Thursday, 2015-11-05

« Wednesday, 2015-11-04 Index Friday, 2015-11-06 »
*** haomaiwa_ has quit IRC00:01
*** haomaiwang has joined #openstack-manila00:01
*** ayma has quit IRC00:06
*** mtanino has quit IRC00:11
*** xyang1 has quit IRC00:11
*** jasonsb has quit IRC00:11
*** jasonsb has joined #openstack-manila00:11
*** lpabon has joined #openstack-manila00:20
*** EinstCrazy has quit IRC00:25
*** lpabon has quit IRC00:40
*** haomaiwang has quit IRC00:45
*** bwolfe has joined #openstack-manila00:52
*** bwolfe has quit IRC00:56
*** EinstCrazy has joined #openstack-manila01:01
openstackgerritAnthony Lee proposed openstack/manila: Refactor HP 3PAR share driver to now be HPE  https://review.openstack.org/24035301:03
*** vbellur has quit IRC01:16
*** bwolfe has joined #openstack-manila01:21
*** bwolfe has quit IRC01:22
*** a_ta has quit IRC01:23
*** bwolfe has joined #openstack-manila01:23
*** a_ta has joined #openstack-manila01:24
*** bwolfe has quit IRC01:27
*** a_ta has quit IRC01:28
*** vbellur has joined #openstack-manila01:31
*** bwolfe has joined #openstack-manila01:35
*** bwolfe has quit IRC01:46
*** Yogi has joined #openstack-manila01:48
*** bwolfe has joined #openstack-manila01:49
*** Yogi2 has joined #openstack-manila01:52
*** Yogi has quit IRC01:54
*** bwolfe has quit IRC01:56
*** jasonsb has quit IRC02:02
*** breitz1 has joined #openstack-manila02:08
*** bwolfe has joined #openstack-manila02:11
*** breitz has quit IRC02:11
*** breitz2 has joined #openstack-manila02:11
*** breitz1 has quit IRC02:13
*** bwolfe has quit IRC02:14
*** bwolfe has joined #openstack-manila02:15
*** Yogi2 has quit IRC02:51
*** haomaiwang has joined #openstack-manila02:55
*** bwolfe has quit IRC02:59
*** bwolfe has joined #openstack-manila03:00
*** haomaiwang has quit IRC03:00
*** bwolfe has quit IRC03:08
*** haomaiwang has joined #openstack-manila03:19
*** tobe has joined #openstack-manila03:27
*** jasonsb has joined #openstack-manila03:27
*** jasonsb has quit IRC03:34
*** a_ta has joined #openstack-manila03:35
*** a_ta has quit IRC03:39
*** yangyapeng has joined #openstack-manila03:39
*** shausy has joined #openstack-manila03:43
*** vbellur has quit IRC03:45
*** haomaiwang has quit IRC03:48
*** shausy has quit IRC03:55
*** shausy has joined #openstack-manila03:55
openstackgerritjay.xu proposed openstack/manila: EMC VNX Manila Driver Refactoring  https://review.openstack.org/23749004:06
*** bwolfe has joined #openstack-manila04:12
*** haomaiwa_ has joined #openstack-manila04:32
*** bwolfe has quit IRC04:35
*** jasonsb has joined #openstack-manila04:38
*** gouthamr has quit IRC04:50
*** haomaiwa_ has quit IRC05:01
*** haomaiwa_ has joined #openstack-manila05:01
*** vbellur has joined #openstack-manila05:20
*** martyturner has joined #openstack-manila05:35
*** vbellur has quit IRC05:36
*** martyturner has quit IRC05:40
*** haomaiwa_ has quit IRC05:44
*** a_ta has joined #openstack-manila05:54
*** vbellur has joined #openstack-manila05:55
*** a_ta has quit IRC06:01
*** shausy has quit IRC06:12
*** deepakcs has joined #openstack-manila06:21
*** shausy has joined #openstack-manila06:28
*** vbellur has quit IRC06:29
*** nidhimittalhada has joined #openstack-manila06:31
*** vbellur has joined #openstack-manila06:43
*** shausy has quit IRC07:05
*** shausy has joined #openstack-manila07:08
*** Zhongjun has joined #openstack-manila07:09
*** sgotliv has joined #openstack-manila07:10
*** haomaiwang has joined #openstack-manila07:11
*** nkrinner has joined #openstack-manila07:40
*** jvarlamova has quit IRC07:53
*** zigo has quit IRC07:53
*** zigo has joined #openstack-manila07:56
*** a_ta has joined #openstack-manila07:57
*** hodos has quit IRC08:00
*** haomaiwang has quit IRC08:01
*** haomaiwang has joined #openstack-manila08:01
*** a_ta has quit IRC08:05
*** jvarlamova has joined #openstack-manila08:13
*** openstackgerrit has quit IRC08:16
*** openstackgerrit has joined #openstack-manila08:16
*** openstack has joined #openstack-manila08:34
*** EinstCrazy has quit IRC08:45
*** nidhimittalhada has quit IRC08:47
*** EinstCrazy has joined #openstack-manila08:50
*** a_ta has joined #openstack-manila08:57
openstackgerritSilvan Kaiser proposed openstack/manila: Add share id to Quobyte backend volume name  https://review.openstack.org/24167108:58
*** haomaiwang has quit IRC09:01
*** a_ta has quit IRC09:01
*** shausy has quit IRC09:06
*** haomaiwa_ has joined #openstack-manila09:07
*** Zhongjun has quit IRC09:17
*** gaurangt has joined #openstack-manila09:26
*** ganso has joined #openstack-manila09:27
*** haomaiwa_ has quit IRC09:46
*** haomaiwang has joined #openstack-manila09:46
*** haomaiwang has quit IRC10:01
*** haomaiwang has joined #openstack-manila10:01
*** haomaiwang has quit IRC10:04
*** yangyapeng has quit IRC10:14
*** EinstCrazy has quit IRC10:20
openstackgerritSilvan Kaiser proposed openstack/manila: Add share id to Quobyte backend volume name  https://review.openstack.org/24167110:45
*** EinstCrazy has joined #openstack-manila10:48
*** a_ta has joined #openstack-manila10:58
*** a_ta has quit IRC11:02
*** gouthamr has joined #openstack-manila11:05
*** u_glide1 has quit IRC11:17
openstackgerritRodrigo Barbieri proposed openstack/manila: Prevent Share operations during share migration  https://review.openstack.org/23305211:25
openstackgerritValeriy Ponomaryov proposed openstack/manila: Sync Manila Tempest plugin with latest Tempest  https://review.openstack.org/24200211:29
*** u_glide has joined #openstack-manila11:30
openstackgerritValeriy Ponomaryov proposed openstack/manila: Sync Manila Tempest plugin with latest Tempest  https://review.openstack.org/24200211:32
*** gouthamr_ has joined #openstack-manila11:34
gouthamr_vponomaryov : ping11:36
vponomaryovgouthamr_: pong11:36
gouthamr_hi vponomaryov : Regarding https://review.openstack.org/#/c/242002/11:36
vponomaryovyes?11:37
gouthamr_vponomaryov : the references to isolated creds seem to be in a few more places..11:37
*** gouthamr has quit IRC11:38
gouthamr_vponomaryov : atleast in name.. we're calling the method 'get_client_with_isolated_creds'11:38
vponomaryovgouthamr_: it is manila plugin naming only11:38
gouthamr_vponomaryov : so, you could refactor the name to say 'get_client_with_dynamic_creds':11:38
vponomaryovgouthamr_: why?11:39
gouthamr_vponomaryov : because its confusing :)11:39
gouthamr_vponomaryov : a teammate had a bugfix.. i guess it's still on our internal review system11:40
vponomaryovgouthamr_: why confusing and what bugfix?11:41
vponomaryovgouthamr_: in scope of Manila it was isolated creds and still so11:42
*** lpabon has joined #openstack-manila11:42
vponomaryovgouthamr_: also, dynamic does not mean isolated, and Manila requires exactly isolated11:43
vponomaryovgouthamr_: for tests that use it11:43
gouthamr_vponomaryov : oh... didn't know that. thanks for clarifying11:44
vponomaryovgouthamr_: returning to internal bugfix...11:44
gouthamr_vponomaryov : teammate ran into this bug yesterday and had prepared a bugfix to push today.11:45
vponomaryovgouthamr_: what did you mean?11:45
vponomaryovgouthamr_: please, file bugs in launchpad when you find something11:45
gouthamr_vponomaryov : Yep..11:46
gouthamr_vponomaryov : https://bugs.launchpad.net/manila/+bug/151310511:46
openstackLaunchpad bug 1513105 in Manila "Manila tempest tests are failing due to change in isolated_creds file name" [Undecided,In progress] - Assigned to Yogesh (ykshirsa)11:46
*** lpabon has quit IRC11:48
*** lpabon has joined #openstack-manila11:48
vponomaryovgouthamr_: https://bugs.launchpad.net/manila/+bug/1513105 describes known incompatibility of manila plugin with latest tempest, but not the reason of CI jobs failure that use not latest Tempest11:52
openstackLaunchpad bug 1513105 in Manila "Manila tempest tests are failing due to change in isolated_creds file name" [Undecided,In progress] - Assigned to Yogesh (ykshirsa)11:52
vponomaryovgouthamr_: so, to fix our gates, we could hack requirements file for tempest11:53
vponomaryovgouthamr_: and sync it11:53
*** cfey has quit IRC11:55
gouthamr_vponomaryov: We can get that bugfix in asap... I think it was fixing some multi-svm test/s as well that were affected by this change.11:56
*** cfey has joined #openstack-manila11:56
vponomaryovgouthamr_: when it is expected to be uploaded to CI?11:56
gouthamr_vponomaryov: Dynamic credential manager is expecting another kwarg, admin_role; if you don't provide it, it will not initialize the admin client. So, msvm tests were failing downstream.. I am not sure if these tests run upstream on the manila gate at all..11:57
*** a_ta has joined #openstack-manila11:57
gouthamr_vponomaryov: I should expect early today, it's about 7AM EST now. I'll shoot off a mail.11:58
vponomaryovgouthamr_: why you work so early then? ))12:01
*** a_ta has quit IRC12:01
*** deepakcs has quit IRC12:14
*** gouthamr_ has quit IRC12:20
*** 17SADZP6R has joined #openstack-manila12:27
*** timcl has joined #openstack-manila12:29
openstackgerritSilvan Kaiser proposed openstack/manila: Add share id to Quobyte backend volume name  https://review.openstack.org/24167112:32
*** porrua has joined #openstack-manila12:41
*** dzamboni has joined #openstack-manila12:44
*** Yogi has joined #openstack-manila12:51
*** 17SADZP6R has quit IRC13:01
*** haomaiwang has joined #openstack-manila13:01
*** tobe has quit IRC13:03
*** Yogi has quit IRC13:03
openstackgerritJulia Varlamova proposed openstack/manila: Add LVM driver  https://review.openstack.org/23297013:05
