From dzager at redhat.com Tue May 1 16:52:11 2018 From: dzager at redhat.com (David Zager) Date: Tue, 01 May 2018 16:52:11 +0000 Subject: [Ansible-service-broker] Cluster Startup in run_latest(_k8s)_build.sh Message-ID: Greetings, This email is meant to get feedback on a fix to an issue was raised against the broker project regarding the run_latest_build.sh version check . The issue, as Jesus had predicted two weeks ago , is that our version check is not very strong. While we could correct the version check to properly handle semantic versioning, I believe we should take this as an opportunity to bring the run_latest_build script and run_latest_k8s_build script into one. You may ask "What would this look like?". Only the run_latest_build.sh would be left standing and it would: 1. Expect a cluster (Kubernetes|OpenShift) to already exist with service-catalog installed 2. Create the broker namespace 3. Create a service account for the automation-broker-apb 4. Create a automation-broker-apb clusterrolebinding "cluster-admin" tied to the automation-broker-apb service account 5. Run the automation-broker-apb as a pod 6. Delete the automation-broker-apb pod 7. Delete the automation-broker-apb service account 8. Delete the automation-broker-apb clusterrolebinding Since the automation-broker-apb will detect the cluster type and do the right thing (always, no bugs here). We can simply launch the pod and watch. Removing the cluster startup from run_latest_build.sh was brought up during the ansible-service-broker IRC meeting which would make it virtually equivalent to the run_latest_k8s_build.sh. Having a single run_latest_build script is one step in a long process of simplifying our onboarding process with the benefit of reducing ways broker installs could fail. Your feedback is appreciated. Regards, Zager -------------- next part -------------- An HTML attachment was scrubbed... URL: From shurley at redhat.com Tue May 1 17:11:27 2018 From: shurley at redhat.com (Shawn Hurley) Date: Tue, 1 May 2018 13:11:27 -0400 Subject: [Ansible-service-broker] Cluster Startup in run_latest(_k8s)_build.sh In-Reply-To: References: Message-ID: I think this is will simplify life as we make breaking changes. > On May 1, 2018, at 12:52 PM, David Zager wrote: > > Greetings, > > This email is meant to get feedback on a fix to an issue was raised against the broker project regarding the run_latest_build.sh version check . The issue, as Jesus had predicted two weeks ago , is that our version check is not very strong. While we could correct the version check to properly handle semantic versioning, I believe we should take this as an opportunity to bring the run_latest_build script and run_latest_k8s_build script into one. > > You may ask "What would this look like?". Only the run_latest_build.sh would be left standing and it would: > Expect a cluster (Kubernetes|OpenShift) to already exist with service-catalog installed > Create the broker namespace > Create a service account for the automation-broker-apb > Create a automation-broker-apb clusterrolebinding "cluster-admin" tied to the automation-broker-apb service account > Run the automation-broker-apb as a pod > Delete the automation-broker-apb pod > Delete the automation-broker-apb service account > Delete the automation-broker-apb clusterrolebinding > Since the automation-broker-apb will detect the cluster type and do the right thing (always, no bugs here). We can simply launch the pod and watch. We already noticed that this can handle the issues that we have been having w/ the deployment template in catasb. Catasb uses master template but master tracks the canary image. If we also move catasb to using the APB then we can handle that situation with logic. You can see an example of this with the latest CRD changes that Zager helped me with. > Removing the cluster startup from run_latest_build.sh was brought up during the ansible-service-broker IRC meeting which would make it virtually equivalent to the run_latest_k8s_build.sh. Having a single run_latest_build script is one step in a long process of simplifying our onboarding process with the benefit of reducing ways broker installs could fail. +1 > > Your feedback is appreciated. > > Regards, > Zager > _______________________________________________ > Ansible-service-broker mailing list > Ansible-service-broker at redhat.com > https://www.redhat.com/mailman/listinfo/ansible-service-broker -------------- next part -------------- An HTML attachment was scrubbed... URL: From rhallise at redhat.com Tue May 1 17:29:24 2018 From: rhallise at redhat.com (Ryan Hallisey) Date: Tue, 1 May 2018 13:29:24 -0400 Subject: [Ansible-service-broker] Cluster Startup in run_latest(_k8s)_build.sh In-Reply-To: References: Message-ID: On Tue, May 1, 2018 at 1:11 PM, Shawn Hurley wrote: > I think this is will simplify life as we make breaking changes. > > On May 1, 2018, at 12:52 PM, David Zager wrote: > > Greetings, > > This email is meant to get feedback on a fix to an issue was raised > against the broker project regarding the run_latest_build.sh version check > . The > issue, as Jesus had predicted two weeks ago > , > is that our version check is not very strong. While we could correct the > version check to properly handle semantic versioning, I believe we should > take this as an opportunity to bring the run_latest_build script and > run_latest_k8s_build script into one. > > You may ask "What would this look like?". Only the run_latest_build.sh > would be left standing and it would: > > 1. Expect a cluster (Kubernetes|OpenShift) to already exist with > service-catalog installed > 2. Create the broker namespace > 3. Create a service account for the automation-broker-apb > > 4. Create a automation-broker-apb clusterrolebinding "cluster-admin" > tied to the automation-broker-apb service account > 5. Run the automation-broker-apb as a pod > 6. Delete the automation-broker-apb pod > 7. Delete the automation-broker-apb service account > 8. Delete the automation-broker-apb clusterrolebinding > > +1 for minimal amount of work done my run_latest_build.sh. If we drop oc cluster up maybe we can combine the k8s and openshift setups? > Since the automation-broker-apb will detect the cluster type and do the > right thing (always, no bugs here). We can simply launch the pod and watch. > > We already noticed that this can handle the issues that we have been > having w/ the deployment template in catasb. Catasb uses master template > but master tracks the canary image. If we also move catasb to using the APB > then we can handle that situation with logic. > You can see an example of this with the latest CRD changes that Zager > helped me with. > > Removing the cluster startup from run_latest_build.sh was brought up > during the ansible-service-broker IRC meeting which would make it virtually > equivalent to the run_latest_k8s_build.sh. Having a single run_latest_build > script is one step in a long process of simplifying our onboarding process > with the benefit of reducing ways broker installs could fail. > > +1 > > > Your feedback is appreciated. > > Regards, > Zager > _______________________________________________ > Ansible-service-broker mailing list > Ansible-service-broker at redhat.com > https://www.redhat.com/mailman/listinfo/ansible-service-broker > > > > _______________________________________________ > Ansible-service-broker mailing list > Ansible-service-broker at redhat.com > https://www.redhat.com/mailman/listinfo/ansible-service-broker > > -------------- next part -------------- An HTML attachment was scrubbed... URL: From dzager at redhat.com Tue May 1 19:17:11 2018 From: dzager at redhat.com (David Zager) Date: Tue, 01 May 2018 19:17:11 +0000 Subject: [Ansible-service-broker] Cluster Startup in run_latest(_k8s)_build.sh In-Reply-To: References: Message-ID: PR Submitted: https://github.com/openshift/ansible-service-broker/pull/920 On Tue, May 1, 2018 at 1:29 PM Ryan Hallisey wrote: > On Tue, May 1, 2018 at 1:11 PM, Shawn Hurley wrote: > >> I think this is will simplify life as we make breaking changes. >> >> On May 1, 2018, at 12:52 PM, David Zager wrote: >> >> Greetings, >> >> This email is meant to get feedback on a fix to an issue was raised >> against the broker project regarding the run_latest_build.sh version >> check . >> The issue, as Jesus had predicted two weeks ago >> , >> is that our version check is not very strong. While we could correct the >> version check to properly handle semantic versioning, I believe we should >> take this as an opportunity to bring the run_latest_build script and >> run_latest_k8s_build script into one. >> >> You may ask "What would this look like?". Only the run_latest_build.sh >> would be left standing and it would: >> >> 1. Expect a cluster (Kubernetes|OpenShift) to already exist with >> service-catalog installed >> 2. Create the broker namespace >> 3. Create a service account for the automation-broker-apb >> >> 4. Create a automation-broker-apb clusterrolebinding "cluster-admin" >> tied to the automation-broker-apb service account >> 5. Run the automation-broker-apb as a pod >> 6. Delete the automation-broker-apb pod >> 7. Delete the automation-broker-apb service account >> 8. Delete the automation-broker-apb clusterrolebinding >> >> +1 for minimal amount of work done my run_latest_build.sh. If we drop > oc cluster up maybe we can combine the k8s and openshift setups? > > > >> Since the automation-broker-apb will detect the cluster type and do the >> right thing (always, no bugs here). We can simply launch the pod and watch. >> >> We already noticed that this can handle the issues that we have been >> having w/ the deployment template in catasb. Catasb uses master template >> but master tracks the canary image. If we also move catasb to using the APB >> then we can handle that situation with logic. >> You can see an example of this with the latest CRD changes that Zager >> helped me with. >> >> Removing the cluster startup from run_latest_build.sh was brought up >> during the ansible-service-broker IRC meeting which would make it virtually >> equivalent to the run_latest_k8s_build.sh. Having a single run_latest_build >> script is one step in a long process of simplifying our onboarding process >> with the benefit of reducing ways broker installs could fail. >> >> +1 >> >> >> Your feedback is appreciated. >> >> Regards, >> Zager >> _______________________________________________ >> Ansible-service-broker mailing list >> Ansible-service-broker at redhat.com >> https://www.redhat.com/mailman/listinfo/ansible-service-broker >> >> >> >> _______________________________________________ >> Ansible-service-broker mailing list >> Ansible-service-broker at redhat.com >> https://www.redhat.com/mailman/listinfo/ansible-service-broker >> >> -------------- next part -------------- An HTML attachment was scrubbed... URL: From jesusr at redhat.com Wed May 2 13:18:28 2018 From: jesusr at redhat.com (jesusr at redhat.com) Date: Wed, 02 May 2018 09:18:28 -0400 Subject: [Ansible-service-broker] Meeting notes: 5/1/2018 Message-ID: <1525267108.1096.20.camel@redhat.com> ============================================== #asbroker: asbroker community meeting 20180501 ============================================== Meeting started by jmrodri at 13:32:00 UTC. The full logs are available at asbroker/2018/asbroker.2018-05-01-13.32.log.html . Meeting summary --------------- * attendance (jmrodri, 13:32:22) * news (jmrodri, 13:34:27) * bugs/issues triage (jmrodri, 13:35:56) * https://github.com/openshift/ansible-servicered hat summ-broker/issues/917 (jmrodri, 13:36:09) * LINK: https://github.com/automationbroker/bundle-lib/issues/30 (jmrodri, 13:36:38) * ACTION: maleck13 shurley investigate all the places clients are used and move to runtime (jmrodri, 13:50:29) * https://github.com/automationbroker/bundle-lib/issues/300 (jmrodri , 13:50:54) * Incorrect version check in run_latest_build.sh (jmrodri, 13:51:08) * LINK: https://github.com/openshift/ansible-service-broker/issues/91 2 (jmrodri, 13:51:19) * ACTION: dzager work with jmatthews to determine if that is a feasible change (jmrodri, 13:55:56) * Ansible ServiceInstance CRD colliding with Service Catalog #link https://github.com/openshift/ansible-service-broker/issues/914 (jmrodri, 13:59:34) * What is the meaning of AA in the documentation, other acronyms are explained #link https://github.com/openshift/ansible-service-broker/issues/917 (jmrodri, 14:01:08) * ACTION: ernelson update design.md doc to not use AA :) (jmrodri, 14:02:41) * LINK: https://github.com/openshift/ansible-service-broker/issues/91 7 (jmrodri, 14:02:50) * Why is `from` failing in the ES-APB within OpenShift REST client (jmrodri, 14:03:11) * LINK: https://github.com/ansibleplaybookbundle/es-apb/issues/6 (jmrodri, 14:03:19) * ACTION: leifmadsen close issue #6 on es-apb, reopen if needed (jmrodri, 14:10:03) * Features (jmrodri, 14:10:25) * Working on getting Automation Broker vendorable (jmrodri, 14:10:34) * open discussion (jmrodri, 14:13:13) * Supported ansible modules moving forward? Timeline of moving to dynamic client? Some APB developers are hitting limitations with k8s_raw. (jmrodri, 14:13:24) * ACTION: fabianvf post any status updates regarding dynamic clients to ML (jmrodri, 14:20:42) Meeting ended at 14:22:29 UTC. Action Items ------------ * maleck13 shurley investigate all the places clients are used and move to runtime * dzager work with jmatthews to determine if that is a feasible change * ernelson update design.md doc to not use AA :) * leifmadsen close issue #6 on es-apb, reopen if needed * fabianvf post any status updates regarding dynamic clients to ML Action Items, by person ----------------------- * dzager * dzager work with jmatthews