Tuesday, 2013-05-07

« Monday, 2013-05-06 Index Wednesday, 2013-05-08 »
*** hattwick has quit IRC00:00
*** yamahata_ has quit IRC00:01
*** datsun180b has quit IRC00:03
*** markmcclain has joined #openstack-dev00:03
*** Nachi has joined #openstack-dev00:03
*** beagles_backl8r is now known as beagles00:04
*** sudorandom has joined #openstack-dev00:05
*** nati_ueno has quit IRC00:06
*** winston-d has joined #openstack-dev00:09
*** Ryan_Lane has quit IRC00:10
*** RajeshMohan has quit IRC00:12
*** RajeshMohan has joined #openstack-dev00:12
*** halj has quit IRC00:14
*** garyTh has quit IRC00:15
*** belmoreira has joined #openstack-dev00:21
*** sudorandom has quit IRC00:23
*** belmoreira has quit IRC00:26
clarkbkeystone folks: https://review.openstack.org/#/c/28363/1 and a corresponding change to keystone should fix your python-memcached troubles00:26
*** SumitNaiksatam has joined #openstack-dev00:27
*** sarob has quit IRC00:29
*** riskable has joined #openstack-dev00:30
openstackgerritA change was merged to openstack/ceilometer: Imported Translations from Transifex  https://review.openstack.org/2822900:32
*** bdpayne has quit IRC00:36
*** sudorandom has joined #openstack-dev00:41
*** hartsocks has quit IRC00:43
*** anniec has quit IRC00:43
*** alop has quit IRC00:43
*** jasdeepH has joined #openstack-dev00:45
*** stevebaker_ has quit IRC00:46
clarkband digging through the github issues for python-memcached I see that the problem should be fixed with a version recently pushed to pypi. I am rerunning the mirror jobs to pull in that version00:47
*** stevemar has joined #openstack-dev00:48
*** stevebaker has joined #openstack-dev00:48
*** digitalsanctum has quit IRC00:49
*** bmclaughlin has quit IRC00:52
*** zul has quit IRC00:56
*** stevemar has quit IRC00:57
*** freedomhui has joined #openstack-dev00:57
*** redbeard2 has joined #openstack-dev00:59
*** utlemming has joined #openstack-dev01:00
*** stevebaker has quit IRC01:01
*** lifeless has joined #openstack-dev01:02
*** adjohn has joined #openstack-dev01:03
*** jclift has quit IRC01:03
*** winston-d has quit IRC01:05
*** cp16net is now known as cp16net|away01:07
*** pcm__ has quit IRC01:07
*** cp16net|away is now known as cp16net01:07
*** bdpayne has joined #openstack-dev01:07
*** litong has quit IRC01:08
*** stevebaker has joined #openstack-dev01:09
*** freedomhui has quit IRC01:11
*** utlemming has quit IRC01:12
*** zb has joined #openstack-dev01:12
*** bknudson has left #openstack-dev01:13
*** freedomhui has joined #openstack-dev01:14
*** jbresnah has quit IRC01:14
*** zaneb has quit IRC01:16
*** winston-d has joined #openstack-dev01:20
*** belmoreira has joined #openstack-dev01:22
*** markmcclain has quit IRC01:24
*** belmoreira has quit IRC01:26
*** stevebaker has quit IRC01:28
*** brunnhilde has quit IRC01:30
*** Mandell has quit IRC01:31
*** jasdeepH has quit IRC01:33
*** markwash has joined #openstack-dev01:33
*** yamahata has quit IRC01:36
*** yidclare has joined #openstack-dev01:36
*** anniec has joined #openstack-dev01:37
*** pixelbeat_ has quit IRC01:37
*** jbresnah has joined #openstack-dev01:37
*** yamahata has joined #openstack-dev01:38
*** stevebaker has joined #openstack-dev01:39
*** anniec_ has joined #openstack-dev01:40
*** tomoe_ has joined #openstack-dev01:41
*** anniec has quit IRC01:41
*** anniec_ is now known as anniec01:41
ayoungjamielennox, were you able to figure out a way around the greenthread/testing setup?01:42
jamielennoxso at the moment i can isolate it to quite a small area01:43
jamielennoxactually re: testing or in general01:43
jamielennoxcause i'm trying to keep the patches seperate01:43
*** tzumainn has joined #openstack-dev01:43
ayoungjamielennox, so for the things like python-keystoneclient tests, how are you planning on running the server?01:44
jamielennoxi was hoping to use webtest.http.StopableWSGIServer01:44
jamielennoxit seems to be just a wrapper around a thread based wsgi server01:44
jamielennoxwith better support for stopping and starting01:44
*** Nachi has quit IRC01:44
jamielennoxrunning that with eventlet doesn't work at all01:45
ayoungjamielennox, that might actually be fine.  Python Threading issues should not come into play, now that I think about it01:45
jamielennoxthe ones i'm not sure about how to go about are related to SSL and ipv601:45
ayoungwe don't care about performance, and the web server should never be blocking on a call back to the client, so dead lock isn't an issue.01:45
jamielennoxipv6 all of a sudden less of a concern though01:45
ayoungDon;t worry about Ipv6 for the first iteration, as we are commenting that out anyway01:46
ayoungyep01:46
jamielennoxyes, but if eventlet patches threads globally then it screws up running the server01:46
jamielennoxhaven't looked that far into it01:46
*** adjohn has quit IRC01:46
jamielennoxmy thought is to keep the patches seperate that i can more or less isolate eventlet in testing down into a strict few tests01:47
openstackgerritA change was merged to openstack/cinder: Remove setuptools-git as run time dependency  https://review.openstack.org/2794701:47
*** terry7 has quit IRC01:47
jamielennoxi've actually done some rearranging, i'm not sure if i should keep it or not for now01:47
jamielennoxthen when i go for a patch to move out eventlet completely i'll bring the changes through to the tests01:48
ayoungjamielennox, so, on the server, all of the monkeypatching should be done in the starup code01:49
ayoungbut for the tests, it should be isoltated to the keystone/test.py file or something top level like that01:49
ayoungsounds like you are tracking, I won't derail you then.01:49
jamielennoxi can post some stuff on github if you want to see what i'm looking at01:50
*** mrodden has joined #openstack-dev01:51
ayoungjamielennox, only if it will help you.  I think you have it under control, so just drive on.01:51
jamielennoxyea, think it's fine. Particularly with this rearranging though it's going to be a fairly big patch01:52
ayoungjamielennox, so we can chat tomorrow  (night for me) once you have this well enough tackled.  I think I know how I want to split up some other work, but it can wait until it gets your full attention01:53
jamielennoxok, sounds good01:53
*** rcleere has joined #openstack-dev01:54
*** aeperezt has joined #openstack-dev01:55
jamielennoxayoung: jenkins killed the ipv6 patch01:55
ayounglooking01:55
*** yaguang has joined #openstack-dev01:56
jamielennoxlol, there is a review to blacklist memcache-1.50 which i guess is for exactly this reason01:56
jamielennoxhowever unless you combine the patches, each will block the other from being commited01:56
*** shang_ has quit IRC01:57
morganfainbergoi!01:57
morganfainbergthat is terrible :P01:57
ayoungjamielennox, nah, the ipv6 one is intermittant01:58
*** kenperkins has quit IRC01:58
ayoungso the memcach-1.5 one should go through eventually...01:58
*** Corren has joined #openstack-dev01:58
*** shang has joined #openstack-dev01:58
*** bing_bu has joined #openstack-dev01:59
jamielennoxkeep refreshing until you hit an older worker..02:00
ayoungjamielennox, nah, merging the patches and resubmiitting02:00
ayoungjamielennox, morganfainberg  https://review.openstack.org/#/c/28338/02:01
openstackgerritA change was merged to openstack/oslo.config: Fixes OptGroup title set typo  https://review.openstack.org/2789902:02
clarkbyeah I am about to rekick the mirror update scripts which will add 1.51 to the mirror02:02
clarkb1.51 fixes the problem with 1.5002:03
openstackgerritA change was merged to openstack/oslo.config: Use builtin startswith and endswith methods in iniparser  https://review.openstack.org/2801202:03
*** READ10 has quit IRC02:06
*** baba has quit IRC02:09
*** megha has joined #openstack-dev02:09
ayoungclarkb, so if I do this is all good? https://review.openstack.org/#/c/28338/02:12
jamielennoxayoung: if you wait for the mirror you should be able to pass ipv6 then memcache.02:14
ayoungjamielennox, ah...ok,  I'll roll back to the earlier version of the IPv6 then02:14
*** freedomhui has quit IRC02:16
*** danwent has quit IRC02:16
clarkbyeah no need for pinning in an hour or so02:20
*** Corren is now known as kenperkins02:21
*** belmoreira has joined #openstack-dev02:22
*** jasdeepH has joined #openstack-dev02:23
*** freedomhui has joined #openstack-dev02:24
*** jog0 has quit IRC02:25
*** cmark_ has joined #openstack-dev02:27
*** belmoreira has quit IRC02:27
*** novas0x2a|laptop has quit IRC02:27
*** cmark_ has quit IRC02:28
*** cmark_ has joined #openstack-dev02:28
*** cmark has quit IRC02:30
*** comay has quit IRC02:30
*** freedomhui has quit IRC02:34
*** dtroyer has left #openstack-dev02:35
*** prekarat has quit IRC02:42
*** erfanian has quit IRC02:45
*** nunosantos has quit IRC02:46
openstackgerritA change was merged to openstack/ceilometer: Add the mongo implementation of alarms collection  https://review.openstack.org/2800802:47
*** jasdeepH has quit IRC02:48
*** megha has quit IRC02:50
*** HenryG has quit IRC02:53
*** alunduil has quit IRC02:55
*** megha has joined #openstack-dev02:56
*** alunduil has joined #openstack-dev02:57
*** vkmc has quit IRC02:57
*** sudorandom has quit IRC02:57
clarkbayoung: the mirror has updated. If you rerun your tests now things should work03:02
ayoungclarkb, just kicked it off, thanks03:10
*** melwitt1 has quit IRC03:17
openstackgerritA change was merged to openstack/ceilometer: Connect the Alarm API to the db  https://review.openstack.org/2801003:19
*** sacharya has left #openstack-dev03:20
ayoungclarkb, http://logs.openstack.org/28338/6/check/gate-keystone-pep8/4914/console.html03:21
clarkbayoung: http://pypi.openstack.org/openstack/python-memcached/ it should find 1.51 there. not sure why it is still grabbing 1.5003:22
clarkbmordred: fungi ^ any ideas?03:23
*** belmoreira has joined #openstack-dev03:23
fungimmm03:24
mordredclarkb: no. it does not make the senses to me03:24
fungidid it run too soon?03:24
mordredI agree with you that 1.51 is on the mirror03:25
fungiguess not03:25
ayoungcan you remove 1.50 from the mirror fungi mordred ?03:25
fungilocal caching on the slave?03:25
mordredit should not be local caching on the salve03:26
mordredslave03:26
mordredbecause pip will go do an index scan regardless of remote caches03:26
*** danwent has joined #openstack-dev03:26
fungi...yeah, agreed03:27
*** jasdeepH has joined #openstack-dev03:27
clarkbI am trying to reproduce locally03:27
mordredgood03:27
mordredI'd like to understand the problem before we remove stuffs03:27
*** belmoreira has quit IRC03:28
* mordred is going to vote timing03:28
mordredgets 1.51 from the mirror locally03:29
ayoungmordred, why is there a problem removing the broken package just to be sure?03:29
mordredayoung: not a problem per-se - but if we have a situation where things are pulling wrong versions of packages in general, I'd like to understand it in case it's showing a deeper systemic problem that we're only noticing because 1.50 is borked03:29
mordredit shouldn't take too long to reproduce and make sure03:30
ayoungmordred, ok,  if you can do a reverify on https://review.openstack.org/#/c/28338/  once you are done, I'll check in the morning03:30
*** lauria has joined #openstack-dev03:30
mordredayoung: totally03:30
fungithe broken package isn't removed from pypi necessarily either. should still work03:30
mordredgod I hate link scanning in pip/pypi03:31
ayoungmordred, should I kick off a reverify now, since you think it is timing?03:31
clarkbayoung: it won't hurt03:31
clarkbso many missing C dependencies..03:33
fungiyeah, and python-memcached is one of the primary examples of pypi-indexed-not-hosted packages03:34
clarkbayoung: looks like it is working now03:37
ayoungclarkb, I think that it is in the queue, just behind a tempest run that is taking a while03:39
clarkbayoung: it is03:39
ayounggnight03:39
clarkbbut a bunch of the tests have run and passed03:39
clarkbworks locally too.03:39
*** freedomhui has joined #openstack-dev03:39
*** mgiles has joined #openstack-dev03:42
fungioff to the races, i guess03:42
mordredw00t!03:43
*** RajeshMohan has quit IRC03:43
*** RajeshMohan has joined #openstack-dev03:43
*** PaulM has quit IRC03:43
fungimordred was closest without going over03:44
fungior something03:44
