Re: [Openstack] Swift/Keystone authorization question
As a followup, additional info…
Both the admin and glance accounts, that successfully authenticate against
keystone, were created via the command line. Both accounts also have a tenant
of the same name as the user (probably irrelevant). All other user accounts
that have been created for general users won't authenticate agains keystone,
and exhibit the same error pattern as described below.
Interestingly, if I create a tenant with the same name as a user account, then
I get a 403 unable to get HEAD message when issuing a stat command as described
below.
/ross
On Feb 22, 2012, at 2:52 PM, Lillie Ross-CDSR11 wrote:
I've successfully installed all OpenStack components with Keystone
authorization (well, mostly at least), but am now seeing an interesting problem
for new accounts (created in Dashboard).
Using my admin account, I issue a swift stat command and get the expected
response back from swift-proxy:
root@swift:/etc/swift# swift -v -V 2 -A http://173.23.181.1:5000/v2.0/ -U admin
-K admin stat
StorageURL: http://173.23.181.2:8080/v1/AUTH_1
Auth Token: 10111213141516171819
Account: AUTH_1
Containers: 5
Objects: 20
Bytes: 6335748
Accept-Ranges: bytes
X-Trans-Id: tx6ffec7207a5c41329e53dbab6a6e2c37
Looking at the keystone admin.log file (with debugging enabled) I see the
following:
2012-02-22 14:26:38DEBUG [routes.middleware] Matched POST /tokens
2012-02-22 14:26:38DEBUG [routes.middleware] Route path: '/tokens',
defaults: {'action': u'authenticate', 'controller':
keystone.controllers.auth.AuthController object at 0x170da10}
2012-02-22 14:26:38DEBUG [routes.middleware] Match dict: {'action':
u'authenticate', 'controller': keystone.controllers.auth.AuthController object
at 0x170da10}
2012-02-22 14:26:38 INFO [sqlalchemy.engine.base.Engine.0x...14d0] SELECT
tenants.id AS tenants_id, tenants.name AS tenants_name, tenants.`desc` AS
tenants_desc, tenants.enabled AS tenants_enabled
FROM tenants
WHERE tenants.name = %s
LIMIT 0, 1
2012-02-22 14:26:38 INFO [sqlalchemy.engine.base.Engine.0x...14d0]
(u'admin',)
2012-02-22 14:26:38DEBUG [sqlalchemy.engine.base.Engine.0x...14d0] Col
('tenants_id', 'tenants_name', 'tenants_desc', 'tenants_enabled')
2012-02-22 14:26:38DEBUG [sqlalchemy.engine.base.Engine.0x...14d0] Row (1L,
'admin', 'All administrative tasks are to be grouped underneath this tenancy.
Users are not to be associated with this tenant unless they have been granted
admin roles.', 1L)
2012-02-22 14:26:38 INFO [sqlalchemy.engine.base.Engine.0x...14d0] SELECT
users.id AS users_id, users.name AS users_name, users.password AS
users_password, users.email AS users_email, users.enabled AS users_enabled,
users.tenant_id AS users_tenant_id
FROM users
WHERE users.name = %s
LIMIT 0, 1
2012-02-22 14:26:38 INFO [sqlalchemy.engine.base.Engine.0x...14d0]
(u'admin',)
2012-02-22 14:26:38DEBUG [sqlalchemy.engine.base.Engine.0x...14d0] Col
('users_id', 'users_name', 'users_password', 'users_email', 'users_enabled',
'users_tenant_id')
2012-02-22 14:26:38DEBUG [sqlalchemy.engine.base.Engine.0x...14d0] Row (1L,
'admin',
'$6$rounds=4$k5f0Zd1lOK3AVXbx$awVYhvdu1CI33hRhugjURheVePZYh60EjWSUa4Zwq0Ha48eNH3SQXSFVQeEYv4ffwUzlRVVkoUbr6C4Ai63WC.',
None, 1L, 1L)
2012-02-22 14:26:38 INFO [sqlalchemy.engine.base.Engine.0x...14d0] SELECT
users.id AS users_id, users.name AS users_name, users.password AS
users_password, users.email AS users_email, users.enabled AS users_enabled,
users.tenant_id AS users_tenant_id
FROM users
