Monday, 2018-04-16

« Sunday, 2018-04-15 Index Tuesday, 2018-04-17 »
*** dims has quit IRC00:42
*** JasonCL has quit IRC01:07
openstackgerritTristan Cacqueray proposed openstack-infra/zuul master: docs: add build status documentation  https://review.openstack.org/56148901:08
*** 18WAAQUZ1 has joined #zuul01:14
*** 18WAAQUZ1 has quit IRC02:06
*** JasonCL has joined #zuul02:15
*** JasonCL has quit IRC02:16
*** Wei_Liu has joined #zuul02:34
*** JasonCL has joined #zuul02:36
*** JasonCL has quit IRC02:58
*** AJaeger has quit IRC06:03
*** bhavik1 has joined #zuul06:41
*** snapiri has joined #zuul06:49
*** hashar has joined #zuul06:50
*** threestrands has quit IRC07:47
*** jpena|off is now known as jpena07:51
*** bhavik1 has quit IRC08:19
*** electrofelix has joined #zuul08:40
*** amito has joined #zuul08:48
*** JasonCL has joined #zuul09:49
electrofelixhitting a problem with zuul v2, it seems that in a patch queue, any subsequent change that adds a Depends-On entry creating a cycle can prevent the original patch (that does not have a cycle) from being properly enqueued at: https://github.com/openstack-infra/zuul/blob/2.6.0/zuul/connection/gerrit.py#L116-L11711:08
electrofelixGet the following traceback http://paste.openstack.org/show/719290/11:09
electrofelixIs it safe to change the exception behaviour to be caught in _updateChanges to skip adding to needs_changes at https://github.com/openstack-infra/zuul/blob/2.6.0/zuul/source/gerrit.py#L320-L32211:14
electrofelixThis looks to be fixed in v3 to correctly skip enqueuing subsequent changes rather than the parent change, so just looking for a bit of guidence on how to bandaid this for v2 until we're in a position to migrate?11:17
openstackgerritMerged openstack-infra/zuul master: Remove docker instructions and build:docker helper command  https://review.openstack.org/56010511:17
electrofelixSorry looks like the exception is actually thrown at https://github.com/openstack-infra/zuul/blob/2.6.0/zuul/source/gerrit.py#L308-L310 my mistake11:19
openstackgerritTristan Cacqueray proposed openstack-infra/zuul master: mqtt: add basic reporter  https://review.openstack.org/53554311:31
*** elyezer_ has quit IRC11:33
*** AJaeger has joined #zuul11:40
*** elyezer_ has joined #zuul11:46
*** dmsimard is now known as dmsimard|off12:16
*** dims has joined #zuul12:30
*** rlandy has joined #zuul12:37
*** snapiri has quit IRC12:49
*** snapiri has joined #zuul12:57
openstackgerritMerged openstack-infra/zuul master: Tell geard to use keepalives  https://review.openstack.org/42524813:33
*** jimi|ansible has quit IRC14:11
fungielectrofelix: i didn't even realize we'd fixed it in v3 and was still assuming it behaved the same14:14
fungibut yeah, we've been well aware of that symptom all the way back to when depends-on got introduced14:15
fungithe idea was that just to be as safe as possible, zuul aborted all processing for any set of changes where a dependency loop appears14:15
fungiit tended to be annoying to have to track down, since it involved searching the scheduler's log for that particular exception or working it out by searching around in gerrit14:17
fungii think we've mostly resolved that we could probably safely leave a comment on changes involved in a loop, though determining which change(s) to comment on if you're not going to comment on all of them could be a bit of a challenge14:18
fungii also don't know if anyone's working on that yet14:18
corvuselectrofelix: if i had a simple answer, i'd give it, but i think not only did we change some handling around dependencies in the gerrit driver, but also some aspects of change caching -- they may be interrelated.14:21
ShrewsJust FYI, I am afk while having electrical work done on the house this morning. Hope to be fully online soonish14:52
*** mugsie has quit IRC14:53
electrofelixcorvus: I think that's a sufficient answer to suggest it's not safe for us to make that change ;-)14:53
*** mugsie has joined #zuul14:53
*** mugsie has quit IRC14:53
*** mugsie has joined #zuul14:53
electrofelixfungi corvus: sounds like we're probably better off living with the issue until we migrate14:53
electrofelixthanks14:53
fungielectrofelix: yeah, we managed to deal with it for years at the change volume sustained by the openstack project, so it's not impossible14:58
