15:57:13 #startmeeting hyper-v 15:57:14 Meeting started Tue Feb 5 15:57:13 2013 UTC. The chair is primeministerp. Information about MeetBot at http://wiki.debian.org/MeetBot. 15:57:15 Useful Commands: #action #agreed #help #info #idea #link #topic #startvote. 15:57:17 The meeting name has been set to 'hyper_v' 15:57:22 hi everyone 15:57:36 hi guys 15:57:42 alexpilotti: pedro's not going to make it 15:57:49 alexpilotti: although I think we'll be quick today 15:57:55 darn, I had to ask him a few questions 15:58:08 alexpilotti: take them up via email pls 15:58:16 alexpilotti: he's in meetings 15:58:18 volumes are not getting live migrated 15:58:24 alexpilotti o 15:58:27 that's not good 15:58:47 yep. I'm doing it now for clod migration 15:58:59 alexpilotti: file a bug 15:59:03 so if he gives me confirmation I can add the to live mifration as well 15:59:07 o 15:59:15 even better 15:59:30 ok reach out via email then 15:59:31 please 15:59:51 I wanted to discuss the work on the windows cloudinit bits 15:59:54 so, no problem, I just need to know what his plans were in the "old" Folsom times :-) 16:00:01 sure 16:00:13 as well as the stuff we did yesterday 16:00:26 if you think it's ok 16:00:46 for others to try 16:01:46 alexpilotti: care to discuss the new cloudinit bits? 16:01:56 sure 16:02:05 so what we have now is: 16:02:22 support for all the WIndows OS currently supported by MS: 16:02:34 +1 16:02:40 2003, 2003 R2, 2008, 2008 R2, 2012 16:02:56 both x86 and x64 16:03:14 and also the workstation OSs for VDIs: vista, 7 and 8 16:03:22 nice! 16:03:29 I have to admit that we didn't bother to test on Vista :-D 16:03:42 no one cares about vista 16:03:48 but it has the same kernel as 2008 16:04:00 that's my point as well ;-) 16:04:01 i don't know of any companies using vista 16:04:04 alexpilotti: did you complete the rest of the cloudinit integration of the unattend.xml? 16:04:16 .. and sysprep etc 16:04:27 I have to add cloud init 16:04:42 alexpilotti: are you going to use a rapper to dl it 16:04:56 to recap that feature, as iben might be interested 16:04:59 alexpilotti: i.e. you can always do it in multiple post exec scripts 16:05:02 o yes 16:05:24 iben: so alexpilotti and I did some work on a unattend 16:05:29 we put together an unattended.xml to create a KVM Windows image 16:05:36 with "no hands" 16:05:47 ok 16:05:49 *nod* 16:06:02 it could be used to create any image 16:06:02 this is due to the need to select Virtio drivers during setup, adding drivers for network later etc 16:06:10 it just also slipstreams the drivers in 16:06:25 I wanted a solution to simplify it as much as possible 16:06:39 as unfortunately we cannot provide Windows Glance images for doenload 16:06:43 du to licensing 16:06:46 *due 16:06:54 but we can provide really easy ways to build them 16:06:56 ;) 16:07:07 yes - the documentation will be key 16:07:10 yep :-) 16:07:10 I can help with that 16:07:15 iben: perfect 16:07:17 cool 16:07:42 ok, the next feature in cloudinit is the set password 16:07:44 alexpilotti: i also merged the kvm drivers into my pxe bits 16:07:56 alexpilotti: fwiw 16:08:10 there's a new feature in Grizzly 16:08:24 to set the password in Windows and get it from nova client 16:09:01 it is encrypted w the SSH public key beloging to the keypair assigned to the VM 16:09:17 and is decrypted with the corresponding private key 16:09:39 so now, to get a VM password the user needs simply to do a: 16:09:54 nova get-password vm1 ./ssh/id_rsa 16:09:58 (for example) 16:10:28 it's a pefectly secure way of handling the password issue 16:10:31 nice 16:10:52 Windows cloud-init does the main work 16:11:08 1) getting the SSH key from teh metadata 16:11:27 2) extracting the RSA key (we don't have openssh on Windows) 16:11:39 3) generating a random password 16:11:43 4) encrypting 16:12:01 5) posting the encrypted data to the metadata service 16:12:27 6) creating / updating the user with the given password 16:12:45 at this point any client can get the password, by simply providing the private key 16:13:01 alexpilotti: great job 16:13:04 alexpilotti: what user id is being set with this process? Is it just one or can many users be setup using this method? 