16:00:41 #startmeeting cinder 16:00:42 Meeting started Wed Mar 26 16:00:41 2014 UTC and is due to finish in 60 minutes. The chair is jgriffith. Information about MeetBot at http://wiki.debian.org/MeetBot. 16:00:43 Useful Commands: #action #agreed #help #info #idea #link #topic #startvote. 16:00:46 The meeting name has been set to 'cinder' 16:00:50 o/ 16:00:54 o/ 16:01:15 bill here, standing in for jungleboy 16:01:29 hemna_: 16:01:48 hi 16:01:49 No winston yet, but he was in #cinder so maybe he'll be along shortly 16:01:54 avishay: morning/evening 16:02:17 DuncanT: paging Duncan, paging DuncanT 16:02:18 :) 16:02:27 alright, let's make this quick 16:02:48 #link https://wiki.openstack.org/wiki/CinderMeetings 16:03:27 #topic RC1 status 16:03:35 #link https://launchpad.net/cinder/+milestone/icehouse-rc1 16:03:46 We have one item left 16:03:54 * ttx lurks 16:04:00 https://bugs.launchpad.net/keystone/+bug/1188189 16:04:04 Launchpad bug 1188189 in cinder "Some server-side 'SSL' communication fails to check certificates (use of HTTPSConnection)" [High,In progress] 16:04:38 This may be bigger than we want to tackle right now, I wouldn't say that everything is covered in what's proposed 16:04:44 but it's a good chunk 16:04:55 jgriffith: also make sure you push https://review.openstack.org/#/c/80817/ in 16:05:07 (recent translations) 16:05:13 jgriffith: have you heard from daniel? 16:05:16 ttx: done 16:05:20 thingee: I have not 16:05:27 jgriffith: this involved solidfire and one other driver, right? anything else? 16:05:28 thingee: and I have some concerns 16:05:36 I know in my testing this broke upgrades 16:06:00 Sadly it turns out self-signed certs won't work here for upgrades 16:06:04 don't know who else uses them 16:06:16 but I wanted to make sure everybody affected had a close look 16:06:27 and it may not be something we want to merge at this point 16:06:40 ttx: done 16:07:00 Did anybody else look at this (this == ssl patch)? 16:07:20 jgriffith: 2 patches right, for solidfire and zadara? 16:07:26 avishay: yeah 16:07:35 o/ 16:07:38 avishay: I guess I know the answer to the question about Zadara :( 16:08:02 So my proposal here is I'll up date the lib and set the flag to not check the cert 16:08:02 jgriffith: i was waiting for a +1/2 from the respective maintainers :) 16:08:24 it doesn't really "fix" the identified issue, but at least it updates to use request lib 16:08:42 I'll try and track down Zadara, but they've been MIA since last summer 16:08:52 vlad has moved on I think :) 16:09:08 anybody object to me landing that today? 16:09:17 * jgriffith doubts anybody cares 16:09:43 * avishay doesn't care 16:09:45 ok... I'll post a patch later today and push it through 16:10:02 FYI we're planning to cut RC1 in the morning (my morning) tomorrow 16:10:17 At this point I don't consider driver bugs to be blockers for RC 16:10:35 use your judgement in reviews today 16:10:44 no features disguised as bugs 16:10:47 no huge patches 16:10:51 etc etc 16:11:07 use the same guidelins we use for backports, perhaps even a bit stricter 16:11:11 good enough? 16:11:22 any questions, concerns, items they feel MUST be in? 16:11:43 going once... 16:11:51 going twice... 16:12:02 jgriffith: https://review.openstack.org/#/c/81517/ 16:12:02 Gone!! 16:12:05 BAH 16:12:17 so close :) 16:12:35 :) 16:12:38 :) 16:12:41 vbala: I have to say all of the last minute patches for vmware are very tiring 16:12:55 vbala: that being said no problems with this one 16:12:58 sorry for that 16:12:59 You've got plenty of reviews 16:13:07 vbala: no problem, that's how it goes 16:13:15 ok :) 16:13:17 vbala: I'm just voicing my concern :) 16:13:24 my apologies on that mark. 16:13:37 vbala: I'll have a look at your patch after the meeting and likely merge it 16:13:47 vbala: you be around on IRC incase there's an issue? 