Monday, 2016-04-18

*** ooolpbot has joined #tripleo00:10
*** ooolpbot has quit IRC00:10
openstackLaunchpad bug 1571090 in tripleo "clustercheck always failing on ha job" [Critical,Triaged]00:10
*** MaxPC has quit IRC00:16
*** Goneri has quit IRC00:16
*** lblanchard has quit IRC00:21
*** lblanchard has joined #tripleo00:33
*** MaxPC has joined #tripleo00:35
*** Goneri has joined #tripleo00:35
*** irdkehn has joined #tripleo01:02
*** irdkehn is now known as dkehn01:05
*** ooolpbot has joined #tripleo01:10
*** ooolpbot has quit IRC01:10
openstackLaunchpad bug 1571090 in tripleo "clustercheck always failing on ha job" [Critical,Triaged]01:10
*** MaxPC has quit IRC01:36
*** r-mibu has quit IRC02:09
*** ooolpbot has joined #tripleo02:10
*** ooolpbot has quit IRC02:10
openstackLaunchpad bug 1571090 in tripleo "clustercheck always failing on ha job" [Critical,Triaged]02:10
*** r-mibu has joined #tripleo02:14
*** ebalduf has joined #tripleo02:23
*** lblanchard has quit IRC02:23
*** ebalduf has quit IRC02:26
*** MaxPC has joined #tripleo02:34
*** ebalduf has joined #tripleo02:41
*** yuanying_ has quit IRC02:51
*** MaxPC has quit IRC02:52
*** ccamacho has quit IRC02:55
*** ccamacho has joined #tripleo03:02
*** ooolpbot has joined #tripleo03:10
*** ooolpbot has quit IRC03:10
openstackLaunchpad bug 1571090 in tripleo "clustercheck always failing on ha job" [Critical,Triaged]03:10
*** dsariel has quit IRC03:32
*** morazi has quit IRC03:44
*** yuanying has joined #tripleo03:46
*** coolsvap has joined #tripleo04:07
*** ooolpbot has joined #tripleo04:10
*** ooolpbot has quit IRC04:10
openstackLaunchpad bug 1571090 in tripleo "clustercheck always failing on ha job" [Critical,Triaged]04:10
*** links has joined #tripleo04:41
*** saneax_AFK is now known as saneax04:49
*** oshvartz has quit IRC04:50
*** rcernin has joined #tripleo05:03
*** ooolpbot has joined #tripleo05:10
*** ooolpbot has quit IRC05:10
openstackLaunchpad bug 1571090 in tripleo "clustercheck always failing on ha job" [Critical,Triaged]05:10
openstackgerritIan Wienand proposed openstack/diskimage-builder: yum-minimal: strip locale archive
*** ramishra has joined #tripleo05:21
*** ramishra has quit IRC05:28
*** ramishra has joined #tripleo05:30
*** oshvartz has joined #tripleo05:50
*** jprovazn has joined #tripleo05:50
*** ramishra has quit IRC05:52
*** ramishra has joined #tripleo05:55
*** florianf has joined #tripleo05:59
*** shadower has joined #tripleo06:08
*** ooolpbot has joined #tripleo06:10
*** ooolpbot has quit IRC06:10
openstackLaunchpad bug 1571090 in tripleo "clustercheck always failing on ha job" [Critical,Triaged]06:10
*** shivrao has joined #tripleo06:23
*** jaosorior has joined #tripleo06:24
*** leanderthal|afk is now known as leanderthal06:26
*** jtomasek has joined #tripleo06:33
*** bvandenh has quit IRC06:49
*** dsariel has joined #tripleo07:02
*** liverpooler has joined #tripleo07:03
*** bvandenh has joined #tripleo07:06
*** shivrao has quit IRC07:08
*** ooolpbot has joined #tripleo07:10
*** ooolpbot has quit IRC07:10
openstackLaunchpad bug 1571090 in tripleo "clustercheck always failing on ha job" [Critical,Triaged]07:10
*** jaosorior has quit IRC07:11
*** dtantsur|afk is now known as dtantsur07:14
*** hewbrocca-afk is now known as hewbrocca07:15
*** pcaruana has joined #tripleo07:15
*** mbound has joined #tripleo07:17
*** ccamacho has quit IRC07:18
*** ebalduf has quit IRC07:19
*** bvandenh has quit IRC07:20
*** ccamacho has joined #tripleo07:22
*** ohamada has joined #tripleo07:25
*** veteran has joined #tripleo07:25
*** veteran has quit IRC07:25
*** tremble has joined #tripleo07:31
*** tremble has joined #tripleo07:31
*** ifarkas has joined #tripleo07:32
*** shadower has quit IRC07:32
*** thomas_ has joined #tripleo07:35
*** thomas_ is now known as shadower07:35
*** bvandenh has joined #tripleo07:39
*** mikelk has joined #tripleo07:44
*** stendulker has joined #tripleo07:44
*** aufi has joined #tripleo07:49
*** jaosorior has joined #tripleo07:55
*** jaosorior has quit IRC07:56
*** numans_ has joined #tripleo07:57
*** shardy has joined #tripleo08:06
*** athomas has joined #tripleo08:07
*** ooolpbot has joined #tripleo08:10
*** ooolpbot has quit IRC08:10
openstackLaunchpad bug 1571090 in tripleo "clustercheck always failing on ha job" [Critical,Triaged]08:10
*** hjensas has quit IRC08:11
*** sshnaidm has quit IRC08:12
*** mcornea has joined #tripleo08:21
*** jistr has joined #tripleo08:21
*** gfidente has joined #tripleo08:31
*** bvandenh has quit IRC08:37
*** bvandenh has joined #tripleo08:40
*** derekh has joined #tripleo08:40
*** ohamada has quit IRC08:41
*** ohamada has joined #tripleo08:41
derekhSo infra have blocked access to the jenkins servers
derekhas a result our status page no longer works ;-(08:42
derekhanybody have any ideas for an alternative? querying gerrit maybe08:43
*** ohamada has quit IRC08:44
*** ohamada has joined #tripleo08:45
*** hjensas has joined #tripleo08:48
*** hjensas has quit IRC08:48
*** hjensas has joined #tripleo08:48
*** paramite has joined #tripleo08:48
*** jpena|off is now known as jpena08:49
*** hjensas has quit IRC08:50
*** hjensas has joined #tripleo08:50
*** ohamada has quit IRC08:51
*** mgould has joined #tripleo08:51
*** ohamada has joined #tripleo08:51
*** zoliXXLz is now known as zoli|BRB08:52
jistrderekh: an alternative might be zuul's smtp reporter
*** electrofelix has joined #tripleo09:01
derekhjistr: could be an option, although querying gerrit might be easier then collecting and parsing emails09:03
*** tesseract has joined #tripleo09:03
*** tesseract is now known as Guest3039409:03
*** jistr has quit IRC09:05
*** ooolpbot has joined #tripleo09:10
*** ooolpbot has quit IRC09:10
openstackLaunchpad bug 1571090 in tripleo "clustercheck always failing on ha job" [Critical,Triaged]09:10
openstackgerritJiri Stransky proposed openstack/tripleo-heat-templates: Fix ControllerExtraConfig parameter name
*** jistr has joined #tripleo09:12
ccamacho derekh, I did some gerrit queries before, let me check what I can get09:15
*** olap has joined #tripleo09:15
derekhccamacho: ok09:15
*** mcornea has quit IRC09:17
*** mcornea has joined #tripleo09:19
*** akrivoka has joined #tripleo09:23
*** sshnaidm has joined #tripleo09:29
*** zoli|BRB is now known as zoliXXL09:29
openstackgerritGiulio Fidente proposed openstack/puppet-tripleo: Add ceph profiles
*** athomas has quit IRC09:54
ccamachoguys, quick question (good morning)09:54
ccamachothe data from this site where is hosted?09:55
*** ohamada has quit IRC09:56
*** ohamada has joined #tripleo09:56
*** tosky has joined #tripleo09:57
*** athomas has joined #tripleo10:04
*** coolsvap has quit IRC10:05
*** athomas has quit IRC10:06
derekhccamacho: its a VM dprince spun up somewhere, looking for the database?10:08
derekhccamacho: this is the code that generates the report
*** ooolpbot has joined #tripleo10:10
*** ooolpbot has quit IRC10:10
openstackLaunchpad bug 1571090 in tripleo "clustercheck always failing on ha job" [Critical,Triaged]10:10
ccamachoderekh++ that's what I needed, I will make the changes on that file by querying gerrit instead10:10
