Thursday, 2016-02-18

« Wednesday, 2016-02-17 Index Friday, 2016-02-19 »
*** banix has quit IRC00:39
*** apuimedo has quit IRC00:43
*** baohua has joined #openstack-kuryr01:18
*** diogogmt has joined #openstack-kuryr01:42
*** diogogmt has quit IRC01:42
*** banix has joined #openstack-kuryr02:25
*** diogogmt has joined #openstack-kuryr02:26
*** tfukushima has joined #openstack-kuryr02:28
*** wanghua has joined #openstack-kuryr02:58
*** salv-orl_ has quit IRC03:04
*** shashank_hegde has joined #openstack-kuryr03:07
*** banix has quit IRC03:20
*** yuanying_ has quit IRC03:21
*** shashank_hegde has quit IRC03:28
*** shashank_hegde has joined #openstack-kuryr03:35
*** yuanying has joined #openstack-kuryr03:39
*** shashank_hegde has quit IRC03:42
*** shashank_hegde has joined #openstack-kuryr03:45
*** shashank_hegde has quit IRC03:47
*** yuanying has quit IRC03:55
*** yuanying has joined #openstack-kuryr04:05
*** shashank_hegde has joined #openstack-kuryr04:06
*** yuanying_ has joined #openstack-kuryr04:07
*** yuanying has quit IRC04:09
*** shashank_hegde has quit IRC04:30
*** gal_ is now known as gsagie05:44
openstackgerritGal Sagie proposed openstack/kuryr: Add configuration option to disable authenticating from devstack config  https://review.openstack.org/28124905:58
gsagietfukushima: ping07:02
tfukushimagsagie: Hi Gal,07:02
gsagietfukushima: i am looking at the Kubernetes integration and reading about OpenContrail, i guess you looked at it closer and know it better so just wondering if you know how they make sure to sync between the kubernetes-network-manager and the plugin that is called by kubelet and does the final binding07:04
gsagiefrom what i read they add some annotations, but i wonder if Kubernetes API allows you to do "external actions" by a watcher before it sends update to Kubelet07:04
gsagieor maybe even trigger an update message that sends update to Kubelet and then re-trigger the CNI plugin07:05
gsagiebasically what i am wondering if there is a way to trigger an update to kubelet to call the CNI plugin to do the binding after we in Kuryr created everything in Neutron (and by that we dont really need any API connectivity from the nodes)07:06
gsagiejust do the final binding07:06
tfukushimagsagie: That's a very nice and fundamental question and I'm also trying to figuring it out yet.07:08
tfukushimaI did a small experiment and I observed the *legacy exec* network plugin was executed like 30 seconds later after the apiserver received the request.07:09
tfukushimagsagie: We'll need some synchronizing mechanism.07:11
tfukushimagsagie: That can be etcd for instance.07:11
tfukushimagsagie: Sorry, I haven't taken a careful look at Contrail plugin yet.07:12
gsagietfukushima: thats what i am wondering, i am trying to avoid synchronization mechanism, if Kubernetes support re-triggering things to kubelet07:16
gsagieor even delaying container creation on specific extendable actions07:17
tfukushimagsagie: I'm in the meeting and I'll ping you back later.07:17
gsagietfukushima: np enjoy :)07:17
*** salv-orlando has joined #openstack-kuryr07:44
*** shashank_hegde has joined #openstack-kuryr08:16
tfukushimagsagie: It seems like contrail-kubernetes has sleep to wait for everything is prepared before the actual interface operation. https://github.com/Juniper/contrail-kubernetes/blob/6511f190f36039181d4e4f8e6608cc086628aba1/scripts/opencontrail-kubelet/opencontrail_kubelet/plugin.py#L98-L11108:53
tfukushimaMy 30 seconds estimation seems right.08:53
gsagieokie, so they just sleep in their CNI08:54
gsagiewhich we probably dont want to do :)08:54
tfukushimaYeah, I don't want to.08:54
gsagieor i dont think thats a correct solution, maybe its the only one, but i think the better approach would be to either08:54
tfukushimaI'm not sure if there's a way to "re-trigger" the setup or teardown processes.08:54
gsagiehave Kubernetes API be able to re-trigger the container creation call to the CNI, this time with annotations we added08:55
gsagieand if we can do it, our watcher central can call this API, given that Kubernetes support it08:56
tfukushimaThat flow is totally hardcoded and they don't offer any plugin mechanisms, so it's unlikely in my opinion but I'm not 100% sure.08:56
gsagieother option is to keep this locally08:57
gsagiewrite to file maybe and re-iterating08:57
tfukushimaYeah, but it'd introduce some additional complexities.08:57
gsagieuntil we have enough information08:57
gsagieyou sure there is no way to re-trigger the CNI call from Kubernetes?08:58
gsagieeven if i edit annotations or something?08:58
gsagietfukushima: the complexities i see are consistency (and that solved by writing it to file, even if "hacky") and the other is what happens if Neutron fails, but this is also there if you wait 30 seconds09:00
gsagiethe best solution would be to re-trigger the API, i think i read in Kubernetes that even kubelet API is open, so our watcher could potentially be able to call it somehow09:00
gsagieyou familiar with that by any chance?09:00
tfukushimagsagie: The veth pair creation and it's binding is involved in and my intuition says it's just one time call. But again I haven't looked at that possibilities.09:01
tfukushimaAnd pod is treated as it's created when the network plugin is called in apiserver.09:02
tfukushimaThere's a record for the pod. That means we need to delete the record first.09:02
tfukushimaIt's only setup and teardown. There's no "update". Or there is in the CNI spec?09:03
gsagiewhat do you mean network plugin in apiserver? the plugin is not called by kubelet? how it can do the binding?09:17
*** baohua has quit IRC09:31
*** shashank_hegde has quit IRC09:34
tfukushimagsagie: Ah, I meant "And pod is treated as it's created in apiserver when the network plugin is called."09:43
tfukushimaapiserver holds the info of the pod. The update on the pod through API doesn't trigger the setup again in my theory.09:45
gsagietfukushima: yeah it seems that way to me too09:46
*** tfukushima has quit IRC09:49
*** tfukushima has joined #openstack-kuryr09:54
*** tfukushima has quit IRC09:54
*** openstackgerrit has quit IRC10:02
*** yamamoto has joined #openstack-kuryr10:02
*** openstackgerrit has joined #openstack-kuryr10:02
*** salv-orl_ has joined #openstack-kuryr10:03
*** salv-orlando has quit IRC10:06
*** gal_ has joined #openstack-kuryr10:06
*** gsagie has quit IRC10:10
*** gal_ is now known as gsagie10:50
*** gsagie has quit IRC10:55
*** yamamoto has quit IRC11:03
*** tfukushima has joined #openstack-kuryr11:11
*** tfukushima has quit IRC11:23
*** yamamoto has joined #openstack-kuryr11:48
*** yamamoto_ has joined #openstack-kuryr11:49
*** yamamoto has quit IRC11:53
*** yamamoto_ has quit IRC11:57
*** salv-orl_ has quit IRC12:03
*** yamamoto has joined #openstack-kuryr12:11
*** yamamoto has quit IRC12:22
*** yamamoto has joined #openstack-kuryr12:23
*** salv-orlando has joined #openstack-kuryr12:26
*** yamamoto has quit IRC12:27
*** yamamoto has joined #openstack-kuryr12:46
*** gsagie has joined #openstack-kuryr13:12
*** yamamoto has quit IRC13:42
*** yamamoto has joined #openstack-kuryr13:45
*** yamamoto has quit IRC13:47
*** yamamoto has joined #openstack-kuryr13:47
*** yamamoto has quit IRC13:47
*** yamamoto has joined #openstack-kuryr13:49
*** yamamoto has quit IRC13:59
*** diogogmt has quit IRC14:26
*** diogogmt has joined #openstack-kuryr14:28
*** srampal has joined #openstack-kuryr14:55
*** diogogmt has quit IRC14:58
*** yamamoto has joined #openstack-kuryr14:59
*** banix has joined #openstack-kuryr15:07
*** irenab_ has joined #openstack-kuryr15:22
*** irenab has quit IRC15:23
*** irenab_ is now known as irenab15:23
*** yamamoto has quit IRC15:52
*** diogogmt has joined #openstack-kuryr15:57
*** salv-orl_ has joined #openstack-kuryr16:03
*** salv-orlando has quit IRC16:06
*** yamamoto has joined #openstack-kuryr16:21
*** srampal has quit IRC17:02
*** srampal has joined #openstack-kuryr17:35
irenabgsagie: just catching up on your k8s watcher  + cni network plugin discussion. I think it worth to ask k8s-net-sig guys opinion. I am not sure that adding artificial (not part of k8s) dependencies will keep consistency as k8s evolves17:46
*** gsagie has quit IRC18:31
openstackgerritMohammad Banikazemi proposed openstack/kuryr: Support for existing Neutron nets <DO NOT MERGE>  https://review.openstack.org/28094818:37
*** shashank_hegde has joined #openstack-kuryr18:46
openstackgerritMerged openstack/kuryr: Add the kuryr plugin for rally  https://review.openstack.org/27401419:34
openstackgerritFrederick F. Kautz IV proposed openstack/kuryr: Fix virtualbox target in vagrant, now points to ubuntu/trusty64 instead of trusty.  https://review.openstack.org/28202919:44
openstackgerritFrederick F. Kautz IV proposed openstack/kuryr: Renaming service from docker-engine to docker to fix 'vagrant up'  https://review.openstack.org/28203219:47
*** srampal has quit IRC21:04
*** srampal has joined #openstack-kuryr21:32
*** banix has quit IRC21:32
*** salv-orlando has joined #openstack-kuryr22:03
*** salv-orl_ has quit IRC22:05
*** yamamoto has quit IRC22:49
*** srampal_ has joined #openstack-kuryr23:04
*** srampal has quit IRC23:04
*** yamamoto has joined #openstack-kuryr23:17
*** srampal_ has quit IRC23:20
*** yamamoto has quit IRC23:31
*** openstackgerrit has quit IRC23:47
*** openstackgerrit_ is now known as openstackgerrit23:47
*** openstackgerrit_ has joined #openstack-kuryr23:47
*** openstackgerrit_ is now known as openstackgerrit23:48
*** openstackgerrit_ has joined #openstack-kuryr23:48
*** openstackgerrit_ has quit IRC23:55
*** openstackgerrit_ has joined #openstack-kuryr23:56
« Wednesday, 2016-02-17 Index Friday, 2016-02-19 »

Generated by irclog2html.py 2.14.0 by Marius Gedminas - find it at mg.pov.lt!