Thursday, 2015-07-16

*** yonglihe has joined #senlin		00:43
*** Qiming has joined #senlin		00:49
openstackgerrit	Merged stackforge/senlin: Updated from global requirements https://review.openstack.org/202292	00:56
*** Qiming has quit IRC		01:11
*** openstack has joined #senlin		01:26
*** Yanyanhu has joined #senlin		01:26
*** jruano has quit IRC		01:26
*** htruta_ has joined #senlin		01:34
openstackgerrit	Yanyan Hu proposed stackforge/senlin: Using openstacksdk function call in keystone_v3 driver https://review.openstack.org/201945	01:36
*** jdandrea has quit IRC		01:38
*** jruano has joined #senlin		01:48
*** Qiming has joined #senlin		01:53
Qiming	morning	01:55
Yanyanhu	morning	01:56
Yanyanhu	late today :)	01:56
Qiming	yip, slept so well ...	01:57
Yanyanhu	sigh, I'm very sleepy today, only slept about 5 hours yesterday	01:57
Yanyanhu	in such as conmfortable day.... what a pitty...	01:58
Qiming	:) I can buy you some coffee	01:58
Yanyanhu	thanks... after start coding, will not sleepy anymore ;)	01:58
lixinhui_	:-)	01:59
Qiming	lixinhui_, your two patches	02:03
Qiming	they are supposed to be two patch sets of the same thing	02:04
Qiming	can we abandon this one: https://review.openstack.org/#/c/201935/	02:05
Qiming	and propose a patch set 2 for this one: https://review.openstack.org/#/c/201930/ ?	02:05
*** lixinhui_ has quit IRC		02:07
Yanyanhu	hi, Qiming, about the patch of adding user/domain/project properties for policy object, I think it's ok. Just one question, for the case of cluster_policy_attach action, whose owner informatoin we should use to build the credential params	02:08
Yanyanhu	the cluster or policy?	02:08
*** lixinhui_ has joined #senlin		02:09
Qiming	I think the cluster is it	02:09
Yanyanhu	ok, me too	02:09
Qiming	actually they should be the same thing	02:09
Yanyanhu	actually, this is a comon questoin, not only for this patch	02:09
Yanyanhu	right	02:09
Qiming	need to add a check whether a cluster and a policy are owned by the same user	02:10
Yanyanhu	but in come cases where different users create the cluster and policy respectively	02:10
Yanyanhu	right	02:10
openstackgerrit	Merged stackforge/senlin: Using openstacksdk function call in keystone_v3 driver https://review.openstack.org/201945	02:10
Yanyanhu	understand	02:10
openstackgerrit	Merged stackforge/senlin: Remove initilization of auth and session attrs in some drivers https://review.openstack.org/201900	02:17
openstackgerrit	Merged stackforge/senlin: Add user/project/domain to policy objects https://review.openstack.org/202037	02:18
*** lpy has joined #senlin		02:25
*** lpy has left #senlin		02:26
*** mathspanda has joined #senlin		02:30
*** mathspanda has left #senlin		02:30
Qiming	sigh, this is shit: https://review.openstack.org/#/c/197161/	02:44
Yanyanhu	alarm is moved to another project?	02:45
Qiming	yes	02:46
Qiming	has anyone heard of that?	02:46
Yanyanhu	if the interface is not backward compatible, it's terrible	02:46
Yanyanhu	no...	02:47
Qiming	any discussion on the deprecation of the alarm support?	02:47
Qiming	it is removing the alarm support "cleanly" from ceilometer	02:47
Yanyanhu	...	02:47
Yanyanhu	it's insane...	02:48
Yanyanhu	a big problem for those users who rely on ceilometer to prvoide alarm trigger support	02:49
lixinhui_	what will senlin depend for alarm functions	02:51
Qiming	most policies are supposed to be triggered from things like ceilometer alarms	02:52
*** htruta_ has quit IRC		03:04
*** jruano has quit IRC		03:59
*** jruano has joined #senlin		03:59
lixinhui_	senlin engine can not work with oslo.utils 1.9.0?	04:42
lixinhui_	http://paste.openstack.org/show/379546/	04:42
openstackgerrit	Julio Ruano proposed stackforge/senlin: Add test case for Heat Stack Profile https://review.openstack.org/202382	04:47
*** Zhen has joined #senlin		05:24
*** Zhen is now known as Zhenqi		05:24
*** jruano has quit IRC		05:35
Yanyanhu	hi, lixinhui_, the engine works well with 1.9.0 oslo.utils in my local env	05:35
Qiming	I'm suffering from some problems regarding the pbr version change	05:36
Qiming	solving it by upgrading packages that are not pbr 1.3.0 friendly	05:37
Qiming	network is really bad: 1.8MB 2.7kB/s eta 0:17:08	05:40
Yanyanhu	em...	05:40
lixinhui_	seems not related to my past 379546	05:40
Qiming	it is not the same, but similar	05:49
Qiming	all caused by the recent changes to package version requirements	05:49
Qiming	I'm doing quite some package upgrades in hope the senlin-engine can be launched again	05:57
Yanyanhu	with pbr version == 1.3.0?	05:58
Qiming	yes	05:58
Qiming	quite some packages have to be upgraded	05:58
Yanyanhu	...so will this pbr version conflict problem be resolved completely, seems it influences many projects	05:59
Qiming	oslo.middleware, python-heatclient, sqlalchemy-migrate, netaddr, WebOb, oslo.config, oslo.i18n ...	05:59
Yanyanhu	... I'm still using old version pbr(0.11) to make engine work	06:00
Qiming	I'm trying things new, ;)	06:00
Yanyanhu	ok	06:00
Qiming	don't know whatelse is broken now	06:00
Qiming	we'll see	06:00
Qiming	okay, solved	06:02
Qiming	engine starts fine now	06:02
Qiming	so does api	06:02
lixinhui_	ha	06:02
lixinhui_	let me know your best practice	06:02
lixinhui_	btw, my engine still now work with pbr==0.11	06:02
lixinhui_	but oslo.utils an six already updated	06:03
Qiming	the good thing about the requirements.txt file is it tells you the lowest version you will need for each package	06:03
Qiming	but sometimes, a package update may influence almost all projects	06:03
Qiming	one of the examples was the migration from oslo.xxx to oslo_xxx namespace	06:04
Qiming	it caused a lot of pain across projects	06:04
Qiming	the bad thing about the requirements.txt file is you never know which version works best for you	06:04
Qiming	this is especially true when you are running some gate jobs	06:05
Qiming	the gate is always using some latest packages	06:05
Qiming	the best practices?	06:05
Qiming	reinstall devstack each time some package version is changed	06:05
Qiming	that is guaranteed to work, ;)	06:06
Qiming	that will be a huge pain, but it is how packages are tested, :(	06:07
Zhenqi	Hi Qiming	06:28
Qiming	yes	06:28
Zhenqi	I need to know how can I run a subset of tests using 'tox'?	06:28
Zhenqi	just a example	06:29
Qiming	well	06:31
Qiming	I will do this	06:31
Qiming	python -m testtools.run senlin.tests.test_cluster	06:31
Yanyanhu	hi, Qiming, did you know this project? 'Group based policy' https://wiki.openstack.org/wiki/GroupBasedPolicy	06:51
Qiming	yes	07:00
Qiming	it is neutron ?	07:00
Yanyanhu	yes, it's now in neutron's I think	07:01
Yanyanhu	seems a policy based network management framework	07:01
Yanyanhu	just looked around and saw it :)	07:01
Yanyanhu	I saw the 'policy' keyword	07:02
Qiming	yes	07:02
Qiming	it is mainly about packet forwarding rules I think	07:03
Yanyanhu	yes, guess so	07:03
Qiming	otter is more relevant to us, I think: https://github.com/rackerlabs/otter/tree/master	07:06
*** Tiancheng has joined #senlin		07:06
Yanyanhu	em, recalled you mentioned it before	07:07
Tiancheng	@lixinhui, hello~~	07:07
Yanyanhu	will spend some time on it	07:07
Qiming	don't need an @ here, ;)	07:08
Tiancheng	or say, @ does not make any difference...	07:08
Yanyanhu	hello, Tiancheng	07:08
Yanyanhu	;o	07:08
lixinhui_	hello, tiancheng	07:08
lixinhui_	qiming/yanyan, btw, is this correct? RequirementParseError: Expected version spec in qpid-python;python_version=='2.7' at ;python_version=='2.7'	07:09
lixinhui_	in requirement.txt	07:09
Qiming	that is a pbr error	07:09
Qiming	parsing that line, actually any line containing a environment constraint, requires pbr>1.3.0	07:10
lixinhui_	so, I need to upgrade it to 1.3.0?	07:10
Qiming	and pip 7.1.0	07:10
Yanyanhu	yes	07:10
Yanyanhu	so you may want to update you virtualenv package	07:11
Qiming	pip 7.1.0 requires virtualenv >= 13.1.0	07:11
Qiming	this wasn't mentioned anywhere I think, but "lifeless" told me so yesterday	07:11
Qiming	so ...	07:11
Qiming	you will do this:	07:11
Qiming	sudo pip install --upgrade pip <-- install pip 7.1.0	07:12
Qiming	sudo pip install virtualenv==13.1.0	07:12
Qiming	sudo pip install pbr==1.3.0	07:12
Qiming	then try the things you are working on	07:12
lixinhui_	okay let me try	07:13
Qiming	Yanyanhu, what are we storing in the webhook.credential field?	07:14
Qiming	auth_url and password?	07:14
Yanyanhu	Qiming, yes, and also user_id	07:15
Yanyanhu	'user' actually	07:15
Yanyanhu	or if user_name is provided, domain/project is also supposed to be there	07:15
Qiming	webhook.user is a duplication?	07:15
Yanyanhu	no, the user store in credential is supposed provided explicitly/implicitly when webhook is created	07:16
Yanyanhu	so it could be the same as the webhook.user	07:16
Yanyanhu	and maybe not in some cases	07:16
Yanyanhu	e.g. user A	07:16
Yanyanhu	create a webhook and supply a credential of user B	07:17
Yanyanhu	user info in credential will be used to do the action when webhook is triggered	07:17
Qiming	the URI to trigger a webhook will be something like this:	07:30
Qiming	http://<host>:8778/<tenant_id>/v1/webhooks/<webhook_id>/trigger?key=<keystring>&<param1>=<value1>	07:31
Qiming	?	07:31
Yanyanhu	Qiming, actually param field does not exist there	07:32
Yanyanhu	let me have a check	07:33
Yanyanhu	em, I was wrong	07:34
Yanyanhu	I think the operation of attaching params to the url is ommited in current implementation of Webhook.generate_url	07:36
Qiming	designed, but not implemented	07:36
Yanyanhu	yes	07:36
Qiming	ok	07:36
lixinhui_	have you guys met "cannot import thin" when $senlin XX	08:06
Qiming	no	08:06
*** lixinhui_ has quit IRC		08:12
Qiming	I did something stupid ...	08:15
Qiming	I removed all packages under /usr/lib/python2.7/site-packages/	08:16
Yanyanhu	...	08:16
Yanyanhu	how... using rm -rf...	08:17
Qiming	then I cannot do yum	08:17
Qiming	because yum is written in Python	08:17
Yanyanhu	yes...	08:17
Yanyanhu	you may need to install one from rpm	08:18
Qiming	the only thing I can do: download individual rpm packages required, and install them using rpm -ivh --force ...	08:18
Yanyanhu	seem so...	08:18
Yanyanhu	or you can install yum and pip and run stack.sh?	08:18
Yanyanhu	maybe all dependecies will be reinstalled	08:19
Qiming	you know what, I am more stupid than that	08:19
Qiming	no ... cannot do that	08:19
openstackgerrit	Yanyan Hu proposed stackforge/senlin: Test case for neutron_v2 driver(1) https://review.openstack.org/202433	08:19
Qiming	there are things called python-urlgrabber	08:20
Qiming	python-iniparser ...	08:20
Qiming	python-dateutils ....	08:20
Qiming	all rpm packages	08:20
Yanyanhu	...	08:21
Qiming	I'm using VirtualBox	08:22
Qiming	why didn't I start from a saved RHEL70 image?	08:22
Yanyanhu	oh, not your physical server	08:22
Qiming	yes	08:23
Qiming	I was copying files one by one .... sigh	08:23
Yanyanhu	yes, if it's a VM, you can reinstall the entire env I guess :)	08:23
Qiming	I have snapshots ...	08:23
Yanyanhu	nice	08:23
Qiming	I need some cigar ... something is wrong in my head ...	08:23
Yanyanhu	take a break	08:24
Yanyanhu	maybe you can ask Tiancheng together ;p	08:24
Tiancheng	someone mentioned my name?	08:28
Tiancheng	I need VirtualBox!	08:29
Tiancheng	tried to download twice while Symentec removed the downloaded file as soon as the download completed1	08:29
*** Zhenqi has quit IRC		08:30
*** Zhenqi has joined #senlin		08:37
Qiming	hoho	08:40
Qiming	you can buy one	08:40
*** lixinhui_ has joined #senlin		09:00
*** yonglihe has quit IRC		09:06
openstackgerrit	Qiming Teng proposed stackforge/python-senlinclient: Remove thin methods which is not used https://review.openstack.org/202450	09:11
Qiming	Yanyanhu, please review ^	09:12
Qiming	this is causing problems in the client side	09:12
Yanyanhu	Qiming, ok	09:14
Yanyanhu	have you solved the network problem :)	09:15
Qiming	no	09:16
Qiming	tried bing ....	09:16
Qiming	not useful at all	09:16
Yanyanhu	...	09:16
Qiming	the only thing I saw is that a million questions asked for the same problem	09:17
Qiming	there are links to redhat solutions	09:17
Yanyanhu	em, in this situation, google is the only useful way...	09:17
Qiming	and redhat demands for a subscription to read the answer	09:17
Qiming	okay solved	09:19
Qiming	the ifcfg-xxx file contains a HWADDR field, it doesnt match the MAC address ...	09:19
Yanyanhu	oh	09:20
*** Zhenqi has quit IRC		09:21
Yanyanhu	hi, Qiming, this patch resloved the problem about 'thin' lixinhui met https://review.openstack.org/#/c/202450/1	09:24
Yanyanhu	I think this change https://review.openstack.org/#/c/200822/1 has not been included in sdk's 0.4.1 release?	09:25
Tiancheng	one question about Keystone trust: assuming I am a user of Openstack, can i delegate my privilages of manipulating my VMs to some other users?	09:31
openstackgerrit	Merged stackforge/python-senlinclient: Remove thin methods which is not used https://review.openstack.org/202450	09:32
Yanyanhu	hi, Tiancheng, you can I think	09:35
Tiancheng	is it required that the two users belongs to the same tenant?	09:36
Yanyanhu	no, just need to ensure the project scope in trust is a subnet of the project scope of your own user	09:37
Yanyanhu	the subnet or the same scope	09:37
Yanyanhu	otherwise, the trust can't be created successfully	09:37
Yanyanhu	oh, sorry	09:38
Yanyanhu	this is for role	09:38
Yanyanhu	not for project	09:38
Yanyanhu	Tiancheng, you can specify a project when creating a trust, but it's optional	09:43
Tiancheng	so for short, a "trust" includes: (1) the trusted user and (2) a "scope"?	09:44
Yanyanhu	it is usually used with 'roles' parameter together to specify the scope of trust	09:44
Tiancheng	what is a role?	09:45
Yanyanhu	a user can have one or multiple roles in a single or several different projects	09:45
Yanyanhu	it is used to define what kind of action a user can do, and the constraints examination is usually done by policy check	09:46
Yanyanhu	and role is limited in scope of a single project	09:48
Yanyanhu	e.g. user A can have 'admin' role in project_1 and have 'member' role in project_2	09:48
Yanyanhu	so user can define the scope of a trust by specify the 'project_id' and 'roles' parameters. If so, the trustee will only be delegated the authorization in specified project with specified roles of the trustor	09:54
Yanyanhu	not sure how keystone implemented this :)	09:54
Yanyanhu	a doc about trust design in keystone v3 API https://github.com/openstack-attic/identity-api/blob/master/v3/src/markdown/identity-api-v3-os-trust-ext.md	09:57
*** Yanyanhu has quit IRC		10:06
openstackgerrit	Merged stackforge/senlin: Getting Started Doc (6) https://review.openstack.org/201009	10:20
*** Qiming has quit IRC		10:27
*** lixinhui_ has quit IRC		10:46
*** lixinhui_ has joined #senlin		10:51
*** Tiancheng has quit IRC		10:53
*** lixinhui_ has quit IRC		11:10
*** lixinhui_ has joined #senlin		11:12
*** Qiming has joined #senlin		11:30
*** lixinhui_ has quit IRC		11:37
*** lixinhui_ has joined #senlin		11:37
*** lixinhui_ has quit IRC		11:48
*** lixinhui_ has joined #senlin		11:57
openstackgerrit	Qiming Teng proposed stackforge/senlin: Revise devstack README.rst with new git repo https://review.openstack.org/202522	12:08
*** lixinhui_ has quit IRC		12:09
*** lixinhui_ has joined #senlin		12:10
*** jruano has joined #senlin		12:56
*** Tiancheng has joined #senlin		13:18
Qiming	Tiancheng, there?	13:29
Tiancheng	yes	13:29
Tiancheng	for now	13:29
Qiming	POST http:/sdfaf.asdfa/res?abc=def&efg=123	13:29
Tiancheng	you caught me just in time -- I might go offline in 5 mins otherwise	13:30
Qiming	how this looks to you?	13:30
Tiancheng	no idea what it is	13:30
Qiming	query strings usually used for GET	13:30
Tiancheng	POST supposes to create a new resource	13:30
Tiancheng	right. query changes nothing and it should use GET	13:31
Qiming	is it okay to use them for POST?	13:31
Qiming	....	13:31
Qiming	keep thinking	13:31
Qiming	you can go now	13:31
Tiancheng	well. if you just use it in that way, nobody will put you into prison. but from the API perspective, people will get confused	13:31
Tiancheng	any special reason to use POST, not GET for a query?	13:32
Qiming	to trigger an action	13:35
Tiancheng	to trigger an action, it is not a query...	13:41
Tiancheng	by "trigger an action", you will create a new "action" instance? or there is an "action" and you just kick its ass?	13:42
Tiancheng	if the first case, you should use POST; if the second, you should use PUT	13:42
Qiming	a new action	13:42
Tiancheng	then POST is good	13:42
Qiming	no ...	13:42
Tiancheng	but ...	13:43
Qiming	the url looks like this: http://{host:port}/v1/{tenant_id}/webhooks/{webhook_id}/trigger?key=$KEY	13:43
Tiancheng	what is "trigger"?	13:43
Qiming	a verb	13:43
Tiancheng	there should not be a "verb" -- the HTTP has already had verb	13:44
Qiming	HTTP is too naive	13:44
Qiming	you cannot express everything as just create/delete/update/list	13:44
Tiancheng	you can :)	13:45
Qiming	I want to trigger a webhook, exposed at URI ..../webhooks/{webhook_id}	13:45
Tiancheng	why not POST http://{host:port}/v1/{tenant_id}/webhooks/{webhook_id}/actions	13:45
Qiming	what would you suggest?	13:45
Qiming	no, actions are internal concepts	13:46
Tiancheng	then create a new actio	13:46
Tiancheng	so... what is webhook?	13:46
*** jdandrea has joined #senlin		13:46
Qiming	a webhook is just an abstraction of a tuple (user, object, action, params)	13:47
Qiming	it is just an URL	13:47
Tiancheng	no	13:47
Tiancheng	each URL should represent a resource or a collection of resources	13:47
Tiancheng	you are not properly defining the resource model	13:48
Qiming	that is why I was saying that it is too naive	13:48
Qiming	I know it is a problem, but if you conform strictly to the convention	13:48
Qiming	you will need something like: .../actions/	13:49
Qiming	you post things there in a json body	13:49
Tiancheng	normally.. I do this in the way that I pacakge a lot of things in the JSON body	13:50
Tiancheng	and, I use PUT	13:50
Tiancheng	another rest anti-pattern :P	13:51
Qiming	see this: http://192.168.3.51:8000/v1/signal/arn%3Aopenstack%3Aheat%3A%3Abf90981532444f91b70d3f58e9fd1b3d%3Astacks%2Fgnocchi2%2Fd65c891b-4543-4d1e-aa39-4d446ce4a3e8%2Fresources%2Fweb_server_scaleup_policy?Timestamp=2015-04-23T14%3A50%3A52Z&SignatureMethod=HmacSHA256&AWSAccessKeyId=2c7195e4a64140719131680bf8a96d4b&SignatureVersion=2&Signature=hbQCSYsjd2f9%2FeH1mKZpszI4ec20Ot0mVLBtCbkLpDU%3D	13:52
Qiming	this is a webhook in Heat, mimicing how Amazon does webhook	13:53
Tiancheng	see... you will have no idea what this URL means...	13:53
Qiming	signal is a "resource"	13:53
Qiming	you post an ARN/URN to that resource	13:54
Qiming	the object encoded in the ARN/URN will be signaled	13:54
Qiming	signal looks like a verb to me	13:54
Tiancheng	signal can be a resource	13:55
Tiancheng	you create a new signal and once it is created, it sends itself to someone	13:55
Qiming	ARN is a resource name, encoding a thing to be signaled, ;)	13:55
Tiancheng	anyway, no matter how ideal you are at the beginning, you can end up with some argly implementation -- that is the reality	13:57
Qiming	I was just trying to be not soooo anti-pattern	13:58
Qiming	so, back to the webhook triggering design	14:00
Tiancheng	headache... and 被老外放鸽子.. go to bed now	14:01
Qiming	POST http://{host:port}/v1/{tenant_id}/webhooks/{webhook_id}/actions	14:01
Tiancheng	talk to you tomorrow	14:01
Qiming	this is what you would suggest	14:01
Qiming	even the only "action" would be "trigger"	14:01
*** Tiancheng has quit IRC		14:05
*** lixinhui_ has quit IRC		14:31
*** Qiming has quit IRC		16:44
openstackgerrit	OpenStack Proposal Bot proposed stackforge/senlin: Updated from global requirements https://review.openstack.org/202709	17:08
*** htruta_ has joined #senlin		17:46
*** htruta_ has left #senlin		18:11
*** jruano has quit IRC		22:04
*** jruano has joined #senlin		22:08
openstackgerrit	OpenStack Proposal Bot proposed stackforge/senlin: Updated from global requirements https://review.openstack.org/202709	23:22

Generated by irclog2html.py 2.14.0 by Marius Gedminas - find it at mg.pov.lt!