14:59:59 #startmeeting craton 15:00:00 Meeting started Mon Jan 9 14:59:59 2017 UTC and is due to finish in 60 minutes. The chair is sigmavirus. Information about MeetBot at http://wiki.debian.org/MeetBot. 15:00:01 Useful Commands: #action #agreed #help #info #idea #link #topic #startvote. 15:00:04 The meeting name has been set to 'craton' 15:00:05 jimbaker: Error: Can't start another meeting, one is in progress. Use #endmeeting first. 15:00:08 #chair jimbaker 15:00:08 Current chairs: jimbaker sigmavirus 15:00:51 sigmavirus, that was pretty awesome synchronization 15:01:15 agreed 15:01:40 and a good test of the meetbot system, one in fact will win :) 15:04:04 anyway 15:04:18 yep, time to get started 15:05:17 git-harry, palendae, sulo, hi 15:06:08 Hi 15:06:18 sigmavirus, anything you would like to add to our usual standing agenda of what we plan to do this week? 15:07:27 ok, sounds like it's a great plan :) but we can add more as we discuss 15:08:14 :) 15:08:22 * sigmavirus suspects sulo is here as sacharya 15:09:01 sigmavirus, you spooked him 15:09:47 so last week i made good progress on rbac, especially understanding how to merge the scoped role assignments with oslo.policy rules. it's pretty straightforward 15:11:08 which means, i have a working demo script of what it should look like; and i have been able to figure out what oslo.policy actually does, despite the rather cryptic docs. mostly by reading keystone and its own codebase 15:12:05 this week i plan to get that in as a spec for review. about time 15:12:54 i'm also going to set up meetings with dusty simonyi to help us on this phase of requirements gathering 15:13:14 lastly i hope to put together a roadmap draft 15:13:29 so that's my week 15:14:26 sigmavirus, what are things looking like for you? it seems we got the pagination spec in good shape for completion shortly, and some discussion with the api wg as well on that 15:16:47 I'm going to wrap up the specification and then work on the actual implementation 15:17:54 sigmavirus, cool. i think it's just a matter of some copy editing, and the spec will be wrapped up for craton 15:18:52 and thanks again for that spec work, it's really well done/well thought out 15:20:08 in particular, capturing alternatives (and their counterargs) in the spec is something we should work on doing for future specs 15:20:35 That's why there's a section for it 15:20:36 git-harry, anything you would like to report? 15:20:40 sigmavirus, :) 15:21:18 a good template, a good process, certainly builds a foundation for good work 15:21:37 jimbaker: I have some things up for review, other than that nothing is new. 15:22:24 git-harry, sounds good, and we will take a look at those reviews. thanks for those! 15:24:42 on friday, we had a good discussion with respect to instrumentation for distributed tracing. it's not something that means so much now, given the simplicity of how inventory works today. it will be far more useful as we look at integration with other sources of truth (eg nova plugins with virtualized variables) 15:25:20 it is not something i'm really working on this week, given current low pri, but just something we will want to start thinking about 15:26:57 in particular, this means implementing http://docs.openstack.org/developer/osprofiler/ support 15:27:12 I've heard ... not great things about osprofiler 15:28:27 sigmavirus, got it. and that's quite valid feedback. just want to understand better pros/cons, and possibly that there specific aspects that can make it work better or not 15:29:22 in the meantime, we have this new distributed tracing functionality in aws, now under preview, https://aws.amazon.com/xray/ 15:29:52 which complements (and possibly builds on) related work in terms of cloudtrails 15:31:02 sigmavirus, is it also possible that osprofiler's issues are more with respect to ceilometer, vs the api itself? 15:31:33 I believe it's more due to the fact that even when it's disabled it causes a performance hit 15:32:24 I don't have numbers for that though 15:32:25 sigmavirus, got it. so maybe more of a question of appropriate granularity 15:34:00 since osprofiler is new to me, i don't have a sense of how people use/abuse it. from the DTS perspective, it's more about handoffs between distributed components, and that's where i would see any usage for us making sense 15:34:40 anyway, low pri for now 15:34:43 jimbaker: I don't think it has to do with abuse 15:35:16 sigmavirus, cool 15:35:41 As i understand it, they're using osprofiler as documented 15:35:41 sigmavirus, are people using it for finegrained, or coarsegrained? 15:36:31 the other thing i have been considering is that we may want to organize keys with respect to some namespace system. right now we have a flat namespace for the keys themselves, although something like ansible can take that and apply whatever convention is desired 15:36:59 jimbaker: afaik, osprofiler has no distinction. it's on or off 15:37:06 and when it's off, it still hurts 15:37:25 sigmavirus, ok. worth profiling then ... 15:37:26 ;) 15:38:42 so the context for namespaces: if we are storing secrets like ssh keys; or plugin configs; or what have you, we may want to distinguish from usage like ansible 15:40:20 i don't think this needs to be more than a convention, and possibly future indexing support. so if convention it could be "ssh/id_rsa", "plugin/nova", etc - in this particular case, use / as the namespace separator 15:40:42 just putting this out there to start thinking about a namespace spec 15:40:54 Syed__, hi 15:41:37 palendae, this could extend to separating out osa stuff as well 15:42:01 jimbaker: hi, sorry for delayed presence,, was unable to connect to my irc 15:42:16 Syed__, we have been discussing our upcoming plans for this week 15:42:53 in particular, i mentioned i got a working script going showing the bare minimum necessary for integrating what we do with scoped role assignments with oslo.policy rules 15:43:04 jimbaker: I'm not sure how we'd use it because Ansible has no concept of namespaces 15:43:17 palendae, that's actually my point :) 15:43:45 i just want ansible to get what it needs from our integration, without getting the stuff it doesn't want 15:44:26 jimbaker: yeap i have been playing around with policy.json for setting up rules, can you put up the script as well in gist somewhere 15:45:01 palendae, we will want to be filtering this out regardless. using some sort of namespace will hopefully simplify what is necessary. but definitely want your feedback! 15:45:23 Syed__, yes, i will put it out shortly; and it will also be described in the spec 15:45:26 Ok; well, anything querying craton can reassemble things as it wants on the client side 15:45:43 cool, thanks 15:45:49 palendae, exactly 15:47:03 Syed__, but in a nutshell, it's more about how to use oslo.policy than anything clever. it's really simple. but figuring it out took awhile, given rather cryptic docs 15:47:37 anything else? that's all i have 15:49:21 sigmavirus, ? 15:49:34 I've nothing much 15:50:01 sigmavirus, feel free to mention it. but we have #craton of course to go into more details 15:50:33 https://review.openstack.org/#/c/410342/ would be nice to get opinions from Craton devs 15:50:45 I've gotten feedback from sigmavirus already and some from other OSA people, which I do need to get back to 15:51:30 palendae, sounds good. i was re-reading the feedback this morning. i will see what i can add to the discussion 15:52:34 ok, let's bring this meeting to a close 15:52:40 thanks everyone! 15:52:50 #endmeeting