/srv/irclogs.ubuntu.com/2016/04/04/#snappy.txt

dholbachgood morning06:27
didrockshey dholbach, how was your week-end?06:30
dholbachsalut didrocks06:30
dholbachgreat - how was yours?06:30
didrocksat jdll on the ubuntu both, presenting snappy, giving a small workshop and such06:32
didrocks+ fixing some snapcraft copy plugin over the week-end06:32
dholbachwow06:32
dholbachI hope you're going to be able to free up some time this week to take it easy then :)06:33
didrockswell, can't swap: on holidays on Wednesday and thing to finish up first06:33
dholbachah yes, you're going to be on holidays :)06:37
dholbachnice06:37
zygagood morning07:18
JamieBennettMorning all07:28
mvohey JamieBennett, good morning!07:30
dholbachhey JamieBennett07:31
zygaJamieBennett: hey :)07:31
didrocksgood morning JamieBennett07:43
araHello! is there a place (i.e. URL) where I can get a list of the env variables in snappy for developers?07:43
ara(like SNAP_DATA)07:43
fgimenezmorning JamieBennett :)07:44
didrocksara: there are some, but it's not always up to date. The easiest for now is to run hello-world.env07:44
aradidrocks, that "some", where are those? :)07:45
didrocksara: in the snapcraft guys, they are introduced one after another if you read the whole content: https://developer.ubuntu.com/en/snappy/build-apps/07:46
didrocksara: but not a definitive list, hence my "you should for now point to this command"07:47
aradidrocks, thanks07:48
didrocksyw07:48
zygaara: one sec07:59
zygaara: https://github.com/ubuntu-core/snappy/blob/master/snap/snapenv/snapenv.go08:00
zygaara: look at around lines 62, 7608:00
zygaara: it is not final08:00
arazyga, OK, thanks08:01
zygaara: we're still changing that area as other parts land08:01
=== seb128_ is now known as seb128
kyrofaGood morning11:20
=== zyga_ is now known as zyga
didrockshey kyrofa!11:35
kyrofaHey didrocks, good day so far?11:36
didrockskyrofa: yeah! rushing things before my holidays actually :)11:37
davidcalledidrocks: hey, I remember you were trying to snap vlc, right?11:39
didrocksdavidcalle: not vlc, but the ascii streaming of it, yeah11:41
davidcalledidrocks: ok, I thought at some point you were also trying vlc and building it is a bit painful, nevermind then, I'll dig further :)11:42
didrocksgood luck! :)11:43
didrocksdavidcalle: I was reusing the deb from the distro FTR11:43
davidcalledidrocks: that's cheating :p11:43
didrocksdavidcalle: well, vlc takes 6h to build on the pi2, I didn't want the "create your first snap" to be 6h25 minutes :p11:45
davidcalle:)11:48
asacclassic for arm64 not there yet?11:49
ogra_asac, nope, still not :(11:50
asacogra_: can i convince udf to use 32-bit rootfs?11:55
asacand dragonkernel11:56
davidcallekyrofa: https://github.com/ubuntu-core/snapcraft/blob/master/docs/intro.md refers to "snappy try", but "snappy try" doesn't seem to exist anymore, what can we use instead?11:57
kyrofadavidcalle, I'm not sure it ever did (if so it was before my time). I think it's still something we're wanting to make12:00
davidcallekyrofa: ok, thanks12:02
qenghoI got a Raspberry Pi 3. I assume it's pretty close to the 2.12:05
qenghoI used these instructions: https://developer.ubuntu.com/en/snappy/start/raspberry-pi-2/12:06
qenghoAnd it never progresses past the power-on rainbow square.12:06
qenghoAre those instructions verified?12:06
kyrofaqengho, ogra_ has the rpi3 working with the rpi2 gadget, but I'm not sure it's been released just yet12:08
adawSuppose I have a web app on my own cloud server. I want to use snappy to build a gateway such that  only traffic from this gateway can communicate  with my server. Can such a security feature be achieved with snappy?12:10
adawthe server web app somehow recognizes some hardware mac address from the snappy iot gateway. can this be done?12:10
qenghoadaw: Where is the server, physically related to the device?12:11
zygaadaw: you could write a snap that controls networking on the device12:11
qenghoSame room, or across the country?12:11
adawqengho: i intend to use this server from digitalocean, a cloud provider12:11
