/srv/irclogs.ubuntu.com/2015/08/13/#snappy.txt

=== ubott2 is now known as ubottu
=== chihchun_afk is now known as chihchun
=== zyga-afk is now known as zyga
fgimenezgood morning07:02
dholbachgood morning07:21
Chipacao/ !09:19
Chipacagood morning snappy'ers!09:20
longsleephey09:20
longsleepquestion - do all installed snapps get passed all configs to the config hook?09:20
Chipacalongsleep: hi! how's things09:20
longsleeptrying to understand snappy config :)09:21
Chipacalongsleep: "all configs", as in configs for all apps?09:21
longsleeperr yes09:21
Chipacalongsleep: err no :)09:21
Chipacathere was an example somewhere09:21
longsleepso how does webdm know the ports of all the apps?09:21
longsleepsnaps09:21
Chipacalongsleep: webdm cheats (it has a handcrafted security policy)09:22
Chipacalongsleep: it can call "snappy config" for every app09:22
longsleepah ok09:22
Chipacalongsleep: and that would print out the config09:22
Chipacait doesn't *actually* exec out snappy config09:22
Chipacait links against snappy-the-library09:22
longsleepgot it - so then the problem is how i can share config between multiple snaps?09:23
Chipacatricky09:23
Chipacalongsleep: can you explain a little of why you need it?09:24
longsleepwell i for example i have to share secrets between snaps - to make shared secret auth work09:24
Chipacaah09:24
Chipacalongsleep: and there isn't a logical "owner" of the secrets?09:25
longsleepand i might have to know what ports another snap is using to connect to the services there09:25
longsleepChipaca: well i assume someone could be made the logical owner, but how does the information get to the snaps which need it09:25
longsleepi mean i could put it all into a single snap - thats what i would try to avoid though09:26
Chipacalongsleep: make the owner a framework, so the others can depend on it, and give it a command that prints out the needed info?09:27
Chipacalongsleep: i'm not sure that would work, but i think maybe we should make that work if it doesn't09:27
Chipaca:)09:27
longsleepyes i think that would work09:27
longsleepat least for the configuration stuff where each snap is not the logical owner09:28
longsleepports are a different story09:28
Chipacawrt ports, you need a discovery mechanism, or making them non-negotiable09:28
longsleepi want to make them configurable and negotiable09:29
Chipacathe discovery mechanism can be a script as per above, or something like avahi09:29
longsleepyou mean a snap could provide a script that prints ot the information other snaps might want?09:30
longsleepcan i call stuff provided as binaries of snap-a from snap-b then?09:30
Chipacai should know that, but i'm rusty from my holidays. let me check.09:31
longsleepheh :) these are good suggestions - i will try them for sure09:31
ogra_Chipaca is back \o/09:32
longsleepfor now i just want to make the ports for spreed-webrtc a configuration09:32
Chipacaogra_: allegedly :)09:32
ogra_:)09:32
Chipacawe'll see for how long (!)09:32
ogra_hey !09:32
Chipacaogra_: just before going away i was asked if i was willing and able to work on a zomg urgent thing09:33
Chipacaogra_: as per09:33
Chipacaogra_: so i don't know how it's played out yet :)09:33
longsleepother question - the internal ports in package.yaml, these are the ports supposed to listen on local interface only or what is the meaning of internal in that context?09:34
Chipacaeep! snappy update just got 'no space left on device'09:35
ogra_as i understand it it is for "package intercommunication"09:35
longsleepogra_: thats good then - so i should probably add that as well09:35
longsleepWhat about the ports in package.yaml if i make those configuration, would webdm know about it? I am still unsure what the ports section in package.yaml actually is doing09:40
ogra_webdm uses the external port for the "open" link in the details page09:40
longsleepyes the one marked external/ui - but what if that is a configuration ?09:41
longsleepi mean i currently ship with port 8000 as webdm does not support https links. But now i want to add configuration so people can choose to expose this on port 8009:42
longsleepthen webdm would have to link there09:42
longsleepand i want to have an option to disable all the external ports and only keep the internal one so a reverse proxy can take it over09:43
biezpalhey! how cron works in Snappy? Tried to add crontab job - everything is read-only :(10:00
ogra_it will use whatever systemd provides as cron replacement ...10:01
ogra_not sure where we stand with that thouh10:01
biezpalogra_, thanks!10:02
Chipacai think we plan to expose timers10:02
Chipacabut haven't done so yet10:02
Chipacatimers as in systemd.timer(5)10:02
biezpalChipaca, but it's not implemented yet?10:03
biezpalok, got it, thx10:04
Chipacabiezpal: ubuntu-core itself installs a timer, if you need an example (it's /lib/systemd/system/snappy-autopilot.timer; when we expose this, yours would be installed to a different directory, but would be the same thing) (it'd be exposed in a way that we generate the timer ourselves, so if for any reason we need to port snappy to a non-systemd system we could still do it)10:11
biezpalChipaca, thanks a lot10:18
longsleepah i just found a interesting line in the docs: Some key/value pairs in the configuration are fixed, for example all applications that listen to a port must support the "ports" config option.10:26
longsleepis that the same ports as found in package.yaml?10:27
RlyehI want remove docker, but since some apps are using docker, it will not remove10:30
Rlyeh(BeagleBoneBlack)ubuntu@localhost:~$ sudo snappy remove docker10:30
RlyehRemoving docker10:30
Rlyehframework still in use by: owncloud10:30
=== erkules_ is now known as erkules
ChipacaRlyeh: remove the dependencies first10:31
ChipacaRlyeh: sudo snappy remove owncloud docker10:32
ChipacaRlyeh: will work10:32
RlyehI won't remove owncloud10:33