16:13:52 jgriffith: thanks 16:14:07 np 16:14:11 ok... anybody else? 16:14:21 Gone 16:14:28 #topic design summit sessions 16:14:45 #link http://summit.openstack.org/ 16:15:02 Surely people don't want to leave all the topics to me :) 16:15:23 hello folks! sorry, late 16:15:25 I know we've all been really busy, but hopefully after tomorrow we can shift gears abit 16:15:43 I'd like to see some proposals start filtering in after tomorrow 16:16:01 If you have something in mind let me know, or get it posted 16:16:18 0 proposals? 16:16:20 I'll be going through old BP's and talks we've had in the past and putting some topics together tonight 16:16:21 is this regarding design summit sessions? 16:16:25 rushiagr: yes 16:16:32 http://summit.openstack.org/ 16:16:38 avishay: yeah.. .ZERO. 16:16:46 weird for this bunch eh? 16:16:48 i know there is interest in a follow-up to replication 16:16:50 very 16:16:58 jgriffith: thought this was the plan 16:16:59 avishay: haha... that goes without saying 16:17:07 I have some desire to implement AWS style filtering in APIs, if Cinder people like the idea 16:17:18 avishay: we can add a topic on adding consistency groups support? 16:17:31 jgriffith: as a result, we can just focus on stability! 16:17:37 xyang1: if you plan on implementing it :) 16:17:39 rushiagr: submit it, but fair warning I have strong opinions based on your last BP 16:17:39 any thoughts around breaking out the brick library? 16:17:42 :) 16:17:47 thingee: :) 16:17:56 jgriffith: any feedback is good feedback for me :) 16:17:59 didn't we agree to have no design sessions and have bbq instead? 16:18:06 ameade: yes, there will be a session by me to better describe that and actually make it happen 16:18:08 avishay: sure, I'll try:) 16:18:15 ameade: need some coordination with gantt 16:18:16 etc 16:18:19 yes there will be bbq instead of sessions. 16:18:26 jgriffith: sweet, okay 16:18:27 mmmmmm bbq 16:18:36 bbq sessions 16:18:37 avishay: but I think we haven't decided whether it sould be at volume level yet 16:18:50 i have some idea, but i need to talk to vendors first 16:18:55 xyang1: fight it out at the summit, looks like i'm skipping this one :) 16:18:56 xyang1: it should :) 16:19:01 cage match 16:19:03 jgriffith: by last bp you mean regarding EC2 APIs right? 16:19:10 rushiagr: correct 16:19:27 rushiagr: regardless, it's good summit topic IMO 16:19:30 jgriffith, avishay: I'll suggest a topic on that 16:19:38 xyang1: thanks 16:19:45 jgriffith: I'd love to hear your opinions. I'm all in for the best way forward for Cinder and OpenStack 16:19:50 i don't think it makes sense to have consistency groups in juno...do basic replication first...of course plan replication to allow for consistency groups 16:20:06 I'd also like to get with bswartz and talk about Cinder versus Manilla 16:20:20 we should have a better plan there and be working together 16:20:31 jgriffith: cool, I'll think over it and submit it up 16:20:38 avishay: I thought it didn't make it into icehouse because it operates at volume level? 16:20:49 xyang1: that's not why :) 16:20:52 xyang1: no 16:21:02 xyang1: some people had concerns about that 16:21:06 avishay: did bswartz say it only works at container (group) level for netapp? 16:21:19 xyang1: avishay regardless save it for later IMO 16:21:30 xyang1: yes, our replication is at the container level 16:21:33 avishay: oh noooos... you may not be there you said? 16:22:01 jgriffith: correct, but i think ronenkat should be there who is taking over that bit at IBM 16:22:02 so history here for those that don't know; netapp and Gluster I believe can't do replication at volume level (maybe others) 16:22:17 eharney: if I'm wrong about Gluster throw a shoe at me 16:22:38 so there may be others... the problem then is that we end up with this weird API 16:22:40 * winston-d_ hands a stone to eharney just in case. 16:22:40 jgriffith: to be specific, they can't do failover/failback at the volume level, only at the "container" level 16:22:41 correct, Gluster currently can replicate N Cinder volumes as a chunk 16:22:50 some do groups, some do volumes etc 16:22:58 so that's what we need to brainstorm on 16:23:23 how do we satisfy the different variants without an ugly API 16:23:40 so with netapp they could only have ~500 replicated volumes if i remember correctly (500 containers), and glusterfs i think 1 :) 16:23:45 might mean it's by extension only, or something else 16:23:59 or just stepping back and thinking about how to abstract all of the deltas 16:24:24 avishay: yeah, it's like whack-a-mole... solve one problem another pops up :) 16:24:30 i'm just worried about the scalability issues when people add SAN drivers to manilla :) 16:24:50 avishay: context? 16:24:56 jgriffith: being a smartass 16:25:10 avishay: ohh, the "default" context :) 16:25:34 avishay: you know that's the first thing I'm going to do to get my revenge right? 16:25:35 jgriffith: just like block storage management doesn't really fit well with file systems 16:25:45 * jgriffith ports all Cinder drivers to Manilla 16:25:46 jgriffith: :) 16:25:55 each file is a volume 16:26:07 nice! 16:26:14 Ok... we digress 16:26:20 some things I've got on my list: 16:26:20 then limit all filesystems in manilla to have a limited number of files because controller X support only that many 16:26:24 1. Replication 16:26:28 2. Brick 16:26:38 3. Multi-Attach 16:26:46 4. LIO as default target 16:26:55 5. HA LVM 16:27:13 ok i'm done being a smartass for now 16:27:15 other things I've been thinking about: taskflow 16:27:15 what's HA LVM? 16:27:31 We are looing for a way to collect per volume basis usage statistics from all Cinder back-ends. 16:27:41 avishay: I would really like to implement an HA solution for the ref LVM driver 16:27:56 harlowja_away: ^ 16:27:56 And we have multiple back-ends from different vendors. 16:27:58 jgriffith: so HA for cinder-volume? 16:28:00 winston-d: OHHH!! Don't let me forget that! Make sure you submit it 16:28:12 avishay: well for the driver 16:28:24 since most backends will have their own setup/impl 16:28:33 just something to make LVM even better :) 16:28:44 jgriffith: i.e., necessary modifications to the driver to allow cinder-volume to run active/passive? or active/active? 16:28:50 winston-d: also the auto-detect idea 16:28:53 jgriffith: Maybe I'm the only one still not 100% clear on expectations or timelines, but would a topic around certification process (vendor CI systems) be useful? 16:29:06 jgriffith: sure. 16:29:21 avishay: I'm talking strictly LVM and to start A/P most likely 16:29:36 A/A depending on how it goes 16:29:51 akerr: yes, that's a required topic for sure 16:29:56 jgriffith, bswartz you guys also want to talk about one driver from multiple back-ends? 16:29:59 akerr: that whole things is getting ugly IMO 16:30:06 Too many cooks in the kitche 16:30:07 n 16:30:09 thingee: hi, may i know does cinder extension stuff still on the table? which we talked in last summit? 16:31:03 Ok, we've obviously all got more ideas than we have slots so let's get them written up :) 16:31:13 #topic open-discussion 16:31:33 anybody have any thoughts on anything? 16:31:34 winston-d, jgriffith: yeah we'll definitely talk about that 16:31:35 OHHH 16:31:43 I have some other things: 16:31:55 sorry I missed the first 30 minutes of this meeting I had a conflict 16:31:58 At yesterdays TC meeting we did an analysis on the gaps that Cinder has 16:32:09 ie gaps regarding what we require for new projects 16:32:17 There were two big things: 16:32:21 zhiyan: I've mentioned in the past the work around that does not block extensions 16:32:24 1. Charter/Mission statement 16:32:31 2. Security team 16:32:46 Item 1 I can take care of pretty easy myself 16:33:00 Item 2 is something I'll need help/volunteers on 16:33:28 The idea of a security team is a person/people that are focused on security related issues for Cinder 16:33:44 What does security team usually do? 16:33:47 They don't have to "fix" everything, but the idea is that they keep an eye on security related things 16:34:05 would need to have good knowledge of security issues in the cloud 16:34:12 and how to keep things safe in the code 16:34:22 They would be sort of a first point of contact/triage 16:34:37 also need to check IDs at the entrance to cinder summit sessions 16:34:40 does the security team get guns to shoot people? 