Monday, 2012-07-30

« Sunday, 2012-07-29 Index Tuesday, 2012-07-31 »
*** bencherian has joined #openstack-dev00:04
*** littleidea has joined #openstack-dev00:06
*** koolhead17 has joined #openstack-dev00:10
*** dmarkey_ has quit IRC00:23
*** steveb_ has quit IRC00:26
*** zul has quit IRC00:39
*** andrewsmedina has joined #openstack-dev00:43
*** sdake has quit IRC00:45
*** rods has quit IRC00:50
*** ayoung has quit IRC00:50
*** renier has joined #openstack-dev00:51
*** garyk has quit IRC00:52
*** zul has joined #openstack-dev00:57
*** littleidea has quit IRC00:58
*** zul has quit IRC00:59
*** littleidea has joined #openstack-dev00:59
*** andrewsmedina has quit IRC01:12
*** matiu has joined #openstack-dev01:16
*** matiu has quit IRC01:16
*** matiu has joined #openstack-dev01:16
*** colinmcnamara has quit IRC01:24
*** andrewsmedina has joined #openstack-dev01:38
*** colinmcnamara has joined #openstack-dev01:41
*** dachary has quit IRC01:42
*** dachary has joined #openstack-dev01:43
*** zul has joined #openstack-dev01:43
*** tserong has joined #openstack-dev01:49
*** eglynn__ has joined #openstack-dev01:55
*** zul has quit IRC01:55
*** eglynn_ has quit IRC01:57
*** zul has joined #openstack-dev02:03
*** dmarkey has joined #openstack-dev02:06
*** pixelbeat has quit IRC02:08
*** koolhead17 has quit IRC02:13
notmynamettx: heads up, swift 1.6.0 reviews not done yet. rax had a delay getting started on the reviews, and here were a couple of patches to backport this evening for issues that were discovered at the last minute. I'll let you know when we have a QA'd release02:20
*** zul has quit IRC02:22
*** pixelbeat has joined #openstack-dev02:23
*** littleidea has quit IRC02:27
*** toey has joined #openstack-dev02:28
*** zul has joined #openstack-dev02:38
*** toey has quit IRC02:42
*** roge has quit IRC02:49
*** zul has quit IRC02:52
*** jaypipes has quit IRC02:52
*** colinmcnamara has quit IRC02:56
*** colinmcnamara has joined #openstack-dev02:59
*** zul has joined #openstack-dev03:00
*** xchu_ has joined #openstack-dev03:04
*** zul has quit IRC03:09
*** xchu_ has quit IRC03:10
*** xchu_ has joined #openstack-dev03:10
*** jaypipes has joined #openstack-dev03:11
*** asalkeld has quit IRC03:13
*** zul has joined #openstack-dev03:15
*** zul has quit IRC03:18
*** zul has joined #openstack-dev03:21
*** steveb_ has joined #openstack-dev03:29
*** pixelbeat has quit IRC03:29
*** dachary has quit IRC03:39
*** dachary has joined #openstack-dev03:40
*** colinmcnamara has quit IRC03:47
*** renier has quit IRC03:59
*** renier has joined #openstack-dev03:59
*** mokas has joined #openstack-dev04:01
*** littleidea has joined #openstack-dev04:02
*** asalkeld has joined #openstack-dev04:06
*** sunxin has joined #openstack-dev04:17
*** sunxin has quit IRC04:17
*** sdake has joined #openstack-dev04:19
*** sacharya has quit IRC04:40
*** andrewsmedina has quit IRC05:00
*** steveb_ has quit IRC05:14
*** dachary has quit IRC05:15
*** dachary has joined #openstack-dev05:15
*** amotoki has joined #openstack-dev05:26
*** Mandell has joined #openstack-dev05:44
*** Hien_ has quit IRC05:56
*** Hien has joined #openstack-dev05:56
*** hattwick has quit IRC06:02
*** littleidea has quit IRC06:05
*** dachary has quit IRC06:58
*** sniperd has joined #openstack-dev07:06
*** EmilienM has joined #openstack-dev07:08
*** garyk has joined #openstack-dev07:11
*** m4xmr has joined #openstack-dev07:11
*** Mandell has quit IRC07:14
*** koolhead11 has joined #openstack-dev07:14
*** dachary has joined #openstack-dev07:20
*** sulochan has joined #openstack-dev07:44
*** erikzaadi has joined #openstack-dev07:44
*** m4xmr has left #openstack-dev07:44
*** sulochan has quit IRC07:45
*** sulochan has joined #openstack-dev07:46
*** sulochan has joined #openstack-dev07:47
*** sulochan has quit IRC07:48
*** sulochan has joined #openstack-dev07:49
*** sulochan has left #openstack-dev07:49
*** zhuadl has joined #openstack-dev07:51
*** derekh has joined #openstack-dev07:53
*** rbasak has joined #openstack-dev07:58
*** bencherian has quit IRC08:15
*** fc__ has joined #openstack-dev08:16
*** steveb_ has joined #openstack-dev08:16
Madkissmtaylor: ping08:22
*** danwent has quit IRC08:26
*** danpb has joined #openstack-dev08:28
*** darraghb has joined #openstack-dev08:32
*** thickskin has joined #openstack-dev08:36
ttxnotmyname: ack, standing by08:40
ttxzykes-: pong?08:41
*** hattwick has joined #openstack-dev08:43
*** rods has joined #openstack-dev08:46
*** johngarbutt has joined #openstack-dev08:50
*** maploin has joined #openstack-dev09:02
*** maploin has quit IRC09:03
*** maploin has joined #openstack-dev09:03
*** apevec has joined #openstack-dev09:08
asalkeldrussellb, you about?09:12
asalkeldyou know the state of wsgi in common?09:12
asalkeldseems like no one is using it09:13
asalkeldchecked glance/cinder/nova/ceilometer/heat/keystone/horizon09:15
*** matiu has quit IRC09:23
*** amotoki has quit IRC09:30
*** thickskin has left #openstack-dev09:35
*** markmc has joined #openstack-dev09:41
apevecasalkeld, is this "wsgi in common" to use the same startup code everywhere?09:53
apevecif so, I'd like to propose systemd ready notification there, like the one in keystone: https://github.com/openstack/keystone/commit/abc06716d027d68f0da3b0f559fa7c85a21804d509:54
asalkeldwell I am just looking at the possibility of it09:54
apevecwhat can I do to help?09:54
asalkeldwell there are a heap of wsgi files09:55
asalkeldand I am just trying to figure them out09:55
*** atul_ has joined #openstack-dev09:55
apevecalso in keystone, we have instruction how to run it in httpd: https://github.com/openstack/keystone/tree/master/httpd09:55
apevecwould this be a common candidate?09:56
asalkeldwell keystone is run in http now?09:56
asalkeldso it is a bit different - no?09:57
apevecnot by default, it's an option with above09:57
asalkeldI see09:57
asalkeldprobably need to talk about it on the ml09:57
asalkelddecide on the best way to go09:58
apevecyep09:58
*** koolhead11 has quit IRC09:59
apevecmarkmc, re. global cfg for authtoken, was that ever proposed as a patch?09:59
apevecLooks very elegant to me, and for backward compat, it could try that first, then fall back to using config from paste ?09:59
*** atul_ has quit IRC09:59
*** atul_ has joined #openstack-dev10:00
markmcapevec, nope, I just knocked that together now10:07
markmcapevec, feel free to go ahead with it if you like10:08
markmcapevec, the _conf_get() method handles backwards compat - self.conf is what comes from api-paste.ini10:08
apevecah cool10:08
apevecok, I'll try it and submit if it works!10:09
*** theron has quit IRC10:09
*** pixelbeat has joined #openstack-dev10:10
*** pixelbeat has quit IRC10:14
*** pixelbeat has joined #openstack-dev10:15
*** steveb_ has quit IRC10:20
pixelbeatzul, Thoughts on https://review.openstack.org/#/c/10498/ ?10:28
apevecpixelbeat, patch merging shouldn't be allowed over w/e :)10:33
*** zhuadl has quit IRC10:34
*** atul_ is now known as koolhead1110:45
*** dachary has quit IRC10:49
danpbanyone else seeing failures from Jenkins this morning10:50
danpbhttps://jenkins.openstack.org/job/gate-tempest-devstack-vm/5277/consoleFull10:50
