#openstack-meeting log

03:00:13 <hongbin> #startmeeting zun
03:00:14 <openstack> Meeting started Tue Sep 27 03:00:13 2016 UTC and is due to finish in 60 minutes.  The chair is hongbin. Information about MeetBot at http://wiki.debian.org/MeetBot.
03:00:15 <openstack> Useful Commands: #action #agreed #help #info #idea #link #topic #startvote.
03:00:17 <openstack> The meeting name has been set to 'zun'
03:00:19 <hongbin> #link https://wiki.openstack.org/wiki/Zun#Agenda_for_2016-09-27_0300_UTC Today's agenda
03:00:24 <hongbin> #topic Roll Call
03:00:33 <mkrai> Madhuri Kumari
03:00:36 <Namrata> Namrata
03:00:38 <shubhams_> shubham j
03:00:40 <Wenzhi> Wenzhi
03:00:41 <adisky> Aditi
03:00:58 <yanyanhu> hi, yanyan is here
03:01:22 <hongbin> Thanks for joining the meeting mkrai Namrata shubhams_ Wenzhi adisky yanyanhu
03:01:27 <hongbin> #topic Announcements
03:01:34 <hongbin> 1. I was told that Zun team could have 2 workroom session at Friday 9:00 - 10:30. Need to confirm if we need it.
03:01:50 <hongbin> Unfortuntely the time is conflicts with Senlin and Magnum
03:02:07 <hongbin> I am not sure if we can take the offer
03:02:28 <mkrai> Depends on if other developers are making it to summit
03:02:34 <hongbin> A question for you guys. How many of you will travel to Barcelona?
03:02:46 <mkrai> I am not coming
03:02:49 <yanyanhu> still not sure about it
03:02:50 <Namrata> I am coming
03:02:51 <adisky> i also
03:02:57 <Wenzhi> i am not coming
03:03:17 <hongbin> ok
03:03:40 <hongbin> take it? return it?
03:03:50 <hongbin> sudipto: hey
03:03:56 <mkrai> hongbin: You will not be available for this?
03:04:06 <sudipto> hongbin, hello
03:04:13 <hongbin> mkrai: I might
03:04:18 <sudipto> sorry a bit late.
03:04:24 <hongbin> sudipto: np
03:04:44 <hongbin> sudipto: we are discussing the Zun team could have session in design summit
03:04:54 <flwang1> session?
03:04:59 <sudipto> hongbin, sigh! I am not gonna be able to make it :(
03:05:01 <hongbin> the time is 9:00 - 10:30 friday
03:05:04 <flwang1> or a team lunch? :D
03:05:15 <hongbin> flwang1: workroom session
03:05:26 <flwang1> hongbin: cool
03:05:29 <hongbin> sudipto: bummper
03:05:34 <flwang1> sudipto: oh no
03:06:02 <hongbin> flwang1: it looks most of us are not able to join (the time is conflicts with other sessions)
03:06:25 <flwang1> hongbin: then how about at least a team lunch?
03:06:26 <sudipto> :(
03:06:32 <hongbin> flwang1: sure :)
03:06:39 <yanyanhu> flwang1, +1 :)
03:06:43 <sudipto> with the hope, that i will make it on the next one.
03:07:25 <hongbin> ok, will think about the design summit session
03:07:35 <hongbin> move to the next topic
03:07:39 <hongbin> #topic Review Action Items
03:07:45 <hongbin> 1. adisky investigate how to support interactive mode to enter container
03:07:52 <hongbin> adisky: ^^
03:08:03 <adisky> yes, i have investigated...
03:08:48 <hongbin> adisky: any finding?
03:09:03 <adisky> there is no option for stdin available on docker python API
03:09:22 <hongbin> i see
03:09:51 <hongbin> adisky: do they willing to add support for it?
03:10:06 <adisky> however it is possible if we directly make request via docker REST API
03:10:31 <hongbin> i see
03:10:37 <adisky> for python support, i need to ask..
03:10:49 <hongbin> ok
03:10:56 <hongbin> thanks adisky
03:11:06 <shubhams_> I am wondering if docker-py has that ( we are using it in docker driver as well)
03:11:58 <hongbin> shubhams_: the python API adisky mentioned is docker-py (i think)
03:11:58 <sudipto> i do something, though need to find out more: https://github.com/docker/docker-py/blob/e15ba7400a457ea7b605d08131eb0148c3f7528f/docker/api/exec_api.py#L28
03:12:08 <adisky> shubhams_ if you have any idea on that...then we can together implement the blueprint
03:12:14 <sudipto> *see
03:12:31 <shubhams_> hongbin , adisky : ok
03:12:47 <shubhams_> suipto: yea I was talking on the same
03:13:23 <hongbin> then, it looks it is possible
03:13:39 <adisky> thnx sudipto...may be they have not added into the document, or i may be looking to an older version..
03:14:24 <sudipto> let's assume this works, would you then recommend using VNC or something to show it remotely?
03:14:27 <adisky> if it is there it seems possible, i will do further investigation this week also..
03:15:06 <hongbin> sudipto: the VNC needs to be implemented in zun-ui
03:15:21 <adisky> ya, we also need to figure out how to catch the stream returned by docker...
03:15:21 <hongbin> (if we decided to do this)
03:15:25 <sudipto> yeah - i mean, is it something like VNC that we want to use?
03:15:29 <kevinz> o/
03:15:45 <hongbin> sudipto: i think it is a good idea
03:15:46 <kevinz> sorry for joining late :D
03:15:51 <hongbin> kevinz: welcome
03:16:01 <hongbin> kevinz: np
03:16:03 <sudipto> Albite, i think it would be possible then..
03:16:05 <kevinz> hongbin: Thanks
03:16:24 <hongbin> ok, let's advance topic
03:16:28 <sudipto> adisky, do follow a project called kinematic - you aren't already aware...
03:16:36 <sudipto> *kitematic
03:16:50 <adisky> ok sudipto,  thnx
03:17:09 <hongbin> #link https://kitematic.com/
03:17:24 <hongbin> #topic Nova integration (Namrata)
03:17:30 <hongbin> Namrata: ^^
03:18:40 <Namrata> as earlier discussed i want to discuss the sudipto's comments
03:18:53 <Namrata> According to sudipto comment, there were 2 points that needs to be addressed.
03:19:04 <Namrata> 1. We should keep minimal workflow impact
03:19:26 <Namrata> 2. need a good solid argument over how the nova lifecycle will map against the container lifecycle as a part of this spec
03:19:51 <Namrata> To answer point one, I feel there is nothing we can do with nova worflow but of course we can try to remove atleast one flow in zun
03:20:46 <Namrata> that is if the req is from nova directly send it to zun-compute rather than sending to zun-scheduler as we will already have host info recieved from nova
03:22:57 <hongbin> Namrata: i think sudipto 's point is that nova-docker already provides functionality to drive docker containers via nova api
03:23:32 <hongbin> Namrata: the question is if Zun should do something that is duplicated with nova-docker.
03:23:53 <hongbin> sudipto: is that your concern?
03:24:01 <sudipto> hongbin, yeah that's one of them.
03:24:26 <sudipto> but honestly, i don't want to be a blocker for this spec.
03:24:39 <hongbin> ok
03:24:49 <mkrai> We have had discussion on this that we want this bp
03:24:59 <sudipto> If you feel it's necessary to do - and deal with the consequences later, then so be it :)
03:25:36 <hongbin> Namrata: it looks everything is clear now. you are ready to go
03:26:06 <Namrata> okay thanks
03:26:31 <hongbin> ok, i will review the spec again, if no problem, will approve it
03:26:41 <hongbin> Namrata: thanks for working on the specs
03:26:45 <Namrata> I have updated the specs
03:26:55 <hongbin> #topic Container image store (mkrai)
03:27:01 <hongbin> #link https://blueprints.launchpad.net/zun/+spec/glance-integration
03:27:02 <Namrata> hongbin thanks
03:27:07 <hongbin> #link https://etherpad.openstack.org/p/zun-container-image
03:27:12 <hongbin> mkrai: ^^
03:27:20 <mkrai> Last week I submitted a patch to support glance in zun
03:27:36 <mkrai> https://review.openstack.org/#/c/374668/
03:28:10 <mkrai> This week I will implement the support to use glance as image repo in zun
03:28:22 <hongbin> cool
03:28:28 <mkrai> shubhams_ is working on the image resource
03:28:45 <mkrai> shubhams_ would you like to update on your work?
03:29:09 <shubhams_> yeah, I am using docker-py's native api for this. I hope thats ok to use
03:30:03 <mkrai> This mean we are going to add new resource in zun /v1/images
03:30:14 <shubhams_> mkrai: yes
03:30:28 <hongbin> sound good
03:30:31 <mkrai> Perform various action on images that we are using
03:30:41 <sudipto> mkrai, i would like to review this one for sure
03:30:54 <mkrai> Thanks sudipto
03:31:06 <shubhams_> sudipto:  thanks
03:31:22 <mkrai> That's all I guess from us :)
03:31:37 <hongbin> thanks mkrai shubhams_
03:31:45 <hongbin> next one
03:31:46 <hongbin> #topic Container network (hongbin)
03:31:52 <hongbin> #link https://blueprints.launchpad.net/zun/+spec/neutron-integration The BP
03:32:00 <hongbin> #link https://review.openstack.org/#/c/365754/ The proposed spec
03:32:30 <hongbin> i have update the spec to address comments
03:32:49 <sudipto> hongbin, i had a chat with mkrai on this yesterday - i wanted to understand a few things...
03:32:50 <hongbin> now, it has 2 +2, the feedback looks positive so far
03:32:57 <hongbin> sudipto: sure
03:33:28 <sudipto> basically, when we are saying networking to the containers - docker-py would natively provide the NAT interface inside the containers for them to uplink right?
03:33:41 <sudipto> (I couldn't exec into any of the zun containers, hence asking)
03:34:20 <hongbin> sudipto: i am thinking it is the nova-docker solution
03:34:44 <sudipto> the nova-docker solution is the one I am talking about you mean?
