14:00:36 #startmeeting kuryr 14:00:37 Meeting started Mon May 15 14:00:36 2017 UTC and is due to finish in 60 minutes. The chair is apuimedo. Information about MeetBot at http://wiki.debian.org/MeetBot. 14:00:38 Useful Commands: #action #agreed #help #info #idea #link #topic #startvote. 14:00:40 The meeting name has been set to 'kuryr' 14:00:53 Welcome to the post Summit weekly irc meeting 14:00:57 who's here today? 14:01:01 o/ 14:01:03 o/ 14:01:08 hi 14:01:10 \o 14:01:31 o/ 14:01:33 ltomasbo and dmellado have public holidays today 14:01:41 o/ 14:02:06 alright. Let's get started! 14:02:13 thanks all for joining 14:02:17 #topic kuryr-libnetwork 14:02:51 we have nothing in flight for kuryr-libnetwokr 14:03:06 I've updated the uwsgi patch btw 14:03:12 the libnetwork2 patches got merged 14:03:16 oh right 14:03:17 :P 14:03:39 also will try to find some time to get the thing running under apache in devstack by default =) 14:03:59 and that should conclude the bp and pike goal ) 14:04:00 mod_wsgi is a bit slow :P 14:04:05 great 14:04:21 kzaitsev_ws: IIRC there were some issues with the multithread setting in wsgi 14:04:32 but I don't remember the details :/ 14:04:52 irenab: limao: please, take a look at https://review.openstack.org/#/c/374315/ 14:05:00 sure 14:05:12 yes 14:05:16 #info close to adding wsgi support and thus making one of Pike's community goals 14:05:25 we can always make the thing configurable and if we merge it in the middle of the cycle someone might complain in time 14:05:30 anything else on kuryr-libnetowrk? 14:05:41 kzaitsev_ws: good point 14:07:06 I would plan to do some scale test about boot docker with kuryr-libnetwork since I can control some vm resource in my local lab, currently, I would to see what's the performance it would looks like with 10K containers in 100vms 14:07:27 limao: that would be great 14:07:44 the best scale testing to date 14:07:46 :-) 14:07:53 I'm not sure if anyone has did similar test or has some idea about this 14:07:54 limao: do you have some refenrece numbers for native docker network? 14:08:33 limao: bare metal or on VMs? 14:08:39 irenab: I think I can do same test in same env with native docker network 14:08:58 limao: this will be great, so we can see the comparison 14:09:06 apuimedo: I think I will test in nested vms 14:09:20 apuimedo: I do not have 100 bare servers :-) 14:09:23 cool! 14:10:03 you can run in VMs, but not use trunk portd 14:10:05 irenab: can you make a few #info points of the summary 14:10:09 #chair irenab 14:10:10 Current chairs: apuimedo irenab 14:10:15 I need to step off for 4 minutes 14:10:21 apuimedo: irenab: I'd like work out some test case in the next week, and to see how it works. 14:10:29 apuimedo: summit? 14:10:38 yeah 14:10:46 limao: great 14:11:19 #info limao is about to add test cases for libnetwork and execute performance/scale tests 14:11:38 quick summary of Os Boston summit 14:12:06 there was quite interest in the kuryr project. Onboarding session was quite full 14:12:59 Fuxi seems to gain interest from the cinder folks 14:14:05 irenab: yes. it's a pity that hongbin is not around 14:14:15 We presented the kuryr project update with plans for Pike/Queens and some rough agenda for Rocky 14:14:20 anyway, the gist of it is that there may be effort to join the golang cinder driver to fuxi 14:14:24 and have fuxi be golang 14:14:24 let me find a link to share 14:14:28 we'll see about that though 14:14:49 wow +) 14:14:56 about the golang I mean 14:15:21 o/ 14:15:31 hongbin: nice to see you :-) 14:15:38 #link https://www.openstack.org/videos/boston-2017/project-update-kuryr 14:16:13 kzaitsev_ws: there's also something intriguing that dims reported about some golang cni from they hyper.sh folks being submitted to openstack 14:16:28 we'll have to be alert to that and check how it all fits 14:17:12 okay 14:17:18 moving to other kuryr-kubernetes things 14:17:32 I started working on the loadbalancer service type 14:17:48 it will come with small additions to the service handler 14:17:54 and an external ip driver 14:17:58 based on floating ip 14:18:10 so if somebody wants to add support for k8s externalip field 14:18:15 the same driver could be used 14:18:22 apuimedo: will it cover the clusterIP type getting external IP use case? 14:18:37 irenab: nope. The driver would serve, but I'm not implementing that 14:18:44 it would be probably 5 lines more only 14:18:46 :P 14:18:49 ok 14:18:57 do you have bp? 14:19:03 not yet 14:19:20 apuimedo: you should serve an example :-) 14:19:26 but I have it for the token support 14:19:34 irenab: I'll have the spec before I send the patch 14:19:38 I promise this time! 14:19:40 xD 14:19:46 I'm having an internal meeting about my sriov experiments tomorrow. would probably share the end result and would start drafting the bp/spec 14:19:56 kzaitsev_ws: cool! 14:20:03 I haven't had the time to look at it 14:20:15 and unfortunately I think none of my servers has an sriov card atm 14:20:17 I don't expect all of you guys to like my design outright but =) 14:20:33 kzaitsev_ws: if need be, we'll have a design call ;-) 14:20:43 there should be smth to start with ) 14:20:47 cool 14:21:00 kzaitsev_ws: no worries, we will have the review process 14:21:13 of course! 14:21:52 irenab: ivc_; kzaitsev_ws: vikasc: we should give another round to garyloug's macvlan patch 14:22:10 apuimedo: I already did this morning 14:22:14 If you have something to discuss about it now, we can use 5 minutes of this meeting 14:22:18 will do! 14:22:26 thanks irenab ! 14:22:56 For now — I've implemented a separate handler and a separate cni binary, that reuses a lot of code from kuryr-k8s and inherit's it's controll flow. In case the idea doesn't fit general direction it should be separatable into some sort of contrib folder and be pluggable. 14:22:59 thanks guys :-) 14:23:55 kzaitsev_ws: That's a very failsafe approach 14:24:11 we should also give another round to ltomasbo's pool patches 14:24:29 kzaitsev_ws apuimedo it should become much more pluggable once we get to cni daemon 14:24:36 port pooling is very important for the reference implementation in pike 14:24:41 apuimedo: I also reviewed them today, basically the main concern is lack of unit tests 14:24:41 I need start reviewing the hard patches too ) 14:25:37 I also wanted to propose work on being installable with kubeadm apply -f kuryr.yaml 14:25:52 apuimedo, +1 14:26:14 If somebody wants to take this. Ping me and I can give some pointers 14:26:15 apuimedo: alternative to helm? 14:26:30 irenab: it's the main k8s installer 14:26:46 we'll also be collaborating with openstack-helm people for kuryr-k8s chart 14:26:49 apuimedo, i can take this. 14:27:03 vikasc: very well 14:27:22 vikasc: do you have time to start this before Friday? 14:27:43 apuimedo, yes, i can start anytime 14:27:54 right 14:28:06 apuimedo, i got some free cycles 14:28:07 vikasc: so ping me tomorrow and I'll give you some details 14:28:13 apuimedo, sure. 14:28:16 ivc_: any sneak peak on what a cni daemon would be? (like is there some document or a bp?) 14:28:18 maybe I'll have the bp ready 14:28:29 kzaitsev_ws: using oslo services 14:28:42 it would bind to a socket file 14:28:50 kzaitsev_ws we discussed it couple of times. prolly there's a videoconf link in ml 14:28:55 and it would run the pod event handlers 14:29:13 then the kuryr cni exec just connects to the socket and writes the requests 14:29:23 apuimedo: we need bp with list of points 14:29:32 points? 14:29:47 basic direction in points 14:29:53 oh! Right! 14:29:59 ok! 14:30:10 ivc_: did you start working on it? 14:30:10 I'll have BPs for all these stuff this week 14:30:34 bp all the things!!! =) 14:30:38 indeed 14:30:56 irenab nope 14:31:29 ivc_: I do not remember what was the reason exactly, but I had the urge of proposing the cni split had the daemon only watching and returning data and then the executable performing the NET_ADMIN actions 14:32:03 maybe it was to have the daemon container not need to be privileged 14:32:36 apuimedo i'd prefer daemon to do the job. don't forget about pyroute2 overhead 14:32:40 but since we do the baremetal binding in two steps... 14:32:45 ivc_: oh, right! 14:33:04 anything else on kuryr-k8s? 14:33:36 ivc_: oh, I found a bug deploying kube-dns related to services and endpoints 14:33:43 apuimedo: btw here is the project you were referring to https://review.openstack.org/#/c/462453/ 14:33:49 I'll try to dig it out by adding it to devstack optionally 14:34:01 at least thats what dims menthined in #sig-openstack 14:34:07 apuimedo isnt kube-dns udp-based? 14:34:12 #link https://review.openstack.org/#/c/462453/ 14:34:23 yep, that's the one 14:34:27 right 14:34:46 and the idea they have is to start cni/controller from scratch in golang inside openstack 14:34:48 they seem to be coming in with empty repo, so we should engage quickly so they use what we have here 14:34:49 and here's their github https://github.com/hyperhq/kubestack 14:35:21 kzaitsev_ws : they won't be importing that directly to openstack git repo 14:35:28 ah, ok ) 14:35:55 dims: where's the answer to all those questions you sent them? 14:36:48 apuimedo : i haven't seen an answer yet, i met with "resouer" who was at the boston summit, was promised some write up to send around. 14:37:01 dims: very well 14:37:07 at some point maybe there should be a meeting 14:38:05 apuimedo : ++ i requested them to find/engage with projects we have 14:38:42 good 14:39:02 pengfei ni knows kuryr 14:39:18 resouer is Harry Zhang - https://github.com/resouer 14:39:49 cool 14:40:23 that's all i had :) 14:40:30 thanks a lot dims 14:40:40 anything else on kuryr-k8s? 14:42:01 alright 14:42:07 #topic fuxi 14:42:11 #chair hongbin 14:42:12 Current chairs: apuimedo hongbin irenab 14:42:16 hi 14:42:30 since last week is boston summit, i don't have too much to update 14:42:59 there are a few patches that need reviews as ususal :) 14:43:01 https://review.openstack.org/#/c/461956/ 14:43:09 https://review.openstack.org/#/c/461212/ 14:43:18 https://review.openstack.org/#/c/454474/ 14:43:35 Looking forward to the plugin api support :P 14:43:47 apuimedo: plugin api? 14:44:23 docker plugin install kuryr/fuxi 14:44:24 :-) 14:44:30 apuimedo: i see 14:44:44 apuimedo: we have a bug to track that AFAIK 14:44:56 I need to add fuxi to my gerrit review dashboard... 14:45:00 apuimedo: yes, it will be available soon, it si on my priority 14:45:15 great hongbin! 14:45:27 anything else hongbin ? 14:45:33 apuimedo: that is all from me 14:45:38 thanks hongbin 14:45:47 it was great to meet you again in the summit 14:45:50 #topic general 14:46:22 I posted the demos and slides we did in the summit 14:46:30 and there's also the recordings on the youtube channel 14:46:38 apuimedo: link? 14:46:43 irenab: right 14:47:05 #link https://www.youtube.com/watch?v=3DSskYvOZvY 14:47:11 #link https://www.youtube.com/watch?v=gFqfNZ3iBBg 14:47:21 #link https://www.youtube.com/watch?v=pOOAM06B39s&t=58s 14:47:26 oops 14:47:30 #link https://www.youtube.com/watch?v=pOOAM06B39s 14:47:44 #link https://www.youtube.com/watch?v=6veNkVIAQfs 14:48:06 #link https://www.youtube.com/watch?v=dZZD0rJjgAo 14:48:55 and could you pls share the slides somewhere too? =) 14:49:15 #link https://www.slideshare.net/celebdor/kuryr-kubernetes-the-seamless-path-to-adding-pods-to-your-datacenter-networking 14:49:23 #link https://www.slideshare.net/celebdor/openstack-boston-summit-kuryr-project-updates 14:49:29 #link https://www.slideshare.net/celebdor/kuryr-fuxi-openstack-networking-and-storage-for-docker-swarm-containers 14:49:39 kzaitsev_ws: there you go ^^ 14:49:40 awesome, thanks =) 14:49:41 :-) 14:50:12 there's also the onboarding slides, but I think we'll keep those on demand 14:50:25 or when new people show up in the channel :P 14:50:33 that's all from me today 14:50:36 anything else anybody? 14:51:32 nope 14:51:58 oh yea. In case somebody needs to do kuryr with pod/container in VM, you can take a look at https://github.com/danielmellado/kuryr_heat 14:52:04 #link https://github.com/danielmellado/kuryr_heat 14:52:30 probably that can be a base for magnum support 14:52:39 oh, only for trunk mode pod-in-vm 14:52:50 macvlan and ipvlan obviously don't need the trunking 14:54:28 ok. Thank you all for joining! 14:54:36 #endmeeting