/srv/irclogs.ubuntu.com/2011/07/25/#ubuntu-ensemble.txt

=== freeflyi1g is now known as freeflying
=== jcastro_ is now known as jcastro
SpamapShazmat: I'm not certain that the error I was getting was wrong.. need to fiddle with it more.04:46
=== kim0|vacation is now known as kim0
kim0Morning everyone o/07:38
=== daker_ is now known as daker
hazmatkim0, g'morning13:02
kim0hazmat: morning :)13:19
niemeyerGood morning!13:23
hazmatniemeyer, g'morning13:25
kim0niemeyer: Morning13:27
niemeyerHow're things going there?13:32
kim0there where :) I'm back home13:33
fwereadehey all13:34
fwereadeany particular reason we're not using FileStorage in LoadState/SaveState for EC2?13:35
niemeyerfwereade: Hmm, not sure13:39
hazmatstill trying to come to grips getting setup my new laptop13:40
fwereadeit just seems a bit odd13:40
hazmatfwereade, we're not?13:40
hazmatfwereade, oh..  i guess it predated filestorage13:40
fwereadeLoadState and SaveState would be completely generic if they just used provider.get_file_strage for everything13:40
fwereadeany objections to making it so?13:41
hazmatfwereade, sounds good13:41
fwereadehazmat: cool, cheers13:41
fwereadeon a related note13:43
fwereadeactually forget I said anything, thoughts need marshalling a mo13:43
fwereadeok13:44
fwereadeFileStorage interface asymetry13:44
fwereadeget returns a file handle13:44
fwereadeput takes a local file path13:44
fwereadeI favour making these consistent13:44
fwereadeis there some important feature of this interface that I'm missing?13:45
fwereade(seems a good time to tidy that up, since a new FileStorage class is on its way)13:46
hazmatfwereade, the get returns a file path because in some cases its backed by a temp file13:47
hazmatfwereade, if we returned the temp path, the clean up become ambigious13:47
hazmatfor some remote file storages (ec2 is the only extant atm) we spool the file local to a temp file13:48
fwereadehazmat: I tend to favour using file handles over paths anyway13:51
fwereadehazmat: so, let me try again: is there any reason not to pass a file handle to put, rather than a local file path?13:52
fwereadehazmat: if it's just an accident of convenience, I'd rather make it consistent now rather than entrenching the accident by writing a second confirming implementation ;)13:54
fwereadeer, conforming ^^^13:56
hazmatfwereade, re put taking a file handle,  that sounds good13:57
niemeyerfwereade: There are reasons for the current interface, yes.. give me a moment and I'll be with you13:57
hazmatfwereade, so remote_path, local_file ?13:58
hazmatas args13:58
fwereadehazmat: yep13:59
fwereadehazmat: to go with local_file (*) remote_path13:59
fwereadehazmat: as it were14:00
fwereadeniemeyer: cool14:00
hazmatalso as per mail on list, the kanban view is still borked, reviewers should look at https://code.launchpad.net/ensemble/+activereviews 14:07
niemeyerfwereade: Ok, so..14:08
niemeyerfwereade: It's not a big deal in the case of put, but note that the interface is symetric14:08
niemeyerfwereade: get() results in a path, put() provides a path14:09
niemeyerfwereade: Or, takes a path14:09
niemeyerfwereade: There's no greater reason for the latter, besides symmetry14:09
niemeyerfwereade: For the former, it's actually more convenient to have it this way, so that we don't have to worry about the file size nor deal with full buffers and whatnot14:10
fwereadeniemeyer: well, that's what's documented, but the actual code in ec2's FileStorage appears to return a file handle14:10
fwereadeniemeyer: http://paste.ubuntu.com/651774/14:11
niemeyerfwereade: Indeed, and that's pretty weird14:11
niemeyerfwereade: and it's not just a file handle..14:11
fwereadeniemeyer: if the docs are the SPOT, I'll fix that as I go14:12
niemeyerfwereade: It's a hack that works around the issue I just pointed out14:12
fwereadeniemeyer: I have a preference for things I can read/write in interfaces, as opposed to paths, but it's not a big deal14:12
niemeyerfwereade: fh is a file object14:12
niemeyerfwereade: Well, if you want to go over the trouble of converting it, it's not such a big deal to me, as long as you maintain the properties just mentioned14:13
fwereadeniemeyer: quite so, sorry poor terminology14:13
fwereadeniemeyer: I guess the other possibility is just to get/put the actual content14:13
niemeyerfwereade: Yes, that's one of the explicit things we want to _avoid_ there14:14
fwereadeniemeyer: but I guess at times that will be unhelpfully largem so scratch that14:14
fwereadeniemeyer: cool14:14
fwereadeniemeyer: I'll go with local paths throughout then14:14
niemeyerfwereade: If you want to pass a file object in and out, that's fine to me14:14
fwereadeniemeyer: it's a smaller change and it matches the docs ;)14:15
niemeyerfwereade: There's a disadvantage to it, though14:16
niemeyerfwereade: Which is likely why whoever wrote this logic ended up choosing this path14:16
niemeyerfwereade: closing the NamedTemporary will remove the file14:16
fwereadeniemeyer: ...heh14:16
