Tuesday, 2016-05-03

*** yamamoto has joined #openstack-kuryr		00:02
fkautz	apuimedo: the credential changes with each run? is this for a multi-tenant use case?	00:02
openstackgerrit	Akash Gangil proposed openstack/kuryr: Enabled neutronclient debug messages https://review.openstack.org/311893	00:05
*** salv-orlando has joined #openstack-kuryr		00:07
*** yamamoto has quit IRC		00:09
*** abhiraut has joined #openstack-kuryr		00:13
*** salv-orlando has quit IRC		00:14
*** salv-orlando has joined #openstack-kuryr		00:14
apuimedo	fkautz: you meant the opt for docker engine?	00:14
*** salv-orlando has quit IRC		00:15
*** salv-orlando has joined #openstack-kuryr		00:16
fkautz	yea	00:17
fkautz	i'm going to reach out to docker about it, want to make sure i have the story straight	00:17
apuimedo	fkautz: thanks	00:18
apuimedo	well, I'm not sure docker opts reach all the way to libnetwork at all	00:18
apuimedo	I thought you meant docker network opt labels	00:19
fkautz	there are a set of network opts that i think should reach, e.g. docker network create --opt	00:19
*** salv-orlando has quit IRC		00:22
apuimedo	fkautz: maybe I misunderstand, but IIUC, you refer to --opt/-o in docker-network-create	00:24
apuimedo	is that right?	00:24
fkautz	That's correct	00:24
fkautz	There is no net opt in docker run	00:25
fkautz	But there is in docker network create	00:25
apuimedo	this was my initial idea, but the fact that we don't get it for `run` is a bit problematic :P	00:25
*** salv-orlando has joined #openstack-kuryr		00:25
fkautz	I think they are trying to maintain a uniform interface for running containers	00:26
fkautz	There is also no options for storage drivers	00:26
fkautz	But there is for logging	00:26
apuimedo	fkautz: that's why the "docker login-like" proposal is good. It would not modify the interface at all	00:27
apuimedo	it would set up options in .docker/config.json	00:27
apuimedo	and if it matches the name of a driver (storage or network), it would be used for operations	00:28
apuimedo	that involve that driver	00:28
*** abhiraut has quit IRC		00:29
fkautz	So you are looking for a way to add metadata that is operational data on run	00:30
fkautz	And that is user, not system specific	00:31
*** abhiraut has joined #openstack-kuryr		00:31
fkautz	And only if the driver matches	00:31
apuimedo	exactly	00:32
apuimedo	fkautz: that's the best idea I had so far	00:32
fkautz	The security model is still weak, but that's due to docker enabling privileged if you have access to the socket	00:34
apuimedo	yeah	00:34
fkautz	Can't do much about that in this context	00:34
fkautz	I'll pitch the idea to them	00:34
fkautz	They might still reject since network create opt is available	00:35
apuimedo	fkautz: great	00:35
fkautz	And it is technically workable	00:36
fkautz	It's also an interface change so it'll be closely scrutinized	00:36
apuimedo	fkautz: the counter argument to that is that network and storage drivers perform operations on run and others that could use some security	00:36
apuimedo	the good thing is, it is backwards compatible	00:37
*** gangil has quit IRC		00:37
*** abhiraut has quit IRC		00:37
fkautz	Agreed, going to argue future use cases and backwards compatibility	00:37
apuimedo	:-)	00:37
apuimedo	let me know if I can help. But that will have to be tomorrow. Or I'll never make it to the office before noon :P	00:38
apuimedo	I thought maybe the return jet lag would have me up until the kuryr meeting time	00:38
apuimedo	but it seems not :P	00:38
fkautz	No worries	00:39
