*** danwent has joined #openstack-dev | 00:00 | |
*** halj has joined #openstack-dev | 00:02 | |
*** salv-orlando has quit IRC | 00:02 | |
*** salv-orlando_ has joined #openstack-dev | 00:02 | |
*** halj has quit IRC | 00:03 | |
*** gyee has quit IRC | 00:03 | |
*** hartsocks has quit IRC | 00:04 | |
*** dontalton has quit IRC | 00:05 | |
*** bswartz has joined #openstack-dev | 00:05 | |
*** jsindy has quit IRC | 00:05 | |
*** markmcclain has joined #openstack-dev | 00:06 | |
*** timjr has quit IRC | 00:07 | |
*** PaulM has joined #openstack-dev | 00:08 | |
*** jasdeepH has quit IRC | 00:08 | |
*** sudorandom has joined #openstack-dev | 00:08 | |
*** henrynash has quit IRC | 00:13 | |
*** ewindisch has joined #openstack-dev | 00:17 | |
*** markwash has joined #openstack-dev | 00:18 | |
*** jclift has quit IRC | 00:19 | |
*** sarob_ has quit IRC | 00:19 | |
*** sarob has joined #openstack-dev | 00:19 | |
*** jog0 has quit IRC | 00:21 | |
*** reed has quit IRC | 00:22 | |
*** redbeard2 has joined #openstack-dev | 00:22 | |
*** sarob has quit IRC | 00:24 | |
*** markmcclain has quit IRC | 00:25 | |
*** sarob has joined #openstack-dev | 00:29 | |
*** salgado has joined #openstack-dev | 00:31 | |
openstackgerrit | A change was merged to openstack-dev/devstack: Modify RPM lists for RHEL6 https://review.openstack.org/26708 | 00:32 |
---|---|---|
*** raycloud has joined #openstack-dev | 00:33 | |
*** markmcclain has joined #openstack-dev | 00:33 | |
*** bdpayne has quit IRC | 00:35 | |
*** bdpayne has joined #openstack-dev | 00:37 | |
*** hartsocks has joined #openstack-dev | 00:38 | |
*** stevebaker has quit IRC | 00:39 | |
*** plemahieu has quit IRC | 00:40 | |
*** stevebaker has joined #openstack-dev | 00:41 | |
*** danwent has quit IRC | 00:42 | |
*** alunduil has quit IRC | 00:46 | |
*** topol has joined #openstack-dev | 00:47 | |
*** hartsocks has quit IRC | 00:48 | |
*** bdpayne has quit IRC | 00:49 | |
*** sarob has quit IRC | 00:49 | |
*** e1mer has quit IRC | 00:50 | |
*** sarob has joined #openstack-dev | 00:50 | |
*** adjohn has quit IRC | 00:52 | |
*** sarob has quit IRC | 00:54 | |
*** alexxu has joined #openstack-dev | 00:57 | |
*** winston-d has joined #openstack-dev | 00:57 | |
*** CaptTofu has quit IRC | 00:59 | |
*** slong has quit IRC | 01:01 | |
*** anniec has joined #openstack-dev | 01:02 | |
*** anniec has quit IRC | 01:02 | |
*** NobodyCam_ has quit IRC | 01:02 | |
*** anniec has joined #openstack-dev | 01:02 | |
*** lloydde has joined #openstack-dev | 01:03 | |
*** jakedahn has quit IRC | 01:08 | |
*** ewindisch has quit IRC | 01:10 | |
*** NobodyCam has joined #openstack-dev | 01:13 | |
*** epim has quit IRC | 01:14 | |
*** ladquin has quit IRC | 01:15 | |
*** arbrandes has quit IRC | 01:16 | |
*** crandquist has quit IRC | 01:18 | |
*** ewindisch has joined #openstack-dev | 01:18 | |
*** ewindisch has quit IRC | 01:20 | |
*** darjeeling has quit IRC | 01:21 | |
*** jimfehlig has quit IRC | 01:33 | |
*** gongysh has quit IRC | 01:39 | |
*** jasondotstar has joined #openstack-dev | 01:42 | |
*** jakedahn has joined #openstack-dev | 01:45 | |
*** dims has quit IRC | 01:48 | |
*** Ryan_Lane has quit IRC | 01:48 | |
*** bknudson has quit IRC | 01:50 | |
*** PaulM has left #openstack-dev | 01:51 | |
*** pixelbeat has quit IRC | 01:53 | |
*** rcleere has joined #openstack-dev | 01:56 | |
*** stevemar has joined #openstack-dev | 01:56 | |
*** crandquist has joined #openstack-dev | 01:57 | |
*** anteaya has left #openstack-dev | 01:58 | |
*** mgiles has quit IRC | 01:59 | |
*** anniec has quit IRC | 02:02 | |
*** dims has joined #openstack-dev | 02:03 | |
*** matiu has quit IRC | 02:03 | |
*** hartsocks has joined #openstack-dev | 02:03 | |
openstackgerrit | A change was merged to openstack/nova: Allow listing fixed_ips for a given compute host. https://review.openstack.org/25979 | 02:03 |
*** hartsocks has quit IRC | 02:04 | |
*** bing_bu has joined #openstack-dev | 02:04 | |
*** hartsocks has joined #openstack-dev | 02:05 | |
*** yguang has joined #openstack-dev | 02:07 | |
*** matiu has joined #openstack-dev | 02:07 | |
*** ijw has joined #openstack-dev | 02:10 | |
*** gordc has joined #openstack-dev | 02:11 | |
*** yguang is now known as yaguang | 02:14 | |
*** alunduil has joined #openstack-dev | 02:16 | |
*** alunduil has quit IRC | 02:21 | |
*** tzumainn has quit IRC | 02:24 | |
*** galstrom_zzz is now known as galstrom | 02:24 | |
*** brunnhilde is now known as nothung | 02:25 | |
*** jbresnah has quit IRC | 02:25 | |
*** hugokuo has joined #openstack-dev | 02:26 | |
*** hartsocks has quit IRC | 02:27 | |
*** alunduil has joined #openstack-dev | 02:33 | |
openstackgerrit | A change was merged to openstack/swift: Add auth_version to dispersion.conf.5 https://review.openstack.org/27282 | 02:40 |
openstackgerrit | A change was merged to openstack/swift: Fixing /etc/swift.conf-sample to include swift_hash_path_prefix https://review.openstack.org/27273 | 02:40 |
openstackgerrit | A change was merged to openstack/keystone: Allow additional attribute mappings in ldap https://review.openstack.org/25038 | 02:40 |
*** ijw has quit IRC | 02:40 | |
*** ijw has joined #openstack-dev | 02:42 | |
*** zul has joined #openstack-dev | 02:58 | |
*** Mandell has joined #openstack-dev | 03:02 | |
*** WormMan_ is now known as WormMan | 03:02 | |
*** melwitt has quit IRC | 03:02 | |
*** galstrom is now known as galstrom_zzz | 03:06 | |
*** erfanian has quit IRC | 03:09 | |
*** salv-orlando has joined #openstack-dev | 03:12 | |
*** salv-orlando_ has quit IRC | 03:12 | |
*** crandquist has quit IRC | 03:15 | |
*** redbeard2 has quit IRC | 03:16 | |
*** topol has quit IRC | 03:17 | |
*** Mandell has quit IRC | 03:22 | |
*** Ryan_Lane has joined #openstack-dev | 03:22 | |
openstackgerrit | A change was merged to openstack/quantum: Create veth peer in namespace. https://review.openstack.org/27395 | 03:27 |
*** jrclouda has joined #openstack-dev | 03:28 | |
*** dims has quit IRC | 03:32 | |
*** koolhead17 has quit IRC | 03:33 | |
*** jsindy has joined #openstack-dev | 03:34 | |
*** jrclouda is now known as zackf | 03:36 | |
*** rmohan has quit IRC | 03:37 | |
*** rmohan has joined #openstack-dev | 03:37 | |
*** darjeeling has joined #openstack-dev | 03:37 | |
*** darjeeling has quit IRC | 03:38 | |
*** nothung has quit IRC | 03:40 | |
*** Mandell has joined #openstack-dev | 03:42 | |
*** asalkeld has quit IRC | 03:46 | |
*** rmohan has quit IRC | 03:48 | |
*** rmohan has joined #openstack-dev | 03:49 | |
*** salv-orlando_ has joined #openstack-dev | 03:50 | |
*** salv-orlando has quit IRC | 03:50 | |
*** salv-orlando_ is now known as salv-orlando | 03:50 | |
*** nothung has joined #openstack-dev | 03:54 | |
*** nothung is now known as brunnhilde | 03:54 | |
*** novas0x2a|laptop has quit IRC | 03:56 | |
*** johnthetubaguy has joined #openstack-dev | 03:57 | |
*** martine has joined #openstack-dev | 03:58 | |
*** koolhead17 has joined #openstack-dev | 04:08 | |
*** rushiagr has joined #openstack-dev | 04:09 | |
*** asalkeld has joined #openstack-dev | 04:10 | |
*** lloydde has quit IRC | 04:10 | |
openstackgerrit | A change was merged to openstack/quantum: Imported Translations from Transifex https://review.openstack.org/27530 | 04:13 |
*** kenperkins has quit IRC | 04:15 | |
*** oubiwann has quit IRC | 04:17 | |
*** yaguang has quit IRC | 04:21 | |
*** oubiwann has joined #openstack-dev | 04:23 | |
*** markmcclain has quit IRC | 04:24 | |
*** dguitarbite has joined #openstack-dev | 04:26 | |
*** sride has joined #openstack-dev | 04:28 | |
*** shang has quit IRC | 04:28 | |
*** sride has quit IRC | 04:30 | |
*** sride has joined #openstack-dev | 04:30 | |
*** dguitarbite has joined #openstack-dev | 04:32 | |
*** jasdeepH has joined #openstack-dev | 04:32 | |
*** PaulM has joined #openstack-dev | 04:33 | |
*** dguitarbite has quit IRC | 04:33 | |
*** nunosantos_ has quit IRC | 04:33 | |
*** dguitarbite has joined #openstack-dev | 04:33 | |
*** nunosantos has quit IRC | 04:34 | |
*** dguitarbite has quit IRC | 04:34 | |
*** CaptTofu has joined #openstack-dev | 04:35 | |
openstackgerrit | A change was merged to openstack/quantum: Simplify delete_health_monitor() using cascades https://review.openstack.org/26959 | 04:35 |
*** koolhead17 has quit IRC | 04:35 | |
*** xchu has joined #openstack-dev | 04:37 | |
*** sride has quit IRC | 04:43 | |
*** sride has joined #openstack-dev | 04:44 | |
*** jsindy is now known as monst_ | 04:46 | |
*** dguitarbite has joined #openstack-dev | 04:48 | |
*** dguitarbite has joined #openstack-dev | 04:50 | |
*** monst_ has quit IRC | 04:51 | |
*** dguitarbite has quit IRC | 04:51 | |
*** dguitarbite has joined #openstack-dev | 04:52 | |
*** yguang has joined #openstack-dev | 04:53 | |
*** CaptTofu has quit IRC | 04:55 | |
openstackgerrit | A change was merged to openstack/nova: Imported Translations from Transifex https://review.openstack.org/27454 | 04:56 |
*** stevemar has quit IRC | 04:57 | |
*** dguitarbite has quit IRC | 04:58 | |
*** dguitarbite has joined #openstack-dev | 04:59 | |
*** navid_ has joined #openstack-dev | 05:00 | |
*** dguitarbite has quit IRC | 05:00 | |
*** johnthetubaguy has quit IRC | 05:07 | |
*** sacharya has quit IRC | 05:13 | |
*** lloydde has joined #openstack-dev | 05:16 | |
*** lloydde has quit IRC | 05:16 | |
*** lloydde has joined #openstack-dev | 05:16 | |
*** matiu has quit IRC | 05:17 | |
*** blamar has quit IRC | 05:21 | |
*** monst_ has joined #openstack-dev | 05:21 | |
*** rmk has quit IRC | 05:21 | |
*** PaulM has left #openstack-dev | 05:23 | |
*** monst_ has quit IRC | 05:25 | |
*** vartom119 has joined #openstack-dev | 05:26 | |
*** SergeyLukjanov has joined #openstack-dev | 05:27 | |
*** rmk has joined #openstack-dev | 05:27 | |
*** alexxu has quit IRC | 05:31 | |
*** rmohan has quit IRC | 05:34 | |
*** darjeeling has joined #openstack-dev | 05:34 | |
*** rmohan has joined #openstack-dev | 05:34 | |
*** kaushikc1 has joined #openstack-dev | 05:37 | |
*** martine has quit IRC | 05:37 | |
*** gongysh has joined #openstack-dev | 05:39 | |
*** salv-orlando_ has joined #openstack-dev | 05:44 | |
*** salv-orlando has quit IRC | 05:44 | |
*** salv-orlando_ is now known as salv-orlando | 05:44 | |
*** yguang is now known as yaguang | 05:46 | |
*** sudorandom has quit IRC | 05:46 | |
openstackgerrit | A change was merged to openstack/quantum: Update latest OSLO code https://review.openstack.org/27208 | 05:47 |
*** yaguang has quit IRC | 05:47 | |
*** egallen has joined #openstack-dev | 05:49 | |
*** monst_ has joined #openstack-dev | 05:51 | |
*** jbresnah has joined #openstack-dev | 05:54 | |
*** egallen has quit IRC | 05:56 | |
*** kaushikc1 has quit IRC | 05:58 | |
*** monst_ has quit IRC | 05:59 | |
*** amerine has quit IRC | 06:00 | |
*** Mandell has quit IRC | 06:03 | |
*** zackf has quit IRC | 06:05 | |
*** vartom119 has quit IRC | 06:06 | |
*** yguang has joined #openstack-dev | 06:06 | |
*** jasdeepH has quit IRC | 06:07 | |
*** timello has quit IRC | 06:07 | |
*** gongysh has quit IRC | 06:07 | |
*** amerine has joined #openstack-dev | 06:08 | |
*** lloydde has quit IRC | 06:11 | |
*** brunnhilde has quit IRC | 06:13 | |
*** mindpixel has joined #openstack-dev | 06:17 | |
*** almaisan-away has quit IRC | 06:17 | |
*** vartom119 has joined #openstack-dev | 06:23 | |
*** mrunge has joined #openstack-dev | 06:27 | |
*** jbresnah has quit IRC | 06:31 | |
*** Mandell has joined #openstack-dev | 06:31 | |
*** shang has joined #openstack-dev | 06:33 | |
*** shang has quit IRC | 06:33 | |
*** shang has joined #openstack-dev | 06:34 | |
*** aloga has joined #openstack-dev | 06:36 | |
*** henrynash has joined #openstack-dev | 06:39 | |
*** gongysh has joined #openstack-dev | 06:40 | |
*** henrynash has quit IRC | 06:41 | |
*** lloydde has joined #openstack-dev | 06:42 | |
*** jtomasek has joined #openstack-dev | 06:42 | |
*** giroro_ has quit IRC | 06:45 | |
*** brunnhilde has joined #openstack-dev | 06:45 | |
*** Ruetobas has joined #openstack-dev | 06:46 | |
*** al-maisan has joined #openstack-dev | 06:46 | |
*** lloydde has quit IRC | 06:46 | |
*** egallen has joined #openstack-dev | 06:47 | |
*** amerine has quit IRC | 06:50 | |
*** Ruetobas has quit IRC | 06:50 | |
*** flaper87 has joined #openstack-dev | 06:50 | |
*** Ruetobas has joined #openstack-dev | 06:50 | |
*** monst_ has joined #openstack-dev | 06:52 | |
*** amerine has joined #openstack-dev | 06:53 | |
*** Ruetobas has quit IRC | 06:55 | |
*** Ruetobas has joined #openstack-dev | 06:56 | |
*** monst_ has quit IRC | 06:56 | |
*** brunnhilde has quit IRC | 06:57 | |
*** shang_ has joined #openstack-dev | 06:57 | |
*** reidrac has joined #openstack-dev | 06:57 | |
*** vartom119 has quit IRC | 06:58 | |
*** shang has quit IRC | 06:58 | |
*** Ryan_Lane has quit IRC | 06:59 | |
*** zaitcev has quit IRC | 07:01 | |
*** ianw has quit IRC | 07:01 | |
*** mmagr has joined #openstack-dev | 07:02 | |
*** jasdeepH has joined #openstack-dev | 07:05 | |
*** jasdeepH has quit IRC | 07:09 | |
*** ianw has joined #openstack-dev | 07:09 | |
*** davidha has quit IRC | 07:15 | |
*** rmohan has quit IRC | 07:15 | |
*** SergeyLukjanov has quit IRC | 07:15 | |
*** davidha has joined #openstack-dev | 07:15 | |
*** davidha is now known as davidhadas | 07:15 | |
*** rmohan has joined #openstack-dev | 07:16 | |
*** CaptTofu has joined #openstack-dev | 07:16 | |
*** xga has joined #openstack-dev | 07:17 | |
*** amerine has quit IRC | 07:24 | |
*** fbo_ has joined #openstack-dev | 07:26 | |
*** al-maisan has quit IRC | 07:26 | |
*** al-maisan has joined #openstack-dev | 07:27 | |
*** psedlak has joined #openstack-dev | 07:28 | |
*** jgallard has joined #openstack-dev | 07:30 | |
*** kaushikc has joined #openstack-dev | 07:34 | |
*** amerine has joined #openstack-dev | 07:36 | |
*** alexisT has joined #openstack-dev | 07:37 | |
*** mrunge has quit IRC | 07:39 | |
*** CaptTofu has quit IRC | 07:41 | |
*** CaptTofu has joined #openstack-dev | 07:41 | |
*** lloydde has joined #openstack-dev | 07:42 | |
*** afazekas has joined #openstack-dev | 07:43 | |
*** romcheg has joined #openstack-dev | 07:43 | |
*** mindpixel has quit IRC | 07:45 | |
*** romcheg has left #openstack-dev | 07:46 | |
*** lloydde has quit IRC | 07:47 | |
*** al-maisan has quit IRC | 07:48 | |
*** al-maisan has joined #openstack-dev | 07:48 | |
*** cod3r has joined #openstack-dev | 07:48 | |
*** monst_ has joined #openstack-dev | 07:52 | |
*** Yada has joined #openstack-dev | 07:53 | |
*** xga_ has joined #openstack-dev | 07:54 | |
*** zoresvit has joined #openstack-dev | 07:55 | |
*** jakedahn has quit IRC | 07:55 | |
*** vartom119 has joined #openstack-dev | 07:55 | |
*** mindpixel has joined #openstack-dev | 07:56 | |
*** monst_ has quit IRC | 07:56 | |
*** xga has quit IRC | 07:57 | |
*** kaushikc has quit IRC | 07:59 | |
*** SergeyLukjanov has joined #openstack-dev | 08:00 | |
*** ijw has quit IRC | 08:05 | |
*** al-maisan is now known as almaisan-away | 08:08 | |
*** mkerrin has joined #openstack-dev | 08:08 | |
*** almaisan-away has quit IRC | 08:08 | |
*** fbo_ has quit IRC | 08:10 | |
*** fbo has joined #openstack-dev | 08:11 | |
*** gongysh has quit IRC | 08:11 | |
*** lucasagomes has joined #openstack-dev | 08:11 | |
*** almaisan-away has joined #openstack-dev | 08:13 | |
*** bing_bu has quit IRC | 08:14 | |
*** marun has quit IRC | 08:14 | |
*** CaptTofu has quit IRC | 08:14 | |
*** danpb has joined #openstack-dev | 08:16 | |
flaper87 | Does the license need to be added to empty files as well? | 08:17 |
