#openstack-meeting-4 log

15:00:28 <gsagie> #startmeeting kuryr
15:00:29 <openstack> Meeting started Mon Jan  4 15:00:28 2016 UTC and is due to finish in 60 minutes.  The chair is gsagie. Information about MeetBot at http://wiki.debian.org/MeetBot.
15:00:30 <openstack> Useful Commands: #action #agreed #help #info #idea #link #topic #startvote.
15:00:32 <openstack> The meeting name has been set to 'kuryr'
15:00:53 <gsagie> #info irenab, vikasc, fawadkhaliq, banix, gsagie in meeting
15:01:06 <gsagie> #info apuimedo, tfukushima are on vacations
15:01:19 <gsagie> #topic kubernetes integration
15:01:36 <gsagie> #link https://etherpad.openstack.org/p/kuryr_k8s
15:01:41 <gsagie> irenab: want to update on this?
15:01:57 <irenab> I will try to sum-up what we have
15:02:16 <gsagie> banix: i believe you have more experience on this issue as well, we should use your experience on this subject :)
15:02:22 <gsagie> hi devvesa! welcome
15:02:29 <devvesa> gsagie: o/
15:02:31 <gsagie> #info devvesa in meeting as well :)
15:02:42 <irenab> One of the missions for the Mitaka release is to provide kuryr - Kubernetes integration
15:03:17 <irenab> We started to put ideas on the etherpad  ^^
15:04:06 <irenab> We should decide on the approach to take here if its another disctinct integration via network plugin or CNI driver
15:04:08 <devvesa> #link https://etherpad.openstack.org/p/kuryr_k8s
15:04:14 <gsagie> One of the ideas irenab brought up and i wrote it there, is that we need to think about ways to expose the extra features Neutron provide to the users, so they could use for example Kubernetes anootation to configure security groups and so on..
15:04:45 <irenab> gsagie: I think before extra features, we need to define the integration model
15:05:28 <irenab> Looks like libnetwork reuse is not applicable at this phase
15:05:34 <gsagie> irenab: agreed, i believe the only option right now is Kubernetes network plugin
15:05:55 <gsagie> irenab: yes, until Kubernetes will support it
15:06:07 <gsagie> banix: any ideas on this subject?
15:06:16 <gsagie> or anyone else of course :)
15:06:18 <irenab> there is a network plugin that is actually CNI Driver that invokes CNI plugins, I am in favor to explore this option
15:06:32 <banix> sorry was away
15:06:36 <gsagie> np
15:07:03 <banix> yes have been following up our options with k8s
15:07:29 <banix> it seems they have a different network model in mind that may want to build on
15:07:49 <banix> I will know more by next week and can report back with a better understanding
15:07:57 <irenab> So we need 1. Integration approach.  2. Data Model mapping from k8s to neutron 3. Extra features (mainly security)
15:08:34 <irenab> banix: can you please elaborate?
15:08:52 <irenab> on they have different approach in mind
15:09:11 <banix> yes, the integration through a plugin is the available option right now
15:09:39 <banix> there are discussions about how to map/integrate  CNI and CNM
15:09:51 <banix> former from k8 and later from libnetwork
15:10:08 <banix> i haven’t followed the latest discussions in the last two weeks
15:10:38 <irenab> banix:discussions on kubernetes-sig-network ?
15:10:56 <banix> yes
15:11:06 <gsagie> irenab, banix: any chance we can put this task on any of you two to write a short spec for this? or is taku also working on that?
15:11:22 <irenab> gsagie:  I will start this asap
15:11:34 <banix> gsagie: yes sure; will talk to irenab
15:11:55 <gsagie> #action irenab, banix start writing a spec for kubernetes integration in terms of 1. Integration approach.  2. Data Model mapping from k8s to neutron 3. Extra features (mainly security)
15:11:57 <irenab> banix: great! Will be happy to collaborate on this
15:12:02 <gsagie> irenab, banix: thanks!
15:12:18 <gsagie> we all should read more and be ready to discuss more concrete details next week
15:12:29 <vikasc> +1 gsagie
15:12:45 <gsagie> i would like us to also try to talk with deployers and understand missing use cases for networking features when deploying with Kubernetes
15:12:54 <gsagie> i have some team i can check internally
15:13:09 <irenab> gsagie: I beleive it both deployers and cluster admins
15:13:29 <gsagie> #action gsagie understand use cases for deploying Kubernetes and update the etherpad
15:13:33 <gsagie> irenab: yep
15:13:35 <irenab> if you can collect data from both, will be great
15:13:58 <gsagie> irenab: yeah i have some people that i can talk with, but would appreciate any more feedback
15:14:12 <irenab> I can provide useful link of use cases shared in the kubernetes-sig-networking team
15:14:28 <gsagie> irenab: that would be great!
15:14:40 <gsagie> #action irenab provide useful link of use cases shared in the kubernetes-sig-networking team
15:14:40 <irenab> https://docs.google.com/document/d/1ZCz_MZILzKCbFwF9gjU1YNA1YbNaw0NDsESh1P6Vcnc/edit
15:14:47 <gsagie> #link https://docs.google.com/document/d/1ZCz_MZILzKCbFwF9gjU1YNA1YbNaw0NDsESh1P6Vcnc/edit
15:15:20 <gsagie> so anything else for Kubernetes ? i think Taku will also join you and banix as he also investigated these areas
15:15:27 <gsagie> and we should be smarter next meeting hopefully
15:15:43 <banix> sounds good
15:15:53 <irenab> gsagie: banix : I think we should have initial spec up to next meeting
15:16:19 <gsagie> #topic vif binding
15:16:29 <gsagie> banix, i see you have an action item for linux bridge binding
15:17:02 <banix> gsagie: I will get to it. Have been off the grid for last two weeks
15:17:03 <gsagie> i dont think its any urgent task, but was wondering if you have any update
15:17:13 <gsagie> banix: np, understandable :)
15:17:24 <banix> one thing that worries me is the cost in terms of latency
15:17:46 <gsagie> what do you mean cost?
15:17:58 <banix> using an executable; I think eventually, sooner rather than later we need to load modules for drivers, etc
15:18:27 <banix> gsagie: i mean specially for ovs with sec groups, there are many commands to be executed
15:18:42 <gsagie> banix: i agree, executable doesnt scale and there are already examples for that with security groups iptables CLI ;)
15:18:45 <banix> with sudo, etc
15:18:51 <gsagie> heh yeah
15:19:07 <banix> so i have that in my list of todos
15:19:47 <gsagie> #action banix to investigate linux bridge binding and alternatives to using an executable scripts for binding
15:19:51 <gsagie> banix: ok sounds good
15:20:22 <gsagie> banix: the OVS unbind part was merged while in holiday, seems ok to me but i would verify when you have time that everything works for you too
15:20:37 <banix> yes noticed that. will do.
15:20:45 <gsagie> ok, thanks
15:20:55 <gsagie> #topic IPAM
15:21:01 <gsagie> vikasc: any update for this?
15:21:01 <vikasc> https://review.openstack.org/#/c/256211/
15:21:14 <vikasc> i addressed banix comments on this patch
15:21:16 <gsagie> #link https://review.openstack.org/#/c/256211/
15:21:40 <gsagie> okie, will review it probably tommorow
15:22:09 <gsagie> vikasc: there is also updating the devref with the implementation details
15:22:15 <vikasc> thanks.. i am spending time understanding kubernetes networking model
15:22:19 <vikasc> yes
15:22:30 <vikasc> last week i was on vacation
15:22:31 <gsagie> just to document things better, i will add fullstack tests for it, unless you want to do it as well
15:22:36 <gsagie> np
15:22:52 <gsagie> was quite 2 weeks with out all of you here :)
15:23:05 <gsagie> #action vikasc update devref for IPAM
15:23:12 <gsagie> #action gsagie add fullstack tests for IPAM
15:23:19 <vikasc> sounds good
15:23:23 <gsagie> #topic packaging
15:23:40 <gsagie> devvesa: any update on that?
15:24:02 <devvesa> No. I didn't get any feedback
15:24:21 <devvesa> I'll try to push this week
15:24:25 <gsagie> devvesa: is there anything i can help with?
15:24:25 <devvesa> and test it better
15:24:56 <gsagie> okie, sounds good
15:24:58 <devvesa> Not now. If I have any question about the service/configuration for packaging, I'll ask in the mailing list or IRC
15:25:00 <devvesa> :)
15:25:08 <gsagie> okie great
15:25:31 <gsagie> ihar from neutron might be able to help with that
15:25:52 <gsagie> #action devvesa continue with packaging task and testing
15:26:02 <gsagie> #topic capabilities
15:26:17 <gsagie> Toni is not here, so i guess no update on that,
15:26:30 <gsagie> #action gsagie check capabilities progress with apuimedo
15:26:50 <gsagie> #topic docker swarm
15:27:19 <gsagie> banix: i see from 2 meetings ago that you conducted a demo with Kuryr and Docker Swarm anything available?
15:27:28 <gsagie> will be cool to post it to the mailing list
15:28:03 <banix> gsagie: will do; don’t have a recorded demo but will do it
15:28:41 <banix> gsagie: to be more accurate i have recorded a simple demo but will try to make a cleaner and better one in a day or two and post
15:28:42 <gsagie> cool, that will be awesome, let me know when you do
15:29:00 <gsagie> we should link to it for people to see :)
15:29:12 <banix> yes will do
15:29:21 <gsagie> #action banix publish a recorded demo of docker swarm with Kuryr
15:29:26 <gsagie> thanks!
15:29:30 <banix> np
15:29:35 <gsagie> #topic testing
15:30:14 <gsagie> ok, so regarding testing i would like to ask your premission to merge https://review.openstack.org/#/c/259744/   , apuimedo has -1 on it but he is on long time off
15:30:21 <gsagie> and already approved to merge it in temporary
15:30:29 <gsagie> its blocking the fullstack tests progress
15:30:51 <gsagie> I already have a bug assigned to solve this issue and an idea how to do it but want it to happen in parallel
15:31:02 <banix> gsagie: go for it
15:31:15 <gsagie> banix: great
15:31:50 <gsagie> #action gsagie continue on fullstack tests and solve the neutron credential problem in the gate
15:32:17 <gsagie> banix: Baohua is from your team?
15:32:33 <banix> gsagie: yes
15:32:36 <gsagie> i guess he was on vacation as well since i havent seen him and i think you said he wants to join the testing efforts
15:32:47 <gsagie> last meeting i directed him to my patches
15:33:13 <gsagie> i will try to sync with him tommorow
15:33:23 <banix> gsagie: yes, i will follow up with him too
15:33:27 <gsagie> #action gsagie sync with Baohua regarding testing
15:33:36 <gsagie> #action gsagie add Rally docker plugin
15:34:04 <gsagie> Another thing i wanted to ask you guys, i want to start adding Docker plugin for Rally, do we want to do this as part of Kuryr, or add this directly to Rally?
15:34:09 <gsagie> and only use it from Kuryr
15:34:46 <fawadkhaliq> gsagie: adding in Kuryr should be okay and can be managed well.
15:34:48 <gsagie> wanted to ask everyone before sending the question to the list, the rally team said we can go either way where they prefer to have it in the rally repository
15:35:27 <gsagie> fawadkhaliq: yeah i agree
15:35:46 <banix> don’t know I am afraid
15:35:47 <gsagie> i think i will also email to the list, so we do this process in the open and get more opinions
15:36:00 <fawadkhaliq> unless there is an added benefit of keeping in the Rally repo, which I can't think of right now.
15:36:08 <fawadkhaliq> cool. makes sense
15:36:21 <gsagie> fawadkhaliq: the only benefit is that we will have the rally team review it more closely
15:36:38 <gsagie> atleast thats what i can think of
15:36:56 <fawadkhaliq> reviews are significant :-)
15:37:01 <fawadkhaliq> we can consider it.
15:37:04 <gsagie> okie, will send to the list and we take it from there :)
15:37:19 <fawadkhaliq> sounds great!
15:37:28 <gsagie> i still havent got to the magnum integration for nested containers
15:37:39 <gsagie> #action gsaguie magnum integration and nested containers design
15:37:49 <gsagie> #action gsagie magnum integration and nested containers design
15:37:54 <fawadkhaliq> on nested containers
15:38:21 <fawadkhaliq> Toni gave me an action item 2 weeks ago and we were heading into the holidays
15:38:39 <fawadkhaliq> I will take a stab at writing a spec and we can iterate over it.
15:38:44 <gsagie> which one?
15:38:54 <gsagie> okie great! thanks for that
15:39:10 <gsagie> #action fawadkhaliq propose a spec for magnum integration and nested containers
15:39:39 <fawadkhaliq> I will reach out for discussions :-)
15:39:54 <gsagie> fawadkhaliq: important to think how we expose all the possible models to the user , for example OVS in the VM, IPVLAN usage with eBPF like you guys did and so on
15:40:09 <fawadkhaliq> absolutely
15:40:22 <gsagie> and another point that came up, is how to model the Kuryr service and where, there were questions about how it can reach Neutron API from inside the VM
15:40:37 <gsagie> and points like these.. just bringing them up :)
15:41:07 <gsagie> ok, feel free to discuss about that if you have any questions
15:41:24 <fawadkhaliq> yup, thanks! will cater for them and definitely, will discuss over #kuryr
15:41:32 <gsagie> okie
15:41:36 <gsagie> #topic open discussion
15:41:49 <gsagie> Thanks everyone for joining the first meeting of the new year :)
15:42:09 <gsagie> and welcome back everyone that had a good vacation, hope you had fun and managed to get some rest :)
15:42:15 <gsagie> and good to see you all again!
15:42:21 <banix> thank you!
15:42:30 <fawadkhaliq> thanks and likewise!
15:43:09 <gsagie> okie, good day everyone! bye
15:43:12 <gsagie> #endmeeting