Tuesday, 2015-11-03

« Monday, 2015-11-02 Index Wednesday, 2015-11-04 »
*** markvoelker has quit IRC00:00
bknudsonhow about put them in an extras package?00:00
bknudsonkeystoneauth1.extras.kerberos00:00
bknudsonit could match the value in [extras]00:00
jamielennoxyea, extras vs contrib i don't mind00:01
jamielennoxi'm just wondering if it's confusing if we put it in standard /auth/plugins/v3 when you have to do the extras install00:01
*** jasonsb has quit IRC00:03
*** jasonsb has joined #openstack-keystone00:03
*** jerrygb has quit IRC00:03
*** hrou has joined #openstack-keystone00:06
bknudsonwe could do try-import so that it's in __all__ but then you try to use it and it fails at runtime00:07
jamielennoxthat's similar to the lazy importer that marekd copied over with the saml2 plugin00:09
*** browne has quit IRC00:09
*** pgbridge has quit IRC00:10
*** EinstCrazy has quit IRC00:10
*** EinstCrazy has joined #openstack-keystone00:12
shalehisn't part of the complain slow load times for modules many don't use?00:20
bknudsonwhatever we pick we can move it anyways00:20
shalehI know dtroyer was grumbling about slow module loads due to imports00:21
bknudsonif someone opens a bug due to slow import times we'll use the lazy importer00:21
bknudsonjamielennox: pick a module and we'll use it... contrib or optional or extras or whatever.00:22
jamielennoxthe slow load times was because doing import keystoneclient would import everything ever used00:23
*** EinstCrazy has quit IRC00:23
jamielennoxi think extras, then just namespace that on the [extras] bit00:24
bknudsonjamielennox: can you put up the review to create the extras directory with some docs and I'll rebase mine on that00:25
bknudson?00:25
jamielennoxbknudson: yep00:26
*** mylu has quit IRC00:26
*** mylu has joined #openstack-keystone00:27
openstackgerritRaildo Mascena de Sousa Filho proposed openstack/keystone: Translation-friendly formatting of msg string  https://review.openstack.org/24031600:27
*** jasonsb has quit IRC00:28
*** jasonsb has joined #openstack-keystone00:29
*** mylu has quit IRC00:31
openstackgerritzouyee proposed openstack/keystone: get_user_roles in RoleAssignmentV2 to resolve ProjectNotFound  https://review.openstack.org/23765800:33
*** jasonsb has quit IRC00:33
*** diazjf has joined #openstack-keystone00:40
*** gildub has quit IRC00:42
*** pumaranikar has joined #openstack-keystone00:43
*** su_zhang has quit IRC00:47
openstackgerritJamie Lennox proposed openstack/keystoneauth: Declare an extras directory for plugins  https://review.openstack.org/24105500:50
*** mylu has joined #openstack-keystone00:51
*** zzzeek has quit IRC00:52
*** zzzeek has joined #openstack-keystone00:53
*** mylu has quit IRC00:54
*** phalmos has quit IRC00:55
*** r-daneel has quit IRC00:55
*** mylu has joined #openstack-keystone00:55
*** mylu has quit IRC00:57
*** zzzeek has quit IRC00:59
*** zzzeek has joined #openstack-keystone00:59
*** EinstCrazy has joined #openstack-keystone01:00
*** markvoelker has joined #openstack-keystone01:00
*** mylu has joined #openstack-keystone01:01
*** mylu has quit IRC01:03
*** gyee has quit IRC01:03
*** mylu has joined #openstack-keystone01:03
*** mylu has quit IRC01:04
*** mylu has joined #openstack-keystone01:04
*** markvoelker has quit IRC01:05
*** mylu has quit IRC01:06
*** mylu has joined #openstack-keystone01:06
*** EinstCra_ has joined #openstack-keystone01:09
*** mylu has quit IRC01:11
*** browne has joined #openstack-keystone01:11
*** EinstCr__ has joined #openstack-keystone01:12
*** su_zhang has joined #openstack-keystone01:13
*** EinstCrazy has quit IRC01:13
*** su_zhang has quit IRC01:15
*** EinstCra_ has quit IRC01:16
*** su_zhang has joined #openstack-keystone01:16
*** diazjf has quit IRC01:16
*** mylu has joined #openstack-keystone01:17
*** shaleh has quit IRC01:24
*** jasonsb has joined #openstack-keystone01:25
*** gildub has joined #openstack-keystone01:29
*** diazjf has joined #openstack-keystone01:30
*** csoukup has joined #openstack-keystone01:34
*** su_zhang has quit IRC01:36
*** davechen1 has joined #openstack-keystone01:37
*** jerrygb has joined #openstack-keystone01:38
*** EinstCr__ has quit IRC01:41
*** davechen has joined #openstack-keystone01:47
*** dims has quit IRC01:49
*** davechen1 has quit IRC01:50
*** srl4373 has quit IRC01:56
*** josecastroleon has quit IRC01:57
*** markvoelker has joined #openstack-keystone02:01
*** diazjf1 has joined #openstack-keystone02:03
*** diazjf has quit IRC02:04
*** markvoelker has quit IRC02:06
*** dims has joined #openstack-keystone02:08
openstackgerritMerged openstack/python-keystoneclient: Replace repeated assertion with the loss  https://review.openstack.org/24073802:11
*** dikonoor has joined #openstack-keystone02:21
*** gildub_ has joined #openstack-keystone02:23
*** gildub_ has quit IRC02:32
*** sseago has quit IRC02:38
*** diazjf1 has quit IRC02:39
*** sseago has joined #openstack-keystone02:40
*** gildub has quit IRC02:45
*** markvoelker has joined #openstack-keystone03:02
*** ayoung has joined #openstack-keystone03:07
*** ChanServ sets mode: +v ayoung03:07
*** markvoelker has quit IRC03:07
*** spandhe has quit IRC03:15
*** woodster_ has quit IRC03:19
*** dims has quit IRC03:28
openstackgerritJamie Lennox proposed openstack/keystoneauth: Declare an extras directory for plugins  https://review.openstack.org/24105503:31
openstackgerritJamie Lennox proposed openstack/keystoneauth: SAML2 authentication plugins in keystoneauth  https://review.openstack.org/23854903:31
openstackgerritJamie Lennox proposed openstack/keystoneauth: Split ADFS and SAML2 plugins  https://review.openstack.org/24108103:31
*** The-Kid98 has joined #openstack-keystone03:32
openstackgerritJamie Lennox proposed openstack/keystonemiddleware: Use keystoneauth  https://review.openstack.org/23509003:40
*** The-Kid98 has quit IRC03:41
*** gildub has joined #openstack-keystone03:51
*** btully has quit IRC03:53
*** links has joined #openstack-keystone03:53
*** dikonoor has quit IRC03:54
*** pumaranikar has quit IRC04:07
openstackgerritOpenStack Proposal Bot proposed openstack/keystone: Updated from global requirements  https://review.openstack.org/23901904:30
openstackgerritOpenStack Proposal Bot proposed openstack/python-keystoneclient: Updated from global requirements  https://review.openstack.org/23903904:34
*** mylu has quit IRC04:40
*** btully has joined #openstack-keystone04:41
*** mylu has joined #openstack-keystone04:41
*** mylu has quit IRC04:45
*** btully has quit IRC04:45
*** diazjf has joined #openstack-keystone04:50
*** mylu has joined #openstack-keystone04:51
*** mylu has quit IRC04:53
*** mylu has joined #openstack-keystone04:53
*** mylu has quit IRC04:57
*** nate_gone is now known as njohnston04:58
*** boris-42 has quit IRC04:58
*** markvoelker has joined #openstack-keystone05:03
*** markvoelker has quit IRC05:07
*** flwang has quit IRC05:08
*** akanksha_ has quit IRC05:08
*** spandhe has joined #openstack-keystone05:08
*** sseago has quit IRC05:10
*** njohnston is now known as nate_gone05:10
*** mylu has joined #openstack-keystone05:26
*** ajaya has joined #openstack-keystone05:29
*** btully has joined #openstack-keystone05:29
*** diazjf has quit IRC05:35
*** EinstCrazy has joined #openstack-keystone05:40
*** sileht has joined #openstack-keystone05:40
*** meker12 has quit IRC05:45
*** spandhe has quit IRC05:46
*** jaosorior has joined #openstack-keystone05:46
*** jamielennox is now known as jamielennox|away05:47
*** ajaya has quit IRC05:47
*** mylu has quit IRC05:51
*** EinstCra_ has joined #openstack-keystone05:51
*** mylu has joined #openstack-keystone05:51
*** EinstCrazy has quit IRC05:54
*** sseago has joined #openstack-keystone05:55
*** jamielennox|away is now known as jamielennox05:58
*** ajaya has joined #openstack-keystone06:00
*** abhishekk has joined #openstack-keystone06:01
*** mylu_ has joined #openstack-keystone06:02
*** hrou has quit IRC06:02
*** mylu has quit IRC06:03
openstackgerritOpenStack Proposal Bot proposed openstack/keystone: Imported Translations from Zanata  https://review.openstack.org/23878906:11