to determine if that is a feasible change * ernelson * ernelson update design.md doc to not use AA :) * fabianvf * fabianvf post any status updates regarding dynamic clients to ML * leifmadsen * leifmadsen close issue #6 on es-apb, reopen if needed * maleck13 * maleck13 shurley investigate all the places clients are used and move to runtime * shurley * maleck13 shurley investigate all the places clients are used and move to runtime * **UNASSIGNED** * (none) People Present (lines said) --------------------------- * jmrodri (92) * shurley (31) * rhallisey (27) * brokerbot (27) * leifmadsen (25) * ernelson (18) * dymurray (16) * maleck13 (15) * fabianvf (12) * dzager (12) * ron1 (1) Generated by `MeetBot`_ 0.1.4 .. _`MeetBot`: http://wiki.debian.org/MeetBot From dzager at redhat.com Mon May 7 17:32:38 2018 From: dzager at redhat.com (David Zager) Date: Mon, 07 May 2018 17:32:38 +0000 Subject: [Ansible-service-broker] Sprint 148 Release Notes Message-ID: Bugs - Bug 1567004 - Delete extracted credentials secret during synchronous unbind. (#899) - Bug 1569220 - Add dashboard redirector feature (#897) - Bug 1533425 - protect against simultaneous updates (#898) - Bug 1566924 - renaming crd resources (#907) - Bug 1565545 - Adding migration of extracted credentials (#895) - Bug 1572129 - remove unnecessary SetState (#927) - Bug 1572470 - use binding id as instance, do not error on conflict (#924) Other Enhancements - Fix typo in run_latest_build.sh (#903) - Update scripts to use the broker apb (#891) - fix statements with formatting (#904) - Build migration into canary image (#905) - Use git clone for canary (#906) - Frustration release target (#910) - Lock helm version for ci (#915) - Update AA to APB in docs (#918) - Create broker-apb dir, add install yaml (#916) - Remove dashboard-redirector binary (#925) - Run the apb in a different project (#923) - Add fix for get si npe (#929) - Spell check a bunch of items (#930) -------------- next part -------------- An HTML attachment was scrubbed... URL: From cmoullia at redhat.com Mon May 7 19:22:03 2018 From: cmoullia at redhat.com (Charles Moulliard) Date: Mon, 7 May 2018 21:22:03 +0200 Subject: [Ansible-service-broker] Trick to force a serviceinstance to be deleted ? Message-ID: Hi Is there a trick to force a serviceInstance to be deleted within an openshift namespace ? oc delete serviceinstance/dh-mysql-apb-ldzf9 -n demo --force=true serviceinstance "dh-mysql-apb-ldzf9" deleted oc get serviceinstance -n demo NAME AGE dh-mysql-apb-ldzf9 3h ... Regards Charles -------------- next part -------------- An HTML attachment was scrubbed... URL: From jmatthew at redhat.com Mon May 7 19:58:36 2018 From: jmatthew at redhat.com (John Matthews) Date: Mon, 7 May 2018 15:58:36 -0400 Subject: [Ansible-service-broker] Trick to force a serviceinstance to be deleted ? In-Reply-To: References: Message-ID: Charles, You may want to see if you need to remove the finalizer, below BZ has a related comment: https://bugzilla.redhat.com/show_bug.cgi?id=1503829#c21 On Mon, May 7, 2018 at 3:22 PM, Charles Moulliard wrote: > Hi > > Is there a trick to force a serviceInstance to be deleted within an > openshift namespace ? > > oc delete serviceinstance/dh-mysql-apb-ldzf9 -n demo --force=true > serviceinstance "dh-mysql-apb-ldzf9" deleted > > oc get serviceinstance -n demo > NAME AGE > dh-mysql-apb-ldzf9 3h > ... > > Regards > > Charles > > _______________________________________________ > Ansible-service-broker mailing list > Ansible-service-broker at redhat.com > https://www.redhat.com/mailman/listinfo/ansible-service-broker > > -------------- next part -------------- An HTML attachment was scrubbed... URL: From rhallise at redhat.com Tue May 15 14:29:35 2018 From: rhallise at redhat.com (Ryan Hallisey) Date: Tue, 15 May 2018 10:29:35 -0400 Subject: [Ansible-service-broker] Automation Broker IRC meeting minutes 5-15-18 Message-ID: ==================================== #asbroker: Automation Broker 5-15-18 ==================================== Meeting started by rhallisey at 13:31:09 UTC. The full logs are attached. Meeting summary --------------- * Attendance (rhallisey, 13:31:20) * News (rhallisey, 13:32:03) * Bugs/Issue Triage (rhallisey, 13:33:05) * Apbs unexpectidly gone (rhallisey, 13:33:13) * LINK: https://github.com/openshift/ansible-service-broker/issues/945 (rhallisey, 13:33:18) * ACTION: ernelson to comment on https://github.com/openshift/ansible-service-broker/issues/945 and close it (rhallisey, 13:41:40) * run_latest_build.sh doesn't seem to work on Mac OS X / v3.9.0 (rhallisey, 13:42:13) * LINK: run_latest_build.sh doesn't seem to work on Mac OS X / v3.9.0 (rhallisey, 13:42:15) * Binding errors are no longer displayed (rhallisey, 13:43:38) * LINK: https://github.com/openshift/ansible-service-broker/issues/941 (rhallisey, 13:43:46) * link broken in deployment (low hanging fruit) (rhallisey, 13:46:50) * LINK: https://github.com/openshift/ansible-service-broker/issues/938 (rhallisey, 13:46:57) * ACTION: rhallisey: investigate #941 (rhallisey, 13:51:08) * LINK: https://github.com/openshift/ansible-service-broker/issues/938 (rhallisey, 13:51:19) * Features (rhallisey, 13:52:40) * LINK: https://github.com/openshift/ansible-service-broker/pull/928 (rhallisey, 13:52:58) * LINK: https://github.com/openshift/ansible-service-broker/issues/859 (rhallisey, 13:53:11) * conditionally render fields (rhallisey, 13:53:31) * LINK: https://www.youtube.com/watch?v=MX-G0TjaP7E&feature=youtu.be (rhallisey, 13:55:00) * LINK: https://github.com/mozilla-services/react-jsonschema-form#dynamic (philipgough, 13:57:26) * ACTION: dymurray mhrivnak review spec change PR #928 and bump minor version of spec (rhallisey, 14:09:40) * ACTION: philipgough maleck13 document how to use conditionally render field (rhallisey, 14:10:31) * Open Discussion (rhallisey, 14:15:11) * Can we spend time and make a plan to get some bugs reviewed and merged? (rhallisey, 14:15:21) Meeting ended at 14:26:00 UTC. Action Items ------------ * ernelson to comment on https://github.com/openshift/ansible-service-broker/issues/945 and close it * rhallisey: investigate #941 * dymurray mhrivnak review spec change PR #928 and bump minor version of spec * philipgough maleck13 document how to use conditionally render field Action Items, by person ----------------------- * dymurray * dymurray mhrivnak review spec change PR #928 and bump minor version of spec * ernelson * ernelson to comment on https://github.com/openshift/ansible-service-broker/issues/945 and close it * maleck13 * philipgough maleck13 document how to use conditionally render field * mhrivnak * dymurray mhrivnak review spec change PR #928 and bump minor version of spec * philipgough * philipgough maleck13 document how to use conditionally render field * rhallisey * rhallisey: investigate #941 * **UNASSIGNED** * (none) People Present (lines said) --------------------------- * rhallisey (73) * shurley (44) * brokerbot (29) * ernelson (26) * philipgough (26) * dymurray (12) * dzager (11) * maleck13 (11) * mhrivnak (7) * leifmadsen (1) Generated by `MeetBot`_ 0.1.4 .. _`MeetBot`: http://wiki.debian.org/MeetBot -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- 13:31:09 #startmeeting Automation Broker 5-15-18 13:31:09 Meeting started Tue May 15 13:31:09 2018 UTC. The chair is rhallisey. Information about MeetBot at http://wiki.debian.org/MeetBot. 13:31:09 Useful Commands: #action #agreed #help #info #idea #link #topic. 13:31:09 The meeting name has been set to 'automation_broker_5-15-18' 13:31:09 rhallisey: startmeeting Meeting Agenda https://docs.google.com/document/d/1Mj7bVYJ8NK-TwU_mxeZLprmBBZZ-xOq-Hg4CiD3E6pM/edit?usp=sharing 13:31:20 #topic Attendance 13:31:20 rhallisey: topic 13:31:24 morning folks 13:31:26 o/ 13:31:28 here 13:31:29 morning 13:31:32 Hi! 13:31:35 hello 13:32:03 #topic News 13:32:03 rhallisey: topic 13:32:34 Nothing listed here, but I wanted to thank jmrodri for running the last 2 meetings 13:33:05 #topic Bugs/Issue Triage 13:33:05 rhallisey: topic 13:33:13 #info Apbs unexpectidly gone 13:33:13 rhallisey: info 13:33:18 #link https://github.com/openshift/ansible-service-broker/issues/945 13:33:18 rhallisey: link 13:33:53 hello 13:34:09 hey dymurray 13:34:41 any thoughts on this issue? 13:35:09 seems like hes running 3.9, but we may need more info 13:35:10 rhallisey: we've seen this sometimes with a long running broker when remote registires go down 13:35:27 it will bootstrap, fail and strip them from the catalog response 13:35:33 then it will bootstrap and discover them again 13:35:55 hm actually that error suggests otherwise 13:35:56 +1 I've seen what ernelson has described and I've also relisted the service catalog while the broker was bootstrapping and seen empty APBs transiently 13:36:49 how can we best solve this? should we add a retry around the registries? 13:36:59 or would some logging help here 13:37:36 ernelson, can you add what you just said into the issue 13:37:44 I would like to learn more about whether or not this was a one-off or reproducible 13:37:52 rhallisey: sure 13:38:00 yeah he says it's not reproducible but transient 13:38:13 dymurray: ernelson 13:38:16 a retry isn't a bad idea, but that error suggests a networking issues with his service network 13:38:23 the issue appears to be connection w/ etcd 13:38:30 and not remote registries to me 13:38:41 shurley: that's why I said the error suggested otherwise :) 13:39:04 Maybe we need to extend the timeout of the etcd route in the 3.9 deployments... but unsure 13:39:27 ah, sorry trying to do too much, yeah I think that if we can?t contact our data store this is the correct behavior IMO 13:39:44 shurley: agreed 13:39:59 not sure why that would crop up randomly 13:40:13 wonder if its environment specific; I can't say i've seen or heard of this before 13:40:16 any why we could not contact ETCD is a different problem. I would prefer to close this bug and make a new one specifically about the etcd connection 13:40:35 ernelson: agreed 13:40:54 shurley: +1 13:40:55 shurley, that's fine with me. But let's add all the info we spoke of here as ways to workaround 13:41:01 or identify the issue 13:41:19 Yeah just rename this to identify its an etcd connection error and the result is missing APBs 13:41:40 #action ernelson to comment on https://github.com/openshift/ansible-service-broker/issues/945 and close it 13:41:40 rhallisey: action 13:41:47 ernelson, I'm going to add you to that 13:42:13 #topic run_latest_build.sh doesn't seem to work on Mac OS X / v3.9.0 13:42:13 rhallisey: topic 13:42:15 #link run_latest_build.sh doesn't seem to work on Mac OS X / v3.9.0 13:42:15 rhallisey: link 13:42:45 looks like this should be closed 13:42:56 from #944 13:43:00 closing 13:43:01 rhallisey: yeah pretty sure I fixed it 13:43:05 sorry 13:43:25 shurley, np, looks like git didn't pick up the fixes line 13:43:38 #topic Binding errors are no longer displayed 13:43:38 rhallisey: topic 13:43:46 #link https://github.com/openshift/ansible-service-broker/issues/941 13:43:46 rhallisey: link 13:46:03 are we not passing along the error here? 13:46:09 I have no idea 13:46:28 ok, I'll mark 3.11 and we can debug after 13:46:50 #topic link broken in deployment (low hanging fruit) 13:46:50 rhallisey: topic 13:46:57 #link https://github.com/openshift/ansible-service-broker/issues/938 13:46:57 rhallisey: link 13:46:58 does anyone have an idea on the sprint-147.2 tag in relation to relasess? 13:47:14 it might be as easy as upgrade to a newer broker 13:47:21 dzager: ^^ 13:47:33 shurley, its somewhere around 1.2.6-1. Me and Erik were tracking that down before 13:47:50 so 3.10? 13:48:01 yeah should be 13:48:05 but not certain on that 13:48:18 it is 3.10 but people should be using the released versions of the broker instead of sprint tags 13:48:36 those are just transient while we are rebuilding "latest" container images 13:48:44 I just think that if we introduced this error we want to fix in 3.10 rhallisey 13:48:53 ack 13:49:10 will mark at as such 13:49:28 does anyone have bandwidth to test this today w/ the 1.2.11 broker? 13:49:57 it looks like it should be right about release "ansible-service-broker-1.2.9-1" 13:50:53 shurley, I'll try and get to it. I have a few other things I need to get to first 13:51:08 #action rhallisey: investigate #941 13:51:08 rhallisey: action 13:51:19 #link https://github.com/openshift/ansible-service-broker/issues/938 13:51:19 rhallisey: link 13:51:38 ^ this issue is some low hanging fruit 13:51:49 simple doc change for anyone to take on 13:52:08 rhallisey: you can assign that to me 13:52:14 I'll update it with the broker-apb PR 13:52:35 thanks dzager 13:52:40 #topic Features 13:52:40 rhallisey: topic 13:52:58 #link https://github.com/openshift/ansible-service-broker/pull/928 13:52:58 rhallisey: link 13:53:11 #link https://github.com/openshift/ansible-service-broker/issues/859 13:53:11 rhallisey: link 13:53:31 #info conditionally render fields 13:53:31 rhallisey: info 13:54:06 I added this one 13:54:07 philipgough, maleck13 did you want to discuss something with this? 13:54:13 Yeah sure I can discuss 13:54:36 Did you guys get to see the demo vide David Martin created and how do you feel about this approach? 13:55:00 #link https://www.youtube.com/watch?v=MX-G0TjaP7E&feature=youtu.be 13:55:00 rhallisey: link 13:55:07 I believe Dave is following up with Sam Padgett about acceptance for the ui part 13:55:11 24s video folks 13:55:24 Sam has said the approach is good 13:55:30 But from feedback we are going to be limited as to what we can and cannot do in the form 13:55:34 thanks maleck13 13:56:05 so correct me if I am wrong but this all in the Json Scema dependancy stuff 13:56:14 and not for a specific form? 13:56:25 sorry want to make sure I am following the code philipgough 13:57:01 Correct to a certain extent, we are following the format that is supported by the react library that the ui will move to 13:57:07 let me dig out that link 13:57:26 https://github.com/mozilla-services/react-jsonschema-form#dynamic 13:57:37 so the proposed solution will work for the current OS UI and the new React based ui 13:57:41 ok, so it *semi* tied to a ui framework but using json.Schema to pass the data 13:58:08 So the changes in the broker and the small change to bundle-lib will get us t this accepted schema 13:58:21 maleck13: correct 13:58:43 to get additional functionality outside what is demo'd in that video would require us to extend the react lib 13:58:45 perfect, seems like the correct approach to me, ernelson jmrodri thoughts? 13:59:08 seems reasonable to me, I like that we have something that will work today and with the future UI 13:59:27 pr will need tests and tidy up but we wanted to get approval first with this approach 13:59:59 it seems fair to point out that all of the apb.yaml improvements are great. We should make sure though that we aren't trusting the UI as a gate and verifying these variables/parameters in the APB also. 14:00:00 think jmrodri is out this morning 14:00:28 dymurray: ernelson philipgough sorry just a qq just looked at the bundle lib PR looks like we are adding to the apb.spec 14:00:34 *bundle spec 14:00:35 If we like the approach it would be good to try land this for 3.11 14:00:39 is that correct? 14:00:45 shurley: correct 14:01:12 philipgough, you mentioned that some feedback you got was we be limited in this form. Can you go into further detail? 14:01:45 rhallisey: sure, so this essentially works with enum types only as per the video and also with truthy types, such as string and int defined etc 14:01:47 ok just want to double check with dzager mhrivnak and dymurray to make sure that they are good with adding dependancies to the spec, also we may need to add this broker-client-go 14:02:00 *may*. ^^ 14:02:02 rhallisey: The react lib only supports the oneOf keyword at the moment which ties us to this 14:02:26 shurley, philipgough yeah I mentioned on the PR I'm fine with it but we need to go through and update documentation and discuss if this requires a versioning update 14:02:31 so we cannot support value checking outside enums or multiple or nested dependencies 14:02:37 I would imagine versioning is less important... since its optional 14:02:43 probably just a minor bump 14:03:18 +1 need to verify on both sides. 14:03:32 +1 to minor bump and documentation update 14:03:53 ack 14:04:01 rhallisey: is that clear enough? many failed attempts at extending that react lib to support additional schema keywords https://github.com/mozilla-services/react-jsonschema-form#q-does-rjsf-support-oneof-anyof-multiple-types-in-an-array-etc 14:04:24 philipgough, that makes sense. I'm trying to think what other types we offer 14:05:23 so are next steps here for mhrivnak an dymurray to take a look? 14:05:25 philipgough, to me that sounds good. We'll need to document like folks are saying. 14:05:32 rhallisey: so im saying you cant provide a string type as a dependency and say value needs to equal "xyz" 14:05:44 the apb author would need to use enum for that 14:06:28 philipgough, but there's no limitation on dependent items? 14:06:42 maleck13, I will add additional thoughts to the PR but... mainly next step is PR to APB repo for documentation around this 14:06:59 philipgough, meaning the items we conditionally render 14:07:02 dymurray: +1 ok thanks 14:07:23 rhallisey: yes thats correct, we can render whatever we like and privde defaults etc so no limitations there 14:07:29 provide* 14:07:40 ok that sounds great 14:07:41 Will this be compatible with other service catalog UIs? 14:08:29 mhrivnak: probably depends on if they support the json schema bits 14:08:33 ? 14:08:44 shurley: yes correct 14:08:45 mhrivnak: is this tied to the react component? 14:08:51 some action items on this: 14:09:11 ernelson: we have made changes to the angular ui to support this from now 14:09:15 #action dymurray mhrivnak review spec change PR #928 14:09:15 rhallisey: action 14:09:19 I'm catching up on this feature, so I still don't have a full picture in my brain of how it's going to work. 14:09:25 #undo 14:09:25 Removing item from minutes: ACTION by rhallisey at 14:09:15 : dymurray mhrivnak review spec change PR #928 14:09:30 Don't need to wait on that right now. I'll read up. 14:09:31 philipgough: I'm guessing mhrivnak had kubeapps in mind 14:09:40 #action dymurray mhrivnak review spec change PR #928 and bump minor version of spec 14:09:40 rhallisey: action 14:09:48 But that's an important question anyway. Whether it's kubeapps, svcat, or anything else, how will this behave? 14:10:31 #action philipgough maleck13 document how to use conditionally render field 14:10:31 rhallisey: action 14:10:31 if this is just in our broker, i think it's unlikely for those catalog front ends to adopt broker specific changes to support it 14:10:47 unless there's a convincing argument that all brokers may be interested in this, which I think could be made 14:11:03 ernelson: right, I had asked Dave Martin if it needed to support and other UI's but we werent sure that would be a requirement 14:11:37 We came to the conclusion that ernelson has just done above :) 14:12:27 +1 folks. Any action items I'm missing? 14:12:35 I think we covered this weel 14:12:38 well* 14:12:40 philipgough: ernelson correct me if I am wrong but the OSB spec specifies parameters as json schema. therefore this is not broker specific we are just implementing a part of the json schema spec that other brokers have not 14:12:50 it is not our broker adding on top of the osb spec 14:12:54 shurley: +1 14:13:27 just implementing a section others have not, I think it important to keep that in mind when we say broker specific changes IMO 14:13:35 oh then this sounds perfectly in line with the spec, and front ends can choose to implement or not 14:13:45 +1 14:14:21 shurley yeah that lines up with what I'm reading in the spec right now. 14:15:05 ok moving on to open discussion 14:15:11 #topic Open Discussion 14:15:12 rhallisey: topic 14:15:21 #info Can we spend time and make a plan to get some bugs reviewed and merged? 14:15:21 rhallisey: info 14:16:15 is this a plea to knock down PR counts? 14:16:20 do folks want to go through some open prs and get the merged 14:17:00 I can help review this morning; have a number of catalog PRs I'm waiting for reviews on so I'm in a bit of a holding pattern 14:17:12 I think there are at least 2 that need the broker to be branched for release-1.2 14:17:30 ernelson: yes 14:17:50 dzager: that is also true 14:18:07 think we need to get the Bugs in and then branch 14:18:09 weren't we planning on branching recently? 14:18:20 okay maybe that got put on hold? 14:18:23 dzager, can you link those 2 prs? 14:18:42 bundle like has like 8 PRs as well 14:18:49 *bundle lib 14:18:54 rhallisey: https://github.com/openshift/ansible-service-broker/pull/946 https://github.com/openshift/ansible-service-broker/pull/935 14:19:03 those are the two that I know of 14:19:28 looks like there is a 3rd with a "hold" on it https://github.com/openshift/ansible-service-broker/pull/909 14:19:48 thanks fo rthe pr maleck13 14:19:57 shurley: np 14:20:24 dzager: yes that is mine 14:20:32 dzager: would be nice to get a review on it 14:21:02 dzager, I think your pr is good to go 14:21:25 shurley, is too except for travis failing 14:22:06 think 950, 949, 948, 947 should go in before branch 14:22:21 then we can branch and the others can go in 14:22:28 ok, I'm going to label all them 14:22:54 sounds good 14:22:55 use the 3.10 label if possible. Helps me keep track 14:22:59 dzager: 935 is that still being held for a reason? 14:23:14 never mind 14:23:14 935 should be 3.11 14:23:19 I need to read better 14:24:12 ok folks prioritize 3.10 labels prs so we can get the release out the door 14:24:21 branch* 14:25:05 any more open items? 14:25:44 nope thanks rhallisey ! 14:25:56 thanks everyone! 14:26:00 #endmeeting -------------- next part -------------- ==================================== #asbroker: Automation Broker 5-15-18 ==================================== Meeting started by rhallisey at 13:31:09 UTC. The full logs are available at asbroker/2018/asbroker.2018-05-15-13.31.log.html . Meeting summary --------------- * Attendance (rhallisey, 13:31:20) * News (rhallisey, 13:32:03) * Bugs/Issue Triage (rhallisey, 13:33:05) * Apbs unexpectidly gone (rhallisey, 13:33:13) * LINK: https://github.com/openshift/ansible-service-broker/issues/945 (rhallisey, 13:33:18) * ACTION: ernelson to comment on https://github.com/openshift/ansible-service-broker/issues/945 and close it (rhallisey, 13:41:40) * run_latest_build.sh doesn't seem to work on Mac OS X / v3.9.0 (rhallisey, 13:42:13) * LINK: run_latest_build.sh doesn't seem to work on Mac OS X / v3.9.0 (rhallisey, 13:42:15) * Binding errors are no longer displayed (rhallisey, 13:43:38) * LINK: https://github.com/openshift/ansible-service-broker/issues/941 (rhallisey, 13:43:46) * link broken in deployment (low hanging fruit) (rhallisey, 13:46:50) * LINK: https://github.com/openshift/ansible-service-broker/issues/938 (rhallisey, 13:46:57) * ACTION: rhallisey: investigate #941 (rhallisey, 13:51:08) * LINK: https://github.com/openshift/ansible-service-broker/issues/938 (rhallisey, 13:51:19) * Features (rhallisey, 13:52:40) * LINK: https://github.com/openshift/ansible-service-broker/pull/928 (rhallisey, 13:52:58) * LINK: https://github.com/openshift/ansible-service-broker/issues/859 (rhallisey, 13:53:11) * conditionally render fields (rhallisey, 13:53:31) * LINK: https://www.youtube.com/watch?v=MX-G0TjaP7E&feature=youtu.be (rhallisey, 13:55:00) * LINK: https://github.com/mozilla-services/react-jsonschema-form#dynamic (philipgough, 13:57:26) * ACTION: dymurray mhrivnak review spec change PR #928 and bump minor version of spec (rhallisey, 14:09:40) * ACTION: philipgough maleck13 document how to use conditionally render field (rhallisey, 14:10:31) * Open Discussion (rhallisey, 14:15:11) * Can we spend time and make a plan to get some bugs reviewed and merged? (rhallisey, 14:15:21) Meeting ended at 14:26:00 UTC. Action Items ------------ * ernelson to comment on https://github.com/openshift/ansible-service-broker/issues/945 and close it * rhallisey: investigate #941 * dymurray mhrivnak review spec change PR #928 and bump minor version of spec * philipgough maleck13 document how to use conditionally render field Action Items, by person ----------------------- * dymurray * dymurray mhrivnak review spec change PR #928 and bump minor version of spec * ernelson * ernelson to comment on https://github.com/openshift/ansible-service-broker/issues/945 and close it * maleck13 * philipgough maleck13 document how to use conditionally render field * mhrivnak * dymurray mhrivnak review spec change PR #928 and bump minor version of spec * philipgough * philipgough maleck13 document how to use conditionally render field * rhallisey * rhallisey: investigate #941 * **UNASSIGNED** * (none) People Present (lines said) --------------------------- * rhallisey (73) * shurley (44) * brokerbot (29) * ernelson (26) * philipgough (26) * dymurray (12) * dzager (11) * maleck13 (11) * mhrivnak (7) * leifmadsen (1) Generated by `MeetBot`_ 0.1.4 .. _`MeetBot`: http://wiki.debian.org/MeetBot From cjonagam at redhat.com Wed May 16 09:06:19 2018 From: cjonagam at redhat.com (Chakradhar Jonagam) Date: Wed, 16 May 2018 17:06:19 +0800 Subject: [Ansible-service-broker] custom apb's not showing up in catalog In-Reply-To: References: Message-ID: ++ asb group Is this normal. curl -k -H "Authorization: Bearer $(oc whoami -t)" https://$(oc get routes --no-headers | awk '{print $2}')/ansible-service-broker/v2/catalog { "services": [] } > Chakra Sr Solutions Architect. +65 86715012 Application Practice. APAC. cjonagam at redhat.com On Wed, May 16, 2018 at 3:17 PM, Chakradhar Jonagam wrote: > > > I tried to build a custom apb using apb cli, i'm able to push > successfully but failing to see it in the service catalog UI. > > Tried following > - logged out and loggedin , refreshed catalog, bootstrapped etc etc. > - tried pushing to different namespaces > - tried different registries > - it was pretty hard to install apb cli on centos (pl put some binaries on > github releases :) > > Here is the output of my push > > > [cjonagam at create9-bastion my-mysql]$ sudo apb push --namespace openshift --registry-route=docker-registry-default.apps.minikube.io > /usr/lib/python2.7/site-packages/urllib3/connectionpool.py:769: InsecureRequestWarning: Unverified HTTPS request is being made. Adding certificate verification is strongly advised. See: https://urllib3.readthedocs.org/en/latest/security.html > InsecureRequestWarning) > /usr/lib/python2.7/site-packages/urllib3/connectionpool.py:769: InsecureRequestWarning: Unverified HTTPS request is being made. Adding certificate verification is strongly advised. See: https://urllib3.readthedocs.org/en/latest/security.html > InsecureRequestWarning) > version: 1.0 > name: my-mysql > description: This is a sample application generated by apb init > bindable: True > async: optional > metadata: > displayName: my-mysql > dependencies: [] > plans: > - name: default > description: This default plan deploys my-mysql > free: True > metadata: {} > parameters: [] > Finished writing dockerfile. > Building APB using tag: [docker-registry-default.apps.minikube.io/openshift/my-mysql] > Successfully built APB image: docker-registry-default.apps.minikube.io/openshift/my-mysql > /usr/lib/python2.7/site-packages/urllib3/connectionpool.py:769 : InsecureRequestWarning: Unverified