Sunday, 2017-01-08

*** sayantan_ has joined #openstack-kolla		00:01
kfox1111	sbezverk: oh. it looks like the default config.json copies the apache config's in place.	00:01
kfox1111	sbezverk: so you could probably just launch the keystone container with command /usr/sbin/httpd, and pvc at /var/www/html and it should serve out ok.	00:02
sbezverk	kfox1111: sorry not following	00:03
kfox1111	if you wanted to test a helm repo server in the gate right away,	00:03
kfox1111	instead of a helm-serv container, you could use the keystone container, override the container command to "/usr/sbin/httpd" and mount the helm repo pvc at /var/www/html.	00:04
kfox1111	you should get a working apache capable of sharing out helm packages.	00:04
kfox1111	should work with both the existing 2.0.2 container and 3.0.1 containers.	00:04
kfox1111	so you could get it workign in the gate today if you wanted to try that.	00:04
sbezverk	kfox1111: now I see what you mean..	00:05
*** severion has joined #openstack-kolla		00:05
kfox1111	could even test it in the main gate by replacing the helm serv with it, and pointing the kolla repo to it.	00:05
kfox1111	would just need a bit of logic to copy the build packages into the pv.	00:06
*** zhugaoxiao has quit IRC		00:08
kfox1111	sbezverk: did the project-config patch make sense to you?	00:09
*** sdake_ has quit IRC		00:10
sbezverk	kfox1111: will check it in a sec, I am fixing your and sdake comments for the image PS	00:11
kfox1111	k	00:11
sbezverk	kfox1111: in projects.yaml helm-entrypoint does it any corresponding script or anything? or it is just a label for the job and we execute whatever we need?	00:14
kfox1111	projects.yaml?	00:15
kfox1111	oh.	00:15
kfox1111	it becomes an arg to the setup_gate script.	00:15
kfox1111	have a look in jenkins/jobs/kolla-kubernetes.yaml	00:15
kfox1111	you can see where it gets passed to the setup_gate script.	00:16
kfox1111	tools/setup_gate.sh {action} {distro} {type} {config} {node} shell	00:16
kfox1111	arg 4.	00:16
sbezverk	I got the idea. can you paste me full url to jenkins/jobs/kolla-kubernetes.yaml	00:17
kfox1111	https://github.com/openstack-infra/project-config/blob/master/jenkins/jobs/kolla-kubernetes.yaml#L17	00:18
sbezverk	kfox1111: thank you I do not have this type of urls handy, they above my average ;-)	00:18
kfox1111	it took me a while on project-config.... kept forgetting it was in the openstack-infra namespace, not the openstack one like everything else.	00:19
sbezverk	kfox1111: so basically I just need to add new entry in this two files in opensatck-infra and then add a small PS branching got helm-operator parameter. right?	00:21
kfox1111	yup.	00:21
kfox1111	:)	00:21
kfox1111	pretty easy. :)	00:21
sbezverk	cool, let me do it then.. I like easy things for a change ;-)	00:27
kfox1111	hehe. I know, right? :)	00:27
sbezverk	:)	00:29
portdirect	sbezverk: just looked at helm container - cant see anything over and above kfox1111 and sdakes comments	00:29
*** Pavo has quit IRC		00:29
sbezverk	portdirect: I have not pushed it yet I have now problem with right for /helm-repo folder :-(	00:34
sbezverk	doing chmod and chown to see if it helps	00:34
portdirect	yeah - that's the downside of not being root :( will most likley need to set that up (chown) in an init container for pv	00:36
portdirect	I spent a few days running the docker daemon with user-namespaces turned on - but gave up in the end :(	00:37
*** salv-orl_ has quit IRC		00:38
sbezverk	portdirect ahhh now I see why my chown is not working	00:39
sbezverk	it was run against local file system and real container uses external storage	00:39
sbezverk	so I will need sudo them to be able to prepare it properly	00:40
portdirect	if possible id try not to use sudo	00:40
sbezverk	portdirect: man what option then I have?!?!?!?	00:41
portdirect	and use a trick like this: https://github.com/openstack/kolla-kubernetes/blob/master/helm/kolla-common/templates/_common_create_keystone_service.yaml#L24-L25 in init container	00:41
portdirect	but if thats not possible then sudo it is	00:42
kfox1111	sbezverk: init container with root.	00:42
*** Pavo has joined #openstack-kolla		00:42
sbezverk	and you guys will be ok with this right?	00:42
kfox1111	then sudo isn't needed in the main container.	00:42
sbezverk	cool	00:42
kfox1111	the general idea is to keep things that are long running from running as root.	00:43
kfox1111	that way if a user breaks into the long running process they can't get to root.	00:43
kfox1111	in an init container though, its very transient, so much less risky.	00:43
portdirect	yeah ideally i'l like to get us to use:	00:43
portdirect	https://www.irccloud.com/pastebin/58bGtQ5K/	00:44
portdirect	but know thats a long way off...	00:44
kfox1111	yeah. as much as possible.	00:44
*** sdake has joined #openstack-kolla		00:45
sbezverk	portdirect: example you gave was for main container, do you have syntax for init container?	00:54
portdirect	yeah - just json of that 2sec and I'll knock one up	00:54
sbezverk	portdirect: it is freaking out on all my attempts :-)	00:56
*** sdake has quit IRC		00:56
sbezverk	I thought this might work	00:57
sbezverk	"securityContext": [	00:57
sbezverk	"runAsUser": "0"],	00:57
sbezverk	but it does not like it	00:57
portdirect	{ not [	00:57
portdirect	https://www.irccloud.com/pastebin/HrqnFrQl/	00:58
sbezverk	ah, ok let me try	00:58
kfox1111	theres somewhere in tree that's doing it.	00:58
kfox1111	helm/microservice/neutron-l3-agent/templates/l3_agent_daemonset.yaml does it.	00:58
portdirect	sbezverk: i find yaml much easier to parse so just just convert from that (using atom plugin) or http://codebeautify.org/yaml-to-json-xml-csv when thats not around, doing thats saved me so many headaches writing kube manifestss	01:00
openstackgerrit	Kevin Fox proposed openstack/kolla-kubernetes: Switch pv's to new global api https://review.openstack.org/417634	01:00
kfox1111	portdirect: yeah. did that initally. then now that there's workign examples in tree, mostly just copy/paste from there.	01:01
*** Pavo has quit IRC		01:03
kfox1111	really really want 1.6 to finish init containers so we can get away from json. :/	01:03
sbezverk	portdirect: I have to go with sudo, because when init container with root, then some helm related things are generated as root	01:03
kfox1111	well, json in yaml... which is worse.	01:03
kfox1111	sbezverk: just do two init containers.	01:03
sbezverk	and then main container gets into the same access issue	01:03
kfox1111	sbezverk: one to build the packages, then another to change it to owned as the right user?	01:04
sbezverk	%)	01:04
sbezverk	is not easier to run with root ;-) ??	01:04
kfox1111	security is not about easy. ;)	01:04
kfox1111	usually they are polar opposites. ;)	01:04
kfox1111	I guess this is brining up an interesting question... really should we be building packages in that container?	01:05
kfox1111	or just relying on the tarball transfer like thing?	01:06
kfox1111	do the build somewhere else?	01:06
sbezverk	kfox1111: I think adding packages into the container at baking is not great	01:06
portdirect	kfox1111: i dont think we should (off the top of my head) but not quite sure what the plan is	01:07
kfox1111	not sure its any worse then requireing a helm server in an init continer to build packages. :/	01:07
*** msimonin1 has joined #openstack-kolla		01:07
sbezverk	kfox1111: we need to run helm package one way or another	01:07
portdirect	deffo against adding them at container build	01:07
sbezverk	otherwise index will not get generated	01:07
kfox1111	portdirect: whys that?	01:07
sbezverk	I already hit it and confirmed with helm people	01:07
kfox1111	I think it would be benifitial in the same way as building a cache repo as well.	01:08
kfox1111	for containers.	01:08
portdirect	kfox1111: just speed of moving target - though perhaps I've not thought it through	01:09
*** msimonin has quit IRC		01:09
kfox1111	portdirect: I'd like to make container updates much more common.	01:10
portdirect	yeah - getting master on a nightly is ther frist step on that path :)	01:11
kfox1111	I think we need to fix that pipeline.	01:11
kfox1111	yeah.	01:11
kfox1111	sbezverk: so, how about this for now,	01:11
kfox1111	run an init container as root,	01:11
portdirect	if you get me a script to do the other stuff we were talking about I may be able to devotte some bandwidth to that (again only gteed untill end of cycle)	01:11
kfox1111	git clone kolla-kubernetes,	01:12
kfox1111	add user build	01:12
kfox1111	switch to build and run prebuild/build microservices.	01:12
kfox1111	switch back to root to chown the data, then exit the init container.	01:12
kfox1111	then the apache container fires up and shares the data.	01:12
kfox1111	portdirect: yeah, thanks. was going to work on the script after we cut 0.4.0	01:13
sbezverk	portdirect: which script	01:13
sbezverk	?	01:13
sbezverk	ok it is working now with 2 init container	01:14
kfox1111	cool.	01:14
openstackgerrit	Serguei Bezverkhi proposed openstack/kolla: Add helm-repository image https://review.openstack.org/417426	01:15
openstackgerrit	Kevin Fox proposed openstack/kolla-kubernetes: Switch pv's to new global api https://review.openstack.org/417634	01:16
sbezverk	kfox1111: portdirect: updated image with no root	01:16
kfox1111	looks good to me.	01:18
openstackgerrit	Serguei Bezverkhi proposed openstack/kolla-kubernetes: Helm repository container and service https://review.openstack.org/417474	01:18
sbezverk	kfox1111: now infra :-)	01:19
kfox1111	sbezverk: cool. it usually takes them a bout a day or so to merge things, unless you go begging. :)	01:22
kfox1111	I don't usually feel too bad asking for a quick review of a 2 line patch though. :)	01:23
sbezverk	kfox1111: I would think these guys must be the most paranoid since all opensatck infra is on them	01:25
*** saneax is now known as saneax-_-\|AFK		01:26
kfox1111	you'd think, but they are really good guys / usually very responsive.	01:26
kfox1111	they really want to be helpful.	01:26
openstackgerrit	Kevin Fox proposed openstack/kolla-kubernetes: Switch pv's to new global api https://review.openstack.org/417634	01:29
sbezverk	kfox1111: Let's see ;-)	01:30
sbezverk	https://review.openstack.org/417635	01:30
kfox1111	+1 :)	01:31
*** sdake has joined #openstack-kolla		01:31
portdirect	sbezverk: just saw your question: I'm pushing nightly mastersfor kolla images to dockehub with the stuff in this repo: https://github.com/portdirect/kolla-cron-builder, I'm happy to take prs to build z stream images there	01:37
openstackgerrit	Serguei Bezverkhi proposed openstack/kolla-kubernetes: Place holder for helm-operator gate job https://review.openstack.org/417636	01:37
sbezverk	portdirect: got it	01:38
kfox1111	yeah. I'm going to try and get some kind of change detection process going so that it only uploads changed containers rather then always upload new ones.	01:38
*** salv-orlando has joined #openstack-kolla		01:38
*** lmasiero has joined #openstack-kolla		01:41
*** salv-orlando has quit IRC		01:43
*** sdake has quit IRC		01:46
openstackgerrit	Kevin Fox proposed openstack/kolla-kubernetes: Switch pv's to new global api https://review.openstack.org/417634	01:50
*** msimonin1 has quit IRC		02:06
*** lmasiero has quit IRC		02:07
*** lmasiero has joined #openstack-kolla		02:08
*** lmasiero has quit IRC		02:09
*** lmasiero has joined #openstack-kolla		02:09
*** lmasiero is now known as lucasmasiero		02:10
*** salv-orlando has joined #openstack-kolla		02:40
*** salv-orlando has quit IRC		02:44
openstackgerrit	Serguei Bezverkhi proposed openstack/kolla: Add helm-repository image https://review.openstack.org/417426	03:07
*** sacharya has joined #openstack-kolla		03:08
*** sacharya has quit IRC		03:12
*** sacharya has joined #openstack-kolla		03:13
*** sacharya has quit IRC		03:14
*** sacharya has joined #openstack-kolla		03:15
*** zhubingbing has joined #openstack-kolla		03:29
openstackgerrit	jianyi proposed openstack/kolla-ansible: Add zun ansible role https://review.openstack.org/416179	03:35
*** salv-orlando has joined #openstack-kolla		03:41
*** salv-orlando has quit IRC		03:45
*** bjolo has quit IRC		04:13
*** zhubingbing has quit IRC		04:35
*** salv-orlando has joined #openstack-kolla		04:41
*** salv-orlando has quit IRC		04:46
*** zhubingbing has joined #openstack-kolla		05:01
*** prameswar has joined #openstack-kolla		05:10
*** sdake has joined #openstack-kolla		05:16
*** lucasmasiero has quit IRC		05:18
*** salv-orlando has joined #openstack-kolla		05:42
*** salv-orlando has quit IRC		05:47
*** hieulq_ has joined #openstack-kolla		05:53
*** sdake has quit IRC		05:57
*** sayantan_ has quit IRC		06:03
*** adrian_otto has joined #openstack-kolla		06:08
*** sayantan_ has joined #openstack-kolla		06:09
*** sdake has joined #openstack-kolla		06:36
*** sacharya has quit IRC		06:43
*** salv-orlando has joined #openstack-kolla		06:43
*** sacharya has joined #openstack-kolla		06:44
*** sacharya has quit IRC		06:48
*** Jeffrey4l_ has joined #openstack-kolla		06:49
*** salv-orlando has quit IRC		06:50
*** adrian_otto has quit IRC		06:52
*** adrian_otto has joined #openstack-kolla		06:53
openstackgerrit	Merged openstack/kolla-ansible: all.yml should be in alphabetical order https://review.openstack.org/417573	07:12
*** hieulq_ has quit IRC		07:17
*** hieulq_ has joined #openstack-kolla		07:38
*** sacharya has joined #openstack-kolla		07:44
*** salv-orlando has joined #openstack-kolla		07:46
*** sacharya has quit IRC		07:49
*** salv-orlando has quit IRC		07:51
*** adrian_otto has quit IRC		07:58
*** prameswar has quit IRC		08:09
*** sayantan_ has quit IRC		08:29
*** hieulq_ has quit IRC		08:43
*** msimonin has joined #openstack-kolla		08:47
*** salv-orlando has joined #openstack-kolla		08:47
*** sdake has quit IRC		08:48
*** salv-orlando has quit IRC		08:51
*** severion has quit IRC		09:03
*** msimonin has quit IRC		09:10
*** zhubingbing has quit IRC		09:10
*** msimonin has joined #openstack-kolla		09:11
*** saneax-_-\|AFK is now known as saneax		09:30
*** msimonin has quit IRC		09:32
*** msimonin has joined #openstack-kolla		09:36
*** saneax is now known as saneax-_-\|AFK		09:41
*** sp__ has joined #openstack-kolla		09:46
*** saneax-_-\|AFK is now known as saneax		09:49
*** sp__ has quit IRC		10:01
*** msimonin1 has joined #openstack-kolla		10:16
*** msimonin has quit IRC		10:18
*** prameswar has joined #openstack-kolla		10:22
*** msimonin1 has quit IRC		10:25
*** msimonin has joined #openstack-kolla		10:26
*** sp__ has joined #openstack-kolla		10:27
*** pbourke has quit IRC		10:43
*** pbourke has joined #openstack-kolla		10:43
*** salv-orlando has joined #openstack-kolla		10:49
*** salv-orlando has quit IRC		10:53
*** saneax is now known as saneax-_-\|AFK		10:57
*** saneax-_-\|AFK is now known as saneax		11:08
*** prameswar has quit IRC		11:38
openstackgerrit	Surya Prakash Singh proposed openstack/kolla: support py3 for kolla/image module https://review.openstack.org/414813	11:43
openstackgerrit	Jeffrey Zhang proposed openstack/kolla: DO_NOT_MERGE: TEST MASTER BRANCH https://review.openstack.org/399897	11:54
*** zhubingbing has joined #openstack-kolla		12:00
openstackgerrit	Merged openstack/kolla: Fix zaqar container https://review.openstack.org/407757	12:11
*** masuberu has joined #openstack-kolla		12:29
*** zhubingbing has quit IRC		12:32
*** zhubingbing has joined #openstack-kolla		12:32
*** sp__ has quit IRC		12:33
*** salv-orlando has joined #openstack-kolla		12:50
*** salv-orlando has quit IRC		12:55
openstackgerrit	Serguei Bezverkhi proposed openstack/kolla: Add helm-repository image https://review.openstack.org/417426	12:56
portdirect	sbezverk: around?	13:47
portdirect	if so qq - you know the simplesw way fo doing string subsititution in goptl? need to escape some '$'s from a values file so i can load them into env-vars	13:48
portdirect	could always pre-escape them in the values file but seems a bit ugly to force users to do that	13:49
*** salv-orlando has joined #openstack-kolla		13:52
*** salv-orlando has quit IRC		13:56
*** masuberu has quit IRC		13:56
*** sp__ has joined #openstack-kolla		13:58
*** msimonin has quit IRC		14:00
sbezverk	portdirect: good morning	14:01
portdirect	o/	14:01
*** mattmceuen has quit IRC		14:01
sbezverk	portdirect: looking at your question, nothing comes from the top of my head..	14:02
openstackgerrit	zhubingbing proposed openstack/kolla-ansible: Add fluentd role https://review.openstack.org/407392	14:03
sbezverk	portdirect: how about replace function?	14:04
sbezverk	Jeffrey4l_: ping	14:04
Jeffrey4l_	sbezverk, pong	14:04
sbezverk	Jeffrey4l_: appreciate if you could review my PS again, I need to get that image in so I use it at the gate	14:06
Jeffrey4l_	roger. np.	14:06
sbezverk	portdirect: something like that $name \| replace "$" ""	14:07
portdirect	sbezverk: this is why i ask you questions :)	14:07
portdirect	of course! doh - totally forgot to check sprig docs	14:07
*** saneax is now known as saneax-_-\|AFK		14:10
sbezverk	portdirect: if you could ack this please : https://review.openstack.org/417636	14:10
portdirect	np	14:12
openstackgerrit	Merged openstack/kolla-kubernetes: Place holder for helm-operator gate job https://review.openstack.org/417636	14:15
Jeffrey4l_	sbezverk, done. nit.	14:21
*** sp__ has quit IRC		14:33
openstackgerrit	Serguei Bezverkhi proposed openstack/kolla: Add helm-repository image https://review.openstack.org/417426	14:38
*** sp_ has quit IRC		14:39
sbezverk	Jeffrey4l_: thanks for review, I fixed last comment as well.	14:41
openstackgerrit	Jeffrey Zhang proposed openstack/kolla-ansible: [wip] enable ceilometer related project in gate https://review.openstack.org/412278	14:42
openstackgerrit	Jeffrey Zhang proposed openstack/kolla-ansible: [wip] enable ceilometer related project in gate https://review.openstack.org/412278	14:51
*** salv-orlando has joined #openstack-kolla		14:52
*** sp_ has joined #openstack-kolla		14:53
*** lucasmasiero has joined #openstack-kolla		14:55
openstackgerrit	Serguei Bezverkhi proposed openstack/kolla-kubernetes: Helm repository container and service https://review.openstack.org/417474	14:56
*** salv-orlando has quit IRC		14:57
Jeffrey4l_	cool. +2ed	15:00
openstackgerrit	zhubingbing proposed openstack/kolla-ansible: Add fluentd role https://review.openstack.org/407392	15:01
sbezverk	Jeffrey4l_: thank you, appreciated. Need to fine another core for wfl ;-)	15:07
Jeffrey4l_	yep ;)	15:08
*** msimonin has joined #openstack-kolla		15:09
*** sdake has joined #openstack-kolla		15:14
*** sdake_ has joined #openstack-kolla		15:16
*** sdake has quit IRC		15:19
openstackgerrit	Jeffrey Zhang proposed openstack/kolla-ansible: [wip] enable ceilometer related project in gate https://review.openstack.org/412278	15:23
*** dave-mccowan has joined #openstack-kolla		15:25
kfox1111	morning	15:44
kfox1111	Jeffrey4l_: any idea on 3.0.2?	15:44
sbezverk	kfox1111: good morning	15:44
kfox1111	we still have that pip install workaround that we'd like to get rid of and wednesday's quickly aproaching.	15:44
*** sayantan_ has joined #openstack-kolla		15:52
*** sdake has joined #openstack-kolla		15:59
*** sdake_ has quit IRC		16:00
sbezverk	kfox1111: do you have a second?	16:01
Jeffrey4l_	kfox1111, it is pushed. please check https://review.openstack.org/417442	16:05
*** lucasmasiero has quit IRC		16:05
kfox1111	sbezverk: yeah.	16:05
sbezverk	kfox1111: need to discuss with you one thing..	16:06
kfox1111	Jeffrey4l_: cool. when does it get to the hub? onnce it finishes review?	16:06
kfox1111	sbezverk: sure. whats up?	16:08
sbezverk	kfox1111: when operator creates service related object I want to assign to each object created by this specific operator unique label. It will helm in future to operator easily discover its objects without mixing up with other object created by other operators.. what do you think?	16:08
Jeffrey4l_	kfox1111, no. we need push this manually.	16:09
