Perl 6 - the future is here, just unevenly distributed

IRC log for #puppet-openstack, 2014-07-22

| Channels | #puppet-openstack index | Today | | Search | Google Search | Plain-Text | summary

All times shown according to UTC.

Time Nick Message
00:04 daneyon joined #puppet-openstack
00:21 aldavud joined #puppet-openstack
00:35 aimon joined #puppet-openstack
00:38 tfhartmann joined #puppet-openstack
00:39 thumpba joined #puppet-openstack
00:41 thartmann joined #puppet-openstack
00:49 rmoe joined #puppet-openstack
01:03 xarses joined #puppet-openstack
01:10 thumpba joined #puppet-openstack
02:05 ianw joined #puppet-openstack
02:10 thumpba joined #puppet-openstack
02:18 douglascamata joined #puppet-openstack
02:19 douglascamata Hello guys, I have a little doubt about puppet-openstack network configuration
02:20 douglascamata is it able to be configured to use GRE networking with 2 NICs?
02:30 michchap douglascamata: do you mean like a bonded network for more bandwidth and fault tolerance, or do you mean you want to create tenant GRE networks on two separate NICs for some other reason?
02:32 douglascamata @michchap let me explain it better. I got 4 rack servers with 2 NICs, plus the management NIC, but I don’t have a swtich/router capable of doing L2/L3 routing. I wanted to know is it’s possible to use puppet-openstack to deploy openstack in this environment.
02:37 michchap douglascamata: you can deploy openstack without having a router, but the VMs won't be able to access the internet.
02:38 michchap douglascamata: puppet-openstack can do this
02:40 douglascamata michchap: What I really want if to avoid the VLAN configuration in the router. I had some successful tests using chef to deploy OpenStack using neutron + gre networking and the VMs were able to access the internet. But I didn’t enjoyed chef a lot and want to give puppet a chance.
02:41 douglascamata Back then, when I tested chef, I was running all networks on one single NIC, though.
02:43 michchap douglascamata: If you just want to deploy using neutron + gre, then this can be done using the puppet modules. I have to warn you that they are quite complex to piece together correctly, so we generally use a composition layer. Take a look at this module to get started: https://github.com/puppetlabs/puppetlabs-openstack
02:43 daneyon joined #puppet-openstack
02:45 douglascamata michchap: I already checked that module. But I couldn’t find stuff about the network configuration. Then I came here.
02:45 douglascamata Does the module use neutron with GRE or VLAN tagging?
02:46 michchap douglascamata: GRE tunnels.
02:47 douglascamata michchap: Then guess it’s possible to do what I’m thinking. Are you sure the VM’s won’t be able to access the internet, even if I have 2 NICs?
02:49 michchap douglascamata: if the server you are deploying on can route to the internet, then you can configure the VMs to do the same. I may have misunderstood your comment about not having a switch/router with the ability to route.
02:49 douglascamata If they can get addresses from the DHCP server in the network, they’ll be able to access the internet. By the way, I have like 20 IPs out of the DHCP range for my nodes.
02:50 douglascamata michchap: I think that was my fault, I don’t know a lot about routing, L2 and L3 stuff.
02:50 douglascamata michchap: well, I’m gonna try it next week. Thanks for the help!
02:50 michchap douglascamata: It's one of the hardest parts to configure in OpenStack so you are not alone in that :)
02:50 michchap douglascamata: Good luck!
02:51 douglascamata michchap: puppet-openstack is much easier to configure and use than the chef scripts I was using.
02:56 douglascamata michchap: hey, may I ask for one more thing?
03:09 michchap douglascamata: yep?
03:11 douglascamata michecap: Considering that my DHCP range is 192.168.0.20-255 and my nodes are in range 192.168.0.1-20, how would configure the following lines?
03:11 douglascamata https://github.com/puppetlabs/puppetlabs-open​stack/blob/master/examples/common.yaml#L4-L23
03:11 douglascamata would I*
03:12 douglascamata external and api would be 192.168.0.0/24, right?
03:13 douglascamata Can I leave data and management networks as they are?
03:14 richm left #puppet-openstack
03:53 michchap douglascamata: That sounds right for external and api
03:54 michchap douglascamata: you can also put management on the same network
03:54 michchap douglascamata: management is used for the internal keystone endpoints and communication between services
03:57 michchap douglascamata: data is used to specify which interface to use for GRE tunnels.
04:05 shakamunyi joined #puppet-openstack
04:08 ianw joined #puppet-openstack
04:13 openstackgerrit Michael Chapman proposed a change to stackforge/puppet_openstack_builder: Install wget if it's not already there  https://review.openstack.org/108571
04:13 sanjayu joined #puppet-openstack
04:19 douglascamata_ joined #puppet-openstack
04:24 openstackgerrit Michael Chapman proposed a change to stackforge/puppet_openstack_builder: Use facter for hostname in bootstrap script  https://review.openstack.org/108573
04:32 douglascamata michchap: I see that in common.yaml from the examples folder you give a fixed ip address to the storage node… what if I want more than one storage node?
