/srv/irclogs.ubuntu.com/2017/11/13/#cloud-init.txt

redcavalierblackboxsw, good evening. I was wondering if you guys had managed to look into that bug I submitted last month.02:55
cetexsmoser: Not sure if i said thanks for everything earlier: Thanks :)09:41
=== shardy is now known as shardy_lunch
rharperblackboxsw: urg, the c-i meeting is on top of our standup15:59
blackboxswurg16:01
smosero/16:01
blackboxsw\o16:01
blackboxswit16:01
rharpero/16:01
blackboxswit's that time again16:01
blackboxsw#startmeeting Cloud-init bi-weekly  status16:03
meetingologyMeeting started Mon Nov 13 16:03:13 2017 UTC.  The chair is blackboxsw. Information about MeetBot at http://wiki.ubuntu.com/meetingology.16:03
meetingologyAvailable commands: action commands idea info link nick16:03
powersjo/16:03
blackboxswtime change got to us16:03
blackboxsw#meetingtopic Recent Changes16:04
blackboxswhey folks. thanks for joining just pulling together the content for the last couple weeks of work for the cloud-init project16:05
smoserhttp://paste.ubuntu.com/25954862/16:06
smoser$ git log a90a8b1cb3104ee3250ac79d6e25a9ff4f527baa.. | log2dch | sed 's,^    ,,' | pastebinit16:06
blackboxswmost of the ubuntu-side of the house was involved in handling the SRU of 17.1 into ubuntu and handling any discovered regressions16:06
blackboxswPublished cloud-init packages to Bionic Beaver release16:06
blackboxswUpdate Gentoo Linux support to "rc-service" scripts as "service" is deprecated, thanks to ckonstanski!16:06
blackboxswDetected and fixed a pre-release regression of resizefs when root path is specified by UUID on the kernel cmdline (LP: #1725067)16:06
ubot5Launchpad bug 1725067 in cloud-init (Ubuntu Zesty) "cloud-init resizefs fails when booting with root=PARTUUID=" [Medium,Fix committed] https://launchpad.net/bugs/172506716:06
blackboxsw#link http://paste.ubuntu.com/25954862/16:06
blackboxsw#info SRU queued for release today16:07
blackboxswHere's the cloud-init content we published for the last two weeks:16:07
blackboxsw#link https://github.com/canonical-server/dev-summary/blob/master/doc/2017-10-31.md16:07
blackboxsw#link https://github.com/canonical-server/dev-summary/blob/master/doc/2017-11-07.md16:07
blackboxswlast week we handled an EC2 behavior regression for xenial, whereby we didn't want to change cloud-init to configure all nics based on ec2 metadata, we will only configure the primary nice16:09
blackboxswlast week we handled an EC2 behavior regression for xenial, whereby we didn't want to change cloud-init to configure all nics based on ec2 metadata, we will only configure the primary NIC16:09
blackboxswwith those SRU regresssions fixed and published to master, we expect cloud-init 17.1 updated in Xenial,Zesty and Artful today16:09
blackboxsw#meetingtopic In-progress development16:10
blackboxswsmoser: rharper anything here?16:10
smoser#link http://bit.ly/ci-reviews16:10
smoserrobjo has done a couple fixes for SuSE and i've pulled a few of them.16:11
smoserhe has one up i saw yestderday for ntpSuSE16:11
smoserothers ther.e we've been delinquent due to some distractions recently.16:11
rharperblackboxsw: nothing new for me at the moment16:11
smoserand chad had one up for clean and status16:12
blackboxswbtw thx robjo ckonstanski and Dave Mulford for the fixes over the last iteration. We also expect that a couple VMware branches for the OVF datasource will last this week or next16:12
smoserwhich is nice.16:12
robjomoving the meeting an hour foward while we are on Standard time or is this a one time occurance, did I miss an announcement?16:13
blackboxsw#meetingtopic Office Hours (next 30 minutes)16:13
robjolp#1731619, chrony support, should that also be driven through ntp config or should there be a new config option?16:14
blackboxswso we'll hang out with eyes on this channel for any burning questions/bugs/questions16:14
smoserrobjo: well, the meeting is listed in UTC time16:14
smoserthat pays no attention to US legislation to change clocks at random points in the year :)16:14
robjooK, my fault when I added it to my calendar, eay enough to fix ;)16:15
smoserbut the humans here were also affected :)16:15
blackboxswheh, anyone opposed to shifting this meeting time +30 from now during the next few months?16:15
blackboxswas the meeting now collides w/ another meeting for us16:15
blackboxsw:/16:15
blackboxswofficially 16:30 UTC?16:16
robjoWell, I'd prefer to either follow the "randomness" clock manipulation or not follow it16:17
robjomeaning don't change the meeting time because there exists a conflict when standard time switches to daylight savings or vice versa, becaus if you do that you might as well follow the silliness of the government to begin with16:19
blackboxswfair point. ok let's keep the new time as is.16:19
blackboxswwe've discussed side-channel, we can shift our meetings out of the way of this16:20
blackboxswso robjo +116:20
blackboxsw16:00 UTC16:20
blackboxswalso related to CI side, powersj and rharper spent quite a bit of time w/ our continuous integration infrastructure fixing/addressing memory & storage pressure issues to make sure we avoid intermittent false test failures due to timeouts or system resource contention16:24
blackboxsw#link https://jenkins.ubuntu.com/server/view/cloud-init/16:24
viais there a way to use metadata in the cloud-init file? specifically, if i want to use the aws-provided instance id in an attribute16:28
robjoOK, back to my question about chrony:  lp#1731619, chrony support, should that also be driven through ntp config or should there be a new config option?16:28
vialike configuring the chef node name to have my instance id in it16:28
blackboxsw#link https://bugs.launchpad.net/cloud-init/+bug/173161916:32
ubot5Launchpad bug 1731619 in cloud-init "Support chrony as a client for ntp" [Undecided,New]16:32
blackboxswit's a good bug, we've had a couple of discussions about ntpd versus timesyncd for different system environments16:33
blackboxswcurrent implementation of cc_ntp module is to return False ('ntp' not installable) on certain known environments where we know we want systemd timesyncd to run instead by default16:34
smoservia: i think what your asking is (i htink) covered in https://trello.com/c/AYaCdQyT16:34
viawell, i'm trying to do it in a yaml cloud-config file16:35
smoserright. as it is right now, via you cann't reference anything from the metadata.16:35
viadoes that mean i need to use #jinja and if so how does that play with #cloud-config ?16:35
viaoh16:35
viabummer16:35
viashould i just switch to a shell script?16:36
smoserbut we'd hope to implement that.16:36
smoservia: thats really the only way right now. and then in the shell scripty you'd have to query the metadata service yourself.16:36
viaokay, damn16:36
viathanks16:36
blackboxswrobjo: we think that's a good approach/feature suggestion. We could add chrony template files etc like the ntp templates, and we might be able to have the distro report what time sync daemon it wants to run16:36
smoserbasically... we realize what you're asking is quite helpful and reasonable but dont have a way to do it right now16:36
smoserbut we do plan on implementing it.16:36
viano worries, i'm stuck on an ancient version anyway16:37
robjoblackboxsw: That was my thinking, move the "service_name" setting to the distro as "time_service_name" and then drive cc_ntp based on that16:38
robjosince with a third option the black/white decision being made today will no longer work16:39
blackboxsw+1 robjo yeah. rharper was chatting about this potential approach as well16:39
robjolook there is also grey ;)16:39
blackboxswheh yeah16:39
robjoNext question.... network config.16:40
blackboxswyeah might have to 'grow' an override option in cc_ntp module eventually16:40
blackboxswas those grey use-cases come up (per bugs/requests ;) )16:41
robjoA long timi ago the RHEL implementation was re-written to use sysconfig renderer, but RHEL sysconfig and SLE sysconfig are different, why wouldn't they be16:41
robjothat also implies that the openSUSE/SLES implementation for network config rendering still uses the "old" implementation and thus produces a warning in the log file16:42
* blackboxsw is looking for the warning generated16:43
robjothis would imply some refactoring is in order if we want to move openSUSE/SLES to using the newer API to render the network config16:43