RlyehI don't know owncloud service name to stop10:33
ChipacaRlyeh: sorry, i don't understand10:33
ChipacaRlyeh: why won't you remove owncloud?10:33
RlyehI just want to reinstall docker10:34
RlyehI think it will be remove if I stop owncloud service, right?10:35
RlyehIt seems docker doesn't work properly10:36
ChipacaRlyeh: still not understanding, here; sorry :-(10:36
ChipacaRlyeh: you want to reinstall docker because it's not working properly?10:36
Rlyehyes10:38
RlyehI updated docker from 1.6.1 to 1.6.2 to day10:38
RlyehAfter reboot, owncloud was not working10:39
ChipacaRlyeh: and how is it not working properly?10:39
RlyehI checked and port 443 was close10:39
ChipacaRlyeh: and if you roll back docker does owncloud work again?10:40
RlyehRollbacks the docker, but still docker not working10:40
dholbachhum.......10:40
Chipacadholbach: 'sup?10:40
RlyehI don't know what happened but I have to fix this10:41
RlyehBecause of owncloud10:41
dholbachChipaca, have you seen something like this before? http://pastebin.ubuntu.com/12070190/10:41
Chipacadholbach: it's a pastebin link. I've seen many of those!10:41
Chipaca:-p10:41
dholbachriiiiiiiiiiight10:42
ogra_dholbach, yeah., we require that you run snapcraft on your phone now for building so we check the system-image config :P10:42
RlyehDo you know owncloud service name to stop ?10:43
ogra_Rlyeh, systemctl|grep owncloud10:43
ogra_then just use systemctl stop10:43
RlyehThank you ogra10:44
Chipacaor snappy service owncloud stop10:44
Chipacain new enough snappys10:44
ogra_dholbach, you get that error only by running add-apt-repo ? thats really odd10:44
dholbachogra_, it is10:45
Chipacadholbach: i hadn't seen it, but it seems you can ignore it10:45
Chipacait's probably aptsources.sourceslist or softwareproperties.ppa calling out to system-image-cli erroneously10:45
Chipacadeffinitely a bug, but seems add-apt-repo is still doing the right thing10:45
Chipacaaptsources10:46
Chipacadholbach: so10:46
Chipacadholbach: file a bug against aptsources10:47
Chipacadholbach: then continue with your day :)10:47
dholbachok cool, will do10:47
Chipacain fact i can probably provide a patch for you to include in your bug10:47
Chipacagimme a sec, then i'll give you a diff, if you could try that it'd be nice10:48
dholbachChipaca, https://bugs.launchpad.net/ubuntu/+source/python-apt/+bug/148447010:50
ubottuLaunchpad bug 1484470 in python-apt (Ubuntu) "aptsources.sourceslist or softwareproperties.ppa calling out to system-image-cli erroneously" [Undecided,New]10:50
Chipacadholbach: could you try http://pastebin.ubuntu.com/12070228/ ?10:50
Chipacawait, that's wrong10:52
Chipacadholbach: hold it10:52
Chipacadholbach: ETOORUSHED10:52
Chipacadholbach: http://pastebin.ubuntu.com/12070249/10:54
dholbachChipaca, fixed10:54
dholbachat least there's no message now10:55
Chipacaexactly :)10:55
dholbachjudging by "usage: system-image-cli  ......."10:55
dholbachit might be that s-i-c is called with the wrong parameters?10:55
dholbachh no10:55
dholbachah no10:55
dholbachnevermind :)10:55
Chipacadholbach: config not found10:56
dholbachyep10:56
Chipacadholbach: should i make this a merge against python-apt, or just include the diff in the bug and let somebody else handle it?10:57
dholbachthat's a question for mvo :)10:57
Chipacamaking an MP then10:57
Chipacaeep10:58
Chipacanever change gpg keys the week before your holidays10:58
dholbachoops10:59
Chipacahttps://code.launchpad.net/~chipaca/python-apt/no-stderr-for-you-mister-system-image-cli/+merge/26793511:00
ogra_hmm11:40
ogra_was there a way to make ubuntu-core-launcher output verbose in syslog ?11:41
ogra_Aug 13 11:40:24 localhost ubuntu-core-launcher[1761]: execv failed: Permission denied11:41
ogra_not actually helpful ...11:41
Chipacaogra_: you probably got something in syslog about that11:44
ogra_no, thats my issue :)11:44
ogra_nothing beyond that and the .service then tellin me it exited 111:45
Chipacaogra_: can you actually exec the thing you're trying to exec?11:47
ogra_hard to tell ... my LD_LIBRARY_PATH is like 1000 pages long :P11:47
* ogra_ tries to get xfbdev to run on a rpi 11:48
ogra_mainly as "lunch exercise"11:48
Chipacaogra_: ahhh11:49
Chipacaogra_: did you check the obvious, ie unix perms for executables and dynamic libraries?11:50
ogra_sure, the tree loosk fine11:50
longsleepso anyome has thoughts if the config hooks port yaml format is the same as of package.yaml - i did it that way now but does it make sense?11:50
ogra_i think it is11:50
Chipacaah! i was going to check that, and got dragged into this python-apt madness11:52
Chipacalongsleep: if you install webdm, what does 'snappy config webdm' spit out?11:52
Chipacalongsleep: because it's got a port11:52
longsleepthat is broken11:53
longsleepi thnk i have added a bug for this already11:53
longsleepCn11:54
longsleepChipaca: ah yes https://bugs.launchpad.net/webdm/+bug/148272011:55
ubottuLaunchpad bug 1482720 in webdm "Webdm config seems to be broken / KeyError on snappy config webdm" [Undecided,New]11:55
ogra_ARGH !11:55
ChipacaWAT11:55
* ogra_ bangs head against wall 11:55
longsleepChipaca: but from the code at http://bazaar.launchpad.net/~snappy-dev/webdm/trunk/view/head:/pkg/meta/hooks/config it does nothing related to ports11:55
* Chipaca quickly slips pillow between ogra and wall11:55
ogra_start-service.sh .... not executable ... sigh ... so silly11:55
Chipacaogra_: \o/11:56
Chipacaogra_: glad i asked the silly question first, then :)11:56
ogra_yeah, thanks !11:56
Chipacalongsleep: can you add a try/except around lines 64 and 65, just to see the output?11:57
Chipacalongsleep: i can provide a patch if you don't python11:57
longsleepChipaca: i have many years python history - going for lunch now but will check in 20 minutes or so thanks!11:58
=== kickinz1 is now known as kickinz1|lunch
Chipacalongsleep: excellent! and buen provecho :)12:02
ChipacaI say "buen provecho", and dpm comes in12:04
Chipacai'm not a suspicious person, but ... :-p12:05
longsleepChipaca: i am back with lunch - config is empty as is expected from reading the hook code (it only exposes avahi-hostname)12:14
longsleepChipaca: if you are intersted, my hook now returns this yaml: http://paste.ubuntu.com/12070607/ - what do you say?12:16
Chipacalongsleep: and assigning them works?12:19
Chipacasergiusens: longsleep is trying to make external ports configurable and negotiable12:19
longsleepChipaca: well, i am just writing that part but i would not see why not as this is all in my hook and just a matter of my applying them to the service config.12:20
sergiusenslongsleep: Chipaca we don't have the backend ready for that so doing it through config seems fine12:22
sergiusensChipaca: are you back at work? Or just leasure?12:22
Chipacasergiusens: back at work!12:25
Chipacasergiusens: already having two simultaneous meetings (if you don't count this)12:25
kyrofaogra_, I also can report piglow success using your rpi2 image :)12:39
ogra_yippie !12:39
kyrofaogra_, but of course, when I package as a snap, I get apparmor denials. Are there any templates or caps I can use that will grant me access?12:40
kyrofa(to the i2c device, I mean)12:40
ogra_https://developer.ubuntu.com/en/snappy/guides/appliance-builder-guide-webcam/ take a look at the webcam example12:41
kyrofaogra_, ah, perfect, thank you :)12:44
kyrofaogra_, well, not quite. Is making an OEM snap the only way to provision hardware like that?12:46
ogra_kyrofa, where does it say it is an oem snap ?12:56
ogra_should be just a normal snap but you need to manually enable the hw access after install12:56
kyrofaogra_, oh okay. The first bit of the document talks about manually enabling hw access, but then it goes through the process of creating an OEM snap to do it automatically12:57
kyrofaogra_, so there's no way to request hw access from a regular snap?12:57
=== kickinz1|lunch is now known as kickinz1
sergiusenskyrofa: the manual process is the "trusted helper" or lack thereof ;-)13:08
kyrofasergiusens, ah, okay so that's the vision for how regular old snaps can get hw access?13:09
sergiusenskyrofa: depends; on personal I guess it would be through the trusted helper system13:12
sergiusenson custom devices, you would build your custom gadget13:12
kyrofasergiusens, gadget being another kind of snap? I've not gotten into that just yet13:13
sergiusenskyrofa: it's what is the oem today13:15
kyrofasergiusens, gotcha13:15
kyrofasergiusens, I have a snap for arm that uses the piglow (via i2c). Knowing that it requires i2c support and requires explicit hw access granting, is that something I can submit to the store?13:29
sergiusenskyrofa: yes you can13:30
sergiusenskyrofa: users of it just need to explicitly allow the crazy things it would do with your hardware13:31
ogra_now it would be really great if webdm would actually show the description for packages ... then youo could even tell the users what they need to do :P13:32
kyrofaogra_, no... that would be too much...13:40
ogra_heh13:40
kyrofaogra_, the description should be in debian/control of the generated snap, right?13:43
kyrofaogra_, ah, nevermind. The manifest13:43
sergiusensogra_: in rolling that should all work; once we have snap uploads per release it can go into 15.0413:57
kyrofasergiusens, why is only the first two paragraphs of the meta/readme used? Makes it tough to format things decently14:01
kyrofasergiusens, just space concerns?14:01
sergiusenskyrofa: don't get me started on how much I dislike that readme.md ;)14:01
kyrofasergiusens, ah, okay. As long as I'm not the only one ;)14:02
ogra_hmm, why can i not set TMPDIR in my service start script ?14:21
ogra_seems to still point to /tmp ... no matter what i do14:21
sergiusensogra_: I thought Chipaca worked on mounting tmp for snaps into a new namespace14:24
Chipacayep14:24
Chipacayou get a private tmp14:25
Chipacaand you like it14:25
sergiusensso you need to define "see" ;-)14:25
ogra_i do, xorg doesnt :P14:25
Chipacaogra_: what's xorg trying to do?14:25
ogra_http://paste.ubuntu.com/12071355/14:25
ogra_compiling a keymap in /tmp14:25
ogra_trying to set TMPDIR doesnt make it pick up any different dir14:25
ogra_and it also doesnt seem to pick up whatever is set by the launcher14:26
Chipacaogra_: could you list /tmp/ for me please?14:26
ogra_oh, wait ...14:26
ogra_did the tmpdir cange land in 15.04 ?14:26
=== jkridner|work is now known as jkridner
Chipacaogra_: quisiĆ³! but maybe not14:27
Chipacaogra_: but looking at /tmp/ after a run will tell you14:27
elopiofgimenez: my throat hurst a little. Lets talk here today.14:27
ogra_Chipaca, hmm ... might be helpful if it also cleaned up after itself http://paste.ubuntu.com/12071402/14:28
ogra_only 500 tmpdirs :P14:28
fgimenezelopio, ok take care!14:29
elopiofgimenez: I agree that parsing the writer output is the most simple thing to do now.14:29
fgimenezelopio, ok, the outputWriter type is what we need, but now is difficult to use14:30
Chipacaogra_: that's the private tmp signature there14:30
Chipacaogra_: look inside those, at permissions14:30
elopiofgimenez: yes, we need help from niemayer there.14:30
Chipacahopefully we haven't broken that (!!)14:30
ogra_Chipaca, but why does itr leave them behind ?14:31
fgimenezelopio, hopefully i'll push something today for the parsing approach, it's quite easy given the current output14:31
ogra_(and inside which of them would i look now, so many choices !)14:31
ogra_(RaspberryPi2)ubuntu@localhost:~$ sudo ls -l /tmp/snap.0_xserver-fbdev.sideload_zoK1gY/14:32
ogra_total 014:32
ogra_drwxrwxrwt 3 root root 60 Aug 13 14:04 tmp14:32
ogra_(RaspberryPi2)ubuntu@localhost:~$ sudo ls -l /tmp/snap.0_xserver-fbdev.sideload_zoK1gY/tmp/14:32
ogra_total 014:32
ogra_permissions seem fine14:32
Chipacaogra_: i think the consensus was we wanted to clean them up with something like tmpreaper, not right after things stopped14:32
