Date   
Re: cf-deployment 3.0

Josh Collins
 

The Release Integration team hasn't provided security releases in the past -- for neither cf-release nor cf-deployment -- and doing so would be burdensome and impede the evolution of cf-deployment. Therefore, we're not currently planning to start providing security patches. But we appreciate the feedback and will keep an eye on the problem.

Because the RelInt team's primary goal is to support the CF Foundation engineering teams and their ability to validate their commits in CI, we need to focus more on keeping up-to-date with their changes. We want to set a release cadence that's aligned with, and ideally increases, the velocity of the teams. Take a look at the what happened with container networking when they wanted to ship 2.0...

Thanks for reaching out Geoff!

Re: Clarification regarding Custom roles in CF

Christopher Brown
 

Hi there,

Thank you for the feedback!

Unfortunately it's not currently possible to customize the existing roles or add new roles to the system. However, we (the CF Permissions team) are working on adding these features at the moment. You can read more about the project in our incubation proposal. Progress has been slower than we had hoped but we're advancing and are looking for a better way to expose this progress to the community so that folks can follow along. I'll post an update once we have something to show.

Please let me know if you have any other questions.

Thanks and all the best,
Christopher
CF Permissions PM


On Thu, Jun 28, 2018 at 12:41 AM Raghav, Prashant <prashant.raghav@...> wrote:
Hi Team,
We would need clarification regarding custom roles on Cloud foundry.
 
Our use case is as follows:
 
Relevant permissions:
  1. deploy applications
  2. (re)start/stop applications
  3. access application logs
  4. bind cf services to applications
  1. market place services, e.g. MySQL
  2. user-provided services, e.. for storing access credentials of external services on AWS
  1. create/update cf services, e.g. set access credentials
  2. view cf service settings via the cf command line interface, e.g. see unencrypted passwords
Defining roles and permissions is tightly integrated with the intended work processes.
In a DevOps I would suggest the following:
  • Role DevOp
  • permissions 1, 2, 3, 4
  • Role Admin
  • permissions 5, 6
 
 
Could you please provide solution for such kind of issues.
 
Thanks & Regards, 
Prashant Raghav
B&PS-IN-CLD 
Atos India Pvt. Ltd, 
Embassy Tech zone,  
MIDC - Phase II Block 1.5, 
Hinjewadi, Pune. 
Email : prashant.raghav@... 
 
 
 
 

CAB call for July is Wednesday 07/18 @ 8a PST or 11a EST

Michael Maximilien
 

FYI...


Please remember to join the Zoom call [0] Wednesday July 18th at 8a Pacific for QAs, highlights, and two presentations:


1. Project Shield v8 Updates by James Hunt of Stark & Wayne [1] 


2. CF-Extensions Project Service Fabrik Updates by Ashish Jain of SAP  [2] and [3]


Zoom soon. Best,



Re: cf-deployment 3.0

Marco Voelz
 

Dear Josh,

 

You are correct, in the past the RelInt team hasn't provided security releases. Instead, the credo was to go forward with the regular releases to also get the newest security fixes. This, however, was only easily possible because *the newer version did not introduce breaking changes with potentially big impact at the same time*.

 

I understand your mission of helping other teams increase their velocity. Maintaining multiple branches with fixes is certainly not fun, and I agree that it makes sense to try to avoid this if possible. I'm not sure I get the container networking 2.0 reference, though. Could you elaborate a bit more on this and how it is related to the current discussion?

 

Thanks and warm regards

Marco

 

From: <cf-dev@...> on behalf of Josh Collins <jcollins@...>
Reply-To: "cf-dev@..." <cf-dev@...>
Date: Wednesday, 11. July 2018 at 20:43
To: "cf-dev@..." <cf-dev@...>
Subject: Re: [cf-dev] cf-deployment 3.0

 

The Release Integration team hasn't provided security releases in the past -- for neither cf-release nor cf-deployment -- and doing so would be burdensome and impede the evolution of cf-deployment. Therefore, we're not currently planning to start providing security patches. But we appreciate the feedback and will keep an eye on the problem.


Because the RelInt team's primary goal is to support the CF Foundation engineering teams and their ability to validate their commits in CI, we need to focus more on keeping up-to-date with their changes. We want to set a release cadence that's aligned with, and ideally increases, the velocity of the teams. Take a look at the what happened with container networking when they wanted to ship 2.0...