*** ssbarnea_ has joined #zuul14:59
fungielectrofelix: basically i got to the point where if zuul was inexplicably not enqueuing a change that looked like it should be, first thing i'd do is grep the logs for that exception14:59
fungibecause more often than not that was the problem14:59
*** hashar is now known as hasharAway15:16
*** myoung is now known as myoung|brb15:44
*** jpena is now known as jpena|brb15:47
*** mgagne_ is now known as mgagne15:50
*** myoung|brb is now known as myoung15:50
corvusfungi, clarkb, mordred, pabelanger: the foundation marketing folks suggested putting a video of the zuul simulation bit from the zuul overview talk on the website; i've made one, and it's come in at about 2MB.  that's "big", but probably not too big to check into the website repo.  but i wonder if we should anticipate other large media, and create a zuul-website-media git repo for large blobs.  that way just15:54
corvusediting the content doesn't require you to pull down a bunch of "big" files?15:54
*** dkranz has quit IRC15:56
*** dkranz has joined #zuul15:57
pabelangerthat sounds great to me15:57
fungiyeah, i like that idea15:58
openstackgerritClark Boylan proposed openstack-infra/zuul-jobs master: Don't use pip internals  https://review.openstack.org/56165916:04
clarkbcorvus: https://bugs.chromium.org/p/gerrit/issues/detail?id=3829 may be of use?16:05
corvusremote:   https://review.openstack.org/561660 Add zuul-website-media project16:06
corvusclarkb: oh, do you think we need to do that?  i'm assuming we can handle several mb files in git without special support, just that it's inconvenient to clone repos that have a bunch.16:08
clarkbI don't think we need to do that, just pointing it out as an option16:09
corvusclarkb: i guess if we did that, we still need a storage space?16:09
clarkbI'm also not sure how git replication would work with that16:09
clarkbcorvus: ya16:09
*** jpena|brb is now known as jpena|off16:32
*** elyezer_ has quit IRC16:38
*** jpena|off is now known as jpena16:39
openstackgerritJames E. Blair proposed openstack-infra/zuul master: Test base job secrets  https://review.openstack.org/56103016:39
openstackgerritJames E. Blair proposed openstack-infra/zuul master: Don't store references to secret objects from jobs  https://review.openstack.org/55359616:39
openstackgerritJames E. Blair proposed openstack-infra/zuul master: Perform late validation of secrets  https://review.openstack.org/55304116:39
openstackgerritJames E. Blair proposed openstack-infra/zuul master: Perform late validation of nodesets  https://review.openstack.org/55308816:39
openstackgerritJames E. Blair proposed openstack-infra/zuul master: WIP: late bind pipelines  https://review.openstack.org/55361816:39
*** elyezer_ has joined #zuul16:40
pabelangerdoes zuul still support github without a GitHub application?  IIRC, there was the ability to configure each project manually to use webhooks right?16:52
rcarrillocruzthink so, but GH app is the recommend way of doing so16:56
rcarrillocruziirc SpamapS is using hooks ?16:56
openstackgerritJames E. Blair proposed openstack-infra/zuul master: Remove extra words from gerrit setup docs  https://review.openstack.org/56167216:57
pabelangerrcarrillocruz: yah, right now I don't want to setup an org, can't see a way of using them from a personal repo16:58
pabelangerbut testing the webhooks directly on a repo16:58
rcarrillocruzyup, i had to create rcarrillocruz-org for that purpose16:58
rcarrillocruzfor tinkering with it16:58
corvuspabelanger: you should be able to create an app under your account16:59
corvuspabelanger: https://developer.github.com/apps/building-github-apps/creating-a-github-app/17:00
corvus"You can create and register a GitHub App under your personal account or under any organization you have administrative access to."17:00
mrhillsmani really wanted to try to fix but figured you all would be quicker17:00
mrhillsmanit is not possible right now to encrypt secrets unless i am just totally wrong and that is reasonable since i am not a developer by nature17:00
pabelangercorvus: Oh, cool! Thanks17:01
mrhillsmanin rpclistener.py the last function handle_get_key is broken17:01
mrhillsmanagain, could just be me, but this never works - (trusted, project) = tenant.getProject(args.get("project")) - as tenant.getProject fails because tenant = self.sched.abide.tenants.get(args.get("tenant")) returns None17:02
mrhillsmanwhen webapp.py was around this URL works - http://{address}:8001/tenant/keys/connection/project-org/project.pub17:04
