Thursday, 2015-09-10

« Wednesday, 2015-09-09 Index Friday, 2015-09-11 »
*** markvoelker has quit IRC00:01
*** topol has joined #openstack-keystone00:02
*** ChanServ sets mode: +v topol00:02
openstackgerritOpenStack Proposal Bot proposed openstack/keystone: Updated from global requirements  https://review.openstack.org/22200000:04
*** ankita_wagh has quit IRC00:05
*** topol has quit IRC00:07
*** stevemar has joined #openstack-keystone00:09
*** ChanServ sets mode: +v stevemar00:09
*** KarthikB has joined #openstack-keystone00:12
*** stevemar has quit IRC00:13
*** shoutm has quit IRC00:17
openstackgerritJamie Lennox proposed openstack/python-keystoneclient: Identity plugin thread safety  https://review.openstack.org/22173800:18
jamielennoxdolphm: here?00:19
jamielennoxwas wondering if you could have a look at https://review.openstack.org/#/c/216088/ as you previously had a -1 on it00:20
*** shoutm has joined #openstack-keystone00:20
*** shadower has quit IRC00:23
*** shadower has joined #openstack-keystone00:23
*** mylu has joined #openstack-keystone00:32
*** darrenc_afk is now known as darrenc00:32
*** mylu has quit IRC00:33
*** btully has quit IRC00:39
*** gyee has quit IRC00:41
*** jecarey has joined #openstack-keystone00:42
*** KarthikB has quit IRC00:45
*** dave-mccowan has joined #openstack-keystone00:50
*** markvoelker has joined #openstack-keystone00:58
*** markvoelker has quit IRC01:02
*** dsirrine has quit IRC01:06
*** geoffarnold is now known as geoffarnoldX01:10
*** dims_ has joined #openstack-keystone01:16
*** btully has joined #openstack-keystone01:17
*** dims has quit IRC01:19
*** btully has quit IRC01:21
*** ankita_wagh has joined #openstack-keystone01:36
*** ankita_wagh has quit IRC01:45
*** csoukup has joined #openstack-keystone01:46
*** mylu has joined #openstack-keystone01:51
*** roxanaghe has quit IRC01:53
*** erhudy1 has quit IRC01:55
*** ebalduf_ has joined #openstack-keystone01:57
*** r-daneel has quit IRC01:57
*** mylu has quit IRC01:59
*** mylu has joined #openstack-keystone02:02
*** humble_ has joined #openstack-keystone02:04
humble_jamielennox:ping02:04
jamielennoxhumble_: hello02:04
humble_how can  I init a keystone client with conf02:05
humble_do you have any tutorial about it02:05
jamielennoxhumble_: i do, sec02:05
jamielennoxhumble_: http://www.jamielennox.net/blog/2015/02/17/loading-authentication-plugins/ is how to get a session object and auth plugin from CONF02:06
jamielennoxhttp://www.jamielennox.net/blog/2014/09/15/how-to-use-keystoneclient-sessions/ is nmore indepth as to what they do02:06
humble_But there  is no auth_plugin in keystone_authtoken group02:07
jamielennoxbut basically keystoneclient.v3.Client(session=session, auth=auth)02:07
jamielennoxhumble_: ah you mean how to use all this with authtoken middlewarew?02:07
humble_yes02:07
jamielennoxhumble_: you actually want to use middleware, because we really don't like services reaching into keystonemiddleware options for their own uses02:08
jamielennoxhumble_: http://www.jamielennox.net/blog/2015/02/23/v3-authentication-with-auth-token-middleware/ is for v3 password02:08
jamielennoxother plugins are small variations around that depending on what plugin you are trying to laod02:08
humble_Thank you.02:09
jamielennoxhumble_: no problem02:09
*** ankita_wagh has joined #openstack-keystone02:10
openstackgerritJamie Lennox proposed openstack/keystoneauth: Add common options for loading an adapter  https://review.openstack.org/22201302:13
*** stevemar has joined #openstack-keystone02:15
*** ChanServ sets mode: +v stevemar02:15
*** dave-mccowan has quit IRC02:16
*** spandhe has quit IRC02:18
*** jasonsb has joined #openstack-keystone02:21
*** humble__ has joined #openstack-keystone02:22
*** humble_ has quit IRC02:25
*** jecarey has quit IRC02:27
*** humble__ has quit IRC02:27
*** alejandrito has joined #openstack-keystone02:28
*** stevemar has quit IRC02:32
openstackgerritJamie Lennox proposed openstack/keystoneauth: Move session loading tests into loading section  https://review.openstack.org/22201602:34
*** dave-mccowan has joined #openstack-keystone02:34
*** roxanaghe has joined #openstack-keystone02:36
openstackgerritJamie Lennox proposed openstack/keystoneauth: Move session loading tests into loading section  https://review.openstack.org/22201602:38
*** fangzhou has quit IRC02:38
*** Nirupama has joined #openstack-keystone02:42
*** roxanaghe has quit IRC02:48
*** geoffarnoldX is now known as geoffarnold02:50
*** markvoelker has joined #openstack-keystone02:55
*** sdake has quit IRC02:58
*** doug-fish has quit IRC03:00
*** doug-fish has joined #openstack-keystone03:00
*** jecarey has joined #openstack-keystone03:01
*** dave-mccowan has quit IRC03:04
*** lhcheng has quit IRC03:05
*** btully has joined #openstack-keystone03:05
*** topol has joined #openstack-keystone03:06
*** ChanServ sets mode: +v topol03:06
*** btully has quit IRC03:09
*** alejandrito has quit IRC03:10
*** humble_ has joined #openstack-keystone03:17
humble_jamielennox: Can I init a auth_plugin with load_from_conf_options instead of v3.Password by the keystone_authtoken group03:18
*** btully has joined #openstack-keystone03:19
*** dims_ has quit IRC03:23
*** btully has quit IRC03:23
jamielennoxhumble_: yes, any plugin should work there, v3.Password is just the most common03:23
humble_jamielennox: But there is no auth_plugin opt in the opts which is registered by keystone_middleware03:25
*** dolphm has quit IRC03:27
*** sigmavirus24 has quit IRC03:27
*** eglute has quit IRC03:27
*** d34dh0r53 has quit IRC03:27
*** d34dh0r53 has joined #openstack-keystone03:28
*** eglute has joined #openstack-keystone03:28
*** dolphm has joined #openstack-keystone03:28
*** sigmavirus24 has joined #openstack-keystone03:29
*** links has joined #openstack-keystone03:30
jamielennoxhumble_: registered https://github.com/openstack/keystonemiddleware/blob/master/keystonemiddleware/auth_token/_auth.py#L19303:31
*** stevemar has joined #openstack-keystone03:33
*** ChanServ sets mode: +v stevemar03:33
*** topol has quit IRC03:34
*** stevemar has quit IRC03:36
*** sigmavirus24 is now known as sigmavirus24_awa03:39
*** richm has quit IRC03:40
*** davechen has joined #openstack-keystone03:45
*** mylu has quit IRC03:48
*** roxanaghe has joined #openstack-keystone03:48
*** jecarey has quit IRC03:48
*** mylu has joined #openstack-keystone03:49
*** stevemar has joined #openstack-keystone03:50
*** ChanServ sets mode: +v stevemar03:50
*** geoffarnold is now known as geoffarnoldX03:51
*** roxanaghe has quit IRC03:53
*** mylu has quit IRC03:54
*** lhcheng has joined #openstack-keystone04:00
*** ChanServ sets mode: +v lhcheng04:00
*** morgan has quit IRC04:06
*** morganfainberg has joined #openstack-keystone04:07
*** ChanServ sets mode: +v morganfainberg04:07
*** morganfainberg is now known as morgan04:09
morgan.04:10
*** marzif has joined #openstack-keystone04:10
openstackgerritJamie Lennox proposed openstack/keystoneauth: Add load_from_options_getter to plugin loading  https://review.openstack.org/22202904:16
stevemarlhcheng: poke04:16
lhchenghey stevemar04:18
stevemarlhcheng: whats up with L246 here: https://review.openstack.org/#/c/219041/5/openstack_auth/utils.py04:18
lhchengah that is take care the case where there is no mapping defined04:19
