Thursday, 2015-11-05

« Wednesday, 2015-11-04 Index Friday, 2015-11-06 »
kfox1111_bknudson: dolphm: thanks.00:03
*** markvoelker has quit IRC00:06
*** richm has quit IRC00:07
*** ctina has joined #openstack-keystone00:08
*** chrisshattuck has quit IRC00:09
*** jasonsb has quit IRC00:11
*** jasonsb has joined #openstack-keystone00:11
*** ctina has quit IRC00:13
*** su_zhang has quit IRC00:24
*** EinstCrazy has quit IRC00:25
*** jerrygb has joined #openstack-keystone00:31
*** jerrygb has quit IRC00:32
*** erhudy has quit IRC00:39
*** roxanaghe has quit IRC00:41
openstackgerritDavid Stanek proposed openstack/keystone: Use unit.new_service_ref() consistently  https://review.openstack.org/23828300:41
openstackgerritDavid Stanek proposed openstack/keystone: Use unit.new_endpoint_ref consistently  https://review.openstack.org/23775800:41
openstackgerritDavid Stanek proposed openstack/keystone: Use unit.new_region_ref() consistently  https://review.openstack.org/23830200:41
samueldmqdstanek: that's nice :) ^00:45
dstaneksamueldmq: wasn't me - i just had to rebase it because i have work on top of it00:45
*** markvoelker has joined #openstack-keystone00:47
*** sileht has quit IRC00:48
openstackgerritHidekazu Nakamura proposed openstack/keystone: Update development environment set up doc  https://review.openstack.org/22302000:48
samueldmqdstanek: yep, I saw that's from Sean Perry :)00:50
andrewbogottayoung: now that I have things working with v3, I’m trying to follow your earlier suggestion of making my policy.json support a universal observer.00:53
andrewbogottWhich, for the short term, means creating a user who can list the instances in projects without having a role in that project.00:54
andrewbogottDo you still think that’s possible, or did I fail to state what I was doing adequately before?00:54
*** gyee has quit IRC00:59
*** spandhe has quit IRC01:00
*** EinstCrazy has joined #openstack-keystone01:01
*** hrou has joined #openstack-keystone01:07
*** jmccrory has quit IRC01:09
*** boris-42 has joined #openstack-keystone01:13
*** jmccrory has joined #openstack-keystone01:13
*** jmccrory has quit IRC01:14
*** spandhe has joined #openstack-keystone01:16
kfox1111_is there any drawback to running keystone without a rabbit?01:17
kfox1111_its just used for notifications, right?01:17
jamielennoxthe fox gets bored01:18
jamielennox:D01:18
jamielennoxsorry, weird day01:18
kfox1111_:)01:18
jamielennoxyup, just notifications01:19
kfox1111_and the notifications are just advisory, nothing really relies apon them today?01:19
jamielennoxumm, i'd check ceilometer01:19
jamielennoxbut afaik no01:19
kfox1111_k. thx.01:20
jamielennoxno one is actually doing cleanup01:20
kfox1111_going to setup one keystone to rule them all (multi region)01:20
kfox1111_and just double checking.01:20
*** mylu has joined #openstack-keystone01:21
*** davechen1 has joined #openstack-keystone01:22
*** lhcheng has quit IRC01:26
*** mylu has quit IRC01:34
*** mylu has joined #openstack-keystone01:35
notmorganayoung: i am against a "config" option to change the behavior01:39
notmorganayoung: that really is not solving a clear use-case nor providing good interoperability01:39
jamielennoxlaunchpad is missing a "what was that bug i commented on yesterday" style view01:39
*** mylu has quit IRC01:39
notmorganayoung: so either we change "disabled" or we do a new "state" if this is something to be considered01:40
*** josecastroleon has quit IRC01:40
notmorganmore config options to change behavior is a bad idea.01:40
notmorganimo01:40
*** roxanaghe has joined #openstack-keystone01:41
*** su_zhang has joined #openstack-keystone01:43
*** roxanaghe has quit IRC01:46
*** dims has joined #openstack-keystone01:49
jamielennoxlove a good: msg: exception: Code should never reach here01:50
jamielennoxsuper helpful01:50
openstackgerritDave Chen proposed openstack/keystonemiddleware: Deprecate class AuthTokenPlugin properly  https://review.openstack.org/22050901:52
*** jasonsb has quit IRC02:02
*** jmccrory has joined #openstack-keystone02:08
*** mylu has joined #openstack-keystone02:11
*** su_zhang has quit IRC02:11
*** mylu has quit IRC02:20
*** mylu has joined #openstack-keystone02:21
*** mylu has quit IRC02:23
*** mylu has joined #openstack-keystone02:25
dolphmjamielennox: that's like a git blame | kickme02:32
jamielennoxit's via ansible modules, i'm not even sure where it's coming from02:33
dolphmjamielennox: not openstack-ansible, i hope?02:34
jamielennoxi don't think so02:34
jamielennoxno it seems to happen when doing keystone_user without a tenant=02:34
jamielennoxi guess noone thought of that as something you might do02:35
jamielennoxditching the whole lot and doing it with commands to openstackclient02:35
*** GB21 has joined #openstack-keystone02:35
*** spandhe has quit IRC02:35
jamielennoxdolphm: i didn't see anywhere openstack-ansible-modules let you do anything v3? is that a possibility or just not done via module02:36
dolphmjamielennox: like? i'm pretty sure openstack-ansible does everything with v302:39
jamielennoxdolphm: i'm doing my own playbooks, just want to use the helpers so was only looking at https://github.com/openstack-ansible/openstack-ansible-modules02:39
*** roxanaghe has joined #openstack-keystone02:43
*** lhcheng has joined #openstack-keystone02:45
*** ChanServ sets mode: +v lhcheng02:45
*** btully has quit IRC02:45
*** zqfan_afk has quit IRC02:46
*** tellesnobrega is now known as tellesnobrega_af02:46
*** tellesnobrega_af is now known as tellesnobrega02:46
*** roxanaghe has quit IRC02:48
*** lhcheng has quit IRC02:59
*** tobe has joined #openstack-keystone03:27
*** jasonsb has joined #openstack-keystone03:27
*** mylu_ has joined #openstack-keystone03:29
*** mylu has quit IRC03:33
*** mylu_ has quit IRC03:33
*** mylu has joined #openstack-keystone03:34
*** jasonsb has quit IRC03:34
*** mylu has quit IRC03:38
*** yangyapeng has joined #openstack-keystone03:39
*** roxanaghe has joined #openstack-keystone03:45
*** btully has joined #openstack-keystone03:46
*** roxanaghe has quit IRC03:50
*** btully has quit IRC03:51
*** markvoelker has quit IRC03:54
*** tellesnobrega is now known as tellesnobrega_af03:56
*** tellesnobrega_af is now known as tellesnobrega03:57
*** r-daneel has quit IRC03:58
*** zqfan_afk has joined #openstack-keystone03:58
*** spandhe has joined #openstack-keystone04:01
*** flwang has quit IRC04:03
openstackgerritJamie Lennox proposed openstack/keystone: Exclude old Shibboleth options from docs  https://review.openstack.org/24186304:05