*** vbellur has quit IRC13:09
*** tobe has joined #openstack-manila13:10
*** tobe has quit IRC13:14
*** tobe has joined #openstack-manila13:14
*** tobe has quit IRC13:19
*** tobe has joined #openstack-manila13:20
*** tobe has quit IRC13:25
openstackgerritEmilien Macchi proposed openstack/puppet-manila: [DO NOT MERGE] test with pure RDO Liberty testing repo (stage CBS repos)  https://review.openstack.org/24204513:27
*** sghatty__ has joined #openstack-manila13:30
*** bswartz has quit IRC13:35
*** xyang1 has joined #openstack-manila13:57
*** a_ta has joined #openstack-manila13:58
*** gouthamr has joined #openstack-manila13:59
*** haomaiwang has quit IRC14:01
*** haomaiwa_ has joined #openstack-manila14:01
*** bswartz has joined #openstack-manila14:01
*** ktolstoy has joined #openstack-manila14:02
*** akerr has joined #openstack-manila14:02
*** a_ta has quit IRC14:03
vponomaryovcfouts: ping14:03
*** lpetrut has joined #openstack-manila14:07
gouthamrvponomaryov: (replying to a message from 2 hrs ago), I'm still getting used to daylight savings .. haha14:08
*** david-lyle has joined #openstack-manila14:08
*** martyturner has joined #openstack-manila14:10
*** ktolstoy has quit IRC14:10
*** akshai has joined #openstack-manila14:21
jcspis there any kind of helper script for generating DB migrations?14:24
jcspI'm guessing that the usual way is to run up a devstack instance, and then use "alembic revision --autogenerate" to compare a models.py with the populated DB14:24
jcspwhich feels a bit heavyweight14:24
*** absubram has joined #openstack-manila14:26
*** Yogi has joined #openstack-manila14:26
*** gaurangt has left #openstack-manila14:27
*** vkmc has joined #openstack-manila14:28
*** Yogi has quit IRC14:29
*** Yogi has joined #openstack-manila14:30
*** mtanino has joined #openstack-manila14:31
*** dustins has joined #openstack-manila14:39
*** gregsfortytwo has quit IRC14:45
*** cfouts has quit IRC14:46
*** gregsfortytwo has joined #openstack-manila14:47
*** neochin has joined #openstack-manila14:48
*** neochin has quit IRC14:48
*** gnarld_ has joined #openstack-manila14:48
*** gouthamr has quit IRC14:49
*** Zhongjun has joined #openstack-manila14:56
*** markstur_ has joined #openstack-manila14:57
*** a_ta has joined #openstack-manila14:57
*** zhongjun2 has joined #openstack-manila14:58
gnarld_vponomaryov: pong15:00
*** haomaiwa_ has quit IRC15:01
*** cknight has joined #openstack-manila15:01
vponomaryov jcsp:  manila-manage db revision15:01
vponomaryovgnarld_: Chuck?15:01
*** haomaiwang has joined #openstack-manila15:01
*** gouthamr has joined #openstack-manila15:01
*** gnarld_ is now known as cfouts15:01
vponomaryov jcsp:  it is exactly for generating new migration. To run migration is used "manila-manage db sync"15:02
*** a_ta has quit IRC15:02
cfoutsvponomaryov: yes, it is cfouts. the nick cfouts must be a zombie client that hasn't timed out yet15:02
vponomaryovcfouts: according to https://review.openstack.org/#/c/229142/, I have rebased it partially and did not find appropriate decorator for python methods with versioning15:03
vponomaryovcfouts: api_versioning.wraps dedicated to shell commands, according to docstring and logic15:03
cfoutsis that due to the merge conflict? I haven't pushed up that change yet15:05
vponomaryovcfouts:  no, there is no such decorator for "python" methods15:05
*** david-lyle has quit IRC15:06
jcspvponomaryov: aha, thanks.  I'm getting an empty migration though.  what I'm trying is dropping the db, creating it, running "db sync", then editing models.py and then running "db revision".15:06
jcspI'm definitely doing something wrong but not sure what :-)15:06
jcspI tried passing --autogenerate15:06
cfoutsvponomaryov: @wraps annotation was tested and there are unit tests that were ported over from the Nova that also test it.15:06
jcspand it gave me " Can't proceed with --autogenerate option; environment script /opt/stack/manila/manila/db/migrations/alembic/env.py does not provide a MetaData object to the context."15:06
*** neochin has joined #openstack-manila15:06
cfoutsvponomaryov: do you have api_versions imported in shell.py?15:06
*** a_ta has joined #openstack-manila15:07
*** neochin has quit IRC15:07
vponomaryovcfouts: "wraps" expects "APIVersion" class instance15:07
vponomaryovcfouts: do you have example?15:07
vponomaryovcfouts: how to decorate python methods?15:07
vponomaryovcfouts: with versions15:07
vponomaryovcfouts: it is not written in your commit15:07
*** neochin has joined #openstack-manila15:07
cfoutshttps://review.openstack.org/#/c/229142/1/manilaclient/tests/unit/test_api_versions.py15:09
cfoutsvponomaryov: starting at line 15515:09
cfoutsI can add an example to the commit15:10
*** a_ta has quit IRC15:10
vponomaryovcfouts: i get - http://paste.openstack.org/show/478106/ usign "wraps" decorator15:11
*** a_ta has joined #openstack-manila15:13
vponomaryovcfouts: so, did you try this decorator on lab? not in unit tests?15:13
