Sunday, 2016-03-20

*** vinkman has joined #kolla		00:00
*** vinkman has left #kolla		00:00
*** rstarmer has joined #kolla		00:02
*** bmace has quit IRC		00:07
*** bmace has joined #kolla		00:07
*** SiRiuS_ has quit IRC		00:08
openstackgerrit	Sam Yaple proposed openstack/kolla: Add generate_passwords.py to generate passwords https://review.openstack.org/293728	00:11
openstackgerrit	Sam Yaple proposed openstack/kolla: Move manila variable https://review.openstack.org/293797	00:11
openstackgerrit	Sam Yaple proposed openstack/kolla: Change deprecated options throughout Kolla https://review.openstack.org/294931	00:11
*** mbound has quit IRC		00:14
*** rstarmer has quit IRC		00:15
SamYaple	sdake: ping	00:17
*** akwasnie1 has quit IRC		00:22
*** rstarmer has joined #kolla		00:27
*** mbound has joined #kolla		00:31
sdake	sup sam	00:35
sdake	SamYaple ^	00:35
*** vishwanathj has joined #kolla		00:50
SamYaple	hey sdake	00:58
sdake	what can i do for ya	00:58
SamYaple	sdake: I have gone throw most/all the options and fixed the deprecated ones this cycle	00:58
sdake	i saw that	00:59
SamYaple	ive fixed alot of the smaller bugs throughout	00:59
SamYaple	ive done a bunc hof deploys on all of this stuff now	00:59
sdake	multinode?	00:59
SamYaple	its really _really_ solid	00:59
SamYaple	yup	00:59
sdake	nice	00:59
SamYaple	vm and baremetal	00:59
sdake	except heat and magnum are busted ;)	00:59
SamYaple	heat i found the bug	00:59
SamYaple	havent submitted patch yet	00:59
SamYaple	i also submitted a patch that builds _all_ images for ubuntu in 12m!	01:00
sdake	oh nice i was going to start working on it tomorrow or monday	01:00
sdake	on vacation atm	01:00
sdake	been in flagstaff since thursday	01:00
sdake	summer break for the kids	01:00
SamYaple	well the outlook is solid for mitaka (with all the patches in the queue)	01:00
SamYaple	its really really slick	01:00
SamYaple	youll be happy when you get back from vaca	01:01
sdake	i agree mitaka is fantastically better hten iberty	01:01
sdake	i have deploeyd in thur and fri in vms single node	01:01
sdake	and the for 3 weeks single node on real gear prior	01:01
sdake	gave a demo of reconfigure and upgrade and deploy - all in under 15 minutes	01:01
SamYaple	yup ive been doing that too	01:02
sdake	people in the call were like "Wtf how is it so fast"	01:02
SamYaple	i tested lights out, change passwords, the works	01:02
sdake	funny thing during my demo i had a wireless dropout	01:02
sdake	normally i use screen to deal with that	01:02
sdake	but didn't this time	01:02
sdake	so my deploy went south badly	01:02
sdake	so i nuked it and was ready to go in 4 minutes	01:02
sdake	its easier to nuke a deploy then fix a failure during deploy	01:03
sdake	upgrade and reconfig is a totally different story	01:03
SamYaple	i agree, though ive been "fixing failues" mode	01:03
sdake	yup i've got two weeks on my 3 node gear to beat it up and get it rolling	01:03
sdake	re heat fix, did you fix the lauching heat vms problem?	01:03
SamYaple	i believe so	01:04
SamYaple	but i dont have the patch running in my env atm to test	01:04
sdake	nice	01:04
SamYaple	i will in a bit	01:04
sdake	i wont be able to test that until monday	01:04
SamYaple	it was an endpoint issue like swift	01:04
sdake	i can't actually launch vms in my alptop	01:04
sdake	i did run reconfigure in a loop 500 times without failure	01:05
sdake	atually it was a file with reconfigure pasted 500times	01:05
sdake	but you get the idea	01:05
sdake	should try same thing with update	01:05
sdake	upgrade rather	01:05
SamYaple	i actually did a master->master upgrade	01:06
SamYaple	worked fantastic	01:06
sdake	i did a master to mater upgrade in my demo	01:06
SamYaple	like a true one	01:06
SamYaple	2 week old master to trunk	01:06
sdake	nice	01:06
SamYaple	running for 2 week environment	01:06
SamYaple	it worked perfect	01:06
SamYaple	it was great	01:06
SamYaple	and so quick!	01:07
sdake	i have a two week old openstack at this point , i can do that upgrade test as well over and over	01:07
SamYaple	i included the docs in the password gen patch	01:07
sdake	typically these lat copule of weeks i run things in loops 500 or 1000 times to make sure there are no wierd failure conditions	01:07
sdake	i saw looks good	01:07
SamYaple	having the rando passwords is fantastic too	01:07
sdake	I think you should look into SystemRandom class	01:07
sdake	but other hten that looks good	01:08
*** rstarmer has quit IRC		01:08
SamYaple	no we cant use that (or maybe as an option)	01:08
SamYaple	random blocks	01:08
sdake	you mean /dev/urandom?	01:08
SamYaple	no	01:08
SamYaple	urandom is what my patch uses	01:08
SamYaple	i commented as such in the review	01:08
sdake	have you seen it block?	01:08
sdake	the python docs seem to indicate that to get /dev/urandom rather then /dev/random you have to use systemrandom class	01:09
sdake	nm i'm a moron	01:10
sdake	i've got em backwards	01:10
sdake	/dev/random is the secure one	01:10
SamYaple	yes but random blocks	01:12
SamYaple	like i said	01:12
SamYaple	it can block forever	01:12
SamYaple	if you dont have enough entropy	01:12
SamYaple	urandom is planty safe, but that can be an option if people want	01:12
*** mbound has quit IRC		01:13
sdake	Almost all module functions depend on the basic function random(), which generates a random float uniformly in the semi-open range [0.0, 1.0). Python uses the Mersenne Twister as the core generator. It produces 53-bit precision floats and has a period of 2**19937-1. The underlying implementation in C is both fast and threadsafe. The Mersenne Twister is one of the most extensively tested random number generators in existence.	01:13
sdake	However, being completely deterministic, it is not suitable for all purposes, and is completely unsuitable for cryptographic purposes.	01:13
sdake	so basically random python api uses a deterministic random() c library call	01:14
sdake	/dev/urandom doesn't block /dev/random blocks	01:14
SamYaple	correct	01:14
SamYaple	thats waht ive been saying	01:14
sdake	yes but the current code doens't use the os random	01:14
sdake	its using one that the c library provides	01:14
sdake	what i'm getting at is /dev/urandom is not determinstic in most reaosnable cases except after a reboot	01:15
SamYaple	im pretty sure i use /dev/urandom	01:15
sdake	and when entropy has run out	01:15
SamYaple	but ill triplecheck	01:15
sdake	it says right above in the python docs what random uses	01:15
sdake	The underlying implementation in C is both fast and threadsafe.	01:15
sdake	it would be helpful is the kernel used interrupts for entropy pool	01:17
sdake	i dont know why it doesn't probaby a performance thing	01:17
sdake	when i gen pgp keys it always takes forever on my machines where i don't have a mosue and keyboard connected	01:17
SamYaple	remember im using random.choice	01:18
SamYaple	i believe that grabs urandomm, but like i said ill triple check	01:18
sdake	ya lets check the python lib code jsut to duble check	01:18
sdake	i could do but i dont hae a vm booted atm ;)	01:19
sdake	so by let i mean you :)	01:19
sdake	lets	01:19
sdake	you can still use random.choice	01:21
sdake	SystemRandom inherits from the random class	01:21
sdake	https://docs.python.org/3/library/random.html#random.SystemRandom	01:22
*** weiyu_ has joined #kolla		01:24
*** weiyu_ has quit IRC		01:28
*** vhosakot has joined #kolla		01:29
sdake	the source on my mac says random.choice uses random.random from _random.Random	01:29
sdake	looks like _random may be c code, i don't see it on my mac	01:30
*** iceyao has joined #kolla		01:32
*** weiyu_ has joined #kolla		01:33
sdake	SamYaple line 30 is how random() is implemented: http://nullege.com/codes/show/src%40m%40a%40main-HEAD%40External.LCA_RESTRICTED%40Languages%40CPython%4027%40Lib%40random.py/71/_random.Random/python	01:35
sdake	SamYaple from the source code here is how python gets _random:	01:42
sdake	https://github.com/python/cpython/blob/master/Modules/_randommodule.c	01:42
sdake	defined from here: https://github.com/python/cpython/blob/master/setup.py#L625	01:43
sdake	clearly that c code does not use any operating system primitives ;)	01:43
sdake	ok off for a break	01:43
*** vhosakot has quit IRC		01:43
*** vhosakot has joined #kolla		01:45
*** weiyu_ has quit IRC		01:45
*** vhosakot has quit IRC		01:46
*** vhosakot has joined #kolla		01:48
SamYaple	sdake: i have a patch up that speeds up the gate alot	01:50
SamYaple	12 min all images build for ubuntu	01:50
sdake	how does it work	01:51
SamYaple	trims off 5-10m for centos	01:51
sdake	i'll look in queue	01:51
SamYaple	https://review.openstack.org/#/c/294854/5	01:51
SamYaple	same script i used last cycle at the end	01:51
sdake	is this just source or binary as well?	01:51
SamYaple	basically install packages that are installed >=10 times by other contaienrs	01:52
sdake	havn't actuallly looked a your code :)	01:52
sdake	ya makes sense	01:52
SamYaple	source, rhallisey said he wanted to do binary	01:52
sdake	wfm	01:52
SamYaple	but it was a 12m gate run time!	01:52
SamYaple	the deploy gate for ubuntu was sub 10m now!	01:52
SamYaple	also shaves of about 5% of total build size	01:52
sdake	ought to get that script in the repo if you have one	01:53
SamYaple	600MB for centos	01:53
SamYaple	its a one liner with manual intervention	01:53
sdake	bummer	01:53
SamYaple	yea	01:53
SamYaple	i dont know its worth it to automate	01:53
SamYaple	it requires manual tweaks	01:53
sdake	my only concern is if deps get dropped	01:53
SamYaple	well they wont this cycle	01:53
sdake	but as long as someone looks after it -w fm ;)	01:53
sdake	right	01:53
sdake	i mean int he future	01:53
SamYaple	and i dug through them from last cycle	01:53
SamYaple	i diff'd	01:54
SamYaple	nothing dropped, only adds	01:54
sdake	i think pycrpto is going byebye	01:54
SamYaple	but i agree, its a concern for the future	01:54
sdake	or one of those crypto libs	01:54
sdake	i can't tkeep track which one is blessed ;-)	01:54
SamYaple	whatevers on there is installed 10+ times by all packages	01:54
sdake	ya i just acked it	01:55
sdake	10 min delta between centos and ubuntu	01:56
sdake	mirrors ftw	01:56
SamYaple	isnt that crazy?	01:56
SamYaple	10m from build to vm	01:56
sdake	ya 35% delta	01:56
sdake	no i mean 30 min centoso source build and 20 min ubuntu build from source	01:57
*** vhosakot has quit IRC		01:57
SamYaple	yea i get that	01:57
SamYaple	but ubuntu deploy was 10m gate!	01:57
SamYaple	build and deploy in 10mitues is crazy	01:57
*** vhosakot has joined #kolla		01:57
*** vhosakot has quit IRC		02:03
*** vhosakot has joined #kolla		02:03
openstackgerrit	Hui Kang proposed openstack/kolla: Ceilometer needs pymongo to start https://review.openstack.org/294725	02:04
*** mbound has joined #kolla		02:14
*** vhosakot has quit IRC		02:14
*** weiyu_ has joined #kolla		02:19
*** banix has joined #kolla		02:19
*** mbound has quit IRC		02:19
*** vhosakot has joined #kolla		02:36
sdake	for folks that haven't watched the documntary "The Lottery of Life" I'd recommend it	02:41
*** rstarmer has joined #kolla		02:45
rstarmer	what is this "recongifure" command you talk about. this sounds interesting.	02:48
