Thursday, 2017-10-26

« Wednesday, 2017-10-25 Index Friday, 2017-10-27 »
*** links has joined #openstack-keystone00:23
*** namnh has joined #openstack-keystone00:55
*** dave-mccowan has quit IRC01:05
*** dave-mccowan has joined #openstack-keystone01:12
*** gvrangan has joined #openstack-keystone01:15
*** daidv has joined #openstack-keystone01:41
daidvlbragstad, hi, I have gone out the office when you ping me :D01:43
*** gvrangan has quit IRC01:49
*** wes_dillingham has quit IRC01:49
*** gus has quit IRC01:50
*** itlinux has joined #openstack-keystone01:51
*** AlexeyAbashkin has joined #openstack-keystone01:51
*** gus has joined #openstack-keystone01:51
*** gyee has quit IRC01:52
*** dikonoor has joined #openstack-keystone01:55
*** AlexeyAbashkin has quit IRC01:55
*** dikonoor has quit IRC02:01
*** spectr has quit IRC02:03
*** spectr has joined #openstack-keystone02:05
*** prashkre_ has joined #openstack-keystone02:08
*** aselius has quit IRC02:18
*** itlinux has quit IRC02:29
*** masuberu has quit IRC02:34
openstackgerritMerged openstack/keystone master: Partially clarify federation auth plugins  https://review.openstack.org/51396002:41
*** itlinux has joined #openstack-keystone02:45
*** itlinux has quit IRC02:48
*** prashkre_ has quit IRC02:49
*** prashkre_ has joined #openstack-keystone02:49
*** AlexeyAbashkin has joined #openstack-keystone02:51
*** itlinux has joined #openstack-keystone02:53
*** masber has joined #openstack-keystone02:55
*** AlexeyAbashkin has quit IRC02:55
*** masber has quit IRC02:57
*** masber has joined #openstack-keystone02:57
openstackgerritOpenStack Proposal Bot proposed openstack/pycadf master: Updated from global requirements  https://review.openstack.org/47013703:09
*** dave-mccowan has quit IRC03:10
openstackgerritOpenStack Proposal Bot proposed openstack/pycadf master: Updated from global requirements  https://review.openstack.org/47013703:11
*** annp has joined #openstack-keystone03:14
*** masber has quit IRC03:19
*** nicolasbock has quit IRC03:22
*** itlinux has quit IRC03:22
*** dikonoor has joined #openstack-keystone03:25
*** thorst has joined #openstack-keystone03:35
*** prashkre_ has quit IRC03:36
*** thorst has quit IRC03:41
*** AlexeyAbashkin has joined #openstack-keystone03:51
*** AlexeyAbashkin has quit IRC03:55
*** masber has joined #openstack-keystone04:02
*** masber has quit IRC04:04
*** masber has joined #openstack-keystone04:04
*** markvoelker has quit IRC04:23
*** prashkre has joined #openstack-keystone04:35
*** rmcallis has quit IRC04:41
*** rmcallis has joined #openstack-keystone04:44
*** prashkre has quit IRC04:50
*** dikonoor has quit IRC04:51
*** markvoelker has joined #openstack-keystone04:55
*** markvoelker has quit IRC05:24
*** markvoelker has joined #openstack-keystone05:24
*** markvoelker has quit IRC05:28
*** gvrangan has joined #openstack-keystone05:30
*** thorst has joined #openstack-keystone05:37
openstackgerritOpenStack Proposal Bot proposed openstack/pycadf master: Updated from global requirements  https://review.openstack.org/47013705:41
*** thorst has quit IRC05:41
*** gvrangan_odl has joined #openstack-keystone06:01
*** gvrangan has quit IRC06:01
*** AlexeyAbashkin has joined #openstack-keystone06:03
*** prashkre has joined #openstack-keystone06:04
*** AlexeyAbashkin has quit IRC06:19
*** josecastroleon has quit IRC06:19
*** zhangjl has quit IRC06:28
*** zhangjl has joined #openstack-keystone06:28
*** josecastroleon has joined #openstack-keystone06:36
*** josecastroleon has quit IRC06:37
openstackgerritOpenStack Proposal Bot proposed openstack/keystonemiddleware master: Imported Translations from Zanata  https://review.openstack.org/51452906:39
