Wednesday, 2019-05-22

« Tuesday, 2019-05-21 Index Thursday, 2019-05-23 »
*** altlogbot_2 has quit IRC00:10
*** altlogbot_0 has joined #zuul00:13
*** mattw4 has quit IRC00:20
*** mattw4 has joined #zuul00:20
*** mattw4 has quit IRC00:25
*** saneax has joined #zuul01:30
*** rlandy has joined #zuul02:06
*** rlandy has quit IRC02:15
*** jamesmcarthur has joined #zuul02:50
*** saneax has quit IRC03:06
*** bhavikdbavishi has joined #zuul03:08
*** bhavikdbavishi1 has joined #zuul03:31
*** bhavikdbavishi has quit IRC03:32
*** bhavikdbavishi1 is now known as bhavikdbavishi03:32
*** jamesmcarthur has quit IRC03:45
*** jamesmcarthur has joined #zuul04:04
*** jamesmcarthur has quit IRC04:06
*** nickx-intel has joined #zuul04:28
*** nickx-intel is now known as nickx04:30
*** nickx is now known as nicks04:31
*** nicks is now known as nick_x04:31
*** nick_x has quit IRC04:33
*** nick_x has joined #zuul04:41
openstackgerritMerged zuul/zuul master: pass-to-parent: Fix passing multiple secrets to parent  https://review.opendev.org/66010504:51
*** nick_x has quit IRC05:05
*** raukadah is now known as chandankumar05:44
*** saneax has joined #zuul06:05
*** themr0c has joined #zuul06:50
openstackgerritTristan Cacqueray proposed zuul/zuul master: web: remove SafeLoader left-over from ZuulJSONEncoder  https://review.opendev.org/65902607:03
*** hashar has joined #zuul07:13
*** pcaruana has joined #zuul07:17
openstackgerritMerged zuul/zuul-jobs master: add-build-sshkey: remove previously authorized build-sshkey  https://review.opendev.org/63262007:36
*** saneax has quit IRC07:36
*** jpena|off is now known as jpena07:44
*** bhavikdbavishi has quit IRC07:44
*** hashar has quit IRC07:48
*** hashar has joined #zuul07:48
*** jangutter has joined #zuul07:56
*** jangutter has quit IRC08:03
*** themr0c has quit IRC08:07
*** jangutter has joined #zuul08:08
*** jangutter has quit IRC08:13
*** swest has joined #zuul08:18
*** jangutter has joined #zuul08:20
openstackgerritLuigi Toscano proposed zuul/zuul-jobs master: stage-output: fix dotfiles handling  https://review.opendev.org/64865808:23
*** swest has quit IRC08:23
openstackgerritLuigi Toscano proposed zuul/zuul-jobs master: stage-output: fix dotfiles handling  https://review.opendev.org/64865808:25
*** bhavikdbavishi has joined #zuul08:31
*** gtema has joined #zuul08:32
*** panda is now known as panda|rover08:50
*** markwork__ has joined #zuul08:52
*** electrofelix has joined #zuul09:00
*** saneax has joined #zuul09:03
*** markwork__ is now known as ofosos09:10
*** hashar has quit IRC09:46
*** flaper87 has quit IRC09:48
*** bhavikdbavishi has quit IRC10:23
*** bhavikdbavishi has joined #zuul10:23
*** bhavikdbavishi has quit IRC10:28
*** bhavikdbavishi has joined #zuul10:43
*** gtema has quit IRC10:58
*** toabctl has joined #zuul10:58
*** panda|rover is now known as panda|rover|eat11:16
openstackgerritMark Meyer proposed zuul/zuul master: Upgrade formatting of the patch series.  https://review.opendev.org/66068311:27
*** jpena is now known as jpena|lunch11:31
*** sshnaidm|afk is now known as sshnaidm11:35
*** rfolco is now known as rfolco|dentist11:39
*** themroc has joined #zuul11:41
*** bhavikdbavishi has quit IRC11:49
*** bhavikdbavishi has joined #zuul11:51
*** gtema has joined #zuul11:55
*** bhavikdbavishi has quit IRC11:56
*** rlandy has joined #zuul11:57
*** panda|rover|eat is now known as panda|rover12:06
*** hashar has joined #zuul12:15
*** jpena|lunch is now known as jpena12:33
*** persia has quit IRC12:34
*** persia has joined #zuul12:35
*** bhavikdbavishi has joined #zuul12:52
*** jamesmcarthur has joined #zuul12:54
*** flepied has joined #zuul12:58
*** themroc has quit IRC13:05
*** bhavikdbavishi has quit IRC13:10
*** rfolco|dentist is now known as rfolco13:29
*** jamesmcarthur has quit IRC14:16
*** jamesmcarthur has joined #zuul14:18
*** jamesmcarthur has quit IRC14:20
openstackgerritFabien Boucher proposed zuul/zuul master: Pagure driver - https://pagure.io/pagure/  https://review.opendev.org/60440414:29
*** hashar has quit IRC14:30
dmsimardheads up: I've somehow missed a significant regression in ARA with Ansible 2.8, documented the issue here while I work on a fix: https://github.com/ansible-community/ara/issues/4614:36
