Thursday, 2014-11-06

« Wednesday, 2014-11-05 Index Friday, 2014-11-07 »
rm_you|wtfredrobot: :)00:06
*** rm_you|wtf is now known as rm_you00:07
*** alee_ has joined #openstack-barbican00:14
*** SheenaG1 has joined #openstack-barbican00:15
*** tdink has joined #openstack-barbican00:15
*** SheenaG11 has joined #openstack-barbican00:16
*** rm_you has quit IRC00:19
*** SheenaG1 has quit IRC00:19
*** tdink has quit IRC00:20
*** rm_you has joined #openstack-barbican00:23
*** rm_you has quit IRC00:23
*** rm_you has joined #openstack-barbican00:23
*** lecalcot_ has joined #openstack-barbican00:23
*** rsyed is now known as rsyed_away00:25
*** lecalcot_ has quit IRC00:27
*** lecalcot has quit IRC00:27
*** lecalcot has joined #openstack-barbican00:27
*** lecalcot has quit IRC00:31
*** SheenaG11 has quit IRC00:33
*** SheenaG1 has joined #openstack-barbican00:44
*** SheenaG11 has joined #openstack-barbican00:49
*** SheenaG1 has quit IRC00:51
*** lecalcot has joined #openstack-barbican00:58
*** lecalcot has quit IRC01:00
*** lecalcot has joined #openstack-barbican01:01
*** lecalcot has quit IRC01:06
*** SheenaG11 has quit IRC01:51
*** SheenaG1 has joined #openstack-barbican02:12
*** lecalcot has joined #openstack-barbican02:25
*** lecalcot has quit IRC02:26
*** lecalcot has joined #openstack-barbican02:27
*** rsyed_away is now known as rsyed02:44
*** lecalcot has quit IRC02:45
*** rsyed is now known as rsyed_away03:22
*** tdink has joined #openstack-barbican05:09
*** akoneru has joined #openstack-barbican06:19
*** akoneru has quit IRC06:37
*** rm_you| has joined #openstack-barbican06:42
*** rm_you has quit IRC06:44
*** chellygel-abroad has joined #openstack-barbican07:04
*** chellygel-abroa1 has joined #openstack-barbican07:13
*** chellygel-abroad has quit IRC07:13
*** lecalcot has joined #openstack-barbican07:18
*** chellygel-abroad has joined #openstack-barbican07:28
*** chellygel-abroa1 has quit IRC07:28
*** chellygel-abroad has quit IRC07:28
*** liam_ has joined #openstack-barbican07:55
*** liam_ is now known as Guest7723507:55
*** tdink has quit IRC08:08
*** lecalcot has quit IRC08:12
*** Guest77235 has quit IRC08:47
*** Guest77235 has joined #openstack-barbican08:52
*** kebray has joined #openstack-barbican08:53
*** Guest77235 has quit IRC08:58
*** rcarrillocruz has joined #openstack-barbican09:10
rcarrillocruzhi folks09:10
rcarrillocruzi attended chellygel and others barbican session at the summit (kudos btw!) and would like to get involved09:11
rcarrillocruzi've followed the developer guide of barbican and would like to set it up with keystone, but the documentation from https://github.com/cloudkeep/barbican/wiki/Developer-Guide-for-Keystone states i should made some ammendments to paste and admin-paste ini files that don't seem to be updated somehow09:11
*** rellerreller has joined #openstack-barbican09:12
reaperhulkrcarrillocruz let me poke some people who might be able to assist09:12
reaperhulkcc hockeynut, redrobot09:12
rcarrillocruzawesome, if i could just get a gist for a paste an admin-paste init for keystone that would be great09:13
hockeynutrcarrillocruz give me a moment and I'll put one up for you09:13
rcarrillocruzsweet09:15
*** kebray has quit IRC09:17
hockeynutrcarrillocruz check out https://gist.github.com/sheyman/5ca1bd3e1ed93d45593909:21
hockeynutrcarrillocruz if you are doing a barbican install then this goes in your barbican etc/barbican/barbican-api-paste.ini which then gets copied up to system /etc/barbican/barbican-api-paste.ini when you run the barbican.sh install09:22
rcarrillocruzok, and that content would go to both paste and admin-paste ?09:22
hockeynutnot admin09:22
rcarrillocruzadmin i leave it as is then?09:23
hockeynuty09:23
rcarrillocruzawesome09:23
rcarrillocruzthx!09:23
*** kebray has joined #openstack-barbican09:24
*** alee_ has quit IRC09:25
*** kebray has quit IRC09:28
*** rellerreller has quit IRC09:39
*** rellerreller has joined #openstack-barbican09:48
*** rm_you| has quit IRC09:54
*** chellygel-abroad has joined #openstack-barbican09:54
*** rm_you| has joined #openstack-barbican09:54
chellygel-abroadwe found ourselves a little spot09:54
chellygel-abroadtalk about insanity over there09:54
reaperhulkI'm about to be in the sahara security session09:56
reaperhulkDo you have a table?09:56
chellygel-abroadso the barbicaneers have a table but its packed down there10:00
chellygel-abroadwe are on the first floor of the hotel10:00
chellygel-abroadand its quiet — just chad, bananac, steve, myself, and some random dude10:00
chellygel-abroadreaperhulk: ^10:00
reaperhulkbananac is a wonderful name.10:00
chellygel-abroadI agree :)10:00
reaperhulkI will be up there after this session10:01
*** tdink has joined #openstack-barbican10:04
redrobotwe're brainstorming a name for the KeyManager repo10:05
jvrbanactdink, as you're on vacation I'm picking up and fixing your CR https://review.openstack.org/#/c/132576/10:05
redrobotso far the leading one is Yett10:05
redrobotYett: Iron gates at the entrance of a castle10:05
jvrbanacredrobot, ask Jarret, he has a list10:05
redrobotjvrbanac http://medievalcastles.stormthecastle.com/parts-of-a-medieval-castle.htm10:06
chellygel-abroadsticking with the cloud keep theme?10:06
redrobotchellygel-abroad of course! :D10:06
*** alee_ has joined #openstack-barbican10:07
rellerrellerWhat do you guys think of calling the new key manager project "yett?"10:07
reaperhulkIt sounds like a yeti10:08
chellygel-abroadredrobot: warden?10:08
reaperhulkwarden is heavily used for auth related stuff10:08
redrobotreaperhulk the yeti can be our mascot :D10:08
rellerrellerI love the yeti mascot!10:08
*** tdink has quit IRC10:09
chellygel-abroadim sad we cant use murder hole yet10:11
redrobothttps://en.wikipedia.org/wiki/Yett10:12
chellygel-abroadBaliff? Constable?10:16
redrobotchellygel-abroad why don't you like yett?10:16
chellygel-abroadWatchmen?10:16
chellygel-abroadThe word isnt attractive?10:16
chellygel-abroadand it would be confused with yet10:17
chellygel-abroadwe dont have yett yet10:17
redrobotwe don't yet have a yett, but we could :)10:17
*** woodster_ has joined #openstack-barbican10:17
rellerrellerNova BP for trusted location control, https://review.openstack.org/#/c/132592/10:17
* redrobot really likes the castle theme10:17
chellygel-abroad"go to the yett" repo10:17
chellygel-abroadyou aren't going to type yett10:17
reaperhulkI like chellygel-abroad's phrasing10:17
reaperhulkIt definitely isn't an attractive word10:17
chellygel-abroadConstable, watchman and baliff are all jobs in a castle10:17
reaperhulk(I don't know that I really care, but it isn't aesthetically pleasing to me)10:18
woodster_there was talk of a mascot for it...can you guess? :)10:18
rellerrellerchellygel-abroad What about yeti?10:18
chellygel-abroadthats totally unrelated to castles. lol10:18
reaperhulkhyperbolicparabaloid10:18
redrobotCorbel10:19
redrobotCorbel - A stone projection from a wall. It supports the weight of a battlement.10:19
woodster_the coyote is totally unrelated to the Spurs team10:19
chellygel-abroadGong Farmer —>a latrine pit emptier10:19
reaperhulkpineapple pit (are we just playing word association games now?)10:19
chellygel-abroadhttp://www.ancientfortresses.org/medieval-occupations.htm10:19
reaperhulkhttp://en.wikipedia.org/wiki/Pineapple_pit10:19