corvusmrhillsman: i don't think there's anything fundamentally broken in handle_get_key -- if the tenant argument passed to it exists, it should work.  if it's returning None there, it must be getting an invalid tenant name.17:05
mrhillsmani'm 100% sure the tenant exists17:05
clarkbmrhillsman: rightb ut didn't you say the tenant was failign to load the other day?17:05
mrhillsmanand other URLs reflect that17:05
corvusmrhillsman: it's possible we neglected to update the encrypt_secrets.py script with the api route changes17:06
tobiashpabelanger: an org is basically the same as the personal space17:06
mrhillsmanapi/tenants - shows it, api/tenant/tenant/info, etc17:06
tobiashpabelanger: and installation of the app can be done either on an org, the personal space or invididual repos17:06
mrhillsmannah, i'm looking at the scheduler trying to handle the key_get job and it always complains about tenant.getProject17:07
mrhillsmanbecause tenant is None17:07
tobiashpabelanger: oh corvus already said that17:07
pabelangertobiash: yah, thanks. I'll try that in a moment17:07
* tobiash should read complete backlog before replying17:07
openstackgerritJeremy Stanley proposed openstack-infra/zuul-jobs master: DNM: getting details on pip and virtualenv  https://review.openstack.org/56167517:07
corvusmrhillsman: do you have multiple tenants, or are you single-tenant whitelabel (like openstack)?17:07
mrhillsmansingle tenant17:08
mrhillsmanwaiting on scheduler to restart and i will give you link17:08
corvusmrhillsman: i just encrypted a secret on openstack with: python tools/encrypt_secret.py https://zuul.openstack.org/api openstack-infra/zuul17:09
corvus(we should not need 'api/' in there; i'll fix that)17:09
corvusbut it should at least work if you add that for now17:10
mrhillsmanwell, i could deal with the tool failing and being fixed17:10
mrhillsmanbut i should be able to see the public key in the browser17:10
mrhillsmanunless that has been disabled17:10
pabelangerAttributeError: 'NoneType' object has no attribute 'public_key'17:10
pabelangermrhillsman: is that what you got?^17:10
mrhillsmanok17:11
mrhillsmanhttp://37.187.92.93:9000/api/tenants17:11
mrhillsmanyou see the tenant17:11
mrhillsmanhttp://37.187.92.93:9000/api/tenant/jitcoding/info17:11
mrhillsmantenant info17:11
mrhillsmanso 100% sure it exists17:11
mrhillsmanunder webapp.py17:11
mrhillsmanhttp://80.158.22.48:8001/openlab/keys/github/gophercloud/gophercloud.pub17:11
mrhillsmanthat works17:11
mrhillsmanwhen i take that and adjust the URL based on the new structure17:12
mrhillsmanzuul-web crashes17:12
openstackgerritMerged openstack-infra/zuul master: Add Gerrit docs to Zuul From Scratch  https://review.openstack.org/55860017:12
openstackgerritMerged openstack-infra/zuul master: Add static driver doc to Zuul From Scratch  https://review.openstack.org/55880217:12
corvusmrhillsman: okay, you're directly accessing zuul-web, without a proxy server, so it's effectively a multi-tenant environment as far as the urls go17:13
mrhillsmani map the URL so am i doing the mapping wrong?17:13
tobiashmrhillsman: how does your mapping look like?17:13
mrhillsmanhttp://37.187.92.93:9000/api/tenant/jitcoding/keys/github/jitcoding/common-jobs.pub17:13
mrhillsmanif you click, zuul-web crashes ;)17:13
tobiashok, I got once 404 and now nothing ;)17:14
mrhillsmanhttps://www.irccloud.com/pastebin/3GNtXKEd/17:14
pabelangermrhillsman: I can reproduce that atrributeerror17:15
pabelangerif I use the wrong path info17:15
corvusmrhillsman: '/api/tenant/{tenant}/key/{project:.*}.pub' is the api url17:15
openstackgerritJeremy Stanley proposed openstack-infra/zuul-jobs master: DNM: getting details on pip and virtualenv  https://review.openstack.org/56167517:15
corvusmrhillsman: so it should be: http://37.187.92.93:9000/api/tenant/jitcoding/key/jitcoding/common-jobs.pub17:15
pabelangerbut I get {"error_description": "Internal error"} not a crash17:15
corvusmrhillsman: note "key" instead of "keys" and there's no more connection name17:16
mrhillsmanok will try that, but i think none of the variations worked17:16
clarkbfwiw if it is properly hard crashing it should probably be updated to not do that17:16
tobiashmrhillsman: do you have a recent zuul-web and scheduler?17:16
mrhillsmanrestarting zuul-web as it does not respond to any further requests17:16