*** bing_bu has joined #openstack-dev | 08:18 | |
*** almaisan-away is now known as al-maisan | 08:18 | |
*** giroro_ has joined #openstack-dev | 08:19 | |
*** aloga has quit IRC | 08:19 | |
*** Ruetobas has quit IRC | 08:19 | |
*** al-maisan has quit IRC | 08:20 | |
*** al-maisan has joined #openstack-dev | 08:20 | |
*** Ruetobas has joined #openstack-dev | 08:20 | |
*** yolanda has quit IRC | 08:23 | |
*** gongysh has joined #openstack-dev | 08:24 | |
*** giroro_ has quit IRC | 08:24 | |
*** al-maisan has quit IRC | 08:24 | |
*** yolanda has joined #openstack-dev | 08:25 | |
*** al-maisan has joined #openstack-dev | 08:25 | |
*** mmagr has quit IRC | 08:30 | |
*** romcheg has joined #openstack-dev | 08:31 | |
*** mmagr has joined #openstack-dev | 08:31 | |
*** derekh has joined #openstack-dev | 08:31 | |
*** romcheg has left #openstack-dev | 08:31 | |
*** jgallard has quit IRC | 08:33 | |
*** jgallard has joined #openstack-dev | 08:33 | |
*** iartarisi has joined #openstack-dev | 08:34 | |
*** henrynash has joined #openstack-dev | 08:35 | |
*** jpich has joined #openstack-dev | 08:35 | |
*** eglynn has joined #openstack-dev | 08:39 | |
*** Mandell has quit IRC | 08:42 | |
*** lloydde has joined #openstack-dev | 08:43 | |
*** xga_ has quit IRC | 08:46 | |
*** darraghb has joined #openstack-dev | 08:47 | |
*** lloydde has quit IRC | 08:47 | |
*** monst_ has joined #openstack-dev | 08:53 | |
*** afazekas_ has joined #openstack-dev | 08:56 | |
*** monst_ has quit IRC | 08:57 | |
*** souvik has joined #openstack-dev | 09:00 | |
*** winston-d has quit IRC | 09:05 | |
*** andrea_ has quit IRC | 09:05 | |
*** xga has joined #openstack-dev | 09:09 | |
*** souvik_ has joined #openstack-dev | 09:09 | |
*** souvik has quit IRC | 09:10 | |
*** souvik_ is now known as souvik | 09:10 | |
*** jgallard has quit IRC | 09:15 | |
*** jgallard has joined #openstack-dev | 09:16 | |
*** athomas has joined #openstack-dev | 09:19 | |
*** edehde has joined #openstack-dev | 09:24 | |
*** gongysh has quit IRC | 09:26 | |
*** yamahata_ has joined #openstack-dev | 09:30 | |
openstackgerrit | A change was merged to openstack/oslo-incubator: oslo logging tries to run chmod on file https://review.openstack.org/27419 | 09:32 |
*** rushiagr has quit IRC | 09:33 | |
*** SergeyLukjanov has quit IRC | 09:33 | |
*** vartom119 has quit IRC | 09:35 | |
*** SergeyLukjanov has joined #openstack-dev | 09:35 | |
*** vartom119 has joined #openstack-dev | 09:36 | |
*** darjeeling has quit IRC | 09:38 | |
*** vartom1110 has joined #openstack-dev | 09:42 | |
*** vartom119 has quit IRC | 09:42 | |
*** lloydde has joined #openstack-dev | 09:43 | |
*** lloydde has quit IRC | 09:48 | |
*** monst_ has joined #openstack-dev | 09:53 | |
*** nati_ueno has joined #openstack-dev | 09:53 | |
*** corXi has joined #openstack-dev | 09:54 | |
*** monst_ has quit IRC | 09:58 | |
*** egallen has quit IRC | 09:59 | |
*** pixelbeat has joined #openstack-dev | 10:00 | |
*** nijaba has quit IRC | 10:09 | |
*** nijaba has joined #openstack-dev | 10:11 | |
*** nijaba has joined #openstack-dev | 10:11 | |
*** xga has quit IRC | 10:11 | |
*** djangobot has joined #openstack-dev | 10:11 | |
djangobot | HI EVERYONE | 10:11 |
djangobot | IS ANYBODY HERE COULD HELP ME ABOUT INSTALLING NOVA BILLING? | 10:12 |
djangobot | IS ANYBODY HERE COULD HELP ME ABOUT INSTALLING NOVA BILLING? | 10:12 |
*** xchu has quit IRC | 10:13 | |
*** nati_ueno has quit IRC | 10:19 | |
*** shang_ has quit IRC | 10:23 | |
*** pcm_ has joined #openstack-dev | 10:24 | |
*** pcm_ has joined #openstack-dev | 10:25 | |
*** souvik_ has joined #openstack-dev | 10:28 | |
*** souvik has quit IRC | 10:28 | |
*** souvik_ is now known as souvik | 10:28 | |
ekarlso | djangobot: is nova-billing not outdated ? | 10:34 |
djangobot | no | 10:34 |
ekarlso | it's 1 year old djangobot | 10:34 |
djangobot | is just the yum install nova-billing either the rpmbuilding to install does not work | 10:35 |
djangobot | i am even the rpmbuild install does not work | 10:35 |
djangobot | i have also tried the new one | 10:35 |
ekarlso | new one ? | 10:35 |
*** mrunge has joined #openstack-dev | 10:35 | |
djangobot | https://github.com/altai/nova-billing | 10:35 |
*** wiliam_ has quit IRC | 10:36 | |
*** salv-orlando has quit IRC | 10:38 | |
*** zb has joined #openstack-dev | 10:40 | |
ekarlso | djangobot: not to brag but: www.github.com/billingstack < WIP | 10:41 |
*** zaneb has quit IRC | 10:43 | |
*** lloydde has joined #openstack-dev | 10:44 | |
djangobot | thanks ekarlso i will try that' | 10:44 |
ekarlso | djangobot: it's not prod ready yet | 10:45 |
djangobot | i have tried billingstack last day | 10:45 |
ekarlso | ok ? | 10:46 |
djangobot | i think it wasn't ready for openstack yet | 10:46 |
ekarlso | it is not "ready" no | 10:46 |
ekarlso | but it will bring lots of functionality once done | 10:46 |
*** bing_bu has quit IRC | 10:46 | |
djangobot | am i able to integrate in to openstack? | 10:46 |
*** zb is now known as zaneb | 10:47 | |
*** rnirmal has joined #openstack-dev | 10:47 | |
ekarlso | djangobot: it will be yes | 10:47 |
djangobot | ok let me review it then | 10:48 |
*** lloydde has quit IRC | 10:48 | |
*** anteaya has joined #openstack-dev | 10:52 | |
*** djangobot has quit IRC | 10:53 | |
*** egallen has joined #openstack-dev | 10:53 | |
*** monst_ has joined #openstack-dev | 10:54 | |
*** vkmc has joined #openstack-dev | 10:56 | |
*** vkmc has quit IRC | 10:56 | |
*** vkmc has joined #openstack-dev | 10:56 | |
*** aloga has joined #openstack-dev | 10:59 | |
*** monst_ has quit IRC | 10:59 | |
*** zb has joined #openstack-dev | 10:59 | |
*** salv-orlando has joined #openstack-dev | 10:59 | |
*** zaneb has quit IRC | 11:01 | |
*** SergeyLukjanov has quit IRC | 11:02 | |
openstackgerrit | A change was merged to openstack/oslo-incubator: Proposing Flavio Percoco as maintainer for strutils.py https://review.openstack.org/27502 | 11:07 |
*** SergeyLukjanov has joined #openstack-dev | 11:07 | |
*** zbitter has joined #openstack-dev | 11:13 | |
*** zb has quit IRC | 11:16 | |
*** slagle has quit IRC | 11:18 | |
*** zbitter has quit IRC | 11:18 | |
*** xga has joined #openstack-dev | 11:21 | |
*** zz_sirushti is now known as sirushti | 11:22 | |
*** navid_ has quit IRC | 11:37 | |
*** dims has joined #openstack-dev | 11:37 | |
*** tzumainn has joined #openstack-dev | 11:38 | |
*** aswadrangnekar has joined #openstack-dev | 11:41 | |
*** lloydde has joined #openstack-dev | 11:44 | |
*** jasondotstar has quit IRC | 11:49 | |
*** lloydde has quit IRC | 11:50 | |
*** nijaba has quit IRC | 11:51 | |
*** nijaba has joined #openstack-dev | 11:52 | |
*** nijaba has joined #openstack-dev | 11:52 | |
*** monst_ has joined #openstack-dev | 11:54 | |
*** abhishekkr has joined #openstack-dev | 11:55 | |
*** mkollaro has joined #openstack-dev | 11:55 | |
*** jruzicka has joined #openstack-dev | 11:55 | |
*** baba has joined #openstack-dev | 11:56 | |
*** cod3r has quit IRC | 11:56 | |
*** monst_ has quit IRC | 11:58 | |
*** eglynn is now known as hungry-eglynn | 12:07 | |
*** yguang has quit IRC | 12:08 | |
*** jgallard has quit IRC | 12:10 | |
*** jgallard has joined #openstack-dev | 12:10 | |
*** beagles has joined #openstack-dev | 12:14 | |
*** giulivo has quit IRC | 12:21 | |
*** giulivo has joined #openstack-dev | 12:24 | |
*** morazi has quit IRC | 12:26 | |
*** dims has quit IRC | 12:27 | |
*** dims has joined #openstack-dev | 12:29 | |
*** troytoman-away is now known as troytoman | 12:33 | |
*** martine has joined #openstack-dev | 12:33 | |
openstackgerrit | A change was merged to openstack/nova: Wrong proxy port in nova.conf for Spice proxy https://review.openstack.org/27524 | 12:38 |
openstackgerrit | A change was merged to openstack-dev/devstack: fix support for VMware vCenter Driver https://review.openstack.org/27440 | 12:38 |
*** salv-orlando has quit IRC | 12:38 | |
openstackgerrit | A change was merged to openstack/tempest: Clean up servers created in test_multiple_create.py https://review.openstack.org/27315 | 12:38 |
*** salv-orlando has joined #openstack-dev | 12:39 | |
*** martitia_ has quit IRC | 12:41 | |
*** alunduil has quit IRC | 12:42 | |
*** lloydde has joined #openstack-dev | 12:45 | |
openstackgerrit | A change was merged to openstack/tempest: Missing image-del func in test_create_delete_image https://review.openstack.org/27438 | 12:48 |
*** lloydde has quit IRC | 12:49 | |
*** adalbas has joined #openstack-dev | 12:50 | |
*** dprince has joined #openstack-dev | 12:52 | |
*** beagles is now known as seagulls | 12:53 | |
*** martine has quit IRC | 12:54 | |
*** monst_ has joined #openstack-dev | 12:55 | |
*** hungry-eglynn is now known as \eglynn | 12:56 | |
*** \eglynn is now known as eglynn | 12:56 | |
*** bknudson has joined #openstack-dev | 12:56 | |
*** xga_ has joined #openstack-dev | 12:57 | |
*** monst_ has quit IRC | 12:59 | |
*** jgallard has quit IRC | 12:59 | |
*** jgallard has joined #openstack-dev | 13:00 | |
*** zaneb has joined #openstack-dev | 13:02 | |
*** markmc has joined #openstack-dev | 13:02 | |
*** edehde has quit IRC | 13:03 | |
*** rushiagr has joined #openstack-dev | 13:06 | |
*** jprovazn has joined #openstack-dev | 13:08 | |
*** kbringard has joined #openstack-dev | 13:10 | |
*** zb has joined #openstack-dev | 13:12 | |
*** zaneb has quit IRC | 13:15 | |
*** eharney has joined #openstack-dev | 13:16 | |
*** pmyers has quit IRC | 13:16 | |
*** souvik has quit IRC | 13:17 | |
*** slagle has joined #openstack-dev | 13:17 | |
*** edehde has joined #openstack-dev | 13:18 | |
*** edehde has quit IRC | 13:18 | |
*** pmyers has joined #openstack-dev | 13:18 | |
*** jayg|g0n3 is now known as jayg | 13:18 | |
*** otherwiseguy has quit IRC | 13:20 | |
*** primeministerp has quit IRC | 13:22 | |
*** riskable has quit IRC | 13:22 | |
*** boris-42 has joined #openstack-dev | 13:22 | |
*** primeministerp has joined #openstack-dev | 13:23 | |
*** vartom1110 has quit IRC | 13:24 | |
*** bmclaughlin has joined #openstack-dev | 13:27 | |
*** sandywalsh has quit IRC | 13:27 | |
*** brunnhilde has joined #openstack-dev | 13:28 | |
*** aelkikhia has joined #openstack-dev | 13:29 | |
*** breed has quit IRC | 13:29 | |
*** raycloud has quit IRC | 13:33 | |
*** mindpixel has quit IRC | 13:33 | |
*** raycloud has joined #openstack-dev | 13:36 | |
*** souvik has joined #openstack-dev | 13:37 | |
*** souvik has left #openstack-dev | 13:37 | |
*** rnirmal has quit IRC | 13:38 | |
*** woodspa has joined #openstack-dev | 13:38 | |
*** rnirmal has joined #openstack-dev | 13:39 | |
*** rushiagr has left #openstack-dev | 13:39 | |
*** aswadrangnekar has left #openstack-dev | 13:39 | |
*** enikanorov_ has joined #openstack-dev | 13:39 | |
*** hartsocks has joined #openstack-dev | 13:40 | |
*** hartsocks has quit IRC | 13:40 | |
*** sride has quit IRC | 13:40 | |
*** sandywalsh has joined #openstack-dev | 13:40 | |
*** cloudchimp has joined #openstack-dev | 13:40 | |
mordred | markmc: could I trouble you for a review on: https://review.openstack.org/#/c/26969/ ? | 13:41 |
*** dhellmann-away is now known as dhellmann | 13:41 | |
*** enikanorov has quit IRC | 13:41 | |
*** morazi has joined #openstack-dev | 13:42 | |
*** jclift_ has joined #openstack-dev | 13:44 | |
*** baba is now known as megha | 13:45 | |
*** lloydde has joined #openstack-dev | 13:45 | |
*** jclift_ has quit IRC | 13:46 | |
*** jclift has joined #openstack-dev | 13:46 | |
*** lloydde has quit IRC | 13:50 | |
*** redbeard2 has joined #openstack-dev | 13:50 | |
*** nunosantos has joined #openstack-dev | 13:51 | |
*** nunosantos_ has joined #openstack-dev | 13:51 | |
*** salv-orlando_ has joined #openstack-dev | 13:53 | |
*** salv-orlando has quit IRC | 13:53 | |
*** salv-orlando_ is now known as salv-orlando | 13:53 | |
*** monst_ has joined #openstack-dev | 13:55 | |
*** rcleere has quit IRC | 13:56 | |
*** monst_ has quit IRC | 13:58 | |
*** monst_ has joined #openstack-dev | 13:58 | |
*** jasondotstar has joined #openstack-dev | 13:58 | |
*** stevemar has joined #openstack-dev | 14:00 | |
*** derekh has quit IRC | 14:00 | |
*** zb has quit IRC | 14:00 | |
*** derekh has joined #openstack-dev | 14:01 | |
*** monst_ has quit IRC | 14:02 | |
*** wiliam_ has joined #openstack-dev | 14:03 | |
*** mrodden has joined #openstack-dev | 14:05 | |
*** mrunge has quit IRC | 14:05 | |
*** yidclare has joined #openstack-dev | 14:06 | |
*** topol has joined #openstack-dev | 14:07 | |
*** lorin1 has joined #openstack-dev | 14:08 | |
*** jrclouda has joined #openstack-dev | 14:12 | |
*** monst_ has joined #openstack-dev | 14:12 | |
*** rahmu has joined #openstack-dev | 14:13 | |
*** zb has joined #openstack-dev | 14:13 | |
vkmc | hey all! I'm having some trouble with last DevStack version in a Ubuntu 12.04 environment, do you know a workaround for this? http://paste.openstack.org/show/36631/ | 14:18 |
*** sudorandom has joined #openstack-dev | 14:18 | |
*** al-maisan has quit IRC | 14:19 | |
*** mrunge has joined #openstack-dev | 14:20 | |
*** markwash has quit IRC | 14:22 | |
*** rcleere has joined #openstack-dev | 14:23 | |
*** wiliam_ has quit IRC | 14:23 | |
*** Tankado has joined #openstack-dev | 14:24 | |
*** wiliam_ has joined #openstack-dev | 14:24 | |
*** al-maisan has joined #openstack-dev | 14:25 | |
*** jrclouda is now known as zackf | 14:25 | |
*** xga__ has joined #openstack-dev | 14:26 | |
*** andrew_plunk has joined #openstack-dev | 14:27 | |
*** xga has quit IRC | 14:28 | |
*** kenperkins has joined #openstack-dev | 14:28 | |
*** xga has joined #openstack-dev | 14:28 | |
*** xga_ has quit IRC | 14:28 | |
topol | dtroyer, so I figured out what was causing my devstack hell. devstack upgraded me to ubuntu 12.04 (precise) which on my machine now installs qpid and puts it in the startup script. qpid grabs the same port that rabbitmq wants and so my devstack was always failing to start rabbit. I would expect as folks upgrade they will run into this and it was annoying to debug. Is there a good place... | 14:30 |
topol | ...we can documents this? Perhaps add a message to check for this should rabbit fail to start ? | 14:30 |
*** cloudchimp has quit IRC | 14:31 | |
topol | vkmc, I think I hit the same issue. I think what fixed it was I blew my previous devstack away and did a git clone and then restarted my vm. you may also want to try running clean.sh I think a combination of those got me past that. | 14:31 |
vkmc | topol, I will try that, thanks :) | 14:32 |
*** portante|ltp has joined #openstack-dev | 14:32 | |
*** jprovazn has quit IRC | 14:33 | |
*** Tankado has left #openstack-dev | 14:34 | |
*** jimfehlig has joined #openstack-dev | 14:34 | |
*** FunnyLookinHat has joined #openstack-dev | 14:34 | |
dtroyer | topol: were you not on precise before? all devstack ever does wrt package upgrades os an 'apt-get update' and then 'apt-get install ' on the list of dependencies. | 14:34 |
