| -@gerrit:opendev.org- James E. Blair https://matrix.to/#/@jim:acmegating.com proposed: [zuul/nodepool] 926221: Avoid recursive delete in forceUnlockNode https://review.opendev.org/c/zuul/nodepool/+/926221 | 01:02 | |
| -@gerrit:opendev.org- James E. Blair https://matrix.to/#/@jim:acmegating.com proposed: [zuul/zuul] 926241: Add image-build-name job attribute https://review.opendev.org/c/zuul/zuul/+/926241 | 13:51 | |
| -@gerrit:opendev.org- Jan Gutter proposed: [zuul/zuul-operator] 924748: CI Fixes and dependency updates https://review.opendev.org/c/zuul/zuul-operator/+/924748 | 14:37 | |
| -@gerrit:opendev.org- Jan Gutter proposed: [zuul/zuul-operator] 924748: CI Fixes and dependency updates https://review.opendev.org/c/zuul/zuul-operator/+/924748 | 14:41 | |
| -@gerrit:opendev.org- Jan Gutter proposed: [zuul/zuul-operator] 924748: CI Fixes and dependency updates https://review.opendev.org/c/zuul/zuul-operator/+/924748 | 15:18 | |
| -@gerrit:opendev.org- Jan Gutter proposed: [zuul/zuul-operator] 924748: CI Fixes and dependency updates https://review.opendev.org/c/zuul/zuul-operator/+/924748 | 16:23 | |
| @sdodsley:matrix.org | I have a strange thing happening with nodepool nodes. I have two networks that are being attached to the nodepool nodes, but IP address shown in `nodepool list` is not the primary port, but the secondary port. The secondary ports are a private network that nodepool can't reach so they stay as `locked`, however if I add a route to the private netwrok the nodes become `unlocked`. | 16:32 |
|---|---|---|
| Is there a way to define which IP address/port nodepool uses in `nodepool list`? | ||
| @fungicide:matrix.org | > <@sdodsley:matrix.org> I have a strange thing happening with nodepool nodes. I have two networks that are being attached to the nodepool nodes, but IP address shown in `nodepool list` is not the primary port, but the secondary port. The secondary ports are a private network that nodepool can't reach so they stay as `locked`, however if I add a route to the private netwrok the nodes become `unlocked`. | 16:46 |
| > Is there a way to define which IP address/port nodepool uses in `nodepool list`? | ||
| which driver? | ||
| @sdodsley:matrix.org | fungi: not being a nodepool 'person' i'm not sure i know what you mean by driver in this instance | 16:48 |
| @fungicide:matrix.org | aws, kubernetes, openstack... | 16:48 |
| @sdodsley:matrix.org | openstack | 16:48 |
| @fungicide:matrix.org | i think the openstack driver expects one of the networks to be identified as "public" but i'm digging into the documentation now to find a good reference | 16:49 |
| @sdodsley:matrix.org | i have the provate network set as External: No and the main network as External: yes, but both are 'shared' | 16:50 |
| @fungicide:matrix.org | the way we originally designed it, we had zuul executors connecting over the internet to launched "nodes" (nova virtual server instances) in a variety of openstack public clouds, and in some of those clouds the nodes came up with more than one attached network by default, so nodepool wanted to make sure to tell zuul which address was the "public" on that the executors would be able to reach | 16:51 |
| @fungicide:matrix.org | ah, yes we call it "external" now, i guess | 16:52 |
| @clarkb:matrix.org | yes openstacksdk is supposed to figure this out automatically if you've properly set neutron network settings. I don't know what the correct combo is without reading the code though. That said you can mark in your clouds.yaml which networks to attach set set whether things are externally routable there. Our nodepool clouds.yaml config for openmetal is an example of this | 16:53 |
| @fungicide:matrix.org | https://opendev.org/opendev/system-config/src/branch/master/playbooks/templates/clouds/nodepool_clouds.yaml.j2#L135 | 16:57 |
