Tuesday, 2018-02-06

« Monday, 2018-02-05 Index Wednesday, 2018-02-07 »
*** mtreinish has quit IRC00:12
openstackgerritJames E. Blair proposed openstack/keystoneauth master: Zuul: Remove project name  https://review.openstack.org/54108000:19
*** edmondsw has joined #openstack-keystone00:21
*** gongysh has joined #openstack-keystone00:21
*** edmondsw has quit IRC00:25
*** r-daneel has quit IRC00:29
*** mtreinish has joined #openstack-keystone00:37
*** dave-mccowan has joined #openstack-keystone00:42
*** Supun has joined #openstack-keystone00:50
*** gongysh has quit IRC01:09
*** Supun has quit IRC01:23
*** sapd__ has quit IRC02:04
*** sapd has joined #openstack-keystone02:06
*** edmondsw has joined #openstack-keystone02:09
*** itlinux has joined #openstack-keystone02:13
*** edmondsw has quit IRC02:14
*** gongysh has joined #openstack-keystone02:18
*** harlowja has quit IRC02:18
*** markvoelker has joined #openstack-keystone02:22
*** markvoelker has quit IRC02:24
*** markvoelker has joined #openstack-keystone02:31
*** itlinux has quit IRC02:43
*** dave-mccowan has quit IRC02:48
*** markvoelker has quit IRC02:56
*** markvoelker has joined #openstack-keystone02:59
*** dave-mccowan has joined #openstack-keystone03:09
*** markvoelker has quit IRC03:11
*** markvoelker has joined #openstack-keystone03:14
*** d0ugal_ has joined #openstack-keystone03:16
*** d0ugal has quit IRC03:19
*** markvoelker has quit IRC03:25
*** gyee has quit IRC03:29
*** markvoelker has joined #openstack-keystone03:30
*** dave-mccowan has quit IRC03:33
*** gongysh has quit IRC03:33
*** markvoelker has quit IRC03:42
*** edmondsw has joined #openstack-keystone03:58
*** abhi89 has joined #openstack-keystone03:58
*** gongysh has joined #openstack-keystone04:01
*** edmondsw has quit IRC04:02
*** gongysh has quit IRC04:11
*** gongysh has joined #openstack-keystone04:14
*** gongysh has quit IRC04:30
*** harlowja has joined #openstack-keystone04:46
*** zhurong has quit IRC05:07
*** harlowja has quit IRC05:11
*** links has joined #openstack-keystone05:12
*** itlinux has joined #openstack-keystone05:17
*** gongysh has joined #openstack-keystone05:19
vish_18lbragstad: thanks05:24
*** daidv has quit IRC05:26
*** edmondsw has joined #openstack-keystone05:46
*** edmondsw has quit IRC05:50
*** itlinux has quit IRC05:55
*** d0ugal_ has quit IRC06:14
*** d0ugal_ has joined #openstack-keystone06:23
*** threestrands has quit IRC06:40
openstackgerritOpenStack Proposal Bot proposed openstack/keystone master: Imported Translations from Zanata  https://review.openstack.org/54058306:47
*** josecastroleon has quit IRC07:08
*** zhurong has joined #openstack-keystone07:09
*** AlexeyAbashkin has joined #openstack-keystone07:32
*** martinus__ has joined #openstack-keystone07:34
*** rcernin has quit IRC07:37
*** AlexeyAbashkin has quit IRC07:39
*** bhagyashris has quit IRC07:42
*** AlexeyAbashkin has joined #openstack-keystone07:48
*** StefanPaetowJisc has joined #openstack-keystone08:04
*** StefanPaetowJisc has quit IRC08:14
*** pcaruana has joined #openstack-keystone08:14
*** StefanPaetowJisc has joined #openstack-keystone08:17
*** tesseract has joined #openstack-keystone08:22
*** bhagyashris has joined #openstack-keystone08:25
*** StefanPaetowJisc has quit IRC08:27
*** zhurong has quit IRC08:38
*** StefanPaetowJisc has joined #openstack-keystone08:47
*** frti has joined #openstack-keystone08:48
*** Suramya has joined #openstack-keystone08:49
*** gongysh has quit IRC08:53
*** d0ugal_ has quit IRC08:57
*** d0ugal has joined #openstack-keystone08:57
*** d0ugal has quit IRC08:57
*** d0ugal has joined #openstack-keystone08:57
*** StefanPaetowJisc has quit IRC09:02
*** zhurong has joined #openstack-keystone09:02
*** gongysh has joined #openstack-keystone09:04
