20:00:00 <robcresswell> #startmeeting horizon 20:00:01 <openstack> Meeting started Wed Aug 24 20:00:00 2016 UTC and is due to finish in 60 minutes. The chair is robcresswell. Information about MeetBot at http://wiki.debian.org/MeetBot. 20:00:02 <openstack> Useful Commands: #action #agreed #help #info #idea #link #topic #startvote. 20:00:04 <openstack> The meeting name has been set to 'horizon' 20:00:37 <robcresswell> Anyone around for Horizon meeting? 20:00:38 <TravT> o/ 20:00:50 <lcastell> o/ 20:02:00 <robcresswell> Lets get started 20:02:15 <robcresswell> #topic Notices 20:02:34 <robcresswell> #info Feature Freeze tomorrow! (2016-08-25) 20:02:45 <robcresswell> I've started blocking feature patches 20:03:00 <robcresswell> currently all that is open is images, filtering, and django 1.10 compatibility. 20:03:36 <robcresswell> Just to see where they can get to in the next 24 hours or so 20:03:36 <robcresswell> If anyone would like to apply for an FFE (Feature Freeze Exception) please send an email to the dev mailer for discussion. 20:04:26 <david-lyle> o/ 20:04:29 <robcresswell> For those going through the release cycle for the first time, we now freeze all feature work and fix bugs until Newton release. 20:04:43 <robcresswell> #link https://releases.openstack.org/newton/schedule.html 20:04:54 <tsufiev> o/ 20:04:56 <robcresswell> There are a couple of important dates to keep in mind 20:06:02 <robcresswell> Soft string freeze is the week after feature freeze, with hard string freeze two weeks after that 20:06:14 <robcresswell> This is especially important in Horizon given the volume of translatable strings 20:06:33 <robcresswell> Please keep this in mind when modifying strings in bugfixes (both contributors and reviewers) 20:06:58 <lcastell> quiet room today... 20:07:28 <robcresswell> RC1 target is September 15th, so thats our next major milestone. 20:07:36 <robcresswell> lcastell: Well, I'm just talk at people right now :) 20:07:41 <robcresswell> talking* 20:07:50 <robcresswell> Any questions? 20:08:22 <robcresswell> #topic Agenda 20:08:32 <robcresswell> #link https://wiki.openstack.org/wiki/Meetings/Horizon#Agenda_for_2016-08-24 20:08:52 <robcresswell> #topic Passthrough API 20:08:57 <robcresswell> TravT: o/ 20:09:01 <TravT> yep 20:09:02 <TravT> so, 20:09:15 <TravT> tyr is working on the designate panel for newton 20:09:28 <TravT> it is being converted to v2 designate (v1 is deprecated) 20:09:34 <TravT> and it is angular 20:10:03 <TravT> he found that the horizon python layers aren't providing him value right now 20:10:38 <TravT> services that use CORS now can get the token from horizon 20:10:46 <TravT> this was put in by kevin fox 20:10:50 <TravT> and discussed on the mailing list 20:11:09 <TravT> which allows the client side to form API requests and talk directly to the service. 20:11:14 <TravT> if CORS is enabled 20:11:26 <ducttape_> if not, it proxies via horizon ? 20:11:40 <TravT> great lead in ducttape_ 20:11:52 <TravT> if CORS is not enabled, they'd have to still go through horizon 20:12:16 <TravT> and this patch allows that to happen without a bunch of massaging 20:12:23 <tsufiev> TravT: the Horizon wrappers still do things like version negotiation 20:12:31 <TravT> that's true and is fine 20:12:37 <tsufiev> like in case of Glance v1/v2 20:12:39 <TravT> but in this case, we don't care or use those. 20:12:59 <ducttape_> all the logic is in js, sounds like, including version switches 20:13:13 <TravT> the horizon wrapper layers are their own layers of indirection 20:13:42 <TravT> for new panels or code that prefers to send api requests formulated by the JS code 20:13:55 <TravT> the horizon wrapper code just means double the work 20:14:01 <TravT> if CORS is enabled vs not enabled 20:14:52 <TravT> so, this is proposing to put this patch in. 20:15:09 <tsufiev> To me it Seems like clientside horizon needs to be split from its server counterpatt 20:15:11 <TravT> it won't force glance v1 /v2 cinder v.x to move to it 20:15:16 <ducttape_> the patch is a