03:00:16 #startmeeting zun 03:00:17 Meeting started Tue Aug 23 03:00:16 2016 UTC and is due to finish in 60 minutes. The chair is hongbin. Information about MeetBot at http://wiki.debian.org/MeetBot. 03:00:18 Useful Commands: #action #agreed #help #info #idea #link #topic #startvote. 03:00:20 The meeting name has been set to 'zun' 03:00:21 #link https://wiki.openstack.org/wiki/Zun#Agenda_for_2016-08-23_0300_UTC Today's agenda 03:00:26 #topic Roll Call 03:00:33 o/ 03:00:34 hi 03:00:38 namrata 03:00:59 Madhuri Kumari 03:01:48 Thanks for joining the meeting sudipto eliqiao Namrata mkrai 03:02:13 Wenzhi sent a message to me that he won't attend this time 03:02:24 Let's start 03:02:35 #topic Announcements 03:02:48 1. Welcome Sudipta Biswas and Wenzhi Yu to the core team 03:03:11 Thanks sudipto and wenzhi for the contribution 03:03:13 Thank you everyone who voted! 03:03:19 Congrats sudipto Wenzhi. Welcome to the team:) 03:03:22 yeah 03:03:33 #topic Review Action Items 03:03:39 1. hongbin creates an etherpad to brainstorm ideas for container image store solution (DONE) 03:03:44 #link https://etherpad.openstack.org/p/zun-container-image 03:04:06 Want to work on the etherpad or do it as a homework? 03:04:42 Let's take it the end after we finish the rest of the discussion 03:04:52 sure 03:05:00 #topic Runtimes API design (mkrai) 03:05:07 #link https://blueprints.launchpad.net/zun/+spec/api-design The BP 03:05:11 #link https://etherpad.openstack.org/p/zun-containers-service-api The etherpad 03:05:16 #link https://etherpad.openstack.org/p/zun-containers-service-api-spec The spec 03:05:34 I think the basic of the runtime API is there 03:05:48 We now have the docker APIs running. 03:05:49 Thanks mkrai for the hard work 03:05:59 I hope rest of the team have tried :) 03:06:00 Yes 03:06:09 Thanks to you too hongbin :) 03:06:16 welcome 03:06:22 good work mkrai. thanks. 03:06:38 Thanks eliqiao 03:06:57 For now, I think it is a good time for everyone to try the API 03:07:03 and enhance it 03:07:29 For example, I am thinking if we should add support for interacive mode 03:07:36 Actually, I am thinking to add tempest api cases and enable it in gate 03:07:42 Like, docker -it busybox 03:07:50 eliqiao, that'd be great. 03:08:05 Yes, that would be great 03:08:08 Yeah, I am in the process of trying it out - however I am struggling with a few things on the start up doc - i hope to find a solution to it today. 03:08:29 Like i told in the group before, i am trying to create a very quick bootstrap env for the developers to try out zun 03:08:46 sudipto: I guess the easier way is devstack 03:09:10 sudipto: however, ping me if you want any help though 03:09:20 yeah for now - for sure. But hopefully once i am through you can evaluate this option too. 03:09:43 as a part of that - i have created 2 containers - 1. mysql 2. rabbit + keystone. and a 3rd container with a privileged mode to run zun 03:10:03 while on the 3rd container - i have some minor issues, that will hope to sort out today. 03:10:18 The docs probably need a refresh too - i mean the startup doc 03:10:29 #link: https://github.com/openstack/higgins/blob/master/doc/source/dev/quickstart.rst 03:10:33 Yes, it possibly needs 03:10:46 It hasn't been updated for a while 03:11:10 sudipto: as usual, just ping hte channel if you need any help 03:11:12 Sure i will do that. 03:11:33 mkrai, i might need some time of yours today - if you are free for sometime. 03:11:49 Sure sudipto 03:12:14 OK. Let's advance topic 03:12:22 #topic Nova integration (Namrata) 03:12:28 #link https://blueprints.launchpad.net/zun/+spec/nova-integration The BP 03:12:35 #link https://etherpad.openstack.org/p/zun-containers-nova-integration The etherpad 03:12:51 Namrata: ^^ 03:12:56 hi. 03:13:33 i was on holiday for last week so unable to updat the patch 03:13:37 i will do this week 03:13:49 Namrata: get that 03:14:04 Namrata: anything you need from the team so far? 03:14:52 i see some good comments on patch 03:15:12 i will ping on irc if i need anything 03:15:28 Namrata: awesome 03:15:43 Thanks Namrata 03:15:50 Next one 03:15:55 #topic Container image store 03:16:03 thanks everbody for reviewing 03:16:14 #link https://etherpad.openstack.org/p/zun-container-image 03:16:33 Want to discuss the container image now? 03:17:02 My vote is for Yes. 03:17:10 Maybe I pause for a few minutes for you to read though the etherpad 03:17:17 sudipto: Yes for? 03:17:23 As in - let's discuss a bit 03:17:36 ok 03:17:47 There is no perfect solution as of now 03:18:10 DO we want to support 'building' of images? 