*** tellesnobrega is now known as tellesnobrega_af04:08
*** mylu has joined #openstack-keystone04:09
*** links has joined #openstack-keystone04:26
*** su_zhang has joined #openstack-keystone04:36
*** jasonsb has joined #openstack-keystone04:38
*** sileht has joined #openstack-keystone04:45
marekdjamielennox: yes it does.04:51
jamielennoxmarekd: i'm almost there04:51
marekdgood luck04:52
jamielennoxmarekd: there's a lot of difference between shib and mellon04:52
jamielennoxeven just in expectation04:52
marekdjamielennox: why do you prefer mellon ?04:53
jamielennoxmarekd: not necessarily a preference, just shib isn't shipped on rhel04:54
jamielennoxinteresting how they differ is all04:54
jamielennoxshib very much tries to be it's own application that happens to be launched by apache04:54
jamielennoxmellon is a more traditional apache auth module that does what it's told and is configured via apache conf04:55
*** markvoelker has joined #openstack-keystone04:55
marekdjamielennox: you mean because there is a shibd and mod_shib ?04:55
jamielennoxmarekd: can you launch shibd seperate to mod_shib?04:55
jamielennoxeverything is happening via apache atm04:55
marekdjamielennox: not sure if I can but AFAIR arch is that there is a shibd daemon that does the work.04:56
marekdjamielennox: in fact it would be good if I could04:56
jamielennoxyea,04:56
jamielennoxand there is an /etc/init.d/shibd as well04:56
marekdjamielennox: why should I limit myself to Apache only?04:56
jamielennox /etc/init.d feels ancient after using systemd for a while04:56
marekdall this Apache stuff and static config files is just big lol04:56
jamielennoxyea, it's just how i've done it - i'm seeing some reasons you did things certain ways that shib supports better04:57
marekdif you have a system with systemd you will still have /etc/init.d/shibd ?04:58
marekdjamielennox: i often think saml and anything OSS that implements it doesn't really keep up with todays technology...04:59
marekdseriously.04:59
marekdand requirements for scalability and all this stuff.04:59
jamielennoxmarekd: i don't know, currently i've only got access to a ubuntu vm so i'm having to learn shib04:59
jamielennoxand remember all the quirks between the two04:59
marekdjamielennox: so you are configuring shibd to work with testshib or mellon ?05:00
*** markvoelker has quit IRC05:00
jamielennoxshibd with testshib05:00
jamielennoxi tried to point mellon at it and it just doesn't work05:00
jamielennoxthe configuration that shibd/testshib are exchanging is not just saml metadata05:00
marekdjamielennox: it should be.05:01
marekdwhat do you mean not just saml metadata?05:01
jamielennoxmarekd: underlying it should be, but the config they are doing with each other expects shib config05:01
jamielennoxie dynamic fetching of metadata05:01
jamielennoxumm05:01
jamielennoxthe testshib registration config05:01
marekdjamielennox: hm, it should be a SP metadata05:02
jamielennoxit was just painful to try and get it working with mellon05:02
*** su_zhang has quit IRC05:02
marekdjamielennox: why are saml2 plugins not listed here ? https://review.openstack.org/#/c/238549/8/setup.cfg05:03
marekdjamielennox: because they are experimental or whatever?05:03
jamielennoxmarekd: i've imported them as private because a) i want to fix them up a bit b) they don't work05:04
jamielennoxi get some problem with passing args to __init__ failure when i try to load them05:04
jamielennoxso i'm importing them as private until that can all be fixed05:04
marekdjamielennox: what's not working?05:05
marekdjamielennox: so there was that thing with lazy importer05:05
marekdjamielennox: which got eventually removed05:05
jamielennoxi'm not sure, it was just telling me that the options weren't being passed to __init__ correctly05:06
jamielennoxi wanted to import as is for now and fix in place05:06
marekdjamielennox: is it going to work somehow with OSC without entrypoints?05:06
jamielennoxmarekd: no it will need the entry points05:06
jamielennoxbut i want to get it working first05:07
marekdjamielennox: short term (make fixes to the patch) or make requests_saml2 ?05:07
jamielennoxmarekd: short term i want to get it in and get it working, fairly short term i want to refactor the ECP bit into a requests plugin, longer term i want to put that requests plugin in an upstream repo05:08
jamielennoxthe requests plugin can always live in our repo for a wihle05:08
marekdjamielennox: yes.05:09
marekdwhat was the change required to make it work as a requests_plugin ?05:09
marekdworkaround on 30x redirects ?05:09
jamielennoxmarekd: there's a fair bit of restructuring. you can look at the requests docs for how their auth plugins work, or look at like requests-kerberos to see how they handle plugins05:10
jamielennoxthey didn't show a lot, i found another plugin that had lots more detail to it just on github somewhere, i've forgotten the name05:10
jamielennoxbut you can search for examples05:10
jamielennoxmarekd: does shib fail if you don't use ssl?05:10
jamielennoxStatus: urn:oasis:names:tc:SAML:2.0:status:Responder05:10
jamielennoxMessage: Unable to encrypt assertion05:10
marekdshib-keygen -y <num of years>05:11
marekddid you call it?05:11
marekdit shouldn't fail if you configure it with http05:11
jamielennoxyea05:11
marekdneed to check logs then05:15
jamielennoxmarekd: there's no keys in the metadata i provide to testshib05:15
jamielennoxis that right?05:15
marekdjamielennox: no.05:18
marekdjamielennox: hm, rerun shib-keygen, maybe restart shibd and apache05:18
marekdand see if the key is there05:18
jamielennoxoh, i think maybe i've got the permissions set up wrong05:18
marekd(in the metadata)05:18
jamielennoxi've got the key owned by keystone05:18
marekdah05:18
marekdso it's probably there05:19
marekdi suggest opening another terminal and tail -f /var/log/shibboleth/*05:19
marekdor whatever the dir was05:19
jamielennoxmarekd: yea - i just found that folder, i was wondering why there was nothing in the apache logs05:19
