Thursday, 2018-09-06

« Wednesday, 2018-09-05 Index Friday, 2018-09-07 »
*** spartakos has quit IRC00:30
stewie925kmalloc: thank you00:32
*** rcernin has quit IRC00:50
*** rcernin has joined #openstack-keystone00:51
*** gyee has quit IRC00:53
*** stewie925 has quit IRC01:15
*** chaconpiza has quit IRC01:19
openstackgerritMonty Taylor proposed openstack/keystoneauth master: Add support for ironic single-version responses  https://review.openstack.org/59598001:30
wxy-xiyuanlbragstad: cool. I'll take a look. Thanks.01:31
lbragstadwxy-xiyuan no problem01:31
*** lbragstad has quit IRC01:43
*** lbragstad has joined #openstack-keystone01:45
*** ChanServ sets mode: +o lbragstad01:45
*** sapd1_ has joined #openstack-keystone02:03
*** sapd1 has quit IRC02:07
*** lbragstad has quit IRC02:09
*** sapd1_ has quit IRC02:09
*** spartakos has joined #openstack-keystone02:10
*** sapd1 has joined #openstack-keystone02:13
*** nicolasbock has quit IRC02:18
openstackgerritwangxiyuan proposed openstack/keystonemiddleware master: No need to compare CONF content  https://review.openstack.org/59993602:34
errrIm setting up federtion using mod_auth_mellon, and in my idp Im not sure what value to use for "Signle Sign On URL". When using shibboleth it is: https://mysite.com:5000/Shibboleth.sso/SAML2/POST but whenusing mod_auth_mellon I dont know what to use.. Any ideas?03:25
errrmy idp is okta is that matters/helps03:26
*** spartakos has quit IRC03:35
openstackgerritMonty Taylor proposed openstack/keystoneauth master: Add support for ironic single-version responses  https://review.openstack.org/59598003:50
*** markvoelker has joined #openstack-keystone04:06
*** markvoelker has quit IRC04:11
*** ykarel|away has joined #openstack-keystone04:17
*** dave-mccowan has quit IRC04:36
openstackgerritGage Hugo proposed openstack/keystone master: WIP - Convert domains api to flask  https://review.openstack.org/59735004:36
*** ducnv has quit IRC04:42
*** ducnv has joined #openstack-keystone04:42
*** shyamb has joined #openstack-keystone04:45
*** markvoelker has joined #openstack-keystone05:07
openstackgerritDeepak Mourya proposed openstack/keystone master: Added support for a ``description`` attribute for Identity Roles  https://review.openstack.org/48434805:09
deepak_mourya_cmurphy:  Hi, I have updated your comments in https://review.openstack.org/#/c/484348/16 you can review this.05:12
*** ykarel|away is now known as ykarel05:18
*** shyamb has quit IRC05:25
*** ykarel has quit IRC05:26
*** shyamb has joined #openstack-keystone05:36
*** ykarel has joined #openstack-keystone05:45
*** ducnv has left #openstack-keystone06:10
*** pcaruana has joined #openstack-keystone06:25
*** shyam89 has joined #openstack-keystone06:37
*** shyamb has quit IRC06:41
*** markvoelker has quit IRC06:45
*** rcernin has quit IRC07:00
openstackgerritwangxiyuan proposed openstack/oslo.limit master: Add opts file  https://review.openstack.org/58676007:00
openstackgerritwangxiyuan proposed openstack/oslo.limit master: Add limit check func  https://review.openstack.org/59652007:00
*** chaconpiza has joined #openstack-keystone07:04
*** Emine has joined #openstack-keystone07:06
openstackgerritwangxiyuan proposed openstack/oslo.limit master: Add limit check func  https://review.openstack.org/59652007:13
openstackgerritwangxiyuan proposed openstack/oslo.limit master: Add limit check func  https://review.openstack.org/59652007:25
openstackgerritwangxiyuan proposed openstack/oslo.limit master: Make callback required  https://review.openstack.org/60035707:25
cmurphyerrr: which value are you trying to set exactly? is this in keystone.conf or in the apache vhost?07:29