fkautz	Thanks for answering sooner than I expected :p	00:39
*** diogogmt has quit IRC		00:40
apuimedo	fkautz: I almost missed the message though. I should finally do something about the irc bouncer :P	00:41
apuimedo	but before heading to bed I remembered I heard some beep while watching games of thrones earlier :P	00:41
*** abhiraut has joined #openstack-kuryr		00:41
*** diogogmt has joined #openstack-kuryr		00:42
apuimedo	fkautz: you told me a hundred times, so sorry about that... The one you use is irc cloud, right?	00:42
*** abhiraut has quit IRC		00:43
*** gangil has joined #openstack-kuryr		00:43
*** gangil has joined #openstack-kuryr		00:43
fkautz	That's right	00:44
fkautz	apuimedo: irccloud which I think is UK based	00:45
apuimedo	thanks	00:46
*** apuimedo has quit IRC		00:46
*** fawadkhaliq has quit IRC		00:50
*** gangil has quit IRC		00:56
*** gangil has joined #openstack-kuryr		00:58
*** gangil has joined #openstack-kuryr		00:58
*** salv-orlando has quit IRC		01:04
gangil	fkautz: hi, I pushed a patch https://review.openstack.org/#/c/311893/ for the bug in the commit message. It was a pretty simple fix and I don't see taku online. just fyi.	01:10
*** abhiraut has joined #openstack-kuryr		01:13
*** abhiraut has quit IRC		01:17
*** banix has quit IRC		01:28
fkautz	gangil: thanks, I'll take a look when I'm back home	01:29
gangil	Also, I am just wondering is there a reason we use flask instead of oslo.service? Or more like it was the first prototype version and its been working alright?	01:32
fkautz	Best to ask apuimedo that question	01:34
fkautz	gangil: I'm not too familiar with what oslo provides in this case. I assume it provides a rest api? Flask might be used to accurately produce the libnetwork rest api.	01:38
fkautz	I assume oslo is still useful for systemd support and other utilities	01:38
*** gangil has quit IRC		01:39
*** itsuugo has quit IRC		01:53
*** diogogmt has quit IRC		02:20
*** yamamoto has joined #openstack-kuryr		02:24
*** yamamoto has quit IRC		02:37
*** yamamoto has joined #openstack-kuryr		02:50
*** mspreitz has joined #openstack-kuryr		03:00
mspreitz	time for the weekly IRC now, right?	03:03
mspreitz	Is anybody alive in here?	03:10
*** mspreitz has quit IRC		03:17
*** wanghua has joined #openstack-kuryr		03:21
*** diogogmt has joined #openstack-kuryr		03:25
*** yamamoto has quit IRC		03:26
*** oanson has joined #openstack-kuryr		04:03
*** gangil has joined #openstack-kuryr		04:14
*** gangil has joined #openstack-kuryr		04:14
*** yamamoto has joined #openstack-kuryr		04:23
*** yamamoto has quit IRC		04:23
*** oanson has quit IRC		04:47
*** irenab has joined #openstack-kuryr		05:06
*** yamamoto has joined #openstack-kuryr		05:24
*** gangil has quit IRC		05:34
*** yamamoto has quit IRC		05:40
*** yamamoto has joined #openstack-kuryr		06:08
*** salv-orlando has joined #openstack-kuryr		06:11
*** gangil has joined #openstack-kuryr		06:11
*** gangil has joined #openstack-kuryr		06:11
*** yamamoto has quit IRC		06:23
*** gangil has quit IRC		06:35
*** salv-orlando has quit IRC		07:04
*** wangfeng has joined #openstack-kuryr		07:46
*** yuanying has joined #openstack-kuryr		07:55
*** fkautz has quit IRC		07:58
*** flaviof has quit IRC		07:58
*** huats__ has joined #openstack-kuryr		07:58
*** yuanying_ has quit IRC		07:58
*** huats has quit IRC		07:58
*** huats__ is now known as huats		07:59
*** fkautz has joined #openstack-kuryr		08:00
*** flaviof has joined #openstack-kuryr		08:02
*** wangfeng has quit IRC		08:27
*** itsuugo has joined #openstack-kuryr		08:34
*** oanson has joined #openstack-kuryr		09:20
*** oanson has quit IRC		09:27
*** apuimedo has joined #openstack-kuryr		09:44
apuimedo	huats: ping	10:41