*** mflobo has joined #openstack-keystone06:12
*** mylu_ has quit IRC06:13
*** jerrygb has quit IRC06:14
*** jbell8 has quit IRC06:18
*** spandhe has joined #openstack-keystone06:26
*** jaosorior has quit IRC06:32
*** jaosorior has joined #openstack-keystone06:34
*** spandhe has quit IRC06:34
*** spandhe has joined #openstack-keystone06:36
*** openstackstatus has quit IRC06:49
*** nate_gone is now known as njohnston06:49
*** markvoelker has joined #openstack-keystone06:50
*** openstackstatus has joined #openstack-keystone06:50
*** ChanServ sets mode: +v openstackstatus06:50
*** markvoelker has quit IRC06:55
*** njohnston is now known as nate_gone06:58
*** josecastroleon has joined #openstack-keystone07:00
*** flwang has joined #openstack-keystone07:04
*** mflobo has left #openstack-keystone07:05
*** flwang has quit IRC07:08
*** EinstCra_ has quit IRC07:13
*** jerrygb has joined #openstack-keystone07:15
*** boris-42 has joined #openstack-keystone07:18
*** jerrygb has quit IRC07:19
AnticimexI don't see "keystone" among http://lists.openstack.org/cgi-bin/mailman/listinfo - is it hidden or actually non-existant?07:25
jaosoriorAnticimex: non-existant07:28
jaosoriorAnticimex: But this is the one you're interested in http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev07:28
*** jamielennox is now known as jamielennox|away07:29
*** chlong has quit IRC07:31
Anticimexjaosorior: ack, thx, just subscribed07:33
*** tobberydberg has joined #openstack-keystone07:42
*** lsmola has joined #openstack-keystone07:48
*** spandhe has quit IRC07:49
*** spandhe_ has joined #openstack-keystone07:49
*** zigo has quit IRC07:53
*** zigo has joined #openstack-keystone07:55
*** josecastroleon has quit IRC07:58
*** lsmola has quit IRC08:03
*** Ephur has quit IRC08:04
*** csoukup has quit IRC08:10
*** aix has quit IRC08:10
*** tobberyd_ has joined #openstack-keystone08:17
*** btully has quit IRC08:18
*** lsmola has joined #openstack-keystone08:19
*** jbell8 has joined #openstack-keystone08:19
*** tobberydberg has quit IRC08:20
*** spandhe has joined #openstack-keystone08:24
*** jbell8 has quit IRC08:24
*** spandhe_ has quit IRC08:25
*** xek has quit IRC08:28
*** flwang has joined #openstack-keystone08:38
*** ccard has joined #openstack-keystone08:39
*** josecastroleon has joined #openstack-keystone08:39
*** spandhe has quit IRC08:44
*** mhu has quit IRC08:45
*** spandhe has joined #openstack-keystone08:48
*** aix has joined #openstack-keystone08:49
*** btully has joined #openstack-keystone08:51
*** markvoelker has joined #openstack-keystone08:52
*** btully has quit IRC08:56
*** spandhe has quit IRC08:56
*** markvoelker has quit IRC08:56
*** jistr has joined #openstack-keystone09:00
*** fhubik has joined #openstack-keystone09:02
openstackgerritJulien Danjou proposed openstack/keystone: wsgi: fix base_url finding  https://review.openstack.org/22646409:07
*** topol has joined #openstack-keystone09:08
*** ChanServ sets mode: +v topol09:08
*** topol has quit IRC09:13
*** e0ne has joined #openstack-keystone09:15
*** jerrygb has joined #openstack-keystone09:16
*** jerrygb has quit IRC09:21
*** aix has quit IRC09:45
*** pnavarro has joined #openstack-keystone09:50
*** markvoelker has joined #openstack-keystone09:53
*** davechen has left #openstack-keystone09:54
*** aix has joined #openstack-keystone09:57
*** markvoelker has quit IRC09:58
*** aix has quit IRC10:01
*** jamielennox|away is now known as jamielennox10:06
*** aix has joined #openstack-keystone10:06
*** doug-fis_ has joined #openstack-keystone10:09
*** ccard has quit IRC10:12
*** doug-fish has quit IRC10:13
*** nate_gone is now known as njohnston10:25
*** njohnston is now known as nate_gone10:35
*** josecastroleon has quit IRC10:37
*** wanghua_ has quit IRC10:38
*** wanghua_ has joined #openstack-keystone10:39
*** alex_xu has quit IRC10:40
*** alex_xu has joined #openstack-keystone10:44
openstackgerritJamie Lennox proposed openstack/keystoneauth: Split ADFS and SAML2 plugins  https://review.openstack.org/24108110:49
*** josecastroleon has joined #openstack-keystone10:53
*** daemontool has quit IRC10:58
*** daemontool has joined #openstack-keystone10:59
*** fhubik is now known as fhubik_brb11:04
*** csoukup has joined #openstack-keystone11:06
*** markvoelker has joined #openstack-keystone11:09
*** dims has joined #openstack-keystone11:09
*** csoukup has quit IRC11:10
*** nisha has joined #openstack-keystone11:10
*** markvoelker has quit IRC11:13
*** henrynash has quit IRC11:22
*** alex_xu has quit IRC11:24
*** alex_xu has joined #openstack-keystone11:25
*** henrynash has joined #openstack-keystone11:27
*** ChanServ sets mode: +v henrynash11:27
*** jaosorior has quit IRC11:35
*** jamielennox is now known as jamielennox|away11:35
*** jaosorior has joined #openstack-keystone11:35
*** josecastroleon has quit IRC11:36
*** tellesnobrega_af is now known as tellesnobrega11:38
*** henrynash has quit IRC11:42
*** chlong has joined #openstack-keystone11:46
*** fhubik_brb is now known as fhubik11:51
*** nisha has quit IRC11:51
*** henrynash has joined #openstack-keystone11:58
*** ChanServ sets mode: +v henrynash11:58
*** daemontool has quit IRC12:01
*** fhubik is now known as fhubik_brb12:01
*** jerrygb has joined #openstack-keystone12:03
*** jerrygb has quit IRC12:03
*** chlong has quit IRC12:03
*** chlong has joined #openstack-keystone12:04
*** jbell8 has joined #openstack-keystone12:07
*** aix has quit IRC12:07
*** browne has quit IRC12:09
*** markvoelker has joined #openstack-keystone12:09
*** josecastroleon has joined #openstack-keystone12:10
*** jbell8 has quit IRC12:11
*** aix has joined #openstack-keystone12:12
*** nate_gone is now known as njohnston12:14
*** markvoelker has quit IRC12:14
*** fhubik_brb is now known as fhubik12:18
*** njohnston is now known as nate_gone12:24
*** jaosorior has quit IRC12:25
*** jaosorior has joined #openstack-keystone12:26
*** EmilienM has quit IRC12:33
*** EmilienM has joined #openstack-keystone12:36
*** tellesnobrega is now known as tellesnobrega_af12:42
*** tellesnobrega_af is now known as tellesnobrega12:46
*** abhishekk has quit IRC12:55
*** links has quit IRC12:56
*** boris-42 has quit IRC12:58
*** sseago has quit IRC13:00
*** jerrygb has joined #openstack-keystone13:01
*** tellesnobrega is now known as tellesnobrega_af13:03
*** tellesnobrega_af is now known as