#openstack-meeting log

03:00:08 <hongbin> #startmeeting zun
03:00:09 <openstack> Meeting started Tue Aug 16 03:00:08 2016 UTC and is due to finish in 60 minutes.  The chair is hongbin. Information about MeetBot at http://wiki.debian.org/MeetBot.
03:00:10 <openstack> Useful Commands: #action #agreed #help #info #idea #link #topic #startvote.
03:00:12 <openstack> The meeting name has been set to 'zun'
03:00:13 <hongbin> #link https://wiki.openstack.org/wiki/Zun#Agenda_for_2016-08-16_0300_UTC Today's agenda
03:00:16 <sudipto> o/
03:00:18 <hongbin> #topic Roll Call
03:00:30 <yuanying> OTSUKA, Motohiro
03:00:31 <Wenzhi> Wenzhi
03:01:16 <hongbin> Thanks for joining the meeting sudipto yuanying Wenzhi
03:01:27 <hongbin> Pause a few more seconds for potential attendees
03:02:20 <hongbin> I know Madhuri is not able to join today
03:03:17 <hongbin> OK. Let's start
03:03:22 <hongbin> #topic Announcements
03:03:28 <hongbin> 1. I am proposing Sudipta Biswas and Wenzhi Yu to join the core team. Your feedback on the ML are welcome :).
03:03:34 <hongbin> #link http://lists.openstack.org/pipermail/openstack-dev/2016-August/101344.html
03:03:46 <hongbin> #topic Review Action Items
03:03:50 <eliqiao> hi
03:03:52 <hongbin> 1. hongbin created a BP for multi-tenancy support (DONE)
03:03:55 <hongbin> eliqiao: hey
03:04:01 <hongbin> #link https://blueprints.launchpad.net/zun/+spec/support-multi-tenancy
03:04:15 <hongbin> Thanks Wenzhi for volunteering to take this BP
03:04:19 <Wenzhi> I'll work on that
03:04:21 <yanyanhu> hi, sorry just finished another meeting
03:04:30 <Wenzhi> np :)
03:04:48 <hongbin> yanyanhu: NP. Glad that you are here :)
03:05:28 <eliqiao> does multi-tenancy support mean that we can allow mulitple container running on same host?
03:05:37 <hongbin> Wenzhi: For the multi-tenancy BP, what I normally do is to ask the owner to report status every week at the meeting
03:05:44 <hongbin> Wenzhi: Do you mind to do that?
03:05:48 <Wenzhi> sure thing
03:05:54 <hongbin> Wenzhi: thx :)
03:05:56 <Wenzhi> np
03:06:09 <hongbin> eliqiao: NO, that is different thing
03:06:25 <hongbin> eliqiao: multi-tenancy support simply means hide containers from other tenants
03:06:37 <hongbin> eliqiao: For example, in Nova, you  cannot list VMs from other tenants
03:06:44 <eliqiao> okay, seems same as magnum/nova implementation.
03:06:51 <hongbin> yes
03:07:05 <eliqiao> we need to consider more since we are containers not VMs
03:07:20 <hongbin> That is correct
03:07:21 <eliqiao> for the containers' isolation issue etc.
03:07:35 <hongbin> Yes, isolation is another thing we need to solve
03:07:35 <sudipto> from multi-tenancy per say - we would probably want to define quotas too?
03:07:54 <hongbin> sudipto: Yes, possibly
03:08:14 <hongbin> sudipto: Like how many containers a tenant can create ?
03:08:21 <sudipto> hongbin, yeah
03:08:24 <hongbin> sudipto: that would be a cool feature
03:08:42 <hongbin> definitely, it can be implemented
03:08:48 <sudipto> and then i was thinking, if we want to do a COE implementation - we probably have to have that same quota imposed in a different way for a cluster.
03:09:27 <hongbin> same quota imposed across different COEs?
03:09:46 <sudipto> cluster = sum(containers) . so that could mean two impositions, one on the level of clusters - how many clusters can a user provision + how many containers can be within in.
03:10:07 <sudipto> but both can be independent of each other.
03:10:25 <hongbin> interesting idea
03:11:18 <Wenzhi> how about different quota for clusters and  containers
03:11:29 <sudipto> and then depends on what level of exposure we have - w.r.t IPs - if we want to have quota imposed at the level of services (like k8s) - then it's a different thing vs having it on crude containers.