| @fungicide:matrix.org | https://docs.openstack.org/openstacksdk/latest/user/config/network-config.html | 17:03 |
| @fungicide:matrix.org | that covers the setting for the openstack sdk | 17:04 |
| @sdodsley:matrix.org | thank you. i'll check those out | 17:04 |
| -@gerrit:opendev.org- Jan Gutter proposed: [zuul/zuul-operator] 924748: CI Fixes and dependency updates https://review.opendev.org/c/zuul/zuul-operator/+/924748 | 17:29 | |
| -@gerrit:opendev.org- James E. Blair https://matrix.to/#/@jim:acmegating.com proposed: [zuul/zuul] 926348: Add image upload records https://review.opendev.org/c/zuul/zuul/+/926348 | 17:32 | |
| -@gerrit:opendev.org- Jan Gutter proposed: [zuul/zuul-operator] 924748: CI Fixes and dependency updates https://review.opendev.org/c/zuul/zuul-operator/+/924748 | 18:00 | |
| @jangutter:matrix.org | Hiya folks, in case anyone's interested in the zuul-operator: I finally got a setup with minikube+podman+cri-o, using the correct config for the buildset registry. Currently something seems to be failing with the DB operator - I see oom events for mysqld, which makes me suspect that I'm hitting some default memory limit. I don't see them in our centos 9 stream setup, but it's got more RAM. I still have some ideas, but if someone's proficient in k8s debugging, it would be much appreciated, as this is a relatively new area to me. | 19:04 |
| Note that this is a very experimental setup - podman + cri-o in minikube is classed as 'experimental' (which is theoretically a bit more well defined as the current 'none + cri-o' mode.) | ||
| Here are the logs for anyone curious: | ||
| https://zuul.opendev.org/t/zuul/build/39c4fc43ecd24649aa3151c2f4dad821/logs | ||
| -@gerrit:opendev.org- Jan Gutter proposed: [zuul/zuul-jobs] 924970: [wip] Update ensure-kubernetes with podman support https://review.opendev.org/c/zuul/zuul-jobs/+/924970 | 19:32 | |
| -@gerrit:opendev.org- Jan Gutter proposed: [zuul/zuul-operator] 924748: CI Fixes and dependency updates https://review.opendev.org/c/zuul/zuul-operator/+/924748 | 19:33 | |
| -@gerrit:opendev.org- Jan Gutter proposed: [zuul/zuul-jobs] 924970: [wip] Update ensure-kubernetes with podman support https://review.opendev.org/c/zuul/zuul-jobs/+/924970 | 19:39 | |
| -@gerrit:opendev.org- Jan Gutter proposed: [zuul/zuul-jobs] 924970: [wip] Update ensure-kubernetes with podman support https://review.opendev.org/c/zuul/zuul-jobs/+/924970 | 19:54 | |
| @jangutter:matrix.org | Hah, turns out it WAS memory limit! | 20:23 |
| @clarkb:matrix.org | has anyone else had problems starting the executor container via quickstart? podman is reporting errors like "Unable to restart a container in a paused or unknown state: container state improper" | 20:52 |
| @clarkb:matrix.org | I'm wondering if it is related to being privileged: true in the docker compose file | 20:52 |
| @clarkb:matrix.org | hrm starting containers again seems to have gotten it working. I wonder if it is a startup race | 20:55 |
| -@gerrit:opendev.org- Clark Boylan proposed: [zuul/zuul] 926358: Be more explicit about quickstart container deps https://review.opendev.org/c/zuul/zuul/+/926358 | 21:20 | |
| @clarkb:matrix.org | This seems to resolve the issue for me when starting from scratch | 21:20 |
| @clarkb:matrix.org | Separately, what is everyone's preferred method to "turn things off" in quickstart? Is it just `podman-compose -p zuul-tutorial stop` and then later `podman-compose -p zuul-tutorial up`? The up command seems to complain when it is run against an existing setup but then everything seems to work despite the reported errors. I think this must just be a bug in podman-compose | 21:29 |
| @jim:acmegating.com | Clark: that seems strange; i wonder if removing the deps would also work. i'm not sure they do anything useful. | 21:30 |