HTTPS request is being made. Adding certificate verification is strongly advised. See: https://urllib3.readthedocs.org/en/latest/security.html > InsecureRequestWarning) > Pushing the image, this could take a minute... > Successfully pushed image: docker-registry-default.apps.minikube.io/openshift/my-mysql > Contacting the ansible-service-broker at: https://asb-1338-openshift-ansible-service-broker.apps.minikube.io/ansible-service-broker/v2/bootstrap > Successfully bootstrapped Ansible Service Broker > Successfully relisted the Service Catalog > > > Here is my asb config > > > registry: - type: dockerhub name: dh url: org: ansibleplaybookbundle tag: > latest white_list: [] auth_type: "" auth_name: "" - type: local_openshift > name: localregistry namespaces: ['openshift','apb-test'] white_list: ['*'] > > > Pl help! > > > > > Chakra > > Sr Solutions Architect. > +65 86715012 > Application Practice. APAC. > cjonagam at redhat.com > > > > -------------- next part -------------- An HTML attachment was scrubbed... URL: From shurley at redhat.com Wed May 16 14:34:18 2018 From: shurley at redhat.com (Shawn Hurley) Date: Wed, 16 May 2018 10:34:18 -0400 Subject: [Ansible-service-broker] Release 1.2 Branch Message-ID: <741E4411-A804-4A6F-B05B-E27AB152371D@redhat.com> Hello All, Wanted to send quick not about the release 1.2 branch[1]. This has been created to track the 1.2 branch (which is for oc release 3.10). Any PRs for that are for openshift 3.10 release or for the 1.2 release of the broker, should be made against this branch. This means that master branch is now open for features and bugs that are aligned for 1.3 or the oc 3.11 release. Thanks everyone! Shawn Hurley [1] https://github.com/openshift/ansible-service-broker/tree/release-1.2 -------------- next part -------------- An HTML attachment was scrubbed... URL: From rhallise at redhat.com Wed May 16 14:57:22 2018 From: rhallise at redhat.com (Ryan Hallisey) Date: Wed, 16 May 2018 10:57:22 -0400 Subject: [Ansible-service-broker] custom apb's not showing up in catalog In-Reply-To: References: Message-ID: Hey Chakradhar, Can you join #asbroker on irc and I can help you debug this. Could be the broker is failing to find specs in the registry. - Ryan On Wed, May 16, 2018 at 5:06 AM, Chakradhar Jonagam wrote: > ++ asb group > > > Is this normal. > > curl -k -H "Authorization: Bearer $(oc whoami -t)" https://$(oc get > routes --no-headers | awk '{print $2}')/ansible-service-broker/v2/catalog > { > "services": [] > } > > > > > Chakra > > Sr Solutions Architect. > +65 86715012 > Application Practice. APAC. > cjonagam at redhat.com > > > > > On Wed, May 16, 2018 at 3:17 PM, Chakradhar Jonagam > wrote: > >> >> >> I tried to build a custom apb using apb cli, i'm able to push >> successfully but failing to see it in the service catalog UI. >> >> Tried following >> - logged out and loggedin , refreshed catalog, bootstrapped etc etc. >> - tried pushing to different namespaces >> - tried different registries >> - it was pretty hard to install apb cli on centos (pl put some binaries >> on github releases :) >> >> Here is the output of my push >> >> >> [cjonagam at create9-bastion my-mysql]$ sudo apb push --namespace openshift --registry-route=docker-registry-default.apps.minikube.io >> /usr/lib/python2.7/site-packages/urllib3/connectionpool.py:769: InsecureRequestWarning: Unverified HTTPS request is being made. Adding certificate verification is strongly advised. See: https://urllib3.readthedocs.org/en/latest/security.html >> InsecureRequestWarning) >> /usr/lib/python2.7/site-packages/urllib3/connectionpool.py:769: InsecureRequestWarning: Unverified HTTPS request is being made. Adding certificate verification is strongly advised. See: https://urllib3.readthedocs.org/en/latest/security.html >> InsecureRequestWarning) >> version: 1.0 >> name: my-mysql >> description: This is a sample application generated by apb init >> bindable: True >> async: optional >> metadata: >> displayName: my-mysql >> dependencies: [] >> plans: >> - name: default >> description: This default plan deploys my-mysql >> free: True >> metadata: {} >> parameters: [] >> Finished writing dockerfile. >> Building APB using tag: [docker-registry-default.apps.minikube.io/openshift/my-mysql] >> Successfully built APB image: docker-registry-default.apps.minikube.io/openshift/my-mysql >> /usr/lib/python2.7/site-packages/urllib3/connectionpool.py:769 : InsecureRequestWarning: Unverified HTTPS request is being made. Adding certificate verification is strongly advised. See: https://urllib3.readthedocs.org/en/latest/security.html >> InsecureRequestWarning) >> Pushing the image, this could take a minute... >> Successfully pushed image: docker-registry-default.apps.minikube.io/openshift/my-mysql >> Contacting the ansible-service-broker at: https://asb-1338-openshift-ansible-service-broker.apps.minikube.io/ansible-service-broker/v2/bootstrap >> Successfully bootstrapped Ansible Service Broker >> Successfully relisted the Service Catalog >> >> >> Here is my asb config >> >> >> registry: - type: dockerhub name: dh url: org: ansibleplaybookbundle tag: >> latest white_list: [] auth_type: "" auth_name: "" - type: local_openshift >> name: localregistry namespaces: ['openshift','apb-test'] white_list: ['*'] >> >> >> Pl help! >> >> >> >> > Chakra >> >> Sr Solutions Architect. >> +65 86715012 >> Application Practice. APAC. >> cjonagam at redhat.com >> >> >> >> > > _______________________________________________ > Ansible-service-broker mailing list > Ansible-service-broker at redhat.com > https://www.redhat.com/mailman/listinfo/ansible-service-broker > > -------------- next part -------------- An HTML attachment was scrubbed... URL: From mhrivnak at redhat.com Wed May 16 20:34:59 2018 From: mhrivnak at redhat.com (Michael Hrivnak) Date: Wed, 16 May 2018 16:34:59 -0400 Subject: [Ansible-service-broker] service bundle log collection Message-ID: A point of feedback I heard more than once at KubeCon and Summit is that some people want to always collect the log output when a service bundle runs. Are we tracking that as an RFE already? Is there any thinking around potential approaches? -- Michael Hrivnak Principal Software Engineer, RHCE Red Hat -------------- next part -------------- An HTML attachment was scrubbed... URL: From mhrivnak at redhat.com Wed May 16 21:25:37 2018 From: mhrivnak at redhat.com (Michael Hrivnak) Date: Wed, 16 May 2018 17:25:37 -0400 Subject: [Ansible-service-broker] combining registry adapters Message-ID: The broker has numerous registry adapters for container registries, and I think that's mostly a result of requiring different discovery mechanisms. https://github.com/openshift/ansible-service-broker/blob/master/docs/config.md#registry-configuration - RHCC: discovery via /v1/search - OpenShift Registry: no discovery, so repos must be listed in the config - Red Hat Connect Partner Registry: discovery via /v2/_catalog - Artifactory: new unmerged adapter, discovery via /v2/_catalog - Quay: new unmerged adapter, discovery via Quay's API (proposed change to /v2/_catalog) - Local OpenShift: discovery via openshift client - Docker Hub: discovery via non-standard endpoint We should consider combining all of those except the "Local OpenShift" and "Docker Hub" adapters. Thinking only about the first 5 adapters above: Besides the discovery mechanism, are there any other substantial differences? Any non-standard auth for example? I'm hopeful that we could combine them all into one adapter that tries discovery mechanisms in order: 1. use any repos that are explicitly listed in the config 2. try /v2/_catalog 3. if /v2/_catalog failed, try /v1/search Any thoughts? Downsides? Wrenches to put in the gears? -- Michael Hrivnak Principal Software Engineer, RHCE Red Hat -------------- next part -------------- An HTML attachment was scrubbed... URL: From jmatthew at redhat.com Wed May 16 22:33:30 2018 From: jmatthew at redhat.com (John Matthews) Date: Wed, 16 May 2018 18:33:30 -0400 Subject: [Ansible-service-broker] combining registry adapters In-Reply-To: References: Message-ID: On Wed, May 16, 2018 at 5:25 PM, Michael Hrivnak wrote: > The broker has numerous registry adapters for container registries, and I > think that's mostly a result of requiring different discovery mechanisms. > > https://github.com/openshift/ansible-service-broker/blob/ > master/docs/config.md#registry-configuration > > - RHCC: discovery via /v1/search > - OpenShift Registry: no discovery, so repos must be listed in the config > - Red Hat Connect Partner Registry: discovery via /v2/_catalog > - Artifactory: new unmerged adapter, discovery via /v2/_catalog > - Quay: new unmerged adapter, discovery via Quay's API (proposed change to > /v2/_catalog) > - Local OpenShift: discovery via openshift client > - Docker Hub: discovery via non-standard endpoint > > We should consider combining all of those except the "Local OpenShift" and > "Docker Hub" adapters. Thinking only about the first 5 adapters above: > > Besides the discovery mechanism, are there any other substantial > differences? Any non-standard auth for example? > > I'm hopeful that we could combine them all into one adapter that tries > discovery mechanisms in order: > > 1. use any repos that are explicitly listed in the config > 2. try /v2/_catalog > 3. if /v2/_catalog failed, try /v1/search > > Any thoughts? Downsides? Wrenches to put in the gears? > +1 for exploring this more. > -- > > Michael Hrivnak > > Principal Software Engineer, RHCE > > Red Hat > > _______________________________________________ > Ansible-service-broker mailing list > Ansible-service-broker at redhat.com > https://www.redhat.com/mailman/listinfo/ansible-service-broker > > -------------- next part -------------- An HTML attachment was scrubbed... URL: From cjonagam at redhat.com Thu May 17 02:00:42 2018 From: cjonagam at redhat.com (Chakradhar Jonagam) Date: Thu, 17 May 2018 10:00:42 +0800 Subject: [Ansible-service-broker] custom apb's not showing up in catalog In-Reply-To: References: Message-ID: For other who see similar issues. Ryan helped me this on IRC. looks like issue is with asb config (configmap) changing *['*']* below to . *['.*'] *seemed to have fixed the issue, but i'm unable to see another fresh example which i pushed recently. i will let you know in case i figure out. registry: - type: dockerhub name: dh url: org: ansibleplaybookbundle tag: latest white_list: [] auth_type: "" auth_name: "" - type: local_openshift name: localregistry namespaces: ['openshift','apb-test'] white_list: ['*'] > Chakra Sr Solutions Architect. +65 86715012 Application Practice. APAC. cjonagam at redhat.com On Wed, May 16, 2018 at 10:57 PM, Ryan Hallisey wrote: > Hey Chakradhar, > > Can you join #asbroker on irc and I can help you debug this. Could be the > broker is failing to find specs in the registry. > > - Ryan > > On Wed, May 16, 2018 at 5:06 AM, Chakradhar Jonagam > wrote: > >> ++ asb group >> >> >> Is this normal. >> >> curl -k -H "Authorization: Bearer $(oc whoami -t)" https://$(oc get >> routes --no-headers | awk '{print $2}')/ansible-service-broker/v2/catalog >> { >> "services": [] >> } >> >> >> >> > Chakra >> >> Sr Solutions Architect. >> +65 86715012 >> Application Practice. APAC. >> cjonagam at redhat.com >> >> >> >> >> On Wed, May 16, 2018 at 3:17 PM, Chakradhar Jonagam >> wrote: >> >>> >>> >>> I tried to build a custom apb using apb cli, i'm able to push >>> successfully but failing to see it in the service catalog UI. >>> >>> Tried following >>> - logged out and loggedin , refreshed catalog, bootstrapped etc etc. >>> - tried pushing to different namespaces >>> - tried different registries >>> - it was pretty hard to install apb cli on centos (pl put some binaries >>> on github releases :) >>> >>> Here is the output of my push >>> >>> >>> [cjonagam at create9-bastion my-mysql]$ sudo apb push --namespace openshift --registry-route=docker-registry-default.apps.minikube.io >>> /usr/lib/python2.7/site-packages/urllib3/connectionpool.py:769: InsecureRequestWarning: Unverified HTTPS request is being made. Adding certificate verification is strongly advised. See: https://urllib3.readthedocs.org/en/latest/security.html >>> InsecureRequestWarning) >>> /usr/lib/python2.7/site-packages/urllib3/connectionpool.py:769: InsecureRequestWarning: Unverified HTTPS request is being made. Adding certificate verification is strongly advised. See: https://urllib3.readthedocs.org/en/latest/security.html >>> InsecureRequestWarning) >>> version: 1.0 >>> name: my-mysql >>> description: This is a sample application generated by apb init >>> bindable: True >>> async: optional >>> metadata: >>> displayName: my-mysql >>> dependencies: [] >>> plans: >>> - name: default >>> description: This default plan deploys my-mysql >>> free: True >>> metadata: {} >>> parameters: [] >>> Finished writing dockerfile. >>> Building APB using tag: [docker-registry-default.apps.minikube.io/openshift/my-mysql] >>> Successfully built APB image: docker-registry-default.apps.minikube.io/openshift/my-mysql >>> /usr/lib/python2.7/site-packages/urllib3/connectionpool.py:769 : InsecureRequestWarning: Unverified HTTPS request is being made. Adding certificate verification is strongly advised. See: https://urllib3.readthedocs.org/en/latest/security.html >>> InsecureRequestWarning) >>> Pushing the image, this could take a minute... >>> Successfully pushed image: docker-registry-default.apps.minikube.io/openshift/my-mysql >>> Contacting the ansible-service-broker at: https://asb-1338-openshift-ansible-service-broker.apps.minikube.io/ansible-service-broker/v2/bootstrap >>> Successfully bootstrapped Ansible Service Broker >>> Successfully relisted the Service Catalog >>> >>> >>> Here is my asb config >>> >>> >>> registry: - type: dockerhub name: dh url: org: ansibleplaybookbundle >>> tag: latest white_list: [] auth_type: "" auth_name: "" - type: >>> local_openshift name: localregistry namespaces: ['openshift','apb-test'] >>> white_list: ['*'] >>> >>> >>> Pl help! >>> >>> >>> >>> > Chakra >>> >>> Sr Solutions Architect. >>> +65 86715012 >>> Application Practice. APAC. >>> cjonagam at redhat.com >>> >>> >>> >>> >> >> _______________________________________________ >> Ansible-service-broker mailing list >> Ansible-service-broker at redhat.com >> https://www.redhat.com/mailman/listinfo/ansible-service-broker >> >> > -------------- next part -------------- An HTML attachment was scrubbed... URL: From rhallise at redhat.com Thu May 17 19:57:30 2018 From: rhallise at redhat.com (Ryan Hallisey) Date: Thu, 17 May 2018 15:57:30 -0400 Subject: [Ansible-service-broker] service bundle log collection In-Reply-To: References: Message-ID: I'm not aware of an issue that's tracking this, but it would be great to have. Maybe we can integrate with logging that openshift provides? - Ryan On Wed, May 16, 2018 at 4:34 PM, Michael Hrivnak wrote: > A point of feedback I heard more than once at KubeCon and Summit is that > some people want to always collect the log output when a service bundle > runs. Are we tracking that as an RFE already? Is there any thinking around > potential approaches? > > -- > > Michael Hrivnak > > Principal Software Engineer, RHCE > > Red Hat > > _______________________________________________ > Ansible-service-broker mailing list > Ansible-service-broker at redhat.com > https://www.redhat.com/mailman/listinfo/ansible-service-broker > > -------------- next part -------------- An HTML attachment was scrubbed... URL: From jesusr at redhat.com Mon May 21 15:39:55 2018 From: jesusr at redhat.com (jesusr at redhat.com) Date: Mon, 21 May 2018 11:39:55 -0400 Subject: [Ansible-service-broker] Switched to logrus Message-ID: <1526917195.30200.15.camel@redhat.com> Go-logging required being initialized at app startup, which caused us to do some interesting things to keep from having to pass the logger to every method (we did this in the beginning). This and the fact that bundle-lib and broker-client-go are already using logrus, prompted us to change to logrus. It just works right out of the box, but still allows for configuration to tweak it. PR 961, merged this morning to switch from using go-logging to logrus as the logging library. https://github.com/openshift/ansible-service-broker/pull/961 Some notes: * broker logging configuration remains the same for now * color option has been disabled because the default logrus color output does not suit our needs. So changing the color setting in the configuration will have no affect on the output right now. * the broker logs will be consistent with the logs from bundle-lib and broker-client-go again * log.Notice(f) statements were replaced with log.Info(f) since logrus does not have a Notice level. >From a users point of view, you will notice different output in your logs: https://github.com/openshift/ansible-service-broker/pull/961#issuecomme nt-390376937 If there are any questions or issues please reply to this thread or ping us on freenode in #asbroker. Sincerely, jesus From rhallise at redhat.com Tue May 22 14:25:26 2018 From: rhallise at redhat.com (Ryan Hallisey) Date: Tue, 22 May 2018 10:25:26 -0400 Subject: [Ansible-service-broker] Automation Broker Meeting 5-22-18 Message-ID: ==================================== #asbroker: Automation Broker 5-22-18 ==================================== Meeting started by rhallisey at 13:32:46 UTC. The full logs are attached. Meeting summary --------------- * Attendance (rhallisey, 13:33:01) * News (rhallisey, 13:34:00) * Bugs/Issue triage (rhallisey, 13:36:40) * ACTION: rhallisey go through 3.10 labeled bugs and target them to 3.11 (rhallisey, 13:37:51) * Features (rhallisey, 13:38:53) * LINK: https://github.com/openshift/ansible-service-broker/issues/963 (rhallisey, 13:38:59) * multiple tags per registery (rhallisey, 13:39:08) * ACTION: maleck13: write a proposal for multiple tags (rhallisey, 13:51:41) * ACTION: rhallisey & jmrodri: look for operator proposal (rhallisey, 13:52:08) * Open Discussion (rhallisey, 13:53:25) * Using labels with issues and PRs (rhallisey, 13:53:31) * APB object naming (rhallisey, 13:56:46) * LINK: https://github.com/ansibleplaybookbundle/mediawiki-apb/blob/master/defaults/main.yml#L8 (rhallisey, 13:56:54) Meeting ended at 14:20:21 UTC. Action Items ------------ * rhallisey go through 3.10 labeled bugs and target them to 3.11 * maleck13: write a proposal for multiple tags * rhallisey & jmrodri: look for operator proposal Action Items, by person ----------------------- * jmrodri * rhallisey & jmrodri: look for operator proposal * maleck13 * maleck13: write a proposal for multiple tags * rhallisey * rhallisey go through 3.10 labeled bugs and target them to 3.11 * rhallisey & jmrodri: look for operator proposal * **UNASSIGNED** * (none) People Present (lines said) --------------------------- * rhallisey (65) * jmrodri (52) * dzager (33) * ernelson (30) * maleck13 (21) * mhrivnak (19) * brokerbot (17) * fabianvf (6) * dymurray (4) Generated by `MeetBot`_ 0.1.4 .. _`MeetBot`: http://wiki.debian.org/MeetBot -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- 13:32:46 #startmeeting Automation Broker 5-22-18 13:32:46 Meeting started Tue May 22 13:32:46 2018 UTC. The chair is rhallisey. Information about MeetBot at http://wiki.debian.org/MeetBot. 13:32:46 Useful Commands: #action #agreed #help #info #idea #link #topic. 13:32:46 The meeting name has been set to 'automation_broker_5-22-18' 13:32:46 rhallisey: startmeeting Meeting Agenda https://docs.google.com/document/d/1Mj7bVYJ8NK-TwU_mxeZLprmBBZZ-xOq-Hg4CiD3E6pM/edit?usp=sharing 13:33:01 #topic Attendance 13:33:01 rhallisey: topic 13:33:06 o/ 13:33:12 here 13:33:16 Here 13:34:00 #topic News 13:34:00 rhallisey: topic 13:34:31 I have no news today. But, I know we're close to release-1.2 13:34:44 so that's exciting 13:34:53 rhallisey: so will that be in 3.10 13:34:57 yes 13:35:02 cool thanks 13:35:22 morning 13:35:23 maleck13, I changed that git labels so they reflect the openshift version and broker release version 13:35:32 I think the change to logrus is notable. :) 13:35:34 rhallisey: +1 great 13:35:49 It's already helped me working on bundle lib. 13:35:51 so you'll see now the labels say '3.10 | release-1.2' 13:35:58 nice mhrivnak 13:36:08 +1's for jmrodri 13:36:40 #topic Bugs/Issue triage 13:36:40 rhallisey: topic 13:37:21 I was looking through open issues targeting 3.10. If you're working on something it's going to likley need to be bounced to 3.11 13:37:51 #action rhallisey go through 3.10 labeled bugs and target them to 3.11 13:37:51 rhallisey: action 13:38:13 any other issues folks want to discuss 13:38:48 ok let's jump to features 13:38:53 #topic Features 13:38:53 rhallisey: topic 13:38:59 #link https://github.com/openshift/ansible-service-broker/issues/963 13:38:59 rhallisey: link 13:39:08 #info multiple tags per registery 13:39:08 rhallisey: info 13:39:43 maleck13, use case makes sense to me 13:39:53 So I added this would be good to get some general thoughts on it. But we will have multiple services (apbs) and having them all at the same tag seems difficult 13:40:20 maleck13: +1, I think that's a valid complaint 13:40:34 wondering if anyone had thoughts on changing to using a CRD to define a service rather than the config 13:40:35 Would it be valuable to keep it as one tag, but let you define the same registry more than once in the broker config? 13:41:00 maleck13: what benefits would that afford us? 13:41:10 i.e. what can't the config do that a CRD can? 13:41:12 as this would allow dynamic changes to the services with no restart of the broker 13:41:16 I think shawn mentioned there is a way around it with the current config by using two registries with whitelists. 13:41:32 at least for a short term work around, while we look at coming up with a proper solution. 13:41:36 maleck13: wouldn't the broker still need some reload mechanism? 13:41:44 +1 to adding this feature, I think it makes sense 13:41:51 ernelson: yes but it would be a watch on the crd 13:41:58 interesting.. that would make us declarative 13:42:05 ernelson: if a crd changed then it would reload that apb 13:42:11 *bundle 13:42:34 gotcha 13:42:51 maleck13: that sounds interesting but not necessarily as part of the multiple tag fix. I'd make them separate. 13:43:09 jmrodri, this could be apart of the whole operator discussion 13:43:17 could we not just have a watcher on the broker-config? 13:43:17 yeah this sounds very similar to the operator 13:43:28 ernelson: yes :) also on my mind 13:43:31 also, how often does a config change in a production environment? 13:43:35 Fwiw I think we could monitor the configmap too. 13:43:49 there's been talk for months about a control loop + api server style broker 13:43:54 mhrivnak: +1 13:43:56 actually probably since we started :P 13:44:05 ernelson: +1 that is definitely true 13:44:13 so it sounds to me like part of a broader conversation about a declarative style broker 13:44:29 ok so do we want an issue to capture that discussion 13:44:38 ernelson: +1, so maybe we catpure an issue? .... what maleck13 just said :) 13:44:55 maleck13, so this would be two separate discussions IIUC? 13:45:02 yes 13:45:15 1) multi tag support 2) declarative API for the broker 13:45:26 so do we need a proposal for multiple tags ? 13:45:27 +1 sounds good to me 13:45:34 there is nothing currently preventing you from adding two entries in the configmap for dockerhub at different tags. I guess I don't understand that part 13:45:38 maleck13, that was going to be my next q 13:46:11 IMO maleck13, it sounds straight forward. We need a loop through a list of tags 13:46:12 maleck13: I think so, because I don't know if everyone is aware of the problem. 13:46:47 ok I will investigate the fix dzager is suggesting and look at creating a proposal if needed afterwards 13:47:00 okay sounds good to me 13:47:16 k 13:47:22 topic #2 13:47:23 will I also take the action to discuss the pattern change? IE operator 13:48:17 maleck13, that one will definetly need a broker. There' already been some POC work done on it and we need to incorporate what we learned into a doc 13:48:22 need a proposal* 13:48:38 maleck13: something like https://hastebin.com/ejetoqufuv.scala 13:48:51 rhallisey: I think the operator one should go to either shawn or jmatthews since they've already started looking at it 13:48:59 re: the operator, shurly has been heads down 13:49:04 yeah 13:49:15 jmrodri, they may already have a google doc 13:49:18 dzager: will that actually work? :) I've never tried it 13:49:18 eh.. except you would have to change the names :/ like this https://hastebin.com/ovilodonel.scala 13:49:28 rhallisey: they do I don't know where it is yet. 13:50:03 jmrodri: I've done variations of that before without issue. I would be surprised if it didn't but I make no guarantees :) 13:50:23 dzager: cool :) 13:50:50 maleck13, we'll hunt down some of what's been written about it and make it available 13:51:04 well it's availble, but we don't know where.. 13:51:13 then we can collaborate around that 13:51:41 #action maleck13: write a proposal for multiple tags 13:51:41 rhallisey: action 13:52:08 #action rhallisey & jmrodri: look for operator proposal 13:52:08 rhallisey: action 13:52:38 bot must've kicked maleck 13:52:54 any more features folks want to discuss? 13:53:25 #topic Open Discussion 13:53:25 rhallisey: topic 13:53:31 #info Using labels with issues and PRs 13:53:31 rhallisey: info 13:53:45 /msg rhallisey I have one idea that may save you time with the CI. but want to wait until after the meeting to write the details with you 13:54:01 * dzager extra space ... nice 13:54:07 lol 13:54:24 I want to encourage everyone to use labels when creating issues and PRs 13:54:47 if you are creating a PR add the label 3.11 | release-1.3 13:54:55 dzager: ugh I *hate* that :) 13:55:19 rhallisey: +1 to labels and issues. I try to add them when I see them. 13:55:31 rhallisey: but I don't expect external contributors to know to do that. 13:55:32 if you create an issue, tag the release and if it's a feature/bug 13:55:38 honestly I wouldn't expect them. just us 13:56:16 jmrodri, just want to make everyone aware. It really helps with reviews since we know what needs to go in 13:56:46 #info APB object naming 13:56:46 rhallisey: info 13:56:54 #link https://github.com/ansibleplaybookbundle/mediawiki-apb/blob/master/defaults/main.yml#L8 13:56:54 rhallisey: link 13:57:03 rhallisey: +1 I didn't want external contributors reading to feel they are expected. :) 13:57:12 rhallisey: +1 agree with what you said though. 13:57:54 dzager, did you add this 13:58:01 You may or may not have noticed that the objects created by some of our APBs have had their name changed to the form "mediawiki-{{ _apb_service_instance_id }}". This makes it easy to include in templates, be idempotent and all the ansible jazz, plus allow more than one mediawiki in a namespace 13:58:04 rhallisey: yup 13:58:21 the problem is that the names are at least a little unsightly ;) 13:58:30 we all could use a few extra mediawikis in our lives. ;) 13:58:40 there are 3 ways that I can think to address this 13:58:47 1 make the name a parameter 13:59:09 2 use only the first 8 characters of the service instance id 13:59:21 3 use generateName 13:59:37 generateName sounds great and sounds like fun but I think it would be awful as an APB developer to try and do this 13:59:58 I like 2 :) 14:00:01 agreed that generateName is more fun in theory than in practice. 