fwereadeniemeyer: in that case, file objects both ways would seem to me to be the ideal14:17
niemeyerfwereade: Ok.. sounds good.. please push this change independently from the rest14:18
fwereadeniemeyer: yep, np14:18
fwereadeniemeyer: I thought of that myself this time :)14:18
niemeyerfwereade: Aha, conditioning! ;-D14:18
fwereadeniemeyer: don't stop reminding me though, I don't think it's ingrained yet ;)14:18
niemeyerhazmat: Do you know what's the reason why the kanban is breaking?14:38
hazmatniemeyer, i was just playing around with that14:38
hazmatniemeyer, i originally suspected it had something to do with the lp oops on some of my branches in review14:39
hazmatniemeyer, but i'm not so sure anymore, i get unauthorized errors trying to use kanban atm against ensemble (fresh kanban checkout and oauth)14:39
niemeyerhazmat: Ok, if you're already investigating it, just let me know what conclusion you get to please14:41
hazmatniemeyer, is there something more to setting up kanban than doing the lp login.. i get errors anytime i try to use it (http unauthorized, Unknown consumer in body)14:52
niemeyerhazmat: Not in general, IIRC14:52
_mup_ensemble/robust-hook-exit r284 committed by jim.baker@canonical.com14:53
_mup_Merged trunk14:53
dakerkim0, can you test this https://code.launchpad.net/~daker/ensemble/small-fix ?14:55
dakerhttps://code.launchpad.net/~daker/ensemble/small-fix/+merge/6803814:55
kim0daker: I'm preparing my session in an hour .. I can test it afterwards14:56
dakerty14:56
hazmatniemeyer, it looks like kanban is using a deprecated api, i tried updating the api usage, but ended up just going with anonymous login which fixed the problem with the generation (reports work fine). its a one line patch to kanban15:07
hazmatniemeyer, http://pastebin.ubuntu.com/651803/15:08
hazmatshould probably get cleaned up if its going upstream15:08
niemeyerhazmat: Just generated a kanban locally.. apparently it worked15:15
hazmatniemeyer, without the patch?15:15
niemeyerhazmat: Yeah15:15
niemeyerhazmat: Just run the code I had lying in my disk, without doing anything else15:15
hallynSpamapS: huh, today 'ensemble add-relation jenkins jenkins-slave' works.  (on my ohter laptop)15:33
kim0Howdy folks, Ubuntu cloud days starting in #ubuntu-classroom on the hour .. see you there15:58
niemeyerhazmat: Kanban looks good apparently16:08
* niemeyer => lunch16:20
SpamapShallyn: weird16:50
hazmatjimbaker, do you know what value for ZOOKEEPER_PATH is used for a deb installation of zookeeper?17:10
niemeyerkim0: Thanks a lot for the class there17:11
niemeyerhazmat: None, supposedly17:11
kim0niemeyer: oh cool .. glad it went well17:11
hazmatniemeyer, cool, that works, thanks17:12
niemeyerhazmat: np17:12
kim0niemeyer: smoser + roaksoax are doing the one after the current, on orchestra+ensemble integration 17:12
kim0should be cool :)17:12
niemeyerWow, neat17:12
niemeyerfwereade: That may be nice to watch out too ^17:12
* SpamapS will tune in17:33
=== daker is now known as daker_
RoAkSoAxkim0: should be but afaik, the installer is broken or the kernel or something so we wont be able to demo it17:50
RoAkSoAx:(17:50
kim0:/17:50
kim0Should be ok .. really wanted to see it 17:50
kim0but no worries17:50
kim0RoAkSoAx: an in-depth explanation should be great though :)17:51
kim0I want to understand all about it :)17:51
kim0thanks a lot for the sessions17:51
RoAkSoAxhehe :)17:52
RoAkSoAxsoon will fully work17:52
noodles775Hi people. I'm installing libapache2-mod-wsgi as part of an install script for a formula, but it keeps failing, and when I debug the hook, I see http://paste.ubuntu.com/651735/18:13
noodles775afaict, it's related to this package requiring both python 2.6 and 2.7, even though I don't need 2.6 (https://groups.google.com/forum/#!topic/modwsgi/M1AZ5HHb3rY)18:14
noodles775I realise it's not strictly an ensemble question, but was wondering if anyone else has hit this when deploying?18:15
niemeyernoodles775: Hmm18:37
niemeyernoodles775: That's super strange indeed18:37
niemeyernoodles775: It's worse than a package requiring both of these versions.. apparently Python 2.6's UserDict is managing to import Python 2.718:38
niemeyernoodles775: I've never seen this happening.. must be a bad environment somehow18:38
noodles775Hrm... it's reproducible (you can see the WIP recipe here: https://code.launchpad.net/~michael.nelson/open-goal-tracker/ensemble_deploy/+merge/69078 ). 'tis strange, though I was hoping if I could somehow disable python2.6 I could avoid it :/18:39
noodles775s/recipe/formula.18:39
noodles775(without having to repackage libapache2-mod-wsgi into a ppa or similar - afaics, it's the only package requiring 2.6)18:41
niemeyernoodles775: Checking that out18:42
* noodles775 tries cutting down the recipe to just install libapache2-mod-wsgi to verify the cause...18:42
noodles775thanks niemeyer 18:42
SpamapSSeems like that would be a bug in python2.6 or python 2.7 if they were interfering with one another18:43
fwereadegtg for the day, *might* be able to pop on later18:51