lhcheng*is to take care04:19
*** geoffarnoldX is now known as geoffarnold04:19
lhchengif no mapping found, return a tuple (None, <protocol_id)04:20
*** geoffarnold is now known as geoffarnoldX04:20
stevemarah04:20
stevemarthe tuple bits was confusing me04:21
stevemari've been out of it04:21
lhchengyeah, the tuple format is not great04:22
lhchengneed to have an extra step to figure out04:23
jamielennoxi prefer it - but whatever :P04:23
*** dims has joined #openstack-keystone04:23
lhchengIf I am configuring the settings, I might prefer the tuple. I am lazy and prefer less things to write.04:25
lhcheng:P04:25
lhchengstevemar: while you're around, got a quick question on: https://review.openstack.org/#/c/216501/04:26
lhchengdo you prefer the region arg to be deprecated just on the List method?04:27
*** dims has quit IRC04:30
stevemarlhcheng: i was just looking at that04:30
*** mflobo has joined #openstack-keystone04:32
stevemarlhcheng: yeah, i was thinking of deprecating region arg for that function... whats the issue there?04:32
stevemarjust a warning / deprecation message if `region` is not None04:33
stevemarunless i'm being too picky, jamielennox thoughts? you +2'ed it before04:33
jamielennoxstevemar: hmm?04:34
stevemarOTOH - filtering by region never worked, so we're not really breaking anyone04:34
stevemarjamielennox: https://review.openstack.org/#/c/216501/404:34
jamielennoxdidn't we fix this recently?04:34
stevemarwe added region to keystone server proper04:35
stevemarbefore that, it never worked04:35
lhchengjamielennox: it was fixed in keystone, but the argument name is region_id04:35
stevemarright04:35
jamielennoxoh, yea i +2ed an older version - i just thought it had merged04:35
stevemarbut what it someone is using region arg? don't we eventually want to remove that?04:35
lhchengstevemar: nah not picky, just confirming if you just want it in the List before I make the change.04:35
jamielennoxstevemar: a note would be good but more so we know what to remove with v204:36
jamielennoxthing is if you remove it from list it just ends up in kwargs and gets passed through anyway04:36
stevemarohhhh right04:36
jamielennoxi think my concern here was that no-one really uses region_id, it's always regoin_name04:36
stevemarthe ID is a user defined name, but yeah, i understand your concern04:37
jamielennoxregions have ids because someone thought it would be a good idea to have htem nested but then never followed through04:37
stevemarthe ID *may* be a user defined name04:37
stevemarah nesting things04:38
lhchengI think that was for the at&t use case04:38
jamielennoxi do wonder if they ever got it to where the can use it for there own case and just dropped the rest04:38
jamielennoxor they just thought it would be a good idea at some point and did like 80%04:39
jamielennoxbut had no real use case04:39
lhchengbecause they couldn't make a global keystone, due to token replication issue. but with fernet, maybe they don't need it now.04:39
* jamielennox is convinced that "this sounds like it might be useful one day" is a reason for a bunch of unnecessary options in openstack04:40
lhchengheh04:40
lhchengokay, so for the region filtering patch. I'll just add the deprecation warning for the region arg on List.04:41
davechenlhcheng: does your duplicate config issue worked out?04:47
lhchengjust confirming, do we want a deprecation warning or just a note? :)04:47
lhchengdavechen: I haven't got the chance to try out today04:47
lhchengdavechen: tox should pick the latest oslo-config, so still don't know what's going on. I tried tox -r to rebuild, but still no luck04:49
*** roxanaghe has joined #openstack-keystone04:49
davechenlhcheng: something mistery happened in your env. :)04:50
*** roxanaghe has quit IRC04:55
*** ankita_wagh has quit IRC04:55
*** markvoelker has quit IRC04:55
lhchengdavechen: I won't be surprised, since my vm has been running for a year of devstack update :P04:56
*** fifieldt has joined #openstack-keystone04:58
*** urulama has joined #openstack-keystone04:58
*** btully has joined #openstack-keystone05:03
*** hrou has quit IRC05:07
lhchengdavechen: I booted another vm, still getting random test failure on KSM related to oslo.config05:11
*** roxanaghe has joined #openstack-keystone05:12
*** roxanaghe has quit IRC05:13
*** sdake_ has joined #openstack-keystone05:18
*** roxanagh_ has joined #openstack-keystone05:18
*** ankita_wagh has joined #openstack-keystone05:19
*** ankita_wagh has quit IRC05:19
stevemari tuned out for a while there05:19
*** ankita_wagh has joined #openstack-keystone05:20
stevemarlhcheng: a note works, jamie reminded me that useless args get thrown into kwargs05:20
*** ankita_wagh has quit IRC05:20
stevemarso its cool with just a note05:21
lhchengstevemar: gotcha05:21
*** ankita_wagh has joined #openstack-keystone05:21
*** sdake_ is now known as sdake05:21
*** spandhe has joined #openstack-keystone05:21
lhchengstevemar: I would also be tuned out if its 1:20am05:22
lhcheng:P05:22
stevemar:)05:23
lhchengdavechen: I'll check the test failure with josh harlow tom, his oslo knowledge will be useful to help me find a clue.05:24
lhchengdavechen: thanks for asking, btw :)05:24
*** spandhe_ has joined #openstack-keystone05:26
*** spandhe has quit IRC05:26
*** spandhe_ is now known as spandhe05:26
*** stevemar has quit IRC05:28
davechenlhcheng: good luck lin05:28
*** stevemar has joined #openstack-keystone05:29
*** ChanServ sets mode: +v stevemar05:29
*** sdake_ has joined #openstack-keystone05:29
*** sdake has quit IRC05:30
*** spandhe has quit IRC05:34
*** urulama has quit IRC05:40
*** urulama has joined #openstack-keystone05:40
*** stevemar has quit IRC05:43
*** stevemar has joined #openstack-keystone05:43
*** ChanServ sets mode: +v stevemar05:43
*** jerrygb has joined #openstack-keystone05:53
*** fifieldt has quit IRC05:56
*** markvoelker has joined #openstack-keystone05:56
*** csoukup has quit IRC05:57
*** markvoelker has quit IRC06:01
*** sdake has joined #openstack-keystone06:08
*** woodster_ has quit IRC06:09
*** roxanagh_ has quit IRC06:10
*** ajayaa has joined #openstack-keystone06:11
*** sdake_ has quit IRC06:11
*** roxanaghe has joined #openstack-keystone06:11
*** humble__ has joined #openstack-keystone06:13
*** roxanaghe has quit IRC06:16
*** humble_ has quit IRC06:17
*** jerrygb has quit IRC06:19
*** ParsectiX has joined #openstack-keystone06:22
*** ajayaa has quit IRC06:25
*** humble_ has joined #openstack-keystone06:25
humble_jamielennox: How can I use keystone.token_auth which is returned by keystonemiddleware to init a keystoneclient?06:26
jamielennoxhumble_: just writing that post :)06:26
jamielennoxbut essentially you just use it as the auth plugin06:27
jamielennoxso you create session as per normal06:27
jamielennoxand you pass auth=request.env['keystone.token_auth']06:27
humble_Can I directly pass auth in keystoneclient without creating a session06:27
*** sdake has quit IRC06:28
jamielennoxhumble_: no you will always need a session as well06:28
*** humble__ has quit IRC06:28
humble_keystoneclient create a session automatic?06:29
*** sdake has joined #openstack-keystone06:29
jamielennoxno, have to do it manually06:29
jamielennoxbut it's like two lines06:29
jamielennoxand you should reuse it always so you get things like connecction pooling06:29
humble_When I create keystoneclient, I don't create session. When I use other client, I can use keystoneclient.session to init06:30
humble_I think It should work.06:31
jamielennoxthat's kind of a bad idea, you're taking the compatibility mode that keystoneclient did and reusing it for other people06:31
jamielennoxif you're doing it that way you can just do session=session.Session()06:31
jamielennoxpass the session to keystoneclient - it's cleaner06:32
humble_If we pass the session, what is the usage of auth06:33
humble_We already use it in session06:33
jamielennoxhumble_: so there are two ways to use session and auth06:34
jamielennoxif you are doing a cli or something where you always use the same auth you can attach auth to session and then just always use the same auth plugin for everything06:35
jamielennoxif you are writing a service and so you are always using different auth you shouldn't need to recreate the session every time06:35
jamielennoxthe session is thread safe so you can create it once and then store it on the process and refer to it as global06:35
jamielennoxthen you can create each client using Client(session=SESSION, auth=user_auth)06:36
jamielennoxboth ways get you a similar outcome but you tend to use the different modes differently depending on how long your auth object lives06:36
humble_When using different auth, session = session.Session()?06:37
*** ajayaa has joined #openstack-keystone06:37
openstackgerritJamie Lennox proposed openstack/keystonemiddleware: Return default value for pkg_version if missing  https://review.openstack.org/22204206:38
*** ankita_wagh has quit IRC06:39
jamielennoxsession.Session() is the simplest object, you haven't let the admin define things like TLS certificates or any connection values06:39
jamielennoxloading session from a config file is two lines06:39
jamielennoxsession.Session.register_conf_options(CONF, group_name)06:40
jamielennoxs = session.Session.load_from_conf_options(CONF, group_name)06:40
humble_What is usage case of loading from config06:41
humble_Oh, I know06:42
jamielennoxit registers these options: https://github.com/openstack/python-keystoneclient/blob/master/keystoneclient/session.py#L794-L81006:43
humble_One more question, if other client want to share the session, which way is better, use global session or use keystoneclient.session06:43
jamielennoxand in future if we need to do something like fix a TLS problem again we can fix it in one place, or add new options to all the services at once06:43
jamielennoxforget about keystoneclient.Client().session it's only there for internal use because keystoneclient has some weird compatibility to maintain06:44
jamielennoxalways create the session yourself and pass it around06:44
humble_OK06:44
humble_I find that serveral clients don't support session now06:44
jamielennoxhumble_: what's left? i know swift doesn't but there's a lot of problems there06:46
humble_glance06:46
jamielennoxi did most of the core services but i haven't used a lot of the newer projects06:47
openstackgerritLin Hua Cheng proposed openstack/python-keystoneclient: Use region_id filter for List Endpoints  https://review.openstack.org/21650106:47
jamielennoxglance is fixed in the most recent release, i think it's 1.006:47
humble_OK06:48
humble_Thank you for your help06:48
*** henrynash has joined #openstack-keystone06:48
*** ChanServ sets mode: +v henrynash06:48
jamielennoxhumble_: np06:49
humble_jamielennox: When I use keystone.token_auth to init a keystoneclient, and query service_catalog, it fails06:49
jamielennoxwhy are you querying the service catalog? it's not something you need to manage with auth_plugins06:50
jamielennoxthe plugins will do the right thing if you pass it to the services06:50
jamielennoxyou don't need to ever get that value yourself06:51
humble_self._barbican = barbicanclient.Client(session=session,06:51
humble_                                               endpoint=endpoint)06:51
humble_I need a endpoint to init the client06:52
humble_jamielennox: Is there a better way06:52
jamielennoxjust session=session, auth=auth should be enough06:53
humble_I think service_type and service_name are necessary06:53
jamielennoxwhen barbican makes a request it gives it's service_type and the session and auth plugin do the rest06:53
humble_nice06:54
jamielennoxbarbicanclient should know it's own service_type, you shouldn't need to tell it06:54
humble_is auth necessary06:54
jamielennoxyes, otherwise you don't have a token or a service catalog to look up from06:54
humble_So we should use gloabl auth?06:56
humble_If not, how other clients get the auth06:56
jamielennoxthe same way keystoneclient did06:58
jamielennoxENV['keystone.token_auth]06:58
humble_jamielennox:I think session should store the auth06:58
jamielennoxhumble_: you can but you would need to create a new session object for each request then06:59
humble_jamielennox:If the auth in all client is same06:59
humble_Can I just use session to init a client without auth07:00
*** lsmola has joined #openstack-keystone07:02
jamielennoxyou can - there's not much you can do without auth though07:03
jamielennoxsorry, if you have auth stored on the session then you don't need to pass it to Client.__init__07:03
humble_I think so07:04
humble_jamielennox:endpoint is necessary in glanceclient07:06
jamielennoxhumble_: which version of glanceclient do you have07:07
humble_v2 version07:07
*** browne has quit IRC07:08
humble_jamielennox:v1 and v2 both need endpoint.07:08
jamielennoxhumble_: which version of the library07:08
humble_0.19.007:10
humble_jamielennox:sorry, maybe it is outdated.07:11
jamielennoxyea, need 1.0 for glance which is not all that old07:11
humble_jamielennox: I will have a try07:12
*** roxanaghe has joined #openstack-keystone07:13
*** stevemar has quit IRC07:13
*** roxanaghe has quit IRC07:18
*** martinus__ has joined #openstack-keystone07:21
*** btully has quit IRC07:39
jamielennoxhumble_: http://www.jamielennox.net/blog/2015/09/10/user-auth-in-openstack-services/07:40
*** bigjools has quit IRC07:43
*** telemonster has quit IRC07:44
*** telemonster has joined #openstack-keystone07:45
*** bigjools has joined #openstack-keystone07:46
*** bigjools has quit IRC07:46
*** bigjools has joined #openstack-keystone07:46
*** markvoelker has joined #openstack-keystone07:57
*** fhubik has joined #openstack-keystone07:58
*** bapalm has quit IRC07:58
*** jmccrory has quit IRC07:59
*** shoutm_ has joined #openstack-keystone08:00
*** bapalm has joined #openstack-keystone08:00
*** jistr has joined #openstack-keystone08:01
*** shoutm has quit IRC08:01
*** markvoelker has quit IRC08:02
*** fhubik is now known as fhubik_brb08:02
*** jmccrory has joined #openstack-keystone08:03
*** marzif has quit IRC08:13
*** roxanaghe has joined #openstack-keystone08:14
*** pnavarro has joined #openstack-keystone08:17
*** sdake has quit IRC08:17
*** jerrygb has joined #openstack-keystone08:19
*** stevemar has joined #openstack-keystone08:20
*** ChanServ sets mode: +v stevemar08:20
*** henrynash has quit IRC08:21
*** roxanaghe has quit IRC08:21
*** stevemar has quit IRC08:24
*** jerrygb has quit IRC08:24
*** claudiub has joined #openstack-keystone08:29
*** lhcheng has quit IRC08:31
*** fhubik_brb is now known as fhubik08:34
*** bigjools has quit IRC08:38
*** bigjools has joined #openstack-keystone08:40
*** claudiub has quit IRC08:42
*** fhubik is now known as fhubik_brb08:44
*** topol has joined #openstack-keystone08:46
*** ChanServ sets mode: +v topol08:46
*** topol has quit IRC08:51
*** e0ne has joined #openstack-keystone08:57
*** markvoelker has joined #openstack-keystone08:58
*** fhubik_brb is now known as fhubik08:59
*** markvoelker has quit IRC09:02
*** jmccrory has quit IRC09:04
*** shoutm has joined #openstack-keystone09:05
*** jmccrory has joined #openstack-keystone09:06
*** shoutm_ has quit IRC09:07
*** e0ne has quit IRC09:07
*** jmccrory has quit IRC09:12
*** e0ne has joined #openstack-keystone09:12
*** jmccrory has joined #openstack-keystone09:15
*** urulama has quit IRC09:17
*** urulama has joined #openstack-keystone09:17
*** jerrygb has joined #openstack-keystone09:20
*** jerrygb has quit IRC09:26
*** dims has joined #openstack-keystone09:31
*** e0ne has quit IRC09:35
*** dims has quit IRC09:38
*** davechen has left #openstack-keystone09:40
*** e0ne has joined #openstack-keystone09:42
*** aix has quit IRC09:45
*** dims has joined #openstack-keystone09:49
*** rajesht has joined #openstack-keystone09:50
rajeshthi cores,09:51
rajeshtneed one more +2 and its small fix09:51
rajeshthttps://review.openstack.org/#/c/210365/09:51
*** roxanaghe has joined #openstack-keystone10:03
*** fhubik is now known as fhubik_brb10:03
*** roxanaghe has quit IRC10:08
*** aix has joined #openstack-keystone10:13
*** amakarov_away is now known as amakarov10:27
*** humble__ has joined #openstack-keystone10:40
*** humble_ has quit IRC10:40
*** markvoelker has joined #openstack-keystone10:59
*** fhubik_brb is now known as fhubik11:00
*** markvoelker has quit IRC11:04
*** fhubik is now known as fhubik_brb11:06
*** humble__ has quit IRC11:12
*** gordc has joined #openstack-keystone11:17
*** jerrygb has joined #openstack-keystone11:21
*** martinus__ has quit IRC11:22
*** shoutm has quit IRC11:24
*** jerrygb has quit IRC11:26
*** shoutm has joined #openstack-keystone11:26
*** aix has quit IRC11:34
*** aix has joined #openstack-keystone11:35
*** fhubik_brb is now known as fhubik11:36
*** dave-mccowan has joined #openstack-keystone11:38
*** rajesht has quit IRC11:48
*** jamielennox is now known as jamielennox|away11:49
*** roxanaghe has joined #openstack-keystone11:51
*** rajesht has joined #openstack-keystone11:51
*** henrynash has joined #openstack-keystone11:51
*** ChanServ sets mode: +v henrynash11:51
*** markvoelker has joined #openstack-keystone11:55
*** gordc has quit IRC11:56
*** gordc has joined #openstack-keystone11:56
*** roxanaghe has quit IRC11:57
*** dsirrine has joined #openstack-keystone12:02
*** jistr is now known as jistr|mtg12:03
*** henrynash_ has joined #openstack-keystone12:05
*** ChanServ sets mode: +v henrynash_12:05
*** henrynash has quit IRC12:06
*** henrynash_ is now known as henrynash12:06
*** nakamura has quit IRC12:19
*** gordc has quit IRC12:19
*** samueldmq has joined #openstack-keystone12:21
*** dims has quit IRC12:22
*** dims has joined #openstack-keystone12:23
*** zzzeek has joined #openstack-keystone12:29
*** gordc has joined #openstack-keystone12:34
*** henrynash_ has joined #openstack-keystone12:36
*** ChanServ sets mode: +v henrynash_12:36
*** henrynash has quit IRC12:36
*** henrynash_ is now known as henrynash12:36
*** linkmark has joined #openstack-keystone12:36
*** e0ne has quit IRC12:37
*** nicodemos has joined #openstack-keystone12:39
*** henrynash has quit IRC12:40
*** jerrygb has joined #openstack-keystone12:40
*** henrynash has joined #openstack-keystone12:42
*** ChanServ sets mode: +v henrynash12:42
*** jerrygb has quit IRC12:45
openstackgerritAlexander Makarov proposed openstack/keystone: Move region configuration to a critical section  https://review.openstack.org/22217312:46
*** henrynash has quit IRC12:48
*** Nirupama has quit IRC12:48
*** jistr|mtg is now known as jistr12:52
*** topol has joined #openstack-keystone12:53
*** ChanServ sets mode: +v topol12:53
*** henrynash has joined #openstack-keystone12:55
*** ChanServ sets mode: +v henrynash12:55
*** henrynash has quit IRC12:57
*** richm has joined #openstack-keystone13:00
*** tiny-hands has joined #openstack-keystone13:01
*** edmondsw has joined #openstack-keystone13:12
*** fhubik is now known as fhubik_brb13:14
*** fhubik_brb is now known as fhubik13:17
*** fhubik is now known as fhubik_brb13:19
*** bknudson has joined #openstack-keystone13:19
*** ChanServ sets mode: +v bknudson13:19
*** links has quit IRC13:23
bknudsonRequirements update is failing: https://review.openstack.org/#/c/222000/13:30
*** jsavak has joined #openstack-keystone13:32
*** e0ne has joined #openstack-keystone13:33
*** jecarey has joined #openstack-keystone13:33
*** hrou has joined #openstack-keystone13:33
*** browne has joined #openstack-keystone13:36
edmondswanyone know why I keystonemiddleware UTs sometimes (pretty often, but not consistently) fail with a DuplicateOptError as seen here: http://logs.openstack.org/73/217373/6/check/gate-keystonemiddleware-python34/03e20d0/console.html13:37
edmondswopened https://bugs.launchpad.net/keystonemiddleware/+bug/149432713:39
openstackLaunchpad bug 1494327 in keystonemiddleware "DuplicateOptError intermittently breaks UT" [Undecided,New]13:39
*** roxanaghe has joined #openstack-keystone13:39
bknudsonedmondsw: I think this started with the latest release of oslo.config... haven't had a chance to look into it.13:40
*** fhubik_brb is now known as fhubik13:41
*** jerrygb has joined #openstack-keystone13:41
*** henrynash has joined #openstack-keystone13:41
*** ChanServ sets mode: +v henrynash13:41
*** roxanaghe has quit IRC13:45
*** jerrygb has quit IRC13:45
*** dsirrine has quit IRC13:47
*** dsirrine has joined #openstack-keystone13:48
*** browne has quit IRC13:48
bknudsonFiled a bug for the requirements update issue: https://bugs.launchpad.net/keystone/+bug/149433013:49
openstackLaunchpad bug 1494330 in Keystone "Requirements update is failing" [Undecided,New]13:49
*** ajayaa has quit IRC13:51
*** shoutm has quit IRC13:55
openstackgerritTom Cocozzello proposed openstack/python-keystoneclient: Move pot file for traslation  https://review.openstack.org/22147313:57
*** ChanServ sets mode: +o dolphm13:59
*** topol has quit IRC14:00
*** mrutkows has joined #openstack-keystone14:02
*** topol has joined #openstack-keystone14:02
*** ChanServ sets mode: +v topol14:02
*** ParsectiX has quit IRC14:03
*** sigmavirus24_awa is now known as sigmavirus2414:03
*** btully has joined #openstack-keystone14:04
*** browne has joined #openstack-keystone14:05
*** bigjools has quit IRC14:05
*** henrynash has quit IRC14:05
*** mrutkows has quit IRC14:06
*** shoutm has joined #openstack-keystone14:07
*** bigjools has joined #openstack-keystone14:07
*** bigjools has quit IRC14:07
*** bigjools has joined #openstack-keystone14:07
*** roxanaghe has joined #openstack-keystone14:08
*** fhubik is now known as fhubik_brb14:08
openstackgerritAlexander Makarov proposed openstack/keystone: Move region configuration to a critical section  https://review.openstack.org/22217314:10
*** fhubik_brb is now known as fhubik14:12
*** jerrygb has joined #openstack-keystone14:15
edmondswseeking a second +2 on simple fix: https://review.openstack.org/#/c/221897/14:16
*** mflobo1 has joined #openstack-keystone14:16
*** roxanaghe has quit IRC14:16
*** henrynash has joined #openstack-keystone14:16
*** ChanServ sets mode: +v henrynash14:16
dstanekbknudson: you around?14:17
bknudsondstanek: where else would I be?14:17
dstanekbknudson: good question :-)14:17
dstanekbknudson: that wsgi change means that you can't just take the stock paste.ini anymore14:17
bknudsondstanek: how? It shouldn't have changed anything.14:18
bknudsonthere's no change to the paste.ini14:18
dstanekmod_wsgi looks for the app or composite section by name so in this case it's looking for one named keystone-wsgi-admin/keystone-wsgi-public14:19
dstanekbknudson: http://paste.openstack.org/show/uQ3hIC3Pf2uWzdAQ2ayH/14:19
bknudsonHere's the devstack change, no mucking with paste.ini: https://review.openstack.org/#/c/194729/14:19
*** samueldmq has quit IRC14:19
bknudsondstanek: is there a bug in the script that pbr generates?14:20
bknudsonpbr generates /usr/local/bin/keystone-wsgi-admin14:20
*** roxanaghe has joined #openstack-keystone14:21
dstanekbknudson: oh, i bet it's that you can't use that config with a slightly older keystone clone14:21
dstanekyep, that has to be what it is14:21
bknudsonthe wsgi script is going to call keystone.server.wsgi:initialize_admin_application to create the application14:21
*** mrutkows_ has joined #openstack-keystone14:21
bknudsonor keystone.server.wsgi:initialize_public_application14:22
bknudsonthe old initilize_application took the name.14:22
bknudsonhttp://git.openstack.org/cgit/openstack/keystone/tree/keystone/server/wsgi.py#n5014:22
*** roxanaghe has quit IRC14:22
*** marzif has joined #openstack-keystone14:23
*** mflobo1 has left #openstack-keystone14:23
dstanekbknudson: yeah, i saw that. i think what they were running into was taking a newish version of keystone and converting it to use Apache.14:24
dstanekthe default goto for configs is in our repo, but that one only works with the version it was committed in or above (unless you modify paste.ini)14:25
*** mrutkows_ is now known as mrutkows14:25
*** tdurakov has quit IRC14:26
*** marzif has quit IRC14:30
*** marzif has joined #openstack-keystone14:31
*** topol has quit IRC14:35
dstanekthe same issue exists with my paste.ini changes14:36
*** tonytan4ever has joined #openstack-keystone14:40
*** shoutm has quit IRC14:42
*** slberger has joined #openstack-keystone14:47
*** geoffarnoldX is now known as geoffarnold14:48
*** tdurakov has joined #openstack-keystone14:53
*** aix has quit IRC14:53
*** hrou has quit IRC14:55
*** e0ne has quit IRC14:55
*** hrou has joined #openstack-keystone14:55
*** stevemar has joined #openstack-keystone14:58
*** ChanServ sets mode: +v stevemar14:58
*** marzif has quit IRC14:59
*** e0ne has joined #openstack-keystone15:03
*** roxanaghe has joined #openstack-keystone15:03
*** roxanaghe has quit IRC15:08
bknudsonhttps://review.openstack.org/#/c/222236/ in requirements should fix the reqs update issue.15:10
*** mrutkows has quit IRC15:10
*** jistr is now known as jistr|mtg15:14
*** roxanaghe has joined #openstack-keystone15:14
*** samueldmq has joined #openstack-keystone15:16
*** ebalduf_ has quit IRC15:18
*** roxanaghe has quit IRC15:22
*** jistr|mtg is now known as jistr15:26
*** aix has joined #openstack-keystone15:26
*** topol has joined #openstack-keystone15:28
*** ChanServ sets mode: +v topol15:28
*** dave-mccowan has quit IRC15:30
*** csoukup has joined #openstack-keystone15:30
*** fhubik has quit IRC15:33
*** gyee has joined #openstack-keystone15:34
*** ChanServ sets mode: +v gyee15:34
*** jsavak has quit IRC15:34
*** jsavak has joined #openstack-keystone15:39
*** dave-mccowan has joined #openstack-keystone15:43
*** browne has quit IRC15:44
*** tdurakov has quit IRC15:46
*** tdurakov_ has joined #openstack-keystone15:52
*** jsavak has quit IRC15:54
*** jsavak has joined #openstack-keystone15:54
*** e0ne has quit IRC15:56
*** e0ne has joined #openstack-keystone16:02
*** tonytan4ever has quit IRC16:03
*** ebalduf_ has joined #openstack-keystone16:05
openstackgerritTom Cocozzello proposed openstack/python-keystoneclient: Move pot file for traslation  https://review.openstack.org/22147316:05
*** diazjf has joined #openstack-keystone16:06
*** jasonsb has quit IRC16:08
*** jasonsb has joined #openstack-keystone16:08
*** ebalduf_ has quit IRC16:10
*** jasonsb has quit IRC16:23
ayoungautopep8 makes me happy:  http://paste.openstack.org/show/455367/16:24
*** ankita_wagh has joined #openstack-keystone16:25
gyeeayoung, nice!16:25
ayounggyee, yeah.  It only changes lines that have warnings.  So you don't have arbitrary shifting around16:26
*** woodster_ has joined #openstack-keystone16:26
gyeetime to integrate it into git review16:27
*** jasonsb has joined #openstack-keystone16:27
*** browne has joined #openstack-keystone16:27
htrutaayoung: I really like running flake8 every time I write in the file, as in dolphm's .vimrc16:32
openstackgerritMerged openstack/keystonemiddleware: Use ConnectionRefused for auth_token tests  https://review.openstack.org/22189716:35
*** diazjf has quit IRC16:35
openstackgerritMerged openstack/python-keystoneclient: Use region_id filter for List Endpoints  https://review.openstack.org/21650116:37
ayounghtruta, autopep8 -i on save would be wonderful16:38
*** ParsectiX has joined #openstack-keystone16:38
*** jistr has quit IRC16:40
*** bradjones|away is now known as bradjones16:42
*** diazjf has joined #openstack-keystone16:45
*** lhcheng has joined #openstack-keystone16:47
*** ChanServ sets mode: +v lhcheng16:47
*** dims_ has joined #openstack-keystone16:48
*** dims has quit IRC16:51
*** lsmola has quit IRC16:53
*** e0ne has quit IRC16:54
*** ankita_wagh has quit IRC16:57
*** pgbridge has quit IRC16:58
*** arunkant_ has joined #openstack-keystone17:04
*** raildo is now known as raildo-afk17:04
*** raildo-afk is now known as raildo17:07
*** aix has quit IRC17:09
*** ankita_wagh has joined #openstack-keystone17:15
*** pnavarro has quit IRC17:20
*** gyee has quit IRC17:21
amakarovbknudson, hi! I'd really appreciate if you help me to decide what to do with the bug: https://bugs.launchpad.net/keystone/+bug/149439817:23
openstackLaunchpad bug 1494398 in Keystone "AuthN fails if the tenant is recreated in the process" [Undecided,New]17:23
amakarovI understand the case is weird, but still seems valid...17:24
lbragstadbknudson: whoop whoop! https://review.openstack.org/#/c/220272/17:25
bknudsonlbragstad: devstack with fernet works now?17:26
lbragstadbknudson: we're going to find out17:26
lbragstadbknudson: dolphm retriggered your patch17:26
lbragstadit might take another retrigger after 220272 merges?17:26
lbragstadbknudson: but I can keep eyes on it17:26
bknudsonlbragstad: I thought you had depends-on?17:27
lbragstadbknudson: you added that17:27
lbragstadI believe17:27
bknudsonif there's depends-on then the tempest change isn't going to make it pass17:27
*** tonytan4ever has joined #openstack-keystone17:28
*** mylu has joined #openstack-keystone17:36
morganlbragstad: why did we opt to truncate fernet instead of just moving everything towards microsecond?17:36
morganlbragstad: if I recall the truncate was the opposite of the discussion we had before17:36
lbragstadmorgan: the fernet library provided by cryptography doesn't support creating tokens with subsecond precision17:36
bknudsonit would be easier if all tokens worked the same way17:37
morganlbragstad: ah. then can we just move towards everything being not subsecond?17:37
morganaudit_ids mean subsecond isn't needed17:37
morganthe whole reason for subsecond was to make PKI tokens "unique"17:37
morganso they didn't hash to the same value17:37
bknudsonI think we've got audit IDs in revocation events17:37
morganlbragstad: I'd be ok with this being filed as a simple bug.17:38
morganbknudson: yeah. they get used there too17:38
dolphmbknudson: so eliminate all inferior token formats17:38
dolphmbknudson: but we're not using them correctly, afaict17:38
dolphm(audit_ids)17:38
morgandolphm: next cycle: deprecate PKI[z] and UUID in favour of fernet! ;)17:38
bknudsonalso revocation events need to remove subsecond precision17:39
dolphmbknudson: remove?17:39
morganbknudson: yes we should do that.17:39
dolphmwhy?17:39
morgandolphm: subsecond precision is pointless in the revocation events17:39
bknudsonthe revocation events say > x.xxxx17:39
dolphmbecause mysql 5.5 doesn't support them?17:39
bknudsonbut tokens can be issued "in the past"17:39
morgandolphm: that too17:39
bknudsonbecause fernet doesn't support them17:39
morgandolphm: but because it isn't really needed17:40
dolphmbknudson: oh, interesting.17:40
dolphmbknudson: i haven't thought about it that way17:40
dolphmmorgan: i'd be in favor of that17:40
morgandolphm: i think it's worth filing a bug and doing the cleanup17:41
dolphmmorgan: subsecond precision served a hacky purpose with PKI, but audit IDs have superceded that entirely17:41
morgannot really a BP. just a "hey make tokens consistent in this regard"17:41
morgandolphm: exactly17:41
*** mylu has quit IRC17:41
dolphmmorgan: i bet we already have an open bug that would be applicable to resolving...17:41
dolphmlbragstad: what's the bug that werner and jorge were working last week?17:41
morgandolphm: we have enough bugs, one of them somewhere has to cover it17:41
lbragstaddolphm: digging17:41
dolphmlbragstad: they were doing a migration to the revocation table to workaround the same sort of issue17:42
dolphmmorgan: =)17:42
* morgan should respond to the PTL thread.17:42
morgandolphm: got a few moments to proofread something for me?17:42
lbragstaddolphm: https://bugs.launchpad.net/keystone/+bug/148423717:43
openstackLaunchpad bug 1484237 in Keystone "token revocations not always respected when using fernet tokens" [Medium,In progress] - Assigned to werner mendizabal (nonameentername)17:43
dolphmmorgan: sure17:44
*** samueldmq has quit IRC17:45
*** samueldmq has joined #openstack-keystone17:45
dolphmlbragstad: thanks, copy pasta'd morgan's comments into that bug. https://bugs.launchpad.net/keystone/+bug/1484237/comments/2617:46
openstackLaunchpad bug 1484237 in Keystone "token revocations not always respected when using fernet tokens" [Medium,In progress] - Assigned to werner mendizabal (nonameentername)17:46
morganwoo17:46
morgan:)17:46
lbragstadok, so the new fix for that would be to rip out subsecond precision from revocation events.17:47
lbragstadhttps://github.com/openstack/keystone/blob/master/keystone/contrib/revoke/model.py#L11817:48
stevemarlbragstad: dolphm nice job dudes :)17:48
* lbragstad high fives stevemar17:56
*** dave-mccowan has quit IRC18:00
*** doug-fish has quit IRC18:01
bknudsonlbragstad: if it's issued_before then that shouldn't be a problem...18:02
*** doug-fish has joined #openstack-keystone18:02
bknudsonhere's the mysql workaround: https://github.com/openstack/keystone/blob/master/keystone/contrib/revoke/model.py#L8818:02
*** dave-mccowan has joined #openstack-keystone18:03
lbragstadbknudson: yeah, i don't think sqlalchemy model supports subsecond precision anyway18:06
*** doug-fish has quit IRC18:06
lbragstadbknudson: https://github.com/openstack/keystone/blob/master/keystone/contrib/revoke/migrate_repo/versions/001_revoke_table.py#L33 sql.DateTime isn't accurate to the subsecond by default18:07
bknudsonlbragstad: I think in sqlite the timestamps were subsecond18:10
bknudsonthat's why the unit tests passed18:10
lbragstadbknudson: that would make sense18:10
*** bknudson has quit IRC18:10
dstanekyay for sqlite!18:11
dstanekdolphm: any reason why you didn't close this one for keystone? https://bugs.launchpad.net/keystone/+bug/110140418:12
openstackLaunchpad bug 1101404 in OpenStack Compute (nova) "nova syslog logging to /dev/log race condition in python 2.6 and 2.7" [Medium,Confirmed]18:12
lbragstadbkn<tab><tab><tab><tab>.... (sigh)18:13
*** e0ne has joined #openstack-keystone18:13
*** madhu_ak has quit IRC18:14
dolphmlbragstad: ++18:15
dolphmst<tab><tab> surprise, stevemar's on!18:15
*** bknudson has joined #openstack-keystone18:16
*** ChanServ sets mode: +v bknudson18:16
lbragstadstevemar: is bkn<tab><tab><tab> hidding on ST?18:16
lbragstadI was going to leave him this - since it's relevant https://review.openstack.org/#/c/216236/18:16
bknudsonI had to reboot18:16
lbragstadbknudson: \o/18:16
lbragstadhttps://review.openstack.org/#/c/216236/18:17
stevemardolphm: i've been bad lately :(18:17
*** e0ne has quit IRC18:17
dolphmstevemar: bknudson: znc. both of you. now.18:18
bknudsonznc?18:18
stevemardolphm: lbragstad: bknudson is like beetlejuice, just say his name three times and he appears18:18
lbragstadstevemar: ++18:18
stevemardolphm: i need to disconnect completely every now and then :P18:19
bknudsonI need a server18:19
dolphmbknudson: you work for a public cloud provider, right?18:19
stevemaryou think we get things for free?18:19
lbragstadbknudson: have mrodden give you one18:20
bknudsonlbragstad: he's just got systems under his desk18:20
dolphmstevemar: yes, especially service-y things18:20
lbragstadbknudson: those will work18:20
dstanekare we in string freeze now?18:20
bknudsondstanek: yes18:20
dstanekbknudson: ok, that's what i thought18:20
bknudsonmaybe topol can get free time on softlayer but not us18:23
*** doug-fish has joined #openstack-keystone18:23
lbragstad#action topol to get znc servers for everyone18:24
dolphmbut string freeze only affects changing strings, not adding strings, at the moment.... right?18:24
*** doug-fish has quit IRC18:24
topolwhat do we need from softlayer?18:24
*** doug-fish has joined #openstack-keystone18:25
dolphmtopol: you need a single znc server for y'all to share18:25
lbragstadtopol: bknudson and stevemar need znc servers...18:25
lbragstador a znc server18:25
topolthrough Monty and the BlueBox folks we may steal some of their resources18:25
dstanekdolphm: yes, only changing18:25
topolbknudson let's goto work with Monty on this. do you have the details18:26
*** doug-fish has quit IRC18:27
*** doug-fish has joined #openstack-keystone18:27
dstanektopol: Rax has a developer account that you can give to your team. :-P18:28
morganstevemar: so it's official, I also just announced I wont be running for PTL next cycle.18:29
stevemarmorgan: i just finished reading https://www.morganfainberg.com/blog/2015/09/09/openstack-career-act-3-scene-1/18:30
stevemardstanek: y u no +A?!18:30
morganI figured a bit more formal post was warranted than a "omg joining" tweet18:30
dstanekstevemar: ?18:30
stevemardstanek: https://review.openstack.org/#/c/221473/18:30
*** iurygregory has quit IRC18:30
dstanekstevemar: oh, gertty didn't show any other reviews at the time18:31
*** mflobo has quit IRC18:31
morganjenkins18:31
morganmaybe?18:31
stevemardstanek: tsk tsk gerrty18:31
bknudsondolphm: dstanek: https://wiki.openstack.org/wiki/StringFreeze was recently updated18:32
dstanekmorgan: short and sweet post18:33
topolmordred ^18:33
dstanekbknudson: yeah, that's why i was even thinking about it :-) otherwise i would have had to be reminded18:33
*** pgbridge has joined #openstack-keystone18:34
dstanekmorgan: i'm curious to know how it all plays out and what will happen in the second scene18:34
*** iurygregory has joined #openstack-keystone18:34
morgandstanek: second scene will be the next post.18:35
*** mflobo has joined #openstack-keystone18:35
morganbut that will be waiting untill the end of september/early october18:35
stevemardstanek: act 3 scene 2 will be good, it'll all be good!18:35
stevemarthe rest of the play ends with everyone happy18:35
*** ankita_wagh has quit IRC18:35
bknudsonscene 2 is usually where the hero comes up with a bold plan18:36
morganbknudson: I think I did that.. PTL of keystone ;)18:36
morganoh act ii18:36
morgani do have a bold plan for scene 218:36
morganin act three18:36
bknudsonact 2 is when the hero is in trouble and hits rock bottom18:37
morganhah18:37
morgananyway18:37
amakarovmorgan, don't forget to take away that rifle from the wall prior to the end of act iii :)18:37
morganLOL18:37
* bknudson hopes this isn't a 3-act play18:38
bknudsonmight be taking the analogy too far18:38
mordredmorgan: great post18:39
morganbknudson: even if it's a 3-act play, you can have many many many scenes18:39
*** tonytan4ever has quit IRC18:40
*** amakarov is now known as amakarov_away18:44
*** phalmos has joined #openstack-keystone18:52
*** tonytan4ever has joined #openstack-keystone18:52
*** jecarey has quit IRC18:58
*** nicodemos has quit IRC19:00
topolmorgan, Enjoyed your post as well!19:04
topolI like how morgan popped up on our internal messaging system and gave henrynash the shock of his life!!!19:05
morgantopol: hehe19:06
topoleven not being with him in the same room I know the exact facial expression henrynash would have made :-)19:06
*** doug-fish has quit IRC19:08
*** doug-fish has joined #openstack-keystone19:09
*** dims_ has quit IRC19:11
*** dims has joined #openstack-keystone19:11
*** doug-fish has quit IRC19:13
*** roxanaghe has joined #openstack-keystone19:14
*** doug-fish has joined #openstack-keystone19:16
*** doug-fish has quit IRC19:16
*** doug-fish has joined #openstack-keystone19:17
*** roxanaghe has quit IRC19:24
morgantopol: hehe mdrnstm@us.ibm.com19:27
morgantopol:  *shiftyeyes*19:27
*** roxanaghe has joined #openstack-keystone19:28
dimsmorgan: congrats! :)19:29
*** urulama has quit IRC19:31
*** urulama has joined #openstack-keystone19:31
topolmorgan, great email choice!19:31
morgantopol: :)19:31
samueldmqmorgan, well .. liked the post as well19:32
samueldmqmorgan, congrats :)19:32
morgannow i jsut have to get through the new hire insanity19:32
dimsbknudson: morgan: seen this before? devstack with Only /v3 API fails under eventlet (and NOT apache) - http://logs.openstack.org/00/221300/17/check/gate-tempest-dsvm-postgres-full/7a42555//logs/screen-key.txt.gz?#_2015-09-10_19_20_01_49419:33
*** roxanaghe has quit IRC19:33
morganlookinb19:34
morganno i haven't seen that before19:34
*** geoffarnold has quit IRC19:34
*** roxanaghe has joined #openstack-keystone19:35
dstanekdo we need to be strict about string freeze in ksc now that we are working on getting translations working?19:35
morgandims: and clearly not happening every single pass, or we'd have a much more explod-y gate19:35
morgandstanek: I'd say yes. but not until translations are actually being done for keystoneclient19:35
dimsmorgan: y, like i said postgres job is using eventlet and i see it only when i disable /v219:36
morgandims: hm.19:36
morgandims: oh19:36
morgan"default" is the domain ID "Default" is the naem... but weird it happens in eventlet only when v2 is disabled19:36
*** roxanagh_ has joined #openstack-keystone19:36
morgani am so happy eventlet is dead to us soon19:37
*** ninag has joined #openstack-keystone19:37
*** ninag has quit IRC19:37
dimsmorgan: i hear you...same review large ops job under apache - http://logs.openstack.org/00/221300/17/check/gate-tempest-dsvm-large-ops/f979690//logs/apache/keystone.txt.gz#_2015-09-10_19_09_23_33116719:39
dimswith /v2 disabled19:39
stevemarmorgan: da fack, you got to pick your email?19:39
dstanekmorgan: k. how do we start submitting ksc strings to the translators? i have no idea how that process works19:39
morgandstanek: automatically should be done19:40
morganbasicaally it is part of the _() logic and the extract strings19:40
dimsstevemar: you can add an additional email address alias!19:40
dstanekmorgan: right but something has to run extract_strings to hand over to the translators19:41
stevemardims: whaaat19:41
morgandstanek: yes.19:41
dimsstevemar: yep19:41
dstanekdims: do they have to be approved?19:41
topolmorgan, eventlet is already dead to me!19:42
dstanekcto@us.ibm.com would be a cool one to snag19:42
morgantopol: in a few weeks eventlet in keystone gets rm -rf'd19:43
dimsdstanek: stevemar: was quite easy to get it, wasn't too cumbersome if i remember right.19:43
topolmorgan. NIce!!!19:43
morgandims: it was pretty much just automated.19:43
*** zzzeek has quit IRC19:44
ayoungmorgan, you going to move to Poughkeepsie now?19:48
morganno19:48
morganstaying in California for the immediate timeframe19:48
ayoungRDU?19:48
morganlooking at NYC after the winter (i'd move now but tokyo and other timing makes cross country hard)19:48
ayoungmorgan, congrats...again19:49
morgan:)19:49
ayoungthat is a lot of IBMers on Keystone now.19:49
morganyes there is19:49
stevemaryeah, too many, we should eliminate a few -_-19:51
dstanekthat's a harsh punishment just for working at IBM19:52
ayoungdstanek, I think the punishment for working on Keystone is that you might end up at IBM19:54
ayoungUnless you work at IBM already.  Then you end up at Rackspace19:54
stevemarhehe19:54
stevemari doubt topol is going anywhere19:54
dstaneklol19:54
*** jecarey has joined #openstack-keystone19:54
dstanekstevemar: once they make you a king it's hard to step away19:55
stevemarlol19:55
*** sdake has joined #openstack-keystone19:55
lbragstadayoung: lol19:56
topolHaving way too much fun to leave IBM.   you havent lived until drinking and strategizing with mordred and the bluebox folks19:57
ayoungstevemar, topol hardly can claim to work on Keystone.  Approving specs just adds to the backlog of work to be done for Keystone.19:57
topolayoung, ouch19:57
ayoungtopol, I didn't need to go to IBM to do that19:57
ayoungtopol, its ok, these days I can't even get specs approved19:57
topolI'll try harder.   They made me buy companies.  thankfully that work is done for a while19:57
*** jerrygb has quit IRC19:58
morganok now that the fun of the twitter storm is done.... i need breakfast^wlunch19:59
topoland then I had to recruit all these folks... It all took time... But was a great investment of my time19:59
*** roxanagh_ has quit IRC20:00
stevemartopol: we had a rebuilding year is all!20:00
