Monday, 2021-05-10

« Sunday, 2021-05-09 Index Tuesday, 2021-05-11 »
openstackgerritIan Wienand proposed openstack/diskimage-builder master: containerfile: automatically search for distro docker files  https://review.opendev.org/c/openstack/diskimage-builder/+/79036200:41
*** pongboom2 has quit IRC00:57
openstackgerritMerged openstack/diskimage-builder master: Install epel-release from URL  https://review.opendev.org/c/openstack/diskimage-builder/+/77265201:28
openstackgerritMerged openstack/diskimage-builder master: Add containerfile element  https://review.opendev.org/c/openstack/diskimage-builder/+/70008301:50
*** ysandeep|away is now known as ysandeep|SL02:07
openstackgerritIan Wienand proposed openstack/diskimage-builder master: Add fedora-containerfile element  https://review.opendev.org/c/openstack/diskimage-builder/+/79036502:16
*** hemanth_n has joined #opendev02:49
openstackgerritIan Wienand proposed opendev/glean master: Remove Fedora 32 job  https://review.opendev.org/c/opendev/glean/+/79036803:35
openstackgerritIan Wienand proposed openstack/diskimage-builder master: Add fedora-containerfile element  https://review.opendev.org/c/openstack/diskimage-builder/+/79036503:36
openstackgerritIan Wienand proposed openstack/diskimage-builder master: Add fedora-containerfile element  https://review.opendev.org/c/openstack/diskimage-builder/+/79036503:38
*** ykarel has joined #opendev04:21
openstackgerritIan Wienand proposed openstack/diskimage-builder master: containerfile: automatically search for distro docker files  https://review.opendev.org/c/openstack/diskimage-builder/+/79036204:25
openstackgerritIan Wienand proposed openstack/diskimage-builder master: Add fedora-containerfile element  https://review.opendev.org/c/openstack/diskimage-builder/+/79036504:25
openstackgerritIan Wienand proposed openstack/diskimage-builder master: dib-lint: match text/x-script.python  https://review.opendev.org/c/openstack/diskimage-builder/+/79036904:34
*** ralonsoh has joined #opendev05:03
*** swest has joined #opendev05:09
*** marios has joined #opendev05:12
*** stevebaker has quit IRC05:15
*** stevebaker has joined #opendev05:22
openstackgerritIan Wienand proposed openstack/diskimage-builder master: containerfile: automatically search for distro docker files  https://review.opendev.org/c/openstack/diskimage-builder/+/79036205:36
openstackgerritIan Wienand proposed openstack/diskimage-builder master: Add fedora-containerfile element  https://review.opendev.org/c/openstack/diskimage-builder/+/79036505:36
*** slaweq has joined #opendev06:23
*** sboyron has joined #opendev06:46
*** amoralej|off is now known as amoralej06:53
*** avass has joined #opendev07:17
*** andrewbonney has joined #opendev07:19
*** slaweq has quit IRC07:21
*** slaweq has joined #opendev07:23
*** hashar has joined #opendev07:28
openstackgerritIan Wienand proposed openstack/diskimage-builder master: Add fedora-containerfile element  https://review.opendev.org/c/openstack/diskimage-builder/+/79036507:29
*** tosky has joined #opendev07:36
*** felixedel has joined #opendev07:43
*** rpittau|afk is now known as rpittau07:48
*** mgoddard has joined #opendev07:52
*** jpena|off is now known as jpena07:55
*** ykarel is now known as ykarel|lunch07:58
*** kopecmartin has quit IRC08:10
*** fressi has joined #opendev08:14
*** fressi has quit IRC08:15
*** fressi has joined #opendev08:20
*** dpawlik has quit IRC08:21
*** fressi has quit IRC08:21
*** fressi has joined #opendev08:22
*** kopecmartin has joined #opendev08:25
*** fressi has quit IRC08:27
*** dpawlik1 has joined #opendev08:28
*** dtantsur|afk is now known as dtantsur08:42
*** ykarel|lunch has quit IRC08:42
*** ykarel_ has joined #opendev08:42
*** ykarel_ has quit IRC08:43
*** ykarel_ has joined #opendev08:43
*** whoami-rajat has joined #opendev08:46
*** ykarel_ is now known as ykarel08:46
*** hemanth_n has quit IRC08:46
*** hemanth_n has joined #opendev08:51
*** sshnaidm|afk is now known as sshnaidm09:08
openstackgerritCarlos Gonçalves proposed openstack/diskimage-builder master: Auto find greatest Fedora cloud image sub-release  https://review.opendev.org/c/openstack/diskimage-builder/+/75599209:14
*** lpetrut has joined #opendev09:27
*** pongboom has joined #opendev09:28
zigofungi: ianw: clarkb: Looks like Bullseye is working now, thanks a lot for your help and patience.10:21
*** hemanth_n has quit IRC10:57
*** hemanth_n has joined #opendev10:58
*** kopecmartin has quit IRC11:01
*** dpawlik1 has quit IRC11:03
*** kopecmartin has joined #opendev11:08
*** dpawlik0 has joined #opendev11:10
*** jpena is now known as jpena|lunch11:26
*** dpawlik0 is now known as dpawlik11:56
*** hemanth_n has quit IRC12:10
*** jpena|lunch is now known as jpena12:27
fungizigo: great! there are a lot of moving parts, and it's harder when the distro version isn't released yet12:30
*** amoralej is now known as amoralej|lunch12:31
*** lourot has quit IRC13:06
*** amoralej|lunch is now known as amoralej13:24
*** lourot has joined #opendev13:25
*** tosky_ has joined #opendev13:27
*** tosky has quit IRC13:27
*** tosky_ is now known as tosky13:27
*** marios is now known as marios|call13:28
*** ykarel_ has joined #opendev13:31
*** ykarel has quit IRC13:31
*** ykarel_ is now known as ykarel13:32
*** vishalmanchanda has joined #opendev13:37
*** marios|call is now known as marios13:46
*** lourot has quit IRC13:47
*** lourot has joined #opendev13:49
*** artom has joined #opendev13:51
*** lpetrut has quit IRC14:22
*** mlavalle has joined #opendev15:03
clarkbI've realized there is a fun chicken and egg with switching the zuul scheduler. And that is dns15:05
clarkbwe need to update the zuul.o.o CNAME from zuul01.openstack.org to zuul02.opendev.org when we get there and that typically relies on zuul :)15:05
clarkbI'm going to start booting the new instance shortly, but thought I'd mention that in case anyone had good ideas for dealing with it15:05
clarkbOne thought I had was testing the queue dump and restore (as much as possible) works using the actual host fqdn and not the cname. If that works then we probably don't need to worry about dns too much in the switch itself, then can ensure dns is updated afterwards15:06
fungii'd say merging the dns change and waiting for it to deploy would be the first step in the upgrade maintenance15:06
clarkbya that is another option15:06
clarkbwhen I launch the new zuul I'll use a modified make_swap.sh that applies the ephemeral disk to the zuul log dir15:07
fungialso the queue state backups in /var/lib/zuul/backup/ seem to only cover the openstack tenant15:09
clarkbok I usually run it manually anyway. Also I suspect I may need to sed the resulting file to change hostnames since dns will be weird :)15:19
clarkbthe instance is booting now. I'll double check /var/log/zuul looks good after it boots before I do anything else. Then if that is happy I'll push up a bunch of changes that add it to inventory, update dns, etc etc15:20
clarkbwe should be able to safely update dns to add zuul02.opendev.org and add the server to inventory so that it gets configured as a non running zuul scheduler. Then we can work through the steps for the maintenance15:21
clarkbI should probably also ensure that the zuul.o.o (for opendev and openstack) CNAMEs have ttls of 30015:21
*** amoralej is now known as amoralej|off15:46
*** hashar is now known as hasharDinner15:47
clarkbanyone know if the key under letsencrypt-certs needs to be unique per host15:47
clarkbfor example can I have a zuul-opendev-main under zuul01.openstack.org and zuul02.opendev.org?15:48
clarkbI'm beginning to suspect that I can't since that is used to track data onto other hosts15:49
clarkband it won't know whats what if it is done that wy?15:49
openstackgerritClark Boylan proposed opendev/zone-opendev.org master: Add zuul02  https://review.opendev.org/c/opendev/zone-opendev.org/+/79048015:52
openstackgerritClark Boylan proposed opendev/system-config master: Add zuul02 to inventory  https://review.opendev.org/c/opendev/system-config/+/79048115:54
openstackgerritClark Boylan proposed opendev/zone-opendev.org master: Swap zuul.opendev.org CNAME to zuul02.opendev.org  https://review.opendev.org/c/opendev/zone-opendev.org/+/79048215:57
openstackgerritClark Boylan proposed opendev/zone-opendev.org master: Reset zuul.o.o CNAME TTL to default  https://review.opendev.org/c/opendev/zone-opendev.org/+/79048315:57
