Thursday, 2016-02-11

« Wednesday, 2016-02-10 Index Friday, 2016-02-12 »
openstackgerritMerged openstack/barbican: Remove padding from legacy stored secrets  https://review.openstack.org/27057200:04
*** nelsnels_ has joined #openstack-barbican00:07
*** nelsnelson has quit IRC00:08
*** jhfeng has quit IRC00:12
Asha_Sorry hockeynut ..I was out of my office for some meeting00:17
*** hyakuhei has quit IRC00:18
Asha_Thanks for pointing out the link ..I would go through that and get back00:21
*** hyakuhei has joined #openstack-barbican00:24
*** kebray has joined #openstack-barbican00:33
*** Asha_ has quit IRC00:36
*** alee_ has quit IRC00:38
*** alee has quit IRC00:38
*** kebray has quit IRC00:40
*** hyakuhei has quit IRC00:50
*** spotz_zzz is now known as spotz00:52
*** hyakuhei has joined #openstack-barbican00:52
*** hyakuhei has quit IRC00:55
*** hyakuhei has joined #openstack-barbican00:56
*** hyakuhei has quit IRC00:59
*** hyakuhei has joined #openstack-barbican01:00
openstackgerritMerged openstack/barbican: Updated from global requirements  https://review.openstack.org/27711601:04
*** damia_pi has joined #openstack-barbican01:11
*** damia_pi has quit IRC01:16
*** chlong has joined #openstack-barbican01:18
*** hyakuhei has quit IRC01:20
*** hyakuhei has joined #openstack-barbican01:32
*** zz_dimtruck is now known as dimtruck01:42
*** gyee has quit IRC01:48
*** damia_pi has joined #openstack-barbican01:49
*** damia_pi has quit IRC01:51
*** mragupat has joined #openstack-barbican02:08
*** mragupat has quit IRC02:08
*** mragupat has joined #openstack-barbican02:08
*** openstackgerrit has quit IRC02:15
*** chlong has quit IRC02:15
*** openstackgerrit has joined #openstack-barbican02:24
*** mragupat has quit IRC02:24
*** chlong has joined #openstack-barbican02:29
*** su_zhang has quit IRC02:45
*** woodster_ has quit IRC02:46
*** tkelsey has joined #openstack-barbican03:08
*** jhfeng has joined #openstack-barbican03:11
*** jhfeng has quit IRC03:11
*** tkelsey has quit IRC03:13
*** lvh has quit IRC03:39
*** su_zhang has joined #openstack-barbican03:43
*** hyakuhei has quit IRC04:15
*** sidx64_Cern has joined #openstack-barbican04:15
*** dimtruck is now known as zz_dimtruck04:17
*** sid_cerner has joined #openstack-barbican04:20
*** hyakuhei has joined #openstack-barbican04:21
*** mragupat has joined #openstack-barbican04:21
*** woodster_ has joined #openstack-barbican04:23
*** sidx64_Cern has quit IRC04:24
*** Nirupama has joined #openstack-barbican04:25
*** diazjf has joined #openstack-barbican04:28
*** jamielennox is now known as jamielennox|away05:06
*** dave-mcc_ has quit IRC05:15
*** sidx64_Cern has joined #openstack-barbican05:23
*** sid_cerner has quit IRC05:26
*** fnaval has quit IRC05:28
*** jamielennox|away is now known as jamielennox05:31
*** hyakuhei has quit IRC05:35
*** fnaval has joined #openstack-barbican05:44
*** fnaval has quit IRC06:10
*** jaosorior has joined #openstack-barbican06:10
*** fnaval has joined #openstack-barbican06:13
*** mixos has joined #openstack-barbican06:34
*** woodster_ has quit IRC06:36
*** jaosorior has quit IRC06:56
*** tkelsey has joined #openstack-barbican07:10
*** tkelsey has quit IRC07:14
*** jaosorior has joined #openstack-barbican07:20
*** jaosorior has quit IRC07:32
*** mixos has quit IRC07:32
*** scheuran has joined #openstack-barbican07:37
openstackgerritOpenStack Proposal Bot proposed openstack/barbican: Updated from global requirements  https://review.openstack.org/27889707:38
*** diazjf has quit IRC07:42
openstackgerritOpenStack Proposal Bot proposed openstack/python-barbicanclient: Updated from global requirements  https://review.openstack.org/27872107:44
*** sidx64 has joined #openstack-barbican07:58
*** sidx64_Cern has quit IRC08:01
*** tkelsey has joined #openstack-barbican08:04
*** jaosorior has joined #openstack-barbican08:05
*** shohel has joined #openstack-barbican08:20
*** su_zhang has quit IRC08:34
*** su_zhang has joined #openstack-barbican08:35
*** su_zhang has quit IRC08:39
*** mragupat has quit IRC08:40
*** openstackgerrit has quit IRC08:47
*** openstackgerrit_ has joined #openstack-barbican08:47
*** openstackgerrit_ is now known as openstackgerrit08:48
*** tkelsey has quit IRC09:26
*** scheuran has quit IRC09:37
*** scheuran has joined #openstack-barbican09:51
*** scheuran has quit IRC10:00
*** scheuran has joined #openstack-barbican10:02
*** sidx64 has quit IRC10:18
*** sidx64 has joined #openstack-barbican10:38
*** scheuran has quit IRC10:50
*** shohel has quit IRC10:56
*** scheuran has joined #openstack-barbican11:05
*** peter-hamilton has joined #openstack-barbican12:07
*** ig0r_ has joined #openstack-barbican12:12
*** su_zhang has joined #openstack-barbican12:59
*** spotz is now known as spotz_zzz13:00
*** su_zhang has quit IRC13:03
*** sidx64 has quit IRC13:08
*** woodster_ has joined #openstack-barbican13:33
*** rellerreller has joined #openstack-barbican13:36
*** Nirupama has quit IRC13:43
*** jaosorior has quit IRC14:05
*** jaosorior has joined #openstack-barbican14:05
*** dave-mccowan has joined #openstack-barbican14:08
*** dave-mcc_ has joined #openstack-barbican14:11
*** zz_dimtruck is now known as dimtruck14:11
*** dave-mccowan has quit IRC14:14
*** krotscheck_dcm is now known as krotscheck14:15
*** su_zhang has joined #openstack-barbican14:23
*** scheuran has quit IRC14:35
*** jmckind has joined #openstack-barbican14:42
*** hyakuhei has joined #openstack-barbican14:54
*** jaosorior has quit IRC15:06
*** jhfeng has joined #openstack-barbican15:17
*** mragupat has joined #openstack-barbican15:18
*** ig0r_ has quit IRC15:21
*** woodster_ has quit IRC15:36
*** dave-mcc_ has quit IRC15:37
*** dave-mccowan has joined #openstack-barbican15:37
*** mp1 has joined #openstack-barbican15:51
*** spotz_zzz is now known as spotz15:55
*** fnaval has quit IRC15:57
*** silos has joined #openstack-barbican16:01
*** tkelsey has joined #openstack-barbican16:11
*** woodster_ has joined #openstack-barbican16:11
*** shohel has joined #openstack-barbican16:12
*** diazjf has joined #openstack-barbican16:18
*** hyakuhei has quit IRC16:19
*** fnaval has joined #openstack-barbican16:19
*** diazjf1 has joined #openstack-barbican16:20
*** mixos has joined #openstack-barbican16:21
*** diazjf has quit IRC16:22
*** jsavak has joined #openstack-barbican16:24
*** peter-hamilton has quit IRC16:34
*** mp1 has quit IRC16:34
*** hyakuhei has joined #openstack-barbican16:38
*** ccneill has joined #openstack-barbican16:41
*** scheuran has joined #openstack-barbican16:42
*** scheuran has quit IRC16:47
*** silos has quit IRC16:50
*** silos has joined #openstack-barbican16:54
*** nelsnels_ has quit IRC16:59
*** mp1 has joined #openstack-barbican17:00
*** nelsnelson has joined #openstack-barbican17:00
openstackgerritFernando Diaz proposed openstack/castellan: Introduce Castellan Credential Factory  https://review.openstack.org/27386317:01
*** gyee has joined #openstack-barbican17:05
openstackgerritDouglas Mendizábal proposed openstack/barbican: Document Symmetric Secret Type  https://review.openstack.org/17148817:14
*** mp1 has quit IRC17:17
hyakuheidiazjf1: We need to sync on BYOK17:23
openstackgerritFernando Diaz proposed openstack/barbican: Cleanup barbican-api-paste pipeline  https://review.openstack.org/26300017:26
diazjf1hyakuhei, hey what's up. Yeah I was meaning to add myself the different project meetings for next week17:26
hyakuheiJust flagging it up because we’re never around at the same time :) I think we were going to build a wiki page for it but we didn’t get anywhere….17:27
diazjf1hyakuhei, I can make the wiki next week. Where on https://wiki.openstack.org/wiki/Security can I add it? Also lmk what you think about https://review.openstack.org/#/c/271517/ :)17:30
openstackgerritFernando Diaz proposed openstack/castellan: Allow Barbican Key Manager to accept different auth credentials  https://review.openstack.org/27387217:31
*** jsavak has quit IRC17:34
*** rellerreller has quit IRC17:42
*** shohel has quit IRC17:49
*** silos has quit IRC18:00
*** tkelsey has quit IRC18:01
*** Kevin_Zheng has quit IRC18:35
*** su_zhang has quit IRC18:36
*** Kevin_Zheng has joined #openstack-barbican18:37
*** gyee has quit IRC18:53
*** ccneill has quit IRC18:58
*** hyakuhei has quit IRC18:59
*** silos has joined #openstack-barbican19:05
*** su_zhang has joined #openstack-barbican19:07
*** nelsnels_ has joined #openstack-barbican19:12
*** nelsnelson has quit IRC19:15
*** ccneill has joined #openstack-barbican19:24
hockeynutgreetings all - I am (re)working my local barbican and trying to run via barbican-api rather than barbican.sh.  As part of that I am trying to see if we can run without needing anything in /etc and I am finding that to be painful.  As part of this, I see that we REQUIRE a copy of barbican.conf to be placed into our home directory.  Does anyone else think that's silly and should be fixed?19:33
hockeynutI would think that all of the config/ini/prop files should be under myLocalbarbican/etc/barbican and not have to be dispersed elsewhere in the system19:34
siloshockeynut: I have never seen the use in having the barbican.conf file in the home directory.19:34
hockeynutother than "it has to be there" :-)19:35
hockeynutwondering if that's an oslo thing or something we can fix19:35
woodster_hockeynut: oslo config looks for (at least to) barbican.conf in the home directory and /etc/barbican folders (not sure the order)...we've called for folks to put into /etc19:35
siloshockeynut, woodster_: I believe it looks in the home directory first and if it's there then it doesn't look anywhere else. At least that's what I've seen happen to my deployments.19:36
woodster_hockeynut:  the problem with running from your git repo is that the minute you change it for your local needs, it changes from upstream, so it's more convenient and safer to maintain it outside the git repo19:36
hockeynutwoodster_ true.  methinks there might need to be some doc work here to clarify19:36
*** ccneill has quit IRC19:38
hockeynutbut it still seems odd that my home directory is in a search order for a config file19:38
*** mp1 has joined #openstack-barbican19:41
*** ccneill has joined #openstack-barbican19:42
*** spotz is now known as spotz_zzz19:44
woodster_I figure that's the only way for folks that don't have write access to /etc19:48
*** dimtruck is now known as zz_dimtruck19:55
*** zz_dimtruck is now known as dimtruck19:55
*** spotz_zzz is now known as spotz19:57
*** mixos has quit IRC20:02
*** hyakuhei has joined #openstack-barbican20:07
*** silos has quit IRC20:10
openstackgerritFernando Diaz proposed openstack/castellan: Allow Barbican Key Manager to accept different auth credentials  https://review.openstack.org/27387220:16
*** su_zhang has quit IRC20:19
*** hyakuhei has quit IRC20:20
*** jhfeng has quit IRC20:20
*** mp1 has quit IRC20:26
*** silos has joined #openstack-barbican20:26
*** mp1 has joined #openstack-barbican20:26
*** jhfeng has joined #openstack-barbican20:30
*** hyakuhei has joined #openstack-barbican20:40
redrobothockeynut yeah, that's all oslo.config magic.  Even the name of the file is inferred from the name of the project.  What I usually do is make a symlink from $HOME to my working directory.20:44
hockeynutredrobot not a bad idea there.  that's why you're PTL and the rest of us are GPS20:45
*** mp1 has quit IRC20:45
*** mp1 has joined #openstack-barbican20:46
redrobothockeynut one thing I wish we could do is have a --config-file option so you can set where the config should be loaded from instead of having to abide by oslo.config magic conventions20:46
*** su_zhang has joined #openstack-barbican20:50
hockeynutredrobot pull request accepted?20:50
redrobothockeynut oslo.config documentation kinda sucks... and I haven't been able to figure out how to pass variables to a wgsi process...20:51
*** su_zhang has quit IRC20:56
jkfredrobot: environment variables?20:57
