15:00:33 <danpb> #startmeeting libvirt
15:00:37 <openstack> Meeting started Tue Jun 10 15:00:33 2014 UTC and is due to finish in 60 minutes.  The chair is danpb. Information about MeetBot at http://wiki.debian.org/MeetBot.
15:00:38 <openstack> Useful Commands: #action #agreed #help #info #idea #link #topic #startvote.
15:00:41 <openstack> The meeting name has been set to 'libvirt'
15:01:12 <thomasem> o/
15:01:20 <danpb> well we have no agenda items today...
15:01:24 <vladikr> o/
15:01:28 <apmelton> o/
15:01:39 <danpb> someone add some items if they want to talk about anything...
15:01:53 <danpb> (  https://etherpad.openstack.org/p/nova-libvirt-meeting-agenda )
15:02:16 <ndipanov> o/
15:02:20 <sew> o/
15:02:23 <sgordon> O/
15:02:29 <lparth> o/
15:03:35 <danpb> #topic open discussion
15:04:05 <danpb> since there are no formal  agenda items, speak now if you want to mention anything...otherwise this'll be a short meeting :-)
15:04:22 <thomasem> danpb: sew just added one about nested Docker support in Libvirt LXC containers
15:04:54 <sew> really just curious if anyone has been able to get nested docker to run inside libvirt lxc containers?
15:04:56 <s1rp> o/
15:05:11 <danpb> i've never tried it myself
15:05:50 <danpb> nested containers is getting into the uncharted waters in general though
15:06:17 <sew> there seem to be cgroup differences between lxc and libvirt_lxc which cause docker layering features to fail
15:06:25 <apmelton> docker does some mounting inside of the containers it builds right?
15:07:02 <apmelton> if we're revoking mount capability inside libvirt-lxc containers, that won't work
15:07:33 <danpb> if you can get it working on lxc but not libvirt-lxc then do file bugs against libvirt - probably best to try it in plain libvirt rather than under nova
15:08:05 <s1rp> apmelton: cap_sys_admin isn't dropped at least for libvirt, but for docker it is
15:08:45 <sew> i do see where mknod is dropped tho:  http://libvirt.org/git/?p=libvirt.git;a=blob;f=src/lxc/lxc_container.c;h=fd8ab167f8945d33ba6f82e6f0aed84814fa98c0;hb=HEAD#l1746
15:09:18 <apmelton> ah yes, that's what I was thinking of
15:09:24 <sew> my testing with nested docker was done with just libvirt-1.2.3
15:10:14 <sew> i commented out those dropped caps, but was still unable to make docker layer images successfully
15:10:45 <vladikr> danpb, I was playing a bit with libosinfo recently, and curious what was your vision of it to be used with image properties? should everything be validated against it?
15:10:47 <sew> the only other differences i noticed were with regard to cgroup layouts
15:11:34 <danpb> vladikr: so my view is that in glance we should set   os_id=<libosinfo OS identifier> and then Nova libvirt driver should use that to lookup preferred hardware models
15:11:54 <danpb> vladikr: ie so it'd use virtio net for linux, e1000 for bsd or whatever libosinfo says for preferred nic
15:12:13 <danpb> so it would avoid needing to set things like hw_nic_model and other similar bits in common case
15:13:16 <vladikr> I see, thanks
15:14:25 <apmelton> so danpb, about the spec for user namespaces, I guess I need to get mikal to revoke his -2 on it so it can actually get approved
15:15:21 <danpb> yep, guess he's missed our followup comment
15:15:39 <danpb> nothing will get approved this weekend regardless though until Juno-1 is out
15:15:44 <apmelton> yup
15:15:57 <apmelton> a couple of my other patches we're pushed to J2
15:17:15 <danpb> ok, so i guess we can finish the meeting and get back to regular work
15:17:36 <danpb> #endmeeting