cfoutsvponomaryov: yes, we tested it internally. Otherwise I wouldn't have been allowed to push it upstream15:14
*** neochin has quit IRC15:15
vponomaryovcfouts: just tested your original commit , same situation15:23
vponomaryovcfouts: if a use this wrapper, it fails with mentioned error15:23
vponomaryovs/a/I/15:26
*** leo_ has joined #openstack-manila15:30
cfoutsvponomaryov: looking15:34
vponomaryovcfouts: change on top of your commit - http://paste.openstack.org/show/478107/15:35
vponomaryovcfouts: so, here I expected No supported version, and did not reach it15:35
*** juzuluag has joined #openstack-manila15:38
cfoutsvponomaryov: I pulled the patch from upstream and it worked for me15:43
cfoutshttp://paste.openstack.org/show/478110/15:43
vponomaryovcfouts: upstream commit does not use this wrapper15:44
*** leo_ has quit IRC15:44
vponomaryovcfouts: did you make two lines addon as in my example?15:44
cfoutsI only tested this in v2/shell.py15:45
vponomaryovcorrect15:46
cfoutsok, that is the part that was probably unclear.15:46
vponomaryovcall of v2 method with this wrapper fails15:46
cfoutsNova only uses the @wraps annotation in the shell.py15:46
cfoutsit depends on being able to build a list of all the functions when the client is created15:47
cfoutsif the annotation is used at a lower level then this is a bigger problem to deal with and doesn't fit what Nova implemented15:47
vponomaryovcfouts: why do you make such stress on what Nova has implemented?15:48
*** neochin has joined #openstack-manila15:48
cfoutsvponomaryov: because that was the intent when bswartz and others wanted to implement microversions15:49
cfoutsvponomaryov: port the code that Nova has15:49
cfoutsvponomaryov: cinder is also looking at implementing microversions in this way15:49
cfoutsvponomaryov: I believe magnum and ironic are also doing this15:50
vponomaryovcfouts: not allowing versioning of python methods?15:50
vponomaryovcfouts: can you please elaborate why it is much bigger problem on lower level?15:51
*** ayma has joined #openstack-manila15:52
vponomaryovcfouts: for example, microversions support on server side was ported from Nova too. And both, Nova and Manila have following bug - https://bugs.launchpad.net/manila/+bug/151240315:55
openstackLaunchpad bug 1512403 in Manila "API actions can not be versioned" [Undecided,New]15:55
cfoutsvponomaryov: sure, there are a couple of reasons. The first would be that not all of the @api_versions.wraps annotations are in one location. This would make it more difficult to maintain from a client perspective.15:55
*** bwolfe has joined #openstack-manila15:56
cfoutsvponomaryov: a second reason would be if you want to go from using services.py to services2.py but keep services.py around. You could manage this from shell.py more easily than again having @api_versions.wraps in multiple files15:57
cfoutsvponomaryov: the third thing is that the way wraps works is adding all of the versioned methods in shell.py to _VERSIONED_METHOD_MAP in api_versions. in this way as soon as a shell command is called but a matching version is not found we can return an error16:00
cfoutsvponomaryov: the logic to support this in multiple lower level files would be more complicated16:00
*** haomaiwang has quit IRC16:01
*** markstur_ has left #openstack-manila16:01
bswartzjasonsb: over here16:01
*** haomaiwang has joined #openstack-manila16:01
bswartzjasonsb: yeah I think you misread the slides16:01
bswartzjasonsb: I don't see potential for malice involving ganesha16:01
jasonsbsure16:01
*** cknight has quit IRC16:01
*** cknight has joined #openstack-manila16:02
jasonsbbut if there is a proxy of any kind to facilitate automation then somebody could go after it16:02
vponomaryovcfouts: ok, if so, then its usage will produce big duplication16:02
jasonsbi think that is the concern for containers because of the nature of the shared kernel side16:02
jasonsbshould this be a concern of manila is another matter16:03
jasonsbin any case i will continue to join the magnum meeting and see if there is any requirements guidance which would be of use to manila16:04
u_glideactually attacks are possible, but only in case when we have vulnerable LXC/Kernel + Ganesha16:04
*** sghatty__ is now known as sghatty_16:04
jasonsboh16:05
jasonsbu_glide: i have example for cinder16:05
jasonsbadrian: imagine this16:05
cfoutsvponomaryov: so take do_list for example. Maybe there is one new change per release to do_list that creates a new microversion. And we never deprecate anything. Then after a couple of years there could be more than 5 do_list methods. Is this what you are thinking?16:05
jasonsbadrian: we allow cinder volumes to be mounted, and accessed by the host16:06
jasonsbadrian: the host mounts the filesystem, causing execution within kernel space16:06
