Tuesday, 2015-11-24

« Monday, 2015-11-23 Index Wednesday, 2015-11-25 »
mgagneok, I found something interesting for people using cells: https://github.com/openstack/nova/blob/master/nova/compute/cells_api.py#L188-L19300:00
mgagnethis function shadows one found in api.py which does network validation at the API level: https://github.com/openstack/nova/blob/master/nova/compute/api.py#L504-L51400:01
mgagnethis means if you have more than one network, you should get AmbiguousNetwork exception if you don't provide any network. But if you use cells, this validation is not done and user doesn't get the error right away. It crashes later at the compute node and user only sees "No valid host found".00:02
*** zhangjn has joined #openstack-operators00:02
*** krobzaur has joined #openstack-operators00:04
*** SimonChung1 has quit IRC00:04
*** lhcheng has quit IRC00:07
*** signed8bit is now known as signed8bit_ZZZzz00:10
*** sorrison has quit IRC00:15
*** signed8bit_ZZZzz is now known as signed8bit00:15
*** krobzaur has quit IRC00:16
*** openstackgerrit has quit IRC00:16
*** openstackgerrit has joined #openstack-operators00:17
*** zhangjn has quit IRC00:19
*** mdorman has quit IRC00:25
*** dminer has quit IRC00:32
*** signed8bit is now known as signed8bit_ZZZzz00:37
*** rebase has quit IRC00:39
*** miyagishi_t has joined #openstack-operators00:52
*** zhangjn has joined #openstack-operators01:00
*** zhangjn has quit IRC01:00
*** zhangjn has joined #openstack-operators01:01
*** elo has joined #openstack-operators01:03
*** zhangjn has quit IRC01:12
*** krobzaur has joined #openstack-operators01:13
*** rebase has joined #openstack-operators01:15
*** zhangjn has joined #openstack-operators01:20
*** zhangjn_ has joined #openstack-operators01:27
*** zhangjn has quit IRC01:29
*** krobzaur has quit IRC01:53
*** SimonChung has joined #openstack-operators01:55
*** SimonChung1 has joined #openstack-operators01:57
*** SimonChung has quit IRC02:00
*** Vinsh_ has joined #openstack-operators02:00
*** Vinsh has quit IRC02:04
*** ducttape_ has joined #openstack-operators02:09
*** signed8bit_ZZZzz is now known as signed8bit02:19
*** sorrison has joined #openstack-operators02:20
*** kencjohnston has joined #openstack-operators02:27
*** signed8bit has quit IRC02:32
*** Marga_ has quit IRC02:33
*** gfa_ is now known as gfa02:34
*** david-ly_ has quit IRC02:36
*** dims has joined #openstack-operators02:40
*** Vinsh_ has quit IRC02:42
*** ducttape_ has quit IRC02:48
*** ducttape_ has joined #openstack-operators02:53
*** rebase has quit IRC02:56
*** ducttape_ has quit IRC03:06
*** harshs has quit IRC03:08
*** Marga_ has joined #openstack-operators03:09
*** Marga_ has quit IRC03:14
*** dims has quit IRC03:17
*** ducttape_ has joined #openstack-operators03:19
*** Vinsh has joined #openstack-operators03:21
*** dims has joined #openstack-operators03:22
*** Vinsh has quit IRC03:26
*** pcaruana has quit IRC03:27
*** rick_ has joined #openstack-operators03:32
*** kencjohnston has quit IRC03:34
*** Vinsh has joined #openstack-operators03:34
*** dims has quit IRC03:35
*** ducttape_ has quit IRC03:44
*** kencjohnston has joined #openstack-operators03:48
*** ducttape_ has joined #openstack-operators03:49
*** ducttape_ has quit IRC03:50
*** zhangjn_ has quit IRC04:02
*** sanjayu has joined #openstack-operators04:07
*** david-lyle has joined #openstack-operators04:08
*** ducttape_ has joined #openstack-operators04:19
*** zhangjn has joined #openstack-operators04:22
*** ducttape_ has quit IRC04:24
*** ducttape_ has joined #openstack-operators04:36
*** zhangjn has quit IRC04:44
*** mageshgv has joined #openstack-operators04:54
*** maishsk has quit IRC04:56
*** maishsk has joined #openstack-operators04:56
*** jmccrory has quit IRC04:58
*** maishsk has quit IRC04:59
*** jmccrory has joined #openstack-operators05:00
*** maishsk has joined #openstack-operators05:08
*** rcernin has joined #openstack-operators05:15
*** Marga_ has joined #openstack-operators05:16
*** ducttape_ has quit IRC05:18
*** zhangjn has joined #openstack-operators05:23
*** kencjohnston has quit IRC05:32
*** rcernin has quit IRC05:34
*** beddari has quit IRC05:38
*** maishsk has quit IRC05:41
*** beddari has joined #openstack-operators05:42
*** pcaruana has joined #openstack-operators05:49
*** Marga_ has quit IRC06:09
*** Marga_ has joined #openstack-operators06:10
*** pasquier-s has quit IRC06:13
*** pasquier-s has joined #openstack-operators06:14
*** rcernin has joined #openstack-operators06:18
*** liverpooler has joined #openstack-operators06:19
*** pcaruana has quit IRC06:28
*** rick_ has quit IRC06:53
*** rick_ has joined #openstack-operators07:31
*** bvandenh has joined #openstack-operators07:34
*** matrohon has joined #openstack-operators07:49
*** bvandenh has quit IRC08:16
*** rick_ has quit IRC08:33
*** subscope has joined #openstack-operators08:36
*** subscope has quit IRC08:48
*** subscope has joined #openstack-operators08:52
*** berendt has joined #openstack-operators08:54
*** Marga_ has quit IRC08:58
*** Marga_ has joined #openstack-operators09:02
*** GonZo2000 has quit IRC09:06
*** boyvinall has quit IRC09:07
*** subscope has quit IRC09:09
*** subscope has joined #openstack-operators09:10
*** derekh has joined #openstack-operators09:10
*** openstackgerrit has quit IRC09:16
*** openstackgerrit has joined #openstack-operators09:17
*** subscope has quit IRC09:37
*** bvandenh has joined #openstack-operators09:44
*** Marga_ has quit IRC09:46
*** zhangjn has quit IRC09:48
*** lhcheng has joined #openstack-operators09:54
*** Marga_ has joined #openstack-operators09:54
*** maishsk has joined #openstack-operators09:55
*** Marga_ has quit IRC10:09
*** Marga_ has joined #openstack-operators10:09
*** Marga_ has quit IRC10:19
*** subscope has joined #openstack-operators10:30
*** subscope has quit IRC10:41
*** maishsk has quit IRC10:59
*** dims has joined #openstack-operators11:06
*** rcernin is now known as rcernin|lunch11:13
*** toddnni has quit IRC11:19
*** toddnni has joined #openstack-operators11:22
*** subscope has joined #openstack-operators12:00
*** mageshgv has quit IRC12:03
*** GonZo2000 has joined #openstack-operators12:05
*** GonZo2000 has quit IRC12:05
*** GonZo2000 has joined #openstack-operators12:05
*** boyvinall has joined #openstack-operators12:06
*** subscope has quit IRC12:13
*** subscope has joined #openstack-operators12:14
*** zhangjn has joined #openstack-operators12:18
*** zhangjn has quit IRC12:18
*** zhangjn has joined #openstack-operators12:19
*** zhangjn has quit IRC12:20
*** miyagishi_t has quit IRC12:20
*** zhangjn has joined #openstack-operators12:20
*** zhangjn has quit IRC12:20
*** zhangjn has joined #openstack-operators12:21
*** zhangjn has quit IRC12:22
*** zhangjn has joined #openstack-operators12:22
*** zhangjn has quit IRC12:23
*** zhangjn has joined #openstack-operators12:29
*** zhangjn has quit IRC12:33
*** zhangjn has joined #openstack-operators12:34
*** alejandrito has joined #openstack-operators12:34
*** rcernin|lunch is now known as rcernin12:36
*** subscope has quit IRC12:44
*** maishsk has joined #openstack-operators12:45
*** subscope has joined #openstack-operators12:46
*** lhcheng_ has joined #openstack-operators12:51
*** lhcheng has quit IRC12:51
*** ducttape_ has joined #openstack-operators12:55
*** _nick has quit IRC12:57
*** _nick has joined #openstack-operators13:02
*** lhcheng_ has quit IRC13:09
*** _nick has quit IRC13:14