redrobotBartizan: A small turret at the corner of a tower or wall. It is usually at the top but not always.10:20
reaperhulkhaha, bartizan, the key manager for barbican.10:20
reaperhulkthat's just mean10:20
redrobotDonjon - this is an old word for a great tower or a keep.10:21
chellygel-abroadif the job is a Key Manager — it should be someone or something that… manages keys?10:21
chellygel-abroadPorter10:21
chellygel-abroadThe Janitor, or Porter, was responsible for the main Castle entrance and for the guardrooms. The Porter also insured that no one entered or left the castle without permission10:21
chellygel-abroadno jraim for this one?10:23
redrobotchellygel-abroad already taken by some irc thing http://sourceforge.net/projects/porter/10:23
jvrbanacbarbican-porter10:23
jraimchellygel-abroad: I can come up with a name if people want :)10:23
jraimI have a whole list10:23
redrobothttps://github.com/search?utf8=%E2%9C%93&q=porter10:23
chellygel-abroadCASTELLAN?10:23
chellygel-abroadCastellan was the occupation of the person who had been appointed as Custodian, or in charge of, the castle10:23
redrobotjraim we need a name for the KeyManager interface repo10:24
chellygel-abroadjraim: looking for ideas that sound nice :P for the Key Manager10:24
jraimAll castle themed, you guys are the best. My work here is done ::tear::10:24
redrobotapparently Yett was too ugly10:24
jraimlemme see what i have10:24
jvrbanacYett is ugly10:24
chellygel-abroadi like CASTELLAN10:24
jraimchellygel-abroad: I do too actually10:25
chellygel-abroaddaddy approves10:25
jvrbanac+!10:26
jvrbanac+110:26
redrobotI don't even know how to pronounce castellan.  My hispanic side wants to pronounce it with a Y sound.  Cas-te-yan10:26
chellygel-abroadcas-teh-lyn10:27
jvrbanacCast-e-lon10:27
jvrbanacor that10:27
chellygel-abroadhttps://www.google.com/search?q=CASTELLAN&oq=CASTELLAN&aqs=chrome..69i57j0l5.246j0j7&sourceid=chrome&es_sm=119&ie=UTF-810:27
chellygel-abroadclick the lil speaker icon10:27
chellygel-abroad;)10:27
chellygel-abroador CASTLE_LAN (Party)10:27
chellygel-abroad:P10:27
reaperhulkftp is blocked on this wifi. gonna have to vpn so I can get things off the RSA ftp. I have made bad choices10:29
*** rm_you| has quit IRC10:30
*** rm_you| has joined #openstack-barbican10:31
chellygel-abroadgot too quiet redrobot :P10:35
redrobotchellygel-abroad the pecan guys stopped by to say hi.10:36
*** SheenaG1 has quit IRC10:36
*** openstackgerrit has joined #openstack-barbican10:39
rcarrillocruzit seems my dev barbican+keystone is not doing keystone auth. I modified the paste ini file to not use unathenticated method and use instead keystone10:51
rcarrillocruznot no matter if i put a valid token10:51
rcarrillocruzor a made up one10:51
rcarrillocruzi get a valid response from barbican api:10:51
rcarrillocruzcurl -H "Accept: application/json" -H "X-Auth-Token:8075bd95ae944317b31bdf7081c878ef" http://localhost:931110:51
rcarrillocruzworks10:51
rcarrillocruzcurl -H "Accept: application/json" -H "X-Auth-Token:8075bd95ae94431" http://localhost:931110:51
rcarrillocruzworks10:51
rcarrillocruzand i don't see anything logged on keystone coming from barbican api requests, looks like it's never hit10:52
openstackgerritJuan Antonio Osorio Robles proposed a change to openstack/barbican: Replace trivial instances of tenant for project  https://review.openstack.org/13270010:55
redrobothttp://www.rfc-editor.org/rfc/rfc7030.txt10:56
redrobotrcarrillocruz you may have the unauthenticated context in your paste pipeline.  Check barbican-api-paste.ini https://github.com/openstack/barbican/blob/master/etc/barbican/barbican-api-paste.ini#L1410:59
rcarrillocruzhttp://paste.openstack.org/show/130057/11:02