ogra_hmm, k14:32
fgimenezelopio, good news, we have a new docker framework version ready thanks to kickinz1 :)14:33
fgimenezelopio, http://10.55.32.19:8080/job/daily-1504/14:33
elopioplars: the ppa is updated. Here's the script: http://people.ubuntu.com/~elopio/spi_scripts/snappy-tests-job.sh14:33
ogra_the prob is that if you develop and your service crashes in a loop you might end up with 500 dirs there :)14:33
elopiofgimenez: cool. One failure in there in a restart, I haven't seen that one.14:34
Chipacaogra_: conversely, if your app crashes in a loop and we clean up tmp, and the crash was because of tmp wackiness, ...14:34
elopiobut it's nice, we can start collecting stats :)14:34
ogra_Chipaca, well, anyway, xkb doesnt seem to see the TMPDIR at all according to the log14:34
ogra_(II) XKB: generating xkmfile /tmp/server-B20D7FC79C7F597315E3E501AEF10E0D866E8E92.xkm14:34
fgimenezelopio, yes :) that execution was strange, it got stuck in the first update for almost one hour, then it gave that error...14:34
ogra_that doesnt look like it uses TMPDIR14:35
fgimenezelopio, enyway, if you can put an instance to execute the tests it would be great to compare results14:35
fgimenez*anyway14:35
Chipacaogra_: which is weird, because it doesn't have to14:36
elopiofgimenez: ok, let me trigger one.14:36
Chipacaogra_: that is, you have a private /tmp/14:36
ogra_Chipaca, ah, so /tmp should be transparent ?14:36
Chipacaogra_: you don't need to "see" TMPDIR or anything14:36
ogra_ok14:36
Chipacaogra_: the env vars were left for backwards compat, but enough things ignore them that you have a whole /tmp just for you14:36
plarselopio: cool, I'll check it out in just a bit14:36
Chipacathat just happens to be a subdir of /tmp/ :)14:36
kickinz1o/14:37
ogra_right14:37
elopioplars: you wget that script, and run it passing the ip. Let me know what happens..14:37
ogra_probably thats a red herring14:37
plarselopio: a lot of errors it looks like14:39
elopioplars: paste please.14:41
plarselopio: I'm working through them... it looks like the first was because I needed bzr, now it seems to want golang installed14:42
elopioum, that's right, it will need debs.14:43
elopioI didn't take thata into account... so not really that different from installing from the ppa.14:43
plarselopio: will it also need autopkgtest?14:44
plarsI suspect it won't need some of those things14:44
plarssince I'm not using it for provisioning14:44
plarsI had hoped all the go build pieces could be skipped - I thought that was the point of providing the go binary14:44
plarsoh, it needs git also14:45
plarselopio: ^ I didn't even see git mentioned in the control file14:45
elopioplars: yes, autopkgtest from wily.14:48
plarsok14:48
elopioplars: that was my naive idea yesterday. Now I realize it makes no sense.14:48
plarsso it seems that one way or another, this is going to need a lot of customization on the host ahead of time14:48
elopiowe could reduce the set up needed by providing also a binary for snappy tests, but not much.14:49
elopioplars: yes.14:49
plarselopio: if we install from your ppa, does it automatically get the right version of autopkgtest?14:49
elopioplars: only if the host is in wily.14:49
plarselopio: I'm not opposed to setting it up on the test hosts, but I do worry it will cause you some pain in the future to do it this way. Having everything self-contained means you can make fewer assumptions about the test environment, and separates concerns about the tests vs. hardware much better14:50
plarselopio: no, the host is on trusty here14:50
elopioplars: even if we don't use autopkgtest for provisioning, we need it for reboots. So that's one dependency we can't easily work around.14:51
plarselopio: so installing from the ppa wouldn't help us anyway14:51
elopioplars: so install it as explained in _integration-tests/README.mf14:51
elopio*md14:51
plarselopio: how often do you think this package will change?14:51
elopioplars: very often, but we won't need to update it every time.14:52
plarshttps://www.irccloud.com/pastebin/IA0r1xOX/14:56
plarselopio: ^14:56
=== chihchun is now known as chihchun_afk
ogra_mterry to the rescue !15:01
mterryogra_, what's up?15:01
ogra_mterry, you packaged some xorg snap once ... how did you havdle the keymap generation ?15:02
ogra_*handle15:02
* ogra_ is stuck with that ... and i cant convince xorg to not try to use a kbd at all15:02
mterryogra_, I believe deb2snap has a hack for that.  In tools/fixes, it copies over /var/lib/xkb/*.xkm into the snap15:03
ogra_oh, so you generate them in advance ?15:03
ogra_i'll take a look15:03
mterryogra_, and then another hack that places them in $SNAP_APP_DATA_PATH (since that's where the ld-preload code looks for them15:04
mterryogra_, yeah, they are just sitting there on the system that runs deb2snap, so I figured we'd just use those15:04
ogra_ah, i'm trying to get along without any preloading (works fine apart from that one thing)15:04
elopioplars: sorry, I'm on the stand up. Let me try...15:08
plarselopio: no rush15:09
elopioplars: I don't get that error. fgimenez: any ideas? https://www.irccloud.com/pastebin/IA0r1xOX/15:20
fgimenezelopio, never seen before, "Syntax error: Unterminated quoted string"15:25
kyrofasergiusens, does hw-assign not take effect on a running process? I always have to restart it in order for it to access the hw15:26
* ogra_ sends the terminator ovber15:26
elopiofgimenez: this looks just fine: go run ./_integration-tests/main.go -ip 192.168.1.148. No idea what might be wrong in there.15:27
sergiusenskyrofa: I am not sure, but I guess so since the apparmor profile is extended and needs to re run so it is reconfined15:27
sergiusensnot sure you can reconfine on the fly15:27
sergiusensjdstrand: ? ^15:27
elopioplars: can you set up your GOPATH, branch snappy and run the tests from there? That will give us a better clue of where's the problem.15:28