zygaadaw: to implement a firewall that restricts it as you described12:11
zygaadaw: you'd use the firewall-control interface12:12
adawzyga: pardon my ignorance. what is a snap?12:12
zygaadaw: I suggest you read about snappy first12:12
zygaadaw: snap is the smallest package in a snappy ecosystem12:12
adawthe firewall is on the server or snappy?12:12
zygaadaw: on the device running snappy12:12
qenghoadaw: You know that the link address, MAC in this case, is only used to communicate with things on the same link? So, it's used from your device to the everything connected on that Ethernet link, but after that, it's not part of communicating?12:12
adawqengho: if that's the case, is there any way to do hardware authentication?12:13
zyga(that is another issue)12:13
zygaadaw: TPM?12:13
zygaadaw: depends on what you really want to achieve in the end12:14
qenghoadaw: No. There's no hardware that's shared. You're going to have to share a secret in software somehow.12:14
adawso, to do hardware authentication, there has to be some sort of security chip. Nothing to do with snappy, right?12:14
qenghoadaw: We haven't begun talking about Snappy yet. This is just the reality of networking.12:15
=== dholbach_ is now known as dholbach
zygaadaw: it depends on what you want, perhaps an SSL cert is enough12:15
adawTPM is a chip for hardware authentication.  correct?12:16
zygafor your snap to check that we're talking to a given server12:16
zygabut snappy will still talk to other places12:16
adawsuppose i want my server web app to be able to talk to only 1 single gateway in the world. Can this be achieved without using TPM?12:16
qenghoadaw: Here's my opinionated idea: You should fabricate a secret key there, and install OpenVPN on your server, and on your device.12:16
adawqengho: so, in this way, i can achieve my objective using software means only?12:17
qenghoThe local, snappy end, of your VPN is both the OpenVPN client and whatever app you wish to run on it.12:17
qenghoYes, software only.12:18
adawqengho: u're a genius! by the way, why don't other folks adopt your solution? why use a more expensive and cumebrsome solution like TPM?12:18
qenghoPeople do. They might not if they don't control servers. TPM is rare.12:19
adawLet me understand u correctly. I install OpenVPN server on the cloud server.  Then, install OpenVPN client on the snappy gateway. Finally, open a secure VPN link between them. Correct?12:20
zygaTMP is really for different things than this IMHO12:20
zygaopenvpn and tpm have almost nothing in common12:20
ogra_quengho, kyrofa, there is an image with the pi3 gadget though12:20
zygayou can use TPM for many interesting and useful things that openvpn cannot do12:20
qenghoogra_: Yay. I was hoping for a 16.04~ thing anyway.12:21
qenghoadaw: You got it. You have to make the OpenVPN client as part of making your snap. Assemble all the pieces together and package it.12:22
qenghoadaw: snapcraft parts. One is your app. Another is the VPN code.12:22
adawqengho: can I just use normal Ubuntu instead of snappy to do this openVPN client stuff?12:22
ogra_qengho, http://people.canonical.com/~ogra/snappy/all-snaps/rpi3/12:23
qenghoadaw: I have to warn you, it might be hard. Making a snap listen for network connections isn't usually allowed.12:23
zygaadaw, qengho: I'd suggest waiting12:23
qenghoadaw: No. Snappy is a whole new world.12:23
zygaI'm sure that openvpn uses network-manager and I know some people are looking at that already12:23
adawqengho: since it is just a VPN client, wouldn't using normal UBuntu and then running python scripts be easier?12:24
zygaqengho: to listen for network connection all you need is the network-bind interface12:24
qenghoAh$12:24
zygaadaw: ubuntu snappy and ubuntu classic are two different worlds; if snappy virtues appeal to you or your use case, use snappy12:24
adawbesides raspberry pi, what are the hardware boards that can run snappy today?12:25
ogra_dragonboard, beaglebone, minnowboard ...12:26
adawam i right to say the most value-for-money board is Rpi today?12:27
