Friday, 2019-11-15

« Thursday, 2019-11-14 Index Saturday, 2019-11-16 »
*** dave-mccowan has quit IRC00:10
*** cmart has quit IRC00:11
*** dave-mccowan has joined #openstack-keystone00:16
*** ayoung has quit IRC00:17
*** ayoung has joined #openstack-keystone00:18
*** ayoung has quit IRC00:40
*** ayoung has joined #openstack-keystone00:42
*** ileixe has joined #openstack-keystone01:00
*** dave-mccowan has quit IRC01:01
*** ayoung has quit IRC01:09
*** ayoung has joined #openstack-keystone01:10
*** mnasiadka has quit IRC01:11
*** jamespage has quit IRC01:11
*** manuvakery has quit IRC01:11
*** guilhermesp has quit IRC01:11
*** kmalloc has quit IRC01:12
*** lamt has quit IRC01:12
*** wxy-xiyuan has quit IRC01:12
*** TheJulia has quit IRC01:12
*** mnasiadka has joined #openstack-keystone01:12
*** wxy-xiyuan has joined #openstack-keystone01:13
*** jamespage has joined #openstack-keystone01:13
*** TheJulia has joined #openstack-keystone01:13
*** guilhermesp has joined #openstack-keystone01:13
*** kmalloc has joined #openstack-keystone01:13
*** manuvakery has joined #openstack-keystone01:14
*** spatel has joined #openstack-keystone01:35
*** nana_ has joined #openstack-keystone01:58
*** spatel has quit IRC02:01
*** nana_ has quit IRC02:02
*** openstackstatus has joined #openstack-keystone02:03
*** ChanServ sets mode: +v openstackstatus02:03
*** ayoung has quit IRC02:54
*** gyee has quit IRC02:55
*** ayoung has joined #openstack-keystone02:56
*** zzzeek has quit IRC02:56
*** zzzeek has joined #openstack-keystone02:57
*** zzzeek has quit IRC02:58
*** zzzeek has joined #openstack-keystone02:59
*** ayoung has quit IRC03:12
*** ayoung has joined #openstack-keystone03:15
*** ayoung has quit IRC03:30
*** ayoung has joined #openstack-keystone03:31
*** ayoung has quit IRC03:47
*** ayoung has joined #openstack-keystone03:48
*** ileixe has quit IRC04:46
*** ileixe has joined #openstack-keystone04:58
*** ileixe has quit IRC05:19
*** awalende has joined #openstack-keystone05:28
*** awalende has quit IRC05:33
*** Luzi has joined #openstack-keystone06:04
*** Blinkiz5 has joined #openstack-keystone06:29
*** aloga_ has joined #openstack-keystone06:32
*** rcernin has quit IRC06:37
*** trident has quit IRC06:37
*** jmlowe has quit IRC06:39
*** hoonetorg has quit IRC06:39
*** brtknr has quit IRC06:39
*** aloga has quit IRC06:39
*** Blinkiz has quit IRC06:39
*** yankcrime has quit IRC06:39
*** hugokuo has quit IRC06:39
*** evrardjp has quit IRC06:39
*** Blinkiz5 is now known as Blinkiz06:39
*** spotz has quit IRC06:39
*** ileixe has joined #openstack-keystone06:40
*** openstackstatus has quit IRC06:40
*** spotz has joined #openstack-keystone06:42
*** ileixe has quit IRC06:45
*** rcernin has joined #openstack-keystone06:48
*** trident has joined #openstack-keystone06:48
*** jmlowe has joined #openstack-keystone06:48
*** hoonetorg has joined #openstack-keystone06:48
*** brtknr has joined #openstack-keystone06:48
*** hugokuo has joined #openstack-keystone06:48
*** evrardjp has joined #openstack-keystone06:48
*** rcernin has quit IRC07:15
*** trident has quit IRC07:15
*** jmlowe has quit IRC07:15
*** hoonetorg has quit IRC07:15
*** brtknr has quit IRC07:15
*** hugokuo has quit IRC07:15
*** evrardjp has quit IRC07:15
*** rcernin has joined #openstack-keystone07:16
*** trident has joined #openstack-keystone07:16
*** jmlowe has joined #openstack-keystone07:16
*** hoonetorg has joined #openstack-keystone07:16
*** brtknr has joined #openstack-keystone07:16
*** hugokuo has joined #openstack-keystone07:16
*** evrardjp has joined #openstack-keystone07:16
*** rcernin has quit IRC07:44
*** trident has quit IRC07:49
*** trident has joined #openstack-keystone07:58
*** tkajinam has quit IRC08:00
*** ileixe has joined #openstack-keystone08:02
*** ileixe has quit IRC08:02
*** ileixe has joined #openstack-keystone08:04
*** ayoung has quit IRC08:15
*** tesseract has joined #openstack-keystone08:15
BlinkizHello. To better understand how OpenStack (keystone) works I would like to see which policy is being checked against every time. I would like to increase logging, is this possible?08:19
*** awalende has joined #openstack-keystone08:19
BlinkizIs it debug = True in [DEFAULT] that is needed?08:24
*** ayoung has joined #openstack-keystone08:26
BlinkizOr can I filter it somehow so I can drop all policies requests to a file?08:31