api passthrough, then 20:15:28 <TravT> but for plugins that do want the ability to passthrough, they can use this. 20:15:36 <TravT> instead of implementing it on their own. 20:16:06 <ducttape_> tsufiev: - the move is to eliminate horizon server side, it would seem 20:16:14 <tsufiev> ducttape_: yes 20:16:15 <ducttape_> just a small passthrough 20:16:21 <tsufiev> In the long term 20:16:41 <TravT> i suspect that is a very long term. 20:16:55 <tsufiev> I was looking in a future too far, maybe :) 20:17:11 <robcresswell> it seems sensible to me 20:17:26 <robcresswell> the patch itself is ~200 lines 20:17:51 <tsufiev> Will look into it this week 20:17:52 <ducttape_> the passthrough is all services? or just for designate 20:18:00 <TravT> that's a good question. 20:18:03 <TravT> one i've pondered 20:18:26 <TravT> so this one would allow passthrough to any service 20:18:38 <ducttape_> if it's all services, then you could just split all the python code out 20:18:52 <ducttape_> most I mean 20:18:56 <robcresswell> #link https://review.openstack.org/#/c/357600 20:19:20 <TravT> if security is a concern, possibly it could be agumented to force base url passthrough to a specific service's public endpoint and only enabled services via config could be "passed through" 20:20:00 <david-lyle> so we're becoming an open attach vector? 20:20:24 <ducttape_> there are a couple of things to figure out / more detail I'd think 20:21:03 <TravT> i think we'd probably have to do something like the above. 20:21:05 <ducttape_> like public_url might not be appropriate, does horizon have some responsiblity to do policy enforcement etc 20:21:39 <TravT> client side API requests already have policy checks when required. 20:21:53 <TravT> policy is sprinkled around 20:21:55 <robcresswell> I dont know that it would affect policy, since most of that is done in the UI, not the API layer 20:22:02 <TravT> so, "horizon" is really whoever writes the code 20:22:03 <david-lyle> you're basically passing any request to any url from an internal network 20:22:15 <TravT> david-lyle: yes, that is why i brought that up 20:22:31 <ducttape_> right, and policy is missing in this case 20:22:36 <TravT> i'm not saying this should go in as-is. but bringing up the concept 20:22:44 <ducttape_> policy on the client means very little, in this case 20:23:02 <TravT> you will note 20:23:03 <ducttape_> yep, we are just floating ideas 20:23:05 <TravT> line 71 here 20:23:06 <TravT> https://review.openstack.org/#/c/357600/7/openstack_dashboard/api/rest/passthrough.py 20:23:21 <TravT> it already is doing some base url lookup 20:23:22 <david-lyle> TravT, ok, multistreaming ,so missing bits 20:23:39 <TravT> but configuring which services can be allowed access is not in here 20:23:56 <ducttape_> TravT - you will want the url type to be configurable 20:24:03 <TravT> ducttape_: agreed 20:24:04 <ducttape_> do not assume public url 20:25:14 <TravT> seems like it would need some dict setting mapping service requested to a policy and to the endpoint type 20:25:17 <robcresswell> I don't have a problem with the concept. A lot of the REST APIs are basically just passing data through multiple python functions 20:26:55 <TravT> basically, if this goes into horizon this release, the designate panel being released will use it 20:26:59 <ducttape_> should you do token validation too for each call? 20:27:14 <robcresswell> This release? 20:27:34 <ducttape_> just to filter out tokens that are no longer valid, that is / filter out junk without impacting services 20:27:45 <TravT> so, i need to actually read through the patch further myself. 20:27:50 <TravT> i'm just representing the concept 20:28:28 <robcresswell> I don't think we should be looking to do this for this release. The initial patch went up 4 days ago, and there's a lot of questions 20:28:36 <TravT> for searchlight we already do this, but just for searchlight. it is in the searchlight plugin 20:29:03 <robcresswell> Plus, the API layers are a bit verbose, but as far as I can tell other than it being a couple hundred lines of code its not a big problem. 20:29:43 <TravT> this will mean that the new designate panel will have a version of this patch, but just for designate. 20:29:44 <TravT> FYI 20:29:57 <TravT> inside of its plugin 20:30:46 <robcresswell> Yeah, thats fine with me. I don't have any desire to jump this to the top of the pile. Its useful, but its really just a code cleanup rather than bug fix or performance enhancement, from what I can see. 20:31:32 <TravT> well, it would be good to get eyes on it and feedback. like ducttape_'s policy concern 20:31:43 <robcresswell> Sure 20:32:45 <robcresswell> Ready to move on? 20:33:02 <TravT> i don't have much more to say now. tyr is out today, but if he really thinks we need it this release he'll follow up. 20:33:16 <robcresswell> Cool, sounds good 20:33:26 <robcresswell> thanks for raising that TravT 20:34:05 <robcresswell> #topic Summit Session Planning 20:34:33 <robcresswell> So the summit room planning is underway 20:35:11 <robcresswell> Everyone has been asked to reduce room ask, as its a 4 day summit and the tent continues to be bigger 20:35:34 * ducttape_ wonders when we started having meetings in tents 20:35:42 <tsufiev> lol 20:35:54 <robcresswell> For reference, last cycle we had 1 fishbowl, 7 working room sessions, and the contrib meetup 20:36:11 <tsufiev> digital nomads, digital tents 20:36:20 <robcresswell> I was considering a 1fb, 5wr, and the contributor meetup as a reasonable request. 20:37:00 <robcresswell> My feeling being that priorities seem relatively clear, and that we don't need that many working sessions to debate what to solve. 20:37:11 <robcresswell> Any thoughts? 20:37:35 <david-lyle> I would vote for less than past for sure 20:37:58 <david-lyle> maybe not even 5 wr? 20:38:12 <robcresswell> On another note, if anyone is considering standing for PTL, please ping me so that I can forward the summit planning emails on to include you :) 20:38:31 <ducttape_> I nominate david-lyle 20:38:34 <ducttape_> ;) 20:38:39 <tsufiev> :) 20:38:47 * david-lyle runs screaming 20:39:00 <TravT> robcresswell are you implying that you may not? 20:39:10 <david-lyle> but robcresswell should totally still do it, it's really its own reward 20:39:12 * ducttape_ doesn't like david-lyle, looking for punishment 20:39:27 <robcresswell> david-lyle: Yeah, the working rooms is the bit I'm most uncertain about. I'd like to keep the meetup and use fishbowl for feedback session again. 20:39:50 <robcresswell> TravT: I'm planning on standing again, but I'd like to keep it open. 20:39:57 <TravT> the contributors meetup has a max of 1/2 day this time 20:40:00 <TravT> i believe. 20:40:25 <ducttape_> agree w working room stuff. those are fluid things that happen anywhere 20:40:28 <robcresswell> Yep, it does. We had a half day last time too. 20:40:32 <clarkb> TravT: that is correct. the second half of friday, the first half is sessions 20:41:11 <robcresswell> I'll request 5 and add a note that we can be flexible if another project has greater demand. 20:42:13 <robcresswell> #topic Open Discussion 20:42:59 <robcresswell> If anyone has any general queries, bugs, terrible dad-jokes (ducttape_) , fire away 20:43:05 <robcresswell> :) 20:43:14 <ducttape_> quotas are almost less terrible again 20:43:21 <tsufiev> TravT: since today you're on behalf of tyr, could you please ask him to review a patch on behalf of us )? 20:43:38 <tsufiev> https://review.openstack.org/#/c/359850/ 20:43:40 <TravT> sure 20:44:18 <ducttape_> I had another feature idea, around instant grant access to project, and switch to that project 20:44:33 <tsufiev> Seems i fixed weird things taht kzaitsev_mb was experiencing, but still don't understand why 20:44:35 <ducttape_> would help us out, I see it as generally useful to operators 20:45:03 <robcresswell> yeah, we need tyr and hurgleburgler to look at that patch 20:45:14 <tsufiev> ducttape_: we're currently discussing an idea to push qouta limits to keystone 20:45:24 <robcresswell> I'm not convinved entirely by just shifting that theme key around. It seems like it might be fixing the symptoms, not the cause. 20:45:31 <tsufiev> (yet internally) 20:45:49 <ducttape_> tsufiev: that will take years to work out. I need stuff 6 months ago 20:46:44 <tsufiev> duly noted 20:47:23 <ducttape_> redoing where quotas live would be a huge migration, I'm skeptical at best 20:47:31 <tsufiev> robcresswell: the cause is that don't understand django-compressor well enough ;p 20:48:16 <tsufiev> i mean, all we except hurgleburgler and tyr 20:48:22 <robcresswell> tsufiev: Yes. I'll have a go recreating that bug tomorrow, didnt manage attempt no. 3 today 20:48:29 <kzaitsev_mb> tsufiev: the issue does not reproduce if you use offline compression, since THEME var would be set then 20:48:39 <kzaitsev_mb> and devstack hardcodes offline compression 20:48:53 <kzaitsev_mb> so we never saw the bug in any of our dsvm tests 20:49:03 <robcresswell> kzaitsev_mb: I run with compression off in dev all the time 20:49:14 <tsufiev> That's still a mystery to me, kzaitsev_mb 20:49:15 <robcresswell> kzaitsev_mb: Still haven't seen it 20:49:33 <robcresswell> I dont understand why that would alter the presence of that key anyway 20:50:13 <kzaitsev_mb> well, honestly I'm devising that from hurgleburgler's comment on offline compression and my quick test with it 20:50:36 <tsufiev> ducttape_: the proposal to move quota limits originated during discussing how to implement domain quotas 20:50:53 <tsufiev> Keystone seemed quite a logical place for it 20:51:05 <ducttape_> sure, but it's an idea that doesn't have a large team signed up for it, migration, etc 20:51:19 <ducttape_> it seems like it is just idea phase 20:51:27 <tsufiev> yeah 20:51:29 <ducttape_> and thats fine, but I need to run stuff right now 20:51:47 <ducttape_> which has been broken for a while, or at least not quite right 20:51:50 <tsufiev> quota suicide squad ;) 20:52:16 <ducttape_> I'd rather watch that movie than work on quotas, which is a sad statement 20:52:34 <tsufiev> it's not such bad ;) 20:53:14 <robcresswell> ducttape_: Are there specific patches you're referring to right now? I know there's a couple bouncing around, but wasnt sure any were at the ready to go phase. 20:53:15 <ducttape_> anyone grok my instance project switcher idea ? 20:53:55 <ducttape_> https://review.openstack.org/#/c/309204/ is the orig quotas patch, which we need, but it seems like we need to redo all the quotas first 20:54:12 <ducttape_> that is the patch I need, not the we in the room 20:54:55 <robcresswell> I see 20:55:05 <kzaitsev_mb> robcresswell: if you want, I can write a short shell script, that reproduces the error for me on clean checkout 20:55:12 <kzaitsev_mb> also sorry for hijacking the meeting 20:55:16 <robcresswell> So, we have small improvement vs total rewrite 20:55:29 <robcresswell> kzaitsev_mb: I think tsufiev posted his steps earlier, so I can use those 20:55:30 <tsufiev> it's like throwing a man into space - you need more than just a man in a spacesuit, ducttape_ ;) 20:55:36 <ducttape_> no worries kzaitsev_mb, I bet this issue is real. compressor stuff needs more docs / understanding 20:56:56 <tsufiev> robcresswell: small improvement featurewise vs degradation of a codebase 20:57:45 <tsufiev> not mentioning that this part had degraded years ago 20:57:57 <ducttape_> was it ever really great, then ? 20:58:06 <robcresswell> make-quotas-great-once 20:58:40 <tsufiev> Maybe, it was - when it was in 'an idea phase' :) 20:58:48 <robcresswell> I dont think we should be piling on to poor code. Its asking for trouble. 20:58:59 <ducttape_> k. I'm kinda excited about this project switcher thing. will take it into horizon room / almost out of time 20:59:23 <robcresswell> I'd rather we hold feature development and fix/rewrite than just keep adding small features in an unmaintainable way 20:59:42 <robcresswell> We're at time, lets continue in #openstack-horizon 20:59:46 <robcresswell> thanks everyone! 20:59:56 <robcresswell> #endmeeting