Re: [Openstack-operators] [nova] Should we allow passing new user_data during rebuild?
On 10/6/2017 1:30 PM, Joshua Harlow wrote: +1 I am also personally frustrated by the same thing clint is, It seems that somewhere along the line we lost the direction of cloud vs VPS, and somewhere it was sold (or not sold) that openstack is good for both (when it really isn't imho), http://cloudscaling.com/blog/cloud-computing/the-history-of-pets-vs-cattle/ C'est la vie :-/ I get it, but in this case the ship has sailed on rebuild. People are using it. It's been around forever. The point of the question that started this thread is really, do we allow this minor thing to come into the API (user_data) to replace something we're removing from the API (personality files). In the grand scheme of things, this is not going to make or break anything probably, it might make some users happy but I certainly don't think it's a monumental step in supporting pets. Completely new API workflows like built-in instance HA or something like that to Nova would be spending a lot of time and resource on supporting pets within Nova, and this isn't that thing. -- Thanks, Matt ___ OpenStack-operators mailing list OpenStack-operators@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators
Re: [Openstack-operators] [nova] Should we allow passing new user_data during rebuild?
+1 I am also personally frustrated by the same thing clint is, It seems that somewhere along the line we lost the direction of cloud vs VPS, and somewhere it was sold (or not sold) that openstack is good for both (when it really isn't imho), http://cloudscaling.com/blog/cloud-computing/the-history-of-pets-vs-cattle/ C'est la vie :-/ Clint Byrum wrote: Thanks Tomas, I did understand you, I just didn't make my point perfectly. The point is that OpenStack has two very different missions today, and that is causing my frustration and I have let that go for now. There is a hosting mission, where we try to keep computing pets alive, and a cloud mission, where we try to give people flexible access to computing resources at scale to use as cattle. I've done a poor job of acknowledging those who use OpenStack for hosting, and I'm trying to get better. Thanks for being a user! Excerpts from Tomáš Vondra's message of 2017-10-06 12:06:45 +0200: Dear Clint, maybe you misunderstood a little, or I didn't write it explicitly. We use OpenStack for providing a VPS service, yes. But the VPS users do not get access to OpenStack directly, but instead, they use our Customer Portal which does the orchestration. The whole point is to make the service as easy as possible to use for them and not expose them to the complexity of the Cloud. As I said, we couldn't use Rebuild because VPS's have Volumes. We do use Resize because it is there. But we could as well use more low-level cloud primitives. The user does not care in this case. How does, e.g., WHMCS do it? That is a stock software that you can use to provide VPS over OpenStack. Tomas from Homeatcloud -Original Message- From: Clint Byrum [mailto:cl...@fewbar.com] Sent: Thursday, October 05, 2017 6:50 PM To: openstack-operators Subject: Re: [Openstack-operators] [nova] Should we allow passing new user_data during rebuild? No offense is intended, so please forgive me for the possibly incendiary nature of what I'm about to write: VPS is the predecessor of cloud (and something I love very much, and rely on every day!), and encourages all the bad habits that a cloud disallows. At small scale, it's the right thing, and that's why I use it for my small scale needs. Get a VM, put your stuff on it, and keep it running forever. But at scale, VMs in clouds go away. They get migrated, rebooted, turned off, and discarded, often. Most clouds are terrible for VPS compared to VPS hosting environments. I'm glad it's working for you. And I think rebuild and resize will stay and improve to serve VPS style users in interesting ways. I'm learning now who our users are today, and I'm confident we should make sure everyone who has taken the time to deploy and care for OpenStack should be served by expanding rebuild to meet their needs. You can all consider this my white flag. :) Excerpts from Tomáš Vondra's message of 2017-10-05 10:22:14 +0200: In our cloud, we offer the possibility to reinstall the same or another OS on a VPS (Virtual Private Server). Unfortunately, we couldn’t use the rebuild function because of the VPS‘s use of Cinder for root disk. We create a new instance and inject the same User Data so that the new instance has the same password and key as the last one. It also has the same name, and the same floating IP is attached. I believe it even has the same IPv6 through some Neutron port magic. BTW, you wouldn’t believe how often people use the Reinstall feature. Tomas from Homeatcloud From: Belmiro Moreira [mailto:moreira.belmiro.email.li...