Thanks for reaching out Geoff!

Re: BlockHeads Broker - Proposal for Incubation in the Extensions

Michael Maximilien
 

Hi, all,

It’s been about one month since this proposal has been submitted. I don’t see any pending unresolved issues or comments.

Therefore, according to our process [0] and Nima’s request to move a vote, I am giving everyone a last opportunity for comments until EOD Wednesday 07/18. 

This is also the day of CAB call in case you want to chat with him, myself, or others who attend the call in person.

After 07/18, assuming no comments, we will move for a vote.

Best,

Max


On Wed, Jun 20, 2018 at 9:57 AM Nima <nkavian@...> wrote:
Hello all,
 
Following the presentation of the BlockHeads broker at today's CAB call, here comes the proposal for its inclusion as a new CF Extensions project.
 
 
BlockHead is a service broker that integrates with Cloud Foundry / Kubernetes and enables management of blockchain nodes and deployment of smart contracts. You can check our blog post below for more information
 
 
Project Name: BlockHeads Service Broker

Proposed Project Lead: Nima Kaviani (IBM)

Proposed Contributors: Swetha Repakula (IBM), Jonathan Berkhahn (IBM), Morgan Bauer (IBM), Nima Kaviani (IBM)

 
Feel free to contact me in case of any questions / thoughts / feedback.
 
bests,
Nima

--
dr.max Sent from my iPhone http://maximilien.org

Re: [cf-bosh] Incubation proposal: CF Containerization

Dmitriy Kalinin <dkalinin@...>
 

Thank you for submitting this proposal. Let's shoot for collecting and resolving most of the comments in the next month by Aug 10th and voting at that time to incubate it in BOSH PMC.

On Tue, Jul 3, 2018 at 2:25 AM, Cornelius Schumacher <cschum@...> wrote:
Hi all,

We would like to propose the CF Containerization effort for incubation in the
BOSH PMC.

The full proposal can be found here:
https://docs.google.com/document/d/1_IvFf-cCR4_Hxg-L7Z_R51EKhZfBqlprrs5NgC2iO2w/edit

As a first step towards this, we are proposing the Fissile code base as a
starting point, with the goal of transforming it in the direction of the above
proposal. Fissile is a tool that allows developers to convert existing BOSH
releases to docker images and deploy them to Kubernetes. Fissile is currently
used in SUSE CAP (https://www.suse.com/products/cloud-application-platform)
and IBM Cloud Foundry Enterprise Environment (https://console.bluemix.net/
docs/cloud-foundry/
).

Fissile is fully open  source and can currently be found on GitHub at
https://github.com/SUSE/fissile

The project would follow a distributed committer model.

Project Lead: Vlad Iovanov
Initial Committers:
- Jan Dubois (SUSE)
- Mark Yen (SUSE)
- Mario Manno (SUSE)
- Enrique Encalada (IBM)
- Matthias Diester (IBM)
- Gong (Grace) Zhang (IBM)

SAP is also currently evaluating additional staffing.

We are looking forward to your questions and comments.

Best Regards,
Cornelius

--
Cornelius Schumacher <cschum@...>




Feature Narrative / Proposal: Let's fix* CPU Sharing and Metrics in CF!

Julz Friedman
 

Hi cf-dev-

Here is a feature narrative. The feature narrative is called "Let's Fix CPU Sharing and Metrics in CF" (but actually it's just a proposal to make them quite a lot better). More information about the feature narrative is contained in the feature narrative. Please enjoy the feature narrative.

Comments, feedback, suggestions, and questions very welcome and appreciated!


Thanks,
Julz

Deprecate route-sync from CFCR to CFAR

Oleksandr Slynko
 

Hi, cf-dev

Almost one year ago CFCR has added the ability to expose applications using CFAR gorouter. This was an experiment.
We haven't added any changes to this feature for one year and plan to remove it in next release. It will greatly reduce the burden on the team.

If someone uses it, please contact us via email or Slack (#cfcr).

Thanks,
Oleksandr

Re: Deprecate route-sync from CFCR to CFAR

arghya sadhu
 

Hi Oleksandr,

What alternative do we have if we want to use kubectl with tls

Thanks,
Arghya

On Fri, Jul 13, 2018, 3:01 PM <oslynko@...> wrote:
Hi, cf-dev

Almost one year ago CFCR has added the ability to expose applications using CFAR gorouter. This was an experiment.
We haven't added any changes to this feature for one year and plan to remove it in next release. It will greatly reduce the burden on the team.