zygaadaw: for what money?12:27
zygaadaw: for the price?12:27
ogra_depends on the usecase reallt12:27
ogra_*really12:27
adawany commercial boards instead of the hobbyist boards?12:27
zygaadaw: such as?12:27
adawsomething from Intel?12:27
zygaadaw: you can use certified kernels on any x86/amd64 devices12:28
zygaadaw: dell announced support for snappy on some devices, you might want to check that12:28
zygaadaw: https://insights.ubuntu.com/2015/10/21/snappy-core-unlocks-iot-value-within-the-dell-edge-gateway-5000-series/12:28
ogra_adaw, there is the dell gateway that comes preinstalled with snappy (still 15.04 though)12:29
adawWhat are situations to use Snappy Ubuntu Core instead of Ubuntu Classic? i'm rather confused here12:29
zygaadaw: snappy has transactional updates12:29
zygaadaw: snappy updates automatically12:29
zygaadaw: snappy is a greate way to build an unattended product12:29
zygaadaw: classic is a great workstation12:30
zygaadaw: and a great server12:30
adawfor ubuntu, I just do "apt-get update and upgrade". u mean for snappy, it just updates automatically without needing to run commands?12:30
zygaadaw: snappy is something you'd use for mass-market devices due to reliability and resiliance12:30
zygaadaw: and then you get a debconf prompt12:30
zygaadaw: and all your devices in the field got the same debconf prompt, half of your users input wrong value, the other half had no UI and update was fronzen until the next power-cycle where the device didn't boot12:31
zygaadaw: snappy makes that  better12:31
zygaanyway, good luck12:31
* zyga -> hacking12:32
olliend12:32
ogra_adaw, debs always have full root access to your system ... (a postinst script from some PPA can easily replace your kernel with some malicious binary) ... snaps cant do that12:32
adawif snappy updates automatically, wouldn't that be dangerous? Someone can hake and  automatically several snappy boards at the same time.12:33
ogra_if you only stick to the ubuntu archive thats indeed moot, but as soon as you need some newer version of some SW that some guy offers in a PPA you already giave him full root access12:33
adawu folks are convincing. snappy sounds better. why doesn't UBuntu just migrate to snappy?12:35
ogra_because snappy is still very young and not all bits are solved yet ...12:36
ogra_i.e. you can easily package an app ... but it is hard to package something that integrates with ... say a desktop that you ship as snap12:36
adawandywojo: are there commercial applications using snappy today? is it mature enough?12:36
adawogra_: so, snappy are for embedded devices, right?12:37
ogra_not generally .... 16.04 desktop will have snappy support by default12:37
ogra_and you should be able to run desktop apps that are packaged as snaps12:37
adawogra_: wow. so, ubuntu is indeed going to migrate to snappy. in 16.0412:37
ogra_a snappy img today will rather be focused on embedded though12:38
ogra_and not ship a desktop12:38
adawogra_: so, in 16.04, when i do apt-get, i will be getting snaps?12:38
ogra_not migrate .... but support12:38
ogra_when you apt-get you update your system12:38
ogra_when you use snappy your snappy app will run in a container and interface with the desktop12:39
ogra_there will still be a few releases til you see a full snappy based desktop12:39
ogra_today snappy in deskop is an addon ... you will be able to use snappy apps but your desktop is still the good old thing you know12:40
adawogra_: are there other linux distributions that are copying snappy features? Windows?12:40
* ogra_ doesnt know12:41
adawfor iot, snappy will be ideal for iot gateways, right?12:41
ogra_yes12:41
ogra_also for NAS ... or routers/switches ...12:41
adawany iot gateways in commercial use today that is using snappy?12:42
ogra_at some point we should have a kodi snap so you could easily build a kodi appliance image12:42
ogra_things like that will surely show up soon12:42
adawu mean, not at the moment yet?12:42