jasonsbadrian: evil user supplies a hacked filesystem designed to take advantage of kernel space execution16:06
jasonsbadrian: leads to compromise of the host16:06
bswartzjasonsb: oh I see they're worried about a different kind of exploit16:06
cfoutsvponomaryov: I'd rather be able to sanely deprecate support in the client but I know bswartz has voiced the opposite16:06
jasonsbadrian: so one way to mitigate this is for filesystems to not be supplied by users16:06
bswartzthey're worried about the container equivalent of a hypervisor-breakout exploit16:07
jasonsbyes16:07
jasonsbwithout automation, i think manila is immune16:07
vponomaryovcfouts: right, manilaclient should support wide range of microversions16:07
jasonsbwith automation maybe you would introduce an attack surface16:07
vponomaryovcfouts: to be able to be used for old server solutions16:08
vponomaryovcfouts: and yes, each new implementation of "do_list" is HUGE amount of code16:08
bswartzjasonsb: I guess I don't see why the introduction of a mount would allow users do anything different from writing to whatever local file storage their container gives them16:09
vponomaryovcfouts: CLI arguments definition for  "do_list" use about 130 lines of code16:09
jasonsbi'm kind of dubious too16:09
jasonsbkernel is not hardened for multi-tenant containers16:09
jasonsbso it seems this a bit forward looking stuff16:09
cfoutsvponomaryov: there is one other reason for doing it in shell.py that I forgot. You have to be able to return the appropriate help for that method16:09
jasonsbbut i haven't been following the cinder oriented conversation, so i need to listen more16:10
cfoutsvponomaryov: I don't disagree with anything you say btw16:10
bswartzjasonsb: yeah I agree -- containers are either secure for multitenancy or they aren't -- that's not our problem16:10
jasonsbif adrian wants to use manila in production at rackspace then it is interesting to hear his concerns16:11
jasonsbso i'll do that.16:11
jasonsbits an interesting use-case16:11
jasonsb(he didn't say he wanted too, but i think the door is open)16:12
*** zhongjun2 has quit IRC16:14
*** bwolfe has quit IRC16:15
vponomaryovcfouts: should be better solution. Current one is duplication-madness16:15
vponomaryovcfouts: just imagine. For update of microversion here - https://review.openstack.org/#/c/240220/ will be need only update of URLs and action names, and now, to be able to to do such small things we will be required to implement hure amount of code duplication for no reason16:17
vponomaryovs/hure/huge/16:18
cfoutsvponomaryov: if you don't do it at that level then how do you pass back the help text for the appropriate version?16:19
vponomaryovcfouts: nothing restricts us to provide help command considering all versions16:19
cfoutsvponomaryov: that would be very confusing to the end user I'd think16:20
vponomaryovcfouts: If I want know all of them for some API, I would not want to perform lots of separate help requests16:20
cfoutsvponomaryov: as an end user I'd only want the arguments that work for a particular version. I would not want to sort through all of the possible options to determine which ones I can use16:21
cfoutsvponomaryov: need to go for now. Would like cknight and bswartz to comment on this since they've seen the code already16:21
*** neochin has quit IRC16:26
*** bwolfe has joined #openstack-manila16:29
*** csaba1 has joined #openstack-manila16:32
*** csaba has quit IRC16:33
*** csaba1 has quit IRC16:37
openstackgerritRodrigo Barbieri proposed openstack/manila: Added driver minimum requirements and features doc  https://review.openstack.org/23591416:39
bswartzjasonsb: how could it be safe to use containers at rackspace (obviously multitenant) if containers aren't secure from breakout exploits?16:39
jasonsbbswartz: good question. i think you would have to run them inside KVM.  i will inquire16:41
*** Yogi has quit IRC16:42
bswartzokay so the idea is that even if you break out from your container you're still trapped in a hypervisor shared with nobody16:47
bswartzerr trapped in a guest VM16:47
*** rhagarty has quit IRC16:48
bswartzI think the utility of containers is dramatically reduced if they have to be run inside VMs for security16:48
jasonsbyes.  if you try to provide a service of containers-on-bare-metal then this is trickier16:48
jasonsbeven if single tenant you may have people running around your datacenter who own your bare-metal kernel16:48
*** rhagarty has joined #openstack-manila16:49
*** akerr_ has joined #openstack-manila16:49
jasonsbi'm not sure how this is supposed to work.  i need to learn more16:49