*** athomas has joined #tripleo10:10
*** myoung has joined #tripleo10:11
derekhccamacho: ok, let me first ask on infra to see if the changes to the jenkins rules are perminant10:13
ccamachonp I will un-dust some some pygerrit scripts from my HD in meantime10:14
*** olap has quit IRC10:21
derekhccamacho: could be a few weeks
ccamachoderekh, "temporary loss of functionality" I see, well if needed just let me know.10:23
*** olap has joined #tripleo10:23
derekhccamacho: will do, will see later today if anybody has other ideas10:24
dtantsurhey folks, shardy. could you give some response to the backport request please?10:28
shardydtantsur: sure, looking10:41
shardydtantsur: +1, I think we can arguably consider it a bug, e.g choosing the wrong/different device after upgrade is a bug from a user perspective10:43
shardyI'll reply to the ML now10:43
*** zoliXXL is now known as zoli|lunch10:44
openstackgerritMiles Gould proposed openstack/tripleo-quickstart: Typo fix
*** michchap_ has joined #tripleo11:01
*** SlickN1k has joined #tripleo11:01
*** marcusvrn__ has joined #tripleo11:02
*** stendulker_ has joined #tripleo11:02
*** pino|work_ has joined #tripleo11:02
*** rhefner_ has joined #tripleo11:03
*** igorbelikov_ has joined #tripleo11:04
*** beekneemech has joined #tripleo11:04
*** krotscheck_ has joined #tripleo11:04
*** CaptTofu_ has joined #tripleo11:04
*** tristanC_ has joined #tripleo11:04
*** rodrigods has quit IRC11:04
*** jaosorior has joined #tripleo11:05
*** rodrigods has joined #tripleo11:05
*** cinerama` has joined #tripleo11:05
*** Ng has quit IRC11:05
*** rhefner has quit IRC11:05
*** marcusvrn_ has quit IRC11:05
*** SlickNik has quit IRC11:05
*** tdasilva has quit IRC11:05
*** igorbelikov has quit IRC11:05
*** CaptTofu has quit IRC11:05
*** therve has quit IRC11:05
*** spredzy has quit IRC11:06
*** telnoratti has quit IRC11:06
*** krotscheck has quit IRC11:06
*** dtantsur has quit IRC11:06
*** ianw has quit IRC11:06
*** cinerama has quit IRC11:06
*** pino|work has quit IRC11:06
*** bnemec has quit IRC11:06
*** tristanC has quit IRC11:06
*** snecklifter has quit IRC11:06
*** mburned has quit IRC11:06
*** michchap has quit IRC11:06
*** SlickN1k is now known as SlickNik11:06
*** stendulker has quit IRC11:06
*** snecklifter has joined #tripleo11:06
*** pino|work_ is now known as pino|work11:06
*** rhefner_ is now known as rhefner11:06
*** therve has joined #tripleo11:06
*** krotscheck_ is now known as krotscheck11:06
openstackgerritDerek Higgins proposed openstack-infra/tripleo-ci: [NO MERGY] Test a fake periodic job
*** marcusvrn__ is now known as marcusvrn_11:07
*** mburned has joined #tripleo11:07
*** igorbelikov_ is now known as igorbelikov11:07
*** ianw has joined #tripleo11:08
*** stendulker_ has quit IRC11:09
*** spredzy has joined #tripleo11:09
*** dtantsur has joined #tripleo11:09
*** tosky_ has joined #tripleo11:10
*** ooolpbot has joined #tripleo11:10
*** ooolpbot has quit IRC11:10
openstackLaunchpad bug 1571090 in tripleo "clustercheck always failing on ha job" [Critical,Triaged]11:10
*** pblaho has quit IRC11:10
*** CaptTofu_ has quit IRC11:10
*** Ng has joined #tripleo11:11
*** ChanServ sets mode: +v Ng11:11
*** pblaho has joined #tripleo11:11
*** tosky has quit IRC11:12
*** rcernin has quit IRC11:12
*** olap has quit IRC11:12
*** egafford has joined #tripleo11:13
*** olap has joined #tripleo11:14
*** telnoratti has joined #tripleo11:18
*** tdasilva has joined #tripleo11:18
*** rhallisey has joined #tripleo11:22
*** rcernin has joined #tripleo11:23
*** coolsvap has joined #tripleo11:23
*** CaptTofu_ has joined #tripleo11:24
*** dprince has joined #tripleo11:28
*** MaxPC has joined #tripleo11:31
*** liverpooler has quit IRC11:42
*** ccamacho is now known as ccamacho|lunch11:43
*** lucasagomes is now known as lucas-hungry11:43
jaosoriorHow long does it take for a package that should be available in RDO to reflect in our CI?11:51
jaosoriorThe CI still seems broken, although the fix has been released
openstackLaunchpad bug 1571090 in tripleo "clustercheck always failing on ha job" [Critical,Fix released]11:51
*** athomas has quit IRC11:52
*** weshay has joined #tripleo11:56
*** mbound has quit IRC12:00
*** pkovar has joined #tripleo12:04
*** trown|outtypewww is now known as trown12:09
trownjaosorior: it should be immediate, but there might be some caching? derekh ^12:09
trownderekh: I confirmed that the bad galera package is removed from the deps repo, do we need to do anything in tripleoci?12:10
*** apetrich has joined #tripleo12:14
jaosoriortrown: Alright, will wait then, thanks dude12:15
*** ryansb has left #tripleo12:18
*** saneax is now known as saneax_AFK12:29
*** aufi has quit IRC12:29
*** julim has joined #tripleo12:30
*** mbound has joined #tripleo12:30
*** coolsvap has quit IRC12:30
*** aufi has joined #tripleo12:31
*** rbrady has joined #tripleo12:33
*** jpena is now known as jpena|lunch12:36
*** dsariel has quit IRC12:42
*** lucas-hungry is now known as lucasagomes12:44
*** hewbrocca is now known as hewbrocca-afk12:44
*** jdob has joined #tripleo12:46
sshnaidmdoes anybody know why is stuck on 04-15 ?12:48
trownsshnaidm: we no longer have access to jenkins :(12:49
sshnaidmtrown, oh, that's why jenkins page doesn't open12:49
*** rlandy has joined #tripleo12:49
sshnaidmtrown, but this is from zuul, isn't it?12:49
trownsshnaidm: nope it polls jenkins12:50
sshnaidmtrown, maybe it's possible to use
sshnaidmtrown, is it forever? or just temporary block?12:52
trownsshnaidm: seems at least a few weeks
trownso any ideas are welcome I think :)12:53
shardy looks OK to land if anyone has a moment12:53
shardyrelated to fixing the containers CI job12:53
*** morazi has joined #tripleo12:54
sshnaidmtrown, sorry, isn't it wrong link? it's about ironic12:55
*** pradk has joined #tripleo12:55
trownsshnaidm: lol, ya sorry wrong link
*** ccamacho|lunch is now known as ccamacho12:55
*** zoli|lunch is now known as zoli_brb12:56
sshnaidmtrown, yeah.. it's about this csrf problem :(12:56
*** dprince has quit IRC12:57
sshnaidmthough I hardly understand why it should take a few weeks(!), it's about a few days work..12:58
*** apetrich has quit IRC12:59
openstackgerritMerged openstack/tripleo-common: Missing python-ipaddr in heat-agents image
*** tzumainn has joined #tripleo13:02
*** olap has quit IRC13:05
*** olap has joined #tripleo13:06
*** trozet has joined #tripleo13:11
*** trozet has quit IRC13:14
*** trozet has joined #tripleo13:15
derekhtrown: there is caching but repodata should be bypassed for the cache, what repo are we wondering about ?13:16
trownderekh: the delorean-deps.repo13:16
trownit might be resolved, waiting to see an HA pass to know for sure though13:17
trownwhich is trickier without our status page13:17
openstackgerritmathieu bultel proposed openstack/tripleo-quickstart: Set default tht parameters for net-iso and remove hardcoded values
tremblesshnaidm: "it's about a few days work" <- that comment makes so many assumptions which rarely hold true in the real world.  People tend to get rather annoyed when you turn on a security feature and break random little things all over the place.13:18
*** dtantsur is now known as dtantsur|brb13:19
trownmatbu: ah I see now, ansible was not including quotes there13:19
matbutrown: yes13:19
