| @joao15130:matrix.org | Current config is | 06:29 |
|---|---|---|
| ``` | ||
| root@zuul:~# podman ps | grep zuul_web | ||
| fc384b078ed1 quay.io/zuul-ci/zuul-web:latest sh -c /var/playbo... 2 days ago Up 2 days 0.0.0.0:9000->9000/tcp zuul_web_1 | ||
| ``` | ||
| But my question is how can we tell Zuul to return another URL than the IP of the host on which the zuul-web service is deployed to Gerrit? | ||
| @boha:matrix.org | Hi, I need an advice regarding a config_error. We had a branch with two jobs depending on each other, but one of them was omitted which resulted in config_error "unable to freeze job...". I think a commit disabling the periodic job was force-pushed to completely disable the periodic job, but somehow the scheduler still reports config_error. Is there somewhere in the scheduler the new commit is not updated? | 06:36 |
| @boha:matrix.org | I have tried pushing a new commit the correct way through gerrit afterwards, but the config error still persists. | 06:38 |
| -@gerrit:opendev.org- Dong Zhang proposed: [zuul/zuul] 948316: Make '--tenant' optional in create-auth-token command https://review.opendev.org/c/zuul/zuul/+/948316 | 08:38 | |
| -@gerrit:opendev.org- Dong Zhang proposed: [zuul/zuul] 948316: Make '--tenant' optional in create-auth-token command https://review.opendev.org/c/zuul/zuul/+/948316 | 12:55 | |
| @fungicide:matrix.org | boha: if the configuration change was merged in such a way that zuul didn't receive any events about it from the source connection, you'll want to do a full-reconfigure or tenant-reconfigure https://zuul-ci.org/docs/zuul/latest/operation.html#reconfiguration | 12:57 |
| @joao15130:matrix.org | any idea how can I achieve it with a reverse proxy as suggested by fungi ? | 13:08 |
| @mhuin:matrix.org | since {change} has been removed with v12.0.0 in reporter message templating, is this example still valid? https://zuul-ci.org/docs/zuul/latest/drivers/smtp.html#reporter-configuration and if not, what is the replacement? | 13:25 |
| @fungicide:matrix.org | joao15130: i'm not sure what you're missing. if you have the zuul-web process listening on 9000/tcp then put a rverse-proxy in your dmz listening on 443/tcp and have it forward requests to 9000/tcp on the zuul-web server. in opendev we actually have a series of reverse-proxies between clients and zuul-web: apache forwarding 443 to 9000 locally on the servers where zuul-web is running, and then a separate haproxy server which distributes browser requests for 443 to the apache listening on 443 on our zuul-web servers | 14:05 |
| -@gerrit:opendev.org- Simon Westphahl proposed: [zuul/zuul] 948327: Fix include-vars multiple inheritance behavior https://review.opendev.org/c/zuul/zuul/+/948327 | 14:11 | |
| @fungicide:matrix.org | when you browse https://zuul.opendev.org/ that's a cname in dns to our haproxy server (zuul-lb02.opendev.org) which listens on 443/tcp and then distributes your connection to an apache service on one of our zuul-web servers (zuul01.opendev.org or zuul02.opendev.org), then apache running on those servers forwards those requests from 443/tcp to 9000/tcp on localhost which is the actual zuul-web process. we do that mainly so that we can add some caching to improve performance and take a bit of load off the zuul-web process | 14:17 |
| @clarkb:matrix.org | Looking at https://opendev.org/zuul/zuul/src/branch/master/zuul/driver/smtp/smtpreporter.py#L44-L52 it seems the example should still be valid | 14:54 |
| @mhuin:matrix.org | that looks like a bug to me, if I understand the changelog correctly: `The web.status_url configuration option is no longer supported and using the status_url, change and changes string substitutions in pipeline reporter messages will result in an error.` | 14:56 |
| @clarkb:matrix.org | yes, it may have been an oversight I'm not sure | 14:57 |
| @mhuin:matrix.org | yeah I'm not sure it can work as intended https://review.opendev.org/c/zuul/zuul/+/943385/7/zuul/reporter/__init__.py | 14:59 |
| @clarkb:matrix.org | mhu: I am aware of the change but I don't think it would break the code I linked. item is still available in the cleaned up code and that is what smtpreporter uses | 15:00 |
| @mhuin:matrix.org | then this is a bit confusing, is `{change}` still usable or not? | 15:01 |
| @mhuin:matrix.org | * then this is a bit confusing, is `{change}` in a message template still usable or not? | 15:02 |
| @clarkb:matrix.org | mhu the code I linked is specific to the smtp reporter email subject handling which is what your example is for | 15:02 |
| @clarkb:matrix.org | I don't think it is valid anywhere else | 15:03 |
| @mhuin:matrix.org | but the smtp reporter is a pipeline reporter right? | 15:03 |
| @clarkb:matrix.org | yes | 15:04 |
| @mhuin:matrix.org | it's not a big deal obviously, but I was doing some pipeline cleanup after upgrading to 12.0.0 and this got me scratching my head a bit | 15:05 |
| @clarkb:matrix.org | Basically I think the email subject is a special case (because it has its own string format code whcih I linked). As long as that string format code provides a change key then you can format the change into the subject | 15:15 |
| @clarkb:matrix.org | whether or not that should've been cleaned up as part of the prior change I'm not sure | 15:15 |
| @clarkb:matrix.org | I think the primary idea was to zuul to report back to its web ui for a consistent reporting experience which the subject line providing change info does not interfere with | 15:17 |
