Thursday, 2015-12-10

blogan	Divya: ah yeah i vaguely remember that. and saw that this could possibly be an issue and put that comment, but just kept it bc of v1	00:00
blogan	Divya: sounds like you hit that condition my note was concerned about?	00:01
*** Divya has quit IRC		00:01
*** madhu_ak has joined #openstack-lbaas		00:01
*** madhu_ak_ has quit IRC		00:02
*** Divya has joined #openstack-lbaas		00:06
Divya	blogan: sorry lost my connection ...	00:06
Divya	blogan: shouldn't we delay the actual db delete until driver actually finishes the delete ..	00:07
*** manishg has joined #openstack-lbaas		00:09
*** chlong has quit IRC		00:09
*** madhu_ak has quit IRC		00:11
*** madhu_ak_ has joined #openstack-lbaas		00:11
*** Divya has quit IRC		00:11
*** Divya has joined #openstack-lbaas		00:14
*** crc32 has quit IRC		00:20
Divya	blogan: ping i am sorry i lost my connection again .. and missed any messages you sent .. sorry to bother you ...	00:21
blogan	Divya: yeah thast why i put that comment there as a TODO, but was tryint o get v1 parity adn didn't have time to fully test that out	00:21
blogan	Divya: if you want to change that up and test it out, be my guest	00:24
blogan	Divya: just be aware that the CI doesn't run against that driver now	00:24
*** ianbrown has quit IRC		00:25
*** fnaval has joined #openstack-lbaas		00:27
*** ianbrown has joined #openstack-lbaas		00:28
*** fnaval has quit IRC		00:28
*** manishg has quit IRC		00:30
*** minwang2 has quit IRC		00:31
Divya	blogan: thanks logan .. sure would like to work on that change .. should i create a bug for liberty then?	00:35
Divya	blogan: so the fix should be to have the agent trigger the db delete right?	00:39
*** manishg has joined #openstack-lbaas		00:39
*** diogogmt has quit IRC		01:02
*** chlong has joined #openstack-lbaas		01:05
*** Aish has left #openstack-lbaas		01:06
*** yuanying_ has joined #openstack-lbaas		01:09
*** yuanying_ has quit IRC		01:09
*** yuanying has quit IRC		01:11
*** ajmiller_ has quit IRC		01:22
*** chlong has quit IRC		01:23
*** yuanying has joined #openstack-lbaas		01:23
openstackgerrit	Merged openstack/neutron-lbaas: Automatically generate neutron LBaaS configuration files https://review.openstack.org/252981	01:27
*** ianbrown has quit IRC		01:31
*** ianbrown has joined #openstack-lbaas		01:31
*** ianbrown has quit IRC		01:33
*** ianbrown has joined #openstack-lbaas		01:33
*** bharathm has quit IRC		01:36
*** manishg has quit IRC		01:41
*** armax has quit IRC		01:43
*** yamamoto has joined #openstack-lbaas		01:43
*** ianbrown has quit IRC		01:44
*** ianbrown has joined #openstack-lbaas		01:44
*** yamamoto has quit IRC		01:49
*** madhu__ak_ has joined #openstack-lbaas		01:50
bana_k	not able to ssh to amphora, any idea?	01:51
*** yamamoto has joined #openstack-lbaas		01:54
*** madhu_ak_ has quit IRC		01:54
*** yamamoto has quit IRC		01:54
*** madhu__ak_ has quit IRC		01:57
*** rcernin has quit IRC		02:01
*** bana_k has quit IRC		02:06
*** davidlenwell has quit IRC		02:10
*** davidlenwell has joined #openstack-lbaas		02:13
*** bana_k has joined #openstack-lbaas		02:18
*** ianbrown has quit IRC		02:20
*** ianbrown has joined #openstack-lbaas		02:21
*** ianbrown has quit IRC		02:27
*** ianbrown has joined #openstack-lbaas		02:28
*** diogogmt has joined #openstack-lbaas		02:33
*** chlong has joined #openstack-lbaas		02:44
*** ianbrown_ has joined #openstack-lbaas		02:44
*** ianbrown has quit IRC		02:45
*** ianbrown_ has quit IRC		02:47
*** ianbrown_ has joined #openstack-lbaas		02:47
*** bana_k has quit IRC		02:52
*** manishg has joined #openstack-lbaas		03:09
*** yamamoto has joined #openstack-lbaas		03:10
*** yuanying has quit IRC		03:19
*** sbalukoff has quit IRC		03:35
*** yuanying has joined #openstack-lbaas		03:37
*** yuanying has quit IRC		04:02
*** davidlenwell has quit IRC		04:06
*** yuanying has joined #openstack-lbaas		04:06
*** davidlenwell has joined #openstack-lbaas		04:09
*** bana_k has joined #openstack-lbaas		04:23
*** amotoki has quit IRC		04:25
*** ianbrown_ has quit IRC		04:38
*** ianbrown__ has joined #openstack-lbaas		04:39
*** manishg has quit IRC		04:44
*** ianbrown__ has quit IRC		04:45
*** ianbrown__ has joined #openstack-lbaas		04:45
*** neelashah has joined #openstack-lbaas		04:46
*** crc32 has joined #openstack-lbaas		04:46
*** sbalukoff has joined #openstack-lbaas		04:51
*** armax has joined #openstack-lbaas		05:11
*** crc32 has quit IRC		05:17
*** amotoki has joined #openstack-lbaas		05:30
*** manishg has joined #openstack-lbaas		05:37
*** prabampm has joined #openstack-lbaas		05:46
*** bana_k has quit IRC		05:46
*** blogan_ has joined #openstack-lbaas		05:51
*** numans has joined #openstack-lbaas		05:52
*** neelashah has quit IRC		05:55
*** manishg has quit IRC		05:57
*** bana_k has joined #openstack-lbaas		06:20
*** chlong has quit IRC		06:28
openstackgerrit	Merged openstack/octavia: Refactor BarbicanAuth to allow for configurable auth method https://review.openstack.org/216140	06:47