16:13:36 alexpilotti: local admin correct? 16:13:38 one user, the user name is set in the cloud-init configuration 16:13:49 and does the user need to exist in the initial image or can users be created? 16:13:49 let me fetch you a snapshot 16:13:52 even better 16:14:11 iben: no, the servcei checks if the user exists and creates it as needed 16:14:18 okay 16:14:20 thanks! 16:14:38 please cover this in the release notes as I'm sure we will get asked this many times... 16:14:39 also, the user is added to a set of local groups provided in the configuration 16:14:48 tipically "administrators" 16:14:48 excellent 16:15:11 most enterprises have changed away from the defaults 16:15:25 iben: second snapshot here: http://www.cloudbase.it/cloud-init-for-windows-instances/ 16:15:28 iben: have you tried alessandro's installers? 16:15:31 yet 16:15:31 so local admin would not be "administrator" 16:15:47 iben: you can set "administrators" if you prefer 16:15:53 primeministerp: we are usign them in our lab 16:15:57 iben: great 16:16:00 for security reasons, as you said companies prefer to avoid it 16:16:07 iben: how is that going 16:16:27 so far so good - we are verifying the configuration of the various OS support 16:16:35 originally w2k3 was not working 16:16:47 but I think we moved past that - right alexpilotti? 16:16:59 iben: tep, I wrote Chris about it 16:17:00 iben: and hyper-v? 16:17:04 alexpilotti has been a great resource - kudos!!! 16:17:10 iben: do you know if he managed to test it? 16:17:13 so far all this is on Ubuntu KVM 16:17:16 iben: tx! :-) 16:17:19 and Essex 16:17:23 iben: gotcha 16:17:29 we will be moving to folsom eventually 16:17:52 and we have yet to discuss licenses 16:18:01 that may impact out hypervisor choice 16:18:04 primeministerp: we keep on getting requests for Essex, we might think about supporting it 16:18:12 alexpilotti: we can't 16:18:16 from a hyper-v perspective 16:18:21 w/ the main codebase 16:18:22 iben: Hyper-V is free :-) 16:18:33 alexpilotti: kind of 16:18:39 primeministerp: only for Cloud-init 16:18:39 alexpilotti: only for not running windows 16:18:42 well - if a company owns many MS windows licenses 16:18:46 they can license the hyper-v 16:18:53 alexpilotti: o gotcha 16:18:53 and save on the guest VM license cost 16:18:57 alexpilotti: then definatley 16:19:06 other wise 16:19:07 alexpilotti: we should support essex w/ the cloudinit bits 16:19:09 iben: what we, do is using SPLA licenses 16:19:11 we can use a free hypervisor 16:19:28 and then we need to license each guest vm instance 16:19:40 iben: we use Windows Server SPLA licenses 16:19:45 datacenter edition 16:19:46 iben: only windows guests 16:19:54 okay - we will look into this 16:19:59 they retail around 70 USD / month / socket 16:20:08 unlimited virtualization rights 16:20:16 alexpilotti: but that's licensed on datacenter 16:20:22 so with 2 sockets and ca 50-70 VMs per host 16:20:23 alexpilotti: not at the vm layer 16:20:35 that's the point 16:20:41 alexpilotti: i.e. you're using windows server vs hyper-v server 16:20:48 you end up paying 1-2 USD / month per guest :-) 16:20:49 alexpilotti: datacenter 16:21:28 it's independent from the host (Hypervisor) OS 16:21:47 so you can use Hyper-V / KVM / ESXi / Xen etc 16:22:08 the same license includes also the host license 16:22:16 alexpilotti: and you're sure that's cheaper than licensing the spla datacenter/core w/ hyper-v 16:22:25 this brings up a new topic to put on our agenda for discussion later on - I'd like to propose a talk for the portland summit in april about the work I'm doing with you guys. 16:22:28 alexpilotti: honestly I have no idea 16:22:32 you don't license hyper-v! 16:22:41 alexpilotti: i know you don''t 16:22:47 i will research all this stuff and present the "official" story 16:22:51 alexpilotti: but you license the windows server core it need s to run on 16:23:06 i.e. for unlimited guests 16:23:09 if you work for Microsoft then you probably don't worry too much about licensing 16:23:17 why do you need to license a windows erver core?? 16:23:18 