Re: [openstack-dev] [ceilometer] remove gnocchi http interface?

2017-12-04 Thread gordon chung 


On 2017-12-04 09:52 AM, Jaze Lee wrote:
> 2017-12-04 20:53 GMT+08:00 gordon chung :
>> i'm curious. how does a "simple tcp socket" protect ou against
> 
> I do not quite understand 'protect ou against'.
> The tcp socket means it is a client to send samples to gnocchi tcp server.
> 

oh sorry, i meant "protect you against". i'm just wondering how this tcp 
server authenticates? and if not, why not just have two APIs where one 
is user facing and authenticates, and internally another that doesn't 
for ceilometer->gnocchi?

cheers,

-- 
gord
__
OpenStack Development Mailing List (not for usage questions)
Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev

Re: [openstack-dev] [ceilometer] remove gnocchi http interface?

2017-12-04 Thread Jaze Lee 
2017-12-04 20:53 GMT+08:00 gordon chung :
>
>
> On 2017-12-03 10:41 PM, Jaze Lee wrote:
>> So what about to remove gnocchi http, and add a simple tcp socket, which
>>   will send to gnocchi tcp server(which will also be created.).
>
> i'm curious. how does a "simple tcp socket" protect ou against

I do not quite understand 'protect ou against'.
The tcp socket means it is a client to send samples to gnocchi tcp server.


>
>  > anyone can update gnocchi database which is not we want
>
> --
> gord
> __
> OpenStack Development Mailing List (not for usage questions)
> Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev



-- 
谦谦君子

__
OpenStack Development Mailing List (not for usage questions)
Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev

Re: [openstack-dev] [ceilometer] remove gnocchi http interface?

2017-12-04 Thread gordon chung 


On 2017-12-03 10:41 PM, Jaze Lee wrote:
> So what about to remove gnocchi http, and add a simple tcp socket, which
>   will send to gnocchi tcp server(which will also be created.).

i'm curious. how does a "simple tcp socket" protect ou against

 > anyone can update gnocchi database which is not we want

-- 
gord
__
OpenStack Development Mailing List (not for usage questions)
Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev

Re: [openstack-dev] [ceilometer] remove gnocchi http interface?

2017-12-04 Thread Jaze Lee 
2017-12-04 18:41 GMT+08:00 Julien Danjou :
> On Mon, Dec 04 2017, Jaze Lee wrote:
>
>> Right now, the dispatch will cost much time in http request. And
>> keystone auth token cost much time. Although we can configure it to
>> noauth, then anyone can update gnocchi database which is not we want.
>
>
>>  So what about to remove gnocchi http, and add a simple tcp socket, which
>>  will send to gnocchi tcp server(which will also be created.). At
>> first, we think udp,
>
> … and then "anyone can update gnocchi database which is not you want."
>
> I'm not saying it's not a good idea, but your arguments don't sound
> right. :)
>
> There's already an issue here
>   https://github.com/gnocchixyz/gnocchi/issues/496
> that you opened.
>
> At that point, you need more than "suggesting", you need to provide plan
> and code if you want that to happen "soon". :)

OK. it will be soon, wait for a little moment.. :}
>
> --
> Julien Danjou
> /* Free Software hacker
>https://julien.danjou.info */



-- 
谦谦君子

__
OpenStack Development Mailing List (not for usage questions)
Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev

Re: [openstack-dev] [ceilometer] remove gnocchi http interface?

2017-12-04 Thread Julien Danjou 
On Mon, Dec 04 2017, Jaze Lee wrote:

> Right now, the dispatch will cost much time in http request. And
> keystone auth token cost much time. Although we can configure it to
> noauth, then anyone can update gnocchi database which is not we want.


>  So what about to remove gnocchi http, and add a simple tcp socket, which
>  will send to gnocchi tcp server(which will also be created.). At
> first, we think udp,

… and then "anyone can update gnocchi database which is not you want."

I'm not saying it's not a good idea, but your arguments don't sound
right. :)

There's already an issue here
  https://github.com/gnocchixyz/gnocchi/issues/496
that you opened.

At that point, you need more than "suggesting", you need to provide plan
and code if you want that to happen "soon". :)

-- 
Julien Danjou
/* Free Software hacker
   https://julien.danjou.info */


signature.asc
Description: PGP signature
__
OpenStack Development Mailing List (not for usage questions)
Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev

[openstack-dev] [ceilometer] remove gnocchi http interface?

2017-12-03 Thread Jaze Lee 
Hello,

Right now, the dispatch will cost much time in http request. And
keystone auth token cost much time. Although we can configure it to
noauth, then anyone can update gnocchi database which is not we want.
 So what about to remove gnocchi http, and add a simple tcp socket, which
 will send to gnocchi tcp server(which will also be created.). At
first, we think udp,
but udp can not fully utilize loadblance. So we suggest to change it to tcp.





-- 
谦谦君子

__
OpenStack Development Mailing List (not for usage questions)
Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev