| *** toddjohn has joined #openstack-app-catalog | 00:15 | |
| *** toddjohn has quit IRC | 00:20 | |
| *** kzaitsev_mb has quit IRC | 00:46 | |
| *** kzaitsev_mb has joined #openstack-app-catalog | 01:43 | |
| *** toddjohn has joined #openstack-app-catalog | 01:47 | |
| *** toddjohn has quit IRC | 01:51 | |
| *** kzaitsev_mb has quit IRC | 02:19 | |
| *** toddjohn has joined #openstack-app-catalog | 02:48 | |
| *** toddjohn has quit IRC | 02:52 | |
| *** kzaitsev_mb has joined #openstack-app-catalog | 03:16 | |
| *** kzaitsev_mb has quit IRC | 03:21 | |
| *** toddjohn has joined #openstack-app-catalog | 03:50 | |
| *** toddjohn has quit IRC | 03:54 | |
| *** kzaitsev_mb has joined #openstack-app-catalog | 04:17 | |
| *** kzaitsev_mb has quit IRC | 04:22 | |
| *** toddjohn has joined #openstack-app-catalog | 04:50 | |
| *** toddjohn has quit IRC | 04:55 | |
| *** pcaruana has quit IRC | 05:03 | |
| *** kzaitsev_mb has joined #openstack-app-catalog | 05:18 | |
| *** kzaitsev_mb has quit IRC | 05:23 | |
| *** kzaitsev_mb has joined #openstack-app-catalog | 06:19 | |
| *** kzaitsev_mb has quit IRC | 06:24 | |
| *** pcaruana has joined #openstack-app-catalog | 06:38 | |
| *** toddjohn has joined #openstack-app-catalog | 06:52 | |
| *** toddjohn has quit IRC | 06:56 | |
| *** kzaitsev_mb has joined #openstack-app-catalog | 07:20 | |
| *** kzaitsev_mb has quit IRC | 07:25 | |
| *** kzaitsev_mb has joined #openstack-app-catalog | 08:21 | |
| *** kzaitsev_mb has quit IRC | 08:26 | |
| *** toddjohn has joined #openstack-app-catalog | 08:53 | |
| *** kzaitsev_mb has joined #openstack-app-catalog | 08:56 | |
| *** toddjohn has quit IRC | 08:58 | |
| *** kzaitsev_mb has quit IRC | 09:36 | |
| *** sskripnick has joined #openstack-app-catalog | 10:13 | |
| *** kebray has quit IRC | 10:25 | |
| *** kebray has joined #openstack-app-catalog | 10:37 | |
| *** kzaitsev_mb has joined #openstack-app-catalog | 10:42 | |
| *** toddjohn has joined #openstack-app-catalog | 10:54 | |
| *** toddjohn has quit IRC | 10:59 | |
| *** pcaruana has quit IRC | 11:06 | |
| *** pcaruana has joined #openstack-app-catalog | 11:07 | |
| *** kzaitsev_mb has quit IRC | 11:39 | |
| *** toddjohn has joined #openstack-app-catalog | 11:48 | |
| *** toddjohn has quit IRC | 12:06 | |
| *** toddjohn has joined #openstack-app-catalog | 12:07 | |
| *** toddjohn has quit IRC | 12:11 | |
| *** kzaitsev_mb has joined #openstack-app-catalog | 12:31 | |
| *** toddjohn has joined #openstack-app-catalog | 12:57 | |
| *** spzala has joined #openstack-app-catalog | 14:10 | |
| *** spzala has quit IRC | 14:15 | |
| *** spzala has joined #openstack-app-catalog | 14:15 | |
| *** spzala has quit IRC | 14:16 | |
| *** spzala has joined #openstack-app-catalog | 14:16 | |
| *** kragniz has quit IRC | 15:00 | |
| *** kebray has quit IRC | 15:03 | |
| *** kebray has joined #openstack-app-catalog | 15:05 | |
| *** toddjohn has quit IRC | 15:16 | |
| *** toddjohn has joined #openstack-app-catalog | 15:20 | |
| *** toddjohn has quit IRC | 15:25 | |
| *** toddjohn has joined #openstack-app-catalog | 15:35 | |
| *** kzaitsev_mb has quit IRC | 16:06 | |
| *** kzaitsev_mb has joined #openstack-app-catalog | 16:08 | |
| openstackgerrit | Sergey Skripnick proposed openstack/app-catalog: [wip] Glare v1.0 API https://review.openstack.org/337633 | 16:08 |
|---|---|---|
| *** pcaruana has quit IRC | 16:11 | |
| sskripnick | docaedo around? Your opinion needed | 16:11 |
| docaedo | sskripnick: hey there, I'm around | 16:12 |
| sskripnick | great | 16:12 |
| sskripnick | the question is should we let Glare listen on subdomain, and let client to send queries directly to Glare | 16:13 |
| sskripnick | additional info like user comments, stars etc can be obtained by querying app catalog api | 16:13 |
| sskripnick | https://review.openstack.org/#/c/337633/14/API.rst | 16:13 |
| sskripnick | docaedo ^ here is some thoughts on app catalog API | 16:14 |
| sskripnick | btw current implementation is working with Glare directly | 16:14 |
| kzaitsev_mb | I'd vote for having app.catalog.org/api/v2/artifacts routed to glare, app.catalog.org/api/v2/{comments,assets,votes,etc} handeled by app cat python code | 16:15 |
