03:00:13 #startmeeting zun 03:00:14 Meeting started Tue Sep 27 03:00:13 2016 UTC and is due to finish in 60 minutes. The chair is hongbin. Information about MeetBot at http://wiki.debian.org/MeetBot. 03:00:15 Useful Commands: #action #agreed #help #info #idea #link #topic #startvote. 03:00:17 The meeting name has been set to 'zun' 03:00:19 #link https://wiki.openstack.org/wiki/Zun#Agenda_for_2016-09-27_0300_UTC Today's agenda 03:00:24 #topic Roll Call 03:00:33 Madhuri Kumari 03:00:36 Namrata 03:00:38 shubham j 03:00:40 Wenzhi 03:00:41 Aditi 03:00:58 hi, yanyan is here 03:01:22 Thanks for joining the meeting mkrai Namrata shubhams_ Wenzhi adisky yanyanhu 03:01:27 #topic Announcements 03:01:34 1. I was told that Zun team could have 2 workroom session at Friday 9:00 - 10:30. Need to confirm if we need it. 03:01:50 Unfortuntely the time is conflicts with Senlin and Magnum 03:02:07 I am not sure if we can take the offer 03:02:28 Depends on if other developers are making it to summit 03:02:34 A question for you guys. How many of you will travel to Barcelona? 03:02:46 I am not coming 03:02:49 still not sure about it 03:02:50 I am coming 03:02:51 i also 03:02:57 i am not coming 03:03:17 ok 03:03:40 take it? return it? 03:03:50 sudipto: hey 03:03:56 hongbin: You will not be available for this? 03:04:06 hongbin, hello 03:04:13 mkrai: I might 03:04:18 sorry a bit late. 03:04:24 sudipto: np 03:04:44 sudipto: we are discussing the Zun team could have session in design summit 03:04:54 session? 03:04:59 hongbin, sigh! I am not gonna be able to make it :( 03:05:01 the time is 9:00 - 10:30 friday 03:05:04 or a team lunch? :D 03:05:15 flwang1: workroom session 03:05:26 hongbin: cool 03:05:29 sudipto: bummper 03:05:34 sudipto: oh no 03:06:02 flwang1: it looks most of us are not able to join (the time is conflicts with other sessions) 03:06:25 hongbin: then how about at least a team lunch? 03:06:26 :( 03:06:32 flwang1: sure :) 03:06:39 flwang1, +1 :) 03:06:43 with the hope, that i will make it on the next one. 03:07:25 ok, will think about the design summit session 03:07:35 move to the next topic 03:07:39 #topic Review Action Items 03:07:45 1. adisky investigate how to support interactive mode to enter container 03:07:52 adisky: ^^ 03:08:03 yes, i have investigated... 03:08:48 adisky: any finding? 03:09:03 there is no option for stdin available on docker python API 03:09:22 i see 03:09:51 adisky: do they willing to add support for it? 03:10:06 however it is possible if we directly make request via docker REST API 03:10:31 i see 03:10:37 for python support, i need to ask.. 03:10:49 ok 03:10:56 thanks adisky 03:11:06 I am wondering if docker-py has that ( we are using it in docker driver as well) 03:11:58 shubhams_: the python API adisky mentioned is docker-py (i think) 03:11:58 i do something, though need to find out more: https://github.com/docker/docker-py/blob/e15ba7400a457ea7b605d08131eb0148c3f7528f/docker/api/exec_api.py#L28 03:12:08 shubhams_ if you have any idea on that...then we can together implement the blueprint 03:12:14 *see 03:12:31 hongbin , adisky : ok 03:12:47 suipto: yea I was talking on the same 03:13:23 then, it looks it is possible 03:13:39 thnx sudipto...may be they have not added into the document, or i may be looking to an older version.. 03:14:24 let's assume this works, would you then recommend using VNC or something to show it remotely? 03:14:27 if it is there it seems possible, i will do further investigation this week also.. 03:15:06 sudipto: the VNC needs to be implemented in zun-ui 03:15:21 ya, we also need to figure out how to catch the stream returned by docker... 03:15:21 (if we decided to do this) 03:15:25 yeah - i mean, is it something like VNC that we want to use? 03:15:29 o/ 03:15:45 sudipto: i think it is a good idea 03:15:46 sorry for joining late :D 03:15:51 kevinz: welcome 03:16:01 kevinz: np 03:16:03 Albite, i think it would be possible then.. 03:16:05 hongbin: Thanks 03:16:24 ok, let's advance topic 03:16:28 adisky, do follow a project called kinematic - you aren't already aware... 03:16:36 *kitematic 03:16:50 ok sudipto, thnx 03:17:09 #link https://kitematic.com/ 03:17:24 #topic Nova integration (Namrata) 03:17:30 Namrata: ^^ 03:18:40 as earlier discussed i want to discuss the sudipto's comments 03:18:53 According to sudipto comment, there were 2 points that needs to be addressed. 03:19:04 1. We should keep minimal workflow impact 03:19:26 2. need a good solid argument over how the nova lifecycle will map against the container lifecycle as a part of this spec 03:19:51 To answer point one, I feel there is nothing we can do with nova worflow but of course we can try to remove atleast one flow in zun 03:20:46 that is if the req is from nova directly send it to zun-compute rather than sending to zun-scheduler as we will already have host info recieved from nova 03:22:57 Namrata: i think sudipto 's point is that nova-docker already provides functionality to drive docker containers via nova api 03:23:32 Namrata: the question is if Zun should do something that is duplicated with nova-docker. 03:23:53 sudipto: is that your concern? 03:24:01 hongbin, yeah that's one of them. 03:24:26 but honestly, i don't want to be a blocker for this spec. 03:24:39 ok 03:24:49 We have had discussion on this that we want this bp 03:24:59 If you feel it's necessary to do - and deal with the consequences later, then so be it :) 03:25:36 Namrata: it looks everything is clear now. you are ready to go 03:26:06 okay thanks 03:26:31 ok, i will review the spec again, if no problem, will approve it 03:26:41 Namrata: thanks for working on the specs 03:26:45 I have updated the specs 03:26:55 #topic Container image store (mkrai) 03:27:01 #link https://blueprints.launchpad.net/zun/+spec/glance-integration 03:27:02 hongbin thanks 03:27:07 #link https://etherpad.openstack.org/p/zun-container-image 03:27:12 mkrai: ^^ 03:27:20 Last week I submitted a patch to support glance in zun 03:27:36 https://review.openstack.org/#/c/374668/ 03:28:10 This week I will implement the support to use glance as image repo in zun 03:28:22 cool 03:28:28 shubhams_ is working on the image resource 03:28:45 shubhams_ would you like to update on your work? 03:29:09 yeah, I am using docker-py's native api for this. I hope thats ok to use 03:30:03 This mean we are going to add new resource in zun /v1/images 03:30:14 mkrai: yes 03:30:28 sound good 03:30:31 Perform various action on images that we are using 03:30:41 mkrai, i would like to review this one for sure 03:30:54 Thanks sudipto 03:31:06 sudipto: thanks 03:31:22 That's all I guess from us :) 03:31:37 thanks mkrai shubhams_ 03:31:45 next one 03:31:46 #topic Container network (hongbin) 03:31:52 #link https://blueprints.launchpad.net/zun/+spec/neutron-integration The BP 03:32:00 #link https://review.openstack.org/#/c/365754/ The proposed spec 03:32:30 i have update the spec to address comments 03:32:49 hongbin, i had a chat with mkrai on this yesterday - i wanted to understand a few things... 03:32:50 now, it has 2 +2, the feedback looks positive so far 03:32:57 sudipto: sure 03:33:28 basically, when we are saying networking to the containers - docker-py would natively provide the NAT interface inside the containers for them to uplink right? 03:33:41 (I couldn't exec into any of the zun containers, hence asking) 03:34:20 sudipto: i am thinking it is the nova-docker solution 03:34:44 the nova-docker solution is the one I am talking about you mean? 03:35:02 sudipto: i am not sure the one you are talking about :) 03:35:22 well so when you provision a container using docker, by default they are created on docker0 03:35:29 and it has a NAT interface inside the container. 03:35:34 I am talking about that. 03:35:47 The 3 types of networking that docker already provides us. 03:36:04 #link: https://docs.docker.com/engine/userguide/networking/ 03:36:26 sudipto: right 03:36:30 i think nova-docker is working on a different way (although i am not sure) 03:36:41 I am not thinking of nova-docker at all :-) 03:37:17 I am just wondering - if we are not doing container orchestration in our first pass - why are we not thinking about exposing the containers just by port numbers on the host? 03:37:58 sudipto: i think this is good for container-in-vm use cases 03:38:10 sudipto: for compute host, i am not sure if it is a good idea 03:38:51 hongbin, ok - this goes back to the container console discussion we just had a while back - the logs would be exposed via a compute host port right? 03:39:37 sudipto: i guess yes 03:39:58 sudipto: however, that is under management network 03:40:21 since necessarily you would never want to 'login' to a container - most likely - you would expose a 'service' - and the 'service' should have the sandbox networking i suppose? 03:40:47 but that created a conflict in my thoughts, when i realised that we aren't speaking of services as yet? Maybe i am wrong... :) 03:41:08 container as a service , it is right 03:41:43 Ok I know - when we do the orchestration bit, we will have to do something like this. I just didn't know the time is now :) 03:43:12 sudipto: i tried to understand your concern, but it seems i didnt' :) 03:43:26 leave it :) i will put my thoughts on the spec :) 03:43:37 sudipto: ok 03:43:39 hongbin: can you explain " container-in-vm use cases" ? is it like havin zun containers in a nova provisoned vm ? 03:44:10 shubhams_: container-in-vm use case is running containers on Nova instances 03:44:37 shubhams_: another use case is container-in-compute-host 03:44:42 Why do you think that docker network drivers can't support it or how having sanbox will be an advantage over it? 03:45:17 I am trying to understand your view point .. so my questions 03:45:35 a sandbox is an abstraction 03:45:47 how to implement it depends on the driver 03:46:22 for docker network drivers, i am not sure 03:47:10 FYI : I am sure that docker network driver works well inside vm as well 03:47:14 shubhams_: i think the point is to connect containers to neutron, which is the feature provided by zun 03:47:40 shubhams_: then, neutron integration is the problem 03:47:53 connect containers to neutron for? 03:48:09 * sudipto asks a silly question, he knows 03:48:15 sudipto: for eliminating overlay, use security group 03:48:17 etc. 03:48:32 is there really a need for security groups for containers? 03:48:48 * sudipto also worries that hongbin will get furious at him now - because it's super late for him. 03:49:12 i am not sure 03:49:26 containers would expose ports that it wants 03:49:30 but if it is not neutron, i couldn't think of anything else 03:49:48 it wouldn't expose all the ports - like VMs - that you need a security group for. 03:50:03 unless i am short sighted. 03:50:08 sudipto: ok, get your point 03:50:53 let's talk more on the spec ... 03:51:05 sudipto: ok :) 03:51:46 any other comment? 03:52:09 #topic Open Discussion 03:52:16 1. Zun team meetup at Barcelona 03:52:30 Send me a selfie or something :) 03:52:47 :) 03:53:04 flwang1 proposed to have a team lunch/dinner at a time 03:53:32 want to have a team lunch ? 03:53:56 this question is for people who will be at the summit 03:54:29 silent ... 03:54:34 adisky: Namrata are you guys interested 03:54:40 yes i am 03:54:45 i will be there 03:54:49 i wont be at submit 03:55:24 it looks flwang1 and Namrata and me: three people 03:55:33 i know Qiming will be there as wel 03:55:39 four people 03:55:45 want to pick a date? 03:56:28 ok, let's discuss it offline 03:56:37 okay 03:56:44 any other question? 03:56:55 sorry, any other topic to discuss? 03:57:32 all, thanks for joining the meeting 03:57:38 see you next time 03:57:41 #endmeeting