marekd:-)05:20
marekdapache logs also have some shib related stuff.05:20
*** roxanaghe has joined #openstack-keystone05:20
jamielennoxhmm, no this is an identity provider error being returne d05:24
jamielennoxaha!05:25
jamielennoxok, i'm in05:27
jamielennoxmarekd: thanks05:27
*** roxanaghe has quit IRC05:41
*** spandhe has quit IRC05:42
*** fawadkhaliq has quit IRC05:43
marekdcongrats05:44
*** fawadkhaliq has joined #openstack-keystone05:44
jamielennoxthis gives me at least something to test the saml plugins against again05:45
*** btully has joined #openstack-keystone05:45
davechen1jamielennox: maybe the note could be kept there - https://review.openstack.org/#/c/24186305:53
*** jaosorior has joined #openstack-keystone05:53
davechen1jamielennox: i might be more clear why we do config as that under apache.05:54
davechen1s/i/it05:55
*** boris-42 has quit IRC05:58
*** fangzhou has quit IRC05:59
*** roxanaghe has joined #openstack-keystone06:03
*** akanksha_ has quit IRC06:08
openstackgerritHidekazu Nakamura proposed openstack/keystone: Update development environment set up doc  https://review.openstack.org/22302006:08
openstackgerritOpenStack Proposal Bot proposed openstack/keystone: Imported Translations from Zanata  https://review.openstack.org/23878906:13
*** mylu has quit IRC06:21
*** sileht has quit IRC06:25
*** fangzhou has joined #openstack-keystone06:27
*** fangzhou has quit IRC06:32
*** sileht has joined #openstack-keystone06:42
*** spandhe has joined #openstack-keystone06:47
*** henrynash has joined #openstack-keystone06:49
*** ChanServ sets mode: +v henrynash06:49
*** henrynash has quit IRC06:55
*** roxanaghe has quit IRC06:55
*** heha37 has joined #openstack-keystone06:56
*** markvoelker has joined #openstack-keystone06:56
*** hrou has quit IRC06:57
*** markvoelker has quit IRC07:01
*** heha37 has quit IRC07:02
*** heha37 has joined #openstack-keystone07:04
*** josecastroleon has joined #openstack-keystone07:06
*** fawadkhaliq has quit IRC07:14
*** sileht has quit IRC07:15
*** wanghua has quit IRC07:20
*** lsmola has joined #openstack-keystone07:20
*** wanghua has joined #openstack-keystone07:20
*** fawadkhaliq has joined #openstack-keystone07:29
*** fawadkhaliq has quit IRC07:36
*** fawadkhaliq has joined #openstack-keystone07:36
*** e0ne has joined #openstack-keystone07:51
*** jvarlamova has quit IRC07:53
*** zigo has quit IRC07:53
*** jamielennox is now known as jamielennox|away07:54
*** jamielennox|away is now known as jamielennox07:54
*** zigo has joined #openstack-keystone07:56
*** jamielennox is now known as jamielennox|away07:57
*** sileht has joined #openstack-keystone07:59
*** e0ne has quit IRC08:00
*** ntt has joined #openstack-keystone08:02
nttHi, I'm using kilo release of keystone and I'd like to use ssl, someone can help me?08:03
*** e0ne has joined #openstack-keystone08:04
*** btully has quit IRC08:07
*** shaleh has quit IRC08:07
marekdntt: Hi, where is the problem?08:08
nttwhich section of keystone.conf should I use for ssl?08:09
nttI'm using keystone with apache08:09
nttand I have a wsgi-keystone.conf in the apache config dir08:09
nttShould I just configure ssl in the apache config file or I have to modify some section in keystone.conf?08:10
*** jvarlamova has joined #openstack-keystone08:13
*** fawadkhaliq has quit IRC08:15
*** fawadkhaliq has joined #openstack-keystone08:15
*** openstackgerrit has quit IRC08:16
*** openstackgerrit has joined #openstack-keystone08:17
marekdntt: just configure ssl in apache08:17
marekdand make sure you use https instead of http.08:17
marekdapache will handle ssl stuff.08:18
*** josecastroleon has quit IRC08:20
*** fawadk has joined #openstack-keystone08:26
openstackgerritMarek Denis proposed openstack/keystone: Federation Identity Provider functional tests  https://review.openstack.org/20325808:29
*** fawadkhaliq has quit IRC08:29
openstackgerritMarek Denis proposed openstack/keystone: Functional tests for federation mapping CRUD  https://review.openstack.org/23157408:31
openstackgerritMarek Denis proposed openstack/keystone: Functional tests for federation protocols CRUD  https://review.openstack.org/23373308:31
*** gildub has quit IRC08:31
*** openstack has joined #openstack-keystone08:33
*** e0ne has quit IRC08:33
*** e0ne has joined #openstack-keystone08:34
nttmarekd: thanks... It seems to work.08:41
*** e0ne has quit IRC08:45
*** davechen1 has left #openstack-keystone08:45
*** EinstCrazy has quit IRC08:45
*** spandhe has quit IRC08:45
*** e0ne has joined #openstack-keystone08:46
*** e0ne has quit IRC08:48
*** EinstCrazy has joined #openstack-keystone08:50
*** fhubik has joined #openstack-keystone08:51
*** fhubik is now known as fhubik_brb08:52
*** jaosorior has quit IRC08:53
*** markvoelker has joined #openstack-keystone08:57
*** Nirupama has quit IRC08:57
*** spandhe has joined #openstack-keystone08:57
*** josecastroleon has joined #openstack-keystone09:00
*** markvoelker has quit IRC09:01
*** gildub has joined #openstack-keystone09:06
*** jaosorior has joined #openstack-keystone09:09
*** browne has quit IRC09:09
*** jistr has joined #openstack-keystone09:24
*** urulama has quit IRC09:24
*** urulama has joined #openstack-keystone09:25
marekdntt: coolio :-)09:25
openstackgerritMarek Denis proposed openstack/keystone: Functional tests for federation protocols CRUD  https://review.openstack.org/23373309:26
nttmarekd: next step is ssl with swift..... It seems more difficult because I have to use stud, pound or similar. Have you some advise?09:27
marekdwhat's stud or pound ?09:27
ntthttps://github.com/bumptech/stud09:28
nttI'd like to have an ssl endpoint for swift proxy09:28
marekdso try without proxy dfor now09:29
marekdand make sure it works correctly with ssl09:29
marekdi'd start with a simplified use case09:29
nttI'm using swift without ssl and it works well. With ssl, it seems that swift-proxy doesn't support ssl, so I have to use stud. Right?09:30
marekdi don't know whether swift-proxy supports ssl or not09:31
marekdi suggest asking swift guys.09:31
nttok09:31
nttthanks09:31
marekdyw09:31
*** spandhe has quit IRC09:36
*** hidekazu has quit IRC09:42
*** e0ne has joined #openstack-keystone09:53
*** markvoelker has joined #openstack-keystone09:57
*** browne has joined #openstack-keystone09:58
*** jamielennox|away is now known as jamielennox10:01
*** markvoelker has quit IRC10:02
*** browne has quit IRC10:03
*** heha37 has quit IRC10:06
*** fhubik_brb is now known as fhubik10:06
*** fawadk has quit IRC10:10
*** yangyapeng has quit IRC10:14
*** EinstCrazy has quit IRC10:20
*** fhubik is now known as fhubik_brb10:24
*** pnavarro has joined #openstack-keystone10:28
*** GB21 has quit IRC10:37
*** GB21 has joined #openstack-keystone10:38
*** fhubik_brb is now known as fhubik10:38
*** Nirupama has joined #openstack-keystone10:39
*** henrynash has joined #openstack-keystone10:41
*** ChanServ sets mode: +v henrynash10:41
*** gildub has quit IRC10:43
*** lhcheng has joined #openstack-keystone10:45
*** ChanServ sets mode: +v lhcheng10:45
*** EinstCrazy has joined #openstack-keystone10:48
*** Nirupama has quit IRC10:49
*** fhubik is now known as fhubik_brb10:58
*** fhubik_brb is now known as fhubik10:58
*** jerrygb has joined #openstack-keystone10:58
*** henrynash has quit IRC10:59
*** urulama has quit IRC11:00
*** urulama has joined #openstack-keystone11:01
*** fhubik is now known as fhubik_brb11:03
*** fhubik_brb is now known as fhubik11:10
*** tellesnobrega_af is now known as tellesnobrega11:11
*** markvoelker has joined #openstack-keystone11:13
samueldmqmorning all11:15
*** markvoelker has quit IRC11:18
*** ajaya has joined #openstack-keystone11:18
*** akanksha_ has joined #openstack-keystone11:30
*** ajaya has quit IRC11:35
*** josecastroleon has quit IRC11:36
openstackgerritHenrique Truta proposed openstack/keystone: Constraint to prevent duplicates endpoints  https://review.openstack.org/13409511:43
openstackgerritHenrique Truta proposed openstack/keystone: Change endpoint.url column type to String  https://review.openstack.org/24174811:43
*** ajaya has joined #openstack-keystone11:48
*** GB21 has quit IRC11:56
*** ajaya has quit IRC12:01
*** pnavarro_ has joined #openstack-keystone12:08
*** pnavarro has quit IRC12:10
*** jerrygb has quit IRC12:10
*** raildo-afk is now known as raildo12:15
openstackgerritMerged openstack/keystone: Get user role without project id is not implemented  https://review.openstack.org/23765812:16
*** fhubik is now known as fhubik_brb12:18
*** dims_ has joined #openstack-keystone12:22
*** dims has quit IRC12:25
*** sileht has quit IRC12:28
*** josecastroleon has joined #openstack-keystone12:33
*** topol has joined #openstack-keystone12:35
*** ChanServ sets mode: +v topol12:35
*** pgreg has joined #openstack-keystone12:37
*** topol has quit IRC12:38
*** sileht has joined #openstack-keystone12:39
openstackgerritAlexander Makarov proposed openstack/keystone-specs: Unified delegation spec  https://review.openstack.org/18981612:40
openstackgerritAlexander Makarov proposed openstack/keystone-specs: Unified delegation spec  https://review.openstack.org/18981612:40
*** fhubik_brb is now known as fhubik12:41
*** daemontool has quit IRC12:49
*** lhcheng has quit IRC12:51
*** jistr has quit IRC12:52
*** su_zhang has joined #openstack-keystone12:59
*** woodster_ has joined #openstack-keystone13:02
*** tobe has quit IRC13:03
*** jamielennox is now known as jamielennox|away13:08
*** tobe has joined #openstack-keystone13:10
*** jistr has joined #openstack-keystone13:11
*** jerrygb has joined #openstack-keystone13:11
*** gb21 has joined #openstack-keystone13:12
*** gordc has joined #openstack-keystone13:14
*** markvoelker has joined #openstack-keystone13:14
*** tobe has quit IRC13:14
*** pnavarro_ has quit IRC13:14
*** gb21 has quit IRC13:14
*** tobe has joined #openstack-keystone13:14
*** GB21 has joined #openstack-keystone13:15
*** jerrygb has quit IRC13:16
*** fhubik is now known as fhubik_brb13:17
*** markvoelker_ has joined #openstack-keystone13:18
*** markvoelker has quit IRC13:18
*** tobe has quit IRC13:19
*** GB21 has quit IRC13:19
*** tobe has joined #openstack-keystone13:20
*** jsavak has joined #openstack-keystone13:22
*** tobe has quit IRC13:25
*** sweetJeebus has joined #openstack-keystone13:25
sweetJeebusgood morning y'all13:27
*** pnavarro_ has joined #openstack-keystone13:28
*** topol has joined #openstack-keystone13:30
*** ChanServ sets mode: +v topol13:30
sweetJeebusI was hoping someone could help point me at some info. I've been digging around for details on converting a v2 api keystone installation to v3. I'm not finding much that is current, so perhaps I'm just not looking in the right place? What I do find is some instructions on manually manipulating the db entries to s/v2/v3/ in the service lists. That sort of thing. Is this still the most current way of making the change?13:31
*** NM has quit IRC13:33
*** edmondsw has joined #openstack-keystone13:34
*** hrou has joined #openstack-keystone13:34
*** topol has quit IRC13:40
*** fhubik_brb is now known as fhubik13:42
*** topol has joined #openstack-keystone13:43
*** ChanServ sets mode: +v topol13:43
*** topol has quit IRC13:43
*** topol has joined #openstack-keystone13:43
*** ChanServ sets mode: +v topol13:43
*** topol has quit IRC13:43
*** c_soukup has joined #openstack-keystone13:45
*** sweetJeebus has quit IRC13:45
*** ajaya has joined #openstack-keystone13:52
*** richm has joined #openstack-keystone13:55
samueldmqhtruta: raildo ping - about change #241748, what's wrong with making a TEXT type unique ?13:56
*** jaosorior has quit IRC13:57
htrutasamueldmq: dave chen explains it here: https://review.openstack.org/#/c/134095/3/keystone/catalog/backends/sql.py13:57
*** jaosorior has joined #openstack-keystone13:58
raildohtruta: ++13:58
*** c_soukup has quit IRC13:58
*** daemontool has joined #openstack-keystone13:59
*** links has quit IRC14:01
samueldmqhtruta: raildo nice. could (service_id, region_id, interface) be enough for that constraint ?14:02
raildolbragstad: told for us in a previous patch that we really need add url in the constraint14:03
samueldmqhtruta: raildo: it would even be more accurate imo, because an endpoint shouldn't be able to have 2 url's for the same interface14:03
raildosamueldmq: let me found the comment14:03
*** jerrygb has joined #openstack-keystone14:04
samueldmqraildo: yes, please :)14:04
raildosamueldmq: https://review.openstack.org/#/c/134095/6/keystone/catalog/backends/sql.py14:05