mrhillsmanyep17:16
mrhillsman3.0.117:16
mrhillsmanok it is working -_-17:17
*** electrofelix has quit IRC17:18
mrhillsmanapi/tenant/{tenant}/key/{project:.*}.pub is confusing for a novice like myself17:19
mrhillsmani'll create a doc patch17:19
*** jpena is now known as jpena|off17:19
mrhillsmanin particular {project:.*}17:19
mrhillsmani thought it was project:{stuff_here} or just project name, and a number of other things probably17:20
pabelangerspeaking of keys, I wonder in the case of 3pci or using git driver for git.zuul-ci.org zuul-base-jobs, if we really need zuul to create keys for those projects, since they are not under the control of the local zuul17:21
mrhillsmanand knowing from previous issue with github payload that api was added figured only needed to add that for all the other things17:21
pabelangerI noticed they were generated when I first created my main.yaml17:21
mrhillsmanit does right for key encryption? i thought that was the point/purpose, how else would it be done securely17:22
mrhillsmanthis has been painful for the last couple of days hehe17:22
mrhillsmanat least i was able to show the zuul-web crashing even though i have not idea how to fix :)17:24
mrhillsmancorvus are you doing the patch for the encryption tool? if not i can17:24
corvusmrhillsman: i am17:24
openstackgerritJeremy Stanley proposed openstack-infra/zuul-jobs master: DNM: getting details on pip and virtualenv  https://review.openstack.org/56167517:25
mrhillsmanok cool17:25
tobiashmrhillsman: what's still strange is the zuul-web crash17:25
tobiashI tried that in my environment and couldn't get it to crash17:25
pabelangersame17:26
mrhillsmanhrmm17:26
fungia traceback from the zuul-web log would be most helpful17:26
tobiashmrhillsman: you said you have some mapping in front of zuul-web, can you show how that looks like?17:26
mrhillsmanzuul-web does not error which is quite strange but no longer serves any requests17:26
fungiassuming it manages to write to its log before dying in flames17:26
tobiashmaybe that has somthing to do with it17:26
pabelangerI just rebuilt with 3.0.1 to confirm also17:26
mrhillsmanwhat is also weird is it ain't doing it now17:27
mrhillsmanlol17:27
mrhillsmanbut y'all saw it17:27
tobiashso a heisenbug?17:27
mrhillsmanat least i think someone did, they said 404, then stuck loading17:27
mrhillsmannow when you click - http://37.187.92.93:9000/api/tenant/jitcoding/keys/github/jitcoding/common-jobs.pub17:28
mrhillsman404s every time17:28
tobiashmrhillsman: your paste (https://www.irccloud.com/pastebin/3GNtXKEd/) was from the scheduler?17:28
mrhillsmanyeah17:28
tobiashmrhillsman: do you have debug logging enabled in zuul-web17:29
tobiash?17:29
Shrewszuul-web stopping could very well be related to the non-async async nature17:29
mrhillsmanthere we go17:29
mrhillsmanhttp://37.187.92.93:9000/api/tenant/jitcoding/key/github/jitcoding/common-jobs.pub17:29
mrhillsmanthat caused it17:29
mrhillsmanwith the scheduler saying the same as you pasted17:29
mrhillsmanzuul-web - 2018-04-16 17:29:15,001 DEBUG zuul.RPCClient: Waiting for job completion17:30
Shrewsyep. that's what i'm trying to correct now17:30
mrhillsman++17:30
corvuswhy isn't the job completing?17:30
tobiashmrhillsman: so it looks like the scheduler doesn't answer and zuul-web blocks waiting for the response17:30
mrhillsman++17:31
mrhillsmanbut that is even weird because17:31
mrhillsman2018-04-16 17:29:15,007 INFO gear.Connection.b'Zuul RPC Listener': Sending packet to <gear.Connection 0x7f3ae6bfcd30 host: 10.15.211.180 port: 4730>: <gear.Packet 0x7f3ae4020940 type: WORK_EXCEPTION handle: b'H:gearman00:299'>17:31
mrhillsmanso gearman not responding to zuul-web?17:32
corvuswe should fix zuul-web to not block, but the more worrying thing is why it isn't completing.  if we don't fix *that*, even if we do fix the async stuff, well end up with infinitely growing pending jobs (and stress on the asyncio executor thread pool)17:32
tobiashthe scheduler should send work exception http://git.openstack.org/cgit/openstack-infra/zuul/tree/zuul/rpclistener.py#n11217:33
mrhillsmanit is isn't it? 2018-04-16 17:29:15,007 INFO gear.Connection.b'Zuul RPC Listener': Sending packet to <gear.Connection 0x7f3ae6bfcd30 host: 10.15.211.180 port: 4730>: <gear.Packet 0x7f3ae4020940 type: WORK_EXCEPTION handle: b'H:gearman00:299'>17:34
tobiashmrhillsman: are you running the integrated geard or a separate gearman server?17:34
