#pulp-meeting log

14:32:19 <fao89> #startmeeting Pulp Triage 2020-07-14
14:32:19 <fao89> !start
14:32:19 <fao89> #info fao89 has joined triage
14:32:19 <pulpbot> Meeting started Tue Jul 14 14:32:19 2020 UTC.  The chair is fao89. Information about MeetBot at http://wiki.debian.org/MeetBot.
14:32:19 <pulpbot> Useful Commands: #action #agreed #help #info #idea #link #topic.
14:32:20 <pulpbot> The meeting name has been set to 'pulp_triage_2020-07-14'
14:32:20 <pulpbot> fao89: fao89 has joined triage
14:32:36 <ppicka> #info ppicka has joined triage
14:32:36 <ppicka> !here
14:32:36 <pulpbot> ppicka: ppicka has joined triage
14:32:47 <ggainey> #info ggainey has joined triage
14:32:47 <ggainey> !here
14:32:47 <pulpbot> ggainey: ggainey has joined triage
14:33:01 <dkliban> #info dkliban has joined triage
14:33:01 <dkliban> !here
14:33:01 <pulpbot> dkliban: dkliban has joined triage
14:33:05 <fao89> !next
14:33:06 <fao89> #topic https://pulp.plan.io/issues/7127
14:33:06 <pulpbot> fao89: 2 issues left to triage: 7127, 7110
14:33:07 <pulpbot> RM 7127 - newswangerd - NEW - Add object labels
14:33:08 <pulpbot> https://pulp.plan.io/issues/7127
14:33:18 <dkliban> #idea Proposed for #7127: convert to story
14:33:18 <dkliban> !propose other convert to story
14:33:18 <pulpbot> dkliban: Proposed for #7127: convert to story
14:33:24 <daviddavis> #info daviddavis has joined triage
14:33:24 <daviddavis> !here
14:33:24 <pulpbot> daviddavis: daviddavis has joined triage
14:33:27 <ttereshc> #info ttereshc has joined triage
14:33:27 <ttereshc> !here
14:33:27 <pulpbot> ttereshc: ttereshc has joined triage
14:33:35 <daviddavis> +1 to story
14:33:41 <fao89> #agreed convert to story
14:33:41 <fao89> !accept
14:33:41 <pulpbot> fao89: Current proposal accepted: convert to story
14:33:42 <fao89> #topic https://pulp.plan.io/issues/7110
14:33:42 <pulpbot> fao89: 1 issues left to triage: 7110
14:33:43 <pulpbot> RM 7110 - wibbit - NEW - pulpcore-client - Artifact upload fails when using python27
14:33:44 <pulpbot> https://pulp.plan.io/issues/7110
14:33:54 <dkliban> i was supposed to comment on this one and close it
14:33:57 <dkliban> i'll do that now
14:34:02 <daviddavis> +1
14:34:08 <dkliban> #idea Proposed for #7110: dkliban to comment and close as WONT FIX
14:34:08 <dkliban> !propose other dkliban to comment and close as WONT FIX
14:34:08 <pulpbot> dkliban: Proposed for #7110: dkliban to comment and close as WONT FIX
14:34:13 <fao89> #agreed dkliban to comment and close as WONT FIX
14:34:13 <fao89> !accept
14:34:13 <pulpbot> fao89: Current proposal accepted: dkliban to comment and close as WONT FIX
14:34:14 <ttereshc> thanks
14:34:15 <pulpbot> fao89: No issues to triage.
14:34:18 <ppicka> so we're not supporting py27 for bindings?
14:34:22 <fao89> Open floor!
14:34:24 <dkliban> that's right
14:34:34 <bmbouter> #info bmbouter has joined triage
14:34:34 <bmbouter> !here
14:34:34 <pulpbot> bmbouter: bmbouter has joined triage
14:34:36 <ppicka> +1
14:34:41 <fao89> https://hackmd.io/SVCMjpwXTfOMqF2OeyyLRw
14:34:59 <fao89> topic: zero down time upgrades - https://pulp.plan.io/issues/7120
14:35:12 <bmbouter> we talked about this last time, I wrote the issue up like we discussed
14:35:15 <bmbouter> so here's it is
14:35:45 <x9c4> #info x9c4 has joined triage
14:35:45 <x9c4> !here
14:35:45 <pulpbot> x9c4: x9c4 has joined triage
14:36:28 <ttereshc> bmbouter, is stopping some services acceptable?
