IRC logs for #baserock for Tuesday, 2015-06-30

*** jeak_ has quit IRC01:47
*** zoli__ has joined #baserock02:31
*** zoli__ has quit IRC04:00
*** zoli__ has joined #baserock06:24
petefothpaulsherwood: W3C have some good resources on accessibility and Colour Blindness. is a good jumping-off point06:34
*** zoli__ has quit IRC06:45
*** zoli__ has joined #baserock07:07
*** petefoth has quit IRC07:42
*** petefoth has joined #baserock07:42
*** bashrc_ has joined #baserock08:04
*** mariaderidder has joined #baserock08:05
*** mdunford has joined #baserock08:16
*** gary_perkins has joined #baserock08:18
*** jonathanmaw has joined #baserock08:21
*** mike has joined #baserock08:29
*** mike is now known as Guest9965308:29
*** franred has joined #baserock08:36
*** ssam2 has joined #baserock08:54
*** ChanServ sets mode: +v ssam208:54
*** Guest99653 has quit IRC09:04
*** lachlanmackenzie has joined #baserock09:14
*** Guest99653 has joined #baserock09:18
paulsherwoodperryl: just to note, normally best to keep git -m summary short if possible. you could put detail in lower lines?09:48
paulsherwood'Output reproducible components to a file, output differences in mdwn table, fix broken commands' is a bit long :)09:49
perrylyeah, i was thinking it may have been better to split it up when i sent it, it's a bit longwinded!09:49
paulsherwoodstill, thanks for the patch :)09:49
perrylno problem! i keep thinking of modifications to it and getting over-excited :)09:50
paulsherwoodheh :)09:50
paulsherwoodperryl: do you fancy tackling the generic cache-server while you're on?09:50
perrylpaulsherwood: i can look into it! i think ssam2 did more of the work on the cache server so i may have to ask him a couple of questions if he has time09:51
paulsherwoodideally, for a thing assumed to be b4b, any ybd reporting a different checksum from its local build would be 'interesting'09:52
paulsherwoodperryl: i guess ask here, and see if he responds? :-)09:52
paulsherwoodor on the ml09:52
ssam2i actually got half way thru a response to that mail about the cache server09:52
paulsherwoodi started a thread
paulsherwoodssam2: oh? lovely! :)09:53
pedroalvarezI thought the cache server was already "generic"09:53
ssam2i'll finish the mail I was writing.09:53
KinnisonFor those interested in writing good git commit messages: is a reasonable start09:53
ssam2pedroalvarez: that was the gist of my email ;)09:53
paulsherwoodpedroalvarez: it's morph specific afaict09:53
ssam2perryl: I suggest you start by reading about the Bottle framework if you've not used it before09:53
paulsherwoodssam2: is bottle still the right choice here, do you think? i'm only asking, not trying to suggest something else09:54
perrylssam2: thanks, i'll give it a read!09:54
paulsherwoodactually i should wait to read your reply :)09:54
ssam2paulsherwood: as long as we have a single VM with a disk-backed cache, I think bottle is the right answer09:55
Kinnisonbottle is pretty good, and can be extended to support multi-process serving etc without having to change your code.09:56
ssam2if we switch to a dedicated blob store like Ceph, Swift or Amazon S3 then it might make sense to use something else on top. Or we might not need any kind of API wrapper if we did that, I've never used any of those block stores so I don't know09:56
ssam2pedroalvarez: is the cluster .morph file for committed to git anywhere?10:03
ssam2i fear it might be one that we've forgotten about10:03
pedroalvarezyeah, wasn't deployed like a part of the infra10:05
pedroalvarezit was just a clone at the beginning10:06
pedroalvarezalthough it was a generic trove I believe, so that the cluster to upgrade it should be easy10:06
ssam2yeah, /baserock/deployment.meta will be useful10:06
* pedroalvarez still thinks that morph-cache-server is not morph generic10:32
paulsherwoodKinnison: do you have thoughts on how best to do the ssh auth? i'm imagining jrandom (trusted) users offering artifacts over time10:32
paulsherwoodpedroalvarez: you mean morph-specific?10:32
KinnisonI'd probably consider doing it with SSL certificates10:32
KinnisonSince SSL can be virtualised where SSH cannot10:33
pedroalvarezyes, sorry10:33
pedroalvarezis not morph specific10:33
paulsherwoodi was thinking of a manual step where user sends public key, cache-server owner authorises it?10:33
ssam2Kinnison: what do you mean by 'can be virtualised'? i don't understand10:33
paulsherwoodpedroalvarez: well, it's specific to the current use-case. can't extend to ybd without some re-work for example? (and it's called morph-something :-)10:35
paulsherwoodpedroalvarez: but i believe it's a good basis, from ssam2's comments10:36
KinnisonSince SSL can be virtualised where SSH cannot10:40
paulsherwoodKinnison: could you recommend a primer i can read for how SSL would work in this context?10:52
KinnisonSadly not easily10:56
KinnisonI could be persuaded to chat with you and whiteboard stuff later today though10:56
paulsherwoodthat would be lovely :)10:57
KinnisonPerhaps after lunch10:58
*** zoli__ has quit IRC10:58
paulsherwoodsadly most of my pm today is conf calls... would 4pm work?10:59
* Kinnison lunches11:00
paulsherwoodgreat. i'll try to get the result written up for the list11:00
*** sambishop has quit IRC11:03
*** zoli__ has joined #baserock11:31
*** tiagogomes_ has quit IRC12:01
*** tiagogomes_ has joined #baserock12:07
*** tiagogomes_ has quit IRC12:19
*** tiagogomes has joined #baserock12:22
*** fay_ has quit IRC12:29
*** fay_ has joined #baserock12:42
*** zoli__ has quit IRC13:05
*** zoli__ has joined #baserock13:08
*** zoli__ has quit IRC14:25
* persia catches up on backscroll, and wonders why ssh cannot be virtualised15:14
rjekIt doesn't send a host name15:28
rjekSo it can't be virtualised in the same way SSL couldn't be until they added SNI.15:36
ssam2i still don't understand what 'virtualised' means in this context15:37
persiaMaybe I don't understand this use of "virtualised".15:37
rjekThe term "virtualised" existed before hypervisors :)15:37
rjekFor example: HTTP virtual servers, using the HTTP/1.1 Host: header15:37
rjekYou couldn't do HTTP virtual servers with SSL until we had SNI, because you couldn't work out which certificate to try15:38
rjekThe downside of this is that SNI sends the server's name in the clear, but no mater15:38
ssam2ah, I see.15:38
rjekTop tip: when designing a protocol, always include the host name in the hand shake.15:39
persiaAh, the problem is that which server certificate to send is tricky.15:39
persiaWhereas in my imagined ssh virtual environment, every virtualised server in the farm had the same server certificate, being as it was an identical image.15:39
*** franred has quit IRC16:02
*** Guest99653 has quit IRC16:42
*** bashrc_ has quit IRC16:54
*** mariaderidder has quit IRC16:57
*** jonathanmaw has quit IRC17:05
*** mdunford has quit IRC17:11
*** lachlanmackenzie has quit IRC17:23
*** ssam2 has quit IRC17:34
*** gary_perkins has quit IRC17:44
*** tiagogomes has quit IRC17:57
*** zoli__ has joined #baserock18:26
*** zoli__ has quit IRC18:27
*** zoli__ has joined #baserock19:21
*** zoli__ has quit IRC20:04
*** benbrown_ has quit IRC22:23
*** pedroalvarez_ has joined #baserock22:26
*** ChanServ sets mode: +v pedroalvarez_22:26
*** benbrown_ has joined #baserock22:29
*** pedroalvarez has quit IRC22:32
*** pedroalvarez_ is now known as pedroalvarez22:34
*** pedroalvarez has quit IRC23:10
*** pedroalvarez has joined #baserock23:11
*** ChanServ sets mode: +v pedroalvarez23:11

Generated by 2.15.3 by Marius Gedminas - find it at!