htrutasamueldmq: in the bug description someone also says that the ideal constraint contains url14:05
htrutawe can have more than one url to an endpoint14:06
samueldmqhtruta: for the same interface ?14:06
*** NM has joined #openstack-keystone14:06
* samueldmq is looking lbragstad's comment in there14:07
*** ninag has joined #openstack-keystone14:08
*** david-lyle has joined #openstack-keystone14:08
htrutasamueldmq: maybe it was discussed here in irc, look at the bug page discussion too14:10
samueldmqhtruta: raildo: k will look, thanks14:12
*** gordc has quit IRC14:15
*** daemontool has quit IRC14:15
*** daemontool has joined #openstack-keystone14:16
*** topol has joined #openstack-keystone14:17
*** ChanServ sets mode: +v topol14:17
*** topol has quit IRC14:23
*** jaosorior has quit IRC14:26
*** thiagop has joined #openstack-keystone14:26
*** jaosorior has joined #openstack-keystone14:26
*** dims has joined #openstack-keystone14:40
*** miguelgrinberg has quit IRC14:41
*** dims_ has quit IRC14:43
*** ajaya has quit IRC14:44
*** _elmiko has quit IRC14:44
*** rha has quit IRC14:44
*** GB21 has joined #openstack-keystone14:45
*** _elmiko has joined #openstack-keystone14:45
*** tjcocozz has quit IRC14:46
*** petertr7_away is now known as petertr714:46
*** ajaya has joined #openstack-keystone14:47
*** miguelgrinberg has joined #openstack-keystone14:47
*** tjcocozz has joined #openstack-keystone14:47
*** iurygregory has quit IRC14:48
*** rha has joined #openstack-keystone14:48
*** iurygregory has joined #openstack-keystone14:49
*** dims has quit IRC14:53
openstackgerritLance Bragstad proposed openstack/keystone-specs: Add even more clarity to scope docs  https://review.openstack.org/22994914:57
lbragstaddstanek mind revisiting https://review.openstack.org/#/c/215212/ and https://review.openstack.org/#/c/215715/ when you get a chance? I think you're comments were addressed.15:00
*** tonytan4ever has joined #openstack-keystone15:04
dstaneklbragstad: sure15:05
*** david-lyle has quit IRC15:06
*** btully has joined #openstack-keystone15:10
*** pumaranikar has joined #openstack-keystone15:12
*** GB21 has quit IRC15:15
lbragstaddstanek thanks!15:16
lbragstadbknudson should we not worry about backporting this to kilo? https://review.openstack.org/#/c/236083/15:19
lbragstadbknudson do you think we need to?15:19
bknudsonlbragstad: if there's nothing that depends on it then there's no reason to backport it.15:19
lbragstadbknudson makes sense, it's just a rename anyway15:20
bknudsonI thought it was proposed as a backport because it made a fix easier to backport?15:20
lbragstadbknudson I'm double checking that now15:21
lbragstadbknudson working through that chain15:21
lbragstadbknudson what other review were you referencing in your comment here - https://review.openstack.org/#/c/221799/ ?15:23
bknudsonmust have been related to "backport proposed - https://review.openstack.org/#/c/236071/"15:24
*** doug-fish has joined #openstack-keystone15:24
*** markvoelker has joined #openstack-keystone15:30
*** markvoelker_ has quit IRC15:31
*** NM has quit IRC15:31
*** NM has joined #openstack-keystone15:34
*** phalmos has joined #openstack-keystone15:35
*** markvoelker_ has joined #openstack-keystone15:35
lbragstadbknudson done - https://review.openstack.org/#/c/221799/215:35
openstackgerritTom Cocozzello proposed openstack/keystonemiddleware: Define entry points for filter factories for Paste Deployment  https://review.openstack.org/23383915:36
*** GB21 has joined #openstack-keystone15:36
bknudsonlbragstad: still lots of conflicts15:36
bknudsonwhy so many conflicts?15:36
bknudsonare we adding tons of new features to fernet tokens?15:37
*** markvoelker has quit IRC15:37
*** c_soukup has joined #openstack-keystone15:44
*** fhubik has quit IRC15:45
*** urulama has quit IRC15:46
*** urulama has joined #openstack-keystone15:46
*** GB21 has quit IRC15:47
*** ayoung_ has joined #openstack-keystone15:49
dhellmannbknudson : do we still need to block these keystone libs in liberty? https://review.openstack.org/#/c/235923/15:50
*** c_soukup has quit IRC15:51
bknudsondhellmann: those releases still contain bad requirements, and we don't want packagers to use them so I think they should be blocked.15:52
*** jistr is now known as jistr|afkmtg15:53
*** GB21 has joined #openstack-keystone15:55
*** chrisshattuck has joined #openstack-keystone15:55
*** pumaranikar has quit IRC15:55
*** pumaranikar has joined #openstack-keystone15:55
*** topol has joined #openstack-keystone16:02
*** ChanServ sets mode: +v topol16:02
*** pumaranikar has quit IRC16:04
openstackgerritLance Bragstad proposed openstack/keystone: Deprecate the pki and pkiz token providers.  https://review.openstack.org/24138916:06
*** pumaranikar has joined #openstack-keystone16:08
lbragstadbknudson no, i don't think we did, i think it was just a big sequence of fixes?16:10
*** ayoung_ has quit IRC16:11
bknudsonlbragstad: then there shouldn't be conflicts when backporting16:11
*** chrisshattuck has quit IRC16:11
*** jerrygb has quit IRC16:13
*** jerrygb has joined #openstack-keystone16:15
*** browne has joined #openstack-keystone16:19
*** urulama has quit IRC16:22
*** urulama has joined #openstack-keystone16:23
lbragstaddolphm ayoung  for the conversion from mysql `datetime` to `int`, we determined that we wouldn't need a spec, right?16:24
ayounglbragstad, I never think we need a spec16:24
ayoungspecs are dumb16:24
dolphmlbragstad: i don't think so - don't we already have an open bug?16:25
ayounglbragstad, so...it does not change the API.  Right?16:25
ayoungWe are going to change the DB column and the mechanism for comparison.16:25
ayoungembedding the sub-second section in the token body should be a non-user-visible change16:26
ayoungI think we are OK without a spec, and just used the bug report.16:26
lbragstadayoung the api responses will come back with sub-second precision, but that will happen when we have the change to fernet land16:26
*** c_soukup has joined #openstack-keystone16:26
ayoungthat is still inside the token spec, though, as the UUID and PKI tokens do that now, right?16:26
lbragstadright16:29
dolphmlbragstad: pretty sure the v3 doc mandates subsecond precision everywhere, unless you document an exception. does the revoke API document it otherwise?16:29
lbragstaddolphm yep, you're right.16:29
lbragstaddolphm i meant the return of sub-second precision that isn't .000000Z16:30
lbragstadso, no16:30
lbragstadno api changes16:30
dolphmlbragstad: ++ agree16:30
lbragstadthis is the only bug that I could find related to it - https://bugs.launchpad.net/keystone/+bug/145979016:30
openstackLaunchpad bug 1459790 in OpenStack Identity (keystone) kilo "With fernet tokens, validate token loses the ms on 'expires' value " [Medium,Fix released] - Assigned to Dolph Mathews (dolph)16:30
lbragstadand that is closed16:30
lbragstador 'Fix Released'16:31
*** jerrygb has quit IRC16:31
*** jerrygb has joined #openstack-keystone16:31
lbragstadso, should we open a new bug that is specific to supporting accurate sub-second precision in fernet's creation timestamp?16:31
dolphmlbragstad: that's with regard to a different timestamp though16:31
lbragstadcorrect16:31
lbragstadi think we should open a new bug16:31
dolphmlbragstad: but you're not concerned about the creation timestamp, right? you're concerned about the revocation event timestamp16:32
lbragstadyes16:32
lbragstadwell.. yes, having subsecond support in sql will get us part of the way there.16:32
lbragstadthe other half would be getting sub-second accuracy in fernet's creation timestamp16:33
lbragstadso, a new bug specific to getting sub-second accuracy in sql16:33
lbragstadand a bug specific to getting sub-second accuracy in fernet's creation timestamp16:33
dolphmlbragstad: agree. i was handling that bit as part of the "tempest is failing" bug, but more specific bugs would make sense at this point i think16:33
lbragstaddolphm makes sense, i'll create both of those then16:34
dolphmlbragstad: this might be a migration worth backporting, too16:34
dolphmlbragstad: which i think would be a first for us16:34
lbragstaddolphm  the 'tempest is failing' bug should be closed out (temporarily) by https://review.openstack.org/#/c/231191/16:35
dolphmlbragstad: ooh, right16:35
dolphmlbragstad: then yes, we definitely need new bugs to work against16:35
lbragstaddolphm yep, i have odyssey4me on the schedule for the next keystone meeting to get operator feedback16:35
dolphmbecause we have at least 2 more related changes to keystone16:35
dolphmlbragstad: on?16:35
lbragstaddolphm the migration from datetime to int16:36
lbragstadwe were talking about it a bit at the summit and he was interested16:36
*** chrisshattuck has joined #openstack-keystone16:36
dolphmmarekd: when are we going to support defederation? i just like the word and i think we should support that word16:36
dolphmlbragstad: cool16:37
*** phalmos has quit IRC16:46
lbragstaddolphm sub-second accuracy support for sql - https://bugs.launchpad.net/keystone/+bug/151353816:46
openstackLaunchpad bug 1513538 in OpenStack Identity (keystone) "Remove SQL's datetime format inplace of integer timestamps" [Undecided,New]16:46
lbragstadsub-second accuracy support for fernet's creation timestamp - https://bugs.launchpad.net/keystone/+bug/151354116:46
openstackLaunchpad bug 1513541 in OpenStack Identity (keystone) "Support sub-second accuracy in Fernet's creation timestamp" [Undecided,New]16:46
*** phalmos has joined #openstack-keystone16:47
openstackgerritDarren Shaw proposed openstack/keystone: Correct description in Keystone key_terms  https://review.openstack.org/24215516:48
dolphmlbragstad: amended description with a citation16:49
*** arunkant_ has joined #openstack-keystone16:49
*** wanghua_ has joined #openstack-keystone16:50
lbragstaddolphm thanks16:50
*** jgriffith has joined #openstack-keystone16:51
*** jgriffith is now known as Guest8804716:51
*** odyssey4me_ has joined #openstack-keystone16:51
*** toddnni_ has joined #openstack-keystone16:51
*** haneef_ has joined #openstack-keystone16:51
*** alex_xu_ has joined #openstack-keystone16:51
*** su_zhang has quit IRC16:52
*** _hrou_ has joined #openstack-keystone16:52
*** thiagop_ has joined #openstack-keystone16:52
*** wanghua has quit IRC16:52
*** jaosorior_ has joined #openstack-keystone16:52
*** Daviey_ has joined #openstack-keystone16:54
*** gb21_ has joined #openstack-keystone16:54
*** hrou has quit IRC16:54
*** ktychkova_ has joined #openstack-keystone16:56
*** jsavak has quit IRC16:58
*** e0ne has quit IRC16:58
*** Alexander has joined #openstack-keystone16:59
*** jbell8 has joined #openstack-keystone16:59
*** Alexander is now known as Guest921817:00
*** esp_ has joined #openstack-keystone17:00
*** dhellmann_ has joined #openstack-keystone17:00
*** tsufiev_ has joined #openstack-keystone17:00
*** tsufiev has quit IRC17:00
*** arif-ali_ has joined #openstack-keystone17:00
*** cburgess_ has joined #openstack-keystone17:00
*** chrissha_ has joined #openstack-keystone17:01
*** chrissha_ has quit IRC17:01
*** Guest9218 has quit IRC17:01
*** sirushti_ has joined #openstack-keystone17:01
*** chrissha_ has joined #openstack-keystone17:02
*** lsmola has quit IRC17:02
*** pushkaru has joined #openstack-keystone17:02
*** pumaranikar has quit IRC17:02
*** jsavak has joined #openstack-keystone17:03
*** chrisshattuck has quit IRC17:04
*** GB21 has quit IRC17:04
*** jaosorior has quit IRC17:04
*** thiagop has quit IRC17:04
*** ericksonsantos has quit IRC17:04
*** alex_xu has quit IRC17:04
*** Guest90242 has quit IRC17:04
*** ktychkova has quit IRC17:04
*** haneef has quit IRC17:04
*** dhellmann has quit IRC17:04
*** amakarov has quit IRC17:04
*** arif-ali has quit IRC17:04
*** andrewbogott has quit IRC17:04
*** toddnni has quit IRC17:04
*** odyssey4me has quit IRC17:04
*** cburgess has quit IRC17:04
*** svasheka has quit IRC17:04
*** Daviey has quit IRC17:04
*** esp has quit IRC17:04
*** sirushti has quit IRC17:04
*** sirushti_ is now known as sirushti17:04
*** arif-ali_ is now known as arif-ali17:04
*** toddnni_ is now known as toddnni17:04
*** svasheka has joined #openstack-keystone17:05
*** dhellmann_ is now known as dhellmann17:05
*** mylu has joined #openstack-keystone17:05
*** ericksonsantos has joined #openstack-keystone17:05
*** agireud has quit IRC17:05
*** amakarov has joined #openstack-keystone17:05
*** agireud has joined #openstack-keystone17:07
*** mylu has quit IRC17:11
*** josecastroleon has quit IRC17:13
*** andrewbogott has joined #openstack-keystone17:13
*** jistr|afkmtg is now known as jistr17:14
*** andrewbogott has quit IRC17:14
*** andrewbogott has joined #openstack-keystone17:14
*** arunkant_ has quit IRC17:16
*** arunkant_ has joined #openstack-keystone17:19
*** mylu has joined #openstack-keystone17:32
*** e0ne has joined #openstack-keystone17:41
ayoungSo...I was looking in to supporting Basic_Auth as a Federation mechanism.  Apache mod_authn_dbd is not there, yet, as it only supports sha1, not sha512.  And that would still not give us the group list.  Does it make sense to create a custom  middleware/filter  that could go in front of OS-FEDERATION that could handle basic-auth?  And, if so, how do we make sure it does not get triggered by the non-Basic_auth paths in ap17:42
