Monday, 2016-06-06

« Sunday, 2016-06-05 Index Tuesday, 2016-06-07 »
*** bill_az has quit IRC00:00
*** sticker has joined #openstack-manila00:08
*** bill_az has joined #openstack-manila01:15
*** bill_az has quit IRC01:32
*** chlong has joined #openstack-manila02:04
*** bill_az has joined #openstack-manila02:56
openstackgerritGoutham Pacha Ravi proposed openstack/manila: Migrate API reference into tree  https://review.openstack.org/31387403:04
*** akerr has joined #openstack-manila03:08
*** bill_az has quit IRC03:08
openstackgerritGoutham Pacha Ravi proposed openstack/manila: Migrate API reference into tree  https://review.openstack.org/31387403:12
*** akerr has quit IRC03:12
openstackgerritGoutham Pacha Ravi proposed openstack/manila: Migrate API reference into tree  https://review.openstack.org/31387403:18
*** chlong has quit IRC03:34
*** chlong has joined #openstack-manila03:51
*** amit213 has quit IRC04:08
openstackgerritGoutham Pacha Ravi proposed openstack/manila: Migrate API reference into tree  https://review.openstack.org/31387404:14
*** gouthamr has quit IRC04:24
*** chlong has quit IRC04:26
*** chlong has joined #openstack-manila04:38
*** yangyapeng has joined #openstack-manila04:57
*** chlong has quit IRC05:05
*** pcaruana has quit IRC05:13
*** chlong has joined #openstack-manila05:18
*** chlong has quit IRC05:37
*** openstackgerrit has quit IRC06:02
*** openstackgerrit has joined #openstack-manila06:03
openstackgerritMerged openstack/manila-ui: Updated from global requirements  https://review.openstack.org/32389906:10
openstackgerritliuke proposed openstack/manila: Huawei: Support reporting disk type of pool  https://review.openstack.org/32419406:21
*** chlong has joined #openstack-manila06:31
*** shausy has joined #openstack-manila06:31
*** ociuhandu has joined #openstack-manila06:35
openstackgerritMerged openstack/manila: Updated from global requirements  https://review.openstack.org/32483306:44
*** pcaruana has joined #openstack-manila07:14
*** chlong has quit IRC07:56
openstackgerritValeriy Ponomaryov proposed openstack/manila: [Tempest] Add valuable tags to tests  https://review.openstack.org/32400607:56
*** rraja has joined #openstack-manila08:17
openstackgerritValeriy Ponomaryov proposed openstack/manila: [Tempest] Add valuable tags to tests  https://review.openstack.org/32400608:30
*** lpetrut has joined #openstack-manila08:45
openstackgerritliuke proposed openstack/manila: Huawei: Support reporting disk type of pool  https://review.openstack.org/32419408:55
*** sgotliv has joined #openstack-manila08:57
openstackgerritValeriy Ponomaryov proposed openstack/manila: Stop using deprecated tempest opts  https://review.openstack.org/32289509:16
*** kaisers1 has joined #openstack-manila09:17
*** permalac has joined #openstack-manila09:22
*** yangyapeng has quit IRC10:22
*** chlong has joined #openstack-manila10:44
*** shausy has quit IRC10:49
openstackgerritValeriy Ponomaryov proposed openstack/manila: [Tempest] Add valuable tags to tests  https://review.openstack.org/32400610:54
openstackgerritValeriy Ponomaryov proposed openstack/manila: Stop using deprecated tempest opts  https://review.openstack.org/32289510:54
*** adrianofr has joined #openstack-manila11:17
*** lgreg has joined #openstack-manila11:43
openstackgerritMerged openstack/manila-image-elements: Add tox job for building Docker image  https://review.openstack.org/30568111:50
*** JoseMello has joined #openstack-manila12:00
*** ociuhandu has quit IRC12:03
openstackgerritRodrigo Barbieri proposed openstack/manila-specs: Add spec for Share Retype  https://review.openstack.org/31570812:13
openstackgerritRodrigo Barbieri proposed openstack/manila-specs: Add spec for Share Migration Newton improvements  https://review.openstack.org/31570712:17
openstackgerritValeriy Ponomaryov proposed openstack/manila: [Tempest] Add valuable tags to tests  https://review.openstack.org/32400612:17
openstackgerritValeriy Ponomaryov proposed openstack/manila: [Tempest] Stop using deprecated Tempest opts  https://review.openstack.org/32289512:17
openstackgerritRodrigo Barbieri proposed openstack/manila-specs: Add spec for Data Service API  https://review.openstack.org/31570912:17
*** eharney has joined #openstack-manila12:28
*** akshai has joined #openstack-manila12:38
*** gouthamr has joined #openstack-manila12:44
*** ociuhandu has joined #openstack-manila12:46
*** eharney has quit IRC12:48
*** cknight has joined #openstack-manila12:53
*** timcl has joined #openstack-manila12:54
*** ociuhandu has quit IRC12:58
openstackgerritValeriy Ponomaryov proposed openstack/manila: [Tempest] Stop using deprecated Tempest opts  https://review.openstack.org/32289513:04
*** lgreg has quit IRC13:06
*** lgreg has joined #openstack-manila13:06
*** porrua has joined #openstack-manila13:07
openstackgerritValeriy Ponomaryov proposed openstack/manila: [Tempest] Add valuable tags to tests  https://review.openstack.org/32400613:08
openstackgerritValeriy Ponomaryov proposed openstack/manila: [Tempest] Stop using deprecated Tempest opts  https://review.openstack.org/32289513:08
*** mtanino has joined #openstack-manila13:15
*** xyang1 has joined #openstack-manila13:15
*** absubram has joined #openstack-manila13:17
*** yangyapeng has joined #openstack-manila13:23
*** alyson_ has joined #openstack-manila13:25
*** jcsp has joined #openstack-manila13:27
*** jcsp has quit IRC13:27
*** jcsp has joined #openstack-manila13:28
openstackgerritValeriy Ponomaryov proposed openstack/manila: [Tempest] Stop using deprecated Tempest opts  https://review.openstack.org/32289513:29
openstackgerritClinton Knight proposed openstack/manila-specs: Add spec for Manila share revert to snapshot  https://review.openstack.org/31569513:33
*** cbader has joined #openstack-manila13:33
*** mtanino has quit IRC13:36
*** xyang1 has quit IRC13:40
*** xyang1 has joined #openstack-manila13:41
*** yangyape_ has joined #openstack-manila13:42
*** yangyapeng has quit IRC13:43
*** dmk0202 has joined #openstack-manila13:44
*** dustins has joined #openstack-manila13:47
*** eharney has joined #openstack-manila13:47
*** permalac has quit IRC13:54
openstackgerritValeriy Ponomaryov proposed openstack/manila: [Tempest] Stop using deprecated Tempest opts  https://review.openstack.org/32289514:19
dustinstellesnobrega: Lemme know if you need any Manila information to get ramped up!14:21
tellesnobregadustins, will do :) thanks14:21
dustinsLots of other great folks here as well :)14:22
*** permalac has joined #openstack-manila14:33
tellesnobregadustins, i've met ganso so far, will get to know more soon (questions to come)14:34
*** mtanino has joined #openstack-manila14:34
dustinsJust let us know :D14:34
tellesnobregathanks14:38
*** merooney has joined #openstack-manila14:47
openstackgerritValeriy Ponomaryov proposed openstack/manila: [Tempest] Stop using deprecated Tempest opts  https://review.openstack.org/32289514:52
*** permalac has quit IRC14:52
*** dsariel has joined #openstack-manila14:53
*** dustins has quit IRC14:59
*** dustins has joined #openstack-manila15:01
*** dmk0202 has quit IRC15:05
*** dsariel has quit IRC15:17
*** dgonzalez has quit IRC15:17
*** dgonzalez has joined #openstack-manila15:19
*** lgreg has left #openstack-manila15:27
openstackgerritMerged openstack/manila: Hacking check for str in exception breaks in py34  https://review.openstack.org/32096215:29
*** nkrinner_afk has quit IRC15:42
*** dmk0202 has joined #openstack-manila15:58
gansobswartz: ping16:02
*** dmk0202 has quit IRC16:06
*** dustins_ has joined #openstack-manila16:10
*** dustins_ has quit IRC16:10
*** dustins has quit IRC16:13
bswartzganso: pong16:32
*** pcaruana has quit IRC16:34
openstackgerritGoutham Pacha Ravi proposed openstack/manila: Pass context down to ViewBuilder method  https://review.openstack.org/32603016:34
*** lpetrut has quit IRC16:39
*** mtanino_ has joined #openstack-manila16:41
*** mtanino has quit IRC16:42
*** Suyi has joined #openstack-manila16:56
gansoHi Ben, I am renaming the parameters in migration-start API16:56
gansobswartz: ^16:56
gansobswartz: since it is still experimental, I am not sure the backwards compatibility with previous versions should be maintained16:57
bswartzganso: oh good16:57
gansobswartz: I would need to support the old-named parameters16:57
bswartzI was looking at the APIs in the spec and thinking we might want to restructure them for better clarity16:57
bswartzyes the change should be microversioned -- however supporting the old names is entirely optional16:58
gansobswartz: I am coding it right now... spec is taking too long to be approved :(16:58
bswartzin fact we might want to avoid supporting the old parameters as it could set a bad precendent16:58
bswartzI guess it depends how much work it is16:59
gansobswartz: if you have comments for restructuring the API parameters different from what is currently in the spec could you please post as soon as you have some time?16:59
bswartzdo you have a new proposal ready yet?16:59
gansobswartz: when it moves out of experimental, the experimental API will be deleted, right?17:00
gansobswartz: new proposal?17:00
bswartznew API proposal17:00
gansobswartz: in the spec the API has new parameters and changes an existing one17:00
bswartzganso: ideally what happens is that the experimental API becomes the final API17:01
bswartzso we should make any changes while the API is still experimental, then when we're satisfied it won't need to change we just remove the experimental tag and leave the API exactly as is17:01
gansobswartz: ok17:02
gansobswartz: my patch does not change it to non-experimental yet17:02
gansobswartz: should we do it close to FF when the update is already merged?17:06
*** rraja has quit IRC17:06
bswartzyes any API changes would need to be BEFORE FF17:07
bswartzand we'd only do it if we were entirely happy with the API definintion17:08
bswartzif there was doubt we would leave it experimental until Ocata17:08
*** mtanino has joined #openstack-manila17:12
*** mtanino_ has quit IRC17:14
bswartzhas anyone else read rraja's ML post?17:15
bswartzit's a heavy one which deserves a response17:15
tbarronbswartz: well, i have17:23
tbarronbswartz: the area that rraja is working in overlaps with his items a-c, but I don't think his initial implementation should wait for completion of any of a-c.17:24
tbarronbswartz: we can iterate17:24
*** catintheroof has joined #openstack-manila17:25
tbarronbswartz: e.g. he can return a dict of access rules until a) gets done17:25
tbarronbswartz: and until c) is done he can return a regular model update17:25
bswartzI think I just need to grok the use case better17:26
bswartzWhen the idea was originally proposed I wasn't convinced it was a real problem17:26
tbarronbswartz: sure, and rraja and jcsp will be better guides to that than I am.17:26
bswartzI want to make sure we make the best possible case for this feature and that we understand why the alternatives are insufficient17:27
tbarronbswartz: maybe raise the question again in the morning when it will be more TZ appropriate for jcsp and rraja17:28
tbarronbswartz: working with ceph a bit now (mostly for a cinder backup issue r/t manila) i am getting a feel for how ceph auth works and why this feature would be useful but I want to take care not to muddy the waters with my ideas when you can talk to the right people17:31
*** dsariel has joined #openstack-manila17:34
jcspbswartz: the core point in Ramana's post is that we have this update_access change for ceph keys in the pipe, but we know there are two other things that may touch the same code in this cycle17:41
jcsp(the other things being the racyness of it, and the desire for per-rule status)17:42
jcspso we are happy with our approach for handling auth keys, but would rather have a conversation about how this is going to fit together, instead of potentially having a patch get stuck in merge hell later17:42
openstackgerritMerged openstack/manila-specs: Add spec for Manila share revert to snapshot  https://review.openstack.org/31569517:43
bswartzjcsp: so can you refresh my memory on what this security mechanism actually does?17:44
bswartzor is there a doc I should read?17:44
bswartzI'm trying to understand who does what -- what are the input and outputs at each stage17:44
jcsplet me try and find the link to my old mailing list post about it17:44
bswartzthat's right you did write a ML post about this around the time of Tokyo17:45
bswartzI should have it in my archives (those got wiped just before Tokyo)17:45
jcsphere we are: https://openstack.nimeyo.com/62893/openstack-dev-manila-share-allow-deny-by-shared-secret17:45
bswartzjcsp: who is the decider for access to ceph shares? if an unauthorized user requests access what happens?17:47
*** harlowja has joined #openstack-manila17:48
bswartzYou refer to "caller" and "driver" but the caller could be an admin or a normal user17:48
jcspthe ceph monitor servers handle authentication: they hand out kerberos-style tickets.17:48
jcspcaller in that context means person accessing manila API (i.e. administrative access)17:48
bswartzIf I want to create a share and grant access to alice and bob, but not charlie, do I create 2 keys and give one each to alice and bob?17:49
jcspyes17:49
bswartzor do I create one key and give it to both of them?17:49
jcspassuming that alice and bob need distinct ceph names.  If alice and bob are just two servers you could create a ceph key named "aliceandbob" and give it to both17:49
bswartzbut there could be a differet share which bob and charlie should have access to, but not alice17:50
jcspright17:50
bswartzin that case can bob use a single key for both shares, or does he need a different key per share?17:50
jcsphe uses the same key for both shares17:50
bswartzso these access keys amount to unique identities, which can be associated with one or more shares17:51
jcspzero or more, yes.17:51
bswartzand the admin creates them at will and distributes them out of band17:51
jcspright, where "the admin" in practice probably means some cloud orchestration tool, and "out of band" probably means as part of provisioning VMs.17:52
bswartzbut the whole theory of this features is to make that out of band distribution mechanism be the Manila API17:52
jcspnot quite -- the Manila API means that the admin/orchestrator can get his key without talking to the ceph cluster.  Getting the key onto openstack guests is still his problem (it is not expected that guests would access keys from the Manila API)17:53
bswartzokay that helps17:53
bswartzthe part of this that makes my cautious is that we're handing secrets around and it's very important that secrets don't get into the wrong hands17:53
bswartzso the part that Manila is involved with is only the channel between the admin and the storage controller17:54
jcspthe basis of the security is that access to the Manila share API for a given tenant is limited to that tenant17:54
*** timcl1 has joined #openstack-manila17:55
bswartzwell yeah the term "admin" is problematic again because it's not the manila admin17:55
bswartzit's the admin in the sense that he's creating shares and setting access rules, but he's the manila tenant17:56
jcspright.  I'm trying to avoid saying admin17:56
bswartzand any "users" he's controlling access to are subordinates within his project/tenant17:57
jcspyep17:57
bswartzokay so this leads me back to a question I think I asked before but I can't remember the answer17:57
*** timcl has quit IRC17:58
bswartzwhy must the admin create these keys and distribute them to the users? why can't the users create the keys and have the admin "grant access" to pre-existing keys?17:58
bswartzyou mentioned above that key's can be mapped to ZERO or more shares, so clearly the existence of a share isn't a prerequisite to create one17:59
jcspbecause for "the users" (i.e. guests) to create Ceph keys, they would need administrative access to the Ceph cluster17:59
bswartzstill there's 2 separate tasks here though18:00
bswartzthere's a creation of users and their keys, which I understand must be undertaken by an admin18:00
bswartzbut the mapping of the share to the user doesn't need to be linked to that18:01
jcspat the ceph level, both of those things require super-privileges18:01
bswartzright, so I'm trying to imagine the analogue in the CIFS or NFS world18:02
*** dustins has joined #openstack-manila18:02
jcspso they both need to live behind the access-controlled Manila API (we can't let any guest have access to that super-privileged Ceph interface)18:02
bswartzin the CIFS world, an AD administrator must create an account for you before you can get access to anything18:02
bswartzManila doesn't insert itself into that workflow18:02
jcspso presumably in a cloud environment that means the AD administrator is the tenant himself, i.e. he creates his own domain for his application?  (I don't know much about this)18:03
bswartzManila grants access on CIFS shares to pre-existing users in the AD domain18:03
jcspor does your whole cloud have one AD administrator who has to manually intervene for cloud guests to run up their applications?18:03
bswartztypically the AD domain would be a shared resources, but possibly you could have a special one just for the cloud18:04
jcsps18:04
bswartzresource*18:04
jcspso the AD part is a below-cloud resource, that you have to do something out-of-cloud to before enabling a new tenant to use your cloud?18:04
bswartzwell we can actually go 2 different ways there18:05
bswartzwith share-servers, each tenant can have his own AD domain18:05
bswartzwithout share servers, all the tenants would share a common AD domain18:05
jcspso the ceph case would be analogous to the "without share servers" case18:06
bswartzso in the latter case you're correct18:06
bswartzI keep thinking that there should be a way to decouple this "identity creation" operation from the "access granting" operation18:07
bswartzbut the proposal is to force them to be linked18:07
jcsparchitecturally, the cleanest way would be to give Manila a whole new API for managing identities18:08
jcspwhich might not be 100% crazy if AD needed it the same way Ceph does18:08
jcspbut if it's just for Ceph it feels like dramatic overkill18:08
bswartzwell I agree it should be separate APIs -- it's debatable whether those APIs belong in Manila18:08
bswartzI think the challenge is that other protocols (NFS, CIFS) have existing tools that people expect to use for the identity creation task18:09
bswartzCeph is new enough that you can get users to use whatever API/interface you want18:09
bswartzAnd if you want it to be Manila, I don't have a problem with that, but it feels like we should create an extension or something18:10
bswartzif we did add an identity-management API, it probably would be possible to make it work with other protocols in addition to ceph18:11
jcsp...or, if we made this relatively small change to store access keys in Manila, we wouldn't have to create a whole identity management API.18:11
jcspand our users wouldn't have to talk to two APIs18:11
jcspthe thing is, at the point that users were writing code that used a Ceph-specific API, they might as well just use CephFSVolumeClient directly and skip Manila18:12
jcspthe value we want is to have users able to use one API, so that they can swap filesystems in and out18:12
bswartzI'm not trying to say we don't do this in Manila, I'm trying to say let's not overload the APIs to do more than what they're supposed to do18:12
bswartzan extra few APIs might be all we need to make this work18:13
jcspexcept those APIs would need corresponding parts of the ShareDriver interface to actually get their data18:13
bswartzso access-allow will just be a mapping step18:13
jcspit would be really really heavyweight18:14
bswartzhmm18:15
jcspand we'd have a whole API+driver interface that was only used by one driver.  I would rather do the work on the Ceph side to fit into the existing Manila mould as much as possible, so that we have a minimal amount of code in Manila that's only used by ceph18:16
bswartzso back to the use case I outlined above: I want to create share 1 and share 2, I want Alice and Bob to have access to share 1 and bob and charlie to have access to share 218:16
bswartzwhat sequence of call do you propose that the manila tenant does to make this happen?18:16
jcspyou do "allow share1 bob", "allow share1 alice", "allow share2 bob", "allow share2 charlie".18:17
jcspthen you have four access mappings18:17
jcspthat would give you three keys under the hood.  Or, you could create two keys for your two "groups" of guests18:17
bswartzand when the tenant lists the access mappings, he sees keys in the API result, which were created by ceph and stored in the DB?18:18
jcspyes18:18
bswartzand "bob" would get only one key because of magic inside the driver?18:18
jcspright.  he sees the same key for the bob->share1 mapping as he sees for the bob->share2 mapping, because they're the same bob.18:18
jcspin database terms it is denormalised.18:18
jcspbut not gratuitously so18:18
bswartzcan the driver scope the identities to the tenant? so tenant1/bob is not the same as tenant2/bob ?18:19
jcspyes, we could internally compose key names like <share id>.bob to artificially introduce that limitation.18:20
bswartzthat would cause bob to have different keys for share1 and share2 though18:20
jcspbut that would be annoying for someone if they genuinely wanted their guest bob to access N shares without giving him N keys18:20
jcspyes, quite so.18:20
bswartzI'm thinking prefix the IDs with the tenant/project ID, not the share ID18:20
jcspyes, we've discussed that quite a bit.18:21
bswartzokay well I can't argue that this won't work18:21
bswartzand it does seems rather simple to implement compared to adding new APIs18:21
bswartzif it's what the Ceph team wants for an access control interface I won't stand in the way18:22
jcspwe've gone back and forth a bit on whether to prefix keys with the tenant ID internally or not18:23
jcspif we don't do that, we have to remember internally which tenant created a named key, so that we don't give its secret to another tenant18:23
bswartzif there are use cases for not doing it (because tenants might share data) then you could make it a configurable option18:23
jcspwe're working on the assumption that shares never get shared between tenants.18:24
bswartzit's less trusting (public cloud) environments though you would want assurances that other tenants can never see your secrets18:24
jcspthe downside to prefixing with tenant ID is that someone has to know the trick to get their ceph key name18:25
bswartzif you don't prefix the identities with a project ID, then another tenant can get your secrets by simply guessing your identity names18:25
jcspso they ask for alice to be authorized, but they actually get a9s8d7as8d7.alice authorized18:25
jcspright, they can do that unless we do the extra work in ceph to remember which tenant "owns" a secret (we have code for that, it's a complexity cost inside ceph)18:25
bswartzoh I see18:26
jcspfortunately since we're a filesystem we can remember as much state as we want :-)18:26
jcspthe updates to that state were what originally prompted my questions about concurrency on the list a while back18:26
jcspbecause we have to make sure that our updates to this state are safe18:26
*** timcl1 has quit IRC18:26
bswartzit seems like that approach amounts to the same implementation though -- ceph ends up storing both the identity name and the project ID18:26
jcspyes, but we store it in a way that gives the tenant the identity that they'd asked for: they ask for alice, they get alice (not <something>.alice)18:27
bswartzperhaps the difference is that you could choose to share some IDs but not others in that case18:27
bswartzokay I see what you mean18:28
*** pcaruana has joined #openstack-manila18:29
jcspat the risk of complicating things further, it's probably worth mentioning that we anticipate the consumer of the Manila auth API ultimately being Nova.  When someone asks nova to attach a cephfs share to a guest, Nova would generate an attachment ID, and then pass that ID as the key name when authorizing it for the Manila share18:30
jcspthe Nova FS attachment spec isn't going in Newton, but work is ongoing on it anyway (as is work on the lower layers including libvirt, so that we can have domain <filesystem> tags that actually attach cephfs to guests)18:31
*** tpsilva has joined #openstack-manila18:31
jcspnobody had fundamental issues with our Nova API, but they weren't willing to move forward with the spec until more of the other dependencies had landed the needed patches18:32
jcsp(7 layers in this stack, fun times)18:32
bswartzthat doesn't complicate things at all18:39
bswartzit's sad that the large number of pieces and their dependencies will take a long time to all finally land18:40
bswartzbut quality software can't be rushed18:40
*** lpetrut has joined #openstack-manila18:41
*** krotscheck has quit IRC18:42
*** krotscheck_ has joined #openstack-manila18:42
*** krotscheck_ is now known as krotscheck18:44
tellesnobregadustins, hey, quick question, generic share backend supports the usage of share servers?18:51
dustinstellesnobrega: It will support either mode, either DHSS True or False18:51
tellesnobregaDHSS == driver handles share servers, correct?18:52
dustinsYou just have to specify in the manila.conf in the driver configuration stanza either "driver_handles_share_servers=True/False"18:52
dustinstellesnobrega: You got it!18:53
tellesnobregacool18:53
dustinstellesnobrega: If you find anything lacking with any docs or such, let gouthamr and I know18:53
tellesnobregadustins, sure, will do :)18:54
dustinswe're trying to make it all better for new and existing contributors alike :D18:54
tellesnobregadustins awesome18:54
tellesnobregadustins, found something weird on devstack deploy18:56
dustinstellesnobrega: What's up?18:56
tellesnobregai looked /etc/manila/manila.conf18:57
tellesnobregaand in the generic section is points ids of admin_network_id and admin_subnet_id18:57
dustinsYup18:58
tellesnobregabut the weird thing is the admin_network_id I can see when I run openstack subnet list18:58
tellesnobreganevermind18:58
tellesnobregamy bad :)18:58
tellesnobregalooking on the wrong place18:58
tellesnobregalooks good18:59
dustinshaha, no worries18:59
dustinsThose should correspond to the Neutron network/subnet that the generic driver uses for talking to its helper VM18:59
dustins(IIRC)18:59
tellesnobregahmm19:00
*** timcl has joined #openstack-manila19:01
tellesnobregadustins, maybe something to improve on the docs is to move the other components cli commands to the new openstack cli commands19:05
dustinstellesnobrega: You mean to have the keystone/nova/neutron/etc commands "ported" to the openstack unified client?19:06
tellesnobregayes19:06
dustinsbswartz: Do we have a plan for adding our stuff to the openstack unified client?19:07
dustinsThe docs updates for the other projects would be fairly easy if we wanted to do that19:08
tellesnobregathat is something that I could start doing in manila19:08
dustinsYou'll get no complaints from me :)19:09
tellesnobregaIf we don't have any cons, it would be something cool to start on19:09
dustinstellesnobrega: I say give it hell19:11
dustinsGo for it!19:11
tellesnobregacool :)19:11
dustinsAnd let me know if I can help in any way19:11
gansobswartz: backports https://review.openstack.org/#/c/325874/ and https://review.openstack.org/#/c/325871 are ready for workflowing19:19
tellesnobregadustins, does manila communicate with keystone using Keystone API v3?19:21
dustinstellesnobrega: Good question, I have no clue19:22
dustinsI would assume so19:22
tellesnobregaganso, do you know this? ^19:22
*** timcl has quit IRC19:23
gansotellesnobrega: my current devstack setup uses v2.019:23
gansotellesnobrega: I remember seeing a while ago some patches to fix CI when devstack started using keystone v319:23
gansotellesnobrega: but I am not sure if manila is supporting it19:24
openstackgerritGoutham Pacha Ravi proposed openstack/manila: Add user_id and project_id to snapshot APIs  https://review.openstack.org/32354719:24
tellesnobregaganso, dustins It may be interesting to see how is the v3 integration status, keystone has done major efforts to move to v3 this last cycle and they are going to continue to do so. All projects should move to v319:24
tellesnobregathis might be interesting to work on this cycle if we have time19:25
gansotellesnobrega: indeed19:25
dustinstellesnobrega: Indeed,19:25
* dustins thinks we might need some more specs 19:25
dustins:)19:25
gouthamrganso dustins tellesnobrega: we've supported keystone v3 since liberty19:25
gouthamriirc19:26
tellesnobregagouthamr, awesome :)19:26
dustinsgouthamr: Good to know!19:26
tellesnobregagouthamr, if keystone dropped v2 now, would manila work properly still? I guess this is the major question19:27
gouthamrtellesnobrega: we run with v3 default in the gate..19:27
gouthamrtellesnobrega: https://github.com/openstack/manila/blob/210cda/contrib/ci/pre_test_hook.sh#L3119:27
gansogouthamr: for some reason, every time I set up my devstack, it is set to run v2 o_O19:36
gansogouthamr: I guess it does not run any of those hooks19:37
gouthamrganso: yep.. mine too, the question reminded me of a discussion a long time ago, so i code searched to realize it's in the CI hook :)19:38
tellesnobreganice gouthamr, that is one less thing to worry about19:38
gouthamrtellesnobrega: yep..19:40
*** lpetrut has quit IRC19:41
gouthamrtellesnobrega: regarding the openstackclient: https://review.openstack.org/#/c/301150/ <-- was put up a while ago.. but i'm not sure that's being actively worked on.19:42
gouthamrdustins ^19:42
*** lpetrut has joined #openstack-manila19:43
dustinsHmm, looks like it hasn't seen anything in two months19:48
*** sgotliv has quit IRC19:48
*** eharney has quit IRC19:49
*** mtanino has quit IRC19:52
*** openstackstatus has quit IRC19:55
*** mtanino has joined #openstack-manila19:56
*** openstackstatus has joined #openstack-manila19:57
*** ChanServ sets mode: +v openstackstatus19:57
*** timcl has joined #openstack-manila19:58
*** timcl1 has joined #openstack-manila19:58
*** timcl has quit IRC20:03
*** dsariel has quit IRC20:07
tellesnobregagouthamr, nice, i will take a look and see if i can bring it back to life20:08
gouthamrtellesnobrega: +1 happy to help.20:08
tellesnobregagouthamr, thanks20:08
*** merooney has quit IRC20:09
*** lpetrut has quit IRC20:10
tellesnobregagouthamr, I'm Telles by the way, work for red hat, starting just now to work with manila20:10
gouthamrtellesnobrega: nice! great stuff Telles.. I'm Goutham. Always happy to see new contributors in manila.. would be happy to help you get up to speed! :)20:13
tellesnobregathanks gouthamr, I will ping when I need assistance20:14
*** porrua has quit IRC20:14
gouthamrtellesnobrega: sure thing..20:14
tellesnobregawhat is the purpose of the manila image that is available with devstack?20:26
dustinstellesnobrega: The manila-service-image?20:26
tellesnobregayes20:26
dustinstellesnobrega: it is an Ubuntu 12.04 image that is spun up to provide NAS mount points from the Generic Driver20:27
*** alyson_ has quit IRC20:28
dustinsThe generic driver uses Nova to create an instance that allows the sharing of Cinder Volumes as Manila Shares20:28
dustins(not confusing at all) :P20:28
tellesnobregadustins, I see, but i can create an instance with any other images (including cirros?) to attach the share to it correct?20:28
dustinsRight, the service-image is purely for the generic driver to provide the shares20:29
tellesnobregaok20:29
dustinsYou can mount the shares with any instance that can mount an NFS/CIFS/etc share20:29
tellesnobregathanks dustins20:37
*** timcl has joined #openstack-manila20:38
*** timcl1 has quit IRC20:40
*** cknight has quit IRC20:46
openstackgerritRodrigo Barbieri proposed openstack/manila-specs: Add spec for Share Retype  https://review.openstack.org/31570820:47
*** dsariel has joined #openstack-manila20:52
openstackgerritRodrigo Barbieri proposed openstack/manila-specs: Add spec for Share Migration Newton improvements  https://review.openstack.org/31570720:58
*** timcl has quit IRC21:03
*** akshai has quit IRC21:05
*** dustins has quit IRC21:06
*** pcaruana has quit IRC21:08
*** eharney has joined #openstack-manila21:13
*** cknight has joined #openstack-manila21:17
*** FL1SK has quit IRC21:18
openstackgerritGoutham Pacha Ravi proposed openstack/manila-specs: Extend the design of share networks to span subnets  https://review.openstack.org/32364621:21
openstackgerritGoutham Pacha Ravi proposed openstack/manila-specs: Extend the design of share networks to span subnets  https://review.openstack.org/32364621:22
*** gouthamr has quit IRC21:27
*** dsariel has quit IRC21:33
*** absubram has quit IRC21:40
*** catintheroof has quit IRC21:46
*** JoseMello has quit IRC21:49
*** xyang1 has quit IRC21:51
*** FL1SK has joined #openstack-manila22:11
*** jay-mehta has joined #openstack-manila22:13
*** absubram has joined #openstack-manila22:41
*** gouthamr has joined #openstack-manila22:54
*** FL1SK has quit IRC22:58
*** harlowja has quit IRC23:01
*** cknight has quit IRC23:09
*** FL1SK has joined #openstack-manila23:15
*** tpsilva has quit IRC23:37
*** FL1SK has quit IRC23:44
« Sunday, 2016-06-05 Index Tuesday, 2016-06-07 »

Generated by irclog2html.py 2.14.0 by Marius Gedminas - find it at mg.pov.lt!