Thursday, 2021-05-27

« Wednesday, 2021-05-26 Index Friday, 2021-05-28 »
*** mlavalle has quit IRC00:02
*** _erlon_ has quit IRC00:16
*** sapd1 has quit IRC00:38
*** pmannidi has joined #openstack-nova00:40
*** cz3 has joined #openstack-nova00:41
*** swp20 has joined #openstack-nova00:41
*** martinkennelly has quit IRC00:44
*** LinPeiWen has joined #openstack-nova00:45
openstackgerritnorman shen proposed openstack/nova-specs master: Speed up server details  https://review.opendev.org/c/openstack/nova-specs/+/79162000:46
*** alex_xu_ has joined #openstack-nova00:50
*** swp20 has quit IRC00:52
*** alex_xu_ has quit IRC00:56
*** alex_xu_ has joined #openstack-nova01:12
openstackgerritnorman shen proposed openstack/nova-specs master: Speed up server details  https://review.opendev.org/c/openstack/nova-specs/+/79162001:15
*** LinPeiWen has quit IRC01:16
*** __ministry has joined #openstack-nova01:20
openstackgerritWenping Song proposed openstack/nova-specs master: Add no user token when get Cyborg client  https://review.opendev.org/c/openstack/nova-specs/+/78717801:30
*** melwitt has quit IRC01:55
*** swp20 has joined #openstack-nova01:56
*** melwitt has joined #openstack-nova01:56
*** brinzhang has joined #openstack-nova01:56
*** xinranwang has joined #openstack-nova01:58
*** swp20 is now known as wenpingsong01:59
*** melwitt has quit IRC02:09
*** melwitt has joined #openstack-nova02:10
*** k_mouza has joined #openstack-nova02:16
*** k_mouza has quit IRC02:20
*** LinPeiWen has joined #openstack-nova02:21
*** hamalq has quit IRC02:24
openstackgerritKevin Zhao proposed openstack/nova master: Support Cpu Compararion on Aarch64 Platform  https://review.opendev.org/c/openstack/nova/+/76392802:24
*** hamalq has joined #openstack-nova02:24
*** amodi has quit IRC02:50
*** vegarl has quit IRC02:50
*** ozzzo has quit IRC02:50
*** yoctozepto has quit IRC02:50
*** jlvillal has quit IRC02:50
*** hack-char has quit IRC02:50
*** BLZbubba has quit IRC02:50
*** jlvillal has joined #openstack-nova02:50
*** ozzzo has joined #openstack-nova02:50
*** vegarl has joined #openstack-nova02:50
*** yoctozepto has joined #openstack-nova02:50
*** hack-char has joined #openstack-nova02:50
*** BLZbubba has joined #openstack-nova02:50
*** alex_xu has quit IRC02:52
*** alex_xu_ has quit IRC02:59
*** alex_xu has joined #openstack-nova03:00
*** mkrai has joined #openstack-nova03:02
*** hamalq has quit IRC03:10
*** hamalq has joined #openstack-nova03:11
*** amodi has joined #openstack-nova03:13
*** wenpingsong has quit IRC03:18
*** vishalmanchanda has joined #openstack-nova03:34
*** hamalq has quit IRC03:40
*** hamalq has joined #openstack-nova03:41
*** alex_xu has quit IRC03:48
*** hamalq has quit IRC03:50
*** hamalq has joined #openstack-nova03:51
*** mkrai has quit IRC03:59
*** mkrai has joined #openstack-nova04:01
*** hamalq has quit IRC04:07
*** ratailor has joined #openstack-nova04:45
*** links has joined #openstack-nova04:46
*** ratailor has quit IRC04:55
*** ratailor has joined #openstack-nova04:59
*** xinranwang has quit IRC05:04
*** ratailor_ has joined #openstack-nova05:16
*** ratailor has quit IRC05:19
*** pmannidi has quit IRC05:43
*** pmannidi has joined #openstack-nova05:45
*** brinzhang has quit IRC05:47
*** mnasiadka has left #openstack-nova05:57
openstackgerritnorman shen proposed openstack/nova master: Saving security group to info_cache  https://review.opendev.org/c/openstack/nova/+/78634806:11
*** arne_wiebalck has quit IRC06:20
*** arne_wiebalck has joined #openstack-nova06:20
openstackgerritnorman shen proposed openstack/nova master: Saving security group to info_cache  https://review.opendev.org/c/openstack/nova/+/78634806:31