kyrofasergiusens, this gave me the impression it was possible: https://developer.ubuntu.com/en/snappy/guides/appliance-builder-guide-webcam/15:28
kyrofaNotice how it assigns the hw and voila, it works15:29
kyrofaBut mine doesn't work that way :P15:29
fgimenezelopio, the testbed is amd64, right?15:29
elopiofgimenez: yes according to plars.15:29
elopioah, wait, we are not building for arm.15:29
elopiothe host is amd64, the test bed is arm.15:30
jdstrandhw-assign does more than apparmor-- it will setup the device cgroup and add the device to that cgroup. as such, I believe you much relaunch the process (unless there is a way to update the cgroups for a running process-- I don't know)15:31
elopiofgimenez: in the end, we need snappy-test-job to receive all the flags that snappy integration tests receive. Is there a better way to do it instead of copying everything?15:31
jdstrandpossibly worth a bug for the core guys to look at15:31
plarselopio: fgimenez: no, the testbed is bbb15:31
plarselopio: fgimenez: I said the test host is amd6415:32
plarsthe agent host that is15:32
elopioplars: yes, my mistake.15:32
kyrofajdstrand, so the link above must have missed a step?15:32
plarsbbb, obviously, is not15:32
fgimenezplars, elopio then we need an -arch flag too15:32
elopiofgimenez: adding it...15:32
jdstrandkyrofa: yes. that may have been written before mvo implemented the cgroup bits (things were landing hot at the time)15:33
kyrofajdstrand, ah, okay. Thank you!15:34
fgimenezelopio, flag.Visit could be handy for passing the options around, but anyway the flags should be defined in the entrypoint, and we have two of them now...15:35
kyrofajdstrand, is the only way to do that via a reboot?15:37
kyrofajdstrand, or can I request a service restart via snappy?15:37
jdstrandoh no, just restart the service15:37
ogra_HEY ! everyone congratulate longsleep !!! seems we'll have the first snappy based commercial device on the market soon ;)15:38
jdstrandcongrats!15:39
jdstrandkyrofa: give me a moment15:39
ogra_secure videochat FTW !15:39
ogra_screw these hangouts :)15:39
jdstrandkyrofa: systemctl -a | grep <your service>15:41
jdstrandkyrofa: then restart with:15:41
jdstrandsudo systemctl stop <service name>15:41
jdstrandsudo systemctl start <service name>15:41
kyrofajdstrand, alright, thanks!15:41
kyrofajdstrand, I saw some mailing list noise about auto-restart a while back. Was that ever implemented?15:43
jdstrandI'm not sure. I think there was a branch. sergiusens ^15:43
jdstrandkyrofa: I think that would still require you to kill the process15:44
jdstrand(so it could restart)15:44
kyrofajdstrand, which is easy. If I'm denied access, die15:44
jdstrandbut maybe more was exposed15:44
jdstrandyes, but then you will be auto restarted15:44
kyrofaWhich would solve this problem, wouldn't it?15:45
kyrofaOr are you saying the parent process wouldn't let the confinement happen?15:45
jdstrandso, I'll defer to the people who implemented/are implementing the feature to explain how it works :)15:45
jdstrandkyrofa: I'm saying if you never ran hw-assign, it would loop until you did15:45
kyrofaAh right, agreed15:45
jdstrandbut ceratinly that was thought about15:46
sergiusensjdstrand: that was for config changes and the idea was that services would HUP15:46
kyrofasergiusens, ah, so that won't help me eh?15:47
jdstrandthere are config changes, but there is also the bit about services autorestarting if they die15:47
* ogra_ remembers that too15:47
sergiusensjdstrand: that should be in already15:48
jdstrandhttps://bugs.launchpad.net/snappy/+bug/146191715:48
ubottuLaunchpad bug 1461917 in Snappy "snappy app services should auto restart" [High,Fix committed]15:48
sergiusensjdstrand: I have my services under dev dying and respawning all the time now15:48
ogra_not released :)15:48
jdstrandand for 15.04, it says it is fixed15:48
ogra_oh, right15:48
jdstrandkyrofa: so, maybe just kill your process and it will come up15:49
ogra_well, my xserver snap here dies all the time and restarts in a loop ... so yes, seems to work :)15:49
kyrofajdstrand, trying15:49
jdstrandsergiusens: hw-assign probably needs to HUP things15:49
kyrofajdstrand, no such luck. ogra_ think your i2c image included those changes?15:50
jdstrandkyrofa: summary of backscroll-- kyrofa has a service that is denied access. he uses hw-assign. that does not take effect until the process is restarted. this is certainly because of the running process' cgroup and it not picking up the device cgroup change until the next invocation15:50
ogra_kyrofa, i'm staring at a syslog where a broken snap gets permanently restarted in a loop, so yes, i thnk they are in15:50
jdstranderr15:50
jdstrandsergiusens: ^15:51
jdstrandkyrofa: are you on 15.04?15:51
kyrofajdstrand, yeah. Let me see what happens if I just exit with a non-zero status...15:52
jdstrandthat may do it15:53
jdstrandRestart=on-failure15:53
sergiusensjdstrand: that's automatic now15:54
jdstrandright, that is what I'm saying15:54
jdstrandI'm looking at the diff and see that was added15:54
jdstrandsergiusens: oh wait, what are you referring to, the on-failure or the cgroup?15:54
ogra_http://paste.ubuntu.com/12071972/ on failure works fine ...15:56
kyrofajdstrand, interesting, it DOES work, but I get this after a few times: start request repeated too quickly15:56
ogra_if the executable dies it gets auto respawned15:56
kyrofaThere seems to be some sort of rate limiting or something15:56
dholbachmterry, if you have a quick look at bug 1484515 and bug 1484538 can you maybe tell me if I'm doing it wrong? :)15:57
ubottubug 1484515 in Snapcraft "File exists: '/home/daniel/dev/apps/xwax.snap/parts/xwax/build'" [Undecided,New] https://launchpad.net/bugs/148451515:57
ubottubug 1484538 in Snapcraft "meta/package.yaml exists, but not found" [Undecided,New] https://launchpad.net/bugs/148453815:57
