| === ubuntu is now known as bdx | ||
| Budgie^Smore | I just found the "inspiration" for hardening maas once I have my cluster bootstrapped :) | 01:02 |
|---|---|---|
| stormmore | ok that feels better... weird how not having a tool really puts you off your game | 01:13 |
| stormmore | hey lazyPower have you seen the ATT Community Development github repos? | 01:39 |
| === mup_ is now known as mup | ||
| === mimizone_ is now known as mimizone | ||
| === Spads_ is now known as Spads | ||
| === niemeyer_ is now known as niemeyer | ||
| === StoneTable is now known as aisrael | ||
| ybaumy | hi. im trying to deploy openstack with juju charms which creates containers inside containers. but somehow the permissions are not inherited | 08:01 |
| ybaumy | im using xenial | 08:01 |
| ybaumy | show-machine says for the containers that creating container: failed to change ownership of /var/lib/lxd/containers/juju.../rootfs | 08:03 |
| ybaumy | i set security.nesting to true but that doesnt change the behaviour | 08:24 |
| lazyPower | ybaumy: are you using zfs pools? | 09:06 |
| ybaumy | lazyPower: no | 10:01 |
| ybaumy | i filled a bug report to see what the devs says to this | 10:32 |
| ybaumy | so i read i had to do an lxd init to correctly inherit permission from the parent container. i thought maybe i could trick the deployment in setting up the machines manually and then starting the deploy process. but the deploy just created new machines and didnt use the ones i setup | 13:57 |
| ybaumy | so same result | 13:57 |
| ybaumy | there is a -to parameter for deploy but i dont know how to say .. like use machine from o1-5 | 13:59 |
| ybaumy | does anyone know how to bind bundles to a set of machines? | 14:01 |
| ybaumy | is there somebody online from the devs in my timezone? | 14:06 |
| ybaumy | which is CET | 14:06 |
| rick_h | ybaumy: bundles don't support existing machines as that makes them not a reusable model. | 15:13 |
| rick_h | ybaumy: there's a feature item to make that part of the deploy command so you can map the machines in a bundle to existing machines in a clean wau | 15:14 |
| rick_h | way | 15:14 |
| rick_h | But it's not available yet | 15:14 |
| ybaumy | rick_h: can you explain me if its a bug that permissions are not correctly inherited in a container->container model | 15:25 |
| rick_h | Permissions of what? | 15:26 |
| rick_h | ybaumy: ^ | 15:26 |
| ybaumy | show-machine says for the containers that creating container: failed to change ownership of /var/lib/lxd/containers/juju.../rootfs | 15:26 |
| ybaumy | like 0/lxd/0 | 15:26 |
| ybaumy | thats the problem im having | 15:27 |
| rick_h | ybaumy: out of the box juju does not support nested containers with the default lxd profile. Doing so is a security concern. Lxd ships a a different profile for that use case. | 15:27 |
| ybaumy | rick_h: so what can i do? | 15:27 |
| rick_h | ybaumy: I know conjure-up and the lxd on OpenStack work (novalxd) do some updates to the profile to work. | 15:28 |
| ybaumy | rick_h: i got conjure-up working but i wanted to try juju deploy | 15:28 |
| ybaumy | rick_h: but i can live with that ... if there is no way | 15:29 |
| rick_h | ybaumy: https://insights.ubuntu.com/2016/12/07/lxd-2-0-lxd-and-openstack-1112/ and some other notes with the OpenStack bundles/etc have some instructions | 15:29 |
| rick_h | https://github.com/openstack-charmers/openstack-on-lxd/blob/master/README.md | 15:30 |
| rick_h | ybaumy: I'd check out ^ as that comes from the team working on those OpenStack charms | 15:30 |
| ybaumy | rick_h: ok i will. thanks for the links. | 15:31 |
| rick_h | ybaumy: good luck | 15:31 |
| ybaumy | thx | 15:31 |
| ybaumy | im now trying vmware + juju lets see how to deploy openstack there | 16:31 |
| ybaumy | rick_h: this looks much better ... no permission problems here. i should have tried that in the first place | 16:43 |
| ybaumy | but too bad. the install hooks are exiting with error | 16:53 |
| ybaumy | i guess i have to manually roll it out | 16:53 |
| rick_h | ybaumy: what's the install hook errors? | 16:59 |
| ybaumy | rick_h: i checked one server and it says in the machine.log in /var/log/juju that no kvm containers are possible | 17:05 |
| ybaumy | rick_h: it then exits with 1 | 17:05 |
| ybaumy | that was on node 0 .. on node 1 i see the same message but also lxd init messages | 17:07 |
| ybaumy | rick_h: its not possible in this state to run lxd init. which i understand since a lxd instance is already running | 17:08 |
| ybaumy | i get the KVM message on every node | 17:12 |
| ybaumy | btw im using xenial stable... should i switch to beta? | 17:15 |
Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!