Hi fellow stackers,
I see a
blueprinthttps://blueprints.launchpad.net/quantum/+spec/quantum-security-groups
for security groups that is making great progress (thanks!)... Would this
blueprint encompass security group for the OVSPlugin? Also, would it be using
iptables or flow for this?
Hi fellow Stackers,
For the HTML form POST in Swift, where would the signed temp url(s) go? At the
swift-url level or at the file level? How do I specify it at the individual
file level? A sample HTML form POST would be awesome!
form action=swift-url method=POST
+1 for an IANA-registered public port. I wonder why we registered the admin
port, but not the public port in the first place.
Liem
-Original Message-
From: openstack-bounces+liem_m_nguyen=hp@lists.launchpad.net
[mailto:openstack-bounces+liem_m_nguyen=hp@lists.launchpad.net] On
use them
for); but, I am definitely open for any other approach out there that meets the
above use-cases...
Cheers,
Liem
From: Christopher B Ferris [mailto:chris...@us.ibm.com]
Sent: Friday, June 15, 2012 6:57 AM
To: Mark Nottingham
Cc: Nguyen, Liem Manh; openstack@lists.launchpad.net
Subject
IMHO, a well-documented WADL + XSD would say a thousand words (maybe more)...
And can serve as a basis for automated testing as well. I understand that the
v3 API draft is perhaps not at that stage yet; but, would like to see a WADL +
XSD set as soon as the concepts are solidified.
Liem
Hi Joe/Dolph,
I have a few questions on the v3 API's create_user (sorry the comments section
in the Google docs is getting pretty cluttered now):
(POST) /users == create_user
{
tenant_id: ...
name: ...
password: ...
enabled: ...
email: ...
description: ...
}
1. Does this tenant_id
Looks good, Adam... I have a couple comments/questions:
1) We probably want to maintain backward-compatibility with the old token auth.
So, PKI can be turned on or off, maybe via a middleware filter that sits in
front of the old token auth (instead of a cache for example which does not make
@lists.launchpad.net] On Behalf
Of Nguyen, Liem Manh
Sent: Friday, May 18, 2012 9:52 AM
To: openstack@lists.launchpad.net
Subject: [Openstack] Keystone service catalogue has non-core services?
Hi Stackers,
I ran the sample_data.sh script in Keystone and saw that we have populated a
few more services
In essex-3, there used to be a legacy_token_auth component that does just
this.
Liem
From: openstack-bounces+liem_m_nguyen=hp@lists.launchpad.net
[mailto:openstack-bounces+liem_m_nguyen=hp@lists.launchpad.net] On Behalf
Of Chmouel Boudjnah
Sent: Wednesday, May 23, 2012 6:54 AM
To:
Hi Stackers,
I ran the sample_data.sh script in Keystone and saw that we have populated a
few more services, such as ec2, dashboard and nova-volume. Are these meant to
be core services or extension services? The definition of core services is
defined here:
Boudjnah [mailto:chmo...@chmouel.com]
Sent: Tuesday, May 15, 2012 9:41 AM
To: Nguyen, Liem Manh
Cc: 张家龙; openstack
Subject: Re: [Openstack] Swift Object Storage ACLs with KeyStone
This has been filled already zhangjialong :
https://bugs.launchpad.net/keystone/+bug/999615
I am not very familiar
I would like to keep the service type and name under the service and not the
endpoint, too. Make it easier to parse for a given service.
One thing is that I am not sure if we need the metadata tag... In the Keystone
XSD, we have the construct anyAttribute namespace=##other
From: Joseph Heck [mailto:he...@me.com]
Sent: Wednesday, April 25, 2012 9:47 AM
To: Nguyen, Liem Manh
Cc: Joe Savak; openstack@lists.launchpad.net (openstack@lists.launchpad.net);
Adam Gandelman
Subject: Re: [Openstack] [Keystone] What exactly are we modeling with endpoints?
This isn't about
...@gmail.com [mailto:anti...@gmail.com] On Behalf Of Dolph Mathews
Sent: Wednesday, April 25, 2012 11:00 AM
To: Joseph Heck
Cc: Nguyen, Liem Manh; Adam Gandelman; openstack@lists.launchpad.net
(openstack@lists.launchpad.net)
Subject: Re: [Openstack] [Keystone] What exactly are we modeling with endpoints
, 2012 12:02 PM
To: Nguyen, Liem Manh
Cc: Joseph Heck; Adam Gandelman; openstack@lists.launchpad.net
(openstack@lists.launchpad.net)
Subject: Re: [Openstack] [Keystone] What exactly are we modeling with endpoints?