WHERE users.tenant_id = %s AND users.id = %s
LIMIT 0, 1
2012-02-22 14:26:38 INFO [sqlalchemy.engine.base.Engine.0x...14d0] (1L, 1L)
2012-02-22 14:26:38DEBUG [sqlalchemy.engine.base.Engine.0x...14d0] Col
('users_id', 'users_name', 'users_password', 'users_email', 'users_enabled',
'users_tenant_id')
2012-02-22 14:26:38DEBUG [sqlalchemy.engine.base.Engine.0x...14d0] Row (1L,
'admin',
'$6$rounds=4$k5f0Zd1lOK3AVXbx$awVYhvdu1CI33hRhugjURheVePZYh60EjWSUa4Zwq0Ha48eNH3SQXSFVQeEYv4ffwUzlRVVkoUbr6C4Ai63WC.',
None, 1L, 1L)
2012-02-22 14:26:38 . . .
However, when I issue the same command with a newly created user account I get
a 401 not authorized command back from swift-proxy. For example:
root@swift:/etc/swift# swift -v -V 2 -A http://173.23.181.1:5000/v2.0/ -U
lillie -K changeme stat
Auth GET failed: http://173.23.181.1:5000/v2.0/tokens 401 Unauthorized
and the keystone admin.log file shows the following:
2012-02-22 14:30:40DEBUG [routes.middleware] Matched POST /tokens
2012-02-22 14:30:40DEBUG [routes.middleware] Route path: '/tokens',
defaults: {'action': u'authenticate', 'controller':
keystone.controllers.auth.AuthController object at 0x170da10}
2012-02-22 14:30:40DEBUG [routes.middleware] Match dict: {'action':
u'authenticate', 'controller': keystone.controllers.auth.AuthController object
at 0x170da10}
2012-02-22 14:30:40 INFO [sqlalchemy.engine.base.Engine.0x...14d0] SELECT
Re: [Openstack] Swift/Keystone authorization question
I think I'm figuring this out, then again maybe not. For general users, via
the command line, you need to specify your user id as tenant:username after
reading through the source (my Python is really rusty). So, when I try this I
now get a 403 Forbidden error. I had high hopes.
Just another data point.
Ross
On Feb 22, 2012, at 2:52 PM, Lillie Ross-CDSR11 wrote:
I've successfully installed all OpenStack components with Keystone
authorization (well, mostly at least), but am now seeing an interesting problem
for new accounts (created in Dashboard).
Using my admin account, I issue a swift stat command and get the expected
response back from swift-proxy:
root@swift:/etc/swift# swift -v -V 2 -A http://173.23.181.1:5000/v2.0/ -U admin
-K admin stat
StorageURL: http://173.23.181.2:8080/v1/AUTH_1
Auth Token: 10111213141516171819
Account: AUTH_1
Containers: 5
Objects: 20
Bytes: 6335748
Accept-Ranges: bytes
X-Trans-Id: tx6ffec7207a5c41329e53dbab6a6e2c37
Looking at the keystone admin.log file (with debugging enabled) I see the
following:
2012-02-22 14:26:38DEBUG [routes.middleware] Matched POST /tokens
2012-02-22 14:26:38DEBUG [routes.middleware] Route path: '/tokens',
defaults: {'action': u'authenticate', 'controller':
keystone.controllers.auth.AuthController object at 0x170da10}
2012-02-22 14:26:38DEBUG [routes.middleware] Match dict: {'action':
u'authenticate', 'controller': keystone.controllers.auth.AuthController object
at 0x170da10}
2012-02-22 14:26:38 INFO [sqlalchemy.engine.base.Engine.0x...14d0] SELECT
tenants.id AS tenants_id, tenants.name AS tenants_name, tenants.`desc` AS
tenants_desc, tenants.enabled AS tenants_enabled
FROM tenants
WHERE tenants.name = %s
LIMIT 0, 1
2012-02-22 14:26:38 INFO [sqlalchemy.engine.base.Engine.0x...14d0]
(u'admin',)
2012-02-22 14:26:38DEBUG [sqlalchemy.engine.base.Engine.0x...14d0] Col
('tenants_id', 'tenants_name', 'tenants_desc', 'tenants_enabled')
2012-02-22 14:26:38DEBUG [sqlalchemy.engine.base.Engine.0x...14d0] Row (1L,
'admin', 'All administrative tasks are to be grouped underneath this tenancy.