16:34:43 I'm admittedly not a great security person so I'm looking for help here 16:34:57 it may come from this team or from the broader OpenStack community 16:35:09 bswartz: only tasers 16:35:16 but if anybody here digs security and thinking in a paranoid manner let me know :) 16:35:24 jgriffith: not my strong point 16:35:31 bswartz: yes, but only squirt guns 16:35:37 does other project already have security team? Maybe we can share with them? 16:35:39 avishay: yeah... me neither :( 16:35:45 xyang1: yes and yes 16:36:00 I just wanted to throw it out to keep everybdoy in the loop 16:36:19 Ok... anybody else have anything? 16:36:44 I can volunteer for the security team stuff. 16:36:54 winston-d: awesome! 16:37:27 besides saying "review all my patches" i got nothing lol 16:37:44 ameade: haha 16:37:58 we may have special needs for security for payment use case and stuff. 16:38:14 winston-d: ahh... yes, you'd have a special interest 16:38:27 hey guys 16:38:30 I do wanna say that you guys have been pretty quick with doing reviews and I appreciate that 16:38:34 sorry was in a preso the last hour.... 16:39:55 so for multi attach 16:40:02 I've actually been working on it this week 16:40:33 I have the BP assigned to me now and will submit it in Juno J2 at the latest 16:40:53 hemna: making good progress already? 16:40:58 winston-d, yah 16:41:13 It's going to require changes in nova, cinderclient, cinder to work 16:41:21 hemna: are you building on zhiyan's work? 16:41:30 I think I'm close to getting it working 16:41:37 bswartz, yah I took what he had and am running with it. 16:41:44 okay good 16:41:45 his code lacked a lot of needed changes to work 16:42:08 The BP itself talks about this idea of setting a volume as shareable or not 16:42:18 I'm not working on that piece for now 16:42:24 wasn't sure if we wanted that or not 16:42:39 I think the hardest part of multiattach will be the database schema changes needed, and the upgrade procedure around those 16:42:40 so I'm assuming all volumes at this point are multi attach candidates. 16:42:48 #link https://wiki.openstack.org/wiki/Cinder/blueprints/multi-attach-volume 16:42:54 bswartz, yah I think I have that part working already 16:43:06 hemna: nice 16:43:11 I don't have the downgrade done yet, I'll do that after I finalize the schema 16:43:50 so many changes in so many pieces, we'll have to coordinate the patches landing 16:43:58 hemna: is your work available as a WIP? 16:44:03 cinder api v1/v2 changes, cinderclient, etc 16:44:06 bswartz, not yet 16:44:43 hemna: thanks for working on this 16:44:52 I wanted to try and get WIP patches up prior to Atlanta 16:45:04 hemna: and is there a review link can share with us? 16:45:09 zhiyan, yw :) I'm very interested in it, and figured I should pick it up 16:45:14 zhiyan, not yet 16:45:34 I'll try and get some WIP reviews up prior to the Atlanta dev conf. 16:45:49 I think it's getting close to working now as it is......but...no unit test changes yet :P 16:45:55 hemna: netapp has interest in that feature too so feel free to ask for help or bother us for reviews 16:46:02 the unit tests will probably harder than the code changes itself. 16:46:11 bswartz, ok coolio. will do. 16:46:36 hemna: ice cream can grease the review wheels 16:46:39 I've not touched these parts of cinder before, so it's all been a great learning experience so far 16:48:43 Ok...anything else? 16:49:01 that's a wrap... 16:49:03 #endmeeting