*** threestrands has joined #openstack-keystone09:06
*** jaosorior has quit IRC09:06
*** StefanPaetowJisc has joined #openstack-keystone09:17
*** threestrands has quit IRC09:21
*** frti_ has joined #openstack-keystone09:21
*** edmondsw has joined #openstack-keystone09:22
*** wxy has quit IRC09:22
*** frti_ has quit IRC09:25
*** frti has quit IRC09:25
*** edmondsw has quit IRC09:27
*** hoonetorg has quit IRC09:28
*** jaosorior has joined #openstack-keystone09:29
*** hoonetorg has joined #openstack-keystone09:41
*** StefanPaetowJisc has quit IRC09:56
*** StefanPaetowJisc has joined #openstack-keystone09:57
*** StefanPaetowJisc has quit IRC10:00
*** StefanPaetowJisc has joined #openstack-keystone10:02
*** amrith has left #openstack-keystone10:04
*** StefanPaetowJisc has quit IRC10:05
*** StefanPaetowJisc has joined #openstack-keystone10:08
vish_18cmurphy: As I am new to keystone.10:23
*** StefanPaetowJisc has quit IRC10:23
vish_18cmurphy: in this bug https://review.openstack.org/#/c/537322/10:24
vish_18cmurphy: can you help for the solution10:24
vish_18cmurphy: I also had a query... do keystone maintains any list of valid drivers that can be used as backend?10:25
-openstackstatus- NOTICE: Our Zuul infrastructure is currently experiencing some problems and processing jobs very slowly, we're investigating. Please do not approve or recheck changes for now.10:30
*** StefanPaetowJisc has joined #openstack-keystone10:32
*** dtruong has quit IRC10:35
*** StefanPaetowJisc has quit IRC10:35
*** dtruong has joined #openstack-keystone10:35
cmurphyvish_18: no we don't maintain a list of external drivers, we only know about the ones we maintain in-tree10:38
cmurphyvish_18: if there a new bug open for https://review.openstack.org/#/c/537322/ ? i would try to solve that first10:39
cmurphys/if/is10:39
vish_18cmurphy: should I lock a new bug for this?10:44
*** sambetts|afk is now known as sambetts10:54
*** edmondsw has joined #openstack-keystone11:10
*** edmondsw has quit IRC11:15
*** StefanPaetowJisc has joined #openstack-keystone11:18
*** StefanPaetowJisc has quit IRC11:23
*** StefanPaetowJisc has joined #openstack-keystone11:25
*** nicolasbock has joined #openstack-keystone11:26
*** StefanPaetowJisc has quit IRC11:29
cmurphyvish_18: you can create a new one or we could consider it the same bug and use Partial-Bug in the commit messages to track it, my only point in my comment on the patch is that we shouldn't say Closes-Bug yet because the original bug is not reproduceable right now, the new issue needs to be resolved first11:31
*** StefanPaetowJisc has joined #openstack-keystone11:37
*** StefanPaetowJisc has quit IRC11:38
*** links has quit IRC11:41
*** raildo has joined #openstack-keystone11:48
*** links has joined #openstack-keystone11:54
*** gongysh has quit IRC11:57
*** abhi89 has quit IRC11:57
*** Supun has joined #openstack-keystone11:57
*** abhi89 has joined #openstack-keystone12:24
*** StefanPaetowJisc has joined #openstack-keystone12:39
*** gongysh has joined #openstack-keystone12:54
*** links has quit IRC12:55
*** takamatsu has joined #openstack-keystone12:56
*** AlexeyAbashkin has quit IRC12:59
*** zhurong_ has joined #openstack-keystone13:01
*** AlexeyAbashkin has joined #openstack-keystone13:01
*** abhi89 has quit IRC13:05
*** abhi89 has joined #openstack-keystone13:06
*** zhurong has quit IRC13:08
*** links has joined #openstack-keystone13:08
*** edmondsw has joined #openstack-keystone13:13
*** jaosorior has quit IRC13:23
*** AlexeyAbashkin has quit IRC13:25
*** Supun has quit IRC13:27
*** AlexeyAbashkin has joined #openstack-keystone13:27
*** Supun has joined #openstack-keystone13:28
*** dave-mccowan has joined #openstack-keystone13:30
*** dave-mcc_ has joined #openstack-keystone13:34
*** StefanPaetowJisc has quit IRC13:34
*** dave-mccowan has quit IRC13:35
*** abhi89 has quit IRC13:38
*** AlexeyAbashkin has quit IRC13:38
*** StefanPaetowJisc has joined #openstack-keystone13:39
*** zhurong_ has quit IRC13:52
*** jmlowe has quit IRC13:55
*** jaosorior has joined #openstack-keystone14:04
*** jrist has quit IRC14:11
*** jrist has joined #openstack-keystone14:12
*** StefanPaetowJisc has quit IRC14:15
*** david-lyle has quit IRC14:34
*** AlexeyAbashkin has joined #openstack-keystone14:35
*** links has quit IRC14:38
*** StefanPaetowJisc has joined #openstack-keystone14:38
*** abhi89 has joined #openstack-keystone14:38
*** spilla has joined #openstack-keystone14:42
*** abhi89 has quit IRC14:43
*** abhi89 has joined #openstack-keystone14:44
*** abhi89 has quit IRC14:49
*** jmlowe has joined #openstack-keystone14:57
*** StefanPaetowJisc has quit IRC15:00
*** StefanPaetowJisc has joined #openstack-keystone15:00
*** Supun has quit IRC15:08
*** mnaser has quit IRC15:11
*** ayoung has joined #openstack-keystone15:11
*** mnaser has joined #openstack-keystone15:12
openstackgerritSuramya proposed openstack/keystone master: Reorganize api-ref: v3-ext trust.inc  https://review.openstack.org/53177215:17
*** hrybacki has quit IRC15:19
*** hrybacki has joined #openstack-keystone15:19
lbragstadSuramya: i opened a bug - https://bugs.launchpad.net/keystone/+bug/174769415:23
openstackLaunchpad bug 1747694 in OpenStack Identity (keystone) "Trust documentation lists support for paging" [Undecided,New]15:23
lbragstadi wasn't able to get those query strings to work15:23
cmurphyhaha i was just about to comment on that15:23
cmurphyit's not supported at all, must have been copied from somewhere else15:23
lbragstadother APIs in keystone don't support paging either, so i think we're safe to remove query parameters15:24
lbragstadi agree cmurphy, it must have been bad copy/pasta15:24
Suramyalbragstad: cmurphy: I see :D, updating the patchset.15:25
cmurphythanks!15:26
lbragstadSuramya: if you want to put Closes-Bug: 1747694 in the commit message, it'll take care of that bug, too15:30
openstackbug 1747694 in OpenStack Identity (keystone) "Trust documentation lists support for paging" [Medium,Confirmed] https://launchpad.net/bugs/174769415:30
*** StefanPaetowJisc has quit IRC15:31
sjmc7hi all. i have a question about federated mapping rules. the docs state that the first rule matched gets returned, but does that mean that if a user is in multiple groups it’s not possible to have that result in a different role grant for each group?15:34
Suramyalbragstad: yes ack15:34
openstackgerritSuramya proposed openstack/keystone master: Reorganize api-ref: v3-ext trust.inc  https://review.openstack.org/53177215:34
*** ayoung has quit IRC15:35
*** StefanPaetowJisc has joined #openstack-keystone15:38
*** med_ has quit IRC15:38
*** Supun has joined #openstack-keystone15:39
cmurphysjmc7: you can use the 'whitelist' condition to match multiple groups15:42
cmurphyusers don't have roles in groups so you wouldn't need to create different role grants for them15:42
sjmc7but i can have a user end up in multiple groups?15:43
*** Supun has quit IRC15:44
sjmc7so if my user’s SAML claims indicate two groups A and B, if i have two mapping rules, one whitelisting A and one B, won’t keystone just match the frst and stop?15:44
openstackgerritSuramya proposed openstack/keystone master: Reorganize api-ref: v3-ext trust.inc  https://review.openstack.org/53177215:45
cmurphysjmc7: check the third example down from this section https://docs.openstack.org/keystone/latest/advanced-topics/federation/federated_identity.html#mappings-examples where it has <other_condition> [ ] you would have "whitelist" as the other condition and the group names in the list, then in your "groups": "{N}" part of the local rules that should end up expanding into multiple groups, one for each15:45
