| bigjools | hey jtv did you merge your intergration branch changes into trunk again? | 04:45 |
|---|---|---|
| bradm | if I was to have some nodes I wanted to allocate to a maas user, how would I do that? | 05:01 |
| bradm | bigjools: ^^ any ideas? | 05:06 |
| bigjools | bradm: there's no feature to do that on someone's behalf | 05:07 |
| bigjools | you would need the user to have a maas account | 05:07 |
| bradm | bigjools: when I mean a maas user, I mean a maas account | 05:07 |
| bradm | bigjools: ie, I created the account, I want to allocate some nodes to it, but the account doesn't have much in the way of perms | 05:08 |
| bigjools | bradm: sorry I don't really understand what you mean | 05:08 |
| bigjools | account where? | 05:08 |
| bradm | bigjools: the maas account on the maas controller - done via the web ui | 05:08 |
| bigjools | ok so that's a maas user | 05:09 |
| bigjools | same as account | 05:09 |
| bradm | ah, right | 05:09 |
| bradm | well, I have one of those, and I want to allocate some nodes to it | 05:09 |
| bigjools | you have to do it logged in as that user | 05:09 |
| bradm | so that user can only touch those nodes | 05:09 |
| bradm | huh, really. so its not so much as permissions, as whoever grabs it first can have it | 05:11 |
| bradm | bigjools: ok, so how do you then add the nodes to the user? | 05:12 |
| bigjools | bradm: the user requests a node using their own account | 05:13 |
| bradm | bigjools: uh, but we only want the user to be able to request two specific nodes, there's no way to lock it down to that? | 05:14 |
| bigjools | bradm: no | 05:14 |
| bigjools | it works like a cloud | 05:14 |
| bradm | bigjools: ouch. | 05:14 |
| bigjools | you are supposed to use request constraints as the user to get a specific machine | 05:15 |
| bigjools | you're asking for a "reserved" instance in effect | 05:15 |
| bradm | bigjools: essentially I think we want it to act like specific pools of resources allocated for particular users. | 05:16 |
| bradm | bigjools: so to step back, what we're trying to do here is allocate certain resources to webops, and certain resources to archive servers - and we don't want webops to be able to touch the archive servers, just for safetys sake. it sounds like this isn't a supported scenario in the same region, and we'd have to make up different regions for this? | 05:17 |
| bradm | I might be getting regions and clusters confused here | 05:18 |
| bradm | bigjools: what would be the supported way to handle that? particularly given the resources could be on the same vlan? | 05:28 |
| bradm | bigjools: I guess that means we should stop wanting that then? :) | 06:00 |
| bigjools | bradm: sorry otp | 06:01 |
| bradm | bigjools: no worries | 06:02 |
| bigjools | bradm: ok back | 06:22 |
| bigjools | bradm: there is no way to do what you want right now | 06:22 |
| bigjools | other than installing one maas per user | 06:23 |
| lifeless | One maas per child1 | 06:25 |
| bigjools | o/ lifeless | 06:27 |
| bigjools | bradm: if it's any consolation we have talked about this before :) | 06:27 |
| bigjools | bradm: in the API there is a way to acquire a node without starting it. It's a bit of a hack but could work for you. | 06:28 |
| jtv | bigjools: maybe have an admin allocate the node, and change the owner? | 06:35 |
| bigjools | jtv: how can we change the owner? | 06:35 |
| jtv | PUT to the node. | 06:35 |
| jtv | Not sure if we support that. | 06:36 |
| bigjools | aieeee | 06:36 |
| bigjools | we don't :) | 06:36 |
| jtv | ah | 06:36 |
| bigjools | but bradm is talking about limiting what a user can use in a pool | 06:36 |
| bigjools | we have no way of doing that | 06:36 |
| jtv | Right. | 06:37 |
| === CyberJacob|Away is now known as CyberJacob | ||
| bradm | bigjools: so the tl;dr is no ponies for us? | 07:12 |
| bigjools | SOL | 07:12 |
| bradm | bigjools: hmm. given the dhcp is restricted per mac, I guess we could end up with a maas region + controller per user, that means a box per though | 07:13 |