| docaedo | sskripnick: I'm taking a look now, but I think having glare listen on a subdomain seems reasonable, though the app catalog should always defer to it's own API so it's not permanently tied to glare | 16:15 |
| kzaitsev_mb | I don't like the idea of exposing direct glare API (at the very least for security reasons) | 16:15 |
| docaedo | kzaitsev_mb: I think that was always the plan actually, glad you are reminding me :) I also don't understand why we would need/want to expose glare directly? | 16:16 |
| kzaitsev_mb | but we can have a glare.a.o.o subdomain, that has glare api itself if that is needed by someone | 16:16 |
| sskripnick | ok i agreed with not be tied to glare | 16:17 |
| docaedo | What is the case where someone would need to access glare directly? | 16:17 |
| kzaitsev_mb | also you would still have the "almost direct" access to glare anyway | 16:17 |
| sskripnick | this is not literally needed, but there is some overhead | 16:17 |
| kzaitsev_mb | my guts tell me that in case there would be a security vulnerability with some part of the API — it's better to have a thin proxy in front of it to patch it fast and prevent anyone from accessing the api directly | 16:19 |
| sskripnick | we can fix issue in Glare in the same way | 16:19 |
| sskripnick | and it better to fix it in Glare, not in proxy | 16:20 |
| kzaitsev_mb | sskripnick: it's not always easy to fix a security issue. having a way to restrice access to some part of the API seems favorable to me | 16:20 |
| kzaitsev_mb | sskripnick: I'm talking about temporary hotfix | 16:20 |
| sskripnick | Glare users will be glad to have temporary hotfix too | 16:21 |
| docaedo | I would worry about scaling, it's a lot easier to set up caching in front of glare, vs. having to fix glare if performance becomes an issue | 16:21 |
| kzaitsev_mb | and messing with glare api for that part seems like waay too hard, then meddling with glare internals | 16:22 |
| kzaitsev_mb | brr | 16:22 |
| docaedo | also if we directly expose glare, it becomes an easy target for ddos? But I guess any end point can be ddos'd and would require the same remediation | 16:22 |
| kzaitsev_mb | got distracted =) | 16:22 |
| kzaitsev_mb | anyway — from where I look at — having a thin proxy (think nginx) is a very small overhead | 16:23 |
| sskripnick | I think scaling and not tying with glare is enough | 16:25 |
| sskripnick | kzaitsev_mb: proxying by nginx === glare direct access | 16:25 |
| kzaitsev_mb | sskripnick: I think you and I are not on the same page then ) | 16:26 |
| sskripnick | kzaitsev_mb: I talking about python proxy which will modify glare responses | 16:26 |
| *** toddjohn has quit IRC | 16:26 | |
| kzaitsev_mb | sskripnick: nginx can also modify requests/responses ) or make it require an internal redirect for example | 16:27 |
| sskripnick | actually Im talking about modifying Glare reposes in general | 16:27 |
| kzaitsev_mb | I'm not sure we'd need modifying glare responses right now | 16:27 |
| sskripnick | so with python proxy we can not be tied to glare backend | 16:28 |
| sskripnick | kzaitsev_mb: please take a look https://review.openstack.org/#/c/337633/14/API.rst | 16:28 |
| sskripnick | line 13 | 16:28 |
| kzaitsev_mb | sskripnick: btw, can we safely abandon our commits with v0.1? =) | 16:28 |
| sskripnick | * with python "proxy" we are not tied to glare backend | 16:29 |
| kzaitsev_mb | do you need any of them anymore? =) | 16:29 |
| sskripnick | kzaitsev_mb: i dunno. i have copied all what i can %) | 16:29 |
| *** toddjohn has joined #openstack-app-catalog | 16:29 | |
| *** toddjohn_ has joined #openstack-app-catalog | 16:31 | |
| kzaitsev_mb | sskripnick: well if you've got everything from them I'm going to abandon them in favor of yours https://review.openstack.org/#/c/337633 | 16:31 |
| docaedo | oh sskripnick since you were out sick during the meeting last week, you missed a question I had for you | 16:31 |
| docaedo | I want to re-create the server you're running so I can start working on the puppet modules for deployment | 16:32 |
| *** toddjoh__ has joined #openstack-app-catalog | 16:32 | |
| sskripnick | oh I was looking on puppet while I was sick | 16:33 |
| docaedo | so wondering if this is the right topic: https://review.openstack.org/#/q/topic:glare-10-single-patch and if there are any specific instructions or requirements | 16:33 |