noodles775niemeyer: fwiw, I can reproduce it with a minimal install script (just installs apache2 libapache2-mod-wsgi): http://paste.ubuntu.com/651927/19:15
niemeyernoodles775: Can you find abc.py under lib/python2.6?19:16
noodles775gar, I've just apt-get upgraded (in case newer packages help), but will check when it finishes.19:18
niemeyernoodles775: Cool, I also suggest attempting to install python2.6 in isolation beforehand19:18
niemeyernoodles775: There may be some relations borked up19:18
niemeyernoodles775: Note this:19:18
niemeyer libpython2.6 depends on python2.6 (= 2.6.6-6ubuntu7); however:19:19
niemeyer  Package python2.6 is not configured yet.19:19
niemeyerand dpkg: error processing python2.6 (--configure):19:19
niemeyer dependency problems - leaving unconfigured19:19
noodles775After upgrading, my install hook runs without issues.19:21
niemeyernoodles775: I'm pretty sure these packages are in a bad state19:21
noodles775Yeah, it sounds like it.19:22
niemeyernoodles775: Or were, anyway19:22
* noodles775 updates formula to apt-get upgrade before install.19:22
_mup_ensemble/security-acl r292 committed by kapil.thangavelu@canonical.com19:36
_mup_node acl absttractions, reworked to utilize a retry_change like pattern for concurrent updates19:36
noodles775niemeyer: oh well :/. It actually fails with the same error during apt-get upgrade :/. http://paste.ubuntu.com/651938/ I'll have to leave it there for now, thanks for your help.19:41
niemeyernoodles775: This is really messed up :(19:41
niemeyernoodles775: Do you have anything about PYTHONPATH in the environment?19:42
niemeyernoodles775: It shouldn't be the case, but I guess it's the only other reason besides a problem in the package itself19:42
noodles775niemeyer: nope, that install hook is doing apt-get update followed by apt-get upgrade before anything else.19:43
niemeyernoodles775: Yeah, I'm just curious if Ensemble itself might be setting these vars19:43
noodles775ah, checking.19:43
hazmathmm.. it might be19:44
noodles785niemeyer: http://paste.ubuntu.com/651941/19:45
niemeyernoodles785: Try unsetting PYTHONPATH19:45
niemeyernoodles785: At the top of the script19:45
niemeyernoodles785: I bet that's the error19:45
=== noodles785 is now known as noodles775
noodles775niemeyer: it certainly enables apt-get upgrade to complete without errors. Updating the formula to retry it from scratch.19:50
_mup_ensemble/security-acl r293 committed by kapil.thangavelu@canonical.com19:50
_mup_if principal not found in token db, raise a principalnotfound error instead of a keyerror.19:50
m_3hazmat: you mentioned you have a mongodb formula?19:55
niemeyerOMG, have three different events to claim expenses for19:55
_mup_ensemble/security-acl r294 committed by kapil.thangavelu@canonical.com19:56
_mup_remove ACL.update_grant, doesn't have a use case atm.19:56
hazmatm_3, http://kapilt.com/files/mongodb-replicaset-formula.tgz19:58
m_3hazmat: awesome, thanks!19:58
hazmatm_3, i haven't worked on it since the mongodb conference, i was structuring the sharding and router as separate formulas19:59
hazmatniemeyer, speaking of which how was the mongodb conference in san paulo?19:59
niemeyerhazmat: It was fantastic19:59
hazmatniemeyer, good attendance? any talk highlights?20:00
niemeyerhazmat: Great meeting some of the 10gen engineers, good talks overall20:00
hazmatniemeyer, nice, yeah.. i think talking to the 10gen guys definitely made the dc one worthwhile for me.20:00
niemeyerhazmat: One talk on the internals was interesting for me in terms of having new information.. other talks were interesting in the sense of getting to know some of the people using it20:01
niemeyerhazmat: a pretty large local TV station picked it for high-performance tasks, for instance20:02
niemeyerhazmat: also got a nice quote from one of the engineers20:02
niemeyerhazmat: http://labix.org/mgo20:02
_mup_Bug #816108 was filed: Ensemble needs a high level ACL api/abstraction <security> <Ensemble:New> < https://launchpad.net/bugs/816108 >20:03
SpamapSbcsaller: have you merged in the deploys tuff for configs yet? I want to make sure it gets into tomorrow's build so the weekly Oneiric upload has configs... definitely by Thursday since I'm including mention of the feature in my talk.20:13
* SpamapS REALLY needs to finish these slides with more pictures. :-P20:13
noodles775Is there a reason why some instances are incredibly slow? When deploying this last time, it took ~10mins for the state to update from null->started, and it's been a while since now... still no install hook :/20:16
SpamapSnoodles775: are you using m1.small or t1.micro?20:17
SpamapSnoodles775: I've found that t1.micro are unbelievably unreliable w.r.t. speed. m1.small's also disappoint quite a bit, especially w/ anything CPU hungry at all.20:18
noodles775SpamapS: just the default m1.small, but I've not changed it... I'm just comparing to previous runs, so yep, perhaps it's a reliability issue?20:20
SpamapSnoodles775: I think its actually luck of the draw.. my theory is that sometimes you get machines without adequate memory bandwidth.. but its just a theory. :-P20:21