@gmail.com] Sent: Wednesday, October 04, 2017 5:34 PM To: Chris Friesen Cc: openstack-operators@lists.openstack.org Subject: Re: [Openstack-operators] [nova] Should we allow passing new user_data during rebuild? In our cloud rebuild is the only way for a user to keep the same IP. Unfortunately, we don't offer floating IPs, yet. Also, we use the user_data to bootstrap some actions in new instances (puppet, ...). Considering all the use-cases for rebuild it would be great if the user_data can be updated at rebuild time. On Wed, Oct 4, 2017 at 5:15 PM, Chris Friesen<chris.frie...@windriver.com> wrote: On 10/03/2017 11:12 AM, Clint Byrum wrote: My personal opinion is that rebuild is an anti-pattern for cloud, and should be frozen and deprecated. It does nothing but complicate Nova and present challenges for scaling. That said, if it must stay as a feature, I don't think updating the user_data should be a priority. At that point, you've basically created an entirely new server, and you can already do that by creating an entirely new server. If you've got a whole heat stack with multiple resources, and you realize that you messed up one thing in the template and one of your servers has the wrong personality/user_data, it can be useful to be able to rebuild that one server without affecting anything else in the stack. That's just a convenience though.
Re: [Openstack-operators] [nova] Should we allow passing new user_data during rebuild?
Thanks Tomas, I did understand you, I just didn't make my point perfectly. The point is that OpenStack has two very different missions today, and that is causing my frustration and I have let that go for now. There is a hosting mission, where we try to keep computing pets alive, and a cloud mission, where we try to give people flexible access to computing resources at scale to use as cattle. I've done a poor job of acknowledging those who use OpenStack for hosting, and I'm trying to get better. Thanks for being a user! Excerpts from Tomáš Vondra's message of 2017-10-06 12:06:45 +0200: > Dear Clint, > maybe you misunderstood a little, or I didn't write it explicitly. We use > OpenStack for providing a VPS service, yes. But the VPS users do not get > access to OpenStack directly, but instead, they use our Customer Portal which > does the orchestration. The whole point is to make the service as easy as > possible to use for them and not expose them to the complexity of the Cloud. > As I said, we couldn't use Rebuild because VPS's have Volumes. We do use > Resize because it is there. But we could as well use more low-level cloud > primitives. The user does not care in this case. How does, e.g., WHMCS do it? > That is a stock software that you can use to provide VPS over OpenStack. > Tomas from Homeatcloud > > -Original Message- > From: Clint Byrum [mailto:cl...@fewbar.com] > Sent: Thursday, October 05, 2017 6:50 PM > To: openstack-operators > Subject: Re: [Openstack-operators] [nova] Should we allow passing new > user_data during rebuild? > > No offense is intended, so please forgive me for the possibly incendiary > nature of what I'm about to write: > > VPS is the predecessor of cloud (and something I love very much, and rely on > every day!), and encourages all the bad habits that a cloud disallows. At > small scale, it's the right thing, and that's why I use it for my small scale > needs. Get a VM, put your stuff on it, and keep it running forever. > > But at scale, VMs in clouds go away. They get migrated, rebooted, turned off, > and discarded, often. Most clouds are terrible for VPS compared to VPS > hosting environments. > > I'm glad it's working for you. And I think rebuild and resize will stay and > improve to serve VPS style users in interesting ways. I'm learning now who > our users are today, and I'm confident we should make sure everyone who has > taken the time to deploy and care for OpenStack should be served by expanding > rebuild to meet their needs. > > You can all consider this my white flag. :) > > Excerpts from Tomáš Vondra's message of 2017-10-05 10:22:14 +0200: > > In our cloud, we offer the possibility to reinstall the same or another OS > > on a VPS (Virtual Private Server). Unfortunately, we couldn’t use the > > rebuild function because of the VPS‘s use of Cinder for root disk. We > > create a new instance and inject the same User Data so that the new > > instance has the same password and key as the last one. It also has the > > same name, and the same floating IP is attached. I believe it even has the > > same IPv6 through some Neutron port magic. > > > > BTW, you wouldn’t believe how often people use the Reinstall feature. > > > > Tomas from Homeatcloud > > > > > > > > From: Belmiro Moreira [mailto:moreira.belmiro.email.li...