You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@openwhisk.apache.org by OpenWhisk Team Slack <ra...@apache.org> on 2019/11/16 09:23:13 UTC
[slack-digest] [2019-11-15] #general
2019-11-15 02:11:00 UTC - chetanm: @Alexander Klimetschek ^^
https://openwhisk-team.slack.com/archives/C3TPCAQG1/p1573783860304500?thread_ts=1573775843.304300&cid=C3TPCAQG1
----
2019-11-15 04:19:22 UTC - Alexander Klimetschek: It should normally automatically pick a different agent that does not require the concurrency feature, but I guess that detection is not perfect yet (it looks at the swagger api docs and maybe the ibm cloud has different information in there).
As alternative, you can try the ngrok option using `--ngrok`. It should just work - you don’t even need an <http://ngrok.com|ngrok.com> account.
Would you mind creating an issue with all the above over in <https://github.com/adobe/wskdebug/issues> ? Thanks!
https://openwhisk-team.slack.com/archives/C3TPCAQG1/p1573791562309500?thread_ts=1573775843.304300&cid=C3TPCAQG1
----
2019-11-15 04:24:15 UTC - Ajoy Agarwal: How exactly production deployment of OpenWhisk will happen? If we create separate namespaces for each developer (for example we create one namespace for each developer with their name) on test environment openwhisk setup to test their functions, how it will get replicated in production environment since production environment may have a different namespace or user(not specific to developer but specific to application) for a particular function i.e. here it may be another application in the production environment?
https://openwhisk-team.slack.com/archives/C3TPCAQG1/p1573791855309700?thread_ts=1573791855.309700&cid=C3TPCAQG1
----
2019-11-15 06:25:13 UTC - Dominic Kim: "Each developer" here means the users of OpenWhisk?
https://openwhisk-team.slack.com/archives/C3TPCAQG1/p1573799113309800?thread_ts=1573791855.309700&cid=C3TPCAQG1
----
2019-11-15 06:25:55 UTC - Dominic Kim: In our case, we have two different setups of OpenWhisk, dev / production for users(developers).
https://openwhisk-team.slack.com/archives/C3TPCAQG1/p1573799155310000?thread_ts=1573791855.309700&cid=C3TPCAQG1
----
2019-11-15 06:26:19 UTC - Dominic Kim: So users develop their actions in dev zone and once it is done, deploy it in production zone.
https://openwhisk-team.slack.com/archives/C3TPCAQG1/p1573799179310200?thread_ts=1573791855.309700&cid=C3TPCAQG1
----
2019-11-15 06:26:52 UTC - Dominic Kim: But for us, as operators of OpenWhisk, both zones are production zone for us.
https://openwhisk-team.slack.com/archives/C3TPCAQG1/p1573799212310400?thread_ts=1573791855.309700&cid=C3TPCAQG1
----
2019-11-15 06:27:18 UTC - Dominic Kim: We support almost the same level of HA/Failover/Monitoring and so on.
https://openwhisk-team.slack.com/archives/C3TPCAQG1/p1573799238310600?thread_ts=1573791855.309700&cid=C3TPCAQG1
----
2019-11-15 06:28:05 UTC - Dominic Kim: Since how to use each zone depends on users, some users develop their actions and deploy them directly in the production zone.
https://openwhisk-team.slack.com/archives/C3TPCAQG1/p1573799285310800?thread_ts=1573791855.309700&cid=C3TPCAQG1
----
2019-11-15 06:28:53 UTC - Dominic Kim: In such a case, they only use the production zone and separate their actions using different action names or different namespaces.
https://openwhisk-team.slack.com/archives/C3TPCAQG1/p1573799333311100?thread_ts=1573791855.309700&cid=C3TPCAQG1
----
2019-11-15 06:30:03 UTC - Dominic Kim: In our environment, users can create any number of new namespaces in a self-serve manner. And developers in a same team share one or more namespaces. So the name of a namespace can be the name of the developer or team or service, anything.
https://openwhisk-team.slack.com/archives/C3TPCAQG1/p1573799403311400?thread_ts=1573791855.309700&cid=C3TPCAQG1
----
2019-11-15 10:15:25 UTC - Ajoy Agarwal: If we create namespace with the name of the developer, will it not create problem in production since namespace is used while accessing actions/triggers through web url?
https://openwhisk-team.slack.com/archives/C3TPCAQG1/p1573812925311700?thread_ts=1573791855.309700&cid=C3TPCAQG1
----
2019-11-15 19:22:28 UTC - Abbie Dowd: How is the JVM started and shut down when I run Java actions? Is a new JVM started in the docker container for every action? Is the JVM started early (using something like Drip) or reused for subsequent actions??
https://openwhisk-team.slack.com/archives/C3TPCAQG1/p1573845748314100
----
2019-11-15 19:34:22 UTC - Rodric Rabbah: Every action type (kind) can be configured to create stem cell containers. These cut the latency of a cold start by preinitializing part of the container. For a java action that means bringing up the jvm.
An action may run in a fresh container or reuse a previously allocated container for that same action from the same user and so in that case it is considered a warm start and the jvm and code are already loaded.
https://openwhisk-team.slack.com/archives/C3TPCAQG1/p1573846462317100
----
2019-11-15 19:55:03 UTC - Abbie Dowd: So these stem cell containers are always running?? What is the openwhisk parameter to configure this?
https://openwhisk-team.slack.com/archives/C3TPCAQG1/p1573847703317900?thread_ts=1573847703.317900&cid=C3TPCAQG1
----
2019-11-15 20:14:01 UTC - Rodric Rabbah: <https://github.com/apache/openwhisk/blob/3235a941b699f5ffab0fa41d225647ab1ed31bf7/ansible/files/runtimes.json#L58-L64>
https://openwhisk-team.slack.com/archives/C3TPCAQG1/p1573848841318200?thread_ts=1573847703.317900&cid=C3TPCAQG1
----
2019-11-15 20:14:08 UTC - Rodric Rabbah: there’s an example
https://openwhisk-team.slack.com/archives/C3TPCAQG1/p1573848848318400?thread_ts=1573847703.317900&cid=C3TPCAQG1
----
2019-11-15 20:14:20 UTC - Rodric Rabbah: it’s at the platform/deployment level
https://openwhisk-team.slack.com/archives/C3TPCAQG1/p1573848860318600?thread_ts=1573847703.317900&cid=C3TPCAQG1
----
2019-11-15 20:14:32 UTC - Rodric Rabbah: stem cells are generated by the system and replenished as needed
https://openwhisk-team.slack.com/archives/C3TPCAQG1/p1573848872318800?thread_ts=1573847703.317900&cid=C3TPCAQG1
----
2019-11-15 20:14:59 UTC - Rodric Rabbah: when you run an action, you can look at the activation log to see if it was warm start or cold start, there will be an annotation for initTime in the case of the later
https://openwhisk-team.slack.com/archives/C3TPCAQG1/p1573848899319000?thread_ts=1573847703.317900&cid=C3TPCAQG1
----
2019-11-15 20:15:26 UTC - Rodric Rabbah: welcome @Marian Tataru
https://openwhisk-team.slack.com/archives/C3TPCAQG1/p1573848926319400?thread_ts=1573848926.319400&cid=C3TPCAQG1
----
2019-11-15 20:15:35 UTC - Upkar Lidder: Thank you @Alexander Klimetschek, @chetanm
<https://github.com/adobe/wskdebug/issues/30>
https://openwhisk-team.slack.com/archives/C3TPCAQG1/p1573848935319500?thread_ts=1573775843.304300&cid=C3TPCAQG1
----
2019-11-15 20:16:53 UTC - Marian Tataru: Hello! What is the right way to pass sensitive values (e.g. a token or password) to a serverless function?
https://openwhisk-team.slack.com/archives/C3TPCAQG1/p1573849013320400?thread_ts=1573849013.320400&cid=C3TPCAQG1
----
2019-11-15 20:17:00 UTC - Marian Tataru: Thank you!
https://openwhisk-team.slack.com/archives/C3TPCAQG1/p1573849020320500?thread_ts=1573848926.319400&cid=C3TPCAQG1
----
2019-11-15 21:01:42 UTC - Upkar Lidder: You can set the secret as default parameter when creating or updating the functions. Such a variable is designated final and cannot be overwritten by the client. Better explained by @Rodric Rabbah here: <https://openwhisk-team.slack.com/archives/C3TPCAQG1/p1568314229131700>
@James Thomas provides many more insights here: <https://github.com/serverless/serverless-openwhisk/issues/64>
Also some info here: <https://github.com/apache/openwhisk/blob/master/docs/security.md>
If you want to pass something to an existing action securely, I am not sure how to setup OpenWhisk with SSL. I use IBM Cloud functions and the URL for web actions is secure by default. Same with API gateway.
https://openwhisk-team.slack.com/archives/C3TPCAQG1/p1573851702320800?thread_ts=1573849013.320400&cid=C3TPCAQG1
----
2019-11-15 21:25:36 UTC - Marian Tataru: Thank you so much! So protected and sealed are the same thing. If a parameter is sealed, it will not be visible outside (hopefully). I bet is not encrypted though.
https://openwhisk-team.slack.com/archives/C3TPCAQG1/p1573853136321100?thread_ts=1573849013.320400&cid=C3TPCAQG1
----
2019-11-15 21:40:10 UTC - Rodric Rabbah: all traffic is encrypted in motion
pray::skin-tone-4 : Upkar Lidder
https://openwhisk-team.slack.com/archives/C3TPCAQG1/p1573854010321300?thread_ts=1573849013.320400&cid=C3TPCAQG1
----
2019-11-15 21:40:23 UTC - Rodric Rabbah: you’d have to configure your deployment to encrypt the couchdb at rest
https://openwhisk-team.slack.com/archives/C3TPCAQG1/p1573854023321500?thread_ts=1573849013.320400&cid=C3TPCAQG1
----
2019-11-15 21:40:54 UTC - Rodric Rabbah: the db itself is not encrypted otherwise
https://openwhisk-team.slack.com/archives/C3TPCAQG1/p1573854054321800?thread_ts=1573849013.320400&cid=C3TPCAQG1
----
2019-11-15 21:54:25 UTC - Alexander Klimetschek: :thumbsup:
https://openwhisk-team.slack.com/archives/C3TPCAQG1/p1573854865322000?thread_ts=1573775843.304300&cid=C3TPCAQG1
----
2019-11-15 21:54:32 UTC - Alexander Klimetschek: did `--ngrok` work for you?
https://openwhisk-team.slack.com/archives/C3TPCAQG1/p1573854872322200?thread_ts=1573775843.304300&cid=C3TPCAQG1
----
2019-11-15 21:54:47 UTC - Upkar Lidder: Yes! Thank you so much!
https://openwhisk-team.slack.com/archives/C3TPCAQG1/p1573854887322400?thread_ts=1573775843.304300&cid=C3TPCAQG1
----
2019-11-15 21:54:53 UTC - Alexander Klimetschek: cool
https://openwhisk-team.slack.com/archives/C3TPCAQG1/p1573854893322600?thread_ts=1573775843.304300&cid=C3TPCAQG1
----