cmurphymatch15:46
sjmc7multiple groups doesn’t seem to work15:46
sjmc7it ends up as a group named ‘[“A”, “B”]’15:46
sjmc7i found a related bug report last week that indicated only group_ids supported multiple values15:47
sjmc7one sec15:47
sjmc7https://bugs.launchpad.net/keystone/+bug/157536815:47
openstackLaunchpad bug 1575368 in OpenStack Identity (keystone) "Federation Unable to handle multiple groups" [Undecided,Invalid]15:47
sjmc7suggestion was to use group_id but that only works if you have the IDs15:47
sjmc7that is an old bug but i seem to still be getting the behavior15:48
*** david-lyle has joined #openstack-keystone15:51
cmurphy:(15:51
*** pcaruana has quit IRC15:51
*** samueldmq has quit IRC15:52
cmurphyi would not have expected it to work that way for names, i feel like that's a bug15:52
*** samueldmq has joined #openstack-keystone15:52
*** StefanPaetowJisc has quit IRC15:52
sjmc7i had a quick look at the code friday and it looked like for a “group” element it’s trying to find a single one (versus group_ids which is explicitly many but does no lookup)15:53
openstackgerritSuramya proposed openstack/keystone master: Reorganize api-ref: v3-ext trust.inc  https://review.openstack.org/53177215:53
sjmc7which i guess makes sense since the domain might not be the same across all of them, though it does make it a bit inconvenient15:54
*** StefanPaetowJisc has joined #openstack-keystone15:55
cmurphyseems incompatible with the point of having a whitelist condition, we should fix it15:56
sjmc7ok. i was also getting errors for groups that weren’t matched (so i had to whitelist to only those i knew existed); my expectation was that unknown group assertions would have been ignored15:58
sjmc7that’s not such a big deal as whitelisting all the ones i know about isn’t that onerous but i wasn’t clear why that was the case15:59
sjmc7should i add a comment on that bug asking if there’s any chance to get someone to look at it?15:59
sjmc7there’s a comment on there that it isn’t really a bug at all which i guess is why it was marked invalid16:00
*** r-daneel has joined #openstack-keystone16:01
cmurphysjmc7: i think i might suggest filing a new bug saying this is about group names, you can reference the old bug from it16:04
cmurphyidk lbragstad ^16:05
*** jaosorior has quit IRC16:06
lbragstadcmurphy: that sounds reasonable16:07
sjmc7ok, thanks16:14
*** wlmbasson has quit IRC16:15
*** gmann has quit IRC16:33
*** gmann has joined #openstack-keystone16:33
openstackgerritColleen Murphy proposed openstack/keystone master: Drop domain id foreign key from user table  https://review.openstack.org/53934716:33
*** itlinux has joined #openstack-keystone16:34
*** brad[] has quit IRC16:45
knikollao/16:50
*** jmlowe has quit IRC16:53
*** jmlowe has joined #openstack-keystone16:53
*** StefanPaetowJisc has quit IRC17:01
*** gongysh has quit IRC17:02
*** gyee has joined #openstack-keystone17:02
*** gongysh has joined #openstack-keystone17:06
*** gongysh has quit IRC17:08
knikollalbragstad: here? quick q17:17
*** r-daneel has quit IRC17:22
*** r-daneel has joined #openstack-keystone17:22
*** AlexeyAbashkin has quit IRC17:25
*** AlexeyAbashkin has joined #openstack-keystone17:25
*** vish_18 has quit IRC17:25
*** spilla has quit IRC17:27
*** AlexeyAbashkin has quit IRC17:29
*** mtreinish has quit IRC17:43
*** spilla has joined #openstack-keystone17:46
*** mtreinish has joined #openstack-keystone17:50
*** jose-phillips has left #openstack-keystone17:51
lbragstadknikolla: sure - what's up?17:53