| @clarkb:matrix.org | corvus: I think the most useful thing the deps do is when starting a container it should ensure any other deps are started too | 21:32 |
| @clarkb:matrix.org | if you are targetting specific containers with up/start commands | 21:32 |
| @jim:acmegating.com | we don't instruct folks to do that in the tutorial, so still fair game i'd say (i don't feel strongly about this, just think that simpler might be better) | 21:34 |
| @jim:acmegating.com | re down: the playbook and quickstart both have down commands | 21:34 |
| @jim:acmegating.com | * re down: the playbook and the follow-on tutorials both have down commands you can reference | 21:35 |
| @jim:acmegating.com | https://zuul-ci.org/docs/zuul/latest/tutorials/tracing.html#restart-zuul-containers | 21:36 |
| @jim:acmegating.com | `sudo -E podman-compose -p zuul-tutorial stop` | 21:36 |
| @clarkb:matrix.org | I think the automated testing does but quickstart doesn't. Oh you just updated your message ya | 21:36 |
| @clarkb:matrix.org | thats itneresting we don't use sudo in the main tutorial | 21:37 |
| @jim:acmegating.com | probably shouldn't there too | 21:37 |
| @jim:acmegating.com | https://zuul-ci.org/docs/zuul/latest/tutorials/keycloak.html has it too | 21:37 |
| @clarkb:matrix.org | ya I suspect that may end up creating container artificats for both root and your regular user. It may all still work since the network is the integration point for those objects but it may be weird | 21:38 |
| @jim:acmegating.com | would be good to double check that the playbook is not using it, then fix the docs if so | 21:39 |
| @jim:acmegating.com | * would be good to double check that the playbook is not using sudo, then fix the docs if so | 21:39 |
| @clarkb:matrix.org | the only use of become I see in playbooks/tutorial is for installing git-review. | 21:41 |
| @clarkb:matrix.org | and sudo does not appear either so ya I think we can safely remove the use of sudo from those two docs. Should I write that change or did you want to? | 21:41 |
| @clarkb:matrix.org | this is neat. I suspended my laptop with running quickstart and either during the suspect or resume hit filesystem/disk issues with things not being ready and it got remounted read only. I wonder if having all those extra services running was the trick to trip that | 21:45 |
| @jim:acmegating.com | Clark: feel free to write it and i'll be happy to review | 21:47 |
| @clarkb:matrix.org | ok I'm going to restore things on my laptop and see about removing dependencies to check the assumption that will work | 21:47 |
| @clarkb:matrix.org | removign depends on from the various zuul services does seem to work. I'll propose that as well as a change to remove sudo for podman-compose just as soon as I can write those updates | 21:53 |
| -@gerrit:opendev.org- Clark Boylan proposed: | 22:02 | |
| - [zuul/zuul] 926358: Remove unneeded depends_on from Zuul quickstart containers https://review.opendev.org/c/zuul/zuul/+/926358 | ||
| - [zuul/zuul] 926359: Drop use of sudo podman-compose from quickstart tutorials https://review.opendev.org/c/zuul/zuul/+/926359 | ||
| -@gerrit:opendev.org- Jan Gutter proposed: [zuul/zuul-operator] 924748: CI Fixes and dependency updates https://review.opendev.org/c/zuul/zuul-operator/+/924748 | 22:34 | |
| -@gerrit:opendev.org- James E. Blair https://matrix.to/#/@jim:acmegating.com proposed: [zuul/zuul] 926362: Add image upload framework https://review.opendev.org/c/zuul/zuul/+/926362 | 22:44 | |
| -@gerrit:opendev.org- James E. Blair https://matrix.to/#/@jim:acmegating.com proposed: [zuul/nodepool] 926363: Add extra safety to metastatic bnr cleanup https://review.opendev.org/c/zuul/nodepool/+/926363 | 23:22 | |
Generated by irclog2html.py 2.17.3 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!