sdake	rstarmer hey there	02:48
sdake	it reconigures your openstack environment	02:48
sdake	so if you ahve bridge A setup nad you instead want it to be bridge B	02:49
sdake	it does that	02:49
sdake	it merges /etc/kolla/config/* files into the main configuration files	02:49
sdake	and overrides existing entries if present	02:49
sdake	it allows for complete customization of openstack on deploy	02:49
rstarmer	oh. wow, that is cool.	02:49
sdake	what we were lacking in liberty was a way to change those config options	02:49
sdake	reconfigure allows runtime changing with minimal downtime	02:49
rstarmer	Very very interesting.	02:50
rstarmer	I will need to investigate further.	02:50
SamYaple	rstarmer: it is a newer feature so it may have some bugs, but so far they are break-the-script bugs, not break-the-deploy bugs	02:51
SamYaple	they way it works it would be hard/impossible to break the deploy anyway	02:51
rstarmer	Most excellent. Will be playing with this as time permits this week!	02:51
rstarmer	I'm becoming more and more of a fan of this new fangled container based world... :)	02:52
sdake	its about 2 years old ;)	02:52
*** vhosakot has quit IRC		02:53
sdake	finally we have delivered on upgrade	02:53
sdake	which is the whole reason we headed down the container road for openstack to begin	02:53
*** klint has joined #kolla		02:53
*** vhosakot has joined #kolla		02:53
rstarmer	yeah, I talk to so many people who are stuckc because upgrades, while "feasible" are just not something they actually want to touch.	02:53
SamYaple	rstarmer: im an ops guy and i say with no bias this is the easiest upgrade process for openstack	02:54
SamYaple	and ive used (and supported) most of them	02:55
vhosakot	rstarmer: here are the steps to reconfigure OpenStack services in kolla - https://etherpad.openstack.org/p/kolla-mitaka-testing-reconfigure	02:55
SamYaple	love containers	02:55
rstarmer	vhosakot: thanks, I needed that :D	02:56
vhosakot	rstarmer: cool, np :)	02:56
rstarmer	SamYaple: yeah, I help people with their Ops problems, often by comiserating with the mess they have...	02:56
SamYaple	kolla in the state it is in is actually alot of "man i hated doing xyz in <insert openstack tool>"	02:57
SamYaple	so hopefully ops do like this	02:57
rstarmer	I've got a project where I hope to be able to guide the customer into Kolla. They're using puppet ATM, and that's where my previous experiences lie, and so I hope to be able to show them the light.	03:01
SamYaple	if they want 10minute multinode deploys, look no further!	03:02
rstarmer	I'l be demoing this to them on Tuesday if all goes well...	03:03
openstackgerrit	Hui Kang proposed openstack/kolla: Ceilometer needs pymongo to start https://review.openstack.org/294725	03:03
sdake	kolla doesn't createa a mess the first place to clean up ;)	03:04
SamYaple	yes	03:04
SamYaple	i actually think thats a big reason kolla has come so far so quickly	03:05
SamYaple	because us devs can clean our environments so thorughly so quickly	03:05
rstarmer	I'm acutally using a simmilar approach (well, similar in that it containerizes the application middleware) for a Kubernetes project I'm supporting as well. But there's no Kolla equivalent (at least that I've found) for Kubernetes, so that's something I might have to try as I get a better handle on the "system" of operation.	03:06
*** sdake has quit IRC		03:07
vhosakot	rstarmer: kube.sh is pretty buggy ;)	03:08
vhosakot	rstarmer: you using vagrant+kubernetes ?	03:09
rstarmer	vhosakot: no, the docker container based master/minion multi-node setup.	03:09
vhosakot	ah, cool.. docker.. the vagrant setup + kube is not stable	03:10
rstarmer	it's all buggy. I only need it for some performance testing work, but I also need it to be re-produceable.	03:10
*** sdake has joined #kolla		03:10
*** sdake has quit IRC		03:10
*** weiyu_ has quit IRC		03:10
*** sdake has joined #kolla		03:11
vhosakot	ah ok	03:11
*** macsz has quit IRC		03:36
*** vhosakot has quit IRC		03:42
*** vhosakot has joined #kolla		03:43
*** rstarmer has quit IRC		03:44
*** weiyu_ has joined #kolla		03:53
*** weiyu_ has quit IRC		03:57
*** elmiko has quit IRC		04:18
*** elmiko has joined #kolla		04:18
*** dave-mcc_ has quit IRC		04:24
*** jasonsb has quit IRC		04:34
*** iceyao_ has joined #kolla		04:39
*** iceyao has quit IRC		04:40
*** iceyao has joined #kolla		04:46
*** sdake has quit IRC		04:47
*** iceyao_ has quit IRC		04:50
*** vhosakot has quit IRC		04:51
*** sdake has joined #kolla		04:56
*** banix has quit IRC		05:32
*** Windir has quit IRC		05:45
*** sdake has quit IRC		06:11
*** sdake has joined #kolla		06:11
*** sdake has quit IRC		06:20
*** achanda has joined #kolla		06:33
*** Marga_ has quit IRC		07:13
*** Marga_ has joined #kolla		07:14
*** ssurana has joined #kolla		07:23
*** stvnoyes has quit IRC		08:03
*** stvnoyes has joined #kolla		08:04
*** jmccarthy has quit IRC		08:06
*** jmccarthy has joined #kolla		08:06
*** achanda has quit IRC		08:16
*** vishwanathj has quit IRC		08:16
*** akwasnie has joined #kolla		09:11
*** akwasnie has quit IRC		09:18
*** akwasnie has joined #kolla		09:19
*** akwasnie has quit IRC		09:19
*** iceyao has quit IRC		09:33
*** SiRiuS_ has joined #kolla		09:41
*** akwasnie has joined #kolla		09:44
*** achanda has joined #kolla		09:46
akwasnie	sdake: ping	09:48
akwasnie	SamYaple: ping	09:49
*** starmer has joined #kolla		09:53
*** achanda has quit IRC		09:53
*** starmer has quit IRC		09:53
*** Serlex has joined #kolla		09:54
*** ssurana has quit IRC		10:09
*** pbourke has quit IRC		10:13
*** pbourke has joined #kolla		10:14
*** sdake has joined #kolla		10:16
*** ccesario has joined #kolla		10:17
*** iceyao has joined #kolla		10:34
*** ccesario has quit IRC		10:34
*** sdake has quit IRC		10:48
*** sdake has joined #kolla		10:50
*** achanda has joined #kolla		10:50
*** achanda has quit IRC		10:56
*** akwasnie has quit IRC		10:58
*** Serlex has quit IRC		11:38
*** dave-mccowan has joined #kolla		12:00
*** Jeffrey4l_ has joined #kolla		12:06
*** Jeffrey4l__ has quit IRC		12:09
*** Liuqing has joined #kolla		12:36
*** akwasnie has joined #kolla		12:38
*** sdake has quit IRC		12:47
*** achanda has joined #kolla		12:54
*** akwasnie has quit IRC		12:55
*** akwasnie has joined #kolla		12:56
*** achanda has quit IRC		13:00
*** klint has quit IRC		13:01
*** dave-mcc_ has joined #kolla		13:01
*** dave-mccowan has quit IRC		13:02
*** dave-mcc_ has quit IRC		13:06
*** rhallisey has quit IRC		13:07
*** rhallisey has joined #kolla		13:08
*** sdake has joined #kolla		13:09
*** akwasnie has quit IRC		13:11
*** akwasnie has joined #kolla		13:16
*** Jeffrey4l_ has quit IRC		13:18
*** sdake has quit IRC		13:20
*** sdake has joined #kolla		13:21
*** akwasnie has quit IRC		13:32
*** akwasnie has joined #kolla		13:33
*** Jeffrey4l_ has joined #kolla		13:42
*** akwasnie has quit IRC		13:46
*** akwasnie has joined #kolla		13:46
*** achanda has joined #kolla		13:56
SamYaple	akwasnie: pong	13:57
*** achanda has quit IRC		14:01
*** akwasnie has quit IRC		14:03
*** akwasnie has joined #kolla		14:03
*** mbound has joined #kolla		14:03
openstackgerrit	Sam Yaple proposed openstack/kolla: Fix rax-ord gate https://review.openstack.org/295001	14:05
openstackgerrit	Andrei-Lucian Șerb proposed openstack/kolla: Attach external NIC to a NAT-Network if on Wi-Fi https://review.openstack.org/294340	14:17
*** mbound has quit IRC		14:17
*** akwasnie has quit IRC		14:26
*** akwasnie has joined #kolla		14:27
*** diogogmt has quit IRC		14:36
*** diogogmt has joined #kolla		14:37
*** akwasnie1 has joined #kolla		14:39
*** akwasnie has quit IRC		14:39
*** dims has joined #kolla		14:40
*** dwalsh has joined #kolla		14:44
*** diogogmt has quit IRC		14:47
akwasnie1	sdake, SamYaple: it turns out that shield requires a licence - it starts with free 30 day trial, but after that additional licence is required. It is easy to install and configure (i tried and it works), but license stuff rather eliminates it from being used in kolla.	14:53
akwasnie1	so i think that we are back to nginx proxy	14:53
SamYaple	akwasnie1: agreed	14:54
SamYaple	nginx it is	14:54
SamYaple	hey akwasnie1 is the central logging stuff... functional?	14:54
SamYaple	i havent played with ti at all yet	14:54
akwasnie1	yes, it is :)	14:55
SamYaple	awesome! thats very cool	14:55
SamYaple	youve all done great work on that	14:55
SamYaple	im going to build and install it now if thats the case	14:55
SamYaple	elasicsearch and kibana are the only containers right?	14:55
akwasnie1	thanks! :) should we create seperate container for nginx proxy (we might use this proxy for other services that does not have any authentication) or should we stick with configuring it inside kibana container?	14:56
openstackgerrit	Andrei-Lucian Șerb proposed openstack/kolla: Attach external NIC to a NAT-Network if on Wi-Fi https://review.openstack.org/294340	14:56
akwasnie1	elasticsearch and kibana are the only ones	14:56
akwasnie1	does -> do	14:57
SamYaple	akwasnie1: that depends, is nginx going to be a seperate process that needs to be watched? (i think it is)	14:57
SamYaple	if so new container	14:57
SamYaple	you know akwasnie1 haproxy also does basic auth....	14:58
SamYaple	we could just use that	14:58
*** dims has quit IRC		15:01
akwasnie1	will try this tomorrow, then	15:01
*** dims has joined #kolla		15:01
SamYaple	im wondering is there any downsides to it?	15:02
*** akwasnie1 has quit IRC		15:06
*** Liuqing has quit IRC		15:07
sdake	only requirement is password auth that is secure	15:16
sdake	how its done, I don't care ;)	15:16
sdake	if haproxy can do it that seems reasonable to me	15:16
SamYaple	haproxy would do the same thing as nginx, Auth header	15:17
SamYaple	pbourke: you around?	15:17
*** dims has quit IRC		15:23
*** dims has joined #kolla		15:27
*** iceyao has quit IRC		15:32
*** ccesario has joined #kolla		15:47
*** ccesario has quit IRC		15:53
openstackgerrit	Merged openstack/kolla: Fix linuxbridge driver https://review.openstack.org/294936	15:57
*** vhosakot has joined #kolla		15:57
*** achanda has joined #kolla		15:59
*** vhosakot has quit IRC		16:02
*** vhosakot has joined #kolla		16:03
*** achanda has quit IRC		16:04
SiRiuS_	vhosakot, ping	16:11
openstackgerrit	Jeffrey Zhang proposed openstack/kolla: Fix the prechecks role idempotent https://review.openstack.org/295018	16:11
vhosakot	SiRiuS_: hi	16:11
SiRiuS_	vhosakot, I answered the questions inside patch 5	16:12
SiRiuS_	vhosakot, Basically, the globals.yml file is part of kolla itself, while the Vagrantfile is not part of kolla , but is used to provision kolla nodes	16:13
vhosakot	SiRiuS_: i don't see them. are they still in draft (red color). Could you hit "Reply" at the the top and click "post"	16:13
*** akwasnie has joined #kolla		16:14
*** akwasnie has left #kolla		16:15
SiRiuS_	vhosakot, is says Draft next to my answers	16:15
SiRiuS_	hmm	16:15
vhosakot	SiRiuS_: cool, I was just thinking if the default values used (network_interface: "eth0" and neutron_external_interface: "eth1") in globals.yml need to change, or the same values are good ?	16:15