zygaadaw: snappy is generally better than ubuntu except not features are supported yet so you can expect the scope of supported things to increse which in turns unlocks more places where snappy is appropriate12:42
ogra_yes, the dell gateway ... and i think there are more in teh works with various partners12:42
zygas/ubuntu/classic/12:42
ogra_kyrofa worked on an owncloud image for teh rpi that seemingly will be used by WD for their diskstation+rpi project12:43
adawIntel NUC works on snappy. https://insights.ubuntu.com/2016/03/02/intel-and-canonical-continue-to-build-large-iot-gateway-ecosystems/12:49
ogra_yep12:50
ogra_basically all x86 based devics should work more or less12:50
adaweven my PC?12:50
ogra_sure12:51
ogra_would be a bit more fiddly to install thogh :)12:51
ogra_(boot from USB stick and dd to internal disk ...)12:51
adawSo, i can install ubuntu classic and snappy on top on it on my virtual machine on virtualbox?12:51
ogra_by release day you should just be able to install ubuntu-desktop and automatically have snappy support in there12:52
adawConfused by the instructions here. Why install ubuntu classic and not snappy? https://developer.ubuntu.com/en/snappy/start/intel-nuc/?_ga=1.260177357.1317873563.145665562612:52
davidcalleadaw: to have a system running somewhere (from a live USB in this case), from which you will install snappy on the nuc.13:00
adawdavidcalle: i see. thanks.13:01
adawcan snappy be installed onto a virtual machine on virtualbox?13:01
davidcalleadaw: see https://developer.ubuntu.com/en/snappy/start/#snappy-local13:02
ogra_kvm is easier though13:03
ogra_(no need to convert anything)13:03
davidcalleadaw: sorry, I meant https://developer.ubuntu.com/en/snappy/start/#ova13:04
adawthanks all. I have much to learn. Don't even know what's the difference between virtual machine and container at the moment.13:05
mviphey guys, have anyone spent any cycles on remote logging for Snappy? Are there any guidelines there?13:25
mvipFor us it's important to capture these logs, but rsyslogd isn't ideal to use natively (as it's somewhat messy to setup with TLS).13:26
mvipIdeally I want to ship logs over HTTPS (to avoid additional port requirements).13:27
mvipI'm thinking something like Fluent (https://github.com/fluent/fluentd) would do well, but I wanted to check with you guys before I start diving into this too far.13:27
qenghoHow do you folks build snapcraft packages on armhf?14:20
ogra_snappy shell classic ..14:20
qenghoAh.14:20
zygaqengho: there's some limited support for cross compilation in snapcraft for certain plugins14:22
zygaqengho: but ogra gave the correct and generic answer14:23
ogra_only for kernel AFAIK14:23
zygaogra_: I read that someone got go plugin to cross compile14:23
ogra_ah, never used that14:23
qenghoYeah, it's close to working. I started a C/C++ support patch for autotools and make, but found I wasn't doing it the right way and aborted.14:25
kyrofaogra_, the launchpad builders work now too14:45
kyrofaogra_, and are way WAY faster14:45
kyrofaqengho, ^^14:45
ogra_kyrofa, not for armhf/arm6414:46
qenghoYou tease.14:46
kyrofaogra_, qengho you should be able to enable those if you edit the snap. Just check the boxes14:49
kyrofaogra_, qengho also exposed via the python API. Can't wait to get travis builds firing off14:49
qenghokyrofa: Edit how? I have a bzr branch. Snapcraft config mentions no architecture. "Request builds" in snap packaging on LP asks "amd64 or i386?"14:50
kyrofaqengho, click on the snap and say edit details14:50
kyrofaqengho, see more arch options there?14:51
qenghoI sure do. The defaults perplex me. Thanks!14:51
kyrofaqengho, note that the builders only have internet access in the pull step14:52
kyrofaqengho, also note that Snapcraft 1.x is used if targeting vivid, Snapcraft 2.x is used if targeting xenial14:52
qenghoCool. I pushed it up the hill and let go. I'll see what happens.14:53
=== kickinz1 is now known as kickinz1|eod
kyrofadidrocks, by the way, any progress on that unversioned directory in snappy?15:10
