Wednesday, 2014-02-19

« Tuesday, 2014-02-18 Index Thursday, 2014-02-20 »
*** nkinder has quit IRC00:00
*** CaptTofu has joined #openstack-dns00:05
*** vinod has joined #openstack-dns00:14
*** eankutse has quit IRC00:15
*** betsy has quit IRC00:16
*** matsuhashi has joined #openstack-dns00:22
*** vinod has quit IRC00:23
*** jorgem has quit IRC00:23
*** sn6i23a has quit IRC00:24
*** matsuhashi has quit IRC00:32
*** matsuhas_ has joined #openstack-dns00:34
*** tsimmons has joined #openstack-dns01:00
*** tsimmons has left #openstack-dns01:01
*** nkinder has joined #openstack-dns01:08
*** vinod has joined #openstack-dns01:27
*** vinod has quit IRC01:29
*** nosnos has joined #openstack-dns01:36
*** jmcbride has joined #openstack-dns01:37
openstackgerritA change was merged to stackforge/designate: Fix arguments in get_collection_href  https://review.openstack.org/7450601:37
*** elemecca has quit IRC01:55
*** jmcbride has quit IRC02:04
*** jmcbride has joined #openstack-dns02:13
*** richm has quit IRC02:20
*** jmcbride has quit IRC02:21
*** vinod has joined #openstack-dns03:04
*** simonmcc has quit IRC03:08
*** simonmcc has joined #openstack-dns03:10
*** CaptTofu has quit IRC03:26
*** matsuhas_ has quit IRC03:29
*** eankutse has joined #openstack-dns03:52
*** vinod has quit IRC04:02
*** matsuhashi has joined #openstack-dns04:35
*** eankutse has quit IRC05:03
*** CaptTofu has joined #openstack-dns05:27
*** jmcbride has joined #openstack-dns05:29
*** CaptTofu has quit IRC05:32
*** jmcbride has quit IRC05:34
*** matsuhashi has quit IRC06:35
*** matsuhashi has joined #openstack-dns06:37
*** CaptTofu has joined #openstack-dns07:29
*** CaptTofu has quit IRC07:33
*** openstack has joined #openstack-dns08:43
*** ChanServ sets mode: +v openstack08:43
*** nosnos_ has joined #openstack-dns08:59
*** nosnos has quit IRC08:59
*** CaptTofu has joined #openstack-dns09:29
*** CaptTofu has quit IRC09:34
*** ytwu has quit IRC09:46
*** matsuhashi has quit IRC09:46
*** nosnos_ has quit IRC09:46
*** ytwu has joined #openstack-dns09:47
*** nosnos has joined #openstack-dns09:47
*** matsuhashi has joined #openstack-dns09:47
*** ytwu has quit IRC09:51
*** ytwu has joined #openstack-dns09:51
ekarlsokiall: morning10:00
*** msisk has joined #openstack-dns10:23
kiallHeya10:40
*** CaptTofu has joined #openstack-dns11:22
*** CaptTofu has quit IRC11:26
*** matsuhashi has quit IRC11:28
*** matsuhashi has joined #openstack-dns11:31
*** CaptTofu has joined #openstack-dns11:36
*** matsuhashi has quit IRC12:20
*** matsuhashi has joined #openstack-dns12:25
*** eankutse has joined #openstack-dns12:49
*** CaptTofu has quit IRC12:55
*** CaptTofu has joined #openstack-dns12:56
*** nosnos has quit IRC12:56
*** CaptTofu has quit IRC13:00
*** eankutse has quit IRC13:07
*** matsuhashi has quit IRC13:08
*** matsuhashi has joined #openstack-dns13:08
*** matsuhashi has quit IRC13:08
*** jmcbride has joined #openstack-dns13:21
*** elemecca has joined #openstack-dns13:22
*** elemecca has quit IRC13:31
*** elemecca has joined #openstack-dns13:31
*** CaptTofu has joined #openstack-dns13:45
*** CaptTofu has quit IRC13:56
*** betsy has joined #openstack-dns13:57
*** CaptTofu has joined #openstack-dns13:58
*** eankutse has joined #openstack-dns14:14
*** eankutse has quit IRC14:15
*** elemecca has quit IRC14:25
*** eankutse has joined #openstack-dns14:41
*** vinod has joined #openstack-dns14:50
*** jorgem has joined #openstack-dns14:50
*** mwagner_lap has joined #openstack-dns14:56
*** CaptTofu has quit IRC15:01
*** CaptTofu has joined #openstack-dns15:01
*** CaptTofu has quit IRC15:02
*** CaptTofu has joined #openstack-dns15:02
*** openstackgerrit has joined #openstack-dns15:09
*** ChanServ sets mode: +v openstackgerrit15:09
*** elemecca has joined #openstack-dns15:27
*** artom has joined #openstack-dns15:31
*** betsy has quit IRC15:33
*** eankutse has quit IRC15:46
*** eankutse has joined #openstack-dns15:47
*** eankutse has quit IRC15:50
*** eankutse has joined #openstack-dns15:52
*** richm has joined #openstack-dns16:06
*** betsy has joined #openstack-dns16:13
openstackgerritA change was merged to stackforge/designate: Shouldn't pass items to get_collection_href here  https://review.openstack.org/7468516:15