SiRiuS_	vhosakot, how do I get the answers submitted, if they are in Draft. I'm new, as you can probably tell :)	16:16
openstackgerrit	Merged openstack/kolla: Fix race condition in haproxy https://review.openstack.org/292782	16:17
vhosakot	SiRiuS_: I found it unintuitive as well... so, select patch set 5 (where you see draft comments in red), click the green Up arrow at top right, click "Reply" at top, click "Post"	16:18
vhosakot	SiRiuS_: in the gerrit homepage, at top right, it shows the patch set number ("Patch Sets 5/7) at top right next to Download	16:19
SiRiuS_	vhosakot, I think I did it, thanks for the help	16:21
vhosakot	SiRiuS_: cool, np :)	16:21
SiRiuS_	vhosakot, if you have any followup questions, please ask :)	16:24
vhosakot	cool, thanks for the replies... so, bootstrap.sh sets network_interface and neutron_external_interface.. cool	16:24
vhosakot	SiRiuS_: https://github.com/openstack/kolla/blob/master/dev/vagrant/bootstrap.sh#L141-L142.. so, what is the value of network_interface here ? eth0 or eth1 ?	16:24
SiRiuS_	vhosakot, yup	16:25
vhosakot	SiRiuS_: eth0 or eth1 ?	16:25
SiRiuS_	vhosakot, it would be ethic	16:25
SiRiuS_	*eth2	16:25
rhallisey	hello everyone	16:25
vhosakot	SiRiuS_: neutron_external_interface is eth2, what about network_interface ?	16:25
vhosakot	rhallisey: o/	16:25
SiRiuS_	vhosakot, eth1	16:26
SiRiuS_	vhosakot, just like the file	16:26
vhosakot	SiRiuS_: ah, cool... just wanted to make sure that they are not affected.. cool, thanks for the new patch set.. it looks good	16:26
SiRiuS_	vhosakot, sure, that's why i configured the other 2 interfaces (NIC 1 and NIC2), because if I didn't then it would change the order	16:27
*** dwalsh has quit IRC		16:28
SiRiuS_	vhosakot, it's not documented in Vagrant, so I had to do it by trial and error	16:28
vhosakot	SiRiuS_: I see that in the order and the comment about the order in code... cool	16:28
SiRiuS_	vhosakot, first time I tested it, I just set up NIC 3, but when the guest OS booted, it would connect NIC3 to eth0, which was not good at all	16:29
vhosakot	ah ok... I have seen the guest OS pick the configured NIC and name it eth0	16:30
*** vhosakot has quit IRC		16:32
openstackgerrit	Merged openstack/kolla: Ceilometer needs pymongo to start https://review.openstack.org/294725	16:38
SamYaple	sdake: would you create teh stable/mitaka branch please?	16:41
SamYaple	to unblock master	16:42
SamYaple	also we need to pin the versions of the projects were using, but need the stable branch for that	16:43
sdake	SamYaple iirc we had planned to branch at rc2	16:52
sdake	the rationale is to keep people focused on fixing bugs in mitaka	16:52
sdake	of which there are plenty in nthe bug tracker	16:53
SamYaple	well the issue is everyone else branched already	16:53
SamYaple	and so now master is not mitaka	16:53
SamYaple	it is newton	16:53
SamYaple	so we need to pin versions	16:53
SamYaple	you dont need to tag	16:53
SamYaple	you need ot branch	16:53
sdake	i understand	16:54
sdake	do you not agree if mitaka is branched people will do dev rather then fix bugs?	16:54
SamYaple	i dont think what i agree to matters, right now we arent gating mitaka	16:54
SamYaple	other projects are deving right now and we are consuming	16:54
sdake	i see	16:55
SamYaple	i think branching is the best for stability	16:55
sdake	ok that make sense	16:55
SamYaple	i have a bunch of bug fixes in the queue	16:55
sdake	see when i send emials to the mailing list, all you ahve to do is respond :)	16:55
SamYaple	when did you send an email?	16:55
sdake	basically dev is supposed to be done at mitaka-3	16:55
sdake	when mitaka-3 was released	16:55
sdake	need subject?	16:55
SamYaple	ah ok ill find it	16:56
SamYaple	but i did not see it apaprently	16:56
SamYaple	my email skills are not the best	16:56
SamYaple	i just need better filters	16:56
*** jasonsb has joined #kolla		16:56
sdake	ok well i'll send note that master has branched	16:57
SamYaple	well if we can stable/mitaka on monday after the queue has been merged that would be best i think	16:57
sdake	ok monday it is	16:57
SamYaple	yea there are some critical things in the queue needing merging	16:57
sdake	i think mitaka is in pretty good shape minus the fact that heat is broken	16:57
SamYaple	yea ill fix that	16:57
sdake	if vms can be launched in heat, i'd be all for branching :)	16:57
SamYaple	i did test my fix	16:57
sdake	backporting always fails on our end	16:58
sdake	the idea with backports is you shouldn't do them unless absolutely necessary	16:58
sdake	hehnce the idea of waiting to branch	16:58
sdake	but our project isa bit odd that it consumes other upstream projects for gating purposes	16:58
SamYaple	backporting for us fails because of lack of focus. we dont manage our bugs well	16:59
sdake	cool so by test, did you llaunch a heat stack?	16:59
SamYaple	yea	16:59
sdake	i wholeheartedly agree	16:59
SamYaple	even if focus wasnt there, good bug management could allow a single person to manage backports very easily	16:59
*** vhosakot has joined #kolla		17:00
sdake	yes but with all the trivailfix stuff happening which are really bugs	17:00
sdake	that is hard	17:00
sdake	need to clamp down on that as a project, I think epople tend to abuse it	17:00
SamYaple	yea i think weve all done it	17:00
SamYaple	i agree	17:00
sdake	i file bugs if its not docs or a one liner	17:01
SamYaple	what we need instead of "trvialfix" is "AffectsMasterOnly"	17:01
sdake	so people don't have to comb the git repo for fixes	17:01
sdake	what we need is for people to file bugs ;)	17:01
sdake	people use trivial fix for features, bugs, whatever suits their fancy ;)	17:02
sdake	the big problem is it doesn't give us a true accounting of the bug work taking place	17:03
SamYaple	well thats the thing. what do i do with something thats not a bug? its a feature, but not worthy of a blueprint?	17:03
sdake	and no way to track = no way to backport	17:03
sdake	those should be wishlist bugs	17:03
sdake	i dont know why docs get autoassigned wishlist either, since they arenot features	17:03
sdake	i prefer docs fixes get filed at high priority but i don't think there is control on that	17:03
SamYaple	there is on the docs bot side	17:04
SamYaple	but anyway yea we should just force bugs and not try to do a "affectsmasteronly" tag or anything	17:04
*** dims_ has joined #kolla		17:04
SamYaple	and that means stop the trivalfix stuff	17:04
SamYaple	because "fix" means bug	17:04
*** dims has quit IRC		17:05
sdake	we implemented trivialfix because develoeprs were complaining about bug overhead	17:05
SamYaple	eh that doesnt realyl work either	17:05
SamYaple	yea	17:05
sdake	because filing a bug takes 5-10 minutes of someones life :)	17:05
SamYaple	honestly the masteronly thing might work better	17:05
SamYaple	we dont need a bug for masteronly fix	17:05
SamYaple	even wishlist-type feature	17:05
openstackgerrit	Merged openstack/kolla: Increase usefulness of openstack-base https://review.openstack.org/294854	17:05
SamYaple	but we need a bug for anythign that doesnt affect just master	17:05
sdake	the problem is eveyrone applies tags differently using different semantics	17:06
sdake	thats why its better not to have any tags at all ;)	17:06
sdake	this is the problem with process - different things to differnt people	17:06
SamYaple	forcing bugs is something no other projcet does	17:06
SamYaple	id be inclined to default to thier ways	17:06
SamYaple	it works for the rest of openstack better than what we do	17:06
sdake	nova allows features without a blueprint or bug tracker?	17:06
SamYaple	nova doesnt even allow bug fixes	17:07
SamYaple	but lets not base anything we do on "nova does it"	17:07
vhosakot	how about bugs non non-one-liners and TrivialFix for _only_ one-liners ?	17:07
SamYaple	they arent the pillar of working	17:07
SamYaple	vhosakot: what about a one-liner that needs to be backported?	17:07
sdake	well they do have a big pile of stuff to deal with :)	17:07
sdake	vhosakot this issue that needs solving is hwo to manage backports	17:07
sdake	the way I'd like to manage backports it just not do them by releasing sotwre that is good out of the gate ;)	17:08
SamYaple	I do like this MasterOnly thing, something that doesnt need a bug, isnt a blueprint, wont be backported	17:08
vhosakot	SamYaple: bug i that case.. one-liner in master but needed in older release in bug...	17:08
sdake	vhosakot how does the backporter know	17:08
sdake	comb the commit to figure out if its a bug that needsa a backport or what?	17:08
vhosakot	sdake: right, the team needs to finalize/converge/freeze backports often	17:09
sdake	the way other projects work is file a bug, then say affects which branches in launchpad	17:09
sdake	or use a tag	17:09
sdake	we are not using the bugs feature of launchpad very effectively as a team	17:09
sdake	i can't even get people to triage properly much less sort out how to do a backport	17:10
sdake	it would be nice if ayone could asig themselves a bug, but not actually do the triaging	17:10
vhosakot	sdake: I think backport is a feaure-creep in older release and may un-stabilize the older release.. so, the team (at least the cores) need to know the status of backports..	17:10
sdake	then we could reduce the size of the drivers team	17:10
sdake	because the drivers team's job is to do bug triage	17:10
sdake	vhosakot right backports turn into features	17:11
SamYaple	vhosakot: we commit to fixing bugs in backport	17:11
sdake	rather then "heat doesn't work"	17:11
sdake	or whateer	17:11
SamYaple	vhosakot: not features	17:11
sdake	our last release about 60 changes went in right after the branch which were not backports and not even slated for liberty	17:11
vhosakot	bugs in backport is different.. _backport_ itself is a new feature in the older release	17:12
sdake	it almost gave me a heartattack	17:12
sdake	SamYaple since i dont have my gear in flagstaff (back tonight) i'll test monday/tuesday and we can branch then	17:12
sdake	i want to test multinode on my own for centos	17:12
sdake	I don't think kalot of folks are doing that	17:12
SamYaple	sdake: you dont recall do you? we agree to the 1.1.0 release right after liberty. thats why those chages are there	17:13
sdake	yup but it wasn't staffed properly	17:13
*** dwalsh has joined #kolla		17:13
SamYaple	no it was on track	17:13
sdake	i think agreeing to a 1.1.0 right after liberty was an error	17:13
sdake	but we can't fix the past	17:13
openstackgerrit	Jeffrey Zhang proposed openstack/kolla: Install neutron in manila-share group only when enable_manila is true https://review.openstack.org/295024	17:13
sdake	morning Jeffrey4l_	17:14
SamYaple	not following through was a bigger error	17:14
*** vishwanathj has joined #kolla		17:14
SiRiuS_	vhosakot, can I get a +1 if you are satisfied with the patch :)	17:14
SamYaple	we need to be better at following through	17:14
sdake	we are good at followthrough on master	17:14
vhosakot	SiRiuS_: sure, 1 sec... was just testing your patch srt... looks great	17:14
sdake	liberty was our first release where backporting was actually done	17:15