14:00:02 2 seems effective 14:00:05 also like 2 14:00:08 because all variations of it now have to start by looking for objects in the target namespace 14:00:18 dzager, with the new APB state stuff merged generateName should be doable and not too bad from the dev side 14:00:21 just need it to be unique within the namespace right? 14:00:31 2 is reproducible and can be re-derived, which is nice. 14:00:35 should be able to pass all the names to deprovision now 14:00:36 dymurray: I don't agree but would be happy to discuss this further 14:00:42 dzager, sounds good :) 14:00:55 dymurray: how would generate name work with idempotence? 14:01:06 my only Q with 2 is does that increase the chance of a name collision to the point that we care about it, and *do* we actually care about guaranteeing a unique name? 14:01:27 ernelson: I don't think it will 14:01:29 * mhrivnak tries to remember some math 14:01:31 ernelson, I think we haven't come across a use case 14:01:38 fabianvf: the only way that I can think to do it (and be idempotent) would be to first do a lookup for all the objects that you would create, **and then** save those names and use them in the templates (if defined) 14:01:42 if we don't actually care, my first question is moot 14:01:48 I think 8 characters of a UUID is still a big address space. 14:01:57 yes 14:02:22 most of the uuids we've created locally are almost the same for the last set, just few changes to the front. 14:02:30 ernelson: that was kind of the reason that I used the whole service_instance_id 14:02:51 although not fun to look at, it is unique 14:02:56 now for a stupid question, is a uuid different than a sha? 14:02:58 Ah, it's 32 bits of space, so as much as ipv4 ;) 14:03:06 and the router issue, IMHO, is a problem with the openshift router 14:03:15 git can find a commit using the first 7 characters of a sha. 14:03:23 maleck13: welcome back 14:03:30 fabianvf, I don't know maybe thats why I'm wrong :) 14:03:39 jmrodri: thanks :) miss anything there 14:03:57 jmrodri yes a uuid is a distinct concept. 14:04:13 maleck13: discussing https://github.com/ansibleplaybookbundle/mediawiki-apb/blob/master/defaults/main.yml#L8 14:04:35 maleck13: dzager changed the apbs to be more unique so they now include the service instance id. 14:04:50 ok 14:04:50 [09:58] < dzager> there are 3 ways that I can think to address this 14:04:51 [09:58] < dzager> 1 make the name a parameter 14:04:51 [09:59] < dzager> 2 use only the first 8 characters of the service instance id 14:04:51 [09:59] < dzager> 3 use generateName 14:04:51 just to be clear. we aren't creating a uuid, just using the service_instance_id 14:04:58 yeah, I think the proper way to do it is generate a shorter id from the instance id 14:05:09 dzager: right I know I was just asking since the service instance id is a uuid iirc 14:05:18 Food for thought: https://blogs.msdn.microsoft.com/oldnewthing/20080627-00/?p=21823 14:05:21 sorry for derailing the conversation 14:05:24 ignore the MS domain :P 14:05:59 heh 14:06:03 ernelson: right I know they aren't, just wondering if the combo of the name + substring of the guid + namespace are unique enough :) 14:06:13 ernelson yeah the same would happen if we used uuid1 or uuid2 14:06:23 jmrodri: yeah that's why I said, does it decrease uniqueness *to the point that we care* 14:06:38 and I don't think it does 14:06:45 jmrodri, but it's the name and namespace going to be the same here 14:06:50 are we moving to 8 chars from the service_instance_id just to make it less ugly? 14:06:53 right? 14:07:16 dzager: I think so, because to be honest, I don't like it with the SI id in there 14:07:30 why not sue generateName is that not what this for? 14:07:30 rhallisey: true 14:07:32 jmrodri: +1, we've had bzs logged for stuff like this before 14:07:47 ernelson: completely forgot about that. 14:07:48 because we're talking about avoiding collisions of mediawiki in the same ns 14:07:49 maleck13: the problem with generateName is all the extra work you must do for idempotence 14:08:07 dzager: good point! 14:09:04 it is totally doable, but I want our examples to be readily usable by wannabe APB developers and using generateName would require a lot of work on the part of the APB dev 14:09:05 my vote is first 8 of the si id, and revisit if we hit problems 14:09:45 dzager: +1, I think we should prefer an approach that does not place additional burden on APB authors 14:09:55 jmrodri: +1 I'll talk with fabianvf to see if there is a way to generate a more sightly name based on the service instance id...but won't act on that unless something obvious shows up 14:10:19 I'm unaware of some math wizardry that will compress a UUID and still guarantee uniqueness 14:10:54 ernelson, we could do what docker does and just give random first-last names 14:11:15 mediawiki-perplexed-heisenburg 14:11:18 uuid does not guarantee uniqueness for all types. 14:11:19 haha 14:11:58 mhrivnak: practically you can generate uuid4s until the heat death of the universe 14:12:01 Collision is just so improbable that the chance is considered acceptable. 14:12:03 I think that fits our timeframe 14:12:25 Yeah, so it's a matter of how comfortable you are with the chance of collision. 14:12:46 so here is a 100 uuids https://hastebin.com/ofupiqawav.go 14:13:16 rhallisey: I think then the apb-base entrypoint script would have to provide that to the APB 14:13:30 that the APB could use if it wanted it 14:13:30 Didn't mean to throw a wrench into this conversation, but I think the question did have to be asked; if we're taking a UUID substring, we have to consider we are killing some about of its uniqueness 14:13:56 If every 4294967296th deployment fails because of a collision and the user has to re-try, I think that's acceptable. :) 14:14:04 I don't think we need a uuid level guarantee at all 14:14:21 mhrivnak: +1 :) 14:14:38 I think, for now, the most prudent thing is to just use 8 14:14:40 ya I think that's good 14:14:50 +1, sounds like we're in agreement then with dzager's #2 and we can revisit if this causes a problem 14:14:59 and if there is a collision, maybe we start a lottery ticket pool 14:15:09 :) 14:15:10 lol 14:15:11 My only concern with a substring is that I'm not sure how the uuids are generated, a substring might have a lower uniqueness guarantee than you'd expect 14:15:42 fabianvf: that's what ernelson was asking 14:16:04 it WILL have ha lower guarantee, but is it high enough? 14:16:38 we could use the service id as the name and get rid of the rest of it, but then we're back to an old bug that ernelson mentioend that folks didn't like that. 14:16:49 which is why we went with dh-mediawiki..... 14:17:23 so it sounds like we need to satisfy ernelson's and fabianvf's concerns 14:17:38 interestingly the OSBAPI says "Using a GUID is RECOMMENDED" 14:17:38 I know it's a small set but out of the 124 uuids I generated. keeping the first 8 only all 124 were unique. 14:17:39 dzager, can you investigate further 14:17:52 rhallisey: yeah 14:17:53 mhrivnak: yes they recommend guids for almost everything. 14:17:53 jmrodri: my point was that an 8 character random string seeded by a uuid may have a stronger uniqueness guarantee than an 8 character substring 14:18:14 fabianvf: well that point was lost on me :) 14:18:22 dzager, any info you find we can bring up again at the next meeting 14:18:25 fabianvf: right, there may be localized substrings that have significantly less 14:18:26 fabianvf: that I can agree with :) 14:18:28 I think the action item is to investigate further :) 14:18:49 +1 14:18:54 +1 14:18:58 ok folks any more open items? 14:19:02 how many services do we need in a namespace? 14:19:04 100? 200? 14:19:06 1000? 14:19:15 jmrodri, we don't have a use case, but... idk 14:20:17 ok everyone thanks! 14:20:21 #endmeeting -------------- next part -------------- ==================================== #asbroker: Automation Broker 5-22-18 ==================================== Meeting started by rhallisey at 13:32:46 UTC. The full logs are available at asbroker/2018/asbroker.2018-05-22-13.32.log.html . Meeting summary --------------- * Attendance (rhallisey, 13:33:01) * News (rhallisey, 13:34:00) * Bugs/Issue triage (rhallisey, 13:36:40) * ACTION: rhallisey go through 3.10 labeled bugs and target them to 3.11 (rhallisey, 13:37:51) * Features (rhallisey, 13:38:53) * LINK: https://github.com/openshift/ansible-service-broker/issues/963 (rhallisey, 13:38:59) * multiple tags per registery (rhallisey, 13:39:08) * ACTION: maleck13: write a proposal for multiple tags (rhallisey, 13:51:41) * ACTION: rhallisey & jmrodri: look for operator proposal (rhallisey, 13:52:08) * Open Discussion (rhallisey, 13:53:25) * Using labels with issues and PRs (rhallisey, 13:53:31) * APB object naming (rhallisey, 13:56:46) * LINK: https://github.com/ansibleplaybookbundle/mediawiki-apb/blob/master/defaults/main.yml#L8 (rhallisey, 13:56:54) Meeting ended at 14:20:21 UTC. Action Items ------------ * rhallisey go through 3.10 labeled bugs and target them to 3.11 * maleck13: write a proposal for multiple tags * rhallisey & jmrodri: look for operator proposal Action Items, by person ----------------------- * jmrodri * rhallisey & jmrodri: look for operator proposal * maleck13 * maleck13: write a proposal for multiple tags * rhallisey * rhallisey go through 3.10 labeled bugs and target them to 3.11 * rhallisey & jmrodri: look for operator proposal * **UNASSIGNED** * (none) People Present (lines said) --------------------------- * rhallisey (65) * jmrodri (52) * dzager (33) * ernelson (30) * maleck13 (21) * mhrivnak (19) * brokerbot (17) * fabianvf (6) * dymurray (4) Generated by `MeetBot`_ 0.1.4 .. _`MeetBot`: http://wiki.debian.org/MeetBot From cjonagam at redhat.com Thu May 24 15:29:03 2018 From: cjonagam at redhat.com (Chakradhar Jonagam) Date: Thu, 24 May 2018 23:29:03 +0800 Subject: [Ansible-service-broker] custom apb's not showing up in catalog In-Reply-To: References: Message-ID: I see following logs on apb pod but UI does not show any templates. i also made a custom apb which is successfully pushed but its not listed either. please let me know if anyone seen similar issues / fixes [2018-05-24T15:19:39.402Z] [INFO] - APBs filtered by white/blacklist filter:-> ansibleplaybookbundle/manageiq-apb-> ansibleplaybookbundle/rocketchat-apb-> ansibleplaybookbundle/photo-album-demo-ext-api-apb-> ansibleplaybookbundle/hello-world-apb-> ansibleplaybookbundle/s2i-apb-> ansibleplaybookbundle/hello-world-db-apb-> ansibleplaybookbundle/nginx-apb-> ansibleplaybookbundle/mediawiki-apb-> ansibleplaybookbundle/rds-postgres-apb-> ansibleplaybookbundle/postgresql-apb-> ansibleplaybookbundle/wordpress-ha-apb-> ansibleplaybookbundle/etherpad-apb-> ansibleplaybookbundle/hastebin-apb-> ansibleplaybookbundle/jenkins-apb-> ansibleplaybookbundle/mysql-apb-> ansibleplaybookbundle/pyzip-demo-apb-> ansibleplaybookbundle/mariadb-apb-> ansibleplaybookbundle/es-apb-> ansibleplaybookbundle/pyzip-demo-db-apb-> ansibleplaybookbundle/kibana-apb-> ansibleplaybookbundle/thelounge-apb-> ansibleplaybookbundle/photo-album-demo-api-apb-> ansibleplaybookbundle/proxy-config-apb-> ansibleplaybookbundle/photo-album-demo-app-apb-> ansibleplaybookbundle/prometheus-apb-> ansibleplaybookbundle/v2v-apb-> ansibleplaybookbundle/awx-apb-> ansibleplaybookbundle/iscsi-demo-target-apb-> ansibleplaybookbundle/mongodb-apb-> ansibleplaybookbundle/keycloak-apb-> ansibleplaybookbundle/virtualmachines-apb-> ansibleplaybookbundle/mssql-apb-> ansibleplaybookbundle/dynamic-apb-> ansibleplaybookbundle/eclipse-che-apb-> ansibleplaybookbundle/windows-apb-> ansibleplaybookbundle/rhel-apb-> ansibleplaybookbundle/tiller-apb-> ansibleplaybookbundle/import-vm-disk-apb-> ansibleplaybookbundle/mssql-remote-apb-> ansibleplaybookbundle/galera-apb-> ansibleplaybookbundle/vnc-desktop-apb-> ansibleplaybookbundle/kubevirt-apb-> ansibleplaybookbundle/openshift-logging-apb-> ansibleplaybookbundle/import-vm-apb-> ansibleplaybookbundle/manageiq-runner-apb[2018-05-24T15:19:39.402Z] [INFO] - APBs filtered by white/blacklist filter:-> ansibleplaybookbundle/manageiq-apb-> ansibleplaybookbundle/rocketchat-apb-> ansibleplaybookbundle/photo-album-demo-ext-api-apb-> ansibleplaybookbundle/hello-world-apb-> ansibleplaybookbundle/s2i-apb-> ansibleplaybookbundle/hello-world-db-apb-> ansibleplaybookbundle/nginx-apb-> ansibleplaybookbundle/mediawiki-apb-> ansibleplaybookbundle/rds-postgres-apb-> ansibleplaybookbundle/postgresql-apb-> ansibleplaybookbundle/wordpress-ha-apb-> ansibleplaybookbundle/etherpad-apb-> ansibleplaybookbundle/hastebin-apb-> ansibleplaybookbundle/jenkins-apb-> ansibleplaybookbundle/mysql-apb-> ansibleplaybookbundle/pyzip-demo-apb-> ansibleplaybookbundle/mariadb-apb-> ansibleplaybookbundle/es-apb-> ansibleplaybookbundle/pyzip-demo-db-apb-> ansibleplaybookbundle/kibana-apb-> ansibleplaybookbundle/thelounge-apb-> ansibleplaybookbundle/photo-album-demo-api-apb-> ansibleplaybookbundle/proxy-config-apb-> ansibleplaybookbundle/photo-album-demo-app-apb-> ansibleplaybookbundle/prometheus-apb-> ansibleplaybookbundle/v2v-apb-> ansibleplaybookbundle/awx-apb-> ansibleplaybookbundle/iscsi-demo-target-apb-> ansibleplaybookbundle/mongodb-apb-> ansibleplaybookbundle/keycloak-apb-> ansibleplaybookbundle/virtualmachines-apb-> ansibleplaybookbundle/mssql-apb-> ansibleplaybookbundle/dynamic-apb-> ansibleplaybookbundle/eclipse-che-apb-> ansibleplaybookbundle/windows-apb-> ansibleplaybookbundle/rhel-apb-> ansibleplaybookbundle/tiller-apb-> ansibleplaybookbundle/import-vm-disk-apb-> ansibleplaybookbundle/mssql-remote-apb-> ansibleplaybookbundle/galera-apb-> ansibleplaybookbundle/vnc-desktop-apb-> ansibleplaybookbundle/kubevirt-apb-> ansibleplaybookbundle/openshift-logging-apb-> ansibleplaybookbundle/import-vm-apb-> ansibleplaybookbundle/manageiq-runner-apb > Chakra Sr Solutions Architect. +65 86715012 Application Practice. APAC. cjonagam at redhat.com On Thu, May 17, 2018 at 10:00 AM, Chakradhar Jonagam wrote: > For other who see similar issues. > Ryan helped me this on IRC. looks like issue is with asb config > (configmap) > > changing *['*']* below to . *['.