03:35:02 <hongbin> sudipto: i am not sure the one you are talking about :)
03:35:22 <sudipto> well so when you provision a container using docker, by default they are created on docker0
03:35:29 <sudipto> and it has a NAT interface inside the container.
03:35:34 <sudipto> I am talking about that.
03:35:47 <sudipto> The 3 types of networking that docker already provides us.
03:36:04 <sudipto> #link: https://docs.docker.com/engine/userguide/networking/
03:36:26 <Wenzhi> sudipto: right
03:36:30 <hongbin> i think nova-docker is working on a different way (although i am not sure)
03:36:41 <sudipto> I am not thinking of nova-docker at all :-)
03:37:17 <sudipto> I am just wondering - if we are not doing container orchestration in our first pass - why are we not thinking about exposing the containers just by port numbers on the host?
03:37:58 <hongbin> sudipto: i think this is good for container-in-vm use cases
03:38:10 <hongbin> sudipto: for compute host, i am not sure if it is a good idea
03:38:51 <sudipto> hongbin, ok - this goes back to the container console discussion we just had a while back - the logs would be exposed via a compute host port right?
03:39:37 <hongbin> sudipto: i guess yes
03:39:58 <hongbin> sudipto: however, that is under management network
03:40:21 <sudipto> since necessarily you would never want to 'login' to a container - most likely - you would expose a 'service' - and the 'service' should have the sandbox networking i suppose?
03:40:47 <sudipto> but that created a conflict in my thoughts, when i realised that we aren't speaking of services as yet? Maybe i am wrong... :)
03:41:08 <hongbin> container as a service , it is right
03:41:43 <sudipto> Ok I know - when we do the orchestration bit, we will have to do something like this. I just didn't know the time is now :)
03:43:12 <hongbin> sudipto: i tried to understand your concern, but it seems i didnt' :)
03:43:26 <sudipto> leave it :) i will put my thoughts on the spec :)
03:43:37 <hongbin> sudipto: ok
03:43:39 <shubhams_> hongbin: can you explain " container-in-vm use cases" ? is it like havin zun containers in a nova provisoned vm ?
03:44:10 <hongbin> shubhams_: container-in-vm use case is running containers on Nova instances
03:44:37 <hongbin> shubhams_: another use case is container-in-compute-host
03:44:42 <shubhams_> Why do you think that docker network drivers can't support it  or how having sanbox will be an advantage over it?
03:45:17 <shubhams_> I am trying to understand your view point ..  so my questions
03:45:35 <hongbin> a sandbox is an abstraction
03:45:47 <hongbin> how to implement it depends on the driver
03:46:22 <hongbin> for docker network drivers, i am not sure
03:47:10 <shubhams_> FYI : I am sure that docker network driver works well inside vm as well
03:47:14 <hongbin> shubhams_: i think the point is to connect containers to neutron, which is the feature provided by zun
03:47:40 <hongbin> shubhams_: then, neutron integration is the problem
03:47:53 <sudipto> connect containers to neutron for?
03:48:09 * sudipto asks a silly question, he knows
03:48:15 <hongbin> sudipto: for eliminating overlay, use security group
03:48:17 <hongbin> etc.
03:48:32 <sudipto> is there really a need for security groups for containers?
03:48:48 * sudipto also worries that hongbin will get furious at him now - because it's super late for him.
03:49:12 <hongbin> i am not sure
03:49:26 <sudipto> containers would expose ports that it wants
03:49:30 <hongbin> but if it is not neutron, i couldn't think of anything else
03:49:48 <sudipto> it wouldn't expose all the ports - like VMs - that you need a security group for.
03:50:03 <sudipto> unless i am short sighted.
03:50:08 <hongbin> sudipto: ok, get your point
03:50:53 <sudipto> let's talk more on the spec ...
03:51:05 <hongbin> sudipto: ok :)
03:51:46 <hongbin> any other comment?
03:52:09 <hongbin> #topic Open Discussion
03:52:16 <hongbin> 1. Zun team meetup at Barcelona
03:52:30 <sudipto> Send me a selfie or something :)
03:52:47 <hongbin> :)
03:53:04 <hongbin> flwang1 proposed to have a team lunch/dinner at a time
03:53:32 <hongbin> want to have a team lunch ?
03:53:56 <hongbin> this question is for people who will be at the summit
03:54:29 <hongbin> silent ...
03:54:34 <mkrai> adisky: Namrata are you guys interested
03:54:40 <Namrata> yes i am
03:54:45 <flwang1> i will be there
03:54:49 <adisky> i wont be at submit
03:55:24 <hongbin> it looks flwang1 and Namrata and me: three people
03:55:33 <hongbin> i know Qiming will be there as wel
03:55:39 <hongbin> four people
03:55:45 <hongbin> want to pick a date?
03:56:28 <hongbin> ok, let's discuss it offline
03:56:37 <Namrata> okay
03:56:44 <hongbin> any other question?
03:56:55 <hongbin> sorry, any other topic to discuss?
03:57:32 <hongbin> all, thanks for joining the meeting
03:57:38 <hongbin> see you next time
03:57:41 <hongbin> #endmeeting