knikollalbragstad: for https://bugs.launchpad.net/keystone/+bug/1658641 i'm redoing it to add two new args to the mapping_purge command, --only-invalid and --remove-assignments17:55
openstackLaunchpad bug 1658641 in OpenStack Identity (keystone) "Moving/disabling LDAP users break Keystone queries depending on role ID" [Medium,In progress] - Assigned to Kristi Nikolla (knikolla)17:55
knikollaand have the mapping backend return the list of purged ids, so that i can do the removal from keystone-manage rather than identity driver17:55
knikollajust getting early feedback so that i don't go too far in the wrong direction17:56
lbragstadknikolla: that seems sane..17:56
lbragstadare the APIs you're adding to the mapping backend going to be internal only?17:57
knikollano new apis added. the only change is in the mapping driver/backend, which will return the (entitytype, public_id) of the purged mappings.17:57
knikollathe others are keystone-manage commands which use that.17:57
knikollaand remove assignments based on the returned list.17:58
lbragstadok - yeah, that seems ok17:58
lbragstadi don't see any red flags with that17:59
lbragstadit's not adding an end user API17:59
knikollalbragstad: yup. i don't feel comfortable adding the functionality to remove assignments without a new command. since while mappings are regeneratable, assignments are not.18:00
knikollahence, --only-invalid --remove-assignments combination of commands.18:00
*** tesseract has quit IRC18:00
*** sambetts is now known as sambetts|afk18:01
*** david-lyle has quit IRC18:20
*** brad[] has joined #openstack-keystone18:21
*** brad[] has quit IRC18:34
*** harlowja has joined #openstack-keystone18:35
*** jessegler has joined #openstack-keystone18:40
*** gmann has quit IRC18:43
*** ayoung has joined #openstack-keystone18:46
*** brad[] has joined #openstack-keystone18:46
*** AlexeyAbashkin has joined #openstack-keystone19:00
lbragstad#startmeeting keystone19:00
openstackMeeting started Tue Feb  6 19:00:27 2018 UTC and is due to finish in 60 minutes.  The chair is lbragstad. Information about MeetBot at http://wiki.debian.org/MeetBot.19:00
openstackUseful Commands: #action #agreed #help #info #idea #link #topic #startvote.19:00
*** openstack changes topic to " (Meeting topic: keystone)"19:00
*** ChanServ changes topic to "Queens release schedule: https://releases.openstack.org/queens/schedule.html | Meeting agenda: https://etherpad.openstack.org/p/keystone-weekly-meeting | Bugs that need triaging: http://bit.ly/2iJuN1h | Trello: https://trello.com/b/5F0h9Hoe/keystone"19:00
openstackThe meeting name has been set to 'keystone'19:00
cmurphylbragstad: i think you started with the wrong meeting name19:01
*** ayoung has quit IRC19:06
*** r-daneel_ has joined #openstack-keystone19:08
*** david-lyle has joined #openstack-keystone19:08
*** david-lyle has quit IRC19:08
*** david-lyle has joined #openstack-keystone19:09
*** r-daneel has quit IRC19:09
*** r-daneel_ is now known as r-daneel19:09
lbragstadbah...19:19
lbragstad#endmeeting keystone19:19
*** openstack changes topic to "Queens release schedule: https://releases.openstack.org/queens/schedule.html | Meeting agenda: https://etherpad.openstack.org/p/keystone-weekly-meeting | Bugs that need triaging: http://bit.ly/2iJuN1h | Trello: https://trello.com/b/5F0h9Hoe/keystone"19:19
openstackMeeting ended Tue Feb  6 19:19:34 2018 UTC.  Information about MeetBot at http://wiki.debian.org/MeetBot . (v 0.1.4)19:19
openstackMinutes:        http://eavesdrop.openstack.org/meetings/keystone/2018/keystone.2018-02-06-19.00.html19:19
openstackMinutes (text): http://eavesdrop.openstack.org/meetings/keystone/2018/keystone.2018-02-06-19.00.txt19:19
openstackLog:            http://eavesdrop.openstack.org/meetings/keystone/2018/keystone.2018-02-06-19.00.log.html19:19
lbragstad#startmeeting keystone-office-hours19:19
openstackMeeting started Tue Feb  6 19:19:41 2018 UTC and is due to finish in 60 minutes.  The chair is lbragstad. Information about MeetBot at http://wiki.debian.org/MeetBot.19:19
openstackUseful Commands: #action #agreed #help #info #idea #link #topic #startvote.19:19
*** openstack changes topic to " (Meeting topic: keystone-office-hours)"19:19
*** ChanServ changes topic to "Queens release schedule: https://releases.openstack.org/queens/schedule.html | Meeting agenda: https://etherpad.openstack.org/p/keystone-weekly-meeting | Bugs that need triaging: http://bit.ly/2iJuN1h | Trello: https://trello.com/b/5F0h9Hoe/keystone"19:19
openstackThe meeting name has been set to 'keystone_office_hours'19:19
lbragstadsorry about that19:19
cmurphylol19:19
gagehugo:)19:20
lbragstadcmurphy: https://review.openstack.org/#/c/529914/ looks ok to me, but it'd be good to get your feedback on it whenever you have a minute19:51
cmurphylbragstad: yeah i'm looking at it now19:52
lbragstadwunderbar19:55
openstackgerritEric Fried proposed openstack/keystoneauth master: DNM: Debug nova-next failure: user headers  https://review.openstack.org/54142519:57
openstackgerritEric Fried proposed openstack/keystoneauth master: DNM: Debug nova-next failure: invalidate  https://review.openstack.org/54142920:02
openstackgerritEric Fried proposed openstack/keystoneauth master: DNM: Debug nova-next failure: connection params  https://review.openstack.org/54143120:04
lbragstadkmalloc: https://review.openstack.org/#/c/541074/ finishes up the self.<api> refactor in tests20:08
lbragstadhttps://review.openstack.org/#/c/531915/ closes a bug, too20:10
*** r-daneel_ has joined #openstack-keystone20:16
*** r-daneel has quit IRC20:17
*** r-daneel_ is now known as r-daneel20:17
*** Exhar has joined #openstack-keystone20:23
*** jessegler has quit IRC20:28
*** raildo has quit IRC20:40
kmalloclbragstad: sorry missed the meeting, was picking up Brie from the airport20:53
lbragstadno worries20:53
cmurphylbragstad: +2 but with comments, maybe knikolla could take a look? https://review.openstack.org/#/c/529914/20:54
*** takamatsu has quit IRC21:01
kmalloclbragstad: +2/+A on both of those 1074 and 191521:01
lbragstadfantastic21:01
lbragstadquick question21:04
lbragstadour install guide goes through port 3535721:04
lbragstadand does the install based on that port21:04
lbragstadthoughts on rewriting the install guide to use uwsgi + apache instead?21:05
lbragstadand ProxyPass?21:05
lbragstadso something like this for uwsgi https://github.com/openstack/openstack-ansible-os_keystone/blob/master/templates/keystone-uwsgi.ini.j2 and something like this for apache https://github.com/openstack/openstack-ansible-os_keystone/blob/master/templates/keystone-httpd.conf.j2#L109-L110 ?21:06
cmurphy+1 but you might need to coordinate with distros who are shipping default vhost files21:07
lbragstadwith the removal of v2.0, we don't actually need both ports21:07
lbragstadyeah - that's a good point21:08
gagehugoso just 5000?21:09
lbragstadwell - it could be up to the deployers discretion21:10
lbragstadbecause the port would only get used in the ProxyPass statement in apache configuration21:10
lbragstadapache would be doing something like `ProxyPass /identity uwsgi://127.0.0.1:5000/`21:10
lbragstador `ProxyPass /identity uwsgi://127.0.0.1:8443/`21:11
lbragstadand uwsgi would be running keystone on that port21:12
lbragstadbut you could also specify that port in apache, too i suppose21:13
lbragstadhttps://github.com/openstack/openstack-ansible-os_keystone/blob/master/templates/keystone-httpd.conf.j2#L71-L7221:13
lbragstadkinda like what osa does ^21:13
gagehugoyea21:14
lbragstadso you could specify http:$CONTROLLER_IP:5000/identity21:15
lbragstadwait - actually21:15
lbragstadit would be http://$CONTROLLER_IP/identity21:15
lbragstadwhich would route to uwsgi internally on port 500021:16
lbragstadif i'm understand the apache config correctly21:16
openstackgerritLance Bragstad proposed openstack/keystone master: Update sample configuration file for Queens  https://review.openstack.org/54144721:20
*** AlexeyAbashkin has quit IRC21:21
openstackgerritKristi Nikolla proposed openstack/keystone master: WIP - Add opts --only-invalid and --remove-assignment for mapping_purge  https://review.openstack.org/48757921:30
openstackgerritKristi Nikolla proposed openstack/keystone master: WIP - Add opts --invalid and --assignments for mapping_purge  https://review.openstack.org/48757921:31
*** threestrands has joined #openstack-keystone21:32
*** threestrands has quit IRC21:32
*** threestrands has joined #openstack-keystone21:32
*** Suramya has quit IRC21:33
*** jessegler has joined #openstack-keystone21:37
*** dave-mcc_ has quit IRC21:41
lbragstadcmurphy: do you know who maintains the package files for suse?21:42
cmurphylbragstad: yes21:42
*** jmlowe has quit IRC21:42
cmurphymy team21:42
cmurphycan def help there21:43
lbragstadsweet21:43
lbragstadi kinda went down a rabbit hole looking for the debian packagers21:43
lbragstadhttps://github.com/openstack/deb-keystone21:43
lbragstadi think that's where they used to be21:43
* lbragstad wonders if hrybacki knows who maintains the redhat package files for keystone21:44
gagehugolol21:44
cmurphyi think the debian packages moved off of openstack infra21:44
cmurphybut we don't have docs for debian anyways, need to engage the ubuntu people21:45
gagehugothink the raspbian package for keystone is icehouse21:45
cmurphylol21:45
lbragstadnice21:45
lbragstadget it while it's hot21:45
hrybackioh jeez, ayoung might still be in charge of them? I'm sure that falls on my team however21:46
lbragstadcmurphy: this looks like the right ubuntu team? https://wiki.openstack.org/wiki/Packaging/Ubuntu21:47
cmurphyhrybacki: it's not just using delorean?21:47
cmurphylbragstad: yeah that looks right?21:48
hrybackicmurphy: I know that's involved but I'm not sure what's pushing the last leg of that (RDO->OSP) The pipeline is kind of confusing21:48
hrybackis/kind of//21:49
cmurphylbragstad: btw we're crunching to get a huge release out the door this month so i'm not going to want to propose major changes to the keystone package till march21:49
lbragstadack21:50
*** itlinux has quit IRC21:50
lbragstadso - even though we don't include v2.0 in Queens, you think we should push of refactoring the entire install guide to include uwsgi + apache on a single port until later/21:50
cmurphyah actually scratch that, our release is based on pike so i can probably do whatever with the queens packages21:51
lbragstadok21:52
lbragstadcool21:52
lbragstadi was thinking it would be nice to have the install guide reflect the removal of v2.021:54
lbragstadi'm just wondering if it will be too late for that21:54
lbragstadi kinda spaced on the whole default package files thing...21:54
*** itlinux has joined #openstack-keystone21:54
lbragstadand how that is not controlled in our repository21:55
hrybackilots of moving parts to juggle22:04
openstackgerritColleen Murphy proposed openstack/keystone master: Remove all v2.0 APIs except the ec2tokens API  https://review.openstack.org/54014122:14
*** openstackgerrit has quit IRC22:16
*** openstackgerrit has joined #openstack-keystone22:19
openstackgerritLance Bragstad proposed openstack/keystone master: Remove v2 and v2-admin API documentation  https://review.openstack.org/54052922:19
openstackgerritLance Bragstad proposed openstack/keystone master: Update curl request documentation to remove v2.0  https://review.openstack.org/53934222:19
openstackgerritLance Bragstad proposed openstack/keystone master: Remove v2.0 extension documentation  https://review.openstack.org/54052522:19
openstackgerritLance Bragstad proposed openstack/keystone master: Remove v2.0 from documentation guides  https://review.openstack.org/54049922:19
cmurphyoops sorry :(22:21
lbragstadcmurphy: you're good - thanks for fixing that22:22
lbragstadgetting some information on the ubuntu packages http://paste.openstack.org/show/664081/22:24
lbragstad^ because they don't have logging on that channel22:24
lbragstadbut the TL;DR is that it is here - https://git.launchpad.net/~ubuntu-server-dev/ubuntu/+source/keystone/tree/debian/keystone.conf22:24
*** jmlowe has joined #openstack-keystone22:28
cmurphylbragstad: we still have this in ksm http://git.openstack.org/cgit/openstack/keystonemiddleware/tree/keystonemiddleware/auth_token/_auth.py#n66 :( we should probably fix that22:28
*** rcernin has joined #openstack-keystone22:28
lbragstadyeah... we have a card for all that https://trello.com/c/rP53zMgc/16-remove-v20-api-support-from-libraries22:29
lbragstadcmurphy: that can be fixed in rocky, yeah?22:33
*** martinus__ has quit IRC22:37
*** edmondsw has quit IRC22:37
*** edmondsw has joined #openstack-keystone22:38
cmurphylbragstad: yeah i guess? some people are going to have broken paste configs and it's not going to be clear why22:38
cmurphyhttp://git.openstack.org/cgit/openstack/keystonemiddleware/tree/keystonemiddleware/auth_token/__init__.py#n88922:38
cmurphyi think this is what broke tripleo's CI, someone might think they're all converted to v3 but the weirdness in ksm's auth plugin handler can trick you22:40
*** edmondsw has quit IRC22:42
lbragstadhmm22:43
lbragstadif we were go to a single port with package installs, would there be a recommended port to listen on?22:43
lbragstad35357 or 5000?22:43
cmurphy80/443 :)22:44
lbragstad++22:45
lbragstadfull conversation from #openstack-pkg http://paste.openstack.org/show/664112/22:47
lbragstadlooks like we'll get some assistance from the ubuntu folks!22:47
*** itlinux has quit IRC22:53
*** spilla has quit IRC23:05
cmurphy#endmeeting23:07
*** openstack changes topic to "Queens release schedule: https://releases.openstack.org/queens/schedule.html | Meeting agenda: https://etherpad.openstack.org/p/keystone-weekly-meeting | Bugs that need triaging: http://bit.ly/2iJuN1h | Trello: https://trello.com/b/5F0h9Hoe/keystone"23:07
openstackMeeting ended Tue Feb  6 23:07:22 2018 UTC.  Information about MeetBot at http://wiki.debian.org/MeetBot . (v 0.1.4)23:07
openstackMinutes:        http://eavesdrop.openstack.org/meetings/keystone_office_hours/2018/keystone_office_hours.2018-02-06-19.19.html23:07
openstackMinutes (text): http://eavesdrop.openstack.org/meetings/keystone_office_hours/2018/keystone_office_hours.2018-02-06-19.19.txt23:07
openstackLog:            http://eavesdrop.openstack.org/meetings/keystone_office_hours/2018/keystone_office_hours.2018-02-06-19.19.log.html23:07
lbragstadcmurphy: thanks... i'm failing meetings today23:08
cmurphy:)23:08
*** r-daneel has quit IRC23:12
*** r-daneel has joined #openstack-keystone23:13
*** StefanPaetowJisc has joined #openstack-keystone23:29
*** brad[] has quit IRC23:29
gagehugolbragstad https://www.notebookcheck.net/Loose-screws-Partial-recall-of-the-Lenovo-ThinkPad-X1-Carbon-2017.281634.0.html23:39
lbragstadgagehugo: have you noticed issues?23:52
*** StefanPaetowJisc has quit IRC23:55
*** StefanPaetowJisc has joined #openstack-keystone23:57
*** StefanPaetowJisc has quit IRC23:59
« Monday, 2018-02-05 Index Wednesday, 2018-02-07 »

Generated by irclog2html.py 2.15.3 by Marius Gedminas - find it at mg.pov.lt!