| === Beret- is now known as Beret | ||
| mjh | Hello, I am using cloud init to create an ext4 filesystem on an encrypted LUKS device and then mount it. Documentation for LUKS suggests that every block should be written to prior to filesystem creation. I think that `mkfs.ext4 -cc /path/to/device` will do this but cant find an option for this kind of thing in the documentation. Any suggestions? | 10:55 |
|---|---|---|
| smoser | mjh: hm... i dont think you can really manage taht with cloud-init at the moment. | 13:56 |
| smoser | you could probably use something in a boothook or bootcmd | 13:57 |
| smoser | bootcmd: | 13:57 |
| smoser | - [dd, if=/dev/zero, of=/path/to/device] | 13:57 |
| mjh | I havent looked at boothooks / bootcmds yet. I shall RTFM :-) | 14:10 |
| gtmanfred | smoser: sorry about that license agreement, apparently i put the wrong email, i just responded to the person trying to verify me on the agreement to put the correct one | 15:21 |
| gtmanfred | hopefully it should be good to go in a bit | 15:22 |
| smoser | gtmanfred: great thanks. your word here is good enough. it does take a bit for a human to process. | 15:24 |
| gtmanfred | :+1: | 15:24 |
| smoser | can you reply in that mp ? | 15:25 |
| smoser | (even t hough i just said your word here was good enough :) | 15:25 |
| gtmanfred | yup, one second | 15:25 |
| gtmanfred | done | 15:26 |
| gtmanfred | i think | 15:26 |
| gtmanfred | i can respond to launch pad emails and they post them right? | 15:26 |
| gtmanfred | meh, commenteed | 15:26 |
| smoser | yes. | 15:26 |
| gtmanfred | i did both just to be certain :) | 15:27 |
| gtmanfred | cool, thanks! | 15:41 |
| === blackboxsw changed the topic of #cloud-init to: Reviews: http://bit.ly/ci-reviews | Meeting minutes: https://goo.gl/mrHdaj | Next status meeting: Monday 3/5 16:00 UTC | cloud-init 18.1 released (Feb 22, 2018) | ||
| === shardy is now known as shardy_afk | ||
| redkrieg | Hi, I'm using cloud-init on an openstack guest and have a need for static network configuration. I can see in my cloud-init.log file that the network_data.json file was successfully requested from the metadata service and the code I've reviewed in the openstack helper seems like it should be generating a static config for ipv6 but the default interfaces file with dhcp4 is the only thing written. | 18:18 |
| redkrieg | Can I force cloud-init to reconfigure networks? | 18:18 |
| rharper | redkrieg: can you share your network_data.json and what your final network config is ? | 18:19 |
| rharper | redkrieg: Also, if you want cloud-init to configure networking in Openstack, you need to specify configdrive at this time ; | 18:20 |
| rharper | it's on the roadmap to read network config from the metadata service early enough that cloud-init can write out a network configuration like it does with configdrive, but that's not done yet | 18:20 |
| redkrieg | the json comes out like this: https://pastebin.com/E9uJZRBn | 18:21 |
| redkrieg | I didn't realize that wasn't implemented. The docs seem to indicate that it is supported :( | 18:21 |
| redkrieg | https://pastebin.com/ivRtvyJ4 is the config that it generates, but that makes sense if metadata isn't acquired early enough. | 18:22 |
| redkrieg | how about forcing cloud-init to rebuild network config? is that something that can be done? it doesn't appear to be a module that I can find. | 18:23 |
| rharper | if you change the instnace to use configdrive, it will work | 18:23 |
| smoser | yeah. | 18:23 |
| rharper | well, after networking is up, trying to re-apply could interrupt existing connections | 18:23 |
| redkrieg | not worried about that, it'd be something a client would do from our custom control panel and will come with all the usual warnings about what modifying network configs does | 18:24 |
| smoser | redkrieg: we do want to make this do the right thing. | 18:26 |
| smoser | and its not really a difficult change for first boot configuration | 18:26 |
| smoser | (hotplug is more difficult) | 18:26 |
| smoser | just a matter of resources at the moment. | 18:26 |
| redkrieg | yeah, once the user gets their hands on something they tend to create edge cases :D | 18:27 |
| * smoser shakes fist at users | 18:28 | |
| === logan_ is now known as logan- | ||
| redkrieg | config drive is working great for initial boot, thanks! Is it possible to force cloud-init to reconfigure networking on the next boot or something similar? | 19:01 |
| smoser | redkrieg: no. not really. | 19:06 |
| redkrieg | ouch. guess I'll have to cook something up to runcmd on boot and do it manually :\ | 19:08 |
| redkrieg | I think a neat feature would be testing for the absence of /etc/network/interfaces.d/50-cloud-init.cfg (or related files for other distros) and rebuilding. Might take a swing at that over the weekend. | 19:10 |
| rharper | smoser: powersj: so both chrony and timesyncd happily don't run in containers unless you run them with the right capabilities to adjust time; isc-ntp seems to run anyhow even if it can't adjust the time | 20:22 |
| rharper | that does make the integration test a bit more challenging w.r.t asking the client itself how it's configured (versus just parsing the config file) | 20:22 |
| rharper | thoughts ? | 20:22 |
| powersj | what are the right capabilities? | 20:32 |
| rharper | heh, !Container | 20:35 |
| rharper | which is annoying | 20:35 |
| rharper | lemme get the chrony one | 20:36 |
| rharper | ConditionCapability=CAP_SYS_TIME was not met | 20:37 |
| rharper | timesyncd probably should use the ConditionCapability check that chrony uses but that's an upstream change | 20:38 |
| powersj | ha | 20:40 |
| powersj | rharper: so if someone tries to setup time via chrony with cloud-init with a container what is the expected behavior? nothing? warning message? | 20:41 |
| rharper | from cloud-init perspect, we did what we were asked | 20:42 |
| rharper | chrony service it self can't start for it's one restrictions | 20:42 |
| rharper | I mean, it's not really any different than ntpd, which runs but cannot adjust the clock without capabilities | 20:42 |
| rharper | chrony has a track time but don't adjust the system time mode; however, in unpriv container, it still wants to drop root privs, but that's a restricted capability so it can't do that | 20:43 |
| powersj | then for the test validate the config and move on? | 20:43 |
| rharper | well, do we do different tests on kvm vs lxd ? | 20:43 |
| rharper | I need to run in a vm and see if I can get them to dump out any information anyhow | 20:44 |
| rharper | systemd packages are notorious for not saying anything about their config | 20:44 |
| rharper | the timedatectl --status shows NTP Sync=Yes | 20:44 |
| rharper | that's it | 20:44 |
| rharper | thanks | 20:44 |
| powersj | and we do not run different tests for kvm vs lxd | 20:45 |
| rharper | well, crud | 20:47 |
| blackboxsw | rharper: I have an example started | 20:53 |
| blackboxsw | for the snap testing | 20:54 |
| blackboxsw | as snap on container requires squashfuse | 20:54 |
| blackboxsw | and non-container doesn't | 20:54 |
| blackboxsw | our cloud_tests need to provide that platform information to the individual unit tests | 20:54 |
| rharper | well, the thing is, I'm not really ok running priv container trying to sync time | 20:54 |
| rharper | I think we need a way to skip tests on certain platforms | 20:55 |
| rharper | if that's not there | 20:55 |
| rharper | so, we'll collect the data, then run the verify on it; if it knows that it was collected on a particular platform we could raise SkipTest where we know it won't be accurate | 20:56 |
| blackboxsw | rharper: it's not, but I agree we do need a skiptest decorator that chan check platform details | 21:04 |
| rharper | well | 21:08 |
| rharper | guess who get's to poke at that | 21:08 |
| rharper | but not in the initial branch | 21:08 |
| * rharper is going to push that up for review shortly | 21:08 | |
| smoser | rharper: i think that cloud-init does what it was told | 21:24 |
| rharper | yeah | 21:25 |
| smoser | if that means installing a servie that will fail to start | 21:25 |
| smoser | then we still did what we were told | 21:25 |
| rharper | I agree; I'm mostly concerned about trying to verify if our template is correct | 21:25 |
| smoser | its kind of over-zealous to have a service that simply says "i dont run in a container" | 21:25 |
| rharper | we had that ntp bug about not having config on disk prior to install and restarting the daemon; we do those things now | 21:25 |
| rharper | but our template could still be broken | 21:25 |
| smoser | baking in assumption that the system clock is not namespaced | 21:26 |
| rharper | smoser: yes, systemd is obnoxious =) | 21:26 |
| smoser | or the container platform doesnt provide some psuedo mechanism for that. | 21:26 |
| rharper | a day hasn't gone by where i"m not swearing at something packaged in systemd, so no change there | 21:26 |
| rharper | I suspect we didn't add an integration test for UbuntuCore which used the timesyncd path, or we'd see this (ie, we configure it, but have no way of verifying it uses the servers) since timedatectl doesn't emit useful information other than 'ntp sync=Yes' if it's synced | 21:27 |
| rharper | I do think we can run this in KVM and at least for some clients (ntp, at least, possibly chrony) as the daemon for what servers it connected with ; and validate that matches what we configured ; I'll play with chrony in a VM | 21:28 |
| blkadder | systemd is love. | 21:33 |
| rharper | said no one ever | 21:33 |
| blkadder | :-) | 21:33 |
| rharper | until *now* | 21:33 |
| blkadder | Still amazed at how quickly it got pushed through. | 21:34 |
| blkadder | But I just try to hold my nose and focus on other things. :-) | 21:35 |
| * blkadder eagerly awaits the LinuxRegistry | 21:35 | |
| smoser | rharper: do you remember the bug where cloud-init was hanging tdue to /dev/random / kernel-config missing some options ? | 21:36 |
| smoser | can't find it | 21:36 |
| smoser | cyphermox i think you filed ? | 21:36 |
| rharper | smoser: yes | 21:36 |
| rharper | https://bugs.launchpad.net/ubuntu/+source/cloud-init/+bug/1727358 | 21:37 |
| ubot5` | Ubuntu bug 1727358 in python3.6 (Ubuntu) "cloud-init is slow to complete init on minimized images" [Wishlist,Triaged] | 21:37 |
| rharper | smoser: lol, I know where you're going | 21:37 |
| dpb1 | rharper: blkadder: I ordered this shirt for you both: https://goo.gl/hzFdR3 | 21:40 |
| blkadder | HAHAHA | 21:40 |
| rharper | (╯°□°)╯︵ ┻━┻ | 21:40 |
| rharper | dpb1: just you wait dpb1 | 21:40 |
| blkadder | Is there an option to order one bathed in tears? | 21:41 |
| dpb1 | I think they come with a first aid kit for all the fights you will get in after putting it on. | 21:43 |
| blackboxsw | nerd fights, I think there is an ESPN channel with that kinda action | 23:05 |
| blackboxsw | hrm one last manual test for ubuntu SRU https://pad.lv/#1731868 | 23:07 |
| blackboxsw | or rather bug #1731868 | 23:07 |
| ubot5` | bug 1731868 in cloud-init (Ubuntu) "cloud-id: enable ESXi 6.5.0" [High,Fix released] https://launchpad.net/bugs/1731868 | 23:07 |
| blackboxsw | I can upgrade my vphere bootstrapped env w/ latest cloud-init and the ds-identify warning is gone... but not sure if there is an easier test for that. | 23:08 |
Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!