*** chlong has joined #openstack-lbaas		06:49
*** armax has quit IRC		06:57
*** EvgenyF has joined #openstack-lbaas		06:59
*** [1]evgenyf has joined #openstack-lbaas		06:59
*** chlong has quit IRC		07:04
*** rcernin has joined #openstack-lbaas		07:11
*** chlong has joined #openstack-lbaas		07:20
*** nmagnezi has joined #openstack-lbaas		07:31
*** blogan_ has quit IRC		07:51
*** chlong has quit IRC		08:05
*** mhickey has joined #openstack-lbaas		08:18
*** numans has quit IRC		08:37
*** bana_k has quit IRC		08:41
*** jschwarz has joined #openstack-lbaas		09:02
*** yuanying has quit IRC		09:10
openstackgerrit	Stephen Balukoff proposed openstack/octavia: Add spec for active-active https://review.openstack.org/234639	09:17
*** eranra has joined #openstack-lbaas		09:20
*** eranra has quit IRC		09:22
*** eranra has joined #openstack-lbaas		09:22
*** openstackgerrit has quit IRC		09:32
*** openstackgerrit has joined #openstack-lbaas		09:33
*** [1]evgenyf has quit IRC		10:49
*** EvgenyF has quit IRC		10:49
*** ianbrown__ has quit IRC		10:52
*** ianbrown__ has joined #openstack-lbaas		10:52
*** ianbrown__ has quit IRC		11:01
*** ianbrown__ has joined #openstack-lbaas		11:02
*** ianbrown__ has quit IRC		11:11
*** ianbrown__ has joined #openstack-lbaas		11:11
*** yamamoto has quit IRC		11:15
*** rtheis has joined #openstack-lbaas		12:21
*** prabampm has quit IRC		12:27
*** doug-fish has joined #openstack-lbaas		12:32
*** EvgenyF has joined #openstack-lbaas		12:40
*** [1]evgenyf has joined #openstack-lbaas		12:40
openstackgerrit	OpenStack Proposal Bot proposed openstack/neutron-lbaas: Updated from global requirements https://review.openstack.org/255557	12:43
openstackgerrit	OpenStack Proposal Bot proposed openstack/octavia: Updated from global requirements https://review.openstack.org/255560	12:45
*** openstackgerrit has quit IRC		12:47
*** openstackgerrit has joined #openstack-lbaas		12:48
*** yamamoto has joined #openstack-lbaas		12:59
*** yamamoto_ has joined #openstack-lbaas		13:01
*** yamamoto has quit IRC		13:05
*** ducttape_ has joined #openstack-lbaas		13:13
*** yamamoto_ has quit IRC		13:14
*** yamamoto has joined #openstack-lbaas		13:15
*** ducttape_ has quit IRC		13:24
*** ducttape_ has joined #openstack-lbaas		13:25
*** ducttape_ has quit IRC		13:32
openstackgerrit	Bo Chi proposed openstack/neutron-lbaas: Change status to INACTIVE if admin_state_up if false https://review.openstack.org/255875	13:38
*** enikanorov has quit IRC		13:47
*** enikanorov has joined #openstack-lbaas		13:49
*** sc68cal has quit IRC		13:58
*** sc68cal has joined #openstack-lbaas		14:01
*** sc68cal has quit IRC		14:01
*** sc68cal has joined #openstack-lbaas		14:01
*** eranra has quit IRC		14:08
*** yamamoto has quit IRC		14:17
*** yamamoto has joined #openstack-lbaas		14:20
*** neelashah has joined #openstack-lbaas		14:20
*** yamamoto has quit IRC		14:22
*** alejandrito has joined #openstack-lbaas		14:22
*** yamamoto has joined #openstack-lbaas		14:24
*** [1]evgenyf has quit IRC		14:25
*** EvgenyF has quit IRC		14:26
*** yamamoto has quit IRC		14:26
*** yamamoto has joined #openstack-lbaas		14:38
*** amotoki has quit IRC		15:02
*** ducttape_ has joined #openstack-lbaas		15:03
*** manishg has joined #openstack-lbaas		15:09
*** prabampm has joined #openstack-lbaas		15:21
*** TrevorV\|Home has joined #openstack-lbaas		15:21
openstackgerrit	Merged openstack/neutron-lbaas: Updated from global requirements https://review.openstack.org/255557	15:24
*** kobis has quit IRC		15:27
*** manishg has quit IRC		15:28
*** kobis has joined #openstack-lbaas		15:31
*** eranra has joined #openstack-lbaas		15:38
*** TrevorV\|Home has quit IRC		15:41
*** armax has joined #openstack-lbaas		15:45
openstackgerrit	Martin Hickey proposed openstack/neutron-lbaas: Remove Neutron LBaaS static example configuration files https://review.openstack.org/255944	15:46
*** armax has quit IRC		15:50
*** TrevorV\|Home has joined #openstack-lbaas		15:50
*** eranra_ has joined #openstack-lbaas		15:55
*** armax has joined #openstack-lbaas		15:55
*** kobis has quit IRC		15:57
*** eranra has quit IRC		15:58
*** eranra_ has quit IRC		16:02
*** eranra_ has joined #openstack-lbaas		16:02
*** kobis has joined #openstack-lbaas		16:02
*** jschwarz_ has joined #openstack-lbaas		16:08
*** eranra_ has quit IRC		16:09
*** jschwarz has quit IRC		16:10
*** armax has quit IRC		16:11
*** manishg has joined #openstack-lbaas		16:15
openstackgerrit	Kobi Samoray proposed openstack/neutron-lbaas: (WIP) XFF https://review.openstack.org/255963	16:16
*** yamamoto_ has joined #openstack-lbaas		16:17
openstackgerrit	Kobi Samoray proposed openstack/neutron-lbaas: Add support X-Forwarded-For header https://review.openstack.org/255963	16:18
*** ajmiller has joined #openstack-lbaas		16:18
*** yamamoto has quit IRC		16:18
openstackgerrit	Kobi Samoray proposed openstack/neutron-lbaas: (WIP) Add support X-Forwarded-For header https://review.openstack.org/255963	16:20
*** manishg has quit IRC		16:32
*** manishg has joined #openstack-lbaas		16:35
mhickey	Hey All. I am getting an error in 'gate-devstack-bashate' as follows: "ERROR: InvocationError: '/bin/bash -c find /home/jenkins/workspace/gate-devstack-bashate ........". Anyone got any idea whats up?	16:41
*** rcernin has quit IRC		16:42
johnsom	mhickey What patch?	16:46
mhickey	johnsom: Hey. https://review.openstack.org/#/c/253006/	16:47
ajmiller	mhickey 2015-12-10 14:12:51.661 \| [E] E001: Trailing Whitespace: ' iniset $NEUTRON_CONF_DIR/neutron_lbaas.conf service_providers service_provider $DEFAULT_LB_PROVIDER '	16:48
ajmiller	2015-12-10 14:12:51.661 \| - /home/jenkins/workspace/gate-devstack-bashate/lib/neutron-legacy : L1069	16:48
ajmiller	2015-12-10 14:12:51.661 \| [E] E001: Trailing Whitespace: ' '	16:48
ajmiller	2015-12-10 14:12:51.661 \| - /home/jenkins/workspace/gate-devstack-bashate/lib/neutron-legacy : L1070	16:48
johnsom	mhickey Yep. If you dig into the log there are some errors reported: http://logs.openstack.org/06/253006/2/check/gate-devstack-bashate/76032cf/console.html	16:49
ajmiller	bashate isn't necessarily very friendly, you need to scroll back up to see the actual errors.	16:49
*** ducttape_ has quit IRC		16:49
mhickey	johnsom, ajmiller: ok, I see it now. thanks	16:50
mhickey	BTW, what is bashate?	16:50
johnsom	It is a syntax test suite for bash scripts. It's like pep8 for bash scripts	16:52
*** xiaohhui has quit IRC		16:52
johnsom	https://github.com/openstack-dev/bashate	16:52
mhickey	johnsom: ok, kewl. Damn you bashate! :)	16:52
mhickey	johnsom: thanks! :)	16:53
*** jschwarz__ has joined #openstack-lbaas		16:53
johnsom	NP	16:54
*** xiaohhui has joined #openstack-lbaas		16:54
*** kobis has quit IRC		16:55
*** jschwarz_ has quit IRC		16:56
*** bana_k has joined #openstack-lbaas		16:58
*** manishg has quit IRC		17:00
*** armax has joined #openstack-lbaas		17:03
*** minwang2 has joined #openstack-lbaas		17:05
*** ducttape_ has joined #openstack-lbaas		17:07
*** kobis has joined #openstack-lbaas		17:09
*** manishg has joined #openstack-lbaas		17:11
*** ig0r_ has joined #openstack-lbaas		17:11
*** manishg_ has joined #openstack-lbaas		17:12
*** manishg has quit IRC		17:16
*** kobis has quit IRC		17:17
*** diogogmt has quit IRC		17:20
*** prabampm has quit IRC		17:20
*** ianbrown__ has quit IRC		17:20
*** ianbrown__ has joined #openstack-lbaas		17:21
*** diogogmt has joined #openstack-lbaas		17:21
*** manishg_ has quit IRC		17:22
*** kobis has joined #openstack-lbaas		17:28
blogan	kobis: ping	17:32
openstackgerrit	Merged openstack/octavia: Updated from global requirements https://review.openstack.org/255560	17:33
kobis	blogan: hey	17:35
blogan	kobis: hey ptoohill brought up a good point about the xff headers	17:35
blogan	kobis: why not just insert it all the time?	17:36
ptoohill	Is there ever a specific reason to not send the header if its available?	17:36
*** crc32 has joined #openstack-lbaas		17:36
kobis	because xff header insertion requires termination of the tcp connection	17:36
ptoohill	And if the user select termination is that not enough 'go ahead' to insert it?	17:37
kobis	while i'm not sure that this applies to haproxy (or vmware Edge appliance…), most of the commercial LBs won't terminate the TCP connection unless there's an L7 operation	17:37
kobis	that has a major impact on performance	17:37
ptoohill	adding a header does?	17:37
kobis	in most cases, yes	17:38
ptoohill	oh, so you want the user to specific termination as well as the xff header	17:38
kobis	think of a LB which is implemented as a router or switch (e.g F5, Radware)	17:39
kobis	they won't terminate the session unless they have to	17:39
blogan	is there a number of people wanting this? to basically be able to turn it off?	17:40
ptoohill	Thats fair i suppose, i still dont see the one off header value in the api as worthwhile, but thats just me	17:40
kobis	I believe that any L7 operation will force termination - I guess that Radware does that implicitly - but we can ask Radware	17:40
kobis	or maybe dougwig	17:40
*** manishg has joined #openstack-lbaas		17:40
ptoohill	maybe we can make it wore generic somehow? not sure of a better solution ATM though :/	17:40
dougwig	yeah, as soon as you modify, you're in a different ballgame.	17:41
*** mhickey has quit IRC		17:41
dougwig	you're in l3 land instead of l2.	17:41
blogan	i was assuming the rfe was saying to enable it in all drivers when i saw it, not that it was going to be toggleable feature through the api	17:41
dougwig	well, l4.	17:41
sbalukoff	Hey folks! When you get a chance, we'd love feedback on this: https://review.openstack.org/#/c/234639/	17:41
kobis	your'e actually in l7 land :)	17:41
dougwig	heh, fine, l7.	17:41
dougwig	:)	17:41
sbalukoff	(That's the new active-active spec)	17:41
kobis	now i'd love to come up with generic API for this	17:42
dougwig	l2/l3 load-balancing can be FAST. you don't want to subtract that just due to removing a toggle, i think.	17:42
ptoohill	haproxy seems to do it with ease, but thats the extent of my understand on this. Im ok with it going in, i would really like to find a better way to do this with potential to add other things to it, but again i dont have a better solution so i suppose this is ok to me	17:42
kobis	L2-L3 is just passing packets around (in L3 you have to update TTL and change MAC addresses…)	17:42
blogan	before we add something like this that is kind of a slippery slope of a bunch of toggleable things, i'd like to know if there's a lot of end users wanting this	17:42
*** diogogmt has quit IRC		17:43
kobis	haproxy is different as it always terminates the client side socket	17:44
blogan	ah	17:45
ptoohill	fair enough, if this gets in we can utilize it also, i just really dont like the idea of the one off	17:45
blogan	kobis: still, have you had a lot of requests for this? bc yours is the first for me	17:45
kobis	could a —special-header=xff,blabla,whatever be any better?	17:46
ptoohill	i would like that more	17:46
ptoohill	that way its future proof	17:46
ptoohill	though that would require additional parsin in the driver, but not too bad i wouldnt think	17:46
kobis	that'll work as long as these all are togglables	17:46
kobis	therefore it's not future proof…	17:46
ptoohill	hrmm	17:46
*** diogogmt has joined #openstack-lbaas		17:47
ptoohill	tough solving for these types of features	17:47
blogan	im concerned about the slippery slope	17:47
ptoohill	im ok the way it is honestly, i dont know of other headers off hand now a better way to do it besides maybe a list	17:48
ptoohill	nor*	17:48
blogan	add this little thing, then this little thing, then this little thing, and then boom you've got a very complicated api with complicated validation	17:48
kobis	I dunno - if something is common enough to fit into the APIs of most LBs, I guess that it's cool to have in LBaaS API which is a generaization of the above	17:48
ptoohill	i agree, but do we have a list of header like this?	17:48
kobis	but that's my view of things	17:48
ptoohill	i guess im not sure how to solve for this because in both our 1.0 rackspace product as well as lbaasv2 haproxy its done by default	17:49
kobis	XFF is the very common - you basically cannot audit your clients without it	17:49
kobis	at the app level	17:49
ptoohill	yea, we require this header also, i understand its needs, we just do it by default	17:49
blogan	kobis: i don't disagree, just worried about the balance of it all, then again most users will use a UI and not the API so my worries abotu the complexity of an API are probably not as important	17:49
kobis	any commercial LB is facing these UI difficulties - this is solvable by addition of HTTP/HTTPS specific panel, L7 features or whatever	17:51
kobis	or you can always drop the UI support for this :)	17:51
blogan	kobis: does your driver have it on by default? or is it off?	17:52
kobis	ptoohill: you do use haproxy so there are no extra penalties for you by adding xff in any case. you cannot assume that everyone uses haproxy though	17:52
ptoohill	we also use another product that does somethign similar to what you describe, and thats by default	17:52
ptoohill	im not negating your reasonings	17:52
kobis	as of now it is off. cost of having it on my default: 30sec	17:52
ptoohill	i just feel that if the user configures that type of lb they would expect that feature	17:52
ptoohill	i dont see a NEED for it to be toggable, but thats from my experience	17:53
johnsom	We also have the request for the timeouts to be exposed, not sure if that ties into this sort of thing or not. I usually see these all as options on the LB and pools	17:53
ptoohill	thats a big hit, and makes sense why you would want it	17:53
*** yamamoto_ has quit IRC		17:54
blogan	kobis: 30 seconds for what?	17:54
kobis	having xff on by default :)	17:54
blogan	kobis: i know but 30 seconds added on top of what?	17:55
blogan	i mean what takes 30 seconds longer	17:55
kobis	blogan: having xff on by default in vmware driver is 30sec of work really. yet I don't think that this is a good approach.	17:55
crc32	30 seconds per request?	17:56
kobis	blogan: nah I meen that it's 30sec of coding, to have this working...	17:56
blogan	kobis: ohhhh lol	17:56
kobis	not 30sec at runtime…. that would be one worthless LB :)	17:56
blogan	kobis: whats the performance penalty for having it on?	17:56
*** manishg has quit IRC		17:56
blogan	kobis: lol you had me worried and i was like ther'es absolutely no way	17:56
ptoohill	:P	17:57
kobis	it doesn't matter much what's the performance for the vmware LB - but in general for an lbaas-implementing driver	17:57
ptoohill	but would your users configuring that type of lb ever expect it to not be there?	17:57
*** manishg has joined #openstack-lbaas		17:58
ptoohill	If the performance hit isnt a big deal, and most users want/need this why not do it by default	17:58
ptoohill	im missing the link here	17:58
*** SumitNaiksatam has joined #openstack-lbaas		17:58
ptoohill	i thought adding this caused 30sec build time or something	17:58
kobis	i have a couple of requests for having an option to enable this	17:58
crc32	I thought he meant 30 seconds per HTTP request.	17:58
ptoohill	ok, thats a fair usecase imo then	17:59
kobis	I haven't tried to sell them the idea of having this by default as you guys do	17:59
ptoohill	or yea that crc32	17:59
ptoohill	i guess i just dont see why they wouldnt want the header in this type of config	17:59
ptoohill	so it makes sense for default	17:59
*** madhu_ak has joined #openstack-lbaas		17:59
ptoohill	but if users want to toggle it then it makes sense	17:59
blogan	i gotta go to a meeting, i've expressed my concerns but in the end its somethign every LB out there supports, soooo i dont know	17:59
johnsom	I have heard one person ask for turning this off, but I think it was to work around another vendor's bug.	17:59
kobis	but from my experience (working for Radware for a long while), users don't want this by default as it has performance impact (major one with Radware and likes)	18:00
ptoohill	Thats fair then and i do understand that	18:00
blogan	i suspect our users will be different than thsoe users, but i have no proof	18:00
sbalukoff	blogan +1	18:00
ptoohill	maybe we can come up with another solution to the one off and im be 100% with it, otherwise, this makes sense and since i dont have idea for other idears/solution im on board	18:00
ptoohill	header*	18:01
blogan	ok i gotta go	18:01
blogan	good discussions though	18:01
ptoohill	indeed	18:01
crc32	would it be reasonable to have the operator speify if XFF is on or off by default via a conf file?	18:01
ptoohill	crc32: the users are requesting it, that was going to be another suggestion if that wasnt the case	18:01
kobis	eh, what if I have one listener serving my GIFs, hauling lots of traffic, and another serving the login page?	18:02
johnsom	I think it's better to expose it to the user than have it in the conf. Coming up with a non-one off solution would be good.	18:02
kobis	so I have to choose between penalizing listener A because I need XFF for listener B?	18:02
*** jschwarz__ has quit IRC		18:03
kobis	I suggest that we'll take a couple of days to thing, of maybe a better solution	18:03
ptoohill	I still see it different because of haproxy, that gets added to the backend configuration, so pool A with x members can have the xff while the other pool does not	18:04
ptoohill	just a little bit of disconnect :D	18:04
kobis	the patches aren't merged yet, so we have time :)	18:04
ptoohill	:D	18:04
crc32	so I'm suggesting the user be allowed to specify it in the api request but if they don't then the operator can specify the default.	18:04
*** nmagnezi has quit IRC		18:04
kobis	crc32: a user has no access to the conf file	18:04
crc32	operater meaning rackspace or whoever is hosting the driver.	18:05
ptoohill	i think hes saying so the operator can send it by default or not regardless of users selection type thing	18:05
kobis	so he needs someone to turn on xff for him - that's not a very user friendly approach	18:05
ptoohill	maybe	18:05
crc32	operator = cloud hosting provider.	18:05
ptoohill	That way, in our example, its always on by default	18:05
ptoohill	but the user could specify to disable	18:05
johnsom	crc32 yeah, that is fair. There should be a default. Having it in the conf would let the operator decide what the right default is for their deployment. I.e. HAproxy is probably default on, others might be better default off	18:05
ptoohill	type thing	18:05
ptoohill	yea	18:06
dougwig	If it's just a config tweak without Api, use flavors	18:07
dougwig	Sec rebooting	18:07
ptoohill	oh, interesting idea	18:08
ptoohill	hrmmm	18:08
*** bana_k has quit IRC		18:08
kobis	never looked at flavors really - doesn't that mean that each LB can either have xff on or off?	18:09
crc32	no kobis I'm saying that since you prefer it to be off you can specify that in your enviornment. The end customer can always override your default.	18:09
kobis	they can override only if they have access to the LB itself	18:09
crc32	kobis: Yea I thought thats what I said.	18:10
kobis	if they have access to the LB itself, they could have configured the listener top to bottom - why bother with lbaas in the 1st place :(	18:10
johnsom	flavors is a good idea for the default. Not sure it meets the customer need otherwise.	18:13
crc32	kobis: ok so I'm not sure what problem your solving for. Anyways I got to run.	18:13
*** bana_k has joined #openstack-lbaas		18:13
dougwig	If prefer to see an extended feature map in the Api, personally. I know lots who are unhappy with the limited feature set.	18:13
dougwig	And always doing the insertion hurts things like dsr. Of course you can keep 1 or 10g stuffed even at l7. But...	18:14
*** amit213 has quit IRC		18:14
kobis	dougwig: i tend to agree. if a feature is common enough among LBs, why not have it in the API?	18:15
*** amit213 has joined #openstack-lbaas		18:15
dougwig	blogan: I'm not sure how we quantify your demand desires. Everyone that shows up is a vendor or huge operator. :)	18:15
kobis	and there's no sense in deprecating the LB performance regardless of capabilities	18:15
kobis	dougwig: even if your LB does 80G. so your customer paid for 80G - why force him into L7 processing to avoid a config flag?	18:17
kobis	or deprecate a useful feature?	18:17
dougwig	kobis: I'm agreeing with you on that point.	18:19
kobis	i'd try to come up with a more generic solution for header insertion - but most headers require value setting	18:21
kobis	e.g Cookie: <value> or such	18:21
kobis	while xff value is set by the LB - it's the requests source IP	18:22
openstackgerrit	Merged openstack/octavia: Expose project_id in octavia api https://review.openstack.org/253281	18:27
openstackgerrit	Merged openstack/neutron-lbaas: Send project_id/tenant_id to octavia api https://review.openstack.org/253284	18:27
dougwig	blogan: so you'd be opposed to a bunch of optional toggles on the create call?	18:27
dougwig	otoh, i can see the argument against, since a lot of these toggles are for fitting LB's into legacy environments with existing servers, and a cloud shouldn't have those issues.	18:28
dougwig	blogan: performance penalty is an order of magnitude, at least.	18:29
ptoohill	blogan wont be back for a couple of hours	18:30
ptoohill	for a 'meeting'	18:30
kobis	all i can come up with is either something like —set-header which accepts a list, or a specific flag for xff	18:34
*** crc32 has quit IRC		18:34
rm_work	we also do XFP in our v1 product... is that a real thing we might need too?	18:34