*** csaba1 has joined #openstack-manila16:51
*** rhagarty_ has joined #openstack-manila16:52
*** ameade has quit IRC16:53
*** rhagarty has quit IRC16:53
*** rhagarty_ has quit IRC16:53
*** ameade has joined #openstack-manila16:57
*** u_glide1 has joined #openstack-manila16:57
*** dhellmann_ has joined #openstack-manila17:00
*** haomaiwang has quit IRC17:01
*** haomaiwang has joined #openstack-manila17:01
gansobswartz: hey, remember we talked about removing task_state field?17:03
*** akerr has quit IRC17:04
*** bswartz has quit IRC17:04
*** u_glide has quit IRC17:04
*** dhellmann has quit IRC17:04
*** dhellmann_ is now known as dhellmann17:05
*** bswartz has joined #openstack-manila17:07
*** rebase has joined #openstack-manila17:08
gansobswartz: ping17:09
*** nkrinner has quit IRC17:10
gouthamrbswartz: https://wiki.openstack.org/wiki/Manila/design/manila-mitaka-data-replication updated.17:10
openstackgerritValeriy Ponomaryov proposed openstack/manila: Sync Manila Tempest plugin with latest Tempest  https://review.openstack.org/24200217:11
*** lpabon has quit IRC17:11
bswartzganso: hey I'm here until I finish my lunch17:12
* bswartz wants to know why his connection to freenode is dropping and coming back17:13
gansobswartz: ok so, there is a distinction in purpose when having a task_state field. Currently when migration fails, the errors are cleaned-up whenever possible and we revert status back to available, while the task_state field shows "migration_error". If "migration_error" was on  status field, this status would be blocking for all other operations. We had a17:15
gansodiscussion back then if we would like to have the share operational when a migration fails or leave it on an inoperable error state17:15
bswartzganso: that was before we had instances though17:15
bswartznow we can put the original instance back into the available state and leave the failed instance in migration failure state17:16
bswartzwe just need to make sure that the presentation logic doesn't expose the migration failure state to the end user when he looks at the whole share17:17
*** bwolfe has quit IRC17:18
gansobswartz: humm good point... but if migration fails before having a second instance created, or when we have optimized migration code running but failed, then we still have one instance and no place to put "migration_error" status17:18
bswartzwrite it to the log maybe?17:18
gansobswartz: there may be no way to prevent that, because share status reads instance status whehn there is only one instance17:18
bswartzprevent what?17:19
*** vbellur has joined #openstack-manila17:19
gansobswartz: the information from being shown to the user17:19
gansobswartz: I also do not think the log should be the only source of information of what state the share really is or what happened to migration17:20
gansobswartz: Cinder guys had this talk back in Vancouver, that there was confusion about a migration succeeded or migration error situation because there was no status to show it17:20
gansobswartz: that was another reason why I added task_state17:20
bswartzwe write the code so we can prevent whatever we want17:21
bswartzin the case of a failed migration there should always be 2 instances -- the original (unchanged) one and the new (failed) one17:21
bswartzthe whole point is not to damage the original instance so after a failure you can at least go back to the way things were17:22
gansobswartz: that would be the case only in fallback migration alternative17:22
bswartzI'm confused about the issue with cinder -- they have task_state already -- but they don't use it?17:22
bswartzganso: I feel that some changes are needed to the optimized migration path17:23
gansobswartz: I am not sure how they are using it now, after Vancouver17:23
gansobswartz: hummm what changes?17:23
bswartzone thing that's missing right now is a 2-phase migration -- phase 1 would be nondisruptive copy the data over while the source is still writable (long time) -- phase 2 would be disruptive unmount and remount new location (brief)17:24
gansobswartz: they have migration_status field17:24
bswartzwithout an API to move from phase 1 to phase 2 the time when the disruptive part of the migration hits is not controllable17:25
gansobswartz: the optimized migration code path probably can do phase 1 without problems, when migration is finished, it would probably drop the old export location path and return the model update for the new export location17:26
openstackgerritAnthony Lee proposed openstack/manila: Refactor HP 3PAR share driver to now be HPE  https://review.openstack.org/24035317:27
gansobswartz: I am not sure I understand why it should be controllable at all17:27
bswartzganso: yeah but users are going to want to stay in phase 1 until they chose to move to phase 217:27
*** Zhongjun has quit IRC17:27
gansobswartz: oh I see17:27
bswartzconsider migrating a 50 TB share over a slow network link17:27
bswartzit may take a week to get the data copied17:28
