54
*** makowals has quit IRC15:55
*** vinsh has quit IRC15:56
*** trown is now known as trown|brb15:58
*** makowals has joined #puppet-openstack15:58
*** trown|brb is now known as trown16:07
*** morazi has quit IRC16:08
rajinirHi , can someone help with this review. https://review.openstack.org/#/c/519765/, one of the tests keeps failing and not clear why. It has nothing to do with the patch16:12
mnaserrajinir: i was just having a look now16:22
mnaser i think its not breaking in something you did16:22
mnaserim having a look16:22
rajinirmnaser: ok16:23
*** vnogin has quit IRC16:23
mnaseri think whats happening here is that ubuntu starts up services by default on installation (sigh)16:29
mnaserand what happens is cinder-backup starts up and fails a few times quickly while its doing other things16:29
mnaseradn then when it comes and tries to do a restart i think systemd probably has the service blocked16:29
mnaserNov 30 17:39:24 ubuntu-xenial-citycloud-lon1-0001145044 systemd[1]: cinder-backup.service: Start request repeated too quickly.16:30
mnaseryep.16:30
mnasermwhahaha: EmilienM you folks have an idea how we can work around this? :(16:34
mwhahahacinder is broke in ocata16:34
mwhahahafor ubuntu16:34
mnaseryeah16:34
mnaseri've discovered this16:34
mwhahahaso other than brining it up in #ubuntu-server not really16:34
mnaseri ntrying to help rajinir pass get in16:34
mwhahahaswitch it to non-voting16:35
mnaserbleh16:35
mnaserokay16:35
mnaserill do a few checks over the holidays16:35
mnasereither people have to help us maintain ubuntu stuff or we (unfortunately) might have to drop support because we're not getting any help from packaging :\16:36
mnaseresp that integration has been nv for a while too16:36
mnaserthis is just adding on top of it16:36
mwhahahawell that one is probably a bug because it used to work16:36
mwhahahaso something changed in updates so jamespage or corycb probably might be able to help get the cidner-backup thing fixed16:37
*** jpena is now known as jpena|brb16:43
*** danpawlik_ has quit IRC16:45
*** danpawlik_ has joined #puppet-openstack16:46
rajinirmnaser: thank you16:51
dtantsurmwhahaha: sorry, did you manage to find an example we talked about today?17:02
mwhahahadtantsur: not yet, meetings17:06
dtantsurah, I see17:08
*** LutzB has quit IRC17:13
mwhahahadtantsur: so what you could do is use munge to swap out the values17:14
mwhahahadtantsur: http://garylarizza.com/blog/2013/11/25/fun-with-providers/ general concept17:14
dtantsurthanks!17:15
*** oidgar has quit IRC17:16
*** udesale has quit IRC17:17
mwhahahadtantsur: there is also a concept of transform_to17:18
mwhahahadtantsur: that you could use to transform a file path to a value17:18
mwhahahadtantsur: https://github.com/openstack/puppet-openstacklib/blob/master/lib/puppet/provider/openstack_config/ini_setting.rb#L1417:18
dtantsuryeah. I recall it was used somewhere, but I could not find an example17:18
dtantsurthanks!17:18
mwhahahadtantsur: so you could for that key, run transform to check local file to read contents or just set value17:19
mwhahahaso that option could accept either a string or a filepath17:19
mwhahahadtantsur: i think that would be the cleanest implementation17:19
dtantsurit's going to be a bit funny though, as this is not the only thing in the variable17:20
dtantsurI mean, the sshkey17:20
mwhahahadtantsur: well that's where the transform or munge comes in17:20
mwhahahahttps://github.com/openstack/puppet-openstacklib/blob/master/lib/puppet/provider/openstack_config/ini_setting.rb#L6117:20
*** tesseract has quit IRC17:20
mwhahahaso you can operate on it, read it and fix it17:20
dtantsurnice! /me will learn more puppet magic :)17:21
*** ntpttr_laptop has joined #puppet-openstack17:21
mwhahahaso if "a=123 key=file:/etc/foo" -> "a=123 key=abcef"17:21
mwhahahasomething like that17:22
dtantsurwow, impressive17:22
*** jpena|brb is now known as jpena17:25
mwhahahait gets complicated and ugly if you have to do string replacing stuff but if it's tokenizable it shouldn't be too bad to swap out part of it17:31