huats	apuimedo: hello	10:41
apuimedo	huats: do you have that ovs kuryr environment up and running?	10:42
huats	actually I have :)	10:42
apuimedo	nice!	10:42
apuimedo	Could you check one thing for the Kubernetes design?	10:42
apuimedo	Could you try creating a network with a subnet	10:42
apuimedo	with neutron	10:43
apuimedo	then create a load balancer	10:43
apuimedo	with a VIP in that subnet	10:43
huats	but I have deployed it many times yesterday since I was working on a bug (the possibility to define the port for etc and docker-engine)	10:43
huats	I can do that	10:43
apuimedo	and finally start a couple of containers in another neutron net	10:43
apuimedo	and use neutron to add them as members of the load balancer	10:43
huats	How is it related to kubernetes (on the thing you have detailled I don't see the relationship)	10:44
huats	?	10:44
huats	(just to know)	10:44
apuimedo	huats: :-)	10:44
apuimedo	mspreitzer is asking in the mailing list if the load balancer usage that I described on the presentation and work session works with ovs	10:45
huats	ok	10:45
huats	let me a few minutes :)	10:45
apuimedo	you can use https://hub.docker.com/r/celebdor/webinar/tags/	10:45
apuimedo	as the test container if you want	10:45
apuimedo	http://lists.openstack.org/pipermail/openstack-dev/2016-May/093666.html	10:47
apuimedo	this was the question	10:47
apuimedo	I'll send an answer now. Maybe you can reply	10:47
apuimedo	when you test it	10:48
huats	I will	10:48
apuimedo	thanks!	10:58
*** banix has joined #openstack-kuryr		11:34
*** banix has quit IRC		11:36
huats	apuimedo: tell me once you are back	12:01
*** asti has joined #openstack-kuryr		12:17
*** apuimedo has quit IRC		12:28
*** apuimedo has joined #openstack-kuryr		12:28
apuimedo	huats: I'm back	12:29
huats	ok	12:29
huats	apuimedo: just to let you know that I am rebuilding my env since the previous one didn't have lbaas installed (it is not the case on the local.conf that is given in exemple in kuryr)	12:29
huats	it won't be long before it is up and running	12:30
apuimedo	cool ;-)	12:30
*** wangfeng has joined #openstack-kuryr		12:36
openstackgerrit	Christophe Sauthier proposed openstack/kuryr: Enable the change of docker-engine and etcd listen TCP port in devstack https://review.openstack.org/312043	12:44
*** apuimedo has quit IRC		12:51
*** apuimedo has joined #openstack-kuryr		12:51
apuimedo	thanks for the patch huats	12:53
*** gsagie has joined #openstack-kuryr		13:01
*** wanghua has quit IRC		13:04
*** oanson has joined #openstack-kuryr		13:07
*** salv-orlando has joined #openstack-kuryr		13:25
*** salv-orlando has quit IRC		13:32
irenab	gsagie: apuimedo is there any etherpad notes from the OS Thursday afternoon kuryr sessions?	13:49
apuimedo	there is at least one	13:49
apuimedo	but I didn't open the laptop, you'll have to ask fawad	13:49
*** oanson has quit IRC		13:58
*** diogogmt has quit IRC		13:58
irenab	it is not linked to the summit etherpad page	14:00
*** apuimedo_ has joined #openstack-kuryr		14:03
*** banix has joined #openstack-kuryr		14:03
*** apuimedo has quit IRC		14:07
*** apuimedo_ is now known as apuimedo		14:07
*** apuimedo has quit IRC		14:10
*** apuimedo has joined #openstack-kuryr		14:24
*** diogogmt has joined #openstack-kuryr		14:30
*** diogogmt has quit IRC		14:32
*** irenab_ has joined #openstack-kuryr		14:37
*** irenab has quit IRC		14:39
*** irenab_ is now known as irenab		14:39
*** fawadkhaliq has joined #openstack-kuryr		14:51
apuimedo	fkautz: ok. I just finished setting up my bouncer	15:00
