Monday, 2016-01-25

« Sunday, 2016-01-24 Index Tuesday, 2016-01-26 »
openstackgerritLi Yingjun proposed openstack/python-searchlightclient: Add optional fields for source to query cli  https://review.openstack.org/27115201:19
*** yingjun has joined #openstack-searchlight01:19
openstackgerritLei Zhang proposed openstack/searchlight: WIP - Zaqar Forwarder plugin  https://review.openstack.org/27195809:17
*** yingjun has quit IRC09:40
*** yingjun has joined #openstack-searchlight09:40
*** yingjun has quit IRC09:45
*** yingjun has joined #openstack-searchlight11:35
*** yingjun has quit IRC14:16
*** nikhil_k has quit IRC14:33
*** nikhil has joined #openstack-searchlight14:34
*** yingjun has joined #openstack-searchlight14:37
*** yingjun has quit IRC14:38
*** yingjun has joined #openstack-searchlight14:38
*** yingjun has quit IRC14:43
*** yingjun has joined #openstack-searchlight14:43
*** GB21 has joined #openstack-searchlight15:13
*** sigmavirus24_awa is now known as sigmavirus2415:20
*** exploreshaifali has joined #openstack-searchlight15:35
*** yingjun has quit IRC15:38
*** bpokorny has joined #openstack-searchlight16:50
*** lakshmiS has joined #openstack-searchlight16:55
sjmc7lakshmiS: i’m gonna modify the swift notification middleware to better support your patch. assuming we want to support accounts, containers, objects, we need create/update/delete operations for all of them; i’ll put as many of the metadata fields your patch is looking for in17:03
lakshmiSsjmc7: sounds good17:09
*** GB21 has quit IRC17:17
*** TravT has joined #openstack-searchlight17:23
openstackgerritLakshmi N Sampath proposed openstack/searchlight: WIP - Swift plugin Pending RBAC and Code tuning.  https://review.openstack.org/27162218:25
*** pcaruana has joined #openstack-searchlight18:51
*** bpokorny has quit IRC18:59
*** openstackgerrit has quit IRC19:02
*** openstackgerrit has joined #openstack-searchlight19:03
openstackgerritRick Aulino proposed openstack/searchlight-specs: Spec for changes to ES document deletion.  https://review.openstack.org/26978319:16
openstackgerritTravis Tripp proposed openstack/searchlight: Add Devstack install support for searchlightclient  https://review.openstack.org/26835819:18
*** bpokorny has joined #openstack-searchlight19:18
*** RickA-HP has joined #openstack-searchlight19:19
RickA-HProsmaita: Hi Brian. Thanks for the thoughtful feedback on the ES Deletion blueprint. I had changes and add more concrete examples. I look forward to more comments!19:21
openstackgerritRick Aulino proposed openstack/searchlight-specs: Spec for changes to ES document deletion.  https://review.openstack.org/26978319:26
*** exploreshaifali has quit IRC19:30
rosmaitaRickA-HP: no problem, i'll take a look soon as i have some free time19:30
*** pcaruana has quit IRC19:32
*** pcaruana has joined #openstack-searchlight19:36
*** pcaruana has quit IRC19:40
*** pcaruana has joined #openstack-searchlight19:43
*** pcaruana has quit IRC19:56
openstackgerritMerged openstack/searchlight: Add Devstack install support for searchlightclient  https://review.openstack.org/26835820:22
sjmc7lakshmiS: some of the swift fields aren’t going to be available in middleware, unfortunately21:13
sjmc7i’m going to see how hard it’d be to send them from within the code instead, like nova etc do21:14
lakshmiSsome of them are created by searchlight itself to link the parent21:15
sjmc7yeah. middleware pretty much only has access to the request and response headers21:15
sjmc7and you don’t get many headers for PUT/POST operations21:16
sjmc7fields like bytes used, container-object-count, those sorts of things won’t be available21:17
sjmc7i’ll see how many i can get hold of21:19
sjmc7maybe we can ignore the others for now21:19
sjmc7also, i can’t find any distinction between container-id and container-name (same for accounts)21:20
lakshmiSid and name are same21:27
openstackgerritRick Aulino proposed openstack/searchlight-specs: Zero Downtime Reindexing Proposal  https://review.openstack.org/24522221:27
lakshmiSid is searchlight created field to uniquely get the swift url by further rest request21:27
sjmc7ok, just storing those for searching. and it looks like swift doesn’t support rename, so that’s good21:27
sjmc7i can’t figure out when/where new accounts are created21:28
lakshmiSthats the tricky part21:28
lakshmiSaccount is a keystone account, so it has to come from keystone21:28
sjmc7there’re POST and PUT handlers for them, but i’m not sure where they’re called21:28
lakshmiSswift doesnt have an api to list accounts21:28
sjmc7right, just get stats for an account you know the name of21:29
sjmc7i shall experiment21:29
sjmc7i wonder if it’s necessary to store Accounts at all21:29
lakshmiSadmin of an account can add a member to an account to give read/write rights by using POST21:29
sjmc7do they have any useful information?21:29
lakshmiSwe need accounts to get to containers21:29
sjmc7we don’t need them in e-s though21:29
sjmc7unless they control rbac21:30
lakshmiScould be useful to get summary21:30
lakshmiSof number of containers and objects on an account21:30
sjmc7the summary won’t ever get updated21:30
lakshmiSno api for that unless we keep it updated on container/object change21:30
sjmc7urgh21:31
sjmc7e-s lets you run sums on child documents21:31
lakshmiSthat could also be useful if we dont have to update any other fields on account21:32
notmynameFYI in swift there is currently work going on to enable an operator to get a list of all accounts found in the cluster. it's a current outreachy project21:32
lakshmiSnotmyname: it would have saved a lot of time for me :)21:33
sjmc7notmyname: at current, is account creation implicit when you first create a container?21:33
lakshmiSbased on policy yes21:33
lakshmiSproxy-server.conf account_autocreate = True21:34
notmynameright. that. by default, authorized requests will lazily create an account if it doesn't exist21:36
sjmc7ok. it’s not clear to me why we’d want to maintain account information in elasticsearch21:37
notmynamewhat account information? just that it exists? or metadata on it?21:37
sjmc7metadata21:38
lakshmiSsummayr on container count and metadata21:38
sjmc7or that it exists21:38
lakshmiSi think it doesnt harm having it in es.21:38
notmynamehow so?21:38
sjmc7it is much harder to update21:38
notmynameusers can set arbitrary metadata on their account, too.21:39
sjmc7ah, ok. is that kind of thing useful in a searching scenario?21:39
sjmc7i am a little blind, so i appreciate the help :)  trying to figure out how much we need to do to reliably keep things up to date21:39
notmynamewhat do you mean by up to date?21:40
sjmc7if ew’re storing account metadata in elasticsearch21:40
lakshmiSand can have objects on account too i guess(x-account-object-count)21:40
sjmc7we need to make sure we know when it changes. i was hoping to do that with middleware, but there’s a limit to how much information is available in the request/response headers21:41
notmynamemulti-tenancy in swift is done at the swift account level. in many cases, the user will only have access to their own account, so it doesn't make sense from a searching perspective (eg "show me the accounts where foo=bar" will be their own account or no results b/c/ permissions)21:41
sjmc7right. and even for an admin, searching over user-supplied metadata maybe isn’t very useful because it won’t mean anything21:42
notmynamebut other deployment models have an account per "other thing" (ie not a user). so you might have an account per department or project or something. in that case, yes a user would have access to more than one account and searching makes sense21:42
lakshmiSnotmyname: what happesn if user has reselleradmin role. can he not search across accounts?21:42
sjmc7i guess the question is: what is a user searching for21:42
sjmc7object metadata yes, definitely21:42
sjmc7container metadata… maybe21:43
notmynamelakshmiS: yes, that would work. but reselleradmin should be used like root. ie not an active thing :-)21:43
sjmc7account metadata, not so sure21:43
lakshmiSnotmyname: do users normally store metadata on account in real world21:43
notmynameI don't have data on that. it's a part of the API so I must assume "yes"21:44
sjmc7ok. then i guess we should assume yes21:44
sjmc7i do think we should drop any derived fields, like object counts21:45
sjmc7otherwise every object change will require a load of changes to accounts and containers21:45
lakshmiSobject count is part of account info swift REST api21:45
sjmc7i know21:45
sjmc7when you upload an object, what information would you expect in the notification?21:46
notmynameIMO, indexing account metadata is a silly question. as in, that's not even near the top of things to worry about. in large clusters, you'll have order of 10k to 100k accounts. and 3 or 4 (or 5!) orders of magnitude more containers possible. and another 4-6 orders of magnitude more objects than accounts21:46
sjmc7notmyname: yeah, that’s why i’d prefer to focus on objects/containers21:46
notmynameeg 100k accounts, the largest of which have 100k containers, the largest of which have 1000k+ objects21:47
sjmc7i was once one of those users :)21:47
notmynamesomeone will ask for searching account metadata. eg "show me accounts with more than 1M objects in storage policy Foo but less thank 1PB in the same policy"21:48
notmynameeven if it's "just" an operator, that type of query will be very very useful21:49
sjmc7yep - but i don’t think we need to incur the overhead of storing those counts for every object request21:49
sjmc7versus aggregating at query time21:49
notmynameyou've lost me. I don't know enough about your system to know what that means21:49
lakshmiSfor that kind of object count it can only be periodical if we need it21:49
notmynameright. and it's only updated on the account asynchronously21:50
lakshmiSso swift get account info looks at cached object count?21:50
notmyname"cached". what a tricky work ;-)21:50
sjmc7:)21:50
notmynameso the object count is stored on disk in the account. and it's also cached in memcache (with something like a 30s ttl)21:51
notmynamebut it's not a up-to-the-moment 100% accurate count. never has been, never will21:51
notmynameso you could poll the accounts. that's ugly.21:52
notmynameor...21:52
notmynameas part of the "list all the accounts" thing that's being worked on, we're developing a way you can hook into the auditors that walk the disk21:52
notmynameie we're crawling the disk to see what's there. we check for bit rot. we're adding the functionality to call an external method when we find something21:53
lakshmiSso there "will be" a call back hook to notify on account update21:53
notmynameobject version is https://review.openstack.org/#/c/212824/ with an example at https://github.com/smerritt/basic-audit-watcher21:54
notmynameand here's the account version https://review.openstack.org/#/c/268830/21:54
notmynamenote that neither have landed yet. but I expect them to21:54
lakshmiSsjmc7: if you want to wait until we can recieve account updates, I can disable the account indexing for now21:56
sjmc7no, we can get updates on metadata POSTs etc21:56
sjmc7not so sure about the aggregation data (object counts, byte sums)21:56
lakshmiSright21:56
lakshmiSif we index it will out of sync soon without them(kind of bad to have than disable it)21:57
TravTsorry for missing this, but sjmc7, are you saying that we would still be able to do things like get object and container counts per account even if we don't index the account by aggregating?22:01
sjmc7in a fashion, yeah. there’s no direct equivalent of SQL’s ‘HAVING’ clause, but there are various aggregation functions22:02
sjmc7it wouldn’t be as straightforward as a stored number22:02
sjmc7i guess we could make it optional until we know what impact it’ll have trying to store it22:03
TravTwell, if i'm reading this correctly, if we receive notifications for all these counts on the account level, we'll be getting double notifications right?22:04
TravTonce when the object change notification comes in and once on the account level.  Or am i missing something?22:05
TravTi guess i need to read the patch lakshmi put up late Friday night22:05
lakshmiSthey will be different notifications. object count on container and account22:06
lakshmiSideally it should be CRUD notifications each for account/container/object22:07
TravTlakshmiS sjmc7: are you on the current prototype discussions for the new swift panel in horizon?22:07
TravTi can add you if you aren't22:08
lakshmiSyes i am on22:08
TravTok, good22:08
lakshmiSi have a hard stop in few mins. will be back later22:10
lakshmiSnotmyname: off the topic question. do you know if swift will have support for keystone "session" this release?22:11
lakshmiSi meant swiftclient22:12
*** RickA-HP has quit IRC22:12
notmynamepassing in a keystone session and using that as an auth context?22:14
lakshmiSyes22:14
notmynamecertainly been talked about, and desired. https://review.openstack.org/#/c/270045/ seems to be a start22:14
lakshmiSyeah sjmc7 mentiond about it, but wasnt sure how serious is the change to be landed in near future22:15
lakshmiSanyway thanks for the link. will keep a watch22:17
*** lakshmiS has quit IRC22:19
*** lakshmiS has joined #openstack-searchlight23:05
*** sigmavirus24 is now known as sigmavirus24_awa23:07
*** david-lyle has quit IRC23:44
« Sunday, 2016-01-24 Index Tuesday, 2016-01-26 »

Generated by irclog2html.py 2.14.0 by Marius Gedminas - find it at mg.pov.lt!