Jeffrey4l_	sdake, good night, it is 1 AM here :)	17:15
SamYaple	Jeffrey4l_: go to sleep!	17:15
SiRiuS_	vhosakot, cool, I'll wait	17:15
vhosakot	Jeffrey4l_: night night!	17:15
Jeffrey4l_	yea. I am going.	17:15
vhosakot	SiRiuS_: done, +1, nice work	17:16
SiRiuS_	vhosakot, thanks \m/ :)	17:16
sdake	i've been doing softwre for 20 years and have never seen backports handled properly	17:17
vhosakot	Whenevr I used Vagrant, I'm wired (bridge) so did not see the issue... this time, I used wireless NAT to test.. cool	17:17
Jeffrey4l_	sdake, about the magnum v3 issue. There are trustee_domain_id and trustee_domain_admin_id in trust section.	17:18
sdake	its not like I havnet seen people try a million things	17:18
Jeffrey4l_	which domain/admin should we use?	17:18
sdake	Jeffrey4l_ recommend looking at how heat does it	17:18
SamYaple	sdake: did you file a bug on that heat issue?	17:18
sdake	yes	17:18
Jeffrey4l_	default domain or create a new domain ( for example magnum_domain )	17:18
Jeffrey4l_	ok	17:18
vhosakot	I am not a fan of backports.. why touch older software when it if good.... backport something if it is _really_ needed for most users	17:19
sdake	"Heat doa in mitaka3"	17:19
sdake	yup that is the only viable way to handle backports vhosakot	17:19
sdake	as in don't do them unless absolutely necessary	17:19
vhosakot	sdake: cool	17:19
Jeffrey4l_	heat use the default domain. I will copy that.	17:20
openstackgerrit	Sam Yaple proposed openstack/kolla: Fix heat endpoint registration https://review.openstack.org/295025	17:20
SamYaple	there ya go sdake	17:20
sdake	nice thanks SamYaple	17:20
Jeffrey4l_	need go to sleep. bye guys.	17:24
sdake	later lei	17:24
sdake	say SamYaple	17:25
sdake	question relating to performance	17:25
sdake	why is mitaka so much faster then liberty?	17:25
*** vhosakot has quit IRC		17:25
*** vhosakot has joined #kolla		17:26
SamYaple	memcache all the things	17:27
SamYaple	but if youre talking about horizon, thats thanks to jeffrey	17:27
sdake	i am talking about deplooy time	17:27
SamYaple	oh i optimized the crap outa it	17:28
SamYaple	reduced number of tasks drastically	17:29
SamYaple	did merge_configs	17:29
SamYaple	et	17:29
SamYaple	etc*	17:29
sdake	so its just a reduction in number of tasks?	17:29
SamYaple	mostly	17:29
SamYaple	and sped up tasks	17:29
sdake	i seem to recall there were about 300 tasks in liberty	17:29
sdake	and about 300 in mitaka	17:29
SamYaple	right but the number YOU use to deploy are less	17:30
SamYaple	we added like 5 services	17:30
SamYaple	gate deplys in ~150 tasks	17:30
SiRiuS_	vhosakot, can you please click on "This bug affects you" , if you managed to reproduce it, here https://bugs.launchpad.net/kolla/+bug/1558766	17:34
openstack	Launchpad bug 1558766 in kolla "neutron not working inside virtualbox on wi-fi" [Undecided,In progress] - Assigned to Andrei-Lucian Șerb (lucian-serb)	17:34
vhosakot	SiRiuS_: as I said, I am always wired and _dont_ use vagrant for daily dev... I was not able to reproduce the bug, but I did not see the bug when I tested your patch set	17:36
SiRiuS_	vhosakot, I had a discussion with mandre about it, but he did not have VirtualBox, and was not able to reproduce it	17:36
SiRiuS_	vhosakot, oh, ok	17:36
vhosakot	SiRiuS_: I use the Vagrant libvirt plugin	17:36
vhosakot	SiRiuS_: I turned on wifi, shutdown my wired interface, tested your patch set, and did not see the bug..	17:37
vhosakot	SiRiuS_: are you using VirtualBox on Ubuntu or Mac/Windows ?	17:38
SiRiuS_	vhosakot, So practically it works on libvirt, without the patch, because libvirt was not patched	17:38
SiRiuS_	vhosakot, on Mac, but VirtualBox documentation did not specify Mac being the only one affected	17:39
vhosakot	SiRiuS_: yep, I have seen ubuntu+virtualbox not stable and I had to uninstall libvirt for it (which I dont want to, my libvirt is pretty stable)	17:39
vhosakot	SiRiuS_: ah ok	17:39
SiRiuS_	Bridging to a wireless interface is done differently from bridging to a wired interface, because most wireless adapters do not support promiscuous mode. All traffic has to use the MAC address of the host’s wireless adapter, and therefore VirtualBox needs to replace the source MAC address in the Ethernet header of an outgoing packet to make sure the reply will be sent to the host interface. When VirtualBox sees an incoming packet with a destination IP add	17:39
SiRiuS_	ress that belongs to one of the virtual machine adapters it replaces the destination MAC address in the Ethernet header with the VM adapter’s MAC address and passes it on. VirtualBox examines ARP and DHCP packets in order to learn the IP addresses of virtual machines.	17:39
SiRiuS_	vhosakot, that is what the docs say	17:40
vhosakot	SiRiuS_: ah ok.. let me read	17:40
vhosakot	SiRiuS_: isn;t this in the commit message	17:40
SiRiuS_	it is	17:40
vhosakot	cool	17:40
vhosakot	ok, gotta step out a bit... SiRiuS_, I think I have a Ubuntu+Vagrant image minus libvirt.. will let you know if I find time to use and test it...	17:42
SiRiuS_	vhosakot, nice, that would be awesome	17:43
vhosakot	SiRiuS_: frankly, I don't spend much time debugging Vagrant issues as Vagrant is not used in production and no customer sees/worries about it mostly... a lot of devs use for daily dev/VM creation, teating and re-creating VMs easily	17:44
SiRiuS_	vhosakot, sure, it's mostly devs or people trying kolla for the first time	17:44
vhosakot	yep,	17:45
SiRiuS_	vhosakot, not everyone has a lab where they can do deployment :)	17:45
vhosakot	yep, use Ubuntu/Liux on laptop to begin with ;)	17:45
SiRiuS_	yeah	17:46
vhosakot	most of the time, my host OS on laptop is Linux	17:46
vhosakot	I have seen libvirt/qemu in the host kernel a _lot_ stabler than virtualization software that _emulate_ like virtualBox/vmware fusion, etc	17:47
openstackgerrit	Merged openstack/kolla: Fix the prechecks role idempotent https://review.openstack.org/295018	17:48
vhosakot	plus, needless to say, the networking/nat magic these softwares do... but, yes, they are great if host OS on laptop is not Linux or without libvirt	17:48
vhosakot	ok, gotta step out a bit... see you all	17:49
sdake	virtualbox uses hardware virt if your mac is configured properly	17:49
sdake	SiRiuS_ are yuo Anderi-Lucian?	17:49
SiRiuS_	sdake, yes	17:50
sdake	SiRiuS_ could you explain how to manully setup virtualbox so that networking works properly?	17:50
sdake	(with wifi)	17:50
sdake	to me - so i can document it	17:50
vhosakot	sdake: yes, agreed	17:50
sdake	I use a mac for dev	17:50
sdake	and i need to know :)	17:50
SiRiuS_	sdake, sure	17:51
SiRiuS_	I'll tell you the full story :D	17:51
sdake	let me go get a monster drink ;)	17:51
sdake	j/k ;)	17:51
SiRiuS_	basically I downloaded kolla, and managed to reply fine	17:52
SiRiuS_	deploy*	17:52
SiRiuS_	I ran the init-runonce	17:52
SiRiuS_	so I had everything set up properly	17:52
SiRiuS_	but I could not get internet connectivity inside the nova VMs	17:53
SiRiuS_	neither could I connect to the nova VMs from my host	17:53
sdake	how did you get into your vm from your mac?	17:53
SiRiuS_	NOVNC	17:53
sdake	so not ssh	17:53
SiRiuS_	nope	17:53
SiRiuS_	ssh did not work	17:54
sdake	just as a side do you know how to access via ssh?	17:54
SiRiuS_	but I did not know that I had to set promiscuous mode to "allow-all" it's not in the kolla docs	17:54
sdake	nm we ca ntalk about that after ou finish :)	17:54
sdake	what is allow-all	17:54
SiRiuS_	I found out about promiscuous mode by reading through the OpenStack docs	17:54
*** achanda has joined #kolla		17:55
SiRiuS_	VirtualBox filters L2 traffic if promiscuous mode is set to deny	17:55
SiRiuS_	and Neutron needs to pass L2 traffic to the external network gateway	17:56
SiRiuS_	but even with promiscuous mode set to allow-all, it still did not work fully	17:56
SiRiuS_	I managed to connect from my host to the nova VMs	17:56
sdake	was this all in the context of vagrant or did you do it via the virtualbox ui first?	17:57
SiRiuS_	but the nova VMs could still not connect to the external network gateway, or to any other computer on the wireless network	17:57
SiRiuS_	first manually, without vagrant	17:57
sdake	where is the allow-all flag located?	17:57
SiRiuS_	Finally I read the VirtualBox docs	17:58
SiRiuS_	and the docs warned about Wi-Fi	17:58
SiRiuS_	where is it located in the docs?	17:58
sdake	that would be rockin if they have already documented it - we could put that in our docs	17:58
sdake	like how to get kolla running on virtualbox	17:59
SiRiuS_	I have virtualbox 5.0.14	17:59
sdake	me too	17:59
SiRiuS_	if you go to help -> contents	17:59
SiRiuS_	it opens up the docs	17:59
SiRiuS_	on page 101 it says about Wi-Fi promiscuous mode and Wi-Fi	18:00
SiRiuS_	there is a Note	18:00
sdake	reading - continue on :)	18:01
SiRiuS_	practically it is impossible to send unmodified packages from neutron to the wifi router	18:01
SiRiuS_	so using the physical network as the neutron_external_network is not posible	18:02
SiRiuS_	luckily VirtualBox has the concept of a NAT-Network	18:03
SiRiuS_	which is practically a private network with its own virtual router	18:03
sdake	familiar with that	18:03
sdake	i want to be able to ssh into my vm :)	18:04
sdake	do you know how to do that?	18:04
sdake	not the nova vm, the vm i created originally	18:04
SiRiuS_	so we use the virtual router as the gateway for neutron	18:04
SiRiuS_	sdake, what VM exactly?	18:05
sdake	i created a centos7 vm to install koll ain	18:05
sdake	the only way i can access this is via novnc which is annoying	18:05
sdake	i want to ssh into my vm	18:05
sdake	but it is a nat network setup with wireless	18:05
SiRiuS_	what interfaces do you have connected to the vm ?	18:05
sdake	a nat interface	18:06
SiRiuS_	you should do it like Vagrant does it, it is a very good setup	18:06
sdake	SiRiuS_ you arn't just teaching me, this is going in the docs	18:06
sdake	i dont understand vagrant too well unfortunately	18:06
SiRiuS_	you need a interface for internet connectivity	18:06
sdake	so a host bridged network?	18:07
SiRiuS_	then another/multiple interfaces for internal stuff (management, are tunnel, storage)	18:07
sdake	right	18:07
SiRiuS_	and another for the external network (which is usually the internet)	18:07
sdake	so 4 nics then?	18:08
SiRiuS_	a minimum of 3	18:08
sdake	lets say i'm not setting up kolla	18:08
sdake	i ust want centos vm to ssh into	18:08
SiRiuS_	1 for internet connectivity inside the vm	18:08
sdake	what does the network type have to be?	18:08
SiRiuS_	2 for management, gre, storage	18:08
SiRiuS_	3 for external neutron network	18:08
sdake	ya got all that	18:08
sdake	just want to focus on one thing at a time here :)	18:09
SiRiuS_	1 should be a simple NAT	18:09
sdake	how do you ssh into it then?	18:09
SiRiuS_	set port forward	18:09
sdake	is that a virtualbox option?	18:09
SiRiuS_	yup	18:09
sdake	sweet now we are getting somewhere	18:09
sdake	got a pointer in the docs on that?	18:09
SiRiuS_	select "Attached to NAT"	18:09
SiRiuS_	then click "Advanced"	18:09
SiRiuS_	then click on "Port Forwarding	18:10
SiRiuS_	create a rule	18:10