matbutrown: the patchset #5 should fixed it13:20
*** tosky_ is now known as tosky13:23
derekhtrown: accoring to the proxy server that last download of the galera 25.3.12 package was just over 3 hours ago13:24
*** egafford has quit IRC13:24
trownderekh: that is about when it was fixed, so we should be good13:24
derekhtrown: ok13:25
*** thrash has quit IRC13:29
trownahhhh.... so close
*** shadower is now known as shadower_13:31
*** shadower_ is now known as shadower13:32
*** shadower is now known as shadower_13:32
*** paramite is now known as paramite|afk13:32
*** shadower_ is now known as shadower13:33
*** thrash has joined #tripleo13:33
*** thrash has joined #tripleo13:33
derekhtrown: it should promote13:35
trownderekh: because it passed all 3 on the same PS?13:35
trowneven though they are on different rechecks?13:36
derekhtrown: the last 2 runs were with the same repo
derekhtrown: once the mirror server registers a pass for each job for the same repo, it should promote13:36
derekhtrown: cron job is due to trigger in 4 minutes13:36
*** Goneri has quit IRC13:37
*** numans_ has quit IRC13:38
*** egafford has joined #tripleo13:40
adarazsderekh: last week I was quite busy, does it still make sense to look into the disk utilization as we discussed it on the previous Friday?13:40
*** lblanchard has joined #tripleo13:40
*** dustins has joined #tripleo13:42
derekhtrown: updated
*** zoli_brb is now known as zoliXXL13:44
trownderekh: nice13:44
trownderekh: did we get cached IPA?13:45
openstackgerritFlorian Fuchs proposed openstack/tripleo-ui: Check for ongoing deployment when opening DeploymentConfiguration
derekhtrown: yup13:45
derekhtrown: just should start using it now, if I didn't screw something up13:46
derekhadarazs: looks like we're going ahead with the SSD's anyway so it probably wont change anything13:47
adarazsderekh: all right :)13:48
openstackgerritFlorian Fuchs proposed openstack/tripleo-ui: Check for ongoing deployment when opening DeploymentConfiguration
*** Goneri has joined #tripleo13:49
*** jpena|lunch is now known as jpena13:49
*** saneax_AFK is now known as saneax13:51
derekhtrown: actually sorry, that was wronge, I left the patch to use the IPA image in WIP so we could test befor merging, testing now
derekhalso if anybody has a chance to look at this patch to start caching the overcloud image ,
*** derekh is now known as derekh_afk13:53
*** psanchez has quit IRC13:55
*** psanchez has joined #tripleo13:56
*** dkehn_ has joined #tripleo13:57
*** links has quit IRC13:57
*** paramite|afk is now known as paramite13:59
*** ebalduf has joined #tripleo14:16
jaosoriortrown: Hey dude, any idea if there's something wrong with ? Been trying to fetch the image through tripleo-quickstart but it's failing :/14:21
trownjaosorior: hmm. no issue for me, but we have a new mirrored image location, mind trying that with '-u'14:23
*** aufi has quit IRC14:24
trownjaosorior: it is on my list to patch that into tripleo-quickstart as the default14:24
jaosoriortrown: Will do14:24
trownmy internet connection originates from the same zipcode as the artifacts server, so I rarely have issues (and can rarely reproduce others issues)14:25
jaosoriortrown: Funky... cancelled the other run14:27
jaosoriorran it witht he command you provided14:27
jaosoriorand there is no undercloud set up (not even in libvirt)14:27
jaosoriortrown: Where is the undercloud image downlaoded to?14:28
jaosoriorit seems to have even failed the checksum check14:28
*** olap has quit IRC14:30
*** dsariel has joined #tripleo14:31
trownjaosorior: hmm, I will do a test with the buildlogs url14:31
jaosoriortrown: Sure. I have no clue what's up, cause if I do manually wget with that url, in the target machine, it actually starts building it14:31
jaosoriorI mean, fetching it14:32
jaosoriormaybe I could do that, just download the image in the cache folder14:32
jaosoriortrown: Is the stack user recreated every time?14:33
trownjaosorior: ya the "-u" argument can take a 'file://' url, so if you download it to anywhere world-readable on the host you can pass that location as url14:33
trownjaosorior: ya... need to fix that
openstackLaunchpad bug 1570289 in tripleo-quickstart "Use a more explicit method for teardown" [High,Triaged]14:33
jaosoriorI see14:34
*** jdob has quit IRC14:36
*** jdob has joined #tripleo14:36
*** saneax is now known as saneax_AFK14:41
*** dmacpher has joined #tripleo14:41
*** saneax_AFK is now known as saneax14:42
*** dmsimard has quit IRC14:42
*** dmsimard has joined #tripleo14:43
*** jdob has quit IRC14:48
*** jdob has joined #tripleo14:48
*** rbrady has quit IRC14:48
*** rbrady has joined #tripleo14:49
*** sshnaidm has quit IRC14:58
*** oshvartz has quit IRC15:04
*** leanderthal is now known as leanderthal|afk15:06
openstackgerritOpenStack Proposal Bot proposed openstack/python-tripleoclient: Updated from global requirements
*** cinerama` is now known as cinerama15:07
*** dtantsur|brb is now known as dtantsur15:07
*** julim has quit IRC15:11
*** hjensas has quit IRC15:13
*** julim has joined #tripleo15:15
*** links has joined #tripleo15:19
*** shadower has quit IRC15:27
*** dtrainor has joined #tripleo15:30
*** olap has joined #tripleo15:31
*** dtrainor has quit IRC15:32
*** dtrainor has joined #tripleo15:33
openstackgerritJuan Antonio Osorio Robles proposed openstack/python-tripleoclient: Check Keystone init before running it
*** shadower has joined #tripleo15:36
*** aufi has joined #tripleo15:38
*** egafford has quit IRC15:38
*** egafford has joined #tripleo15:38
*** tremble has quit IRC15:39
shardyEmilienM: Hi, I'm looking for some help with an undercloud puppet-keystone issue when you get a moment15:41
openstackLaunchpad bug 1571708 in tripleo "undercloud user role assignments deleted by undercloud install" [Undecided,New]15:41
shardyWhich I think is related to bug 1325475 in rhel-osp-director "rhel-osp-director: upgrade 7.3->8.0, that follows update 7.2->7.3, times out due to os-collect-config auth failure" [High,New] - Assigned to therve15:43
EmilienMshardy: looking15:43
shardyEmilienM: basically we delete all user role assignments when re-running the undercloud install15:43
shardyI'm wondering how we stop that, as it appears it strips the _member_ role for older environments, which breaks heat15:43
*** cwolferh has joined #tripleo15:45
EmilienMshardy: I suspect something else but puppet (python-tripleoclient?) manages keystone resources (roles, assignments, etc).15:46
pkovaram i blind or are the triple docs not featured on ?15:46
EmilienMshardy: if that's the case, it makes sense Puppet will clean it up15:46
pkovar* tripleo15:46
EmilienMshardy: we declare keystone::roles::admin class, which takes care of admin resources15:46
jaosoriorEmilienM: Currently it does for the overcloud deployment, but I believe shardy was referring to the undercloud install15:46
EmilienMjaosorior: yeah, I mean for undercloud15:47
jaosoriorwhich python-tripleoclient shouldn't be doing anything for15:47
shardyEmilienM: since it looks like we manage keystone via puppet on the undercloud15:47
jaosoriorregarding keystone endpoints and roles15:47
* shardy checks this includes roles15:47