didrockskyrofa: I was hoping to start getting to it this week. More work was dumped on me. I'll have a try but if I can't (and if that's urgent), I'm happy to warn if I can't get to it before my holidays15:16
kyrofadidrocks, yeah let me know if you don't mind :)15:17
didrockssure!15:17
qenghokyrofa: The LP snap integration is still a mystery to me. My packages compiled well. Yay! But, where did they go? How do I use them?15:49
didrocksqengho: you have a link to download them15:50
didrocksif you click on each ones15:51
qenghoOkay, then. I downloaded, then uploaded to the same place my earlier "snapcraft upload" emitted as the URL to manage my package, once for i386, arm64, and armhf. That felt weird.16:01
qenghoSeems to have worked, though.16:03
qenghoThanks, didrocks, all.16:03
qenghoI welcome feedback. tor-middle-relay.chadmiller  Now for ARM too!16:18
qenghoService crash at startup. "seccomp_load failed with -22" "seccomp_load_filters failed with -22. errmsg: Invalid argument"16:35
asacqengho: https://bugs.launchpad.net/snappy/+bug/156192016:40
ubottuLaunchpad bug 1561920 in linux-raspi2 (Ubuntu) "Seccomp error on recent builds of snappy" [Undecided,New]16:40
asacogra_: any idea when we will get that fix?16:40
ogra_asac, i would assume as soon as the kernel moves out of proposed (where it sits since the 22nd)17:12
ogra_you have to ask the kernel team what keeps it stuck there17:12
qenghoBetween #1564369 and #1561920, my first day with new RPi3 is a sad one.17:18
ogra_qengho, well, the first one has a workaround at lest17:20
ogra_*least17:20
qenghoogra_: does it?  Bind mount, or the correction?17:20
ogra_not much we can do about the second one except waiting for the kernel to go to the archive (though i'm not sure that one actually has the fix already, ppisati would know)17:21
ogra_bind mounting /dev/pts17:21
ogra_you could bribe mvo to do an extra nightshift to fix all the mounting issues we have with the classic shell now though :)17:22
ogra_(there is a bunch since a week or so)17:22
kyrofaelopio, https://github.com/ubuntu-core/snapcraft/pull/421 easy review17:51
elopiokyrofa: sorry, I still haven't figured out notifications on irssi.18:40
elopiolooking at your pr18:40
kyrofaelopio, hahaha18:40
kyrofaelopio, no problem, thanks for taking a look :)18:40
* elopio <- lunch18:52
asacogra_: guess i cant switch channel to downgrade to 4.3 kernel?19:26
* asac prepares a reflash19:26
* asac goes back to stable channel to get work done (TM)19:32
asachow does/will it work in 16 to get top level cli entries? like docker?19:33
sergiusensasac, name the app like the snap19:37
sergiusensasac, that is already working19:38
asacic thanks sergiusens19:42
sergiusenselopio, back?19:42
ogra_asac, you can snappy install the older kernel snap20:16
ogra_(with --allow-unauhenticated)20:17
asacoh...ok... didnt know that20:17
asacnext time :)20:17
asacpretty cool20:17
asacnow just switching channels then easy20:18
asacogra_: the pi3 ... is that working well?20:18
ogra_so so... we have an issue with the serial console when using the pi3 uboot on a pi2 still (we want a shared image)20:20
ogra_and the wlan firmware is missing20:20
ogra_beyond that the pi3 is fine20:21
asacgraphics?20:21
ogra_never tried20:21
ogra_(neither on the pi2)20:21
qenghoI have a Pi3! I skipped the Pi2. I will help test or debug.20:26
dduffeyif I have a custom kernel snap, and downloaded a os.snap, what do I use for the gadget snap (standard amd64)?  or the full command line for ubuntu-device-flash20:39
kyrofadduffey, probably canonical-pc.canonical20:43
kyrofadduffey, https://github.com/zyga/devtools/blob/master/ubuntu-image may interest you20:45
mhall119hey guys, I'm trying to play around with snapcraft, but "snapcraft add-part" says: No module named 'snapcraft.commands.add_part'21:03
mhall119am I missing something?21:03
mhall119snapcraft --help shows it21:03
dduffeykyrofa, awesome ... I'm getting the following error (which is the same error when I try to run ubuntu-device-flash by hand)21:04
dduffeyexpected 3 partitons but found 021:04
qenghomhall119! 'Sup. I want to say that's going away, but I could be wrong. In any case, sounds like a bug to report.21:05