If someone uses it, please contact us via email or Slack (#cfcr).

Thanks,
Oleksandr

Re: Deprecate route-sync from CFCR to CFAR

Gabriel Rosenhouse
 

Also: I suspect that the CFCR route-sync feature has a dangerous interaction with CFAR Cloud Controller, if both CFCR and CFAR are sharing a TCP Routing API.  CFAR Cloud Controller creates and uses a TCP Router Group for itself, and expects to completely own that router group.  My reading of the CFCR code is that route-sync will happily discover and use that Router Group as-is.  The CFAR Routing API has no mechanism to prevent this collision, or to prevent the two clients from reserving the same TCP port for different backends.  I think that the result will be that ingress to that TCP Router Port will get load balanced to both the CFAR App and the CFCR Service.  This is likely not what the user intends.

On Fri, Jul 13, 2018 at 4:14 AM, arghya sadhu <arghya88@...> wrote:
Hi Oleksandr,

What alternative do we have if we want to use kubectl with tls

Thanks,
Arghya

On Fri, Jul 13, 2018, 3:01 PM <oslynko@...> wrote:
Hi, cf-dev

Almost one year ago CFCR has added the ability to expose applications using CFAR gorouter. This was an experiment.
We haven't added any changes to this feature for one year and plan to remove it in next release. It will greatly reduce the burden on the team.

If someone uses it, please contact us via email or Slack (#cfcr).

Thanks,
Oleksandr


Re: Deprecate route-sync from CFCR to CFAR

Shannon Coen
 

That issue could be addressed by having CFCR use a different router group, which is part of the solution we have proposed here: https://docs.google.com/document/d/1RXu-o44zxwrU5gKqsghT86hXKwgPrPpSk6-TWSTlrBs/edit

Shannon Coen
Product Manager, Cloud Foundry
Pivotal, Inc.


On Fri, Jul 13, 2018 at 11:47 AM Gabriel Rosenhouse <grosenhouse@...> wrote:
Also: I suspect that the CFCR route-sync feature has a dangerous interaction with CFAR Cloud Controller, if both CFCR and CFAR are sharing a TCP Routing API.  CFAR Cloud Controller creates and uses a TCP Router Group for itself, and expects to completely own that router group.  My reading of the CFCR code is that route-sync will happily discover and use that Router Group as-is.  The CFAR Routing API has no mechanism to prevent this collision, or to prevent the two clients from reserving the same TCP port for different backends.  I think that the result will be that ingress to that TCP Router Port will get load balanced to both the CFAR App and the CFCR Service.  This is likely not what the user intends.

On Fri, Jul 13, 2018 at 4:14 AM, arghya sadhu <arghya88@...> wrote:
Hi Oleksandr,

What alternative do we have if we want to use kubectl with tls

Thanks,
Arghya

On Fri, Jul 13, 2018, 3:01 PM <oslynko@...> wrote:
Hi, cf-dev

Almost one year ago CFCR has added the ability to expose applications using CFAR gorouter. This was an experiment.
We haven't added any changes to this feature for one year and plan to remove it in next release. It will greatly reduce the burden on the team.

If someone uses it, please contact us via email or Slack (#cfcr).

Thanks,
Oleksandr


Re: cf-deployment 3.0

Josh Collins
 

Hi Marco,

I'm happy to provide more context on the container networking 2.0 reference.
The container networking team submitted a PR to cf-deployment with changes required for them to ship v2.0. 
RelInt deferred the container networking team's PR for a few weeks due to competing priorities including multiple CVE's fixes.
During the deferral time, a few other PRs were submitted which included breaking changes.
These additional changes took much more time to integrate and validate than anticipated and in the end, the container networking team's 2.0 release was published in cf-d about 5 weeks after it was ready to go.
The introduction of a regular cadence aims to mitigate this type of delay in the future. Had we had one at the time, the networking team would have timed it's PR to align and we would have been poised to accept and publish it quickly.
We believe this will help teams confidently plan for, communicate about, and negotiate integrating their releases into cf-deployment.
And hopefully enable the RelInt team to integrate and ship major releases more seamlessly.

This is an evolving process so we'll see how things roll in the coming months and make adjustments where it makes sense to do so. 
I appreciate and welcome any and all feedback along the way.

