*** openstack has joined #openstack-keystone | 13:49 | |
-dickson.freenode.net- [freenode-info] if you're at a conference and other people are having trouble connecting, please mention it to staff: http://freenode.net/faq.shtml#gettinghelp | 13:49 | |
*** openstackgerrit has joined #openstack-keystone | 13:49 | |
*** leseb has joined #openstack-keystone | 13:50 | |
*** jdennis has quit IRC | 13:51 | |
*** vhoward- has joined #openstack-keystone | 13:51 | |
*** leseb has quit IRC | 13:54 | |
*** henrynash has quit IRC | 13:58 | |
*** leseb has joined #openstack-keystone | 14:03 | |
*** joesavak has joined #openstack-keystone | 14:04 | |
*** rwsu has joined #openstack-keystone | 14:16 | |
*** topol has joined #openstack-keystone | 14:22 | |
*** jsavak has joined #openstack-keystone | 14:23 | |
*** radez is now known as radez_g0n3 | 14:24 | |
*** hrybacki_ has joined #openstack-keystone | 14:26 | |
*** radez_g0n3 is now known as radez | 14:27 | |
*** joesavak has quit IRC | 14:27 | |
*** hrybacki has quit IRC | 14:29 | |
*** leseb has quit IRC | 14:30 | |
*** hrybacki_ has quit IRC | 14:30 | |
*** hrybacki has joined #openstack-keystone | 14:30 | |
*** leseb has joined #openstack-keystone | 14:31 | |
*** diegows has quit IRC | 14:33 | |
*** leseb has quit IRC | 14:35 | |
*** diegows has joined #openstack-keystone | 14:45 | |
*** henrynash has joined #openstack-keystone | 14:51 | |
*** zhiyan is now known as zhiyan_ | 14:55 | |
*** zhiyan_ is now known as zhiyan | 14:56 | |
*** jdennis has joined #openstack-keystone | 14:57 | |
*** Mikalv is now known as meeh2 | 14:57 | |
*** zhiyan is now known as zhiyan_ | 14:59 | |
*** thedodd has joined #openstack-keystone | 15:00 | |
*** jgriffit1 is now known as jgriffith | 15:06 | |
*** elmiko has quit IRC | 15:07 | |
*** mitz- has quit IRC | 15:07 | |
*** mitz has joined #openstack-keystone | 15:07 | |
*** hrybacki has quit IRC | 15:08 | |
*** diegows has quit IRC | 15:09 | |
*** hrybacki has joined #openstack-keystone | 15:12 | |
*** hrybacki has quit IRC | 15:15 | |
*** hrybacki_ has joined #openstack-keystone | 15:15 | |
*** mitz has quit IRC | 15:15 | |
*** mitz has joined #openstack-keystone | 15:16 | |
*** chandan_kumar has quit IRC | 15:18 | |
*** david-lyle has joined #openstack-keystone | 15:18 | |
*** erecio has quit IRC | 15:22 | |
*** andreaf_ has quit IRC | 15:23 | |
*** rodrigods has quit IRC | 15:23 | |
*** htruta has quit IRC | 15:30 | |
*** htruta has joined #openstack-keystone | 15:30 | |
*** joesavak has joined #openstack-keystone | 15:30 | |
*** diegows has joined #openstack-keystone | 15:31 | |
*** leseb has joined #openstack-keystone | 15:31 | |
*** jsavak has quit IRC | 15:33 | |
*** achampio1 has joined #openstack-keystone | 15:35 | |
*** leseb has quit IRC | 15:36 | |
*** achampion has quit IRC | 15:37 | |
openstackgerrit | Harry Rybacki proposed a change to openstack/python-keystoneclient: Add tests without optional create endpoint params https://review.openstack.org/103229 | 15:39 |
---|---|---|
*** leseb has joined #openstack-keystone | 15:48 | |
*** hrybacki_ is now known as hrybacki | 15:48 | |
*** gyee has joined #openstack-keystone | 15:52 | |
*** chandan_kumar has joined #openstack-keystone | 15:59 | |
*** meeh2 is now known as Meeh | 15:59 | |
*** praneshp has joined #openstack-keystone | 16:00 | |
*** thedodd has quit IRC | 16:00 | |
*** BAKfr has quit IRC | 16:04 | |
*** stevemar has joined #openstack-keystone | 16:06 | |
*** praneshp has quit IRC | 16:07 | |
*** thedodd has joined #openstack-keystone | 16:09 | |
*** erecio has joined #openstack-keystone | 16:11 | |
*** praneshp has joined #openstack-keystone | 16:13 | |
openstackgerrit | Marek Denis proposed a change to openstack/python-keystoneclient: Add CRUD operations for Federated Protocols. https://review.openstack.org/83829 | 16:14 |
marekd | stevemar: ^^ this should make you happy | 16:15 |
*** doddstack has joined #openstack-keystone | 16:15 | |
*** thedodd has quit IRC | 16:15 | |
stevemar | marekd, i was *just* going to -1 it for failing pep8 and docs :( | 16:16 |
marekd | i think docs rules have changed as i had to change docstrings and they didn't happen to fail. | 16:17 |
marekd | let's wait for jenkins | 16:17 |
marekd | stevemar: regarding your tests with Tivoli | 16:18 |
stevemar | marekd, ProtocolManager.create:5: ERROR: Unexpected indentation | 16:18 |
stevemar | marekd, line 65, i think it'll fail | 16:19 |
marekd | letme try again locally. | 16:19 |
