=== markthomas_ is now known as markthomas [00:37] Hello everyone, I really need some help about https://github.com/jetstack/cert-manager/issues/641#issuecomment-399999436 , i don't know how to do this after conjure-up (which uses juju) kubernetes-core deployment, can anyone help me please? === markthomas_ is now known as markthomas [02:06] hi atdprhs it's worth to have a check on #conjure-up [02:08] it's like you need customise some options for k8s api-server, [02:10] kelvinliu_I am already checking with them but no answer, but as far as I know, conjure-up is using juju [02:10] so my best guess on such issue, it needs juju involvement [02:11] it's more like you need config the deployment. [02:15] i m not sure if u can find the config option from here, https://jaas.ai/u/containers/kubernetes-master [02:17] juju config kubernetes-master apiserver-cert-extra-xxxx=xxxxx [02:17] u just need to set the config like this [02:20] Could this help with the DNS issue? [02:22] from the link u give me, they fix it by customising the api-server option. [02:24] yes, I see `kubeadm init --apiserver-cert-extra-sans="mydomainhere.com" --pod-network-cidr="10.244.0.0/16" --service-cidr="10.96.0.0/12" --apiserver-advertise-address="0.0.0.0"` [02:24] I don't know how or to what I configure `--pod-network-cidr="10.244.0.0/16" --service-cidr="10.96.0.0/12"` [02:25] so it's not an issue with juju at all, [02:25] On kubernetes chat, I have received a response from one of the guys there `I used conjure-up to deploy my k8s and use cert manager. What is wrong that you're trying to fix here? Do you have the same issue as the bug? Do you know what is actually happening to get an odd cert like that? It looks like the solution was just to change or define network [02:25] stuff and extra sans. You can do all that with juju, but shouldn't have to do it.` [02:26] This guy is currently offline [02:26] as i just said, u will need find the relevant options in the doc of kubernetes master then run the cmd above to config it [02:26] but based on him, it look like it's all juju [02:27] From the document you sent `DNS for the cluster` might help I guess as I know it's DNS issue, cuz all of my pods can't communicate with any HTTPs, my cert-manager gets `cert-manager/controller/clusterissuers "msg"="error setting up issuer" "error"="Get https://acme-staging-v02.api.letsencrypt.org/directory: x509: certificate is valid for ingress.lo [02:27] cal, not acme-staging-v02.api.letsencrypt.org" "resource_kind"="ClusterIssuer" "resource_name"="letsencrypt-staging" "resource_namespace"=""` and my other pods are also reporting similar issue like `https://github.com/...: x509: certificate is valid for ingress.local` [02:33] sorry, im not an expert of k8s api-server, it's better to wait him online or ask others in k8s channel. [02:33] that's alright kelvinliu_ I really appreciated your responses, it's ok, I'll be waiting for this guy looks like :D [04:56] atdprhs: did you get anywhere? you could try filing a question at https://discourse.jujucharms.com/, where we have a conjure-up category [05:54] Thanks timClicks, I created https://discourse.jujucharms.com/t/https-acme-staging-v02-api-letsencrypt-org-directory-x509-certificate-is-valid-for-ingress-local-not-acme-staging-v02-api-letsencrypt-org/1894 [05:55] I gotta go, I hope someone could help about [05:55] it [05:55] cya [11:17] OT: i've added consumming offer in add_relation, just adding an integration test - then I can add the bundle changes stuff :D [11:57] stickupkid: can you please take a look at https://github.com/juju/charmrepo/pull/154? [12:54] achilleasa done LGTM [13:49] stickupkid: here is the forward port pr if you have a minute: https://github.com/juju/juju/pull/10477 [13:49] stickupkid: should be the same as 10475 but for develop [13:51] hml, done - tiny nit, ignore if you like [13:52] stickupkid: i might, ty - it’s been like that for a while. :-/ [13:52] hml, fine by me, i don't expect it to be fix tbh, just a pointer :D [14:25] achilleasa: starting qa of 10476. :-) [14:40] achilleasa: for QA, the default model only has offers and no units?, and i have 2 units in the test1 model? [14:55] can you not consume an offer using add_relation...? [14:58] ah, i wonder if you have ubuntu as a saas and nrpe as a subordinate it won't work, if so the error message sucks [14:59] stickupkid: are you doing the break it qa? i’m following the happy path qa [14:59] hml, this is for pylib [14:59] :-) [15:00] hml, trying to test my add_relation code, i choose my charms badly [15:12] stickupkid: achilleasa: I'm updating the webhooks for charmrepo [15:12] jam, ta [15:12] stickupkid: achilleasa: did you add a Jekins job ? [15:12] stickupkid: I don't see a github-check-merge-juju-charmrepo job [15:12] jam, i've not - but i can check [15:15] Checking issue comment '!!build!! [15:15] ' for repo juju/charmrepo” [15:15] stickupkid: ^^ log/all so I think that is wired up, just needs the jobs [15:20] achilleasa: question about the pr [15:21] jam, has triggered a build, but it's not updating github [15:21] We want to make sure that we're properly handling Channels, as it is one of the major features of charmstore-next [15:21] stickupkid: bot probably doesn't have perms, will check [15:22] stickupkid: bots added and given Write [15:22] jam, nice works [15:23] achilleasa, so it fails now trying to find a mongo [15:24] stickupkid: sounds like the setup script needs to use one of the mongodb based ones [15:24] stickupkid: you can look at juju/txn I think ? [15:24] it installs mongo and go before running the tests [15:25] jam, fair, i'll fix [15:26] whoa - this feels wrong "curl -sS --tlsv1.2 https://raw.githubusercontent.com/golang/dep/master/install.sh | sh" [15:29] jam, that works now [17:05] hml: I have replied to your comment in the bundle PR. Can you take a look? [17:07] achilleasa: can we reword the error… extremely misleading [17:07] ERROR cannot deploy bundle [17:10] hml: technically, the bundle deployment fails (partially). Any ideas for a more descriptive error? (also a question for rick_h) [17:11] achilleasa: what are the peices of a bundle called? [17:12] hml: "bundle changes". Although I don't think we have user-facing terms for them (I could be wrong though) [17:12] achilleasa: thinking of some idea in the pr. [17:13] ERROR bundle deployment failed at: [17:14] hml: I think the confusion stems from the fact that this is all non-transactional. Because if it fails for whatever reason you end up with an unclean state [17:15] hml: I think server-side validation prior to deployment would address this problem in a better way [17:16] If I saw "bundle deployment failed" I would assume, as a user, that the changes were rolled back and I am back to where I started [17:16] achilleasa: and i forget that… i believe rerunning the bundle is idempotent [17:16] hml: yes, it should fetch the current model and only apply the missing bits [17:19] hml: in my mind, the proper way to deal with this is to treat bundles as entities that are tracked by the state (which could also theoretically allow us to un-deploy a bundle which is a pain ATM) === marosg_ is now known as marosg === mskalka_ is now known as mskalka === k3nt_ is now known as k3nt === joedborg_ is now known as joedborg [23:06] hi all, i've been reading up on maas and juju to learn more. there is a lot of great documentation, but i can't seem to find any docs about configuring lxd on maas acquired machines. [23:08] in trying to use spaces, i keep getting errors about no available space, however i am binding the app with the appropriate space in the app config.yaml