SiRiuS_	Name: SSH	18:10
SiRiuS_	Protocol: TCP	18:10
*** vhosakot has quit IRC		18:10
SiRiuS_	Host IP: 127.0.0.1	18:10
SiRiuS_	Guest IP: leave blank	18:11
SiRiuS_	Guest Port: 22	18:11
*** vhosakot has joined #kolla		18:11
SiRiuS_	now you can use ssh centos@localhost -p 2222	18:11
SiRiuS_	I forgot Host Port: 2222	18:11
SiRiuS_	you can use any port you like for the Host Port, just make sure is not used by other apps	18:12
sdake	right	18:12
SiRiuS_	you should be able to ssh into centos with no problems	18:13
SiRiuS_	with just one interface attached to NAT	18:13
SiRiuS_	and port forwarding set up	18:13
SiRiuS_	let me know if it works	18:14
sdake	is there a firewall to turn off?	18:16
SiRiuS_	also you should really give Vagrant a try, it's great, especially if you want to do multinode	18:16
SiRiuS_	I haven't touched any firewall settings	18:16
sdake	sweet it works!!	18:17
sdake	wow now i can do laptop dev of kolla	18:17
sdake	SiRiuS_ you rock!	18:17
SiRiuS_	:D	18:17
sdake	ok on to the other network setups :)	18:17
SiRiuS_	glad to be of help	18:17
sdake	how do i setup the other network interfaces?	18:18
SiRiuS_	so for NIC 2	18:18
SiRiuS_	go to virtualbox global preferences	18:19
SiRiuS_	there is a Network tab	18:19
sdake	yes very fmailiar with all this stuff	18:19
SiRiuS_	go there, then click on Host-Only networks	18:19
sdake	just could never get it to work	18:19
SiRiuS_	and create a default host-only network	18:20
sdake	vboxnet0	18:20
SiRiuS_	with DHCP enabled	18:20
SiRiuS_	yes	18:20
SiRiuS_	while you are here	18:20
SiRiuS_	you can also set up a NAT Network	18:21
SiRiuS_	from the NAT Networks tab	18:21
SiRiuS_	give it a name and change the default CIDR	18:21
SiRiuS_	very important to change the default CIDR	18:21
sdake	what should it be set to?	18:21
SiRiuS_	because it conflicts with the NAT interface you created earlier	18:21
sdake	10.0.3?	18:22
SiRiuS_	the default NAT of the first interface is 10.0.2.0/24	18:22
SiRiuS_	you can change the CIDR to 192.168.x.x	18:22
SiRiuS_	like 192.168.2.0/24	18:22
sdake	any port forwards?	18:23
SiRiuS_	and disable DHCP for the NAT Network,	18:23
SiRiuS_	when you want to access nova VMS	18:23
sdake	this will probably require its own document	18:23
sdake	lots of steps - don't want to overload the QSG	18:23
SiRiuS_	to access nova VMs you need to set a port forward for each of the floating IPs	18:24
SiRiuS_	they will live inside the NAT Network	18:24
SiRiuS_	they will have IP like 192.168.2.123	18:25
sdake	192.168.1.150?	18:25
sdake	rather 2.150?	18:25
SiRiuS_	yes	18:25
*** vishwanathj is now known as vishwanathj_away		18:25
SiRiuS_	depends on how you create them in neutron	18:25
sdake	host and gueest port are both 22?	18:25
sdake	init-runocne starts floats at 150	18:25
SiRiuS_	nope	18:25
SiRiuS_	you have to use other ports	18:25
SiRiuS_	guys is 22	18:26
SiRiuS_	but host must be something other than 22 or 2222 set earlier	18:26
sdake	i see	18:26
SiRiuS_	i use 5502 for 192.168.2.102	18:26
sdake	so host port should be 192.168.2.150 or guet ip?	18:26
SiRiuS_	5503 for 192.168.2.103	18:26
SiRiuS_	etc.	18:26
SiRiuS_	host port 5502..3..4..	18:27
SiRiuS_	host ip 127.0.0.1	18:27
SiRiuS_	you need to set guest ip (unlike the NAT adapter earlier)	18:27
SiRiuS_	Guest IP: 192.168.2.151	18:27
SiRiuS_	(150 will be the neutron router if init-runonce is used)	18:28
SiRiuS_	Guest port: 22	18:28
sdake	ok i have two forwards setup	18:28
sdake	whats next	18:29
SiRiuS_	click ok on everyhing	18:29
SiRiuS_	and run this	18:29
SiRiuS_	"VBoxManage list natnetworks"	18:29
SiRiuS_	inside the terminal	18:29
SiRiuS_	to see if the settings for the NAT Network are OK	18:30
sdake	http://paste.openstack.org/raw/491203/	18:31
sdake	doesn't look quite right	18:31
SiRiuS_	Rule 1:tcp:[127.0.0.2]:5551:[192.168.2.151]:22	18:31
SiRiuS_	it should be 127.0.0.1	18:32
sdake	yup fixed	18:32
sdake	now whats next ;)	18:32
* sdake likes learning :)		18:32
* sdake likes teaching too		18:32
SiRiuS_	question: can we ssh into the neutron router?	18:32
sdake	only if you enter the namespace i think	18:33
sdake	via ip netns exec	18:33
sdake	but that is a WAG tbh	18:33
SiRiuS_	i saw you made a rule for 192.168.2.150, and that is the router in init-runonce	18:33
SiRiuS_	well next we need to create new interfaces	18:34
SiRiuS_	and connect them to the networks we created	18:35
sdake	http://paste.openstack.org/raw/491204/	18:35
SiRiuS_	ssh:tcp:[127.0.0.1]:55502:[192.168.2.152]:22	18:35
SiRiuS_	no good	18:36
SiRiuS_	that port is way to high	18:36
sdake	oh typo	18:36
sdake	thanks	18:36
SiRiuS_	i recumbent 550x	18:36
sdake	ok fixed	18:36
SiRiuS_	if you are to have more floating IPs than 9	18:37
SiRiuS_	55XX rather	18:37
sdake	what do you mean recumbent	18:37
SiRiuS_	*recommend	18:38
sdake	got it	18:39
sdake	ok the final steps are which?	18:39
sdake	(btw this is all going in the docs as a separate doc - i'll add you as a coauthor since you figured all this stuff out :)	18:39
SiRiuS_	next we need to create new interfaces	18:39
SiRiuS_	(thanks :) )	18:39
sdake	adapter 2 should be setup how?	18:40
SiRiuS_	and connect them to the networks we created	18:40
SiRiuS_	for adapter 2 attach it to Host-only Adapter	18:40
SiRiuS_	with the name vboxnet0	18:40
sdake	and same deal for adapter 2 with nat network?	18:41
SiRiuS_	also I recommend setting the adapter type to virtio (for better performance)	18:41
sdake	rather adatper 3	18:41
SiRiuS_	virtio for all the adapters	18:41
sdake	all adapters paravirtualized	18:41
SiRiuS_	for adapter 3 we attach it to NAT Network	18:42
SiRiuS_	and also for the 3rd adapter set promiscuous mode to "Allow All"	18:42
sdake	and fire up the vm?	18:43
SiRiuS_	yup	18:43
SiRiuS_	should be ok	18:43
SiRiuS_	you still need to change globals.yml with the new settings	18:43
*** vhosakot has quit IRC		18:43
SiRiuS_	for deploying	18:44
sdake	ok I have an eth0 and eth1 an some other interfaces	18:45
SiRiuS_	you should have 3 interfaces inside CentOS	18:45
SiRiuS_	eth0 with an ip like 10.0.2.15	18:45
SiRiuS_	eth1 with an ip like 172.28.128.3	18:45
SiRiuS_	and ethic with no ip	18:46
SiRiuS_	*eth2	18:46
sdake	eth2 didn't get a dhcp address it appears	18:46
SiRiuS_	yes	18:46
sdake	rather eth1 i mean	18:46
SiRiuS_	it's good that way	18:46
SiRiuS_	eth1	18:46
sdake	eth2 isn't configured it all	18:46
SiRiuS_	needs an ip	18:46
SiRiuS_	make sure DHCP is on in the Host-only Network	18:47
SiRiuS_	eth2 needs no IP because it will be use by neutron for the external interface	18:47
sdake	right, i dont have an eth2, let me debug for a moment	18:48
sdake	what is this veth interfface	18:48
sdake	found the problem , one of my devices was intel rather then virtio	18:49
SiRiuS_	weird	18:49
SiRiuS_	it should not cause any problems	18:50
sdake	http://paste.fedoraproject.org/343095/84998301/ -> http://paste.fedoraproject.org/343095/84998301	18:50
sdake	looks right to me i think ;-)	18:51
sdake	globals.yml should look like what for the interfaces?	18:51
SiRiuS_	did you manually change the IPs for the Host-only network	18:52
SiRiuS_	because it is usually 172.28.128.0/24	18:52
sdake	i dont think i did, but i may have in the past	18:52
sdake	i looked and it is 192.168.56.1	18:52
sdake	for th eadapter ip	18:53
sdake	dhcp server is 192.168.56.100	18:53
SiRiuS_	oh, it's ok, mine was 172.28.128.0/24 by default	18:53
sdake	does that part matter?	18:54
sdake	what is eth1 used for, storage network and friends?	18:54
SiRiuS_	as long as the networks don't cross, it's fine	18:54
SiRiuS_	management, storage, gre tunnel	18:54
*** achanda has quit IRC		18:58
sdake	deploying atm	18:58
SiRiuS_	kolla_internal_vip_address: "192.168.56.254"	18:58
SiRiuS_	network_interface: "eth1"	18:59
SiRiuS_	neutron_external_interface: "eth2"	18:59
sdake	bummer i deployed on eth0 :(	18:59
SiRiuS_	:D	18:59
sdake	seems to be working tho ;)	18:59
SiRiuS_	well you will probably lose networking	19:00
sdake	so SiRiuS_ how did you figure all that out?	19:00
SiRiuS_	because eth0 is used for ssh	19:00
SiRiuS_	and neutron will mess it up	19:00
sdake	network_interface is the management network	19:00
SiRiuS_	yes	19:01
sdake	i dont think you really need 3 interfaces unless you want a storage network	19:01
*** dwalsh has quit IRC		19:01
SiRiuS_	eth1 is used for managemen+gre tunnel+storage (all in one)	19:02
SiRiuS_	eth0 is used only to have internet access inside the VM and to ssh to it	19:02
sdake	groan msg: The requested image does not exist: localhost:4000/kollaglue/centos-binary-neutron-metadata-agent:2.0.0	19:02
sdake	ya lost networking :(	19:03
SiRiuS_	eth2 is used by neutron to provide access to the nova VMs and to give them internet access	19:03
SiRiuS_	told you so :)	19:03
SiRiuS_	just reboot the VM	19:04
SiRiuS_	change neutron_external_interface to ethic	19:04
SiRiuS_	*eth2	19:04
sdake	oh i lost networking because i was out of juice	19:04
SiRiuS_	eth0 should not be used for anything	19:05
SiRiuS_	it's just a utility network, not relevant to OpenStack	19:05
sdake	ok	19:05
sdake	rebuilding neutron - just a moment	19:07
SiRiuS_	sdake, On how did I figure all that out: trial and error :))	19:09
sdake	SamYaple i'd like to see genpwd in prior to the branch if you can address the remaining comment	19:09
sdake	SiRiuS_ what are your thoughts on pain points related to kolla	19:10
SiRiuS_	sdake, it took me a while to figure out how to get neutron working on virtualbox on wifi	19:11
sdake	ok well that will be fixed shortly	19:11
SiRiuS_	had no idea I need to set promiscuous mode to "allow-all"	19:11
sdake	but thats a developer pain point - not really a real world use case ;)	19:12
SiRiuS_	for the neutron external interface	19:12
sdake	what about other pain points	19:12
SiRiuS_	well sdake, not just developer, because lots of people that will try kolla for the first time, will probably do it inside a VM	19:12
SiRiuS_	sdake, it is the easiest way to get started	19:12
sdake	right	19:12
sdake	i think the easiest way to get started is bare metal ;)	19:13
*** dims has joined #kolla		19:13
sdake	but people may be afraid kolla makes a mess of their system	19:13
sdake	used to devstack thinking	19:13
SiRiuS_	sdake, well bare metal is not always available, not everyone has a lab, or are willing to do i directly on their computer	19:14
*** sbezverk has quit IRC		19:14
sdake	ok acknowledged	19:14
sdake	anything else?	19:14
*** dims_ has quit IRC		19:14
SiRiuS_	hmm, maybe ceph	19:15
sdake	could you expand	19:15
SiRiuS_	I'm trying ceph as we speak	19:15
sdake	i hoep you read the docs first ;)	19:15
sdake	I thought ceph was pretty straightforward the first time i deployed it	19:15
SiRiuS_	I had to delete my VM because it got messed up by ceph :)	19:15
sdake	it edits /etc/fstab	19:16
SiRiuS_	well this is my first time, so maybe it will go smoothly the second time	19:16
SiRiuS_	ceph_erasure_profile is k=4 m=2	19:17
SiRiuS_	so I need 6 discs right ?	19:17
SiRiuS_	and with caching enable i need 12 ?	19:17
*** dims has quit IRC		19:17
SiRiuS_	6 with KOLLA_CEPH_OSD_BOOTSTRAP label	19:17
SiRiuS_	and 6 with KOLLA_CEPH_OSD_CACHE_BOOTSTRAP	19:18