mordreddefinitely or03:44
openstackgerritA change was merged to openstack/tempest: Ignore .testrepository/  https://review.openstack.org/2827203:44
*** boris-42 has joined #openstack-dev03:45
*** boris-42 has quit IRC03:50
*** boris-42 has joined #openstack-dev03:50
openstackgerritA change was merged to openstack/keystone: Skip IPv6 tests for eventlet dns  https://review.openstack.org/2833803:52
*** katylava has quit IRC04:01
*** Mandell has joined #openstack-dev04:05
*** yuanz has quit IRC04:17
*** lauria has quit IRC04:19
*** sirushti_ has joined #openstack-dev04:19
*** yolo has joined #openstack-dev04:19
*** sirushti_ has quit IRC04:19
*** yolo is now known as Guest4668404:20
*** ewindisch has joined #openstack-dev04:21
*** Corren has joined #openstack-dev04:23
*** shang has quit IRC04:23
*** kenperkins has quit IRC04:24
*** belmoreira has joined #openstack-dev04:24
*** Corren is now known as kenperkins04:25
*** martine has quit IRC04:28
*** belmoreira has quit IRC04:29
*** koolhead17 has quit IRC04:34
*** anniec has quit IRC04:34
*** zaitcev has quit IRC04:35
*** Ryan_Lane has joined #openstack-dev04:39
*** basha has joined #openstack-dev04:40
*** glikson has joined #openstack-dev04:42
*** ewindisch has quit IRC04:43
*** freedomhui has quit IRC04:44
*** danwent has quit IRC04:45
*** nati_ueno has joined #openstack-dev04:45
*** johnpur has quit IRC04:46
*** koolhead17 has joined #openstack-dev04:48
*** Yada has joined #openstack-dev04:48
*** nati_ueno has quit IRC04:49
*** Yada has quit IRC04:51
*** ijw has quit IRC04:53
*** ijw has joined #openstack-dev04:53
*** dims has quit IRC04:54
*** ewindisch has joined #openstack-dev04:57
*** ewindisch has quit IRC05:00
*** vartom1116 has joined #openstack-dev05:02
*** basha has quit IRC05:07
*** basha has joined #openstack-dev05:09
*** aeperezt has quit IRC05:13
*** mgiles has quit IRC05:15
*** maoy has quit IRC05:16
*** RajeshMohan has quit IRC05:16
*** glikson has quit IRC05:16
*** boris-42 has quit IRC05:16
*** bdpayne has quit IRC05:16
*** breed has quit IRC05:16
*** sride has joined #openstack-dev05:16
*** RajeshMohan has joined #openstack-dev05:17
*** vartom1116 has quit IRC05:17
*** ladquin has quit IRC05:18
*** danwent has joined #openstack-dev05:19
*** glikson has joined #openstack-dev05:24
*** belmoreira has joined #openstack-dev05:25
*** amerine has quit IRC05:27
openstackgerritA change was merged to openstack/cinder: Update import of oslo's processutils.  https://review.openstack.org/2837105:27
*** freedomhui has joined #openstack-dev05:27
*** openstackstatus has quit IRC05:29
*** openstackstatus has joined #openstack-dev05:29
*** Gman2 has joined #openstack-dev05:29
*** bdpayne has joined #openstack-dev05:30
*** belmoreira has quit IRC05:30
*** amerine has joined #openstack-dev05:30
*** megha has quit IRC05:38
*** reed has quit IRC05:41
*** SergeyLukjanov has joined #openstack-dev05:42
*** mrunge has joined #openstack-dev05:47
*** koolhead17 has quit IRC05:48
*** PhilDay has joined #openstack-dev05:51
*** navid_ has joined #openstack-dev05:51
*** PhilDay has quit IRC05:51
*** philday has joined #openstack-dev05:52
*** philday has quit IRC05:53
*** PhilDay has joined #openstack-dev05:54
*** topol has joined #openstack-dev05:55
*** Gman2 has quit IRC05:57
*** Mandell_ has joined #openstack-dev05:57
*** vartom1116 has joined #openstack-dev05:58
*** rushiagr has joined #openstack-dev05:59
*** topol has quit IRC06:00
*** Mandell has quit IRC06:00
*** freedomhui has quit IRC06:04
*** freedomhui has joined #openstack-dev06:09
*** Ruetobas has quit IRC06:09
*** rerngvit has joined #openstack-dev06:12
*** RajeshMohan has quit IRC06:12
rerngvithello06:12
*** RajeshMohan has joined #openstack-dev06:13
rerngvitI am trying to recheck bug in Jerrit in order to submit code patch and have a question.06:13
*** vartom1117 has joined #openstack-dev06:13
*** Ruetobas has joined #openstack-dev06:13
*** vartom1116 has quit IRC06:13
rerngvitFrom the doc (https://wiki.openstack.org/wiki/GerritJenkinsGithub#Test_Failures), it suggests that I should "leave a comment with the form "recheck bug ####""06:13
rerngvitmy question is how should I leave a comment? is it go together as an extra line in a commit message?06:14
clarkbno submit the comment in gerrit06:16
clarkbas a review comment06:16
rerngvitok thank you.06:17
*** Corren has joined #openstack-dev06:18
*** vartom1118 has joined #openstack-dev06:18
*** topol has joined #openstack-dev06:20
*** vartom1117 has quit IRC06:20
rerngvitclarkb: if I don't make any change and try to "git review", I got "! [remote rejected] HEAD -> refs/for/master/bp/utilization-based-scheduling (no changes made)".06:22
*** kenperkins has quit IRC06:22
*** vartom1118 has quit IRC06:22
*** vartom1118 has joined #openstack-dev06:24
*** topol has quit IRC06:25
clarkbthats normal06:26
clarkbgerrit wont accept patches it already has06:26
*** cdub_ has quit IRC06:26
clarkbalso that test fails because the sixty second timeout in https://github.com/openstack/nova/blob/master/.testr.conf was hit06:27
rerngvitclarkb: hmm, what should I do then? should I add an extra line or space somewhere?06:28
*** tzumainn has quit IRC06:28
*** bdpayne has quit IRC06:29
*** boris-42 has joined #openstack-dev06:29
*** prekarat has joined #openstack-dev06:29
clarkbrerngvit: what are you trying to accomplish?06:30
*** bdpayne has joined #openstack-dev06:31
*** xga has joined #openstack-dev06:31
rerngvitI am implementing this blue print (https://blueprints.launchpad.net/openstack/?searchtext=utilization-based-scheduling)06:31
*** garyk has joined #openstack-dev06:31
rerngvitlast patch, it was quite big so I separate it into manageable parts and submit each one.06:32
rerngvitThis is the first one.06:32
clarkbthe error from gerrit indicates nothing has changed. the commit sha is the same06:33
*** sarob has joined #openstack-dev06:33
garykgongysh: ping06:33
*** michchap_ has joined #openstack-dev06:34
rerngvitI understand. My question is then how normally should this be done ( recheck submit )06:34
rerngvit?06:34
gongyshhi06:34
*** bdpayne has quit IRC06:35
*** PhilDay has quit IRC06:35
*** koolhead17 has joined #openstack-dev06:35
*** michchap has quit IRC06:36
clarkbrerngvit: if you just want to resubmit you do that through gerrits web interface by leaving a review on the change with the magic string in the comment field06:36
clarkbs/resubmit/recheck/06:36
rerngvitclarkb: ok thank you. I'll try that then06:37
*** flaper87 has joined #openstack-dev06:41
*** danwent has quit IRC06:41
*** belmoreira has joined #openstack-dev06:44
*** jasdeepH has quit IRC06:46
*** gongysh has quit IRC06:47
*** jasondotstar has joined #openstack-dev06:47
*** glikson has quit IRC06:47
openstackgerritA change was merged to openstack/glance: Implement registry API v2  https://review.openstack.org/2726706:49
*** vartom1119 has joined #openstack-dev06:50
*** vartom1118 has quit IRC06:50
*** gongysh has joined #openstack-dev06:54
*** xga has quit IRC06:55
*** xga has joined #openstack-dev06:55
*** zoresvit has joined #openstack-dev07:00
*** reidrac has joined #openstack-dev07:05
openstackgerritA change was merged to openstack/nova: Delete InstanceSystemMetadata on instance deletion  https://review.openstack.org/2438707:09
openstackgerritA change was merged to openstack/nova: Sync oslo-incubator print statement changes  https://review.openstack.org/2823807:09
*** johndescs_ has joined #openstack-dev07:11
*** johndescs_ is now known as johndescs07:12
*** glikson has joined #openstack-dev07:13
*** athomas has joined #openstack-dev07:15
*** crazed has quit IRC07:15
*** Hien has quit IRC07:15
*** rerngvit has left #openstack-dev07:15
*** shardy has joined #openstack-dev07:18
*** psedlak has joined #openstack-dev07:18
*** Mandell_ has quit IRC07:19
*** ndipanov has joined #openstack-dev07:19
*** m4xmr has joined #openstack-dev07:22
*** m4xmr has left #openstack-dev07:22
*** marun has quit IRC07:27
*** dguitarbite has left #openstack-dev07:29
*** thouveng has joined #openstack-dev07:30
*** mhu has joined #openstack-dev07:30
*** JordanP has joined #openstack-dev07:31
*** jprovazn has joined #openstack-dev07:32
*** megha has joined #openstack-dev07:32
*** dev_sa has joined #openstack-dev07:36
*** aloga has joined #openstack-dev07:37
*** salv-orlando has joined #openstack-dev07:40
*** Hien has joined #openstack-dev07:42
*** crazed has joined #openstack-dev07:45
*** gmurphy has joined #openstack-dev07:45
*** fbo has joined #openstack-dev07:48
*** halfie|bbl is now known as halfie07:50
*** jpich has joined #openstack-dev07:53
*** LiLin has joined #openstack-dev07:55
*** basha has quit IRC07:55
*** crazed has quit IRC07:55
*** Hien has quit IRC07:56
*** gmurphy has left #openstack-dev07:57
*** jgallard has joined #openstack-dev07:58
*** giulivo has joined #openstack-dev07:58
*** johnthetubaguy has joined #openstack-dev08:01
*** johnthetubaguy1 has joined #openstack-dev08:04
*** johnthetubaguy has quit IRC08:06
*** lucasagomes has joined #openstack-dev08:07
*** alexpilotti has joined #openstack-dev08:08
*** mikal has quit IRC08:09
*** mikal has joined #openstack-dev08:11
*** afazekas has joined #openstack-dev08:16
*** Hien has joined #openstack-dev08:18
*** crazed has joined #openstack-dev08:19
*** pixelbeat_ has joined #openstack-dev08:24
*** basha has joined #openstack-dev08:25
*** derekh has joined #openstack-dev08:26
*** Corren has quit IRC08:27
*** kenperkins has joined #openstack-dev08:28
*** boris-42 has quit IRC08:35
*** boris-42 has joined #openstack-dev08:36
*** eglynn has joined #openstack-dev08:37
*** amerine has quit IRC08:41
*** redbeard2 has quit IRC08:45
*** jtomasek has joined #openstack-dev08:46
*** megha has quit IRC08:46
*** megha has joined #openstack-dev08:49
*** jgallard has quit IRC08:49
*** jgallard has joined #openstack-dev08:50
*** sarob has quit IRC08:50
*** jcoufal has joined #openstack-dev08:50
*** sarob has joined #openstack-dev08:50
*** mkerrin has joined #openstack-dev08:53
*** sarob has quit IRC08:55
*** winston-d has quit IRC08:56
*** afazekas has quit IRC08:58
*** redbeard2 has joined #openstack-dev08:58
*** afazekas has joined #openstack-dev09:02
*** LiLin has left #openstack-dev09:12
*** danpb has joined #openstack-dev09:13
*** johnthetubaguy1 is now known as johnthetubaguy09:15
*** bing_bu has quit IRC09:22
*** openstackstatus has quit IRC09:29
*** belmoreira has left #openstack-dev09:30
*** SergeyLukjanov has quit IRC09:39
*** openstackstatus has joined #openstack-dev09:39
openstackgerritA change was merged to openstack/nova: Imported Translations from Transifex  https://review.openstack.org/2766109:40
openstackgerritA change was merged to openstack/nova: Remove random print statements  https://review.openstack.org/2838809:40
*** afazekas has quit IRC09:46
*** afazekas has joined #openstack-dev09:48
*** vartom1119 has quit IRC09:49
*** jcoufal has quit IRC09:51
*** athomas has quit IRC09:51
*** timello has quit IRC09:52
*** mikal has quit IRC09:57
*** mikal has joined #openstack-dev09:59
*** alexpilotti has quit IRC10:02
*** boris-42 has quit IRC10:05
*** timello has joined #openstack-dev10:05
*** alexpilotti has joined #openstack-dev10:11
*** athomas has joined #openstack-dev10:12
*** nati_ueno has joined #openstack-dev10:16
*** tomoe_ has quit IRC10:21
*** mmagr has joined #openstack-dev10:21
*** vartom1119 has joined #openstack-dev10:23
*** alexpilotti has quit IRC10:28
*** prekarat has quit IRC10:28
*** alexpilotti has joined #openstack-dev10:30
*** prekarat has joined #openstack-dev10:30
*** yaguang has quit IRC10:32
bashaHi. We have a question. Is it a convention that all the modules copied over from oslo-incubator (by running an update.py) should be put into the openstack/common folder?10:33