*** wiliam_ has quit IRC | 14:35 | |
*** dripton has quit IRC | 14:35 | |
*** wiliam_ has joined #openstack-dev | 14:36 | |
*** corXi has quit IRC | 14:36 | |
*** pabelanger has joined #openstack-dev | 14:37 | |
topol | dtroyer, for some reason on my vm running devstack will cause a kernel update. I know this because when it happens on virtual box my guest additions get wiped out when the kernel update is applied and I have to reapply them. This kernel update seems to happen when I start devstack. I don't understand the voodoo that causes this relationship. But in anycase after getting upgraded to 12.04... | 14:38 |
topol | ...precise qpid was now being started and grabbing the port bugs bunny wanted | 14:38 |
*** dripton has joined #openstack-dev | 14:39 | |
dtroyer | ugh…I have to go out of my way to do kernel upgrades, even the usual 'apt-get upgrade' doesn't do it. | 14:40 |
dtroyer | what release did you start with? | 14:40 |
*** corXi has joined #openstack-dev | 14:40 | |
*** breed has joined #openstack-dev | 14:42 | |
*** sacharya has joined #openstack-dev | 14:42 | |
*** datsun180b has joined #openstack-dev | 14:42 | |
*** garyTh has joined #openstack-dev | 14:43 | |
topol | dtroyer, don't remember but I have been upgraded about 10 times. It was a 12.x | 14:44 |
*** jvrbanac has joined #openstack-dev | 14:45 | |
*** lloydde has joined #openstack-dev | 14:46 | |
*** otherwiseguy has joined #openstack-dev | 14:48 | |
*** sacharya has quit IRC | 14:48 | |
*** wiliam_ has quit IRC | 14:50 | |
*** lloydde has quit IRC | 14:51 | |
*** wiliam_ has joined #openstack-dev | 14:51 | |
*** monst_ has quit IRC | 14:51 | |
*** johnthetubaguy has joined #openstack-dev | 14:52 | |
*** yaguang has joined #openstack-dev | 14:53 | |
*** kreddy has joined #openstack-dev | 14:54 | |
*** xga_ has joined #openstack-dev | 14:55 | |
*** abhishekkr has quit IRC | 14:55 | |
*** katylava has joined #openstack-dev | 14:55 | |
*** litong01 has joined #openstack-dev | 14:56 | |
*** jcoufal has joined #openstack-dev | 14:57 | |
*** alunduil has joined #openstack-dev | 14:57 | |
*** david-lyle has joined #openstack-dev | 14:58 | |
*** xga__ has quit IRC | 14:59 | |
*** koolhead17 has joined #openstack-dev | 14:59 | |
*** xga has quit IRC | 14:59 | |
*** aeperezt has joined #openstack-dev | 15:00 | |
*** mrunge has quit IRC | 15:00 | |
*** reidrac has quit IRC | 15:01 | |
*** xga has joined #openstack-dev | 15:01 | |
*** xga__ has joined #openstack-dev | 15:01 | |
*** xga_ has quit IRC | 15:01 | |
*** wiliam_ has quit IRC | 15:01 | |
*** wiliam_ has joined #openstack-dev | 15:03 | |
*** mrodden has quit IRC | 15:03 | |
*** crandquist has joined #openstack-dev | 15:09 | |
*** wiliam_ has quit IRC | 15:10 | |
*** wiliam_ has joined #openstack-dev | 15:12 | |
*** SergeyLukjanov has quit IRC | 15:13 | |
*** terryh has joined #openstack-dev | 15:13 | |
*** cloudchimp has joined #openstack-dev | 15:14 | |
*** monst_ has joined #openstack-dev | 15:15 | |
cloudchimp | All, I am looking for the developer(s) working on the Hyper-V compute node development. Could someone send me a contact? | 15:15 |
*** dansmith is now known as Steely_Dan | 15:15 | |
*** sarob has joined #openstack-dev | 15:16 | |
*** SergeyLukjanov has joined #openstack-dev | 15:16 | |
*** markmcclain has joined #openstack-dev | 15:17 | |
*** mrodden has joined #openstack-dev | 15:18 | |
*** zaitcev has joined #openstack-dev | 15:18 | |
ayoung | jd__, care to explain https://review.openstack.org/#/c/20231/4 to me? | 15:20 |
*** sarob has quit IRC | 15:20 | |
jd__ | ayoung: in general or a point specifically? | 15:20 |
*** sarob has joined #openstack-dev | 15:21 | |
ayoung | jd__, in general...what are you trying to acheive? Is this just a case of removing code duplication, or is there some other side effect? | 15:21 |
jd__ | ayoung: no side effect, just code cleanup indeed | 15:22 |
*** hemna has quit IRC | 15:22 | |
ayoung | jd__, why the "management" change in https://review.openstack.org/#/c/20231/4/keystoneclient/base.py | 15:22 |
jd__ | ayoung: that's why I didn't had to even change the tests actually :) | 15:22 |
jd__ | ayoung: let me check, it was 3 months ago… :) | 15:23 |
*** slagle has quit IRC | 15:23 | |
*** bdpayne has joined #openstack-dev | 15:24 | |
*** monst__ has joined #openstack-dev | 15:24 | |
jd__ | ayoung: IIRC that's because you don't have to use the management URL to create a token as https://review.openstack.org/#/c/20231/4/keystoneclient/v2_0/client.py did correctly | 15:25 |
*** alunduil has quit IRC | 15:25 | |
*** garyk has quit IRC | 15:25 | |
ayoung | jd__, that is right...the create token call is available from both 5000 and 35357 | 15:26 |
*** mmagr has quit IRC | 15:26 | |
ayoung | we were forcing to 35357? | 15:26 |
openstackgerrit | A change was merged to openstack/cinder: Encode username and password in config file https://review.openstack.org/27093 | 15:26 |
jd__ | ayoung: in some code path, yes | 15:27 |
ayoung | So this looks more correct as well. | 15:27 |
ayoung | jd__, did you look at the origianl comits? Is there any explanation for what is obviously more difficult code to write? | 15:28 |
*** monst_ has quit IRC | 15:28 | |
*** pberis has joined #openstack-dev | 15:28 | |
ayoung | let me git blame... | 15:29 |
jd__ | ayoung: I did use git blame at the time, but I don't recall what I concluded -- but that brought me to this patch :-) | 15:29 |
*** rerngvit_ has joined #openstack-dev | 15:29 | |
jd__ | ayoung: and I'm pretty confident of this considering I didn't change the unit tests and devstack & co passed :) | 15:30 |
*** jaypipes has joined #openstack-dev | 15:30 | |
ayoung | jd__, add to that the fact that the lines you changed were writtend by heckj back in December, and he approved this patch. | 15:30 |
*** alexisT has quit IRC | 15:31 | |
jd__ | :-) | 15:31 |
openstackgerrit | A change was merged to openstack/python-cinderclient: Add support for volume backups https://review.openstack.org/26834 | 15:31 |
*** galstrom_zzz is now known as galstrom | 15:31 | |
ayoung | jd__, so you reverted to what it was before: return self._create('/tokens', params, "access", return_raw=return_raw) | 15:32 |
ayoung | * replacing authenticate call to a pure method, not overloading the | 15:32 |
ayoung | resource/manager path that confuses base URL concepts. | 15:32 |
*** galstrom is now known as galstrom_zzz | 15:32 | |
*** garyk has joined #openstack-dev | 15:33 | |
ayoung | jd__, approved. Thanks | 15:36 |
*** phschwartz has joined #openstack-dev | 15:36 | |
*** johnthetubaguy has quit IRC | 15:36 | |
*** wiliam_ has quit IRC | 15:38 | |
*** mlavalle has joined #openstack-dev | 15:38 | |
*** gyee has joined #openstack-dev | 15:38 | |
jd__ | ayoung: thanks \o/ :) | 15:38 |
jd__ | ayoung: care to check https://review.openstack.org/#/c/20404/ while you're at it? | 15:40 |
*** epim has joined #openstack-dev | 15:41 | |
*** wiliam_ has joined #openstack-dev | 15:41 | |
*** psedlak has quit IRC | 15:43 | |
*** troytoman is now known as troytoman-away | 15:46 | |
*** CaptTofu has joined #openstack-dev | 15:48 | |
*** wiliam_ has quit IRC | 15:50 | |
*** xga__ has quit IRC | 15:52 | |
*** xga has quit IRC | 15:52 | |
*** pasquier-s has quit IRC | 15:53 | |
*** zb is now known as zaneb | 15:53 | |
*** wiliam_ has joined #openstack-dev | 15:53 | |
*** stevemar has quit IRC | 15:54 | |
*** jgallard has quit IRC | 15:55 | |
*** rerngvit_ has quit IRC | 15:56 | |
*** rerngvit_ has joined #openstack-dev | 15:58 | |
*** mkollaro has quit IRC | 15:59 | |
*** wiliam_ has quit IRC | 16:00 | |
*** e_steve has joined #openstack-dev | 16:01 | |
*** wiliam_ has joined #openstack-dev | 16:01 | |
*** jbresnah has joined #openstack-dev | 16:02 | |
e_steve | Hey everyone, i have a quick question.. Does anyone know why keystoneclient v3 still uses the 'v2.0' management url? Is this a bug? I checked master branch and it was still like this.. | 16:02 |
e_steve | In [30]: type(keystone) | 16:02 |
e_steve | Out[30]: keystoneclient.v3.client.Client | 16:02 |
e_steve | In [31]: keystone.management_url | 16:02 |
e_steve | Out[31]: u'http://128.196.172.227:35357/v2.0' | 16:02 |
e_steve | keystone.version also shows 'v2.0' | 16:03 |
*** rerngvit_ has quit IRC | 16:04 | |
gyee | e_steve, are you using the default_catalog.template? | 16:06 |
HenryG | I am having trouble with running unit tests for quantum. The setting up of the virtual environment never completes, it always times out while trying to setup nosehtmloutput. help? | 16:06 |
e_steve | yes i am gyee | 16:07 |
*** pcm_ has quit IRC | 16:07 | |
*** wiliam_ has quit IRC | 16:07 | |
e_steve | should they all be v3 | 16:07 |
e_steve | instead of v2.0? | 16:07 |
*** darjeeling has joined #openstack-dev | 16:07 | |
*** devoid has joined #openstack-dev | 16:07 | |
openstackgerrit | A change was merged to openstack/ceilometer: instances: fix counter unit https://review.openstack.org/26462 | 16:07 |
gyee | e_steve, you can change them to v3, unless you have requirement to support both at the same time | 16:08 |
*** wiliam_ has joined #openstack-dev | 16:09 | |
e_steve | once I make the change, will keystone restart do the job? | 16:09 |
*** mlavalle has quit IRC | 16:10 | |
*** markwash has joined #openstack-dev | 16:10 | |
gyee | should | 16:11 |
clarkb | markmc: are you still around? | 16:13 |
markmc | clarkb, hey, for a little bit | 16:13 |
clarkb | markmc: I am hoping that you can explain the various log formats in oslo's logging | 16:13 |
markmc | clarkb, that might be hoping too much :) | 16:13 |
clarkb | I am trying to normalize the openstack service log formats during the tempest gates as much as possible | 16:13 |
* markmc looks at git blame to see who touched them last | 16:13 | |
*** wiliam_ has quit IRC | 16:14 | |
clarkb | and nova, cinder, quantum all use the same default format, glance does too but glance looks different than the rest of them | 16:14 |
*** datsun180b has quit IRC | 16:14 | |
clarkb | so trying to figure out if this is a config thing or a bug in either nova or glance etc | 16:14 |
*** datsun180b has joined #openstack-dev | 16:14 | |
markmc | clarkb, don't have any great insights, really | 16:15 |
*** wiliam_ has joined #openstack-dev | 16:15 | |
*** sacharya has joined #openstack-dev | 16:15 | |
markmc | clarkb, I know there's e.g. log.set_defaults(logging_context_format_string=...) because it's a format which formats a context object, which is project specific | 16:15 |
markmc | clarkb, I've some recollection of dims poking at oslo logging stuff | 16:16 |
*** sacharya has quit IRC | 16:16 | |
clarkb | markmc: great. I will see if dims knows what is going on | 16:16 |
clarkb | if nothing else I could actually read the code >_> | 16:16 |
*** sacharya has joined #openstack-dev | 16:16 | |
openstackgerrit | A change was merged to openstack/python-keystoneclient: Use TokenManager to get token https://review.openstack.org/20231 | 16:20 |
*** fbo has quit IRC | 16:20 | |
*** rerngvit has joined #openstack-dev | 16:23 | |
*** wiliam_ has quit IRC | 16:24 | |
*** rerngvit has quit IRC | 16:25 | |
*** wiliam_ has joined #openstack-dev | 16:26 | |
*** terry7 has joined #openstack-dev | 16:26 | |
*** megha has quit IRC | 16:26 | |
*** hemnafk is now known as hemna | 16:26 | |
openstackgerrit | A change was merged to openstack/cinder: Fixes 3PAR FC driver synchronization https://review.openstack.org/27458 | 16:28 |
openstackgerrit | A change was merged to openstack/cinder: Update to latest copy of OSLO incubator https://review.openstack.org/27075 | 16:28 |
*** zb has joined #openstack-dev | 16:28 | |
*** markmcclain has quit IRC | 16:29 | |
*** e_steve has quit IRC | 16:30 | |
*** zaneb has quit IRC | 16:31 | |
*** egallen has quit IRC | 16:31 | |
*** iartarisi has quit IRC | 16:32 | |
openstackgerrit | A change was merged to openstack-dev/devstack: Remove unused post-prereq phase https://review.openstack.org/27544 | 16:32 |
*** wiliam_ has quit IRC | 16:33 | |
lcheng | ttx: hello | 16:33 |
*** timjr has joined #openstack-dev | 16:34 | |
*** wiliam_ has joined #openstack-dev | 16:34 | |
*** alop has joined #openstack-dev | 16:35 | |
*** SergeyLukjanov has quit IRC | 16:35 | |
*** andrewbogott_afk is now known as andrewbogott | 16:37 | |
lcheng | markmc: hello | 16:37 |
markmc | lcheng, hi, what's up? I need to leave in a minute | 16:37 |
lcheng | I'm just wondering if anyone in release team can review: https://review.openstack.org/#/c/27407/ | 16:38 |
lcheng | This is blocking the patch to make horizon compatible with django 1.5. | 16:38 |
openstackgerrit | A change was merged to openstack/cinder: Clear volumes stuck in 'downloading' https://review.openstack.org/27472 | 16:38 |
*** wiliam_ has quit IRC | 16:39 | |
*** wiliam_ has joined #openstack-dev | 16:40 | |
openstackgerrit | A change was merged to openstack/oslo-incubator: Add support to clear DB https://review.openstack.org/27322 | 16:41 |
*** jcannava is now known as adisthedevil | 16:41 | |
*** galstrom_zzz is now known as galstrom | 16:42 | |
*** radez_g0n3 is now known as radez | 16:43 | |
*** CaptTofu has quit IRC | 16:48 | |
*** CaptTofu has joined #openstack-dev | 16:48 | |
*** wiliam_ has quit IRC | 16:49 | |
*** wiliam_ has joined #openstack-dev | 16:50 | |
*** russellb is now known as rustlebee | 16:52 | |
*** markmc has quit IRC | 16:52 | |
*** portante|ltp has quit IRC | 16:53 | |
anteaya | I would like to confirm that the keystone tokens on folsom are UUID not PKI, is that accurate? | 16:53 |
*** derekh has quit IRC | 16:54 | |
openstackgerrit | A change was merged to openstack-dev/devstack: Removes "RPC not enabled" error message when no backend is needed https://review.openstack.org/26956 | 16:55 |
openstackgerrit | A change was merged to openstack/cinder: Remove _path_exists method. https://review.openstack.org/27499 | 16:55 |
*** wiliam_ has quit IRC | 16:56 | |
*** wiliam_ has joined #openstack-dev | 16:57 | |
*** zoresvit has quit IRC | 16:59 | |
*** dguitarbite has joined #openstack-dev | 17:00 | |
*** plemahieu has joined #openstack-dev | 17:00 | |
*** timjr has quit IRC | 17:00 | |
*** timjr_ has joined #openstack-dev | 17:00 | |
*** mkerrin has quit IRC | 17:00 | |
openstackgerrit | A change was merged to openstack/cinder: Cinder wasn't filtering the backups returned to backup list API https://review.openstack.org/26989 | 17:00 |
*** harlowja has quit IRC | 17:00 | |
*** harlowja has joined #openstack-dev | 17:01 | |
*** wiliam_ has quit IRC | 17:02 | |
*** CaptTofu has quit IRC | 17:02 | |
*** lloydde has joined #openstack-dev | 17:02 | |
*** armax has joined #openstack-dev | 17:03 | |
*** CaptTofu has joined #openstack-dev | 17:03 | |
*** jpeeler has quit IRC | 17:05 | |
*** colinmcnamara has joined #openstack-dev | 17:05 | |
*** koolhead17 has quit IRC | 17:06 | |
*** dontalton has joined #openstack-dev | 17:07 | |
*** stevemar has joined #openstack-dev | 17:08 | |
*** ijw has joined #openstack-dev | 17:10 | |
*** alexpilotti has joined #openstack-dev | 17:10 | |
*** jcoufal has quit IRC | 17:11 | |
*** zackf has quit IRC | 17:14 | |
*** wiliam_ has joined #openstack-dev | 17:15 | |
*** Mandell has joined #openstack-dev | 17:16 | |
stevemar | termie: ping | 17:16 |
*** vipul is now known as vipul|away | 17:17 | |
*** jpich has quit IRC | 17:17 | |
*** slagle has joined #openstack-dev | 17:19 | |
*** jog0 has joined #openstack-dev | 17:20 | |
*** koolhead17 has joined #openstack-dev | 17:20 | |
*** danpb has quit IRC | 17:21 | |
*** vipul|away is now known as vipul | 17:22 | |
*** SergeyLukjanov has joined #openstack-dev | 17:24 | |
*** bdpayne has quit IRC | 17:25 | |
*** jcoufal has joined #openstack-dev | 17:25 | |
*** wiliam_ has quit IRC | 17:25 | |
*** bdpayne has joined #openstack-dev | 17:27 | |
ayoung | topol, henrynash https://etherpad.openstack.org/chain-of-domains | 17:28 |
