| *** xuhaiwei has quit IRC | 00:21 | |
| *** Tiancheng has joined #senlin | 01:04 | |
| *** lixinhui has quit IRC | 01:04 | |
| *** xuhaiwei has joined #senlin | 01:08 | |
| *** Yanyanhu has joined #senlin | 01:40 | |
| openstackgerrit | Cindia-blue proposed stackforge/senlin: HttpException: 403 Client Error: Forbidden, At least one role should be specified https://review.openstack.org/205874 | 02:16 |
|---|---|---|
| *** lixinhui has joined #senlin | 02:17 | |
| lixinhui | Yanyan, I just submit review 205874 to fix 403 problem with latest ketstone, please check | 02:31 |
| lixinhui | On our side, we suffer from it with latest devstack | 02:32 |
| xuhaiwei | lixinhui, as I reviewed, I think it's not quite clear about the bug, can you add a report of this? | 02:33 |
| xuhaiwei | you can report it here https://bugs.launchpad.net/senlin/, by click 'Report a bug' | 02:35 |
| lixinhui | okay | 02:42 |
| lixinhui | https://bugs.launchpad.net/senlin/+bug/1478423 | 02:48 |
| openstack | Launchpad bug 1478423 in senlin " HttpException: 403 Client Error: Forbidden, At least one role should be specified" [Undecided,New] | 02:48 |
| lixinhui | robot is great | 02:49 |
| xuhaiwei | lixinhui, when you meet 403, usually because the action need 'admin' quality, so you should change to 'admin' user ant try this again | 02:52 |
| lixinhui | I am using admin | 02:52 |
| lixinhui | this is not related this | 02:52 |
| lixinhui | but becaue senlin can not use the role when create trust | 02:53 |
| xuhaiwei | ok | 02:54 |
| xuhaiwei | can you add the command you used too? | 02:54 |
| lixinhui | Haiwei, this problem reproduce on my side when latest devstack and senlin code after its change to trust creation | 02:54 |
| Yanyanhu | hi, lixinhui, will check it, thanks | 02:57 |
| lixinhui | okay, yanyan | 02:58 |
| Yanyanhu | hi, lixinhui, I think we need to specify at least one role when creating a new trust as the description of keystone V3 API. | 03:12 |
| lixinhui | right | 03:12 |
| Yanyanhu | not sure why this is omitted | 03:13 |
| Yanyanhu | you may want to fix the pep8 first | 03:13 |
| lixinhui | nod, I am working on that | 03:13 |
| Yanyanhu | and also maybe create a new branch for your patchset next time, since if you work on your master branch directly, it will case all other patches depends on it :) | 03:14 |
| Yanyanhu | another question is I'm not sure using ctx.roles as input is ok. Whether it works depends on how keystonemiddleware fill in the 'role' field | 03:16 |
| Yanyanhu | may need to confirm this | 03:16 |
| Yanyanhu | the reinstallation of my environment is blocked since keystone can't be started correctly... | 03:18 |
| lixinhui | :) | 03:18 |
| Yanyanhu | Tiancheng, you're right, we always met issue when reinstalling something... | 03:19 |
| Tiancheng | yanyan, I hope I was wrong... but when I tried to reboot my SuSE VM, that VM cannot be booted to graphics and startx failed | 03:20 |
| Yanyanhu | sigh... | 03:21 |
| openstackgerrit | Cindia-blue proposed stackforge/senlin: To fix bug HttpException: 403 Client Error: Forbidden, At least one role should be specified, more info is here https://bugs.launchpad.net/senlin/+bug/1478423 https://review.openstack.org/205874 | 03:28 |
| openstack | Launchpad bug 1478423 in senlin " HttpException: 403 Client Error: Forbidden, At least one role should be specified" [Undecided,New] | 03:28 |
| lixinhui | not familar with gerrit/git | 03:55 |
| lixinhui | can I update commit with git review reviewid | 03:55 |
| lixinhui | to update into the same review request? | 03:55 |
| Yanyanhu | lixinhui, sure | 03:56 |
| Yanyanhu | you can manually define the commit id to specify which patch thread you want to commit to | 03:57 |