kobis	the 1st one is more flexible but can be abused by using it to some other toggles…	18:34
rm_work	(X-Forwarded-Port)	18:34
ptoohill	True, forgot about that one	18:35
kobis	XFP is not as commonly used AFAIK	18:35
rm_work	we also do that by default :P	18:35
ptoohill	but its still something the users may want to enable	18:35
ptoohill	slash disable	18:35
kobis	as XFF is mandatory for any auditing	18:35
rm_work	I don't know what our vendor is doing then, I didn't even realize we were introducing a performance hit, since we already were doing termination...	18:35
ptoohill	We had a requirement for XFP from users which is why we used it	18:35
kobis	_might_ is a key here….	18:36
ptoohill	yea, thats what i was thinking too rm_work	18:36
rm_work	I wonder if we turned off XFF/XFP by default if our product would go an order of magnitude faster :P	18:36
kobis	once might goes _wants_… than yeah, we have this discussion again, i guess	18:36
ptoohill	I dont think it would, we had it disabled prioir to enabling it without much gain/hit	18:36
rm_work	shame	18:37
rm_work	cause that'd be hilarious	18:37
ptoohill	:P	18:37
xgerman	well, can we handle that XFP, XFF stuff with blogans new Get-me-a-LB API?	18:37
*** sbalukoff has quit IRC		18:37
xgerman	have a big advanced feature json	18:37
*** bharathm has joined #openstack-lbaas		18:38
rm_work	heh	18:38
xgerman	just throwing that out there… since I agree having PUT …/XFF/TRUE is lame	18:38
xgerman	and you would need the json blob anyway for get-me-a-lb	18:39
rm_work	yeah	18:41
rm_work	oh btw I think https://review.openstack.org/#/c/255007/ is good to go	18:41
rm_work	and https://review.openstack.org/#/c/253858/ is waiting for testing, does HP have the ability to spin this up? I don't actually have any idea how VRRP works	18:42
ptoohill	can this not be tested in devstack?	18:42
rm_work	and https://review.openstack.org/#/c/220205/ looks like it shouldn't cause any problems	18:42
ptoohill	I hope it can, my patches have had to be reworked several times to make things work with devstack	18:42
rm_work	ptoohill: can it? can I just switch vrrp to enabled and have it "just work"? :P	18:42
ptoohill	i hope so	18:43
xgerman	yes, you can just do that	18:43
ptoohill	i havnt actually ran it, but will once im done with this rework	18:43
xgerman	though it’s called toology	18:43
rm_work	hmm alright, might give that a shot after I push up the CR i'm working on now	18:43
ptoohill	toology is their new album	18:43
ptoohill	:D	18:43
*** sbalukoff has joined #openstack-lbaas		18:43
rm_work	toohillogy	18:43
* ptoohill tool fans????????????????????		18:43
ptoohill	lol	18:43
xgerman	the testing is more that you fire up an lb and then cause havoc by let’s say nova remove the master	18:44
johnsom	rm_work Grin, that is my patch. I spun it up. grin	18:44
ptoohill	so, call delete on the active vm would work?	18:44
ptoohill	delete via nova	18:44
rm_work	and basically you'd be watching to see if a new one came up and tried to take back over?	18:44
xgerman	preempt actually makes sure that the new amhora doesn’t become master - so you need to make sure heartbeat/failover runs	18:44
ptoohill	ah, but thats still in wip?	18:45
ptoohill	the failover stuff	18:45
xgerman	johnsom did I misrepresent your patch?	18:45
xgerman	ptoohill correct	18:45
rm_work	from what I understood already, that was an accurate assessment	18:45
johnsom	VRRP/Active/Standby spins up two amps. so, failover is in seconds. This is different from failover flow to hot spare, which is a different patch still being worked on	18:46
rm_work	i just wasn't sure if it "just worked" in devstack magically	18:46
rm_work	good that it does	18:46
xgerman	we demoed it :-)	18:46
rm_work	VRRP?	18:46
xgerman	yep, watch the Video...	18:46
johnsom	A test would be turn on Active/Standby, build LB, curl the VIP, kill one of the two amps, curl the vip.	18:46
johnsom	rm_work you are killing me. Yes, I demoed it in Tokyo	18:47
rm_work	T_T	18:47
rm_work	in the Octavia hands-on?	18:47
rm_work	lol	18:47
rm_work	I didn't make it to the other one	18:47
johnsom	No the LBaaS talk	18:47
rm_work	so I would have missed it	18:47
xgerman	you didn;t watch the video? shame on you!	18:47
rm_work	I was in a Barbican round-table trying to push my split-key thing	18:48
rm_work	I did not T_T	18:48
rm_work	I kinda assumed I knew about LBaaS, guess I was wrong :P	18:48
johnsom	The noprempt setting in that patch means that if haproxy is stopped on master, and the backup becomes active (normal active/standy), then later the master haproxy comes up again, the backup will still have the IP and be responding. Basically it won't fail back to the master until the backup fails	18:48
rm_work	speaking of, I THOUGHT everyone understood the split-key thing and why I was pushing it and agreed that it would be at least "OK", but like two weeks later everyone seems to have forgotten the details T_T	18:49
rm_work	johnsom: so i might want to SSH into the master and stop HAProxy	18:49
rm_work	and then start it again after it fails over	18:49
rm_work	not actually delete the VM	18:49
rm_work	?	18:49
xgerman	yeah, until that failover stuff works better	18:50
rm_work	k	18:50
johnsom	Yes. ssh service haproxy<uuid> stop is a good way to test this	18:50
johnsom	Deleting via nova makes it hard for the master to come back up until I get the failover flow fixed. WIP patch for that, bug fixing.	18:51
rm_work	k, still busy trying to test the barbican workflow stuff, but i'll see if I can get to testing that, uhh... probably next week <_<	18:51
rm_work	hmm, maybe tomorrow	18:51
rm_work	will see	18:51
*** bana_k has quit IRC		18:52
rm_work	about to push the sibling patch to the Barbican Auth refactor that just merged in Octavia, for Neutron-LBaaS	18:52
rm_work	and try to get the code a LITTLE closer together	18:52
*** harlowja has quit IRC		18:56
*** harlowja has joined #openstack-lbaas		18:56
*** bana_k has joined #openstack-lbaas		19:02
*** manishg has quit IRC		19:02
*** TrevorV\|Home has quit IRC		19:04
rm_work	woo this works today: http://octavia.io/review/234639/specs/version1/active-active-topology.html	19:08
rm_work	since we don't appear to have a docs job on octavia?	19:09
rm_work	I thought we did but don't see it	19:09
ptoohill	does the docs job host it somewhere if we were to have one?	19:10
johnsom	Yes, you can click on the docs job and get a rendered version	19:11
ptoohill	oh, nice	19:11
*** SumitNaiksatam has quit IRC		19:17
*** SumitNaiksatam has joined #openstack-lbaas		19:18
*** SumitNaiksatam has quit IRC		19:18
*** ducttape_ has quit IRC		19:19
*** pai15 has joined #openstack-lbaas		19:29
*** manishg has joined #openstack-lbaas		19:34
*** ducttape_ has joined #openstack-lbaas		19:37
*** pai15 has quit IRC		19:41
openstackgerrit	Merged openstack/octavia: Rename tenant_id in the network models to project_id https://review.openstack.org/255007	19:50
rm_work	nice, we're down to a single page of open CRs	19:52
johnsom	Yeah, we have been doing pretty good with that	19:53
johnsom	Bugs are a different story	19:53
*** rcernin has joined #openstack-lbaas		20:01
*** minwang2 has quit IRC		20:03
*** armax has quit IRC		20:09
*** neelashah has quit IRC		20:10
*** TrevorV has joined #openstack-lbaas		20:12
openstackgerrit	Phillip Toohill proposed openstack/octavia: Updates for containers functionality https://review.openstack.org/199954	20:12
*** mixos has joined #openstack-lbaas		20:23
*** mixos has quit IRC		20:38
*** TrevorV has quit IRC		21:04
*** TrevorV has joined #openstack-lbaas		21:17
xgerman	all johnsom’s leadership...	21:19
xgerman	that previous PTL was a slacker...	21:19
*** armax has joined #openstack-lbaas		21:31
*** mixos has joined #openstack-lbaas		22:01
*** johnsom has quit IRC		22:08
*** johnsom has joined #openstack-lbaas		22:08
rm_work	heh	22:09
*** shakamunyi has quit IRC		22:12
*** shakamunyi has joined #openstack-lbaas		22:15
*** minwang2 has joined #openstack-lbaas		22:23
openstackgerrit	Phillip Toohill proposed openstack/octavia: Adding new network driver for containers https://review.openstack.org/197858	22:26
openstackgerrit	Phillip Toohill proposed openstack/octavia: Updates for containers functionality https://review.openstack.org/199954	22:26
*** mixos has quit IRC		22:29
*** TrevorV has quit IRC		22:37
*** Aish has joined #openstack-lbaas		22:41
*** rcernin has quit IRC		22:45
*** rtheis has quit IRC		22:49
*** alejandrito has quit IRC		22:49
*** madhu_ak_ has joined #openstack-lbaas		22:50
*** madhu_ak has quit IRC		22:54
*** crc32 has joined #openstack-lbaas		22:56
*** armax has quit IRC		23:00
*** armax has joined #openstack-lbaas		23:01
*** yuanying has joined #openstack-lbaas		23:18
*** manishg has quit IRC		23:30
*** ducttape_ has quit IRC		23:37

Generated by irclog2html.py 2.14.0 by Marius Gedminas - find it at mg.pov.lt!