ayoungache (short of making sure apache has valid_user-required)17:42
openstackgerritTom Cocozzello proposed openstack/keystonemiddleware: Define entry points for filter factories for Paste Deployment  https://review.openstack.org/23383917:46
*** e0ne has quit IRC17:51
*** jbell8 has quit IRC17:53
*** thiagop_ is now known as thiagop17:53
*** jbell8 has joined #openstack-keystone17:54
*** e0ne has joined #openstack-keystone17:54
*** kfox1111_ is now known as kfox111117:55
*** mylu has quit IRC17:56
*** mylu has joined #openstack-keystone17:56
*** e0ne has quit IRC17:56
*** jbell8 has quit IRC17:58
*** mylu has quit IRC17:59
*** mylu has joined #openstack-keystone17:59
*** chrissha_ has quit IRC18:00
*** chrisshattuck has joined #openstack-keystone18:00
*** jistr has quit IRC18:00
*** spandhe has joined #openstack-keystone18:02
*** chrisshattuck has quit IRC18:02
*** pnavarro_ has quit IRC18:03
*** jsavak has quit IRC18:03
*** jsavak has joined #openstack-keystone18:04
*** e0ne has joined #openstack-keystone18:04
*** browne has quit IRC18:05
*** pgreg has quit IRC18:05
openstackgerritMerged openstack/keystone-specs: Add even more clarity to scope docs  https://review.openstack.org/22994918:06
*** mylu has quit IRC18:06
*** mylu has joined #openstack-keystone18:07
*** mylu has quit IRC18:07
*** e0ne has quit IRC18:08
*** mylu has joined #openstack-keystone18:08
*** daemontool has quit IRC18:09
*** mylu has quit IRC18:11
*** mylu has joined #openstack-keystone18:11
*** gordc has joined #openstack-keystone18:13
*** roxanaghe has joined #openstack-keystone18:15
*** henrynash has joined #openstack-keystone18:16
*** ChanServ sets mode: +v henrynash18:16
*** su_zhang has joined #openstack-keystone18:20
*** tonytan4ever has quit IRC18:23
openstackgerritRaildo Mascena de Sousa Filho proposed openstack/keystone: Translation-friendly formatting of msg string  https://review.openstack.org/24031618:24
*** jbell8 has joined #openstack-keystone18:25
*** jsavak has quit IRC18:29
*** mylu has quit IRC18:31
*** mylu has joined #openstack-keystone18:32
*** henrynash has quit IRC18:34
*** mylu has quit IRC18:36
*** jsavak has joined #openstack-keystone18:37
*** petertr7 is now known as petertr7_away18:37
*** jasonsb has quit IRC18:38
*** doug-fis_ has joined #openstack-keystone18:42
*** doug-fish has quit IRC18:45
*** rdo has quit IRC18:45
*** rdo has joined #openstack-keystone18:46
*** tonytan4ever has joined #openstack-keystone18:47
*** mylu has joined #openstack-keystone18:50
*** browne has joined #openstack-keystone18:50
*** mylu has quit IRC18:54
*** jbell8 has quit IRC18:54
*** jbell8_ has joined #openstack-keystone18:54
*** shaleh has joined #openstack-keystone18:55
*** jerrygb has quit IRC18:57
*** jerrygb has joined #openstack-keystone18:58
*** akanksha_ has quit IRC18:58
*** ninag has quit IRC19:01
*** ninag has joined #openstack-keystone19:01
*** jerrygb has quit IRC19:03
*** ninag_ has joined #openstack-keystone19:03
*** ankita_wagh has joined #openstack-keystone19:03
*** ninag has quit IRC19:05
*** ninag has joined #openstack-keystone19:06
*** ninag_ has quit IRC19:07
*** _hrou_ is now known as hrou19:19
*** jasonsb has joined #openstack-keystone19:24
*** shaleh is now known as shaleh_afk19:26
*** fawadkhaliq has joined #openstack-keystone19:27
*** ankita_wagh has quit IRC19:30
*** ankita_wagh has joined #openstack-keystone19:30
*** petertr7_away is now known as petertr719:34
*** ninag has quit IRC19:40
*** ninag has joined #openstack-keystone19:40
*** ninag has quit IRC19:41
*** ninag has joined #openstack-keystone19:41
*** ninag has quit IRC19:43
*** ninag has joined #openstack-keystone19:44
*** ninag has quit IRC19:45
*** ninag has joined #openstack-keystone19:46
*** c_soukup has quit IRC19:49
*** jerrygb has joined #openstack-keystone19:53
*** jsavak has quit IRC19:58
*** jsavak has joined #openstack-keystone19:58
*** jaosorior_ has quit IRC19:58
*** jaosorior has joined #openstack-keystone20:00
*** ninag has quit IRC20:01
*** ninag has joined #openstack-keystone20:02
*** alejandrito has joined #openstack-keystone20:02
*** phalmos has quit IRC20:04
*** jaosorior has quit IRC20:04
*** doug-fis_ is now known as doug-fish20:05
*** ninag has quit IRC20:06
*** fawadkhaliq has quit IRC20:10
*** ninag has joined #openstack-keystone20:13
*** ninag has quit IRC20:18
*** ninag has joined #openstack-keystone20:18
*** dave-mccowan has joined #openstack-keystone20:19
*** ninag has quit IRC20:20
*** ninag has joined #openstack-keystone20:20
*** daemontool has joined #openstack-keystone20:22
*** MHeder has joined #openstack-keystone20:23
*** ankita_wagh has quit IRC20:24
*** ninag has quit IRC20:28
*** ninag has joined #openstack-keystone20:29
*** ninag has quit IRC20:33
*** ninag has joined #openstack-keystone20:35
*** ninag_ has joined #openstack-keystone20:36
MHederFYI: we have done some work on user/project provisioning for SAML+Keystone scenarios. Here is the white paper: http://arxiv.org/abs/1510.0401720:36
MHederAny comments are welcome20:36
*** ninag has quit IRC20:39
*** flwang has joined #openstack-keystone20:39
*** ninag_ has quit IRC20:40
samueldmqMHeder: nice, cc marekd ^20:41