03:18:17 via a zun API? 03:18:41 sudipto: what is your opinion about that? 03:19:39 basically that would help us answer the image management question better. 03:20:14 I haven't used the APIs yet - but how do we select a image now to run a container? 03:20:25 from zun i mean 03:20:29 It pull it from docker hub 03:20:39 It now downloads from docker hub 03:20:48 Ok - so basically it creates a image cache on the local host 03:20:57 for the next 'run' 03:20:59 right? 03:21:01 yes 03:21:19 Ok that workflow works for all public images 03:21:43 However, there's no way to segregate these images via tenant isolation. 03:21:58 No, there is not 03:22:21 so when we say glance/glare support - we are basically cutting off from docker hub completely? 03:22:28 We need a multi-tenant image store 03:22:47 sudipto: Not necessary 03:23:00 let's say i have the images in glance. A docker run - then would get the images from glance right? 03:23:01 We should keep it configurable I think so 03:23:09 Yes 03:23:22 Get it from Glance first, 03:23:23 Can we really do that? 03:23:32 If not there, get it from docker hub 03:24:06 as in a docker run would want to boot from the local cache eventually by either docker pull or if it's cached - then just reading it from there. 03:24:26 so do you expect glance to do something like a docker pull? 03:24:40 There is a solution though 03:24:40 as in zun does a docker pull from glance 03:24:52 1. store docker image as a tar file 03:25:02 2. pull hte tar file from Glance 03:25:13 3. docker import xxx.tar 03:25:29 Then, the tar file is extracted to localhost 03:25:33 ok 03:26:01 I guess this is the nova-docker solution? 03:26:18 yeah that's how nova docker should have worked. 03:26:32 Even though i haven't used it. 03:26:44 The disadvange is the layer of image is not supported 03:26:53 you mean every pull is a fresh pull 03:26:57 since there is a tar file, no layer 03:27:12 Yes, every pull is a full pull 03:27:16 no layer 03:27:30 i guess it needs us to also consider what storage driver is supported on the host 03:27:33 which docker does for us now. 03:27:45 https://docs.docker.com/engine/userguide/storagedriver/selectadriver/ 03:28:14 So if the host is X - it might have a storage driver Y - and similarly a different combination for another host. 03:28:19 docker export/import is indepedent of storage driver I think 03:28:29 no no - i am not talking about that. 03:28:45 I am probably jumping the gun and looking at glance or something else outside of docker supporting image layering 03:28:59 ok 03:29:21 my point being, if we put it outside of docker - the software which would eventually store this image - would have to be aware of the storage driver - no? 03:29:48 My guess is no 03:29:50 maybe not. 03:30:09 since docker has a way to import/expose images as I mentioned 03:30:35 Ok i was talking about running 2 containers with the same image - with a union filesystem backing on a host. 03:30:48 docker i guess should be able to take care of that - post we have downloaded the image. 03:31:15 I will write my thoughts on your ether pad hongbin :) 03:31:20 and have a discussion on the IRC channel. 03:31:25 sure 03:31:31 Sorry got disconnected 03:31:51 mkrai: we were talking about docker image for different storage driver 03:32:15 Okay 03:32:45 sudipto is writing on the etherpad. Let's check how he write 03:36:14 hongbin: How can we commit to a image in localhost? 03:36:32 there is a docker commit command 03:36:54 we can add support for that in zun 03:39:02 I feel we can support both - the docker registry or glance 03:39:11 glance comes in with being slow 03:39:19 while docker registry comes with no multi-tenancy 03:39:24 at this time of the writing. 