*** lpetrut has joined #openstack-nova06:32
*** lpetrut has quit IRC06:35
*** alex_xu has joined #openstack-nova06:40
*** dklyle has quit IRC06:43
*** ralonsoh has joined #openstack-nova06:47
*** ratailor__ has joined #openstack-nova07:06
*** ratailor_ has quit IRC07:09
*** mkrai has quit IRC07:11
openstackgerritnorman shen proposed openstack/nova master: Saving security group to info_cache  https://review.opendev.org/c/openstack/nova/+/78634807:16
*** tosky has joined #openstack-nova07:18
*** rpittau|afk is now known as rpittau07:22
*** andrewbonney has joined #openstack-nova07:34
*** alex_xu has quit IRC07:34
lyarwoodgibi: https://review.opendev.org/c/openstack/nova/+/790660 - I just W+'d this again after the rebase btw07:53
* lyarwood is getting bored of gate failures this week07:53
lyarwoodgibi: https://review.opendev.org/c/openstack/nova/+/793219/ can you take a look at this so ^ can land?07:53
openstackgerritnorman shen proposed openstack/nova master: Saving security group to info_cache  https://review.opendev.org/c/openstack/nova/+/78634808:07
*** lucasagomes has joined #openstack-nova08:09
bauzaslyarwood: I can take a look08:10
lyarwoodthanks08:10
*** k_mouza has joined #openstack-nova08:16
*** martinkennelly has joined #openstack-nova08:16
*** avolkov has joined #openstack-nova08:19
*** k_mouza has quit IRC08:21
gibilyarwood: looking too08:23
openstackgerritMerged openstack/nova-specs master: QoS minimum guaranteed packet rate  https://review.opendev.org/c/openstack/nova-specs/+/78501408:31
*** ttx has quit IRC08:33
*** ttx has joined #openstack-nova08:34
bauzassean-k-mooney: sorry, I didn't wanted to hold the pps spec from gibi when I said 'I'll look at the spec'08:50
bauzassean-k-mooney: it was just for knowing what was your concern08:50
bauzasanyway, merged now :)08:51
openstackgerritnorman shen proposed openstack/nova master: Saving security group to info_cache  https://review.opendev.org/c/openstack/nova/+/78634808:52
gibibauzas,sean-k-mooney: thanks08:57
gibiI have feedback from Rodolfo on the neutron side so I will continue with that08:57
*** dosaboy has quit IRC09:04
openstackgerritnorman shen proposed openstack/nova master: Saving security group to info_cache  https://review.opendev.org/c/openstack/nova/+/78634809:19
*** mkrai has joined #openstack-nova09:27
*** mgoddard has joined #openstack-nova09:35
openstackgerritnorman shen proposed openstack/nova master: Saving security group to info_cache  https://review.opendev.org/c/openstack/nova/+/78634809:41
openstackgerritDmitrii Shcherbakov proposed openstack/nova-specs master: Integration With Off-path Network Backends  https://review.opendev.org/c/openstack/nova-specs/+/78745809:43
openstackgerritLee Yarwood proposed openstack/nova stable/wallaby: image_meta: Provide image_ref as the id when fetching from instance  https://review.opendev.org/c/openstack/nova/+/79335409:54
*** k_mouza has joined #openstack-nova09:59
*** k_mouza has quit IRC10:01
*** k_mouza has joined #openstack-nova10:01
*** k_mouza has quit IRC10:01
*** k_mouza has joined #openstack-nova10:02
openstackgerritLee Yarwood proposed openstack/nova stable/victoria: libvirt: make cross cell resize spawn from snapshot image  https://review.opendev.org/c/openstack/nova/+/79335610:02
openstackgerritLee Yarwood proposed openstack/nova stable/victoria: image_meta: Provide image_ref as the id when fetching from instance  https://review.opendev.org/c/openstack/nova/+/79335710:02
slaweqlyarwood: hi, can You maybe check https://review.opendev.org/c/openstack/nova/+/787252 ?10:26
slaweqthx in advance10:26