ayoungtopol, You now pay for the effort you were getting for free before20:01
stevemarrebuilding cycle*20:01
stevemarjust like the steelers, we were rebuilding!20:01
*** gyee has joined #openstack-keystone20:01
*** ChanServ sets mode: +v gyee20:01
*** sdake_ has joined #openstack-keystone20:02
*** elmiko has joined #openstack-keystone20:05
*** sdake has quit IRC20:05
*** pnavarro has joined #openstack-keystone20:07
elmikohi all, i'm running into an issue creating trusts. i attempt to create the trust and i'm passing in the role name to be delegated, but i am getting an error back from keystone:20:08
elmiko{"error": {"message": "Could not find role: 256950ce723741028122c1eb445abbc1", "code": 404, "title": "Not Found"}}20:08
elmikoi passed the role in by name, and that uuid is the correct id for the role, but why would keystone report not found?20:09
*** dave-mccowan has quit IRC20:09
stevemarelmiko: that's strange, how are you creating the trust?20:09
elmikostevemar: using the keystoneclient, i can paste the rest body20:10
stevemarsure, use a paste site20:10
elmikoyea, 1sec20:10
elmikohttp://paste.openstack.org/show/455625/20:11
elmikothat's what our logs show20:11
morganjamielennox|away: chatted with dhellmann, we'll do v2.0 work on master once liberty is forked for keystoneclient20:13
morganno feature branch.20:13
morganit does mean things will be slow to merge in some cases.20:14
*** csoukup has quit IRC20:19
*** ankita_wagh has joined #openstack-keystone20:26
*** pnavarro has quit IRC20:28
*** jerrygb has joined #openstack-keystone20:30
*** ParsectiX has quit IRC20:31
*** dave-mccowan has joined #openstack-keystone20:31
*** ParsectiX has joined #openstack-keystone20:33
openstackgerritMerged openstack/python-keystoneclient: Move pot file for traslation  https://review.openstack.org/22147320:36
*** aix has joined #openstack-keystone20:40
*** pnavarro has joined #openstack-keystone20:41
*** gordc has quit IRC20:44
*** topol has quit IRC20:49
*** geoffarnold has joined #openstack-keystone20:51
*** tonytan4ever has quit IRC20:52
dolphmbknudson: why is this critical? https://bugs.launchpad.net/keystone/+bug/149433020:54
openstackLaunchpad bug 1494330 in Keystone "Requirements update is failing" [Critical,Confirmed] - Assigned to Brant Knudson (blk-u)20:54
bknudsondolphm: we can't update the requirements without it.20:54
stevemardolphm: we need that to ship?20:54
*** ParsectiX has quit IRC20:55
bknudsondolphm: although I agree it's not critical or even valid for keystone20:55
dolphmstevemar: blocking release is valid, i suppose20:55
bknudsonit's not a bug in keystone20:55
dolphmbknudson: is there no LP project to track against openstack/requirements? i was looking for one the other day20:55
*** jasonsb has quit IRC20:55
dolphmnever checked infra config though20:55
bknudsondolphm: no, I looked for one and didn't find it20:55
bknudsonI asked on infra and no response20:55
bknudsonI checked the README and there's no info on where to post bugs20:56
*** ankita_w_ has joined #openstack-keystone20:57
bknudsonhttps://bugs.launchpad.net/openstack-ci -- no bugs there20:57
dolphmstevemar: "the gating on this unmerged patch won't pass" just didn't strike me as anywhere near critical20:57
dolphmbut we do need to sync before releaswe20:57
*** tonytan4ever has joined #openstack-keystone20:57
bknudsonI don't care what the importance is on it.20:58
*** raildo is now known as raildo-afk20:58
*** ankita_wagh has quit IRC20:59
bknudsonwhen I changed it to critical the page wasn't showing that it was set to medium already20:59
dolphmbknudson: i was surprised that you set the priority on a bug at all ;)20:59
dolphmbknudson: yeah, we did that at the same time. just wanted to follow up and better understand the impact20:59
*** csoukup has joined #openstack-keystone21:04
*** pnavarro has quit IRC21:05
*** dave-mccowan has quit IRC21:06
openstackgerritBrant Knudson proposed openstack/python-keystoneclient: Remove shadowed ConnectionError  https://review.openstack.org/22236621:11
*** sdake_ has quit IRC21:13
*** samueldmq has quit IRC21:13
*** jasonsb has joined #openstack-keystone21:14
*** samueldmq has joined #openstack-keystone21:15
*** urulama is now known as urulama__21:16
*** edmondsw has quit IRC21:19
*** ayoung has quit IRC21:21
*** mylu has joined #openstack-keystone21:22
*** tiny-hands has quit IRC21:24
*** sdake has joined #openstack-keystone21:26
*** jsavak has quit IRC21:31
*** jsavak has joined #openstack-keystone21:31
*** mylu has quit IRC21:33
*** jecarey has quit IRC21:38
*** geoffarnold has quit IRC21:41
*** urulama__ has quit IRC21:41
*** urulama__ has joined #openstack-keystone21:42
*** phalmos has quit IRC21:43
*** geoffarnold has joined #openstack-keystone21:44
elmikostevemar: pbkac error, sorry for the wasted time21:50
stevemarelmiko: aint that always the case!21:51
openstackgerritBrant Knudson proposed openstack/keystonemiddleware: Docstring updates  https://review.openstack.org/20821321:51
elmikostevemar: sigh.. yea. but i learned more about the keystone code, so that's a win =)21:51
*** tonytan4ever has quit IRC21:54
*** mylu has joined #openstack-keystone21:59
*** bknudson has quit IRC22:04
*** slberger has left #openstack-keystone22:08
*** geoffarnold has quit IRC22:09
*** marzif has joined #openstack-keystone22:10
*** marzif_ has joined #openstack-keystone22:18
*** sigmavirus24 is now known as sigmavirus24_awa22:18
*** marzif has quit IRC22:18
*** pgbridge has quit IRC22:19
*** pgbridge has joined #openstack-keystone22:20
*** dims_ has joined #openstack-keystone22:20
*** ayoung has joined #openstack-keystone22:21
*** ChanServ sets mode: +v ayoung22:21
*** henrynash has quit IRC22:21
*** dims has quit IRC22:23
*** geoffarnold has joined #openstack-keystone22:24
*** doug-fish has quit IRC22:27
*** ebalduf_ has joined #openstack-keystone22:30
*** ebalduf_ has quit IRC22:34
*** tonytan4ever has joined #openstack-keystone22:35
*** linkmark has quit IRC22:38
*** dave-mccowan has joined #openstack-keystone22:39
*** mylu has quit IRC22:42
*** hrou has quit IRC22:46
*** ankita_w_ has quit IRC22:47
*** ankita_wagh has joined #openstack-keystone22:47
*** mylu has joined #openstack-keystone22:48
*** mylu has quit IRC22:49
*** mylu has joined #openstack-keystone22:49
*** ankita_w_ has joined #openstack-keystone22:52
*** ankita_wagh has quit IRC22:52
*** marzif_ has quit IRC22:52
*** tonytan4ever has quit IRC22:56
*** bknudson has joined #openstack-keystone23:05
*** ChanServ sets mode: +v bknudson23:05
*** samueldmq has quit IRC23:06
*** roxanagh_ has joined #openstack-keystone23:07
*** mylu has quit IRC23:07
*** ayoung has quit IRC23:10
*** arunkant_ has quit IRC23:12
*** geoffarnold has quit IRC23:15
*** browne has quit IRC23:20
*** jsavak has quit IRC23:28
*** dave-mccowan has quit IRC23:39
*** hrou has joined #openstack-keystone23:49
*** shoutm has joined #openstack-keystone23:51
*** fangzhou has joined #openstack-keystone23:53
*** aix has quit IRC23:53
*** geoffarnold has joined #openstack-keystone23:55
*** tonytan4ever has joined #openstack-keystone23:57
*** roxanagh_ has quit IRC23:59
« Wednesday, 2015-09-09 Index Friday, 2015-09-11 »

Generated by irclog2html.py 2.14.0 by Marius Gedminas - find it at mg.pov.lt!