15:00:33 <danpb> #startmeeting libvirt 15:00:37 <openstack> Meeting started Tue Jun 10 15:00:33 2014 UTC and is due to finish in 60 minutes. The chair is danpb. Information about MeetBot at http://wiki.debian.org/MeetBot. 15:00:38 <openstack> Useful Commands: #action #agreed #help #info #idea #link #topic #startvote. 15:00:41 <openstack> The meeting name has been set to 'libvirt' 15:01:12 <thomasem> o/ 15:01:20 <danpb> well we have no agenda items today... 15:01:24 <vladikr> o/ 15:01:28 <apmelton> o/ 15:01:39 <danpb> someone add some items if they want to talk about anything... 15:01:53 <danpb> ( https://etherpad.openstack.org/p/nova-libvirt-meeting-agenda ) 15:02:16 <ndipanov> o/ 15:02:20 <sew> o/ 15:02:23 <sgordon> O/ 15:02:29 <lparth> o/ 15:03:35 <danpb> #topic open discussion 15:04:05 <danpb> since there are no formal agenda items, speak now if you want to mention anything...otherwise this'll be a short meeting :-) 15:04:22 <thomasem> danpb: sew just added one about nested Docker support in Libvirt LXC containers 15:04:54 <sew> really just curious if anyone has been able to get nested docker to run inside libvirt lxc containers? 15:04:56 <s1rp> o/ 15:05:11 <danpb> i've never tried it myself 15:05:50 <danpb> nested containers is getting into the uncharted waters in general though 15:06:17 <sew> there seem to be cgroup differences between lxc and libvirt_lxc which cause docker layering features to fail 15:06:25 <apmelton> docker does some mounting inside of the containers it builds right? 15:07:02 <apmelton> if we're revoking mount capability inside libvirt-lxc containers, that won't work 15:07:33 <danpb> if you can get it working on lxc but not libvirt-lxc then do file bugs against libvirt - probably best to try it in plain libvirt rather than under nova 15:08:05 <s1rp> apmelton: cap_sys_admin isn't dropped at least for libvirt, but for docker it is 15:08:45 <sew> i do see where mknod is dropped tho: http://libvirt.org/git/?p=libvirt.git;a=blob;f=src/lxc/lxc_container.c;h=fd8ab167f8945d33ba6f82e6f0aed84814fa98c0;hb=HEAD#l1746 15:09:18 <apmelton> ah yes, that's what I was thinking of 15:09:24 <sew> my testing with nested docker was done with just libvirt-1.2.3 15:10:14 <sew> i commented out those dropped caps, but was still unable to make docker layer images successfully 15:10:45 <vladikr> danpb, I was playing a bit with libosinfo recently, and curious what was your vision of it to be used with image properties? should everything be validated against it? 15:10:47 <sew> the only other differences i noticed were with regard to cgroup layouts 15:11:34 <danpb> vladikr: so my view is that in glance we should set os_id=<libosinfo OS identifier> and then Nova libvirt driver should use that to lookup preferred hardware models 15:11:54 <danpb> vladikr: ie so it'd use virtio net for linux, e1000 for bsd or whatever libosinfo says for preferred nic 15:12:13 <danpb> so it would avoid needing to set things like hw_nic_model and other similar bits in common case 15:13:16 <vladikr> I see, thanks 15:14:25 <apmelton> so danpb, about the spec for user namespaces, I guess I need to get mikal to revoke his -2 on it so it can actually get approved 15:15:21 <danpb> yep, guess he's missed our followup comment 15:15:39 <danpb> nothing will get approved this weekend regardless though until Juno-1 is out 15:15:44 <apmelton> yup 15:15:57 <apmelton> a couple of my other patches we're pushed to J2 15:17:15 <danpb> ok, so i guess we can finish the meeting and get back to regular work 15:17:36 <danpb> #endmeeting