*** ykarel has quit IRC15:57
*** marios is now known as marios|out16:00
openstackgerritClark Boylan proposed opendev/system-config master: Clean up zuul01 from inventory  https://review.opendev.org/c/opendev/system-config/+/79048416:01
*** rpittau is now known as rpittau|afk16:03
clarkbI think the rough plan is something like land https://review.opendev.org/c/opendev/zone-opendev.org/+/790480 and https://review.opendev.org/c/opendev/system-config/+/790481. Then check zuul02 looks the way we expect it to. When we are happy with its state we land https://review.opendev.org/c/opendev/zone-opendev.org/+/790482 then dump queues on zuul01, stop zuul on all servers, manually run name16:04
clarkbservers playbook to update dns, manually run playbook to update gearman server value for all executors and mergers (similar to how I updated zk servers), start zuul again, restore queues16:04
clarkbinfra-root if you can look that over that would be great16:04
*** marios|out has quit IRC16:04
clarkbone thing we might consider doing is updating the gearman server value to zuul.opendev.org now then we don't need to change its value when things are off16:04
clarkbbut we weren't doing that already so not sure if there is a reason not to16:05
clarkbI wonder, does zuul support connecting to multiple gearman servers too? that might be another option16:07
clarkbthen we just have to ensure only one is ever available at a time16:07
openstackgerritClark Boylan proposed opendev/system-config master: Small playbook to update zuul gearman server  https://review.opendev.org/c/opendev/system-config/+/79048716:14
clarkbthat playbook should work for doing the config swap. Its a bit weird bceause server= matches a lot of lines but it seems server=zuul01.openstack.org is unique to the gearman ini section16:14
clarkbI can test that manual playbook too against a single executor and a single merger then revert them back again if we want to go that route16:17
corvusclarkb: i don't think zuul supports >1 geard16:18
corvus+connecting to+16:18
clarkbcorvus: ok, in that case https://review.opendev.org/c/opendev/system-config/+/790487 is probably sufficient and we can run that when things are off16:18
corvusya16:19
clarkbI'm going to test dumping queues using zuul01.openstack.org instead of zuul.opendev.org as the hostname. Then if that works we should be able to update the result to talk to zuul02.opendev.org and not worry about dns16:21
clarkband then maybe I should put all this in a doc to keep it straight16:21
*** lourot has quit IRC16:22
clarkband that doesn't work because ssl. We don't put the host's name as an altname in there16:22
clarkbin that case I think I need to change the order of operations above slightly /me moves that into an etherpad16:23
fungiinteresting, i thought for le we defaulted to including the inventory fqdn as an altname16:23
fungioh, this is the zuul ca though, yeah?16:23
clarkbfungi: no this is talking to https not gearman/zk. its based on what we put in the inventory files16:24
clarkbhttps://review.opendev.org/c/opendev/system-config/+/790481 illustrates the LE config16:24
clarkband we idnd't do the host as an altname previously so that chagne doesn't either16:24
fungigot it, i guess we just did that for other systems16:25
clarkbhttps://etherpad.opendev.org/p/opendev-zuul-server-swap16:25
*** d34dh0r53 has quit IRC16:26
*** ralonsoh has quit IRC16:27
fungiif ansible isn't putting a le cert on there yet, we won't be able to start apache16:28
clarkbfungi: landing https://review.opendev.org/c/opendev/system-config/+/790481 should configure everything on zuul02 except for starting zuul services. We can double check everything there at that point too16:29
clarkb(reviewers should check my assertion that zuul services won't be started too)16:29
fungido you want to add a _acme-challenge.zuul02 in 790480 to ease future transitions?16:30
*** d34dh0r53 has joined #opendev16:30
clarkbfungi: I suspect we may have servername updates that need to happen in apache as well. I think we can probably do that as a followup if we want it?16:31
fungisimilar to how etherpad is set up16:31
fungiyeah, just didn't know if you wanted to reduce the amount of dns churn for that16:31
clarkbfor now i'm mostly just sticking to how the old server was set up16:32
fungiexcept on a different domain16:32
fungimakes sense16:32
clarkbright16:32