ayoung | brainstorming | 17:28 |
*** arbrandes has joined #openstack-dev | 17:28 | |
*** comstud is now known as bearhands | 17:29 | |
*** jasondotstar has quit IRC | 17:29 | |
*** galstrom is now known as galstrom_zzz | 17:30 | |
*** jasondotstar has joined #openstack-dev | 17:30 | |
*** minoz has joined #openstack-dev | 17:30 | |
*** sarob has quit IRC | 17:31 | |
*** minoz has left #openstack-dev | 17:31 | |
*** rch has joined #openstack-dev | 17:33 | |
*** ladquin has joined #openstack-dev | 17:35 | |
ayoung | Well there are 4 people in the etherpad, and I only pinged you, nash and topol...nash and I have names, the other two don't. Is one of them you> | 17:35 |
henrynash | ayoungL one is me | 17:35 |
topol | ayoung, what is the problem you are trying to address? I am missing some context. What problem/use case is driving distributed token signing? | 17:35 |
topol | yeah Im in | 17:35 |
*** Aarti has joined #openstack-dev | 17:36 | |
*** westmaas is now known as westmau5 | 17:36 | |
Aarti | atnamji456! | 17:36 |
Aarti | oops sorry wrong window! | 17:36 |
ayoung | topol this is like, General Relativity replaceing Classical Mechanics and you ask me what problem I'm trying to solve? I'm trying to get rig of Luminiferous Ether. | 17:36 |
henrynash | anteaya: you can use both in Folsom, but UUID is the default | 17:36 |
ayoung | topol, let me link to the distributed signing BP | 17:37 |
anteaya | henrynash: thank you, yes the default was what I wanted to confirm | 17:37 |
ayoung | https://blueprints.launchpad.net/keystone/+spec/distributed-signing | 17:37 |
anteaya | working on revoking a token using the admin token, do you know if there is a method for this already henrynash? | 17:37 |
*** devoid has quit IRC | 17:38 | |
henrynash | anteaya: pretty sure there is a token api call that revokes them…along as you know the id | 17:38 |
ayoung | topol, this was kicked off by two things. One, I want to be able to have multiple servers sign tokens, and be able to distinguish between them when the time comes to verify | 17:39 |
anteaya | ohhh, any documentation on said api call? | 17:39 |
ayoung | so each should have a distinct set of certificates | 17:39 |
ayoung | And the dividing line will be per domain. | 17:39 |
*** SergeyLukjanov has quit IRC | 17:40 | |
ayoung | topol, add to that our recent discussions about the LDAP driver and domains, and the two kind of fall together | 17:40 |
*** lucasagomes has quit IRC | 17:40 | |
topol | ayoung, so right now each keystone server does the signing and serves as the trusted 3rd party, correct? | 17:40 |
ayoung | topol, I didn't want to break the existing Identity back ends, and, indeed, there is no reason to do so | 17:40 |
ayoung | topol, yes | 17:40 |
ayoung | topol, so a cross domain trust between two keystone servers should involve not only a certificate exchange, but also an agreement that a given certificate can only sign for a certain subset of domains | 17:41 |
anteaya | henrynash: so far I have found this: http://docs.openstack.org/api/openstack-compute/programmer/content/getting-the-keys-to-the-kingdom.html which confirms what you said but doesn't tell me what command to run to do it | 17:41 |
* anteaya continues to look | 17:42 | |
topol | and now you are trying to expand the model so that you have two different keystones each representing a different domain but working together in the same environment? | 17:42 |
*** monst__ has quit IRC | 17:42 | |
ayoung | topol, yep | 17:42 |
*** esp1 has joined #openstack-dev | 17:43 | |
*** esp1 has left #openstack-dev | 17:43 | |
ayoung | topol, if by "now" you mean "back before grizzly when you originally wrote this" | 17:43 |
termie | stevemar: holla | 17:43 |
henrynash | anteaya: so in v3 you do DELETE /auth/tokens | 17:44 |
stevemar | termie: yay, i wanted to bug you about oauth stuff again | 17:44 |
topol | so supporting multiple keystones I can see when wanting to provide high availability. But Im guessing that is not your primary use case | 17:44 |
anteaya | henrynash: I need to make it work with v2 | 17:44 |
anteaya | part of my story requirement | 17:44 |
termie | stevemar: not here right now | 17:44 |
termie | stevemar: whatchoo need? | 17:44 |
henrynash | anteaya: in v2 it would be something like DELTE /token/{token_id} | 17:45 |
ayoung | topol, o, this is more for the case where two different orgs have stood up keystones and need to interoperate | 17:45 |
anteaya | henrynash: great, thank you | 17:45 |
topol | termie, I'll get him | 17:45 |
termie | aka not a case | 17:45 |
termie | topol: he's already talkin | 17:45 |
topol | oh good | 17:45 |
henrynash | anteaya: i just can't find a published version of the v2 identity api spec right now | 17:45 |
*** zbitter has joined #openstack-dev | 17:45 | |
anteaya | henrynash: no worries, chmouel left a blog post for me: http://blog.chmouel.com/2013/04/22/howto-revoke-a-token-with-keystone-and-pki-v2-0-api/ which is getting me started | 17:46 |
*** darraghb has quit IRC | 17:46 | |
anteaya | mostly just wanted to confirm folsom default is UUID, the rest is lovely too | 17:46 |
openstackgerrit | A change was merged to openstack/cinder: cinder volume service keeps retrying even code exception https://review.openstack.org/27040 | 17:46 |
stevemar | termie: was wondering how i can invoke the code under create_request_token? | 17:46 |
anteaya | if you happen to trip over anything official feel free to ping me, in the meantime I have enough to keep working | 17:47 |
anteaya | and thanks henrynash | 17:47 |
stevemar | termie: normally I just do curl and point it to the right endpoint, | 17:47 |
henrynash | anteaya: no problem | 17:47 |
topol | ayoung, the reason Im asking is just to make sure this wasnt for supporting two separate LDAPs for authentication. As I mentioned in my latest email, apache shows that can be handled by a single service location | 17:47 |
termie | stevemar: http://term.ie/oauth/example/client.php :) | 17:47 |
termie | stevemar: that endpoint can be localhost, btw | 17:47 |
termie | stevemar: you'll probably want to "dump request" and then use that url in curl | 17:48 |
ayoung | topol, wasn't the reason I was suggesting that and I would deny it if it was. | 17:48 |
termie | stevemar: if you are going to do it a bunch | 17:48 |
*** zb has quit IRC | 17:48 | |
stevemar | termie: ah i see the ticky box for that | 17:48 |
topol | ayoung, K, so your use case is a scenario where two orgs somehow are sharing an openstack environment and each has there own keystone? | 17:49 |
stevemar | termie: so the endpoint should be: http://localhost:5000//oauth/request_token | 17:49 |
*** raycloud_ has joined #openstack-dev | 17:49 | |
stevemar | termie: http://localhost:5000/oauth/request_token | 17:49 |
termie | stevemar: sure | 17:50 |
termie | stevemar: the keys are in the DummyOauthDriver | 17:51 |
*** zb has joined #openstack-dev | 17:51 | |
*** lglenden has joined #openstack-dev | 17:51 | |
stevemar | termie: yep, i noticed that, foo-key and foo-secret | 17:51 |
*** galstrom_zzz is now known as galstrom | 17:52 | |
*** brich1 has joined #openstack-dev | 17:52 | |
*** raycloud has quit IRC | 17:52 | |
*** crank has quit IRC | 17:52 | |
*** crank has joined #openstack-dev | 17:53 | |
*** zbitter has quit IRC | 17:54 | |
*** kagan has joined #openstack-dev | 17:54 | |
*** corXi has quit IRC | 17:54 | |
termie | stevemar: i'll probably be working on this stuff today, btw, need to go back over code reviews | 17:56 |
*** Ryan_Lane has joined #openstack-dev | 17:57 | |
*** blamar has joined #openstack-dev | 17:58 | |
stevemar | termie: cool; i wanted to start looking at the backend code, but i might be getting ahead of myself | 17:58 |
stevemar | termie: the consumer table at least should be easier | 17:59 |
ayoung | topol, that was the idea, yes. Say public cloud, where the customer has their own Keystone, running behind a firewall, and wants to manage their own identities. | 18:00 |
termie | stevemar: is good practice anyway, if you want to write the crud stuff go ahead and pull request or whatever | 18:00 |
*** kmartin has quit IRC | 18:00 | |
*** dguitarbite has quit IRC | 18:00 | |
stevemar | termie: yep! i copied the code you had in your keystone git repo and have been trying to build on top of it, and figure out what exactly needs to be done | 18:01 |
ayoung | topol, it wouldn't solve the HA keystone thing, as I think there you would want to share certificates between them, or you would have to indicate on the token which Keystone signed it in order to have separate certs | 18:01 |
*** SergeyLukjanov has joined #openstack-dev | 18:01 | |
ayoung | I was trying to group by domain | 18:01 |
stevemar | termie: and trying to figure out how it all works, of course | 18:02 |
*** galstrom is now known as galstrom_zzz | 18:03 | |
*** marun has joined #openstack-dev | 18:03 | |
openstackstatus | NOTICE: We just added AAAA records (IPv6 addresses) to review.openstack.org and jenkins.openstack.org. | 18:04 |
topol | ayoung, do we have concrete stakeholders that want to implement a public cloud by giving different customers their own keystone??? | 18:04 |
*** timjr_ has quit IRC | 18:04 | |
ayoung | topol, nope | 18:04 |
*** torgomatic has quit IRC | 18:05 | |
ayoung | topol, that wasn't the idea | 18:05 |
ayoung | topol, it was more "openstack is a standard way of accessing clouds, and keystone is the IdM portal into that" | 18:05 |
*** bkero has quit IRC | 18:05 | |
termie | ayoung: we don't use the word "IdM" here | 18:05 |
topol | ayoung, still trying to associate this concept with a concrete use case/stakeholder need. | 18:05 |
ayoung | termie, its not a word. It is an acronym. It is technically two words | 18:06 |
ayoung | termie, you are like Newspeak, removing words from usage | 18:06 |
termie | ayoung: https://www.google.com/search?q=define%3A+word | 18:06 |
topol | termie, I heard a rumor that when you make core you are rewriting keystone in a combination of java and pl1 | 18:06 |
termie | topol: all java, actually | 18:07 |
*** torgomatic has joined #openstack-dev | 18:07 | |
termie | topol: but rot13d | 18:07 |
topol | only in week1, then expanding | 18:07 |
*** colinmcnamara has quit IRC | 18:07 | |
termie | heading out to breakfast, but i'll be back to harass y'all later | 18:08 |
topol | so ayuong we can look at the distributed signing and Im trying to grab bruce rich (my local security guru to look as well). But as a general rule on something like this I get nervous if I cant point to a stakeholder that says they need this... | 18:09 |
*** bkero has joined #openstack-dev | 18:09 | |
*** eafonichev has joined #openstack-dev | 18:09 | |
garyk | marun: ping | 18:09 |
*** marun has quit IRC | 18:09 | |
*** marun has joined #openstack-dev | 18:10 | |
*** jdurgin1 has quit IRC | 18:10 | |
*** stevemar has quit IRC | 18:10 | |
brich1 | topol: looking at etherpad, wondering why the certificates are not in a traditional hierarchy, signed by common CA, then trust builds on "normal" mechanisms | 18:11 |
ayoung | topol OK, forget about the distributed signing aspect of it for a moment. The idea of the domain backend being separate from the ID back end came up during the LDAP talk | 18:11 |
ayoung | brich1, you mean the https://etherpad.openstack.org/chain-of-domains ? | 18:11 |
brich1 | ayoung: yes | 18:11 |
*** stevemar has joined #openstack-dev | 18:11 | |
topol | ayoung, I sent him the link | 18:11 |
ayoung | brich1, because they are peers, not necessarily signing each others certs | 18:12 |
*** CaptTofu has quit IRC | 18:12 | |
ayoung | brich1, say I have a private keystone | 18:12 |
ayoung | and I need to talk to both rackspace and ... HP | 18:12 |
ayoung | brich1, which one gets to sign my certs and tokens? | 18:12 |
brich1 | ayoung: but if their certs came from a common root, then trust would be natural and not forced via external mechanism | 18:13 |
*** ewindisch has joined #openstack-dev | 18:13 | |
*** jecarey has joined #openstack-dev | 18:13 | |
ayoung | brich1, and you just addresses the main problem with X509 | 18:13 |
ayoung | There is no common root | 18:13 |
marun | garyk: ping | 18:13 |
ayoung | brich1, I might be payuing verisign and you are paying mom-and-pos-ca-shop | 18:14 |
ayoung | both are CAs in the browser cache.... | 18:14 |
ayoung | brich1, and besides, the CA mechanism doesn't link to the domain. | 18:14 |
*** mlavalle has joined #openstack-dev | 18:15 | |
brich1 | ayoung: agree that trust shouldn't be a casual affair...mom and pop probably isn't a good thing | 18:15 |
ayoung | You don't want a cert to sign every token | 18:15 |
ayoung | just the ones from the domain that is trusted | 18:15 |
*** vartom1110 has joined #openstack-dev | 18:15 | |
ayoung | brich1, the fact is that there is no hierarchy. We want this far more controlled | 18:15 |
*** dguitarbite has joined #openstack-dev | 18:15 | |
ayoung | now, you could say that if I share my certs with your Keystone, then you replace my certs with your own, you own all my resources. But none of my people would be able to do anything there, and it would be abeach of contract, and...it would get sorted out, probably in the courts | 18:16 |
*** henrynash_ has joined #openstack-dev | 18:16 | |
ayoung | But there is nothing in the X509 world that would really solve this, is there? | 18:17 |
*** morganfainberg is now known as needscoffee | 18:17 | |
brich1 | ayoung: sharing certs is not the same as sharing private keys, which is the part that signs the tokens, so I don't see the validity of the problem you were describing | 18:17 |
ayoung | brich1, I am aware the differences between sharing keys and certs | 18:18 |
*** PaulM has joined #openstack-dev | 18:19 | |
ayoung | brich1, do you understand the token signing mechanism? Do you know see how we are currently fetching the Cert explicitly from Keystone to avoid making the tokens huge? | 18:19 |
*** Yada has quit IRC | 18:19 | |
ayoung | We are not going to be putting a whole Cert chain into each signed token. | 18:19 |
*** henrynash has quit IRC | 18:19 | |
*** henrynash_ is now known as henrynash | 18:19 | |
ayoung | The goal instead is to be able to bind a signed token to a client cert or some other secure authentication mechanism and get rid of bearer tokens | 18:20 |
ayoung | I think client certs are the simplest way forward | 18:20 |
ayoung | but then individual organizations need to sign their own certs | 18:20 |
*** mlavalle has quit IRC | 18:20 | |
*** monst_ has joined #openstack-dev | 18:21 | |
topol | ayoung, so lets say I am a customer and I am using both a rackspace and an HP cloud. Why do I need to share at all? If the app components need to communicate/collaborate I would assume they would use std webservices methods and the communication would be out of band from a keystone point of view | 18:21 |
ayoung | topol, how does Rackspace assigne the btopol@ibm.com user to a project in a different domain? What "standard web services" apply there? | 18:22 |
*** jdurgin1 has joined #openstack-dev | 18:23 | |
*** rmohan has quit IRC | 18:24 | |
ayoung | And why would you assume it to be "out of band" | 18:24 |