*** kiall has joined #openstack-dev10:38
*** uaberme has joined #openstack-dev10:44
*** rkukura has quit IRC10:48
*** phschwartz has quit IRC10:49
*** phschwartz_ is now known as phschwartz10:49
*** phschwartz_ has joined #openstack-dev10:51
*** sride has quit IRC10:51
*** sride has joined #openstack-dev10:52
*** boris-42 has joined #openstack-dev10:54
*** megha has quit IRC10:56
*** baba has joined #openstack-dev10:57
*** jasondotstar has quit IRC11:06
*** rnirmal has joined #openstack-dev11:08
*** rmk has quit IRC11:10
*** basha has quit IRC11:10
*** basha has joined #openstack-dev11:10
*** sandywalsh has quit IRC11:13
*** wiliam_ has joined #openstack-dev11:14
*** sandywalsh has joined #openstack-dev11:25
*** mikal has quit IRC11:27
*** mikal has joined #openstack-dev11:29
*** digitalsanctum has joined #openstack-dev11:32
*** sthaha has quit IRC11:33
*** wiliam_ has quit IRC11:33
*** wiliam_ has joined #openstack-dev11:34
*** dguitarbite has joined #openstack-dev11:36
*** markmc has joined #openstack-dev11:40
*** freedomhui has quit IRC11:40
*** wiliam_ has quit IRC11:40
*** wiliam_ has joined #openstack-dev11:41
*** pcm__ has joined #openstack-dev11:43
*** jcoufal has joined #openstack-dev11:44
*** SergeyLukjanov has joined #openstack-dev11:44
*** uaberme has quit IRC11:46
*** HenryG has joined #openstack-dev11:47
*** vartom1119 has quit IRC11:47
*** wiliam_ has quit IRC11:49
*** wiliam_ has joined #openstack-dev11:52
*** uaberme has joined #openstack-dev11:53
*** arbrandes has joined #openstack-dev11:54
*** tzumainn has joined #openstack-dev11:55
*** glikson has quit IRC11:55
*** glikson has joined #openstack-dev11:56
*** jruzicka has joined #openstack-dev11:57
*** trapni has joined #openstack-dev11:58
*** radez_g0n3 is now known as radez12:03
*** prekarat has quit IRC12:04
*** prekarat1 has joined #openstack-dev12:04
*** prekarat1 has quit IRC12:04
*** JordanP has quit IRC12:04
*** ijw has quit IRC12:06
*** JordanP has joined #openstack-dev12:07
*** basha has quit IRC12:07
*** ijw has joined #openstack-dev12:08
*** galstrom_zzz is now known as galstrom12:10
*** eharney has joined #openstack-dev12:10
*** ondergetekende has joined #openstack-dev12:12
*** topol has joined #openstack-dev12:12
*** wiliam_ has quit IRC12:15
*** JordanP has quit IRC12:15
*** martine has joined #openstack-dev12:16
*** wiliam_ has joined #openstack-dev12:16
*** ayoung has quit IRC12:19
*** ijw has quit IRC12:19
*** SergeyLukjanov has quit IRC12:19
*** jang has joined #openstack-dev12:20
*** dims has joined #openstack-dev12:20
*** johndescs has quit IRC12:21
*** johndescs has joined #openstack-dev12:21
*** SergeyLukjanov has joined #openstack-dev12:21
openstackgerritA change was merged to openstack/tempest: Adds Cinder Multi-Backend Test  https://review.openstack.org/2392312:22
*** thouveng has quit IRC12:24
*** ijw has joined #openstack-dev12:25
*** wiliam_ has quit IRC12:25
*** wiliam_ has joined #openstack-dev12:26
*** ijw1 has joined #openstack-dev12:26
*** mhu has quit IRC12:26
*** cmark has joined #openstack-dev12:28
*** galstrom is now known as galstrom_zzz12:29
*** ijw has quit IRC12:29
*** JordanP has joined #openstack-dev12:30
*** Guest46684 has quit IRC12:31
*** cmark_ has quit IRC12:32
*** mhu has joined #openstack-dev12:32
*** dhellmann is now known as dhellmann-away12:36
*** wiliam_ has quit IRC12:37
*** wiliam_ has joined #openstack-dev12:37
*** jasondotstar has joined #openstack-dev12:38
*** bknudson has joined #openstack-dev12:40
openstackgerritA change was merged to openstack/oslo.config: Made a couple minor textual documentation / typo fixes.  https://review.openstack.org/2838012:45
*** timello has quit IRC12:46
openstackgerritA change was merged to openstack/oslo.config: Update build to use pbr.  https://review.openstack.org/2763212:46
openstackgerritA change was merged to openstack/oslo.config: Upgrade testing to use testr.  https://review.openstack.org/2629512:47
openstackgerritA change was merged to openstack/oslo.config: Re-work test_cli to use testscenarios.  https://review.openstack.org/2629612:47
*** timello has joined #openstack-dev12:47
*** lauria has joined #openstack-dev12:48
openstackgerritA change was merged to openstack/oslo-incubator: Convert unicode for python3 portability  https://review.openstack.org/2793312:50
*** wiliam_ has quit IRC12:51
*** wiliam_ has joined #openstack-dev12:51
*** wiliam_ is now known as wiliam12:53
*** pfreund has joined #openstack-dev12:53
*** networkstatic has quit IRC12:54
*** kbringard has joined #openstack-dev12:56
*** markmcclain has joined #openstack-dev12:57
*** READ10 has joined #openstack-dev12:57
*** markmcclain has quit IRC12:57
*** alunduil has quit IRC12:58
*** michchap_ has quit IRC12:58
*** nati_ueno has quit IRC12:59
*** michchap has joined #openstack-dev12:59
*** pabelanger_ has joined #openstack-dev12:59
*** michchap has quit IRC13:01
*** matiu has quit IRC13:01
*** dprince has joined #openstack-dev13:01
*** michchap has joined #openstack-dev13:01
*** pabelanger_ has quit IRC13:01
*** pabelanger_ has joined #openstack-dev13:01
*** pabelanger has quit IRC13:01
*** pabelanger_ is now known as pabelanger13:01
*** pabelanger_ has joined #openstack-dev13:02
*** wiliam has quit IRC13:02
*** BobBall has quit IRC13:04
*** wiliam has joined #openstack-dev13:04
openstackgerritA change was merged to openstack/ceilometer: Update oslo before bringing in exceptions  https://review.openstack.org/2789713:06
*** jecarey has joined #openstack-dev13:06
*** psedlak has quit IRC13:07
*** salv-orlando has quit IRC13:07
*** pmyers has quit IRC13:09
*** pmyers has joined #openstack-dev13:10
*** wiliam has quit IRC13:13
*** litong has joined #openstack-dev13:14
*** uaberme has quit IRC13:14
*** zb is now known as zaneb13:14
*** wiliam has joined #openstack-dev13:14
*** bmclaughlin has joined #openstack-dev13:15
*** redbeard2 has quit IRC13:15
*** ayoung has joined #openstack-dev13:15
*** tomoe_ has joined #openstack-dev13:16
*** tomoe_ has quit IRC13:16
*** jayg|g0n3 is now known as jayg13:18
*** stevemar has joined #openstack-dev13:21
*** wiliam has quit IRC13:21
openstackgerritA change was merged to openstack/ceilometer: Update WSME dependency  https://review.openstack.org/2828513:23
*** mhu has quit IRC13:25
*** drewlander has joined #openstack-dev13:27
*** uaberme has joined #openstack-dev13:28
openstackgerritA change was merged to openstack/quantum: Fix 500 raised on disassociate_floatingips when out of sync  https://review.openstack.org/2837513:28
*** wiliam has joined #openstack-dev13:29
*** nati_ueno has joined #openstack-dev13:31
*** SergeyLukjanov has quit IRC13:32
*** mhu has joined #openstack-dev13:35
*** sride has quit IRC13:36
*** SergeyLukjanov has joined #openstack-dev13:37
*** SergeyLukjanov has quit IRC13:39
*** rkukura has joined #openstack-dev13:39
*** stevemar has quit IRC13:40
*** stevemar has joined #openstack-dev13:41
*** stevemar has quit IRC13:44
*** stevemar has joined #openstack-dev13:44
*** woodspa has joined #openstack-dev13:46
*** lauria_ has joined #openstack-dev13:46
*** PhilDay has joined #openstack-dev13:48
*** woodspa has quit IRC13:49
*** lauria has quit IRC13:49
*** lauria_ is now known as lauria13:49
*** nati_ueno has quit IRC13:52
*** cloudchimp has joined #openstack-dev13:53
*** wiliam has quit IRC13:55
*** jimfehlig has joined #openstack-dev13:55
*** gordc has quit IRC13:56
*** digitalsanctum has quit IRC13:57
*** galstrom_zzz is now known as galstrom13:57
*** digitalsanctum has joined #openstack-dev14:00
*** gongysh has quit IRC14:00
*** lauria has quit IRC14:01
*** lauria has joined #openstack-dev14:01
*** halidaltuner has joined #openstack-dev14:02
*** wiliam has joined #openstack-dev14:07
*** markmcclain has joined #openstack-dev14:09
*** sudorandom has joined #openstack-dev14:09
*** cp16net is now known as cp16net|away14:11
*** SergeyLukjanov has joined #openstack-dev14:11
*** wiliam has quit IRC14:13
*** markmcclain has quit IRC14:14
openstackgerritA change was merged to openstack/nova: Remove security_group_handler  https://review.openstack.org/2838414:15
*** Guest22610 has quit IRC14:15
*** jgallard has quit IRC14:16
*** jamespage_ has joined #openstack-dev14:16
*** jgallard has joined #openstack-dev14:16
*** topol has quit IRC14:17
*** maoy has joined #openstack-dev14:17
*** uaberme has quit IRC14:18
*** ashwini has joined #openstack-dev14:20
*** dolphm has joined #openstack-dev14:24
*** wiliam has joined #openstack-dev14:25
*** jcoufal has quit IRC14:25
*** arbrandes has quit IRC14:26
*** spzala has joined #openstack-dev14:26
*** rcleere has quit IRC14:27
*** dtroyer has joined #openstack-dev14:28
*** freedomhui has joined #openstack-dev14:30
*** dtroyer has left #openstack-dev14:31
*** dtroyer has joined #openstack-dev14:31
*** gordc has joined #openstack-dev14:32
*** armax has joined #openstack-dev14:32
*** johnpur has joined #openstack-dev14:34
*** wiliam has quit IRC14:34
*** wiliam has joined #openstack-dev14:36
*** dguitarbite has quit IRC14:36
*** datsun180b has joined #openstack-dev14:38
*** electrichead has joined #openstack-dev14:38
*** esheffield has joined #openstack-dev14:38
*** andrewbogott_afk is now known as andrewbogott14:38
*** aeperezt has joined #openstack-dev14:38
sandywalshmarkmc, re: https://blueprints.launchpad.net/oslo/+spec/consume-notifications-rpc ... havana-2 is fine. We have a workaround now (the current mechanism), it would just be nice to clean it up.14:39
markmcsandywalsh, cool, thanks14:40
*** adjohn has joined #openstack-dev14:41
*** FunnyLookinHat has joined #openstack-dev14:41
*** katylava has joined #openstack-dev14:43
*** wiliam has quit IRC14:45
*** blamar has quit IRC14:46
*** nunosantos has joined #openstack-dev14:46
*** wiliam has joined #openstack-dev14:46
*** ociuhandu has joined #openstack-dev14:47
*** blamar has joined #openstack-dev14:48
*** rcleere has joined #openstack-dev14:48
*** colinmcnamara has joined #openstack-dev14:50
*** koolhead17 has quit IRC14:51
*** topol has joined #openstack-dev14:51
*** aelkikhia has joined #openstack-dev14:51
*** ondergetekende has quit IRC14:53
*** wiliam has quit IRC14:56
ayoungdolphm, IPv6 merged last night.  Your patch should go through now14:56
*** morazi has quit IRC14:56
*** wiliam has joined #openstack-dev14:57
*** jprovazn has quit IRC14:59
*** lucasagomes_ has joined #openstack-dev14:59
*** rerngvit has joined #openstack-dev14:59
*** rerngvit has left #openstack-dev15:00
*** glikson has quit IRC15:00
*** glikson has joined #openstack-dev15:00
*** lucasagomes has quit IRC15:00
*** navid_ has quit IRC15:00
*** Mandell has joined #openstack-dev15:01
*** morazi has joined #openstack-dev15:03
*** morazi has quit IRC15:03
*** wiliam has quit IRC15:03
*** morazi has joined #openstack-dev15:04
*** ociuhandu is now known as ociuhandu_15:04
*** boris-42 has quit IRC15:05
*** wiliam has joined #openstack-dev15:05
*** reidrac has quit IRC15:05
*** ociuhandu_ is now known as ociuhandu15:05
*** lauria_ has joined #openstack-dev15:05
*** lauria has quit IRC15:06
*** lauria_ is now known as lauria15:06
dolphmayoung: thank you!15:07
*** ociuhandu has quit IRC15:07
*** ociuhandu has joined #openstack-dev15:07
*** jab416171 has quit IRC15:09
*** wiliam has quit IRC15:09
*** winston-d has joined #openstack-dev15:10
*** cp16net|away is now known as cp16net15:10
*** wiliam has joined #openstack-dev15:10
*** ijw1 has quit IRC15:10
*** ijw has joined #openstack-dev15:10
*** vartom1119 has joined #openstack-dev15:10
*** kpavel has joined #openstack-dev15:12
*** jamespage_ has quit IRC15:14
*** zul has joined #openstack-dev15:14
*** sacharya has joined #openstack-dev15:14
*** jvrbanac has joined #openstack-dev15:16
*** BobBall has joined #openstack-dev15:17
*** jamespage_ has joined #openstack-dev15:17
*** jab416171 has joined #openstack-dev15:17
*** cp16net is now known as cp16net|away15:17
*** cp16net|away is now known as cp16net15:17
*** ianw has quit IRC15:19
*** basha has joined #openstack-dev15:20
jgriffithadam_g_: thanks for the feedback on those backports15:22
openstackgerritA change was merged to openstack/tempest: Add setup failure logging in tearDown method.  https://review.openstack.org/2840615:23
*** danwent has joined #openstack-dev15:23
*** wiliam has quit IRC15:23
openstackgerritA change was merged to openstack/nova: Nova evacuate failed when VM is in SHUTOFF status  https://review.openstack.org/2827315:24
*** jamespage_ has quit IRC15:24
openstackgerritA change was merged to openstack/quantum: Imported Translations from Transifex  https://review.openstack.org/2841115:24
*** zaitcev has joined #openstack-dev15:24
openstackgerritA change was merged to openstack/quantum: update-port error if port does not exist in nvp  https://review.openstack.org/2738015:25
