13:00:02 <alex_xu> #startmeeting nova api 13:00:02 <openstack> Meeting started Wed May 24 13:00:02 2017 UTC and is due to finish in 60 minutes. The chair is alex_xu. Information about MeetBot at http://wiki.debian.org/MeetBot. 13:00:03 <openstack> Useful Commands: #action #agreed #help #info #idea #link #topic #startvote. 13:00:05 <openstack> The meeting name has been set to 'nova_api' 13:00:08 <alex_xu> who is here today? 13:00:22 <gmann> o/ 13:00:43 <cdent> o/ 13:01:29 <alex_xu> not sure sdague johnthetubaguy around also 13:01:30 <Kevin_Zheng> o/ 13:02:07 <alex_xu> #topic priorities 13:02:25 <alex_xu> #link https://review.openstack.org/#/q/status:open+project:openstack/nova+branch:master+topic:bp/policy-docs 13:02:40 <alex_xu> the only one priority item, and looks like we are super close 13:03:19 <gmann> alex_xu: yea, seems like gate behaved bad, ll recheck on those 13:03:34 <alex_xu> yea, I saw live-migration job always failed 13:03:46 <alex_xu> gmann: thanks for those patches also 13:04:18 <gmann> yea 13:04:36 <alex_xu> gmann: only have a question for this https://review.openstack.org/#/c/461728/, i think we should mark it as deprecated, since the cfg opt "CONF.api.hide_server_address_states" deprecated also 13:04:37 <sdague> o/ 13:05:10 <alex_xu> without that cfg opt, that rule doesn't work also I think 13:05:42 <gmann> alex_xu: so with cfg deprecation we will show address always? 13:06:10 <alex_xu> gmann: i guess so 13:06:35 <gmann> alex_xu: but policy may be for separate purpose to hide from few users... but do not know if that make sense or not 13:06:48 <gmann> sdague: johnthetubaguy ^^ what you say? 13:06:58 <alex_xu> yea, i'm not sure why people want to hide the addresses 13:07:20 <gmann> yea, me too its their server address only 13:07:24 <alex_xu> and that is undiscoverable configuration to the API response? 13:07:51 <sdague> I honestly have no idea, we have the commit where that was added? 13:10:00 <sdague> this is the base commit b3bbd09131e127e7540f4ccdb1376c10bace8b7a 13:10:40 <sdague> so, the reason for this is that until you are in ACTIVE the addresses could change (late fail that triggers a reschedule, possibility that you get different addresses) 13:10:54 <sfinucan> o/ 13:11:01 <sdague> I think the point of deprecating was that we'd always do the hide until ACTIVE, right? 13:11:04 <gmann> this one https://review.openstack.org/#/c/18414/ 13:11:09 <sdague> gmann: yeh 13:11:49 <sdague> alex_xu: I agree, that policy point should go away, and that should just be the default 13:11:58 <gmann> sdague: yea before ACTIVE, its not stable 13:12:12 <alex_xu> sdague: cool 13:12:19 <sdague> gmann: right, but by default, if we have any content in there it's just passed up 13:12:29 <gmann> yea 13:12:39 <alex_xu> but I made a mistake, that cfg isn't deprecated, just the name deprecated... but it is also worth to deprecate that rule? 13:12:40 <sdague> someone should probably write down the desired behavior here, it honestly could be a light weight spec 13:13:06 <sdague> alex_xu: yeh, I feel like that's one of those extensions that was added when it should have just been sane default behavior 13:14:22 <alex_xu> sdague: got it 13:14:29 <gmann> ok 13:15:03 * alex_xu write a note, will bring this up when we review the api work items in next release 13:15:09 <gmann> sdague: you mean to write a spec for cfg and policy deprecation with expected behavior 13:15:43 <sdague> gmann: yeh 13:15:54 <sdague> honestly, it should be really straight forward 13:16:05 <gmann> sdague: ok, ll add one for queue for next release 13:16:07 <sdague> I think we all have it in our head, but it should be written down 13:16:08 <gmann> yea 13:16:27 <sdague> honestly, you could do it this week to clarify, and we could get all the deprecations set now 13:16:42 <gmann> sdague: sure. 13:17:08 <alex_xu> gmann: thanks 13:17:34 <alex_xu> cdent: anything update for uwsgi? 