*** silos has quit IRC21:03
redrobotjkf that might work... just gotta figure out how to read the env before oslo.config parsing begins.21:04
*** su_zhang has joined #openstack-barbican21:09
*** silos has joined #openstack-barbican21:11
*** hyakuhei has quit IRC21:15
*** edtubill has joined #openstack-barbican21:19
*** jorge_munoz has quit IRC21:29
diazjf1hockeynut, checkout https://github.com/openstack/oslo.config/blob/master/oslo_config/cfg.py#L572-L579 for the oslo magic, I think this can be overridden with https://github.com/openstack/oslo.config/blob/master/oslo_config/cfg.py#L208221:37
*** chlong has quit IRC22:03
*** dimtruck is now known as zz_dimtruck22:11
redrobotBarbican @ Rackspace is live! :D http://go.rackspace.com/cloud-keep.html22:19
*** zz_dimtruck is now known as dimtruck22:20
hockeynutw00t w00t!22:20
siloscongrats!!22:20
openstackgerritDouglas Mendizábal proposed openstack/barbican: Document public secret type  https://review.openstack.org/17185922:21
jkfredrobot: Congrats! Is that using the new HSM code I wrote? How's it been performing for you?22:22
*** mragupat has quit IRC22:23
redrobotjkf indeed it is!  I think we're only running a few days behind master22:23
redrobotjkf maxing out at about 20 rps22:23
redrobotjkf good enough for our Early Access program, but we definitely want to improve on it22:23
diazjf1redrobot congrats man!22:27
jkfredrobot: Interesting. I'd be interested in hearing more about what you find there. I can hit 25-30/second in my environment, but I haven't put a profiler on the code yet to find bottlenecks.22:27
jkfThat's on a single process.22:27
redrobotjkf we have _some_ newrelic reporting thanks to https://github.com/openstack/barbican/blob/master/barbican/api/app.py#L24-L25 but it's not smart enough to measure the time spent on the HSM22:28
*** mragupat has joined #openstack-barbican22:29
woodster_jkf: are you multi-threading at all?22:29
redrobotsilos diazjf1 thanks, y'all!  It took a lot of rackers to make this happen22:29
jkfwoodster_: No, but I'm thinking of playing with it at some point.22:29
woodster_and a lot of contribs to make the code happen too22:30
redrobotwoodster_ +1000 that too!22:30
diazjf1woohooo! :)22:31
redrobotdiazjf1 while I have you here ...  Example 2.2 in CR https://review.openstack.org/#/c/171859/4 totally works for me22:34
redrobotdiazjf1 just went through and copy/pasted it a few times into my shell just to make sure22:35
redrobotdiazjf1 I get a ref every time.22:35
diazjf1redrobot, I'll take another look in a few mins. I tried copying it from the doc job and it gave me a 400 error22:36
diazjf1redrobot, I was running master as well22:36
redrobotdiazjf1 strange ... looks like correct JSON to me... maybe PUB_BASE64 didn't get set for you for some reason?22:37
diazjf1redrobot, I did echo it and it was there. Maybe there was some problem when passing it22:37
diazjf1the strange thing is that the other examples which follow a similar flow worked22:38
diazjf1redrobot, I'm starting a new vagrant and will retry it in 1522:45
*** ccneill has quit IRC22:52
*** ccneill has joined #openstack-barbican22:58
*** jmckind has quit IRC23:02
*** spotz is now known as spotz_zzz23:03
diazjf1redrobot, still fails for me. Here's my log http://paste.openstack.org/show/486775/23:04
*** mragupat has quit IRC23:11
*** jorgem has quit IRC23:14
*** jorgem has joined #openstack-barbican23:15
*** edtubill has quit IRC23:15
*** mp1 has quit IRC23:17
*** silos has quit IRC23:18
*** jhfeng has quit IRC23:18
*** yfujioka has quit IRC23:21
diazjf1redrobot, I figured it out23:24
diazjf1its because of the spaces in $PUB_BASE6423:25
diazjf1see http://paste.openstack.org/show/486777/23:25
*** mp1 has joined #openstack-barbican23:28
*** chlong has joined #openstack-barbican23:30
*** mp1 has quit IRC23:34
*** mp1 has joined #openstack-barbican23:38
*** mp1 has quit IRC23:41
*** dimtruck is now known as zz_dimtruck23:52
« Wednesday, 2016-02-10 Index Friday, 2016-02-12 »

Generated by irclog2html.py 2.14.0 by Marius Gedminas - find it at mg.pov.lt!