*** vinod has quit IRC16:17
*** eankutse1 has joined #openstack-dns16:18
*** eankutse has quit IRC16:20
*** jmcbride has quit IRC16:22
*** eankutse1 has quit IRC16:22
*** vinod has joined #openstack-dns16:24
*** eankutse has joined #openstack-dns16:26
*** eankutse has quit IRC16:26
*** eankutse has joined #openstack-dns16:27
*** vinod has quit IRC16:34
*** jmcbride has joined #openstack-dns16:40
*** eankutse1 has joined #openstack-dns16:46
*** eankutse has quit IRC16:47
mugsiemeeting in 10 in #openstack-meeting-alt16:48
*** eankutse1 has quit IRC16:50
*** eankutse has joined #openstack-dns16:50
*** vinod has joined #openstack-dns16:52
*** rjrjr has joined #openstack-dns16:53
kiallmugsie: I'll be 2 or 3 mins late - Can you start it out?16:56
*** jmcbride1 has joined #openstack-dns16:56
*** jmcbride1 has quit IRC16:57
*** jmcbride1 has joined #openstack-dns16:57
*** jmcbride has quit IRC16:58
*** rjrjr has quit IRC16:59
mugsieyup17:00
*** tsimmons has joined #openstack-dns17:00
kiallback17:01
*** artom_ has joined #openstack-dns17:13
*** artom has quit IRC17:16
*** artom_ is now known as arotm17:17
*** arotm is now known as artom17:17
*** jmcbride1 has quit IRC17:29
*** jmcbride has joined #openstack-dns17:29
*** elemecca has quit IRC17:34
*** elemecca has joined #openstack-dns17:46
*** tsimmons has quit IRC17:56
*** msisk has quit IRC18:00
kiallahh.. rjrjr isn't actually here ;)18:01
betsyhmmm. Maybe we can discuss the Blacklists db solution while we wait?18:03
*** rjrjr has joined #openstack-dns18:03
kiallyep .. I was thinking though after we talked in the meet, since it hasn't been put into a release, do we care if it changes?18:03
betsyThat's what I was thinking18:04
kiallit'll break dev envs etc, but that's about it18:04
betsyI think the risk is small if I just change the current migration18:04
betsykiall: true18:04
kiallYea18:04
kialland the Model :)18:04
kialland schema.. ;)18:04
betsyRight. I'll have to change that too18:04
betsyIt's not in that many places, tho18:04
rjrjrso, the problem i have with blacklist table is related?18:05
betsyAre you using mysql?18:05
kiallrjrjr: I'd assume so18:05
rjrjryes.18:05
betsyThat's the problem then18:05
betsySo, are we agreed on the solution?18:05
kiallYep..18:05
kiallBut .. I still don't get why Jenkins is passing with MySQL -_-18:05
betsyikr18:06
vinodor why MYSQL restricts it to 255 varchars?18:06
betsyvinod: that's not the error it's giving tho18:06
betsyIt's a max key length error is 767 bytes18:07
betsyerror18:07
betsyAnyway… we're agreed on a fix and I'll do it today18:08
vinodkiall do you know where pattern is being flagged as a key for the table?18:08
kiallGreat ;)18:08
kiall:)*18:08
kiallvinod: Actually18:08
betsyI'm also now running mysql on my vagrant box, so this won't happen in the future18:08
kiallyea.. Why is it a key18:08
betsyidk18:09
betsyIt's not marked as a key18:09
kiall    Column('pattern', String(512), nullable=False,18:09
kiall           unique=True),18:09
kiallunique index causes the key18:09
betsyAh18:09
kiallDo we need the unique index?18:09
betsyI would think so18:09
betsyThis is the name of the blacklisted domain18:10
betsyOr the regex pattern for it anyway18:10
betsyIt's kinda sloppy not to have it unique18:10
kiallYea.. unique "feels" more correct .. even if not having it wouldn't break anything18:10
*** jmcbride has quit IRC18:10
betsykiall: yep18:10
rjrjrvarchar or varchar2?18:11
kiallLets drop to 255 for moment...18:11
betsykiall: ok18:11
kiallrjrjr: mysql introduced a varchar2 type? lol18:11
betsyrjrjr: doesn't seem to matter, as it's the key18:11
betsylength18:11
betsyOkay. Back to rjrjr's discussion18:11
rjrjrmysql 5.0.3 can have a varchar from 0 to 255.18:11
rjrjrmysql 5.0.3 and up should be okay with 0 to 65,535.18:12
betsyRight, but the max key length stays the same at 76718:13
rjrjrUTF8 - 3 bytes per character = 256 * 3 = 768.  sound right.18:14
kiallLets drop to 255 - If it turns out we need a longer blacklist field, we can do the same thing we do for unique records - md5 the content and unique off that instead18:14
betsykiall: agreed18:15
rjrjruse case now?18:15
kiallrjrjr: yep :) .. But I'll brb in about 2 mins ..18:15
rjrjrsure.18:15
rjrjrwill sharing domains be possible?  seems like subdomain issue and 10.in-addr.arpa issue are similar.18:16
rjrjris the difficulty billing?18:19
kiallYea, the reverse DNS thing is hard, we have the /reverse/floatingips endpoint which does some stuff to make the "shared zone" work, only giving people who actually "own" the IP in neutron access to modify the records18:21
kiallSomething similar might be doable here as an eBay/PayPal specific extension - If a more general feature is needed, we'd probably want to find another method.18:22
rjrjrokay.  where can i read about this floating IP solution?18:23
rjrjrit will help give me a leg up on the atlanta presentation too, since i believe this was part of the second talk.18:24
kiallIt's probably not an copy and paste example https://github.com/stackforge/designate/blob/master/designate/api/v2/controllers/floatingips.py and the various central methods it calls18:24
kiallBut.. Lets say you duplicated the zones/recordsets/records controllers (there all small bits of code, nothing too major about duplicating them)18:24
rjrjrokay.  this use case i presented is pretty much how we are going to start with Designate.18:24
kiallIn each of those duplicate controllers, you could do a context.elevate(), fetch the domain (which succeeds, since your now an "admin"), and do some checks there the record names are within the sub-tree the tenant is allowed to touch18:25
kiallThat avoids needing lots of core changes to designate to support "sharing" subtrees, keeps all the same core code in place, but obv isn't ideal as a general purpose sharing mechanism18:26
rjrjri have a notification handler right now that uses separate forward/reverse zones for each tenant, but i'm suppose to try and get shared zones working.  i can do all this in the notification handler then?18:27
rjrjrsorry, should read 'shared domains'.18:27
kiallMy curiosity is at me.. Is there a reason 5k (or even 50k) zones is an issue?18:27
rjrjri'm just going with what my DNS admins are asking.18:28
rjrjri sat down about 2 weeks ago to gather our requirements and this use case emerged.18:28
kiallSharing the zones is something we've not planned for (though, delegating a sub-zone to another tenant is)18:29
rjrjrwe tend toward large zones (hundreds of thousands of records).  we have hundreds, but not thousands, of zones though.18:30
*** sn6i23a has joined #openstack-dns18:30
kiallSo .. with delegating sub-zones, while we haven't worked the details out, I'd imagine is will go something like this:18:30
kialltenantA owns example.com., and wants to give tenantB the sub.example.com. zone .. So Tenant A updates the example.com. zone resource with {"id": ..., "name": "example.com.:, "sharing": {"sub.example.com.": "tenantB"}}18:32
kiallthat would allow TenantB to issue a create-zone for "sub.example.com." whenever they want, while keeping billing etc sane and correct18:32
artomIsn't the PTR work that's been done a specific case of that?18:33
kiallIf, while creating a zone (or sharing it), we added a "fake zone" param or something like that, which creates the zone in the designate DB as normal, but the backends (/minidns) combine all the "fake-zones" into the parent zone as they get served18:33
artomIt's delegating records, not zones though...18:33
kiallartom: yea, we don't actually delegate access to the record itself.. we provide an alternate API to set the reverse DNS of a PTR, for the IPs you own18:34
artomAh!18:34
rjrjrcouldn't domains and subdomains be combined into zones?  that isn't really a billing issue.18:34
rjrjrnot 100% sure why we need one to one mapping between Designate domain and backend zone.18:35
kiallFrom a technical POV, not always.. A domain and sub-domain might live on different pools - e.g. dev.corp.com. might be on a private pool that only your instances can access18:35
kiallAnd.. Having different SOA records for the parent and child zone has uses cases too.. For example, a sub-zone that get's updated much more often (dev.corp.com.) than it's parent zone might want a smaller retry interval etc18:37
rjrjrhmmm... what about a consolidate domains into zones switch?  that way, the Designate admin makes the decision.18:38
kiallGiving the user the choice when creating the zone seems like a good compromise, i.e. allowing the choice over if zones are to be combined or not18:38
rjrjrLOL18:38
kiallLol .. I already said that a few mins ago and was reiterating ;)18:38
kiall(I called it "fake zone" above... theres no accurate name that comes to mind ;))18:38
kiallAs far as Designate would be concerned, the Fake Zone is a real zone.. Just the backend/minidns would consolidate a zone AND all it's fake zones.18:39
rjrjrokay.  this makes sense.18:40
eankutserjrjr: it would still be worth it capturing this in some doc18:40
rjrjryes.18:40
eankutse:-)18:40
rjrjris there a BP already for this?18:41
eankutsenot that I know of18:41
kiallhttps://blueprints.launchpad.net/designate/+spec/share-domains18:41
kiallplaceholder more than anything though18:41
eankutseoops! ;-)18:41
rjrjri can help flesh that out with some of my internal resources.18:42
kiallrjrjr: Great, We haven't detailed what we want from it yet either... But we know we need something - some internal customers "blocked" without it at the moment :/18:43
rjrjrokay.  let me start working on that.  i'll try and have some progress before the next gathering.18:43
kiallekarlso: https://wiki.openstack.org/wiki/Designate/Blueprints/SharedDomains18:44
kiallurgh18:44
kiallrjrjr: https://wiki.openstack.org/wiki/Designate/Blueprints/SharedDomains18:44
kiallCreated that as somewhere to detail the use cases18:44
rjrjrsure.18:44
*** vinod has quit IRC18:45
kiallAsk your DNS team why they prefer lots of records per zone instead of lots of zones BTW ;) I'm curious if that's a legacy thing (Creating new domains without APIs etc was painful) or a technical reason (maybe IXFR's over large zones give better performance?)18:46
rjrjri'll definitely dig into it.18:46
rjrjrbtw, meeting tomorrow with Nominum.  we are asking them to opensource their Python library.  i have a Nominum ANSP backend written that uses it.18:47
*** nkinder is now known as nkinder_afk18:49
kiallCool, let us know how it goes :)18:49
mugsiebetsy: when you get a chance https://review.openstack.org/#/c/74655/18:49
rjrjrthe only methods i didn't implement are create,update,delete recordset.  i wasn't sure how fast mini-dns was going to come along, so i might implement those with the idea that mini-dns is probably a little way out.18:49
rjrjri'll let you know.18:50
harmwhi guys18:50
harmw12:24 < harmw> I want designate to create records in 2 different zones when nova creates a new instance (forward and reverse)18:50
harmw12:24 < harmw> does that mean putting the corresponding domain_id in the nova and the quantum (neutron) handlers?18:50
harmw12:27 < harmw> plus, this aproach leaves me with 1 domain per handler. But what if I want a different domain per tenant (my customers)?18:50
harmwanyone got a thought on that?18:50
rjrjrharmw, this will need a custom notification handler.18:51
kiallharmw: the default sink handler is more of an example than something 100% usable out of the box - everyone has different ideas about what the auto generated records should mbe18:51
kiallbe*18:51
harmwah ok, excellent18:51
kiallCreating a custom handler as a plugin is fairly simple.. I actually have an example repo somewhere with that18:51
kiallLet me see if I can dig it otu18:52
kiallout*18:52
harmwsounds interesting18:52
kiallhttps://github.com/kiall/designate-ext-samplehandler18:52
kiallThat shows how to write an out-of-tree plugin for designate including the python packaging etc etc18:53
kiallThe actual sink handler is just this little piece: https://github.com/kiall/designate-ext-samplehandler/blob/master/designate_ext_samplehandler/notification_handler/sample.py18:53
harmwnice nice, thanks kiall18:54
kiallThe "payload" it references has a bunch of properties you can use to generate the name..18:54
kiallhttps://github.com/stackforge/designate/blob/master/designate/tests/resources/sample_notifications/nova/compute.instance.create.end.json#L9718:54
kialli.e. everything nova sends s18:54
kiallus*18:54
harmwyea18:54
harmwI think Ill just play with it18:55
harmwbtw, something totally unrelated; anyone here has thoughts on openstack certification in general?18:56
kiallOkay - Gotta run - Cya later18:56
harmwcya!18:56
*** elemecca has quit IRC18:56
*** jmcbride has joined #openstack-dns19:11
rjrjrare we specifying the innodb page size?19:12
rjrjrhttp://dev.mysql.com/doc/refman/5.6/en/innodb-restrictions.html19:12
rjrjrif the page size is 4KB, that would limit the index key length to 768 bytes.19:13
*** eankutse has quit IRC19:15
*** jmcbride1 has joined #openstack-dns19:15
*** jmcbride has quit IRC19:16
*** eankutse has joined #openstack-dns19:25
*** eankutse has quit IRC19:27
*** sballe has quit IRC19:31
*** sballe has joined #openstack-dns19:32
*** sballe has quit IRC19:33
*** sballe has joined #openstack-dns19:34
*** sballe has quit IRC19:38
*** vinod has joined #openstack-dns19:39
openstackgerritA change was merged to stackforge/designate: Default state-path to /var/lib/designate  https://review.openstack.org/7371719:42
*** sballe has joined #openstack-dns19:48
*** elemecca has joined #openstack-dns19:48
*** eankutse has joined #openstack-dns19:49
*** elemecca has quit IRC19:54
*** elemecca has joined #openstack-dns19:57
*** vinod has quit IRC20:04
*** nkinder_afk is now known as nkinder20:26
openstackgerritBetsy Luzader proposed a change to stackforge/designate: Blacklists mysql error  https://review.openstack.org/7483420:42
*** mwagner_lap has quit IRC20:53
*** jmcbride1 has quit IRC21:02
*** elemecca has quit IRC21:05
*** CaptTofu has quit IRC21:06
*** CaptTofu has joined #openstack-dns21:06
*** CaptTofu has quit IRC21:11
*** vinod has joined #openstack-dns21:20
ekarlsokiall: ?21:26
*** shakayumi has joined #openstack-dns21:35
*** betsy has quit IRC21:38
*** devincognito has joined #openstack-dns21:46
*** rjrjr_ has joined #openstack-dns21:48
*** jmcbride has joined #openstack-dns21:52
*** vinod has quit IRC21:58
*** vinod has joined #openstack-dns21:59
*** devincognito has quit IRC22:02
*** vinod has quit IRC22:02
*** CaptTofu has joined #openstack-dns22:10
openstackgerritA change was merged to stackforge/designate: Blacklists mysql error  https://review.openstack.org/7483422:12
*** eankutse1 has joined #openstack-dns22:21
*** eankutse1 has quit IRC22:21
*** jmcbride has quit IRC22:23
*** eankutse has quit IRC22:23
*** jmcbride has joined #openstack-dns22:26
*** jmcbride has joined #openstack-dns22:30
*** jmcbride has quit IRC22:34
*** artom has quit IRC23:20
*** jorgem has quit IRC23:23
*** CaptTofu has quit IRC23:24
*** CaptTofu has joined #openstack-dns23:24
*** CaptTofu has quit IRC23:29
*** CaptTofu has joined #openstack-dns23:32
*** openstack has joined #openstack-dns23:34
*** ChanServ sets mode: +v openstack23:34
*** elemecca has joined #openstack-dns23:47
*** rjrjr_ has quit IRC23:56
« Tuesday, 2014-02-18 Index Thursday, 2014-02-20 »

Generated by irclog2html.py 2.14.0 by Marius Gedminas - find it at mg.pov.lt!