| Yanyanhu | just define it using 'Change-Id: #ID_OF_AN_EXISTING_PATCH' | 03:58 |
| lixinhui | okay, Yanyan | 03:58 |
| Tiancheng | anyone who is familar with SuSE? I got different output of "lsblk" command on SuSE than others (e.g. redhat). It does not have a "TYPE" column so I cannot know the type of the deivce :( | 04:16 |
| xuhaiwei | I only use ubuntu Tiancheng, sorry can't help | 04:21 |
| Tiancheng | no sorry... people use less and less SuSE -- this is my feeling | 04:22 |
| openstackgerrit | Yanyan Hu proposed stackforge/senlin: Fix test case of environment https://review.openstack.org/205900 | 04:51 |
| *** Tiancheng has quit IRC | 05:05 | |
| *** Tiancheng has joined #senlin | 05:05 | |
| xuhaiwei | YanYanhu, about patch https://review.openstack.org/205900 | 05:10 |
| Yanyanhu | yes? | 05:10 |
| xuhaiwei | why other places are not needed to fix, there are also other places using environment.Environment() | 05:10 |
| Yanyanhu | only these three test cases used global env I think | 05:11 |
| Yanyanhu | I'm reading the code but not quite sure about it. | 05:12 |
| openstackgerrit | Cindia-blue proposed stackforge/senlin: fix pep8 error https://review.openstack.org/205874 | 05:48 |
| xuhaiwei | lixinhui, are you around? | 05:55 |
| openstackgerrit | Cindia-blue proposed stackforge/senlin: fix bug 1478423 https://review.openstack.org/205874 | 05:55 |
| openstack | bug 1478423 in senlin " HttpException: 403 Client Error: Forbidden, At least one role should be specified" [Undecided,New] https://launchpad.net/bugs/1478423 | 05:55 |
| lixinhui | yes, I changed the commit as you wish | 05:56 |
| xuhaiwei | not exactly, I think | 05:56 |
| xuhaiwei | you can refer to this patch https://review.openstack.org/#/c/204488/ | 05:57 |
| lixinhui | okay, haiwei | 05:58 |
| openstackgerrit | Cindia-blue proposed stackforge/senlin: Transfer roles of context as inputs to create trust https://review.openstack.org/205874 | 06:05 |
| openstackgerrit | Yanyan Hu proposed stackforge/senlin: Add test case for LoadBalancingPolicy https://review.openstack.org/205389 | 06:21 |
| Yanyanhu | hi, lixinhui, xuhaiwei, can you guys help to test this patch locally to verfiy it can work correctly? https://review.openstack.org/205874 | 06:29 |
| Yanyanhu | my local env is still broken... | 06:29 |
| Yanyanhu | you can clean the DB and also realted trust in keystone first | 06:30 |
| Yanyanhu | and then sending request to Senlin API to see whether new trust can be created | 06:31 |
| xuhaiwei | Yanyanhu, how to test this? I don't know in what situation it happens | 06:31 |
| Yanyanhu | hmm, you just need to reproduce the scenario that a new trust is created | 06:32 |
| xuhaiwei | use Curl ? | 06:32 |
| Yanyanhu | since Senlin will create a new trust each time a new user first time sending request to Senlin API | 06:32 |
| Yanyanhu | client is ok | 06:32 |
| xuhaiwei | any senlin client command? | 06:33 |
| Yanyanhu | what you need to do is just cleaning the existing trust whose trustor is the user you are using in environment and trustee is Senlin | 06:33 |
| Yanyanhu | yes, I think so | 06:33 |
| Yanyanhu | you can try cluster-list :) | 06:33 |
| Yanyanhu | also you need to clean the table of creds | 06:33 |
| Yanyanhu | the table name is 'credential' | 06:34 |
| Yanyanhu | since existing trust are all recorded in this table. And each time Senlin API accept a request from user, the trust middleware will check whether the trust relationship between 'senlin' user and this requester has been established | 06:36 |
| Yanyanhu | if not, trust middleware will try to create one | 06:36 |
| xuhaiwei | Yanyanhu, after clean up the credential, i got this 500 error when running node-list http://paste.openstack.org/show/405882/ | 06:38 |