Users are not to be associated with this tenant unless they have been granted
admin roles.', 1L)
2012-02-22 14:26:38 INFO [sqlalchemy.engine.base.Engine.0x...14d0] SELECT
users.id AS users_id, users.name AS users_name, users.password AS
users_password, users.email AS users_email, users.enabled AS users_enabled,
users.tenant_id AS users_tenant_id
FROM users
WHERE users.name = %s
LIMIT 0, 1
2012-02-22 14:26:38 INFO [sqlalchemy.engine.base.Engine.0x...14d0]
(u'admin',)
2012-02-22 14:26:38DEBUG [sqlalchemy.engine.base.Engine.0x...14d0] Col
('users_id', 'users_name', 'users_password', 'users_email', 'users_enabled',
'users_tenant_id')
2012-02-22 14:26:38DEBUG [sqlalchemy.engine.base.Engine.0x...14d0] Row (1L,
'admin',
'$6$rounds=4$k5f0Zd1lOK3AVXbx$awVYhvdu1CI33hRhugjURheVePZYh60EjWSUa4Zwq0Ha48eNH3SQXSFVQeEYv4ffwUzlRVVkoUbr6C4Ai63WC.',
None, 1L, 1L)
2012-02-22 14:26:38 INFO [sqlalchemy.engine.base.Engine.0x...14d0] SELECT
users.id AS users_id, users.name AS users_name, users.password AS
users_password, users.email AS users_email, users.enabled AS users_enabled,
users.tenant_id AS users_tenant_id
FROM users
WHERE users.tenant_id = %s AND users.id = %s
LIMIT 0, 1
2012-02-22 14:26:38 INFO [sqlalchemy.engine.base.Engine.0x...14d0] (1L, 1L)
2012-02-22 14:26:38DEBUG [sqlalchemy.engine.base.Engine.0x...14d0] Col
('users_id', 'users_name', 'users_password', 'users_email', 'users_enabled',
'users_tenant_id')
2012-02-22 14:26:38DEBUG [sqlalchemy.engine.base.Engine.0x...14d0] Row (1L,
'admin',
'$6$rounds=4$k5f0Zd1lOK3AVXbx$awVYhvdu1CI33hRhugjURheVePZYh60EjWSUa4Zwq0Ha48eNH3SQXSFVQeEYv4ffwUzlRVVkoUbr6C4Ai63WC.',
None, 1L, 1L)
2012-02-22 14:26:38 . . .
However, when I issue the same command with a newly created user account I get
a 401 not authorized command back from swift-proxy. For example:
root@swift:/etc/swift# swift -v -V 2 -A http://173.23.181.1:5000/v2.0/ -U
lillie -K changeme stat
Auth GET failed: http://173.23.181.1:5000/v2.0/tokens 401 Unauthorized
and the keystone admin.log file shows the following:
2012-02-22 14:30:40DEBUG [routes.middleware] Matched POST /tokens
2012-02-22 14:30:40DEBUG [routes.middleware] Route path: '/tokens',
defaults: {'action': u'authenticate', 'controller':
keystone.controllers.auth.AuthController object at 0x170da10}
2012-02-22 14:30:40DEBUG [routes.middleware] Match dict: {'action':
u'authenticate', 'controller': keystone.controllers.auth.AuthController object
at 0x170da10}
2012-02-22 14:30:40 INFO [sqlalchemy.engine.base.Engine.0x...14d0] SELECT
tenants.id AS tenants_id, tenants.name AS tenants_name, tenants.`desc` AS
tenants_desc, tenants.enabled AS tenants_enabled
FROM tenants
WHERE tenants.name = %s
LIMIT 0, 1
2012-02-22 14:30:40 INFO [sqlalchemy.engine.base.Engine.0x...14d0]
(u'lillie',)
Re: [Openstack] [CHEF] Aligning Cookbook Efforts
Is anyone currently working on adding a Horizon cookbook? I would love to make this happen or work with someone who has already started on this. Thanks! -- Mike Perez On Monday, February 6, 2012 at 6:07 PM, Jay Pipes wrote: These chef cookbooks are the ones maintained mostly by Dan Prince and Brian Lamar and these are the cookbooks used by the SmokeStack project. The cookbooks contained in the above repo can install all the core OpenStack projects with the exception of Swift and Horizon. ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] Basic networking/configuration woes
2012/2/24 Justin Santa Barbara jus...@fathomdb.com: I have contributed a patch (which has merged) which should allow you to stop editing the SQL: https://review.openstack.org/#change,3816 With that, you should be able to pass the full range, with an additional argument specifying the subset that nova controls: e.g.-fixed_cidr=10.200.0.0/16 When I boot my VM, I think it gets a real address from my DHCP server (because the VM can reach the DHCP server), but not the address nova assigned it! I believe the nova iptables rules mean that the machine can't then do TCP/IP, but even if I am wrong/could overcome that, I don't think cloud-init could then configure the correct address. The instance firewall should be configured to only allow DHCP responses from the IP it believes to be the correct DHCP server. Perhaps it has the wrong idea? -- Soren Hansen | http://linux2go.dk/ Senior Software Engineer | http://www.cisco.com/ Ubuntu Developer | http://www.ubuntu.com/ OpenStack Developer | http://www.openstack.org/ ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] Swift/Keystone authorization question
OK, is this a 'role' grant issue?
/ross
On Feb 22, 2012, at 2:52 PM, Lillie Ross-CDSR11 wrote:
I've successfully installed all OpenStack components with Keystone
authorization (well, mostly at least), but am now seeing an interesting problem
for new accounts (created in Dashboard).
Using my admin account, I issue a swift stat command and get the expected
response back from swift-proxy:
root@swift:/etc/swift# swift -v -V 2 -A http://173.23.181.1:5000/v2.0/ -U admin
-K admin stat
StorageURL: http://173.23.181.2:8080/v1/AUTH_1
Auth Token: 10111213141516171819
Account: AUTH_1
Containers: 5
Objects: 20
Bytes: 6335748
Accept-Ranges: bytes
X-Trans-Id: tx6ffec7207a5c41329e53dbab6a6e2c37
Looking at the keystone admin.log file (with debugging enabled) I see the
following:
2012-02-22 14:26:38DEBUG [routes.middleware] Matched POST /tokens
2012-02-22 14:26:38DEBUG [routes.middleware] Route path: '/tokens',
defaults: {'action': u'authenticate', 'controller':
keystone.controllers.auth.AuthController object at 0x170da10}
2012-02-22 14:26:38DEBUG [routes.middleware] Match dict: {'action':
u'authenticate', 'controller': keystone.controllers.auth.AuthController object
at 0x170da10}
2012-02-22 14:26:38 INFO [sqlalchemy.engine.base.Engine.0x...14d0] SELECT
tenants.id AS tenants_id, tenants.name AS tenants_name, tenants.`desc` AS
tenants_desc, tenants.enabled AS tenants_enabled
FROM tenants
WHERE tenants.name = %s
LIMIT 0, 1
2012-02-22 14:26:38 INFO [sqlalchemy.engine.base.Engine.0x...14d0]
(u'admin',)
2012-02-22 14:26:38DEBUG [sqlalchemy.engine.base.Engine.0x...14d0] Col
('tenants_id', 'tenants_name', 'tenants_desc', 'tenants_enabled')
2012-02-22 14:26:38DEBUG [sqlalchemy.engine.base.Engine.0x...14d0] Row (1L,
'admin', 'All administrative tasks are to be grouped underneath this tenancy.
