19:00:06 #startmeeting Poppy Weekly Meeting 19:00:06 Meeting started Thu Nov 20 19:00:06 2014 UTC and is due to finish in 60 minutes. The chair is amitgandhinz. Information about MeetBot at http://wiki.debian.org/MeetBot. 19:00:07 Useful Commands: #action #agreed #help #info #idea #link #topic #startvote. 19:00:11 The meeting name has been set to 'poppy_weekly_meeting' 19:00:25 #topic rollcall 19:00:29 o/ 19:00:32 o/ 19:00:32 who do we have here today? 19:00:49 Great we have a fastly guy. 19:01:13 what is up 19:01:36 I may have some questions about fastly API. 19:01:39 o/ 19:01:50 ok 19:02:18 alright, smaller audience today i think 19:02:23 i know malini is out 19:02:34 miqui messaged me before that he wont be able to make it today 19:02:36 miqui won't be able to attend 19:03:01 #link https://wiki.openstack.org/wiki/Meetings/Poppy 19:03:13 #topic Last Week Review 19:03:23 #link http://eavesdrop.openstack.org/meetings/poppy_weekly_meeting/2014/poppy_weekly_meeting.2014-11-13-19.00.html 19:03:38 not many action items from last week 19:03:55 megan_w_: did you look into SNI any further? 19:04:18 yes and no 19:04:25 i looked at shared certificates more 19:04:32 akamai supports something called SAN certs 19:04:51 where multiple customers can share the same certificate, which reduces cost 19:05:05 is that kind of like what cloudflare does? 19:05:07 https://docs.fastly.com/guides/ssl/which-ssl-options-are-available-and-how-much-do-they-cost 19:05:17 SAN is pretty common in our land 19:05:59 right, the impression i get is that people only shy away for a few reasons.. 19:06:00 cool 19:06:15 branding: they just don't want people to be able to look up the cert and see other people's names.. 19:06:40 ..or they have strict complicance rules or something 19:06:45 it might be a good way to get a portion of the customers who dont care about that 19:06:52 exactly 19:07:17 we see that, generally only the alexa top 500 type customer 19:07:35 right 19:07:56 and, as you can see, most providers have significant fees for the setup and maintenance of fully owned certs 19:08:04 can you do the shared cert with an operator cert in the middle? 19:08:17 ie user domain -> operator -> cdn provider 19:08:33 i guess you provision the shared cert at the cdn provider right 19:08:35 i dont think the operator matters 19:08:36 right 19:09:16 long story short, most providers seem to offer something beyond the expensive, fully owned certificate 19:09:19 so the cname chain doesnt matter 19:09:26 ok 19:09:29 i dont think so 19:09:30 also.. 19:09:59 if we're going to provide operators with assistance on logging, we should be prepared to seperate out ssl GBs and reqeusts, since most offer it at a premium 19:10:09 that's all 19:10:39 cool 19:10:51 im looking forward to digging into this, seems really interesting 19:11:03 seems like SNI is still pretty early 19:11:09 not many providers have it on their roster yet 19:11:16 because of browser support, i assume 19:11:28 looks like fastly, and akamai do, and cloud flare 19:11:37 its a small % of XP users on IE i think, real legacy stuff 19:11:50 IE is still around =P 19:11:56 19:12:14 ok moving on.... 19:12:30 anyone know if malini updated the guidelines for api tests? 19:12:38 I didn't 19:12:45 :-$ 19:12:45 ooh she's back =) 19:13:03 back at the wrong time :D 19:13:11 #action malini to update guidelines regarding running api tests 19:13:27 so on that note, i have a patch out there that allows the api tests to run against a docker setup 19:13:30 should we put this on hold till the mimic thing is sorted out? 19:13:51 we'll keep rolling it over. if it comes of the list it will never come back on =P 19:14:02 thanks amitgandhinz for the docker patch 19:14:06 will review tht 19:14:12 ok 19:14:22 3. obulpathi to learn meetbot 19:14:33 * obulpathi learned a little bit about IRC :) 19:14:37 lets start the test 19:14:39 haha cool 19:14:42 will test it out next week 19:14:50 if anyone is around :D 19:14:56 next week is thanksgiving, so we'll see if he can run it haha 19:15:03 oh :( 19:15:05 ok 19:15:20 #topic bp updates 19:15:34 amitgandhinz: we should put a note on our meeting page about skipping thanksgiving 19:15:41 #link https://launchpad.net/poppy/+milestone/kilo-1 19:15:41 (for our non-us friends) 19:15:48 megan_w_: will do 19:16:12 ok ordering that list by delivery..... 19:16:26 cpowell: run cassandra at the gate 19:16:43 cpowell isnt here, but i know he started to look at it 19:16:58 but ran into some complications, and its back on hold while he works on other priorities 19:17:02 i'll update the status 19:17:28 miqui: update home document 19:17:39 miqui: isnt here but he picked this up today =) 19:17:50 with the docker patch, do we still need cassandra at the gate amitgandhinz? 