openstackgerritClark Boylan proposed openstack-infra/zuul-jobs master: Don't use pip internals  https://review.openstack.org/56165917:34
mrhillsmanseparate gearman17:34
tobiashwhich gearman?17:34
mrhillsmangearman-job-server installed via packaged ubuntu16.04.417:34
mrhillsmans/packaged/packaging17:35
tobiashmrhillsman: that could be the problem17:35
tobiashback in zuulv2 I had problems getting zuul to work with that17:35
mrhillsmanshould i install from upstream and try again?17:35
tobiashthat might not support the WORK_EXCEPTION17:35
corvusor maybe it doesn't pass work_exception to the client.17:35
corvusthe gear protocol has traditionally been under-specified.17:36
tobiashprobably17:36
mrhillsmanhttps://github.com/gearman/gearmand/issues/7017:36
clarkbI think Shrews' change to stick it on the asyncio threadpool with a timeout will at least prevent it from getting worse over time17:37
clarkbunless DoS'd in a short period of time17:37
mrhillsmanhttps://bugs.launchpad.net/gearmand/+bug/405732/comments/117:38
openstackLaunchpad bug 405732 in Gearman "WORK_EXCEPTION never forwarded to client" [Undecided,Invalid] - Assigned to Eric Day (eday)17:38
tobiashmrhillsman: back in v2 times I ran gearmand from fedora17:38
corvusclarkb: i disagree, it trades one problem for another17:38
mrhillsmanconsider using a combination of WORK_WARNING and WORK_FAIL messages17:38
tobiashbut now in v3 I just run it within the scheduler17:38
corvusclarkb: see what i wrote above about zuul-web accumulating stuck jobs indefinitely17:38
Shrewseday! wow, almost forgot about him17:38
openstackgerritJeremy Stanley proposed openstack-infra/zuul-jobs master: DNM: trying to upgrade pip before running tox  https://review.openstack.org/56167517:38
tobiashas this is afaik the only way to do proper encryption with client cert auth17:38
clarkbcorvus: they will timeout though right?17:38
corvusclarkb: no17:39
mrhillsmanso maybe i should install from upstream rather than packaging17:39
clarkbcorvus: https://review.openstack.org/#/c/560044/5/zuul/driver/github/githubconnection.py they will if that change goes in? I had thought that had merged for some reason17:39
tobiashmrhillsman: so you probably want to enable the gearman server in the zuul-scheduler17:39
tobiashor run the python geard17:40
corvusmrhillsman: i recommend using zuul's internal gearman server for now.  i think supporting something else is a moderate development effort -- not a quick fix.17:40
corvusclarkb: the code that calls has no provision for timing out.  what happens in that case?  does the asyncio executor kill the thread?  i thought that was not recommended in python.  i assume it just returns control to the greenthread without doing anything to the underlying pthread.  and those accumulate forever?17:42
mrhillsmanok17:42
corvusclarkb, Shrews: everytime i look at that, i think we need a proper gearman client for zuul-web, just like zuul-executor.17:43
corvusclarkb, Shrews: i'm becoming more convinced of that17:43
Shrewscorvus: that's what you suggested last week, right?  IIRC17:44
* Shrews digging back into that now that I have electricity again17:44
corvusShrews: yeah.  but as a 'improvement'.  i'm thinking now it may be more important.17:44
clarkb"Returns result of the Future or coroutine. When a timeout occurs, it cancels the task and raises asyncio.TimeoutError. To avoid the task cancellation, wrap it in shield()."17:44
clarkbI read that as the thread pool thread will be freed and the code that is blocking will be stopped17:45
clarkbbut likely need to test it or read the source to be sure17:45
corvusclarkb: i don't read that as necessarily implying it does anything with the underlying thread.  it could just stop waiting for it.  but i also agree it doesn't discount that.  :)17:46
clarkbhttps://docs.python.org/3/library/asyncio-task.html#asyncio.Task.cancel talks about the implementation17:46
clarkbit causes an exception to be raised17:46
clarkbif they are mangling python in such a way that a blocking io call can raise that exception I think we are ok there17:47
clarkbif not then ya it would likely tie up threads17:47
corvusclarkb: okay, that's reasonable and could mean we don't end up with a thread sitting there forever17:48
openstackgerritJames E. Blair proposed openstack-infra/zuul master: Update encrypt_secret to be API aware  https://review.openstack.org/56168117:49