Liem,
I think yes, because service is just a logical concept, and endpoint API may
Hi fellow Stackers,
I am reading http://keystone.openstack.org/configuringservices.html, and it
appears that for service registration, all services (or rather service users)
reside within the same tenant with the same Admin role. So, if I understand it
correctly, it is then possible that a
Hello stackers,
I checked out the new Keystone (KSL), and the XSD's and WADL's are not there
anymore... Do they live somewhere else now?
Thanks,
Liem
___
Mailing list: https://launchpad.net/~openstack
Post to : openstack@lists.launchpad.net
Hello fellow stackers,
Last year, Jorge gave a presentation on the Repose (Restful Proxy Service
Engine)... I am just wondering what is the status of this project? Where can
I find more information on this? It seems like a very good idea to help make
APIs more consistent and promote re-use.
Hi Stackers,
For the Diablo release, I would like to use Keystone as the auth component...
Do I still need to use lazy provisioning (nova_auth_token.py) in my pipeline to
provision Nova projects (i.e., is Nova project creating still required)? Also,
is there an example of how the novarc
at
http://keystone.openstack.org/configuring.html, which also has detail on how to
configure Nova to work with Keystone.
-joe
On Oct 28, 2011, at 10:50 AM, Nguyen, Liem Manh wrote:
Hi Stackers,
For the Diablo release, I would like to use Keystone as the auth component...
Do I still need to use
Hello Stackers,
With swauth, Swift accounts are identified by reseller_prefix_hash. Under
Keystone (with swift_auth and Swift's lazy provisioning), I see the Swift
account now has the format reseller_prefix_tenantId. So, if we have
existing Swift account data with the old format, how would
missing something here?
Liem
-Original Message-
From: John Dickinson [mailto:m...@not.mn]
Sent: Tuesday, September 13, 2011 1:11 PM
To: Nguyen, Liem Manh
Cc: openstack@lists.launchpad.net
Subject: Re: [Openstack] [Swift] [Keystone] Account migration
Swift treats the hash or tenantid part
]
Sent: Tuesday, September 13, 2011 2:01 PM
To: Nguyen, Liem Manh
Cc: openstack@lists.launchpad.net
Subject: Re: [Openstack] [Swift] [Keystone] Account migration
Why would the account need to change? Can the swift account reference in
keystone be set to the old value? If not, then yes you
How is Nova project/user deletion handled then? There is no synchronization
for that currently.
Liem
From: Vishvananda Ishaya [mailto:vishvana...@gmail.com]
Sent: Tuesday, August 30, 2011 11:04 AM
To: Nguyen, Liem Manh
Cc: Glen Campbell; openstack@lists.launchpad.net
Subject: Re: [Openstack
[mailto:vishvana...@gmail.com]
Sent: Tuesday, August 30, 2011 11:31 AM
To: Nguyen, Liem Manh
Cc: Glen Campbell; openstack@lists.launchpad.net
Subject: Re: [Openstack] Nova: Admin API blueprints
With keystone in use, there is no user and project object in nova anymore. So
the only thing that would
To: Nguyen, Liem Manh
Cc: Glen Campbell; openstack@lists.launchpad.net
Subject: Re: [Openstack] Nova: Admin API blueprints
This is correct. Well, they are still there, but marked deprecated. One can
still use the old user and project system by using the --use_deprecated_auth
flag and using
Hello Stackers,
I tried to run Nova with Keystone (populated with sampledata.sh), using the
nova-api-paste.ini from Keystone. Everything seems fine, but when I tried to
get a list of servers:
curl -v -H 'X-Auth-Token: 887665443383838' http://127.0.0.1:8774/v1.0/servers
I received:
FYI... I got it working by updating Nova bits to trunk. I was using an older
version of Nova.
Cheers,
Liem
From: openstack-bounces+liem_m_nguyen=hp@lists.launchpad.net
[mailto:openstack-bounces+liem_m_nguyen=hp@lists.launchpad.net] On Behalf
Of Nguyen, Liem Manh
Sent: Monday, August
Hello Stackers,
Currently, we have the legacy_token_auth to help with integration with
services (like Swift) that still talks auth v1.0. Will this filter go away and
other services will be speaking pure Keystone when Diablo releases?
Thanks,
Liem
Hello Stackers,
My understanding is that a tenant may have a list of services associated with
her via the endpoint association. Do these services have to be to unique or
not? In other words, can I have a tenant associated with the swift service
in Region X and another swift service in Region
When one creates a user, should a user always have a tenant associated with
her? If that's the case, then the default tenant is the tenant that the user
is associated with at creation time? Sorry for responding to the question with
another question, but it is unclear for me from looking at
31 matches
Mail list logo