| bigjools | bradm: or you could do a feature request | 07:13 |
| bradm | bigjools: how do we do that? | 07:13 |
| bigjools | bradm: filing a bug would be a good start :) | 07:14 |
| bradm | bigjools: "Please bigjools, I want a pony!" ? | 07:14 |
| bigjools | and then escalate | 07:14 |
| jtv | I imagine that would escalate only in the sense that violence does. | 07:15 |
| bradm | bigjools: righto, it does seem like something that would be generically useful - I think the way we were thinking was you could allocate nodes to a user (from an admin account), and then they could just see and use resources from there | 07:16 |
| bigjools | bradm: this is the eternal problem of peope stating their desired solutions rather than explaining their problems and desired outcomes | 07:16 |
| bigjools | people* | 07:16 |
| bigjools | we'd implement this with reserved instances | 07:17 |
| bigjools | so only the person or persons on the reservation list could start a node | 07:17 |
| bradm | and you could associate reserved instances with different people? or there's just one list? | 07:18 |
| bradm | anyway, thats really implementation details, let me write up a bug and see if it makes sense. | 07:22 |
| bradm | bigjools: LP#1297662 | 07:31 |
| bradm | bigjools: let me know if it makes sense, or needs any more info, or whatever | 07:31 |
| === zchander_work is now known as zchander | ||
| === CyberJacob is now known as CyberJacob|Away | ||
| allenap | blake_r: Hi. Ping me when you start. I need to talk some more about UEFI. | 11:55 |
| blake_r | allenap: I am here | 12:45 |
| perrito666 | Hey, is there API to query networks for an already provisioned network? | 13:10 |
| perrito666 | rvba: allenap <poke> mgz suggeted that you might know :) | 13:13 |
| === roadmr_afk is now known as roadmr | ||
| rvba | perrito666: this is the doc for trunk (i.e. not yet published): http://people.canonical.com/~rvb/maas-docs/api.html Search for 'Read network definition' in there. | 13:19 |
| perrito666 | rvba: thank you very much | 13:21 |
| rvba | welcome | 13:21 |
| allenap | rvba: You *just* beat me to it. Hi there perrito666! | 13:21 |
| perrito666 | hello allenap | 13:23 |
| perrito666 | rvba: sorry I have a doubt, in GET /api/1.0/networks/ which has a param node, what exactly is node? (I mean what field of node is expected to be used as id there) | 14:50 |
| rvba | perrito666: Yeah, it's not really clear. The node is in fact the node's system_id field. | 14:52 |
| perrito666 | rvba: thank you | 14:53 |
| perrito666 | rvba: allenap also, what is the structure returned by the networks api call? | 16:28 |
| rvba | perrito666: a network, like all the other objects returned by the API, is a json dict. | 16:34 |
| perrito666 | is there any doc of the key/values for each call? | 16:35 |
| rvba | I don't think there is proper documentation for this unfortunately. | 16:36 |
| rvba | The fields are 'name', 'ip', 'netmask', 'vlan_tag', 'description' | 16:36 |
| perrito666 | rvba: once again, thank you :) | 16:37 |
| rvba | np | 16:37 |
| === roadmr is now known as roadmr_afk | ||
| === drussell is now known as honey_nut_loops | ||
| === honey_nut_loops is now known as drussell | ||
| === roadmr_afk is now known as roadmr | ||
| === CyberJacob|Away is now known as CyberJacob | ||
| === roadmr is now known as roadmr_afk | ||
| === CyberJacob is now known as CyberJacob|Away | ||
| bigjools | bradm: did you see the response to https://bugs.launchpad.net/maas/+bug/1297662 | 23:31 |
| ubot5 | Ubuntu bug 1297662 in MAAS "MAAS doesn't have nodes reserved for users" [Undecided,New] | 23:31 |
| bradm | bigjools: I did - I'm not sure I really understand how that would work, though - does juju integrate with landscape now? | 23:34 |
| bigjools | bradm: I am not sure how they integrate, you're best talking to Landscape guys to see what they are implementing | 23:35 |
| bradm | bigjools: righto, we'll have a chat and see what the plans are with them. | 23:36 |
| bigjools | cool | 23:37 |
Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!