*** LutzB has joined #puppet-openstack17:32
*** yprokule has quit IRC17:45
*** gfidente has quit IRC17:57
*** gfidente has joined #puppet-openstack17:59
*** gfidente has quit IRC17:59
*** gfidente has joined #puppet-openstack17:59
*** trown is now known as trown|lunch18:00
*** dtantsur is now known as dtantsur|afk18:08
*** jpena is now known as jpena|away18:20
*** fultonj has quit IRC18:35
*** fultonj has joined #puppet-openstack18:37
*** jpena|away is now known as jpena|off18:48
*** salmankhan has quit IRC18:50
*** etingof has quit IRC19:06
*** fultonj has quit IRC19:06
*** fultonj has joined #puppet-openstack19:14
*** trown|lunch is now known as trown19:18
*** vnogin has joined #puppet-openstack19:24
*** vnogin has quit IRC19:28
*** rwsu has quit IRC19:29
*** salmankhan has joined #puppet-openstack20:09
*** salmankhan has quit IRC20:14
*** rwsu has joined #puppet-openstack20:25
*** vnogin has joined #puppet-openstack20:38
*** etingof has joined #puppet-openstack20:40
mwhahahamnaser: fyi the m2 release https://review.openstack.org/52530620:50
*** vnogin has quit IRC20:50
*** jaosorior has quit IRC20:51
mnasermwhahaha: thanks. I want to make sure release job isn’t broken. The vitrage changed in stable pike failed you did20:51
mnaserI rechecked but let’s make sure that issue was resolved to avoid any issues20:52
mwhahahamnaser: stable/pike vitrage is broken but master is fine20:52
mwhahahai think it's related to pike's selinux20:52
mwhahahai tried to reproduce it on friday but couldn't20:52
mwhahahawhich was annoying20:52
mwhahahabecause it's fine in RDO but not against the centos mirrors20:53
mwhahahaand beaker in CI uses centos mirrors while locally it used RDO20:53
mwhahahahttp://eavesdrop.openstack.org/irclogs/%23puppet-openstack/%23puppet-openstack.2017-12-01.log.html#t2017-12-01T22:55:0120:54
mwhahahaand http://eavesdrop.openstack.org/irclogs/%23puppet-openstack/%23puppet-openstack.2017-12-02.log.html#t2017-12-02T00:22:2220:54
mnasermwhahaha: but the build job is failing not the unit tests or anything20:57
mnaserlet me find the review in question20:57
mwhahahamnaser: on stable/pike because we haven't been able to merge the stable/pike ci stuff20:57
mnasermwhahaha: https://review.openstack.org/#/c/524298/20:57
mnaserthis one runs the build job only because of metadata.json change20:57
mnaserthe build gives "No such file or directory"20:57
mwhahahamnaser: we haven't been able to merge the bindep or zuul v3 stuff20:58
mnaseroh no puppet in bindep20:58
mwhahahahttps://review.openstack.org/#/q/project:openstack/puppet-vitrage+status:open20:58
mnaserok sorry you're right20:58
mwhahahastable/pike vitrage CI is a bad spot20:58
mwhahahamaster is fine20:58
mnaseryeah gotcha20:58
mnasermwhahaha: looks good, thank you21:00
*** shardy has quit IRC21:05
*** vnogin has joined #puppet-openstack21:19
openstackgerritThiago da Silva proposed openstack/puppet-swift master: Adding barbican configuration to swift  https://review.openstack.org/52532121:23
*** vnogin has quit IRC21:29
*** rwsu has quit IRC21:29
*** vnogin has joined #puppet-openstack21:32
aleemwhahaha, hey - I'm trying to understand your comment here -- https://review.openstack.org/#/c/523449/8/manifests/api.pp21:36
mwhahahaalee: $enabled_secretstore_plugins is defined when $::os_service_default21:37
mwhahahaalee: you'd want to use !is_service_default($enabled_secretstore_plugins) to have a check when it's been defined by the operator21:37
*** ansmith has quit IRC21:40
openstackgerritXingchao Yu proposed openstack/puppet-magnum master: Add trustee related parameters in magnum::keystone::domain  https://review.openstack.org/52532721:42
*** dprince has quit IRC21:44
*** jtomasek has quit IRC21:45
aleemwhahaha, I see -- so I need something like -- if $multiple_secret_stores_enabled and !is_service_default($enabled_secretstore_plugins) and $enabled_secretstre_plugins != $::os_service_default  ?21:45
aleemwhahaha, do I need the third check?21:46
mwhahahano21:46
*** etingof has quit IRC21:46
mwhahahais_service_default($enabled_secretstore_pugins) is true if $::os_service_default21:46
aleemwhahaha, cool - you mentioned it, so I was not sure ..21:46
*** vnogin has quit IRC21:48
mwhahahaalee: now the question is does $enabled_secretstore_plugins need to be defined if $multiple_secret_stores_enabled21:49
aleemwhahaha, no it doesn't21:49
*** ccamacho has quit IRC21:49
aleemwhahaha, you could define it but it will be ignored21:49
mwhahahak21:49
openstackgerritAde Lee proposed openstack/puppet-barbican master: Add support for multiple backends  https://review.openstack.org/52344921:54
*** trown is now known as trown|outtypewww21:54
*** vnogin has joined #puppet-openstack21:56
*** rcernin has joined #puppet-openstack22:07
*** rwsu has joined #puppet-openstack22:27
*** ansmith has joined #puppet-openstack22:47
*** etingof has joined #puppet-openstack23:03
*** hjensas has quit IRC23:06
« Sunday, 2017-12-03 Index Tuesday, 2017-12-05 »

Generated by irclog2html.py 2.15.3 by Marius Gedminas - find it at mg.pov.lt!