sdake	hmm I haven't tried out erasure encoding since it was added	19:18
sdake	my lab has been demolished for about 3 months unfortunately so i have only 1 macine availble to me bare metal atm	19:18
sdake	SamYaple is your guy on ceph	19:18
*** mbound has joined #kolla		19:19
SiRiuS_	I'm curious about setting it up on one VM (all-in-one deployment)	19:21
sdake	curious as in the docs need improvement?	19:21
SiRiuS_	ceph osd pool set rbd size 1 (does 1 here signify the number of machines available for ceph ?)	19:22
sdake	1 = number of OSDs	19:22
sdake	or disks available in essence	19:22
sdake	iirc each disk gets an OSD	19:22
SiRiuS_	Oh, so i can set it to 6 if i have 6 disc in my VM	19:23
SiRiuS_	sdake, did you manage to deploy ?	19:23
sdake	i had to rebuild my neturon images	19:23
sdake	but in process of deploying now	19:23
sdake	then i'll ask for next steps ;)	19:24
SiRiuS_	ok	19:24
SiRiuS_	:D	19:24
sdake	it takes about 5 minutes to deploy on my vm	19:24
SamYaple	hola	19:26
SamYaple	i got pinged	19:26
SiRiuS_	sdake, I got something like this from docker exec ceph_mon ceph -s -> http://paste.openstack.org/show/491210/	19:26
sdake	yar - genpwd can you get that in prior to branch plz	19:26
sdake	and SiRiuS_ is looking for ceph support on AIO with erasure encoding	19:27
SamYaple	sdake: just needs a rework to urandom, right?	19:27
sdake	to SystemRandom I think	19:27
*** achanda has joined #kolla		19:27
sdake	should be same code	19:27
sdake	just different master class	19:27
SamYaple	os.urandom probably but yea	19:27
SamYaple	i can do that	19:27
sdake	SystemRandom uses os.urandom	19:27
sdake	but provides all the random() api calls	19:27
sdake	rather random class api calls	19:27
SamYaple	sdake: you seem to have a handle on this, do you want to take a crack at the patch?	19:28
sdake	Systemrandom inherits from random but overrides random() api call	19:28
sdake	i could update yours if you liek	19:28
sdake	its a 1 liner i think ;)	19:28
SamYaple	please do	19:28
SamYaple	havent looked at it at all today	19:28
sdake	ok - will be later tonight then	19:28
sdake	we are going to be on the road shortly	19:29
SamYaple	SiRiuS_: if you have AIO earasure coding, youll likely have to rekick your deploy to make this work	19:29
sdake	2 hour drie	19:29
SamYaple	the reason is you have to change the pool creation type	19:29
SamYaple	and you can't do that after the fact	19:29
SamYaple	SiRiuS_: just fyi though, you can't do erasure coding without a cache tier	19:29
SamYaple	SiRiuS_: ceph_erasure_profile: "k=4 m=2 ruleset-failure-domain=osd" <<< put that in your globals.yml	19:30
sdake	ok SiRiuS_ got a deploy	19:30
sdake	now init-runonce needs modification I assume?	19:30
SiRiuS_	sdake, yes	19:31
*** Jeffrey4l__ has joined #kolla		19:32
SiRiuS_	sdake, here is mine http://paste.openstack.org/show/491212/	19:32
SiRiuS_	the networking part	19:32
SiRiuS_	what is important is the part: start=192.168.2.101,end=192.168.2.200 public-net 192.168.2.0/24 --gateway 192.168.2.1	19:33
SiRiuS_	the gateway is the NAT-Network gateway	19:33
*** Jeffrey4l_ has quit IRC		19:33
SiRiuS_	SamYaple, the default is ceph_erasure_profile: "k=4 m=2 ruleset-failure-domain=host"	19:35
SiRiuS_	SamYaple, what does osd do if I change it to that?	19:35
SamYaple	SiRiuS_: you have a single host, youll never be able to get proper object placement without a MINIMUM of 3 hosts with that ruleset	19:36
SamYaple	or actually, 6 hosts	19:36
SiRiuS_	not even with 6 discs on my host?	19:36
SamYaple	changing the failure domain to osd means you only need 6 osds	19:36
SamYaple	no because the failure domain is hosts, not osds	19:36
SiRiuS_	OOOOh	19:36
SiRiuS_	got it	19:37
SiRiuS_	:)	19:37
SamYaple	but you have t orekick	19:37
SamYaple	you cant change that live	19:37
SiRiuS_	I'm starting fresh	19:37
SiRiuS_	SamYaple, sdake, that should be in the docs	19:38
SamYaple	SS	19:40
SamYaple	SiRiuS_: maybe. Its a ceph thing and its in the ceph docs	19:40
SamYaple	erasure coding with cache tiers is some advanced ceph stuff	19:40
SamYaple	ive made it easy in kolla, but its still advanced ceph stuff	19:41
SamYaple	we cant document everything	19:41
*** mbound has quit IRC		19:41
SiRiuS_	SamYaple, there is already some stuff about all-in-one, that why i suggested it	19:41
SamYaple	I rarely ever block docs patches S, you are free to write it	19:42
SiRiuS_	SamYaple, I looked over the ceph docs, and yes, it is quite advanced, thanks for making it easy :)	19:42
SiRiuS_	sdake, is everything working ?	19:44
sdake	SiRiuS_ seems to be	19:45
sdake	launching a vm now	19:45
SiRiuS_	tell me if you have internet access inside the VM	19:45
SiRiuS_	and if you can ssh into it	19:45
SiRiuS_	from your host	19:45
sdake	groan no valid host found	19:46
SiRiuS_	hmmm	19:47
sdake	why is that the only error that comes out of nova and is competely useless	19:47
sdake	oh i'm ina vm	19:47
sdake	let me reconfigure	19:47
sdake	hrm that didn't seem to work	19:52
sdake	itworked when i demoed it however	19:52
sdake	maybe the patch hasn't hit the repo	19:52
SamYaple	no valid host is likely a networking issue, or other resource issue	19:53
SamYaple	check scheduler and compute logs	19:53
SamYaple	it _will_ have the reason why	19:53
sdake	ther ei no hypervisor in nova hypervisor-list	19:53
SamYaple	check rabbitmq	19:53
sdake	there is no	19:53
sdake	well i just blew away my deploy	19:53
SiRiuS_	sdake, I suggest you start fresh with a blank VM	19:53
sdake	dont need a blank vm	19:53
sdake	just need to cleanup	19:54
sdake	thats the beuty of iolla - it makes no mess :)	19:54
SamYaple	it can make an uncleanup-able mess if you dont properly removed openvswitch between runs	19:54
SamYaple	just fyi	19:54
SamYaple	for bridge in $(docker exec -it openvswitch_vswitchd ovs-vsctl list-br); do for port in $(docker exec -it openvswitch_vswitchd ovs-vsctl list-ports ${bridge}); do docker exec -it openvswitch_vswitchd ovs-vsctl del-port ${bridge} ${port}; done; docker exec -it openvswitch_vswitchd ovs-vsctl del-br ${bridge}; done; ip a \| awk -F'\''[: ]'\'' '\''/^[0-9]/ {print $3}'\'' \| awk '\''/^q\|^tap/'\'' \| xargs -n1 ip l d dev; rmmod vport_vxlan openvswitch	19:55
SamYaple	youre welcome	19:55
SamYaple	or even;	19:56
SamYaple	for bridge in $(docker exec -it openvswitch_vswitchd ovs-vsctl list-br); do for port in $(docker exec -it openvswitch_vswitchd ovs-vsctl list-ports ${bridge}); do docker exec -it openvswitch_vswitchd ovs-vsctl del-port ${bridge} ${port}; done; docker exec -it openvswitch_vswitchd ovs-vsctl del-br ${bridge}; done; ip a \| awk -F'[: ]' '/^[0-9]/ {print $3}' \| awk '/^q\|^tap/' \| xargs -n1 ip l d dev; rmmod vport_vxlan openvswitch	19:56
sdake	i rebooted	19:56
sdake	i'd think a reboot would get the job done	19:56
SamYaple	sdake: if you want to cleanup inbteween runs, use that command above _BEFORE_ you tear down contaienrs	19:56
SamYaple	it will	19:57
SamYaple	but you ahve to reboot	19:57
sdake	already deploying :)	19:57
SiRiuS_	sdake, I recommend enabling shared folders in VirtualBox	19:57
sdake	this time with virt driver of qemu	19:57
SiRiuS_	and put your docker registry there	19:57
sdake	SiRiuS_ are ou usin qemu driver?	19:57
SiRiuS_	yes, that is the only way	19:58
SiRiuS_	I forgot about that :)	19:58
SiRiuS_	you HAVE to use qemu	19:58
sdake	/etc/kolla/config/nova/nova-compute.conf	19:58
SiRiuS_	in there, yes	19:58
sdake	as already documented	19:58
SiRiuS_	anyway, try to use shared folders in VIrtualBox, and put your docker images in there	19:59
SiRiuS_	that way, you can completely destroy a vm, without having to rebuild images	20:00
SiRiuS_	all of this stuff is done automatically by Vagrant, by the way :)	20:01
sdake	2016-03-20 20:01:55.177 1 ERROR nova.virt.libvirt.host [req-9a4357b7-037e-4ac2-9e8c-8505d06f606c - - - - -] Connection to libvirt failed: unable to connect to server at '192.168.56.101:16509': Connection refused	20:05
sdake	fantastic libvirt is in a restart loop	20:06
SiRiuS_	sdake, can i see the globals.yml and init-runonce ?	20:07
sdake	let me debug for a bit	20:07
sdake	[libvirt]	20:09
sdake	connection_uri = "qemu+tcp://192.168.56.101/system"	20:09
sdake	virt_type = qemu	20:09
SamYaple	sdake: dont set connection_uri	20:09
sdake	SiRiuS_ what does your file /etc/kolla/nova/nova.conf contain	20:09
SamYaple	it should get set properly	20:09
sdake	i am not setting it	20:09
SamYaple	oh ok	20:09
sdake	that is what is in /etc/kolla/nova/nova.conf	20:10
sdake	SamYaple shouldn't that be set to the haproxy ip?	20:10
*** vhosakot has joined #kolla		20:10
SamYaple	sdake: no	20:11
sdake	SiRiuS_ http://paste.fedoraproject.org/343126/85047251/ -> http://paste.fedoraproject.org/343126/85047251	20:12
sdake	SamYaple so its a SPOF?	20:12
sdake	well ya i guess libvirt would be	20:12
sdake	nm	20:12
SamYaple	sdake: is a compute node a SPOF?	20:12
SiRiuS_	[libvirt]	20:12
SamYaple	yea	20:12
SiRiuS_	connection_uri = "qemu+tcp://172.28.128.3/system"	20:12
SiRiuS_	virt_type = qemu	20:12
SiRiuS_	looks good sdake	20:13
sdake	ya well libvirt is in a restart loop - no idea why	20:13
sdake	because we have no libvirt logging	20:13
* sdake groans		20:13
sdake	is .3 yoru eth1?	20:14
SiRiuS_	yup	20:14
sdake	i wonder why my system is choosing 101	20:14
SiRiuS_	you had Host-Networking set up with DHCP giving address from 101 up	20:15
SiRiuS_	*Host-only Networking	20:15
SiRiuS_	mine is the default	20:15
SamYaple	sdake: we have libvirt logging	20:15
sdake	my ip address is not 101	20:15
sdake	http://paste.fedoraproject.org/343129/58504960/ -> http://paste.fedoraproject.org/343129/58504960	20:16
SiRiuS_	inet 192.168.56.101 netmask 255.255.255.0 broadcast 192.168.56.255	20:16
SiRiuS_	it says 101	20:16
sdake	oh right	20:17
sdake	brain not woring well today it appears ;)	20:17
SamYaple	btw sdake if you have a domain and want a cert for free https://hub.docker.com/r/samyaple/letsencrypt/	20:17
sdake	SamYaple where are the libvirt logs located	20:18
sdake	I dont' see anything in the heka container	20:18
SamYaple	in libvirt container	20:18
SamYaple	we havent moved them yet	20:18
sdake	right which is in a restart loop	20:18
SiRiuS_	sdake, by the way, because eth1 is a Host-only adapter, you can connect directly to IPs in the network 192.168.56.0/24	20:18
SiRiuS_	try and ping 192.168.56.101 from your host	20:18
SamYaple	get to them through /var/lib/docker sdake	20:18
sdake	good idea sam	20:19
sdake	2016-03-20 19:57:51.454+0000: 10137: error : virPidFileAcquirePath:422 : Failed to acquire pid file '/var/run/libvirtd.pid': Resource temporarily unavailable	20:19
sdake	well I wont even metnion what just happened	20:20
*** achanda has quit IRC		20:21
SiRiuS_	sdake, did you run out of free space ? :)	20:22
SamYaple	sdake: is libvirtd runing in the vm already	20:22
sdake	no i had libvirtd runnnig in my vm	20:22
SamYaple	lol	20:22
sdake	yah funny huh :)	20:22
SamYaple	prechecks!	20:22
sdake	i typically turn that off first step ;)	20:23
sdake	but i mad ehtis vm several weeks ago	20:23
SiRiuS_	sdake, :D told you to start fresh :)	20:23
*** achanda has joined #kolla		20:24
sdake	7 minutes until deploy :)	20:24