tellesnobrega13:07
*** pnavarro has quit IRC13:09
*** gordc has joined #openstack-keystone13:12
*** sseago has joined #openstack-keystone13:13
*** josecastroleon has quit IRC13:17
*** sseago has quit IRC13:20
*** sseago has joined #openstack-keystone13:20
*** notmyname_ has joined #openstack-keystone13:21
*** gerhardq1x has joined #openstack-keystone13:22
*** notmyname has quit IRC13:22
*** david8hu has quit IRC13:22
*** gerhardqux has quit IRC13:22
*** notmyname_ is now known as notmyname13:22
*** lsmola has quit IRC13:22
*** gildub has quit IRC13:22
*** jasonsb has quit IRC13:22
*** david8hu has joined #openstack-keystone13:22
*** gildub has joined #openstack-keystone13:22
*** lsmola has joined #openstack-keystone13:22
*** jasonsb has joined #openstack-keystone13:23
*** richm has joined #openstack-keystone13:29
*** edmondsw has joined #openstack-keystone13:31
*** nisha has joined #openstack-keystone13:35
*** topol has joined #openstack-keystone13:43
*** ChanServ sets mode: +v topol13:43
*** topol has quit IRC13:44
*** petertr7_away is now known as petertr713:46
*** josecastroleon has joined #openstack-keystone13:50
*** alejandrito has joined #openstack-keystone13:52
*** raildo-afk is now known as raildo13:55
ajayaHi guys. When I am trying to run unit tests through tox -e py27, it fails.13:56
ajayaistributionNotFound: No distributions at all found for .[ldap,memcache,mongodb]13:56
ajayaThis is the log output.13:57
ajayaAny idea why this is failing?13:58
*** RA_ has joined #openstack-keystone13:58
ajayaayoung ^^13:59
ajayamarekd ^^13:59
ayoungajaya, did you rebuild the venv?  tox -r?14:00
ajayaI just cloned Keystone repo from upstream and ran tox -epy2714:00
ajayaayoung ^^14:01
*** fhubik is now known as fhubik_brb14:01
tjcocozzajaya, did you install the dependencies? http://docs.openstack.org/developer/keystone/devref/development.environment.html#installing-dependencies14:02
ajayaayoung, so I am building the venv for the first time itself.14:02
*** nate_gone is now known as njohnston14:03
tjcocozzajaya, I had the same problem until I did this ^^14:03
*** su_zhang has joined #openstack-keystone14:04
ajayatjcocozz, You are right.  Thanks.14:04
tjcocozzajaya, np14:04
ajayabtw I wonder what is the meaning of this line ".[ldap,memcache,mongodb]" in tox.ini14:05
*** tellesnobrega is now known as tellesnobrega_af14:05
ajayaWould it install python driver for these services?14:05
tjcocozzajaya, I agree it is a very cryptic error. But if I remeber correctly there is another error above that one.14:05
*** jvarlamova_ has joined #openstack-keystone14:05
*** henrynash has quit IRC14:09
ajayatjcocozz, Even after installing dependencies "tox -epy27" fails with same error.14:09
ajayaNo distributions at all found for .[ldap,memcache,mongodb]14:10
ajayaHow do you run unit tests?14:10
*** markvoelker has joined #openstack-keystone14:10
ajayaOne way is to install deps from requirements.txt file and test-requirements.txt file manually and use testr14:11
*** pnavarro has joined #openstack-keystone14:11
*** njohnston is now known as nate_gone14:13
*** jbell8 has joined #openstack-keystone14:14
tjcocozzajaya, Do you have these packages? http://goo.gl/QSd2na14:15
*** markvoelker has quit IRC14:15
ajayaYes I do have those packages.14:16
ajayatjcocozz I think it's due to having a older pip version.14:18
ajayaI have 1.5.4 which comes with trusty.14:18
ajayaMaybe I should upgrade pip.14:18
ajayaThat should solve the problem.14:18
tjcocozzpip install pip14:18
tjcocozzthat is your problem14:18
*** jbell8 has quit IRC14:19
ajayaLet's see if pip install pip works.14:19
tjcocozzpip install pip --upgrade14:20
ajayapip install --upgrade pip14:20
ajayadoes not work.14:20
ajayaNeed to do something else14:20
*** Ephur has joined #openstack-keystone14:24
*** hrou has joined #openstack-keystone14:26
*** su_zhang has quit IRC14:28
*** tellesnobrega_af is now known as tellesnobrega14:31
*** akanksha_ has joined #openstack-keystone14:37
*** RA_ has quit IRC14:41
dstanekajaya: did you get it working yet?14:43
dstanekajaya: make sure you have the latest pbr too14:44
*** e0ne has quit IRC14:48
ajayadstanek, tjcocozz I did that. Still I am not able to run the tests. Here is the log. http://paste.openstack.org/show/477860/14:48
ajayaI mean I installed pbr too.14:48
ajayaSo to summarize I upgraded setuptools, pip, virtualenv and installed tox with apt-get, installed pbr with pip.14:49
dstanekajaya: did you install pbr using the system pip?14:52
ajayanope. Installed it using upgraded pip.14:52
openstackgerritBrant Knudson proposed openstack/keystoneauth: Migrate kerberos plugin  https://review.openstack.org/24045814:52
openstackgerritBrant Knudson proposed openstack/keystoneauth: Correct references in authentication-plugin.rst  https://review.openstack.org/24122914:53
ajayapbr==1.8.114:53
dstanekajaya: but the pip at the system level? as in "sudo pip install -U pbr"?14:53
openstackgerritBrant Knudson proposed openstack/keystoneauth: Correct references in authentication-plugin.rst  https://review.openstack.org/24122914:53
ajayaYes. I ran "sudo pip install pbr"14:54
ajayadstanek ^^14:54
openstackgerritBrant Knudson proposed openstack/keystoneauth: Migrate kerberos plugin  https://review.openstack.org/24045814:55
ajayaLet me run devstack once.14:55
dstanekajaya: can you recreate your env and paste the entire output (command + stdout + stderr)14:56
*** tonytan4ever has joined #openstack-keystone14:58
*** jrist has quit IRC14:59
*** phalmos has joined #openstack-keystone14:59
*** phalmos has quit IRC14:59
mordredbknudson: I know you're just copying stuff in - but I REALLY want to actually code review part of that15:02
*** e0ne has joined #openstack-keystone15:03
*** tellesnobrega is now known as tellesnobrega_af15:03
mordredbknudson: so I'm going to do that - and feel free to ignore me15:04
bknudsonmordred: there's not much to it... for some reason there are more test classes than the plugin.15:05
ajayadstanek, http://paste.openstack.org/show/477863/15:05
ajayaThere was nothing in the err.log file.15:05
bknudsonmaybe I should put all the test code into 1 module.15:06
mordredbknudson: I have made my -115:09
mordredalso - hrm. we have a problem in that repo with cores and company affiliation15:09
*** jrist has joined #openstack-keystone15:09
*** woodster_ has joined #openstack-keystone15:09
mordredif we're going to keep to that as a rule15:09
*** btully has joined #openstack-keystone15:09
bknudsonmordred: keystone is going to get kicked out of openstack if we don't watch it.15:10
mordredbknudson: heh. it's not going to get kicked out - it just may lose the diverse-affiiation tag15:11
mordredbknudson: and no worries - IBM is only  up to 39% of reviews and 35% of commits - that's still pretty diverse compared to the problem projects15:12
*** pumaranikar has joined #openstack-keystone15:12
*** fhubik_brb is now known as fhubik15:12
ajayadstanek, tjcocozz I upgraded tox now and it seems to be running for a while which means it's downloading the deps.15:14
ajayaSo seems like the problem is solved.15:15
tjcocozz\o/15:15
ajayamoral of the story, Upgrade everything you can. :)15:16
*** doug-fis_ has quit IRC15:21
ajayadstanek, Unit tests are running fine now. Thanks for the pbr hint. :)15:21