14:37:38 <x9c4> ttereshc, you mean stop the workers for the upgrade?
14:38:01 <dkliban> ttereshc: the goal is to not stop any services until it's time to reload the code for them
14:38:11 <dkliban> so this could occur one server at a time
14:38:39 <dkliban> and the goal is to have old code be compatible with the latest db
14:38:48 <ttereshc> yeah, I understand
14:38:49 <dkliban> old code = previous release
14:39:14 <bmbouter> ttereshc: we want to stop no services except to restart them one by one in a clustered install
14:39:53 <ttereshc> what about existing migraitons? which are not split into additive and destructive changes
14:40:14 <ttereshc> we will support zero time migrations after certain release?
14:40:22 <bmbouter> yes after a certain release
14:40:39 <x9c4> how far does "old code" reach?
14:40:41 <bmbouter> whenever the CI is in place to check for them and the docs state the policy requirement
14:41:05 <bmbouter> old code? like existing migrations
14:41:07 <bmbouter> ?
14:41:30 <dkliban> no
14:41:34 <x9c4> no can you upgrade from x.y.* to x.(y+1).0 ?
14:42:05 <dkliban> the no downtime migration can only apply to x.y.z to z.y.z+1
14:42:19 <dkliban> actually ...
14:42:21 <bmbouter> I thought it could go all the way
14:42:24 <dkliban> x.y to x.y+1
14:42:43 <bmbouter> oh yeah that's right
14:42:46 <bmbouter> dkliban: you right
14:43:17 <dkliban> so users will have to go through each y version to safely upgrade with no downtime
14:43:22 <bmbouter> the migraitons would apply properly in all cases, it's just that the running application servers would break unexpectedly
14:43:32 <dkliban> yep
14:43:43 <x9c4> So we must prevent this.
14:43:54 <bmbouter> do we?
14:44:14 <bmbouter> x9c4: would that be an installer feature?
14:44:56 <ttereshc> bmbouter, is it suggested to use this project https://pypi.org/project/django-pg-zero-downtime-migrations/  or is it only for understanding how things can be done?
14:44:59 <x9c4> like  preflight check? I thought maybe the migration itself rejects to apply if there is a resource using the db that is too old.
14:45:18 <bmbouter> ttereshc: it's debatable if we should actually use it...
14:45:35 <bmbouter> ttereshc: it primarily provides row-lock features at upgrade time, I'm not sure pulp actually needs those
14:45:57 <bmbouter> x9c4: I don't think pulp migrations can be that smart
14:46:09 <bmbouter> but the pre-flight maybe could be
14:46:21 <ttereshc> yeah, the first look at it doesn't look promising, it's also not maintaned much and in beta status. I'm just trying to understand what is proposed, to read more later about it
14:46:33 <bmbouter> I'm not proposing to use that project
14:46:36 <x9c4> I think, we could hook into to pulpcore migrate script and do some sanity checks.
14:46:51 <bmbouter> I am propsing our CI use the regex scripts in that article though
14:47:07 <dkliban> i am all for CI checks in this area
14:47:17 <bmbouter> which look for single-operation migrations that are zero-downtime-unsafe
14:48:01 <x9c4> Another thought. If we did the remove part of the migration only on x.y.1, we could allow upgrades from any z-stream to the next y-Release.
14:48:08 <bmbouter> x9c4: these checks in practice I think will be difficult... the db is one thing, application versions on a cluster are plurality
14:48:19 <bmbouter> x9c4: agreed!
14:49:28 <x9c4> And more importantly, you would not need to go through all z's for a bugfix.
14:49:34 <bmbouter> yeah I think that's a must
14:50:00 <dkliban> yep
14:50:15 <x9c4> you can than safely specify the version as ~=x.y.0
14:51:46 <x9c4> about checking the running application parts. We have some info about running components in the status api.
14:51:58 <dkliban> yep
14:52:13 <dkliban> the installer could definitely use that
14:52:32 <x9c4> And what is currently not running will then refuse to start if the migration level is not met.
14:53:25 <bmbouter> x9c4: that sounds do-able actually but it doesn't prevent the concerning case from earlier with an already running app
14:53:32 <x9c4> As in "If it's not currently running, it's not a subject to zero downtime anyway."
14:54:25 <bmbouter> agreeeeed
14:54:27 <x9c4> if the already running app is reflected in the status api, it prevents to migration from running.
14:54:46 <dkliban> x9c4: in what cases would we not do the upgrade?
14:54:48 <bmbouter> the issue is the status API only shows you what's on "that specific server" not the entire cluster
14:54:50 <x9c4> Until it is upgraded and restarted
14:55:08 <x9c4> I see.
14:55:14 <dkliban> bmbouter: we need to fix that
14:55:16 <bmbouter> architecturally we just don't have the info
14:55:37 <bmbouter> I agree but the "http workers" are not represented in their but they probably should be....
14:55:42 <bmbouter> report on the installed profiles
14:56:05 <bmbouter> so here's my take, there is a *lot* we are discussing here, what can we do to get to simple zero-downtime upgrades for the common case?
14:56:09 <bmbouter> like the installer precheck
14:56:49 <dkliban> we need to add checks to the CI, we need to write up docs,
14:57:06 <dkliban> we need to add the installer check
14:57:22 <dkliban> those are the 3 things we need at a minimum
14:58:37 <x9c4> I would call the installer check an additional safety net. When we state in the docs, that you need to have certain version installed on all nodes in the cluster.
14:59:04 <daviddavis> hey, we've spent 25 min discussing this topic and it seems like only a handful of people are involved
14:59:13 <fao89> one step before the migrations is deciding whether upgrade pulpcore, as each plugin has different release dates
15:00:37 <dkliban> daviddavis: what do you suggest as the next step?
15:01:11 <fao89> this topic is somewhat related with upgrade tests
15:01:28 <dkliban> i agree
15:01:44 <bmbouter> daviddavis: I'm ok w/ not everyone being involved as long as everyone is willing to accept the change
15:02:00 <bmbouter> that last part is what I'm here to learn about actually
15:02:20 <ttereshc> is the goal to accept/decide now?
15:02:33 * ttereshc would like to read about it
15:02:38 <fao89> so I think we need to discuss it when Ina is back
15:02:47 <bmbouter> yup socializing the idea slowly is the approach not to decide now
15:03:04 <ttereshc> sweet
15:03:06 <fao89> not sure if open floor, mailing list or specific meeting
15:03:29 <bmbouter> we can advertise on the mailing list if you like and then followup at open floor on friday after ina returns?
15:03:53 <daviddavis> ina is not back until next week
15:04:08 <bmbouter> yup I would even put on friday of next week to give her more time to catch up
15:04:30 <bmbouter> this doesn't need to happen fast it just needs a decision in the next few weeks to unblock the operator's roadmap
15:04:37 <fao89> sounds good to me
15:04:45 <ttereshc> +1 to advertise on a mailing list to give more people heads up on reading and prepping for a discussion
15:04:53 <ggainey> +1
15:05:13 <bmbouter> I can take the AI to send to the list and revise the issue a bit from this convo
15:05:22 <dkliban> bmbouter: that would be great
15:05:27 <x9c4> +1
15:06:03 <bmbouter> will do
15:06:05 <ttereshc> thanks
15:06:07 <bmbouter> next topic?
15:06:18 <dkliban> yes
15:06:22 <fao89> topic: do we use SessionAuthentication? https://github.com/pulp/pulpcore/blob/master/pulpcore/app/settings.py#L132
15:06:34 <fao89> it is the last barrier for openapi v3
15:06:41 <bmbouter> I think we do :/
15:06:58 <dkliban> there is a bug in the ruby client realted to cookie auth
15:07:04 <dkliban> however, it can be resolved.
15:07:12 <daviddavis> how is it used?
15:07:13 <dkliban> bmbouter: where do we provide a URL to starta  sessions?
15:07:16 <bmbouter> galaxy_ng I believe uses it, also I believe django-admin would break if we removed it django-admin logs in once and then doesn't
15:07:20 <bmbouter> django-admin login views
15:07:25 <bmbouter> galaxy_ng login views
15:07:25 <dkliban> ah cool
15:07:30 <dkliban> that makes sense
15:07:37 <daviddavis> ah
15:07:37 * bmbouter eats a cookie
15:07:45 <dkliban> we are going to get a fix this in the openapi-generator
15:07:57 <x9c4> can we hide it from the schema-generator?
15:08:06 <fao89> the problem now is: openapi generator has a bug for generating cookieauth at ruby bindings
15:08:07 <dkliban> x9c4: not without a hack
15:08:27 <daviddavis> no one uses ruby
15:08:34 <daviddavis> jk
15:08:43 <x9c4> ruby tuesday?
15:08:46 <daviddavis> can we fix the bug?
15:08:55 <dkliban> fao89: we should open up a PR against openapi-generator adn in the in the meantime we should use a custom template in pulp-opneapi-geneator
15:09:01 <dkliban> daviddavis: yes
15:09:07 <fao89> the bug: https://paste.centos.org/view/5fdddab4
15:09:27 <fao89> line 14, openapi generator does not fill it
15:09:28 <dkliban> it's a bug in the template for the ruby configuration object
15:09:34 <daviddavis> ah
15:09:57 <daviddavis> +1 to dkliban's suggestion
15:10:02 <ggainey> concur
15:10:03 <dkliban> fao89: gerrod is already working on adding a custom template for the configuration.rb and configuration.py so we will be able to fix this ourselves
15:10:35 <dkliban> the template that gerrod is adding is going to address https://pulp.plan.io/issues/5932
15:10:41 <x9c4> +1 to fixing bugs.
15:10:56 <dkliban> and in that template we will address this bug
15:11:00 <dkliban> also
15:11:09 <fao89> sounds good to me
15:11:12 <bmbouter> +1
15:11:24 <dkliban> awesome
15:11:35 <fao89> with this, I say the OpenAPI v3 PRs are ready for review
15:11:44 * ggainey cheers wildly
15:11:48 <fao89> https://github.com/pulp/pulpcore/pull/785
15:11:51 <dkliban> fao89: i'll take a look soon
15:13:03 * x9c4 dancing
15:13:11 <fao89> next topic: call for more input: API designs for RBAC
15:13:18 <bmbouter> I just emailed this out
15:13:57 <bmbouter> I am thinking It would just be more usable to have the sub-resource named 'access_policy' that would be /pulp/api/v3/remotes/file/file/access_policy/ for example
15:14:30 <bmbouter> we could *also* have a /pulp/api/v3/access_policy/ so that users could see all policies in one place as a helper for audit purposes
15:14:35 <bmbouter> this is kind of a hybrid pitch
15:14:48 <daviddavis> that second proposal seems more usable to me
15:15:13 <daviddavis> even if it's just a list
15:16:36 <bmbouter> it's usable great for read purposes
15:16:42 <bmbouter> and maybe even write purposes ...
15:16:52 <bmbouter> I think I'm stuck on the "url" field that would be in those models
15:17:00 <bmbouter> model isntances
15:17:20 <bmbouter> is there ever a time when a pulp system has it's API prefix modified?
15:17:45 <dkliban> hmm
15:17:48 <dkliban> i don't think so
15:17:49 <ttereshc> could we provide some strong validation to avoid mistakes and for users to have a list of urls to pick from? hten option 2 will be fine I think
15:18:30 <bmbouter> ttereshc: well that's the other issue I don't think we can do that
15:19:06 <bmbouter> well it could be possible if plugin writers provided all of them explicitly and pulpcore aggregated them ...
15:19:14 <bmbouter> so yes, yes we could do that :)
15:19:18 <ttereshc> :)
15:19:44 <ttereshc> why we can't get all the urls for viewsets? is it that we can get only full endpoints?
15:20:03 <ttereshc> from the router or from some kind of introspection
15:20:06 <bmbouter> maybe we can
15:20:30 <bmbouter> plugins will need to ship a default one though so they coudln't do that unless they allow_list that url in the CHOICES field
15:20:44 <bmbouter> a default access policy, and create the accespolicy instance via a data migration
15:21:11 <bmbouter> part of the issue of auto-gathering them is that not all urls may be access guarded, e.g. /pulp/api/v3/status isn't?
15:21:15 <bmbouter> but maybe it should be?
15:21:44 <bmbouter> this gives me enough to work with I think though. go with the all access_policy instances at one API, and have a solid CHOICES field
15:22:27 <dkliban> i gotta go
15:22:35 <ttereshc> bmbouter,  on the other hand, if we accept only patch and no post, users can't create wrong/bad urls
15:22:41 <ttereshc> oops put
15:22:50 <bmbouter> true! I hadn't thought about that
15:23:21 <bmbouter> alright I'm making the single-viewset option because it's easier to make, we know it's useful, and we can add more to it later
15:23:22 <ttereshc> so maybe option 2 is good as is
15:23:23 <bmbouter> sound ok?
15:23:42 <ttereshc> yes, sounds great
15:30:20 <fao89> #endmeeting
15:30:20 <fao89> !end