sdake	i'm so excited tho that going to be able to develop on a laptop	20:25
SamYaple	i got an accout with dreamhost today	20:25
sdake	who the hell knows when my lab will be back in order	20:25
SamYaple	im goign to start doing the blog thing	20:25
sdake	i use wordpress.com	20:25
sdake	but they are all likely teh same	20:25
SamYaple	this is using wordpress too	20:25
SamYaple	but its more than that	20:25
SamYaple	i got it because ayoung recommended it	20:26
sdake	ya blogging helpful to share your thoughts with people and create a record	20:26
ayoung	SamYaple, you on Twitter?	20:26
SamYaple	ayoung: no	20:26
SamYaple	its more "i dont rememebr how i fixed that a year ago"	20:26
ayoung	SamYaple, Ok, was going to point people at it, to include the Dreamhost folks	20:26
sdake	twitter is powerful if you know how to use it	20:26
ayoung	sdake, I think he meant the blog...	20:27
SamYaple	ayoung: i dont know how to twitter or facebook or social media	20:27
ayoung	sdake, I was watching some of your old Heat presentations...	20:27
sdake	my wife is a twitter pro	20:27
sdake	ayoung learn anything old ? :)	20:27
ayoung	sdake, heh...well, one question for you	20:27
sdake	sure	20:27
ayoung	how do I update a stack after deploy?	20:27
ayoung	like, say I want to ship a new policy file out to all the keystone servers?	20:28
ayoung	does Heat support that?	20:28
sdake	no idea - update came after I left the project	20:28
sdake	or a working implementation atlaets	20:28
sdake	shardy is your go to on that one	20:28
ayoung	Yeah, I'll bug him...but I have the same question on Kolla	20:28
SamYaple	ayoung: i saw that ML thread	20:28
sdake	ayoung you use reconfigure	20:29
ayoung	What happens if we want to publish a newe Policy file? Does that mean we need new containers?	20:29
SamYaple	ayoung: so basically we dont have a way to tweak policy file right now, but the infrastructure is there to do so	20:29
sdake	policy files are not yet configurable	20:29
SamYaple	ayoung: no, just container restart WHEN we configure them	20:29
ayoung	Cool. And how about the notification when something changes in Keystone?	20:29
SamYaple	ayoung: come newton release all of the paste/policy type files will be configurable, and then its just a container restart to do what you want	20:29
SamYaple	that is a bit trickier	20:30
sdake	ayoung i don't understand your last question	20:30
SamYaple	because we dont have a deploy service always running it would be up to the deployer to run a reconfigure task	20:30
ayoung	sdake, ok, flow is somethning like this	20:30
ayoung	I upload a new policy file to Keystone...no change yet	20:30
SamYaple	so technically keystone could trigger this task, but thats on the deploy to setup	20:30
ayoung	then, I associate that new policy file with glance. Now I want to update all the glance servers with the new policy file	20:31
ayoung	I can have Keystone send out a notification "policy for glance has changed"	20:31
ayoung	but who would listen for it (besides ceilometer that listens to everythigng) and make it happen?	20:31
sdake	ayoung I see - we dont have a daemon listening for oslo notifications at this time	20:32
sdake	but i'm sure its pretty easy to write - the issue is having a daemon running	20:32
ayoung	dake, so, I think that we are going to end up with Kolla as the Overcloud layer for Tripleo. I might push for it being the responsibility of the undercloud Heat server to do this	20:32
sdake	we haven't quite figured out the use cases for all that yet	20:32
ayoung	sdake, Kolla has no daemon at all, right?	20:33
sdake	ayoung no daemon	20:33
sdake	people have tried to add one in the past	20:33
ayoung	sdake, So we could write a simple Keystone listener that does that. There have been requests for something like that for autoprovisioning as well, but it sounds like Mistral is supposed to be the workflow kickoff thing...	20:33
sdake	but i think they didn't have a clear set of use cases of what the rest api should look like and how it should be secured	20:33
*** achanda has quit IRC		20:34
sdake	that creates a bit of a circular dep on keystone triggering kolla-ansible	20:34
*** dwalsh has joined #kolla		20:34
sdake	the right place for it is in kolla-ansible via a rest api	20:35
sdake	but to date, no rest api exists	20:35
ayoung	sdake, Well, Kolla could drive the initial setup, and then respond to notifications later	20:35
ayoung	I don;t think is should	20:35
sdake	rather not kolla-ansible	20:35
sdake	but kolla i mean	20:35
ayoung	We should push RH to Open up Tower and let that be the Ansible daemon	20:35
ayoung	I am sure that is coming	20:35
sdake	I think its wierd to have keystone run kolla commands :)	20:35
ayoung	Heh	20:35
sdake	ayoung i've pushed red hat around enough already :)	20:36
ayoung	more like Kolla respond to Keystone notifications, but yeah	20:36
sdake	ya that would be good, but then we are back at the kolla needs a a rest api discussion	20:36
sdake	here is the thing about a rest api	20:36
ayoung	sdake, I would be really surprised if an Open version of Tower was not announced at the RH summit	20:36
sdake	we dont want to make one unless there is a legitimate need	20:36
sdake	i think there is a need	20:37
sdake	others dont	20:37
sdake	its up in the air atm	20:37
ayoung	Agreed, and I don;t think we need one. But something listening to Keystone notifications that can then make ansible calls ... sounds like Heat business to me	20:37
sdake	you can't make ansible calls from python code	20:37
ayoung	Of couirse I can. I do it all the time	20:37
sdake	it viralizes the code base with gplv3	20:37
sdake	it has to be run as a subprocess	20:37
ayoung	Nah, popen is just fine	20:38
ayoung	agreed	20:38
sdake	right popen is accceptable	20:38
sdake	i thought you meant import ansible	20:38
ayoung	I personally have no problem with gplv3. This would be a stand alone listener.	20:38
ayoung	EIther way would work	20:38
ayoung	OK, so the piece I need Kolla to tell me is: if I trigger a policy update, here is what you do...	20:39
ayoung	and then I get Heat to kick that off in the Tripleo-Kolla future I envision	20:40
sdake	i suppose we would send a notification of either policy updates were successful or failed	20:42
sdake	a reconfigure can take about 1-2 minutes on bare metal	20:42
sdake	real1m6.037s	20:42
sdake	reconfigure in a vm	20:42
sdake	so its not immediate - have to wait for a response	20:42
sdake	i wrote the oslo port for heat	20:43
SamYaple	sdake: yaple.net	20:43
sdake	so i understand how notifications work	20:43
SamYaple	first post ^	20:43
*** vhosakot has quit IRC		20:44
sdake	SamYaple nice recommend deleting your hello world post ;)	20:44
SamYaple	i was thinking of leaving it	20:44
SamYaple	i specifcally talk about the way of ceph bootstraping with external journals fyi	20:45
sdake	the post before that one	20:46
sdake	you have two posts in your blog	20:46
SamYaple	i know	20:46
SamYaple	i was thinking of leaving the default one	20:46
sdake	i see	20:46
sdake	well whatever works :)	20:46
SiRiuS_	sdake, any update on the status of the deployment ?	20:47
SamYaple	even after typing up the steps, its crazy how few there are	20:47
*** TheBall has joined #kolla		20:48
ayoung	Nah, drop the Hello world post SamYaple it makes you look like a Muggle	20:48
SiRiuS_	SamYaple, I think I fount a bug in globals.yml related to ceph	20:49
SiRiuS_	SamYaple, ceph_use_cache: "yes" instead of ceph_enable_cache: "yes"	20:50
SamYaple	no post is going to tell me what to do ayoung!	20:50
SamYaple	SiRiuS_: thats patched already	20:50
SiRiuS_	oh	20:50
SiRiuS_	ok, I haven't updated	20:50
SamYaple	fine ayoung youve twisted my arm	20:50
*** The_Ball has quit IRC		20:51
ayoung	SamYaple, So I have been using a plugin for code that I like	20:53
ayoung	you are going to want soemthing for code samples	20:53
SamYaple	that is a plugin	20:53
SamYaple	syntaxhighlighter	20:53
SamYaple	is hte name of it	20:53
ayoung	Syntax Highlighter and Code Prettifier Plugin for WordPress	20:53
ayoung	yep	20:53
SamYaple	yea im using that there	20:54
* SamYaple is not a web guy at all.....		20:54
ayoung	Sam so, if you are using that one, the way I do it is (in text view) <pre class="brush:bash"> stuff </pre>	20:55
ayoung	Your might be better integrated...	20:55
SamYaple	i did something. i did <pre>[bash]bash code[/bash]</pre>	20:56
SamYaple	it has other languages too	20:56
ayoung	Nice	20:56
SamYaple	the [bash] block i wrote out and it just translates it it appears	20:56
*** sdake has quit IRC		20:56
ayoung	SamYaple, the one gotcha I have found is that I often need to replace < and > inside the code with < and >	20:57
SamYaple	ayoung: let me test that	20:57
SamYaple	well no ayoung i have => in the ansible blocks	20:58
SamYaple	it rendered fine	20:58
ayoung	SamYaple, Yeah, it is not an all the time thing. It is more the < that messes up the rendering, but you will catch it in preview	20:58
SamYaple	gotcha	20:58
SamYaple	will watch out for it	20:59
*** sdake has joined #kolla		21:12
sdake	SiRiuS_ my instance build timed out	21:12
sdake	ayoung maybe I don't get it, but why bother having an under and overcloud	21:14
sdake	why not just one cloud - two layers seems more complex and prone to failure	21:14
ayoung	sdake, I was not part of that decision	21:14
ayoung	sdake, however, I think the idea is that you need something to manage the cluster of hardware, separate from the services running on it. And Ironic was that.	21:15
SamYaple	ayoung: excuses excuses	21:15
SiRiuS_	sdake, what do you mean by instance build? nova VMs ?	21:15
sdake	i think ironic can be made to run in one cloud	21:15
ayoung	Since the services running the undercloud are not exposed to end users, there is less pressure to keep them up-to-date security wise...you can fix them at a different cycle	21:15
sdake	SiRiuS_ yes	21:16
ayoung	sdake, what I would love to see is Tripleo supporting multiple overclouds on a single undercloud. Then the whole thing would make a lot more sense to me	21:16
SiRiuS_	sdake, weird, I never had trouble with nova	21:16
SamYaple	ayoung: agree there	21:17
SiRiuS_	can you please upload globals.yml and init-runonce	21:17
ayoung	And I would love the OverCloud to be Kolla. So, I'm going to be pushing for that	21:17
sdake	i like ironic, and I think it can be made to work in a hybrid mode where it does bare metal deploy for cloud operators	21:18
SiRiuS_	sdake, did you deploy binary ?	21:19
sdake	yup	21:19
SiRiuS_	sdake, does horizon work?	21:20
SiRiuS_	on 192.168.56.254	21:21
sdake	not from my mac	21:21
SiRiuS_	well, it should work	21:21
SiRiuS_	can you ping 192.168.56.101 ?	21:22
sdake	SiRiuS_ it works within the vm	21:22
sdake	but not outside the vm	21:22
SiRiuS_	it should work from the mac as well	21:22
SiRiuS_	that's the idea behind Host-only networking	21:22
sdake	connectoin refused	21:23
SiRiuS_	there is something wrong with eth1	21:23
sdake	possibly a firwall issue	21:24
sdake	turned off firewall - no go	21:25
sdake	i see the vboxnet0 on the host	21:26
SiRiuS_	i can ping both the VM ip on eth1 and the VIP	21:26
sdake	vboxnet0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1500	21:27