*** _nick has joined #openstack-operators13:15
*** lhcheng has joined #openstack-operators13:20
*** ducttape_ has quit IRC13:20
*** bvandenh has quit IRC13:24
*** markvoelker has quit IRC13:35
*** markvoelker has joined #openstack-operators13:53
*** sleinen-AS559 has joined #openstack-operators13:56
*** maishsk has quit IRC13:58
*** zhangjn has quit IRC14:00
*** subscope has quit IRC14:00
*** maishsk has joined #openstack-operators14:01
*** rcernin has quit IRC14:03
*** subscope has joined #openstack-operators14:04
*** pilgrimstack has quit IRC14:07
*** pilgrimstack has joined #openstack-operators14:10
*** subscope has quit IRC14:10
*** subscope has joined #openstack-operators14:11
*** ctrath has joined #openstack-operators14:11
*** subscope has quit IRC14:13
*** ducttape_ has joined #openstack-operators14:13
*** subscope has joined #openstack-operators14:13
*** ducttape_ has quit IRC14:14
*** subscope has quit IRC14:16
*** ducttape_ has joined #openstack-operators14:16
*** subscope has joined #openstack-operators14:17
*** pilgrimstack has quit IRC14:18
*** ctrath has left #openstack-operators14:19
*** pilgrimstack has joined #openstack-operators14:19
*** krobzaur has joined #openstack-operators14:20
*** dminer has joined #openstack-operators14:22
*** regXboi has joined #openstack-operators14:23
*** mriedem_away is now known as mriedem14:33
*** ToMiles has joined #openstack-operators14:35
*** bvandenh has joined #openstack-operators14:36
*** sanjayu has quit IRC14:37
*** kencjohnston has joined #openstack-operators14:40
*** krobzaur has quit IRC14:44
*** krobzaur has joined #openstack-operators14:46
*** dims_ has joined #openstack-operators15:08
*** dims has quit IRC15:09
*** mdorman has joined #openstack-operators15:16
*** markvoelker has quit IRC15:18
*** markvoelker has joined #openstack-operators15:18
*** subscope has quit IRC15:26
*** maishsk has quit IRC15:27
*** maishsk has joined #openstack-operators15:27
*** maishsk has joined #openstack-operators15:30
*** subscope has joined #openstack-operators15:36
*** maishsk has quit IRC15:36
*** Marga_ has joined #openstack-operators15:38
*** subscope has quit IRC15:40
*** subscope has joined #openstack-operators15:57
*** subscope has quit IRC15:59
*** VW has joined #openstack-operators16:01
*** VW has quit IRC16:02
*** krobzaur has quit IRC16:04
*** matrohon has quit IRC16:16
*** rcernin has joined #openstack-operators16:16
*** harshs has joined #openstack-operators16:24
*** lhcheng_ has joined #openstack-operators16:29
*** rebase has joined #openstack-operators16:30
*** dims_ has quit IRC16:30
*** lhcheng has quit IRC16:32
*** matrohon has joined #openstack-operators16:32
*** rebase has quit IRC16:34
*** krobzaur has joined #openstack-operators16:35
*** signed8bit has joined #openstack-operators16:40
*** dims has joined #openstack-operators16:46
*** ToMiles has quit IRC16:50
*** VW has joined #openstack-operators17:03
*** VW has quit IRC17:10
*** dims has quit IRC17:18
*** dims_ has joined #openstack-operators17:18
*** regXboi has quit IRC17:19
*** david-ly_ has joined #openstack-operators17:19
*** matrohon has quit IRC17:19
*** david-l__ has joined #openstack-operators17:23
*** david-ly_ has quit IRC17:23
*** david-lyle has quit IRC17:23
*** harshs has quit IRC17:26
*** david-l__ has quit IRC17:30
*** SimonChung1 has quit IRC17:33
*** derekh has quit IRC17:35
*** ducttape_ has quit IRC17:40
*** Marga_ has quit IRC17:42
*** david-lyle has joined #openstack-operators17:44
*** Marga_ has joined #openstack-operators17:46
*** electrofelix has joined #openstack-operators17:46
*** maishsk has joined #openstack-operators17:49
*** SimonChung has joined #openstack-operators17:50
*** Marga_ has quit IRC17:51