Thanks very much,

Josh

Proposal for weighted routing user experience in Cloud Foundry

Shubha Anjur Tupil
 

The CF Routing team has received feedback from many users that support for weighted routing would make it easier to accomplish their goals. We have a proposal on the preferred user experience for weighted routing and the considerations we have taken into account.


If you have thoughts on this or have experience working with traffic splitting on other platforms, please share your feedback with us. Feel free to comment on the doc or reply here.


Regards,

CF Routing Team



Re: Proposal for weighted routing user experience in Cloud Foundry

Filip Hanik
 

I put a long comment in the doc, maybe comments are good for short notes. here is the spiel

"The sum of weights must add to 100"
I would say this is where being user friendly ends. If I add reviews-v4 I have to go in and rebalance the whole thing just to figure out how to get to 100.

an alternate solution can be much simpler:

What if you just used a single integer that is relative to the whole cluster. let's call it "base1-lb"

reviews-v1: 6
reviews-v2: 3
reviews-v3: 1

there are two ways to think of this

relative to each other:
In this scenario, v1 gets twice as many requests as v2, and six times as many requests as v3

or in consideration of X requests: (and this is most likely how the code implements it so that it doesn't have to do a lot of math)
This is saying is that for every (total) 10 requests, this is how they distributed.

to add v4
reviews-v1: 6
reviews-v2: 3
reviews-v3: 1
reviews-v4: 1

this is still super simple to look at. v1 gets 6x more than v3/v4, still gets 2x more than v2. I don't have to figure out how to "add up to a 100"

and it's not complicated to calculate either. for every 11 requests:
v1 gets 6
v2 gets 3
v3 gets 1
v4 gets 1

Implementation: "Randomized Round Robin" is also super simple [pseudo code follows]

clusterWeight = [v1,v1,v1,v1,v1,v1,v2,v2,v2,v3,v3] //very easy to create based on base1 solution
randomCluster = random(clusterWeight) 
int atomicPointer = 0;
for each request:
  next = atomicPointer.getAndIncrease();
  application = randomCluster[atomicPointer];

and that's it. the router doesn't have to figure out where the next request goes. This is a simple, elegant and easy to understand solution.

Filip








On Fri, Jul 13, 2018 at 3:09 PM Shubha Anjur Tupil <sanjurtupil@...> wrote:

The CF Routing team has received feedback from many users that support for weighted routing would make it easier to accomplish their goals. We have a proposal on the preferred user experience for weighted routing and the considerations we have taken into account.


If you have thoughts on this or have experience working with traffic splitting on other platforms, please share your feedback with us. Feel free to comment on the doc or reply here.


Regards,

CF Routing Team



Re: Proposal for weighted routing user experience in Cloud Foundry

Filip Hanik
 

aaarrgh, there is a bug in my psuedo code

clusterWeight = [v1,v1,v1,v1,v1,v1,v2,v2,v2,v3,v3] should be
clusterWeight = [v1,v1,v1,v1,v1,v1,v2,v2,v2,v3,v4]

Full solution:
Implementation: "Randomized Round Robin" is also super simple [pseudo code follows]

clusterWeight = [v1,v1,v1,v1,v1,v1,v2,v2,v2,v3,v4] //very easy to create based on base1 solution
randomCluster = random(clusterWeight) 
int atomicPointer = 0;
for each request:
  next = atomicPointer.getAndIncrease();
  application = randomCluster[atomicPointer];


On Fri, Jul 13, 2018 at 8:09 PM Filip Hanik <fhanik@...> wrote:
I put a long comment in the doc, maybe comments are good for short notes. here is the spiel

"The sum of weights must add to 100"
I would say this is where being user friendly ends. If I add reviews-v4 I have to go in and rebalance the whole thing just to figure out how to get to 100.

an alternate solution can be much simpler:

What if you just used a single integer that is relative to the whole cluster. let's call it "base1-lb"

reviews-v1: 6
reviews-v2: 3
reviews-v3: 1

there are two ways to think of this

relative to each other:
In this scenario, v1 gets twice as many requests as v2, and six times as many requests as v3

or in consideration of X requests: (and this is most likely how the code implements it so that it doesn't have to do a lot of math)
This is saying is that for every (total) 10 requests, this is how they distributed.

