20:01:53 #startmeeting kolla 20:01:53 Meeting started Mon Oct 6 20:01:53 2014 UTC and is due to finish in 60 minutes. The chair is sdake_. Information about MeetBot at http://wiki.debian.org/MeetBot. 20:01:55 Useful Commands: #action #agreed #help #info #idea #link #topic #startvote. 20:01:57 The meeting name has been set to 'kolla' 20:02:06 howdy \o/ 20:02:14 #topic rollcall 20:02:14 heyy 20:02:15 o/ 20:02:21 o/ 20:02:22 hi 20:02:25 hello 20:02:28 /thumbs 20:02:33 hi 20:02:37 o/ 20:02:38 howdy \o/ 20:02:54 #topic agenda 20:02:55 hi (lurking) 20:03:02 * stevebaker lurks 20:03:03 https://wiki.openstack.org/wiki/Meetings/Kolla#Agenda_for_next_meeting 20:03:13 anyone interested in adding any agenda items? 20:03:33 * fvollero looks at imcleod suspiciously 20:03:36 * SpamapS reads 20:03:59 * SpamapS nods no 20:04:05 ok 20:04:11 #topic Release cycle discussion 20:04:27 I have a proposal for our release cycle based upon my experiences with early days of Heat 20:04:44 What I'd like to do is have a milestone 1 and milestone 2 where we implement in a somewhat hacky fashion most of the functionality 20:04:47 Here! 20:04:52 howdy larsks 20:04:58 larsks: howdy! 20:05:01 milestone1 = Oct 17th (2 weeks out) 20:05:09 milestone 2 = Oct 31 (4 weeks out) 20:05:18 so 2 2 week dev cycles 20:05:24 then 3 1 month dev cycles 20:05:30 then enter the integrated release 20:05:41 (so 6 month cycles from that point forward) 20:05:51 sdake_: Have you given anyt hought to the swift model .. release more often and try very hard to never break an API? 20:06:11 SpamapS I like that model actually :) 20:06:18 but we will break the api early 20:06:28 I was thinking the integrated release will be when we freeze the api 20:06:38 but I'm not totally clear on the best approach 20:06:45 I'd just like to get a couple early releases out 20:06:47 Oh I'd call that 1.0 then. :) 20:06:51 I find this helpful to set stakes in the ground :) 20:06:57 0.xx == we might break the API 20:07:12 (Or even sdakes in the ground) 20:07:23 * sdake_ has been called steak before :) 20:07:26 :) 20:07:36 SpamapS that approach wfm 20:07:54 also It's looking more like there may not be an integrated release beyond the very tight core projects. 20:08:16 SpamapS ok that makes sense 20:08:22 well, lets do this 20:08:30 Lets shoot for 2 milestones with 2 week windows 20:08:33 and then revisit the topic? 20:08:45 /whois portante 20:08:53 busted. ;) 20:08:57 * sdake_ rofls 20:09:04 peter portante, works/worked on openstack swift 20:09:04 yep :) 20:09:12 sdake_: That sounds fine. 20:09:28 I work at Red Hat with rook 20:09:29 portante: yeah, wanna check before saying something stupid :) 20:09:32 ok cool, if there are no objections then we will proceed with the 17th as our milestone release 1 20:09:32 * SpamapS will support what the group decides, is just here to learn and interject at times. :) 20:09:47 I agree with the 2 wk cycles then revisit. 20:10:00 cool sounds like we have a winner :) 20:10:06 #topic multi-dev workflow 20:10:19 larsks can you give us a description of the multi-dev workflow 20:10:25 Sure. 20:10:39 The build scripts that recently landed will, by default, push to a docker tag based on your current commit id. 20:10:56 This helps to prevent stomping on someone else's images (but does not completely prevent it) 20:11:05 and it also prevents accidentally stomping on the release images. 20:11:18 The build scripts can be configured locally so that, e.g., you always build into your own namespace instead. 20:11:24 And always to, e.g., the "latest" tag. 20:11:40 There is a --release option that must be used when building to the kollaglue namespace with the "latest" tag. 20:11:45 That's it in a nutshell. 20:11:52 the cool thing about all this is we dont have to add a million people to the kolla upstream org in docker.io 20:12:10 iirc there is documentation 20:12:23 sdake_: Yes, in docs/image-building.md 20:12:35 cool, so devs, I'd recommend reading through that 20:12:40 it should take 5-10 minutes 20:12:45 And yell at me if something is broken. 20:12:59 any questions? 20:13:07 sdake_: what about the environment ? 20:13:25 fvollerro I dont understand the Q 20:13:35 which environment specifically? 20:14:07 larsks can you link the heat-kube repo with #link? 20:14:09 sdake_: yeah, sorry, dev environment, we need to be aligned, pinned to a min specific version of docker ? 20:14:24 #link https://github.com/larsks/heat-kubernetes 20:14:34 fvollero check that out 20:14:51 any other QS? 20:15:13 fvollero: that link is not going to answer your question...but I don't think we're sensitive to docker version, at least as far as building goes. 20:15:14 larsks: sdake : thanks a bunch 20:15:22 cool 20:15:25 #topic crux 20:15:31 * larsks hides. 20:15:37 robot where are you 20:15:42 #topic crux 20:15:58 mind giving a rundown of crux larsks 20:16:01 Sure. 20:16:40 So, we need a way to create keystone users, tenants, services, endpoints, etc. It needs to be idempotent, so that restarting a container does not blow up. And it should not require a lot of extraneous shell script logic to make it work. 20:16:59 I dusted off some code at wrote at my last job that handles this sort of thing for users, and expanded it to handle services and endpoints, too. 20:17:18 You can say, "user-create -n lars -t myproject -p secret -r admin", and it will: 20:17:23 - create the myproject tenant, if necessary 20:17:23 larsks: there's a _ton_ of code in tripleo-image-elements and/or os-cloud-config that does this... 20:17:29 - create the "admin" role, if necessary, 20:17:35 - create the "lars" user, if necessary 20:17:41 - assign the role, if necessary 20:17:52 I looked at the os-cloud-config stuff, and it looked like an unnecessarily big hammer. 20:17:53 SpamapS I think there is general agreement we want to replace this with os-cloud-config in milesxtone 2 20:17:59 I'm not sure. 20:18:07 It's possible I didn't looked closely enough. 20:18:21 the cool thing about os-cloud-config is it has all the magic 20:18:23 If someone wants to put together a demo that uses os-cloud-config instead, that would be a useful comparison. 20:18:24 larsks: perhaps the hammer got that big because tripleo has found the larger spikes deeper in.. ;) 20:18:36 SpamapS: Maybe, but we might not have the same issues. 20:18:45 Anyway, like I said, if someone can put together a demo that would help. 20:19:07 In the meantime, I would like to advocate for approving my changes for now, because it will really simplify things in the short term. 20:19:09 doesn't have to be a demo, patch would ge thte job done 20:19:19 We can always wipe it out in favor of something eles down the road. 20:19:26 ya if we can get some reviews on that change, it would be appreciated 20:19:42 Is there a way to see "all pending changes for the kolla project"? 20:19:43 larsks do you have a link to the review 20:19:51 larsks you can click watched projects 20:19:58 and add kolla to your watched projects 20:19:58 Indeed, just pointing out that the need for an API bootstrap is not exactly new nor is it poorly handled in the existing code base. 20:20:13 here is that review: https://github.com/larsks/heat-kubernetes 20:20:16 Whoops. 20:20:19 I meant: https://review.openstack.org/#/c/126067/ 20:20:23 SpamapS my approach is fast and furious with lots of mistakes early on :) 20:20:27 Stoopid multiple clipboards. 20:20:33 I'd like to tidy these sorts of issues up though over time 20:20:38 like after each milestone 20:20:39 sdake_: perhaps you can avoid _a few_ of the mistakes that we already made? 20:20:45 agree 20:20:50 it was just a joke :) 20:21:01 vin diesel reference 20:21:10 ha 20:21:21 I'm pretty sure this particular part will "just work" as long as you have OpenStack API's. :) 20:21:57 SpamapS: Write us a demo! I stopped looking at os-cloud-config when it started trying to ssh places on me... 20:22:01 so if we could get some reviews on 126067 it would be appreicated 20:22:09 ...but I new that I already had some code handy that did this. 20:22:30 If you can replace "crux" in that review with "os-cloud-config" with the same or similar semantics, I am all for it. 20:22:30 well here is my take 20:22:33 larsks: how does the current code initialize keystone's admin token and PKI? 20:22:35 larsks already has a patch ready to go 20:22:48 we fcan nuke it in milestone 2 20:22:58 and switch to os-*-* 20:23:09 SpamapS does that approach work for you? 20:23:11 SpamapS: admin_token is set via an environment variable right now, since it needs to be shared across containers. 20:23:27 Oh hey no don't stop for this. I am a big fan of set based design. I just want to make sure os-cloud-config isn't completely left behind because of a misunderstanding. 20:23:32 SpamapS: PKI is initialized using the PoC setup-pki-script, whatever it is called. 20:24:01 larsks: ok, admin token works the same in the current code, and the SSH in is just to setup the PKI. 20:24:02 SpamapS cool sounds like we are all in violent agreement then that os-cloud-config needs more analysis from the core team 20:24:19 by more, I mean some :) 20:24:36 larsks: let's compare notes after the meeting 20:24:41 any Qs? 20:24:41 or after the milestone 20:24:44 whichever you choose. :) 20:24:54 SpamapS: Either! But not right after the meeting, because I will be commuting. 20:25:09 #topic milestone #1 blueprints 20:25:24 #link https://blueprints.launchpad.net/kolla/milestone-1 20:25:37 I believe this is the minimum set of features we want for milesetone 1 20:25:50 we can possibly drop heat and neutron if we want to hit the 17th and those aren't going to make it 20:25:58 would folks open that up in their browser? 20:26:09 sdake_: "keystone" is missing I think. 20:26:14 Ooops. 20:26:15 nEver mind. 20:26:38 so 3 days of dev - 2 implements blueprints 20:26:39 Should "glance" be essential rather than "high"? We won't be able to boot into a nova container with it... 20:26:40 \o/ 20:26:42 moving fast!@ 20:27:05 larsks just changed to essential 20:27:35 I'd like to go through each of the blueprints and get a status report if possible 20:27:42 hi there, I added a new blueprint to containerize Barbican: https://blueprints.launchpad.net/kolla/+spec/kube-barbican-container 20:27:44 radez any word on kube-glance-container? 20:27:55 sdake_: I'd like to update on that, actually. 20:28:12 tsv sounds good I'll prioritize after meeting 20:28:12 sdake_: I have working mariadb/keystone/glance as part of the work I was doing with the haproxy stuff. 20:28:13 yea larsks did some work... 20:28:26 I fixed a bunch of stuff in the glance container as part of that, since I needed it working to test keystone integration. 20:28:26 sdake_, thanks! 20:29:06 I have a series of patches to land if folks are happy with the haproxy idea I floated on the mailing list. 20:29:15 larsks cool so there are just some patches that need reviews? 20:29:49 There may be, pending response on that haproxy topic. There are some pending reviews right now that probably need to land first. 20:30:03 cool 20:30:09 sdake_: I have a neutron container running the API here #link https://github.com/danehans/docker-neutron-server I am working on building my kolla dev environmnt and porting over the work from my docker-neutron-server repo. 20:30:24 #action core team to review kolla patch queue to unblock glance 20:30:42 daneyon nice! 20:30:47 you want to take that blueprint then? 20:31:17 sdake_, I already gave it to him 20:31:24 nice! 20:31:32 libvirt 20:31:35 in progress 20:31:38 just started 20:31:42 goign to be painful 20:31:56 sdake_, where you going to do nova-compute? 20:32:00 were* 20:32:05 rhallisey mind giving us an update on nova-controller? 20:32:10 yes I'm doing nova compute and libvirt 20:32:13 ok cool 20:32:32 just in progress, did a bunch of setup stuff over the weekend 20:32:36 sdake_: I think it will be difficult to get the other neutron services containerized by release. When I started looking at containerizing neutron agents, it appears that we will need to leverage pipework to support multiple interfaces needed by neutron-openvswitch-agent. 20:32:57 daneyon you mean by the 17th? 20:33:22 daneyon: agreed. using pipework is probably a non-started; we probably need kubernetes to support network interface provisioning. 20:33:40 sounds like neutron just isn't going to make milestone 1 20:33:49 perhaps I should just bounce to milestone 2? 20:33:49 sdake_: Yes. I have yet to do much of anything with pipework. 20:34:23 ok i moved to milestone 2 20:34:45 * larsks has to take off shortly for kid transportation reasons. 20:35:03 kube-rabbitmq-container 20:35:18 jlabocki any status? 20:35:35 sdake_: I can help out with that one if jlabocki is busy. 20:35:46 larsks I think jpeeler is goign to tackle that 20:35:51 sdake_: Awesome. 20:35:53 if jlabocki is busy 20:35:58 yes! 20:36:03 sdake: larks: that would appreciated 20:36:08 cool go ahead and assing yourself jpeeler 20:36:29 larsks can I change image-dev-workflow to "Needs Code Review"? 20:37:32 chmouel around? 20:37:41 json-validate-gate 20:38:22 ok well I'll try to catch up with chmouel later and see where the json gate work is 20:38:35 sounds like we are in really good shape - biggest problem atm is long review queue 20:38:45 and nova needs implementation work 20:39:10 #topic milestone 1 bugs 20:39:21 #link https://bugs.launchpad.net/kolla/milestone-1 20:39:49 sdake_: sure. 20:39:56 sdake_: re: needs code review 20:40:06 these need triaging, so I'll go ahead and triage after meeting 20:40:15 #action sdake to triage m1 bugs 20:40:28 I think these aer eall fixed btw 20:40:41 anyone run into bugs not in the launchpad tracker? 20:40:49 547064 20:40:57 If so, could folks _please_ submit bug reports in the launchpad tracker? 20:41:06 will do 20:41:29 #topic mordred's DIB docker container work 20:41:35 mordred happen to be ar ound? 20:41:40 sdake_: I have to run off. I will review backlog later this evening. 20:41:47 larsks sounds good thanks! 20:42:18 SpamapS do you know what Mordred has in mind here? Was hoping to give an info sharing going 20:42:51 what did I do? 20:43:04 oh - so, real quick 20:43:05 mordred your WIP patch 20:43:23 the idea is that the underlying engine/mechanism inside of dib be docker instead of a chroot 20:43:45 this gets decent isolatino - and also means that if all you want is a docker container, you can just stop before making cloud images 20:44:14 but then, if you want a qcow or somethign else, the additinoal step to export the tarball from docker and turn it into a qcow is easy to wrap the brain around 20:44:21 nice potential benefits are: 20:44:33 - take advantage of docker hubs being able to slurp image bits around 20:44:49 - use the composability of dib elements to put together docker containers 20:45:09 - less running of sudo while making an image 20:45:26 in fact, sudo access is no longer needed for anything other than docker to qcow conversion 20:45:39 how's that fora quick summary? 20:45:44 nice 20:45:58 less sudo would be fantastic. 20:46:01 most of the guts are done - I need to incorporate the static files patch I hadn't noticed 20:46:02 I think you missed our early milestone approach - s o we are targeting m12 for oct 17, m2 for oct 31 20:46:09 maybe this is something we can investigate in milestone 2 dev 20:46:11 and I need to rewrite almost every extra-data.d script in elements 20:46:26 mordred sounds like fun :) 20:46:26 sounds to me like this is something to look at "when it is ready" 20:46:33 fwiw, I could almost certainly get it done by oct17 20:46:35 SpamapS sounds good 20:46:36 it's really not that far off 20:46:43 but I do agree - "when it's ready" is the right time 20:46:45 it has benefits outside kolla too 20:46:45 ya we just can't use it by oct 17 20:46:50 cool 20:47:03 SpamapS: ++ 20:47:17 I imagine it will have benefits both in and out of openstack - or at least I hope it will 20:47:18 though it might mean we can't build images on RHEL5 20:47:24 meh 20:47:26 * SpamapS REALLY hopes people get that joke. 20:47:26 * mordred don't care 20:47:35 * mordred throws wet joke at SpamapS 20:47:44 * SpamapS squishes 20:47:49 ;-) 20:47:49 What about using Packer for building images? 20:47:58 got a link to pacvker? 20:48:09 so many tools :) 20:48:11 #link http://www.packer.io/ 20:48:23 honestly, last time I looked at packer I got hives 20:48:27 but that's not a real reason 20:49:00 #topic Open Discussion 20:49:00 oh - I rmemeber now 20:49:05 Ok folks, time for open discussion 20:49:14 packer follows the model that we just moved _away_ from in infra 20:49:27 which is spinning up a cloud instance and then remote connecting to it to run commands inside of it 20:50:06 sdake_: open question: is there a plan for how to update a Kolla installation? 20:50:13 mordred: because ... ? 20:50:18 kill container 20:50:20 start container 20:50:26 you just updated 20:50:45 that's mechanical and manual, is there no automated update? 20:50:53 oh it will be automated imo 20:51:06 by kill container , I mean write data to the kube rest api 20:51:49 one way it could work is scan containers on a 5 minute interval - if new update, t hen kill/start 20:52:10 and what about things like, you need to run a db migration somewhere in there, or update in a particular order? 20:52:17 when you start a container in kube, if there is an update in the docker registry, it pulls the latest bits down 20:52:27 I'm getting at -> tripleo-ansible :) 20:52:30 ordering updates is a challenge 20:52:38 db migration should be easy 20:52:39 how about using etcd for that ? 20:52:47 etcd is part of kubernetes 20:53:04 yes, so why can't that be used to know when to update ? 20:53:06 tsv yes, the rest api I am talking about is either etcd or kubernetes's mapping on etcd 20:53:15 ah ok. thanks 20:53:58 Not sure I'd say db migration is easy 20:54:10 maybe not 20:54:15 Nova, for instance, requires that you update the conductor, then run it, then update everything else. 20:54:18 we have a general problem atm that data is not persistent 20:54:25 kubernetes guys working on this problem 20:54:27 why did infra move away from the model that packer is using, and how is tripleo-ansible different? 20:54:29 it is their #1 issue atm 20:54:58 tsv: knowing when to update is pretty easy. Knowing how to update is a workflow control problem and we're solving it in tripleo-ansible already.. so I was wondering if we can just insert awareness in all of your minds that it exists. :) 20:55:16 mspreitz: tripleo-ansible is agnostic of how images are built 20:55:21 mspreitz: infra does not use tripleo-ansible 20:55:29 two different things 20:55:31 cool I caught the reference SpamapS - firehose reading the code basews for all the projects :) 20:55:57 sdake_: mmk just want to suggest that it be looked at when it comes to to automate updates. 20:55:58 mspreitz: infra moved away from it in favor of dib because it allows us to make one image and upload it to all of our cloud regions 20:56:10 when it comes _time_ to automate I mean 20:56:11 mspreitz: we are not doing it yet, but it also allows us to test the image before we upload it 20:56:37 mspreitz: the packer model is ... fragile ... although totally workable - I mean, we did use it for the last 2 years (although not with packer) 20:56:39 automate all the things :) 20:57:20 3 minutes left - any pressing issues? 20:58:16 ok, well folks if your in the review team, please please review 20:58:24 the queues have been running a bit slow 20:58:29 mspreitz: one could theoretically model the same thing as dib-docker with packer if you used packer+docker and then did an export/conversion 20:58:46 whaaaa review queue in openstack running slow!!?? 20:58:51 but at that point the question woudl be what content can you express in packer and what can you express in dib-elements 20:59:06 SpamapS yes but we only have 5-10 patches outstanding not 10 pages :) 20:59:20 you could use the instack element-running method inside packer. 20:59:25 and the composablity of dib elements on top of docker is quite nice 20:59:39 ok well I'm going to end meeting, we can follow up in tripleo channel 20:59:44 thanks for attending ! 20:59:46 #endmeeting