14:01:17 <s3wong> #startmeeting clover 14:01:17 <collabot`> Meeting started Mon Feb 5 14:01:17 2018 UTC. The chair is s3wong. Information about MeetBot at http://wiki.debian.org/MeetBot. 14:01:17 <collabot`> Useful Commands: #action #agreed #help #info #idea #link #topic. 14:01:17 <collabot`> The meeting name has been set to 'clover' 14:02:25 <s3wong> #topic Sidecar Automatic Injection 14:02:54 <s3wong> That was the topic of the bulk of the discussion we had during the last meeting 14:03:24 <s3wong> Based on ywu's provided link: https://github.com/kubernetes/helm/issues/2596 14:03:52 <s3wong> If we are using Helm to install Clearwater, the recommen 14:04:17 <s3wong> Recommended way to deal with automatic sidecar injection is to turn initializer on 14:04:43 <s3wong> xuanjia: good to have you here --- as this is related to you :-) 14:05:04 <s3wong> xuanjia: to turn initializer feature on, we need to enable it during cluster creation 14:05:29 <s3wong> ttps://kubernetes.io/docs/admin/extensible-admission-controllers/#enable-initializers-alpha-feature 14:06:00 <xuanjia> s3wong, got it. Let me check it. 14:06:12 <liangqi> https://istio.io/about/notes/0.5.html 14:06:19 <s3wong> Missing the 'h' on the link above, sorry 14:06:53 <liangqi> istio 0.5 use webhook feature for automatic injection 14:06:58 <yujunz> #link https://kubernetes.io/docs/admin/extensible-admission-controllers/#enable-initializers-alpha-feature 14:07:16 <s3wong> liangqi: yes, I see --- I just update my testbed to 0.5.0 last Friday :-) 14:07:18 <xuanjia> great. Seem it's very easy to do it. 14:07:51 <liangqi> :) 14:08:55 <yujunz> There is also a known issue: Installing with Helm charts is currently broken. 14:09:17 <s3wong> xuanjia: seems like for Istio 0.5.0, we are using the mutating webhook feature for proxy sidecar injection, so NO need to do it via initializer (in fact, it is no longer supported in Istio 0.5.0) 14:09:48 <s3wong> ywu: welcome --- we are talking about sidecar injection, and 0.5.0 (released just last week) has a new way to do it 14:10:09 <s3wong> yujunz: installing Istio via Helm chart? Or Clearwater? 14:10:20 <ywu> s3wong: oh, sorry I am late. 14:10:23 <yujunz> Istio 14:10:34 <yujunz> #link https://github.com/istio/istio/issues/3018 14:12:26 <s3wong> yujunz: I see --- so far ywu's installation work isn't depending on Helm: https://gerrit.opnfv.org/gerrit/#/c/50793/ 14:13:03 <s3wong> yujunz, ywu: that said, we should indeed have a consistent model to install things on k8s via Helm including Istio 14:14:34 <s3wong> liangqi, xuanjia: even with webhook, we need to have v1beta1 API enabled for sidecar injection 14:14:44 <yujunz> I agree. I will follow up this issue and see what I can do. 14:14:52 <ywu> s3wong: I agreed. maybe yujunz, you and I can sync up on this after meeting.\ 14:14:59 <s3wong> yujunz: Thanks! 14:15:51 <yujunz> My pleasure :-) 14:17:13 <s3wong> Seems like 0.5.0 makes life easier for sidecar injection. And good thing we already are using k8s 1.9 in the container4nfv pod... 14:17:23 <s3wong> Next topic 14:17:47 <s3wong> #topic JIRA items 14:18:16 <s3wong> Last week I filed a bunch of JIRA items --- with the intent to capture most of the things we want to accomplish at Fraser 14:18:51 <s3wong> #link. https://jira.opnfv.org/projects/CLOVER/issues/CLOVER-2?filter=allopenissues 14:20:02 <s3wong> On topic w.r.t. getting Clearwater to work on Istio --- it seems like the main issue is that Clearwater has load balancing built-in 14:21:01 <s3wong> At the level of the application code itself, it fetches all entries associated with A-record (assuming IPv4) and does load balancing at the application level 14:23:18 <s3wong> If however, a route rule with destination specified from Istio can force traffic to adhere to the rule, instead of going to the Clearwater application chosen pod 14:23:39 <s3wong> So I am in the midst of verifying this would indeed work 14:24:03 <s3wong> The second JIRA item (CLOVER-3) I assigned to enriquetaso 14:24:33 <s3wong> For sidecar injection to work, the service port needs to follow a naming convention 14:24:50 <s3wong> Mostly for Pilot to know what to configure 14:26:47 <s3wong> enriquetaso seems to be inactive (though she is on the IRC channel now) 14:27:14 <s3wong> The rest of the JIRA items all have to do with automated functional testing 14:27:29 <yujunz> What kind of naming convention? Currently most ports in the helm chart are named with the number 14:27:46 <yujunz> #link https://gerrit.opnfv.org/gerrit/#/c/51603/ 14:28:31 <s3wong> yujunz: https://istio.io/docs/setup/kubernetes/sidecar-injection.html#pod-spec-requirements 14:28:56 <s3wong> yujunz; #2 Named ports 14:29:25 <s3wong> yujunz: "The port names must be of the form <protocol>[-<suffix>] with http, http2, grpc, mongo, or redis as the <protocol> in order to take advantage of Istio�s routing features." 14:31:00 <yujunz> So the current naming `- name: "3478"` seems invalid 14:31:19 <s3wong> yujunz: looking at the manifests generated automatically by Clearwater's k8s-gen tool, the service ports are currently named, but not in the nomenclature Istio expected 14:31:47 <s3wong> yujunz: so this should be changed in the Clearwater Helm chart template 14:32:24 <yujunz> It also says "If the port name does not begin with a recognized prefix or if the port is unnamed, traffic on the port will be treated as plain TCP traffic" 14:32:46 <s3wong> yujunz: yes, so some of the more advanced route rules may not work 14:33:29 <yujunz> What protocol is Clearwater using ? 