*** alhernan has joined #tripleo15:47
EmilienMright, but are we sure puppet is the only one thing managing admin resources?15:47
shardyPersonally I don't think it's reasonable to overwrite operator additions when re-asserting service configuration like this15:47
EmilienMall providers in puppet-keystone are idempotent15:47
EmilienMthis is the role:
*** dprince has joined #tripleo15:50
EmilienMshardy: I disagree, if we want puppet to manage a resource, nothing has to be manual.15:50
EmilienMshardy: it's the purpose of automation with puppet (or ansible or chef): to not do manual actions. Any manual actions with those tools, will break things15:50
*** jobewan has joined #tripleo15:51
EmilienMit's like modifying nova.conf by hand, puppet will override it at next run15:51
shardyEmilienM: Yeah, but this is a pitfall of managing stuff like keystone users via puppet15:51
shardyit's not service configuration, it's content of those services15:51
EmilienMshardy: so don't manage them via puppet15:51
shardyEmilienM: Sure, but we are managing them via puppet, and that means everything breaks on upgrade15:52
shardyso, we either figure out how to fix that, or don't manage the users via puppet anymore15:52
*** jobewan has quit IRC15:52
EmilienMwhy does it break on upgrade?15:52
beaglespkovar: you aren't blind - the only mention of tripleo at all is os-cloud-config... what's up with that? shardy, know you're busy with keystone issue, but when you get a sec - is there a reason for it not being there, or is it just "we haven't added yet"?15:52
EmilienMif there is a change in the resource, let's make the change happen in the puppet manifest15:52
*** paramite has quit IRC15:52
shardyEmilienM: because we remove the _member_ role from all users on the undercloud15:52
shardywhich breaks heat, because we then try to delegate a non-existent role assignment via a trust15:53
*** jobewan has joined #tripleo15:53
*** sshnaidm has joined #tripleo15:53
shardyI'm trying to figure out exactly where/why we delete those role assignments15:53
EmilienMshardy: I can patch undercloud to fix that15:53
EmilienMwith a Puppet collector15:53
jaosoriorisn't the _member_ role quite standard in openstack deployments? Why would it be deleted? O_o\15:53
*** chem has joined #tripleo15:55
EmilienMjaosorior: let me look that, there are different things right now15:55
shardyjaosorior: It's no longer used as part of the move to keystone v3 ref
openstackLaunchpad bug 1366133 in OpenStack Identity (keystone) "User create via v3 API doesn't add _member_ role in default project" [Undecided,Won't fix]15:55
EmilienMchem: jaosorior is asking why puppet-keystone does not add _member_ role to admin user15:55
shardyjaosorior: however we have an issue in that we have overclouds created prior to the move to v315:55
shardyhence _member_ stil exists in the trusts stored inside the undercloud heat15:55
EmilienMok, so you want the admin user with _member_ role, right?15:55
shardyEmilienM: Yeah, the admin user had the _member_ role before upgrade, and removing it breaks the delegation made to heat15:56
shardyfor brand new deployments, not having it would be fine15:56
*** mikelk has quit IRC15:56
shardybut we cannot remove any existing roles from any user on upgrade15:56
EmilienMshardy: because we don't use keystone v3 right?15:57
shardybecause heat by default delegates all roles from the user to heat15:57
EmilienMok got it15:57
EmilienMshardy: let me 2 min15:57
shardyEmilienM: No, the problem is that even after moving everything to v3, heat still has a trust which says "delegate _member_ and admin roles to user "heat"15:57
shardyEmilienM: thanks!15:57
EmilienMshardy: we need to fix that15:58
EmilienMshardy: what params set that?15:58
EmilienMright now, we set
chemshardy: EmilienM jaosorior: we could just add the missing bit in puppet manifest15:58
EmilienMby defeault15:58
EmilienMmaybe tripleo overrides it?15:58
EmilienMchem: I was thinking at patching instack-undercloud with a Collector15:59
shardyEmilienM: will that remove all roles except "admin" ?15:59
shardyor role assignments rather15:59
chemEmilienM: do not get the "collector'16:00
chempart of your sentence16:00
EmilienMthe problem is that I don't find where _member_ was added before16:00
*** alhernan has left #tripleo16:00
*** alhernan has joined #tripleo16:00
pkovarbeagles: shardy: i can ask the docs team to add the tripleo guide there...16:00
*** links has quit IRC16:01
pkovarassuming they control the process16:01
shardy shows it not being created by puppet-keystone16:01
chemjaosorior: the '_member_' was used because before openstack cli juno an user could not exist without having a role, hence the member creation.  This limitation has been removed since then16:01
shardybecause it was created as part of the keystone DB bootstrap16:01
chemjaosorior: sorry openstack cli kilo not juno16:02
jaosoriorchem: I see16:02
shardyFor new deployments it's fine not to create it, but we can't remove user role assignments on upgrades16:02
chemjaosorior: EmilienM now, if we still need it we just add keystone_role {'_member': ensure=> present} somewhere16:02
chemand assign the required users to it16:03
shardychem: interestingly we don't delete the role, only the role assignments16:03
shardyalso it's important that the role must not be deleted and re-created with a different ID16:03
shardye.g ref that patch I just linked16:03
chemshardy: hum ... how comes, where does it happen ?16:03
chemshardy: looking16:04
shardyaccording to that patch it's provided by a DB migration16:04
shardybut for any trust delegation to work, the ID's of roles (and assignments to users) must never change16:04
shardybecause delegation is managed by ID, not name16:04
*** Guest30394 has quit IRC16:05
chemshardy: well, nothing in the puppet-keystone will remove an existing role, but the assignement may be change, depending on the manifest16:05
shardychem: Ok, thanks, but it does ensure that role assignments for each user match the manifest exactly?16:06
shardythat's what we're seeing, the role is left alone, but all users get the role assignment removed16:07
chemshardy: yes, I guess that where the problem is, as member is no longer assumed16:07
chemshardy: so just recreating the assignement would do it no ?16:07
EmilienMshardy: why heat needs _member_? How can we configure it?16:08
shardychem: Yup that would work around it provided the role ID hasnt changed (and it hasn't)16:08
EmilienMchem: I'm working on that16:08
*** mbound has quit IRC16:08
jaosoriorany idea why the stable/liberty is failing even before starting the undercloud build?16:08
shardyEmilienM: it doesn't need _member_, it needs the roles it delegated to still exist, and be assigned to the user16:08
shardyso when you create a heat stack, if you have roles "x, y, z" you must still have these roles when something tries to delegate via the trust16:09
chemshardy: EmilienM this is legacy practice, as the member role was created no matter what, it has been used in a lot of places16:09
shardywhich happens e.g when agents inside the VMs signal back to heat16:09
shardyI suspect that unconditionally removing _member_ will also break some interactions with the v2 API16:09
shardywhich I know is deprecated, but may cause issues for other users16:10
chemshardy: not really, but you would bump into problem like the one for heat, where permission assumbe use to be part of _member_16:10
chemshardy: there is really nothing special about _member_ :)16:11
shardychem: OK, I thought _member_ was used to grant access to a project in v2, assuming no other roles assignments are added to the same project, won't removing _member_ deny access to the project?16:11
*** dsariel has quit IRC16:11
openstackgerritMerged openstack/python-tripleoclient: Throw exception if undercloud password file is missing
*** saneax is now known as saneax_AFK16:12
openstackgerritEmilien Macchi proposed openstack/instack-undercloud: Make sure we assign _member_ role to admin user
EmilienMshardy, chem, jaosorior: please review ^16:12
openstackgerritEmilien Macchi proposed openstack/instack-undercloud: Make sure we assign _member_ role to admin user
chemshardy: it will if there are no other role for the user in the project.  But you could have setup on non-default policy where each user has a meaningful (for your organisation) named role (like, "dev", "manager", ....)16:13
chemEmilienM: looking16:13
chemEmilienM: jaosorior are we sure admin has only those two roles ?16:13
shardyEmilienM: thanks!16:13
chemshardy: ^16:14
shardyis it possible to make it only assert the role assignment if the _member_role exists?16:14
shardychem: Well, unless an operator decides to create some additional ones like I just did (which will also be erased by the update)16:14
chemshardy: I would say that it would be complicated, puppet being what it is.16:15
shardychem: shows there are two roles delegated on this old deployment16:17 bug 1325475 in rhel-osp-director "rhel-osp-director: upgrade 7.3->8.0, that follows update 7.2->7.3, times out due to os-collect-config auth failure" [High,New] - Assigned to therve16:17
shardy_member_ and admin16:17
shardyon a new deployment, it will only be admin16:17
chemshardy: oki, so it's good16:17
chemshardy: maybe let the user know that if the admin role has been modified after deployment the upgrade will reset them to admin, _member_ ?16:17
chemshardy: in the upgrade's readme ?16:17
shardychem: Yeah, it'd be a good thing to document16:17
EmilienMI'm out for lunch, feel free to comment in gerrit.16:17
shardyEmilienM: ack, thanks!16:17
*** trown is now known as trown|lunch16:18
zoliXXLsee you tomorrow16:19
*** ohamada has quit IRC16:21
*** pcaruana has quit IRC16:21
*** saneax_AFK is now known as saneax16:22
*** zoliXXL is now known as zoli_gone-proxy16:23
*** mgould has quit IRC16:25
*** beekneemech changes topic to "TripleO | CI status: | Docs:"16:26
*** dsariel has joined #tripleo16:27
dprincegfidente: hey, so I'm blocked on a Heat bug ATM. So if we want to land the MySQL VIP change against master I would rather just accept it sooner if we can get it passing.16:27
dprincegfidente: so land your patch first and then I rebase on it?16:28
gfidentedprince, honestly, it consistently failed the ha and nonha jobs and consistently passed upgrades16:28
gfidenteI tested it locally and it worked16:28
gfidentebut I am suspicious16:28
gfidenteit looks like the deployment fails just after the overcloud goes in CREATE_COMPLETE16:28
dprincegfidente: sounds like a slacker bit of work to me man :)16:28
*** tosky has quit IRC16:29
dprincegfidente: I think the idea is sane. We can get it passing16:29
dprincegfidente: just saying... we may as well go for it first I think16:29
dprincegfidente: also, the HA job is failing?16:30
dprincegfidente: looks like the HA jobs was failing all weekend...16:31
dprincejistr: ?16:31
jistrhmm i thought i saw it pass today16:32
jistroh that was on mitaka though16:33
dprincejistr: yeah, master is consistently failing16:33
dprincejistr: like some sort of Galera issue perhaps?16:33
jistrah yea i saw that LP bug. i thought it was being un-done in RDO?16:33
dprincejistr: sorry, I may have missed it this morning. I was offline a bit16:34
openstackLaunchpad bug 1571090 in tripleo "clustercheck always failing on ha job" [Critical,Fix released]16:34
openstackgerritOpenStack Proposal Bot proposed openstack/python-tripleoclient: Updated from global requirements
dprincejistr: it doesn't look resolved yet though. Like it still fails16:35
dprincetrown|lunch: ^^^ any ideas on that?16:35
*** tosky has joined #tripleo16:35
openstackgerritOpenStack Proposal Bot proposed openstack/tripleo-common: Updated from global requirements
derekh_afkdprince: FYI we no longer have access to jenkins, so report isn't updating
dprincederekh_afk: oh...16:37
dprincederekh_afk: is that why my monday is confused :/16:37
jaosoriorWell, I've just seen some CI runs succeeding, but with very varied success rate16:37
*** ccamacho has quit IRC16:38
thervedprince, Updated with the hopefully actual fix :)16:38
dprincederekh_afk: can we re-write our report to use gerrit queries only16:38
therveWas waiting on a build result which won't happen today apparently16:38
jaosoriorand for some reason stable/liberty seems preeeetty red16:38
dprincetherve: nice, I will fire a recheck to test it in TripleO CI16:38
derekh_afkdprince: also, I was deleting unused floating IP's from the tripleo rack all weekend to keep thing moving, but its all ok now again, mordred sorted it out16:38
dprincetherve: appreciate you looking into that one16:38
therveNo problem!16:39
derekh_afkdprince: I was thinging the same, we wouldn't get the jobs until they finished16:39
dprincederekh_afk: yeah, so those nodepool changes were our issue then?16:39
derekh_afkdprince: but its better then nothing16:39
*** jistr has quit IRC16:39
dprincederekh_afk: yeah, we could update the metrics to post mid-job (on the fly). But still, I think scraping the gerrit logs is probably a better plan for our report16:40
derekh_afkdprince: not sure exactly what changes were the issue but its now fixed on the nodpool/shade side16:40
dprincederekh_afk: cool. That partial revert I emailed you was what I thought looked suspicious16:40
openstackgerritKeith Schincke proposed openstack/python-tripleoclient: Add support for CephRgwKey generation
derekh_afkdprince: if we're going to go down the gerrit query route then ccamacho said he'd looking into it16:41
*** derekh_afk is now known as derekh16:41
dprincederekh: so others aren't confused we might should just take our reports down then16:42
dprincederekh: want me to post a patch to disable them?16:42
derekhdprince: agreed, go for it16:42
dprincederekh: one more thing while I've got you16:43
*** rcernin has quit IRC16:43
derekhdprince: yup16:43
dprincederekh: related to the metrics stuff.... I think we ought to make that fail-safe. In that if metrics posting fails the job would still pass16:43
mordredderekh: yay!16:43
dprincederekh: as is if the stats posting fails I think it would fail the job16:44
derekhdprince: makes sense16:44
*** mcornea has quit IRC16:44
dprincederekh: so just a little cleanup I thought after we landed it16:44
dprincederekh: I would hate to see jobs fail due to metrics not posting, etc.16:44
derekhdprince: yup16:45
*** ccamacho has joined #tripleo16:46
openstackgerritKeith Schincke proposed openstack/tripleo-heat-templates: Add support for deploying RGW on controllers.