stevemar | marekd, regarding my TFIM test, send me comments through email, I actually have today and tomorrow off, and have to run 10 different errants :) | 16:21 |
stevemar | errands* | 16:21 |
marekd | you are off and online? get the hell out of here....:-) | 16:22 |
*** doddstack has quit IRC | 16:23 | |
*** thedodd has joined #openstack-keystone | 16:24 | |
bknudson | must be canada day | 16:24 |
stevemar | marekd, yay docs is passing | 16:27 |
marekd | bknudson, dolphm: o/ For the k2k bp we will want to use existing identity_providers api, but this time they will be more than just an entry (and on/off switch). For starter we might need something like public keys. What's the best way to work on that -simply propose changes to identity-api or it needs to be versioned somehow (as current api doesn't really include such parameters) | 16:27 |
stevemar | bknudson technically it's tomorrow, today is a floater day :) | 16:27 |
marekd | stevemar: yep, you probaby ran old version. | 16:27 |
stevemar | which is why i want to get a bunch of errands done today! | 16:27 |
*** marcoemorais has joined #openstack-keystone | 16:30 | |
*** andreaf_ has joined #openstack-keystone | 16:30 | |
*** morganfainberg_Z is now known as morganfainberg | 16:30 | |
*** jimbaker` is now known as jimbaker | 16:31 | |
*** stevemar has quit IRC | 16:32 | |
openstackgerrit | henry-nash proposed a change to openstack/keystone: Add identity mapping capability https://review.openstack.org/102430 | 16:35 |
morganfainberg | gyee, ping | 16:37 |
*** leseb has quit IRC | 16:37 | |
*** leseb has joined #openstack-keystone | 16:38 | |
gyee | morgainfainberg, g'mornin | 16:38 |
morganfainberg | gyee, how goes? | 16:38 |
gyee | trying to get the x.509 cert auth code in a reviewable state, plus the internal stuff as aways :) | 16:39 |
morganfainberg | gyee, do you have anything close to master that simiulates a real workload? | 16:39 |
morganfainberg | gyee, s/close to/works with close to/ | 16:39 |
morganfainberg | gyee, trying to see if https://review.openstack.org/#/c/103304/ makes sense to persue | 16:40 |
morganfainberg | gyee, but the tempest tests alone are... not good "benchmarks" | 16:40 |
gyee | morganfainberg, we use load runner internally | 16:40 |
*** achampion has joined #openstack-keystone | 16:40 | |
*** andreaf_ has quit IRC | 16:41 | |
morganfainberg | gyee, i'd love to see if that change made a real difference under real workloads | 16:41 |
gyee | I don't think LoadRunner is open source though | 16:41 |
*** leseb has quit IRC | 16:42 | |
morganfainberg | gyee, doesn't need to be used externally, just "is this helping us/others", "does this change make a real difference" type check | 16:42 |
morganfainberg | gyee, if so, i am willing to work on that stuff. | 16:42 |
*** achampio1 has quit IRC | 16:42 | |
morganfainberg | but i don't have anything but tempest and a gut feeling at the moment ;) | 16:42 |
gyee | morganfainberg, ah, let me introduce you to the perf team to see what they can do | 16:43 |
morganfainberg | gyee, ++ cool | 16:43 |
*** dstanek is now known as dstanek_zzz | 16:46 | |
*** miqui has quit IRC | 16:46 | |
*** daneyon has joined #openstack-keystone | 16:47 | |
openstackgerrit | Morgan Fainberg proposed a change to openstack/keystone: Remove deprecated token_api.list_tokens https://review.openstack.org/103417 | 16:49 |
*** daneyon has quit IRC | 16:50 | |
*** daneyon has joined #openstack-keystone | 16:50 | |
*** jaosorior has quit IRC | 16:52 | |
dolphm | marekd: extensions aren't really versioned, so you can just propose backwards compatible changes to the extension and go | 16:52 |
dolphm | marekd: IIRC, pub keys were part of one of the early proposals, but we cut them since we weren't going to use them with shib -- worth digging that back up instead of starting from scratch :) | 16:53 |
*** nsquare has quit IRC | 16:57 | |
morganfainberg | dolphm, bknudson, Re: https://review.openstack.org/#/c/97059/10/keystone/trust/backends/sql.py the break/vs a sleep/yield on line 117, should I do an explicit sleep(0) to yield for eventlet purposes? | 16:59 |
morganfainberg | dolphm, bknudson, vs a tight loop of attempts | 16:59 |
*** jaosorior has joined #openstack-keystone | 16:59 | |
dolphm | morganfainberg: oh yuck... reading... | 17:00 |
morganfainberg | dolphm, specifical regarding mike bayer's comment about sleep. | 17:00 |
lbragstad | morganfainberg: do you have a list of other things similar to this? https://bugs.launchpad.net/keystone/+bug/1334408 testing improvements that is? | 17:01 |
uvirtbot | Launchpad bug 1334408 in keystone "test_backend classes not always run in the test_backend_* module" [Low,Triaged] | 17:01 |
morganfainberg | lbragstad, it's mostly test_backend is a dumping ground | 17:02 |
morganfainberg | lbragstad, but dstanek_zzz has a lot of thoughts on it | 17:02 |
lbragstad | morganfainberg: ok, think we could tag those bugs with something? | 17:03 |
morganfainberg | lbragstad, if we breakup test_backend, we might se better luck (breakdown into identity, assignment, token, etc) | 17:03 |
morganfainberg | lbragstad, sure! we should create a tag for it! | 17:03 |
morganfainberg | :) | 17:03 |
lbragstad | test-improvment? | 17:03 |
lbragstad | testing-improvement? | 17:03 |
*** achampio1 has joined #openstack-keystone | 17:03 | |
dolphm | morganfainberg: regarding your comment, we landed the workers patch recently | 17:04 |
morganfainberg | lbragstad, test-improvement sounds good. | 17:04 |
lbragstad | morganfainberg: cool, I'll start applying that to the ones I see | 17:04 |
dolphm | morganfainberg: regarding an extra sleep, the loop will yield on each db call anyway, so i'm not sure what benefit the extra sleep will produce? | 17:04 |
*** hrybacki has quit IRC | 17:04 | |
morganfainberg | dolphm, oh eventlet yields on db calls? | 17:05 |
morganfainberg | dolphm, i thought that ended up being blocking due to socket io | 17:05 |
morganfainberg | dolphm, if we yield anyway, no reason to sleep(0) | 17:05 |
*** esp has left #openstack-keystone | 17:05 | |
dolphm | morganfainberg: hmm, i might be wrong. *googling* | 17:05 |
dolphm | morganfainberg: (i think you're right though) | 17:06 |
morganfainberg | dolphm, yeah */me wants eventlet in keystone to die... but knows it wont happen anytime soon* | 17:06 |
*** achampion has quit IRC | 17:06 | |
morganfainberg | dolphm, i would be happy to be wrong about it ;) | 17:06 |
morganfainberg | dolphm, http://eventlet.net/doc/modules/db_pool.html the fact that there is a class for DBConnection makes me think it's something explicit that needs to be done | 17:07 |
dolphm | morganfainberg: nova uses that... | 17:09 |
dolphm | morganfainberg: or did; so i assume oslo.db does... | 17:10 |
morganfainberg | dolphm, hmm. should go look. *goes to look* | 17:12 |
dolphm | morganfainberg: i can't find anything | 17:12 |
morganfainberg | dolphm, hmm. | 17:12 |
morganfainberg | it doesn't hurt us to sleep(0) | 17:13 |
morganfainberg | i'll add it in and circle up with mike bayer and oslo.db folks to figure out the "right" approach here | 17:13 |
morganfainberg | long term | 17:13 |
*** hrybacki has joined #openstack-keystone | 17:14 | |
dolphm | morganfainberg: ++ | 17:14 |
*** gokrokve has joined #openstack-keystone | 17:15 | |
*** vhoward- has left #openstack-keystone | 17:16 | |
openstackgerrit | Morgan Fainberg proposed a change to openstack/keystone: Remove `with_lockmode` use from Trust SQL backend. https://review.openstack.org/97059 | 17:16 |
*** harlowja has joined #openstack-keystone | 17:17 | |
hrybacki | all, once a change gets +2'd in Gerrit what is the process behind it actually getting merged into master? | 17:17 |
hrybacki | it being the change | 17:18 |
morganfainberg | dolphm, if there are folks at rax that are capable of running "real world" tests against close to master keystone, https://review.openstack.org/#/c/103304/ same comment i made to gyee | 17:18 |
morganfainberg | dolphm, i'm happy to pursue these types of improvement,s but tempest and a gut feeling aren't enough to spend a lot of time on it. | 17:19 |
morganfainberg | dolphm, it looks promising, looks like it has potential | 17:19 |
morganfainberg | dolphm, but i am wary of this type of restructuring without some outside opinions on benefit | 17:19 |
dolphm | morganfainberg: we've never done profile, but we have run benchmarks. last time they were updated though was ~havana | 17:20 |
dolphm | morganfainberg: it was public, somewhere | 17:20 |
morganfainberg | *nod* | 17:20 |
*** rodrigods has joined #openstack-keystone | 17:21 | |
*** nsquare has joined #openstack-keystone | 17:22 | |
bknudson | we've got rally now | 17:22 |
bknudson | hrybacki: somebody with the correct authority needs to workflow +1 it. | 17:23 |
hrybacki | bknudson++ thank you! | 17:23 |
hrybacki | morganfainberg, dolphm: I'm interested in working on https://bugs.launchpad.net/keystone/+bug/1224273 but I'm not really sure the best way to go about getting started. Thoughts? | 17:26 |