13:18:06 <cdent> no, at this stage I think the devstack change needs reviews, but that's about it: https://review.openstack.org/457715 13:18:18 <alex_xu> cdent: ah, thanks 13:19:27 <alex_xu> sdague: anything update from summit, if there is anything really something related nova api? 13:20:02 <cdent> I want to ask about some of the service catalog stuff 13:20:09 <cdent> there was a thread recently: 13:20:17 <sdague> alex_xu: honestly the only thing I've been working on since was the cross service request ids 13:20:22 <sdague> which is api related 13:20:36 <cdent> http://lists.openstack.org/pipermail/openstack-dev/2017-May/116574.html 13:20:40 <alex_xu> sdague: got it 13:20:43 <sdague> http://lists.openstack.org/pipermail/openstack-dev/2017-May/117367.html 13:20:55 * mriedem joins late 13:21:01 <cdent> in which some people said they'd like to continue to be able to not use the service catalog 13:21:12 <cdent> for inter-service interactions 13:21:29 <cdent> if we agree with that we'll need to make some adjustments to how the resource tracker (and others) call placement 13:21:36 <cdent> to allow endpoint_override 13:21:51 <sdague> cdent: how I read that issue was different 13:22:08 <sdague> there are a class of data intensive APIs (glance is in that camp) 13:22:55 <mriedem> this sounds like the spec efried is working on https://specs.openstack.org/openstack/nova-specs/specs/pike/approved/use-service-catalog-for-endpoints.html 13:22:59 <cdent> it's not certain/clear from the second message that data intensity is the only reason. it apears some people just want explicit control 13:23:11 <mriedem> get endpoints in a generic way from the catalog but it allows for a backdoor override 13:23:11 <sdague> direct addressing, and more specifically server lists, allows for flimsy HA and network path optimization 13:23:19 <cdent> but since the thread didn't really resolve I thought I would point out that that was the case 13:23:53 <sdague> the thing that triggered it was getting rid bypassing the service catalog for glance 13:24:00 <gmann> this is to have different endpoints based on different catalog right? like v2 and v2.1 catlog on devstack side 13:24:01 <sdague> up until that point, people mostly didn't care 13:24:21 <sdague> gmann: no, it's the fact that something like glance many folks want to 13:24:39 <sdague> 1) optimize their paths from computes to glance, possibly very much at the rack level 13:25:09 <sdague> 2) turn off https for nova -> glance (but only for that case) which is a 35% performance boost 13:25:27 <alex_xu> wow 13:25:32 <gmann> humm 13:25:41 <sdague> 3) have some level of HA, which the api_servers list provides, as if we fail an op we pop to the next server and try again 13:26:13 <sdague> which is way less infrastructure than HA proxy, which is a performance bottleneck when you stick that in front of something trying to stream 100GB images 13:26:16 <alex_xu> so it is about different compute node to access different api servers 13:26:30 <sdague> well, specifically the glance ones 13:26:41 <sdague> and it might be the same servers, but a different network path 13:27:09 <cdent> sdague: all that you say is true, but also that thread specifically says "In addition to the Glance to nova-compute use case, the feedback during the LDT session surfaced potential use cases for other services." 