openstackgerritDan Prince proposed openstack/tripleo-heat-templates: composable neutron dhcp service
openstackgerritDan Prince proposed openstack/tripleo-heat-templates: composable neutron metadata service
openstackgerritDan Prince proposed openstack/tripleo-heat-templates: composable neutron l3 service
openstackgerritDan Prince proposed openstack/tripleo-heat-templates: composable glance services
*** derekh has quit IRC16:48
openstackgerritKeith Schincke proposed openstack/python-tripleoclient: Add support for CephRgwKey generation
chemshardy: so I think there is a way to keep all existing role and adding only the '_member_' to the admin role.  Removing the need to modify the upgrade documention16:56
*** ccamacho has quit IRC17:00
*** psanchez has quit IRC17:01
*** psanchez has joined #tripleo17:01
openstackgerritDan Prince proposed openstack-infra/tripleo-ci: Ignore bash errors when posting metrics
openstackgerritDan Prince proposed openstack-infra/tripleo-ci: Make the reviewday config file pluggable
shardychem: Ok - note this must leave the _member_ role assignment when _member_ exists, but not try to add it when that role is missing17:06
*** aufi has quit IRC17:06
shardye.g new/recent deployments won't have that role17:07
chemshardy: this will do17:07
*** alhernan has quit IRC17:07
*** jpena is now known as jpena|off17:07
chemshardy: but I'm going to check anyway :)17:07
shardychem: ack, thanks - I'm currently trying to test but undercloud install overwrites my locally updated instack-undercloud RPM17:08
openstackgerritRyan Hallisey proposed openstack-infra/tripleo-ci: Allow the container job to run again
chemshardy: sorry, I misread, this won't do17:10
chemshardy: I will fail with "No role with a name or ID of '_member_' exists"17:10
shardychem: Ok, we need it to skip attempting the assignment in that case17:10
chemshardy: Oki, I'll think of something ...17:11
*** trown|lunch is now known as trown17:13
*** rook has joined #tripleo17:14
chemshardy: the best we can do with puppet (Emilien corrects me if I'm wrong) is to test if a resource is defined in the catalog, not that a resource exists on the system.17:17
shardychem: can you detect the current state of the role assignments via the puppet model, e.g what roles are assigned?17:18
shardyan alternative would be to detect it outside of puppet I guess and pass a roles list in via hiera17:18
chemshardy: yep, that's basically the only option.  Puppet cannot take decision at "runtime" depending on how the current system is, you hardcode the final state of the system, that's it that's all17:20
chemshardy: so is something like add the role during upgrade, but not during creation easy to do ?17:21
shardychem: well it's just a case of listing the roles and appending _member_ if it exists17:21
shardyso I guess we could do that from within the instack-undercloud python code17:22
chemshardy: and transform it to a hiera variable that would be accessible from
chemshardy: so that we can do if ($upgrade) then ensure member role; fi17:23
chemshardy: sorry "if hiera($upgrade, false) ..."17:23
shardychem: No, we can'd do a conditional on upgrade, because not all upgrades have this problem17:23
shardyonly those from sufficiently old versions17:23
shardyit'll be something like append a possibly empty list of additional roles17:24
shardylet me hack out a patch, sec17:24
chemshardy: so could we have "hiera($admin_roles)" ? so that if it include '_member_' then we make sure it has ?17:25
*** yamahata has joined #tripleo17:29
*** colonwq_ is now known as colonwq17:30
EmilienMchem: right17:31
EmilienMchem: or maybe we can have an Exec + bash script :-/17:31
chemEmilienM: hum ... I didn't think of it ... but how would you make such script idempotent ?17:32
chemEmilienM: it would have to run at each puppet run17:32
colonwqI am trying to update a template to pass the internal API IP address of into a puppet module. What is the correct parameter?17:32
EmilienMchem: right, bad idea17:32
chemEmilienM: but maybe idempotent is not required here as it's run only once during image creation (if I understand this right )17:32
EmilienMchem: I think a bash script could work, regarding shardy's comment, we need specific logic17:34
*** hjensas has joined #tripleo17:34
EmilienMchem: but the problem is how to handtle this collector17:34
chemEmilienM: and provided we don't care about idempotency17:34
*** gfidente has quit IRC17:35
*** tosky has quit IRC17:36
chemEmilienM: that's really, really tricky (not possible?) to do with puppet17:36
*** dprince has quit IRC17:36
chemEmilienM: the only way to do this I think is using a dedicated fact, but having a fact that describe the state of the system, goes to the keystone db each time it's run, looks like a very bad idea17:37
EmilienMI thought about a fact :)17:38
EmilienMbut it's really weird17:38
chemEmilienM: better have the python code provides us with a hiera variable like "does_member_role_exists" ?17:39
EmilienMwhy can't we tell heat to live without _member_?17:39
EmilienMwhat thing am I missing?17:39
chemEmilienM: I think it can, we just have to adjust its membership17:40
shardyEmilienM: because we already delegated that role to heat when the overcloud was created17:40
EmilienMshardy: can't we update that?17:40
shardyEmilienM: No, the delegation by default exists for the lifetime of the stack17:41
shardywe could change that, but that's how it currently works17:41
EmilienMok no problem, just trying to understand how it works17:41
shardythat provides some background FYI17:42
chemshardy: EmilienM so our best bet I think is to have access to an hiera variable that can tell puppet if the "_member_" role exists17:42
EmilienMchem: an fact could work, it would check "if openstack role list | grep _member_ then true else false" and use the fact in undercloud manifest17:42
*** ifarkas has quit IRC17:44
chemEmilienM: note that this will be run each time puppet run, that openstack may, or may not be installed at the time, that it somehow has to get its permission from somewhere and that '/root/openrc' may not exists at the time it run, and finally it's bad puppet practice (unfortunatly ... ?)17:45
chemEmilienM: dynamically modifying the catalog depending on the state of the system is not what puppet is designed for17:46
*** Marga_ has quit IRC17:46
EmilienMright, it's really hard to solve17:46
chemEmilienM: the only "clean" way to do it would be a type/provider but that seems like overkill17:46
EmilienMmaybe we can just continue to use _member_17:47
chemEmilienM:then keystone_role { '_member_': ensure => present } would have to be added17:47
shardyEmilienM: I don't think we want to add it to recent deployments where that role does not exist17:47