fungii think the le setup was fiddly because we were still using the old domain for the inventory16:33
funginow the only thing which will need to survive in the openstack.org domain for it is the whitelabel site cname and accompanying le cname16:33
clarkbyup16:34
clarkbok https://etherpad.opendev.org/p/opendev-zuul-server-swap should be fairly complete now. Please point out missing steps if you can think of them16:43
clarkbfwiw I'm also not in a super rush to get all this in beacuse I'm out a good chunk of tomorrow. Then depending on how I'm feeling hopeflly can make progress wednesday. If not wednesday then thursday seems likely16:50
*** fungi has quit IRC16:57
*** jpena is now known as jpena|off16:59
*** andrewbonney has quit IRC17:09
*** dtantsur is now known as dtantsur|afk17:19
*** fungi has joined #opendev17:34
*** sshnaidm is now known as sshnaidm|afk18:17
*** fungi has quit IRC18:54
*** fungi has joined #opendev18:59
*** rchurch has joined #opendev19:03
*** fungi has quit IRC19:20
*** rchurch has quit IRC19:24
*** fungi has joined #opendev19:29
openstackgerritAde Lee proposed zuul/zuul-jobs master: Add role to enable FIPS on a node  https://review.opendev.org/c/zuul/zuul-jobs/+/78877820:03
*** lourot has joined #opendev20:15
*** lourot has quit IRC20:19
*** lourot has joined #opendev20:20
*** vishalmanchanda has quit IRC20:27
*** sboyron has quit IRC20:42
openstackgerritMerged opendev/system-config master: Retire Asterisk service  https://review.opendev.org/c/opendev/system-config/+/79019021:45
fungiianw: ^ should be all clear to delete the server and dns records now21:56
ianwfungi: thanks!  will do21:56
*** hasharDinner has quit IRC22:02
openstackgerritClark Boylan proposed opendev/system-config master: Add infra-prod-service-lists job  https://review.opendev.org/c/opendev/system-config/+/79052422:05
clarkbThat is split into a separate chagne so that we can land the parent, manually run playbooks until we are happy with them, then land that change22:06
*** iurygregory has quit IRC22:07
openstackgerritClark Boylan proposed opendev/system-config master: Clean up zuul01 from inventory  https://review.opendev.org/c/opendev/system-config/+/79048422:07
clarkband that cleanup occured to me on my bike ride randomly22:08
clarkbits weird what comes to you when you can clear you head a bit22:08
* fungi clears his head by turning upside down and shaking, like an etch-a-sketch22:09
*** iurygregory has joined #opendev22:11
*** hamalq has joined #opendev22:42
clarkbianw: if you get a chance can you review the mailman changes: https://review.opendev.org/c/opendev/system-config/+/789622 I'm happy to do approvals when I've got time and everyone is happy with things. Mostly just looking for review22:51
clarkbalso the zuul scheduler upgrade plan is up at https://etherpad.opendev.org/p/opendev-zuul-server-swap with links to changes and happy for reviews on those (and I can do approvals there too)22:52
ianwyep, will do22:56
ianwdid we decide no meeting tomorrow?22:56
*** tosky has quit IRC22:57
clarkbya I sent out an email cancelling it already22:59
clarkbthat said if people really want to meet I won't stop you :)23:00
*** artom has quit IRC23:21
*** artom has joined #opendev23:22
*** artom has quit IRC23:24
*** artom has joined #opendev23:24
clarkbianw: I meant to ask have we seen anymore dib nodepool functional jobs have problems with devstack? Or did that reordering for concurrency seem to fix it? (I think we did fix it, but concurrency issues are always fun so don't want to assume so)23:28
ianwclarkb: i haven't seen any more errors23:29
ianwi'm getting close to getting the containerfile stuff in properly.  i plan to start with Fedora to shake out issues, then I think we can consider switching other platforms if we like23:29
clarkbnice23:31
*** artom has quit IRC23:40
fungithat'll be awesome once it's working23:40
openstackgerritIan Wienand proposed openstack/diskimage-builder master: Add fedora-containerfile element  https://review.opendev.org/c/openstack/diskimage-builder/+/79036523:46
*** artom has joined #opendev23:49
*** mlavalle has quit IRC23:49
« Sunday, 2021-05-09 Index Tuesday, 2021-05-11 »

Generated by irclog2html.py 2.17.2 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!