openstackgerritA change was merged to openstack/quantum: Update import of oslo's processutils.  https://review.openstack.org/2837315:25
openstackgerritA change was merged to openstack/quantum: Validate that netaddr does not receive a string with whitespace  https://review.openstack.org/2840115:25
openstackgerritA change was merged to openstack/quantum: blueprint cisco-plugin-exception-handling  https://review.openstack.org/2669515:25
openstackgerritA change was merged to openstack/quantum: Calculate nicira plugin NAT rules order according to CIDR prefix  https://review.openstack.org/2831415:25
*** reed has joined #openstack-dev15:25
*** zaitcev_ has joined #openstack-dev15:25
*** ron-slc has quit IRC15:25
*** zaitcev_ has quit IRC15:25
*** halidaltuner has quit IRC15:25
*** terryh has joined #openstack-dev15:27
openstackgerritA change was merged to openstack/quantum: Log msg for load policy file only if the file is actually loaded  https://review.openstack.org/2825015:29
*** vartom1119 has quit IRC15:29
*** ron-slc has joined #openstack-dev15:29
*** pfreund has quit IRC15:30
*** colinmcnamara has quit IRC15:30
*** jtomasek has quit IRC15:30
*** jasdeepH has joined #openstack-dev15:31
adam_g_jgriffith: np!15:31
*** bswartz has quit IRC15:34
*** hartsocks has joined #openstack-dev15:35
*** wiliam has joined #openstack-dev15:37
*** utlemming has joined #openstack-dev15:39
*** pfreund has joined #openstack-dev15:40
*** mhu has quit IRC15:41
*** rmk has joined #openstack-dev15:42
*** salv-orlando has joined #openstack-dev15:45
*** alexpilotti has quit IRC15:47
*** trapni has quit IRC15:47
ayoungdolphm, with regard to "Filling up the token table."  jamielennox wrote a patch last night that (when called from the CLI)  migrates the data out of the token table and into an archival table.  I would think that should be a good first step, but after that, we would want to ship them off the Keystone server.  Would it make sense to have a stand alone executable that copies the token_archival table in a message and sent it via AMQP, and15:48
ayoung then delete all rows?15:48
*** SergeyLukjanov has quit IRC15:48
*** bdpayne has joined #openstack-dev15:48
*** xga has quit IRC15:49
ayoungbdpayne, glad you are here.  Do you have time for an auditing question?15:49
bdpaynesure15:49
ayoungbdpayne, I am working on the assumption that we need to hold on to the tokens for longer than their expiration time.  Is  that correct?15:50
*** dabo has quit IRC15:50
bdpayneI guess it depends on what you're putting in the logs15:50
bdpaynewhat you want is a record of all access and access attempts15:51
ayoungbdpayne, right now, if you use the SQL backend, there is no way to clean up expired tokens, and I was thinking that the right solution would be to periodically get the old tokens out of keystone, and send them via the message bus to an archival server.15:51
bdpayneif you need the tokens for that, then you probably need to log them15:51
*** SergeyLukjanov has joined #openstack-dev15:51
*** garyk has quit IRC15:51
ayoungbdpayne, well, that information comes out of the policy engine, I am not sure it needs the token, too15:51
bdpaynetbh, I'd rather not see the tokens in the logs15:51
*** dabo has joined #openstack-dev15:51
bdpayneseems like you should just need user did xyz at time abc15:52
bdpayne(roughly) :-)15:52
*** jcoufal has joined #openstack-dev15:52
ayoungbdpayne, ok...I think you are right there.  Do you think that there will be a requirement to maintain a copy of the tokens at all?15:52
*** shang has joined #openstack-dev15:53
bdpayneI can't think of one off hand… they are really just an implementation detail and what you want to audit, it would seem to me, is the user-level access information15:53
*** basha has quit IRC15:54
bdpaynebasically, I imagine users for auditing, tokens for debugging15:54
*** pabelanger has quit IRC15:54
*** jvrbanac has quit IRC15:54
bdpaynebut, I'm more of a security hat than a compliance hat, so it might be good to run this by a compliance expert to be sure15:54
*** networkstatic has joined #openstack-dev15:55
dolphmayoung: topol: jenkins is passing this now https://review.openstack.org/#/c/28197/15:56
ayoungbdpayne, I think that we will need to hook auditing into the policy engine15:56
dolphmbackport is here, but master should merge first- https://review.openstack.org/#/c/28423/15:56
ayoungdolphm, excellent.15:56
*** PhilDay has quit IRC15:56
*** koolhead17 has joined #openstack-dev15:56
topoldolphm, cool I will review today15:56
bdpayneyoung I do agree with that (auditing in the policy engine)15:56
*** aloga has quit IRC15:56
*** jvrbanac has joined #openstack-dev15:57
*** lauria_ has joined #openstack-dev15:57
*** winston-d has quit IRC15:57
ayoungbdpayne, we could use some sort of blueprint for auditing.15:58
bdpaynealways good to log where the decisions are made15:58
ayoungI guess that would be under oslo15:58
*** winston-d has joined #openstack-dev15:58
*** jk0 has quit IRC15:58
*** digitalsanctum has quit IRC15:58
bdpayneprobably under all of the projects, to be honest15:58
*** lauria has quit IRC15:58
*** jgallard has quit IRC15:58
bdpayneoslo would be a good start15:58
ayoungbdpayne, can you chime in on https://review.openstack.org/#/c/28133/  then?15:58
*** lauria_ is now known as lauria15:59
* bdpayne is looking15:59
ayoungYou don't need to +/-  just provide feedback15:59
*** alexpilotti has joined #openstack-dev16:01
*** jk0 has joined #openstack-dev16:02
bdpayneayoung why not flush them from memcache?16:03
bdpayneor is it already flushing itself?16:04
*** kpavel_ has joined #openstack-dev16:04
ayoungbdpayne, yes memcache can flush based on expiray16:05
ayoungexpiry16:05
ayoungthat is what most people are using, I think.16:05
ayoungtokens and memcache are, for the most part, a good fit. If we could drop the requirement for revocation lists, it would be a perfect fit, I think.16:06
*** kpavel has quit IRC16:06
*** kpavel_ is now known as kpavel16:06
*** pasquier-s has quit IRC16:07
*** rushiagr has quit IRC16:08
bdpaynelooks ok16:08
*** digitalsanctum has joined #openstack-dev16:08
openstackgerritA change was merged to openstack/tempest: change test_register_http_image to use explicit url  https://review.openstack.org/2835116:09
*** esp1 has joined #openstack-dev16:10
*** zoresvit1 has joined #openstack-dev16:10
*** zoresvit has quit IRC16:10
*** mrodden has quit IRC16:10
openstackgerritA change was merged to openstack/cinder: Fix ability to add custom volume_backend_name  https://review.openstack.org/2820816:13
ayoungdolphm, we need to backport the IPv6 fix16:13
bknudsonDo the grizzly pip requires get locked down at some point?16:14
*** fbo has quit IRC16:14
*** nati_ueno has joined #openstack-dev16:14
dolphmayoung: https://review.openstack.org/#/c/28431/16:14
bknudsonI mean the versions of the packages Openstack depends on16:14
dolphmbknudson: ^16:14
dolphmbknudson: ayoung: what about folsom?16:14
*** devoid has joined #openstack-dev16:15
*** esp1 has left #openstack-dev16:15
*** Corren has joined #openstack-dev16:15
ayoungdolphm, let me check.  If the IPv6 tests are being called there, then yes.16:15
*** Ryan_Lane has quit IRC16:16
ayoungdolphm, I think actually folsom is ok16:17
ayounghttps://github.com/openstack/keystone/blob/stable/folsom/keystone/test.py#L26416:17
*** devoid has left #openstack-dev16:17
ayoungno IPv6 check in there16:17
*** kenperkins has quit IRC16:18
*** Corren has quit IRC16:18
*** nati_ueno has quit IRC16:19
*** kenperkins has joined #openstack-dev16:19
ayoungno IPv6 in here either, https://github.com/openstack/keystone/blob/stable/folsom/tests/test_ssl.py  and no test_ipv6.py16:19
*** redbeard2 has joined #openstack-dev16:19
openstackgerritA change was merged to openstack/python-openstackclient: Rename all instances of 'metadata' to 'property'.  https://review.openstack.org/2843216:23
*** mrodden has joined #openstack-dev16:23
*** pfreund has quit IRC16:24
*** brunnhilde has joined #openstack-dev16:24
*** ayoung has quit IRC16:25
*** utlemming has quit IRC16:25
dolphmayoung: thanks16:25
*** kenperkins is now known as ken16:25
*** ken is now known as kenperkins16:25
*** bswartz has joined #openstack-dev16:25
*** JordanP has quit IRC16:26
*** utlemming has joined #openstack-dev16:27
*** Corren has joined #openstack-dev16:29
*** sarob has joined #openstack-dev16:29
BobBallCan anyone help me?  Git review for a tempest change claims that it can't rebase on remotes/gerrit/master - but I have tried rebasing on both that and origin/master but with the same error message.  It claims it can't merge due to change 807aa73 - which is present in the history log before the rebase triggered by git review, but is not present in the log during the git review16:30
*** cp16net is now known as cp16net|away16:30
*** davidhadas has quit IRC16:30
*** alop has joined #openstack-dev16:30
*** sarob has quit IRC16:30
*** sarob has joined #openstack-dev16:30
*** wiliam has quit IRC16:30
*** kenperkins has quit IRC16:31
*** jruzicka has quit IRC16:31
*** marun has joined #openstack-dev16:32
*** cmark has quit IRC16:32
*** wiliam has joined #openstack-dev16:32
*** cmark has joined #openstack-dev16:32
*** hemnafk is now known as hemna16:33
*** zoresvit1 has quit IRC16:35
*** PeTe__ has joined #openstack-dev16:35
*** davidhadas has joined #openstack-dev16:36
*** yidclare has quit IRC16:37
*** wiliam has quit IRC16:37
*** zul has quit IRC16:38
*** wiliam has joined #openstack-dev16:38
*** derekh has quit IRC16:39
*** dolphm has quit IRC16:39
*** Ryan_Lane has joined #openstack-dev16:40
*** glikson has quit IRC16:40
adam_g_jgriffith: is https://bugs.launchpad.net/cinder/+bug/1160340 still critical for 2013.1.1?  if so, i can throw up a leaner backport for review16:42
uvirtbotLaunchpad bug 1160340 in cinder/grizzly "Huawei driver: Failed to delete volume or snapshot if volume id or snapshot id is 0" [Undecided,In progress]16:42
*** SergeyLukjanov has quit IRC16:42
*** jk0 has left #openstack-dev16:42
*** sarob has quit IRC16:43
*** openstackstatus has quit IRC16:43
*** zul has joined #openstack-dev16:44
*** ijw has quit IRC16:44
*** e_steve has joined #openstack-dev16:45
*** wiliam has quit IRC16:45
*** ijw has joined #openstack-dev16:46
*** sarob has joined #openstack-dev16:46
*** ijw has quit IRC16:46
*** ijw has joined #openstack-dev16:46
*** wiliam has joined #openstack-dev16:47
*** m4xmr has joined #openstack-dev16:49
*** kpavel has quit IRC16:49
*** sarob_ has joined #openstack-dev16:50
*** athomas has quit IRC16:50
*** openstackstatus has joined #openstack-dev16:51
*** sarob has quit IRC16:53
*** afazekas has quit IRC16:53
*** Nachi has joined #openstack-dev16:53
*** halj has joined #openstack-dev16:55
openstackgerritA change was merged to openstack/keystone: LDAP list groups with missing member entry  https://review.openstack.org/2778716:55
*** danpb has quit IRC16:56
*** rnirmal_ has joined #openstack-dev16:56
*** dev_sa has quit IRC16:57
*** m4xmr has quit IRC16:57
*** gyee has joined #openstack-dev16:58
*** pabelanger has joined #openstack-dev16:58
*** rnirmal has quit IRC16:59
*** rnirmal_ is now known as rnirmal16:59
*** mrunge has quit IRC16:59
*** basha has joined #openstack-dev16:59
*** terry7 has joined #openstack-dev16:59
*** garyk has joined #openstack-dev17:00
*** athomas has joined #openstack-dev17:00
*** SergeyLukjanov has joined #openstack-dev17:00
*** adjohn has quit IRC17:03
*** wiliam has quit IRC17:05
*** wiliam has joined #openstack-dev17:06
*** chuck_ has joined #openstack-dev17:07
*** bdpayne has quit IRC17:07
*** glikson has joined #openstack-dev17:08
*** martine_ has joined #openstack-dev17:09
*** aelkikhia has left #openstack-dev17:09
*** zul has quit IRC17:10
jgriffithadam_g_: so I've dropped the more controversial patch, but was hoping to see https://review.openstack.org/#/c/28207/ land17:10