chemEmilienM: but shardy said that newer install do not have it17:47
shardyfolks will raise bugs saying it's wrong for keystone v3 etc, and probably it will cause confusion IMO17:48
chemshardy: Emilien so do you think we can have this external hiera variable ?17:48
*** dmacpher is now known as dmacpher-afk17:49
*** dtantsur is now known as dtantsur|afk17:49
shardychem: yes, I'm writing an instack-undercloud patch which we can try17:49
EmilienMthere is one option, very easy17:49
chemEmilienM: ?17:49
EmilienMwe add a param in undercloud.conf17:49
EmilienMlike: keystone_member_role17:50
EmilienMwe set it with Hiera17:50
EmilienMand we use it as a boolean17:50
EmilienMand we set it to True for backward compatibility (or False for new deployments?)17:50
shardyEmilienM: that's basically what I'm doing, but the user shouldn't have to care about this IMO17:51
*** lucasagomes is now known as lucas-dinner17:51
*** dprince has joined #tripleo17:52
*** shivrao has joined #tripleo17:52
EmilienMshardy: you take over my patch?17:52
shardyEmilienM: sure, I'll squash my patch into yours and we can review17:53
shardythanks to you and chem for your help with this :)17:53
*** electrofelix has quit IRC17:59
*** mkovacik_ has quit IRC18:00
EmilienMthe check/gate/post queue is huge, fyi: ovh cloud has been dropped from nodepool18:02
*** jaosorior has quit IRC18:03
*** rhallisey has quit IRC18:08
*** pkovar has quit IRC18:09
*** yamahata has quit IRC18:11
*** Marga_ has joined #tripleo18:13
*** Marga_ has quit IRC18:13
*** Marga_ has joined #tripleo18:15
*** Marga__ has joined #tripleo18:17
*** Marga__ has quit IRC18:18
*** Marga_ has quit IRC18:19
*** Marga_ has joined #tripleo18:23
*** rhallisey has joined #tripleo18:26
*** Marga_ has quit IRC18:28
*** mbound has joined #tripleo18:28
*** Marga_ has joined #tripleo18:29
*** sambetts is now known as sambetts|afk18:32
*** rbrady has quit IRC18:32
openstackgerritMerged openstack/tripleo-quickstart: Set default tht parameters for net-iso and remove hardcoded values
colonwqEmilienM, the long queue only happened because I submitted patches for review... and its Monday18:35
slagleEmilienM: i'm looking to move more stuff to puppet in instack-undercloud, what's the right puppet module to use to manage iptables? puppetlabs-firewall?18:37
EmilienMslagle: let me show you how we do it in overcloud18:38
EmilienMwe have this class: to whether or not enable pre/post rules18:39
EmilienMpre/post are defined here
EmilienMand this define will create rules for you:
EmilienMcolonwq: ahah18:39
*** Marga_ has quit IRC18:39
*** rbrady has joined #tripleo18:40
slagleEmilienM: k, thanks. i wonder if i can reuse this for the undercloud, i'll investigate18:40
EmilienMslagle: I think so, it would be great to have the same bits18:40
slagleEmilienM: yea, unfortunately the rules are set in tht though18:41
slaglein the hieradata files18:41
slaglethat should probably be moved to puppet-tripleo18:41
EmilienMslagle: we could have them in the undercloud hiera file18:41
slagleyea, it's just a lot to copy/paste18:42
slagleand when you add a new service to under/over cloud you have to update 2 places18:42
slaglenot a big deal, i'll see if i can make it better18:42
*** Marga_ has joined #tripleo18:48
*** Marga_ has quit IRC18:48
*** Marga_ has joined #tripleo18:49
*** Marga_ has quit IRC18:49
*** Marga_ has joined #tripleo18:50
*** Marga_ has quit IRC18:50
*** Marga_ has joined #tripleo18:51
*** dbecker has quit IRC18:59
*** dbecker has joined #tripleo19:05
*** Marga_ has quit IRC19:07
*** Marga_ has joined #tripleo19:07
openstackgerritJohn Trowbridge proposed openstack/tripleo-quickstart: images/build role has moved to its own repo
*** florianf has quit IRC19:08
openstackgerritJohn Trowbridge proposed openstack/tripleo-quickstart: CI jjb is moved to rdo-infra/ci-config repo
openstackgerritJohn Trowbridge proposed openstack/tripleo-quickstart: images/build role has moved to its own repo
*** eil397 has joined #tripleo19:13
*** eil397 has left #tripleo19:13
openstackgerritMerged openstack/diskimage-builder: Updated from global requirements
openstackgerritJiri Tomasek proposed openstack/tripleo-ui: Nodes assignment part 2
openstackgerritJiri Tomasek proposed openstack/tripleo-ui: Nodes assignment part 3
openstackgerritMerged openstack/diskimage-builder: Fix add-apt-repository package for precise
openstackgerritEmilien Macchi proposed openstack/instack-undercloud: run nova-api with mod_proxy_uwsgi httpd module
*** weshay has quit IRC19:29
*** jprovazn has quit IRC19:31
openstackgerritMerged openstack/diskimage-builder: Skip gentoo test
openstackgerritMerged openstack/diskimage-builder: Add qcow2 generation for better test coverage
openstackgerritMerged openstack/diskimage-builder: Fix disk usage report
openstackgerritMerged openstack/diskimage-builder: dib-run-parts: make cp to target root more robust
openstackgerritMerged openstack/diskimage-builder: simple-init: Fix path for /etc/ssh test
*** rhallisey_ has joined #tripleo19:47
*** rhallisey has quit IRC19:50
*** bvandenh has quit IRC19:58
openstackgerritMerged openstack/tripleo-heat-templates: Reload haproxy after injecting certs w/o pcmk too
beekneemechSimple patch ready for +2a:
*** beekneemech is now known as bneme20:12
*** bneme is now known as bnemec20:12
openstackgerritMerged openstack-infra/tripleo-ci: Redirect instack image build output to file
slagletrown beat me to it20:15
*** dprince has quit IRC20:16
openstackgerritJames Slagle proposed openstack/python-tripleoclient: Use enable-packages-install
trownbeekneemech is my favorite voltron piece that was rarely in any episodes20:19
bnemectrown: lol20:20
bnemecAnd thanks20:20
trownbut clearly essential to have a good knee20:20
* bnemec has been failing to casual nick friday lately20:20
*** morazi has quit IRC20:20
*** pkovar has joined #tripleo20:21
openstackgerritJames Slagle proposed openstack/instack-undercloud: Use enable-packages-install element
*** rhallisey_ is now known as rhallisey20:23
openstackgerritPradeep Kilambi proposed openstack/puppet-tripleo: Add redis profile
openstackgerritMerged openstack/puppet-tripleo: Disable ip_nonlocal_bind (rely on the HAProxy 'transparent' option)
openstackgerritMerged openstack/instack-undercloud: Remove centos-cloud-repo element
*** yamahata has joined #tripleo20:33
*** egafford has quit IRC20:37
stevebakertrown: hey, tripleo-quickstart OVB is progressing but I can't currently use the built undercloud images because they are a little too virt specific (no cloud-init, possibly tweaked default network interface)20:39