uvirtbot | Launchpad bug 1224273 in keystone "Need a test to verify token's do not get data creep" [Medium,Triaged] | 17:26 |
morganfainberg | hrybacki, you may want to wait until we get the non-persistent token stuff in | 17:27 |
morganfainberg | hrybacki, i'm working on restructuring the token code, it's ... a long path | 17:27 |
morganfainberg | hrybacki, you're welcome to help! :) but i always assumed that validating the v2 token isn't getitng more data is not super important, and how we store the data + validation needs to be looked to make that really possible with v3 | 17:28 |
hrybacki | morganfainberg: okay, that's why I ask :) Any other bugs you'd recommend looking into? Maybe ones that won't be changing in the near future? | 17:28 |
*** miqui has joined #openstack-keystone | 17:29 | |
morganfainberg | hrybacki, hm. if you want easier / smaller bugs give me a moment | 17:29 |
hrybacki | morganfainberg++ | 17:29 |
hrybacki | morganfainberg: no need to work on things that might become moot | 17:29 |
dolphm | hrybacki: lbragstad is working on jsonschema validation for several parts of the API (there's a spec up on the topic); a fix for that bug would be an extension of that work | 17:31 |
morganfainberg | dolphm, hrybacki ++ | 17:31 |
dolphm | hrybacki: https://github.com/openstack/keystone-specs/blob/master/specs/juno/keystone-api-validation.rst | 17:31 |
hrybacki | reviewing | 17:32 |
hrybacki | this was the first thing I looked at a month ago | 17:33 |
morganfainberg | hrybacki, this is good bug https://bugs.launchpad.net/keystone/+bug/1262360 to work on, probably a lot to do, but fixing that kind of stuff is important as well. | 17:33 |
hrybacki | it seems to have evolved a bit since then | 17:33 |
uvirtbot | Launchpad bug 1262360 in keystone "Unable to delete domain if user from other domain was added" [Medium,Triaged] | 17:33 |
*** kwss has quit IRC | 17:38 | |
marekd | dolphm: i will do so, thanks! | 17:39 |
morganfainberg | hrybacki, a lot of the medium bugs often can be validated to be a bug and be worked on. not sure how far you want to dive into any one of them. but if you're interested in bug smashing [vs. feature work], a lot of those are def. useful to solve. | 17:40 |
*** tkelsey_ has quit IRC | 17:40 | |
hrybacki | morganfainberg: nods -- need side work to do while ayoung, jamielennox, and I push the keystoneclient integration into the component clients | 17:41 |
hrybacki | morganfainberg: just never really sure how to get started with these bugs. So. Much. Code. | 17:41 |
morganfainberg | hrybacki, feel free to ask me anytime if you want some direction | 17:42 |
hrybacki | morganfainberg++ | 17:42 |
morganfainberg | hrybacki, i'm happy to try and point you in the right direction | 17:42 |
morganfainberg | the one i linked above should be pretty easy to test. and might actually already been solved ( bug 1262360 ) | 17:42 |
uvirtbot | Launchpad bug 1262360 in keystone "Unable to delete domain if user from other domain was added" [Medium,Triaged] https://launchpad.net/bugs/1262360 | 17:42 |
hrybacki | morganfainberg: trying to recreate that one right now via the cli | 17:43 |
morganfainberg | hrybacki, you might need to use curl (needs v3) | 17:43 |
morganfainberg | hrybacki, since you're doing cross-domain work | 17:43 |
* hrybacki scratches head | 17:43 | |
morganfainberg | hrybacki, the CLI for keystone (afaik) does v2 keystone api | 17:44 |
morganfainberg | http://docs.openstack.org/developer/keystone/api_curl_examples.html or using the python interface of keystoneclient would let you do v3 | 17:44 |
morganfainberg | hrybacki, but you'll need a user in one domain given a grant to a project in another domain | 17:45 |
hrybacki | morganfainberg: is a python script likely the most simple way to set up that environment? | 17:45 |
morganfainberg | hrybacki, either python using the v3 managers in keystoneclient or curl directly | 17:46 |
morganfainberg | hrybacki, i would probably try python first :) | 17:46 |
hrybacki | ++ | 17:47 |
lbragstad | hrybacki: I remember running into that same situation, I asked bknudson if he had a TODO list :) | 17:52 |
bknudson | I have a monster todo list | 17:53 |
* lbragstad is scared by bknudson's todo list | 17:53 | |
bknudson | "Updates to http://docs.openstack.org/developer/python-keystoneclient/middlewarearchitecture.html now that middleware is moved out." is an easy one | 17:53 |