openstackgerritAbhishek Sharma M proposed openstack/keystonemiddleware master: Changed LOG type from warning to debug  https://review.openstack.org/51529106:40
*** josecastroleon has joined #openstack-keystone06:55
*** josecastroleon has quit IRC07:03
*** rcernin has quit IRC07:04
*** josecastroleon has joined #openstack-keystone07:07
*** tesseract has joined #openstack-keystone07:09
*** markvoelker has joined #openstack-keystone07:25
openstackgerritMerged openstack/oslo.policy master: Imported Translations from Zanata  https://review.openstack.org/51494607:30
*** gvrangan_odl has quit IRC07:34
*** gvrangan has joined #openstack-keystone07:45
*** ioggstream has joined #openstack-keystone07:45
*** zhangjl has quit IRC07:56
*** zhangjl has joined #openstack-keystone07:57
*** markvoelker has quit IRC07:59
*** AlexeyAbashkin has joined #openstack-keystone08:03
*** namnh has quit IRC08:04
*** namnh has joined #openstack-keystone08:04
openstackgerritShan Guo proposed openstack/keystone master: Remove v2 token value model  https://review.openstack.org/51455408:09
openstackgerritShan Guo proposed openstack/keystone master: Remove simple cert support  https://review.openstack.org/51530908:18
*** david-lyle has quit IRC08:24
*** david-lyle has joined #openstack-keystone08:25
*** d0ugal has quit IRC08:32
*** d0ugal_ has joined #openstack-keystone08:32
*** d0ugal_ has quit IRC08:33
*** d0ugal has joined #openstack-keystone08:33
*** d0ugal has quit IRC08:33
*** d0ugal has joined #openstack-keystone08:33
*** rmcallis has quit IRC08:39
*** rmcallis has joined #openstack-keystone08:44
*** gvrangan has quit IRC08:46
*** gvrangan has joined #openstack-keystone08:47
*** markvoelker has joined #openstack-keystone08:57
*** Suramya has joined #openstack-keystone08:59
*** AlexeyAbashkin has quit IRC09:02
*** AlexeyAbashkin has joined #openstack-keystone09:06
*** namnh has quit IRC09:24
*** namnh has joined #openstack-keystone09:24
*** david-lyle has quit IRC09:26
*** dklyle has joined #openstack-keystone09:26
*** markvoelker has quit IRC09:29
openstackgerritStephen Finucane proposed openstack/oslo.policy master: generator: Reimplement wrapping of 'description'  https://review.openstack.org/48564609:30
*** AlexeyAbashkin has quit IRC09:37
*** thorst has joined #openstack-keystone09:39
*** thorst has quit IRC09:43
*** AlexeyAbashkin has joined #openstack-keystone09:46
*** gvrangan has quit IRC09:46
*** gvrangan has joined #openstack-keystone09:46
*** AlexeyAbashkin has quit IRC09:53
openstackgerritShan Guo proposed openstack/keystone master: Remove simple cert support  https://review.openstack.org/51530909:53
openstackgerritShan Guo proposed openstack/keystone master: Remove simple cert support  https://review.openstack.org/51530909:56
*** sambetts|afk is now known as sambetts10:09
*** masber has quit IRC10:09
*** namnh has quit IRC10:16
*** markvoelker has joined #openstack-keystone10:26
*** gmann is now known as gmann_afk10:29
*** nicolasbock has joined #openstack-keystone10:54
*** markvoelker has quit IRC10:59
*** nicolasbock has quit IRC11:06
*** AlexeyAbashkin has joined #openstack-keystone11:07
*** zhangjl has quit IRC11:08
*** zhangjl has joined #openstack-keystone11:10
*** zhangjl has quit IRC11:18
*** nicolasbock has joined #openstack-keystone11:20
*** masber has joined #openstack-keystone11:22
*** zhangjl has joined #openstack-keystone11:26
*** zhangjl has quit IRC11:32
*** links has quit IRC11:36
*** akrzos has quit IRC11:38