03:11:52 <sudipto> so yeah - i guess it deserves a ether pad discussion too IMHO.
03:12:10 <Wenzhi> I'll create that etherpad
03:12:31 <hongbin> Cool. Anything else regarding to the multi-tenancy topic?
03:12:55 <sudipto> are we aiming at segregate the COE implementation completely from the native docker APIs?
03:13:06 <Qiming> -1 to inventing a zun-specific quota management ifra
03:13:20 <sudipto> as in it's an either and or?
03:13:29 <Wenzhi> https://etherpad.openstack.org/p/zun-multi-tenancy
03:14:00 <hongbin> sudipto: My understanding is we are doing the container api now
03:14:04 <sudipto> Qiming, ideally the quota management should be at the level of keystone, however all the projects seems to have implemented their own ways of doing it right?
03:14:24 <Qiming> sudipto, check this: https://review.openstack.org/#/c/284454/
03:15:01 <sudipto> Qiming, sigh. I was involved in this effort :)
03:15:11 <sudipto> sadly i don't think it's going to fly.
03:15:37 <Qiming> it is not specific to any individual project ... if openstack doesn't provide quota management, fine, it is a cross-project thing, if there is one, it should be a cross-project solution
03:16:04 <sudipto> agreed.
03:16:09 <sudipto> however, there's none at the m moment.
03:16:13 <Qiming> right, cross-project thing is never easy ... sigh
03:16:20 <sudipto> and delimiter is not going anywhere either.
03:16:35 <sudipto> delimiter ideally should have been done as a keystone API.
03:16:46 <sudipto> However, if you want the latest status, i can get back in the next meeting with the same.
03:17:05 <Qiming> great, don't want to hijack the meeting, :)
03:17:15 <sudipto> Qiming, :) sure.
03:17:18 <eliqiao> Seems we can have a new service to deal with quota for all OpenStack service  :)
03:17:25 <Wenzhi> hha
03:17:31 <Qiming> eliqiao, +100
03:17:53 <hongbin> OK. Let's advance topic
03:18:01 <hongbin> #topic Runtimes API design (mkrai)
03:18:12 <hongbin> Madhuri is not able to attend today
03:18:22 <hongbin> However, her patches were landed
03:18:35 <hongbin> The basic runtime API was implemented
03:18:56 <hongbin> For everyone, you could try the runtime API now and feedback are welcome
03:19:21 <hongbin> Just pull the lastest server and client project
03:19:34 <sudipto> yeah, i have been trying to use it - however i was busy doing customer travels the last entire week. I am trying to build this thing in a docker container  and see how it behaves.
03:20:02 <hongbin> sudipto: great
03:20:13 <hongbin> Ideally, there is a devstack support to set everyone up
03:20:15 <eliqiao> I tried yesterday, work well to create a new container
03:20:18 <hongbin> That might come later
03:20:29 <eliqiao> filed a bug for container naming stuff.
03:20:34 <hongbin> s/everything/everyone/
03:20:38 <sudipto> eliqiao, great.
03:20:47 <eliqiao> and seems need to improve exception handling later, but we can do it evently.
03:21:27 <hongbin> OK. any other comments for this topic?
03:21:45 <hongbin> #topic Nova integration (Namrata)
03:21:48 <eliqiao> sudipto: FYI, need to run zun-compute as root or docker user because zun-compute uses unix socket to talk with docker daemon
03:21:53 <hongbin> #link https://blueprints.launchpad.net/zun/+spec/nova-integration The BP
03:21:57 <hongbin> #link https://etherpad.openstack.org/p/zun-containers-nova-integration The etherpad
03:22:27 <sudipto> eliqiao, alright, thanks!
03:22:47 <hongbin> It looks Mamrata is not here
03:23:01 <hongbin> However, I saw a spec was uploaded
03:23:19 <hongbin> #link https://review.openstack.org/#/c/354553/
03:24:29 <hongbin> I looked thought the spec. It looks more details need to be filled at the implementation session
03:25:00 <hongbin> Let's work with Namrata offline in this regards
03:25:14 <hongbin> #topic Container image store
03:25:20 <hongbin> #link https://blueprints.launchpad.net/zun/+spec/glance-integration
03:25:55 <hongbin> This is the BP about a docker image store solution
03:26:34 <hongbin> So far, there is not too much information there
03:26:50 <hongbin> The general idea is to use Glance as contaienr image store
03:27:13 <eliqiao> can flwang provide some advanced information from glance?