jdstrandkyrofa: yeah. so I see in http://www.freedesktop.org/software/systemd/man/systemd.service.html that on-failure ignores if the process is sent TERM (the default by kill)15:57
jdstrandkyrofa: I bet if you do kill -9 it would work15:57
fgimenezelopio, ping me if you need the ppa to be rebuilt15:58
elopiofgimenez: https://code.launchpad.net/~elopio/snappy-tests-job/arch/+merge/26796915:59
kyrofajdstrand, that was with a non-zero exit status16:00
kyrofajdstrand, so if it dies quickly it will only do it a few times16:00
jdstrandkyrofa: right. I'm saying, remove the non-zero exit status bit (it detected the loop I mentioned before), and simply send it kill -916:00
jdstrandI bet that will work16:01
jdstrandI imagine the fix for this is that after hw-assign, have snappy simply restart the affected services. that probably makes most sense anyway cause if the sevice started without access to the device, it may not notice it all of a sudden has access16:03
kyrofajdstrand, you're right, that works16:03
jdstrandcool16:03
kyrofajdstrand, yeah, that's the position I'm in now. I mean, it's impossible for it to notice that it all of a sudden has access since it's effectively still confined16:04
jdstrandkyrofa: would you mind filing a bug on this? https://bugs.launchpad.net/snappy/+filebug16:04
kyrofajdstrand, definitey16:04
jdstrandkyrofa: feel free to copy/paste from the irc backscroll16:04
elopiofgimenez: thanks for the review. And yes, now I need a ppa rebuild.16:05
fgimenezelopio, ok :) https://code.launchpad.net/~fgimenez/+recipe/snappy-tests-job-daily16:07
elopiofgimenez: thanks! sorry for keeping you late.16:07
joc_hi, could any members of Snappy Devs have a look at my snapcraft branch? i have attempted to add a new plugin and would appreciate any feedback before requesting a merge lp:~jocave/snapcraft/plainbox-provider-plugin16:07
fgimenezelopio, np at all, how could we transfer the ppa to the team?16:08
elopiofgimenez: I think these packages should go to the tools ppa.16:08
kyrofajdstrand, even with hw-assign restarting affected processes, I'm still not sure how I'm supposed to write a service that requires a hw resource16:11
fgimenezelopio, ok, let me know if something is needed from my side o/16:11
kyrofajdstrand, if I die immediately I'll get restart throttled by systemd. If I retry constantly I know I'll never get access to it due to confinement not changing on a running process16:12
kyrofajdstrand, what's the best way to handle this?16:12
mterrydholbach, heyo!  Saw your message.  I switched off the snappy team back to unity8.  Looks like you figured out the meta package one a bit more tho16:20
dholbachwow, ok16:20
dholbachall the best with unity8!16:20
mterrydholbach, the file-exists one is weird, since we use exist_ok=True when making the directory16:21
dholbachmterry, it's a link - that's probably why16:22
kyrofasergiusens, any opinion on how to best write a service that requires access to hw? ^^16:22
jdstrandkyrofa: I suggest checking the return code of the open. if it fails, you can choose to die hard with exit 1 (perhaps logging to use hw-assign) or to fail gracefully and keep trying to access it16:27
jdstrandkyrofa: the hw-assign restart should do a stop/start, so if you are already stopped (ie, you failed with non-zero) you should be ok16:28
elopioplars: script updated.16:28
jdstrandbut really it is up to you as the app author16:28
plarselopio: ack, thanks16:28
kyrofajdstrand, very good. I think the best solution there is probably to exit with a good log message then16:29
kyrofajdstrand, crap, except the nice log message gets eaten by systemd's "ack! it's restarting too fast" errors: http://pastebin.ubuntu.com/12072279/16:35
jdstrandkyrofa: you could exit 016:36
jdstrandkyrofa: that won't trigger on-failure16:36
plarselopio: this seems to be working a lot better so far16:36
kyrofaOh. Yeah, good idea16:36
plarselopio: any thoughts on how you might get the results out?16:36
plarselopio: that's something that could be added to the script16:36
elopioplars: autopkgtest saves them in the output directory, which I think is set to /tmp/snappy-test16:37
elopiolet me confirm.16:37
plarselopio: right, but that doesn't help you any16:37
plarselopio: you'll want to upload them somewhere I assume?16:37
plarselopio: get them back into a jenkins job, or something like that?16:37
elopioplars: yes, I need the agent to send them back to me.16:38
elopioplars: you can put them anywhere, and save the url in the result payload.16:38
plarselopio: talk to ev to be sure, but I don't think there's any plans for SPI to do that.  The agent can pick up a json file with a limited amount of data in it, but probably not your full results that you care about16:38
plarselopio: it's not really up to me - it's what ever you define in your script about where to put them. I'm just saying, saving them to /tmp is probably not going to help you here16:39
elopioplars: so far, I just need a true or false in that json. Federico is working on saving the results as subunit, which we can translate to junit if you want. That's all we need.16:39
elopiomaybe for things like snapcraft we'll need other artifacts.16:40
kyrofajdstrand, should hw-assign start a service that has exited without error though?16:40
kyrofajdstrand, or is it a case of "Well, it's a snappy service. It should expect to always be running"16:40
plarselopio: so for that, you'll want to have your script output something called 'spi_test_result.json' at the end16:41
jdstrandI think it is the latter. it is an interesting discussion point16:41
elopioplars: sure. But the agent should take care of the upload. Otherwise we'll have to pass the credentials in the script.16:41
plarselopio: upload to where? I don't think they have plans to define where you store your results - at least that's what I've always heard, but you could ask16:42
kyrofajdstrand, I'll make a note of it on the bug16:42
kyrofajdstrand, thanks for all your help :)16:43
jdstrandnp16:43
elopioplars: anywhere you want. This is not upload to spi, this is upload to any storage. What we pass to spi is only the url to that storage.16:43
plarselopio: it's not up to me either16:44
plarselopio: I am just providing the hardware16:44
elopiowhen we talked to ev and noise][, I was thinking I was going to control the agent so I thought about uploading to swift.16:44
plarselopio: as far as I care, you can put them in /tmp... they'll likely get lost there, but I'm not the one that needs to see them :)16:44
elopionow that I don't control the agent, I can't control the upload either.16:44
plarselopio: no, but you control your script - and that's where the upload happens from16:45
plarselopio: all the agent can do is run the commands defined - which for this one gives you a list of commands to run16:45
elopioplars: but I certainly shouldn't send my canonistack credentials on this script.16:45
plarselopio: which is why I recommended putting it in a script like that16:45
plarselopio: I don't have canonistack credentials here either, or any intention of using it16:45
plarselopio: nor do I know where you want them, how long to retain data, whether the data is private...16:46
plarselopio: only you can know what you want done with your results, or even which results you want to collect16:46
elopioplars: just give me true of false for now.16:46
plarselopio: otherwise, I'm either just guessing, or having to be way over-concerned with what each particular test wants and where they want it - rather than providing the hardware service16:47
plarselopio: I can't even give you a true or false - I'm telling you what you need to do to get that though16:47
plarselopio: you need to export that file mentioned earlier, and the spi agent itself (not anything I control) picks that up to provide a result back to SPI16:48
plarselopio: afaik, it's arbitrary json up to some limit in size, so you can put whatever you want in it16:48
elopioplars: you can tell me if the script I gave you exit with 0 or not. That's the only thing I need for now.16:48
plarselopio: I can't do that in my stuff, because then it would override what anybody does16:49
plarselopio: and I don't know how to interpret your results16:49
plarselopio: is it not just as easy for you, and more beneficial, to add an echo at the end of your script?16:49
elopioplars: ok, then we'll wait for the subunit change.16:50
plarselopio: if that's all you need, then you could add a last line in your .sh file to do something like echo "{'result': '$?'}" > spi_test_result.json16:50
plarselopio: and then later, you can have it actually save a url there, if you push it somewhere, or add an image #, or whatever you like16:51
elopioplars: ok. is that the name you want?16:51
noise][elopio: the agent will send test_status="PASSED" if the testcommand exits w/016:51
plarselopio: it's not what I want, it's the name defined in the documentation - I have no control over this part16:51
elopioI can't upload anything to an URL, because I won't send the password to the SPI server. But I don't need that yet either, so no point on discussing about it.16:52
plarselopio: but you can put whatever you like in there, up to 4000 bytes iirc? (noise][ is that right?)16:52
noise][elopio: see the "Actors and Results" section at the very bottom of the docs16:52
noise][plars: correct.16:52
plarselopio: nor do I, but the spi server doesn't store stuff like that anyway16:52
evYes, separation of concerns. SPI is not offering test artefact storage; that's something you need to give your tests the smarts to handle. Neither SPI nor the Lab should have any knowledge about how test results or result metadata is formatted.16:52
plarselopio: you're results server does16:52
plarselopio: for instance, cert team will almost certainly have the results from plainbox uploaded to the certification server16:53
plarsthe tool they use to run tests has some sort of exporter module (not a checkbox dev, so I'm fuzzy on this) to push the results there16:53
plarsI think it can export other things too, but that's the one that would make sense, because it saves it off to a remote result server16:54
plarsbut you wouldn't care to have that16:54
plarsor if you do, you can I guess, but you'd probably want to run your tests in a plainbox provider16:54
elopioat this moment, I just care about true or false, and get subunit working.16:54
plarsbut neither the agent, nor the provisioning kit know anything about that16:54
elopiothen I'll care about other things, and we'll figure out how to get them.16:55
evplars: I think a reasonable compromise might be that the credentials live on disk where they're used16:57
evLike how mojo specs are done16:57
plarselopio: cool, these tests still seem to be running well, but they take a while. Any idea how long on bbb?16:58
evSo the tests might know the path to creds, but they're stored on the agent's host16:58
evReasonable, or are you worried this breaks separation of concerns?16:58
elopioplars: with my new microsd that says something like hc1, around 30 minutes.16:59
elopiowith my old one, more close to 1 hour.16:59
plarsev: it certainly breaks separation of concerns, but so does the local setup needed on the agent host so that his tests will run. It might be nicer if we could find some other way, but I'm happy to make it work for now as long as everyone understands the inherent fragility of doing it that way16:59
elopionoise][: ok, I updated the script with set -e. That's good enough for me now.17:00
plarsev: ^ tests > 1hour still a problem?17:00
plarselopio: I don't think it automatically saves the output17:00
plarselopio: oh, sorry I misread. nm :)17:01
plarssomehow I thought you said -x17:01
evplars, elopio: tests greater than an hour are a problem, yes17:06