@gmail.com] > > Sent: Wednesday, October 04, 2017 5:34 PM > > To: Chris Friesen > > Cc: openstack-operators@lists.openstack.org > > Subject: Re: [Openstack-operators] [nova] Should we allow passing new > > user_data during rebuild? > > > > > > > > In our cloud rebuild is the only way for a user to keep the same IP. > > Unfortunately, we don't offer floating IPs, yet. > > > > Also, we use the user_data to bootstrap some actions in new instances > > (puppet, ...). > > > > Considering all the use-cases for rebuild it would be great if the > > user_data can be updated at rebuild time. > > > > > > > > On Wed, Oct 4, 2017 at 5:15 PM, Chris Friesen <chris.frie...@windriver.com> > > wrote: > > > > On 10/03/2017 11:12 AM, Clint Byrum wrote: > > > > My personal opinion is that rebuild is an anti-pattern for cloud, and > > should be frozen and deprecated. It does nothing but complicate Nova > > and present challenges for scaling. > > > > That said, if it must stay as a feature, I don't think updating the > > user_data should be a priority. At that point, you've basically > > created an entirely new server, and you can already do that by > > creating an entirely new server. > > > > >
Re: [Openstack-operators] [nova] Should we allow passing new user_data during rebuild?
Dear Clint, maybe you misunderstood a little, or I didn't write it explicitly. We use OpenStack for providing a VPS service, yes. But the VPS users do not get access to OpenStack directly, but instead, they use our Customer Portal which does the orchestration. The whole point is to make the service as easy as possible to use for them and not expose them to the complexity of the Cloud. As I said, we couldn't use Rebuild because VPS's have Volumes. We do use Resize because it is there. But we could as well use more low-level cloud primitives. The user does not care in this case. How does, e.g., WHMCS do it? That is a stock software that you can use to provide VPS over OpenStack. Tomas from Homeatcloud -Original Message- From: Clint Byrum [mailto:cl...@fewbar.com] Sent: Thursday, October 05, 2017 6:50 PM To: openstack-operators Subject: Re: [Openstack-operators] [nova] Should we allow passing new user_data during rebuild? No offense is intended, so please forgive me for the possibly incendiary nature of what I'm about to write: VPS is the predecessor of cloud (and something I love very much, and rely on every day!), and encourages all the bad habits that a cloud disallows. At small scale, it's the right thing, and that's why I use it for my small scale needs. Get a VM, put your stuff on it, and keep it running forever. But at scale, VMs in clouds go away. They get migrated, rebooted, turned off, and discarded, often. Most clouds are terrible for VPS compared to VPS hosting environments. I'm glad it's working for you. And I think rebuild and resize will stay and improve to serve VPS style users in interesting ways. I'm learning now who our users are today, and I'm confident we should make sure everyone who has taken the time to deploy and care for OpenStack should be served by expanding rebuild to meet their needs. You can all consider this my white flag. :) Excerpts from Tomáš Vondra's message of 2017-10-05 10:22:14 +0200: > In our cloud, we offer the possibility to reinstall the same or another OS on > a VPS (Virtual Private Server). Unfortunately, we couldn’t use the rebuild > function because of the VPS‘s use of Cinder for root disk. We create a new > instance and inject the same User Data so that the new instance has the same > password and key as the last one. It also has the same name, and the same > floating IP is attached. I believe it even has the same IPv6 through some > Neutron port magic. > > BTW, you wouldn’t believe how often people use the Reinstall feature. > > Tomas from Homeatcloud > > > > From: Belmiro Moreira [mailto:moreira.belmiro.email.li...@gmail.com] > Sent: Wednesday, October 04, 2017 5:34 PM > To: Chris Friesen > Cc: openstack-operators@lists.openstack.org > Subject: Re: [Openstack-operators] [nova] Should we allow passing new > user_data during rebuild? > > > > In our cloud rebuild is the only way for a user to keep the same IP. > Unfortunately, we don't offer floating IPs, yet. > > Also, we use the user_data to bootstrap some actions in new instances > (puppet, ...). > > Considering all the use-cases for rebuild it would be great if the user_data > can be updated at rebuild time. > > > > On Wed, Oct 4, 2017 at 5:15 PM, Chris Friesen <chris.frie...@windriver.com> > wrote: > > On 10/03/2017 11:12 AM, Clint Byrum wrote: > > My personal opinion is that rebuild is an anti-pattern for cloud, and > should be frozen and deprecated. It does nothing but complicate Nova > and present challenges for scaling. > > That said, if it must stay as a feature, I don't think updating the > user_data should be a priority. At that point, you've basically > created an entirely new server, and you can already do that by > creating an entirely new server. > > > If you've got a whole heat stack with multiple resources, and you realize > that you messed up one thing in the template and one of your servers has the > wrong personality/user_data, it can be useful to be able to rebuild that one > server without affecting anything else in the stack. That's just a > convenience though. > > Chris > ___ OpenStack-operators mailing list OpenStack-operators@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators ___ OpenStack-operators mailing list OpenStack-operators@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators
Re: [Openstack-operators] [nova] Should we allow passing new user_data during rebuild?
No offense is intended, so please forgive me for the possibly incendiary nature of what I'm about to write: VPS is the predecessor of cloud (and something I love very much, and rely on every day!), and encourages all the bad habits that a cloud disallows. At small scale, it's the right thing, and that's why I use it for my small scale needs. Get a VM, put your stuff on it, and keep it running forever. But at scale, VMs in clouds go away. They get migrated, rebooted, turned off, and discarded, often. Most clouds are terrible for VPS compared to VPS hosting environments. I'm glad it's working for you. And I think rebuild and resize will stay and improve to serve VPS style users in interesting ways. I'm learning now who our users are today, and I'm confident we should make sure everyone who has taken the time to deploy and care for OpenStack should be served by expanding rebuild to meet their needs. You can all consider this my white flag. :) Excerpts from Tomáš Vondra's message of 2017-10-05 10:22:14 +0200: > In our cloud, we offer the possibility to reinstall the same or another OS on > a VPS (Virtual Private Server). Unfortunately, we couldn’t use the rebuild > function because of the VPS‘s use of Cinder for root disk. We create a new > instance and inject the same User Data so that the new instance has the same > password and key as the last one. It also has the same name, and the same > floating IP is attached. I believe it even has the same IPv6 through some > Neutron port magic. > > BTW, you wouldn’t believe how often people use the Reinstall feature. > > Tomas from Homeatcloud > > > > From: Belmiro Moreira [mailto:moreira.belmiro.email.li...@gmail.com] > Sent: Wednesday, October 04, 2017 5:34 PM > To: Chris Friesen > Cc: openstack-operators@lists.openstack.org > Subject: Re: [Openstack-operators] [nova] Should we allow passing new > user_data during rebuild? > > > > In our cloud rebuild is the only way for a user to keep the same IP. > Unfortunately, we don't offer floating IPs, yet. > > Also, we use the user_data to bootstrap some actions in new instances > (puppet, ...). > > Considering all the use-cases for rebuild it would be great if the user_data > can be updated at rebuild time. > > > > On Wed, Oct 4, 2017 at 5:15 PM, Chris Friesen <chris.frie...@windriver.com> > wrote: > > On 10/03/2017 11:12 AM, Clint Byrum wrote: > > My personal opinion is that rebuild is an anti-pattern for cloud, and > should be frozen and deprecated. It does nothing but complicate Nova > and present challenges for scaling. > > That said, if it must stay as a feature, I don't think updating the > user_data should be a priority. At that point, you've basically created an > entirely new server, and you can already do that by creating an entirely > new server. > > > If you've got a whole heat stack with multiple resources, and you realize > that you messed up one thing in the template and one of your servers has the > wrong personality/user_data, it can be useful to be able to rebuild that one > server without affecting anything else in the stack. That's just a > convenience though. > > Chris > ___ OpenStack-operators mailing list OpenStack-operators@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators
Re: [Openstack-operators] [nova] Should we allow passing new user_data during rebuild?
Excerpts from Chris Friesen's message of 2017-10-04 09:15:28 -0600: > On 10/03/2017 11:12 AM, Clint Byrum wrote: > > > My personal opinion is that rebuild is an anti-pattern for cloud, and > > should be frozen and deprecated. It does nothing but complicate Nova > > and present challenges for scaling. > > > > That said, if it must stay as a feature, I don't think updating the > > user_data should be a priority. At that point, you've basically created an > > entirely new server, and you can already do that by creating an entirely > > new server. > > If you've got a whole heat stack with multiple resources, and you realize > that > you messed up one thing in the template and one of your servers has the wrong > personality/user_data, it can be useful to be able to rebuild that one server > without affecting anything else in the stack. That's just a convenience > though. > If you just changed that personality/user_data in the template, Heat would spin up a new one, change all the references to it, wait for any wait conditions to fire, allowing dependent servers to reconfigure with the new one and acknowledge that, and then delete the old one for you. Making your app work like this means being able to replace failed or undersized servers with less downtime. You can do other things too, like spin up a replacement in a different AZ to deal with maintenance issues on your side or the cloud's side. Or you can deploy a new image, without any downtime. My point remains: rebuild (and resize) train users to see a server as precious, instead of training users to write automation that expects cloud servers to come and go often. This, btw, is one reason I like that EC2 calls them _instances_ and not _servers_. They're not servers. We call them servers, but they're just little regions of memory on actual servers, and as such, they're not precious, and should be discarded as necessary. ___ OpenStack-operators mailing list OpenStack-operators@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators
Re: [Openstack-operators] [nova] Should we allow passing new user_data during rebuild?
Excerpts from Belmiro Moreira's message of 2017-10-04 17:33:40 +0200: > In our cloud rebuild is the only way for a user to keep the same IP. > Unfortunately, we don't offer floating IPs, yet. > Also, we use the user_data to bootstrap some actions in new instances > (puppet, ...). > Considering all the use-cases for rebuild it would be great if the > user_data can be updated at rebuild time. > Indeed, it sounds like we're too far down the rabbit hole with rebuild to stop digging. ___ OpenStack-operators mailing list OpenStack-operators@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators
Re: [Openstack-operators] [nova] Should we allow passing new user_data during rebuild?
In our cloud, we offer the possibility to reinstall the same or another OS on a VPS (Virtual Private Server). Unfortunately, we couldn’t use the rebuild function because of the VPS‘s use of Cinder for root disk. We create a new instance and inject the same User Data so that the new instance has the same password and key as the last one. It also has the same name, and the same floating IP is attached. I believe it even has the same IPv6 through some Neutron port magic. BTW, you wouldn’t believe how often people use the Reinstall feature. Tomas from Homeatcloud From: Belmiro Moreira [mailto:moreira.belmiro.email.li...@gmail.com] Sent: Wednesday, October 04, 2017 5:34 PM To: Chris Friesen Cc: openstack-operators@lists.openstack.org Subject: Re: [Openstack-operators] [nova] Should we allow passing new user_data during rebuild? In our cloud rebuild is the only way for a user to keep the same IP. Unfortunately, we don't offer floating IPs, yet. Also, we use the user_data to bootstrap some actions in new instances (puppet, ...). Considering all the use-cases for rebuild it would be great if the user_data can be updated at rebuild time. On Wed, Oct 4, 2017 at 5:15 PM, Chris Friesen <chris.frie...@windriver.com> wrote: On 10/03/2017 11:12 AM, Clint Byrum wrote: My personal opinion is that rebuild is an anti-pattern for cloud, and should be frozen and deprecated. It does nothing but complicate Nova and present challenges for scaling. That said, if it must stay as a feature, I don't think updating the user_data should be a priority. At that point, you've basically created an entirely new server, and you can already do that by creating an entirely new server. If you've got a whole heat stack with multiple resources, and you realize that you messed up one thing in the template and one of your servers has the wrong personality/user_data, it can be useful to be able to rebuild that one server without affecting anything else in the stack. That's just a convenience though. Chris ___ OpenStack-operators mailing list OpenStack-operators@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators ___ OpenStack-operators mailing list OpenStack-operators@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators
Re: [Openstack-operators] [nova] Should we allow passing new user_data during rebuild?
In our cloud rebuild is the only way for a user to keep the same IP. Unfortunately, we don't offer floating IPs, yet. Also, we use the user_data to bootstrap some actions in new instances (puppet, ...). Considering all the use-cases for rebuild it would be great if the user_data can be updated at rebuild time. On Wed, Oct 4, 2017 at 5:15 PM, Chris Friesenwrote: > On 10/03/2017 11:12 AM, Clint Byrum wrote: > > My personal opinion is that rebuild is an anti-pattern for cloud, and >> should be frozen and deprecated. It does nothing but complicate Nova >> and present challenges for scaling. >> >> That said, if it must stay as a feature, I don't think updating the >> user_data should be a priority. At that point, you've basically created an >> entirely new server, and you can already do that by creating an entirely >> new server. >> > > If you've got a whole heat stack with multiple resources, and you realize > that you messed up one thing in the template and one of your servers has > the wrong personality/user_data, it can be useful to be able to rebuild > that one server without affecting anything else in the stack. That's just > a convenience though. > > Chris > > > > ___ > OpenStack-operators mailing list > OpenStack-operators@lists.openstack.org > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators > ___ OpenStack-operators mailing list OpenStack-operators@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators
Re: [Openstack-operators] [nova] Should we allow passing new user_data during rebuild?
On 10/03/2017 11:12 AM, Clint Byrum wrote: My personal opinion is that rebuild is an anti-pattern for cloud, and should be frozen and deprecated. It does nothing but complicate Nova and present challenges for scaling. That said, if it must stay as a feature, I don't think updating the user_data should be a priority. At that point, you've basically created an entirely new server, and you can already do that by creating an entirely new server. If you've got a whole heat stack with multiple resources, and you realize that you messed up one thing in the template and one of your servers has the wrong personality/user_data, it can be useful to be able to rebuild that one server without affecting anything else in the stack. That's just a convenience though. Chris ___ OpenStack-operators mailing list OpenStack-operators@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators
Re: [Openstack-operators] [nova] Should we allow passing new user_data during rebuild?
On Tue, Oct 03, 2017 at 08:29:45PM +, Jeremy Stanley wrote: :On 2017-10-03 16:19:27 -0400 (-0400), Jonathan Proulx wrote: :[...] :> This works in our OpenStack where it's our IP space so PTR record also :> matches, not so well in public cloud where we can reserve an IP and :> set forward DNS but not control its reverse mapping. :[...] : :Not that it probably helps, but I consider any public cloud which :doesn't give you some means of automatically setting reverse DNS :(either through an API or delegation to your own nameservers) to be :thoroughly broken, at least for Internet-facing use cases. we wander off topic...and I wander waaay off topic below... but I have exactly 1 instance in AWS where I care about this, perhaps I just don't care enough to have found the answer or perhaps for count of 1 it's not worth solving. Then again perhaps AWS is just actually the trash is seem to be to me. I've been trying to like it since before there was an OpenStack, but the more I try the less I can stand it. People who use AWS and complain about OpenStack UX baffle me, there's a lot OpenStack can do to impove UX but it's waaay better than my AWS experices. I mean it was fewer steps to enable ipv6 on my OpenStack provider networks than it was to get it working in my AWS VPC and neutron isn't the poster child for simplicity. :-- :Jeremy Stanley :___ :OpenStack-operators mailing list :OpenStack-operators@lists.openstack.org :http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators -- signature.asc Description: PGP signature ___ OpenStack-operators mailing list OpenStack-operators@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators
Re: [Openstack-operators] [nova] Should we allow passing new user_data during rebuild?
On 2017-10-03 16:19:27 -0400 (-0400), Jonathan Proulx wrote: [...] > This works in our OpenStack where it's our IP space so PTR record also > matches, not so well in public cloud where we can reserve an IP and > set forward DNS but not control its reverse mapping. [...] Not that it probably helps, but I consider any public cloud which doesn't give you some means of automatically setting reverse DNS (either through an API or delegation to your own nameservers) to be thoroughly broken, at least for Internet-facing use cases. -- Jeremy Stanley signature.asc Description: Digital signature ___ OpenStack-operators mailing list OpenStack-operators@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators
Re: [Openstack-operators] [nova] Should we allow passing new user_data during rebuild?
On Tue, Oct 03, 2017 at 01:00:13PM -0700, Clint Byrum wrote: :It's worth noting that AD and Kerberos were definitely not designed :for clouds that have short lived VMs, so it does not surprise me that :treating VMs as cattle and then putting them in AD would confuse it. For instances we have that need Kerberos keytabs we specify the fixed IP. This works in our OpenStack where it's our IP space so PTR record also matches, not so well in public cloud where we can reserve an IP and set forward DNS but not control its reverse mapping. -Jon :Excerpts from Tim Bell's message of 2017-10-03 18:46:31 +: :> We use rebuild when reverting with snapshots. Keeping the same IP and hostname avoids some issues with Active Directory and Kerberos. :> :> Tim :> :> -Original Message- :> From: Clint Byrum <cl...@fewbar.com> :> Date: Tuesday, 3 October 2017 at 19:17 :> To: openstack-operators <openstack-operators@lists.openstack.org> :> Subject: Re: [Openstack-operators] [nova] Should we allow passing new user_data during rebuild? :> :> :> Excerpts from Matt Riedemann's message of 2017-10-03 10:53:44 -0500: :> > We plan on deprecating personality files from the compute API in a new :> > microversion. The spec for that is here: :> > :> > https://review.openstack.org/#/c/509013/ :> > :> > Today you can pass new personality files to inject during rebuild, and :> > at the PTG we said we'd allow passing new user_data to rebuild as a :> > replacement for the personality files. :> > :> > However, if the only reason one would need to pass personality files :> > during rebuild is because we don't persist them during the initial :> > server create, do we really need to also allow passing user_data for :> > rebuild? The initial user_data is stored with the instance during :> > create, and re-used during rebuild, so do we need to allow updating it :> > during rebuild? :> > :> :> My personal opinion is that rebuild is an anti-pattern for cloud, and :> should be frozen and deprecated. It does nothing but complicate Nova :> and present challenges for scaling. :> :> That said, if it must stay as a feature, I don't think updating the :> user_data should be a priority. At that point, you've basically created an :> entirely new server, and you can already do that by creating an entirely :> new server. :> :> ___ :> OpenStack-operators mailing list :> OpenStack-operators@lists.openstack.org :> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators :> : :___ :OpenStack-operators mailing list :OpenStack-operators@lists.openstack.org :http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators -- ___ OpenStack-operators mailing list OpenStack-operators@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators
Re: [Openstack-operators] [nova] Should we allow passing new user_data during rebuild?
I fully appreciate that there are users of it today, and that it is a thing that will likely live for years. Long lived VMs can use all sorts of features to make VMs work more like precious long lived servers. However, supporting these cases directly doesn't make OpenStack scalable or simple. Quite the opposite. It's worth noting that AD and Kerberos were definitely not designed for clouds that have short lived VMs, so it does not surprise me that treating VMs as cattle and then putting them in AD would confuse it. Excerpts from Tim Bell's message of 2017-10-03 18:46:31 +: > We use rebuild when reverting with snapshots. Keeping the same IP and > hostname avoids some issues with Active Directory and Kerberos. > > Tim > > -Original Message- > From: Clint Byrum <cl...@fewbar.com> > Date: Tuesday, 3 October 2017 at 19:17 > To: openstack-operators <openstack-operators@lists.openstack.org> > Subject: Re: [Openstack-operators] [nova] Should we allow passing new > user_data during rebuild? > > > Excerpts from Matt Riedemann's message of 2017-10-03 10:53:44 -0500: > > We plan on deprecating personality files from the compute API in a new > > microversion. The spec for that is here: > > > > https://review.openstack.org/#/c/509013/ > > > > Today you can pass new personality files to inject during rebuild, and > > at the PTG we said we'd allow passing new user_data to rebuild as a > > replacement for the personality files. > > > > However, if the only reason one would need to pass personality files > > during rebuild is because we don't persist them during the initial > > server create, do we really need to also allow passing user_data for > > rebuild? The initial user_data is stored with the instance during > > create, and re-used during rebuild, so do we need to allow updating it > > during rebuild? > > > > My personal opinion is that rebuild is an anti-pattern for cloud, and > should be frozen and deprecated. It does nothing but complicate Nova > and present challenges for scaling. > > That said, if it must stay as a feature, I don't think updating the > user_data should be a priority. At that point, you've basically created an > entirely new server, and you can already do that by creating an entirely > new server. > > ___ > OpenStack-operators mailing list > OpenStack-operators@lists.openstack.org > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators > ___ OpenStack-operators mailing list OpenStack-operators@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators
Re: [Openstack-operators] [nova] Should we allow passing new user_data during rebuild?
We use rebuild when reverting with snapshots. Keeping the same IP and hostname avoids some issues with Active Directory and Kerberos. Tim -Original Message- From: Clint Byrum <cl...@fewbar.com> Date: Tuesday, 3 October 2017 at 19:17 To: openstack-operators <openstack-operators@lists.openstack.org> Subject: Re: [Openstack-operators] [nova] Should we allow passing new user_data during rebuild? Excerpts from Matt Riedemann's message of 2017-10-03 10:53:44 -0500: > We plan on deprecating personality files from the compute API in a new > microversion. The spec for that is here: > > https://review.openstack.org/#/c/509013/ > > Today you can pass new personality files to inject during rebuild, and > at the PTG we said we'd allow passing new user_data to rebuild as a > replacement for the personality files. > > However, if the only reason one would need to pass personality files > during rebuild is because we don't persist them during the initial > server create, do we really need to also allow passing user_data for > rebuild? The initial user_data is stored with the instance during > create, and re-used during rebuild, so do we need to allow updating it > during rebuild? > My personal opinion is that rebuild is an anti-pattern for cloud, and should be frozen and deprecated. It does nothing but complicate Nova and present challenges for scaling. That said, if it must stay as a feature, I don't think updating the user_data should be a priority. At that point, you've basically created an entirely new server, and you can already do that by creating an entirely new server. ___ OpenStack-operators mailing list OpenStack-operators@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators ___ OpenStack-operators mailing list OpenStack-operators@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators
Re: [Openstack-operators] [nova] Should we allow passing new user_data during rebuild?
Excerpts from Matt Riedemann's message of 2017-10-03 10:53:44 -0500: > We plan on deprecating personality files from the compute API in a new > microversion. The spec for that is here: > > https://review.openstack.org/#/c/509013/ > > Today you can pass new personality files to inject during rebuild, and > at the PTG we said we'd allow passing new user_data to rebuild as a > replacement for the personality files. > > However, if the only reason one would need to pass personality files > during rebuild is because we don't persist them during the initial > server create, do we really need to also allow passing user_data for > rebuild? The initial user_data is stored with the instance during > create, and re-used during rebuild, so do we need to allow updating it > during rebuild? > My personal opinion is that rebuild is an anti-pattern for cloud, and should be frozen and deprecated. It does nothing but complicate Nova and present challenges for scaling. That said, if it must stay as a feature, I don't think updating the user_data should be a priority. At that point, you've basically created an entirely new server, and you can already do that by creating an entirely new server. ___ OpenStack-operators mailing list OpenStack-operators@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators
Re: [Openstack-operators] [nova] Should we allow passing new user_data during rebuild?
On 10/3/2017 10:53 AM, Matt Riedemann wrote: However, if the only reason one would need to pass personality files during rebuild is because we don't persist them during the initial server create, do we really need to also allow passing user_data for rebuild? Given personality files were added to the rebuild API back in Diablo [1] with no explanation in the commit message why, my assumption above is just that, an assumption. [1] https://github.com/openstack/nova/commit/cebc98176926f57016a508d5c59b11f55dfcf2b3 -- Thanks, Matt ___ OpenStack-operators mailing list OpenStack-operators@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators