17:00:30 <geoffarnold> #startmeeting mercadorproject 17:00:30 <openstack> Meeting started Fri Aug 14 17:00:30 2015 UTC and is due to finish in 60 minutes. The chair is geoffarnold. Information about MeetBot at http://wiki.debian.org/MeetBot. 17:00:31 <openstack> Useful Commands: #action #agreed #help #info #idea #link #topic #startvote. 17:00:33 <openstack> The meeting name has been set to 'mercadorproject' 17:00:39 <geoffarnold> ping 17:00:48 <shaleh> pong 17:00:53 <davidjc> pong 17:01:01 <gyee> bud 17:01:38 <geoffarnold> bud??? ;-) 17:02:04 <gyee> I was expecting 'light' 17:02:18 <davidjc> dy 17:02:19 <geoffarnold> OK, we've had some changes since we last met 17:02:46 <geoffarnold> Based on design discussions over at HP 17:03:09 <geoffarnold> The basic model is unchanged 17:03:46 <geoffarnold> Publisher service running in provider cloud, Subscriber running in consuming cloud 17:04:27 <geoffarnold> However rather than implementing Publisher and Subscriber as independent services, with their own endpoints, installation/configuration, etc.... 17:04:46 <geoffarnold> we're going to integrate them into Keystone 17:04:54 <gyee> for now :) 17:05:04 <geoffarnold> This has some benefits and complications 17:05:09 <geoffarnold> yes, for now 17:05:39 <geoffarnold> Benefits: faster spinning up the POC, reduced round-trips between Keystone and Subscriber 17:05:49 <raildo> gyee: light \o 17:05:53 <geoffarnold> Complications: it's a fork of Keystone 17:06:15 <gyee> not quite 17:06:41 <geoffarnold> de facto, gyee? 17:06:43 <shaleh> gyee, it requires keystone mods beyond just dropping the mercador/ directory in contrib 17:06:55 <shaleh> my commit shows thay 17:07:00 <shaleh> s/thay/that/ 17:07:05 <gyee> its a fork for conveninence 17:07:12 <gyee> but we are not touching keystone internals 17:07:15 <geoffarnold> exactly 17:07:35 <geoffarnold> except to interpose on CRUD for "project" 17:07:36 <gyee> it should not require keystone mod 17:07:42 <raildo> geoffarnold: do you want to use some stable release for this? 17:07:48 <gyee> just contrib and middleware 17:07:54 <davidjc> yes 17:07:55 <shaleh> raildo, I started with master 17:08:08 <geoffarnold> not especially, raildo 17:08:54 <geoffarnold> shaleh can you add raildo to the project in github 17:08:57 <gyee> raildo, not till we flesh out the landmines 17:09:11 <shaleh> geoffarnold, I just need a github user to invite 17:09:35 <raildo> maybe this will be a little painful, since we have to be doing a lot of rebases... 17:09:49 <raildo> geoffarnold: thanks 17:09:52 <shaleh> raildo: what is your github user name? 17:10:01 <raildo> raildo :P 17:10:06 <shaleh> one moment 17:10:13 <gyee> raildo, shouldn't be painful, we are NOT touching Keystone internals 17:10:27 <gyee> if we do, this ain't gonna end well 17:10:54 <raildo> gyee: ok 17:11:11 <geoffarnold> if we do, it shows that Keystone's contrib framework isn't as clean as intended 17:11:19 <gyee> exactly 17:11:37 <shaleh> geoffarnold: I added a "Contributors" team to the Org. Raildo has been invited 17:11:50 <geoffarnold> There's a Trello at https://trello.com/b/6tlmk3z4/mercador-stackforge-project 17:12:09 <shaleh> raildo: I forked keystone and friends to the Mercador Org on github. We made a branch for mercador-poc there 17:12:15 <geoffarnold> Still stays "stackforge", but no worries 17:12:36 <shaleh> all changes are intended to be in the keystone/contrib/mercado dir unless 100% necessary 17:12:43 <shaleh> so keeping up with master should be pretty easy 17:12:52 <gyee> ++ 17:13:04 <geoffarnold> +++ 17:13:18 <gyee> at the end, it should be a complete separatable service 17:13:22 <raildo> sure 17:15:15 <geoffarnold> Or two 17:15:37 <shaleh> raildo: if I need to fork something else into the Org let me know 17:16:15 <shaleh> the non Openstack project is my Vagrant/Ansible work to federate a collection of virtualbox nodes running devstack 17:16:53 <gyee> shaleh, how close are you in getting the ansible work done? 17:16:54 <raildo> shaleh: I think that is it. 17:17:17 <shaleh> gyee: I believe it is done but I need to fully test the federation connectivity 17:17:27 <gyee> sweet 17:17:41 <shaleh> I have a script to push projects/domains/users etc onto the SPs 17:17:53 <shaleh> then I can try to access them from the Idp using fed-tester box 17:18:01 <shaleh> once that is fully tested I can bless it 17:18:06 <shaleh> hopefully that is today 17:18:42 <shaleh> everything I have is up on GitHub. 17:18:49 <geoffarnold> I just pushed my API design notes to Pastebin: http://pastebin.com/Sanc8WeR 17:18:58 <geoffarnold> Formatting sucks; I'll fix it up 17:19:25 <shaleh> geoffarnold: next step is putting that on the wiki yes? 17:19:30 <gyee> geoffarnold, you'll update the wiki with the API design too right? 17:19:45 <geoffarnold> Yes - in a few minutes 17:20:18 * geoffarnold mumbles about Word-to-Mediawiki conversion tools 17:20:40 <shaleh> raildo: the fork of Keystone has a "hello world" quality Mercador at the moment. It responds to /v1/subscribers 17:20:49 <shaleh> geoffarnold: so stop using Word :-) 17:21:01 <geoffarnold> Agreed 17:21:07 <gyee> hah 17:21:39 <raildo> ++ haha 17:21:40 <geoffarnold> markdown ftw 17:22:00 <shaleh> I actually like asciidoc ..... 17:22:35 <geoffarnold> i'd missed that, shaleh - I'll check it out 17:22:39 <raildo> shaleh: I found, thanks 17:22:51 <shaleh> http://asciidoctor.org/ 17:23:01 <shaleh> GitHub supports files named ".adoc" 17:23:15 <gyee> judge a doc by its content, but not its apparent - gyee's paraphrasing MLK 17:23:15 <geoffarnold> sweet 17:23:45 <shaleh> geoffarnold: what do we have for an agenda? 17:23:53 <shaleh> we have completed show & tell 17:24:06 <geoffarnold> nothing else AFAIK 17:24:18 <geoffarnold> Next week is crazy 17:24:24 <shaleh> my plan is to start on the token interceptor work 17:24:52 <geoffarnold> Monday is shot (Cisco mtgs), Tues-Wed is Operators Meetup, Thurs-Fri is Product WG (I'm hosting) 17:25:01 <shaleh> understood 17:25:18 <shaleh> when we meet the following week I expect to have a demo for the group 17:26:03 <gyee> geoffarnold, will Cisco folks help out on the rest of the API impl? 17:26:20 <geoffarnold> davidjc do you want to take a look at the CLI? 17:26:20 <shaleh> I've done my freebie :-) 17:26:29 <gyee> we are at a point we can multithreading now 17:26:44 <davidjc> well the CLI will be easy to develop once all of the backend APIs are completed 17:27:00 <davidjc> I plan on diving in on that today, or exploring the API backends as discussed 17:27:04 <davidjc> particularly for pub 17:27:08 <shaleh> CLI work expects changes to python-keystoneclient or an equiv 17:27:23 <geoffarnold> We should start by replicating shaleh's hello world 17:27:54 <geoffarnold> Just to demonstrate end-to-end 17:27:58 <shaleh> ++ 17:28:08 <gyee> for CLI/client, I suggest separate packages for python-mercadorclient 17:28:18 <davidjc> + 17:28:19 <shaleh> the Subscriber CRUD is implemented as I understood it from the document 17:28:30 <shaleh> gyee: not a bad idea 17:29:02 <shaleh> copy/paste the existing keystoneclient to get the ball rolling quickly 17:29:15 <geoffarnold> defined, not yet implemented.... the changed approach means that the URL schemas change a bit (not significant) 17:29:30 <shaleh> there has been a lot of noise on the -dev list about Federation. Was any of it relevant. I have not kept up. 17:29:52 <gyee> shaleh, no, not relevant to this work 17:29:56 <geoffarnold> I missed most of it - thought it was ID fed 17:29:59 <gyee> WebSSO they are arguing over 17:30:05 <shaleh> ah, god 17:30:08 <shaleh> good 17:30:09 <gyee> we care about K2K 17:30:09 <shaleh> I meant 17:30:09 <geoffarnold> Yup 17:30:42 <shaleh> raildo: I gave you read/write as a Contributor. 17:30:53 <gyee> we need to think about how to make K2K config more dynamic 17:30:59 <gyee> but that's a parallel track 17:31:03 <shaleh> there is not Jenkins gate here so play nice everyone 17:31:15 <geoffarnold> I mistype "god" for "good" so often, I'm thinking of having MacOS translate "god" to "Cthulu" 17:31:26 <gyee> god is good 17:31:42 <raildo> shaleh: ok, if have some user story/task that I can contribute, let me know 17:31:53 * shaleh points to geoffarnold 17:32:27 <shaleh> raildo: you might end up being a dev tester for us if that is acceptable 17:32:38 <geoffarnold> Hey, raildo, on a parallel track, I'd like to get the reseller user stories into the Product WG discussions 17:32:46 <geoffarnold> I'll follow up offline 17:33:08 <shaleh> geoffarnold: if there are more people who need Contributor status let me know 17:33:15 <raildo> shaleh: I can do that :) 17:33:20 <geoffarnold> davidjc? 17:33:34 <shaleh> geoffarnold: he has been invited as an Owner like you were 17:33:43 <raildo> geoffarnold: sure, we can discuss when you have some time 17:33:53 <geoffarnold> (referring to his team) 17:34:00 <raildo> or I can send a email 17:34:27 <geoffarnold> raildo thanks, that would be good 17:34:34 <davidjc> I would like contributor status if I do not have such status already 17:34:39 <davidjc> thanks 17:34:50 <shaleh> davidjc: accept the Gihub invite sent Tuesday evening 17:34:55 <davidjc> will do 17:35:35 <shaleh> geoffarnold/davidjc: it probably makes sense for you guys to get some kind of Jenkins gate style system setup on your end to test as you get further along 17:35:46 <geoffarnold> agreed 17:36:02 <geoffarnold> one last question (for gyee) 17:36:20 <gyee> \o 17:36:30 <geoffarnold> I had to miss the Keystone mtg this week - was there anything important (apart from WebSSO)? 17:36:56 <gyee> policy distribution 17:37:10 <gyee> we voted to include it as experimental 17:37:22 <gyee> same holds for x.509 tokenless authz 17:37:58 <geoffarnold> thanks 17:38:05 <gyee> there were some concerns over policy distribution however 17:38:12 <gyee> performance wise 17:38:29 <gyee> so its going to be either keystone, consul, or zookeeper 17:38:36 <raildo> btw we need more reviews in the reseller patches :( 17:38:52 <gyee> so we still need a bunch of POC work to flush out the land mines 17:39:05 <geoffarnold> right 17:39:56 <geoffarnold> I'm still wrestling with the question of how/when we can fix the project/domain namespace problem 17:40:00 <gyee> raildo, yes will do 17:40:12 <gyee> raildo, I am having f2f with out PM next week in the ops midcycle 17:40:22 <geoffarnold> it takes API changes, DB changes, just about everything 17:41:29 <geoffarnold> come along to the large scale/public cloud breakout at the ops meeting 17:41:31 <gyee> geoffarnold, v4 :) 17:41:53 <geoffarnold> federation and safe delegation will be on the table 17:42:41 <shaleh> consul tries to hard to get people onto its pay cloud 17:42:56 <shaleh> but otherwise I kind of like it 17:43:00 <shaleh> I know morgan does too 17:43:17 <geoffarnold> I'll look at it 17:43:22 <gyee> I haven't had a chance to dig deep into it yet 17:43:32 <shaleh> geoffarnold: all we can do is point out how painful life is without a fix 17:44:14 <geoffarnold> Agreed. Maybe we need to bring a QSA along to rip holes in people's smug assumptions about trust 17:44:16 <shaleh> consul is Go lang. Pretty well documented. Written by hashi corp. 17:44:43 <davidjc> I have been messing around with Consul, it has some strengths and weaknesses 17:44:52 <shaleh> davidjc: agreed 17:45:00 <geoffarnold> Well, if we're going to include more non-Python bits, Go will be popular 17:45:05 <shaleh> I kind of like it over Zookeeper though 17:45:14 <shaleh> the not Java helps :-) 17:45:26 <gyee> or Oracle will sue ya 17:45:28 <davidjc> Well Consul and Zookeeper are for different purposes 17:45:35 <davidjc> the closest thing to Zookeeper is etcd 17:46:04 <shaleh> talking to Morgan he would like to divest more of Keystone to tools like Consul 17:46:20 <geoffarnold> +1 17:46:54 <geoffarnold> On the other hand.... WS-Discovery and UDDI left a lot of people nervous about this stuff 17:47:09 <shaleh> while in principle I agree, it makes OpenStack even more unwieldy 17:47:25 <shaleh> even more moving pieces, points of failure, etc. 17:47:37 <shaleh> I pity the ops crew who have to keep up with all of this mess 17:48:01 <gyee> shaleh, OpenStack by itself is unusable :) It needs a log of 3rd party tools 17:48:05 <shaleh> too many people in OpenStack seem to only see the DevStack view of the world 17:48:16 <geoffarnold> Wouldn't it be nice if we could apply all the Consul work (Raft, etc.) to make DNS really usable for this 17:48:25 <shaleh> geoffarnold: agreed 17:48:54 <geoffarnold> OK, we're drifting into the "over a pint of beer" mode, so let's wrap 17:48:59 <gyee> and there are load of commercial interest in the 3rd party tools 17:48:59 <davidjc> well the biggest problem with the state of DNS is performance in Python 17:49:10 <gyee> so we stuck in this no-op land 17:49:16 <shaleh> performance can always be fixed 17:49:26 <davidjc> by choosing a different language 17:49:35 <shaleh> "works good enough" gets you pretty far 17:49:44 <davidjc> are we talking about designate? 17:49:54 <shaleh> cheers all 17:50:05 <geoffarnold> not really, davidjc 17:50:09 <geoffarnold> cheers 17:50:13 <geoffarnold> #endmeeting