*** martine has quit IRC17:11
*** bdpayne has joined #openstack-dev17:11
*** wiliam has quit IRC17:13
*** mmagr has quit IRC17:15
*** wiliam has joined #openstack-dev17:16
*** dolphm has joined #openstack-dev17:16
*** mrunge has joined #openstack-dev17:19
*** yidclare has joined #openstack-dev17:20
*** sarob_ has quit IRC17:20
*** jog0 has joined #openstack-dev17:22
*** ayoung has joined #openstack-dev17:22
*** llu_linux has joined #openstack-dev17:22
*** wiliam has quit IRC17:23
*** llu has quit IRC17:23
*** wiliam has joined #openstack-dev17:24
*** mkollaro has joined #openstack-dev17:26
*** markmc has quit IRC17:26
*** comay has joined #openstack-dev17:27
*** HenryG has quit IRC17:28
*** sarob has joined #openstack-dev17:33
*** chuck_ has quit IRC17:34
*** Corren is now known as kenperkins17:35
*** lucasagomes_ has quit IRC17:36
*** drewlander has quit IRC17:36
adam_g_jgriffith: k. i assume there are no issues with potentially changing the backend_name in the stats reporting?17:36
jgriffithadam_g_: on 28207?17:37
*** basha has quit IRC17:37
jgriffithadam_g_: so yeah, no problem there...  that actually only allows an over-ride from the config flags17:38
*** amerine has joined #openstack-dev17:38
jgriffithadam_g_: which is needed to do multi-backend routing17:38
*** wiliam has quit IRC17:38
jgriffithadam_g_: the default naming will still be picked up by the class name as before17:38
jgriffithadam_g_: 28840 is the same scenario17:39
*** wiliam has joined #openstack-dev17:39
*** wiliam has quit IRC17:44
*** sarob_ has joined #openstack-dev17:47
*** jclift_ has joined #openstack-dev17:47
*** wiliam has joined #openstack-dev17:48
ayoungdolphm, how do we nominate something as backport potential?17:48
ayoungI'm thinking this one specficially https://bugs.launchpad.net/keystone/+bug/117458517:49
uvirtbotLaunchpad bug 1174585 in keystone "LDAP list group users should not fail if user entry deleted" [Undecided,Fix committed]17:49
*** Ryan_Lane has quit IRC17:49
*** sarob has quit IRC17:50
bknudsonayoung: dolphm: I'd like that one to be backported, too. I thought there was a tag to apply...17:51
dolphmayoung: tag the bug with grizzly-backport-potential17:51
*** jergerber has joined #openstack-dev17:51
dolphmbknudson: ^17:51
bknudsondolphm: did it, thanks.17:51
*** dwaite has joined #openstack-dev17:51
dwaitegluten tag17:52
*** johnthetubaguy has quit IRC17:52
bknudsondolphm: Do I just cherry-pick it or wait for it to be approved?17:52
openstackgerritA change was merged to openstack/tempest: Update service test case - V3  https://review.openstack.org/2231717:52
*** Nachi has quit IRC17:52
dolphmbknudson: why is the test specific to ldap??17:52
dolphmbknudson: cherry-pick17:53
bknudsondolphm: In the case of LDAP, the users might be administered outside of Keystone.17:54
*** lauria_ has joined #openstack-dev17:54
bknudsonas in, it's a read-only LDAP server17:54
bknudsonit would be weird using the sql backend to delete users with sql directly, but it's not with LDAP.17:54
*** nati_ueno has joined #openstack-dev17:54
dolphmbknudson: what is it testing that doesnt apply to other backends?17:54
dolphmoh user.delete17:55
*** lauria has quit IRC17:56
bknudsondolphm: I'll do the cherry-pick and put it up for review17:56
*** lauria_ is now known as lauria17:56
*** esp1 has joined #openstack-dev17:58
*** nati_ueno has quit IRC17:58
*** Nachi has joined #openstack-dev17:58
*** boris-42 has joined #openstack-dev17:58
*** digitalsanctum has quit IRC17:59
*** mrunge has quit IRC17:59
*** esheffield has quit IRC18:00
dolphmbknudson: #openstack-meeting18:01
*** alexpilotti_ has joined #openstack-dev18:02
*** jog0_ has joined #openstack-dev18:02
*** jog0 has quit IRC18:02
*** alexpilotti has quit IRC18:02
*** jog0_ is now known as jog018:02
*** alexpilotti_ is now known as alexpilotti18:02
*** dwaite has quit IRC18:03
*** ijw has quit IRC18:04
*** alexpilotti has quit IRC18:05
*** ijw has joined #openstack-dev18:06
*** alunduil has joined #openstack-dev18:07
*** ijw has quit IRC18:08
*** ijw has joined #openstack-dev18:08
*** esp1 has quit IRC18:09
*** alexpilotti has joined #openstack-dev18:09
*** esp1 has joined #openstack-dev18:09
*** kpavel has joined #openstack-dev18:11
*** nachi_ has joined #openstack-dev18:11
*** nachi__ has joined #openstack-dev18:11
*** zul has joined #openstack-dev18:11
*** lloydde has joined #openstack-dev18:13
*** beraldo has joined #openstack-dev18:16
*** wiliam has quit IRC18:17
*** PeTe__ has quit IRC18:18
*** alunduil has quit IRC18:18
*** adjohn has joined #openstack-dev18:18
*** wiliam has joined #openstack-dev18:19
*** adjohn_ has joined #openstack-dev18:19
*** utlemming has quit IRC18:21
*** adjohn has quit IRC18:23
*** melwitt has joined #openstack-dev18:26
*** wiliam has quit IRC18:26
*** wiliam has joined #openstack-dev18:27
*** llu_linux has quit IRC18:30
*** llu_linux has joined #openstack-dev18:31
*** epende_ has quit IRC18:31
*** anniec has joined #openstack-dev18:32
*** zul has quit IRC18:32
*** belmoreira has joined #openstack-dev18:33
*** shang has quit IRC18:36
*** shang has joined #openstack-dev18:37
*** wiliam has quit IRC18:38
*** digitalsanctum has joined #openstack-dev18:38
*** Ryan_Lane has joined #openstack-dev18:39
*** wiliam has joined #openstack-dev18:40
*** freedomhui has quit IRC18:41
*** ladquin has joined #openstack-dev18:43
*** novas0x2a|laptop has joined #openstack-dev18:43
*** wiliam has quit IRC18:48
*** wiliam has joined #openstack-dev18:49
*** sandywalsh has quit IRC18:49
*** cp16net|away is now known as cp16net18:49
*** koolhead17 has quit IRC18:54
*** wiliam has quit IRC18:55
*** nunosantos has quit IRC18:56
*** megha has joined #openstack-dev18:57
*** wiliam has joined #openstack-dev18:57
*** baba has quit IRC18:57
*** rkukura has quit IRC18:57
ayoungtopol, spzala OK,  let me explain....no, is too much, let me sum up18:59
*** aloga has joined #openstack-dev18:59
spzalaayoung: thanks. OK.18:59
ayounglets say someone with a read only LDAP wants to move to grizzly.19:00
ayoungTHey don't have any available attributes to map to domain id19:00
dolphmsimo: can you explain how "key management service" is "unrelated" to your need for a "key server"?19:00
ayoungspzala, businessCat, if it exists, is being used19:00
simodolphm: barbican is about encryption keys for volumes19:00
*** lauria has quit IRC19:00
dolphmsimo: that's just the first use case they're tackling19:01
simodolphm: a key server is about credentials for services19:01
dolphmsimo: for the purposes of achieving incubation/integration19:01
simoright19:01
*** sandywalsh has joined #openstack-dev19:01
*** lauria has joined #openstack-dev19:01
*** malini_ has joined #openstack-dev19:01
simoMsessageSecurity is meant to land in Havana though19:01
simoand keystone seem to be the identity/credentials handler here19:01
*** ijw has quit IRC19:01
simothe key manager is an optional long term thing19:01
topolayoung, no available attributed to map domain id is the ignore case I want sahdev to test19:01
spzalaayoung: I remember, but vaguely, that if no domain_id specified it will be just ignored.19:02
ayoungspzala, so we need to make sure that domainid is   not mapping to any attributes in the underlying object, but still functions correctly when we do things like try to correlate users and projects19:02
dolphm"optional long term" ?19:02
ayoungtopol, good, I think we all get it19:02
simowell it's not clear to me that they have a commitment of being there and working since Havana19:02
simoalso key manager still will depend on keystone for identities19:02
simoand the key server is more about managing service identity in my view19:03
simoof course it does some crypto and stores shared keys too19:03
topolso do I still need to review dolphms patch or is  that now abandoned???19:03
malini_simo -- key manager is just about serving keys (symmetric) and19:03
dolphmtopol: i have no idea19:03
malini_later public/private/certificates19:03
*** winston-d has quit IRC19:04
simomalini_: would you accept the code I am building ?19:04
ayoungtopol, make sure you undertand it, but I thik we will go with spzala 's approach if it works.19:04
simomalini_: is barbican going to be a standard server available in Havana ?19:04
malini_if it is code that  has to become part of cloud keep , the rackspace folks get to comment on it and accept/reject19:05
topolayoung, I think that is the only option.  spzala's is the one approach small enough to be a candidate for backport19:05
malini_may be after a few more commits I will get that privilege in their19:05
malini_git master19:05
bknudsondolphm did comment on spzala's earlier patch... about the conditional aspect19:05
malini_Simo: yes19:05
simoI'd rather not play politics now though19:05
bknudsonwhich, I really did like dolphm's virtual default domain.19:05
malini_July 18 is target date for incubation for Havana and we want to meet that19:05
simoI still see the key server as more of a keystone thing than key manager thing19:05
topolif it works with full regression with no mapping of domain_id_attribute (ie put on ignore list) we should consider this.19:06
*** danwent has quit IRC19:06
dolphmtopol: full regression all the things!19:06
topoldolphm, you did look at spzala's pathc before. you hated it.19:06
*** AlanClark has joined #openstack-dev19:06
malini_so for july 18, integrated with keystone for auth (i have some questions on that for ayoung and dolphm) and then get/put keys, and have JHU-APL folks use it for block encryption19:06
topolso maybe thats a nonstarter in your mind as well :-(19:07
dolphmtopol: the conditional aspect would produce very weird behaviors at the api level19:07
*** sandywalsh has quit IRC19:07
dolphmtopol: not to mention the complexity is pushing it for backportability19:07
malini_simo -- we had that discussion at portland design summit19:07
ayoungmalini_, July 18th is my birthday.  Don't expect much out of me that day.19:07
topoldolphm, so where do we go from here???19:07
malini_it does make sense to have it as a separate service, it is providing19:08
simomalini_: what discussion ?19:08
bknudsonso what problem was spzala's patch trying to solve? That the default domain could either exist or not exist?19:08
malini_different functionality, think of it a dictionary of key-ids and keys19:08
malini_i believe you were there, but if that was inadequate, we19:08
malini_can discuss some more19:08
spzalabknudson: yes, if it exist then use it.. if not, then use virtual default domain19:09
dolphmtopol: i don't totally understand ayoung's concerns about "insufficiency" and whether his opinion of something "sufficient" would still be backportable; i'd also like to strip the domain_id from user and tenant objects before persisting them to ldap in my own patch19:09
simomalini_: well my problem is that I would like to get something together soon19:09
malini_Don Dugger from Intel was also in favor of part of keystone, Adam and self and trhe rackspace folks as  a se[arate service19:09
*** alunduil has joined #openstack-dev19:09
simomalini_: so that some testing can be done as we are still unsure what's the best approach19:09
*** wiliam has quit IRC19:09
*** eglynn has quit IRC19:09
simomalini_: and barbican is not in devstack, and does not really deal with identities afaik19:09
topoldolphm, ok, so how can we help?19:10
simowhile keystone is there and already deals with identities and credentials19:10
topolspzala can do a fullr egression for you19:10
malini_Simo: i used the devstack guide and integrated keystone middleware19:10
malini_via paste-ini19:10
simoand a key server just adds storing some data and some minor crypto I already have working19:10
malini_so it would be no differnet from glance etc19:10
dolphmtopol: want to ping the users mailing list while i go write another patch?19:10
dolphmi assume spzala is testing a patch (or patches?)19:11
topolspzala will stand down if you want to go fwd with your approach19:11
simomalini_: it's just that I do not see as much commonality with the Key Manger except for th fact some keys are involved19:11
*** wiliam has joined #openstack-dev19:11
topolwe dont need both19:11
topoldolphm, is yours small enough to backport?19:11
bknudsondolphm's patch essentially says that domains aren't supported in LDAP.19:12
spzaladolphm: yes I am going to test. I tested your patch :) but now I am going to test mine with ignore attribute for domain_id19:12
spzalatopol: agreed19:12
malini_simo: commonality -- please explain19:12
simomalini_: does the fact we have a key manager means *all* crypto must go through it ?19:12