*** maishsk has quit IRC17:56
*** SimonChung has quit IRC18:03
*** SimonChung has joined #openstack-operators18:03
*** david-lyle has quit IRC18:03
*** SimonChung1 has joined #openstack-operators18:03
*** SimonChung has quit IRC18:03
*** SimonChung has joined #openstack-operators18:05
*** SimonChung1 has quit IRC18:05
*** SimonChung1 has joined #openstack-operators18:05
*** SimonChung has quit IRC18:05
*** wasmum has joined #openstack-operators18:11
*** david-lyle has joined #openstack-operators18:11
*** Marga_ has joined #openstack-operators18:14
*** mriedem has quit IRC18:17
*** mriedem has joined #openstack-operators18:21
*** liverpooler has quit IRC18:27
*** harshs has joined #openstack-operators18:30
*** pilgrimstack has quit IRC18:49
*** SimonChung has joined #openstack-operators18:57
*** SimonChung1 has quit IRC18:57
*** SimonChung has quit IRC18:57
*** SimonChung1 has joined #openstack-operators18:57
*** VW has joined #openstack-operators19:10
*** alejandrito has quit IRC19:10
*** signed8bit is now known as signed8bit_ZZZzz19:13
j^2I'm pretty crazy surprised that I have 8 nominations for the OpenStack Board already19:14
j^2anyone  else willing to help out?19:14
j^2https://www.openstack.org/community/members/profile/1980219:14
*** VW has quit IRC19:15
*** signed8bit_ZZZzz is now known as signed8bit19:23
dmsimardj^2: http://i.imgur.com/0Ixp8uQ.jpg ? :)19:27
*** krobzaur_ has joined #openstack-operators19:42
*** krobzaur has quit IRC19:42
*** Marga_ has quit IRC19:45
*** regXboi has joined #openstack-operators19:46
*** krobzaur_ has quit IRC19:52
*** dims has joined #openstack-operators19:53
*** dims_ has quit IRC19:56
*** krobzaur_ has joined #openstack-operators19:59
*** kencjohnston has quit IRC20:04
*** signed8bit is now known as signed8bit_ZZZzz20:14
*** signed8bit_ZZZzz is now known as signed8bit20:16
*** bvandenh has quit IRC20:17
j^2dmsimard: exactly20:21
xavpaice"this candidate has already received 10 nominations"20:23
*** krobzaur has joined #openstack-operators20:29
*** krobzaur_ has quit IRC20:32
wasmumi'll be, my bouncer came back online.20:45
*** ducttape_ has joined #openstack-operators20:45
*** ducttape_ has quit IRC20:45
*** ducttape_ has joined #openstack-operators20:45
*** kencjohnston has joined #openstack-operators20:50
mriedemanyone here care about the performance of nova's unshelve operation? https://review.openstack.org/#/c/135387/20:51
*** maishsk has joined #openstack-operators20:58
*** lhcheng_ has quit IRC21:01
*** VW has joined #openstack-operators21:06
*** VW has quit IRC21:12
wasmummriedem: definitely interested, just read the specs and blueprints - i'll keep watching this, thanks!21:13
mriedemi totally don't understand why a config option is necessary here21:16
mriedemif you're on shared storage, leave the disk so unshelve is faster21:17
*** regXboi has quit IRC21:25
klindgren_I thought the whole point of unshelve was to move storage from in theory more expensive disks to also in theory less expensive object storage21:33
klindgren_otherwise why not just stop the vm and leave it in a shutdown state?21:34
*** Marga_ has joined #openstack-operators21:37
*** dims has quit IRC21:37
*** dims has joined #openstack-operators21:38
*** Marga_ has quit IRC21:42
*** elo has quit IRC21:46
*** jaypipes has quit IRC21:47
xavpaiceI thought it was because shutdown instances still consume resources on a hypervisor, but if you shelve it then other instances can use that cpu/ram/etc21:53
xavpaices/consume/reserve/21:54
*** elo has joined #openstack-operators21:54
*** maishsk has quit IRC21:55
*** Marga_ has joined #openstack-operators21:55
*** SimonChung has joined #openstack-operators21:56
*** SimonChung1 has quit IRC21:56
*** dminer has quit IRC21:57
*** Marga_ has quit IRC21:57
*** lhcheng has joined #openstack-operators21:57
*** Marga_ has joined #openstack-operators21:58
*** SimonChung1 has joined #openstack-operators22:00
*** SimonChung has quit IRC22:00
*** kencjohnston has quit IRC22:02
*** kencjohnston has joined #openstack-operators22:03
mriedemxavpaice: yeah, that22:05
mriedemshelve offload snapshots the instance and destroys the instance from the hypervisor22:05
mriedemthe instance is still in the nova db though,22:05
mriedemso when you unshelve, you can re-use that instance and it's network/bdm information and original image22:05
xavpaicedo people charge customers for 'shutdown' instances at all, given that they still reserve stuff on the hypervisor?22:10
xavpaicewe decided not to, but when we're telling customers to shut down their instances to save them money, we still can't re-use that resource for another customer22:11
*** Piet has quit IRC22:16
*** krobzaur has quit IRC22:16
*** signed8b_ has joined #openstack-operators22:20
*** signed8bit has quit IRC22:20
*** signed8b_ has quit IRC22:32
*** signed8bit has joined #openstack-operators22:38
*** mriedem has quit IRC22:38
mgagneI don't see why you wouldn't charge someone renting a car but leaving it in his driveway. Meanwhile, the service provider can't rent it to someone else :-/22:42
serverascodexavpaice: yeah we have that problem too, ha, we haven't completely figured out what we are going to do yet, but we can't just let ppl take up resources and not charge them, so have to figure something out...22:44
mgagneIPv4 isn't free either =)22:45
jamespd^^ heh.22:45
* jamespd is constantly arguing for a floating ip price increase.22:45
* klindgren_ reserves all the floating ip's.22:46
mgagneyep22:46
klindgren_can I get those routed to another datacenter as well?22:46
mgagneyou reserve, you pay. that's my philosophy22:46
jamespd^^ totally22:46
mgagneif you can get neutron to support inter-region, why not =)22:46
mgagneassuming you have different neutron installs per dc22:46
klindgren_I think you found a new business model for HP22:47
mgagneif you are using NAT, that's an other story IMO22:47
mgagnebut private IPv4 aren't infinite either22:47
klindgren_ /24 leases on their 2 /8's of space22:47
*** kencjohnston has quit IRC22:49
*** krobzaur has joined #openstack-operators22:56
*** Marga_ has quit IRC22:57
*** Marga_ has joined #openstack-operators22:59
*** krobzaur has quit IRC23:02
*** harshs has quit IRC23:03
*** harshs has joined #openstack-operators23:08
*** SimonChung has joined #openstack-operators23:09
*** SimonChung1 has quit IRC23:09
*** VW has joined #openstack-operators23:09
*** bvandenh has joined #openstack-operators23:14
*** VW has quit IRC23:14
*** signed8bit is now known as signed8bit_ZZZzz23:20
*** dims_ has joined #openstack-operators23:28
*** ducttape_ has quit IRC23:29
*** dims has quit IRC23:29
*** lhcheng_ has joined #openstack-operators23:29
*** lhcheng has quit IRC23:30
*** sanjayu has joined #openstack-operators23:35
*** bvandenh has quit IRC23:35
*** signed8bit_ZZZzz is now known as signed8bit23:36
mgagneklindgren_ are you guys using UUID token format?23:37
*** SimonChung1 has joined #openstack-operators23:38
*** SimonChung has quit IRC23:38
klindgren_inded!23:38
klindgren_indeed**23:38
mgagneklindgren_ happy with it?23:38
mgagneklindgren_ much traffic?23:38
*** SimonChung1 has quit IRC23:38
klindgren_as happy as I can be given the options23:38
*** SimonChung has joined #openstack-operators23:38
mgagneklindgren_ we are having issues with PKI token (with stripped catalog) and Heat23:38
mgagnehehe23:38
klindgren_we see some traffic but - honestly for us it doesn't seem to cause an issue23:39
mgagneklindgren_ it's one of the deepest rabbit hole I have been in recently23:39
*** SimonChung has quit IRC23:39
*** SimonChung1 has joined #openstack-operators23:39
klindgren_I assumed you wanted pki tokens due to the ability for services to verify the token themselves without going to keystone?23:40
mgagneyep23:40
*** ducttape_ has joined #openstack-operators23:40
mgagnebut I'm not emotionally attached to PKI23:41
klindgren_I saw a presentation at tokyo that seemed to indicate that is not 100% the case23:41
mgagnebut some of my coworkers are and I'm looking for more empirical evidences that UUID aren't that bad23:41
mgagneklindgren_ yea, I found that23:41
mgagnesome services are poking back for god knows what reasons23:41
klindgren_seems like they are still querry keystone to ensure the token is valid before accepting it23:42
klindgren_IE not expired/revoked23:42
jamespdbut... you can't really validate a PKI token offline, given that you need to check the revocation list.23:42
sorrisonwe use PKI tokens23:42
jamespdheh.  what klindgren_ said.23:42
*** rcernin has quit IRC23:42
mgagnejamespd revocation list is synced every X seconds23:42
sorrisonit doesn't need to talk to keystone to validate the token23:42
sorrisonbut it downloads the CRL from keystone alot!23:43
mgagneyep23:43
jamespdah23:43
sorrisonwe want to disable CRL checking as we don't care, we have small ttl on our tokens23:43
* jamespd nods.23:44
klindgren_though I keep hearing stuff about some issue with pki tokens thats has a security embargo on it.  Not sure wtf thats about.23:48
xavpaicePKI tokens have caused all manner of other pain though23:48
klindgren_anyway mgagne if we were going to switch we might go to fernet tokens23:48
xavpaicethe sheer size of them, and the effect that has on the keystone db, is a problem in itself23:48
mgagneklindgren_ there is not much reason to move to PKI those days when UUID and fernet exist23:48
xavpaice+123:49
mgagnexavpaice worked to some extend (until today): http://blog.mgagne.ca/reducing-keystone-pki-token-size/23:49
klindgren_one thing I do notice is that most of the API reuqests that I see in services (now that I have wsgi logs logging user/tenant) is actually between the configured admin accounts23:50
klindgren_I would imagine that configuring that as a trusted auth source not having to go through keystone would cut down on a number of calls23:50
klindgren_with uuid/fernet23:50
stevemarklindgren_: yeah, avoid PKI, i'll be sending out an email to the operator mailing list about things we're gonna deprecate in Mitaka23:50
stevemarPKI is among that list23:50
klindgren_talking about nova <-> neutron  nova <-> glance interactions23:51
klindgren_stevemar, cool - it would be good to have some real details asside from this nebulous - chatter around pki tokens and not using them.  But we can't say why23:52
stevemarklindgren_: there is a bug filed against them, which the vulnerability management team is handling.23:53
stevemarklindgren_: i'm not sure we can go public with the info until we release an OSSN/OSSA23:54
klindgren_stevemar, no - I get that.  Just wanting to read why is all.23:55
stevemar klindgren_ i understand, i'll prioritize that stuff next week when folks are around23:56
klindgren_do people on the security pre-warning mailing list get more info ahead of time?23:56
klindgren_IE we can start planning on making shifts to public clouds before we have an "oh crap moment"23:57
klindgren_without actually knowing the end's and out's of the actual vunerability23:57
*** signed8bit is now known as signed8bit_ZZZzz23:59
« Monday, 2015-11-23 Index Wednesday, 2015-11-25 »

Generated by irclog2html.py 2.14.0 by Marius Gedminas - find it at mg.pov.lt!