dduffeysame if I use the ubuntu-image script and just select "pc", or run the following:21:05
dduffey./ubuntu-device-flash core rolling --channel edge --gadget canonical-pc.canonical --os xenial-preinstalled-core-amd64.os.snap --kernel kernel.snap/45-kernel_4.5_amd64.snap -o custom.img21:05
qenghomhall119: I hate to say it, but I found the most instructive thing was to look at the snapcraft source code in  /usr/lib/python3/dist-packages/snapcraft /21:23
mhall119qengho: heh, that's not ideal :)21:26
* zyga agrees with qengho21:26
zygamhall119: we should have solid manual pages21:26
zygamhall119: developer docs on the website are always out-of-sync21:26
zygamhall119: snapcraft is great when it works, utterely confusing when your file is wrong and you have no help to follow21:27
qenghomhall119: You're using snapcraft on 16.04 yes?21:27
qenghoSilly question, I know.21:27
* zyga is supper happy about what's landing in snappy21:28
mhall119qengho: yes21:28
zygajdstrand: all four backends are in place, I need to tweak apparmor slightly but I'm not only working on integrating with install/remove/upgrade21:28
mhall119ok, next question, how do I specify a git branch name in a cmake plugin part?21:28
mhall119oh, source-branch, dug21:29
mhall119ignore me21:29
qenghoI just published my first package on 4 architectures, so I'm already pretty happy with it.21:30
qenghozyga: Give a changelog precis?21:33
zygaqengho: ?21:35
qenghozyga: You're excited about changes in snappy. What changes?21:37
zygaqengho: interfaces are an inch/cm away from working21:37
zygaqengho: I'll blog about this heavily when it goes live21:37
zygaqengho: (on g+ and planet ubuntu)21:37
mhall119is there a way to not use `--depth 1` in the git plugin?21:38
zygamhall119: read the source :-(21:39
mhall119yeah, I edited the source, I feel bad21:40
zygamhall119, sergiusens: is doing an amazing job coding but I feel that a tech writer could make snapcraft x10 more discoverable to everyone in a month21:41
mhall119zyga: I agree, and I believe davidcalle is working on that21:42
zygaoh, that's great to hear21:42
mhall119when I'm not stealing him to work on the devportal deployments21:42
zygaI know some people have been looking for technical training on snapcraft21:42
qenghomhall119: When you make a plugin that extends git, you know you are pro.21:42
mhall119or dholbach is stealing him to work on devportal docs importers21:42
mhall119or dpm isn't stealing him to run scopes showdowns.....21:42
sergiusenszyga, mhall119 not sure if davidcalle is just making our existing docs land into d.u.c21:43
mhall119qengho: for not I just modified the code in /usr/lib/python3/dist-packages/snapcraft, so I just feel like a vandal :)21:43
sergiusensthey ones on d.u.c are outdated21:43
zygasergiusens: use readthedocs21:43
sergiusensmhall119, why do you need to not use --depth 1?21:43
zygasergiusens: at least you'll have control21:43
mhall119sergiusens: it causes the git clone to fail21:43
zygasergiusens: and you can have them built live21:43
sergiusenszyga, I prefer md and just github, it is fully navigational as is21:44
zygasergiusens: well, whatever works21:44
sergiusensmhall119, how so? I'll leave that to kyrofa but you must log a bug ;-)21:44
sergiusenszyga, https://github.com/ubuntu-core/snapcraft/blob/master/docs/get-started.md21:45
mhall119sergiusens: kyrofa: git clone --depth 1 --recursive --branch Subsurface-branch git://git.subsurface-divelog.org/marble /home/mhall/projects/Ubuntu/snaps/snappy-playpen/subsurface/parts/marble/src21:45
mhall119try running that21:45
zygasergiusens: perhaps you could use github pages21:45
zygasergiusens: that's give you snapcraft.github.com, right?21:45
zygasergiusens: (sorry, that'd be ubuntu-core.github.io)21:46
qenghoYou can cname too, so could be snapcraft.ubuntu.com21:46
zygasergiusens: e.g. http://zyga.github.io/git-lp/21:46
sergiusensmhall119, I see it; I wonder why it doesn't work though22:11

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!