| @mhuin:matrix.org | okay that makes sense, even if a bit odd IMHO. I need to check again but IIRC the doc doesn't explain what keywords are actually available for templating | 15:19 |
| @joao15130:matrix.org | I see and it should be pretty straghtforward to configure. | 15:41 |
| However, when the URL of the build is sent back to gerrit, it comes with the IP of our internal dashboard. | ||
| As a user if I click on the link provided by Gerrit, I'll be sent over the Zuul Internal IP but not the server in my DMZ. | ||
| @joao15130:matrix.org | As you can see below: | 15:42 |
| ``` | ||
| Dell Openstack CI | ||
| Build failed (check pipeline). | ||
| http://10.228.225.16:9000/t/openstack/buildset/4daf1ab2d4734ba18d53529bf78ce74b | ||
| powerflex-v4-cinder-tempest http://10.228.225.16:9000/t/openstack/build/818ef79d8c7e4e338aa4d5ce37534d1f : SUCCESS in 1h 48m 44s | ||
| ``` | ||
| @joao15130:matrix.org | this is what the URL looks like in Gerrit | 15:42 |
| @joao15130:matrix.org | but this is not the IP of my DMZ server since zuul-web is serving on the internal network but not on the DMZ | 15:43 |
| @fungicide:matrix.org | you'll want to have the domain name of your proxy that listens on 443/tcp in the url instead, like https://powerflex-cinder-ci.dell.com/t/openstack/build/818ef79d8c7e4e338aa4d5ce37534d1f ... | 15:43 |
| @fungicide:matrix.org | i would never use raw ip addresses for urls you expect users to click | 15:44 |
| @joao15130:matrix.org | Yes! | 15:44 |
| @joao15130:matrix.org | It makes sense, so how do I return to Gerrit individual cname like the one you provided above? | 15:45 |
| @joao15130:matrix.org | keep in mind that we have multiple storage CI running under the same Zuul instance | 15:46 |
| @joao15130:matrix.org | so for example, we'll need cname like powerflex-cinder-ci.dell.com, powerstore-cinder-ci.dell.com and so on | 15:47 |
| @fungicide:matrix.org | joao15130: well, to configure the urls to use in reporting things you need to adjust the [web] section of the zuul.conf, like https://opendev.org/opendev/system-config/src/branch/master/playbooks/roles/zuul/templates/zuul.conf.j2#L54-L55 | 15:50 |
| @fungicide:matrix.org | see https://zuul-ci.org/docs/zuul/latest/configuration.html for zuul.conf documentation | 15:50 |
| @fungicide:matrix.org | it'll probably be easier if you just use a single hostname for all the different third-party ci accounts, zuul will report the correct urls for each buildset without needing to worry about using separate per-tenant hostnames | 15:52 |
| @joao15130:matrix.org | ok so basically, what we can have is setting the cname to dell-cinder-ci.dell.com | 15:52 |
| @joao15130:matrix.org | and set this url in status_url and root? | 15:52 |
| @fungicide:matrix.org | yes | 15:53 |
| @joao15130:matrix.org | ok | 15:53 |
| @joao15130:matrix.org | can you just explain in a few words the difference between status_url and root parameters? | 15:53 |
| @fungicide:matrix.org | i got disconnected briefly so not sure if my link to the zuul config documentation went through to the channel, but https://zuul-ci.org/docs/zuul/latest/configuration.html to reiterate | 15:54 |
| @joao15130:matrix.org | I do see web.root description but nothing related to status_url | 15:55 |
| @fungicide:matrix.org | joao15130: oh, you no longer need status_url as of zuul 12.0.0, see the upgrade notes: https://zuul-ci.org/docs/zuul/latest/releasenotes.html#relnotes-12-0-0 | 15:57 |
| @fungicide:matrix.org | we just haven't cleaned up our config yet, so web.root is the only relevant setting now in latest zuul | 15:58 |
| @joao15130:matrix.org | when setting the root parameter, do I need to restart all component of Zuul or just the web service? | 15:58 |
| @fungicide:matrix.org | i had forgotten, even though we were just touching on that change in a separatee conversation above moments ago | 15:58 |
| @fungicide:matrix.org | joao15130: the scheduler(s) use that value, and would re-read zuul.conf when you restart | 16:01 |
| @joao15130:matrix.org | ok let me try | 16:01 |
| @joao15130:matrix.org | thank you for your explanation, I'll let you know about the result | 16:02 |
| @joao15130:matrix.org | i tried but it's still referencing the private IP: | 16:24 |
| ``` | ||
| Dell Openstack CI | ||
| Build failed (check pipeline). | ||
| http://10.228.225.16:9000/t/openstack/buildset/c017f68f6eed4ab69318845b3d921db1 | ||
| powerscale-manila-tempest http://10.228.225.16:9000/t/openstack/build/aab7b66a458042fdadae52fd817acb3f : FAILURE in 18m 17s | ||
| ``` | ||
| even though I have set the root parameter | ||
| ``` | ||
| [web] | ||
| listen_address=0.0.0.0 | ||
| port=9000 | ||
| root=https://elab-os-logsrv.delllabs.net | ||
| ``` | ||
| And restarted zuul_scheduler and zuul_web services | ||
| @joao15130:matrix.org | not sure what I missed | 16:24 |
| @joao15130:matrix.org | it was required to do a full-reconfigure, now I can notice the appropriate URL in gerrit, will look forward configuring the reverse proxy. Thank you so much! | 20:27 |
| @fungicide:matrix.org | sure, sorry it didn't dawn on me that the config options in zuul.conf might get cached in zk, i didn't find any documentation that stated specifically how to get the zuul.conf file re-read (only the tenant config and project configs), but it's possible i overlooked somewhere | 20:32 |
Generated by irclog2html.py 2.17.3 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!