danpb10:35:36  W: Failed to fetch bzip2:/var/lib/apt/lists/partial/mirror.rackspace.com_ubuntu_dists_precise-updates_universe_binary-i386_Packages  Hash Sum mismatch10:50
danpb10:35:36  E: Some index files failed to download. They have been ignored, or old ones used instead.10:50
danpbjeblair: anything you're aware of ?  ^^^10:51
*** koolhead11 has quit IRC11:08
*** EmilienM has quit IRC11:11
*** EmilienM has joined #openstack-dev11:13
*** asalkeld_ has joined #openstack-dev11:16
*** dachary has joined #openstack-dev11:16
*** asalkeld has quit IRC11:19
*** milner has quit IRC11:22
*** chrisfer has joined #openstack-dev11:25
zulpixelbeat: its a regression in my opinon and you will get a traceback everytime you run an instance is not good in my book, besides it should probably live in cloud-init11:34
*** markvoelker has joined #openstack-dev11:35
pixelbeatzul, Well it's just a LOG.debug that's generating the extra logs. I suppose I could try and suppress that as it's not that informative I suppose. OK to revert so, and add log suppression in another commit?11:40
*** milner has joined #openstack-dev11:42
*** maurosr has joined #openstack-dev11:42
zulpixelbeat: sure but my problem is that you are assuming that you are going to be running selinux on the images11:42
pixelbeatzul, No assumption of selinux. The `readlink -e /etc/selinux` that is generating the debug output is used to shortcut the procedure when /etc/selinux is not present11:43
*** maurosr has quit IRC11:49
zulpixelbeat: ok still i think this should be in cloud-init11:51
pixelbeatzul, Yep it should be in cloud-init too11:52
zulpixelbeat: meaning i think the injection stuff should be as generic as possibly11:52
zuler...possible11:52
*** maurosr has joined #openstack-dev11:54
pixelbeatzul, Well ssh key injection is such a common use case for the injection functionality, I think it's appropriate to add the simple optional extension to setup for a common case where SELinux is enabled in the guest11:55
pixelbeatBut I agree that cloud-init can be a better solution. That's why I've push cloud-init into EPEL so that it will be available in _future_11:57
zulif its optional then why not make it a flag then11:57
pixelbeatThere is an implicit flag (/etc/selinux)11:57
zuli dont think its a good flag :) why not just add FLAGS.use_selinux and then we would both be happy and distros that doesnt use selinux will be happy too11:59
pixelbeatAn implicit flag is much better because you may not know what guests are being used12:01
markmczul, why are distros that don't use selinux unhappy?12:01
markmczul, bearing in mind this is about guest support12:02
markmcpixelbeat, right, good defaults are preferable to adding to our 500 config options12:02
*** Shrews has joined #openstack-dev12:03
zulmarkmc: because i get a traceback everytime i launch an instance because it checks for an /etc/selinux, i dont think the use of readlink is a good in this case because of the traceback12:05
*** koolhead17 has joined #openstack-dev12:05
zuland i know we are going to get questions about this in Ubuntu12:05
markmczul, the traceback should be fixed12:05
markmczul, I don't think pixelbeat is arguing against fixing a traceback12:05
markmczul, you'll also get questions about SELinux-using guests not working if you disable this12:06
pixelbeatNote the traceback is only LOG.debug()12:06
pixelbeatAnyway I think we're all agreed. I'll reduce the debugging12:06
zulfine with me12:07
markmcsuperb12:07
*** salgado has joined #openstack-dev12:09
*** salgado has joined #openstack-dev12:09
DavieyThe real issue is that injection is nasty :)12:15
*** wiliam has joined #openstack-dev12:15
*** eglynn__ is now known as hungry-eglynn12:21
koolhead17markmc, hi there12:23
markmckoolhead17, hi12:23
*** dubsquared has quit IRC12:27
*** avishay has joined #openstack-dev12:29
avishayHi all.  I think I caught a bug in rootwrap in nova?  Can someone confirm?12:29
*** sacharya has joined #openstack-dev12:40
*** e1mer has quit IRC12:43
*** e1mer has joined #openstack-dev12:46
mtaylorMadkiss: morning12:50
*** andrewsmedina has joined #openstack-dev12:51
*** GheRivero has quit IRC12:52
*** lts has joined #openstack-dev12:52
*** sniperd has quit IRC12:52
Madkissmtaylor: Have you had time to look at the bug report? :)12:54
mtaylorMadkiss: nope. still making coffee - link/number?12:55
*** sacharya has quit IRC12:55
*** lorin1 has joined #openstack-dev12:56
*** andrewsmedina has quit IRC12:56
*** hungry-eglynn is now known as eglynn12:56
Madkissmtaylor: aw c'mon. https://bugs.launchpad.net/openstack-ci/+bug/102846712:57
uvirtbotLaunchpad bug 1028467 in openstack-ci "virtualenv should really set root when it installs things" [Undecided,New]12:57
MadkissLooks like nobody has even taken a look at it.12:58
markmcpixelbeat, you can edit that message by fetching it, amending and re-pushing13:00
*** salgado has quit IRC13:01
mtaylorMadkiss: oh, piddle! sorry, that did, in fact, totally slip through the cracks13:03
mtaylorMadkiss: I have assigned to me so that that won't happen again13:03
*** salgado has joined #openstack-dev13:03
*** salgado has joined #openstack-dev13:03
*** mcolombo has joined #openstack-dev13:05
*** zhuadl has joined #openstack-dev13:07
*** ewindisch has quit IRC13:08
*** mcolombo has quit IRC13:10
*** roge has joined #openstack-dev13:10
*** zhuadl has quit IRC13:12
*** dolphm has joined #openstack-dev13:13
Madkissmtaylor: oky, thanks13:16
Madkissmtaylor: In accordance with your comment, I will amend my commit to not install stuff into system locations13:17
*** sulochan has joined #openstack-dev13:17
*** alex88 has joined #openstack-dev13:25
*** alex88 has joined #openstack-dev13:25
*** kbringard has joined #openstack-dev13:26
*** andrewsmedina has joined #openstack-dev13:26
*** mcolombo has joined #openstack-dev13:27
mtaylorMadkiss: yeah, it's not something I have the ability to fix short term, but I would like to poke at upstream and see what can be done13:28
*** theron has joined #openstack-dev13:30
*** andrewbogott has joined #openstack-dev13:31
*** andrewbogott has joined #openstack-dev13:31
*** GheRivero has joined #openstack-dev13:32
*** sacharya has joined #openstack-dev13:32
*** dolphm has quit IRC13:33
smoserpixelbeat, around?13:34
*** sdake has quit IRC13:35
*** dprince has joined #openstack-dev13:35
smoserhm..13:36
smosermaybe markmc ?13:36
smoserhttps://github.com/openstack/nova/commit/7bac53f97e7c2025e492de7e9c9f5d2451aceee313:36
*** sdake has joined #openstack-dev13:36
smoserdoesnt the readlink there potentially expose information about the host? if i launch an instance that has in its filesystem  a symlink from '/etc/selinux' to '/etc/selinux'13:36
smoserthen i can determine if the host had /etc/selinux13:36
smoseror any other file13:37
smoserwouldn't a simple 'os.path.lexists' be better there?13:37
pixelbeatsmoser, well I don't read/write the file13:39
smoserno. but you give information about the host.13:39
smoserjust check if the guest has the file instead.13:39
smoserif they have a dangling symlink there, then thats their own fault.13:39
*** markmcclain has joined #openstack-dev13:39
smoseram i missing something?13:39