dmsimardDue to the nature of the change, there's a good chance that the Zuul callback(s) are impacted as well14:36
dmsimardtl;dr, some things are no longer None or [], they're now some new Sentinel class objects: http://paste.openstack.org/raw/751936/14:37
*** jamesmcarthur has joined #zuul14:41
*** jamesmcarthur has quit IRC14:41
*** jamesmcarthur has joined #zuul14:42
*** saneax has quit IRC14:44
*** saneax has joined #zuul14:44
pabelangerdmsimard: thanks for heads up, I actually wanted to start using 2.8 for zuul.opendev.org soon, cc clarkb. I have some spare cycles to help with that14:59
fungigood to know, since we haven't upped our default yet15:02
*** saneax has quit IRC15:21
openstackgerritTobias Henkel proposed zuul/zuul master: Annotate builds with event id  https://review.opendev.org/65889515:25
mrhillsmanis there already a way to see which node a job is running on?15:28
corvusmrhillsman: as a user, only if the job includes a role that outputs that info (in opendev, ours do -- there's a standard role for that in zuul-jobs)15:28
mrhillsmanfrom the dashboard15:28
mrhillsmanok cool, ty sir15:29
*** hashar has joined #zuul15:32
*** gtema has quit IRC15:34
*** nhicher has quit IRC15:35
*** fbo_ has quit IRC15:37
*** flepied has quit IRC15:41
*** jpena is now known as jpena|off16:02
*** pwhalen has joined #zuul16:03
*** jangutter has quit IRC16:05
*** themroc has joined #zuul16:16
pabelangermordred: in clouds.yaml, for nodepool, is there a way to not ask for a FIP, if a network is able to assign one?16:21
pabelangerfor example, we have a cloud where they can give us one, but because this is a 2nd network we don't actually need to use it16:21
*** jpena|off is now known as jpena16:22
*** themroc has quit IRC16:23
pabelangermordred: I think nat_destination: false, is the setting?16:25
mordredpabelanger: I'd use floating_ip_source: None16:26
pabelangermordred: ack, thanks16:26
*** hashar has quit IRC16:30
*** mattw4 has joined #zuul16:39
openstackgerritFabien Boucher proposed zuul/zuul master: Pagure driver - https://pagure.io/pagure/  https://review.opendev.org/60440416:40
openstackgerritMerged zuul/zuul master: Install latest git-review from PyPI in quickstart  https://review.opendev.org/65967416:57
openstackgerritMerged zuul/zuul-jobs master: Delete files in dest that don't exist  https://review.opendev.org/64881517:01
pabelangerso, I'm not sure if github.com is having issues with their event system, we've seen a large lag in the last few days (upwards of 10mins)17:05
pabelangeror if related to adding our github app to ansible/ansible repo17:05
pabelangerbut actions on PRs seem to be lagging for sure17:06
*** electrofelix has quit IRC17:10
*** chandankumar is now known as raukadah17:14
pabelangerokay, looks to be github issue17:15
pabelangersorry for noise17:15
*** bhavikdbavishi has joined #zuul17:15
Shrewsmordred: back to your autohold admin complaints, would the api proposed in http://paste.openstack.org/show/751950/ make it a more pleasant experience?17:15
*** jpena is now known as jpena|off17:17
*** themroc has joined #zuul17:23
mordredShrews: yes - I think I would like that17:25
Shrewsmordred: cool. that would definitely require storing autohold info in zookeeper rather than in memory. corvus should perhaps weigh in on such a change.17:30
corvusShrews: that looks nice17:34
corvusmordred: going back to the convo from earlier -- one other thing that can be helpful is to set the hold expiration duration -- so you can set it to a day or something and they will automatically be deleted17:34
mordred++17:35
corvus(i think opendev should update our systems to default to 1 day, we currently default to no expiration)17:35
Shrewscorvus: agreed. that would at least force folks to think about how long they are around17:35
Shrewsrather than set and forget17:36
*** themroc has quit IRC18:02
*** nhicher has joined #zuul18:05
*** jamesmcarthur has quit IRC18:38
*** bhavikdbavishi has quit IRC18:41
fungipabelanger: be aware of the lag in processing github events for pull requests on projects with many open pull requests, since the scheduler has to basically query the entire set to figure out which one has a match with a given git ref18:43
*** flepied has joined #zuul18:43
openstackgerritFabien Boucher proposed zuul/zuul master: Pagure driver - https://pagure.io/pagure/  https://review.opendev.org/60440418:43
fungipabelanger: those can pile up too if there are a lot of events in a short timeframe18:43
*** sshnaidm is now known as sshnaidm|afk18:45
tobiashcorvus: do you want to wait with 658889 until there is the nodepool part?18:51
openstackgerritTobias Henkel proposed zuul/zuul master: Log github requests with annotated events  https://review.opendev.org/66080018:57
tobiashpabelanger: this might help analysing github request lag ^18:57
pabelangerfungi: yah, so far we haven't seen that. Mostly delayed events, at first I was thinking because there was much more events coming in, due to ansible/ansible but seems just to be github issue atm19:00
pabelangertobiash: looking19:00
fungipabelanger: the github event processing has its own queue, separate from the scheduler's normal event queue19:03
tobiashand it serially processes each event19:03
tobiashso if the event processing is slow the events can queue up19:04
tobiashand 660800 could help to find further potential optimizations in that area19:04
* SpamapS wonders how long github's webhook queue is19:09
pabelangerI'd guess 2-3 hours19:10
pabelangerhad some old events show up for zuul.a.c19:11
openstackgerritTobias Henkel proposed zuul/zuul master: Log github requests with annotated events  https://review.opendev.org/66080019:12
openstackgerritTobias Henkel proposed zuul/zuul master: Annotate logs around build completion and cancellation  https://review.opendev.org/66080619:12
*** EmilienM is now known as EmilienM|bbl19:15
*** EmilienM|bbl is now known as EmilienM19:16
*** flaper87 has joined #zuul19:21
flaper87in the docker-compose example, I see the executor container is run with `priviledge: true`. Can someone provide more details on why that's needed?19:22
fungithe executor wants to sandbox ansible forks inside bubblewrap, and needs to bindmount some trees into the bubblewrap chroot... also probably sets some capabilities on it?19:23
pabelangeryah, because of bubble wrap19:24
fungibasically we don't want arbitrary ansible plugins to be able to do things in the greater context of the executor itself19:24
pabelangerflaper87: which means, in some COE (eg: openshift) it is harder to run zuul-executor19:24
pabelangeryou have to disable some security stuff on openshift side19:24
pabelangerbut is doeable, tobiash does it19:25
pabelangerdoable*19:25
fungii guess the alternative was to design the executor to interact with a coe to fork ansible processes inside coe-managed containers, but that would add lots of complexity and probably lock-in to some specific coes19:25
flaper87pabelanger: that's why I'm asking19:26
flaper87I'm running this thing on k8s now and I was wondering if I could avoid that19:26
flaper87sounds like I can't19:26
* flaper87 runs this container as priviledge19:26
fungibasically, the zuul executor is a very basic container orchestration engine19:27
fungiso trying to layer it onto another coe would take a bit of work19:27
pabelangerflaper87: yah, for now, can't. however, I believe there is a longer term plan to see how we can drop privileged. I believe mordred talked with some k8s folks about it19:27
pabelangeror coreos19:27
tobiashflaper87: theoretically you cpuld avoid it if you enable unprivileged user namespace s in your cluster19:27
*** jamesmcarthur has joined #zuul19:39
corvustobiash: we can merge 658889 now.  i only didn't +3 because i was on the plane19:42
flaper87In the docker-compose example, the playbooks dir is bindmounted in the container. IIUC, that is only needed for the example and it shouldn't be needed for a production environment. Is that correct?19:45
tobiashcorvus: thanks, how was your flight?19:45
corvustobiash: bleh.19:45
corvustobiash: it's over and i'm home, which is nice.  :)19:46
tobiash:)19:48
fungihome is always better than being on an airplane, in my experience19:55
pabelangertobiash: heh, managed to just see this github exception: http://paste.openstack.org/show/751955/19:58
tobiashwhoops19:59
fungineat!19:59
fungii think we knew that could happen, but yeah hard to know how to deal with it19:59
tobiashbut this cannot be avoided19:59
pabelangertrying to see which event it was from20:00
fungigerrit actually won't allow two changes to have patchsets with the same commit hash20:00
pabelangeryah, can't tell from scheduler log20:02
flaper87tobiash: did you store the db credentials in a secret? I was thinking to create a secret with a zuul.conf file that contained the db section and pass that to the zuul binaries (assuming multiple config files can be passed)20:03
pabelangerwould need to look at github app20:03
corvusflaper87: only one zuul.conf is supported20:03
pabelangerSpamapS: looks like still about 1hr delay on github events20:04
tobiashflaper87: we compose the zuul.conf from multiple configmaps and secrets in the boot script during container startup20:04
corvusflaper87: you may also be interested in this effort which we are starting: https://review.opendev.org/65918020:05
tobiashcorvus: thanks for the reminder, I should give that a review too :)20:05
flaper87corvus: oh, I am. Hope to be able to contribute to that soon.20:06
flaper87tobiash: is that script public? :P20:06
tobiashflaper87: not yet as it's tailored specifically to our deployment, but it's very easy to do so using configparser20:08
tobiashor we might want to add config dir support in zuul (which is easy too)20:09
flaper87adding config dir support would be awesome!20:11
pabelangeryah, I'd review that patch :)20:15
pabelangerright now my zuul.conf is also templated a lot20:15
*** pcaruana has quit IRC20:20
corvustobiash, clarkb: http://cacti.openstack.org/cacti/graph.php?action=zoom&local_graph_id=64792&rra_id=2&view_type=&graph_start=1558024599&graph_end=1558555158&graph_height=120&graph_width=500&title_font_size=1220:29
tobiashcorvus: that looks bad20:30
corvusthat's since the last restart -- so something happened at 14:00ish on 21 may *without* a restart20:30
corvus(the last restart was on 16 may)20:30
openstackgerritDirk Mueller proposed zuul/zuul-jobs master: Switch to TOX_CONSTRAINTS_FILE  https://review.opendev.org/65788620:31
corvusShrews: ^ fyi20:31
pabelangereep (cacti)20:36
*** mattw4 has quit IRC20:39
*** mattw4 has joined #zuul20:40
dmsimardara 0.16.4 is tagged to address the regression with ansible 2.820:57
dmsimardflaper87: oh hai, fancy seeing you here <320:58
flaper87dmsimard: hey hey! yeah, zuuling my way through this world <320:58
* mordred zuuls flaper87 and dmsimard21:02
mordredflaper87, pabelanger: having now read scrollback - my takeaway from taking to people about the priv/unpriv thing is that we essentially need the same things that projects like buildah and podman need to be able to run rootless inside of a container (user namespaces as tobiash mentioned - as well as some other capability change somewhere) ... which is to say - there are a set of people working on a parallel21:13
mordredproblem who want/need to solve it and who I believe are working through the issues21:13
mordredSO21:13
mordredwe **should** end up in a place where we can drop privileged needs with little work of our own :)21:13
*** flepied has quit IRC21:22
*** jamesmcarthur has quit IRC21:26
*** mattw4 has quit IRC21:41
*** mattw4 has joined #zuul21:42
*** jamesmcarthur has joined #zuul21:45
*** rlandy is now known as rlandy|bbl21:59
openstackgerritMerged zuul/zuul master: Annotate node request processing with event id  https://review.opendev.org/65888922:04
*** jamesmcarthur has quit IRC22:26
*** mattw4 has quit IRC23:26
openstackgerritTristan Cacqueray proposed zuul/zuul master: Skip file matcher for pipeline using timer trigger  https://review.opendev.org/66085623:33
openstackgerritTristan Cacqueray proposed zuul/zuul master: ansible-config: pin ara to <1.0.0  https://review.opendev.org/66085923:38
« Tuesday, 2019-05-21 Index Thursday, 2019-05-23 »

Generated by irclog2html.py 2.15.3 by Marius Gedminas - find it at mg.pov.lt!