to add v4
reviews-v1: 6
reviews-v2: 3
reviews-v3: 1
reviews-v4: 1

this is still super simple to look at. v1 gets 6x more than v3/v4, still gets 2x more than v2. I don't have to figure out how to "add up to a 100"

and it's not complicated to calculate either. for every 11 requests:
v1 gets 6
v2 gets 3
v3 gets 1
v4 gets 1

Implementation: "Randomized Round Robin" is also super simple [pseudo code follows]

clusterWeight = [v1,v1,v1,v1,v1,v1,v2,v2,v2,v3,v3] //very easy to create based on base1 solution
randomCluster = random(clusterWeight) 
int atomicPointer = 0;
for each request:
  next = atomicPointer.getAndIncrease();
  application = randomCluster[atomicPointer];

and that's it. the router doesn't have to figure out where the next request goes. This is a simple, elegant and easy to understand solution.

Filip








On Fri, Jul 13, 2018 at 3:09 PM Shubha Anjur Tupil <sanjurtupil@...> wrote:

The CF Routing team has received feedback from many users that support for weighted routing would make it easier to accomplish their goals. We have a proposal on the preferred user experience for weighted routing and the considerations we have taken into account.


If you have thoughts on this or have experience working with traffic splitting on other platforms, please share your feedback with us. Feel free to comment on the doc or reply here.


Regards,

CF Routing Team



Re: cf-deployment 3.0

Marco Voelz
 

Dear Josh,


Thanks for the context, I wasn't aware of what happened before the release of networking 2.0. To stick with your example, though: From what you are saying I have understood that you would rather have done it this way – please correct me here if I'm wrong:

  • integrate networking release 2.0 into cf-deployment, 
  • integrate other PRs with breaking changes
  • bumping cf-deployment to a new major version, given above changes
  • merging the CVE fixes only into the new major version of cf-deployment

With this process, you would have achieved the following:
  • the development teams are happy, because they shipped as soon as they were ready to
  • operators are grumpy, because they have to bump networking to a new major version and adopt to other breaking changes in order to fix CVEs

I'm not saying you have to turn this tradeoff the other way around, but in my opinion this doesn't seem very consumer friendly. 

In your team's mission, you have clearly stated that your goal is to enable development teams to maintain a high velocity. I'd like to stress that we shouldn't leave the operators and users out of the picture here. In the end, you're developing for them, not for yourself. 

I'm not sure if the consumer/operator persona is a thing for RelInt, but if that's the case, here's something I'd like to hold true for whatever change RelInt makes to their process:
"As an operator of CF, I'd like to consume CVE fixes with as little changes to my existing installation as possible, such that I close known vulnerabilities as soon as possible"

Does that sound reasonable?

Warm regards
Marco


From: cf-dev@... <cf-dev@...> on behalf of Josh Collins <jcollins@...>
Sent: Friday, July 13, 2018 11:39:30 PM
To: cf-dev@...
Subject: Re: [cf-dev] cf-deployment 3.0
 
Hi Marco,

I'm happy to provide more context on the container networking 2.0 reference.
The container networking team submitted a PR to cf-deployment with changes required for them to ship v2.0. 
RelInt deferred the container networking team's PR for a few weeks due to competing priorities including multiple CVE's fixes.
During the deferral time, a few other PRs were submitted which included breaking changes.
These additional changes took much more time to integrate and validate than anticipated and in the end, the container networking team's 2.0 release was published in cf-d about 5 weeks after it was ready to go.
The introduction of a regular cadence aims to mitigate this type of delay in the future. Had we had one at the time, the networking team would have timed it's PR to align and we would have been poised to accept and publish it quickly.
We believe this will help teams confidently plan for, communicate about, and negotiate integrating their releases into cf-deployment.
And hopefully enable the RelInt team to integrate and ship major releases more seamlessly.

This is an evolving process so we'll see how things roll in the coming months and make adjustments where it makes sense to do so. 
I appreciate and welcome any and all feedback along the way.

Thanks very much,

Josh

Re: Deprecate route-sync from CFCR to CFAR

Oleksandr Slynko
 

Hi Arghya,

You have mentioned in Github that you were able to overcome this issue.

For everyone else, here is the context and a bit more information.

History
In very early CFCR days, we did not support cloud provider and basically could not give access to the applications and API outside of the cluster. We had HA Proxies to give access to workloads and API.  At that point, several early adopters told us that they would like to try exposing routes in more dynamic way a-la CFAR and possibly reuse existing routing layer. The main point was that we would like to provision multiple clusters with ease and without changed to Cloud Config.
As result we created a route-sync. 

What is does
It solves two problems:
- have stable and known URL for the API, so we can use to sign the certificate
- have a way to expose applications

How we solve it now
For API, we suggest people to wire their load balancers directly and then add the URL to the manifest. For example, check how BBL does it https://github.com/cloudfoundry/bosh-bootloader/tree/master/plan-patches/cfcr-gcp

Are we diverging further from CFAR?
Yes, CFCR team is moving further to the "vanilla" Kubernetes. But we expect other team to provide solutions for both worlds. We don't have enough deep knowledge of CFAR components and getting this knowledge will slow us down in improving Kubernetes experience. 

We are ready to help anyone to understand Kubernetes more and provide better experience with both runtimes.

Sincerely,
Oleksandr

Re: cf-deployment 3.0

Franks, Geoff
 

I’m going to agree with Marco’s concerns here. Making life harder and less stable for the end users of CF has a real potential to alienate and push away the CF userbase altogether, even if it’s just in appearance (seeing monthly major releases of a product may cause new organizations to hesitate to migrate, until the release process appears more stable.

 

 

From: <cf-dev@...> on behalf of Marco Voelz <marco.voelz@...>
Reply-To: "cf-dev@..." <cf-dev@...>
Date: Monday, July 16, 2018 at 1:34 AM
To: "cf-dev@..." <cf-dev@...>
Subject: [External] Re: [cf-dev] cf-deployment 3.0

 

Dear Josh,

 

Thanks for the context, I wasn't aware of what happened before the release of networking 2.0. To stick with your example, though: From what you are saying I have understood that you would rather have done it this way – please correct me here if I'm wrong:

  • integrate networking release 2.0 into cf-deployment, 
  • integrate other PRs with breaking changes
  • bumping cf-deployment to a new major version, given above changes
  • merging the CVE fixes only into the new major version of cf-deployment

 

With this process, you would have achieved the following:

  • the development teams are happy, because they shipped as soon as they were ready to
  • operators are grumpy, because they have to bump networking to a new major version and adopt to other breaking changes in order to fix CVEs

 

I'm not saying you have to turn this tradeoff the other way around, but in my opinion this doesn't seem very consumer friendly. 

 

In your team's mission, you have clearly stated that your goal is to enable development teams to maintain a high velocity. I'd like to stress that we shouldn't leave the operators and users out of the picture here. In the end, you're developing for them, not for yourself. 

 

I'm not sure if the consumer/operator persona is a thing for RelInt, but if that's the case, here's something I'd like to hold true for whatever change RelInt makes to their process:

"As an operator of CF, I'd like to consume CVE fixes with as little changes to my existing installation as possible, such that I close known vulnerabilities as soon as possible"

 

Does that sound reasonable?

 

Warm regards

Marco


From: cf-dev@... <cf-dev@...> on behalf of Josh Collins <jcollins@...>
Sent: Friday, July 13, 2018 11:39:30 PM
To: cf-dev@...
Subject: Re: [cf-dev] cf-deployment 3.0

 

Hi Marco,

I'm happy to provide more context on the container networking 2.0 reference.
The container networking team submitted a PR to cf-deployment with changes required for them to ship v2.0. 
RelInt deferred the container networking team's PR for a few weeks due to competing priorities including multiple CVE's fixes.
During the deferral time, a few other PRs were submitted which included breaking changes.
These additional changes took much more time to integrate and validate than anticipated and in the end, the container networking team's 2.0 release was published in cf-d about 5 weeks after it was ready to go.
The introduction of a regular cadence aims to mitigate this type of delay in the future. Had we had one at the time, the networking team would have timed it's PR to align and we would have been poised to accept and publish it quickly.
We believe this will help teams confidently plan for, communicate about, and negotiate integrating their releases into cf-deployment.
And hopefully enable the RelInt team to integrate and ship major releases more seamlessly.

This is an evolving process so we'll see how things roll in the coming months and make adjustments where it makes sense to do so. 
I appreciate and welcome any and all feedback along the way.