pixelbeatnote you can't just os.path.exists() as you need to run as root to handle all mount cases (libguestfs uses fuse, so need root access to look inside guest)13:40
*** GheRivero has quit IRC13:41
smoserah. that makes sense.13:41
smoserbut you agree that i can basically poke around the presense of files in the host (very slowly) this way.13:42
pixelbeatTrue13:42
smoserkind of surprised that readlink doesn't have a "assume / is <path>" option13:43
pixelbeatI added a new realpath command lately that supports that13:43
eglynnrussellb: a while back we discussed changing an RPC MEP from cast to call, IIRC your feeling was that this warranted a minor version bump13:43
pixelbeatIt's a bit too new to rely on though13:43
smoseryeah.13:43
smoserinjection is a mes.13:44
smoserthis is really  just dangerous13:44
russellbeglynn: hello, yeah, if it's adding a return value anyway13:44
russellbeglynn: if it's only making it synchronous, and no return value is being used, it doesn't really matter much either way13:44
eglynn russellb: how 'bout a potential exception being raised?13:44
pixelbeatsmoser, What I might do is verify returns from readlink with the python function to check a file is within a path13:44
russellbunless you just really want to be sure from the calling side that it's synchronous13:44
eglynnrussellb: wrt ... https://review.openstack.org/#/c/10130/6/nova/compute/manager.py13:44
russellbeglynn: if you want to make sure the exception can be raised, the version bump is needed13:45
eglynnrussellb: cool, can throw in your 2 cents in gerrit?13:45
smoserpixelbeat, the chmod there also needs some protection?13:45
russellbeglynn: yup13:46
*** koolhead17 has quit IRC13:46
smoseri can potentially chnage the attributes of a file in the host?13:46
eglynnrussellb: thank you sir!13:46
russellbdone13:47
russellbarosen: did you typo your name in a commit recently?  You got listed as a first contributor in the weekly newsletter as Aaron Orosen, heh.13:50
*** e1mer has quit IRC13:52
*** e1mer has joined #openstack-dev13:54
*** ayoung has joined #openstack-dev13:55
*** halfss has joined #openstack-dev13:58
*** andrewbogott has quit IRC13:59
*** e1mer has quit IRC13:59
*** andrewbogott has joined #openstack-dev14:00
*** andrewbogott has joined #openstack-dev14:00
*** maoy has joined #openstack-dev14:01
*** e1mer has joined #openstack-dev14:05
*** sc68cal has joined #openstack-dev14:08
*** mdomsch has joined #openstack-dev14:09
*** rpedde_away is now known as rpedde14:11
*** dragondm has quit IRC14:16
*** Gordonz has joined #openstack-dev14:16
*** zhuadl has joined #openstack-dev14:16
*** Gordonz has quit IRC14:16
*** Gordonz has joined #openstack-dev14:16
*** chuckieb has joined #openstack-dev14:16
*** dragondm_ has joined #openstack-dev14:16
*** dragondm_ is now known as dragondm14:16
*** e1mer has quit IRC14:16
*** ogelbukh has quit IRC14:16
*** ogelbukh has joined #openstack-dev14:18
*** edygarcia has joined #openstack-dev14:18
*** dubsquared has joined #openstack-dev14:19
*** sandywalsh has joined #openstack-dev14:21
*** mcolombo has quit IRC14:21
*** sdake has quit IRC14:23
*** maurosr has quit IRC14:24
*** sdake has joined #openstack-dev14:25
*** matiu has joined #openstack-dev14:25
*** maurosr has joined #openstack-dev14:29
*** rnirmal has joined #openstack-dev14:29
jeblairdanpb: thanks, loooking into it.14:33
*** Gordonz has quit IRC14:33
*** jaypipes has quit IRC14:34
*** dolphm has joined #openstack-dev14:34
*** Gordonz has joined #openstack-dev14:35
*** littleidea has joined #openstack-dev14:36
eglynncore-tempest folks: anyone have time to look at https://review.openstack.org/10216 ?14:40
eglynn(holding up a couple of nova patches being gate-able)14:40
*** nikhil has quit IRC14:43
*** nikhil has joined #openstack-dev14:44
*** zhuadl has quit IRC14:47
*** Mandell has joined #openstack-dev14:51
*** theron has quit IRC14:53
jeblairdanpb: it looks like rackspace's ubuntu mirror is broken.  I've filed a ticket about the problem, and disabled the use of rackspace nodes for devstack-gate.14:53
danpbjeblair: cheers14:53
*** datsun180b has joined #openstack-dev14:54
*** cp16net is now known as cp16net|away14:54
*** yuanz has joined #openstack-dev14:54
*** jaypipes has joined #openstack-dev14:55
*** jtran has joined #openstack-dev14:57
*** matiu has quit IRC15:00
*** maurosr has quit IRC15:02
*** maurosr has joined #openstack-dev15:03
*** andrewsmedina has quit IRC15:04
*** AlanClark has joined #openstack-dev15:04
*** Mandell has quit IRC15:06
*** littleidea has quit IRC15:07
*** littleidea has joined #openstack-dev15:07
*** halfss has quit IRC15:09
*** halfss has joined #openstack-dev15:09
*** milner has quit IRC15:12
*** matiu has joined #openstack-dev15:13
*** matiu has quit IRC15:13
*** matiu has joined #openstack-dev15:13
*** chuckieb has quit IRC15:15
*** GheRivero has joined #openstack-dev15:19
*** markvoelker has quit IRC15:20
*** markvoelker has joined #openstack-dev15:21
*** Gordonz has quit IRC15:21
*** andrewbogott_ has joined #openstack-dev15:22
*** Gordonz has joined #openstack-dev15:22
GheRiverohi people15:22
*** spiffxp has joined #openstack-dev15:23
*** andrewbogott has quit IRC15:24
*** andrewbogott_ is now known as andrewbogott15:24
*** Gordonz_ has joined #openstack-dev15:25
*** milner has joined #openstack-dev15:25
*** danwent has joined #openstack-dev15:25
*** heckj has joined #openstack-dev15:26
*** Gordonz has quit IRC15:28
*** halfss has quit IRC15:31
*** erikzaadi has quit IRC15:34
*** alex88 has quit IRC15:39
*** rohitk has joined #openstack-dev15:40
*** alex88 has joined #openstack-dev15:40
*** alex88 has joined #openstack-dev15:40
*** alex88 has quit IRC15:40
*** alex88 has joined #openstack-dev15:41
dansmithmarkmc: FYI, this "lock_checked" change is taking quite a while.. don't think I've forgotten about it :)15:41
dansmithmostly because of russellb's unreasonable desire to "test everything thoroughly"15:41
markmcdansmith, cool15:42
markmcdansmith, glad we can shift the blame onto russellb15:42
russellbO.O15:42
russellbif the blame is that i like testing too much, i guess i'm ok with that15:42
dansmithrussellb: I knew it wasn't exactly a strong argument.. :P15:43
*** yuanz has quit IRC15:45
*** reed has joined #openstack-dev15:51
*** markmcclain has quit IRC15:51
*** nunosantos has joined #openstack-dev15:53
andrewbogottrussellb:  Could I get a review of https://review.openstack.org/#/c/10035/ ?15:53
*** joearnold has joined #openstack-dev15:55
*** zaitcev has joined #openstack-dev15:55
russellbandrewbogott: honestly, the more you ping me on IRC about the change, the less i want to review it15:57
russellbyou've pinged so many times ... sorry i haven't gotten to it, but sheesh15:58
andrewbogottrussellb:  fair enough, sorry.15:58
*** markmcclain has joined #openstack-dev15:58
sc68calDoes anyone here have a good handle on the DNS Domain functionality of nova? I have a strange bug that I'm trying to figure out. https://bugs.launchpad.net/nova/+bug/102799816:01
uvirtbotLaunchpad bug 1027998 in nova "db.dnsdomain_get API calls return no results" [Undecided,New]16:01
sc68calEssentially, I create a dns domain using the CLI tool, and can't get the domains I created returned from the CLI. In addition, the SQLAlchemy calls in the db.api package appear to return no results either16:05
sc68calI've replicated this in DevStack, as well as an install of stable/essex16:06
*** andrewbogott has left #openstack-dev16:06
*** armaan has joined #openstack-dev16:06
*** davidkranz has joined #openstack-dev16:06
zuljgriffith: ping16:07
*** davidkranz_ has quit IRC16:07
jgriffithzul: hey16:07
jgriffithzul: Looking now :)16:07
zuljgriffith: any idea why its failing?16:07
jgriffithzul: Give me ~ 5 and I'll have a look, I might know the issue16:08
*** mokas has quit IRC16:08
zuljgriffith: ack16:08
*** andrewsmedina has joined #openstack-dev16:11
*** bencherian has joined #openstack-dev16:13
*** Gordonz_ has quit IRC16:14
*** davidkranz_ has joined #openstack-dev16:18
*** davidkranz has quit IRC16:20
*** davidkranz has joined #openstack-dev16:24
*** davidkranz_ has quit IRC16:26
*** sniperd has joined #openstack-dev16:27
*** alex88 has quit IRC16:32
ttxnotmyname: around ?16:33
notmynamettx: ya16:34
*** devananda has joined #openstack-dev16:34
jgriffithzul: I'm going to pull this and try running it on my system and see if I can trace through to find the problem16:34
ttxnotmyname: when all set for 1.6.0, you should push a Final=True commit to milestone-proposed16:34
notmynamettx: ok, I can do that16:34
zuljgriffith: ok16:34
ttxnotmyname: and if that's done today i can pick it up in my tomorrow morning and publish it.16:35
notmynamettx: I'll do it asap16:35
ttxnotmyname: it's all QA'ed ?16:35
notmynamettx: not finished yet16:35
ttx(Final=True should be done as last step)16:36
*** bhuvan has joined #openstack-dev16:36
ttxnotmyname: maybe wait for the QA signoff. I won't have time to push it today anyway (having the evening off)16:36
ttxso I'll pick it up early tomorrow morning.16:36
notmynamettx: ya, it will probably get signoff today or tomorrow. I'll push final=true when I have that confirmation16:37
ttxnotmyname: sounds good!16:37
*** milner has quit IRC16:43
*** rohitk has quit IRC16:44
*** jog0 has joined #openstack-dev16:48
*** thingee has joined #openstack-dev16:49
jgriffithzul: I'm trying to find the mod I need for devstack for this16:50
zuljgriffith: https://review.openstack.org/#/c/10467/16:50
jgriffithzul: thanks!16:51
jgriffithzul: So until this lands in devstack I think we're on hold no?16:52
zuljgriffith: i think so...needs another core reviewer16:52
*** martines has quit IRC16:52
jgriffithzul: Right.. but what I'm saying is this is *why* the cinder changes are failing in jenkins16:52
zuljgriffith: looks like it16:53
*** Aaton_off is now known as Aaton16:54
*** nunosantos has quit IRC16:54
*** heckj has quit IRC16:56
*** maploin has quit IRC16:56
*** darraghb has quit IRC16:57
*** andrewbogott has joined #openstack-dev16:57
*** andrewbogott has joined #openstack-dev16:57
*** nunosantos has joined #openstack-dev17:01
*** bhuvan has quit IRC17:03
*** nati_ueno has joined #openstack-dev17:04
*** AlanClark has quit IRC17:05
*** issackelly has joined #openstack-dev17:06
*** issackelly has quit IRC17:07
*** nati_ueno has quit IRC17:08
*** nati_ueno has joined #openstack-dev17:08
*** Ryan_Lane has quit IRC17:09
*** issackelly has joined #openstack-dev17:09
*** adjohn has joined #openstack-dev17:09
*** danpb has quit IRC17:09
*** matwood has joined #openstack-dev17:09
*** jdurgin has joined #openstack-dev17:13
*** sstent has quit IRC17:16
*** derekh has quit IRC17:16
*** sstent has joined #openstack-dev17:17
*** matwood has quit IRC17:22
*** mokas has joined #openstack-dev17:22
*** rohitk has joined #openstack-dev17:22
*** martines has joined #openstack-dev17:23
*** jaypipes has quit IRC17:25
*** milner has joined #openstack-dev17:25
*** mokas has quit IRC17:26
*** apevec has quit IRC17:30
*** jaypipes has joined #openstack-dev17:34
*** cp16net|away is now known as cp16net17:35
ayoungdolphm, I am not too clear on one of your PKI comments.  Got a second to elucidate?17:38
*** sniperd has quit IRC17:38
*** sniperd has joined #openstack-dev17:38
*** notmyname has quit IRC17:39
dolphmayoung: sure17:40
*** notmyname has joined #openstack-dev17:40
*** ChanServ sets mode: +v notmyname17:40
ayoungdolphm, reissue versus authenticate with tokens?17:40
ayoungThe authenticate call seems like it is there to validate the tokens.  Why would we want to issue a new one, especially WRT the whole sliding window issue that we fixed?17:41
ayoungI don't recall the conversation.17:41
dolphmayoung: validation is totally seperate ... when you POST /tokens with a token in the request body, the goal is to exchange your token for a different one, usually because the token you have is not associated with a tenant, and you want one back *with* a tenant17:42
*** matiu has quit IRC17:43
ayoungdolphm, right.  hence all the checks for the tenant id.17:43
ayoungBut if you ask for a token for a given tenant ID, and there is already one issued for that id,  shouldnt we reuse the issued token?17:43
dolphmayoung: the fact that we (until recently ;]) produced a new token on every POST /tokens is just due to the expected semantics of POST -- in diablo, we returned an existing token if one existed, just like you're doing now17:44
ayoungdolphm, so...ther one issue is that we don't distinguish between the reissue window and the expiration window.  I think we need a new window17:45
ayoungif a token is to be used for a long running job,  you don't want to ask for a token and then get one that will expire in 5 minutes.17:45
dolphmresissue window == expiration window, no?17:45
dolphmayoung: default token duration is 24 hours, right?17:46
ayoungdolphm, right now, yes, in that we would only issue a new token if the old is invalid17:46
dolphmayoung: # Amount of time a token should remain valid (in seconds) # expiration = 8640017:46
ayoungbut what if we have a 24hour duration, and the user asks for a token at 23hrs and 59 minutes?17:47
dolphmayoung: depends on their authentication method17:47
dolphmayoung: if they provide username & password, they get back a fresh 24 hour token17:47
ayoungdolphm, I don't agree.17:47
ayoungUID/PW will still elad to a proliferation of tokens.17:47
dolphmayoung: if they authenticate with their existing token (with 1 minute left on the clock) they get back a second token with the same expire time17:47
ayoungnone of the CLIs cache tokens, only record UID/PW17:48
ayoungso each CLI call will generate a new token17:48
ayoungobviously, token->token should not extend lifespan17:48
dolphmayoung: CLI's aren't the only client implementations17:48
ayoungdolphm, that is true, and irrelevant :)17:48
ayoungany client impl might have this problem17:49
davidkranzeglynn: Hopefully this can go through now https://review.openstack.org/#/c/10552/17:49
*** mokas has joined #openstack-dev17:49
dolphmayoung: maybe i don't understand the problem you're describing?17:49
ayoungdolphm, if everytime a user auths with UID/PW we generate a new token,  we will have a huge number of tokens17:49
dolphmayoung: the CLI implementation naively authenticating for every command is just due to it's simple design17:49
ayoungall will be valid, and all will have to stick around17:49
dolphmayoung: but only for 24 hours or whatever17:50
*** matiu has joined #openstack-dev17:50
ayoungdolphm, but if you run a script that ends up calling to keystone 2500 times you should not have 2500 tokens17:50
dolphmayoung: old tokens are small and easily flushable, and PKI tokens don't need to be persisted on the keystone-side, right?17:50
ayoungdolphm, wrong17:50
dolphmayoung: which part17:50
ayoungdue to the new checks, we have to hold on to them17:51
*** Mandell has joined #openstack-dev17:51
ayoungnow..it might be possible to only hold on to the hash_id17:51
dolphmayoung: hold onto old tokens past expiration or hold onto PKI tokens?17:51
ayoungdolphm, when we create a PKI token,  the id is the whole document, and it is hashed and put into id_hash17:51
ayoungin the SQL imp17:52
ayoungthe more I think about it, however, the more I think that we don't need to store the whole id,  just the hash...I need to make sure that will work for the upgrade path, though17:52
dolphmayoung: what's the persisted id / hash id used for later?17:53
ayoungdolphm, only becasue the SQL impl needs a primary key, and there are length constraints for the column17:53
*** jakedahn_zz is now known as jakedahn17:53
ayoungthe huge PKI ID can;'t be a primary key or index17:53
*** maurosr has quit IRC17:54
*** dachary has quit IRC17:54
dolphmayoung: what do you need to store it for? (assuming you *do* issue *new* tokens on every POST /tokens)17:55
ayoungIf we issue new tokens, we don't need to store the whole token,  but we need the id_hash to ensure that we know when a toen has been revoked17:57
dolphmayoung: ah, i forgot about token revocation17:57
*** rods has quit IRC17:58
dolphmayoung: that's a good solution then, i think17:58
ayoungdolphm, the reissue window is a good solution?17:58
ayoungactually, we could recaculate a reissue window off the expiry.  That is probably how most people would want to think about it anyway17:59
*** epim has joined #openstack-dev18:00
*** matwood has joined #openstack-dev18:00
dolphmayoung: (just storing the hash for token revocation purposes == good solution) ... i would lean toward no on reissuing tokens, but i'm more concerned with good docs on the expected behavior :)18:00
ayoungdolphm, are you sure that, prior to my change, keystone did not reissue tokens on UID/Password resubmits?18:02
dolphmayoung: you're basically suggesting something like... if REMAINING_TOKEN_LIFESPAN > FULL_TOKEN_DURATION / 2: reissue_token()18:02
*** danwent has quit IRC18:02
dolphmayoung: pretty sure -- authenticate() always returned the uuid.uuid4().hex generated at the beginning of the method if auth was successful18:03
ayoungdolphm, well, I would use a different formula, but yes.  Maybe more like   if REMAINING_TOKEN_LIFESPAN - NOW < THRESHOLD: reissue_token()18:03
*** GheRivero has quit IRC18:03
ayoungdolphm, why does this not just fill up the databases with single use tokens?18:03
dolphmayoung: doesn't it, though?18:04
ayoungdolphm, do you have system you can test on?  Mine all have the new code on them right now.18:04
ayoungactually, I might have one...1 sec18:05
dolphmayoung: sure18:05
*** Ryan_Lane has joined #openstack-dev18:05
ayoungdolphm, ok,  so token-get returns a new one everytime...18:06
vishyjgriffith: https://jenkins.openstack.org/job/gate-tempest-devstack-vm/5321/artifact/logs/screen-c-sch.txt18:06
*** Gordonz has joined #openstack-dev18:07
*** anniec has joined #openstack-dev18:07
*** maurosr has joined #openstack-dev18:07
jgriffithvishy: Thanks!18:12
dansmitherlang18:12
dansmithoops18:12
*** rohitk has quit IRC18:12
*** gyee has joined #openstack-dev18:12
*** gyee has quit IRC18:12
*** rohitk has joined #openstack-dev18:12
jtrandtroyer, what's "F17"?18:13
*** salgado has quit IRC18:13
*** maurosr has quit IRC18:13
*** sulochan has quit IRC18:13
dolphmayoung: "an identical token may have been created already. if so,  return the token_data as it is also identical" <-- except you don't actually return the existing token18:14
zaitcevjtran: Fedora 1718:14
*** gyee has joined #openstack-dev18:14
jtranooh ok.18:14
jtranthx, zaitcev18:14
*** Gordonz_ has joined #openstack-dev18:14
ayoungdolphm, true.  And technically impossible, now that the time stamp is in the token.18:14
*** Gordonz_ has quit IRC18:15
*** edygarcia has quit IRC18:17
*** Gordonz has quit IRC18:18
*** ron-slc has joined #openstack-dev18:18
dprinceayoung: Question on singing_dir... it needs to be unique for each service right? Based on what I see in auth_token that appears to be the case...18:19
ayoungdolphm, so that code is correct, you realize.  The value of  exist_token will be identical to token_data18:19
ayoungdprince, no18:19
ayoungit is a cache, and can be shared18:19
dprinceayoung: signing not singing. (although perhaps we do need a singing dir too!)18:19
dprinceBut it gets chowned as write only to that user/group that creates it.18:20
ayoungdprince, however, there is nothing wrong with making one per service.18:20
ayoungdprince, should be ok18:20
ayoungthe first service requests the certs and populate18:20
ayoungs18:20
*** PotHix has joined #openstack-dev18:21
dprinceI'm actually hitting this exception "TODO: Need to find an Exception to raise here."18:21
ayoungI guess there is the potential for an early failure there in some sort of race condition,18:21
dprince(a real gem)18:21
ayoungdprince, do you have PKI enabled?18:21
dprincenope18:21
ayoungor is this just in provisioning a system?18:21
* ayoung RCA dog look18:21
*** maurosr has joined #openstack-dev18:22
dprinceI'm hitting this when installing a system.18:22
*** edygarcia has joined #openstack-dev18:22
dprinceAll services on the same box, glance, keystone, nova, swift, etc.18:22
*** maoy has quit IRC18:23
dolphmdprince: i've seen that comment before .. where is it?18:23
ayoungdprince, ah,,,,18:23
ayoungdolphm, auth_token18:23
ayoungmiddleware, init18:23
ayoungline 15518:23
ayoungish18:23
*** maurosr has quit IRC18:23
dolphmayoung: found it18:24
dolphmayoung: doesn't that just raise an excepting trying to raise a string?18:24
ayoungdolphm, I think that dprince is using the Fedora RPMS as opposed to Devstack.  dprince corect?18:25
dolphmayoung: * doesn't raising a string raise it's own exception?18:25
ayoungdolphm, it breaks the init process18:25
dprinceayoung: Yes. This is SmokeStack.18:25
ayoungOK...we have a couple options18:25
ayoungwe can remove the check and let things fail later18:25
ayoungwe can make one dir per service18:25
dprincedolphm: yes. The way that exception is raised is also a problem. But that isn't what I'm getting at here...18:25
ayoungor we can safely share the dir18:25
*** maoy has joined #openstack-dev18:25
dprinceayoung: Those were my questions for you!18:26
dolphmayoung: can you start with logging an error? LOG.error("Can't write to %s" % self.signing_dirname)18:26
dprinceI just spent the last 20 minutes considering several of those options and I started getting confused.18:26
ayoungdprince, I seen no reason to try and minimize the number of REST calls to fetch certs....probably the safest bet is "one dir per service"18:26
dprinceSeems like automatically naming the directories would be nice....18:27
ayoungright now the dir name is18:27
ayoungconf.get('signing_dir'18:27
ayoungwith a default of  '/tmp/keystone-signing')18:27
dprinceI suppose we should maybe just update the auth_token examples in each project (Nova, Glance, Swift).18:27
ayoungdprince, so set that value explicitly and it should work:18:27
dprince/tmp/keystone-signing-nova for example.18:27
ayoungdprince, precisely18:28
dprinceYep. I did that myself and it works great. I feel like we should do that in the various projects too... If I push paste file updates to Nova, Glance, Swift, etc to use the unique directory names would you buy that?18:28
dtroyerjtran: Fedora 1718:29
dprinceayoung: ^^ essentially would make it clear to end users that separate directories are fine (recommended even).18:29
ayoungdprince, I would buy into that, yes18:30
dprinceayoung: OKay. I'll do that then. That would make me happier about this I think.18:30
dprinceayoung: I think that's it then. Thanks sir.18:31
dprinceayoung: Oh. Well. There is the exception itself... we need to fix that.18:31
ayoungdprince, I am actually happy that people are tripping over bugs in PKI.  I think the more noise it makes, the more solid the impl will be in the long run18:31
ayoungdprince, yeah, I can fix that exception18:31
dprinceayoung: deal.18:32
*** matwood has quit IRC18:32
*** matwood has joined #openstack-dev18:32
dolphmayoung: i finally see what you're doing in that try / except ...18:33
dolphmayoung: in the outer try / except, don't you really only want to catch keystone.exception.Conflict?18:33
dolphmayoung: i would assume that's the only condition in which you'd want to verify that a duplicate token already exists18:34
*** maurosr has joined #openstack-dev18:34
ayoungdolphm, yes,  That code verifies that.  If it does not exist, there is an exception, and it is not one that we can handle.18:35
ayoungSince it is such an edge condition, I am oK with running the query a second time18:35
ayoungdprince, https://bugs.launchpad.net/keystone/+bug/103100818:35
uvirtbotLaunchpad bug 1031008 in keystone "Report better error when signing dir is not writable" [Undecided,New]18:35
*** yapeng has quit IRC18:36
dprinceayoung: THanks. Do you think I should create a ticket for the other issue... its sort of just a config file/doc thing.18:37
dprinceayoung: ?18:37
ayoungdprince, yes,  lets make sure we don't lose it.18:37
ayoungIt is a real issue, and should be in a ticket.  If you got burnt by it, so will others.18:37
ayoungthe thing is,  I am wondering if I should still provide a better sharing mechanism,  or a better default dir name?18:38
ayoungdprince, is there a way to get the "good name" of a service when it is runnning?18:38
dprinceI though about using 'admin_user'.18:39
ayoungAlso,  it might not just be REST services that need to validate tokens....it might not be sufficient to use nova, or glance,18:39
*** avishay has quit IRC18:39
ayoungunless they all run as the same user18:39
dprinceayoung: https://review.openstack.org/1055518:41
ayoungdprince,  how about  /tmp/keystone-<username>18:41
davidkranzhttps://review.openstack.org/#/c/10552/ is failing with what I think is a bogus timeout, not a real test failure. Any one know how to kick this change to get jenkins to try again?18:41
dprinceayoung: I thought it bad to expose the username in the /tmp directory name.18:41
ayoungdprince, why ?18:42
dprinceayoung: Oh. You mean just the username of the process that is running?18:42
ayoungdprince, yes18:43
dprinceayoung: That is probably fine I guess. I was thinking you mean one of the username params used for auth_token setup.18:43
dprinceayoung: As a default username would seem fine I think.18:44
ayoungdprince, let me think about it.  I think it is the right abstraction.18:44
ayoungNeed to go do a daycare pickup.  I'll let it ferment until then18:44
dprinceayoung: No harm in setting them per service either though... That is a valid approach.18:45
dprinceayoung: Cool. Later then.18:45
*** matwood has quit IRC18:49
*** epim has quit IRC18:51
*** epim has joined #openstack-dev18:51
*** rohitk has quit IRC18:56
*** rnirmal has quit IRC18:56
*** danwent has joined #openstack-dev19:00
*** vishy is now known as vishy-afk19:03
*** dachary has joined #openstack-dev19:03
*** rkukura has quit IRC19:05
*** rkukura has joined #openstack-dev19:05
*** dhellmann has joined #openstack-dev19:08
*** armaan has left #openstack-dev19:09
*** sulochan has joined #openstack-dev19:12
*** bhuvan has joined #openstack-dev19:12
*** sulochan has left #openstack-dev19:12
bhuvandhellmann: can you please review the revised (keyring) patch, https://review.openstack.org/#/c/9497/ when you find time?19:13
*** datsun180b has quit IRC19:14
dhellmannbhuvan: did you see the replies to your message on the mailing list?19:15
*** nunosantos has quit IRC19:16
*** salgado has joined #openstack-dev19:18
* bhuvan is going through the email from dhellmann, in the list19:18
dhellmannbhuvan: Look for the other responses, too. I do not want to rush accepting this patch. We need you to work through the use cases beyond a single person with a single login.19:21
*** nunosantos has joined #openstack-dev19:23
*** vishy-afk is now known as vishy19:23
vishyjgriffith: looks like that issue was temporary: https://review.openstack.org/#/c/10538/19:25
jgriffithvishy: Yeah, but there's a number of issues19:25
jgriffithvishy: So the volume_types is removed from Cinder19:25
jgriffithvishy: err.. vm_types19:26
vishyjgriffith: right, scheduler needs to be changed to remove that stuff19:26
jgriffithvishy: I don't think that's the problem with the tgt changes though19:26
jgriffithvishy: Yeah, I have the changes to scheduler ready to go19:26
jgriffithvishy: Just trying to resolve the attach issues with the tgt patch first19:26
*** eglynn is now known as eglynn-GOFAR19:26
*** salgado has quit IRC19:28
vishyjgriffith: could be because of https://review.openstack.org/#/c/10549/19:31
*** Ryan_Lane has quit IRC19:31
*** littleidea_ has joined #openstack-dev19:34
*** salgado has joined #openstack-dev19:34
*** salgado has joined #openstack-dev19:34
*** novas0x2a|laptop has joined #openstack-dev19:34
*** salgado has quit IRC19:34
*** salgado has joined #openstack-dev19:35
*** littleidea has quit IRC19:35
*** littleidea_ is now known as littleidea19:35
*** jgriffith has quit IRC19:39
*** steveb_ has joined #openstack-dev19:46
*** matwood has joined #openstack-dev19:48
*** armaan has joined #openstack-dev19:49
*** armaan has left #openstack-dev19:49
dprince    hypervisor_hostname = Column("hypervisor_hostname", String(255))19:50
*** mokas has quit IRC19:51
*** salgado has quit IRC19:51
*** jgriffith has joined #openstack-dev19:52
*** jgriffith is now known as Guest1466219:52
Guest14662vishy: Ahhhh19:52
Guest14662vishy: I'll bet that's it19:53
Guest14662exit19:53
*** Guest14662 has quit IRC19:53
*** mokas has joined #openstack-dev19:53
*** jgriffith has joined #openstack-dev19:56
*** wiliam has quit IRC19:57
*** rnirmal has joined #openstack-dev20:02
*** matwood has quit IRC20:02
*** nati_uen_ has joined #openstack-dev20:02
*** milner has quit IRC20:03
*** nati_ueno has quit IRC20:06
*** salgado has joined #openstack-dev20:06
*** salgado has joined #openstack-dev20:06
*** salgado has joined #openstack-dev20:06
*** mokas has quit IRC20:07
*** eglynn-GOFAR is now known as eglynn20:09
ayoungdprince, I take it you tested your keystone change?20:13
dprinceayoung: yesir20:15
ayoungdprince, how'd you test?20:15
creihteglynn: thanks for jumping on that xml volume creation bug20:15
dprinceayoung: swift wouldn't start (due to permissions issues). I laid that code in place and I got /tmp/keystone-signing-swift... and swift started.20:16
eglynncreiht: np!20:16
ayoungdprince, nice20:16
*** Ruetobas has quit IRC20:16
ayoungdprince, I'm going to give it a run on devstack.  If all works there,  I'll merge20:16
dprinceayoung: while I've got you... lets talk about migrations!20:16
dprinceayoung: I've got one that works for Postgresql and MySQL I think...20:17
dprinceayoung: (in python)20:17
dprinceayoung: Any reason you used .sql files for the 002 migrations?20:17
ayoungdprince, yep20:17
ayoungI was doing a column mod, and sqlalchemy couldn't handle that20:17
dprinceayoung: If I were to replace it with a python version would you be cool with that?20:17
ayoungdprince, does your version maintiain the data?20:18
dprinceayoung: I *think* I hit the same issue and I was able to work around it by grabbing another version of the metadata (after renaming the column).20:18
ayoungdprince, so...the other thing is that I think I want to go back to the old schema.  See my previous conversation with dolphm  for context20:18
clarkbpython-glanceclient reviewers can you take a look at https://review.openstack.org/#/c/10438/ ? A small change to fix the coverage testing for python-glanceclient20:18
ayoungRIght now, we are storing the token data for PKI which is huge20:18
ayoungIf we don't really need that, we can store just the id_hash20:19
ayoungbut I am not yet convinced20:19
dprinceayoung: So... you plan on dropping id_hash and just haveing the id (pkey) again?20:19
dprinceayoung: Still. You've already done it... so the right thing to do is to make a new migration to move forwards.20:19
ayoungdprince, plan is too firm a word.  Lets say I am entertaining the idea,  but not using the best china in doing so...20:19
ayoungdprince, nah, this migration could just be undone20:20
ayoungwe don't need to support random middle versions of the code. just upgrades from essex20:20
ayoungbut...20:21
dprinceayoung: I'm not sure we take that stance on all OpenStack projects.... there are some deployments following upstream a bit more closely.20:21
*** mokas has joined #openstack-dev20:22
ayoungdprince, right.  THe thing is, I am not yet ready to commit to rolling it back anyway.  I like having the token in there, as we can then re-issue them20:22
dprinceayoung: anyway. Thanks for the info on possibly re-working the migrations for this. Good to know. In anycase I'd like Postgres to work too so I may push this fix for that.20:22
ayoungwhich makes sense in some cases20:22
ayoungpostgres should work with my sqlite sql script20:22
dprinceWhich will most likely use python...20:22
*** datsun180b has joined #openstack-dev20:22
ayoungtry it that way first before adding a new patch20:22
dprinceayoung: that would be a manual hack20:23
dprinceayoung: I want something that works out of the box... aka. keystone-manage db_sync20:23
ayoungbut I would be OK redoing the whole thing in python if we could get it down to one file20:23
ayoungI'd say that is preferred20:23
dprinceayoung: Yep. That is my goal here.20:23
dprinceayoung: single file in python that supports all 3... sqlite, mysql, postgres.20:24
*** lorin1 has left #openstack-dev20:24
ayoungdprince, I was told that postgres would ues the sqlite script. I take it that was lie?20:24
*** lorin1 has joined #openstack-dev20:24
ayounga lie20:24
*** Ruetobas has joined #openstack-dev20:24
dprinceayoung: Well... Not calling it a lie... But it didn't work for me.20:25
dprinceayoung: So I'm fixing it.20:25
ayoungdprince, +120:25
ayoungdprince, I just tested your fix on devstack.  Works as expected.  I will trigger the merge20:26
dprinceayoung: Great. THanks man.20:27
*** johnpur has joined #openstack-dev20:28
*** ChanServ sets mode: +v johnpur20:28
*** steveb_ has quit IRC20:34
*** markvoelker has quit IRC20:34
*** marktvoelker has joined #openstack-dev20:35
*** Ryan_Lane has joined #openstack-dev20:35
*** dprince has quit IRC20:36
*** nati_uen_ has quit IRC20:36
*** nati_ueno has joined #openstack-dev20:36
*** rods has joined #openstack-dev20:37
davidkranzjaypipes: What did you do to kick the admin password change to retry the build?20:39
notmynamettx: LP updated post-facto with swift 1.6.0 blueprints20:39
*** apevec has joined #openstack-dev20:40
*** apevec has joined #openstack-dev20:40
jaypipesdavidkranz: put "recheck" into a review comment :)20:41
davidkranzjaypipes: How clever :)20:41
jaypipesdavidkranz: and check here for progress on our little tempest-devstack-vm monster: https://jenkins.openstack.org/zuul/status :)20:42
davidkranzjaypipes: Hmm. Not sure what that means.20:43
jaypipesdavidkranz: that link just gives the latest status of the jobs that Zuul handles (which the tempest gate is part of)20:44
jaypipesdavidkranz: after that, you'd have to ask jeblair  ;P20:44
davidkranzjaypipes: OK. Wasn't sure what "monster" referred to..20:44
jaypipesdavidkranz: oh, just meaning that tempest's intricate relationship with the many core projects as well as devstack and devstack-gate make it a bit of a beast ;)20:45
jaypipesdavidkranz: as far as interdependencies go...20:45
davidkranzjaypipes: OK, got it.20:45
*** reed has quit IRC20:47
markmcjeblair, I guess you'd be shocked if I was to say "hi james, everything's working great!" :)20:48
markmcjeblair, why do URLs like https://review.openstack.org/10155/ not work any more?20:48
*** sc68cal has quit IRC20:48
*** milner has joined #openstack-dev20:48
jeblairmarkmc: it seems to only dislike the trailing /20:49
markmcjeblair, ahhhrrr!20:49
jeblairmarkmc: to be fair, gerrit only offers a non-training / version of that url as the permalink...  off the top of my head, i don't know if trailing / ever worked...20:49
jeblairmarkmc: it's certainly possible it did, and we somehow broke that with an apache change...20:50
jeblairmarkmc: (or that it was a recent change in gerrit that we didn't notice)20:50
markmcjeblair, looks like I've send a bunch of mail before with the trailing slash20:52
markmcjeblair, so I guess it worked at one stage20:52
* markmc shrugs20:52
markmcjeblair, no big deal, teaches me for manually creating my own permalinks :)20:52
*** s0mik has joined #openstack-dev20:53
*** salgado_ has joined #openstack-dev20:53
*** salgado has quit IRC20:55
*** salgado_ has quit IRC20:56
*** salgado has joined #openstack-dev20:57
*** mokas has quit IRC20:57
*** flaviamissi has joined #openstack-dev21:00
*** dachary has quit IRC21:01
*** zhuadl has joined #openstack-dev21:01
*** dachary has joined #openstack-dev21:01
*** novas0x2a|laptop has quit IRC21:02
*** bencherian has quit IRC21:04
*** asalkeld_ is now known as asalkeld21:04
*** andrewbogott has quit IRC21:05
*** andrewbogott has joined #openstack-dev21:06
*** andrewbogott has joined #openstack-dev21:06
*** novas0x2a|laptop has joined #openstack-dev21:06
*** salgado has quit IRC21:07
*** maurosr has quit IRC21:07
*** dragondm has quit IRC21:08
*** dragondm has joined #openstack-dev21:08
*** pandemicsyn has quit IRC21:09
markmczul, you could really do with explaining why https://review.openstack.org/#/c/10266/ isn't appropriate for stable21:09
*** pandemicsyn has joined #openstack-dev21:09
markmczul, haven't reviewed myself yet, but it "why" would even help me nevermind the author :)21:09
*** chenxu has quit IRC21:09
*** ChanServ sets mode: +v pandemicsyn21:09
*** chenxu has joined #openstack-dev21:10
*** linmin has quit IRC21:10
*** justinsb has quit IRC21:10
*** justinsb has joined #openstack-dev21:10
*** nati_ueno has quit IRC21:10
*** linmin has joined #openstack-dev21:10
*** hazmat has quit IRC21:10
*** nati_ueno has joined #openstack-dev21:10
*** pmyers has quit IRC21:11
*** chmouel has quit IRC21:11
*** sc68cal has joined #openstack-dev21:11
*** pmyers has joined #openstack-dev21:11
*** chmouel has joined #openstack-dev21:12
*** lts has quit IRC21:13
*** blufor has quit IRC21:13
*** blufor has joined #openstack-dev21:13
*** hazmat has joined #openstack-dev21:15
*** hazmat has joined #openstack-dev21:15
*** sc68cal has quit IRC21:15
*** file has joined #openstack-dev21:20
russellbfile: i see you over here, too.21:20
filerussellb, incorrect.21:20
*** lorin1 has quit IRC21:21
*** steveb_ has joined #openstack-dev21:25
zulmarkmc: i did21:25
zulmy second comment in there21:25
markmczul, "please see http://wiki.openstack.org/StableBranch#Appropriate_Fixes" ?21:25
*** flaviamissi has quit IRC21:26
zulmarkmc: yeah it must have been early in the morning when i rejected that21:27
zulmarkmc: yeah but i agree with your comment21:27
markmczul, ok21:27
markmczul, couple more that need looking at - https://review.openstack.org/#/c/10509/ and https://review.openstack.org/#/c/10510/21:28
markmczul, both pretty minor21:28
zulmarkmc: yep will get to them later tonight21:28
markmczul, thanks21:28
markmczul, btw, we're doing nova and keystone 2012.1.2 in case you missed last week's meeting21:29
markmczul, doing 2012.1.2 this week, I mean21:29
zulwhen was the meeting?21:29
markmcweekly openstack meeting21:29
zulok21:29
*** mokas has joined #openstack-dev21:36
*** sandywalsh_ has joined #openstack-dev21:42
*** sandywalsh has quit IRC21:43
*** marktvoelker has quit IRC21:48
*** sandywalsh_ has quit IRC21:49
*** littleidea has quit IRC21:52
*** littleidea has joined #openstack-dev21:52
*** s0mik has quit IRC21:52
*** matwood has joined #openstack-dev21:57
*** matwood has quit IRC21:57
jgriffithzul: Killing me... can't find the problem with this attach http://paste.openstack.org/show/19797/21:59
jgriffithzul: I pulled in some of your rootwrap changes and matched some things up that you had in the nova patch that was missing21:59
jgriffithzul: But no go still... attach call never makes it to the cinder side of things21:59
zuljgriffith:  this is running on precise?22:00
jgriffithzul: Yes22:00
zuljgriffith: any chance i can get acess to this machine?22:00
jgriffithzul: Not directly, but you could grab bcwaldons vagrant script22:00
jgriffithzul: That's what I'm using on this22:01
zuljgriffith: where do i go?22:01
jgriffithzul: did a apt-get update this morning22:01
*** kbringard has quit IRC22:01
*** steveb_ has quit IRC22:01
jgriffithzul: https://github.com/bcwaldon/vagrant_devstack22:02
*** eglynn has quit IRC22:03
jgriffithzul: The docs are geared towards mac, but I'm using precise.  Can look up the history on the ruby config stuff if you need it22:04
zuljgriffith: can you pastebin your cinder vol-logs as well?22:04
jgriffithzul: Sure...22:05
*** andrewsmedina has quit IRC22:05
jgriffithzul: http://paste.openstack.org/show/19798/22:06
*** sacharya has quit IRC22:06
*** dachary has quit IRC22:06
*** dachary has joined #openstack-dev22:07
*** EmilienM has left #openstack-dev22:07
zuljgriffith: what does sudo tgt-admin -s show?22:07
jgriffithzul: nada22:07
zuljgriffith: so thats probably why it cant connect :)22:08
jgriffithzul: :)22:08
zuljgriffith: lemme have a look at this later tonight and ill get back to you22:08
jgriffithzul: sure22:08
zuljgriffith: its technically eod for me22:08
jgriffithzul: got ya22:08
jgriffithzul: Catch me tomorrow and let me know, else I'll go back to tracing through it22:09
zulack22:09
*** markmc is now known as mcaway22:10
*** anniec has quit IRC22:12
*** anniec has joined #openstack-dev22:12
*** steveb_ has joined #openstack-dev22:14
*** andrewsmedina has joined #openstack-dev22:27
*** spiffxp has quit IRC22:30
*** zul has quit IRC22:31
*** datsun180b has quit IRC22:32
*** ExxonValdeez has joined #openstack-dev22:38
*** rods has quit IRC22:48
*** spiffxp has joined #openstack-dev22:48
*** s0mik has joined #openstack-dev22:50
*** anniec_ has joined #openstack-dev22:51
*** anniec has quit IRC22:51
*** anniec_ is now known as anniec22:51
*** e1mer has joined #openstack-dev22:55
*** Shrews has quit IRC22:55
*** zul has joined #openstack-dev22:59
*** zul has quit IRC22:59
*** zul has joined #openstack-dev22:59
*** mokas has quit IRC23:01
*** s0mik has quit IRC23:01
*** zhuadl has quit IRC23:03
*** edygarcia has quit IRC23:05
*** blamar has joined #openstack-dev23:06
*** dolphm has quit IRC23:08
*** dubsquared has quit IRC23:10
*** sacharya has joined #openstack-dev23:10
*** s0mik has joined #openstack-dev23:11
*** asalkeld has quit IRC23:12
*** asalkeld has joined #openstack-dev23:12
*** matiu has quit IRC23:13
*** danwent has quit IRC23:13
*** mokas has joined #openstack-dev23:14
*** s0mik has quit IRC23:15
*** dachary has quit IRC23:17
*** dachary has joined #openstack-dev23:17
*** s0mik has joined #openstack-dev23:18
*** danwent has joined #openstack-dev23:19
*** matwood has joined #openstack-dev23:21
*** Transformer has joined #openstack-dev23:27
*** Transformer has left #openstack-dev23:31
*** sc68cal has joined #openstack-dev23:37
*** nunosantos has quit IRC23:40
*** jakedahn is now known as jakedahn_zz23:44
bcwaldonmtaylor:23:46
mtaylorbcwaldon:23:47
bcwaldonmtaylor: do jenkins pre-approval tests get kicked off for draft reviews?23:47
mtaylorbcwaldon: I do not believe that they do23:47
bcwaldonmtaylor: dang23:47
mtaylorbcwaldon: sorry - their quasi-secret nature would get subverted if they did23:48
bcwaldonmtaylor: I've gotta run, but could you somehow make jenkins tests happen for https://review.openstack.org/#/c/10575/?23:48
bcwaldonor I could just un-draft it?23:48
mtayloryah23:48
mtaylorI can't see it23:48
mtaylorit's sekrit!@23:48
bcwaldonmtaylor: ok, its public23:48
bcwaldonmtaylor: running away now23:48
mikalHow do I run the glance command line client from python-glanceclient?23:52
*** mestery_ is now known as mestery23:54
*** markmcclain has quit IRC23:55
mtaylormikal: installed or uninstalled?23:55
mikalUninstalled, just in the git directory23:56
« Sunday, 2012-07-29 Index Tuesday, 2012-07-31 »

Generated by irclog2html.py 2.14.0 by Marius Gedminas - find it at mg.pov.lt!