03:27:20 <hongbin> The difficulty is that Glance don't support layer of images so far
03:27:51 <hongbin> I and flwang talked to the Glance PTL before
03:28:10 <hongbin> It seems it will take a while to land the image layer support in Glance
03:28:34 <eliqiao> do we need to hard depend on glance?
03:28:51 <hongbin> eliqiao: there are alternatives though
03:29:09 <hongbin> eliqiao: which is using docker registry
03:29:29 <hongbin> eliqiao: The dackback is the multi-tenancy support is week at docker registry
03:30:15 <hongbin> A third soluation is to implement a private docker registry API as a service
03:30:47 <hongbin> Maybe we could brainstorm all the ideas in an etherpad
03:31:16 <eliqiao> +1
03:31:16 <hongbin> #action hongbin creates an etherpad to brainstorm ideas for container image store solution
03:31:29 <sudipto> +1
03:31:45 <hongbin> Any other comments / remarks ?
03:32:20 <hongbin> OK. Then, let's start the open discussion
03:32:25 <hongbin> #topic Open Discussion
03:33:17 <hongbin> sudipto: what do you think about the image store solution?
03:34:13 <sudipto> hongbin, i would think that - we should not invest too much time in dependency resolution for other projects - which in this case is glance. It's easier to go with a private docker registry for starts and build the support around it.
03:34:45 <hongbin> sudipto: I see
03:35:06 <sudipto> because, building this support in glance is a different beast all together. It would also depend on that project's maintainership headache - how comfortable they are with this etc.
03:35:23 <sudipto> and that would slow down our goals.
03:35:31 <hongbin> That is true
03:35:56 <hongbin> If it is not done in Glance, it seems we need to implement one?
03:36:13 <hongbin> and skip Glance?
03:36:24 <Wenzhi> we can build our own first
03:36:51 <sudipto> i believe you had a talk with Nikhil?
03:36:58 <hongbin> Yes, I had
03:37:06 * nikhil lurks
03:37:13 <hongbin> nikhil: hey
03:37:18 <nikhil> o/
03:37:18 <sudipto> nikhil, glad to see you?
03:37:24 <sudipto> s/?/!
03:37:28 <nikhil> ha :)
03:37:35 <nikhil> right back at'ya
03:37:46 <sudipto> nikhil, your valuable inputs would help us here :)
03:38:08 <nikhil> you guys planning this for newton?
03:38:11 <nikhil> or ocata?
03:38:23 <hongbin> nikhil: there is no specific deadline
03:38:46 <nikhil> hongbin: I would definitely love to see the requirements list for you guys
03:39:22 <nikhil> hongbin: I am not sure atm to advice either way. The depenency mgmt is something that can be handled by glare
03:39:24 <hongbin> nikhil: you want we list hte requirements here or send it in the ML?
03:39:34 <nikhil> hongbin: a spec would be nice
03:39:45 <hongbin> nikhil: ack
03:39:53 <nikhil> (or a BP if you use that)
03:40:06 <hongbin> sure
03:40:38 <hongbin> nikhil: Thanks for the guidance :)
03:40:42 <sudipto> so nikhil, you basically want us to list down - what we need from the image management project right?
03:40:51 <sudipto> (just to be sure)
03:41:11 <nikhil> hongbin: tbh, I wouldn't recommend a separate solution currently .. because there are many cases where it will become difficult. But best to discuss the details of "whys" and "whats"
03:41:16 <nikhil> sudipto: yeah
03:41:41 <sudipto> ok i should re-visit the task - i was supposed to do with you - around 2 months back :)
03:41:49 <nikhil> ++
03:41:54 <hongbin> nikhil: get that
03:42:04 <nikhil> we can start with an etherpad and then go to spec if that's what you guys prefer
03:42:35 <hongbin> sure
03:43:49 <hongbin> OK. Looks like nobody else has other topics to discuss?
03:44:09 <hongbin> Then, we can end the meeting earlier
03:44:29 <hongbin> All, thanks for joining the meeting today
03:44:32 <hongbin> #endmeeting