14:34:21 <s3wong> yujunz: for communication between components? Seems like mostly HTTP 14:34:52 <s3wong> yujunz: according to Clearwater documentation, even SIP (Sprout to others) protocol packets are wrapped inside websocket 14:35:26 <xuanjia> http://www.projectclearwater.org/wp-content/uploads/2017/05/Clearwater_Architecture.png 14:35:29 <yujunz> I think we can create a task under the story to mention this issue 14:35:43 <s3wong> yujunz: sure 14:37:07 <s3wong> #action s3wong to update CLOVER-3 to reflect on Istio service port naming requirements as a subtask 14:37:40 <enriquetaso> hi, sorry for the delay 14:38:08 <s3wong> enriquetaso: Hi 14:38:50 <s3wong> enriquetaso: was just talking about service port naming convention if we want to take advantage of HTTP related rules via Istio 14:39:59 <s3wong> enriquetaso: I filed JIRA item CLOVER-3 (https://jira.opnfv.org/browse/CLOVER-3) to track this, and assigned it to you 14:40:13 <s3wong> enriquetaso: please take a look when you have time 14:40:17 <yujunz> I have just created the subtask about port naming :-) s3wong 14:40:20 <yujunz> #link https://jira.opnfv.org/browse/CLOVER-9 14:40:37 <enriquetaso> ah cool s3wong. I saw the Jira item! I'm still working on clearwater and learning about istio. 14:40:40 <s3wong> yujunz: OK, I can remove my action item then :-) 14:41:07 <enriquetaso> s3wong: I hope to integrate both soon... probably next week :( 14:41:54 <s3wong> enriquetaso: sounds great --- no problem, I can still test things on my setup 14:42:15 <s3wong> Next set of items are all related to testing and validation 14:44:26 <s3wong> CLOVER-4 is about validating Istio installation is working --- including whether sidecar is injected for all the pods associated with the app (ex: the 13 pods from Clearwater) 14:45:13 <s3wong> CLOVER-8 is about getting clearwater-live-test to be installed as the tool to trigger test, and spec to see what is expected 14:46:09 <s3wong> CLOVER-5 then takes the log messages generated by Clearwater, and validate if --- for example, an IMS call matches the call flow, and see which pod(s) the control message traverse through 14:47:17 <s3wong> CLOVER-6 then takes the traces from Istio (Envoy actually) via either Zipkin or Jaegar (both of which are already supported by Istio), and validate if the expected traces are present 14:47:59 <earrage> I can work on CLOVER-6 - probably divide this into installation of Jaeger/Zipkin, development of REST api client in Python to extract default span traces provided from Istio, correlation of trace data with traffic generation 14:48:20 <s3wong> CLOVER-7 would take advantage of the Istio (Mixer configured) telemetry (either directly or via queried from Prometheus) and also validate if the expect metric changes happened in the correct pods 14:48:41 <s3wong> earrage: thanks! I will assign that to you then 14:49:13 <earrage> sounds good 14:50:10 <liangqi> i'm interested in clover-7 telemetry part :) 14:50:42 <s3wong> All these pieces will work together as functional testing, but hopefully also in ways that are somewhat independent such that other tools / software modules can take advantage of them in the future 14:50:52 <s3wong> liangqi: thanks! Will assign that to you also 14:53:00 <s3wong> CLOVER-4 / 5 / 6 / 7 are somewhat framework pieces --- the idea is in the future if we are moving to a different use case after IMS, we can still leverage these 14:54:11 <s3wong> CLOVER-8 (and in some way CLOVER-5) is Clearwater specific, and will define (as application) what function test cases and what query / trace key ...etc will be needed to propagate to the other framework pieces to extract proper info for validation 14:55:05 <s3wong> Good that we already have earrage and liangqi volunteering, I encourage folks that are interested to let me know (on Slack) if you want to take on one of these also 14:55:48 <s3wong> #topic Open Discussion 14:56:03 <s3wong> Five minutes left --- any other topic from any one else? 14:56:23 <yujunz> Anybody has contact with Clearwater project team? 14:56:31 <enriquetaso> no :( 14:56:48 <s3wong> Not me neither :-( 14:57:19 <s3wong> I think in our first meeting, xuanjia mentioned that same thing, and back then dave_neary mentioned he has contact with Metaswitch 14:57:44 <yujunz> I asked because there is no response on the Github PR 14:57:57 <yujunz> I checked the community page 14:57:59 <yujunz> #link http://www.projectclearwater.org/community/ 14:58:11 <yujunz> It seems the main channel is mailing list. 14:58:42 <s3wong> yujunz: I see... dave_neary mentioned when he spoke with Metaswitch folks, they seem to be more focused on the "cloud side" (i.e., getting Clearwater to work well on say AWS) 15:00:01 <s3wong> Two week from today will be President's Day in US, and will be the fourth day of Chinese New Year for China folks 15:00:43 <s3wong> So I would suggest we skip the next meeting, and will communicate via Slack in the meantime 15:00:54 <yujunz> +1 15:00:59 <liangqi> +1 15:01:28 <s3wong> I will also set up some directory structure on Clover repo, so folks can still posting gerrit against Clover 15:01:58 <s3wong> Happy Chinese New Year to all! May we have a healthy, happy, and prosperous Year of the Dog! 15:02:03 <s3wong> Thanks guys! 15:02:20 <s3wong> #endmeeting