ayoung | aside, maybe from setting up the cross domain trust relationship in the first place | 18:24 |
*** otherwiseguy has quit IRC | 18:25 | |
*** yamahata_ has quit IRC | 18:25 | |
*** rmohan has joined #openstack-dev | 18:26 | |
brich1 | ayoung: TLS sessions exchange certs in both directions, so that handshake would communicate certs. Having trust via the cert chain would be one level of standard practice. A secondary mechanism may be necessary for some environments. (BTW...the token may have a hash of the public key from the signer cert, which would make it a manageable size). | 18:27 |
ayoung | brich1, that is the approach I am pursuing | 18:28 |
ayoung | brich1, there are a couple things to keep in mind | 18:28 |
ayoung | 1. most people do not have client certs. If we introduce them, we need to provide a means to distribute them | 18:28 |
topol | ayoung, so lets say I have a big data crunching problem that is so big I need to leverage two separate clouds to get the horsepower I need. I would have a piece that would allow me to kick off work items in both clouds. I would send the work items out using a "bag of tasks" approach and each item when done probably send s there results to some collection hub. Thus I use both clouds... | 18:29 |
topol | ...without keystone distributed signing | 18:29 |
ayoung | 2. certs used for signing tokens are a different type (SMIME) than client certs so we need to support both | 18:29 |
*** monst_ has quit IRC | 18:29 | |
brich1 | ayoung: what SMIME types are we talking here? | 18:30 |
ayoung | brich1, no...I mean SMIME signing certs. CMS. The PKI token impl? | 18:30 |
ayoung | brich1, have you looked at it? | 18:31 |
brich1 | ayoung: yes, just trying to make sure we're talking about the same things with these terms | 18:31 |
*** vipul is now known as vipul|away | 18:34 | |
ayoung | brich1, ok, so we still want to map which CA cna signi tokens for a specific domain | 18:34 |
ayoung | "can" | 18:34 |
ayoung | and that is more than just the certificates having the appropriate attributes set | 18:34 |
ayoung | it is an agreement by the Keystone server as well | 18:34 |
*** bknudson has quit IRC | 18:35 | |
ayoung | So while you might have a valid signing server, I can say "yes,. you can sign for the ibm domain, but not the redhat domain | 18:35 |
*** kagan has quit IRC | 18:35 | |
ayoung | it might be that they share a common CA cert, I am just not enforceing that, as I don;'t think it will be the case in practice | 18:36 |
brich1 | ayoung: is it necessary but not sufficient for the signing certificate to be locked to a domain? that we need config as well? | 18:36 |
brich1 | ayoung: or "policy" instead of "config"? | 18:37 |
*** crandquist has quit IRC | 18:38 | |
ayoung | topol, so my brainstorming was origianlly based on the distributed signing idea, but does not require that to be valid. It is, instead, a mechanism for allowing us to divide up the configuration of domains in general, so solve the general problem that we have been discussing around LDAP etc. | 18:39 |
topol | ayoung, feels like using an elephant gun to shoot a mouse | 18:39 |
*** bkero has quit IRC | 18:39 | |
ayoung | brich1, My goal this release is to deal with the bearer-ness aspect of the tokens. To do that, I want to be able to bind them to a client cert. TO do client certs, we need to be able to distrbitue client certs to everyone. So, I suspect that Keystone is going to have to hand out client certs. But people might have them from elsewhere, assuming they come from an org that already has a CA. Say, the DoD, which has its owen CA, | 18:41 |
ayoung | and it is not in yourbrowser cache unless you put it there, so you would have to explicitly enable that CA. | 18:41 |
ayoung | topol, there is no "overkill" there is only "open fire" and "reload" | 18:41 |
ayoung | https://en.wikipedia.org/wiki/Schlock_Mercenary#The_Seventy_Maxims_of_Maximally_Effective_Mercenaries | 18:41 |
ayoung | #37 | 18:42 |
topol | ayoung, I think LDAP issue in many cases can be solved using a simpler approach if you agree that the multiple LDAPs are just used for authentication and then each maps to a separate domain in the SQL identity driver | 18:42 |
*** galstrom_zzz is now known as galstrom | 18:42 | |
Ryan_Lane | -_- | 18:42 |
Ryan_Lane | don't assume people only want to use ldap for authentication | 18:42 |
Ryan_Lane | it's a bad assumption | 18:42 |
Ryan_Lane | a really bad one | 18:42 |
ayoung | topol, that won't work without a mapping mechanism. And if we have a mapping mechanism, we don't need the SQL ID driver | 18:42 |
ayoung | Ryan_Lane, agreed | 18:43 |
ayoung | Ryan_Lane, did you see https://etherpad.openstack.org/chain-of-domains | 18:43 |
*** rmohan has quit IRC | 18:43 | |
topol | Ryan_Lane, I know you are a LDAP superuser and you have the freedom to do whatever you want with your LDAP, but most customers that simply isnt true. and ayoung already convinced me that you didnt need multiple domains in a single LDAP anyway | 18:43 |
topol | ayoung, I thought your json cinfig stuff would give us a mapping mechanism | 18:44 |
ayoung | So multiple domains in a single LDAP is a separate issue. What I'm writing above doesn't address it. | 18:44 |
*** ijw has quit IRC | 18:44 | |
topol | ayoung, I know, but Ryan_Lane threw the grenade | 18:45 |
Ryan_Lane | it really seems like these conversations are taking the worst part of everyone's suggestions and using that to make a compromise that no one will be happy with | 18:45 |
*** rmohan has joined #openstack-dev | 18:45 | |
*** alexpilotti has quit IRC | 18:45 | |
*** salv-orlando has quit IRC | 18:45 | |
ayoung | Ryan_Lane, nope. | 18:45 |
*** torgomatic has quit IRC | 18:45 | |
*** vipul|away is now known as vipul | 18:45 | |
*** salv-orlando has joined #openstack-dev | 18:45 | |
Ryan_Lane | unless we're going to move the configuration into the API, I don't see how any of this is going to work | 18:46 |
topol | Ryan_Lane, not sure I agree with that. Its still not clear to me why ayoung is taking this approach for the LDAP use case. I would understand it if it was for HA but that is not his focus | 18:46 |
Ryan_Lane | ayoung: https://etherpad.openstack.org/chain-of-domains <— this seems incredibly complicated | 18:46 |
*** v7 has joined #openstack-dev | 18:47 | |
Ryan_Lane | I don't want to imagine the code for most of the suggestions I've seen so far | 18:47 |
ayoung | Ryan_Lane, So we have the "default domain" in SQL cuz we squeezed it in there, but that means we need to do that for every single backend we write, as we've seen with LDAP and potentially others | 18:47 |
Ryan_Lane | it's approaching "you must be an identity wizard to touch this code" in complexity level | 18:47 |
*** devoid has joined #openstack-dev | 18:47 | |
*** markmcclain has joined #openstack-dev | 18:48 | |
v7 | Hi there, I installed Devstack on RHEL6.4. Im getting the following error when trying to view the Dashboard: FilterError at / /bin/sh: /opt/stack/horizon/bin/less/lessc: Permission denied | 18:48 |
v7 | Anyone know how to fix this? | 18:48 |
topol | ayoung, Ryan, the use case presented at the summit as high priority was a simpler one. Stakeholder has 1 or more LDAPs they use for authentication. They want to pull users lazily in to the identity driver with a read/write (probably SQL) backend and then manage the authorization (mapping of users to rules) there... | 18:48 |
topol | s/rule/roles | 18:48 |
Ryan_Lane | in which way would this work, though? | 18:49 |
Ryan_Lane | how does keystone know which ldap is being used for auth? | 18:49 |
topol | Ryan_Lane, I agree with your complexity conerns on chain-of-domains | 18:49 |
topol | Ryan_Lane, configure like apache does | 18:49 |
topol | http://httpd.apache.org/docs/2.2/mod/mod_authn_alias.html | 18:50 |
*** gordc has quit IRC | 18:50 | |
*** jrclouda has joined #openstack-dev | 18:50 | |
*** jrclouda is now known as zackf | 18:51 | |
topol | We are frankly not the first ones to this rodeo. Apache handle multiple LDAPs and also filters for mapping groups as well | 18:51 |
ayoung | topol, yep. Keystone is a big pile of NIH | 18:51 |
*** minoz has joined #openstack-dev | 18:51 | |
Ryan_Lane | yes, yes, and my mediawiki extension also handles multuple domains | 18:51 |
Ryan_Lane | and can handle group filtering, and can do kerberos, ssl client auth, etc, etc | 18:52 |
Ryan_Lane | and I can tell you from experience it's a bad idea | 18:52 |
*** bknudson has joined #openstack-dev | 18:52 | |
topol | So I look at the apache code and nowhere does it mention distributed token signing | 18:52 |
*** eharney has quit IRC | 18:52 | |
ayoung | Ryan_Lane, can you explain what you mean by " my mediawiki extension?" Extension to Keystone, to apache, or to LDAP? To something else? | 18:52 |
Ryan_Lane | http://www.mediawiki.org/wiki/Extension:LDAP_Authentication | 18:52 |
*** alop has quit IRC | 18:53 | |
ayoung | topol, the thing is, the Apache mechanism doesn't have the domains concept in it | 18:53 |
ayoung | with domains, we start taking about multi-tenancy, and that is missing from the Apache approach | 18:53 |
topol | but the sql identity driver has domains | 18:54 |
*** novas0x2a|laptop has joined #openstack-dev | 18:54 | |
ayoung | So, yes, you can check multiple LDAPs, but they all get lumped together | 18:54 |
ayoung | topol, I never wanted all this in the first place | 18:54 |
*** minoz has left #openstack-dev | 18:54 | |
ayoung | I wanted to be a lumberjack. | 18:54 |
ayoung | Ryan_Lane, yeah, you pointed me to that before. Is that in your LDAP server? | 18:54 |
topol | we can control that though. Im just missing something. The SQl identity driver *has* domain support. Im just advocating we use it! | 18:55 |
Ryan_Lane | no. it's LDAP support for mediawiki | 18:55 |
Ryan_Lane | it supports a lot of what you guys are talking about adding to keystone | 18:55 |
ayoung | Ah, right | 18:55 |
Ryan_Lane | and from experience, I'm telling you it's a nightmare | 18:55 |
topol | all I think I am missing is a config piece that maps each ldap to its own domain | 18:55 |
ayoung | topol, so, I didn't want to say this, but, that is what the json file is for | 18:56 |
Ryan_Lane | http://www.mediawiki.org/wiki/Extension:LDAP_Authentication/Configuration_Options#Domain.2C_server_and_connection_configuration_options | 18:56 |
topol | If my logic is wrong plz explain. | 18:56 |
Ryan_Lane | this is going to make the code impossible to manage | 18:56 |
topol | ryan_lane, whih part??? | 18:56 |
Ryan_Lane | and it's going to make the configuration of keystone mostly impossible to manage | 18:56 |
*** bknudson has quit IRC | 18:56 | |
*** afazekas_ has quit IRC | 18:56 | |
topol | chain-of-domains or what I am suggesting? | 18:57 |
*** stevebaker is now known as stevebaker_gone | 18:57 | |
*** timjr has joined #openstack-dev | 18:57 | |
ayoung | Ryan_Lane, what I suggested in the chain-of-domains is a framework for linking multiple domain sources together, but in a limited and non-surprising way | 18:58 |
anteaya | general announcement, gnome opw internship applicants only have until this Tuesday to submit an openstack patch for their application to be considered, I am encouraging them to ask in here for help with devstack and patch submissions | 18:58 |
anteaya | thanks for your kind understanding and support | 18:58 |
Ryan_Lane | ayoung: good luck with that being "non-surprising" | 18:58 |
topol | ayoung, yeah but the minor boat anchor of distributed signing... | 18:59 |
topol | Ryan_Lane, I enjoy your feedback. But I cant tell how much is hating chain of domains and how much is hating what I am suggesting | 18:59 |
ayoung | topol, no, I am trying to show how that would fit in as well. It is a separate but realted concern I've been trying to solve cleany for a while and have punted on it. I don't want certs to be something that can be updated via the web interface, because I am paranoid | 18:59 |
*** lloydde has quit IRC | 18:59 | |
ayoung | multipl LDAP vbackends is a config choice, and shouldn't be in the database | 19:00 |
ayoung | but there are providers that do need to be able to create domains on the fly, like Rackspace and joe savak | 19:00 |
Ryan_Lane | topol: anything past supporting a single ldap directory per keystone I'm going to dislike | 19:00 |
ayoung | I don't want to support multiple domains in a single LDAP | 19:00 |
ayoung | Ryan_Lane, So there are two options then | 19:01 |
Ryan_Lane | because I know the nightmare situation that comes that way | 19:01 |
ayoung | one have one Keystone per LDAP | 19:01 |
topol | Im so missing something. I agree multiple LDAPs should be a config choice. Now how does that prevent domain creation on the fly? | 19:01 |
ayoung | and have them talk via the sitributed signing | 19:01 |
ayoung | or we write something that you are going to dislike | 19:01 |
ayoung | which puts them into a single Keystone | 19:01 |
ayoung | or punt and mke the LDAP admins life miserable | 19:01 |
topol | One Keystone per LDAP will make us look silly | 19:01 |
Ryan_Lane | it'll make us look sane | 19:02 |
topol | that will make an admins life hell | 19:02 |
ayoung | topol, I think that one Keystone per LDAP should be the first approach, as it provide total isolation. Multiple per can be supported later as well if so demanded | 19:02 |
*** torgomatic has joined #openstack-dev | 19:03 | |
topol | again I fully agree with one domain per LDAP. I dont understand how we slip from that to one keystone per ldap. I think many folks will benefit from having multiple LDAPs they control being suck in and handled by one keystone | 19:04 |
ayoung | Ryan_Lane, I was origianlly going to suggest splitting the Domain code out of the identity backend, but I realize that it wouldn't work. I think the chain of responsibility pattern is the best implementation here. We could make it completely free-form, but I think that would be hard to understand. We can extend the pattern, or drop a link of the chain, if it turns out that they do not make sense | 19:04 |
topol | and again, I still don't understand where my approach blows up given we agree the SQL identy driver supports multiple domains. What is the anvil about to drop on my head you arent mentioning??? | 19:05 |
*** dguitarbite has quit IRC | 19:06 | |
topol | and again, we agreed to let henrynash investigate and we are short circuiting that with doing diligence | 19:06 |
*** litong01 has quit IRC | 19:06 | |
ayoung | topol, the reason we support one keystone per ldap is because it is the more general solution. When I pressed the people looking for multiple backends, they admitted that they would want the token backend to be split as well. Splitting into two distince keystone gives them complete control over their domains, and isolation between them | 19:06 |
topol | er without doing diligence | 19:06 |
Ryan_Lane | back in a bit. interviewing someont... | 19:07 |
ayoung | topol, I posted it as a brainstorming session. We can think things through whilst being duly dilligent. | 19:07 |
topol | ayoung, I think it depends on the customer set. If I am a bank, and I bought another bank, and I have two LDAPs of users. and I know apache was able to handle this with a single point of authentication and keystone cant then keystone looks silly | 19:08 |
ayoung | topol, you are forcing me to make my assumptions explicit, which is exactly what I hoped would happen in a discussion like this. I realize that I've been stewing on this for a while. | 19:08 |
ayoung | topol, I think that there are going to be demands for all of the above. | 19:08 |
ayoung | Multiple LDAPs in a single server included | 19:09 |
ayoung | we don';t have to do them all | 19:09 |
ayoung | but lets dream for now... | 19:09 |
ayoung | it is the beginning of the release cycle, and we should spend more time planning and less time coding right now.... | 19:09 |
*** galstrom is now known as galstrom_zzz | 19:09 | |
ayoung | I think that domains are the the proper place to split things | 19:09 |
ayoung | for people that are using one domain per customer, they need a backend that will support that | 19:10 |
*** kagan has joined #openstack-dev | 19:10 | |
ayoung | but then the whoe infrastructure is like a different domain, right? In my talk, I had them coming from separate IDPs | 19:10 |
ayoung | domains are the dividing lines for IDPs | 19:10 |
ayoung | so, Keystone can also be an IDP, but really it is not, it is an authorization portal | 19:11 |
ayoung | in the LDAP case, Authentication comes from elsewhere | 19:11 |
ayoung | the simple bind approach not-withstanding, | 19:11 |
ayoung | as I agree it is a mistake | 19:11 |
ayoung | ideally, you would front with apache | 19:11 |
termie | ayoung: if you had to guess, what ratio of the messages on this channel would you say are by you? | 19:12 |
topol | ayoung, so you will end up finding me annoying. Cause I firmly believe in having stakeholders/and use cases before desiging. I know I have use cases for the simpler scenario I described. All the more complex ones we will only hit the mark if stakeholder participate in the design and iterations | 19:12 |
ayoung | termie, 169.2% give or take | 19:12 |
termie | topol: agreed | 19:12 |
termie | ayoung: what's an IDP that sounds like a bad word also | 19:12 |
ayoung | termie, Identity Provider. Where you go to authenticate | 19:12 |
*** bknudson has joined #openstack-dev | 19:12 | |
termie | ayoung: cool, yeah, let's not use that word | 19:13 |
ayoung | termie, would it be correct to say that, in a strict oauth implementation, we wouldn't have domains, we would just have consumers? | 19:13 |
termie | ayoung: no | 19:13 |
*** aelkikhia has quit IRC | 19:16 | |
*** cloudchimp has quit IRC | 19:17 | |
topol | and I could not imagine telling my customers that used apache that if they need to integrate with an LDAP that they would need one apache server per LDAP. They would laugh me out of the room as not being enterprise strength code. and when we advocate one keystone per LDAP its saying the same thing | 19:17 |
termie | hundreds of keystones | 19:19 |
termie | thousands | 19:19 |
*** dolphm_ has joined #openstack-dev | 19:19 | |
termie | dolphm_: x_x | 19:19 |
dolphm_ | termie: o/ | 19:19 |
*** athomas has quit IRC | 19:19 | |
ayoung | topol, look them in the eye and say "You have two LDAP servers for a reason. We are looking to support that reason, not undermine it." | 19:20 |
ayoung | THen they hem and haw and tell you how hard it is due to organization issues and politics | 19:20 |
termie | ayoung: i think we should just let mathrock design this | 19:21 |
ayoung | termie, he's welcome to it. | 19:21 |
termie | ayoung: because he has a specific use case of something along these lines and they've already solved it to some degree | 19:21 |
*** monst_ has joined #openstack-dev | 19:21 | |
*** brich1 has left #openstack-dev | 19:22 | |
*** stevebaker_gone is now known as stevebaker | 19:22 | |
ayoung | termie, yes, but we have people coming at this from all over the place. We have people screamin "we need LDAP support, but we can't write to the LDAP server" and we have Rackspace saying "we need to be able to give each customer their own domain" and I am trying to find a clean solution that pisses off everyone equally | 19:23 |
*** adisthedevil is now known as jcannava | 19:23 | |
* ayoung resorts to vulgarity to underline frustration | 19:23 | |
*** sarob has joined #openstack-dev | 19:23 | |
*** bdpayne has quit IRC | 19:24 | |
*** bdpayne has joined #openstack-dev | 19:25 | |
termie | ayoung: sure sure, i am just saying that guy probably has a really good idea about what that is | 19:25 |
topol | each keystone is gonna need to be fronted with ssl. Each keystone needs configured. Honestly we need to be flexible and pragmatic. I already am having to visit customers that want to know how they can run OpenStack without keystone. so lets be very careful what we choose to mandate as have to be done. | 19:25 |
*** monst_ has quit IRC | 19:26 | |
ayoung | topol, with autoprovisiong and HTTPD, you can use the LDAP mechanism you just pointed to in the HTTPD config to handle that use case. Why do we need to write anything for it here? | 19:27 |
ayoung | Oh, because each LDAP server is going to be different | 19:27 |
ayoung | so you need the AttributeMapping stuff from dchadwick | 19:27 |
topol | and still noone has told me why the multiple backend ldaps for authentication then provisioning the users and mapping them to a separate domain in the SQL identity driver wouldnt just work for many uses cases | 19:27 |
ayoung | topol, I just told you it would | 19:28 |
topol | yes each ldap server is different and yes I need attribute mapping. But then Im done and customer happy | 19:28 |
ayoung | so you don't have a dog in this fight | 19:28 |
topol | why no dog? | 19:28 |
ayoung | termie, when you said "thousands of keystones" I assume you were being serious? | 19:29 |
ayoung | topol, because you have a path to your solution. | 19:29 |
ayoung | topol, no LDAP backend needed for you | 19:29 |
topol | as long as my desired use case is handled by a single keystone then I am happy and will be quiet. | 19:29 |
ayoung | topol, happy I belive. quiet, not so much | 19:30 |
*** eharney has joined #openstack-dev | 19:30 | |
*** eharney has quit IRC | 19:30 | |
*** eharney has joined #openstack-dev | 19:30 | |
topol | But I will be leveragin multiple ldap backends. what do you mean by no LDAP backend needed? | 19:30 |
ayoung | termie, if we have thousands of keystones, then they allow cross authentication via oauth, right? | 19:31 |
termie | ayoung: no | 19:31 |
termie | ayoung: oauth isn't the answer to everything | 19:31 |
termie | hammernail | 19:31 |
ayoung | topol, I mean no Keystone LDAP backend needed. You will use the SQL backend. | 19:31 |
*** monst_ has joined #openstack-dev | 19:32 | |
kbringard | is anyone familiar with the namespace permission issues in grizzly quantum and ubuntu? | 19:32 |
kbringard | specifically where the L3 agent can't perform ip netns exec actions? | 19:33 |
*** jruzicka has quit IRC | 19:33 | |
topol | ayoung, I thought you told me yesterday Joe Savak could use SQL Identity Driver as well. So who are you designing this for??? | 19:33 |
termie | kbringard: sorry, this is keystone only channel | 19:34 |
termie | kbringard: ;) | 19:34 |
kbringard | termie: I thought we were ditching keystone :-p | 19:34 |
termie | kbringard: oh right, SHHHH | 19:34 |
termie | kbringard: don't tell ayoung | 19:34 |
ayoung | topol, he hasn't confirmed that. I stated it meaning I thought that he could, but he was involved in the LDAP discussions, so I took that to mean he wanted an LDAP solution, and wish he would chime in | 19:34 |
*** AnilV4 has quit IRC | 19:34 | |
kbringard | :-x | 19:34 |
ayoung | kbringard, ask rkukura or one of the quantum devs | 19:35 |
kbringard | ayoung: will do, thanks :-) | 19:35 |
topol | thought he could???? you could be setting us up for an ambush Sarge | 19:35 |
kbringard | rkukura: ping | 19:35 |
ayoung | kbringard, I'd suggest gkotten but I think he is asleep | 19:35 |
*** radez is now known as radez_g0n3 | 19:35 | |
*** alop has joined #openstack-dev | 19:36 | |
openstackgerrit | A change was merged to openstack/nova: Fix fixed_ip_count_by_project in DB API https://review.openstack.org/27225 | 19:38 |
*** litong01 has joined #openstack-dev | 19:39 | |
*** prekarat has joined #openstack-dev | 19:39 | |
prekarat | henrynash: ping, have a quick question on Keystone | 19:41 |
prekarat | henrynash: regarding this bp https://blueprints.launchpad.net/keystone/+spec/create-user-validation | 19:41 |
*** litong01 has quit IRC | 19:42 | |
*** litong has joined #openstack-dev | 19:42 | |
prekarat | ayoung: ^^^ | 19:42 |
ayoung | prekarat, looking | 19:43 |
ayoung | prekarat, did you write that? | 19:44 |
ayoung | 2012-05-23 old | 19:44 |
prekarat | ayoung: no i didn't create the bp, but since it wasnt' touched for a long time, i hit a but in tempest today regarding this and i implemented a patch today. https://review.openstack.org/#/c/27593/ | 19:44 |
prekarat | ayoung: which implements this bp. but i have a question regarding the passwd criteria | 19:45 |
ayoung | prekarat, please please please don't implement your own email parser | 19:45 |
ayoung | just check for existance | 19:45 |
prekarat | ayoung: ok, thats prcisely what i wanted to discuss. | 19:45 |
prekarat | ayoung: there isn't one that I coudl find after a long search. the one that exists lpel is retired. | 19:46 |
prekarat | ayoung: the existing email.utils.parseaddr is not very robust. | 19:46 |
v7 | Anyone getting the following Horizon error after installing devstack? FilterError at / /bin/sh: /opt/stack/horizon/bin/less/lessc: Permission denied | 19:47 |
ayoung | prekarat, so, check that the values are not null and leave it at that. In the case of an LDAP backend (assumig it is readable) you are probably goign to be bucking up against someone elses rules for a valid address, username, etc | 19:47 |
openstackgerrit | A change was merged to openstack/horizon: Add help text for some fields of Load Balancer forms https://review.openstack.org/27417 | 19:47 |
*** ayoung is now known as ayoung-afk | 19:48 | |
prekarat | ayoung: checking for null is an issue, becuase --email is an optional value and if not passed will be null. | 19:48 |
prekarat | ayoung-afk: ^^ | 19:48 |
v7 | I set permissions for lessc to 777. But I still get FilterError at / /bin/sh: /opt/stack/horizon/bin/less/lessc: Permission denied | 19:49 |
v7 | in Horizon | 19:49 |
*** otherwiseguy has joined #openstack-dev | 19:52 | |
*** alunduil has joined #openstack-dev | 19:52 | |
*** gordc has joined #openstack-dev | 19:53 | |
v7 | Full error here: http://paste.openstack.org/show/36641/ | 19:54 |
*** cloudchimp has joined #openstack-dev | 19:55 | |
kbringard | termie, ayoung-afk: I think I sorted it out: https://bugs.launchpad.net/quantum/+bug/1034161 | 19:58 |
uvirtbot | Launchpad bug 1034161 in quantum "some platforms do not support namespaces" [Medium,Confirmed] | 19:58 |
kbringard | I'm on a platform which supports it, but it doesn't looks like #define __NR_setns 268 is set in my ipnetns.c | 19:58 |
*** kagan has quit IRC | 19:59 | |
*** dprince has quit IRC | 20:00 | |
*** pcm__ has joined #openstack-dev | 20:00 | |
topol | so ayoung, regarding your federated keystone identity, I going to try and find some use cases and stakeholders. Its a good topic. I just want it on more solid footing | 20:01 |
*** lloydde has joined #openstack-dev | 20:03 | |
*** joesavak has joined #openstack-dev | 20:04 | |
*** v7_ has joined #openstack-dev | 20:05 | |
*** v7 has quit IRC | 20:06 | |
*** minoz has joined #openstack-dev | 20:06 | |
*** lglenden has quit IRC | 20:07 | |
*** cp16net|away is now known as cp16net | 20:07 | |
*** vipul is now known as vipul|away | 20:08 | |
*** lglenden has joined #openstack-dev | 20:08 | |
*** jvrbanac has quit IRC | 20:08 | |
*** jvrbanac has joined #openstack-dev | 20:09 | |
*** vipul|away is now known as vipul | 20:09 | |
v7_ | Can someone help me to debug an issue with Horizon? | 20:12 |
v7_ | Error is here: http://paste.openstack.org/show/36641/ | 20:12 |
*** boris-42 has quit IRC | 20:13 | |
*** cp16net is now known as cp16net|away | 20:14 | |
*** erfanian has joined #openstack-dev | 20:16 | |
*** otherwiseguy has quit IRC | 20:16 | |
*** galstrom_zzz is now known as galstrom | 20:16 | |
*** jvrbanac has quit IRC | 20:16 | |
david-lyle | v7: are you using RHEL selinux? if so you'll need to do off-line compression | 20:17 |
*** kagan has joined #openstack-dev | 20:18 | |
*** jvrbanac has joined #openstack-dev | 20:20 | |
*** topol has quit IRC | 20:22 | |
*** alop has quit IRC | 20:26 | |
*** minoz has left #openstack-dev | 20:27 | |
*** vartom1110 has quit IRC | 20:27 | |
*** ayoung-afk is now known as ayoung | 20:27 | |
*** pabelanger has quit IRC | 20:28 | |
*** pabelanger has joined #openstack-dev | 20:29 | |
dolphm_ | bknudson: ayoung: curious about ya'll thoughts on https://review.openstack.org/#/c/27595/ | 20:29 |
bknudson | dolphm_: standard answer is needs test case | 20:30 |
*** CaptTofu has joined #openstack-dev | 20:30 | |
dolphm_ | bknudson: i don't know what i'd be writing a test for, so i would just be deleting the feature | 20:31 |
*** terryh has quit IRC | 20:31 | |
*** terryh has joined #openstack-dev | 20:31 | |
bknudson | dolphm_: there's a testcase that sets it to 512 | 20:31 |
*** henrynash has quit IRC | 20:32 | |
*** melwitt has joined #openstack-dev | 20:32 | |
bknudson | dolphm_: for some reason I think this is related to some kind of active directory support | 20:33 |
bknudson | just remembering some code I looked at one day. | 20:33 |
*** stevemar has quit IRC | 20:34 | |
ayoung | dolphm_, ugh... bknudson that isnot the full story | 20:35 |
*** zb has quit IRC | 20:35 | |
ayoung | 'user_enabled_default' is, I think, part of dealing with the whole mess for AD | 20:35 |
*** litong has quit IRC | 20:36 | |
ayoung | I'd have to check the logs to see if this is part of the fix, but in AD, "enabled" is a bit field | 20:36 |
*** romcheg has joined #openstack-dev | 20:36 | |
ayoung | and this was part of setting that whole field, so it can't be a boolean, but 'True' works for the OpenLDAP case, and most sane Directory Servers | 20:36 |
bknudson | So I would guess you don't want it to limit it to boolean. | 20:37 |
*** romcheg has left #openstack-dev | 20:37 | |
bknudson | much as that would make a lot more sense | 20:37 |
ayoung | bknudson, I'd have to look at the code to confirm...doing that now | 20:38 |
*** bkero has joined #openstack-dev | 20:38 | |
dolphm_ | ayoung: if it supports "True", does it support 'False'? or what's the opposite of "True"? | 20:38 |
dolphm_ | bknudson: but if you're performing bitwise operations on it, then it can't be a string | 20:38 |
dolphm_ | bknudson: '512' & var # is not the same thing as # 512 & var | 20:39 |
dolphm_ | maybe make it an int that defaults to 1 then? | 20:40 |
ayoung | bknudson, the thing is, atest would probably be useless against the FakeLDAP. THis would really need to be run against the live LDAP | 20:40 |
dolphm_ | (AD) | 20:40 |
*** kagan has quit IRC | 20:40 | |
ayoung | dolphm_, I think that the fact it is "True" here is defined by LDAP and not Pytho, they just happen to agree on the string representation. However, looking at the Code, it might be OK to switch to a boolean, but I wouldn't bank on it | 20:41 |
dolphm_ | ayoung: boolean won't work if it needs to support an int | 20:42 |
ayoung | dolphm_, unless you want to confirm it against an AD backend, I would leave it alone. I think it was Jose Castro that wrote this code and he can tell you his rationale | 20:42 |
ayoung | It might be perfectly fine to do it as a Boolean, I don't know. | 20:43 |
dolphm_ | boo, i don't think he's on | 20:43 |
dolphm_ | ayoung: you're right though, he did write it as i recall | 20:43 |
*** eafonichev has quit IRC | 20:43 | |
*** mrodden has quit IRC | 20:44 | |
ayoung | dolphm_, bug1067516 commit 001f708e7d9ffc69c80f823e7ab5f79325cc8a40 | 20:44 |
ayoung | Change-Id: I1ee9a1e2505cdd8c9ee8acba5c0e89a4f25c7262 | 20:44 |
ayoung | dolphm_, OK, so in general, True is probably fine, as if we are talking to an RFC schema user object it will map correctly, but it is possible that for a user some some other schema, enabled might be 'enabled' versus some other enumerated value | 20:46 |
dolphm_ | ayoung: thanks | 20:46 |
ayoung | 'disabled' 'inactive' etc | 20:47 |
*** vipul is now known as vipul|away | 20:47 | |
dolphm_ | ugh, so basically this option is being overloaded as both an int and a string... so we need a whole new config option | 20:47 |
termie | hahah | 20:47 |
termie | config polymorphism | 20:48 |
needscoffee | termie: i'm scared by that statement. | 20:48 |
openstackgerrit | A change was merged to openstack/glance: scrubber: dont print URI of image to be deleted https://review.openstack.org/27341 | 20:48 |
*** vipul|away is now known as vipul | 20:48 | |
*** kmartin has joined #openstack-dev | 20:48 | |
termie | needscoffee: use the fear, channel it | 20:48 |
needscoffee | termie: LOL ;) | 20:48 |
dolphm_ | or cast the string to an int so we can do bitwise operations on it, which will fail with the default value | 20:49 |
termie | dolphm_: just remove all teh code | 20:49 |
bknudson | I'm worried about this ldap backend... might not last very long. | 20:49 |
dolphm_ | termie: tempting | 20:49 |
dolphm_ | bknudson: +1 | 20:50 |
ayoung | dolphm_, I don't think this value is used for the bitwise stuff, if I understand it. Enabled is not supported in the default schema, so this is just a very flexible way to support enabled for people that have it in a non-custom way. | 20:50 |
dolphm_ | maybe we should follow the way of the bare metal driver, etc, and make it it's own project | 20:50 |
*** jcoufal has quit IRC | 20:50 | |
termie | well there is already an ldap project spinning up, right ayoung? | 20:50 |
ayoung | termie, hell no | 20:50 |
termie | ayoung: you said you were making a mapper thing | 20:51 |
termie | ayoung: and then using that for ldap | 20:51 |
ayoung | termie, nope | 20:51 |
termie | ayoung: do you have a memory issue? | 20:51 |
ayoung | that is the thing that dchadwick is coding | 20:51 |
termie | ayoung: so it _does_ exist | 20:51 |
termie | funny that | 20:51 |
bknudson | active directory bitmask stuff: http://support.microsoft.com/kb/305144 | 20:51 |
ayoung | I just thought it would be useful for ldap | 20:51 |
ayoung | it is not an LDAP specific tool | 20:51 |
termie | newLDAP can be based on it | 20:51 |
termie | LDAPlite | 20:52 |
bknudson | LDAPv3 | 20:52 |
*** portante|ltp has joined #openstack-dev | 20:52 | |
ayoung | termie, say you get attributes in one format, the attribute mapper would say "oh, that means he gets the 'ugly' role in the 'pagent' project. | 20:52 |
termie | ayoung: yup, now just put ou= in front of one of those statements | 20:52 |
termie | ayoung: thanks for taking on LDAP-lite | 20:52 |
ayoung | termie, LDAP is just the current topic of conversation, but it would work for any of the variosu formate that people throw around | 20:53 |
bknudson | what other formats? | 20:53 |
termie | dolphm_: alright guys, looks like ayoung has ldap-lite on his plate now | 20:53 |
*** prekarat has quit IRC | 20:53 | |
termie | so we just sprinkle deprecation warnings everywhere and punt on fixing this config polymorphism | 20:53 |
ayoung | dolphm_, what problem were you trying to solve? | 20:54 |
termie | dolphm_: also, i've noticed i can't yet -2 things | 20:54 |
termie | dolphm_: who do i have to prod to resolve that | 20:54 |
dolphm_ | termie: umm, start with heckj | 20:55 |
termie | weird, he is not at work today | 20:55 |
ayoung | termie, he works down the street from you, go knock his desk over | 20:55 |
termie | ayoung: actually he works about a 1000 miles from me | 20:56 |
ayoung | termie, I thought you were both in SF? Oh, he's in Seattle, isn;t he? | 20:56 |
termie | ayoung: oue | 20:57 |
ayoung | OK, knocking over his desk might be difficult | 20:57 |
termie | ayoung: i'll get an intern to do it | 20:57 |
dolphm_ | ayoung: termie: sounds like a challenge | 20:57 |
dolphm_ | and a new tradition | 20:57 |
termie | dolphm_: deprecating things instead of fixing them? | 20:58 |
termie | dolphm_: i like it | 20:58 |
ayoung | dolphm_, so why are you looking to change the config type either to int or boolean? | 20:58 |
ayoung | IS there a bug? | 20:58 |
ayoung | Or is it just cleanup? | 20:58 |
*** rnirmal has quit IRC | 20:58 | |
dhellmann | mordred: ping? | 20:59 |
ayoung | https://github.com/openstack/keystone/blob/master/keystone/identity/backends/ldap/core.py#L412 right? | 20:59 |
*** markmcclain has quit IRC | 21:00 | |
termie | is there, like, a way we can tell people submitting patches for keystone to check their goddamn newlines and docstrings? | 21:00 |
termie | where is justinsb | 21:00 |
termie | i need termiebot back | 21:00 |
bknudson | ayoung: it looks like that's only called if enabled_mask was not 0. It's 0 by default in the config | 21:01 |
dolphm_ | ayoung: i just open code reviews as a means of conversation | 21:02 |
ayoung | bknudson, OK, so enabled_mask is the indication that we are talking AD | 21:02 |
ayoung | anything in that mask means "yes, we are using a mask" | 21:02 |
ayoung | but the bitmask is applied to | 21:03 |
ayoung | values['enabled_nomask'] | 21:03 |
ayoung | not to value | 21:03 |
*** alop has joined #openstack-dev | 21:03 | |
*** nati_ueno has joined #openstack-dev | 21:03 | |
ayoung | which looks like it will evaluate to a boolean expression | 21:03 |
dolphm_ | termie: write a gating job | 21:04 |
*** lmatter has joined #openstack-dev | 21:04 | |
*** sandywalsh has quit IRC | 21:04 | |
ayoung | dolphm_, my guess is that Boolean is correct, not int. And there will be one case in 1one million where they will need a value that is no True or False. | 21:04 |
termie | dolphm_: how difficult is it to add that to specific projects? | 21:04 |
bknudson | termie: nova has all sorts of extra pep8 checks. | 21:04 |
ayoung | But, unlike the SQL backend, we can't control the schema, so we have the lowest common denominator here, which is a string | 21:05 |
bknudson | https://github.com/openstack/nova/blob/master/tools/hacking.py | 21:06 |
*** SergeyLukjanov has quit IRC | 21:06 | |
*** pcm__ has quit IRC | 21:09 | |
*** galstrom is now known as galstrom_zzz | 21:09 | |
*** joesavak has quit IRC | 21:10 | |
termie | anybody know who Morgan Fainberg is? is he/she in this channel? | 21:11 |
needscoffee | termie: thats me | 21:11 |
*** needscoffee is now known as morganfainberg | 21:11 | |
*** bdpayne has quit IRC | 21:12 | |
morganfainberg | needscoffee was a nick for the openstack-nova "casual friday nick" entertainment. | 21:12 |
termie | morganfainberg: cool, i'm going to walk to another spot to work, but i have questions about your memcache thingee | 21:12 |
termie | morganfainberg: bonus points though for best commit message | 21:12 |
morganfainberg | sure. happy to discuss it with you. | 21:12 |
morganfainberg | haha, thanks. i figured it was ready for some discussion (hence the tossing it up to gerrit). | 21:13 |
termie | coolio, will be probably 15 minutes, the hill i am walking up is big :p | 21:13 |
dolphm_ | termie: morganfainberg: link? | 21:13 |
termie | dolphm_: https://review.openstack.org/#/c/27597/ | 21:13 |
morganfainberg | hehe sounds good, switching back to needscoffee nick:P | 21:13 |
*** morganfainberg is now known as needscoffee | 21:13 | |
*** jeblair is now known as corvus | 21:14 | |
termie | dolphm_: also, heckj says he added me to the thingee or tried to on shitty airport wifi | 21:14 |
termie | dolphm_: ~keystone-core or whatnot | 21:14 |
termie | dolphm_: said you also had access to it | 21:14 |
dolphm_ | hmm, i did keystone-drivers | 21:14 |
thingee | termie: hrm?! | 21:14 |
termie | i'm not sure what has to happen for launchpad to accept me as its master | 21:14 |
termie | thingee: did i mention you? | 21:14 |
thingee | termie: no. no I guess not. | 21:15 |
*** harlowja_ has joined #openstack-dev | 21:15 | |
*** sandywalsh has joined #openstack-dev | 21:15 | |
*** eglynn has quit IRC | 21:15 | |
v7_ | @david-lyle: Sorry, I was away and Thanks !!! Enabling offline compressed did the job. Appreciate your help | 21:16 |
*** raycloud__ has joined #openstack-dev | 21:16 | |
*** esp has joined #openstack-dev | 21:16 | |
*** woodspa has quit IRC | 21:16 | |
*** monst__ has joined #openstack-dev | 21:16 | |
*** woodspa has joined #openstack-dev | 21:16 | |
*** salv-orlando_ has joined #openstack-dev | 21:17 | |
*** salv-orlando has quit IRC | 21:17 | |
*** cyeoh has quit IRC | 21:17 | |
needscoffee | be back in 5-10 mins, i need more coffee :P | 21:17 |
needscoffee | figure termie should be ready to talk around then. | 21:17 |
*** salv-orlando_ is now known as salv-orlando | 21:17 | |
termie | thingee: because i was thinking about you <3 | 21:17 |
termie | bbiab | 21:17 |
*** bswartz has quit IRC | 21:17 | |
*** PaulM has left #openstack-dev | 21:17 | |
*** bswartz has joined #openstack-dev | 21:17 | |
*** cyeoh has joined #openstack-dev | 21:18 | |
*** galstrom_zzz is now known as galstrom | 21:18 | |
*** harlowja has quit IRC | 21:18 | |
*** harlowja_ is now known as harlowja | 21:18 | |
*** monst_ has quit IRC | 21:18 | |
*** raycloud_ has quit IRC | 21:19 | |
*** monst__ has quit IRC | 21:19 | |
*** kagan has joined #openstack-dev | 21:20 | |
*** cp16net|away is now known as cp16net | 21:21 | |
*** bswartz has quit IRC | 21:21 | |
*** JonnyNomad has quit IRC | 21:22 | |
*** JonnyNomad_ has joined #openstack-dev | 21:22 | |
thingee | termie: 'steada treated | 21:22 |
*** bswartz has joined #openstack-dev | 21:23 | |
*** lorin1 has quit IRC | 21:23 | |
*** sandywalsh has quit IRC | 21:24 | |
*** galstrom is now known as galstrom_zzz | 21:26 | |
*** bdpayne has joined #openstack-dev | 21:27 | |
*** jduhamel has joined #openstack-dev | 21:27 | |
*** rmohan has quit IRC | 21:31 | |
*** alop_ has joined #openstack-dev | 21:31 | |
*** rmohan has joined #openstack-dev | 21:31 | |
*** gordc has quit IRC | 21:32 | |
*** alop has quit IRC | 21:33 | |
*** alop_ is now known as alop | 21:33 | |
*** seagulls has quit IRC | 21:34 | |
*** jasondotstar has quit IRC | 21:34 | |
*** dolphm_ has quit IRC | 21:35 | |
*** redbeard2 has quit IRC | 21:36 | |
*** cp16net is now known as cp16net|away | 21:36 | |
*** sandywalsh has joined #openstack-dev | 21:37 | |
*** stevemar has joined #openstack-dev | 21:37 | |
*** dhellmann is now known as dhellmann-away | 21:38 | |
*** woodspa has quit IRC | 21:39 | |
termie | I RETURN | 21:40 |
simo | welcome back! | 21:40 |
*** Aarti has quit IRC | 21:40 | |
termie | needscoffee: so, the main goal of this patch is to fix a bug related to trying to revoke too many tokens for a user? | 21:42 |
needscoffee | termie: the main goal of the patch is to address a problem that occurs (can occur with either user-record of tokens, which is more likely, or the revocation-list) | 21:43 |
termie | needscoffee: and this is due to us keeping our own index of user tokens? | 21:43 |
needscoffee | basically the memcache token driver doesn't know how to expire anything form those lists. if you keep a list active and continually issue/revoke tokens, you will eventually fill a memcache page | 21:43 |
needscoffee | and yes, it is stemming from that | 21:44 |
termie | needscoffee: looks like this goes back to that ill-advised "list_tokens" call | 21:44 |
needscoffee | a token list is needed if we can't programatically determine tokens if we want to expire them all on passwd change (etc) | 21:44 |
termie | needscoffee: there are other methods to accomplish that goal, for example, | 21:45 |
termie | needscoffee: a common way is to keep a user "version" | 21:45 |
*** kreddy1 has joined #openstack-dev | 21:45 | |
termie | and associate that version with tokens, so that if the user version is higher than the token the token is invalid | 21:45 |
*** CaptTofu has quit IRC | 21:45 | |
termie | needscoffee: anyway, that that didn't come to mind is due to an sql-centric world view | 21:46 |
termie | needscoffee: that sort of bubbled up while i wasn't looking | 21:46 |
*** kreddy has quit IRC | 21:46 | |
*** dolphm has joined #openstack-dev | 21:46 | |
*** esheffield has quit IRC | 21:46 | |
needscoffee | termie: but with PKI tokens, do we refer to keystone enough to enforce that? [i'll be honest, i was looking at the problem in context of what we have now] | 21:46 |
termie | needscoffee: well i don't know how well we can change the current way, if the actual api hasn't gained anything and these are just backend functions we have a chance | 21:47 |
needscoffee | termie: i'd much rather have a mechanism that just handles this as a side effect of the user changing. | 21:47 |
needscoffee | e.g. what you described as a versioned user. | 21:47 |
termie | aye, i'd like that as well | 21:47 |
termie | do you want to possibly look into that? | 21:47 |
termie | see whether the api calls somehow gained a list_tokens call as well | 21:48 |
termie | because if they did we're somewhat screwed | 21:48 |
termie | and are going to have to maintain an index anyway which is dumbbbb | 21:48 |
needscoffee | termie: sure. I am pretty sure the only place that calls token_list is the part of keystone that invaildates the tokens when you make a user change. | 21:48 |
termie | needscoffee: that'd be lovely and would let us implement it in an easier way on the kvs side of the world | 21:49 |
dolphm | needscoffee: +1 | 21:49 |
termie | needscoffee: now, memcache is still weird to me | 21:49 |
termie | needscoffee: because if we are legitimately expecting things in there to last a long time i think we have a problem | 21:49 |
needscoffee | in either case, due to compat we might need something like what i've proposed for grizzly, you will eventually (with any real consistent use) overflow a memcache page | 21:49 |
termie | needscoffee: is this a backport for grizzly? | 21:49 |
termie | i don't honestly think most people running anything real want to use _just_ memcache for this stuff | 21:50 |
*** rmohan has quit IRC | 21:50 | |
needscoffee | needscoffee: this is fully compatible with grizzly provided i didn't mess anything up. | 21:50 |
*** rmohan has joined #openstack-dev | 21:50 | |
needscoffee | erm. | 21:50 |
termie | :) | 21:50 |
needscoffee | s/needscoffee/termie | 21:50 |
needscoffee | we ran into this in production with a client doing memcache tokens | 21:50 |
*** CaptTofu has joined #openstack-dev | 21:50 | |
needscoffee | because SQL was just bogging down the DB too much | 21:50 |
termie | yeah, it doesn't look like it makes any db changes, eh | 21:50 |
*** jayg is now known as jayg|g0n3 | 21:50 | |
*** kagan has quit IRC | 21:50 | |
termie | i am not against it as a stopgap for grizzly if that needs a bugfix or whatnot | 21:51 |
termie | but i think we can do much better | 21:51 |
needscoffee | termie: aye, especially being this early in the cycle. | 21:51 |
termie | if we flip to a nosql way of thinking | 21:51 |
needscoffee | whcih for tokens, is completly valid | 21:51 |
* termie waits for some buzzer to go off and summon justinsb | 21:51 | |
openstackgerrit | A change was merged to openstack/swift: copy X-Delete-At unless X-Fresh-Metadata: true is supplied on an object copy https://review.openstack.org/24022 | 21:52 |
needscoffee | i'll dig into keystone here and see if we can do this with versioned user data instead. | 21:52 |
termie | anyway, i'd much rather see the patch for versioned users and a check against that before saying a token is valid | 21:52 |
needscoffee | and i'll be honest, a CRL has other issues | 21:52 |
termie | especially in volatile memory ;) | 21:53 |
needscoffee | yeah | 21:53 |
needscoffee | exactly | 21:53 |
termie | so, an old idea we had | 21:53 |
termie | was that the driver impls would be degradable | 21:53 |
*** kbringard has quit IRC | 21:53 | |
termie | so you could implement level 1, 2, or 3 of the api, for example | 21:53 |
termie | maybe one is read-only for tokens and just expects to pass on to another backend, maybe another one supports CRL or something, maybe you can mixin impls of different kinds to provide for example, memcache that backs on to sql afterwards | 21:54 |
needscoffee | oh. interesting | 21:54 |
termie | the idea being that memcache isn't really approrpriate for lots of stuff, but is not bad for some stuff | 21:55 |
termie | if you need CRLs you want to use the drivers that support CRLs | 21:55 |
termie | that sort of idea | 21:55 |
termie | i think PKI probably could have been done in a more encapsulated way | 21:55 |
needscoffee | that makes a lot of sense. | 21:55 |
termie | so that it feels more separate | 21:55 |
termie | which would make it easier to say "i don't need this, don't make me support it with my backend" | 21:56 |
needscoffee | yeah, that is a good approach | 21:56 |
termie | for example, i have a cassandra backend floating around, it would be great to be able to propose a level 1 implementation | 21:56 |
*** alop has quit IRC | 21:56 | |
termie | and then add to it later as required | 21:56 |
termie | because all my stakeholders need is a subset of functionality | 21:57 |
termie | anyway, something to think about for all you people out there | 21:57 |
needscoffee | yeah. and just be smart about handling not-impl aspects of level2/3 | 21:57 |
needscoffee | for a given driver. | 21:57 |
termie | composability++ | 21:57 |
*** cp16net|away is now known as cp16net | 21:58 | |
needscoffee | i'll do some digging into what we _actually_ have to support here and stew on this convo some | 21:58 |
needscoffee | sounds like there will need to be a couple blueprints added | 21:58 |
needscoffee | (regardless of full implementation of the solution) | 21:58 |
termie | blueprints are mostly busy work | 21:58 |
termie | ftr | 21:58 |
openstackgerrit | A change was merged to openstack-dev/devstack: Move ec2authtoken config from paste.ini to conf https://review.openstack.org/27517 | 21:58 |
openstackgerrit | A change was merged to openstack-dev/devstack: Install api-paste.ini and policy.json https://review.openstack.org/27518 | 21:58 |
needscoffee | i wasn't sure how keystone views them overall. | 21:59 |
termie | but a design doc for stuff can help you from explaining things repeatedl | 21:59 |
needscoffee | i know nova is a bit tighter about it. | 21:59 |
termie | i am okay with requiring blueprints, but people tend to think writing a blueprint means their idea is accepted | 21:59 |
needscoffee | but i mean from a design doc standpoint more than functially what a blueprint in LP is | 21:59 |
*** stevemar has quit IRC | 21:59 | |
termie | and i'd rather think of a world in terms of design docs | 21:59 |
*** ewindisch has quit IRC | 22:00 | |
needscoffee | well i'll come up with a design doc of some implementation of this stuff and toss that in a BP. | 22:00 |
needscoffee | so it's easy to reference | 22:00 |
termie | anyway, if you want to do the research i'd be happy to collaborate on it | 22:00 |
dolphm | termie: launchpad actually provides a distinction between "the general direction of this bp is approved" vs "the details of this blueprint are approved" | 22:00 |
*** eharney has quit IRC | 22:00 | |
needscoffee | yeah, i'll get some research done here and we'll see what is expected. | 22:00 |
*** CaptTofu has quit IRC | 22:00 | |
termie | dolphm: its a bureaucrats too | 22:01 |
termie | tool | 22:01 |
needscoffee | at the very least i'll get this fix proposed for grizzly to fix the immidiate bug, and aim to work with you on the better design for Havana | 22:01 |
*** bknudson has quit IRC | 22:01 | |
dolphm | i'd rather spend time in gerrit personally | 22:02 |
needscoffee | dolphm: it's how we work internally here at metacloud. | 22:02 |
termie | dolphm: ditto | 22:02 |
needscoffee | we have bugs/tickets just for tracking (e.g. this is on a roadmap) and the real work is in our gerrit. | 22:02 |
termie | dolphm: heckj says i'm in the core and the drivers now | 22:02 |
dolphm | termie: i got an email that you are | 22:03 |
termie | dolphm: but i still don't have any magic powers | 22:03 |
termie | dolphm: i logged out and back in | 22:03 |
needscoffee | termie: you always had magic powers. | 22:03 |
*** armax has quit IRC | 22:03 | |
termie | needscoffee: it comes from talking loudly | 22:03 |
rustlebee | Core has to be updated in gerrit itself now, not just launchpad | 22:03 |
needscoffee | termie: hehe. | 22:04 |
rustlebee | FYI in case that is the issue | 22:04 |
termie | rustlebee: aha | 22:04 |
termie | rustlebee: are you russel b ? | 22:04 |
rustlebee | I am | 22:04 |
rustlebee | This is my Friday nick | 22:04 |
rustlebee | Casual nick Friday. | 22:04 |
needscoffee | Steely_Dan convinced me to join them on the Friday nick thing ;) | 22:05 |
termie | ah, i'm in too many channels for that to work :/ | 22:05 |
needscoffee | termie: i think i almost confused some of the saltstack people. | 22:06 |
needscoffee | when i changed nicks. | 22:06 |
rustlebee | Part of the fun | 22:06 |
*** katylava has quit IRC | 22:07 | |
*** jvrbanac has quit IRC | 22:08 | |
*** termie is now known as termeye | 22:08 | |
termeye | fuck it | 22:08 |
*** tzumainn has quit IRC | 22:09 | |
*** alop has joined #openstack-dev | 22:09 | |
needscoffee | LOL nice. | 22:12 |
*** portante|ltp has quit IRC | 22:12 | |
*** jecarey has quit IRC | 22:12 | |
*** alop_ has joined #openstack-dev | 22:13 | |
*** alop has quit IRC | 22:14 | |
*** alop_ is now known as alop | 22:14 | |
*** sandywalsh has quit IRC | 22:15 | |
*** nati_ueno has quit IRC | 22:15 | |
*** galstrom_zzz is now known as galstrom | 22:15 | |
termeye | oooo i just found out where i _am_ core | 22:16 |
termeye | gonna go -2 some devstack stuff | 22:16 |
*** kreddy1 has quit IRC | 22:16 | |
termeye | dolphm: i wonder how you update the groups in gerrit... | 22:17 |
*** datsun180b has quit IRC | 22:18 | |
dolphm | termeye: ooh, i can do that! | 22:18 |
termeye | booms | 22:18 |
termeye | -2 COMING UP | 22:18 |
needscoffee | termeye: suddenly i'm glad i stay out of devstack development :P | 22:19 |
termeye | take that moving tests around patch | 22:19 |
*** andrew_plunk has quit IRC | 22:19 | |
dolphm | lol | 22:21 |
needscoffee | *snicker* | 22:21 |
*** epim has quit IRC | 22:21 | |
*** cloudchimp has quit IRC | 22:21 | |
termeye | dolphm: nice work having jenkins hate all your patches | 22:22 |
needscoffee | is it really work to make jenkins hate your patches? I mean… jenkins is just ornery to begin with. | 22:23 |
termeye | wow, am i finally done looking at code reviews for the day? time to look at my ownn code | 22:23 |
needscoffee | lol | 22:23 |
*** galstrom is now known as galstrom_zzz | 22:23 | |
termeye | dolphm: where's your casual friday nick? | 22:23 |
*** dolphm is now known as dolphin | 22:24 | |
*** jasdeepH has joined #openstack-dev | 22:24 | |
termeye | YES | 22:24 |
termeye | dolphin: <3 | 22:24 |
*** rmohan has quit IRC | 22:24 | |
*** erfanian has quit IRC | 22:25 | |
dolphin | i can't tell the difference between people saying "Dolph M." and "dolphin" anyway | 22:25 |
*** rmohan has joined #openstack-dev | 22:25 | |
openstackgerrit | A change was merged to openstack/nova: Refactor _run_instance() to unify control flow https://review.openstack.org/27373 | 22:25 |
*** jclift has quit IRC | 22:27 | |
*** PaulM has joined #openstack-dev | 22:28 | |
*** PaulM has left #openstack-dev | 22:28 | |
openstackgerrit | A change was merged to openstack/nova: Send a instance create error notification https://review.openstack.org/27561 | 22:31 |
*** garyTh has quit IRC | 22:32 | |
*** giulivo has quit IRC | 22:32 | |
*** ek6 has joined #openstack-dev | 22:32 | |
termeye | so, i get an error on test_create_trust_400 but then the whole test runner seems to think nothing failed | 22:33 |
*** sandywalsh has joined #openstack-dev | 22:34 | |
termeye | looking forward to none of that code existing | 22:34 |
*** markmcclain has joined #openstack-dev | 22:34 | |
*** mgiles has joined #openstack-dev | 22:34 | |
*** hemna is now known as hemnafk | 22:34 | |
*** ek6_ has quit IRC | 22:36 | |
dolphin | termeye: a bunch of the nose.exc.SkipTests are shown as errors with the --openstack-whatever option for nose | 22:36 |
dolphin | some are SKIP some are ERROR | 22:36 |
termeye | dolphin: hmm, i only see one | 22:36 |
termeye | dolphin: the rest are all skip | 22:36 |
termeye | dolphin: and everything else in that file passes | 22:37 |
dolphin | termeye: all the skips in test_keystoneclient[_sql] are shown as ERROR's for me | 22:37 |
termeye | not a huge issue at current since it doesn't affect my code but disturbing | 22:37 |
dolphin | everything in test_backend shows as SKIP | 22:37 |
dolphin | same here | 22:38 |
*** andrewbogott is now known as andrewbogott_afk | 22:38 | |
*** sacharya has quit IRC | 22:38 | |
*** kagan has joined #openstack-dev | 22:39 | |
termeye | weeeeirddd | 22:41 |
termeye | oh, got a failure | 22:41 |
termeye | (i asn't running integration tests)s | 22:41 |
termeye | this feels new to me | 22:41 |
*** lglenden has quit IRC | 22:41 | |
termeye | did this start happening recently? | 22:41 |
termeye | i feel like i would have noticed big red ERRORs before | 22:41 |
termeye | wee, a variety of weird stuff fails that way | 22:43 |
*** andrewbogott_afk is now known as andrewbogott | 22:43 | |
termeye | well, that's always a fun time | 22:43 |
*** rcleere has quit IRC | 22:44 | |
*** giulivo has joined #openstack-dev | 22:44 | |
*** dims has quit IRC | 22:47 | |
*** lmatter has quit IRC | 22:48 | |
*** zaneb has joined #openstack-dev | 22:49 | |
mordred | any oslo.config folks around? | 22:49 |
*** vipul is now known as vipul|away | 22:49 | |
*** rerngvit_ has joined #openstack-dev | 22:49 | |
*** vipul|away is now known as vipul | 22:50 | |
mordred | I'm looking for a way to do this: https://review.openstack.org/#/c/24582/10/ceilometer/central/manager.py that actually works | 22:50 |
mordred | apparently import_opt doesn't work because it's a cli option? | 22:50 |
clarkb | where is it defined? if your import that was removed defines the options you still need to import that code I think | 22:52 |
mordred | clarkb: so, import_opt does the import under the covers | 22:52 |
clarkb | this is a common problem for why a lot of unittests often can't be run in isolation. they depend on options that are defined in code that is never imported | 22:52 |
clarkb | magic | 22:52 |
mordred | clarkb: but it seems in this case that the cli opts become unhappy | 22:52 |
*** zb has joined #openstack-dev | 22:53 | |
mordred | clarkb: which means we wind up with magical modules that have to be imported for things to work but which are not actually used other than the import | 22:53 |
mordred | which is batshit | 22:53 |
mordred | but other than judging that choice - I'd like to figure out how to sort it out | 22:53 |
*** zaneb has quit IRC | 22:54 | |
clarkb | mordred: does it work if you manually import the source module? | 22:55 |
clarkb | maybe the magic can't find the source module in the case of cli modules? | 22:55 |
mordred | clarkb: yeah. that's the line I was trying to get rid of | 22:56 |
clarkb | er cli options | 22:56 |
clarkb | I know | 22:56 |
mordred | clarkb: but looking at the code, it seems that it _should_ work regardless of cli-ness | 22:56 |
*** v7_ has quit IRC | 22:56 | |
*** nati_ueno has joined #openstack-dev | 22:58 | |
*** zbitter has joined #openstack-dev | 22:59 | |
*** dims has joined #openstack-dev | 23:00 | |
*** zb has quit IRC | 23:00 | |
*** zb has joined #openstack-dev | 23:01 | |
*** rmohan has quit IRC | 23:02 | |
*** zbitter has quit IRC | 23:02 | |
*** rmohan has joined #openstack-dev | 23:02 | |
*** FunnyLookinHat has quit IRC | 23:03 | |
*** aloga has quit IRC | 23:03 | |
*** rerngvit_ is now known as rerngvit | 23:04 | |
*** plemahieu has quit IRC | 23:09 | |
*** zb has quit IRC | 23:10 | |
*** lloydde has quit IRC | 23:11 | |
*** rerngvit has quit IRC | 23:13 | |
openstackgerrit | A change was merged to openstack/nova: set bdm['volume_id'] to None rather than delete it https://review.openstack.org/27056 | 23:15 |
*** vipul is now known as vipul|away | 23:15 | |
*** vipul|away is now known as vipul | 23:16 | |
*** afazekas has quit IRC | 23:17 | |
*** llirkaz has quit IRC | 23:18 | |
*** esp has left #openstack-dev | 23:18 | |
*** rmohan has quit IRC | 23:19 | |
*** alop has quit IRC | 23:19 | |
*** david-lyle has quit IRC | 23:19 | |
*** thariman has joined #openstack-dev | 23:23 | |
*** mgiles has quit IRC | 23:23 | |
*** lmatter has joined #openstack-dev | 23:25 | |
*** devoid has quit IRC | 23:26 | |
*** thariman has quit IRC | 23:30 | |
*** kreddy has joined #openstack-dev | 23:30 | |
*** terryh has quit IRC | 23:30 | |
*** zaneb has joined #openstack-dev | 23:30 | |
*** markwash has quit IRC | 23:34 | |
*** zb has joined #openstack-dev | 23:34 | |
*** ewindisch has joined #openstack-dev | 23:36 | |
termeye | i wonder how stevemar was testing this, because it looks to me like the last line i wrote never got terminated | 23:36 |
*** zaneb has quit IRC | 23:37 | |
*** zaneb has joined #openstack-dev | 23:37 | |
*** bdpayne has quit IRC | 23:39 | |
*** zb has quit IRC | 23:40 | |
*** lloydde has joined #openstack-dev | 23:41 | |
*** bmclaughlin has quit IRC | 23:41 | |
*** timello has joined #openstack-dev | 23:42 | |
*** zaneb has quit IRC | 23:42 | |
*** yjiang5 has joined #openstack-dev | 23:43 | |
termeye | actually now i am wondering whether i never pushed a bunch of changes | 23:43 |
termeye | because _i_ tested this and there is code that never would have worked | 23:44 |
*** kreddy has quit IRC | 23:44 | |
*** galstrom_zzz is now known as galstrom | 23:48 | |
*** sudorandom has quit IRC | 23:50 | |
*** lmatter has quit IRC | 23:50 | |
*** enikanorov-w has quit IRC | 23:52 | |
*** timello has quit IRC | 23:52 | |
*** enikanorov-w has joined #openstack-dev | 23:53 | |
*** pixelbeat has quit IRC | 23:55 | |
*** Mandell has quit IRC | 23:56 | |
*** READ10 has quit IRC | 23:58 | |
*** matiu has joined #openstack-dev | 23:59 | |
*** matiu has quit IRC | 23:59 | |
*** matiu has joined #openstack-dev | 23:59 |
Generated by irclog2html.py 2.14.0 by Marius Gedminas - find it at mg.pov.lt!