*** nisha_ has joined #openstack-keystone15:22
*** fhubik is now known as fhubik_brb15:23
*** nisha has quit IRC15:23
*** dims has quit IRC15:24
*** dims has joined #openstack-keystone15:24
*** timcline has joined #openstack-keystone15:26
*** markvoelker has joined #openstack-keystone15:26
dstanekajaya: yw15:29
*** markvoelker has quit IRC15:31
*** csoukup has joined #openstack-keystone15:31
openstackgerritBrant Knudson proposed openstack/keystoneauth: Migrate kerberos plugin  https://review.openstack.org/24045815:36
*** jistr has quit IRC15:37
*** e0ne has quit IRC15:37
*** jvarlamova_ has quit IRC15:37
*** jvarlamova_ has joined #openstack-keystone15:38
openstackgerritgordon chung proposed openstack/pycadf: make generate_uuid return valid uuid  https://review.openstack.org/24097915:38
*** slberger has joined #openstack-keystone15:38
*** HenryG has quit IRC15:40
*** HenryG has joined #openstack-keystone15:41
*** pgbridge has joined #openstack-keystone15:44
*** browne has joined #openstack-keystone15:44
*** nisha_ has quit IRC15:45
*** nisha has joined #openstack-keystone15:46
*** ajaya has quit IRC15:47
samueldmqayoung: is there a concept of admin_domain (for domain operations) ? or is it just an admin project ?15:47
ayoungsamueldmq, I'm going to limit it to admin project.  We are phasing out domain scoped tokens15:47
lbragstaddolphm I was able to talk to mtreinish about this on friday - https://review.openstack.org/#/c/231191/15:49
samueldmqayoung: hmm, didn't we decide to keep domain as it is for now? I mean, we change the way we represent them inside keystone, but the API remains the same15:50
lbragstaddolphm i'm going to propose another ps to move the sleep from the client into the test cases15:50
ayoungsamueldmq, yeah, but we don't need domain scoped tokens for most operations.  We can use project scoped tokens for all15:50
*** nate_gone is now known as njohnston15:52
samueldmqayoung: it's like global admin was breaking both i) isolation between projects/domains (a project admin could touch another projets) and ii) not respecting the difference between domains and projects (touch domain with project scope)15:53
openstackgerritMerged openstack/keystoneauth: Updated from global requirements  https://review.openstack.org/23906815:54
samueldmqayoung: and now we are fixing only i) , since we still allow ii) to happen, by keeping domain operations possible with project scoped tokens15:54
ayoungsamueldmq, so scope from the project should be used for auth, but not for scoping the call.  If the domain doesn't match and it is an admin call, it needs to go through anyway, so, don;'t need admin domain, just projecty15:54
ayoungplus it makes things better for Horizon15:55
*** rderose has joined #openstack-keystone15:55
*** amakarov has joined #openstack-keystone15:55
samueldmqayoung: yeah I understand; wht I wonder is if we should allow 'god mode' from domain tokens as well, besides project tokens15:56
ayoungsamueldmq, nah15:57
samueldmqayoung: would be much similar with waht we hve today, but only constrained to admin project/domain15:57
ayoungwe should not use domain scoped tokens anymore...we can do all we need with project scoped15:57
*** su_zhang has joined #openstack-keystone15:57
samueldmqayoung: kindof, we will still check the domain scoping; but it will be (project_id_matches and project:is_domain) rather than just (domain_id_matches)15:58
ayoungsamueldmq, exactly15:58
*** henrynash has joined #openstack-keystone15:59
*** ChanServ sets mode: +v henrynash15:59
*** phalmos has joined #openstack-keystone15:59
*** petertr7 is now known as petertr7_away16:01
samueldmqayoung: do we expect a domain exclusively for the admin project ? or the admin project can be wherever ?16:01
*** jistr has joined #openstack-keystone16:01
ayoungsamueldmq, gah...can't multitask right now...16:01
*** njohnston is now known as nate_gone16:02
samueldmqayoung: that's okay, can talk later16:02
*** petertr7_away is now known as petertr716:03
*** topol has joined #openstack-keystone16:03
*** ChanServ sets mode: +v topol16:03
*** phalmos has quit IRC16:04
*** fhubik_brb is now known as fhubik16:10
*** tobberyd_ has quit IRC16:11
*** su_zhang has quit IRC16:12
*** petertr7 is now known as petertr7_away16:12
*** dhellmann has quit IRC16:16
*** dhellmann has joined #openstack-keystone16:18
*** petertr7_away is now known as petertr716:19
*** dims_ has joined #openstack-keystone16:24
*** josecastroleon has quit IRC16:24
*** dims has quit IRC16:24
*** kodokuu has joined #openstack-keystone16:25
*** tellesnobrega_af is now known as tellesnobrega16:27
*** ccard has joined #openstack-keystone16:27
*** ajaya has joined #openstack-keystone16:28
openstackgerritMerged openstack/keystone-specs: Improve get project query strings  https://review.openstack.org/23597116:30
*** ninag has joined #openstack-keystone16:30
*** diazjf has joined #openstack-keystone16:30
*** jsavak has joined #openstack-keystone16:31
*** chrisshattuck has joined #openstack-keystone16:33
*** gyee has joined #openstack-keystone16:34
*** ChanServ sets mode: +v gyee16:34
krotscheckbknudson: About https://review.openstack.org/#/c/237062 -> I'm hesitant to add a revert commit of a feature that shipped with liberty, without approval of the replacement. Would you prefer I split this into two patches?16:34
bknudsonkrotscheck: you can mark it a work in progress to keep it from being merged without the follow-on.16:35
openstackgerritHenrique Truta proposed openstack/keystone: Manager support for projects acting as domains  https://review.openstack.org/21344816:37
openstackgerritHenrique Truta proposed openstack/keystone: Add is_domain parameter to get_project_by_name  https://review.openstack.org/21060016:37
*** fhubik is now known as fhubik_brb16:39
*** jbell8 has joined #openstack-keystone16:41
*** markvoelker has joined #openstack-keystone16:45
*** lsmola has quit IRC16:46
*** aix has quit IRC16:48
*** akanksha_ has quit IRC16:48
*** c_soukup has joined #openstack-keystone16:50
*** c_soukup has quit IRC16:51
*** csoukup has quit IRC16:54
*** fhubik_brb is now known as fhubik16:54
*** fhubik is now known as fhubik_brb16:55
openstackgerritgordon chung proposed openstack/keystonemiddleware: use the same context across a request  https://review.openstack.org/21688916:55
*** ryanpetrello has joined #openstack-keystone16:57
ryanpetrelloo/ hey keystone folks16:57
ryanpetrellohas anybody ever asked for the ability to specify tenant uuid at creation time via the REST API?16:57
ryanpetrelloi.e., `tenant create --uuid <something-specific>"16:57
ryanpetrellowhere something specific passes some validation, of course16:57
*** su_zhang has joined #openstack-keystone16:59
*** jbell8 has quit IRC16:59
*** petertr7 is now known as petertr7_away17:00
*** fhubik_brb is now known as fhubik17:01
*** fhubik has quit IRC17:01
ryanpetrelloI suppose instead of "tenant uuid", I should really say "project ID"17:05
ryanpetrelloit looks like keystone just randomly generates this now: https://github.com/openstack/keystone/blob/6f8c99b72e29608bb1ae7b19a97e90db105ae853/keystone/resource/controllers.py#L21717:06
*** jvarlamova_ has quit IRC17:07
*** gordc has quit IRC17:10
*** su_zhang has quit IRC17:10
*** gordc has joined #openstack-keystone17:14
*** csoukup has joined #openstack-keystone17:14
openstackgerrithenry-nash proposed openstack/keystone: Provide storage for new inheritance assignment  https://review.openstack.org/24130117:17
*** nisha has quit IRC17:22
openstackgerrithenry-nash proposed openstack/keystone: Provide storage for new inheritance assignment  https://review.openstack.org/24130117:23
*** henrynash has quit IRC17:25
*** jbell8 has joined #openstack-keystone17:26
*** Ephur has quit IRC17:27
*** rderose has quit IRC17:29
*** phalmos has joined #openstack-keystone17:30
*** jsavak has quit IRC17:35
*** kodokuu has quit IRC17:35
*** jsavak has joined #openstack-keystone17:37
openstackgerritMerged openstack/keystone: Updated from global requirements  https://review.openstack.org/23901917:40
*** pnavarro has quit IRC17:41
*** nate_gone is now known as njohnston17:41
openstackgerritMerged openstack/keystone: I18n safe exceptions  https://review.openstack.org/24027317:43
*** spandhe has joined #openstack-keystone17:44
openstackgerritMichael Krotscheck proposed openstack/keystone: Revert "Added CORS support to Keystone"  https://review.openstack.org/24131617:46
openstackgerritMichael Krotscheck proposed openstack/keystone: Added CORS support to Keystone  https://review.openstack.org/24131717:46
*** hrou has quit IRC17:46
*** tonytan4ever has quit IRC17:48
*** jasonsb has quit IRC17:49
*** njohnston is now known as nate_gone17:50
*** petertr7_away is now known as petertr717:52
*** hrou has joined #openstack-keystone17:52
ayoungryanpetrello, I had one along those lines, for resurrecting a deleted project, but why would you want it?17:53
ryanpetrelloI discussed with you at the summit some of the multi-side stuff we're doing17:54
ryanpetrellowe have an older Juno cluster that can't take advantage of some of the newer stuff17:54
ryanpetrelloand we'd love a setup where the project ID is the same *across* clusters for the same customer17:54
ryanpetrello*right now* our clusters have distinct keystones that have no knowledge of eachother17:55
ryanpetrelloit would *be nice* for us to be able to choose project IDs ourselves without any sort of database level replication stuff17:56
ryanpetrellowent to a few talks at the summit from folks who'd encountered a similar problem and has expressed a desire for this sort of thing, too17:56
*** phalmos has quit IRC17:59
dstanekno meeting today?18:00
ryanpetrelloayoung: looking at the keystone code, it seems like a pretty easy thing to accomplish18:00
ryanpetrelloso I figured I'd gauge interest18:00
lbragstaddstanek not sure, I was just looking18:01
gyeedstanek, not sure18:01
lbragstadlooks like we do18:01
lbragstadwe have items on the agenda18:01
dstanekmaybe Steve forgot about the time change?18:01
lbragstadpossibly18:02
*** su_zhang has joined #openstack-keystone18:02
ayoungryanpetrello, question is just how to make sure it doesn't open up other holes.  Make it a spec and we can discuss18:03
gyeeayoung, rynpetrello, if we do open that up, for the folks who do replication, there would be a chance for conflict right, like two project created in two clusters with the exact same ID18:05
gyeethough the chances are low18:05
*** su_zhang has quit IRC18:07
*** tonytan4ever has joined #openstack-keystone18:07
*** ChanServ sets mode: +o dolphm18:07
*** petertr7 is now known as petertr7_away18:07
*** su_zhang has joined #openstack-keystone18:11
amakarovlbragstad, o/18:20
amakarovlbragstad, can you please give me a link to your rotation script?18:20
lbragstadamakarov o/ rotation or distribution?18:20
lbragstadamakarov this is the rotate + distribution script that osa uses - https://github.com/openstack/openstack-ansible/blob/master/playbooks/roles/os_keystone/templates/keystone-fernet-rotate.sh.j218:21
amakarovlbragstad, rotation18:21
amakarovlbragstad, thank you!18:22
lbragstadamakarov no problem!18:22
openstackgerritgordon chung proposed openstack/keystonemiddleware: use the same context across a request  https://review.openstack.org/21688918:22
*** jsavak has quit IRC18:24
*** jsavak has joined #openstack-keystone18:24
*** jsavak has quit IRC18:28
*** jsavak has joined #openstack-keystone18:30
openstackgerritAlexander Makarov proposed openstack/keystone: Move region configuration to a critical section  https://review.openstack.org/22217318:34
openstackgerritAlexander Makarov proposed openstack/keystone: Move region configuration to a critical section  https://review.openstack.org/22217318:34
*** phalmos has joined #openstack-keystone18:36
openstackgerritHenrique Truta proposed openstack/keystone: Removes project.domain_id FK  https://review.openstack.org/23327418:38
openstackgerritHenrique Truta proposed openstack/keystone: Change project name constraints  https://review.openstack.org/15837218:38
*** jistr has quit IRC18:39
*** mylu has joined #openstack-keystone18:41
*** jasonsb has joined #openstack-keystone18:45
*** mylu has quit IRC18:45
*** rmstar has joined #openstack-keystone18:48
dstanektopol: i have motivation to not mention them....did you see my team?18:48
*** haneef has joined #openstack-keystone18:48
*** rmstar has left #openstack-keystone18:49
*** jasonsb has quit IRC18:49
*** rmstar has joined #openstack-keystone18:49
topoldstanek  :-).. I feel your pain18:50
topoldstanek could be worse.  we could be 49ers fans18:51
dstanektopol: i'm not sure what was worse 25 hours of travel to get home from Tokyo or 3 hours at the Browns stadium18:51
topoldstanek, Doh!!!18:51
topolsorry friend18:52
topoldstanek Austin will be much easier for the next summit18:52
gyeedstanek, do you go to the game with a brown bag over your head?18:53
dstanekgyee: not yet, but after the devastating loss they will suffer this Thursday, I may have to18:54
topoldstanek, dolphm ever goto to defrag?  http://defragcon.com/18:54
dstaneknever heard of it18:55
topolK, Im going for the first time next week.  I figured Tokyo just wasnt enough travel for me18:55
*** shaleh has joined #openstack-keystone18:55
dstanektopol: i've never need a conference that is 75%+ keynotes18:57
dstanekego stroking at its finest!18:58
bknudsondstanek: did johnny football play?19:00
bknudsonI thought he was in trouble for something again19:00
*** ninag has quit IRC19:00
ayoungryanpetrello, I didn;t forget you...just lots of demands for my attention at the moment.19:01
dstanekbknudson: for a second... our QB was visibly hurt most of the game and they still didn't feel he should go it... not a good sign19:01
topoldstanel... interesting. Never been there before.  But will let you know what I experience19:01
dstanekbknudson: i think he'a dud and they don't want to show anyone so they can get decent trade value for him19:01
ayoungI'm not certin if having the project ids in sync is the right approach or not.  with K2K auth, you would start with the local project id, and end up with a token for the remote.  Mapping from one to the other, but not keeping them in sync19:01
dstanektopol: do you have a keynote there?19:01
*** jaosorior has quit IRC19:02
*** ninag has joined #openstack-keystone19:02
topoldstanek, no I'm hosting a cloud huddle which is a bolt on meeting19:02
bknudsonwe should have the keystone midcycle at a swank resort19:02
shalehdid I miss the move of the keystone meeting?19:02
topolshaleh, yes :-)19:02
topoltime change19:03
dstanekshaleh: it didn't move. your local time moved19:03
ayoungryanpetrello, and having two Keystones manage tje same project might be weird.  I could see and admin call to sync, though.19:03
dstanekbknudson: days inn?19:03
shalehso it is noon for PDT?19:03
*** jsavak has quit IRC19:03
ryanpetrelloayoung: our intention at this point is actually exactly that19:03
ryanpetrellotwo have two distinct geographically distant keystones that have no knowledge of eachother19:03
ryanpetrello*to have two19:04
bknudsondstanek: no, like defrag does : http://www.omnihotels.com/hotels/denver-interlocken/meetings/defrag-llc-201519:04
ryanpetrelloour public cloud customers may belong to one or more19:04
*** jasonsb has joined #openstack-keystone19:04
ayoungryanpetrello, post a spec for it.  I suspect K2K is a better fit19:04
ryanpetrellobut we'd like the project ID to be the same in each if they're a member of both19:04
bknudsonI thought san antonio waterfront was pretty swank.19:04
ryanpetrellok2k?19:04
ryanpetrellothe federation stuff?19:04
dstanekshaleh: 18:00 UTC19:04
shalehdstanek: thanks19:04
*** jsavak has joined #openstack-keystone19:05
topolbknudson, Im guessing Imnot using the pool in Nivember... in Colorado19:05
topolbknudson, its not like I grew up in Minnesota19:05
*** ninag_ has joined #openstack-keystone19:05
*** ninag_ has quit IRC19:05
*** ninag_ has joined #openstack-keystone19:05
dstanektopol: you should really give it a try19:05
topolbknudson Im sure November in Colorado feels like summer to you19:06
bknudsonit feels like summer to me today in mn since it's 7019:06
*** ninag has quit IRC19:07
*** ninag_ has quit IRC19:11
*** hrou has quit IRC19:11
*** e0ne has joined #openstack-keystone19:14
*** marzif has joined #openstack-keystone19:17
*** phalmos has quit IRC19:18
*** tobberydberg has joined #openstack-keystone19:18
*** diazjf has quit IRC19:19
*** alejandrito has quit IRC19:21
dolphmtophave not heard of it either19:21
dolphmtopol: ^19:21
*** hrou has joined #openstack-keystone19:21
*** petertr7_away is now known as petertr719:24
*** marzif is now known as daemontool19:25
*** phalmos has joined #openstack-keystone19:26
topoldolphm, k brad19:27
topoldolphm thanks19:27
*** flwang has quit IRC19:27
*** jasonsb has quit IRC19:29
*** nate_gone is now known as njohnston19:29
openstackgerritSean Perry proposed openstack/keystone: Use unit.new_endpoint_ref consistently  https://review.openstack.org/23775819:33
shalehdstanek: I cleaned that patch up like we discussed. Hopefully I reached the right balance.19:34
shalehdstanek: I will update the others soon19:35
openstackgerritSean Perry proposed openstack/keystone: Use unit.new_service_ref() consistently  https://review.openstack.org/23828319:35
*** gordc has quit IRC19:35
openstackgerritSean Perry proposed openstack/keystone: Use unit.new_region_ref() consistently  https://review.openstack.org/23830219:35
andrewbogottayoung: when you have a few minutes can you help advise about my transition away from ldap assignments?  I’ve thought about it enough that I think I have specific questions now.19:36
*** Ephur has joined #openstack-keystone19:36
ayoungandrewbogott, sure.  Fire away19:37
andrewbogottok.  Here’s my outline of before and after, for starters:  https://wikitech.wikimedia.org/wiki/Labs_keystone_roles19:38
andrewbogottNot that you should read all of that :)19:38
andrewbogottSo, my first question is easy:19:38
ayoungshhh Im reading19:38
andrewbogottAre role names at this point pretty much arbitrary, are are there good default roles that I should lean towards?19:38
*** su_zhang has quit IRC19:39
ayoungandrewbogott, we just have admin and Member and _member_19:39
andrewbogottyeah, it’s that Member and _member_ that creeps me out :)19:39
*** jerrygb has quit IRC19:39
*** njohnston is now known as nate_gone19:39
andrewbogottI think that what OS traditionally calls a ‘member’ is what we call ‘projectadmin'19:40
openstackgerritRyan Petrello proposed openstack/keystone-specs: Spec for optional Project ID via the  Project creation API.  https://review.openstack.org/24134619:40
*** jerrygb has joined #openstack-keystone19:40
*** henrynash has joined #openstack-keystone19:41
*** ChanServ sets mode: +v henrynash19:41
*** rderose has joined #openstack-keystone19:41
*** chrisshattuck has quit IRC19:43
*** e0ne has quit IRC19:45
*** jerrygb has quit IRC19:45
*** jasonsb has joined #openstack-keystone19:48
andrewbogottayoung: so, next question… I recall from an earlier conversation that 'Can also add and remove members and assign roles within project’ is somehow hard to implement as part of a role policy.  Is that still true?19:50
ayoungyep19:50
ayoungandrewbogott, we have a plan, but it has not been implemented yet19:50
ayoungandrewbogott, something along the lines of19:51
ayounghttps://review.openstack.org/#/c/240719/19:51
*** petertr7 is now known as petertr7_away19:51
*** petertr7_away is now known as petertr719:52
andrewbogottI don’t understand… doesn’t this fall under create_role/update_role?19:52
andrewbogottOr does the policy decide who can create/delete roles but not who can assign roles?19:53
*** browne has quit IRC19:54
*** jasonsb has quit IRC19:55
ayoungandrewbogott, the problem is that if you can assign any role within a project, you can make anyone admin19:55
*** jasonsb has joined #openstack-keystone19:55
andrewbogottadmin of the project, or admin of the entire cloud?19:55
andrewbogottoh, right, those are the same aren’t they19:55
andrewbogottthat is so strange19:57
andrewbogottI thought that somehow domains were supposed to fix this19:57
*** jerrygb has joined #openstack-keystone19:57
*** rderose has quit IRC19:59
*** gyee has quit IRC20:00
*** gordc has joined #openstack-keystone20:02
andrewbogottayoung: so it sounds like I should introduce a new role (e.g. ‘user’) for my weird case of users who can view things about a project but not change things.  And adopt the existing ‘Member’ role for users who can create/destroy instances.20:03
andrewbogottWhere does _member_ come in?20:03
ayoungobserver20:03
ayoungthat is what most peopel are calling it20:04
andrewbogottah, ok.20:04
andrewbogottso, policy files have a thing called an ‘owner’.    But I can’t make any sense of this:20:04
andrewbogott"owner" : "user_id:%(user_id)s"20:04
andrewbogottThat looks to me like I’m an owner if my user id is my user id.20:05
bknudsonthat's defining a rule20:05
ayoungI didnt write that20:05
*** ninag has joined #openstack-keystone20:06
*** ninag_ has joined #openstack-keystone20:08
*** ninag_ has quit IRC20:08
*** hongbin has joined #openstack-keystone20:09
bknudsonandrewbogott: here's some docs... didn't merge for some reason: https://review.openstack.org/#/c/123862/4/doc/source/configuration.rst20:09
*** ninag has quit IRC20:10
bknudsonhere's the good stuff: http://docs.openstack.org/developer/oslo.policy/api/oslo_policy.html#module-oslo_policy.policy20:10
andrewbogottI think it must just be that I don’t know what it means for an api object to have an owner20:10
*** ninag has joined #openstack-keystone20:10
andrewbogottI understand the syntax but not the intent20:10
bknudsonmaybe the rule needs a better name.20:11
andrewbogottbknudson: for me at least :)20:12
andrewbogottayoung: ok, so, we’ve established that having a cloud-wide admin user is easy (too easy!).  Is creating other cloud-wide roles possible now?  I had the impression that that was somehow a part of domain support, but now I don’t quite follow how that would work.20:13
bknudsonthere's only a few apis that use owner20:14
bknudsonlist_user_projects change_password list_groups_for_user ec2_*20:14
bknudsonthat's in the default policy.json20:15
ayoungandrewbogott, are you in favor of or agains cloud wide admin here?20:15
*** ninag has quit IRC20:15
andrewbogottbknudson: cool, I will ignore for now then :)20:15
andrewbogottayoung: um… both?  I mean, I want users to be able to administrate their own projects.  And /I/ want to be able to administrate all projects.20:16
bknudsonif you give yourself a role on a domain and set the role assignment to be inherited to projects then you can give yourself admin on all projects in the domain20:16
lbragstadfrom a keystone perspective, i think http://governance.openstack.org/reference/tags/assert_follows-standard-deprecation.html looks fine20:17
andrewbogottok, great.  So that’s how I can make a universal observer.20:17
ayoungandrewbogott, admin is not scoped to anything, but all the other APIs are.  If you want a universal observer, write it into the policy file.20:19
andrewbogottayoung: how can the policy file enforce a universal role when roles are bound to projects?20:21
ayoungandrewbogott, roles are bound to projects....BY POLICY!20:21
andrewbogottah!20:21
andrewbogottok then :)20:21
andrewbogottok, time to define some new roles.20:23
andrewbogottand write some backwards-compatibility gui code.  Going to be a long time until we can actually switch to using Horizon :(20:23
*** tonytan4ever has quit IRC20:26
*** erhudy has joined #openstack-keystone20:32
*** slberger has left #openstack-keystone20:46
*** tobberydberg has quit IRC20:50
dstanek... lots of fail ... https://review.openstack.org/#/c/237658/20:50
*** jdennis has quit IRC20:50
hongbinHi, I need a help for one thing. I tried to reduce the token expiration time. I edit the config file /etc/keystone/keystone.conf and restart the key* processes in screen. It seems keystone doesn't pick up the new expiration time. Any idea?20:51
bknudsondstanek: "# COMPAT(essex-3)"20:51
dstanekbknudson: awesome right?20:52
bknudsondstanek: let me dig out my essex-3 devstack and see how it worked.20:52
dstanekbknudson: are you serious?20:52
bknudsonI'm not serious20:53
lbragstadhongbin if you're using devstack the default is apache20:53
lbragstadhongbin sudo service apache2 restart20:53
dstanek:-) i actually thought you may have one hanging around20:53
dstanekbknudson: the current behavior is a 500 - so they want to change it to a 50120:53
hongbinlbragstad: thx. Will give it a try20:54
*** boris-42 has joined #openstack-keystone20:55
*** chrisshattuck has joined #openstack-keystone20:56
*** roxanaghe has quit IRC20:56
*** ajaya has quit IRC20:58
*** topol has quit IRC20:58
*** su_zhang has joined #openstack-keystone21:02
*** hongbin has left #openstack-keystone21:03
*** tonytan4ever has joined #openstack-keystone21:03
*** hockeynut_afk has joined #openstack-keystone21:04
*** jsavak has quit IRC21:06
*** su_zhang has quit IRC21:07
*** jsavak has joined #openstack-keystone21:07
*** roxanaghe has joined #openstack-keystone21:09
*** alex_xu has quit IRC21:10
*** alex_xu has joined #openstack-keystone21:12
*** jimbaker has quit IRC21:14
*** jimbaker has joined #openstack-keystone21:14
*** jimbaker has quit IRC21:15
*** jimbaker has joined #openstack-keystone21:15
* notmorgan lurks a little21:16
notmorgansooooooooooooooooo21:16
*** jerrygb has quit IRC21:16
*** alex_xu has quit IRC21:16
*** gordc has quit IRC21:16
*** slberger has joined #openstack-keystone21:17
*** su_zhang has joined #openstack-keystone21:18
*** nate_gone is now known as njohnston21:18
*** hockeynut_afk has left #openstack-keystone21:19
*** gordc has joined #openstack-keystone21:19
*** flwang has joined #openstack-keystone21:21
*** alex_xu has joined #openstack-keystone21:22
dstanekif you're notmorgan then who are you?21:22
*** mylu has joined #openstack-keystone21:23
*** diazjf has joined #openstack-keystone21:24
*** jamielennox|away is now known as jamielennox21:25
*** jsavak has quit IRC21:28
*** njohnston is now known as nate_gone21:28
notmorgandstanek: defintely notmorgan21:30
notmorganactually... going to make this my permanent nick...21:30
notmorganbecause i seem to have less overlap with notmyname than with mordred21:30
notmorganirc channel wise21:30
notmynameheh21:31
notmorgannotmyname: it's true...21:32
* notmorgan joins #openstack-swift now...21:32
*** jsavak has joined #openstack-keystone21:33
*** su_zhang has quit IRC21:35
*** dims_ has quit IRC21:37
*** su_zhang has joined #openstack-keystone21:38
notmynamenotmorgan: you'll just kill any tab-complete effectiveness for people talking to either of us :-)21:39
openstackgerritSean Perry proposed openstack/keystone: Use unit.new_service_ref() consistently  https://review.openstack.org/23828321:40
notmorgannotmyname: *evilgrin*21:41
notmorgannotmyname: i mean... what? >>21:41
*** gyee has joined #openstack-keystone21:42
*** ChanServ sets mode: +v gyee21:42
openstackgerritSean Perry proposed openstack/keystone: Use unit.new_region_ref() consistently  https://review.openstack.org/23830221:43
*** bandwidth has joined #openstack-keystone21:44
bandwidthcan someone help me with that? : Downloading/unpacking .[ldap,memcache,mongodb] Could not find any downloads that satisfy the requirement .[ldap,memcache,mongodb]21:44
*** nate_gone is now known as njohnston21:45
*** dims has joined #openstack-keystone21:48
*** petertr7 is now known as petertr7_away21:52
*** jsavak has quit IRC21:53
openstackgerritTom Cocozzello proposed openstack/keystone: Validate Distinguished Names  https://review.openstack.org/24100521:53
openstackgerritTom Cocozzello proposed openstack/keystone: Change tests that are setting incorrect Distinguished Names  https://review.openstack.org/24137821:53
*** dims has quit IRC21:54
*** jamielennox is now known as jamielennox|away21:55
*** jsavak has joined #openstack-keystone21:56
*** jsavak has quit IRC22:00
*** mylu has quit IRC22:00
*** mylu has joined #openstack-keystone22:01
*** jsavak has joined #openstack-keystone22:01
*** mylu has quit IRC22:01
*** mylu has joined #openstack-keystone22:02
*** Guest12181 has quit IRC22:03
*** jdennis has joined #openstack-keystone22:04
*** d0ugal has joined #openstack-keystone22:04
*** d0ugal is now known as Guest9855622:04
*** jsavak has quit IRC22:05
*** jsavak has joined #openstack-keystone22:06
*** daemontool has quit IRC22:08
openstackgerritKent Wang proposed openstack/keystone: Support HEAD requests for v2 API  https://review.openstack.org/24138322:09
openstackgerritOlivier Pilotte proposed openstack/keystone: Accepts Group IDs from the IdP without domain  https://review.openstack.org/21058122:10