| Yanyanhu | ok, let me have a look | 06:38 |
| Yanyanhu | is auth_url is setting in environment? | 06:40 |
| xuhaiwei | yes, OS_AUTH_URL is set | 06:41 |
| Yanyanhu | em, my configure file is old, it doesn't have 'authentication' sector | 06:42 |
| xuhaiwei | me too , :) | 06:42 |
| xuhaiwei | the config file should be updated first | 06:42 |
| Yanyanhu | yes | 06:43 |
| Yanyanhu | since we have stopped stealing keystone's authentication related configure options | 06:43 |
| xuhaiwei | can you show me the patch's link? | 06:44 |
| xuhaiwei | I got it https://review.openstack.org/#/c/202949/ | 06:45 |
| Yanyanhu | :) | 06:45 |
| lixinhui | I can test it through with new system | 06:49 |
| Yanyanhu | nice | 06:51 |
| Yanyanhu | Seems my keystone problem is caused by some security rules which blocked the access to MY_IP:5000 | 06:52 |
| Yanyanhu | I can only access keystone service using localhost... | 06:52 |
| Yanyanhu | blocked by pbr conflict again | 07:40 |
| Yanyanhu | faint | 07:40 |
| xuhaiwei | 1.3.0 works for me | 07:47 |
| Yanyanhu | hmm, I'm now manually upgrading all packages that complain version conflict | 07:55 |
| Yanyanhu | including, novaclient, neutronclient, oslo.config, cliff | 07:55 |
| xuhaiwei | I advise you to use tox | 07:56 |
| Yanyanhu | you mean for test? | 07:56 |
| xuhaiwei | don't install senlin to the system, but to tox/venv | 07:57 |
| Yanyanhu | the conflict happened when I reinstall my openstack environment... | 07:57 |
| Yanyanhu | devstack can't work correctly since pbr version isssue... sign | 07:57 |
| Yanyanhu | sigh | 07:57 |
| xuhaiwei | I mean you can install all the other services except senlin to the system, but only install senlin to tox/venv | 07:58 |
| Yanyanhu | yes, I use virtual env to install senlin :) | 07:58 |
| Yanyanhu | really very convenient since you don't worry to break the entire openstack env | 07:58 |
| xuhaiwei | yes | 07:58 |
| xuhaiwei | you still have so many version conflicts? | 07:59 |
| Yanyanhu | I think some projects really need to notice this version conflict issue... | 07:59 |
| Yanyanhu | em, seems so... | 07:59 |
| Yanyanhu | now, only cliff complained prb version is 1.3.0 | 07:59 |
| Yanyanhu | let me have a look | 07:59 |
| xuhaiwei | Yanyanhu: still there? | 09:58 |
| Yanyanhu | yes, but in a call | 09:58 |
| xuhaiwei | ok | 09:58 |
| Yanyanhu | but I can click :) | 09:58 |
| xuhaiwei | :) | 09:59 |
| xuhaiwei | since I deleted the trust from the db, I can't get it created again | 09:59 |
| Yanyanhu | you mean the credential table? | 10:00 |
| xuhaiwei | yes | 10:00 |
| Yanyanhu | if so, I think you can try to recreate the entire senlin db using the tool senlin-db-recreate | 10:01 |
| Yanyanhu | which is under tools directory | 10:01 |
| xuhaiwei | ok, will try it | 10:01 |
| Yanyanhu | you may lost all your clusters, nodes, profiles :( | 10:02 |
| xuhaiwei | i know that | 10:02 |
| Yanyanhu | ok :) | 10:02 |
| *** Yanyanhu has quit IRC | 10:39 | |
| openstackgerrit | xu-haiwei proposed stackforge/senlin: Node module test case part2 https://review.openstack.org/205433 | 10:59 |
| *** Tiancheng has quit IRC | 11:40 | |
| *** mathspanda has joined #senlin | 11:47 | |
| *** jruano has joined #senlin | 12:50 | |
| *** Tiancheng has joined #senlin | 13:00 | |
| *** Tiancheng has quit IRC | 13:03 | |
| *** mathspanda has quit IRC | 13:14 | |
| *** Qiming has joined #senlin | 14:10 | |
| *** jruano has quit IRC | 14:25 | |
| *** Qiming has quit IRC | 14:49 | |
| *** xuhaiwei has quit IRC | 15:57 | |
| *** xuhaiwei has joined #senlin | 23:33 | |
| *** Qiming has joined #senlin | 23:46 | |
Generated by irclog2html.py 2.14.0 by Marius Gedminas - find it at mg.pov.lt!