bknudson | there's probably a keystone version of that, too. | 17:53 |
lbragstad | ++ I remember seeing a bunch of those types of todos when I sifted through it | 17:54 |
bknudson | "Seems like federation extension always indicates that it's available even when not in the pipeline?" | 17:54 |
bknudson | "Create a test fixture for auth_token middleware, see this http://lists.openstack.org/pipermail/openstack-dev/2014-May/036427.html" | 17:54 |
lbragstad | bknudson: you had investigation topics too didn't you? | 17:54 |
lbragstad | "investigation"* | 17:54 |
*** erecio has quit IRC | 17:54 | |
morganfainberg | so close, https://review.openstack.org/#/c/102326/ | 17:55 |
bknudson | sure, like "Look into moving keystone's wsgi application stuff to oslo -- we shouldn't have to support this." | 17:55 |
lbragstad | hrybacki: ^ ++ | 17:55 |
bknudson | "Look at eventlet backdoor_port" | 17:55 |
hrybacki | so, middleware was pulled out of keystoneclient? | 17:55 |
morganfainberg | bknudson, once that merges ^ we will be able to start doing full coverage tests of middleware once we release | 17:55 |
*** erecio has joined #openstack-keystone | 17:55 | |
morganfainberg | bknudson, eventlet... back door? | 17:55 |
hrybacki | lbragstad: ?? | 17:55 |
morganfainberg | hrybacki, https://git.openstack.org/cgit/openstack/keystonemiddleware | 17:56 |
bknudson | hrybacki: the middleware in keystoneclient will only get security changes | 17:56 |
morganfainberg | hrybacki, has not received a release yet, but very soon | 17:56 |
bknudson | so that's what the middleware docs should say now | 17:56 |
bknudson | I mean that's what keystoneclient docs should say now | 17:56 |
*** daneyon has quit IRC | 17:56 | |
lbragstad | hrybacki: investigating things like "Look into moving keystone's wsgi application stuff to oslo -- we shouldn't have to support this." are good because they give you nice exposure to the code | 17:57 |
* morganfainberg needs to convince someone to help write a README for the middleware :P | 17:57 | |
bknudson | "Document to start keystone-all listening on IPv6, set bind_host = ::" | 17:57 |
lbragstad | bknudson: want an etherpad? | 17:57 |
lbragstad | ;p | 17:57 |
bknudson | anyway whenever I've got something to look at I just put it in a doc. | 17:57 |
bknudson | I don't want to keep track of it in 2 places. | 17:57 |
hrybacki | why did we refactor middleware out of the client? If there are docs for this I'll read those :P | 17:58 |
hrybacki | too big? | 17:58 |
bknudson | there's a spec | 17:58 |
*** thedodd has quit IRC | 17:59 | |
morganfainberg | hrybacki, https://github.com/openstack/keystone-specs/blob/master/specs/keystonemiddleware/split-middleware-repo.rst | 18:00 |
hrybacki | morganfainberg++ reading it now -- this is quite a change | 18:00 |
hrybacki | when is that being released? | 18:02 |
dolphm | morganfainberg: good question ^ :) | 18:03 |
morganfainberg | hrybacki, "Very Soon Now"™. | 18:03 |
hrybacki | lol | 18:03 |
morganfainberg | dolphm, hrybacki, need this to land https://review.openstack.org/#/c/102326/ | 18:04 |
morganfainberg | dolphm, hrybacki, and we need to see if we *want* anything else included before we do 1.0.0 release | 18:04 |
morganfainberg | dolphm, maybe brant's 2-ish reviews. | 18:04 |
morganfainberg | we _might_ want some stub of a README :P | 18:05 |
bknudson | I don't want anything merged in middleware until it's being used as is | 18:05 |
dolphm | morganfainberg: i'd prefer a 1.0.0 release to be identical to what was in keystoneclient's last release | 18:05 |
hrybacki | morganfainberg: is there anything I can do to help before the 1.0.0 release? | 18:05 |
hrybacki | I'm a free hand until Thursday | 18:05 |
dolphm | morganfainberg: ooh, i'll tackle a readme | 18:05 |
morganfainberg | dolphm, ok so Readme i think would be nice and that patch ^^ needs to land | 18:05 |
morganfainberg | dolphm, otherwise we *cant* really test it well | 18:06 |
bknudson | I'd also like to see the sessions support and v3 support | 18:06 |
bknudson | my changes aren't adding anything new but I'd expect it will make adding revocation event support easier. | 18:07 |
morganfainberg | bknudson, *nod* | 18:09 |
dolphm | bknudson: ack, but not for 1.0.0 :-/ i'd like to make it a zero-risk transition | 18:09 |
morganfainberg | i think session is a big enough refactor to warrant getting it as a second release (1.1.0) | 18:09 |