corvusmordred: ^ can you take a look at that change17:49
openstackgerritJeremy Stanley proposed openstack-infra/zuul-jobs master: DNM: trying to upgrade pip before running tox  https://review.openstack.org/56167517:50
tobiashcorvus: tested 561681 against my multitenant environment17:55
tobiashand works17:55
corvustobiash: thanks!  i tested it against openstack17:56
tobiashon friday we thought we should make the quite the same change17:57
tobiashbut you were faster ;)17:57
openstackgerritJeremy Stanley proposed openstack-infra/zuul-jobs master: DNM: trying to upgrade pip before running tox  https://review.openstack.org/56167517:59
corvustobiash: oh, sorry, i was deep into making a video on friday and may have missed some chat18:02
pabelangerso, looking to get some help on github connection driver, I believe I have it setup properly, as I can see the following:18:03
pabelanger2018-04-16 18:01:35,288 INFO zuul.GithubConnection: Starting GitHub connection: github.com18:03
pabelangerand I see zuul-merger clone git repos from my github.com namespace18:03
clarkbcorvus: tobiash: thinking out loud here, would it make sense to have white labels pass through the nroaml tenant'd urls too? then tooling like this could be made simpler and just always provide a tenant?18:03
pabelangerhowever, http://162.253.55.78:9000/api/connection/github.com/payload is 40418:03
clarkbI guess humans won't necessarily know what the tenant is in that case18:03
pabelangerand my github app isn't green18:03
pabelangerI see the following in the github ui: 401: X-Hub-Signature header missing.18:05
clarkbcorvus: flake8 failed on line length18:06
corvuspabelanger: did you create a webhook secret?18:07
pabelangercorvus: yes18:07
tobiashpabelanger: do you test with POST?18:07
pabelangercorvus: oh wait, it is now empty18:07
openstackgerritMerged openstack-infra/zuul master: Add sample systemd service files.  https://review.openstack.org/55883018:08
openstackgerritJames E. Blair proposed openstack-infra/zuul master: Update encrypt_secret to be API aware  https://review.openstack.org/56168118:08
pabelangercorvus: okay, thank you. That was it18:08
pabelangerI some how cleared it18:09
tobiashwith something like https://github.com/travist/jsencrypt we might be able to add secret encryption as a feature to zuul-web at some point in time18:10
tobiashI think that would improve usability especially for unexperienced users18:11
corvus++18:14
tobiashtoday I split out base job and moved log upload into its own protected base-logs job in front of base18:33
tobiashthat made log upload more resilient to retry-limit in our deployment18:34
*** harlowja has joined #zuul18:40
mrhillsmanso the version of gearman by ubuntu source is 1.0.618:45
mrhillsmanlatest is 1.1.1818:45
mrhillsmanwith the latest version18:45
mrhillsman{18:45
mrhillsmanerror_description: "Internal error"18:45
mrhillsman}18:45
mrhillsmanand no zuul-web crashing18:46
mrhillsmansorry, by ubuntu packaging 16.04 is 1.0.618:46
mrhillsman18.04 will install 1.1.1818:46
mrhillsmani was able to compile/install on 16.04 and got the internal error for work_exception and zuul-web still running18:47
pabelangeryah, that is what I see in local setup18:47
pabelangerusing latest gear18:47
mrhillsmanand zuul-web spits out a trace rather than hanging18:48
mrhillsmanhttps://www.irccloud.com/pastebin/LiEhxzTW/18:48
mrhillsmanguess i said all that to say on 18.04 using the packaged version of gearman-job-server will be fine as it relates to WORK_EXCEPTION handling18:50
*** jimi|ansible has joined #zuul18:50
*** jimi|ansible has joined #zuul18:50
clarkbmrhillsman: out of curiousity was there a specific reason to run zuul with external C gearman server?19:04
clarkb(I don't think we tell people to run zuul that way)19:04
*** openstackgerrit has quit IRC19:05
mrhillsmanyes, docs say internal is recommended, but i personally work to keep things separate from an operational experience perspective19:06
clarkbmrhillsman: in that case you can run geard separately19:06
mrhillsmannot my own experience as being better/more than another19:06
mrhillsmani was not aware of geard19:07
mrhillsmandocs just say i needed gearman so me not having any idea what gearman is/was i searched and gearman.org is where i landed with instructions to apt install gearman...19:08
pabelangergeard works well, what I've been tested with recently19:20