bswartzonce the data is on the other side, you may want to schedule downtime to actually complete the migration17:28
bswartz(downtime of the tenant's application, not of the whole cloud)17:28
gansobswartz: I see, that is an interesting use case17:29
gansobswartz: I wrote it down... but so, we drifted a bit away from the status field subject17:30
bswartzyeah so where I was going with that is17:31
gansobswartz: there are situations where migration fails and we do not have 2 instances, in the fallback migration code path17:31
bswartzI think some more changes are needed at the API level for at least the optimized case, and perhaps the general case, to do 2-phase migrations17:31
bswartzand if we're making changes we should consider possibly forcing optimized migration to use share instances just like fallback migrations17:31
gansobswartz: if we force that, it could possible unoptimize migration in the backend17:32
*** lpetrut has quit IRC17:33
bswartzwell I'm flexible about the approach17:33
bswartzbut having a row in the database (other than the original share instance) to track the state of the migration seems like a big win17:34
gansobswartz: better a row than a column, right?17:34
bswartzI haven't given much thought to what it would looks like to do an optimized migration using multiple share instances17:34
bswartzwell I would like to have as much consistency as possible in the way migrations are done17:35
bswartzwe don't want to expose end users to different semantics depends on what they have17:35
bswartzdepending17:35
gansobswartz: ok so, users should not see "migration_error" status... and as opposed to Cinder guys, we are not interested in having a "migration_success" status as well, since that would not be possible at the end of migration when we are back with 1 instance17:36
bswartzyeah the goal is for users not to observe any changes when possible17:37
gansobswartz: also, just to clarify, did you mean that phase 1 => phase 2 is a manual process?17:38
bswartzwell I meant that it should be another API call17:38
bswartzI'm also open to the possibility that what we really need is a whole new table to track long-running jobs17:38
bswartzwe haven't had any deep discussion on the data copy service yet, but one of my concerns there is state tracking of operations expected to take multiple minutes, hours, or days17:39
bswartzpossibly the right thing to do is to create a new table to track those operations17:39
gansobswartz: right... task_state field was intended for jobs... but it seems like we do not have many jobs scenarios17:39
bswartzif we go down that path then any migration status could go into that table17:40
bswartzthis needs a design though17:40
gansobswartz: yes... it is a very good idea if there are more than one job scenario... but currently we do not know of any besides migration17:41
bswartzganso: how about backup?17:41
bswartzit's not a proposed feature yet, but my vision of a manila backup service is that we tar up all your data and upload it to an object store17:41
bswartzthat would be a long running operation17:42
tbarron+117:42
gansobswartz: yes, seems like a good one... the data copy service would probably up for it as well :)17:42
bswartztbarron: do you have a keyword pounce set for "backup"? lol17:43
gouthamrhi ganso, bswartz: sorry for butting in, just a heads up.. one of the unanswered questions in DR is migrating a share that has replicas... would appreciate your thoughts on that.17:43
bswartzgouthamr: we need to make it unsupported17:43
tbarronbswartz: no, I actually watch the manila channel, just don't say much.17:43
bswartzand then design support for it later17:43
bswartztbarron: I'm just joking -- I know you're invested in backup though17:43
gansogouthamr: we discussed that in Tokyo, well... we would make it unsupported for now17:44
gouthamrbswartz: prevent migration of a share that has replicas?17:44
gansogouthamr: yes17:44
gouthamrganso: nice.. will need a code update. Thanks.17:45
tbarronbswartz: and in a vision of elasticaly provisioned data copy services17:45
gansogouthamr: but the future idea was that the fallback migration code would migrate the active replica and along with the share type, it would replicate it in the destination backend... the unsorted out part is AZ configuration for the destination backend17:46
tbarronbswartz: and separation of control and data plane capabilities, and doing some things in manila before cinder because it should be easier there - closer to a green field17:46
gouthamrganso: Doable but nasty.17:46
bswartzgouthamr: it's not nasty -- it's literally the only alternative17:47
bswartzgouthamr: unless you implement optimized migration17:48
gansogouthamr: the fallback migration itself is a bit nasty from a certain point of view... but there are not many better alternatives when we are dealing with backends from different vendors17:48
gouthamrtrue..17:49
bswartzganso: +117:49
bswartzin the real world we hope that fallback migration would not get used except for very rare circumstances like replacing one vendor with another perhaps17:50
bswartzthe hope is that everyone implements optimized migrations17:50
gansoyes... sometimes it feels a bit like reinventing the wheel... as ameade has been lately more used to17:51
*** marcusvrn_ has joined #openstack-manila17:59
*** haomaiwang has quit IRC18:01
*** haomaiwang has joined #openstack-manila18:01
*** timcl has quit IRC18:07
bswartzI really wish we had a live migration story like cinder does18:09
bswartzbut the philosophy here is that even a disruptive migration is better than no migration18:10
bswartzokay I have to drop offline for a bit brb18:10
*** bswartz has quit IRC18:10
*** JoseMello has joined #openstack-manila18:22
*** haomaiwa_ has joined #openstack-manila18:27
*** haomaiwang has quit IRC18:28
*** Yogi has joined #openstack-manila18:30
*** alyson_ has quit IRC18:34
*** jasonsb has quit IRC18:38
*** a_ta has quit IRC18:47
*** a_ta has joined #openstack-manila18:48
*** a_ta has quit IRC18:52
*** bswartz has joined #openstack-manila18:59
*** ChanServ changes topic to "Mitaka-1 is Dec 3rd"19:00
*** haomaiwa_ has quit IRC19:01
*** haomaiwang has joined #openstack-manila19:01
*** dustins has quit IRC19:08
*** gouthamr has quit IRC19:08
*** a_ta has joined #openstack-manila19:14
*** rhagarty has joined #openstack-manila19:21
*** jasonsb has joined #openstack-manila19:24
*** vbellur has quit IRC19:25
*** gouthamr has joined #openstack-manila19:31
*** gouthamr_ has joined #openstack-manila19:33
*** gouthamr has quit IRC19:36
*** dustins has joined #openstack-manila19:51
*** martyturner has quit IRC19:56
*** cknight has quit IRC19:56
*** martyturner has joined #openstack-manila19:57
*** cknight has joined #openstack-manila19:59
*** haomaiwang has quit IRC20:01
*** haomaiwang has joined #openstack-manila20:01
*** rhagarty has quit IRC20:05
*** gouthamr_ has quit IRC20:23
*** rhagarty has joined #openstack-manila20:26
*** gouthamr has joined #openstack-manila20:37
*** sgotliv has quit IRC20:53
*** cknight has quit IRC20:56
*** lpabon has joined #openstack-manila20:56
*** a_ta has quit IRC20:58
*** Yogi2 has joined #openstack-manila20:59
*** haomaiwang has quit IRC21:01
*** haomaiwang has joined #openstack-manila21:01
*** Yogi has quit IRC21:02
*** dzamboni has quit IRC21:03
*** martyturner has quit IRC21:04
*** martyturner has joined #openstack-manila21:06
*** timcl has joined #openstack-manila21:07
*** rhagarty_ has joined #openstack-manila21:12
*** rhagarty has quit IRC21:13
*** a_ta has joined #openstack-manila21:19
*** timcl has quit IRC21:21
openstackgerritAnthony Lee proposed openstack/manila: Refactor HP 3PAR share driver to now be HPE  https://review.openstack.org/24035321:22
*** ayma has quit IRC21:27
*** ayma has joined #openstack-manila21:28
*** a_ta has quit IRC21:30
*** a_ta has joined #openstack-manila21:32
*** Yogi2 has quit IRC21:35
*** akerr_ has quit IRC21:36
*** a_ta has quit IRC21:41
*** a_ta has joined #openstack-manila21:42
*** absubram has quit IRC21:44
*** gouthamr_ has joined #openstack-manila21:48
*** gouthamr has quit IRC21:51
*** JoseMello has quit IRC21:52
*** lpabon has quit IRC22:00
*** haomaiwang has quit IRC22:01
*** haomaiwang has joined #openstack-manila22:01
*** gouthamr_ has quit IRC22:02
*** ganso has quit IRC22:08
*** bswartz has quit IRC22:09
*** a_ta has quit IRC22:13
*** a_ta has joined #openstack-manila22:14
*** ayma has quit IRC22:14
*** akshai has quit IRC22:15
*** akshai has joined #openstack-manila22:16
openstackgerritAnthony Lee proposed openstack/manila: Refactor HP 3PAR share driver to now be HPE  https://review.openstack.org/24035322:18
*** a_ta has quit IRC22:18
*** porrua has quit IRC22:25
*** dustins has quit IRC22:26
*** a_ta has joined #openstack-manila22:27
*** ayma has joined #openstack-manila22:27
*** bswartz has joined #openstack-manila22:29
*** ayma has quit IRC22:32
*** dgonzalez has quit IRC22:51
*** martyturner has quit IRC22:52
*** haomaiwang has quit IRC23:01
*** haomaiwa_ has joined #openstack-manila23:01
*** dgonzalez has joined #openstack-manila23:04
*** dgonzalez has quit IRC23:06
*** dgonzalez has joined #openstack-manila23:07
*** dgonzalez has quit IRC23:12
*** dgonzalez has joined #openstack-manila23:12
*** a_ta has quit IRC23:30
*** gouthamr has joined #openstack-manila23:46
*** ameade has quit IRC23:54
*** ameade has joined #openstack-manila23:55
*** jasonsb_ has joined #openstack-manila23:57
« Wednesday, 2015-11-04 Index Friday, 2015-11-06 »

Generated by irclog2html.py 2.14.0 by Marius Gedminas - find it at mg.pov.lt!