| sskripnick | docaedo: https://review.openstack.org/#/c/337633/14/contrib/glare/README.rst | 16:34 |
| kzaitsev_mb | ok, I'm not sure we really need to modify glare responses right now. But having that ability would certainly be benefitial, as at some point we will | 16:34 |
| *** toddjohn has quit IRC | 16:34 | |
| docaedo | sskripnick: puppet is not too hard, but there are some requirements to make sure things integrate with infra | 16:34 |
| docaedo | sskripnick: and the way app catalog is being deployed now is here: https://git.openstack.org/cgit/openstack-infra/puppet-apps_site/tree/ | 16:35 |
| docaedo | sskripnick: thanks, I'll read through that README.rst and ping you if I have questions | 16:35 |
| sskripnick | docaedo: yeah, I have found this repo | 16:35 |
| *** toddjohn_ has quit IRC | 16:35 | |
| kzaitsev_mb | also https://github.com/johnpapa/angular-styleguide/blob/master/a1/README.md here is a nice article with an angular style-guide. Horizon adopted it some time ago. It's a bit tiresome to rewrite everithing into it. I'm not sure if we want to follow | 16:36 |
| sskripnick | docaedo great. so I don't need to do this %) | 16:36 |
| *** toddjoh__ has quit IRC | 16:36 | |
| kzaitsev_mb | but it's something to consider | 16:36 |
| sskripnick | kzaitsev_mb: oh, thanks a lot. Ill read it right now | 16:36 |
| docaedo | sskripnick: yeah I hope to tackle that puppet stuff ;) | 16:37 |
| *** kzaitsev_mb has quit IRC | 16:46 | |
| *** rhagarty has joined #openstack-app-catalog | 17:35 | |
| *** rhagarty has quit IRC | 17:36 | |
| *** rhagarty has joined #openstack-app-catalog | 17:36 | |
| *** pvaneck has joined #openstack-app-catalog | 17:58 | |
| *** toddjohn has joined #openstack-app-catalog | 18:28 | |
| *** toddjohn has quit IRC | 18:33 | |
| *** toddjohn has joined #openstack-app-catalog | 18:38 | |
| *** mfedosin has joined #openstack-app-catalog | 18:38 | |
| mfedosin | docaedo: it's a small picture I made, that describes two possible reference architectures of app-catalog: with proxy application and without https://dl.dropboxusercontent.com/u/13626875/app-catalog.png | 18:41 |
| *** kebray has quit IRC | 18:42 | |
| mfedosin | me and sskripnick prefer first version (without proxy), kzaitsev_ws likes the second | 18:42 |
| mfedosin | kzaitsev_ws: please correct me if I got you wrong | 18:43 |
| *** mpetason has quit IRC | 18:50 | |
| *** nikhil has quit IRC | 18:50 | |
| *** mpetason has joined #openstack-app-catalog | 18:50 | |
| docaedo | mfedosin: I'll take a look soon | 18:51 |
| *** nikhil has joined #openstack-app-catalog | 18:52 | |
| kfox1111 | mfedosin: my preference is closer to the one on the bottom, whith s/glare.apps.openstack.org/api.apps.openstack.org/ | 18:56 |
| kfox1111 | if we go with the top one, and glare looses all its steam, but we want to support our v2 api for a long time, we will have many more options with the bottom one. | 18:57 |
| kfox1111 | if glare's a huge success and we never need to add any new stuff, we can make a v3 that just removes the proxy and wait for v2 to die off. | 18:58 |
| kfox1111 | I'd rather hedge our bets at this point. | 18:59 |
| mfedosin | kfox1111: it makes sense indeed! tomorrow there will be more detailed documentation and we'll be able to compare pros and cons of two approaches more consciously | 19:01 |
| kfox1111 | kk | 19:02 |
| *** patrickmoore has joined #openstack-app-catalog | 19:05 | |
| docaedo | as usual, I agree with kfox1111 on this :) | 19:11 |
| *** mfedosin has quit IRC | 19:28 | |
| *** kzaitsev_mb has joined #openstack-app-catalog | 19:42 | |
| *** nikhil has quit IRC | 19:47 | |
| *** nikhil has joined #openstack-app-catalog | 19:47 | |
| *** patrickmoore has quit IRC | 19:51 | |
| *** kzaitsev_mb has quit IRC | 20:13 | |
| *** spzala has quit IRC | 20:25 | |
| *** spzala has joined #openstack-app-catalog | 20:27 | |
| *** spzala has quit IRC | 21:49 | |
| *** kebray has joined #openstack-app-catalog | 22:38 | |
| *** sskripnick has quit IRC | 22:42 | |
| *** kebray has quit IRC | 23:00 | |
| *** toddjohn has quit IRC | 23:25 | |
Generated by irclog2html.py 2.14.0 by Marius Gedminas - find it at mg.pov.lt!