04:34 michchap douglascamata: the puppetlabs-openstack module is good for getting started but you may need something more flexible if you need to change your deployment to have a different architecture.
04:35 douglascamata michchap: do you have any tools to recommend?
04:35 michchap douglascamata: which operating system are you using?
04:36 douglascamata michchap: I’m building this environment for a university’s project. Now we have 4 rack servers only, but it can get a lot bigger.
04:36 douglascamata michchap: Ubuntu is the favorite, always. But I can use CentOS if that’s better in this case
04:38 guimaluf joined #puppet-openstack
04:39 michchap douglascamata: if you're just getting started with puppet then it will be difficult to understand how the modules work together - they are quite complicated. Some vendors put things in front of the modules to try to simplify their usage for end users, but the result is that you will lose flexibility. So if you want to learn how the modules work, try modifying the puppetlabs-openstack module to support your use case. If you don't t
04:39 michchap here are tools from Cisco, eNovance, RedHat, Mirantis and others that are designed to be used in production that use the puppet modules at the back.
04:40 douglascamata michchap: I tried Mirantis Fuel once, when I had only 1 NIC, but I didn’t support 1 NIC configuration. Do you know if now, with 2 NICs I’ll be able to deploy it?
04:41 michchap douglascamata: I haven't tried Fuel myself so I can't answer that, but I expect it would.
04:52 xarses joined #puppet-openstack
05:19 daneyon joined #puppet-openstack
05:43 openstackgerrit Michael Chapman proposed a change to stackforge/puppet_openstack_builder: Fix ruby version detection in bootstrap  https://review.openstack.org/108580
06:26 daneyon joined #puppet-openstack
06:29 mkoderer joined #puppet-openstack
06:39 aldavud joined #puppet-openstack
06:43 unixpro1970 joined #puppet-openstack
06:46 unixpro1970 joined #puppet-openstack
07:09 arnaud_orange joined #puppet-openstack
07:19 sbadia morning
07:21 sbadia fvollero: a bit late, but i'm here :-)
07:28 arnaud_orange morning
07:44 artem_panchenko joined #puppet-openstack
07:46 fvollero sbadia: in paris ?
07:58 aldavud_away joined #puppet-openstack
08:13 mmagr joined #puppet-openstack
09:08 michchap Any redhatters know if gildub is about? I need a small change to his vswitch patch but other than that it's ready to go in.
09:33 openstackgerrit joined #puppet-openstack
09:54 Qu4tre joined #puppet-openstack
09:54 blentz joined #puppet-openstack
09:56 dmsimardz joined #puppet-openstack
09:56 anteaya joined #puppet-openstack
10:28 sanjayu joined #puppet-openstack
10:31 dgollub joined #puppet-openstack
10:54 thartmann joined #puppet-openstack
11:37 sanjayu joined #puppet-openstack
11:53 morazi joined #puppet-openstack
11:55 gcha mgagne: you around ?
11:58 dmsimard gcha: he's not in the office yet
11:58 gcha dmsimard: fair enough, thanks !
11:58 dmsimard np
12:07 openstackgerrit Jens-Christian Fischer proposed a change to stackforge/puppet-nova: Don't define virsh secret if already defined  https://review.openstack.org/108664
12:15 openstackgerrit Jens-Christian Fischer proposed a change to stackforge/puppet-nova: Don't define virsh secret if already defined  https://review.openstack.org/108664
12:29 tfz joined #puppet-openstack
12:31 rcrit left #puppet-openstack
12:49 derekh_ joined #puppet-openstack
12:51 openstackgerrit Valery Tschopp proposed a change to stackforge/puppet-keystone: keystone_user_role supports email as username  https://review.openstack.org/108677
12:55 dprince joined #puppet-openstack
12:57 social fvollero: what should I do to get this in? https://review.openstack.org/#/c/104550/ I could sacrify lamb at your old place or something if it'll get me +1 on workflow...
12:57 mjblack joined #puppet-openstack
12:58 mjblack joined #puppet-openstack
13:02 openstackgerrit Valery Tschopp proposed a change to stackforge/puppet-keystone: keystone_user_role supports email as username  https://review.openstack.org/108677
13:02 tfhartmann joined #puppet-openstack
13:02 fvollero social: gonna look at it now bro
13:03 fvollero social: done
13:03 michchap social: I was hoping someone from Cisco would comment on the patch since I believe they added the feature in the first place to deal with ubuntu packaging not managing uid
13:03 social michchap: they still can deal with it as it's backwards compatible now
13:04 michchap social: yeah I'm sure it's fine. I added markvoelker to the review a month ago and he would have -2'ed if it was a problem for them.
13:04 social fvollero: what shall I do with that lamb now?
13:04 michchap social: I'm trying to test changes in my little harness before I +2 them so I am a bit slower approving commits at the moment.
13:05 michchap social: so I apologize if I'm delaying your patch.
13:05 markvoelker Heh, sorry gents...been out on paternity leave following the arrival of my new daughter at the beginning of July. =)
13:05 michchap markvoelker: congrats!
13:05 markvoelker michchap: thanks!
13:06 social michchap: np, I just tend to forget on open reviews so I better push for them as we already have them in our packages
13:06 fvollero social: Send it to me
13:06 fvollero markvoelker: Congrats mate!
13:06 markvoelker fvollero: thanks!
13:07 openstackgerrit Sebastien Badia proposed a change to stackforge/puppet-neutron: Hide secrets from puppet logs  https://review.openstack.org/106524
13:07 openstackgerrit Sebastien Badia proposed a change to stackforge/puppet-neutron: Hide secrets from puppet logs  https://review.openstack.org/106524
13:08 rwsu joined #puppet-openstack
13:10 openstackgerrit Sebastien Badia proposed a change to stackforge/puppet-ironic: Hide secrets from puppet logs  https://review.openstack.org/106525
13:11 fvollero markvoelker: :)
13:12 openstackgerrit Sebastien Badia proposed a change to stackforge/puppet-tempest: Hide secrets from puppet logs  https://review.openstack.org/106523
13:13 openstackgerrit Sebastien Badia proposed a change to stackforge/puppet-heat: Hide secrets from puppet logs  https://review.openstack.org/106526
13:14 openstackgerrit Sebastien Badia proposed a change to stackforge/puppet-cinder: Hide secrets from puppet logs  https://review.openstack.org/106528
13:19 openstackgerrit A change was merged to stackforge/puppet-nova: Don't manage the nova uid/gid if nova_{user,group}_id is undef  https://review.openstack.org/104550
13:21 openstackgerrit Jens-Christian Fischer proposed a change to stackforge/puppet-nova: Don't define virsh secret if already defined  https://review.openstack.org/108664
13:22 openstackgerrit Sebastien Badia proposed a change to stackforge/puppet-designate: Hide secrets from puppet logs  https://review.openstack.org/106529
13:24 openstackgerrit A change was merged to stackforge/puppet-cinder: Ensure target service is running when using lioadm  https://review.openstack.org/103819
13:35 Heemps joined #puppet-openstack
13:47 prad joined #puppet-openstack
14:09 tfhartmann joined #puppet-openstack
14:15 openstackgerrit Lukas Bezdicka proposed a change to stackforge/puppet-cinder: Extend cinder::setup_test_volume to use cinder provided path  https://review.openstack.org/107936
14:25 michchap is there a meeting today?
14:27 daneyon joined #puppet-openstack
14:41 openstackgerrit A change was merged to stackforge/puppet_openstack_builder: Fix iscsi_ip_address to work automatically for AIO  https://review.openstack.org/108045
14:42 doo joined #puppet-openstack
14:48 morazi joined #puppet-openstack
14:48 tfhartmann joined #puppet-openstack
14:50 openstackgerrit A change was merged to stackforge/puppet_openstack_builder: Fix iscsi_ip_address to work automatically for AIO  https://review.openstack.org/108046
15:02 daneyon joined #puppet-openstack
15:05 dmsimard This probably isn't a question for here, but in the puppet config providers, DEFAULT/ is hardcoded for the sections
15:06 dmsimard e.g, https://github.com/stackforge/puppet-ce​ilometer/blob/master/manifests/init.pp DEFAULT/ all over the place
15:06 dmsimard Oh, there's actually a publisher/ in there
15:07 dmsimard Hmmm, I was wondering if there was a value in setting something other than default
15:07 dmsimard Seeing as olso can potentially use multiple sections http://docs.openstack.org/developer​/oslo.config/cfg.html#option-groups
15:08 mdorman joined #puppet-openstack
15:10 sputnik13 joined #puppet-openstack
15:11 xarses joined #puppet-openstack
15:11 mdorman joined #puppet-openstack
15:17 sputnik13 joined #puppet-openstack
15:19 zeus joined #puppet-openstack
15:30 arnaud_orange left #puppet-openstack
15:42 openstackgerrit Sebastien Badia proposed a change to stackforge/puppet-openstack: Normalize Gemfile & pin tests to rspec < 2.99  https://review.openstack.org/101704
15:46 openstackgerrit Ivan Berezovskiy proposed a change to stackforge/puppet-glance: Add support to configure control_exchange  https://review.openstack.org/108738
15:56 openstackgerrit Ivan Berezovskiy proposed a change to stackforge/puppet-glance: Add support to configure control_exchange  https://review.openstack.org/108738