*** ivve has joined #openstack-keystone08:46
*** yan0s has joined #openstack-keystone09:11
*** dave-mccowan has joined #openstack-keystone09:14
*** amoralej has joined #openstack-keystone10:24
amoralejhi, one job in latest execution of tempes on rdo train has failed with "TokenNotFound: Could not recognize Fernet token"10:25
amoralejit just happened in one of the tempest tests10:26
amoralejany hint about how to debug?10:26
amoralejhttps://centos.logs.rdoproject.org/weirdo-generic-puppet-openstack-scenario001/12204/weirdo-project/logs/keystone/keystone.txt.gz#_2019-11-14_15_51_40_07510:26
*** tesseract has quit IRC10:52
*** tesseract has joined #openstack-keystone10:52
*** jawad_axd has joined #openstack-keystone11:32
*** gshippey has joined #openstack-keystone12:02
*** awalende has quit IRC12:59
*** awalende has joined #openstack-keystone12:59
*** Luzi has quit IRC13:05
*** ayoung has quit IRC13:13
*** ayoung has joined #openstack-keystone13:14
*** awalende has quit IRC13:14
*** awalende has joined #openstack-keystone13:14
*** awalende has quit IRC13:15
*** awalende has joined #openstack-keystone13:15
*** Luzi has joined #openstack-keystone13:20
*** amoralej is now known as amoralej|lunch13:21
*** amoralej|lunch is now known as amoralej14:08
*** Luzi has quit IRC14:16
*** cmart has joined #openstack-keystone14:25
lbragstadBlinkiz that'd be a good question for the #openstack-oslo channel14:29
lbragstadI'm not aware of a way to drop all policy checks to a log file14:29
Blinkizlbragstad: Okay, thanks for answering14:29
lbragstadbut, I do know you can increase the logging level of libraries to be more verbose14:29
Blinkizlbragstad: Am currently running keystone in debug and I can see in there all requests.14:30
lbragstadhttps://docs.openstack.org/keystone/latest/configuration/config-options.html#DEFAULT.default_log_levels14:30
lbragstadif you wanted to turn up oslo.policy logging to 11, you can do that by setting oslo_policy=DEBUG14:30
lbragstadand setting ``keystone.conf [DEFAULT] debug=True``14:31
Blinkizlbragstad: But am really struggling with how to create a domain administrator. It seems to work with python-openstackclient but not within Horizon. Does it exist a guide somewhere? I do think it exist, I have seen it but I can no longer find it. It was a guide that gave example how do create system administrator, domain administrator, reader for a14:32
Blinkizdomain, member for a project and a lot more14:32
*** awalende has quit IRC14:33
*** awalende has joined #openstack-keystone14:33
Blinkizlbragstad: Is these the only three lines that is needed to create a domain with a domain administrator? https://paste.ubuntu.com/p/Wg9DYZ5MT9/14:36
BlinkizIt must say somewhere in OpenStack documentation but I can not find it14:36
*** jawad_axd has quit IRC14:37
*** awalende_ has joined #openstack-keystone14:37
*** awalende has quit IRC14:38
*** jawad_axd has joined #openstack-keystone14:38
lbragstadBlinkiz so - that's about half of the equation14:38
lbragstadBlinkiz each service has a set of policies - either in a file or in code as defaults14:39
*** awalende_ has quit IRC14:39
lbragstadthose policies are what determine if a user can do something in the service14:39
lbragstadbut - unfortunately, domain's aren't really used outside of keystone (is something that's still propogating through the rest of the community through policy changes)14:39
lbragstadto implement a domain user (either admin, member, or reader) you'll likely need to make custom policy changes.14:40
*** baffle has joined #openstack-keystone14:40
*** jawad_ax_ has joined #openstack-keystone14:40
lbragstadthe keystone service is the exception there with the Train release, since we've gone through and updated all of our policies to include support for domain users by default14:41
Blinkizlbragstad: custom policy! O no.. It seems so complicated. I thought everything was fixed in Train.14:41
lbragstadfor keystone it is - yes14:42
*** jawad_axd has quit IRC14:43
Blinkizlbragstad: It is a deal breaker that domain administrators work in Horizon. There it will be people that do not understand cli tools that need a gui.14:43
BlinkizLike my reseller customers14:44
*** jawad_ax_ has quit IRC14:45
lbragstadthat work is being tracked in horizon it looks like https://bugs.launchpad.net/horizon/+bug/160019514:45