malini_simo -- I have my own concerns, and they stem for barbican wanting to h ave its19:12
dolphmtopol: i think so19:13
malini_own layer for message passing, high availability etc19:13
dolphmspzala: cool19:13
simomalini_: point is I do not need the kind of key storage the Key Manager is envisioning19:13
simothe needs are different19:13
simomalini_: 'own layer for message passing' ?19:13
malini_simo: this was one of the reasons I was ready for it to be a simple sub-part of keystone, dolphm did not19:13
topoldolphm, what do you want me to ask the mailing list???19:14
malini_want that approach, said it gives more headache when we want to pull it out, after it gets19:14
simoit seem to me separating identity and keys is just going to incrase traffic and decrease security19:14
malini_full fledged, like nova-networkwork versus quantum19:14
*** vipul is now known as vipul|away19:14
*** vipul|away is now known as vipul19:14
malini_simo -- separating identity/keys == PKI keys are definitely part of19:15
malini_identity19:15
ayoungdolphm, I think your patch is superior,  but it will break the few people that have already deployed using multiple domains in LDAP.  Which means we should check to see if spzala 's appraoch works first19:15
malini_I agree, in that case they seem more keystone19:15
simomalini_: right19:15
simobut simmetric keys are the same19:15
dolphmtopol: (this should be in the release notes for grizzly as well) i was just planning on pinging the list concerning the broken use case, and ask if there were any early adopters on multi-domain support in grizzly19:15
simoI have one 'password' per service19:15
malini_my original intention for just symmetric keys for object/volume encryption19:15
simomalini_: exactly19:15
malini_could reside in a sep[arate place and these are many19:15
malini_typically one per object, volume etc19:16
bknudsonspzala: could your approach be changed to always use the virtual default domain rather than check if it exists?19:16
simowhic is a completely different usage, with completely difference performance and storage profile19:16
topoldolphm, multi-domain on ldap, correct?19:16
malini_simo -- the moment they want to put in pki keys and provisioning them and certificate request19:16
simomalini_: for all intent and purposes most of what I need would share no infrastructure with what you need19:16
dolphmtopol: yes19:17
malini_it gets a lot busy19:17
topoldolphm, K, I'll go throw the grenade19:17
malini_and there are more background tasks19:17
spzalabknudson: I think then it's the same approach as what dolphm is proposing19:17
simomalini_: the problem I see is splitting identiy management ( dolphm read this )19:17
bknudsonspzala: what I saw in dolphm's is that it doesn't support domains at all.19:17
bknudsononly the default domain19:17
dolphmtopol: i'd also like to ask for feedback on the proposed solutions, but i'm totally lost on what *else* was proposed today19:17
*** stevemar has quit IRC19:18
simowhat I am doing here is basically giving an identity to every service on the message queue19:18
simosomething I think people want to manage just like other dientities in keystone19:18
dolphmbknudson: spzala: it supports a single read-only domain19:18
topoldolphm, only games in town are yuour patch and spzala's patch.  the rest were some config options19:18
bknudsonwhereas spzala's approach kept multi-domain support.19:18
simobut maybe I am wrong and people do want split identity management for internal vs external identities19:18
spzalabknudson: agreed with dolphm19:19
*** alunduil has quit IRC19:19
spzalabknudson: yes19:19
simoas these are more infrastructure identities than user facing ones19:19
*** markmcclain has joined #openstack-dev19:19
simoyet right now keystone handles infrastructure stuff like endpoints19:19
topolyou remove domains completely. spzala gets the default domain stuff to work but leaves domains still in there with a poor implementation19:19
malini_today we save each service identity in keystone, i personally think19:19
simoI guess people are too busy with LDAP stuff19:19
malini_that service's public key and certificate are all part of that service id and should be accessible in keystone19:20
*** sandywalsh has joined #openstack-dev19:20
simomalini_: that's my view as well19:20
simobut dolphm seem not although I have not understood his rationale19:20
malini_if anything the key manager could act as a registry of public keys and certificates, like verisign or microsoft to serve them19:21
bknudsonwhy wouldn't the service's public key and certificate be accessible in the service?19:21
malini_but that would be data duplication19:21
simobknudson: ?19:21
malini_for me keystone is also a central repository of all things service/user specific in terms of preference19:21
malini_such as encryption algorithm preference19:21
*** garyk has quit IRC19:22
*** mkollaro has quit IRC19:22
topoldolphm, do I need to ask for feedback on openstack, openstack-dev or both?19:22
*** wiliam has quit IRC19:23
*** Nachi has quit IRC19:23
malini_Simo: when i came in proposing key manager  it was to ease key management, then rackspace's solution came in from a silightkly different perspective vision, and JHU-APL comes with it's NSA push for KMIP support19:23
*** esheffield has joined #openstack-dev19:24
malini_for quicker/broader encryption support/security in system just19:24
malini_saving key-id/key-strings is plenty19:24
simomalini_: key manager is quite different though, it's not as strongly correlatyed with services or users identities19:24
*** bknudson has left #openstack-dev19:24
malini_with certificates and public keys in keystone19:24
malini_and certs and public keys do not need additional encryption .. they are transparent/open19:25
malini_simo: exactly19:25
malini_simo: not as tightly correlated with services or user-ids19:25
simomalini_: which is why I think key manager can well be a separate server/service/project19:25
simowhile I have trouble with pushing key server away from keystone19:25
dolphmtopol: just openstack19:26
simoas keystone seem the natural place for that service/information19:26
simoit *could* be a separate service, I am just not sure that we gain anything in maing it separate19:26
*** pixelbeat_ has quit IRC19:26
simodolphm: would please provide some of your reasoning for pushing away ?19:27
*** wiliam has joined #openstack-dev19:27
dolphmsimo: sorry, i'm not really following your conversation with malini_, what's the context of the question?19:28
malini_simo: for a load balancing perspective, even if part of keystone, it would make sense to give key manager its own port and19:28
malini_have it serve up keys etc19:28
*** bknudson has joined #openstack-dev19:28
malini_the life cycle management stuff it does have nothing to do with19:28
*** bknudson has quit IRC19:28
simodolphm: the point of the conversation is that keystone seem the natural place for a key server for message security as it is basically an identity system for services19:29
malini_keystone today such as "expiring" keys etc19:29
malini_but PKI keys pertaining to a service would have everythign to do with19:29
*** vipul is now known as vipul|away19:29
simodolphm: you said -> barbican, but the problem space the ksy server address has not much overlap with barbican19:29
malini_identity and keystone, and its lifecycle, re-issue etc would be19:29
simoand has a ton of ties with what keystone does19:29
malini_keystone relevant ..19:29
malini_may be it is just philosophical19:30
ayoungsimo, lets get it writtend as a contrib piece so people can try it out19:30
ayoungit may not land in keystone, but I think it is not a bad place for a proof of concept19:30
simoayoung: I need buy in from dolphm, I do not want to spend weeks and have it turned down as a matter of principle19:31
simoalso there is the problem of oslo-incubator pieces I need to drag in19:31
* dolphm reading back19:31
termiesimo: then code it faster ;)19:31
simotermie: half ready already19:31
termiesimo: see, there you go19:31
*** katylava is now known as katylava|away19:31
simotermie: but would like to know it has a chance of getting in before I do more19:31
ayoungsimo, I am not sure that it needs to be in Keystone.  Ideally, we should be able to split off different services from each other.19:31
malini_barbican code does pull in oslo common stuff for logging etc19:31
jgriffithrussellb: ping19:32
simomalini_: I have additions to solo-incubator19:32
dolphmmalini_: it's really difficult to follow your messages when they're broken in the middle of sentences19:32
simomalini_: 3 patchges that add crypto primitives19:32
*** wiliam has quit IRC19:32
*** jcoufal has quit IRC19:32
malini_sorry dolphm. my bad, i hit return on chat client when line full. will resist the urge19:32
dolphmmalini_: thanks :)19:33
malini_simo, your crypto stuff in oslo would be perfect. i see crypto being used in all the service, so it belong s there.19:33
*** soleblaze has quit IRC19:33
simomalini_: my client can split lines on its own, please do resist, I was quite confused too :)19:33
*** soleblaze has joined #openstack-dev19:33
*** eglynn has joined #openstack-dev19:33
simomalini_: my crypto stuff *must* be in oslo because that's where messaging happens19:34
dolphmmalini_: oslo or in a client project?19:34
simoI just want to reuse common code which is why I would drag new version of solo-incubator in keystone19:34
ayoungdolphm, in the messaging layer19:34
russellbjgriffith: pong19:34
malini_keep it in oslo, exactly like simo says. both servers and clients can use form oslo19:34
*** alop has quit IRC19:34
simodolphm: from openstakck.common import xyz19:34
jgriffithrussellb: not sure if there's already discussions around this....19:35
jgriffithrussellb: I spoke with Laura G about the encryption work19:35
jgriffithrussellb: I've recommended that live in Cinder19:35
ayoungmalini_, oslo incubator is not a libary, so we have to merge code down from it in order to be able to use it.  Sub optimal19:35
jgriffithrussellb: wanted to make sure you didn't have some objection/plan there?19:35
simodolphm: it seem the version of oslo-incubator in keystone is quite old ? All the rpc stuff seem to be missing19:35
simoare was the rpc stuff omitted on purpose ?19:35
dolphmsimo: we don't use rpc in keystone, so it's not in keystone19:36
simoI do not need the rpc stuff I split crypto into openstack.common.cryptoutils in my last patchset19:36
jgriffithrussellb: this seems to solve some issues regarding native encryption support, compression etc19:36
malini_would be nice to have a library of all things useful (logging, crypto, config), i knowe it is sub-optimal today but would it stay that way?19:36
*** alop has joined #openstack-dev19:36
russellbjgriffith: i don't feel that strongly about it19:36
jgriffithrussellb: we'd basicly expose an "encrypted" voluem type19:36
simomalini_: that's oslo-incubator19:36
jgriffithrussellb: ok19:36
simomalini_: the only 'problem; is that we import snapshots into each other project code19:36
russellbjgriffith: decryption happen in cinder?19:37
malini_simo  :-) got it now19:37
malini_i know, would be nice if we could have version number like we do for python-keystoneclient19:37
simodolphm: so assuming I can import that single file once it hits oslo-incubator, how do I convince you that the key server belongs to keystone code base ? :)19:37
jgriffithrussellb: yeah19:37
russellbjgriffith: so basically not really visibly outside at all, other than an attribute saying it's encrypted on the backend?19:37
russellbok.19:37
jgriffithrussellb: exactly19:37
jgriffithrussellb: and key management via some plugin model external19:38
*** danwent has joined #openstack-dev19:38
simodolphm: or should I ask aylum to russellb and incubate in nova? :-P19:38
simo*asylum19:38
malini_ayoung/dolph, I have a dummy 101 keystone question19:38
jgriffithrussellb: it seems *safest* to me19:38
ayoungmalini_, fire away19:38
russellbjgriffith: probably worth a ML post to clarify intended direction for anyone interested19:38
simoit does benefit nova more than keystone at least initially ...19:38
jgriffithrussellb: indeed, but wanted to synch with you first19:38
russellbsure that's fine with me, i'm mostly deferring to others on this one19:39