apuimedo	let's see how that goes	15:00
*** diogogmt has joined #openstack-kuryr		15:06
huats	apuimedo: I am currently working on the ovs lbaas thing	15:10
apuimedo	huats: great!	15:10
huats	but I have a hard time to find time to do it :)	15:10
apuimedo	no worries ;-)	15:11
apuimedo	we're all busy	15:11
huats	In the worst case I'll have some time tonight	15:11
apuimedo	+1	15:16
*** salv-orlando has joined #openstack-kuryr		15:36
openstackgerrit	Antoni Segura Puimedon proposed openstack/kuryr: Move libnetwork specific options to its own group https://review.openstack.org/308738	15:43
apuimedo	gsagie: banix: check ^^ out	15:44
apuimedo	the sooner I get this one out of the way, the sooner I can start the rebase and push of the k8s patches	15:45
banix	apuimedo: will do	15:45
banix	apuimedo: have a minute?	15:45
banix	i was thinking about the router option you were mentioning	15:45
apuimedo	banix: on the phone and walking, but yes	15:45
banix	chasing your son?	15:45
banix	:)	15:45
banix	i’ll write you rreply when you get a chance; no rush	15:46
banix	so i was wondering iof the cleanest approach would be to simply expect the existing network have been connected to a router if required	15:46
banix	otherwise we have to also cover a way to connect the router to external network etc.	15:47
banix	it seems to me we need to do some of these out of band anyway and doing it for connecting to a router though docker network create option may not be the best thing to do	15:47
apuimedo	Walking to the bus	15:48
banix	let me know what you think when you get a chance	15:48
banix	do not walk and text :)	15:48
apuimedo	I think in case we specify a network, we should fail if a router is specified. The router opt should only be for creation	15:49
banix	when you say “router option should only be for creation” you mean creation of network. right?	15:50
apuimedo	Yes, for implicit neutron network creation	15:50
banix	so I am questioning that. let’s say we do that. how to we set the router gateway? do we specify that in options too?	15:51
apuimedo	Nah, the router should already have a gateway set. We are not creating it	15:53
apuimedo	Or that's how I imagined it	15:53
apuimedo	You want to optionally create them?	15:54
apuimedo	Mmm... That sounds useful too	15:54
apuimedo	In that case, couldn't we just say kuryr.router.gateway	15:56
apuimedo	And that would mean implicit gateway creation and attachment?	15:56
banix	apuimedo: well i am arguing for the opposite. i am actually saying that for such cases it may be better to have an existing Neutron network connected to router and then we just specify the network and use it for a docker network	15:56
apuimedo	That's currently possible already	15:57
banix	I am thinking if we want to specify a router, then we may need to specify the gateway, and more and more	15:57
banix	yes that’s correct	15:57
banix	currently we can do that	15:57
banix	so i am saying if this will be a better way of dealing with what you have been describing	15:57
banix	just a different way of doing it	15:58
openstackgerrit	OpenStack Proposal Bot proposed openstack/kuryr: Updated from global requirements https://review.openstack.org/304896	15:58
apuimedo	I don't know. From where I look at it. Allowing plugging to existing routers (that already have gateway) or getting New routers with a specified gateway seems pretty useful to minimize neutron command usage by tenants	15:59