19:18:03 malini: yes (or it may be docker at teh gate now) 19:18:21 docker at the gate will simplify a lot of stuff for us 19:18:27 yup 19:18:32 i can update the bp 19:18:49 docker is available in Ubuntu repos, so docker way might be easier I think 19:18:50 cool..thx! 19:19:27 that way we don't need to add external repos for installing software (cassandra) 19:19:37 bp updated 19:19:40 tonytan4ever: Implement an Akamai driver 19:20:11 This one is in good progress as I am implementing the rest of Akamai's functionality. 19:20:33 ok, its just purge thats still left right? 19:20:40 purge is something I am actively working on. 19:20:41 yes 19:20:44 cool 19:20:54 obulpathi: DNS driver 19:21:04 create and delete are done, 19:21:10 I am updating the patch for DNS driver 19:21:15 and tests for patch 19:21:39 DNS patch is for when a user updates the domains (removes / adds) 19:21:49 ok 19:21:52 DNS driver needs to add or delete the dns mappings 19:21:54 obulpathi: do we have patch that adds DNS with create service API call? 19:22:11 yes 19:22:18 For noe create and delete are working 19:22:31 cool..I will pull tht down 19:22:32 patch does not work with DNS right now 19:22:49 ok 19:22:58 next one is the fastly driver 19:23:08 my understanding is that this one is up to date correct? 19:23:15 i dont have an owner on it though 19:23:33 need anything ? 19:23:37 There is a bp of Fastly driver ? 19:23:46 Implement a fastly driver 19:23:53 #link https://blueprints.launchpad.net/poppy/+spec/fastly-driver 19:24:30 was purge implemented for fastly yet? 19:24:31 OK, I see it. I believe we'll worked on Fastly driver a bit. 19:24:37 Yes, 19:24:39 I did that. 19:25:18 yeh it should be up to date then 19:25:43 im going to mark it as implemented (unless you have objections) 19:25:56 That's fine for me. 19:25:59 or beta available is prob more appropriate 19:26:27 Also I am doing the caching rules on Fastly on this one so I don't mind owning it for now. 19:26:28 ok tonytan4ever: purge content 19:26:46 That's merged. 19:26:52 assigned 19:27:14 purge status updated 19:27:27 OK Cool, 19:27:34 and the last one - tonytan4ever: est restrictions 19:27:48 That's merged this morning right. 19:27:52 yup 19:28:26 hmm where is teh caching rules bp.... 19:28:45 https://blueprints.launchpad.net/poppy/+spec/caching-rules 19:28:45 found it 19:28:48 was assigned to k2 19:28:50 moved it to k1 19:29:03 I started it today. 19:29:10 ok will mark it as started 19:29:27 sounds good. 19:30:19 ok moving on to bugs 19:30:43 #topic bugs 19:30:46 #link https://launchpad.net/poppy/+milestone/kilo-1 19:30:50 bottom of the page 19:31:03 i created a bunch of bugs for the failing api tests 19:31:48 i dont think we need to go through these individually 19:32:16 does anyone have any comments they want to make regarding the bugs? 19:32:26 no 19:32:35 nop 19:33:12 #topic New Items 19:33:19 no scheduled topics to discuss... 19:33:28 #topic Open Discussion 19:33:36 tonytan4ever: you had some fastly questions? 19:33:39 Questions for edward-fastly: 19:33:50 For setting caching rules for fastly, 19:34:06 we need to provide a stale ttl 19:34:19 ok 19:34:24 How does that value relate to ttl ? 19:34:50 Currently our poppy design specification does not specify stale ttl, 19:35:03 what would be a appropriate value for that ? 19:35:30 what is the difference between ttl and stale_ttl? 19:35:40 In the TTL field, type the normal lifespan of the data in seconds. 19:35:40 In the Stale TTL field, type how long to serve stale data in seconds. 19:35:57 (pasted) - is that not helpful ? 19:36:14 are you asking what a standard approach should be? 19:36:16 stale ttl comes into play when the origin is not available, right? 19:36:19 yeah 19:36:26 so you can appear to be up 19:36:31 ok 19:36:43 That is helpful, 19:36:55 helps if you are migrating backends too 19:37:35 but there is a question for amitgandhinz: when we are setting caching rules, we have to specify a stale ttl in addition to ttl. 19:38:07 What would that value be in our case ? Default to 3600 ? 19:38:11 is stale ttl a common field by other providers? 19:38:23 if not, we could say we dont support stale ttl and set it to 0 19:38:34 +1 19:38:35 there fore we dont serve stale date 19:38:36 Not that I know of on Akamai. 19:38:41 OK 19:38:45 0 it is then. 19:38:48 Cloudfront, also does not support it 19:39:17 #agreed lets set stalettl for fastly driver to 0 since poppy does not currently support stale ttls 19:39:53 ok, any more questions tonytan4ever? 19:40:06 No more question from me. 19:40:16 cool 19:40:26 anyone else have anything they want to talk about? 19:41:03 nothing from me 19:41:07 im good - since there's no meeting next week please dont hesitate to contact me or michael if there's anything we can help with 19:41:18 thanks edward-fastly 19:41:36 ok in that case lets call it a day 19:41:39 thanks everyone 19:41:48 thank you! 19:41:55 See you all. 19:41:57 :) 19:42:00 #endmeeting