jgriffithrussellb: yeah, I was hoping to do the same actually :)19:39
russellbjgriffith: thanks for working with them to get this done19:39
dolphmsimo: i'm completely missing how your use case is not served by barbican's goals; a blueprint filed against either keystone or barbican that the barbican community can look at would be helpful19:39
jgriffithrussellb: sure, I'll synch back up with them and get something on the ML19:39
jgriffithrussellb: thanks19:39
*** matiu has joined #openstack-dev19:39
*** matiu has quit IRC19:39
*** matiu has joined #openstack-dev19:39
simodolphm: https://wiki.openstack.org/wiki/MessageSecurity19:39
simodolphm: https://blueprints.launchpad.net/oslo/+spec/trusted-messaging19:39
simodolphm: the need arises from rpc messaging19:40
russellbdolphm: totally jumping in out of nowhere on this, but we need this ASAP for messaging security19:40
*** markmcclain has left #openstack-dev19:40
*** markmcclain has joined #openstack-dev19:40
simodolphm: and as I said it has little or nothing to do with what barbican is about19:40
russellbi really don't want to have to wait for another project if we can avoid that19:40
simorussellb: I can put the server in nova if you are ok with it19:40
simoI *think* keystone is a more natural place19:40
russellbwell if we do it in nova, it doesn't need to be in the REST API at all19:40
dolphmsimo: this is not a blueprint for a key server19:41
simobut nova would be better than barbican I think19:41
simodolphm: because the key server is just an extension of having to manage a few keys and hading out a couple of tickets19:41
malini_i have barbican with a paste-ini for keystone client integration, which gives auth_host = localhost19:41
malini_#auth_port = 500019:41
malini_auth_port = 3535719:41
malini_auth_protocol = http19:41
malini_admin_tenant_name = service19:41
malini_admin_user = barbican19:41
malini_admin_password = orange19:41
ayoungrussellb, Nova already has the pattern of spinning up new servers, and then splitting them off into separate projects.19:41
malini_auth_version = v2.0 and things work cutely from python command line http request if I pass in header {'X-Auth-Token: 'foo'} if foo happens to belong to the barbican service user. is that how it has to work, is it not more likely that we shall come here with in the course of normal use with a user auth-token?19:41
simodolphm: actually I should say key distribution service19:41
dolphmsimo: please file a blueprint19:42
ayoungIf we wait for full incubation for something minor like this, it means we either have to shoehorn something in where it doesn;t fit or punt19:42
*** mlavalle has joined #openstack-dev19:43
*** markmc has joined #openstack-dev19:44
ayoungI could see the argument that policy and tokens could be a separate backend from the user configuration service.  If we did top-down discovery of services we wouldn't have to bundle them all together under keystone.19:45
ayoungSo simo 's issue is kindof clarifying the issue for us19:45
dolphmayoung: they are seperate backends19:45
ayoungdolphm, right19:45
ayoungdolphm, and yet we assume they are on one server19:45
dolphmayoung: not really..?19:45
ayoungdolphm, but there is no need for them to be on one server19:46
simodolphm: the idea was that kds would be one of those backends19:46
simodolphm: what do you need to see in a new blueprint ?19:46
ayoungsimo, Yep. as I said, we do it as a "contrib" thing first, and show that it can be used, and the figure out the deployment approach.19:46
dolphmsimo: the use case you're trying to solve19:46
simodolphm: providing services with an 'identity' in form of a shared secret and a ticketing service19:47
simoso they can use this identity to securely communicate over RPC19:47
ayoungdolphm, I think this points to the need for the enumeration of the extensions, I think that bug has been open for a while19:47
*** lauria_ has joined #openstack-dev19:47
*** gyee has quit IRC19:47
*** rkukura has joined #openstack-dev19:47
*** lauria has quit IRC19:48
*** lauria_ is now known as lauria19:48
ayounghmmm, must just be a comment in the code19:48
*** vartom1119 has joined #openstack-dev19:50
*** adjohn_ has quit IRC19:52
malini_simo: trying to understand, 2 services, with their respective Public-private key pair negotiate a shared secret, some protocol like TLS, and save their shared key for further secure communications. is this as safe but lighter weight than TLS. Yes, the shared secret needs to be saved, indexed by the service-endpoint pair. how long lived? i can see this being separate from a key manager's keys, longer lived19:53
simodolphm: https://blueprints.launchpad.net/keystone/+spec/key-distribution-server19:56
malini_falling off for an  hour. ayoung/dolphm, when you get a chance please answer my 101 question19:56
simodolphm: I can proceed to split the MessageSecurity document so that the Key Server parts are in another document if you want19:56
malini_thanks simo, will check out blueprint19:56
simobut keeping all i one doc for now would be easier for me19:56
dolphmsimo: sure19:57
simomalini_: I am not sure what public/private key thing is about, you need a CA/PKI infrastructure to use public-key crypto19:57
dolphmsimo: a document limited in scope to how you plan on approaching the problem with regard to keystone would be beneficial19:57
simodolphm: I will ask ayoung to help with that :-)19:57
simoayoung: ^^19:58
dolphmsimo: i don't see anything in that document regarding how you plan on approaching the problem with regard to keystone19:58
ekarlsowhat's the whole discussion on now ?19:59
ayoungmalini_, I don't understand the question20:00
*** pcm__ has quit IRC20:00
*** gabrielhurley has joined #openstack-dev20:00
ayoungsimo, file a keystone blueprint that points to the unified doc20:00
*** john5223 has left #openstack-dev20:00
ayoungthen , in the unified doc, specify which is to be implemented in keystone, and where the other pieces reside20:01
simoayoung: I mentioned the doc there already20:02
ayoungsimo, I'll file...20:02
simoayoung: I will build a separate doc specific to keystone that references the current document20:02
*** armax has left #openstack-dev20:02
ayoungsimo, no need, just ablueprint entry here...20:02
simo?20:02
ayounghttps://blueprints.launchpad.net/keystone20:02
simohttps://blueprints.launchpad.net/keystone/+spec/key-distribution-server20:03
ayoungsimo, and set the specification url to be your existing doc20:03
* simo slaps ayuong, pay attention! :-P20:03
ayoungAh, right..I meant that the peices that are not underkeystone should also point to the same spec...20:03
*** utlemming has joined #openstack-dev20:03
* ayoung just did a quick search and missed, osorry20:03
simoayoung: can't set it as the specification url because that doc has already been set as an oslo specification doc20:03
ayoungugh!20:04
*** lglenden has joined #openstack-dev20:04
*** mdenny has quit IRC20:04
ayoungsimo, what a PITA20:04
simoand blueprints apparently do not mind their business and complain if you try to add the same thing to 2 blue prints20:04
* ayoung goes back to sleep20:04
*** mdenny has joined #openstack-dev20:05
ayoungsimo, hadn't tripped over that particular nastiness before.20:05
*** utlemming has quit IRC20:05
simoayoung: creating a new doc20:05
*** colinmcnamara has joined #openstack-dev20:05
ayoungsimo, nah20:05
simoI'll have a minimal draft now20:05
simoand fill it up this week on conf calls instead of napping :-)20:06
ayoungOK,  I'll leave it to you,.  this is more of a paperwork drill than is called for20:06
termiesimo: try adding a #foo to the end of it?20:06
simoayoung: dolphm asked for it, and it make sense to have at least some basic stuff20:06
simotermie: ah wait20:06
simoI guess I could try to link to a subsection ...20:06
ayoungsimo, yeah, and you can have one blueprint point to another one, too20:06
ayoungtermie, ftw!20:06
*** adjohn has joined #openstack-dev20:07
dolphmayoung: it's hard to provide feedback on a design when there's neither relevant documentation or a relevant implementation to review; i'm fine with whichever is easier20:07
*** torandu_ has quit IRC20:07
ayoungdolphm, I think we have a solution, but the blueprint was written and speced, just problematic in that it spanned multiple services20:08
simotermie: meh the system is stupid as you suspected :)20:08
simodolphm: I linked the doc20:08
*** edmund1 has joined #openstack-dev20:08
simonow will build a subsection of it that is keystone specific as soon as I have time, ok ?20:08
ayoungsimo, you should link the blueprints, too.  See the "add dependncy" link at the bottom of the blueprint page20:09
dolphmsimo: ping the -dev list when you're ready20:09
*** dprince has quit IRC20:10
ayoungdolphm, https://wiki.openstack.org/wiki/MessageSecurity#Shared_Keys_and_Key_Server_Proposal20:10
ayoungbut that is a bit light20:10
ayoungsimo, didn't you have sketched out the new APIs?20:10
malini_ayoung, will try explaining better. barbican (key manager) will be a service that gets called for a key. when that call comes in a user token that authenticates the user will come in. by weaving in keystone client middleware the X-Auth-Token will be authenticated and cached -- right? so to test that I had the keystone auth middleware correct, I pretended to be an itermediate service making a url request to barbican, wit the X-Auth_Token set. It all20:10
malini_ passed auth if token was for barbican service user, but not for a token for a random user20:10
*** pabelanger has quit IRC20:11
*** torandu has joined #openstack-dev20:11
ayoungmalini_, possibly an RBAC thing20:11
simoayoung: they are in the doc below20:11
simoayoung: it's basically just 1 call for starters20:11
simoplus 1 another for group services at a later phase20:11
ayoungsimo, ah, It looked like just the subsection was keystone, yeah....that looks better.  Probably should change the heading to be clear that from there until the "phases" part is all the keystone blueprint, but I think that content will work20:12
simoayoung: yeah need to reorganize it a little20:13
malini_ayoung, cool, so  my understanding of  how it should work is correct. RBAC -- please elaborate, may be some policy stuff, I did not touch that.20:13
*** colinmcnamara has quit IRC20:13
simoayoung: I will actually add a section 7 expliclty about an implementation in KeyStone ano move the RESTful API section there20:13
*** edmund1 has quit IRC20:14
ayoungmalini_, Role based access control is managed by the policy.json file.20:14
ayoungmalini_, look at the one in the keystone/etc dir for an example20:14
*** lloydde has quit IRC20:14
*** edmund1 has joined #openstack-dev20:14
malini_ayoung, much thanks!20:14
*** lloydde has joined #openstack-dev20:15
*** READ10 has quit IRC20:15
*** AlanClark has quit IRC20:15
openstackgerritA change was merged to openstack/horizon: Updated translations from Transifex  https://review.openstack.org/2840920:16
*** AlanClark has joined #openstack-dev20:16
*** aeperezt has quit IRC20:16
*** colinmcnamara has joined #openstack-dev20:18
openstackgerritA change was merged to openstack/horizon: Fix cosmetic bug when displaying unnamed volumes  https://review.openstack.org/2818820:18
*** lloydde has quit IRC20:19
*** esp1 has left #openstack-dev20:21
*** mkollaro has joined #openstack-dev20:21
*** topol has quit IRC20:25
*** colinmcnamara has quit IRC20:26
*** SergeyLukjanov has quit IRC20:26
*** FunnyLookinHat has quit IRC20:28
*** vipul|away is now known as vipul20:30
*** mlavalle has quit IRC20:30
*** zul has joined #openstack-dev20:31
*** yolanda has joined #openstack-dev20:32
*** boris-42 has quit IRC20:33
*** jvrbanac has quit IRC20:34
*** zul has quit IRC20:35
*** pmyers has quit IRC20:36
*** pmyers has joined #openstack-dev20:37
*** aloga has quit IRC20:37
*** pmyers has quit IRC20:37
*** pabelanger_ has quit IRC20:38
*** pabelanger has joined #openstack-dev20:38
*** kenperkins has quit IRC20:39
*** kenperkins has joined #openstack-dev20:41
*** nati_ueno has joined #openstack-dev20:41
*** pmyers has joined #openstack-dev20:41
*** cp16net is now known as cp16net|away20:43
*** nati_ueno has quit IRC20:44
*** lloydde has joined #openstack-dev20:45
*** zul has joined #openstack-dev20:45
openstackgerritA change was merged to openstack/swift: Fixed issue with use of delimiter in container queries.  https://review.openstack.org/2806920:47