openstackgerritJuan Antonio Osorio Robles proposed a change to openstack/barbican: Replace trivial instances of tenant for project  https://review.openstack.org/13270011:02
rcarrillocruzlooks good to me, that's my /etc/barbican/barbican-api-paste.ini file11:02
*** kebray has joined #openstack-barbican11:03
rcarrillocruzredrobot: ^11:04
redrobotrcarrillocruz hmm... yeah, that config looks right.11:06
*** jorge_munoz has joined #openstack-barbican11:06
rcarrillocruzi noticed this from barbican output, not sure if relevant11:08
rcarrillocruzhttp://paste.openstack.org/show/130058/11:08
redrobotrcarrillocruz oh, I kno what's going on now11:10
redrobotrcarrillocruz the output shows that the middleware is indeed configured11:10
redrobotrcarrillocruz the root resource is not protected by auth11:10
redrobotrcarrillocruz try hitting /v1/secrets11:11
rcarrillocruzk11:12
openstackgerritChelsea Winfree proposed a change to openstack/barbican: The last round of secrets functional tests  https://review.openstack.org/13257011:13
rcarrillocruz'Authentication required'11:13
rcarrillocruzok11:13
rcarrillocruzsooo, that means it's configured just fine, just the URL i was hitting wouldn't go thru keystone to do auth11:13
rcarrillocruz?11:13
redrobotrcarrillocruz correct. :)11:14
rcarrillocruzyay11:14
rcarrillocruzthx :-)11:15
*** kebray has quit IRC11:16
*** jaosorior has joined #openstack-barbican11:19
*** chellygel-abroad has quit IRC11:20
*** chellygel-abroad has joined #openstack-barbican11:20
rcarrillocruzsweet11:24
rcarrillocruzi'm on business11:24
rcarrillocruzgetting 'barbican' token and using it to get secrets now i get a response11:24
rcarrillocruz:-)11:24
*** jorge_munoz has quit IRC11:25
redrobotrcarrillocruz awesome!  Let us know if you have more questions11:28
*** chellygel-abroad has quit IRC11:33
*** openstackgerrit has quit IRC11:42
*** alee_ has quit IRC11:51
*** rellerreller has quit IRC11:51
*** tdink has joined #openstack-barbican12:09
*** tdink has quit IRC12:13
*** juantwo has quit IRC12:23
*** kne has joined #openstack-barbican13:11
*** kne has quit IRC13:12
*** jorge_munoz has joined #openstack-barbican13:17
*** rellerreller has joined #openstack-barbican13:22
redrobotchellygel btw, did you hear we won the fall season?13:26
*** kebray has joined #openstack-barbican13:27
*** kebray has quit IRC13:31
*** alee_ has joined #openstack-barbican13:31
*** kebray has joined #openstack-barbican13:34
*** jorge_munoz has quit IRC13:36
*** jorge_munoz has joined #openstack-barbican13:37
rcarrillocruzis it normal that using the barbican client to get secrets it inserts 'auth' in the POST url? cos I get a 404 because of that...13:38
rcarrillocruz"POST /v2.0/auth/tokens HTTP/1.1" 40413:38
*** kebray has quit IRC13:40
rcarrillocruzit looks like barbican client is using keystone v3 urls13:40
*** jorge_munoz has quit IRC13:44
*** jorge_munoz has joined #openstack-barbican13:46
*** jorge_munoz has quit IRC13:50
*** rellerreller has quit IRC13:55
*** juantwo has joined #openstack-barbican13:59
*** rsyed_away is now known as rsyed14:10
*** jorge_munoz has joined #openstack-barbican14:14
*** paul_glass has joined #openstack-barbican14:48
*** zz_dimtruck is now known as dimtruck14:57
*** openstackstatus has quit IRC14:58
*** openstack has joined #openstack-barbican14:59
*** openstackstatus has joined #openstack-barbican14:59
*** ChanServ sets mode: +v openstackstatus14:59
*** dimtruck is now known as zz_dimtruck15:09
hockeynutjvrbanac chellygel redrobot reaperhulk would you be so kind as to peek at https://review.openstack.org/#/c/130921/315:10