iben: and I work on open source 16:23:25 iben: so i care even less 16:23:27 ;) 16:23:30 lol 16:23:35 licensing 16:23:42 er about licensing 16:23:42 and same thing goes for a lot of the really big enterprises with thousands of licenses and a KPL server 16:23:48 yes 16:23:57 what about moving this topic to the hyper-V channel after the meeting? :-) 16:23:57 that's the problem 16:24:02 that's infe 16:24:04 er fine 16:24:12 #topic resize 16:24:21 when we bring servers or workstations on line they get licenses from the active directory domain automatically and it's someone elses issue to make sure we're in compliance 16:24:45 iben: that's how most places seem to work 16:24:50 ;) 16:25:16 alexpilotti: move onto resize 16:25:25 alexpilotti: did we agree that vhdx is for I 16:26:27 primeministerp: sure, here we go 16:26:44 so resize is going on very well, I should be able to finish it in 2-3 days 16:27:11 I had most of the code from the Folsom times 16:27:27 alexpilotti: yes I remember 16:27:38 I'm thinking about fitting even the "rescue" feature in G 16:27:45 if we finish everything 16:27:55 alexpilotti: and vhdx, is that for I 16:28:02 but before that I'd like to squeeze in NVGRE on Quantum 16:28:09 i would like to see that 16:28:11 as well 16:28:14 yes, VHDX requires WMI V2, which is scheduled for I 16:28:42 ok perfect want to make sure I account for that in our list 16:28:46 thanks to the huge refactoring we did last week, it's now way easier to do it 16:28:53 but not in 2 weeks ;-) 16:28:58 *nod* 16:29:12 so for us noobs - what is "I" 16:29:25 the release after H 16:29:42 wow - that's far out 16:29:47 sorry guys! 16:29:49 iben: i actually meant h 16:29:50 not i 16:29:50 I meant "H" 16:29:57 all that stuff is for Havana 16:30:03 alexpilotti: yes 16:30:05 alexpilotti: my slip too 16:30:24 alexpilotti: it's the damn fiscal cycle 16:30:29 alexpilotti: throws me off 16:30:38 we are too used to think 1 version ahead :-) 16:30:52 ok 16:30:59 #ci progress 16:31:09 that's good - there's no mention of "I" anywhere here.. http://wiki.openstack.org/ReleaseNaming 16:31:10 #topic ci progress 16:31:23 ociuhandu: is having some amazing progress on CI 16:31:25 iben: thats why we call it i 16:31:32 alexpilotti: good, we needed to catch up 16:31:43 I saw a full puppetized controller running here today ;-) 16:31:43 ociuhandu: did you finish the network controller bits? 16:31:55 primeministerp: the controller is working with all the bits 16:32:09 ociuhandu: network and compute? 16:32:14 not the config, i went back to the main controller to fix the keystone ssl issues 16:32:24 ociuhandu: so we still have ssl issues 16:32:31 no, it's fixed 16:32:35 o 16:32:38 you fixed it? 16:32:46 great 16:32:49 primeministerp: the "main controller" is deploying fine 16:32:58 I'll run one out of pxe today 16:33:03 with all configs 16:33:23 primeministerp: the only bit left is the enter required during the pxe on LVM 16:33:35 ociuhandu: there isn't one 16:33:42 ociuhandu: ;) 16:33:56 ociuhandu: we might have to rebuild the preseed clean 16:33:57 there is, i deployed 3-4 ubuntu machines in the last 2 days and it's the same 16:34:19 ociuhandu: I'll check it, but I have no prompts 16:34:29 primeministerp: did you check the order in the preseed? i think i sent you some info 16:34:33 ociuhandu: is the disk dropping out? 16:35:00 primeministerp: they were saying that the default order is not right (for the options in the preseed) 16:35:15 primeministerp: no, it just does not take the confirmation to write the LVM config 16:35:19 ociuhandu: let's talk after and I'l lcheck 16:35:23 ociuhandu: like i said 16:35:31 ociuhandu: we might just need puppet to rebuild that file 16:35:39 primeministerp: sure 16:35:41 ociuhandu: but I have no prompts on preseeds 16:35:46 during lvm creatoin 16:35:48 when I run it 16:36:19 primeministerp: network controller is deploying, installing from git the quantum but the config is not finished templating 16:36:26 ociuhandu: ok good 16:36:36 ociuhandu: on my side 16:36:44 ociuhandu: i have the windows iso's automounting 16:36:53 primeministerp: once we also have the