*** gyee has joined #openstack-dev20:48
*** jcoufal has joined #openstack-dev20:49
*** nunosantos has joined #openstack-dev20:52
*** lloydde has quit IRC20:55
*** bknudson has joined #openstack-dev20:57
*** beraldo has quit IRC20:57
*** tzumainn has quit IRC21:01
*** cp16net|away is now known as cp16net21:03
*** kagan has joined #openstack-dev21:06
jog0ayoung: ping21:07
jog0I am looking at https://review.openstack.org/#/c/23970 and not sure how to add a role to a user in the unit tests21:07
*** esp1 has joined #openstack-dev21:08
*** esp1 has left #openstack-dev21:08
*** Xigam is now known as xBytez21:10
*** xBytez has quit IRC21:10
*** xBytez has joined #openstack-dev21:10
jog0never mind, just got it working21:10
sdaguemordred: any chance you can re-rev this on master? - https://review.openstack.org/#/c/28220/21:11
sdaguethe sooner we can extend flake8 in project trees, the better21:11
mordredsdague: yeah. I'm working on new version - I discovered things about internals you would probably rather not know21:11
sdagueheh, no worries :)21:12
sdaguealso, if you need more reviewers on hacking, let me know. I did a bunch of the custom rules in nova and tempest with jog021:12
markmcmordred, actually, on that - are you still thinking of pbr and hacking coming under the oslo program ?21:12
markmcmordred, that way we could add oslo-core as reviewers21:13
mordredmarkmc: YES PLEASE21:13
mordredmarkmc: I could REALLY use more eyes and stuff21:13
markmcmordred, let's do it! :)21:13
*** litong has quit IRC21:13
markmcmordred, seen this btw? https://review.openstack.org/#/c/27379/1/MAINTAINERS21:13
sdaguemarkmc: I think fungi said oslo-core is areadly +2 on hacking yesterday21:13
markmcmordred, you'd be the specialist maintainer, oslo-core the generalist reviewers21:13
markmcsdague, ah, cool21:13
markmcmordred, well, the specialist maintainer stuff is more about oslo-incubator, but you get the idea21:14
mordredmarkmc: oh- that's great!21:15
ayoungjog0 you want to add the role to the user for a project or a domain. There are examples in the other files, as well as how the keystone/tests.py loads the fixtures21:15
ayoungjog0, that does self.identity_api.add_user_to_project(tenant_id, user['id'])21:15
ayoungprobably not what you want21:16
ayoungjog0, you there still?21:16
ayoungah, see you got it working, cool21:16
mordredsdague: you're hired as a hacking-core!21:16
*** Mandell has quit IRC21:16
mordredunless jog0 has objections...21:17
*** donaldh has joined #openstack-dev21:18
jog0mordred: ++ to sdague21:18
jog0ayoung: I just got it working, posting the patch shortly21:19
*** bknudson has quit IRC21:19
mordreddone21:19
jog0ayoung: its a little strange that the roles aren't assigned in the default fixtures but got around that one21:19
jog0sdague: welcome to hacking-core21:19
*** vartom1119 has quit IRC21:20
*** anteaya has quit IRC21:20
*** anteaya has joined #openstack-dev21:23
devanandadhellmann-away: around?21:24
sdaguemordred / jog0 danke21:25
*** anteaya has joined #openstack-dev21:25
*** portante|afk is now known as portante21:26
*** rnirmal has quit IRC21:29
*** martine_ has quit IRC21:30
*** dtroyer has left #openstack-dev21:32
simomarkmc: with the new patch I added git review fails to update the current review21:32
simoshould I just kill the current review and start a new one ?21:32
*** michchap has quit IRC21:33
simoor is there a way to add a new patch in the patchset and let git review like it ?21:33
simothe patch has been added *before* the patches I already had pushed21:33
*** alunduil has joined #openstack-dev21:33
*** michchap has joined #openstack-dev21:33
*** dtroyer has joined #openstack-dev21:34
simooh nvm, master has changed21:34
spzalaayoung: Hi Adam. I have updated the patch for default domain - https://review.openstack.org/#/c/27364/9  please take a look when you get chance.21:35
ayoungspzala, looking21:35
spzalaayoung: oh :) thanks!21:35
ayoungspzala, di you test that it works if there is no domain attribute?21:36
*** bswartz has quit IRC21:36
spzalaayoung: I did earlier.. but not with this patch :( but let me quickly do it.21:36
ayoungspzala, that is the important thing.  I already know roughly what this patch is doing, and am OK with it, but I would like to know that we are actually going t o be able to support existing LDAP deploys.21:37
spzalaayoung: so I will be removing domain_id from this and test - that good approach? for example,21:37
spzalaayoung:        group = {'id': uuid.uuid4().hex, 'domain_id': uuid.uuid4().hex,21:37
spzala                 'name': uuid.uuid4().hex, 'description': uuid.uuid4().hex}21:38
spzalaayoung: yes, agree.21:38
ayoungyou need to test against a live server, and configure the ignore attributes for domain_id for all of the entities21:38
*** kenperkins has quit IRC21:41
*** radez is now known as radez_g0n321:41
ayoungspzala, I think it doesn't matter if domain is specified on the command line or in the data that gets posted.  If that is what the V3 api calls for, we can handle it.21:41
*** e_steve has quit IRC21:42
*** lauria_ has joined #openstack-dev21:42
*** jasondotstar has quit IRC21:42
*** lauria has quit IRC21:43
*** lauria_ is now known as lauria21:43
*** ashwini has quit IRC21:43
spzalaayoung: I think that's how I tested it. I updated my backend_liveldap.conf with domain_attribute_ignore = user_domain_id_attribute, group_domain_id_attribute,tenant_domain_id_attribute21:43
spzalaayoung: then run ldap_livetest21:44
*** cloudchimp has quit IRC21:44
*** rerngvit has joined #openstack-dev21:44
*** alop has quit IRC21:44
spzalaayoung: and I just tested without "domain_id" in the user and group crud tests.. which went well.21:45
*** alop has joined #openstack-dev21:45
*** rerngvit has left #openstack-dev21:45
*** lloydde has joined #openstack-dev21:46
*** rerngvit_ has joined #openstack-dev21:48
*** rerngvit_ has quit IRC21:48
*** bradjones|away is now known as bradjones21:49
*** lloydde has quit IRC21:50
*** sacharya has quit IRC21:51
spzalaayoung: hope my testing makes sense.21:55
*** redbeard2 has quit IRC21:56
*** eglynn has quit IRC21:58
*** portante is now known as portante|afk21:58
ayoungspzala,  domain_attribute_ignore = user_domain_id_attribute, group_domain_id_attribute,tenant_domain_id_attribute  ?21:59
ayoungit should be21:59
*** kenperkins has joined #openstack-dev21:59
*** markmcclain has quit IRC21:59
reedrussellb, regarding the Hong Kong design summit...21:59
ayoungspzala, hte attribute_ignore is set on the individual objects, so, no.22:00
*** jecarey has quit IRC22:00
russellbreed: remote participation seems like it may be worth revisiting22:01
reedrussellb, do you have hard numbers/evidence of devs not able to go?22:01
ayoungspzala, so, for example user has DEFAULT_ATTRIBUTE_IGNORE = ['tenant_id', 'tenants']22:01
ayoungwe'd want to keep those, and add domain_id to them22:01
spzalaayoung: ignore within user, project, like user_attribute_ignore=tenant_id,tenants,domain_id22:01
*** bknudson has joined #openstack-dev22:01
reedrussellb, re: remote participation, yes, it's time to start talking about it and test solutions22:01
ayoungspzala, yes22:01
reedrussellb, is that a conversation to have on TC or -dev list?22:01
ayoungspzala, I think you might have had a false success in your earlier test22:02
russellbreed: -dev list i think22:02
spzalaayoung: ah.. OK. Thanks, good point.22:02
ayoungspzala, in the LDAP backend, is there something populated in the businessCategory attribute?22:02
spzalaayoung: let me retest now22:02
*** cdub_ has joined #openstack-dev22:03
*** katylava|away is now known as katylava22:03
spzalaayoung: populated in the server? sorry, didn't get it.22:03
ayoungspzala, if you do an ldapsearch, does a value get returned?22:04
spzalaayoung: yes22:04
spzalaayoung: like "sudo ldapsearch -x -LLL -H ldap:/// -b dc=openstack,dc=org dn"22:05
spzalaayoung: any particular search ?22:05
*** electrichead has quit IRC22:06
ayoungspzala, ok, so I think that you would want to do user add or project add from the cli and see what ends up in the dirsrv22:08
spzalaayoung: OK, sure.22:09
*** athomas has quit IRC22:09
*** jcoufal has quit IRC22:10
*** dolphm has quit IRC22:10
*** cdub has quit IRC22:11
spzalaayoung: sorry but we don't have any cli option to user add to domain right?22:12
spzalaayoung: I think you are saying to add user to domain?22:12
*** glikson has quit IRC22:12
*** vkmc has joined #openstack-dev22:13
*** vkmc has quit IRC22:13
*** vkmc has joined #openstack-dev22:13
ayoungspzala, actually, you will have to use curl, as it is V3 API22:14
ayounguser *or* project22:14
*** eharney has quit IRC22:15
*** markmc has quit IRC22:15
ayoungspzala, gotta go, I'll check in later22:15
*** kbringard has quit IRC22:15
*** zul has quit IRC22:16
spzalaayoung: OK, thanks a lot! have a nice evening.22:16
*** cdub has joined #openstack-dev22:18
openstackgerritA change was merged to openstack/swift: have tempurl allow OPTIONS requests  https://review.openstack.org/2845822:19
*** sthaha has joined #openstack-dev22:23
*** zul has joined #openstack-dev22:26
*** dims has quit IRC22:31
*** belmoreira has quit IRC22:32
*** gnorth has joined #openstack-dev22:33
*** shang has quit IRC22:34
*** ianw has joined #openstack-dev22:35
*** maoy has quit IRC22:35
*** jayg is now known as jayg|g0n322:35
*** yolanda has quit IRC22:37
*** flaper87 has quit IRC22:40
*** dolphm has joined #openstack-dev22:41
*** AlanClark has quit IRC22:42
*** giulivo has quit IRC22:42
*** bradjones is now known as bradjones|away22:45
*** dolphm has quit IRC22:46
*** dims has joined #openstack-dev22:46
*** lloydde has joined #openstack-dev22:46
*** jpich has quit IRC22:47
*** gabrielhurley has quit IRC22:48
*** markwash has quit IRC22:48
*** lglenden has quit IRC22:48
*** vipul is now known as vipul|away22:49
*** jimfehlig has quit IRC22:50
*** lloydde has quit IRC22:51
*** bmclaughlin has quit IRC22:51
*** datsun180b has quit IRC22:52
clarkbkeystone folks: I have rebased mordred's testr change for python-keystoneclient https://review.openstack.org/#/c/18637/22:53
*** Mapleh has joined #openstack-dev22:55
*** lauria has quit IRC22:55
*** lauria has joined #openstack-dev22:56
*** mikal has quit IRC22:56
*** spzala has quit IRC22:57
shardyayoung, dolphm: have been looking at using trusts in Heat, and looks like we're gated by the keystoneclient support22:58
*** mikal has joined #openstack-dev22:59
*** yidclare has quit IRC22:59
shardywas wondering if you have folks planning to look at that, or if I should plan to look into it myself?22:59
*** zul has quit IRC22:59
*** digitalsanctum has quit IRC22:59
*** johnpur has quit IRC23:01
*** vipul|away is now known as vipul23:01
*** galstrom is now known as galstrom_zzz23:02
*** yidclare has joined #openstack-dev23:03
*** vipul is now known as vipul|away23:03
*** ladquin is now known as ladquin_brb23:03
*** donaldh has quit IRC23:06
*** lloydde has joined #openstack-dev23:07
*** vipul|away is now known as vipul23:07
*** mkollaro has quit IRC23:07
*** sudorandom has quit IRC23:10
*** shardy is now known as shardy_afk23:10
*** sacharya has joined #openstack-dev23:13
*** mdenny has quit IRC23:14
*** hemna is now known as hemnafk23:14
*** alop has quit IRC23:14
*** mdenny has joined #openstack-dev23:17
*** mdenny has quit IRC23:17
*** mdenny has joined #openstack-dev23:18
*** gongysh has joined #openstack-dev23:22
*** katylava has quit IRC23:24
ayoungshardy_afk, haven't had time to hit it.23:33
ayoungfeel free to look in to it23:34
*** lauria_ has joined #openstack-dev23:35
*** lauria has quit IRC23:35
*** lauria_ is now known as lauria23:35
*** redbeard2 has joined #openstack-dev23:36
openstackgerritA change was merged to openstack/ceilometer: alarm: fix MongoDB alarm id  https://review.openstack.org/2841023:37
*** topol has joined #openstack-dev23:43
*** sudorandom has joined #openstack-dev23:48
*** yidclare has quit IRC23:52
*** yidclare has joined #openstack-dev23:54
*** jamespage_ has joined #openstack-dev23:57
« Monday, 2013-05-06 Index Wednesday, 2013-05-08 »

Generated by irclog2html.py 2.14.0 by Marius Gedminas - find it at mg.pov.lt!