hazmatSpamapS, its merged i believe re deploy wth config20:27
statikoi20:30
statikare there directions written down somewhere for getting an ensemble developer environment set up? I was thinking about having a stab at a bite size bug20:31
jimbakerstatik, check out https://ensemble.ubuntu.com/docs/drafts/developer-install.html20:33
statikjimbaker, thanks!20:33
statikjimbaker, are the versions of txaws and txzookeeper in natty new enough, or is trunk definitely needed for those?20:36
_mup_ensemble/robust-hook-exit r285 committed by jim.baker@canonical.com20:36
_mup_Initial mock test for hanging process20:36
_mup_ensemble/robust-hook-exit r286 committed by jim.baker@canonical.com20:36
_mup_Initial mock test for hanging process20:36
jimbakerstatik, i'm not certain about their update schedule... for those dependencies, i'm also running trunk20:38
SpamapSstatik: ppa:ensemble/ppa ftw20:39
SpamapSyou don't need trunk20:39
statikSpamapS, perfect, I see that has the versions from oneiric backported20:39
SpamapSand natty txaws is fine as long as you don't want to use Eucalyptus/Openstack20:39
SpamapStxzookeeper has problems in natty20:39
SpamapSstatik: thats a daily build PPA .. but trunk has been quite well cared for thus far. :)20:40
statikcool20:40
jimbakerSpamapS, seems like a reasonable plan - to use the PPA for the dependencies20:40
SpamapSstatik: oneiric has a weekly upload of ensemble .. in theory ;)20:40
SpamapSjimbaker: yeah, thats a pretty common scenario20:40
SpamapSjimbaker: drizzle developers even had a package.. drizzle-dev .. that just pulled in all the build deps20:41
SpamapSanyway, dentist time.. :-P20:41
jimbakerSpamapS, my favorite part of going to the dentist is that i always schedule it at the same time slot w/ my kids20:42
jimbakermy son enjoys looking in my mouth for some reason ;)20:42
hazmathmm.. it look like when the unit tests use a deb installed zk, they don't reset state directories properly21:07
hazmatnevermind, looks like i had a background zk from the pkg install21:09
hazmatkilling that and it works properly21:09
niemeyernoodles775: Did it work?21:14
niemeyerhazmat: Ugh21:14
hazmatniemeyer, yeah.. that's going to bite folks in the future21:15
niemeyerhazmat: We have to dump something to avoid having it on21:15
niemeyerI'm breaking off for a moment.. will be back later today to finish the expense reporting drama and unblocking for more useful stuff tomorrow21:30
_mup_ensemble/security-otp-principal r291 committed by kapil.thangavelu@canonical.com21:31
_mup_use a class method to specify test ace, allows for better test usage when OTPPrincipal used by other components.21:31
_mup_ensemble/robust-hook-exit r287 committed by jim.baker@canonical.com21:37
_mup_Robust test of reaping a hanging process21:37
_mup_ensemble/security-acl r296 committed by kapil.thangavelu@canonical.com21:37
_mup_remove some debugging statements, update tests to specialized exceptions21:37
hazmatniemeyer, when you have time (perhaps tomorrow) i'd like to discuss some of the lxc work, i don't really see how we're getting around the network issues of multi-unit machines on ec221:43
hazmatafaics doing the machine provider for lxc as local dev is the appropriate local dev solution, with specialization of serviceunit deployment by provider type21:44
hazmatsetting up a vpn for the container doesn't really address the useability issue21:45
niemeyerhazmat: Ok.. what's up21:46
hazmatwe can separately address using openswitch or other tunnels, but that's not core or at incompatible with delivering the local dev story via an lxc machine provider21:46
niemeyerhazmat: They're two different code paths, with two different deployment models, incompatible with each other21:47
niemeyerhazmat: What's the actual issue you're seeing with deploying locally as we discussed?21:47
hazmatniemeyer, i'm trying to understand two things.. one) what are we trying to deliver for the next release.. per my understanding that's a local dev story21:47
niemeyerhazmat: Yes, we're trying to deliver local development21:48
hazmattwo) how are we overcoming the networking issues with ec2 and multi-unit container based machines.. and is it even worth doing in the ec2 provider21:48
niemeyerhazmat: We're not doing EC221:48
bcsallerSpamapS: yes, its merged, was at lunch, sorry21:48
niemeyerhazmat: we're addressing (one) for now21:49
SpamapSI was thinking about this and I think we can do it with the same code path. The provider should actually determine what the best way to setup a "container" is inside of one of its machines. In this manner, we can have the local provider say "use the LXC container for my units" and the ec2 one can say "use the noop container for my units" .. then when we figure out how best to do multiple units per machines on ec2, we can make LXC the default.21:49
niemeyerSpamapS: Exactly!21:49
hazmatniemeyer, the base layer for both is an lxc abstraction which is common, the differentiator is whether we want a machine provider or is this an encapsulation with the machine agent as it deploys units21:50