*** alee_ has quit IRC15:16
*** SheenaG1 has joined #openstack-barbican15:22
*** JeffF has joined #openstack-barbican15:23
*** SheenaG1 has quit IRC15:26
*** mkam has joined #openstack-barbican15:28
*** alee_ has joined #openstack-barbican15:35
redrobotrcarrillocruz what version of the client are you using?15:37
rm_workrcarrillocruz: yes, the client defaults to using v3 as the auth method unless you specify to use v216:00
rm_work(assuming you are using 3.0.0)16:00
*** paul_glass has quit IRC16:01
*** paul_glass has joined #openstack-barbican16:10
*** zz_dimtruck is now known as dimtruck16:32
*** jorge_munoz has joined #openstack-barbican16:34
*** jorge_munoz has quit IRC16:38
*** paul_glass has quit IRC16:50
*** juantwo has quit IRC16:59
*** jaosorior has quit IRC17:03
*** paul_glass has joined #openstack-barbican17:29
*** rtom has joined #openstack-barbican17:30
*** SheenaG1 has joined #openstack-barbican17:37
rcarrillocruzi'm using the latest from pypi, it's 3 something17:39
*** rm_mobile has joined #openstack-barbican17:45
*** rm_mobile has quit IRC17:45
*** rm_mobile has joined #openstack-barbican17:45
*** SheenaG11 has joined #openstack-barbican17:51
*** SheenaG1 has quit IRC17:53
*** SheenaG11 has quit IRC17:55
*** SheenaG1 has joined #openstack-barbican18:02
*** alee_ has quit IRC18:07
*** dimtruck is now known as zz_dimtruck18:22
*** zz_dimtruck is now known as dimtruck18:23
*** rm_you| has quit IRC18:25
*** rm_you| has joined #openstack-barbican18:25
*** akoneru has joined #openstack-barbican18:36
*** SheenaG1 has quit IRC18:39
*** paul_glass has quit IRC18:50
rcarrillocruzi'm resorting to curl for doing my tests18:54
rcarrillocruzif you know how to force the client to use v2 pls let me know, don't see it on the help18:54
*** paul_glass has joined #openstack-barbican19:22
*** SheenaG1 has joined #openstack-barbican19:31
*** SheenaG1 has quit IRC19:36
*** SheenaG1 has joined #openstack-barbican19:44
*** rm_mobile has quit IRC19:44
*** paul_glass has quit IRC19:44
*** paul_glass has joined #openstack-barbican19:52
rm_workrcarrillocruz: --os-identity-api-version19:53
rm_work  --os-identity-api-version <identity-api-version>                                                              │?         -> Introduction and overview of IPython's features.19:53
rm_work                        Specify Identity API version to use. Defaults to                                        │%quickref -> Quick reference.19:53
rm_work                        env[OS_IDENTITY_API_VERSION] or 3.0.19:53
rm_workerr whoopsw19:53
rm_work  --os-identity-api-version <identity-api-version>19:54
rm_work                        Specify Identity API version to use. Defaults to19:54
rm_work                        env[OS_IDENTITY_API_VERSION] or 3.0.19:54
rm_workfor devstack:19:54
rm_workexport OS_AUTH_URL="http://localhost:5000/v2.0/"19:54
rm_workexport BARBICAN_ENDPOINT="http://localhost:9311/v1/"19:54
rm_workexport OS_IDENTITY_API_VERSION="2.0"19:54
rm_workrcarrillocruz: ^^19:54
*** SheenaG1 has quit IRC19:56
*** paul_glass has quit IRC20:05
*** jorge_munoz has joined #openstack-barbican20:06
*** jorge_munoz has quit IRC20:43
*** rm_you| has quit IRC20:43
*** rm_you| has joined #openstack-barbican20:43
*** dimtruck is now known as zz_dimtruck20:54
*** paul_glass has joined #openstack-barbican20:59
*** paul_glass has quit IRC21:24
*** ryanpetrello has joined #openstack-barbican21:35
*** woodster_ has quit IRC22:00
*** mkam has quit IRC22:34
*** ryanpetrello has quit IRC22:40
*** rsyed is now known as rsyed_away22:54
*** kebray has joined #openstack-barbican22:56
*** rsyed_away is now known as rsyed23:18
*** ametts has quit IRC23:25
*** rtom has quit IRC23:35
« Wednesday, 2014-11-05 Index Friday, 2014-11-07 »

Generated by irclog2html.py 2.14.0 by Marius Gedminas - find it at mg.pov.lt!