*** daneyon has joined #openstack-keystone | 18:09 | |
morganfainberg | mostly so we get adoption of the new package, risk is a valid point as well | 18:10 |
bknudson | dolphm: making 1.0.0 the same as current middleware works for me. | 18:10 |
*** daneyon has quit IRC | 18:10 | |
*** achampion has joined #openstack-keystone | 18:11 | |
*** daneyon has joined #openstack-keystone | 18:11 | |
bknudson | if there's any new commits I guess you could just tag the current one | 18:11 |
*** achampio1 has quit IRC | 18:13 | |
*** bobt has joined #openstack-keystone | 18:20 | |
*** andreaf_ has joined #openstack-keystone | 18:20 | |
*** andreaf_ has quit IRC | 18:23 | |
*** andreaf_ has joined #openstack-keystone | 18:23 | |
morganfainberg | dolphm, https://bugs.launchpad.net/keystonemiddleware/+bug/1333948 if you didn't see it | 18:23 |
uvirtbot | Launchpad bug 1333948 in keystonemiddleware "Keystone Middleware needs a README" [Wishlist,Triaged] | 18:23 |
*** thedodd has joined #openstack-keystone | 18:25 | |
*** daneyon has quit IRC | 18:25 | |
*** andreaf_ has quit IRC | 18:26 | |
*** andreaf_ has joined #openstack-keystone | 18:27 | |
morganfainberg | ok i need to go get now... lunch instead of breakfast. be back in a bit | 18:30 |
hrybacki | morganfainberg: running a devstack install against 102326 btw | 18:31 |
morganfainberg | hrybacki, cool | 18:32 |
lbragstad | morganfainberg: took a quick stab at tagging some of the test improvement bugs we have: https://bugs.launchpad.net/keystone/+bugs?field.tag=test-improvement if you see anything I missed let me know | 18:50 |
*** raildo has joined #openstack-keystone | 18:50 | |
*** andreaf has quit IRC | 18:51 | |
*** andreaf has joined #openstack-keystone | 18:52 | |
dolphm | morganfainberg: thanks | 18:53 |
openstackgerrit | henry-nash proposed a change to openstack/keystone: Add identity mapping capability https://review.openstack.org/102430 | 18:55 |
openstackgerrit | Morgan Fainberg proposed a change to openstack/keystone: Do not use keystone's config for nova's port https://review.openstack.org/103204 | 18:58 |
*** mrda-away is now known as mrda | 18:58 | |
*** ukalifon has quit IRC | 18:58 | |
*** hrybacki has quit IRC | 19:01 | |
openstackgerrit | Dolph Mathews proposed a change to openstack/keystonemiddleware: add README https://review.openstack.org/103628 | 19:05 |
*** dims has quit IRC | 19:08 | |
openstackgerrit | Dolph Mathews proposed a change to openstack/keystonemiddleware: add CONTRIBUTING.rst https://review.openstack.org/103631 | 19:08 |
openstackgerrit | Morgan Fainberg proposed a change to openstack/keystone: Do not use keystone's config for nova's port https://review.openstack.org/103204 | 19:12 |
morganfainberg | dolphm, maybe FreeNode information in the readme? | 19:14 |
morganfainberg | dolphm, *shrug* not really important though the LP page has the info | 19:14 |
dolphm | morganfainberg: that's exactly why i referred to keystone at the end | 19:15 |
morganfainberg | dolphm, ++ | 19:15 |
dolphm | morganfainberg: should i tweak the text pointing to keystone somehow? | 19:15 |
morganfainberg | eh | 19:15 |
morganfainberg | nah. | 19:15 |
morganfainberg | keep it simple :) | 19:15 |
*** nsquare has quit IRC | 19:19 | |
*** jaosorior has quit IRC | 19:22 | |
*** navid has joined #openstack-keystone | 19:25 | |
openstackgerrit | Dolph Mathews proposed a change to openstack/python-keystoneclient: use embedded URLs for hyperlinks in the README https://review.openstack.org/103636 | 19:25 |
*** stevemar4 has joined #openstack-keystone | 19:33 | |
stevemar4 | morganfainberg can you get eyes on bug 1335731, it's breaking identity-api builds i think (ref: https://review.openstack.org/#/c/90121/) | 19:34 |
uvirtbot | Launchpad bug 1335731 in openstack-api-site "dox-publish build fails to build for identity-api" [Undecided,New] https://launchpad.net/bugs/1335731 | 19:34 |
*** hrybacki has joined #openstack-keystone | 19:34 | |
morganfainberg | stevemar4, wow super shady today | 19:36 |
morganfainberg | stevemar4, you should get a ZNC bouncer. | 19:36 |
stevemar4 | morganfainberg haha, i'll admit that i'm being super shady today | 19:37 |
morganfainberg | this looks like something we need the docs folks on? | 19:37 |
stevemar4 | morganfainberg yep | 19:38 |
stevemar4 | morganfainberg i don't know where they reside :( | 19:38 |
morganfainberg | stevemar4, -dev maybe? -infra? | 19:38 |
morganfainberg | stevemar4, i don't see annegentle in any of the channels, though i might be blind | 19:39 |