hazmatthe latter allows for a common code path, but leaves the ec2 problem unresolved21:50
SpamapSindeed it does21:50
niemeyerhazmat: Indeed..21:50
SpamapSbut allows flexibility21:50
SpamapSwithout compromising simplicity21:51
niemeyerhazmat: Imagine we had IPv6 working.. it'd be trivial, right?21:51
hazmatniemeyer, that's not entirely clear to me, we'll need 6to4 for common accessibility by remote consumers21:51
niemeyerhazmat: No.. imagine we had *IPv6* working..21:52
hazmatniemeyer, we'd still have to bridge to something that's providing the address 21:52
niemeyerhazmat: Why?21:53
hazmatwe need routable addresses21:53
hazmator maybe i'm unclear when you say *ipv6* working, is this the future perfect world where external clients are consuming ipv6 services?21:53
niemeyerhazmat: Yes, and IPv6 offers that..21:54
SpamapSIf amazon allowed multiple IPv6 addresses per machine, you'd just forward the packets that weren't for you on to the container virtual network. Right?21:54
niemeyerhazmat: In an IPv6 world, each machine generally gets a block rather than an individual address21:54
hazmatniemeyer, it stills an ipv6 nat afaics, if the provider is only giving out one address... is there some documentation for that?21:55
hazmatmy understanding is that you can trade in ipv4 addresses for an ipv6 address block but that's a policy allocation, not a device address notion21:56
SpamapSI'd imagine that, as niemeyer is suggesting, when Amazon rolls out IPv6, they'll do away with the internet/external distinction they use now, and just meter traffic as it traverses their borders.21:56
SpamapSGiven that, they'll most likely also give the VM a block of 8 or 16 or maybe even 255 IPv6 addresses.21:57
hazmati guess i need to do some ipv6 research21:57
SpamapShazmat: I don't think its all that different. Just more available addresses so NAT is no longer a good idea or needed.21:58
niemeyerhazmat: http://en.wikipedia.org/wiki/IPv6_address21:58
SpamapSThe detail that is more pressing is simply how to make sure Ensemble doesn't need refactoring when that magic day arrives where all endpoints on the net are IPv6 capable.21:59
niemeyerhazmat: E.g.22:00
niemeyerhazmat: "22:00
niemeyerEach RIR can divide each of its multiple /23 blocks into 512 /32 blocks, typically one for each ISP; an ISP can divide its /32 block into 65536 /48 blocks, typically one for each customer;[17] customers can create 65536 /64 networks from their assigned /48 block, each having a number of addresses that is the square of the number of addresses of the entire IPv4 address space, which only supports 232 or about 4.22:00
niemeyer3×109 addresses.22:00
niemeyer"22:00
SpamapSWho is to say how far out that day is? Exhaustion is estimated between 2 and 7 years away from the articles I've read.. depending on whose stats and projections you believe.22:00
hazmati thought we had already hit the tipping point on exhaustion22:01
hazmathttp://en.wikipedia.org/wiki/IPv4_address_exhaustion22:01
niemeyerSpamapS: Right, agreed..22:01
niemeyerSpamapS: Yeah, it's over already.22:01
SpamapSThe exhaustion that has happened is merely that IANA has assigned all ASN's to regional bodies.22:01
niemeyerSpamapS: Agreed on the fact we have to make sure Ensemble doesn't need significant refactoring by then22:01
hazmatthe refactoring we're talking about is minimal22:02
SpamapSThere's still hundreds of millions of addresses, and many many thousands of blocks to dole out, before they start culling unused blocks and clamping down on ISPs that waste them.22:02
niemeyerhazmat: Yes, we can use the tunneling on EC2 for when we actually look at this feature, while keeping the real end goal in mind the whole time22:02
hazmatits not even refactoring, its implementing the feature22:02
niemeyerhazmat: It's kind of dropping code22:03
niemeyerhazmat: If we make it work with tunneling, one day we can just drop the logic which sets the tunneling in place22:03
niemeyerThe tunneling is somewhat generic, so it shouldn22:03
niemeyer't even be too much work22:03
SpamapSniemeyer: Make no mistake though, if you make people use tunneling, they will *reject* it hard. If you offer it as an option.. that may be a different story.22:04
niemeyerSpamapS: It will be an option, and right now it will be non-existent, so don't worry yet. :)22:05
SpamapSI did yoga this morning.. my worry is at least stayed until tomorrow. :)22:05
hazmatthe emails that have been exchanged on this are larger than the work by an order of magnatitude imo22:06
* SpamapS searches for funny pictures to depict "The Cathedral and The Bazaar" for his presentation..22:06
hazmati think the contortions we're going to for policy assignments with a machine provider (local) with a single machine are worse than those that come out from specializing unit deployment by provider.. which we have to do anyways!22:08