elopiothe tests that take a lot of time are the failover tests, which are the useful ones.17:06
elopioand currently we have only like 4.17:07
elopiowe could just run them on the cloud, but then the usefulness of the bbb lab is not that much.17:07
plarsev: is there any way for the test spec to give it better hints about how long it should run?17:07
elopiothere are some things that will reduce the time, like caching the update download. But I'm not sure when we'll have that.17:08
evplars: not yet, but it's intended: https://trello.com/c/eJF6ngJs/110-story-document-intended-behaviour-of-long-running-tests-exceeding-the-timeout17:08
plarselopio: I think, iiuc, it would work right now, but if it takes too long it could end up looping17:09
ev(see Celso's comment in that card)17:09
evyeah, it'd loop17:09
elopioanother thing we have in mind is to deploy many cloud instances and run the tests in parallel. But with the current agent approach for bbbs, we have access to only one.17:10
evI'm going to book us a meeting to discuss the credentials thing and setupcommand/testcommand being pushed a bit more towards the tests17:10
plarsev: is there some way to uniquely identify the agent? One big hint that could make this more efficient is if the agent requests a test opp, never acks, and requests one again17:11
elopioev: ok. If possible, please make it around this time.17:11
elopioev: even better if you can make it at 14:00 utc, so we have federico.17:12
plarsthen we could be more permissive with the timeout, default it to 2 days or something crazy17:12
plarsshould still be possible to override though I think, since there could be a test spec that wants to run some long stress test for a month17:13
evelopio, plars, noise][: invite sent17:16
evplars: I've added your thoughts to the card17:16
evand I've moved it up, as this is going to bite us quick it seems17:17
evelopio, plars: is that your assessment as well?17:17
plarsev: I hope so, if it bites us soon then it means we're making great progress on fully getting these things running and doing something useful :)17:19
elopioev: yes, we want to add more tests, so the time will definitely increase even if we find a way to run the current tests faster.17:21
evthanks guys17:22
plarshttps://www.irccloud.com/pastebin/rH0vRoXl/17:43
plarselopio: some more errors after running for a little over an hour ^17:44
plarselopio: I'm just running the script by hand for now17:44
elopioplars: that script is for rolling17:44
elopioyour bbb is in 15.04. We need a different script, or to pass an argument to that script.17:44
plarselopio: oh cool. Well that will be controlled by what image we tell it to install, so that's no problem then17:45
plarscool17:45
elopioplars: yes, I suppose it's better to make a different test image, different script.17:47
longsleepMhm snapp config docs say that the service will be restarted by snappy automatically. Does not seem to be true.17:56
plarselopio: either would work fine. That would be in the spec to tell it which to call, and the spec is defined for a given image type17:57
plarsso it could call different scripts or pass different args, or whatever makes sense17:58
ogra_longsleep, file it :)18:03
kyrofasergiusens, jdstrand Restart=on-failure is only put in the .service file for a sideloaded snap, not for one installed from the store. Is that on purpose?18:35
* jdstrand did not implement this feature, but this sounds like a bug18:36
kyrofajdstrand, alright, I'll log that one as well18:40
longsleepogra_: filed bug #148464118:44
nothalBug #1484641: snappy config command does not restart service after setting the configuration <Snappy:New> <http://launchpad.net/bugs/1484641>18:44
ubottubug 1484641 in Snappy "snappy config command does not restart service after setting the configuration" [Undecided,New] https://launchpad.net/bugs/148464118:44
longsleepBut i pushed a new Spreed WebRTC version with configuration hook to the store nethertheless. Works fine as long as you know how to get the systemd service named and to restart it.18:45
kyrofasergiusens, double-checking before I log a bug: https://bugs.launchpad.net/snappy/+bug/1461917 is fixed for `snap:qpy install` invocations (from the store or18:57
ubottuLaunchpad bug 1461917 in Snappy "snappy app services should auto restart" [High,Fix committed]18:57
kyrofaArgh18:57
kyrofasergiusens, double-checking before I log a bug: https://bugs.launchpad.net/snappy/+bug/1461917 is fixed for `snappy install` invocations (from the store or sideloaded), but NOT for things installed via webdm18:58
kyrofasergiusens, I thought those followed the same execution path through the snappy lib18:58
sergiusenskyrofa: right, but webdm would need to be rebuilt, so log a webdm bug ;)19:05
kyrofasergiusens, I just added webdm as an also-effects. Is that okay?19:06
sergiusensyeah19:06
kyrofasergiusens, ooooooh right... static linking....19:06
kyrofasergiusens, man that takes a while to get your head around19:07
pcocaHi everyone, I'm using snapcraft and using the ubuntu pluging I got error about files in common20:15
pcocaIs there any way to fix that problem?20:15
tedpcoca, They're probably trying to install the same thing, so for instance if you were using a python3-project and installed python-dev they'd conflict.20:26
pcocated: so, I should get rid of some of the packages20:27
pcocated: thanks!20:27
pcocated: Let's see if I can get the functionality getting rid of some packages :)20:27
tedHeh, you don't need packages! ;-)20:27
=== zyga is now known as zyga-afk
pcocated: Hi Ted, Still with the same issue, I'm not able to make a snapcraft out of a python script that requires opencv, I've tried several plugins python2-project, python3-project, ubuntu22:24
pcocated: I'm almost thinking about converting the python script to a deb, and then deb2snap, instead of snapcraft :)22:26

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!