kfox1111	yeah.	16:09
kfox1111	I think sticking that in the release name would help?	16:09
kfox1111	Jeffrey4l_: when wil lthat happen?	16:09
sbezverk	if you are ok with this approach then I need lablel: operator_id assigned to every object	16:09
Jeffrey4l_	kfox1111, should be soon after it is merged.	16:10
kfox1111	I dont think helm has a way to label a release	16:10
kfox1111	Jeffrey4l_: ok. thanks. I'll help push on reviewers then. :)	16:10
Jeffrey4l_	thanks a lot.	16:10
sbezverk	kfox1111: I am going to find out and if it is not I will request it	16:10
kfox1111	if we could get it done by tuesday, then we can get kolla-kubernetes updated in time for release on wednesday.	16:10
sbezverk	most of operators I study use this flexible model	16:10
kfox1111	sbezverk: yeah. I think we'll be the first going through helm rather then direct to k8s. so might be an oversite in helm.	16:11
openstackgerrit	zhubingbing proposed openstack/kolla-ansible: Add fluentd role https://review.openstack.org/407392	16:11
kfox1111	they've been very good to help us with missing features though, so hopefully they will be able to do something for us quickly.	16:12
sbezverk	kfox1111: cool if we are in agreement at least general, then I explore this idea with helm folks	16:12
kfox1111	+1	16:12
kfox1111	I think their release names get mapped into a configmap.	16:12
kfox1111	so they may be able to easily just tack on a few labels onto it.	16:12
sbezverk	kfox1111: idealy if they can let me pass label_name:label_value, that would be great	16:13
sbezverk	I can then in operator, generate unique label and assign it to all objects instantiated by this operator	16:14
kfox1111	its a cli thing, right? so maybe follow the k8s cli of foo=bar?	16:14
kfox1111	yeah.	16:14
sbezverk	yep cli of helm client	16:14
kfox1111	helm list -v foo=bar or something liek that.	16:15
sbezverk	exactly	16:15
kfox1111	yeah. sounds good. :)	16:15
kfox1111	would be very useful outside of just operators too.	16:16
sbezverk	kfox1111Ь exactly, even in kubectl you can specify a label for selecting objects	16:16
*** lucasmasiero has joined #openstack-kolla		16:19
openstackgerrit	Kevin Fox proposed openstack/kolla-kubernetes: Convert statefulset to global api https://review.openstack.org/417698	16:19
*** lucasmasiero has quit IRC		16:24
kfox1111	sbezverk: all_values has kolla_compute for both iscsid and tgtd	16:25
kfox1111	doesn't one of those go on the controller by default?	16:25
Mech422	anyone know a good trick for flattening nested dicts to make ansible happy?	16:25
Mech422	the stupid thing really should be able to iterate nested dicts :-(	16:26
*** zhubingbing has quit IRC		16:26
sbezverk	kfox1111: tgtd goes where vg group is hosted and cinder-volume runs	16:27
sbezverk	iscsid goes to the compute node	16:27
kfox1111	k. I'll chane that one to kolla_controller then.	16:27
*** Pavo has joined #openstack-kolla		16:27
*** Pavo has quit IRC		16:31
*** Pavo has joined #openstack-kolla		16:33
*** salv-orlando has joined #openstack-kolla		16:35
sbezverk	kfox1111: here is helm feature request, please leave your feedback https://github.com/kubernetes/helm/issues/1800	16:46
kfox1111	sbezverk: thanks. commented.	16:51
openstackgerrit	Kevin Fox proposed openstack/kolla-kubernetes: Convert statefulset to global api https://review.openstack.org/417698	16:55
kfox1111	about 80 down, about 20 to go.	16:58
kfox1111	almost there.	16:58
sbezverk	guys let's not overdesign things ;-) https://s-media-cache-ak0.pinimg.com/736x/71/8f/38/718f380d398f01074352315960c6e77e.jpg	16:59
kfox1111	hehe	17:00
kfox1111	I don't think the pug was ever 'intellegently designed' by anyone. ;)	17:00
sbezverk	:)	17:00
kfox1111	but I'm partial to other breeds. :)	17:00
kfox1111	I'd also call it more, artificial selection rather then intellegently designed.	17:07
kfox1111	intellegently designed woudl be purposfully tweaking dna to have the things desired.	17:08
kfox1111	chair dogs from dune perhaps. :)	17:08
sbezverk	kfox1111: selection is just one of methods of design ;-)	17:08
kfox1111	fair.	17:08
kfox1111	Jeffrey4l_: I didn't realize, that review's for the release team?	17:10
kfox1111	if so, we may have a problem. I think they release on wednesdays.	17:10
kfox1111	which would overlap with the kolla-kubernetes release.	17:11
openstackgerrit	Merged openstack/kolla: Add helm-repository image https://review.openstack.org/417426	17:11
*** msimonin has quit IRC		17:12
*** msimonin has joined #openstack-kolla		17:12
*** msimonin has quit IRC		17:12
SamYaple	kfox1111: does this interest you? http://paste.openstack.org/show/594239/	17:16
SamYaple	special-neutron-base took "real 1m55.521s" to build	17:17
SamYaple	thats from base distro (debian:jessie) to image tagged	17:17
kfox1111	nice.	17:17
kfox1111	looks big though?	17:18
kfox1111	https://hub.docker.com/r/kolla/ubuntu-binary-neutron-base/tags/	17:18
kfox1111	or is that a source vs binary thing?	17:18
SamYaple	thats a source v binary problem	17:18
kfox1111	https://hub.docker.com/r/kolla/ubuntu-source-neutron-base/tags/	17:18
kfox1111	did trunk bloat up?	17:19
SamYaple	you do see those say "compressed size" right?	17:19
*** bmace has quit IRC		17:19
kfox1111	ah.	17:19
kfox1111	ok. nm then. :)	17:19
*** bmace has joined #openstack-kolla		17:19
SamYaple	binary is tinyer in general, but compressed it should be almost identical now	17:19
kfox1111	so, your two are uncompressed size?	17:19
SamYaple	or even source pulls ahead	17:19
SamYaple	yea	17:19
kfox1111	nice. :)	17:19
SamYaple	best part is...... it can build on dockerhub! with triggers!	17:20
kfox1111	cool. :)	17:20
*** msimonin has joined #openstack-kolla		17:20
SamYaple	i havent even started to optimize anything. I bet i could get it down another 10-20%	17:22
kfox1111	nice. :)	17:23
SamYaple	at this point though, that size is mostly needed binaries, no cruft	17:23
kfox1111	have you compared it to portdirect's alpine based stuff for size?	17:24
kfox1111	curious how much tighter alpine ends up being.	17:25
portdirect	https://microbadger.com/images/kolla/ubuntu-source-neutron-server	17:25
SamYaple	jsut from what i know about alpine, i think (assuming it even _has_ all the packages) we could get a 200MB neutron image	17:25
portdirect	https://microbadger.com/images/port/openstack-neutron-api	17:26
portdirect	(again those are both compressed)	17:26
SamYaple	dang portdirect. i crush those sizes	17:26
SamYaple	oh nvm	17:26
SamYaple	the first one was still kolla offical	17:26
SamYaple	hmmm portdirect. you seem to be missing some deps	17:27
portdirect	'docker.io/port/openstack-neutron-api latest 2c0b705b4bc5 7 weeks ago 263.5 MB'	17:28
portdirect	which ones?	17:28
SamYaple	"special-neutron-base latest 52d16e93c5ec 2 minutes ago 337 MB	17:28
SamYaple	so not too far off	17:29
SamYaple	and i install a bunch of deps like openvswitch and keepalived	17:29
*** haplo37_ has quit IRC		17:29
SamYaple	i guess you might not need those for neutron-api?	17:29
portdirect	yeah - I dont have/need them	17:29
kfox1111	api shouldn't need those, yeah. can be in a seperate package.	17:29
*** salv-orlando has quit IRC		17:29
SamYaple	you say that but im pretty sure the api still needs some stuff like iptables nad ipset	17:30
SamYaple	but this is just my memory talking	17:30
portdirect	not with ovn	17:30
kfox1111	hmm... sinse we started the helm conversion, the ubuntu gate's not been pure ubuntu. :/	17:30
SamYaple	either way the debian build i have and the alpine build are very close in size	17:30
SamYaple	if you consider the unneeded deps	17:31
kfox1111	some of the packages aren't tagged with a distro, so defaulting to centos.	17:31
portdirect	yeah - you gonna share the source anytime soon? :D	17:31
kfox1111	SamYaple: interesting. :)	17:31
SamYaple	portdirect: momentairly	17:31
SamYaple	portdirect: im going to dazzle you with showing you a 100% dockerhub build at that size (and speed!) first	17:32
portdirect	I can get alpine down by about another 50-60mb - but not worth it for me	17:32
portdirect	and the stament you make above confirms that even more	17:32
*** haplo37_ has joined #openstack-kolla		17:32
SamYaple	i think i can get ubuntu down to 200MB uncompressed without much ado	17:33
SamYaple	one line rm at the end of the dockerfile	17:33
SamYaple	ill tell you what though, once python3 is solid, this drops to maybe 100-150MB uncompressed	17:33
portdirect	I have the feeling this is gonna be a one line neutron sevre install :)	17:33
SamYaple	portdirect: it is. but with a twist. its a 2 minute build time with no build-tools!	17:34
portdirect	i think I may have an idea whats going on - 2 stage build?	17:34
* portdirect thinking furiously		17:35
SamYaple	i have a repo server build, it builds all openstack/requirements files. takes ~10m. Does not need to be run repeatedly (it can be reused). can trgger off changes to openstack/requirements	17:35
portdirect	thought about removing all the .py files but then realised that was a rabbit hole too far	17:36
SamYaple	special-neutron-base is running docker inside the build process and starting that container and purging all the data, using only what it needs	17:36
SamYaple	portdirect: youve got it backwards, you remove all the .pyc	17:36
SamYaple	.pyc arent super compatible	17:36
SamYaple	special-neutron-base-no-deps latest 9d91ce6e7f34 About a minute ago 314.4 MB	17:36
portdirect	true - but i told you it was a rabbit hole to far - removing pyc is far to easy :)	17:37
SamYaple	lol	17:37
SamYaple	anyway. so im going to finish this out in dockerhub and point you too it. im very excited to do this all 100% in dockerhub. with triggers!	17:37
*** igordcard has quit IRC		17:38
portdirect	do you can talk to docker api in dockerhub? or should i just wait to see what you've got :)	17:38
*** igordcard has joined #openstack-kolla		17:38
SamYaple	portdirect: dude. its better. this is an automated build in dockerhub. like i just point it at a repo!	17:39
SamYaple	i never build or push anything	17:39
Pavo	wait what?	17:39
*** bmace has quit IRC		17:39
SamYaple	yep	17:39
Pavo	you can build dockerfiles in docker hub now?	17:39
portdirect	'special-neutron-base is running docker inside the build process' this is the bit I'm having a mental block at	17:39
*** bmace has joined #openstack-kolla		17:39
portdirect	so docker hub let you dind?	17:39
SamYaple	Pavo: for a long time	17:40
SamYaple	https://hub.docker.com/r/samyaple/rabbitmq-clusterer/	17:40
SamYaple	thats an auto build ^	17:40
kfox1111	the hub gives you acess to the underlying docker?	17:40
kfox1111	or are you nesting your own docker?	17:40
SamYaple	nah but you can dind	17:40
SamYaple	nesting	17:40
kfox1111	interesting.	17:40
SamYaple	im still working out a kink thats messign me up though	17:40
kfox1111	how fragile do you think that will be?	17:40
SamYaple	so its not 100% sure yet	17:40
kfox1111	cause it may work today but not tomorrow?	17:40
SamYaple	not very fragile in my experince	17:41
kfox1111	cool. :)	17:41
SamYaple	the hub does go down, but i would be more worried about github going down	17:41
SamYaple	no github, no build	17:41
portdirect	crazy that dockerhub lets you do privileged builds - thats a new one on me :)	17:41
SamYaple	portdirect: you can do unpriv dind	17:41
Pavo	yeah thats very interesting	17:41
kfox1111	no, was more thinking that the nested docker might break at some point.	17:41
portdirect	oh - 2 new ones on me then :)	17:41
Pavo	seems like that could become very exploitable	17:41
SamYaple	you guys know im only using docker to pull the image right?	17:42
SamYaple	even if you cant do dind, i can still pull the image	17:43
SamYaple	im just trying to stay with the tooling	17:43
portdirect	lets lay off you untill its up :)	17:43
SamYaple	that would be better :P	17:44
*** lamt has quit IRC		17:48
openstackgerrit	Kevin Fox proposed openstack/kolla-kubernetes: Convert statefulset to global api & fix gate workflows https://review.openstack.org/417698	17:50
kfox1111	portdirect: have two more reviews ready:	17:57
kfox1111	https://review.openstack.org/#/c/417234/	17:57
kfox1111	and https://review.openstack.org/#/c/417627/	17:57
kfox1111	when you get a chance please.	17:57
*** sdake has quit IRC		17:59
*** lamt has joined #openstack-kolla		18:02
*** msimonin has quit IRC		18:04
openstackgerrit	Merged openstack/kolla-kubernetes: Switch keystone jobs to global api https://review.openstack.org/417234	18:05
openstackgerrit	Merged openstack/kolla-kubernetes: Convert create-db/manage-db scripts to global api. https://review.openstack.org/417627	18:05
sbezverk	kfox1111: I built small script to run it as a operator in a container running in the cluster and using relm-repo. It worked :-)	18:05
sbezverk	http://paste.openstack.org/show/594241/	18:05
openstackgerrit	Merged openstack/kolla-kubernetes: Switch pv's to new global api https://review.openstack.org/417634	18:06
portdirect	SamYaple: 'docker.io/port/openstack-neutron-alpine no-cinder-deps d47d2298fc22 2 minutes ago 212.2 MB' this is will the OVN and LBaaS plugins installed, and no fancy tricks - love to see if we could get it down further	18:07
kfox1111	portdirect: thanks.	18:08
kfox1111	sbezverk: awesome. :)	18:08
sbezverk	kfox1111: I need python expert to code it properly when I told sdake that I want to do it in go, he said no go ;-)	18:09
kfox1111	yeah, the tc needs to make a decision to support go.	18:10
kfox1111	I don't see that happening any time soon. :/	18:10
sbezverk	kfox1111: anyway if I do not find anybody, I will have to brush up on python	18:11
kfox1111	yeah.	18:11
kfox1111	its a good language to know though. :)	18:12
SamYaple	portdirect: is the base image for that openstack-base or pure alpine?	18:12
portdirect	from my repo? openstack-base	18:13
SamYaple	its 212.2MB ontop of openstack-base?	18:13
portdirect	yes	18:14
SamYaple	oh boy. then i may be able to beat the total size. I am 'FROM debian:jessie'	18:14
SamYaple	once you see what i do, it can be adapted to alpine if its decent	18:15
portdirect	alpine -> port/aplpine -> port/openstack-base -> port/openstack-base-common-deps -> port/openstack-neutron-alpine	18:15
SamYaple	debian:jessie -> special-neutron-base	18:15
portdirect	yeah - I could optimise a lot more	18:16
SamYaple	you should give it a shot	18:16
portdirect	i think we should be able to get the delta from base pretty much identical - so in theroy alpins hould be smaller - but I'm not sure if its worth it at that point	18:17
*** msimonin has joined #openstack-kolla		18:17
portdirect	if you are doing that on a distro with proper CVE reporting etc thats much more useful	18:18
*** msimonin has left #openstack-kolla		18:18
SamYaple	its more useful if people are willing to eat the single layer approach	18:19
SamYaple	im going to push the repo build to show how i do it	18:19
SamYaple	for that part	18:19
portdirect	yeah - they are i think, the main critisem i hear about kolla is the number of layers	18:19
SamYaple	well then do you think they would like a 1-layer approach? because thats what I have!	18:20
portdirect	the only reason layers are good is they make building easier & quicker if building all images	18:20
portdirect	you are 2 layer i think? base and delta?	18:21
portdirect	(but either way yes)	18:21
SamYaple	more or less, yea	18:23
SamYaple	if you add in ENV stuff its like 4 layers. but whose counting	18:23
portdirect	(I dont count them either)	18:23
portdirect	tarballs count - metadata is (almost) free	18:24
SamYaple	portdirect: https://github.com/SamYaple/openstack-requirements	18:26
SamYaple	so that gets built, and at the very end we make a layer containing _only_ the built tarballs	18:26
SamYaple	in the neutron image we pull that layer somehow (with docker official tooling, or direct with curl)	18:27
SamYaple	then we don't need build tools _and_ everyone shares teh same package versions	18:27
SamYaple	same builds as well	18:27
*** sp_ has quit IRC		18:29
*** salv-orlando has joined #openstack-kolla		18:30
*** markmcclain has quit IRC		18:30
*** markmcclain has joined #openstack-kolla		18:31
portdirect	nice - taht makes sense - it thought about a similar approach using venv - but thats much better	18:31
*** sbezverk has quit IRC		18:34
*** salv-orlando has quit IRC		18:35
openstackgerrit	Kevin Fox proposed openstack/kolla-kubernetes: Convert statefulset to global api & fix gate workflows https://review.openstack.org/417698	18:35
*** sbezverk has joined #openstack-kolla		18:41
*** sp_ has joined #openstack-kolla		18:42
*** dave-mccowan has quit IRC		18:46
*** msimonin has joined #openstack-kolla		18:53
*** msimonin has quit IRC		18:54
*** msimonin has joined #openstack-kolla		18:54
*** haplo37 has quit IRC		18:54
*** g3ek has quit IRC		18:54
*** msimonin has quit IRC		18:59
openstackgerrit	Kevin Fox proposed openstack/kolla-kubernetes: Convert statefulset to global api & fix gate workflows https://review.openstack.org/417698	19:00
*** pcaruana has quit IRC		19:03
*** g3ek has joined #openstack-kolla		19:04
*** haplo37 has joined #openstack-kolla		19:04
*** matrohon has joined #openstack-kolla		19:11
*** bmace has quit IRC		19:13
*** msimonin has joined #openstack-kolla		19:15
*** msimonin has quit IRC		19:17
*** msimonin has joined #openstack-kolla		19:20
*** matrohon has quit IRC		19:30
*** salv-orlando has joined #openstack-kolla		19:31
*** msimonin has quit IRC		19:32
*** salv-orlando has quit IRC		19:35
*** msimonin has joined #openstack-kolla		19:39
*** sayantan_ has quit IRC		20:16
*** sacharya has joined #openstack-kolla		20:26
*** salv-orlando has joined #openstack-kolla		20:32
*** salv-orlando has quit IRC		20:36
*** sdake has joined #openstack-kolla		20:40
*** sayantan_ has joined #openstack-kolla		20:48
*** sayantan_ has quit IRC		20:53
*** msimonin has quit IRC		20:58
openstackgerrit	Serguei Bezverkhi proposed openstack/kolla-kubernetes: Helm repository container and service https://review.openstack.org/417474	21:13
*** msimonin has joined #openstack-kolla		21:19
*** sp_ has quit IRC		21:19
*** sp_ has joined #openstack-kolla		21:33
*** salv-orlando has joined #openstack-kolla		21:33
*** Jeffrey4l_ has quit IRC		21:35
*** sacharya has quit IRC		21:35
*** sacharya has joined #openstack-kolla		21:36
*** sdake has quit IRC		21:36
*** salv-orlando has quit IRC		21:37
*** sacharya has quit IRC		21:40
*** sdake has joined #openstack-kolla		21:40
openstackgerrit	Serguei Bezverkhi proposed openstack/kolla-kubernetes: Helm repository container and service https://review.openstack.org/417474	21:46
*** salv-orlando has joined #openstack-kolla		21:47
*** Jeffrey4l_ has joined #openstack-kolla		21:47
*** sdake has quit IRC		21:48
*** severion has joined #openstack-kolla		21:52
*** v1k0d3n has quit IRC		21:54
*** Jeffrey4l_ has quit IRC		21:57
*** Jeffrey4l_ has joined #openstack-kolla		21:58
*** sp_ has quit IRC		22:01
*** msimonin has quit IRC		22:02
*** msimonin has joined #openstack-kolla		22:10
*** sp_ has joined #openstack-kolla		22:15
openstackgerrit	Serguei Bezverkhi proposed openstack/kolla-kubernetes: Helm repository container and service https://review.openstack.org/417474	22:17
*** sacharya has joined #openstack-kolla		22:18
*** salv-orl_ has joined #openstack-kolla		22:22
*** salv-orlando has quit IRC		22:22
openstackgerrit	Serguei Bezverkhi proposed openstack/kolla-kubernetes: Helm repository container and service https://review.openstack.org/417474	22:52
*** jascott1_ has joined #openstack-kolla		22:58
*** jascott1_ has quit IRC		23:01
*** jrobinson has joined #openstack-kolla		23:11
*** msimonin has quit IRC		23:24
*** msimonin has joined #openstack-kolla		23:24
openstackgerrit	Serguei Bezverkhi proposed openstack/kolla-kubernetes: Helm repository container and service https://review.openstack.org/417474	23:28
*** msimonin has quit IRC		23:29
*** salv-orlando has joined #openstack-kolla		23:48
*** salv-orl_ has quit IRC		23:48

Generated by irclog2html.py 2.14.0 by Marius Gedminas - find it at mg.pov.lt!