*** daneyon has joined #openstack-keystone | 19:39 | |
stevemar4 | morganfainberg meh, i'll sort it out tomorr | 19:40 |
stevemar4 | w | 19:40 |
*** stevemar4 has quit IRC | 19:40 | |
*** topol has quit IRC | 19:43 | |
*** chandan_kumar has quit IRC | 19:52 | |
*** nsquare has joined #openstack-keystone | 19:52 | |
*** dims has joined #openstack-keystone | 19:56 | |
*** nkinder_ has quit IRC | 20:13 | |
*** elmiko has joined #openstack-keystone | 20:21 | |
*** dstanek_zzz is now known as dstanek | 20:22 | |
*** fifieldt has quit IRC | 20:25 | |
*** fifieldt has joined #openstack-keystone | 20:26 | |
*** nkinder_ has joined #openstack-keystone | 20:30 | |
*** elmiko is now known as _elmiko | 20:47 | |
mfisch | bknudson: ping | 20:49 |
mfisch | bknudson: lets discuss LDAP here | 20:49 |
bknudson | mfisch: what's up? | 20:50 |
mfisch | bknudson: IIRC that flag gets set by the python ldap client and sent to the server | 20:50 |
mfisch | bknudson: at least that was my understanding, then the server is free to do with it what it will | 20:50 |
mfisch | but maybe thats not accurate | 20:51 |
mfisch | if its all coming from the library then the text is wrong | 20:51 |
bknudson | I hope that clients can't tell the server to generate all sorts of logs | 20:52 |
mfisch | that would not make much sense would it | 20:52 |
mfisch | I guess I misinterpreted what I read wrong, there must also be a server side debug option that the admin could set | 20:53 |
mfisch | otherwise it would be a debug DOS attack since its rather chatty | 20:53 |
*** bobt has quit IRC | 20:54 | |
bknudson | mfisch: are there docs that say it's sent to the server? | 20:54 |
mfisch | bknudson: not that I have, its not well documented but I never read that | 20:54 |
bknudson | mfisch: Sets/gets the debug level of the client library. -- http://www.openldap.org/software//man.cgi?query=ldap_get_option&sektion=3&apropos=0&manpath=OpenLDAP+2.4-Release | 20:56 |
mfisch | bknudson: that settles it then, thanks | 20:56 |
openstackgerrit | A change was merged to openstack/keystone: Fix test for get_*_by_name invalidation https://review.openstack.org/103419 | 21:01 |
*** radez is now known as radez_g0n3 | 21:01 | |
*** rodrigods has quit IRC | 21:15 | |
*** doddstack has joined #openstack-keystone | 21:24 | |
*** nkinder_ has quit IRC | 21:24 | |
*** thedodd has quit IRC | 21:25 | |
*** radez_g0` has joined #openstack-keystone | 21:28 | |
*** erecio has quit IRC | 21:30 | |
*** lbragstad_ has joined #openstack-keystone | 21:31 | |
*** clayg has left #openstack-keystone | 21:34 | |
*** radez_g0n3 has quit IRC | 21:34 | |
*** raildo has quit IRC | 21:34 | |
*** lbragstad has quit IRC | 21:34 | |
*** csd has quit IRC | 21:35 | |
*** Daviey has quit IRC | 21:35 | |
*** csd has joined #openstack-keystone | 21:36 | |
*** Daviey has joined #openstack-keystone | 21:39 | |
*** hrybacki has quit IRC | 21:44 | |
*** raildo has joined #openstack-keystone | 21:48 | |
*** shuffleb1t is now known as shufflebot | 21:49 | |
*** shufflebot has quit IRC | 21:49 | |
*** shufflebot has joined #openstack-keystone | 21:49 | |
*** rodrigods has joined #openstack-keystone | 21:51 | |
*** andreaf_ has quit IRC | 21:56 | |
*** jamielennox is now known as jamielennox|away | 21:56 | |
*** dims has quit IRC | 22:00 | |
*** marcoemorais has quit IRC | 22:03 | |
*** marcoemorais has joined #openstack-keystone | 22:03 | |
*** joesavak has quit IRC | 22:05 | |
*** rodrigods has quit IRC | 22:06 | |
*** henrynash has quit IRC | 22:10 | |
openstackgerrit | Bob Thyne proposed a change to openstack/keystone-specs: Propose Specification for Endpoint Group Filter https://review.openstack.org/102023 | 22:24 |
*** marcoemorais has quit IRC | 22:30 | |
*** nkinder_ has joined #openstack-keystone | 22:30 | |
*** marcoemorais has joined #openstack-keystone | 22:30 | |
*** marcoemorais has quit IRC | 22:31 | |
openstackgerrit | David Stanek proposed a change to openstack/keystone: remove default=None for config options https://review.openstack.org/96480 | 22:31 |
*** marcoemorais has joined #openstack-keystone | 22:31 | |
openstackgerrit | Bob Thyne proposed a change to openstack/keystone-specs: Propose Specification for Endpoint Group Filter https://review.openstack.org/102023 | 22:32 |
*** marcoemorais has quit IRC | 22:33 | |
*** marcoemorais has joined #openstack-keystone | 22:34 | |
*** rodrigods has joined #openstack-keystone | 22:35 | |
*** topol has joined #openstack-keystone | 22:37 | |
marekd | A question: what do we use for signing PKI tokens in OpenStack? Some stdlib from Python, 3rd party library? I wanted to see how much we can reuse for the k2k bp. | 22:42 |