robjoblackboxsw: "apply_network_config is not currently implemented "16:44
robjo                    "for distribution '%s'.  Attempting to use apply_network"16:44
blackboxswahh. right-o16:45
robjothe question from my point would be is, when I want to implement the SUSE bits am I also on the hook for the refactoring part or can I get some help with that? which of course will make my life easier ;)16:45
robjoAnd yes, I realize a bug will need to be filed, but I haven't figured out how to formulate this nicely16:47
blackboxswrobjo: I think we should be able to help out a bit with that refactor to make sure it's cleaner and easier to maintain.16:47
robjoOK :)16:47
blackboxswthere are a couplengeneric distro fixes which need to get designed (just like in the datasources) to make the common distro classes a bit easier to maintain as well as making classes a bit more modular and more easily tested.16:50
blackboxswwe still haven't landed some of the common datasource changes we had talked about during the Summit because we've been avoiding risk during the 17.1 release. But, similar/minor architecture changes should start taking shape here for datasources and distros now that we see a light at the end of the tunnel on the release.16:51
blackboxswwe'll keep our eyes open for discussions/suggestions from folks16:52
robjoSpeaking of data sources, for the SUSE Container As A Service Platform, we implemented a data source to read from local disk, is that something that would be of interest upstream? Yes, this might seem silly but in our use case it makes perfect sense ;)16:54
blackboxswrobjo: I'm curious how different that datasource would be from nocloud datasource16:56
blackboxswhttp://cloudinit.readthedocs.io/en/latest/topics/datasources/nocloud.html?highlight=nocloud16:56
blackboxsw#link http://cloudinit.readthedocs.io/en/latest/topics/datasources/nocloud.html?highlight=nocloud16:56
blackboxswwhich allows for providing local data instead of dealing with metadata16:56
blackboxswwell network metadata16:56
robjoI wasn't really involved, just accepted the patch to the package and have not done a comparison to nocloud, but I'll take a look16:57
blackboxswgood deal.... think we are at the top of the hour... so I'll probably end meeting now17:00
blackboxswthanks via robjo rharper powersj & smoser. next meeting 2 weeks same early time17:01
blackboxsw#endmeeting17:01
meetingologyMeeting ended Mon Nov 13 17:01:43 2017 UTC.17:01
meetingologyMinutes:        http://ubottu.com/meetingology/logs/cloud-init/2017/cloud-init.2017-11-13-16.03.moin.txt17:01
powersjthanks blackboxsw for running17:01
=== blackboxsw changed the topic of #cloud-init to: is Reviews: http://bit.ly/ci-reviews | Meeting minutes: https://goo.gl/mrHdaj | Next status meeting: Monday 11/13 16:00 UTC | cloud-init 17.1 released
blackboxswnp17:02
viasmoser: will $(cloud-init query instance-id) work in said shell? it doesn't seem to evaluate17:04
smoservia: no. cloud-init query doesn't really exist.17:05
smoser:-(17:05
smoserthe goal is to have a good solution for you17:05
smoserbut there is not one at the time :-(17:05
viaso wait, there is actually no way to use cloud-init at all to get my instance id?17:05
viai have to query the aws 169 address with curl or whatever?17:06
ajorgvia: if you don't mind hackiness you could resolve the /var/lib/cloud/instance symlink17:08
viaok17:08
ajorginstance_id=$(basename $(readlink -f /var/lib/cloud/instance))17:08
ajorg(assuming 0.7+)17:09
ajorgyou mentioned you might be using something much older17:09
vialooks like ec2metadata is installed by default17:09
blackboxswvia theres something in progress that will help    https://code.launchpad.net/~chad.smith/cloud-init/+git/cloud-init/+merge/33011517:10
blackboxswI'm hoping we can land this soon. it'll put a /run/cloud-init/instance-data.json blob thatt will report that for you17:10
viawell, tbf, if ec2metadata is installed, i dunno why i'd use anything but it17:11
viai didn't realizeit was17:11
blackboxswand we'd support it as a public interface that folks can consume17:11
blackboxswthat branch referenced is the precursor to cloud-init query subcommand17:13