*** hoonetorg has quit IRC07:34
*** pcaruana has quit IRC07:36
*** shyam89 has quit IRC07:38
*** markvoelker has joined #openstack-keystone07:43
*** hoonetorg has joined #openstack-keystone07:47
*** pcaruana has joined #openstack-keystone07:48
*** shyamb has joined #openstack-keystone07:58
*** david-lyle has quit IRC08:14
*** shyamb has quit IRC08:14
*** dklyle has joined #openstack-keystone08:15
*** jamiec has quit IRC08:30
*** jamiec has joined #openstack-keystone08:33
*** shyamb has joined #openstack-keystone08:34
*** d0ugal has joined #openstack-keystone08:49
*** hwoarang_ has joined #openstack-keystone09:11
*** hwoarang has quit IRC09:15
*** shyamb has quit IRC09:22
*** hwoarang_ is now known as hwoarang09:23
openstackgerritwangxiyuan proposed openstack/oslo.limit master: Add limit check func  https://review.openstack.org/59652009:34
openstackgerritwangxiyuan proposed openstack/oslo.limit master: Make callback required  https://review.openstack.org/60035709:34
*** shyamb has joined #openstack-keystone09:38
*** shyam89 has joined #openstack-keystone09:46
*** shyamb has quit IRC09:50
*** d0ugal has quit IRC09:51
*** shyam89 has quit IRC09:56
*** shyamb has joined #openstack-keystone09:56
*** d0ugal has joined #openstack-keystone10:01
*** shyamb has quit IRC10:03
*** shyamb has joined #openstack-keystone10:03
*** d0ugal has quit IRC10:14
*** d0ugal has joined #openstack-keystone10:22
*** nicolasbock has joined #openstack-keystone10:31
*** shyamb has quit IRC10:43
*** shyamb has joined #openstack-keystone10:54
*** Emine has quit IRC11:23
*** Emine has joined #openstack-keystone11:25
*** shyamb has quit IRC11:57
*** shyamb has joined #openstack-keystone12:05
*** markvoelker has quit IRC12:22
*** shyamb has quit IRC12:24
*** shyamb has joined #openstack-keystone12:24
*** ykarel is now known as ykarel|away12:41
*** ykarel|away has quit IRC12:47
*** lbragstad has joined #openstack-keystone12:54
*** ChanServ sets mode: +o lbragstad12:54
*** raildo has joined #openstack-keystone12:54
*** lbragstad has quit IRC13:09
*** lbragstad has joined #openstack-keystone13:15
*** ChanServ sets mode: +o lbragstad13:15
*** mchlumsky has joined #openstack-keystone13:32
*** shyamb has quit IRC13:35
*** d0ugal has quit IRC14:05
*** d0ugal has joined #openstack-keystone14:09
lbragstadildikov i'm updating https://etherpad.openstack.org/p/keystone-stein-ptg with room details, for tuesday should i put Ballroom A on our etherpad?14:29
lbragstadi assume that's where we'll plan to discuss keystone-related edge topics14:29
knikollao/14:31
lbragstadwhat's the consensus for getting a room on wednesday?14:34
lbragstadright now we don't have one, but our schedule is loosely defined14:34
lbragstadand it's tentatively going to be a day for hacking14:35
lbragstadshould we jump the gun and schedule a room, or play it by ear?14:35
knikollalbragstad: if there's empty rooms, might as well schedule one. and if we don't use it we can post on IRC and advertise it as a free use space for other teams14:39
lbragstadtrue14:40
lbragstadi'll see if a smaller room is available and schedule it later today if possible14:40
lbragstadotherwise i do remember there being open tables close to the room we were in last time (lobby upstairs)14:40
lbragstadthat seemed pretty quiet14:40
gagehugoo/14:48
*** d0ugal has quit IRC14:50
*** d0ugal has joined #openstack-keystone14:52
kmallocknikolla: ++14:52
ildikovlbragstad: yes, for Tuesday Ballroom A should work well14:54
ildikovlbragstad: I think it's also easier from overall logistics perspective14:55
*** itlinux has quit IRC14:56
lbragstadildikov awesome - i've updated our schedule to reflect that15:02
*** gyee has joined #openstack-keystone15:11
*** r-daneel has quit IRC15:17
*** d0ugal has quit IRC15:21
*** spartakos has joined #openstack-keystone15:24
*** d0ugal has joined #openstack-keystone15:34
*** pcaruana has quit IRC15:42
*** r-daneel has joined #openstack-keystone15:44
*** r-daneel has quit IRC15:45
openstackgerritGage Hugo proposed openstack/keystone master: WIP - Convert domains api to flask  https://review.openstack.org/59735015:46
*** itlinux has joined #openstack-keystone15:54
cmurphyfyi i'm traveling tomorrow so i won't send out the update email, seems like not much happened this week to report on anyway16:01
*** pcaruana has joined #openstack-keystone16:01
knikollacmurphy: safe travels!16:02
cmurphyknikolla: ty, you as well16:02
knikollaty :)16:02
*** itlinux_ has joined #openstack-keystone16:08
*** itlinux has quit IRC16:12
*** itlinux_ has quit IRC16:33
errrcmurphy: Its on the IDP side of things. Im using okta and Im trying to set values for the app, and you get a screen like this: https://camo.githubusercontent.com/b870027fa31de46d28007a9131d5cc96588c454d/68747470733a2f2f692e696d6775722e636f6d2f766137535937622e706e6716:39
errrcmurphy: Those are the values that work for using shibboleth, but I need to move to mod_auth_mellon and I do not know what those values should be for mod_auth_mellon16:39
*** ykarel|away has joined #openstack-keystone16:42
errrcmurphy: this is the setup doc for mellon Im using: https://docs.openstack.org/keystone/pike/advanced-topics/federation/mellon.html16:43
lbragstadFYI - we have Longs Peak booked for wednesday morning16:49
lbragstadif we decide we need more time on wednesday afternoon, we can see what there is for availability16:49
cmurphyerrr: in the SP metadata there should be a HTTP-POST binding, I think that's the value it's looking for16:55
errrwhere do I get that?16:56
cmurphyerrr: i'm not familiar with okta but usually you would just hand it the whole metadata file and it would figure it out16:56
cmurphyerrr: it's the file you set with MellonSPMetadataFile on the SP16:57
cmurphymellon comes with a script to generate it16:57
cmurphyi'm not sure if it serves it on some endpoint by default16:57
errrok.16:57
cmurphylooks like just <endpoint>/metadata according to https://github.com/Uninett/mod_auth_mellon#service-provider-metadata16:58
*** jaosorior has quit IRC17:00
*** jaosorior has joined #openstack-keystone17:01
*** itlinux has joined #openstack-keystone17:03
*** imacdonn has quit IRC17:05
*** imacdonn has joined #openstack-keystone17:05
*** spartakos has quit IRC17:11
*** r-daneel has joined #openstack-keystone17:11
*** ChanServ sets mode: -rf 17:16
openstackgerritGage Hugo proposed openstack/keystone master: WIP - Convert domains api to flask  https://review.openstack.org/59735017:21
*** pcaruana has quit IRC17:27
*** ykarel|away has quit IRC17:30
*** spartakos has joined #openstack-keystone17:35
*** links has joined #openstack-keystone17:38
*** links has quit IRC17:38
openstackgerritLance Bragstad proposed openstack/keystonemiddleware master: Remove tox_install.sh  https://review.openstack.org/59900317:39
*** mvenesio has joined #openstack-keystone17:40
openstackgerritLance Bragstad proposed openstack/oslo.limit master: Render API reference documentation  https://review.openstack.org/60026417:44
openstackgerritLance Bragstad proposed openstack/oslo.limit master: Add a conceptual overview to docs  https://review.openstack.org/60026517:44
openstackgerritLance Bragstad proposed openstack/oslo.limit master: Allow ProjectClaims to support multiple resources  https://review.openstack.org/60026617:44
openstackgerritLance Bragstad proposed openstack/oslo.limit master: Add a conceptual overview to docs  https://review.openstack.org/60026517:45
openstackgerritLance Bragstad proposed openstack/oslo.limit master: Allow ProjectClaims to support multiple resources  https://review.openstack.org/60026617:45
openstackgerritLance Bragstad proposed openstack/oslo.limit master: Rename callback to usage_callback  https://review.openstack.org/60049117:59
lbragstad^ some relatively mild oslo.limit reviews if folks are interesting in having a look18:02
*** pcaruana has joined #openstack-keystone18:02
*** links has joined #openstack-keystone18:02
errrcmurphy: I found that file you are talking about. Looks like I generated it wrong. Thanks for your help.18:04
*** openstackgerrit has quit IRC18:05
cmurphyerrr: yw18:06
errrI think it would be great to do a little web series on setting up federation using shib and mellon and doing it with a couple of platforms, like openstack-ansible, and like tripleo and devstack. The use some free IDPs to show how to go from basic keystone auth to functional federation.18:07
errrWould anyone be interested in doing that with me? We put it up on youtube, and get the examples worked up into the keystone docs.18:08