sdake	ether 0a:00:27:00:00:00	21:27
sdake	inet 192.168.56.1 netmask 0xffffff00 broadcast 192.168.56.255	21:27
sdake	well with that i can make a good start at the docs for setting up virtualbox	21:28
sdake	sans vagrant	21:28
SiRiuS_	it looks good	21:28
SiRiuS_	can you ping 192.168.56.1	21:29
SiRiuS_	?	21:29
sdake	yes and also 101	21:29
SiRiuS_	can you ping 192.168.56.254	21:29
SiRiuS_	?	21:29
SiRiuS_	from the mac	21:30
sdake	i can also ssh into 101	21:30
sdake	so I dont think the first interface is necessary at all	21:30
sdake	only need the two interfaces	21:30
sdake	eth1 and eth2	21:30
SiRiuS_	sdake, you would be wrong :)	21:30
sdake	possible could you expand	21:30
SiRiuS_	without the first one, you would not have internet inside the VM	21:30
SiRiuS_	Host-only network is just that	21:31
sdake	no route out huh	21:31
sdake	got it	21:31
SiRiuS_	"host-only"	21:31
SiRiuS_	can you ping 192.168.56.254 ?	21:32
sdake	.254 responds to ping	21:32
sdake	253 does not respond to pign	21:32
SiRiuS_	well should it? I don't think you should have anything on 253	21:33
*** dwalsh has quit IRC		21:33
sdake	nope it shouldn't	21:33
sdake	i didn't expect 254 to respond to ping either	21:33
sdake	since 254 is a vip to haproxy	21:33
SiRiuS_	254 attaches to eth1: inet 172.28.128.254/32 scope global eth1	21:35
SiRiuS_	run ip addr	21:35
SiRiuS_	inside the vm	21:35
SiRiuS_	try to connect to horizon	21:35
SiRiuS_	192.168.56.254 in your web browser	21:36
SiRiuS_	it should work	21:36
sdake	yes i did try that	21:39
sdake	it works inside vm but not on mac host	21:39
sdake	but i turnedoff the firwall, i am going to reboot the vm	21:40
*** rstarmer has joined #kolla		21:40
sdake	and try a fresh deploy	21:40
SiRiuS_	so you can ping 192.168.56.254 from the mac but can't connect to horizon on 192.168.56.254 from the mac	21:40
SiRiuS_	that is not normal	21:40
sdake	right	21:42
sdake	which webbrowser do you use?	21:42
SiRiuS_	safari	21:42
sdake	i am thinking its the firewall - mcffree endpoint protection	21:42
SiRiuS_	disable all firewall on hot & VM	21:43
SiRiuS_	*host	21:43
sdake	ya was the vm firewall	21:44
sdake	doing fresh deploy	21:44
sdake	possibly reason my vm was stuck not starting as well	21:44
SiRiuS_	probalby	21:45
sdake	when i worked on corosync firewall was problem #1, #2, and #3 in most cases ;)	21:46
SiRiuS_	remember to disable it not just stop it, because you will probably forget to stop it again after a reboot	21:47
SiRiuS_	:)	21:47
openstackgerrit	Ryan Hallisey proposed openstack/kolla: Improve openstack-base image for centos binary https://review.openstack.org/295048	21:47
sdake	ya i alread ydid that	21:47
sdake	SiRiuS_ hae ou tried other deployment tools	21:50
SiRiuS_	sdake, nope, I looked at the options, and basically kolla was the only one for me, because of docker	21:51
sdake	could you expand on that	21:52
SiRiuS_	the idea of deploying and then cleaning up sound like the best thing for me	21:52
SiRiuS_	not dirtying the OS is what I like	21:53
sdake	yup horizon is working from the mac now	21:53
sdake	\o/	21:53
SiRiuS_	see if you can crete a nova instance	21:53
sdake	2016-03-20 21:39:13.749 1 ERROR nova.compute.manager [req-77362aa1-788a-489d-b44d-1d703e6c12d4 6ad2a7a93a664144a43f297262012ac6 33cec6588a1145bb9bd2b66fb8dbf522 - - -] Instance failed network setup after 1 attempt(s)	21:57
sdake	which nova boot operation are you using?	21:57
SiRiuS_	directly from horizon	21:57
sdake	never done that	21:58
sdake	i dont see a create instance operation	21:59
sdake	nm got it	21:59
*** rstarmer has quit IRC		22:01
sdake	nope doesn't work from horizon	22:02
*** asalkeld has joined #kolla		22:05
SiRiuS_	with the same error ?	22:05
sdake	no it doens't get that far	22:06
sdake	horizon errors out immediately	22:06
sdake	i am going to try booting with heat	22:06
sdake	since sam fixed that and tested it boots there	22:06
SiRiuS_	what does it say ?	22:06
sdake	not sure i hae to redeploy	22:06
sdake	since its a bootstrap chane	22:07
*** achanda has joined #kolla		22:07
sdake	bbin10mins	22:08
SamYaple	rhallisey: i commented on your centos-binary openstack-base patch with my oneliner (changed for centos)	22:11
*** vhosakot has joined #kolla		22:11
sdake	back	22:17
sdake	SamYaple i just tested your patch and stack create fails	22:19
sdake	\| steak \| 0c26741b-2eaa-4eef-98ff-4faef523fb17 \| Authorization failed. \| CREATE_FAILED \| 2016-03-20T22:02:00 \|	22:20
sdake	http://paste.fedoraproject.org/343157/51253414/ -> http://paste.fedoraproject.org/343157/51253414	22:22
sdake	SamYaple endpoints ^^	22:22
sdake	nova boot with a --nic net-id= also fails to complete	22:26
*** akwasnie has joined #kolla		22:26
*** akwasnie has left #kolla		22:27
SamYaple	sdake: you should probably look into that second one	22:28
SamYaple	but the auth failed seems liek a trust thing	22:28
sdake	[sdake@localhost heat]$ nova boot --image cirros --flavor m1.small --nic net-id=c01aea0d-9c5a-4d0e-8220-2c6ae35fa29e steak	22:28
sdake	ERROR (ConnectFailure): Unable to establish connection to http://192.168.56.254:8774/v2/4d6e71ec5325427ebc9e939bf8959106/servers	22:28
SamYaple	im not using trusts	22:28
sdake	i should look into which second one	22:28
SamYaple	?	22:29
sdake	the nova boot fails or heat fails	22:29
SamYaple	nova boot	22:29
sdake	ya no idea why that happens	22:29
sdake	i can telnet to the server just fine	22:29
*** Marga_ has quit IRC		22:30
sdake	nova boot without --nic net-id ends up in failed state as well	22:31
SamYaple	wait without?	22:32
SamYaple	net-id is requied	22:32
SamYaple	oh nvm	22:32
SamYaple	reread	22:32
sdake	nova will boot without --nic netid=	22:33
sdake	but it fails to boot	22:33
sdake	can't allocate networks	22:33
SamYaple	right	22:33
sdake	although you have to dig through the logs to find the one line that says that	22:34
sdake	i dont understand why nova can't fix these basic things	22:34
sdake	you think if tht is what the problem was it woud be reported by nova show	22:35
sdake	but nova boot --nic net-id= completely bombs as well	22:35
sdake	how do you boot a vm SamYaple ?	22:35
SamYaple	here is the command i normally use	22:36
SamYaple	openstack server create --image $(openstack image list \| awk '/trusty/ {print $2;exit}') --nic net-id=$(openstack network list \| awk '/internal/ {print $2;exit}') --flavor 4 --key-name sam sy-test01	22:37
sdake	http://paste.fedoraproject.org/343161/14585134/ -> http://paste.fedoraproject.org/343161/14585134	22:37
sdake	[sdake@localhost heat]$ openstack server create --image cirros --nic net-id=c01aea0d-9c5a-4d0e-8220-2c6ae35fa29e --flavor m1.small steak	22:39
sdake	looks like same story	22:39
sdake	can you paste your openrc?	22:39
SamYaple	sdake im not sure your keystone is working	22:40
SamYaple	can you `openstack token issue`	22:40
sdake	that returns something	22:40
sdake	http://paste.fedoraproject.org/343163/85136821/ -> http://paste.fedoraproject.org/343163/85136821	22:41
SamYaple	do you have a compute endpoint?	22:41
*** rhallisey has quit IRC		22:41
sdake	http://paste.fedoraproject.org/343164/13716145/ -> http://paste.fedoraproject.org/343164/13716145	22:42
sdake	yes admin public and internal	22:42
sdake	i can also telnet to port 8774	22:42
sdake	and get a reponse back in if i type nonsense	22:42
SamYaple	nova service-list is all good i assume?	22:43
SamYaple	you did the normal trobuleshooting	22:43
SamYaple	8774 telnet would be from haproxy	22:43
sdake	service list looks good	22:43
sdake	http://paste.fedoraproject.org/343165/51384214/ -> http://paste.fedoraproject.org/343165/51384214	22:44
sdake	this worked for me last week	22:44
sdake	but i was on bare metal	22:44
sdake	i am in a vm atm	22:44
*** rhallisey has joined #kolla		22:44
SamYaple	idk man	22:44
*** Marga_ has joined #kolla		22:46
sdake	http://paste.fedoraproject.org/343166/14585140/ -> http://paste.fedoraproject.org/343166/14585140	22:47
sdake	check out the end of that log	22:47
SamYaple	yup seems like a rabbitmq issue	22:50
SamYaple	remember the ip has to resolve to the hostname	22:50
SamYaple	not localhost	22:51
SamYaple	if you want to merge this patch it would have caught it..... https://review.openstack.org/#/c/287969/	22:51
*** Marga_ has quit IRC		22:51
sdake	so /etc/hosts should resolve localhost to which ip then 254?	22:51
SamYaple	i dont know your schema	22:52
sdake	254 is my floating ip	22:52
sdake	56.101 is my management network	22:52
SamYaple	no, your hostname should never resolve to your vip	22:52
sdake	bbi10min	22:57
sdake	with a properly setup /etc/hosts file	22:57
sdake	and hostname	22:58
openstackgerrit	Andrei-Lucian Șerb proposed openstack/kolla: Attach external NIC to a NAT-Network if on Wi-Fi https://review.openstack.org/294340	23:03
*** sdake has quit IRC		23:09
openstackgerrit	Sam Yaple proposed openstack/kolla: Update to latest stable versions https://review.openstack.org/295050	23:09
openstackgerrit	Sam Yaple proposed openstack/kolla: Split versions onto new line https://review.openstack.org/295051	23:09
openstackgerrit	Andrei-Lucian Șerb proposed openstack/kolla: Attach external NIC to a NAT-Network if on Wi-Fi https://review.openstack.org/294340	23:10
*** sdake has joined #kolla		23:11
SiRiuS_	sdake, I did the modification to the patch	23:13
sdake	SiRiuS_ cool thanks :)	23:13
*** Marga_ has joined #kolla		23:13
openstackgerrit	Sam Yaple proposed openstack/kolla: Update version pins for mitaka https://review.openstack.org/295052	23:17
*** vhosakot has quit IRC		23:17
*** Marga_ has quit IRC		23:20
*** Marga_ has joined #kolla		23:21
sdake	SamYaple this is with my hostname set	23:22
sdake	http://paste.fedoraproject.org/343174/45851615/ -> http://paste.fedoraproject.org/343174/45851615	23:22
sdake	rabbitmq doesn't have much interesting in the way of logs	23:22
openstackgerrit	Sam Yaple proposed openstack/kolla: Update version pins for mitaka https://review.openstack.org/295052	23:23
openstackgerrit	Sam Yaple proposed openstack/kolla: Split versions onto new line https://review.openstack.org/295051	23:23
*** alisonh has quit IRC		23:38
sdake	SiRiuS_ which distro are you on	23:41
*** dave-mcc_ has joined #kolla		23:41
SiRiuS_	centos 7	23:41
sdake	source or binary ?	23:41
SiRiuS_	source	23:41
*** alisonh has joined #kolla		23:42
sdake	what is in your /etc/hosts file	23:43
*** dave-mccowan has joined #kolla		23:43
SiRiuS_	sdake, http://paste.openstack.org/show/491216/	23:44
sdake	what about when you did a manual setup?	23:45
sdake	do you recall?	23:45
*** vhosakot has joined #kolla		23:45
sdake	can you paste our ifconfig?	23:45
sdake	fpaste /etc/ifconfig	23:45
sdake	rather	23:45
sdake	ifconfig \| fpaste	23:45
*** dave-mcc_ has quit IRC		23:46
SiRiuS_	sdake, http://paste.fedoraproject.org/343179/14585180/ -> http://paste.fedoraproject.org/343179/14585180	23:53
sdake	SiRiuS_ can you paste your openrc plz	23:58
SiRiuS_	sdake, I didn't touch /etc/hosts when I did manual setup, iirc	23:58
SiRiuS_	http://paste.fedoraproject.org/343181/58518357/ -> http://paste.fedoraproject.org/343181/58518357	23:59

Generated by irclog2html.py 2.14.0 by Marius Gedminas - find it at mg.pov.lt!