Users are not to be associated with this tenant unless they have been granted
admin roles.', 1L)
2012-02-22 14:26:38 INFO [sqlalchemy.engine.base.Engine.0x...14d0] SELECT
users.id AS users_id, users.name AS users_name, users.password AS
users_password, users.email AS users_email, users.enabled AS users_enabled,
users.tenant_id AS users_tenant_id
FROM users
WHERE users.name = %s
LIMIT 0, 1
2012-02-22 14:26:38 INFO [sqlalchemy.engine.base.Engine.0x...14d0]
(u'admin',)
2012-02-22 14:26:38DEBUG [sqlalchemy.engine.base.Engine.0x...14d0] Col
('users_id', 'users_name', 'users_password', 'users_email', 'users_enabled',
'users_tenant_id')
2012-02-22 14:26:38DEBUG [sqlalchemy.engine.base.Engine.0x...14d0] Row (1L,
'admin',
'$6$rounds=4$k5f0Zd1lOK3AVXbx$awVYhvdu1CI33hRhugjURheVePZYh60EjWSUa4Zwq0Ha48eNH3SQXSFVQeEYv4ffwUzlRVVkoUbr6C4Ai63WC.',
None, 1L, 1L)
2012-02-22 14:26:38 INFO [sqlalchemy.engine.base.Engine.0x...14d0] SELECT
users.id AS users_id, users.name AS users_name, users.password AS
users_password, users.email AS users_email, users.enabled AS users_enabled,
users.tenant_id AS users_tenant_id
FROM users
WHERE users.tenant_id = %s AND users.id = %s
LIMIT 0, 1
2012-02-22 14:26:38 INFO [sqlalchemy.engine.base.Engine.0x...14d0] (1L, 1L)
2012-02-22 14:26:38DEBUG [sqlalchemy.engine.base.Engine.0x...14d0] Col
('users_id', 'users_name', 'users_password', 'users_email', 'users_enabled',
'users_tenant_id')
2012-02-22 14:26:38DEBUG [sqlalchemy.engine.base.Engine.0x...14d0] Row (1L,
'admin',
'$6$rounds=4$k5f0Zd1lOK3AVXbx$awVYhvdu1CI33hRhugjURheVePZYh60EjWSUa4Zwq0Ha48eNH3SQXSFVQeEYv4ffwUzlRVVkoUbr6C4Ai63WC.',
None, 1L, 1L)
2012-02-22 14:26:38 . . .