blackboxswprecursor/prerequisite17:13
* ajorg changes his calendar entry for the meeting to UTC...17:21
blackboxswthanks ajorg. then it can surprise us again in spring17:23
ajorghaha17:23
ajorgsmoser: https://code.launchpad.net/~ajorgens/cloud-init/+git/cloud-init/+merge/331660 < this is okay to merge? or did you have other concerns?17:25
smoserajorg: i'll look now.17:27
ajorgthanks17:27
ajorgI blame Ben Franklin for the meetings I've missed.17:27
blackboxswyou should stop hanging out with that guy ajorg, he's a bad influence17:28
ajorgtotally. the guy likes to fly kites in the rain17:28
blackboxsw... ok I'm back, wrapping up review comments on the cloud-init clean/status branch17:28
blackboxswthx smoser for the review, yeah I had pulled out cloud-init status disabled as I had wanted to chat w/ you about all the ways it could be 'disabled'17:29
blackboxswrharper: smoser if ds-identify 'disables' cloud-init, we just expect /etc/cloud/cloud.cfg.d/90_dpkg.cfg to have an empty datasource list?17:30
blackboxswrharper: per your inotify comment, I tried not depending on python inotify libs as they aren't currently pulled in by cloud-init as a dependency. Shall we add that as a pkg dependency?17:33
rharperno, /run/cloud-init/cloud.cfg will be empty17:34
blackboxswahh ok rharper thx17:34
rharpercloud-init reads the cloud.cfg that ds-identify writes17:34
smoserblackboxsw: no. ds-identify exits wihtout putting the target in systemd's goals17:35
rharperblackboxsw: bummer on not having inotify tools;17:37
blackboxswyeah even the base-pkg inotify-tools !present yet.17:41
rharperI saw a python syscall binding "inotify-basic" package17:48
rharperbut it would be nice to just have that built-in17:48
smoserrharper: blackboxsw fyi there are cloud-images for bionic now18:12
smoserrharper: do you know why we get an ipv6 address in lxc on artful ?18:26
smoserthat seems wrong18:26
rharperyour lxd config enabled ipv6 dhcp18:40
rharper--dhcp-range fd42:3cd1:a543:bb7::2,fd42:3cd1:a543:bb7:ffff:ffff:ffff:ffff,1h18:41
rharpersmoser: ^^18:41
smoserhttps://bugs.launchpad.net/ubuntu/+source/systemd/+bug/173200218:47
ubot5Launchpad bug 1732002 in systemd (Ubuntu) "cloud images in lxc get ipv6 address" [Undecided,New]18:47
smoserrharper: its a bug. they should not. they did not request it.18:47
rharperdoesnt ipv6 ra get you that ?18:47
smoserxenial doesnt get it18:48
rharperdoesn't run networkd18:48
rharpernetworkd does ipv6 ra by default18:48
smoserthat is a bug18:48
rharperhttps://bugs.launchpad.net/ubuntu/+source/nplan/+bug/171740418:48
ubot5Launchpad bug 1717404 in nplan (Ubuntu Zesty) "IPv6 support regresses with nplan transition" [Undecided,Fix committed]18:48
rharperhttps://bugs.launchpad.net/maas/+bug/165544018:49
rharperall seem related18:49
ubot5Error: Could not gather data from Launchpad for bug #1655440 (https://launchpad.net/bugs/1655440). The error has been logged18:49
smoserrharper: so 1655440 may imply that cloud-init needs to write 'accept-ra: no'18:50
smoser?18:50
rharperI think 1) they do request it, the kernel has ipv6 enabled, which means it does RA  2) dnsmasq for lxd, can be configured to disable ipv6; your host does not have it disabled ;  if there is a bug it's related to dhclient6 not running by default in xenial18:51
smoserno.18:51
rharperit's hard to say where it should be written18:51
smoserlxd and cloud-init config specifically say (via omission) not to have ipv618:51
rharperthat's unclear18:52
smoserso behavior that just enablels an ipv6 is wrong.18:52
rharperlook at the lxd bug that stgraber filed18:52
rharperif you don't want ipv6, you have to pass kernel config18:52
rharperit's certainly a change in behavior from xenial; I think that needs some discussion w.r.t what that means for artful/bionic18:52
smoserstgraber's comment does not hmake sense.18:54
smoser"ever since the switch to nplan by default in Ubuntu, we're not getting an IPv6 address anymore when a RA reaches the container.18:54
smoser"18:54
smoseras if we *were* getting ipv6 address by default previously18:54
smoserbut we are not18:54
rharperIPv6AcceptRA=no18:55
rharpernplan was disabling IPV6RA by default18:55