*** MaxPC has quit IRC20:40
*** rickflare has quit IRC20:40
*** rickflare has joined #tripleo20:41
trownstevebaker: hmm, I removed cloud-init because the image took forever to boot otherwise since it was trying to find non-existant metadata server20:41
stevebakertrown: one option would be to configure cloud-init for config-drive only during the image build20:42
*** eggmaster has quit IRC20:43
trownstevebaker:  if that would solve the OVB case, I am all for it20:43
trownor even if it helped get it closer20:43
stevebakertrown: but I wonder if there is a way of doing that during virt boot, like injecting the config-drive data so cloud-init doesn't try to reach the metadata server20:44
trownI bet larsks would know ^20:44
*** lucas-dinner has quit IRC20:44
stevebakertrown: is undercloud built by modifying the overcloud image?20:46
*** dsariel has quit IRC20:46
trown stevebaker, kind of, they both use the same base image that has all of the pacakages pre-installed20:46
stevebakertrown: ah, ok20:47
trownfor the overcloud that base image is just passed to DIB20:47
trownand for the undercloud there are a small amount of conversion steps20:47
trownit saves installing 300 packages twice20:47
stevebakertrown: fair enough20:48
larsksstevebaker: trown: you can certain just attach a config-drive to your libvirt guest to make cloud-init happy.20:49
larsksI generally use "cloud" images with libvirt, because that makes it super easy to inject an ssh key...20:50
trownnice, so we should probably stop removing cloud-init and just add a step to attach a config-drive to the libvirt/setup role20:51
*** lucasagomes has joined #tripleo20:53
trownstevebaker: we dont do anything wrt network interfaces
larsksIn case you wonder what a config drive needs to look like, is what I use locally.20:54
stevebakertrown, bnemec: btw I'm going to propose that the tripleo-quickstart OVB roles live in the openstack-virtual-baremetal repo rather than create yet another one
stevebakertrown: yeah, I wasn't sure about custom networking, its probably just cloud-init20:54
*** lblanchard has quit IRC20:55
trownstevebaker: the downside to doing it that way is that we can't use ansible-galaxy, but I am not sure how useful that is20:56
stevebakertrown: I'm adding it via galaxy and it seems to work20:56
openstackgerritSteve Baker proposed openstack/tripleo-quickstart: Flag to enable OpenStack Virtual Baremetal instead of libvirt
stevebakertrown: ^, although I'm not sure if you're planning on registering these repos on the galaxy website20:58
*** weshay has joined #tripleo20:58
trownstevebaker: ya not sure... not in the short term, but what does look like when using the OVB repo instead of a role repo?20:59
openstackgerritSteven Hardy proposed openstack/instack-undercloud: Work around deletion of _member_ role assignments on upgrade
stevebakertrown: It looks exactly like that!20:59
shardyEmilienM, chem: ^^21:00
stevebakertrown: its just that the role ends up being a path
trownstevebaker: I am confused... that points to
shardyI've not had time to test the entire patch, but I tested the _member_role_exists part and wired in the hiera boolean21:00
shardyI'm dropping off for the day now, if anyone can review/test that would be great21:00
stevebakertrown: oh duh, sorry21:01
trownstevebaker: whoops wrong buffer. that points to
*** lucasagomes has quit IRC21:03
*** rhallisey has quit IRC21:04
*** jobewan is now known as jobewan_away21:05
trownlarsks: I think we could do some of the steps in libvirt/setup/undercloud with a config drive instead21:05
*** dsariel has joined #tripleo21:06
larskstrown: Yeah, probably, but I'm not sure we want to: we don't get the same feedback in the event of failures that we do with virt-customize.  What steps were you thinking about?21:07
stevebakertrown: hmm, maybe galaxy doesn't work with roles in subdirectories21:08
trownlarsks: ah right, key injection, and hostname setting21:10
*** shardy has quit IRC21:11
trownlarsks: hostname setting is done in the image now, which is fine but if we are passing a config-drive to make cloud-init happy anyways might as well do it there21:11
trownmakes the image even more generic21:11
trowncould also move selinux config there from the image build21:12
*** lucasagomes has joined #tripleo21:12
larskstrown: I am kind of nervous about splitting our config so that we have "some things in config drive" and "some things in playbooks".21:12
trownstevebaker: ya, I think it needs to have meta/main.yml at the top level, but that is not a deal breaker, pypi seems like it would work just as well21:12
stevebakertrown: ok I'll have a play, I don't want to pollute the root ovb dirs too much21:13
*** thrash is now known as thrash|g0ne21:14
trownstevebaker: pypi just feels a bit strange because it is not really a python project, it would be a bit like distrubuting a puppet module as a ruby gem21:15
stevebakertrown: we've already committed worse pypi sins (*cough* dib)21:16
trownlarsks: k, we can pass an empty config drive to make cloud-init happy?21:16
larskstrown: well, not *empty*, but with the minimal config as shown in that script I linked earlier...21:17
trownstevebaker: lol, ya but there is no BASH distribution platform... or if there is I dont want to know about it21:17
*** ccamacho has joined #tripleo21:18
trownlarsks: cool, I will check it out, thanks!21:18
trowngotta run, have a good night all21:18
stevebakertrown: thanks \o21:18
*** trown is now known as trown|outtypewww21:18
*** dbecker has quit IRC21:19
*** julim has quit IRC21:20
*** jobewan_away has quit IRC21:27
*** akrivoka has quit IRC21:29
bnemecstevebaker: At least dib has _some_ python in it.  dib-utils is the really horrible one - it's just one bash script, yet it's on pypi. :-)21:32
*** dustins has quit IRC21:33
*** jobewan has joined #tripleo21:35
stevebakerbnemec: I don't think having galaxy roles in the ovb repo will work - lots of little git repos is fine though21:35
*** shadower has quit IRC22:01
*** ccamacho has quit IRC22:05
*** ccamacho has joined #tripleo22:11
*** mbound has quit IRC22:12
*** mbound has joined #tripleo22:15
*** zoli_gone-proxy is now known as zoliXXL22:17
openstackgerritMerged openstack/instack-undercloud: Add a reload of keepalived
*** ayoung has quit IRC22:27
*** yamahata has quit IRC22:27
*** zoliXXL is now known as zoli_gone-proxy22:30
*** yamahata has joined #tripleo22:34
*** lblanchard has joined #tripleo22:38
*** MaxPC has joined #tripleo22:45
*** pkovar has quit IRC22:53
*** jobewan has quit IRC22:54
openstackgerritMerged openstack/diskimage-builder: Prioritize venv python on host
*** mbound has quit IRC23:20
*** Marga__ has joined #tripleo23:25
*** Marga_ has quit IRC23:28
*** panda has quit IRC23:41
*** panda has joined #tripleo23:41

Generated by 2.14.0 by Marius Gedminas - find it at!