03:39:39 sudipto: could we have both 03:39:48 sudipto: glance and docker hub 03:39:59 glance and docker hub won't be possible i think 03:40:21 or we can introduce a API flag - that would either get it from glance or from docker hub - based on what the user wants. 03:40:47 sudipto: we could get it from glance first, if not there, get it from docker hub 03:41:08 yeah - and possibly get it from docker hub into glance - would be the ideal behaviour then 03:41:37 an alternative is to introduce a flag 03:41:47 zun run --> look up glance --> not there --> try from docker hub --> image found --> download to glance --> download to the localhost --> boot the container. 03:41:50 zun pull busybox (get it from glance) 03:42:05 zun pull docker.io/busybox (get it from docker hub) 03:42:28 sudipto: you mean private docker registry. Right? 03:42:36 mkrai, no 03:42:48 private docker registry is another option all together 03:42:52 that would not need glance. 03:43:12 We should consider the case, not all users might have internet access 03:43:33 basically IMO - we should have one place for zun to get images from - be it local docker registry or glance or docker hub or xyz 03:44:05 that could be a tenant setting? 03:44:19 sudipto: could be a config 03:44:32 hongbin, per host config? 03:44:45 maybe per zun 03:44:47 or zun wide? 03:44:52 ok 03:45:31 ok if you basically want multi-tenancy - set zun to use glance. 03:46:14 sounds good 03:47:00 great. 03:47:13 maybe we could write down the proposal to the etherpad 03:47:20 Sure i will do that. 03:47:23 Then, let the team revisit it next meeting 03:47:24 and exchange it over ML? 03:47:32 or not needed? 03:47:34 yes, ML could work as well 03:47:36 Either works 03:47:46 I am just thinking ML might get some glance/glare folks interested. 03:48:10 Yes good point 03:48:18 nothing to loose kinda situation :) 03:48:40 OK 03:48:49 Get to ether pad - discuss and then once we have consensus - send to ML 03:49:00 k 03:49:16 Then, let's advance topic 03:49:26 #topic Multi-tenancy (Wenzhi Yu) 03:49:31 #link https://blueprints.launchpad.net/zun/+spec/support-multi-tenancy 03:49:37 Wenzhi cannot attend the meeting today, but he left me a message for the status 03:49:43 (Wenzhi): I submitted patch "Load wsgi apps with paste.deploy" 03:49:49 (Wenzhi): https://review.openstack.org/#/c/357615/ . The patch has already landed. 03:49:54 (Wenzhi): With this patch, we can now group the containers by tenants -- to each tenant, containers in other tenants are invisible. 03:50:00 (Wenzhi): If folks may have comments about this bp, please ask them to leave their comments on this etherpad https://etherpad.openstack.org/p/zun-multi-tenancy 03:50:05 (Wenzhi): I will read and address them later. 03:50:12 great 03:50:33 cool 03:50:43 #topic Open Discussion 03:51:26 We should now start on some documentation 03:51:35 It will attract some develops 03:51:48 s/develops/developers/ 03:51:49 Yes, the quickstart guide need to enhance 03:51:49 mkrai, totally agreed. 03:52:05 Let's create a bug for that 03:52:05 we need to expand base :) 03:52:20 hongbin: Can we create architeture diagram now 03:52:33 #action hongbin create a bug for enhancing the quickstart guide 03:52:36 I guess we have the base ready 03:53:04 I will create architecture diagram 03:53:11 mkrai, count me in 03:53:13 mkrai: there is one though 03:53:17 #link https://etherpad.openstack.org/p/zun-container-state-management 03:53:17 And try to write some information 03:54:37 I will take this as reference 03:54:47 ok 03:54:55 I want to create a doc that is short introduction to Zun 03:55:04 for sure 03:55:36 I get some pings asking for introduction of Zun 03:56:01 I want to avoid answering everytime ;) 03:56:11 oh, from who? 03:56:16 your manager? 03:56:42 Some developers from community and manager too 03:56:48 cool 03:57:02 lol 03:57:27 OK. Let's wrap up the meeting a bit earlier 03:57:34 Ok 03:57:39 and discuss in the IRC channel 03:57:41 Thanks all :) 03:57:44 All, thanks for joining hte meeting 03:57:47 #endmeeting