*** zhangjl has joined #openstack-keystone11:42
*** akrzos has joined #openstack-keystone11:42
*** annp has quit IRC11:46
*** zhangjl has quit IRC11:50
*** edmondsw has joined #openstack-keystone11:50
*** dave-mccowan has joined #openstack-keystone11:51
*** zhangjl has joined #openstack-keystone11:52
*** markvoelker has joined #openstack-keystone11:57
*** magicboiz has quit IRC11:57
*** thorst has joined #openstack-keystone12:01
*** zhangjl has quit IRC12:03
*** zhangjl has joined #openstack-keystone12:04
*** raildo has joined #openstack-keystone12:10
*** wes_dillingham has joined #openstack-keystone12:11
*** markvoelker has quit IRC12:29
*** panbalag has joined #openstack-keystone12:32
*** panbalag has left #openstack-keystone12:32
*** markvoelker has joined #openstack-keystone12:40
*** zhangjl has quit IRC12:50
*** zhangjl has joined #openstack-keystone12:51
*** mvk has quit IRC12:52
*** gvrangan has quit IRC13:14
*** jaosorior has quit IRC13:16
*** sbezverk has joined #openstack-keystone13:20
*** ayoung has quit IRC13:22
openstackgerritprashkre proposed openstack/keystone master: Filter users/groups in ldap with whitespaces  https://review.openstack.org/51540913:28
*** mvk has joined #openstack-keystone13:32
*** spzala has joined #openstack-keystone13:35
*** magicboiz has joined #openstack-keystone13:48
*** jaosorior has joined #openstack-keystone13:53
*** spzala has quit IRC13:54
*** McClymontS has joined #openstack-keystone13:59
*** spzala has joined #openstack-keystone14:06
*** rcernin has joined #openstack-keystone14:08
prashkrelbragstad: Hi! Gud morning.14:08
prashkrelbragstad: Could you please review on https://review.openstack.org/#/c/514885/14:08
knikollao/14:10
lbragstadstable review if anyone is interested - https://review.openstack.org/#/c/514885/114:12
lbragstadcc kmalloc stevemar ^14:12
lbragstadknikolla: prashkre o/14:12
lbragstadprashkre: viewed14:12
lbragstadreviewed*14:12
*** dklyle has quit IRC14:15
*** catintheroof has joined #openstack-keystone14:17
*** jmlowe has joined #openstack-keystone14:18
prashkrelbragstad:thank you.14:21
lbragstadprashkre: thanks for the ping14:26
*** spilla has joined #openstack-keystone14:34
*** prashkre has quit IRC14:47
*** david-lyle has joined #openstack-keystone14:48
*** McClymontS has quit IRC15:01
*** spectr has quit IRC15:02
*** jaosorior has quit IRC15:02
*** rcernin has quit IRC15:04
*** josecastroleon has quit IRC15:18
*** catintheroof has quit IRC15:20
*** catintheroof has joined #openstack-keystone15:20
*** catintheroof has quit IRC15:25
*** jdwidari has joined #openstack-keystone15:29
*** jdwidari has quit IRC15:29
*** AlexeyAbashkin has quit IRC15:29
*** jdwidari has joined #openstack-keystone15:31
*** mvk has quit IRC15:39
*** itlinux has joined #openstack-keystone15:39
*** gyee has joined #openstack-keystone15:43
*** Suramya has quit IRC15:47
kmallocWill look soon15:47
*** jdwidari has left #openstack-keystone15:49
*** catintheroof has joined #openstack-keystone15:51
*** catintheroof has quit IRC15:55
*** catintheroof has joined #openstack-keystone16:01
openstackgerritGage Hugo proposed openstack/keystone master: Consolidate V2Controller functionality  https://review.openstack.org/51481416:03
stevemarlbragstad: +116:33
lbragstadstevemar: i don't think it's urgent, i'll wait for kmalloc to review16:34
*** magicboiz has quit IRC16:37
kmallocdo do do...16:42
*** AlexeyAbashkin has joined #openstack-keystone16:53
openstackgerritLance Bragstad proposed openstack/keystone master: Ensure listing projects always returns tags  https://review.openstack.org/51546816:53
*** mvk has joined #openstack-keystone16:54
*** AlexeyAbashkin has quit IRC16:57
*** sambetts is now known as sambetts|afk16:58
*** panbalag has joined #openstack-keystone17:10
*** panbalag has quit IRC17:12
*** prashkre has joined #openstack-keystone17:18
*** raildo has quit IRC17:19
*** tesseract has quit IRC17:45
*** raildo has joined #openstack-keystone17:46
*** AlexeyAbashkin has joined #openstack-keystone17:48
*** AlexeyAbashkin has quit IRC17:52
*** ioggstream has quit IRC17:59
*** phalmos has joined #openstack-keystone18:10
*** catintheroof has quit IRC18:13
*** phalmos has quit IRC18:14
*** AlexeyAbashkin has joined #openstack-keystone18:30
*** AlexeyAbashkin has quit IRC18:34
*** spilla has quit IRC18:43
itlinuxhello all.. I have a question since I configured fernet and LDAP. I can see all users but cannot see any groups.. this is a test env but the POC env with UUID can see the groups and the users from the LDAP same config.. just fernet diff.. it says invalid token.. uhm!! 18:47
*** AlexeyAbashkin has joined #openstack-keystone18:47
lbragstaditlinux: what steps did you take?18:49
itlinuxwell I am looking at the logs now.. it says cannot find domain.. but I can do openstack user list --domain domainname.com18:50
itlinuxand that works..18:50
itlinuxuhm!18:50
*** catintheroof has joined #openstack-keystone18:51
itlinuxintresting .. still says cannot find domain but from the undercloud I can see the list of users..18:51
itlinuxuhm!!18:51
lbragstadi'm not sure what the expected behavior is18:51
lbragstadcan you describe what you're trying to do?18:52
*** AlexeyAbashkin has quit IRC18:52
lbragstadwith steps/18:52
itlinuxsimple tripleo deployment configured with LDAP then add the admin into that domain.com18:52
itlinuxthen openstack user list --domain domain.com works..18:52
itlinuxopenstack group list --domain domain.com does not18:53
itlinuxwell it's empty response..18:53
itlinuxand the logs are giving me domain not found..18:53
itlinuxbut the openstack domain list shows the domain18:53
lbragstadand the groups are defined in LDAP, right?18:54
lbragstadyou have nothing persisted locally in SQL18:54
itlinuxyes I have the same config on a diff locaton and I can see the groups..18:54
itlinuxnothing in my sql.. I just created one and that shows up fine in my local default domain18:54
*** catintheroof has quit IRC18:56
lbragstadso you have two deployments, right?18:56
lbragstadboth should have the same exact configuration?18:56
itlinuxuhm... I see that I have 2 directories in /etc/keystone/credential-keys and the other fernet-keys18:57
lbragstadand you're able to list groups for domain.com in the one that uses UUID just fine?18:57
itlinuxyes two deployments..18:57
itlinuxyes correct lbragstad:18:57
lbragstadok - can you try switching your `keystone.conf [token] provider = fernet` in that deployment and try again?18:57
itlinuxso I wonder why I the logs are showing cannot find any domains..18:57
*** prashkre has quit IRC18:58
*** prashkre_ has joined #openstack-keystone18:58
lbragstadand make sure you run `keystone-manage fernet_setup`?18:58
itlinuxlet me check the one with UUID cannot change it.. but the other is ok.. let me try18:58
itlinuxyes I have 3 controllers.. so I will do it on all three..18:58
lbragstadi just want to make sure it's not some ldap configuration issue18:58
itlinuxone sec..18:58
itlinuxprovider = fernet this is on the servers now..19:00