16:02 mgagne I would like someone to review https://review.openstack.org/#/c/106514/1 and https://review.openstack.org/#/c/106513/1 it's blocking me from backporting linuxbridge ml2 to icehouse
16:16 openstackgerrit Lukas Bezdicka proposed a change to stackforge/puppet-cinder: Extend cinder::setup_test_volume to use cinder provided path  https://review.openstack.org/107936
16:29 openstackgerrit Mathieu Gagné proposed a change to stackforge/puppet-neutron: Undeprecate enable_security_group parameter  https://review.openstack.org/106513
16:29 openstackgerrit Mathieu Gagné proposed a change to stackforge/puppet-neutron: ml2: fix neutron-server restart  https://review.openstack.org/108750
16:29 openstackgerrit Mathieu Gagné proposed a change to stackforge/puppet-neutron: Add linuxbridge mechanism support for ML2 plugin  https://review.openstack.org/108751
16:33 aldavud_away joined #puppet-openstack
16:34 rmoe joined #puppet-openstack
16:37 unixpro1970 joined #puppet-openstack
16:44 mmaglana joined #puppet-openstack
16:53 aimon joined #puppet-openstack
17:10 morazi joined #puppet-openstack
17:41 tfhartmann joined #puppet-openstack
17:53 aimon joined #puppet-openstack
18:05 aimon joined #puppet-openstack
18:33 aimon joined #puppet-openstack
18:56 shakamunyi joined #puppet-openstack
19:20 morazi joined #puppet-openstack
19:37 aldavud joined #puppet-openstack
19:43 mmagr joined #puppet-openstack
19:51 sputnik13 joined #puppet-openstack
20:12 richm joined #puppet-openstack
20:13 richm hello - I'm trying to add support to puppet to allow the setup of keystone to use apache mod_wsgi instead of the standalone eventlet based service
20:13 richm https://github.com/richm/puppet-keystone/com​mit/212e9d71e5126058ff05a165893f78adfdf58340
20:14 richm To test this easily, I've hacked packstack to add support for a keystone-use-wsgi param - https://gist.github.com/richm/53588eb5b0d850b9ed0e
20:14 richm The problem is that when horizon is set up, it removes the keystone apache config
20:14 richm so I have changed packstack to also do a "include ::apache" in prescript.pp
20:15 richm then, in both keystone::wsgi::apache and horizon::wsgi::apache, do "class { '::apache': purge_configs => false }"
20:15 richm this _almost_ works
20:16 richm My remaining problem is that the { apache::listen {'443':} } from the horizon vhost setup removes the Listen 5000 and Listen 35357 from conf/ports.conf
20:20 richm I am stuck - I'm not sure how to proceed at this point
20:20 richm I would appreciate any help
20:33 social richm: I'd call apache::listen {'443':; '5000':; '35357':;}
20:35 richm social: where?
20:37 social well the 5000 and 35357 should probably go into puppet-keystone
20:37 social richm: issue you have with packstack is that it does not run one catalogue but it runs in several stages
20:37 richm right
20:38 richm not one big manifest, but several smaller manifests, one for each component
20:38 richm looks like the apache module was designed to handle that case though - the purge_configs => false parameter
20:38 social and apache module needs to know in all those stages about the ports where it's suposed to listen so a) refactor everything that uses apache to one place or b) copy at least all the apache::listen to all the places where it's called
20:39 social in your case it's packstack/puppet/templates/horizon.pp packstack/puppet/templates/nagios_server.pp and probably your keystone template
20:40 richm so that means somewhere In keystone I have to do apache::listen { $horizon_port; $nagios_port; $keystone_main; $keystone_admin}
20:40 richm and the same in horizon and nagios?
20:40 social yes but packstack keystone template, not puppet-keystone
20:41 richm then I'll need to hack everywhere apache::vhost is used, to do add_listen => false?
20:42 richm and then, make sure the code in apache/init.pp itself that sets up ports.conf is not the thing that steps on ports.conf?
20:42 social hmm sec
20:43 social no
21:05 aldavud joined #puppet-openstack
21:18 openstackgerrit Colleen Murphy proposed a change to stackforge/puppet-openstacklib: Add db::postgresql to openstacklib  https://review.openstack.org/107179
21:30 openstackgerrit Colleen Murphy proposed a change to stackforge/puppet-openstacklib: Add db::postgresql to openstacklib  https://review.openstack.org/107179
21:32 shakamunyi joined #puppet-openstack
21:58 richm social: same problem - horizon install wipes out keystone ports from conf/ports.conf
22:26 meylor joined #puppet-openstack
22:35 tfz joined #puppet-openstack
22:58 aimon joined #puppet-openstack
23:51 richm left #puppet-openstack

| Channels | #puppet-openstack index | Today | | Search | Google Search | Plain-Text | summary