← Back to team overview

openstack team mailing list archive

Re: Is It Safe to Use The OpenStack Packages Distributed in Ubuntu 12.04 Official Repository?

 

Don't get me wrong Dave,
I'm pretty sure, that you guys at Ubuntu are doing a lot for the sake of this project. I definitely didn't any mean disrespect.

On the other hand, I simply stay behind my statement... from my point of view it is not production ready.
Production readiness highly depends on the particular use case.
We are running very small environment which e.g. requires auto assigning of floating IPs. Version in repos does not include some fixes that are crucial for this. 
Considering the fixes were committed/merged few days after the current packages were published, it is understandable, but it doesn't change the fact, that it is not usable for me.

I see your point Dave. It probably wasn't "kosher" to answer general question with regards to my particular (very specific) experiences/needs. Even more I totally missed the "is it safe" part, and my statement could have been misinterpreted. 

Having you already here... when can we expect new version of packages? It would save me considerable effort if I could just wait few days and get the fixes from repos, rather than going for sources.

Regards,

Marek Ruzicka 
System Engineer (Storage)
T-Systems Slovakia s.r.o.
www.t-systems.sk 


-----Original Message-----
From: Dave Walker [mailto:dave.walker@xxxxxxxxxxxxx] 
Sent: 20. augusta 2012 11:57
To: Ruzicka, Marek
Cc: zhangji87@xxxxxxxxx; openstack@xxxxxxxxxxxxxxxxxxx
Subject: Re: [Openstack] Is It Safe to Use The OpenStack Packages Distributed in Ubuntu 12.04 Official Repository?

>> ----- Reply message -----
>> From: "Ji Zhang" <zhangji87@xxxxxxxxx>
>> To: "openstack@xxxxxxxxxxxxxxxxxxx" <openstack@xxxxxxxxxxxxxxxxxxx>
>> Subject: [Openstack] Is It Safe to Use The OpenStack Packages Distributed in Ubuntu 12.04 Official Repository?
>> Date: Mon, Aug 20, 2012 04:58
>> 
>> 
>> 
>> Hi,
>> 
>> I'm to deploy OpenStack Essex in production environment. According to 
>> the official manual, I should either install it manually or use 
>> dodai-deploy. After briefly browsing these methods, it seems that 
>> both of them are using the packages distributed in official 
>> repository (i.e. apt-get install keystone), not building from source 
>> like DevStack does.
>> 
>> So my question is, as is said in the title, are these packages 
>> production ready? Or should I checkout the stable/essex branch of 
>> each project and build it by myself?
>> 
>> Thanks.
>> 
>
>On Mon, Aug 20, 2012 at 08:53:23AM +0200, Ruzicka, Marek wrote:
> Hi,
> 
> Guys around will probably disagree,but I have spent last 5-6weeks 
> creating POC using repos is ubuntu, and I have to say it is not 
> production rdy yet.
> 
> Versions in repos are about 2months old if I'm not mistaken...too old 
> for such fast paced project.
> 
> Marek Ruzicka
> System Engineer (storage)
> T-Systems Slovakia s.r.o.
> 
> Sent from my mobile, please excuse typos.

Hi,

Hmm, I do disagree with this stance.  There are 3 issues being mingled together, but do have overlap.

1. Is it 'safe' for production.
   - All distributions commit to an assurance level of software they
     ship.  This differs between distributions, and the level of the
     assurance.  However, you can be pretty sure - that any major
     distro will be taking great care of their openstack packages.
   - In relation to Ubuntu, by using the distribution packages you can
     be assured that:
     - Security updates will be included promptly, usually on the day
       the embargo is lifted.
     - Assurance that the software has been tested in given scenarios
       with the dependencies and libraries that are shipped.  Any
       distribution will tell you that a project such as this, the
       core software is only half of the complexity, the dependencies
       carry significant burden.
     - Safe upgrade for security and bug fixes for the release, and
       reasonably easy transition between major versions.  A git
       checkout, doesn't promise safe upgrade.
   - With these factors taken into account, unless significant
     investment into controlling these issues on your own deployment,
     i'd consider it *un-safe* to use anything other than a
     distributions packages.

2. How current are the packages?
   - As mentioned in Marek's email, the packages are about 2 months
     old.  Originally, 12.04 released with Essex Final and some local
     distro patches.  The patches were incorporated upstream, and many
     others contributed fixes.  For this reason, we undertook the
     process of a Stable Release Update.  Due to the level of upstream
     CI, Ubuntu CI and further extended testing, we were able to
     release a snapshot, which seems to have proved to have been
     regression free (!).  This is a testament to the amount of
     pre-release work that went into this update.
   - We are currently preparing the next update, based on Essex
     Stable, which will undergo the same level of care, and should hit
     a mirror near you in a timely manner.
   - For a *stable* release of both upstream, and the distribution
     platform.. I would consider 2 months between updates to be pretty
     good. Some distributions refuse this model for stable updates.

3. Is it 'production ready':
   - Marek seemed to think this was /too/ old.  I'd like specific
     issues to be outlined, regarding the stable tree and our last
     update, which render the distribution packages unsuitable for
     production usage.  If this cannot be done, please re-consider
     this statement.
   - To add to this, Canonical run a two-region hybrid cloud, which is
     purely based on the 12.04/Precise packages. 

I'd also like to take this opportunity to mention the effort that is going on for Folsom on 12.04.  However, i'll cover this in a separate mail.

--
Kind Regards,

Dave Walker <Dave.Walker@xxxxxxxxxxxxx>
Engineering Manager,
Ubuntu Server Infrastructure


References