mrhillsmanpabelanger where do you get it from?19:25
clarkbmrhillsman: its part of the gear pypi package which installing zuul from source will install for you19:25
mrhillsmanah ok19:25
mrhillsmani was searching and not finding19:26
Shrewsok, i'm not sure i can fix this zuul-web async problem19:26
tobiashpabelanger: does it also work well with encryption?19:27
tobiashpabelanger: having it separated from the scheduler process would be better for me from operational point of view19:28
tobiashSometimes zuul-web hangs when the scheduler (and with it geard) is restarted19:29
Shrewscorvus: i think we have a greater fundamental issue with the gearman handling in zuul-web. It's fundamentally designed to do request->response, so it can't handle more than 1 request at a time. The log streamer solves this by creating a new response object for each request.19:30
Shrewscorvus: So I don't know how to add the async gearman calls without first solving that issue19:31
Shrewstobiash: did you add the gearman code to zuul-web by chance?19:31
tobiashShrews: I don't know anymore, I think most of that work was done by tristanC19:32
pabelangertobiash: I haven't tested, but should know more in the next day. I am running it with SSL19:33
ShrewsI think I'm going to have to enlist the original author with a "PLZ HALP"19:33
Shrewsbut i'm also hoping my understanding of the code is incorrect too19:34
mrhillsmanpabelanger: geard you cannot set the host though right?19:35
mrhillsmani see port option, host is 127.0.0.119:35
pabelangermrhillsman: yah, i think it binds to 0.0.0.0 by default, i've been meaning to push up a change to support a config file and allow for more specific binding19:37
corvuspabelanger: maybe start with a command line option? :)19:37
corvusShrews: i'm not sure i follow; can you point me at the log streaming code you're referencing?19:38
pabelangercorvus: ack19:38
mrhillsmanah i see19:38
mrhillsmanyeah, command line option is needed19:38
corvustobiash, pabelanger: maybe zuul-web hangs because of the async issue Shrews is working on.  let's fix that.19:39
Shrewscorvus: http://git.openstack.org/cgit/openstack-infra/zuul/tree/zuul/web/__init__.py#n12719:39
mrhillsmanit uses systemd to run gearmand :)19:39
mrhillsman i was looking in the code to find where it is hardcoding 127.0.0.1 but maybe it is my server19:39
tobiashcorvus: yes that might be it19:39
corvustobiash, pabelanger: (externalizing the server won't fix the problem, it will just alter when it happens to when the gearman server is restarted)19:40
pabelangerI actually haven't seen an issue myself locally19:41
Shrewscorvus: that code prepares a new response, fulfilling it as it can, allowing other responses to be handled similarly. Looking at the GearmanHandler code, I see no similar mechanism. Eg., http://git.openstack.org/cgit/openstack-infra/zuul/tree/zuul/web/__init__.py#n29319:41
tobiashShrews, corvus: the scheduler makes that more asynchronous and event based right?19:41
pabelangerbut also haven't been testing zuul-web much yet19:41
tobiashMaybe that model also fits for zuul-web19:41
Shrewscorvus: GearmanHandler.processRequest() just returns the web response. So I think that means we are locked into waiting on the response for each request, right?19:43
corvusShrews: yes, but if we 'await' then we service other requents in the interim19:44
Shrewscorvus: but how are the responses to the requests kept synchronized?19:44
clarkbShrews: aiohttp keeps each session straight19:44
corvusyeah, there's still a unique call stack / context for each request.19:45
Shrewsclarkb: oh, is that where the magic is hidden19:45
Shrewsi suppose that makes sense19:45
Shrewsi'm no web dev19:46
corvusit's just like threads, but you have to do all the work yourself instead of having the benefit of 30 years of computer science...nevermind.19:46
corvusShrews: so key_get should be able to, basically, run submitJob in an executor, then await job completion, then return the result19:47
Shrewscorvus: "await job completion" == handleWorkComplete() called, yeah?19:48
corvusShrews: yep -- the missing piece we don't have anywhere yet is having handleWorkComplete throw something on the asyncio loop to indicate that whatever we're "await"ing in key_get is done.19:49
corvusShrews: if that is too much to bite off for now, we can merge the rpcclient.submitJob change -- maybe add a TODO?19:52