*** phalmos has joined #openstack-keystone20:42
*** spandhe has quit IRC20:45
*** ankita_wagh has joined #openstack-keystone20:49
*** phalmos has quit IRC20:50
*** phalmos has joined #openstack-keystone20:50
*** ajaya has quit IRC20:57
*** mylu has joined #openstack-keystone20:57
*** mylu has quit IRC21:02
*** MHeder has quit IRC21:08
*** henrynash has joined #openstack-keystone21:08
*** ChanServ sets mode: +v henrynash21:08
*** mylu has joined #openstack-keystone21:09
*** NM has quit IRC21:09
*** mylu has quit IRC21:09
*** mylu has joined #openstack-keystone21:09
*** mylu has quit IRC21:15
*** mylu has joined #openstack-keystone21:16
*** flwang has quit IRC21:24
*** flwang has joined #openstack-keystone21:24
*** jbell8 has joined #openstack-keystone21:27
*** jbell8_ has quit IRC21:27
*** NM has joined #openstack-keystone21:27
*** phalmos has quit IRC21:30
openstackgerritRon De Rose proposed openstack/keystone: Limit the number of roles a user can be assigned within a project  https://review.openstack.org/23994821:31
*** ninag has joined #openstack-keystone21:38
*** NM has quit IRC21:40
*** thiagop has quit IRC21:40
*** NM has joined #openstack-keystone21:42
*** mylu has quit IRC21:43
*** mylu has joined #openstack-keystone21:43
*** mylu_ has joined #openstack-keystone21:46
*** pnavarro_ has joined #openstack-keystone21:47
*** mylu has quit IRC21:48
*** AJaeger has joined #openstack-keystone21:49
AJaegerkeystone cores, could you import translations again? Both for stable and liberty, please? These contain metadata changes -removal of an obsolete URL: https://review.openstack.org/238789 and https://review.openstack.org/23879021:49
*** su_zhang has quit IRC21:50
*** su_zhang has joined #openstack-keystone21:51
*** edmondsw has quit IRC21:52
*** pnavarro_ has quit IRC21:55
openstackgerritayoung proposed openstack/keystone-specs: is_admin_project  https://review.openstack.org/24223221:57
*** jsavak has quit IRC22:00
*** phalmos has joined #openstack-keystone22:02
*** AJaeger has quit IRC22:07
*** topol has quit IRC22:07
*** petertr7 is now known as petertr7_away22:07
*** ayoung has quit IRC22:08
*** mhu has quit IRC22:08
*** lhcheng has joined #openstack-keystone22:13
*** ChanServ sets mode: +v lhcheng22:13
*** mhu has joined #openstack-keystone22:14
*** mylu_ has quit IRC22:14
*** su_zhang has quit IRC22:16
*** su_zhang has joined #openstack-keystone22:16
*** petertr7_away is now known as petertr722:17
openstackgerritMerged openstack/keystone: Correct description in Keystone key_terms  https://review.openstack.org/24215522:17
*** mylu has joined #openstack-keystone22:20
*** daemontool has quit IRC22:21
*** urulama has quit IRC22:23
*** urulama has joined #openstack-keystone22:23
*** jbell8 has quit IRC22:27
*** gyee has joined #openstack-keystone22:32
*** ChanServ sets mode: +v gyee22:32
*** shaleh_afk is now known as shaleh22:32
shalehwhile gerrit is nice for hosting the review. the interface is not pleasant for discussing the review22:33
*** mylu has quit IRC22:34
*** mylu has joined #openstack-keystone22:34
*** mylu has quit IRC22:39
openstackgerritMerged openstack/keystone: Add caching to get_catalog  https://review.openstack.org/21521222:39
*** mylu has joined #openstack-keystone22:39
*** petertr7 is now known as petertr7_away22:40
*** mylu has quit IRC22:40
*** mylu has joined #openstack-keystone22:41
*** alejandrito has quit IRC22:41
*** jbell8 has joined #openstack-keystone22:41
*** jsavak has joined #openstack-keystone22:41
*** su_zhang has quit IRC22:42
*** mylu has quit IRC22:42
*** mylu has joined #openstack-keystone22:42
*** su_zhang has joined #openstack-keystone22:42
*** simondodsley has quit IRC22:44
*** simondodsley has joined #openstack-keystone22:45
*** tsymanczyk has quit IRC22:45
*** phalmos has quit IRC22:48
*** mylu has quit IRC22:50
*** tsymanczyk has joined #openstack-keystone22:50
*** dgonzalez has quit IRC22:51
*** tsymanczyk is now known as Guest2499522:51
openstackgerritLance Bragstad proposed openstack/keystone: Add caching to role assignments  https://review.openstack.org/21571522:52
*** mylu has joined #openstack-keystone22:57
*** su_zhang has quit IRC22:57
*** gyee has quit IRC22:57
*** urulama has quit IRC22:57
*** su_zhang has joined #openstack-keystone22:58
*** urulama has joined #openstack-keystone22:58
*** jamielennox|away is now known as jamielennox22:59
*** jsavak has quit IRC23:01
*** mylu has quit IRC23:02
samueldmqlbragstad: one more review there :-)23:03
*** mylu has joined #openstack-keystone23:04
*** dgonzalez has joined #openstack-keystone23:04
*** dgonzalez has quit IRC23:06
*** dgonzalez has joined #openstack-keystone23:07
*** jerrygb has quit IRC23:08
*** rmstar has quit IRC23:08
*** rmstar has joined #openstack-keystone23:08
*** pushkaru has quit IRC23:12
*** dgonzalez has quit IRC23:12
samueldmqwhen is keystone midcycle going to happen ?23:12
samueldmqdo we have any plans already ?23:12
*** dgonzalez has joined #openstack-keystone23:12
*** gildub has joined #openstack-keystone23:16
*** gyee has joined #openstack-keystone23:19
*** ChanServ sets mode: +v gyee23:19
*** sseago has quit IRC23:21
shalehre midcycle, April in Austin TX right?23:22
*** sseago has joined #openstack-keystone23:22
*** hrou has quit IRC23:25
*** jbell8 has quit IRC23:30
*** jerrygb has joined #openstack-keystone23:33
*** jbell8 has joined #openstack-keystone23:34
*** Guest24995 has quit IRC23:36
lhchengshaleh: that's the summit :)23:36
shalehlhcheng: ah right23:37
*** sseago has quit IRC23:37
lhchengmidcycle if its happen, would probably around jan or early feb23:37
lhchengdoesn't seem like we have a lot new features going on this cycle (mostly stabilization), not sure if we need a midcycle this time.23:39
*** jbell8 has quit IRC23:40
*** mylu has quit IRC23:44
*** mylu has joined #openstack-keystone23:44
shalehlhcheng: agreed23:46
*** daemontool has joined #openstack-keystone23:46
*** ninag has quit IRC23:49
*** mylu has quit IRC23:49
*** jerrygb_ has joined #openstack-keystone23:49
*** jerrygb has quit IRC23:50
openstackgerritSean Perry proposed openstack/keystone: Use unit.new_endpoint_ref consistently  https://review.openstack.org/23775823:51
*** tonytan4ever has quit IRC23:52
*** gordc has quit IRC23:56
*** jasonsb_ has joined #openstack-keystone23:57
*** mylu has joined #openstack-keystone23:57
« Wednesday, 2015-11-04 Index Friday, 2015-11-06 »

Generated by irclog2html.py 2.14.0 by Marius Gedminas - find it at mg.pov.lt!