banix	ok i hear you	16:00
apuimedo	It all depends the kind of ux we want to give in swarm	16:00
banix	yeah	16:00
apuimedo	And I can't really substitute operator input for this :P	16:01
apuimedo	I'm getting good at irc while avoiding lamp posts	16:02
*** salv-orlando has quit IRC		16:03
banix	apuimedo: get home safe man! :)	16:04
fawadkhaliq	apuimedo: +1 on the gateway specification, I added this in plumgrid libnetwork stuff and users loved it.	16:06
apuimedo	Lamp posts are at disadvantage. Anyway I'm in the bus stop now	16:06
apuimedo	Let's hope my bouncer behaves	16:06
banix	fawadkhaliq: what did people love? having the option to specify the router stuff including gateway when creating Docker networks?	16:07
fawadkhaliq	banix: that's correct. specify the target router	16:08
fawadkhaliq	--router	16:08
banix	fawadkhaliq: ok thx for the input	16:08
fawadkhaliq	banix: yw	16:08
*** gangil has joined #openstack-kuryr		16:09
*** gangil has joined #openstack-kuryr		16:09
*** wangfeng has quit IRC		16:17
*** fawadkhaliq has quit IRC		16:22
gangil	apuimedo: could you throw some light on why we use flask instead of oslo services?	16:39
apuimedo	I'll try to when I get home	16:49
*** gangil has quit IRC		17:17
*** gangil has joined #openstack-kuryr		17:25
*** gangil has quit IRC		17:25
*** gangil has joined #openstack-kuryr		17:25
*** salv-orlando has joined #openstack-kuryr		17:27
*** salv-orlando has quit IRC		17:53
*** gangil has quit IRC		18:02
*** gangil has joined #openstack-kuryr		18:12
*** gangil has quit IRC		18:12
*** gangil has joined #openstack-kuryr		18:12
*** gangil has quit IRC		18:31
*** salv-orlando has joined #openstack-kuryr		18:40
*** salv-orlando has quit IRC		18:45
*** salv-orlando has joined #openstack-kuryr		18:48
*** salv-orlando has quit IRC		18:48
*** salv-orlando has joined #openstack-kuryr		18:51
*** salv-orlando has quit IRC		18:54
*** banix has quit IRC		18:59
*** banix has joined #openstack-kuryr		19:20
*** trey has quit IRC		19:42
*** banix has quit IRC		19:42
*** gsagie has quit IRC		19:42
*** banix has joined #openstack-kuryr		19:51
*** gsagie has joined #openstack-kuryr		19:51
*** trey has joined #openstack-kuryr		19:56
*** banix has quit IRC		20:24
*** salv-orlando has joined #openstack-kuryr		20:44
*** salv-orlando has quit IRC		20:50
*** salv-orlando has joined #openstack-kuryr		20:54
*** gangil has joined #openstack-kuryr		21:05
*** salv-orlando has quit IRC		21:37
huats	apuimedo: I am trying to do what you asked me earlier	21:41
huats	can you explain me what is on your container ? so that I can try to reproduce things ?	21:41
*** asti has quit IRC		21:44
*** salv-orlando has joined #openstack-kuryr		21:51
*** huikang has joined #openstack-kuryr		21:51
*** gangil has quit IRC		22:04
*** salv-orlando has quit IRC		22:06
*** salv-orlando has joined #openstack-kuryr		22:15
*** huikang has quit IRC		22:20
*** salv-orlando has quit IRC		22:28
*** salv-orlando has joined #openstack-kuryr		22:28
openstackgerrit	Antoni Segura Puimedon proposed openstack/kuryr: Move libnetwork specific options to its own group https://review.openstack.org/308738	22:34
*** diogogmt has quit IRC		22:35
*** salv-orlando has quit IRC		22:42
*** apuimedo has quit IRC		22:54
*** apuimedo has joined #openstack-kuryr		22:54
*** diogogmt has joined #openstack-kuryr		23:28
*** apuimedo has quit IRC		23:30
*** apuimedo has joined #openstack-kuryr		23:37
*** yamamoto has joined #openstack-kuryr		23:47

Generated by irclog2html.py 2.14.0 by Marius Gedminas - find it at mg.pov.lt!