errrCover some of the advanced mapping stuff.. basiclly take our time do it really nice like so the content doesnt have to be crammed into the timespan of an openstack talk..18:09
*** mvenesio has quit IRC18:10
*** mvenesio has joined #openstack-keystone18:11
*** links has quit IRC18:11
*** spartakos has quit IRC18:15
*** melwitt is now known as melwitt_awaysick18:18
*** jaosorior has quit IRC18:27
*** timburke has joined #openstack-keystone18:29
knikollaerrr: sure, i'd be interested in helping out.18:33
errrawesome :D18:33
lbragstaderrr that's a great idea18:44
lbragstadkmalloc do you want to take a peak at https://review.openstack.org/#/c/598990/18:52
kmalloclooking18:56
kmalloclbragstad: easy +2/+A18:56
lbragstadalso - we have mess going on with various keystone repositories and pushing through dhellmann's changes for python 318:57
lbragstadfor example https://review.openstack.org/#/c/597685/18:58
lbragstadshows that the stable branch for ksc is hosed18:58
lbragstadsame with ksm18:58
lbragstad(which i have patches up for)18:58
lbragstadnot sure how to get the ones for ksm working... we have an optional dependency on oslo.messaging that appears to be messing things up19:00
*** mbuil has quit IRC19:04
lbragstadhttps://review.openstack.org/#/c/600518/ should fix stable/pike for ksc (hopefully)19:04
lbragstadhttps://review.openstack.org/#/c/600519/ should do the same for stable/ocata19:06
*** mbuil has joined #openstack-keystone19:07
*** openstackgerrit has joined #openstack-keystone19:09
openstackgerritMerged openstack/python-keystoneclient master: Update reno for stable/rocky  https://review.openstack.org/58979119:09
*** spartakos has joined #openstack-keystone19:30
gagehugokmalloc the domains flask is getting closer, getting some 403s on a few of the tests and not sure why atm, currently looking19:34
*** pcaruana has quit IRC19:35
*** Emine has quit IRC19:37
*** Emine has joined #openstack-keystone19:38
*** nicolasbock has quit IRC20:34
openstackgerritMerged openstack/keystoneauth master: Remove os-testr from requirements  https://review.openstack.org/60000420:38
openstackgerritMonty Taylor proposed openstack/keystoneauth master: Add support for ironic single-version responses  https://review.openstack.org/59598020:49
*** raildo has quit IRC20:53
*** nicolasbock has joined #openstack-keystone20:54
*** dims has quit IRC20:55
lbragstadkmalloc https://review.openstack.org/#/c/600554/ will need a kick once it passes to fix stable/ocata21:06
*** dims has joined #openstack-keystone21:11
lbragstadFYI - i added another items to the agenda for next wednesday21:12
lbragstadi have results from the user survey, i can share them if people want to take a look, but putting it on the agenda in case we want to dig into them face-to-face21:13
*** mvenesio has quit IRC21:18
*** mvenesio has joined #openstack-keystone21:19
*** mvenesio has quit IRC21:25
kmalloclbragstad: ah cool21:50
kmallocgagehugo: nice.21:50
openstackgerritGage Hugo proposed openstack/keystoneauth master: Revert "Change log hashing to SHA256"  https://review.openstack.org/60056122:04
gagehugobah22:05
*** dave-mccowan has joined #openstack-keystone22:22
lbragstadPer domain configuration had 79 responses; Enhancing policy had 92 responses; Scaling out to multiple regions had 136 responses; Performance improvements had 144 responses; Federated identity enhancements had 184 responses22:26
*** rcernin has joined #openstack-keystone22:29
*** itlinux has quit IRC22:34
gagehugointeresting22:35
lbragstadyeah22:38
lbragstadi'll need to dig up the results from older surveys, but i think the gap between the top three and the rest has widened22:39
lbragstadfederated identity enhancements is still in the lead, by far22:40
lbragstadfor those interested in viewing the feedback directly https://docs.google.com/spreadsheets/d/1HOIq7U8rgR5SAZDpuL1VdoVALIf1Np3ar1YzATKumd0/edit?usp=sharing22:47
*** dave-mccowan has quit IRC23:01
*** itlinux has joined #openstack-keystone23:45
« Wednesday, 2018-09-05 Index Friday, 2018-09-07 »

Generated by irclog2html.py 2.15.3 by Marius Gedminas - find it at mg.pov.lt!