*** lbragstad changes topic to "Queens release schedule: https://releases.openstack.org/queens/schedule.html | Meeting agenda: https://etherpad.openstack.org/p/keystone-weekly-meeting | Bugs that need triaging: http://bit.ly/2iJuN1h | Trello: https://trello.com/b/5F0h9Hoe/keystone"19:00
itlinuxwell I cannot touch the other env. for now..19:00
lbragstadok - it sounds like an issue with mapping groups from ldap in to keystone on the deployment that is using fernet (the token provider shouldn't be preventing that in anyway )19:01
itlinuxyes that's what it sounds like uhm!19:01
lbragstadthere are a bunch of configuration options for ldap and groups - https://github.com/openstack/keystone/blob/master/keystone/conf/ldap.py#L257-L33519:02
lbragstadthose are the same in each deployment?19:03
lbragstad(are both deployments pointing to the same ldap backend?)19:03
*** prashkre__ has joined #openstack-keystone19:04
*** prashkre_ has quit IRC19:04
*** catintheroof has joined #openstack-keystone19:05
*** catintheroof has quit IRC19:09
itlinuxyes ldap backend..19:13
itlinuxdiff deployments..19:13
itlinuxthe ldap file is exactly the same..19:13
itlinuxso the only diff is fernet and UUID..19:13
lbragstadhm19:16
itlinuxnow I am running this openstack role add --domain b2e1c1f4988c4bd7b904cada5c5b4010 --user admin admin19:18
itlinuxand it shows..19:18
itlinuxthe AD.. groups.19:18
itlinuxintresting..19:18
itlinuxlet me try the other..19:18
itlinuxno luck for the ldap.. but AD worked..19:19
itlinuxuhm!19:19
*** wes_dillingham has quit IRC19:19
itlinuxwell I will try to remove it and readd it.. after lunch! thanks19:21
*** catintheroof has joined #openstack-keystone19:28
*** jmlowe has quit IRC19:31
lbragstaditlinux: that's strange, so you were missing a role assignment?19:32
*** ioggstream has joined #openstack-keystone19:37
*** harlowja has quit IRC19:46
itlinuxno I have added the same command on both domains..19:50
lbragstadand now things work?19:52
itlinuxno .. will readd and see..19:52
itlinuxno luck! crap!20:02
itlinuxhttp://paste.openstack.org/show/624748/20:05
itlinuxexactly the same but domain.com cannot query groups..20:06
*** aselius has joined #openstack-keystone20:15
*** McClymontS has joined #openstack-keystone20:15
*** McClymontS has quit IRC20:17
*** jamielennox has quit IRC20:30
*** AlexeyAbashkin has joined #openstack-keystone20:31
*** harlowja has joined #openstack-keystone20:33
*** jamielennox has joined #openstack-keystone20:34
*** AlexeyAbashkin has quit IRC20:35
*** AlexeyAbashkin has joined #openstack-keystone20:47
*** catintheroof has quit IRC20:49
*** thorst has quit IRC20:50
*** AlexeyAbashkin has quit IRC20:52
*** jamielennox has quit IRC20:54
*** jamielennox has joined #openstack-keystone20:55
*** ioggstream has quit IRC21:00
*** raildo has quit IRC21:03
*** prashkre__ has quit IRC21:07
*** thorst has joined #openstack-keystone22:00
*** thorst has quit IRC22:06
*** wes_dillingham has joined #openstack-keystone22:11
*** spzala has quit IRC22:14
*** spzala has joined #openstack-keystone22:15
*** spzala has quit IRC22:19
*** spzala has joined #openstack-keystone22:31
*** itlinux has quit IRC22:39
*** jmlowe has joined #openstack-keystone22:39
*** AlexeyAbashkin has joined #openstack-keystone22:46
*** AlexeyAbashkin has quit IRC22:50
*** AlexeyAbashkin has joined #openstack-keystone23:07
*** AlexeyAbashkin has quit IRC23:11
*** AlexeyAbashkin has joined #openstack-keystone23:27
*** thorst has joined #openstack-keystone23:29
*** AlexeyAbashkin has quit IRC23:32
*** thorst has quit IRC23:43
*** links has joined #openstack-keystone23:46
« Wednesday, 2017-10-25 Index Friday, 2017-10-27 »

Generated by irclog2html.py 2.15.3 by Marius Gedminas - find it at mg.pov.lt!