Shrewslemme keep poking a bit19:53
*** hasharAway has quit IRC20:01
*** openstackgerrit has joined #zuul20:10
openstackgerritJames E. Blair proposed openstack-infra/zuul master: Update encrypt_secret to be API aware  https://review.openstack.org/56168120:10
openstackgerritJames E. Blair proposed openstack-infra/zuul master: Don't store references to secret objects from jobs  https://review.openstack.org/55359620:12
openstackgerritJames E. Blair proposed openstack-infra/zuul master: Perform late validation of secrets  https://review.openstack.org/55304120:12
openstackgerritJames E. Blair proposed openstack-infra/zuul master: Perform late validation of nodesets  https://review.openstack.org/55308820:12
openstackgerritJames E. Blair proposed openstack-infra/zuul master: WIP: late bind pipelines  https://review.openstack.org/55361820:12
openstackgerritDavid Shrewsbury proposed openstack-infra/zuul master: WIP: Make gearman calls async in ZuulWeb  https://review.openstack.org/56002620:32
*** ssbarnea_ has quit IRC20:44
pabelangerSpamapS: are you also running zuul from a virtualenv? I notice a few of your pastebin showing nodepool20:53
pabelangerSpamapS: if so, did you also put ansible inside a virtualenv? I am guessing you might be using symlinks so bwrap mount is able to find it?20:54
*** harlowja has quit IRC20:55
openstackgerritDavid Shrewsbury proposed openstack-infra/zuul master: Make gearman calls async in ZuulWeb  https://review.openstack.org/56002620:58
corvuspabelanger: if you install ansible into the zuul-executor's venv, it should get it automatically20:59
pabelangercorvus: yes, gets pulled in via requirements, however isn't in the path right now. Currently looking to see why that is20:59
pabelangercorvus: I suspect it is because I don't source venv/bin/activate for the virtualenv, but directly call venv/bin/zuul-executor with service scripts21:01
*** JasonCL has quit IRC21:02
corvuspabelanger: that sounds likely21:04
openstackgerritArun S A G proposed openstack-infra/nodepool master: Do not hardcode zookeeper host to localhost  https://review.openstack.org/56172921:12
*** JasonCL has joined #zuul21:13
openstackgerritArun S A G proposed openstack-infra/nodepool master: Do not hardcode zookeeper host to localhost  https://review.openstack.org/56172921:14
openstackgerritMerged openstack-infra/zuul master: Support regex matching of github status  https://review.openstack.org/56117721:20
openstackgerritMerged openstack-infra/zuul master: docs: add build status documentation  https://review.openstack.org/56148921:28
*** AJaeger has quit IRC22:10
*** AJaeger has joined #zuul22:22
*** jimi|ansible has quit IRC22:25
*** smyers has quit IRC22:26
openstackgerritJames E. Blair proposed openstack-infra/zuul master: Update encrypt_secret to be API aware  https://review.openstack.org/56168122:27
*** smyers has joined #zuul22:28
openstackgerritJames E. Blair proposed openstack-infra/zuul-website-media master: Add license  https://review.openstack.org/56174722:39
openstackgerritJames E. Blair proposed openstack-infra/zuul-website-media master: Add license and zuul.yaml  https://review.openstack.org/56174722:46
*** JasonCL has quit IRC22:50
*** JasonCL has joined #zuul22:52
openstackgerritJames E. Blair proposed openstack-infra/zuul-website master: Merge zuul-website-media when publishing site  https://review.openstack.org/56174922:54
openstackgerritJames E. Blair proposed openstack-infra/zuul-website master: Merge zuul-website-media when publishing site  https://review.openstack.org/56174922:55
openstackgerritJames E. Blair proposed openstack-infra/zuul-website-media master: Run zuul-website jobs  https://review.openstack.org/56175022:56
clarkbI'm going to mention this in this channel too https://review.openstack.org/#/c/561659/2 is an attempt at fixing tox-siblings in zuul-jobs to work with pip1023:16
clarkbwe don't currently see this as a problem on openstack infra because our images still have global pip 9 which is what the jobs are using even if tox installs pip1023:16
clarkbso this both fixes needing an external pip to do tox-siblings and addresses the lack of public api in the pip10 code for this23:16
SpamapSpabelanger: yes, and yes23:29
*** dkranz has quit IRC23:38
*** rlandy has quit IRC23:40
« Sunday, 2018-04-15 Index Tuesday, 2018-04-17 »

Generated by irclog2html.py 2.15.3 by Marius Gedminas - find it at mg.pov.lt!