rharperit's no longer doing that18:55
rharperand you have ipv6 enabled on dnsmasq18:55
rharperso you're now getting ipv6 addrs in your containers18:55
rharperhttps://bugs.launchpad.net/ubuntu/+source/nplan/+bug/1717404/comments/3 ;  m-h-d suggests a 3 way switch in the config; but someone is going to be unhappy;  this needs discussion AFAICT18:56
ubot5Launchpad bug 1717404 in nplan (Ubuntu Zesty) "IPv6 support regresses with nplan transition" [Undecided,Fix committed]18:56
smoserrharper: im' missing something19:02
smoserbut i just made cloud-init render19:02
rharperI suspect that we likely didn't have a dnsmasq that was ipv6 enabled, which means there were not IPV6 RAs going to our containers;19:03
smoserhttp://paste.ubuntu.com/25955872/19:03
smoserand rebooted19:03
smoserand i still have the ipv619:03
rharperlook at /etc/default/lxd-bridge.upgraded which shows we've got ipv6 enabled19:03
smoserrharper: no. i had in the past explicilty enabled dnsmasq for ipv619:03
smoser(and i think lxc did that by default)19:03
rharperit does by default19:03
smoseri dnot follow.19:04
rharperwhat does your /run/systemd/network-* files look like ?19:04
rharpernetplan *used* to disable ipv619:04
rharperso even if you had ipv6 for lxd enabled, it never worked19:04
rharperifyou used netplan19:04
rharperthey filed a bug to get netplan to not disable RA by default19:04
smoserthat is bad.19:04
smoserits worse to open people to attack that were not expecting it19:05
rharperit's complicated depending on who wants what "default" behavior19:05
rharperyou mean having your kernel enable ipv6 by default ?19:05
cyphermoxyou have an accept-ra option in netplan if you really want avoid getting RAs.19:07
smoserok. so maybe that is "complicated" and i somehat agree with m-h-d =.19:07
smoserbut in my newly updated cloud-init i just rendered19:07
rharperplease check the run dir to see what got generated19:08
smoserhttp://paste.ubuntu.com/25955901/19:08
rharperno19:09
cyphermoxaccept-ra is per-interface.19:09
smoserhttp://paste.ubuntu.com/25955908/19:09
rharperin any case, cat /run/systemd/network/10-netplan*19:09
smoserok. let me try19:09
rharpercyphermox: should it fail to parse on that  ?19:09
rharperconfigs present under tree that doesnt' parse them ?19:10
cyphermoxrharper: I fail to parse your question19:10
rharperyou said he put it in the wrong spot19:10
rharpershould be under eth0:19:10
rharperand I'm saying should that fail to parse with the value in the wrong spot19:10
cyphermoxyep19:10
cyphermoxif it didn't fail, that's a bug19:11
rharperyes19:11
rharperagreed19:11
smoserit did not complain.19:11
smoserso you can consider that a bug.19:11
cyphermoxbut I'm a little surprised, netplan usually is failing to parse pretty aggressively19:11
rharperindeed19:11
smoserand putting it in the right place does get the behavior i expected.19:11
smoserso my feeling is that cloud-init should render 'accept-ra': no unless there is a dhcp6 stanza19:12
smoserbut this still imo seems broken19:12
rharpers/cloud-init/netplan; and that's one of the discussion points;  I'm not sure we've reached consensus w.r.t the "right default";19:13
rharperso in your lxd case were it has a dhcp6 enabled subnet; then should lxd emit DHCP6 config in addition to the v4 dhcp ?19:13
smoserlxd should, yes.19:13
rharperI suspect stragber has an opinion to that19:14
rharperwhich is counter to what you're suggesting; hence the bug19:14
cyphermoxrharper: smoser: if I put your config on my system and run 'netplan generate', it does fail to parse19:14
smosernetwork config should be deterministic19:15
rharperwhat version of netplan is in your image ?19:15
rharpersmoser: ^19:15
cyphermoxsmoser: except you may really want to no do DHCP for an IPv6 network and do SLAAC, which needs the RAs.19:15
smosernot "well, you'll get config if someon (nefarious or not) was sending packets on your network)19:15
rharpersmoser: you're arguing with the wrong person; I suggest a comment in the lxd/nplan bug if you want to strike up a discussion19:15
smosernetplan is bionic image today19:15
cyphermoxsmoser: ergo, disabling RAs in MAAS might be what you want, since MAAS does DHCPv6 and is supposed to manage all, but it's very not the right default elsewhere.19:16
smoseran oracle (lxd or maas) should declare.19:17
rharperI think 0.30 doesn't have the accept-ra parsing19:18
cyphermoxrharper: it does, it's added in 0.2819:19
rharperhuh19:19
rharperI see an error when I run generate as well; smoser do you have the cloud-init.log ?19:20
smoserrharper: bionic does work if we make cloud-init interpret no 'dhcp6' as 'accept-ra: no'19:20
smoserwhich i think we should19:20
smoseroh. yes. we do get a 'generate' error19:20
rharperwonder how network came up ?19:21
rharperor did it ?19:21
rharperthe /run/systemd/network/ file shouldn't have been written19:21
smoserno it didnt19:21
rharperwhich means no networking19:21
smoseryeah.19:21
rharperoh, ok19:21
smoserfail.19:21
smoser just looked at the ipv619:21
smoserand saw nothing19:21
smoserso that seemeed right19:21
rharperhehe19:21
rharperok19:21
smoserhttp://paste.ubuntu.com/25955976/19:26
smosercyphermox: ^ that is what you were saying should work right ?19:26
cyphermoxno19:27
smoserhows this for confusing19:27
smoser$ python3 -c 'import yaml; print(yaml.load("false") is yaml.load("no"))'19:27
cyphermoxaccept-ra is per-interface, it should be under eth019:27
smoserTrue19:27
cyphermoxhow is that confusing?19:27
cyphermoxyou're asking python if a boolean is X for a language with a pretty loose grammar, not unlike javascript19:28
smoserjavascript has a much more strict gramar.19:29
smoserits confusing that 'no' is interperted as a boolean.19:30
smoserthe lack of quoting requirements in yaml makes it wierd19:30
rharperthe netplan parser does some additional string -> boolean conversion IIRC19:49
rharpertrue == on == yes == y;  false == off == no == n ; for fields which are designated boolean : accept-ra uses the handle_netdef_bool which does the conversion19:51
=== natorious_ is now known as natorious
=== boxrick_ is now known as boxrick
blackboxswrharper: smoser addressed most comments on https://code.launchpad.net/~chad.smith/cloud-init/+git/cloud-init/+merge/333513. I22:46
rharperblackboxsw: cool22:48
blackboxswam not quite sure what we should do about standardizing config paths etc. Right now, it feels a bit painful the way content is organized in /etc/cloud/cloud.cfg.d/05_logging.cfg and cloudinit.helpers.Paths and various cmd files. I think we may need to look over a way to centralize more of these config defitinitions in an official config file that can be sourced by other modules22:48
blackboxsws/defitinitions/definitions22:49
dpb1blackboxsw: is that to help with schema?22:50
blackboxswdpb1: nope just to help with cloudinit modules knowing where the proper log_file_path or run_dir is etc.22:50
dpb1k22:50
blackboxswthere's a bit of  hardcoding of strings and some duplication that I've introduced that'd be nice to bring together in one place22:51
blackboxswhardcoding paths22:51
dpb1I was just looking over your branch, makes sense now22:51
rharperwell, there is the confg paths; which consumes the system config into an object22:52
rharperso I suspect we'll need to use the stage wrappers to ask for path to various keys22:52
rharperwhich allows the system config to override22:52
blackboxswyeah, it feels like the Init() -> Init.read_cfg() -> cfg object is almost the right place. it just doesn't feel 'accessible' or parameterized quite enough22:53
blackboxswit feels like it's still a beast of an object to tear apart into the component you want to look at (as it still contains unparsed  yaml strings as the attributes)22:54
blackboxswor maybe I've just dug into the wrong hole on it22:54
rharperoh, that's completely fair22:57
rharperblackboxsw: I think you want the init object paths properties22:58
rharperwhich gives you the cloudinit/helpers.py:Paths() object22:59
rharperthat has alot of the methods that combine the system config with "standard" paths (like instance_link,  run_dir, etc)22:59
blackboxswyeah, though it doesn't seem to surface log paths.23:25
blackboxswmaybe we need to extend Paths to be our source of truth... no quite sure23:25
rharperthat sounds reasonable (extending paths)23:26

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!