windows bits we can also test the compute, as the puppet part ofr that should be done already 16:36:54 however we still have to put it onto the system manually 16:37:03 ociuhandu: yes 16:37:08 primeministerp: great 16:37:08 ociuhandu: that's my goal 16:37:20 ociuhandu: I ended up using a defines 16:37:30 ociuhandu: bc we need to know the iso name 16:38:01 ociuhandu: I'm going to generate all the scripts for launching the unatted.xml install from there 16:38:17 ociuhandu: also for time sake I may skip the part we discussed the other day 16:38:27 ociuhandu: as I have to still tweak the startnet.cmd 16:39:06 primeministerp: i think i also got the direction for identifying the machines from puppet through puppetdb 16:39:20 ociuhandu: good 16:39:25 ociuhandu: let's touch base after this 16:39:38 primeministerp: e.g. getting the ips of all machines having a certain module deployed 16:39:42 primeministerp: sure 16:39:54 #general discussion 16:39:59 gah 16:40:06 #topic general discussion 16:40:15 so anyone have anything else to dadd 16:40:17 er add 16:40:20 o 16:40:31 btw luis_fdez thanks helping w/ testing the cloudinit bits 16:40:48 I'd like to propose a talk for the portland summit in april about the work I'm doing with you guys. 16:40:52 primeministerp: :) 16:41:09 is anyone else here planning any talks? 16:41:17 iben: we were going to have talk 16:41:17 want to make sure we don't overlap 16:41:24 re: the new features 16:41:27 and there is some strategic direction 16:41:27 and work that was done 16:41:35 iben: when do you plan to move to Folsom? 16:41:40 also I know alessandro was going to have an additional discussion on cloud init 16:41:59 so - I am an advisor helping many companies with cloud technology 16:42:09 one of my larger customers is using essex now 16:42:31 when folsom is released (is it production yet?) they will start setting up new clusters with it 16:43:06 iben: folsom was already released 16:43:22 i don't think there's a clean upgrade path to take 2000 Ubuntu servers in production with 10,000 virtual machines and just upgrade it 16:43:30 I'm not sure on that though 16:43:30 I would agree 16:43:39 there might be some challenge 16:44:04 so as new racks come on line we can setup this new code 16:44:16 but there is the large legacy installation to account for 16:44:41 iben: gotcha 16:44:45 Yahoo is also setting up a 20,000 redhat based openstack - pretty sure they will use folsom 16:44:59 and they will want to run windows vms on there too 16:45:21 iben: which specific part do you want to speak about at the conference? 16:45:44 the challanges of getting traditional corp workloads onto openstack 16:45:50 iben: perfect 16:45:50 networking 16:45:54 licensing 16:45:59 cloudbaseinit 16:46:09 sort of an overview with pointers 16:46:43 from the trenches with a been there done that perspective 16:46:47 iben: sure 16:46:50 iben: sounds good 16:47:03 specifically enterprise focused 16:47:22 a lot of openstack work is targeted towards devops - which is fine 16:47:47 but we sometimes leave out the bread and butter of the enterprise apps 16:48:09 iben, primeministerp: would you like to setup a meeting on Skype on those 3 topics? 16:48:10 i didn't even know it was possible until we started talking here with you guys 16:48:19 alexpilotti: that's a great ide 16:48:20 er idea 16:48:23 (networking, licenseing cloudbase-init) 16:48:27 so it's great news and we need to help spread the word! 16:48:35 iben: sounds good 16:48:45 iben: let's schedule a skype to discuss more 16:48:49 primeministerp: please include me in that meeting 16:48:53 excellent! 16:49:02 hanrahat: sure thing 16:49:46 switching to skype 16:49:48 iben: would you mind starting that thread w/ your avilability 16:50:04 ok 16:50:10 anything else? 16:50:10 not at all 16:50:25 luis_fdez: anything to add? 16:50:51 nothing primeministerp, by CERN side I've been working on image creation and specific cern stuff... 16:51:10 have you had good success to create images? 16:51:24 luis_fdez 16:51:29 ok guys i'm closing the meeting 16:51:38 ok 16:51:39 luis_fdez: iben #openstack-hyper-v? 16:51:51 #endmeeting