13:27:19 <sdague> cdent: sure 13:27:22 <cdent> so at the moment there's some ambiguity that we'll need to resolve 13:27:57 <sdague> right, and that message didn't help clarify 13:28:07 <sdague> it would be good to figure out what "other use cases are" 13:28:15 <sdague> I totally get and understand the glance case 13:28:44 <cdent> sorry, I'm clearly not getting my point across: we, nova, did not respond to that thread, so have left people hanging, we need to fix that. If nobody else wants to I can bump the thread with some additional questions 13:29:04 <sdague> cdent: sure, that sounds reasonable 13:29:10 <cdent> k, will do 13:29:20 <sdague> it did also hit in the middle of summit 13:29:20 <cdent> #action cdent to bump the service catalog philosophy thread 13:29:28 <mriedem> was this mdorman's thread? 13:29:32 <sdague> yes 13:29:34 <mriedem> which was a revival of the old one 13:29:34 <mriedem> ok 13:30:26 <mriedem> i can reply with a simple question, 13:30:32 <mriedem> have you read https://specs.openstack.org/openstack/nova-specs/specs/pike/approved/use-service-catalog-for-endpoints.html and if so, does it suit your needs? 13:31:01 <cdent> goferit 13:32:07 <alex_xu> cool 13:32:12 <alex_xu> anymore question? 13:32:51 <alex_xu> ok 13:32:55 <alex_xu> #topic open 13:33:04 <alex_xu> gmann: you are an agenda? 13:33:09 <gmann> yea 13:33:13 <alex_xu> s/are/have/ 13:33:18 <gmann> https://bugs.launchpad.net/nova/+bug/1693168 13:33:19 <openstack> Launchpad bug 1693168 in OpenStack Compute (nova) "Different APIs 'os-quota-class-sets' Response between v2 and v2.1" [Undecided,New] - Assigned to jichenjc (jichenjc) 13:33:35 <gmann> we have difference bug from v2 to v2.1 for quota class APIs 13:34:01 <alex_xu> i guess nobody use the quota class API? 13:34:21 <gmann> that happened due to 'os-server-group-quotas' extensions which i never knew before investigating this bug 13:34:22 <mriedem> no one uses microversions :) 13:34:26 <gmann> heh 13:34:42 <alex_xu> hmmm 13:34:54 <gmann> nobody complained about this yet so do not know how imp quota class API is :) 13:35:07 <alex_xu> mriedem: feedback from summit? still no one use microversion? 13:35:22 <mriedem> alex_xu: clouds are just rolling up to or past mitaka, 13:35:26 <gmann> or noone switched to v2.1 from v2? 13:35:29 <mriedem> no one seems to know how users are using microversions 13:35:36 <mriedem> mordred is just starting to look at microversions 13:35:50 <mriedem> the quota class API is how you get default quota information 13:35:51 <gmann> mriedem: its in base v2.1 13:35:56 <mriedem> since there is only one quota class, which is 'default' 13:36:00 <alex_xu> ok, so just waiting for a while... 13:36:23 <mriedem> but i think if you also use os-quota-sets for a tenant id, you get default quotas too if there aren't any overrides 13:36:26 <mriedem> for the tenant i mean 13:36:39 <mriedem> so, 13:36:43 <gmann> yea, if not overridden 13:36:51 <mriedem> to break this in v2.1 and then fix it in 2.46 or whatever seems wrong 13:37:35 <mriedem> although anyone past 2.1 using this api would start getting different results 13:37:40 <gmann> we had same case with vif's net-id: break in v2.1 and fixed in i think 2.8 13:38:12 <mriedem> we dropped the 2.0 code in newton? 13:38:25 <sdague> so, the bug isn't super clear to me. This is that server_groups isn't in the key list? 13:38:27 <gmann> mriedem: yes 13:38:32 <mriedem> i'm just thinking of a case where the cloud isn't new enough to get this fix, but is new enough that you can't use 2.0 13:38:55 <mriedem> "if extension 'os-server-group-quotas' was enabled in v2, then 'server_groups' and 'server_group_members' were present in APIs response." 13:39:08 <alex_xu> sdague: yes 13:39:13 <sdague> but we're not including those now 13:39:26 <gmann> sdague: yea, 2.1 never included those 13:39:28 <sdague> and half the world hates server groups? 