Thanks very much,

Josh

Re: Proposal for weighted routing user experience in Cloud Foundry

Filip Hanik
 

Use case: I want v1-stable to receive 5 times more traffic than each individual upgrade version I deploy


Phase 1: Deploy alpha 1

Proposed (sum MUST add up to a 100):
 v1-stable: 83
 v2-alpha1: 17

Suggested (simpler base1-lb)
v1-stable: 5
v2-alpha1: 1

Phase 2: Deploying Alpha 1 and 2

Proposed (sum MUST add up to a 100):
 v1-stable: 72
 v2-alpha1: 14
 v2-alpha2: 14

Suggested (simpler base1-lb)
v1-stable: 5
v2-alpha1: 1
v2-alpha2: 1

Why the simpler is better:
When adding v2-alpha2 I don't need to change the load balancing algorithm on all my settings. The relationship between v1 and v2-alpha1 remains exactly the same.
I also don't need to be doing any math to understand the relationship between the two.

The proposed base1-lb simply removes the need for percentages and calculations. 






On Fri, Jul 13, 2018 at 8:11 PM Filip Hanik <fhanik@...> wrote:
aaarrgh, there is a bug in my psuedo code

clusterWeight = [v1,v1,v1,v1,v1,v1,v2,v2,v2,v3,v3] should be
clusterWeight = [v1,v1,v1,v1,v1,v1,v2,v2,v2,v3,v4]

Full solution:
Implementation: "Randomized Round Robin" is also super simple [pseudo code follows]

clusterWeight = [v1,v1,v1,v1,v1,v1,v2,v2,v2,v3,v4] //very easy to create based on base1 solution
randomCluster = random(clusterWeight) 
int atomicPointer = 0;
for each request:
  next = atomicPointer.getAndIncrease();
  application = randomCluster[atomicPointer];


On Fri, Jul 13, 2018 at 8:09 PM Filip Hanik <fhanik@...> wrote:
I put a long comment in the doc, maybe comments are good for short notes. here is the spiel

"The sum of weights must add to 100"
I would say this is where being user friendly ends. If I add reviews-v4 I have to go in and rebalance the whole thing just to figure out how to get to 100.

an alternate solution can be much simpler:

What if you just used a single integer that is relative to the whole cluster. let's call it "base1-lb"

reviews-v1: 6
reviews-v2: 3
reviews-v3: 1

there are two ways to think of this

relative to each other:
In this scenario, v1 gets twice as many requests as v2, and six times as many requests as v3

or in consideration of X requests: (and this is most likely how the code implements it so that it doesn't have to do a lot of math)
This is saying is that for every (total) 10 requests, this is how they distributed.

to add v4
reviews-v1: 6
reviews-v2: 3
reviews-v3: 1
reviews-v4: 1

this is still super simple to look at. v1 gets 6x more than v3/v4, still gets 2x more than v2. I don't have to figure out how to "add up to a 100"

and it's not complicated to calculate either. for every 11 requests:
v1 gets 6
v2 gets 3
v3 gets 1
v4 gets 1

Implementation: "Randomized Round Robin" is also super simple [pseudo code follows]

clusterWeight = [v1,v1,v1,v1,v1,v1,v2,v2,v2,v3,v3] //very easy to create based on base1 solution
randomCluster = random(clusterWeight) 
int atomicPointer = 0;
for each request:
  next = atomicPointer.getAndIncrease();
  application = randomCluster[atomicPointer];

and that's it. the router doesn't have to figure out where the next request goes. This is a simple, elegant and easy to understand solution.

Filip








On Fri, Jul 13, 2018 at 3:09 PM Shubha Anjur Tupil <sanjurtupil@...> wrote:

The CF Routing team has received feedback from many users that support for weighted routing would make it easier to accomplish their goals. We have a proposal on the preferred user experience for weighted routing and the considerations we have taken into account.


If you have thoughts on this or have experience working with traffic splitting on other platforms, please share your feedback with us. Feel free to comment on the doc or reply here.


Regards,

CF Routing Team



CF Application Runtime PMC - CF Bits-Service Project Lead Call for Nominations

Dieu Cao
 

Hello All,

Simon Moser, the Project Lead for the Bits-Service team within the Application Runtime PMC, is rotating into a different role within IBM. We thank him for his time serving as the Bits-Service Project Lead. 

The Bits-Service team, located in Germany, now has an opening for its project lead. Project leads must be nominated by a Cloud Foundry Foundation member.

Please send nominations to me/in reply to this posting by end of day July 23rd, 2018.

If you have any questions about the role/process, please let me know.
These are described in the CFF governance documents. [1]

-Dieu Cao
CF Application Runtime PMC Lead