openstackgerritnorman shen proposed openstack/nova master: Saving security group to info_cache  https://review.opendev.org/c/openstack/nova/+/78634810:31
*** macz_ has joined #openstack-nova10:32
*** macz_ has quit IRC10:36
*** avolkov has quit IRC10:38
*** mgoddard has quit IRC10:41
*** k_mouza has quit IRC10:43
*** k_mouza has joined #openstack-nova10:46
*** jangutter has joined #openstack-nova10:48
openstackgerritLee Yarwood proposed openstack/nova stable/ussuri: Add regression test for bug #1928063  https://review.opendev.org/c/openstack/nova/+/79337210:49
openstackgerritLee Yarwood proposed openstack/nova stable/ussuri: libvirt: make cross cell resize spawn from snapshot image  https://review.opendev.org/c/openstack/nova/+/79337310:49
openstackgerritLee Yarwood proposed openstack/nova stable/ussuri: image_meta: Provide image_ref as the id when fetching from instance  https://review.opendev.org/c/openstack/nova/+/79337410:49
openstackbug 1928063 in OpenStack Compute (nova) "SEV enabled instance unable to hard reboot" [Medium,In progress] https://launchpad.net/bugs/1928063 - Assigned to Lee Yarwood (lyarwood)10:49
*** jangutter has quit IRC10:50
*** mkrai has quit IRC10:55
*** hoonetorg has quit IRC11:05
*** jangutter has joined #openstack-nova11:15
*** jangutter has quit IRC11:26
*** jangutter has joined #openstack-nova11:34
*** k_mouza has quit IRC11:40
*** k_mouza has joined #openstack-nova11:40
*** hoonetorg has joined #openstack-nova11:58
*** mgoddard has joined #openstack-nova12:00
*** tesseract has joined #openstack-nova12:15
openstackgerritnorman shen proposed openstack/nova master: Saving security group to info_cache  https://review.opendev.org/c/openstack/nova/+/78634812:57
*** jraju__ has joined #openstack-nova12:59
*** links has quit IRC13:00
*** ociuhandu has joined #openstack-nova13:13
*** ratailor__ has quit IRC13:15
openstackgerritnorman shen proposed openstack/nova master: Saving security group to info_cache  https://review.opendev.org/c/openstack/nova/+/78634813:23
*** viks____ has joined #openstack-nova13:32
openstackgerritnorman shen proposed openstack/nova master: Saving security group to info_cache  https://review.opendev.org/c/openstack/nova/+/78634813:43
bauzasgibi: gentle reminder that all the Red Hat folks should be off tomorrow13:51
bauzasand like every year, I have this PTO just for my lawn mower...13:52
gibibauzas: thanks for the reminder13:54
gibifor all RH folks, have a nice day off!13:54
*** sapd1 has joined #openstack-nova13:56
sean-k-mooney:) actully im taking monday off too14:02
*** macz_ has joined #openstack-nova14:02
sean-k-mooneybut thank you none the less14:02
*** macz_ has quit IRC14:02
*** links has joined #openstack-nova14:05
*** jraju__ has quit IRC14:05
*** jawad_axd has quit IRC14:07
*** jawad_axd has joined #openstack-nova14:07
*** ociuhandu has quit IRC14:11
*** jawad_axd has quit IRC14:12
*** martinkennelly has quit IRC14:17
*** ociuhandu has joined #openstack-nova14:19
openstackgerritnorman shen proposed openstack/nova master: Saving security group to info_cache  https://review.opendev.org/c/openstack/nova/+/78634814:20
*** jawad_axd has joined #openstack-nova14:38
*** mgariepy has quit IRC14:43
*** dklyle has joined #openstack-nova14:55
*** mgariepy has joined #openstack-nova14:57
*** pmannidi has quit IRC14:59
*** macz_ has joined #openstack-nova15:05
*** macz_ has quit IRC15:05
*** jawad_axd has quit IRC15:13
openstackgerritnorman shen proposed openstack/nova master: Saving security group to info_cache  https://review.opendev.org/c/openstack/nova/+/78634815:15
* lyarwood is off on both Friday and Monday FWIW15:20
*** macz_ has joined #openstack-nova15:24
*** mgoddard has quit IRC15:25
*** masayukig has quit IRC15:33
*** tinwood has quit IRC15:33
*** DinaBelova has quit IRC15:33
*** masayukig has joined #openstack-nova15:34
*** tinwood has joined #openstack-nova15:34
*** DinaBelova has joined #openstack-nova15:34
melwittsame for me15:34
*** cz3 has quit IRC15:36
melwittlyarwood: sorry if this has been mentioned before but are you familiar with this failure setting up ceph "Error EPERM: configuring pool size as 1 is disabled by default." this is on stable/victoria https://zuul.opendev.org/t/openstack/build/7de187da76af48aab23337c4f9d16f9c/log/job-output.txt#540315:36
*** masterpe has quit IRC15:38
*** sean-k-mooney[m] has quit IRC15:39
*** lyarwood has quit IRC15:39
*** macz_ has quit IRC15:41
* gibi prepares for the cricket noises for the next 4 days15:42
gibibtw if the IRC cutover happens during the weekend then I will make sure privatly guide people to the other IRC server where our discussions will be logged15:42
*** ociuhandu has quit IRC15:43
*** ociuhandu has joined #openstack-nova15:43
*** DinaBelova has quit IRC15:44
*** macz_ has joined #openstack-nova15:45
*** DinaBelova has joined #openstack-nova15:50
*** martinkennelly has joined #openstack-nova15:51
*** ociuhandu has quit IRC15:51
melwitthm maybe that's not actually from setting up ceph15:57
openstackgerritLee Yarwood proposed openstack/nova master: WIP libvirt: Do not destroy volume secrets during resume_state_on_host_boot  https://review.opendev.org/c/openstack/nova/+/79346315:57
melwittok it looks like it's failing here https://github.com/openstack/nova/blob/stable/victoria/gate/live_migration/hooks/ceph.sh#L4716:02
*** ociuhandu has joined #openstack-nova16:03
*** macz_ has quit IRC16:03
*** macz_ has joined #openstack-nova16:05
*** ociuhandu has quit IRC16:08
*** lyarwood has joined #openstack-nova16:12
*** rpittau is now known as rpittau|afk16:12
melwittlooks like it's installing the pacific release... that doesn't seem right16:13
melwittit's using the train uca, which is right16:13
*** ociuhandu has joined #openstack-nova16:14
*** ociuhandu has quit IRC16:14
melwitt"Monitors now have config option mon_allow_pool_size_one, which is disabled by default. However, if enabled, user now have to pass the --yes-i-really-mean-it flag to osd pool set size 1, if they are really sure of configuring pool size 1." https://docs.ceph.com/en/latest/releases/pacific/16:19
melwittthere we go. so I guess I first try a recheck and see if the installation of the pacific release was a spurious thing that isn't consistently happening16:20
* melwitt checks other stable/victoria test runs first16:21
*** lyarwood has quit IRC16:22
*** macz_ has quit IRC16:22
*** tesseract has quit IRC16:23
*** macz_ has joined #openstack-nova16:24
melwittlast passing run was on May 21 and was installing the expected release nautilus16:25
*** lyarwood has joined #openstack-nova16:28
*** lucasagomes has quit IRC16:29
melwittand I do find a few other failures of the same thing since May 2516:29
*** mlavalle has joined #openstack-nova16:34
*** bnemec has quit IRC16:36
melwitthm, the ceph version is yellow "version is not current" https://openstack-ci-reports.ubuntu.com/reports/cloud-archive/train_versions.html not sure what that means. the version listed there is the one we want (nautilus) so I don't know why we're getting pacific16:37
*** masterpe has joined #openstack-nova16:39
*** jmlowe has quit IRC16:40
*** jmlowe has joined #openstack-nova16:41
*** macz_ has quit IRC16:42
*** macz_ has joined #openstack-nova16:47
gmanndansmith: did you see my reply on this does it make sense? https://review.opendev.org/c/openstack/nova-specs/+/793011/1/specs/xena/approved/allow-project-admin-list-hypervisors.rst#6616:48
*** jawad_axd has joined #openstack-nova16:48
dansmithgmann: I did not16:48
gmannk16:48
gmanngibi: stephenfin I replied to this comment if I understand it correctly. can you check this - https://review.opendev.org/c/openstack/nova-specs/+/793011/2/specs/xena/approved/allow-project-admin-list-hypervisors.rst#8116:49
dansmithgmann: replied16:52
*** viks____ has quit IRC16:59
*** mgoddard has joined #openstack-nova16:59
*** ralonsoh has quit IRC17:01
melwittgmann, dansmith: I skimmed over that spec on tuesday and was thinking, it depends on how you're defining project-admin. if you're defining it as system-admin scoped down to only a project, then showing the hostnames makes sense. if it's not that, then the obfuscated names make sense. I'm curious what lbragstad would say was the intended meaning/use17:01
*** hamalq has joined #openstack-nova17:01
dansmithmelwitt: yeah, I thought it was more the latter (obviously). I'm not sure what the point of the former is in most cases17:02
dansmithI thought the problem was that they wanted some people to be able to violate scheduling restraints and bust locks and reset instance state, but not muck with aggregates and system-level stuff17:02
melwittyeah, I'm not sure. I haven't acquired a solid understanding of what project-admin is supposed to be, from a secure rbac design perspective17:03
dansmithI think if you take the public cloud case, we need to know if project-admin is supposed to be a low-level sysadmin on the cloud side, or a high-level power user on the customer side17:04
dansmithI have been assuming the latter17:04
dansmithI guess the former could be some customer-dedicated support person, but I would expect those cases to be pretty uncommon17:05
melwittyeah. one of the use cases that comes to mind first for me (bc a customer wanted this) was a role where some people could do live migrations but not be admin (live the global admin we have today)17:07
melwitt*like the global admin17:07
dansmithyeah exactly17:07
dansmiththat might be a role and not all-of-admin I would think,17:07
melwittso then you will ask, can that live migration person force to a specific host?17:08
dansmithbut I would guess you mostly want those people migrating to hosts symbolically and not having to know the hostname17:08
melwittI know this is whack but I was just thinking I wonder if it would be legit to use obfuscated host for target host17:08
*** cz3 has joined #openstack-nova17:09
dansmithI don't think it is today, but I think that if we want to delegate live migration to a non-system-admin, that'd be the goal: let them use the obfuscated host17:09
melwittyeah I doubt it's possible today but I wonder if it would be legit to add it for this project-admin use case17:09
sean-k-mooneymelwitt: the issue with using the hashed host is reversing it17:09
dansmithbut, as noted in my follow up a few minutes ago, I think host uuid would be a good compromise.. not project-scoped like the hostid, but otherwise opaque17:09
dansmithsean-k-mooney: right, hence using the uuid17:10
melwittah yeah, that's even better17:10
dansmithso assume project admins can be trusted with non-project-scoped host identifiers, but without needing to expose actual dns names to them17:10
sean-k-mooneyhost uuid hum17:10
sean-k-mooneyis that any safer tehn hostname17:11
dansmiththey would be able to correlate their hostids to uuids, which regular users can't do, and that would let them collude with other project admins to determine *some* details,17:11
sean-k-mooneymarginally perhaps17:11
dansmithsean-k-mooney: hostnames contain machine model numbers, deployment dates, network and topology details, etc17:11
sean-k-mooneyya they can17:11
dansmithhost123-dl360g1-legacy.old-building.example.com17:11
sean-k-mooneyi was more thinink about targeting a host form a different project17:12
sean-k-mooneyto land something on the same host intionally17:12
dansmithright, like I said, there's some possibility for collusion between project admins,17:12
dansmithbut only to co-locate a thing, not to know infra details17:12
dansmithand if you're granting the user the ability to target hosts, then you're kinda opening that up a bit anyway17:13
sean-k-mooneywhat about using a semtric key instad of a hash for the host id17:13
dansmithyou could do it covertly withou the uuid by measuring latency or something17:13
sean-k-mooneywell rather a reversable key17:13
dansmithsean-k-mooney: how is that better? it's reversible, but we still have to calculate it on every query17:13
sean-k-mooneyit can be asmetic17:13
sean-k-mooneywe will just have to decyprt it17:13
dansmithwe could just hash all the things in their aggregate as quick as reversing17:13
sean-k-mooneywe could yes17:14
gmanndo not we return host name in GET /servers today?17:14
dansmithI bet md5 or whatever we use is fast enough to just do it forwards for every host in their aggregate if we're going to go to that trouble17:14
gmannhostID is obfuscated17:14
dansmithgmann: no, we return a project-scoped hash of the hostname for non-admins17:14
melwittgmann: we don't unless you're admin admin17:14
gmannyeah i mean for admin17:14
gmannproject admin i mean17:14
dansmithgmann: but that's system admin17:14
dansmithright now17:14
sean-k-mooneygmann: host id is a hach of the host uuid and the porject id17:14
melwittyeah, I would agree the admin of today is a system admin, they can do literally everything17:15
melwittgo across projects and all that17:15
sean-k-mooneydansmith: are you realisticaly think of adding a project-host mapping table in the nova-api17:16
gmannah right, i thought it is SYSTEM+ Project scoped  https://github.com/openstack/nova/blob/master/nova/policies/extended_server_attributes.py#L2717:16
dansmithmelwitt: and administer the system at things like the aggregate level17:16
dansmithsean-k-mooney: no17:16
sean-k-mooneyjust using the uuid un hased17:16
sean-k-mooney*hashed17:16
dansmithyeah, I think that's a reasonable compromise17:17
sean-k-mooneyhow would they discover it?17:17
dansmithif not, then I think we have to calculate the hash on the fly when we're using a obfuscated directed boot17:17
melwittgmann: yeah that's what I was saying earlier is the root question that would guide what to do here. I do note though that if it were SYSTEM + limited to a project, the hostnames wouldn't be any better than the host uuids right? since you're silo'ed within a project17:17
dansmithsean-k-mooney: they can see it in the hypervisors list, that's what the spec is proposing.. to expose that in part to project admins17:17
sean-k-mooneyright i was wondering if we were going to keep that17:18
gmannmelwitt: i see17:18
dansmithsean-k-mooney: and I'm saying we should do that, but not expose the hostname, and then make the requested_destination take either17:18
sean-k-mooneyso we would be retrunign only a subset of the columns to them17:18
dansmithsean-k-mooney: as we do for server detail17:18
sean-k-mooneyok i think that can work17:18
melwittgmann: like I mean, if you're not allowed to migrate a server across a project boundary, I'm not sure what additional the real hostname gets you. or rather do you "need" to know it17:18
sean-k-mooneyis the uuid the only feild we should show them17:19
sean-k-mooneyim not sure they need to see uptrime ectra17:19
dansmithsean-k-mooney: s/show/hide/ you mean?17:19
dansmithsean-k-mooney: they need most of what hypervisors show them in terms of used/free memory to make a decision I think, but yeah we could hide more in there17:19
dansmithsean-k-mooney: you should go review the spec :)17:19
gmanndansmith: sean-k-mooney we can show with 'None or 'Unknown' value and keep response field consistent17:20
sean-k-mooneyits on my list but i was also going to finish up soon17:20
dansmithgmann: unknown isn't right, but maybe "<hidden>" or something17:20
sean-k-mooneygmann: am i would prefer to not have the filed there17:20
gmannmelwitt: yeah but  for booting server we need real name17:20
*** jawad_axd has quit IRC17:20
dansmithsean-k-mooney: agree, I'd rather just exclude that field17:20
gmannyeah <hidden> work17:20
dansmithgmann: we would need to make it take hostname or host-uuid17:21
melwittgmann: today you do but we're talking about adding the ability to use the uuid17:21
dansmithright17:21
gmannsean-k-mooney: but we return those field for system admin and not for project admin is difficult way to read it17:21
sean-k-mooneyi dont think thats hard17:21
gmannmelwitt: dansmith yeah i get the point of uuid17:21
sean-k-mooneywe now have 9 personas17:21
sean-k-mooneyinstead of 217:21
gmannand obfuscated uuid right17:21
dansmithgmann: no, can't be obfuscated17:22
sean-k-mooneyso we should expect that for some api system admin will see more then project admin17:22
dansmithgmann: it's opaque, but not scoped or obfuscated further17:22
gmannsean-k-mooney: 7 for nova17:22
*** k_mouza_ has joined #openstack-nova17:22
sean-k-mooney7?17:23
sean-k-mooneyi was expecting 6 or 917:23
sean-k-mooneyeither domain has no menaing or it does17:23
gmannactually 5.  we do not have system member17:23
gmanni counted the combination also17:23
sean-k-mooneyideally nova itself woudl be runnign as system member but ok17:24
gmanndansmith: and having mapping in DB?17:24
dansmithgmann: no, no mapping. we'd have to map every project and every host17:24
sean-k-mooneygmann: dansmith  is suggesting just using the current uuid17:25
sean-k-mooneywhich i think is an ok comprmise17:25
dansmithgmann: using the uuid lets us look up t he host in O(1), which is what we want. It exposes a 1:1 identifier that the project admin can use, but without any details that are often embedded in hostnames17:25
*** k_mouza has quit IRC17:25
sean-k-mooneyits slightly better then the hostname for the reason he gave above17:25
sean-k-mooneybut still allows effiecnt scheduling17:26
dansmithright17:26
gmannand with uuid non-admn or project admin cannot get host detail so make sense17:26
dansmithright17:26
gmanngot it17:26
sean-k-mooneyya we would reject a /hypervior/detail request with a project admin token17:26
dansmithyou're exposing a little more of the system to the project-admin, so they can direct servers, but not everything that a hostname might encode in it17:27
dansmithsean-k-mooney: no, we have to support that17:27
gmannbtw why we do obfuscated  hostID in GET API ?17:27
dansmithsean-k-mooney: they want to be able to see some details of the hosts17:27
sean-k-mooneywell ok yes17:27
sean-k-mooneybut not all the fileds17:27
dansmithgmann: so that users can't tell that they are on the same host across coke/pepsi17:27
gmannohk,17:27
openstackgerritLee Yarwood proposed openstack/nova master: WIP libvirt: Do not destroy volume secrets during _hard_reboot  https://review.opendev.org/c/openstack/nova/+/79346317:28
dansmithgmann: okay, so .. all good?17:28
gmannone last one, on new policy17:29
sean-k-mooneythere is one other advantage17:29
*** andrewbonney has quit IRC17:29
gmannthis one https://review.opendev.org/c/openstack/nova-specs/+/793011/2/specs/xena/approved/allow-project-admin-list-hypervisors.rst#4117:29
sean-k-mooneyif im not mistaken we do not support using the uuid with the old az hack17:29
gmannany objection on adding new policy to let operator to list all hypervisors ?17:29
sean-k-mooneyso they can bypass the sculder with --availabit-zone <zone>:<hostname>17:29
sean-k-mooneyif we give the the uuid right17:30
dansmithgmann: no, I  think that makes sense if they want to allow that17:30
*** hamalq has quit IRC17:30
gmanncool17:30
gmannI will update the spec accordingly.17:31
gmannthanks dansmith melwitt sean-k-mooney17:31
*** hamalq has joined #openstack-nova17:31
dansmithgmann: cool, sorry for missing your reply earlier17:31
sean-k-mooneyoh to remove the aggreate metadtata requirement17:31
sean-k-mooneyform an end user perspecitv i would not be able to tell the diffrenece17:31
gmanndansmith: np! I too missed to ask that day itself.17:31
sean-k-mooneyso that policy would not be an interop issue so i think its ok to add one yes17:32
sean-k-mooneyok i am going to finish up for the day. ill see everyon on our new home on tuesday o/17:33
dansmithsean-k-mooney: enjoy o/17:33
melwitthave a good weekend o/17:33
*** sean-k-mooney has quit IRC17:34
dansmithwow17:35
dansmithnot used to seeing that :P17:35
melwitt😆17:37
artomHe's been making big improvement in keeping a regular work schedule17:39
artom(I sound like his dad)17:39
gmannlucky redhatters  :) long weekend17:39
gmannI miss Tokyo in that term for many long weekend and three golden weeks in a year17:40
*** macz_ has quit IRC17:58
*** bnemec has joined #openstack-nova18:02
*** macz_ has joined #openstack-nova18:16
*** hamalq has quit IRC18:20
*** hamalq has joined #openstack-nova18:21
*** iurygregory has quit IRC18:25
*** k_mouza_ has quit IRC18:26
*** k_mouza has joined #openstack-nova19:04
*** k_mouza has quit IRC19:25
*** k_mouza has joined #openstack-nova19:26
*** k_mouza_ has joined #openstack-nova19:31
*** k_mouza has quit IRC19:31
*** k_mouza has joined #openstack-nova19:31
*** k_mouza__ has joined #openstack-nova19:34
*** k_mouza_ has quit IRC19:34
*** k_mouza has quit IRC19:37
*** k_mouza has joined #openstack-nova19:38
*** artom has quit IRC19:39
*** k_mouza_ has joined #openstack-nova19:39
*** k_mouza__ has quit IRC19:41
*** k_mouza has quit IRC19:43
*** k_mouza has joined #openstack-nova19:43
*** k_mouza_ has quit IRC19:47
*** jawad_axd has joined #openstack-nova19:54
*** jawad_axd has quit IRC19:58
*** flaviof has left #openstack-nova20:04
*** eharney has quit IRC20:10
*** slaweq has quit IRC20:32
*** iurygregory has joined #openstack-nova20:49
*** hamalq has quit IRC20:51
*** hamalq has joined #openstack-nova20:51
*** vishalmanchanda has quit IRC20:54
*** links has quit IRC20:55
*** jmlowe has quit IRC20:58
*** jmlowe has joined #openstack-nova21:00
*** jawad_axd has joined #openstack-nova21:42
*** slaweq has joined #openstack-nova21:48
*** cz3 has quit IRC22:10
*** hamalq has quit IRC22:11
*** hamalq has joined #openstack-nova22:12
*** jawad_axd has quit IRC22:16
*** slaweq has quit IRC22:24
*** macz_ has quit IRC23:07
*** tosky has quit IRC23:12
*** pmannidi has joined #openstack-nova23:17
openstackgerritGhanshyam proposed openstack/nova-specs master: Allow project admin to list hypervisors  https://review.opendev.org/c/openstack/nova-specs/+/79301123:23
gmanndansmith: melwitt ^^23:23
*** jawad_axd has joined #openstack-nova23:34
*** mlavalle has quit IRC23:47
« Wednesday, 2021-05-26 Index Friday, 2021-05-28 »

Generated by irclog2html.py 2.17.2 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!