*** tellesnobrega is now known as tellesnobrega_af22:11
*** mylu has quit IRC22:13
*** mylu has joined #openstack-keystone22:13
*** gordc has quit IRC22:15
*** browne has joined #openstack-keystone22:15
*** daemontool has joined #openstack-keystone22:16
*** timcline has quit IRC22:17
*** jerrygb has joined #openstack-keystone22:17
bknudsonnotmorgan: think we should have the keystone midcycle in LA?22:18
*** RA_ has joined #openstack-keystone22:18
notmorganbknudson: I'd say Bay Area would be better. not much OpenStack (except Cisco? would Cisco sponsor?) folks in LA22:19
notmorganbknudson: i wont be living in LA much longer. LA also has miserable traffic.22:19
notmorganand if you're going to SCaLE you'll be in Pasadena anyway22:20
bknudsontake public transportation22:20
notmorganbknudson: public what?22:20
notmorganthat stuff doesn't really exist here.22:21
notmorgan:P22:21
*** jerrygb has quit IRC22:22
*** roxanaghe has quit IRC22:23
openstackgerritKent Wang proposed openstack/keystone: Add Trusts unique constraint to remove duplicates  https://review.openstack.org/23911422:23
*** mylu has quit IRC22:23
openstackgerritKent Wang proposed openstack/keystone: Add Trusts unique constraint to remove duplicates  https://review.openstack.org/23911422:23
openstackgerritLance Bragstad proposed openstack/keystone: Deprecate the pki and pkiz token providers.  https://review.openstack.org/24138922:24
*** mylu has joined #openstack-keystone22:26
*** diazjf has left #openstack-keystone22:28
*** su_zhang has quit IRC22:29
*** chlong has quit IRC22:31
*** jerrygb has joined #openstack-keystone22:32
*** tellesnobrega_af is now known as tellesnobrega22:32
*** mylu has quit IRC22:33
*** mylu has joined #openstack-keystone22:34
*** jsavak has quit IRC22:38
*** mylu has quit IRC22:38
*** jsavak has joined #openstack-keystone22:39
openstackgerritHenrique Truta proposed openstack/keystone: Removes project.domain_id FK  https://review.openstack.org/23327422:39
openstackgerritHenrique Truta proposed openstack/keystone: Change project name constraints  https://review.openstack.org/15837222:39
*** _cjones_ has quit IRC22:41
*** fangzhou has joined #openstack-keystone22:44
*** csoukup has quit IRC22:50
*** su_zhang has joined #openstack-keystone22:55
*** tonytan4ever has quit IRC22:58
*** jamielennox|away is now known as jamielennox23:00
jamielennoxthis company based approval thing is going to be a PITA23:00
*** jbell8 has quit IRC23:01
jamielennoxayoung, notmorgan: can you have a look at the reviews starting https://review.openstack.org/#/c/236765/23:01
jamielennoxthere's a couple with 2 +2s23:01
openstackgerritBrant Knudson proposed openstack/keystone: More useful message when using direct driver import  https://review.openstack.org/24140323:07
*** jsavak has quit IRC23:15
*** jsavak has joined #openstack-keystone23:15
*** lhcheng has joined #openstack-keystone23:16
*** ChanServ sets mode: +v lhcheng23:16
*** jbell8 has joined #openstack-keystone23:17
gyeebknudson, notmorgan, big blue have an office in San Jose, we can do midcycle there23:19
*** pumaranikar has quit IRC23:20
gyeein sunny, dry, norcal23:20
jamielennoxgyee: can you have a look at https://review.openstack.org/#/c/236765/ and the follow on?23:21
gyeejamielennox, sure, just got back to my desk23:21
gyeegimme a min23:21
*** sileht has quit IRC23:24
samueldmqjamielennox: hey, do you have a minute to talk about v3 only gate/current state ?23:24
jamielennoxsamueldmq: always23:24
samueldmqjamielennox: nice, basically I'd like to know how far we are at this point, and what's missing23:25
jamielennoxsamueldmq: it's passing, but it's only in the experimental gate on devstack23:25
samueldmqjamielennox: I remember you had a chain of patches last cycle ..23:25
samueldmqjamielennox: it's all passing now ?23:25
openstackgerritOlivier Pilotte proposed openstack/keystone: Accepts Group IDs from the IdP without domain  https://review.openstack.org/21058123:25
jamielennoxyep23:25
jamielennoxso we need a way to start pushing it out to other projects23:26
samueldmqjamielennox: omg, nicely done! that's a huge step, congrats :D23:26
jamielennoxand probably remove it from the experimental queue on devstack23:26
*** dims has joined #openstack-keystone23:27
jamielennoxsamueldmq: there is a check experimental at the bottom of https://review.openstack.org/#/c/213430/23:27
jamielennoxgate-tempest-dsvm-neutron-identity-v3-only-full SUCCESS in 50m 05s23:27
samueldmqjamielennox: great! did you have too much trouble to make it happen ?23:28
jamielennoxif you want i think we should promote that to a full devstack voting job23:28
jamielennoxsamueldmq: it took a while :)23:28
samueldmqjamielennox: the last patches I remember were to make roles and things with v3 apis, and we had some trouble with another specific client23:28
samueldmqjamielennox: anyway, it's working now .. everything with sessions ?23:28
*** jasonsb has quit IRC23:29
jamielennoxyep23:29
jamielennoxso it's probably still going to fail with some of the less common services23:29
jamielennoxlike i don't know how to configure ceilometer/sahara/trove etc23:29
samueldmqjamielennox: that's understandable, have it working with the "core" services is a great step already23:30
*** dims has quit IRC23:30
samueldmqjamielennox: do you want me to promote that to the voting pipeline ?23:31
jamielennoxsamueldmq: yea, that would be great23:31
samueldmqjamielennox: or you want to do tht yourself ? (I'm fine either way)23:31
jamielennoxthey might make you promote it from experimental -> non voting -> voting23:31
samueldmq++23:32
samueldmqjamielennox: is that patch needed (https://review.openstack.org/#/c/213430/) to make the gate pass ?23:32
samueldmqjamielennox: I mean, do we need to get that merged before promoting the gate ?23:33
jamielennoxsamueldmq: no it should be fine as is, i just needed a review to run the check on23:33
samueldmqjamielennox: gah, no we don't .. just looked at the commit message23:33
*** chrisshattuck has quit IRC23:33
samueldmqjamielennox: yep, gonna work on this right now23:34
jamielennoxsamueldmq: thanks23:34
samueldmqjamielennox: thanks to you, I just helped with the gate bits :)23:35
*** hrou has quit IRC23:35
*** gildub has quit IRC23:35
*** bandwidth has quit IRC23:36
*** jerrygb has quit IRC23:43
*** roxanaghe has joined #openstack-keystone23:43
*** josecastroleon has joined #openstack-keystone23:44
*** mylu has joined #openstack-keystone23:47
samueldmqjamielennox: actually we can now add the gate job to several projects, right ?23:54
samueldmqjamielennox: does that make sense ? maybe only for the clients ?23:54
jamielennoxsamueldmq: we should be able to add it to at least nova, cinder and those things covered by the devstack job23:54
samueldmqjamielennox: cool, adding it to devstack is definitely the first step, I expect others to not be afraid after that :)23:55
jamielennoxsamueldmq: yep, nova is generally the most difficult after that but worth tackling first as the other projects just blindly accept what nova is doing23:56
samueldmqjamielennox: nice, so nova is going to be next23:56
*** mylu has quit IRC23:59
« Monday, 2015-11-02 Index Wednesday, 2015-11-04 »

Generated by irclog2html.py 2.14.0 by Marius Gedminas - find it at mg.pov.lt!