*** doddstack has quit IRC | 22:43 | |
marekd | looks like https://github.com/openstack/python-keystoneclient/blob/master/keystoneclient/common/cms.py is the answer to my own question. | 22:46 |
*** marcoemorais has quit IRC | 22:48 | |
*** marcoemorais has joined #openstack-keystone | 22:48 | |
*** topol has quit IRC | 22:49 | |
morganfainberg | bknudson, ping | 22:51 |
openstackgerrit | Morgan Fainberg proposed a change to openstack/keystone: Do not use keystone's config for nova's port https://review.openstack.org/103204 | 22:55 |
*** marekd is now known as marekd|away | 22:59 | |
*** rodrigods has quit IRC | 23:09 | |
*** rodrigods has joined #openstack-keystone | 23:13 | |
*** hrybacki has joined #openstack-keystone | 23:14 | |
*** joesavak has joined #openstack-keystone | 23:17 | |
*** openstackgerrit has quit IRC | 23:19 | |
*** openstackgerrit has joined #openstack-keystone | 23:20 | |
*** zhiyan_ is now known as zhiyan | 23:26 | |
*** dims_ has joined #openstack-keystone | 23:27 | |
*** zhiyan is now known as zhiyan_ | 23:27 | |
bknudson | morganfainberg: what's up? | 23:28 |
*** jamielennox|away is now known as jamielennox | 23:28 | |
*** zhiyan_ is now known as zhiyan | 23:29 | |
*** zhiyan is now known as zhiyan_ | 23:30 | |
*** oomichi has joined #openstack-keystone | 23:31 | |
*** dims_ has quit IRC | 23:32 | |
bknudson | morganfainberg: I tried clearing out my pip cache and I get the same result | 23:34 |
morganfainberg | bknudson, this is really weird | 23:34 |
morganfainberg | bknudson, i'm curious why yours ends up being 'keystone', that seems very wrong | 23:35 |
morganfainberg | for a hostname, that is | 23:35 |
morganfainberg | bknudson, silly question, do you have anything in your hosts file? | 23:35 |
morganfainberg | maybe setting 127.0.0.1 to 'keystone' ? | 23:36 |
bknudson | 127.0.0.1 localhost f1-ds | 23:36 |
*** david-lyle has quit IRC | 23:36 | |
bknudson | oslo.messaging==1.3.0 | 23:36 |
* morganfainberg is baffled | 23:36 | |
bknudson | what version do you have? | 23:36 |
bknudson | oslo.config==1.4.0.0a1 | 23:36 |
bknudson | I wonder how I got that. | 23:37 |
morganfainberg | bknudson, oslo.messaging==1.3.0 | 23:37 |
morganfainberg | oslo.config==1.3.0 | 23:37 |
*** dims_ has joined #openstack-keystone | 23:37 | |
bknudson | I was looking at the wrong vent | 23:39 |
bknudson | venv | 23:39 |
morganfainberg | ah | 23:39 |
bknudson | that just has oslo.config 1.3.0, so no help there. | 23:39 |
morganfainberg | very odd then | 23:41 |
bknudson | something replaces the cert_subject localhost with keystone?? | 23:42 |
morganfainberg | yeah. | 23:42 |
morganfainberg | this is making me weirded out | 23:42 |
morganfainberg | bknudson, https://github.com/openstack/keystone/blob/master/keystone/openstack/common/config/generator.py#L239 | 23:44 |
*** joesavak has quit IRC | 23:44 | |
morganfainberg | https://github.com/openstack/keystone/blob/master/keystone/openstack/common/config/generator.py#L244 | 23:44 |
bknudson | >>> socket.getfqdn() | 23:45 |
bknudson | 'localhost' | 23:45 |
morganfainberg | >>> socket.getfqdn() | 23:46 |
morganfainberg | '5.30.16.172.in-addr.arpa' | 23:46 |
bknudson | 5? impressive | 23:46 |
morganfainberg | wtf. | 23:46 |
morganfainberg | in-addr.arpa | 23:46 |
morganfainberg | yes my machine's ip is 172.16.30.5 | 23:47 |
bknudson | ok, I changed the order in /etc/hosts and now getfqdn gives me f1-ds | 23:47 |
bknudson | mystery solved | 23:47 |
morganfainberg | ah | 23:47 |
bknudson | http://mm.icann.org/pipermail/ianatransition/2014/000838.html | 23:48 |
*** marcoemorais has quit IRC | 23:49 | |
*** marcoemorais has joined #openstack-keystone | 23:50 | |
*** marcoemorais has quit IRC | 23:50 | |
morganfainberg | bknudson, *blink* | 23:50 |
*** marcoemorais has joined #openstack-keystone | 23:50 | |
morganfainberg | bknudson, no really, where do people come up with this? | 23:52 |
bknudson | I don't know if it's real | 23:52 |
morganfainberg | i think i've read it 5 times | 23:53 |
*** henrynash has joined #openstack-keystone | 23:53 | |
morganfainberg | and .. *blink* | 23:53 |
*** topol has joined #openstack-keystone | 23:53 | |
*** topol has quit IRC | 23:57 | |
*** topol has joined #openstack-keystone | 23:58 |
Generated by irclog2html.py 2.14.0 by Marius Gedminas - find it at mg.pov.lt!