18:02:44 <heckj> #startmeeting
18:02:45 <openstack> Meeting started Tue Mar 20 18:02:44 2012 UTC.  The chair is heckj. Information about MeetBot at http://wiki.debian.org/MeetBot.
18:02:46 <openstack> Useful Commands: #action #agreed #help #info #idea #link #topic.
18:02:58 <dolphm> o/
18:03:21 <gyee> \o
18:03:31 <termie> o;
18:03:39 <heckj> heh
18:03:53 <heckj> #topic RC1 status
18:03:54 <ayoung> \O/
18:03:55 <heckj> #link https://launchpad.net/keystone/+milestone/essex-rc1
18:04:18 <heckj> We're closing in on things, and having termie back from sxsw should help a bit :-)
18:04:51 <heckj> Bug 952977 is still outstanding - I tried helping Andrew with it a bit yesterday, but didn't make much progress against it (helping him)
18:04:52 <uvirtbot> Launchpad bug 952977 in keystone "Can't fetch EC2 credentials" [High,Confirmed] https://launchpad.net/bugs/952977
18:04:55 <heckj> Andrew are you here?
18:05:19 <dolphm> heckj: based on the bug description, that is impacted (and maaaybe fixed) by https://review.openstack.org/#change,5358
18:05:47 <ayoung> Does KVS support EC2?
18:05:56 <dolphm> but i'm not sure if the bug is asking for a better error message or a totally different behavior
18:06:01 <ayoung> Or is Devstack using MySQL now\
18:06:19 <termie> devstack uses sql
18:06:23 <heckj> There are a couple of other issues that will likely populate into RC1 when we get details back - using EC2 commands against a devstack instance
18:06:56 <heckj> Dolphm - how's the status of your bugs in progress? Any assistance needed?
18:07:12 <dolphm> heckj: just need some reviews, approvals, and a -2 cleared
18:07:22 <dolphm> review/approval needed: https://review.openstack.org/#change,5358
18:07:34 <dolphm> jesse is blocking https://review.openstack.org/#change,5485 which i don't think is necessary anymore
18:07:48 <termie> re that bug you just linked, abotu ec2 creds, it seems like it needs a better error message
18:07:51 <termie> but that behavior is expected
18:07:51 <heckj> block isn't needed anymore - so we'll find him and get it cleared
18:08:00 <dolphm> termie: then my review fixes it
18:08:05 <heckj> excellent
18:08:08 <anotherjesse> dolphm: I can unblock
18:08:12 <dolphm> anotherjesse: thank you
18:08:23 <dolphm> and i'm not sure what's going on here (i pinged jeblair, no response): https://review.openstack.org/#change,5314
18:08:50 <dolphm> and thats 6 of the remaining 8 keystone bugs :)
18:08:57 <dolphm> RC blockers, anyway
18:09:08 <heckj> Is anyone aware of any other bugs or issues outstanding that might be coming in for RC1 blockers?
18:09:17 <dolphm> i'm not
18:10:10 <heckj> termie submitted a patch for the CONF related pieces, so those are in progress. MarkMC's conf refactoring is therefore on hold and not likely to roll in prior to Folsom at this point
18:10:22 <termie> or ever
18:10:26 <termie> possibly ;)
18:10:29 <heckj> heh
18:10:47 <termie> that's still an email to read on my list
18:10:57 * heckj nods
18:10:59 <heckj> #topic folsom summit
18:11:02 <heckj> switching topics -
18:11:13 <heckj> gyee mentioned the other day a couple of issues to chat about at folsom
18:11:24 <heckj> with RC1 closing down a bit, I'll be focusing on getting things set up for the summit.
18:11:36 <gyee> we have 3 BPs up for discussion
18:12:00 <heckj> #link http://summit.openstack.org is available to submit talks within - I'm going to try and organize a few design pieces up front, and a later session specifically around deployment issues.
18:12:08 <gyee> which track should they go to?
18:12:16 <termie> gyee: link to bps?
18:12:46 <heckj> gyee: keystone track, but some of that will be impactful enough that we'll want to sync any conversation across all of openstack to make it viable (the domain setup, for instance)
18:13:06 <heckj> If you have topics you'd like to discuss, please open a BP, assign it to yourself, and let me know.
18:13:09 <ayoung> http://wiki.openstack.org/PKI
18:13:17 <gyee> keystone-domains, keystone-timed-access, and access-key-authentication
18:13:21 <ayoung> But I am not going to be able to make it to the Summit
18:13:43 <gyee> what up with the new ecosystem track
18:13:50 <gyee> that the filibuster track? :)
18:13:58 <dolphm> https://blueprints.launchpad.net/keystone
18:15:42 <termie> i try to only filibuster individual talks, but i guess i could try for a whole track this time
18:15:42 <ayoung> gyee, have you read the PKI Blueprint?  I think it might complement the accessKeys,  but we should make sure we are looking at Key Pairs the same way
18:16:09 <gyee> ayoung, yeah, we need a generic CRUD for key management
18:16:11 <heckj> We also need to have some discussions related to delegate trust with tokens and what we want to make available for federation
18:17:01 <gyee> all related
18:17:31 <heckj> uh, what's next… ?
18:17:44 <heckj> #topic High Priority issues/topics
18:18:00 <heckj> Anything here? We've covered the RC1 stuff
18:18:06 <dolphm> reviews!
18:18:35 <justinsb_> I'd really like to see --byname make it in https://review.openstack.org/#change,5445
18:18:51 <heckj> termie: when you're through email, would you take a look at ^^
18:19:11 <heckj> #topic Open Discussion
18:19:13 <justinsb_> It's in keystoneclient - not sure if that is being RC1d at the same time>
18:19:23 <heckj> justinsb_: yes, it definitely is
18:19:34 <justinsb_> heckj: thx
18:19:41 <gyee> heckj, looks like tools/sampledata.sh still not working
18:19:42 <heckj> Any questions, details, etc?
18:19:57 <termie> we should add a test for it
18:20:12 <rafaduran> please check #link https://bugs.launchpad.net/keystone/+bug/956954
18:20:14 <uvirtbot> Launchpad bug 956954 in keystone "Keystone needs a URL normalizer middleware" [Low,Confirmed]
18:20:55 <heckj> gyee: could you open a bug with relevant details on it?
18:21:07 <gyee> will do
18:21:08 <heckj> I haven't run that one outside of devstack in a week or two, so I'm not sure what's happening there
18:21:08 <dolphm> rafaduran: i'm fine with having such a middleware, but i don't think its "needed" for rc1
18:21:23 <justinsb_> Misc question: "should I" be using SQL to store the service directory, or should I stick with the JSON?
18:21:40 <dolphm> rafaduran: it probably should be Wishlist, but it annoys me as well, so I marked it Low :)
18:21:44 <termie> we should probably switch to the sql version
18:21:52 <termie> justinsb_: but i don't want to do the testing :p
18:21:58 <heckj> justinsb_: the API is a bit freaky, but either should be fully functional. SQL version will make more sense for people, yeah
18:22:02 <rafaduran> dolphm: I think so too, after checking on master using devstack and I can't reproduce the error on the tcplfow
18:22:12 <ayoung> termie, should services be LDAP ified as well?
18:22:13 <dolphm> termie: justinsb_: json for essex release, sql after that?
18:22:19 <justinsb_> termie: No worries.  It's one of my open issues in trying to 'package' keystone!
18:22:20 <termie> ayoung: i doubt it
18:22:27 <justinsb_> termie: I'll try SQL and see how it goes
18:22:30 <rafaduran> dolphm: so it just fix the /v2.0 url
18:22:57 <heckj> dolphm: I'd like to run with that plan of attack (default = catalog for essex, change to SQL in folsom)
18:23:35 <justinsb_> OK, maybe I won't try SQL then :-)
18:23:54 <dolphm> rafaduran: it's not "broken" though, nothing (docs, etc) should reference /v2.0 without a trailing slash
18:24:11 <heckj> justinsb_: I'm just interested in making the docs solid for the release. The codes been worked over pretty good
18:24:45 <justinsb_> Would you rather downstream packagers used the text format or SQL?
18:25:00 <rafaduran> dolphm: I think in that case it can be disarded
18:25:07 <ayoung> should I take https://bugs.launchpad.net/keystone/+bug/928047
18:25:08 <uvirtbot> Launchpad bug 928047 in keystone "port cert validation from keystone master to redux" [High,Confirmed]
18:25:26 <heckj> ayoung: nice to have, but not an RC1 blocker for me
18:25:32 <ayoung> Seems like it might be important.
18:25:33 <dolphm> rafaduran: i don't want to discard it, i just want to to be the first patch in folsom
18:25:57 <termie> ayoung: my guess is that i don't like how it is done previously, but i havne't taken a hard look at it yet
18:26:03 <rafaduran> dolphm: ok I will submit it for folsom
18:26:32 <dolphm> rafaduran: feel free to submit it for review sooner, and -1 it with a note that it should wait for folsom
18:27:40 <ayoung> termie, I take it we don't that need to SSL enable Keystone?
18:28:00 <termie> ayoung: that is using certs instead of credentials
18:28:02 <termie> ayoung: not ssl
18:28:25 <ayoung> OK...I think I'll take a look,  and if it postdates Essex,  that is OK
18:28:44 <gyee> two-way SSL is important if we don't want that admin token to flight in clear
18:28:51 <gyee> for token validation
18:29:13 <rafaduran> dolphm: I don't very much how works the git review, Do I add a comment on the commit msg? Or just comment the review after submit it?
18:29:43 <dolphm> rafaduran: ping me after the meeting
18:30:05 <heckj> other questions? issues? topics?
18:31:01 <dolphm> heckj: can i beg for reviews again?
18:31:29 <termie> dolphm: no
18:31:29 <heckj> have at :-)
18:31:37 <dolphm> 5 of 6 release blockers are fixed by https://review.openstack.org/#change,5358 and https://review.openstack.org/#change,5485
18:31:38 <dolphm> just sayin
18:31:40 <termie> moving dolph to the back of the line
18:31:44 <dolphm> lol
18:31:58 <heckj> Okay, I think we're wrapped up.
18:32:04 <heckj> #endmeeting