openstackLaunchpad bug 1600195 in OpenStack Dashboard (Horizon) "Domain admin cannot manage user, group and domain in own domain" [Undecided,In progress] - Assigned to Yaguang Tang (heut2008)14:45
lbragstadhttps://bugs.launchpad.net/horizon/+bug/170687914:45
openstackLaunchpad bug 1706879 in OpenStack Dashboard (Horizon) "Domain admin user unable to navigate to domains panel" [Undecided,New]14:45
lbragstadhttps://bugs.launchpad.net/horizon/+bug/172173614:45
openstackLaunchpad bug 1721736 in OpenStack Dashboard (Horizon) "Horizon does not allow domain admin to create users" [Undecided,New]14:45
BlinkizOh man.. Am so revealed when I see these bug tickets. I thought it was me!14:46
Blinkizlbragstad: These are old bugs from 2016/2017. Maybe they need a push from keystoners to get the work going14:49
lbragstadBlinkiz everyone is aware of the bugs, we really need people who can work on them15:00
*** cmart has quit IRC15:01
*** awalende has joined #openstack-keystone15:05
*** awalende has quit IRC15:10
*** jaosorior has joined #openstack-keystone15:13
*** ivve has quit IRC15:24
Blinkizlbragstad: Well.. thank you today also for answering my questions. It seems you understand directly what am looking for an giving me explanations that always is spot on.15:26
BlinkizIt's soon time for me to leave work. Have a nice evening :)15:26
lbragstadBlinkiz glad i could help - enjoy your evening15:27
*** ayoung has quit IRC15:31
*** ayoung has joined #openstack-keystone15:32
knikollao/15:58
knikollalife is so hard without coffee15:59
gagehugoo/16:05
gagehugoknikolla: I'll drink another cup today for you16:06
knikollagagehugo: haha, cheers!16:06
knikollai've found a positive correlation between caffeine and anxiety, so i'm trying to cut down on it.16:07
gagehugofair enough16:07
gagehugoI think coffee is the only caffeine I drink now, and it's usually just a cup in the morning16:08
knikolla*doing my best homer impersonation* ahhhhh, coffee in the morning16:11
*** jamesmcarthur has joined #openstack-keystone16:12
*** jawad_axd has joined #openstack-keystone16:18
*** jamesmcarthur has quit IRC16:19
*** jamesmcarthur has joined #openstack-keystone16:20
*** jamesmcarthur has quit IRC16:21
*** jawad_axd has quit IRC16:22
*** jamesmcarthur has joined #openstack-keystone16:36
*** yan0s has quit IRC16:42
*** cmart has joined #openstack-keystone16:47
*** bnemec is now known as beekneemech16:52
openstackgerritGage Hugo proposed openstack/keystone master: [WIP] Try to recreate 1843464  https://review.opendev.org/68439716:53
*** gyee has joined #openstack-keystone17:01
*** jamesmcarthur has quit IRC17:07
*** jaosorior has quit IRC17:11
*** jaosorior has joined #openstack-keystone17:39
*** amoralej is now known as amoralej|off18:13
*** ivve has joined #openstack-keystone18:21
*** jaosorior has quit IRC18:26
gyeecmurphy, should we fix keystoneauth or keystoneclient? https://bugs.launchpad.net/python-keystoneclient/+bug/1780164 and https://bugs.launchpad.net/horizon/+bug/178016418:31
openstackLaunchpad bug 1780164 in python-keystoneclient "httpd leaks open files" [Medium,Confirmed]18:31
gyeeI thought we need to make the fix in keystoneauth regardless.18:38
*** jaosorior has joined #openstack-keystone18:40
*** jaosorior has quit IRC18:50
*** jawad_axd has joined #openstack-keystone18:55
*** pcaruana has quit IRC18:56
*** tesseract has quit IRC19:04
*** jmlowe has quit IRC19:12
*** trident has quit IRC19:20
*** trident has joined #openstack-keystone19:29
*** jmlowe has joined #openstack-keystone19:34
cmurphygyee: if the fix is for session.py then i would think ksa19:38
cmurphynot sure why morgan wontfixed for ksa19:39
*** jawad_axd has quit IRC19:43
gyeecmurphy, yeah, I don't understand Morgan's comment either.20:02
*** awalende has joined #openstack-keystone20:34
*** awalende has quit IRC20:38
*** gshippey has quit IRC21:12
*** rcernin has joined #openstack-keystone23:17
*** jamesmcarthur has joined #openstack-keystone23:18
*** ayoung has quit IRC23:41
*** ayoung has joined #openstack-keystone23:42
*** jamesmcarthur has quit IRC23:43
*** jamesmcarthur has joined #openstack-keystone23:47
*** jamesmcarthur has quit IRC23:55
« Thursday, 2019-11-14 Index Saturday, 2019-11-16 »

Generated by irclog2html.py 2.15.3 by Marius Gedminas - find it at mg.pov.lt!