13:39:38 <mriedem> but NFV loves them 13:39:47 <mriedem> which is 75% of openstack revenue :) 13:40:08 <alex_xu> see the thread about drop retry, there are people use it out side NFV 13:40:18 <mriedem> that's the 25% 13:40:31 <sdague> alex_xu: that's assuming that all afinity is done with server groups 13:40:43 <sdague> you can also do affinity at boot time 13:40:59 <mriedem> affinity with server groups is at boot time 13:41:12 <mriedem> anyway, 13:41:25 <sdague> mriedem: a server group is created if you pass a scheduler hint during boot? 13:41:50 <mriedem> sdague: i'd have to dig, but it's irrelevant there isn't it 13:41:56 <mriedem> *here 13:42:00 <sdague> yeh, sure 13:42:07 <sdague> just trying to make sure I understand the scope of the problem 13:42:12 <gmann> user can still add/update the server groups quota but APi dpes not showing that back in quota class set APIs 13:42:23 <alex_xu> how much people use quota-class for setting default value? 13:42:24 <gmann> quota set APIs has no issue 13:42:34 <sdague> gmann: right, that feels like a bug fix to go fix and backport 13:42:56 <gmann> sdague: but backport till newton only, we have this since killo 13:42:57 <sdague> and a note in api-ref that some versions had a bug where those keys weren't shown, it was not intentional 13:43:05 <sdague> gmann: right, I get that 13:43:19 <gmann> i see, api-ref clear doc can help 13:43:28 <sdague> yeh, make it as right as we can 13:43:33 <sdague> and explain in docs where we screwed up 13:43:40 <mriedem> hold up, 13:43:49 <mriedem> so we're going to start introducing new keys in the 2.1 response? 13:44:09 <sdague> mriedem: if by new you mean the keys that people already have 13:44:35 <mriedem> already have as of 2.0 13:44:35 <gmann> it can be interop issue ? few cloud return those keys and few not 13:44:43 <sdague> that we document are there - https://developer.openstack.org/api-ref/compute/?expanded=show-a-quota-detail 13:44:58 <mriedem> that link doesn't work 13:45:14 <sdague> https://developer.openstack.org/api-ref/compute/?expanded=show-a-quota-detail#show-a-quota 13:45:23 <mriedem> that's a different api 13:45:46 <mriedem> alex_xu: to answer your question, we don't know how uses the quota classes api 13:45:54 <mriedem> we don't know how uses any api, or how much, or in what ways 13:45:56 <mriedem> *who 13:46:06 <alex_xu> yea...i see 13:46:15 <gmann> seems like no api-ref for quota class set 13:46:17 <mriedem> this is definitely a regression for anyone that had code that worked on 2.0 and now uses 2.1 13:46:19 <sdague> ok, I guess I didn't understand the bug 13:46:21 <mriedem> if they needed those values 13:46:33 <mriedem> yes there is no api-ref for quota classes apparently 13:46:53 <mriedem> os-quota-sets is the tenant/user specific api 13:47:22 <mriedem> quota classes sets the global defaults 13:47:34 <mriedem> which sets a value in the db which overrides the default quotas in config 13:48:01 <mriedem> the way we check for quota limits is (1) project-specific limits, (2) default quota class in db (3) config 13:48:22 <mriedem> https://docs.openstack.org/developer/nova/quotas.html#checking-quota 13:48:52 <mriedem> anyway, 13:49:06 <mriedem> we seem to be inconsistent about saying when something needs a microversion or not 13:49:23 <mriedem> as noted, we regressed the device tags stuff after 2.32 13:49:49 <mriedem> that was fixed in 2.42 https://docs.openstack.org/developer/nova/api_microversion_history.html#maximum-in-ocata 13:49:59 <mriedem> rather than bug fixing it into the regressed microversions 13:50:19 <mriedem> it makes for