*'] *seemed to have fixed the issue, but > i'm unable to see another fresh example which i pushed recently. i will let > you know in case i figure out. > > registry: - type: dockerhub name: dh url: org: ansibleplaybookbundle tag: > latest white_list: [] auth_type: "" auth_name: "" - type: local_openshift > name: localregistry namespaces: ['openshift','apb-test'] white_list: ['*'] > > > Chakra > > Sr Solutions Architect. > +65 86715012 > Application Practice. APAC. > cjonagam at redhat.com > > > > > On Wed, May 16, 2018 at 10:57 PM, Ryan Hallisey > wrote: > >> Hey Chakradhar, >> >> Can you join #asbroker on irc and I can help you debug this. Could be >> the broker is failing to find specs in the registry. >> >> - Ryan >> >> On Wed, May 16, 2018 at 5:06 AM, Chakradhar Jonagam >> wrote: >> >>> ++ asb group >>> >>> >>> Is this normal. >>> >>> curl -k -H "Authorization: Bearer $(oc whoami -t)" https://$(oc get >>> routes --no-headers | awk '{print $2}')/ansible-service-broker/v >>> 2/catalog >>> { >>> "services": [] >>> } >>> >>> >>> >>> > Chakra >>> >>> Sr Solutions Architect. >>> +65 86715012 >>> Application Practice. APAC. >>> cjonagam at redhat.com >>> >>> >>> >>> >>> On Wed, May 16, 2018 at 3:17 PM, Chakradhar Jonagam >> > wrote: >>> >>>> >>>> >>>> I tried to build a custom apb using apb cli, i'm able to push >>>> successfully but failing to see it in the service catalog UI. >>>> >>>> Tried following >>>> - logged out and loggedin , refreshed catalog, bootstrapped etc etc. >>>> - tried pushing to different namespaces >>>> - tried different registries >>>> - it was pretty hard to install apb cli on centos (pl put some binaries >>>> on github releases :) >>>> >>>> Here is the output of my push >>>> >>>> >>>> [cjonagam at create9-bastion my-mysql]$ sudo apb push --namespace openshift --registry-route=docker-registry-default.apps.minikube.io >>>> /usr/lib/python2.7/site-packages/urllib3/connectionpool.py:769: InsecureRequestWarning: Unverified HTTPS request is being made. Adding certificate verification is strongly advised. See: https://urllib3.readthedocs.org/en/latest/security.html >>>> InsecureRequestWarning) >>>> /usr/lib/python2.7/site-packages/urllib3/connectionpool.py:769: InsecureRequestWarning: Unverified HTTPS request is being made. Adding certificate verification is strongly advised. See: https://urllib3.readthedocs.org/en/latest/security.html >>>> InsecureRequestWarning) >>>> version: 1.0 >>>> name: my-mysql >>>> description: This is a sample application generated by apb init >>>> bindable: True >>>> async: optional >>>> metadata: >>>> displayName: my-mysql >>>> dependencies: [] >>>> plans: >>>> - name: default >>>> description: This default plan deploys my-mysql >>>> free: True >>>> metadata: {} >>>> parameters: [] >>>> Finished writing dockerfile. >>>> Building APB using tag: [docker-registry-default.apps.minikube.io/openshift/my-mysql] >>>> Successfully built APB image: docker-registry-default.apps.minikube.io/openshift/my-mysql >>>> /usr/lib/python2.7/site-packages/urllib3/connectionpool.py:769 : InsecureRequestWarning: Unverified HTTPS request is being made. Adding certificate verification is strongly advised. See: https://urllib3.readthedocs.org/en/latest/security.html >>>> InsecureRequestWarning) >>>> Pushing the image, this could take a minute... >>>> Successfully pushed image: docker-registry-default.apps.minikube.io/openshift/my-mysql >>>> Contacting the ansible-service-broker at: https://asb-1338-openshift-ansible-service-broker.apps.minikube.io/ansible-service-broker/v2/bootstrap >>>> Successfully bootstrapped Ansible Service Broker >>>> Successfully relisted the Service Catalog >>>> >>>> >>>> Here is my asb config >>>> >>>> >>>> registry: - type: dockerhub name: dh url: org: ansibleplaybookbundle >>>> tag: latest white_list: [] auth_type: "" auth_name: "" - type: >>>> local_openshift name: localregistry namespaces: ['openshift','apb-test'] >>>> white_list: ['*'] >>>> >>>> >>>> Pl help! >>>> >>>> >>>> >>>> > Chakra >>>> >>>> Sr Solutions Architect. >>>> +65 86715012 >>>> Application Practice. APAC. >>>> cjonagam at redhat.com >>>> >>>> >>>> >>>> >>> >>> _______________________________________________ >>> Ansible-service-broker mailing list >>> Ansible-service-broker at redhat.com >>> https://www.redhat.com/mailman/listinfo/ansible-service-broker >>> >>> >> > -------------- next part -------------- An HTML attachment was scrubbed... URL: From rhallise at redhat.com Thu May 24 15:50:14 2018 From: rhallise at redhat.com (Ryan Hallisey) Date: Thu, 24 May 2018 11:50:14 -0400 Subject: [Ansible-service-broker] custom apb's not showing up in catalog In-Reply-To: References: Message-ID: Looks like your filter is removing a lot of apbs from being sent to the catalog. What's your broker config look like? - Ryan On Thu, May 24, 2018 at 11:29 AM, Chakradhar Jonagam wrote: > I see following logs on apb pod but UI does not show any templates. i > also made a custom apb which is successfully pushed but its not listed > either. > please let me know if anyone seen similar issues / fixes > > > [2018-05-24T15:19:39.402Z] [INFO] - APBs filtered by white/blacklist > filter:-> ansibleplaybookbundle/manageiq-apb-> ansibleplaybookbundle/rocketchat-apb-> > ansibleplaybookbundle/photo-album-demo-ext-api-apb-> > ansibleplaybookbundle/hello-world-apb-> ansibleplaybookbundle/s2i-apb-> > ansibleplaybookbundle/hello-world-db-apb-> ansibleplaybookbundle/nginx-apb-> > ansibleplaybookbundle/mediawiki-apb-> ansibleplaybookbundle/rds-postgres-apb-> > ansibleplaybookbundle/postgresql-apb-> ansibleplaybookbundle/wordpress-ha-apb-> > ansibleplaybookbundle/etherpad-apb-> ansibleplaybookbundle/hastebin-apb-> > ansibleplaybookbundle/jenkins-apb-> ansibleplaybookbundle/mysql-apb-> > ansibleplaybookbundle/pyzip-demo-apb-> ansibleplaybookbundle/mariadb-apb-> > ansibleplaybookbundle/es-apb-> ansibleplaybookbundle/pyzip-demo-db-apb-> > ansibleplaybookbundle/kibana-apb-> ansibleplaybookbundle/thelounge-apb-> > ansibleplaybookbundle/photo-album-demo-api-apb-> > ansibleplaybookbundle/proxy-config-apb-> ansibleplaybookbundle/photo-album-demo-app-apb-> > ansibleplaybookbundle/prometheus-apb-> ansibleplaybookbundle/v2v-apb-> > ansibleplaybookbundle/awx-apb-> ansibleplaybookbundle/iscsi-demo-target-apb-> > ansibleplaybookbundle/mongodb-apb-> ansibleplaybookbundle/keycloak-apb-> > ansibleplaybookbundle/virtualmachines-apb-> ansibleplaybookbundle/mssql-apb-> > ansibleplaybookbundle/dynamic-apb-> ansibleplaybookbundle/eclipse-che-apb-> > ansibleplaybookbundle/windows-apb-> ansibleplaybookbundle/rhel-apb-> > ansibleplaybookbundle/tiller-apb-> ansibleplaybookbundle/import-vm-disk-apb-> > ansibleplaybookbundle/mssql-remote-apb-> ansibleplaybookbundle/galera-apb-> > ansibleplaybookbundle/vnc-desktop-apb-> ansibleplaybookbundle/kubevirt-apb-> > ansibleplaybookbundle/openshift-logging-apb-> > ansibleplaybookbundle/import-vm-apb-> ansibleplaybookbundle/ > manageiq-runner-apb[2018-05-24T15:19:39.402Z] [INFO] - APBs filtered by > white/blacklist filter:-> ansibleplaybookbundle/manageiq-apb-> > ansibleplaybookbundle/rocketchat-apb-> ansibleplaybookbundle/photo-album-demo-ext-api-apb-> > ansibleplaybookbundle/hello-world-apb-> ansibleplaybookbundle/s2i-apb-> > ansibleplaybookbundle/hello-world-db-apb-> ansibleplaybookbundle/nginx-apb-> > ansibleplaybookbundle/mediawiki-apb-> ansibleplaybookbundle/rds-postgres-apb-> > ansibleplaybookbundle/postgresql-apb-> ansibleplaybookbundle/wordpress-ha-apb-> > ansibleplaybookbundle/etherpad-apb-> ansibleplaybookbundle/hastebin-apb-> > ansibleplaybookbundle/jenkins-apb-> ansibleplaybookbundle/mysql-apb-> > ansibleplaybookbundle/pyzip-demo-apb-> ansibleplaybookbundle/mariadb-apb-> > ansibleplaybookbundle/es-apb-> ansibleplaybookbundle/pyzip-demo-db-apb-> > ansibleplaybookbundle/kibana-apb-> ansibleplaybookbundle/thelounge-apb-> > ansibleplaybookbundle/photo-album-demo-api-apb-> > ansibleplaybookbundle/proxy-config-apb-> ansibleplaybookbundle/photo-album-demo-app-apb-> > ansibleplaybookbundle/prometheus-apb-> ansibleplaybookbundle/v2v-apb-> > ansibleplaybookbundle/awx-apb-> ansibleplaybookbundle/iscsi-demo-target-apb-> > ansibleplaybookbundle/mongodb-apb-> ansibleplaybookbundle/keycloak-apb-> > ansibleplaybookbundle/virtualmachines-apb-> ansibleplaybookbundle/mssql-apb-> > ansibleplaybookbundle/dynamic-apb-> ansibleplaybookbundle/eclipse-che-apb-> > ansibleplaybookbundle/windows-apb-> ansibleplaybookbundle/rhel-apb-> > ansibleplaybookbundle/tiller-apb-> ansibleplaybookbundle/import-vm-disk-apb-> > ansibleplaybookbundle/mssql-remote-apb-> ansibleplaybookbundle/galera-apb-> > ansibleplaybookbundle/vnc-desktop-apb-> ansibleplaybookbundle/kubevirt-apb-> > ansibleplaybookbundle/openshift-logging-apb-> > ansibleplaybookbundle/import-vm-apb-> ansibleplaybookbundle/ > manageiq-runner-apb > > > Chakra > > Sr Solutions Architect. > +65 86715012 > Application Practice. APAC. > cjonagam at redhat.com > > > > > On Thu, May 17, 2018 at 10:00 AM, Chakradhar Jonagam > wrote: > >> For other who see similar issues. >> Ryan helped me this on IRC. looks like issue is with asb config >> (configmap) >> >> changing *['*']* below to . *['.*'] *seemed to have fixed the issue, but >> i'm unable to see another fresh example which i pushed recently. i will let >> you know in case i figure out. >> >> registry: - type: dockerhub name: dh url: org: ansibleplaybookbundle tag: >> latest white_list: [] auth_type: "" auth_name: "" - type: local_openshift >> name: localregistry namespaces: ['openshift','apb-test'] white_list: ['*'] >> >> > Chakra >> >> Sr Solutions Architect. >> +65 86715012 >> Application Practice. APAC. >> cjonagam at redhat.com >> >> >> >> >> On Wed, May 16, 2018 at 10:57 PM, Ryan Hallisey >> wrote: >> >>> Hey Chakradhar, >>> >>> Can you join #asbroker on irc and I can help you debug this. Could be >>> the broker is failing to find specs in the registry. >>> >>> - Ryan >>> >>> On Wed, May 16, 2018 at 5:06 AM, Chakradhar Jonagam >> > wrote: >>> >>>> ++ asb group >>>> >>>> >>>> Is this normal. >>>> >>>> curl -k -H "Authorization: Bearer $(oc whoami -t)" https://$(oc get >>>> routes --no-headers | awk '{print $2}')/ansible-service-broker/v >>>> 2/catalog >>>> { >>>> "services": [] >>>> } >>>> >>>> >>>> >>>> > Chakra >>>> >>>> Sr Solutions Architect. >>>> +65 86715012 >>>> Application Practice. APAC. >>>> cjonagam at redhat.com >>>> >>>> >>>> >>>> >>>> On Wed, May 16, 2018 at 3:17 PM, Chakradhar Jonagam < >>>> cjonagam at redhat.com> wrote: >>>> >>>>> >>>>> >>>>> I tried to build a custom apb using apb cli, i'm able to push >>>>> successfully but failing to see it in the service catalog UI. >>>>> >>>>> Tried following >>>>> - logged out and loggedin , refreshed catalog, bootstrapped etc etc. >>>>> - tried pushing to different namespaces >>>>> - tried different registries >>>>> - it was pretty hard to install apb cli on centos (pl put some >>>>> binaries on github releases :) >>>>> >>>>> Here is the output of my push >>>>> >>>>> >>>>> [cjonagam at create9-bastion my-mysql]$ sudo apb push --namespace openshift --registry-route=docker-registry-default.apps.minikube.io >>>>> /usr/lib/python2.7/site-packages/urllib3/connectionpool.py:769: InsecureRequestWarning: Unverified HTTPS request is being made. Adding certificate verification is strongly advised. See: https://urllib3.readthedocs.org/en/latest/security.html >>>>> InsecureRequestWarning) >>>>> /usr/lib/python2.7/site-packages/urllib3/connectionpool.py:769: InsecureRequestWarning: Unverified HTTPS request is being made. Adding certificate verification is strongly advised. See: https://urllib3.readthedocs.org/en/latest/security.html >>>>> InsecureRequestWarning) >>>>> version: 1.0 >>>>> name: my-mysql >>>>> description: This is a sample application generated by apb init >>>>> bindable: True >>>>> async: optional >>>>> metadata: >>>>> displayName: my-mysql >>>>> dependencies: [] >>>>> plans: >>>>> - name: default >>>>> description: This default plan deploys my-mysql >>>>> free: True >>>>> metadata: {} >>>>> parameters: [] >>>>> Finished writing dockerfile. >>>>> Building APB using tag: [docker-registry-default.apps.minikube.io/openshift/my-mysql] >>>>> Successfully built APB image: docker-registry-default.apps.minikube.io/openshift/my-mysql >>>>> /usr/lib/python2.7/site-packages/urllib3/connectionpool.py:769 : InsecureRequestWarning: Unverified HTTPS request is being made. Adding certificate verification is strongly advised. See: https://urllib3.readthedocs.org/en/latest/security.html >>>>> InsecureRequestWarning) >>>>> Pushing the image, this could take a minute... >>>>> Successfully pushed image: docker-registry-default.apps.minikube.io/openshift/my-mysql >>>>> Contacting the ansible-service-broker at: https://asb-1338-openshift-ansible-service-broker.apps.minikube.io/ansible-service-broker/v2/bootstrap >>>>> Successfully bootstrapped Ansible Service Broker >>>>> Successfully relisted the Service Catalog >>>>> >>>>> >>>>> Here is my asb config >>>>> >>>>> >>>>> registry: - type: dockerhub name: dh url: org: ansibleplaybookbundle >>>>> tag: latest white_list: [] auth_type: "" auth_name: "" - type: >>>>> local_openshift name: localregistry namespaces: ['openshift','apb-test'] >>>>> white_list: ['*'] >>>>> >>>>> >>>>> Pl help! >>>>> >>>>> >>>>> >>>>> > Chakra >>>>> >>>>> Sr Solutions Architect. >>>>> +65 86715012 >>>>> Application Practice. APAC. >>>>> cjonagam at redhat.com >>>>> >>>>> >>>>> >>>>> >>>> >>>> _______________________________________________ >>>> Ansible-service-broker mailing list >>>> Ansible-service-broker at redhat.com >>>> https://www.redhat.com/mailman/listinfo/ansible-service-broker >>>> >>>> >>> >> > -------------- next part -------------- An HTML attachment was scrubbed... URL: From jmontleo at redhat.com Thu May 24 17:37:43 2018 From: jmontleo at redhat.com (Jason Montleon) Date: Thu, 24 May 2018 13:37:43 -0400 Subject: [Ansible-service-broker] Openshift 3.10 Automation Broker Installation Demo Message-ID: <59e349ef-a33b-7aed-1260-3e3c64375900@redhat.com> We recently added a new feature to Openshift Origin to make installing the Automation Broker easier. It is now possible to run "oc cluster up --enable=service-catalog,automation-service-broker" to install the broker. A YouTube demo video with details is available at https://youtu.be/IY1RINVsO40 -- Jason Montleon | email: jmontleo at redhat.com Software Engineer | gpg key: 0x069E3022 Red Hat, Inc. | irc: jmontleo desk: 978-392-3930 | cell: 508-496-0663 From cbrookes at redhat.com Fri May 25 08:20:49 2018 From: cbrookes at redhat.com (Craig Brookes) Date: Fri, 25 May 2018 09:20:49 +0100 Subject: [Ansible-service-broker] Openshift 3.10 Automation Broker Installation Demo In-Reply-To: <59e349ef-a33b-7aed-1260-3e3c64375900@redhat.com> References: <59e349ef-a33b-7aed-1260-3e3c64375900@redhat.com> Message-ID: This looks great. If you had your own bundles would you need to change the config after this had completed or are there env vars etc that could be used to point the broker at a different dockerhub org for instance? On Thu, May 24, 2018 at 6:37 PM, Jason Montleon wrote: > We recently added a new feature to Openshift Origin to make installing the > Automation Broker easier. > > It is now possible to run "oc cluster up --enable=service-catalog,automation-service-broker" > to install the broker. > > A YouTube demo video with details is available at > https://youtu.be/IY1RINVsO40 > -- > Jason Montleon | email: jmontleo at redhat.com > Software Engineer | gpg key: 0x069E3022 > Red Hat, Inc. | irc: jmontleo > desk: 978-392-3930 | cell: 508-496-0663 > > _______________________________________________ > Ansible-service-broker mailing list > Ansible-service-broker at redhat.com > https://www.redhat.com/mailman/listinfo/ansible-service-broker > -- Craig Brookes RHMAP @maleck13 Github -------------- next part -------------- An HTML attachment was scrubbed... URL: From ernelson at redhat.com Fri May 25 12:34:38 2018 From: ernelson at redhat.com (Erik Nelson) Date: Fri, 25 May 2018 08:34:38 -0400 Subject: [Ansible-service-broker] Namespaced Service Brokers Demo Message-ID: Good Morning, We've been working on a feature in the upstream catalog supporting namespaced service brokers and classes/plans, as opposed to cluster scoped brokers and classes/plans. This allows cluster operators to use standard access control mechanisms to protect brokers and their services. Here's an initial demo: https://www.youtube.com/watch?v=D7qMdMPQXSg - Erik From jmontleo at redhat.com Fri May 25 13:51:45 2018 From: jmontleo at redhat.com (Jason Montleon) Date: Fri, 25 May 2018 09:51:45 -0400 Subject: [Ansible-service-broker] Openshift 3.10 Automation Broker Installation Demo In-Reply-To: References: <59e349ef-a33b-7aed-1260-3e3c64375900@redhat.com> Message-ID: <94338fba-a0d2-b5ac-4fdb-3d3714fc2e25@redhat.com> Hi Craig, Right now, as I understand it, there is no way to pass in options for components via 'oc cluster add' or 'oc cluster up --enable'. Therefore it will be necessary to update the configmap and restart the broker post install. You could switch the org fairly quickly by doing something like so: https://paste.fedoraproject.org/paste/X9Ur0mQ4uYkKMAL59Sdppw I'll be submitting a PR to apb so you don't have to specify the --broker-name option, but for now it's required. On 05/25/2018 04:20 AM, Craig Brookes wrote: > This looks great. If you had your own bundles would you need to change > the config after this had completed or are there env vars etc that could > be used to point the broker at a different dockerhub org for instance? > > On Thu, May 24, 2018 at 6:37 PM, Jason Montleon > wrote: > > We recently added a new feature to Openshift Origin to make > installing the Automation Broker easier. > > It is now possible to run "oc cluster up > --enable=service-catalog,automation-service-broker" to install the > broker. > > A YouTube demo video with details is available at > https://youtu.be/IY1RINVsO40 > -- > Jason Montleon? ? ?| email: jmontleo at redhat.com > > Software Engineer? | gpg key: 0x069E3022 > Red Hat, Inc.? ? ? | irc: jmontleo > desk: 978-392-3930 | cell: 508-496-0663 > > _______________________________________________ > Ansible-service-broker mailing list > Ansible-service-broker at redhat.com > > https://www.redhat.com/mailman/listinfo/ansible-service-broker > > > > > > -- > Craig Brookes > RHMAP > @maleck13 Github -- Jason Montleon | email: jmontleo at redhat.com Software Engineer | gpg key: 0x069E3022 Red Hat, Inc. | irc: jmontleo desk: 978-392-3930 | cell: 508-496-0663 From jesusr at redhat.com Wed May 30 03:35:11 2018 From: jesusr at redhat.com (jesus m. rodriguez) Date: Tue, 29 May 2018 23:35:11 -0400 Subject: [Ansible-service-broker] Automation Broker Community Meeting 5/29/2018 Message-ID: <1527651311.17974.0.camel@redhat.com> ====================================== #asbroker: Automation Broker 5/29/2018 ====================================== Meeting started by jmrodri at 13:30:52 UTC. The full logs are available at asbroker/2018/asbroker.2018-05-29-13.30.log.html . Meeting summary --------------- * attendance (jmrodri, 13:31:02) * News (jmrodri, 13:32:51) * ASB master is open for new features (jmrodri, 13:35:11) * bug/issue triage (jmrodri, 13:35:46) * LINK: https://github.com/openshift/ansible-service-broker/issues?q=is%3Aissue +is%3Aopen+label%3A%223.10+%7C+release-1.2%22 (jmrodri, 13:36:09) * Binding errors are no longer displayed (jmrodri, 13:37:35) * LINK: https://github.com/openshift/ansible-service-broker/issues/941 (jmrodri, 13:37:37) * ACTION: jmrodri take Issue 941, test, fix and or close (jmrodri, 13:40:11) * Consider a configuration switch that will execute APBs in ansible verbose mode for debugging purposes (jmrodri, 13:41:10) * LINK: https://github.com/openshift/ansible-service-broker/issues/822 (jmrodri, 13:41:16) * ClusterServiceBroker "ansible-service-broker" - Status: 400 -> Description: not found; ResponseError (jmrodri, 13:42:51) * LINK: https://github.com/openshift/ansible-service-broker/issues/813 (jmrodri, 13:42:55) * ACTION: shurley to shepherd issue 813 (jmrodri, 13:46:59) * Discussion: Broker should not fail hard when registry names collide (jmrodri, 13:47:15) * LINK: https://github.com/openshift/ansible-service-broker/issues/753 (jmrodri, 13:47:29) * Should consider using pkg/errors (jmrodri, 13:51:26) * LINK: https://github.com/openshift/ansible-service-broker/issues/717 (jmrodri, 13:51:33) * BindInstance.Parameters use unclear (jmrodri, 13:54:52) * LINK: https://github.com/openshift/ansible-service-broker/issues/692 (jmrodri, 13:54:58) * ACTION: mhrivnak link issue 692 to an existing trello or close (jmrodri, 13:58:07) * LINK: https://github.com/openshift/ansible-service-broker/issues?q=is%3Aissue +is%3Aopen+label%3A%223.10+%7C+release-1.2%22 (jmrodri, 14:00:58) * ACTION: jmrodri move 3.10 aligned features to 3.11 or 3.12 (jmrodri, 14:01:47) * Unable to deploy an APB with privileged security context (jmrodri, 14:02:00) * LINK: https://github.com/openshift/ansible-service-broker/issues/351 (jmrodri, 14:02:07) * Features (jmrodri, 14:04:59) * rom @maleck13 This now tries to call out to OpenShift to figure out what type of cluster / platform it is running in. ? I thought the caller of bundle should be in a position to know / specify where they are running rather than the lib deciding and would mean we could remove the callout in the NewRuntime method? (jmrodri, 14:05:30) * LINK: https://github.com/ansibleplaybookbundle/ansible-asb-modules/issues/19 (jmrodri, 14:06:33) * ACTION: jmrodri review PR 96 on bundle-lib (jmrodri, 14:07:59) * asb_last_operation fails without special permissions (jmrodri, 14:19:22) * LINK: https://github.com/ansibleplaybookbundle/ansible-asb-modules/issues/19 (jmrodri, 14:19:24) * LINK: https://github.com/ansibleplaybookbundle/ansible-asb-modules/issues/19# issuecomment-391754631 (jmrodri, 14:21:00) * ACTION: dymurray play around with the module and update the issue (jmrodri, 14:28:09) * add errcheck support (jmrodri, 14:29:03) * LINK: https://github.com/automationbroker/bundle-lib/pull/95/files (jmrodri, 14:29:13) Meeting ended at 14:32:13 UTC. Action Items ------------ * jmrodri take Issue 941, test, fix and or close * shurley to shepherd issue 813 * mhrivnak link issue 692 to an existing trello or close * jmrodri move 3.10 aligned features to 3.11 or 3.12 * jmrodri review PR 96 on bundle-lib * dymurray play around with the module and update the issue Action Items, by person ----------------------- * dymurray * dymurray play around with the module and update the issue * jmrodri * jmrodri take Issue 941, test, fix and or close * jmrodri move 3.10 aligned features to 3.11 or 3.12 * jmrodri review PR 96 on bundle-lib * mhrivnak * mhrivnak link issue 692 to an existing trello or close * shurley * shurley to shepherd issue 813 * **UNASSIGNED** * (none) People Present (lines said) --------------------------- * jmrodri (119) * shurley (40) * brokerbot (38) * mhrivnak (21) * dymurray (17) * ernelson (13) * dzager (3) * jmontleon (1) * fabianvf (1) Generated by `MeetBot`_ 0.1.4 .. _`MeetBot`: http://wiki.debian.org/MeetBot From cmoullia at redhat.com Thu May 31 19:33:07 2018 From: cmoullia at redhat.com (Charles Moulliard) Date: Thu, 31 May 2018 21:33:07 +0200 Subject: [Ansible-service-broker] Question about role's action and build role Message-ID: Hi, Where are defined = coded all the actions available for APB's role such as "openshift_v1_deployment_config, openshift_v1_route, ..." (here maybe [1]) ? Can we also use APB to do a build [2] ? I don't think that this possible as the current actions [3] are : bind/unbind, provision/deprovision but that should be great to add a new action able to do a build from GIT source, using jenkinsfile, using binary stream of the current priject (source or jar) or using Dockerfile of the user [1] https://github.com/ansible/ansible-kubernetes-modules/tree/master/library [2] https://github.com/ansible/ansible-kubernetes-modules/blob/master/library/openshift_v1_build_config.py [3] https://docs.openshift.org/latest/apb_devel/writing/reference.html#apb-devel-writing-ref-actions Regards Charles -------------- next part -------------- An HTML attachment was scrubbed... URL: From dzager at redhat.com Thu May 31 20:10:03 2018 From: dzager at redhat.com (David Zager) Date: Thu, 31 May 2018 16:10:03 -0400 Subject: [Ansible-service-broker] Question about role's action and build role In-Reply-To: References: Message-ID: Greetings Charles, First, to answer question #1. All of the actions available via the ansible-kubernetes-modules can be found in the library folder of that project. This project is deprecated now in favor of the kubernetes/openshift modules provided by Ansible 2.5. You may have noticed a change to some of our APBs. Particularly mediawiki-apb , postgresql-apb , mysql-apb , and mariadb-apb to use k8s_raw / openshift_raw introduced in Ansible 2.5. These are great and all but share some of the limitations as the ansible-kubernetes-modules. If you use apb-base:canary it includes the development version of Ansible (2.6) and used the dynamic client which allows you to write Ansible that communicates more directly with the kubernetes API server. Why is this significant? It allows you to interact with CRDs, CRs, and aggregated APIs (something that was not possible before). You should totally check out the k8s module and the k8s lookup plugin . If you want an example of these in action checkout the automation-broker-apb (currently in PR to be added to the broker project) or the hello-world-apb (currently in PR to update to Ansible 2.6). You say, "Can we also use APB to do a build [2] ?" and I am intrigued. This sounds like an interesting idea but I don't see well how this use case would work in practice. Maybe you could elaborate on this in the form of an issue that we could talk about in more detail at the next ansible-service-broker community meeting (Tuesday 9:30 AM EST)? Thank you for the email and helping us improve the broker. I hope I was able to add some useful info. Respectfully, David Zager On Thu, May 31, 2018 at 3:34 PM Charles Moulliard wrote: > Hi, > > Where are defined = coded all the actions available for APB's role such as > "openshift_v1_deployment_config, openshift_v1_route, ..." (here maybe > [1]) ? > > Can we also use APB to do a build [2] ? > > I don't think that this possible as the current actions [3] are : > bind/unbind, provision/deprovision > but that should be great to add a new action able to do a build from GIT > source, using jenkinsfile, using binary stream of the current priject > (source or jar) or using Dockerfile of the user > > [1] > https://github.com/ansible/ansible-kubernetes-modules/tree/master/library > [2] > https://github.com/ansible/ansible-kubernetes-modules/blob/master/library/openshift_v1_build_config.py > [3] > https://docs.openshift.org/latest/apb_devel/writing/reference.html#apb-devel-writing-ref-actions > > Regards > > Charles > _______________________________________________ > Ansible-service-broker mailing list > Ansible-service-broker at redhat.com > https://www.redhat.com/mailman/listinfo/ansible-service-broker > -------------- next part -------------- An HTML attachment was scrubbed... URL: