| *** lyrrad has quit IRC | 00:43 | |
| *** openstackgerrit has quit IRC | 02:47 | |
| *** openstackgerrit has joined #swift3 | 02:48 | |
| *** openstackgerrit has quit IRC | 06:48 | |
| *** openstackgerrit has joined #swift3 | 06:49 | |
| *** openstackgerrit has quit IRC | 07:48 | |
| *** openstackgerrit has joined #swift3 | 07:49 | |
| *** acoles_ is now known as acoles | 08:44 | |
| *** openstackgerrit has quit IRC | 08:48 | |
| *** openstackgerrit has joined #swift3 | 08:49 | |
| *** lyrrad has joined #swift3 | 16:22 | |
| *** acoles is now known as acoles_ | 17:11 | |
| openstackgerrit | Tim Burke proposed openstack/swift3: Add http_timeout config option https://review.openstack.org/327300 | 19:35 |
|---|---|---|
| *** openstackgerrit has quit IRC | 20:48 | |
| *** openstackgerrit has joined #swift3 | 20:49 | |
| *** acoles_ is now known as acoles | 20:57 | |
| *** acoles is now known as acoles_ | 22:20 | |
| kota_ | hello | 23:00 |
| timburke | hi kota_! | 23:00 |
| kota_ | hi timburke | 23:01 |
| timburke | it looks like bill_az_ won't make it | 23:01 |
| kota_ | ok, let get started. | 23:02 |
| kota_ | I updated meeting wiki an hours ago, https://wiki.openstack.org/wiki/Meetings/swift3 | 23:02 |
| kota_ | at first, as you know, we got a signature v4 staff | 23:03 |
| timburke | whooo! | 23:03 |
| timburke | it broke one thing (that i've noticed) but seems great | 23:03 |
| kota_ | I know you have a couple of follo-up patches I have to look at. | 23:03 |
| timburke | (the v2 presigned urls) | 23:04 |
| kota_ | alright, thanks for finding that, maybe I can work for that in this week. | 23:04 |
| timburke | the other follow-up patch was just a thought i'd had during review for adding validation to the expiration param | 23:05 |
| kota_ | ok | 23:05 |
| kota_ | for the broken part, do we need to file it at launchpad bug report? | 23:05 |
| timburke | if it'll help you track it, i certainly can. haven't yet | 23:06 |
| kota_ | ok. i think reporting can help us to track anyway before/after merging the fix. | 23:08 |
| timburke | sure. i'll take care of that | 23:08 |
| kota_ | thx | 23:08 |
| kota_ | btw, about sigv4, I'm realizing it might be better to propose a change also swift tempauth able to verify sig v4 s3 token. | 23:09 |
| kota_ | how do you think of it? | 23:09 |
| kota_ | I think, we don't have technical reason we support it only in keystone. | 23:11 |
| timburke | absolutely. i was actually thinking of going even further and pushing a callable into the wsgi environment like validate_signature(secret) then submitting patches to both tempauth and swauth | 23:11 |
| kota_ | timburke: ah, that's good idea to solve some issues we discussed in launchpad, | 23:12 |
| timburke | then if a v5 came out (and we added support), any middlewares that used that callable would automatically get the new functionality | 23:12 |
| kota_ | sounds great. | 23:12 |
| timburke | yes, i think that's what originally gave me the idea... | 23:13 |
| kota_ | nice | 23:13 |
| kota_ | any updates for today? | 23:14 |
| timburke | i've got a couple new patches for s3token to add some options similar to what's in authtoken. namely delay_auth_decision (in case you have multiple middlewares that may auth S3 requests) and http_timeout (so that if keystone is down, requests fail faster) | 23:14 |
| kota_ | ah yeah. | 23:15 |
| timburke | these are patch 326765 and patch 327300 | 23:15 |
| patchbot | timburke: https://review.openstack.org/#/c/326765/ - swift3 - Add delay_auth_decision config option | 23:15 |
| patchbot | timburke: https://review.openstack.org/#/c/327300/ - swift3 - Add http_timeout config option | 23:15 |
| timburke | i also started looking at replacing requests with swift's bufferedhttp, but that looks messy. i'm not actually sure swift can properly validate SSL certs currently :-/ | 23:15 |
| kota_ | uuuh, yeah swift internal connection is not designed to use SSL IIRC. | 23:16 |
| timburke | yeah, i think notmyname made a comment like "you have *how much* to spend on cpus?" when i brought it up | 23:17 |
| kota_ | lol | 23:18 |
| timburke | but it means that we'd lose (some part of?) ssl validation against keystone if we tried to use bufferedhttp :-( | 23:19 |
| kota_ | right | 23:19 |
| kota_ | hmm.... | 23:20 |
| kota_ | i have no clear answer yet for that. | 23:20 |
| timburke | me neither. i'll keep thinking on it, maybe look into how requests/urllib3 solve it | 23:22 |
| timburke | other than that, i'm also working on a patch to use eventlet's new headers_raw env key for signatures, which will solve some observed problems when header keys have underscores | 23:22 |
| timburke | hopefully get that up in a day or two | 23:23 |
| kota_ | great. | 23:23 |
| timburke | i think that's it for me, though | 23:27 |
| kota_ | me too. | 23:28 |
| kota_ | thanks for your updates :D | 23:28 |
| kota_ | end - meeting | 23:29 |
Generated by irclog2html.py 2.14.0 by Marius Gedminas - find it at mg.pov.lt!