terrible ux, yes 13:50:20 <alex_xu> if something break the cirtical feature, then we fix it without microversion 13:50:38 <mriedem> alex_xu: do you have an example of that? 13:51:16 <gmann> so we had similar issue in past with vif net-id we missed to add in v2.1 and fixed in 2.12 #link Ic8b26df8d7e69bd71d23dfbc983fa3449c16fa7d 13:51:43 <gmann> and that was mainly for interop things 13:52:11 <sdague> the fact that it's for this API (which isn't documented) instead of the one I thought it was on the user side means I'm less inclined to backport 13:52:24 <sdague> it's an admin API, the only change is the get 13:52:43 <mriedem> right quota classes is only GET and PUT 13:52:49 <gmann> yea 13:53:00 <sdague> and there is a way to update with the config and set things that way 13:53:07 <sdague> it's annoying that the read path is dumb 13:53:08 <mriedem> https://github.com/openstack/nova/blob/master/nova/policies/quota_class_sets.py 13:53:20 <sdague> I'd say that any fix should come with API docs 13:53:29 <mriedem> i don't know what 'is_admin:True or quota_class:%(quota_class)s', is 13:53:52 <mriedem> does that mean, you can GET if you're admin or the quota_class is something you've defined in policy? 13:54:06 <sdague> mriedem: I honestly have no idea, it's policy, it's madness 13:54:22 <mriedem> https://github.com/openstack/nova/blob/master/nova/api/openstack/compute/quota_classes.py#L66 13:54:40 <mriedem> so id there is like 'default' 13:54:44 <mriedem> that's the only quota class we have 13:54:51 <gmann> mriedem: i think so, admin or user defined ids for quota class in policy 13:54:59 <mriedem> there is no user-defined id 13:55:12 <mriedem> btw, there is no way to list quota classes, 13:55:13 <mriedem> there is only 1 13:55:17 <mriedem> it is the alpha and omega 13:55:25 <mriedem> unless you're rax probably 13:55:27 * alex_xu can't find that example, as remember there is strict validation for the instance name 13:55:47 <mriedem> anyway i don't know how that policy works, if it even does anything 13:55:59 <mriedem> so, 13:56:09 <mriedem> i think if you can still get the quota limits for those keys via os-quota-sets, 13:56:13 <alex_xu> 4 mins left 13:56:15 <mriedem> which i think you can, but it would be good to confirm, 13:56:23 <mriedem> then we fix this is in os-quota-class-sets via microversion 13:56:29 <mriedem> and document the workaround 13:56:45 <gmann> mriedem: yea, i confirmed os-quota-set return those 13:57:16 <mriedem> the only difference is os-quota-sets is per-project 13:57:22 <mriedem> but if you're the admin project, then that should be ok 13:57:26 <gmann> #link https://github.com/openstack/nova/blob/master/doc/api_samples/os-quota-sets/quotas-show-defaults-get-resp.json 13:57:39 <mriedem> ok good 13:57:48 <mriedem> i really need a devstack so i can poke at things like this 13:58:22 <mriedem> nova quota-class-show default 13:58:23 <alex_xu> 2 mins left 13:58:24 <mriedem> is the other thing to test 13:58:26 <mriedem> as non-admin 13:58:29 <gmann> yea, it took me while to confirm all this by taking mitaka branch and enabling that extension in v2 13:58:31 <mriedem> if someone has a devstack 13:58:38 <alex_xu> so.. what is our decision? 13:58:55 <mriedem> alex_xu: i think we document the workaround and fix os-quota-class-sets in a microversion 13:58:59 <mriedem> sdague: gmann: ^ agreed? 13:59:14 <alex_xu> 50 sec for vote 13:59:21 <sdague> mriedem: yep, works for me 13:59:23 <gmann> yea, ok for microversion 13:59:25 <mriedem> i'll update the bug report 13:59:36 <gmann> mriedem: thanks. 13:59:45 <alex_xu> ok...great 14:00:05 <alex_xu> it is time to close the meeting, thanks all 14:00:07 <alex_xu> #endmeeting