hazmatso why its not clear why we're investing time discussing a future solution in a future world, that doesn't address the current problem we have to solve, and whose implementaiton differential is minimal22:09
hazmatwe're not going to use ipv6 on a local host provider.. we just want to enable local development story.. so we're not tunneling or natting for local dev, so i'm missing the value for not just treating the containers like machines22:10
hazmatthis all sounds like the perfect is the enemy of the good22:12
niemeyerhazmat: We're equal grounds.. I also don't understand why you want to do work that is not necessary22:19
niemeyerhazmat: rather than doing work that is needed anyway22:19
niemeyerhazmat: Being able to choose between deploying in LXC or without LXC, as suggested by SpamapS, is needed for all the deployment methods22:20
hazmatniemeyer, because what it is needed for isn't decided22:20
niemeyerhazmat: Except the local one22:20
niemeyerhazmat: I miss what you mean with that22:21
hazmatwe haven't resolved how this mechanism can be used in ec222:21
niemeyerhazmat: What do you want to know about this?22:22
niemeyerhazmat: I'd rather not have to debate about details we won't be implementing right now, but I see that for some reason this is very important22:22
hazmatand it implies just shifting the maintainance burden onto another shared component, the unit placement algorithm, instead of localizing it to the machine provider22:22
hazmatsince now we'll have a provider with exactly one machine.22:23
niemeyerhazmat: A provider that has to know all the details of using LXC isn't used in any other deployment method besides the local one22:23
niemeyerhazmat: An agent that is able to deploy units within LXC is useful in all deployment methods22:23
niemeyerhazmat: That's exactly the debate that created the huge thread which you said wasn't necessary22:23
hazmatniemeyer, i didn't say the thread wasn't nesc. just that the implementation that's being discussed could have fit in a small portion of it22:24
hazmatits good to have the discussion, but i'm unclear that we have resolution, as i'm approaching implementin git22:25
niemeyerhazmat: well.. and the proportion increases as we speak :)22:25
niemeyerhazmat: It's pretty clear in my mind, at least.   Naturally, nothing is settled on stone and it's just my opinion, but I don't see any arguments that contradict these.22:27
SpamapSI would say might be.. ;)22:31
SpamapSerr22:31
SpamapSoops I scrolled back22:31
SpamapShazmat: to get down to brass tacks, what I suggest is that each provider chooses how to contain service units and how many service units per machine are allowed. Its more invasive than the provider method..22:34
SpamapShazmat: but if we decide chroots are a better choice for EC2 .. it enables that quite nicely22:34
SpamapSThat said, there is only one containment method known and desired at the moment.. and I'm wont to add abstraction layers for what-if's.22:35
hazmatas i said we have two approaches, a local machine provider that uses containers as a machine, and the second one where the local provider has exactly one machine, and the machine agent deploys service unit as a containers. both solutions need a local machine provider, the second also needs service unit deployment specialization, and creates additional machine-unit placement constraints that seem rather arbitrary like a provider with a max of one mac22:35
hazmathine. The real question of how to realize the benefits of all seem to revolve around future notions of introducing additional network layers and complexity.. i'd argue that simplicity should win, and we should use the right tool for the job at hand, rather than trying to achieve some perfect symmetry that is illusory imo anyways22:35
niemeyerSpamapS: They are orthogonal.. it's not the provider that should decide, it's the user22:35
niemeyerSpamapS: I mean, the capacity of deploying in a chroot or in an LXC should be at the user's disposal22:36
SpamapSSure, if we make it configurable thats fine, though I'd suggest we just be opinionated about what the default containment method and capacity for machine-splitting is for each provider.22:37
SpamapSIf somebody comes up with a good one for EC2, then we can make it the default.22:37
niemeyerhazmat: Heh22:37
SpamapSAnd if somebody comes up with a narrow-use-case-satisfying version, we can make it usable in that case when the user decides.22:38
SpamapSBUT22:38
niemeyerhazmat: Complaining that what I say is "perfect symmetry that is illusory imo anyways" is non-constructive FUD22:38
SpamapSI'm suggesting that we are just yak shaving at this point.22:38
niemeyerhazmat: I'm providing details about why that is the case..22:38
SpamapSI like flacoste's suggestion that we just do both, and learn from it. :-P22:39
niemeyerhazmat: Knowledge about LXC is involved.. all the details of how the machine communicate with it, start, stop, boot, kill, restart, etc.. must exist22:39
niemeyerhazmat: If you stuff that knowledge into a local provider that is only concerned about deploying in a local machine as if they were EC2 instances, that's not useful anywhere else22:39
niemeyerhazmat: If we teach the agent to deploy units within LXC and maintain them, that's useful across the board, *even* if there is additional logic that must be implemented for routing packets properly22:40
SpamapSniemeyer: Oh but it is. :) Its already split out into an 'LXCControl' class, which makes functional testing easier.22:40
niemeyerhazmat: If you disagree, please provide some details that my help me understand why that is so, rather than calling it illusory.22:41
SpamapSniemeyer: create a machine with this cloud init.. start it, stop it, destroy it .. list running machines .. thats useful in all contexts that you need to use LXC22:41
niemeyerSpamapS: Yes, it is.. the command line tools are also shared.. the question is how much is being shared.22:41
SpamapSHeh.. its just an adapter. Very little code.22:42
niemeyerSpamapS: We shouldn't go down a route because it's worse..22:43
SpamapSI did sit down to do it at the machine agent/unit agent spawn level.. will be a lot more code than the provider was.22:43
niemeyerSpamapS: We'll have to implement either approach, one of them allows more sharing, more symmetry on deployments, etc.22:43
niemeyerSpamapS: If it doesn't work because it's too involved, or whatever, we can rethink.  But we shouldn22:44
SpamapSHave to write new cloud-init stanzas that we never needed before.22:44
niemeyer't go down that path because it's "only slightly worse"..22:44
SpamapSNo it will work.22:44
SpamapSFor the local case, its not that different in results.22:44
SpamapSFor the EC2 case, we'll need to add NAT to make them addressable, or tunneling, or something.22:45
niemeyerYes, we'll have to add something.. and reuse what will hopefully already work by then.22:47
niemeyerRather than reimplementing it.22:47
SpamapSOf course, as hazmat is arguing.. you can reuse what already works now and tackle that use case when you get there, and as Francis suggested, you'll have more info, so you can embrace LXC more completely when the time comes.22:48
niemeyerSpamapS: There's no doubts about what we'll have to do by then.. we'll have to enable Ensemble to deploy unit agents in LXC.22:49
niemeyerSpamapS: I'm suggesting we do research now to know in detail what that means, and if we have to fall back we take an informed decision.22:49
niemeyerSpamapS: I don't think I'm asking too much, honestly.22:50
SpamapSYeah, lets just implement this and be done with it.22:50
niemeyerSpamapS: We have to do A or B.. A may be easier, but B is needed anyway.  If we have to do A, it must be for a good reason which needs to be understood, because we'll be wasting time doing B anyway.22:51
niemeyerSpamapS: I offered to do that work myself.22:51
SpamapSAs long as EC2 uses the "exec" container method until we do that research, I really don't care. Just give me local dev, and give it to me soon. I spent $300 last month on EC2 because of forgotten instances and 15+ node demos.22:51
SpamapSAlso launchpad is chomping at the bit.. lifeless is trying to put together launchpad formulas and unwilling to deploy LP into EC2 over and over again.22:52
SpamapSAnother thing came up with containers btw.. what about services that are memory intensive? Can LXC actually limit memory usage and does it expose that through /proc/meminfo ?22:53
SpamapSmemcached comes to mind.. it really should use almost all the RAM on the box... we could arguably have it default to do just that in the formula.22:54
niemeyerSpamapS: Not sure, but it's worth considering it indeed22:55
hazmatmy network disconnected, not sure what got lost..23:14
hazmatniemeyer, if you want to do that experimentation, i'm happy to not do the lxc stuff, and instead do some pending refactorings  (the protocol stuff) and bugfixes in the codebase23:14
hazmatbut as far as implementing lxc and what we need today, i don't see the justification for doing things in such a way that we're going to ripple change costs throughout the system.. be it as simple as getting useful output of ensemble status, or dealing with unit machine placement, when we have unresolved questions of how its going to be used or implemented23:14
niemeyerhazmat: We'll have to debate this again.. it has changed several times, and I'm not sure that's feasible now.23:14
niemeyerhazmat: Someone will have to do the repository work.. do you want to do that instead?23:15
niemeyerhazmat: If you have unresolved questions, please ask them.23:16
niemeyerhazmat: I've been presenting why and how for some time now..23:16
niemeyerhazmat: and in fact we had a call last week where we discussed exactly this23:18
niemeyerhazmat: I'm really expecting a little bit of more insightful feedback now.23:18
hazmatniemeyer, indeed, i've been thinking about since23:18
niemeyerhazmat: What has to be changed then?  Do you have that written down?23:19
niemeyerhazmat: This is not a fight, we just have to think through..23:20
niemeyerhazmat: If we can't do it, let's not.. but we can't decide things by arguing over and over without some insight into the problem.23:20
hazmatthe fundamental of how we get around the network issue for ec2 providers, seems to be unresolved, the things proposed tunneling, vpn are about adding complexity vs. just utilizing the api that the provider gives us. be it ec2, where atm we only have one public address per machine, or where the openstack guys are digging into openswitch etc, ensemble isn't a provider, its not clear we should be setting up secondary networking infrastructure on virtua23:21
hazmatlized systems with poor i/o throughput23:21
niemeyerhazmat: Forget the EC2 providers..23:21
niemeyerhazmat: We're not implementing them now.23:21
niemeyerhazmat: We want to implement local support through a mechanism that will be useful in the future in EC2.23:23
niemeyerhazmat: That's not the same as implementing support in EC2 now,.23:23
SpamapShazmat has the same concern that I do. That we will ever do it.23:23
niemeyerhazmat: We don't need to implement tunneling23:23
niemeyerSpamapS: That's fine.. maybe we'll never do.. but that's how developing large software works.23:23
SpamapSTo alay that concern, I'd say if we don't do LXC .. we'd do something else like chroot with collision avoidance mechanisms.23:23
SpamapSI'm not sure large is desirable.23:24
niemeyerSpamapS: Heh.. any other bikesheds for us to get into?23:25
niemeyerI'm honestly trying to be positive and helpful in that debate23:25
niemeyerBut we can't just argue across each other, or it'll be hard to be effective23:25
hazmatniemeyer, the same underlying abstraction (lxccontrol) done today for an lxc machine provider, makes the lxc service unit deployment  in the future fairly trivial compared to the costs of implementing these network solutions afaics23:26
SpamapSI think we only differ on the perspectives. In my perspective, something that is so far off shouldn't be worried about in coding now. From yours, it must be worried about in coding now. I get the position, but I stand in another one.23:26
niemeyerhazmat: What is the cost of implementing an agent able to deploy LXC as an option, _today_? 23:26
niemeyerhazmat: Please answer that question so taht we can move forward.23:26
hazmatniemeyer, we need an lxc control abstraction for start/stop/exec command.. but it also ripples into things like ensemble status and machine-unit mapping.23:27
niemeyerhazmat: Ok, please provide an actual written down version of this with details.23:27
hazmatwe'll also need service unit deployment specialization by provider type to avoid using this for certain providers23:27
SpamapSniemeyer: I made a meager attempt to ballpark that. You have to create cloud-init rules that will start the unit agent the same way the machine agent is started, and then factor in a way to have it work different for local vs. ec2 provider.23:27
niemeyerhazmat: Yeah, we'll have a base class which is pretty dumb23:28
niemeyerhazmat: Just opening the formula onto the directory23:28
niemeyerhazmat: We can, at some point, have other options such as plain chroots, etc23:28
SpamapSThe former is fairly independent code and will be useful in any container/vm strategy used. The latter is invasive at the provider level.23:28
niemeyerhazmat: and maybe that's even a way for us to start23:29
niemeyerSpamapS: No, there's no point in using cloud-init.. that's why I didn't take the idea seroiusly23:29
SpamapSThere's another option which is to let lxc just start the unit agent directly, but I don't like that one as it won't actually "boot" the container.23:29
niemeyerSpamapS: Agreed, ideally we'll boot it23:30
SpamapSSo you'll end up with a machine that is not actually in the same state as a non container machine. Networking needs configuring, services starting, etc.23:30
hazmatSpamapS, the unit agent could just be a upstart rule at that point23:30
SpamapSYeah you can drop it on the disk too, thats fine. The point is that code is sort of easy and independent.23:30
SpamapSThe refactoring of providers needs some thought, so that each provider knows what type of container it should provide.23:31
SpamapSThats as far as I got.23:32
SpamapSnegronjl: hey, didn't you create a mongodb formula?23:33
negronjlhi SpamapS:  I did.  let me find out wher I put it.23:34
SpamapSnegronjl: I want to mention it in my talk on Thursday.. just that it exists.23:34
negronjlSpamapS:  not in bzr yet.  still refining it.23:34
SpamapSnegronjl: ok, no worries I'll leave it off23:35
hazmati dropped a dump of mine over at http://kapilt.com/files/mongodb-replicaset-formula.tgz23:35
SpamapShazmat: didn't you have a riak formula too?23:35
hazmatSpamapS, nope. my riak one is a skeleton23:36
SpamapSah ok23:41
adam_gSpamapS: there is a rabbitmq-server formula incoming today or tomorrow23:47
SpamapSadam_g: w00t.. yeah I already threw their logo up. :)23:49
adam_gSpamapS: is it okay for me to just push that directly to principia or file a merge bug?23:50
SpamapSadam_g: just push it in as lp:principia/rabbitmq-server .. :)23:51

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!