However, when I issue the same command with a newly created user account I get
a 401 not authorized command back from swift-proxy. For example:
root@swift:/etc/swift# swift -v -V 2 -A http://173.23.181.1:5000/v2.0/ -U
lillie -K changeme stat
Auth GET failed: http://173.23.181.1:5000/v2.0/tokens 401 Unauthorized
and the keystone admin.log file shows the following:
2012-02-22 14:30:40DEBUG [routes.middleware] Matched POST /tokens
2012-02-22 14:30:40DEBUG [routes.middleware] Route path: '/tokens',
defaults: {'action': u'authenticate', 'controller':
keystone.controllers.auth.AuthController object at 0x170da10}
2012-02-22 14:30:40DEBUG [routes.middleware] Match dict: {'action':
u'authenticate', 'controller': keystone.controllers.auth.AuthController object
at 0x170da10}
2012-02-22 14:30:40 INFO [sqlalchemy.engine.base.Engine.0x...14d0] SELECT
tenants.id AS tenants_id, tenants.name AS tenants_name, tenants.`desc` AS
tenants_desc, tenants.enabled AS tenants_enabled
FROM tenants
WHERE tenants.name = %s
LIMIT 0, 1
2012-02-22 14:30:40 INFO [sqlalchemy.engine.base.Engine.0x...14d0]
(u'lillie',)
2012-02-22 14:30:40DEBUG [sqlalchemy.engine.base.Engine.0x...14d0] Col
('tenants_id', 'tenants_name', 'tenants_desc', 'tenants_enabled')
2012-02-22 14:30:40DEBUG [eventlet.wsgi.server] 173.23.181.2 - -
[22/Feb/2012 14:30:40] POST /v2.0/tokens HTTP/1.1 401 197 0.004990
Re: [Openstack] [CHEF] Aligning Cookbook Efforts
There's a dashboard cookbook in the diablo/stable branch used by TryStack. https://github.com/trystack/openstack-chef/tree/stable/diablo/cookbooks Thanks, Matt Ray Senior Technical Evangelist | Opscode Inc. m...@opscode.com | (512) 731-2218 Twitter, IRC, GitHub: mattray On Thu, Feb 23, 2012 at 2:10 PM, Mike Perez thin...@gmail.com wrote: Is anyone currently working on adding a Horizon cookbook? I would love to make this happen or work with someone who has already started on this. Thanks! -- Mike Perez On Monday, February 6, 2012 at 6:07 PM, Jay Pipes wrote: These chef cookbooks are the ones maintained mostly by Dan Prince and Brian Lamar and these are the cookbooks used by the SmokeStack project. The cookbooks contained in the above repo can install all the core OpenStack projects with the exception of Swift and Horizon. ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
[Openstack] [Swift] Cannot create container.
Hello, I'm trying to set up a custom swift server in a virtual machine. I have based my install on the SAIO configurations but i'm using repository packages instead of the cloning from git. I'm using three partitions to simulate 3 different zones. Everything appears to be running. However, i am unable to create a new container (keep getting 404 response) and the only reference i can find in the logs is this: Feb 24 15:09:41 ubserver account-server 172.16.225.162 - - [24/Feb/2012:15:09:41 +] HEAD /sdb1/99702/AUTH_admin 507 - tx51735d3079074bfab3900df92d74466e - - 0.0059 Feb 24 15:09:41 ubserver account-server 172.16.225.162 - - [24/Feb/2012:15:09:41 +] HEAD /sdb3/99702/AUTH_admin 507 - tx51735d3079074bfab3900df92d74466e - - 0.0059 Feb 24 15:09:42 ubserver account-server 172.16.225.162 - - [24/Feb/2012:15:09:42 +] HEAD /sdb2/99702/AUTH_admin 507 - tx51735d3079074bfab3900df92d74466e - - 0.0059 Feb 24 15:09:42 ubserver proxy-server 172.16.225.1 172.16.225.1 24/Feb/2012/15/09/42 PUT /v1/AUTH_admin/default HTTP/1.0 404 - curl/7.21.4%20%28universal-apple-darwin11.0%29%20libcurl/7.21.4%20OpenSSL/0.9.8r%20zlib/1.2.5 admin%2CAUTH_tk9c942206e5d743fab3f7b45abb7d8741 - - - tx51735d3079074bfab3900df92d74466e - 0.0459 Any ideas? Regards, Leander ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] [Swift] Cannot create container.
a 507 response means that the drive was unmounted. If you are running this in a VM (like the SAIO), then you need to disable to mount check. Docs for this are in the SAIO docs. --John On Feb 24, 2012, at 9:13 AM, Leander Bessa wrote: Hello, I'm trying to set up a custom swift server in a virtual machine. I have based my install on the SAIO configurations but i'm using repository packages instead of the cloning from git. I'm using three partitions to simulate 3 different zones. Everything appears to be running. However, i am unable to create a new container (keep getting 404 response) and the only reference i can find in the logs is this: Feb 24 15:09:41 ubserver account-server 172.16.225.162 - - [24/Feb/2012:15:09:41 +] HEAD /sdb1/99702/AUTH_admin 507 - tx51735d3079074bfab3900df92d74466e - - 0.0059 Feb 24 15:09:41 ubserver account-server 172.16.225.162 - - [24/Feb/2012:15:09:41 +] HEAD /sdb3/99702/AUTH_admin 507 - tx51735d3079074bfab3900df92d74466e - - 0.0059 Feb 24 15:09:42 ubserver account-server 172.16.225.162 - - [24/Feb/2012:15:09:42 +] HEAD /sdb2/99702/AUTH_admin 507 - tx51735d3079074bfab3900df92d74466e - - 0.0059 Feb 24 15:09:42 ubserver proxy-server 172.16.225.1 172.16.225.1 24/Feb/2012/15/09/42 PUT /v1/AUTH_admin/default HTTP/1.0 404 - curl/7.21.4%20%28universal-apple-darwin11.0%29%20libcurl/7.21.4%20OpenSSL/0.9.8r%20zlib/1.2.5 admin%2CAUTH_tk9c942206e5d743fab3f7b45abb7d8741 - - - tx51735d3079074bfab3900df92d74466e - 0.0459 Any ideas? Regards, Leander ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp smime.p7s Description: S/MIME cryptographic signature ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] [Swift] Cannot create container.
A 507 usually means a device isn't mounted. It might be worth revisiting the Using a partition for storage or Using a loopback device for storage sections of the guide (depending on which option you chose) in case you missed something. Adrian On 24 February 2012 15:13, Leander Bessa leande...@gmail.com wrote: Hello, I'm trying to set up a custom swift server in a virtual machine. I have based my install on the SAIO configurations but i'm using repository packages instead of the cloning from git. I'm using three partitions to simulate 3 different zones. Everything appears to be running. However, i am unable to create a new container (keep getting 404 response) and the only reference i can find in the logs is this: Feb 24 15:09:41 ubserver account-server 172.16.225.162 - - [24/Feb/2012:15:09:41 +] HEAD /sdb1/99702/AUTH_admin 507 - tx51735d3079074bfab3900df92d74466e - - 0.0059 Feb 24 15:09:41 ubserver account-server 172.16.225.162 - - [24/Feb/2012:15:09:41 +] HEAD /sdb3/99702/AUTH_admin 507 - tx51735d3079074bfab3900df92d74466e - - 0.0059 Feb 24 15:09:42 ubserver account-server 172.16.225.162 - - [24/Feb/2012:15:09:42 +] HEAD /sdb2/99702/AUTH_admin 507 - tx51735d3079074bfab3900df92d74466e - - 0.0059 Feb 24 15:09:42 ubserver proxy-server 172.16.225.1 172.16.225.1 24/Feb/2012/15/09/42 PUT /v1/AUTH_admin/default HTTP/1.0 404 - curl/7.21.4%20%28universal-apple-darwin11.0%29%20libcurl/7.21.4%20OpenSSL/0.9.8r%20zlib/1.2.5 admin%2CAUTH_tk9c942206e5d743fab3f7b45abb7d8741 - - - tx51735d3079074bfab3900df92d74466e - 0.0459 Any ideas? Regards, Leander ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] [Swift] Cannot create container.
Thanks for the replies, it appears i forgot to disable the mount check option in the vm. I've managed to create a container now. Regards, Leander On Fri, Feb 24, 2012 at 3:29 PM, Adrian Smith adrian_f_sm...@dell.comwrote: A 507 usually means a device isn't mounted. It might be worth revisiting the Using a partition for storage or Using a loopback device for storage sections of the guide (depending on which option you chose) in case you missed something. Adrian On 24 February 2012 15:13, Leander Bessa leande...@gmail.com wrote: Hello, I'm trying to set up a custom swift server in a virtual machine. I have based my install on the SAIO configurations but i'm using repository packages instead of the cloning from git. I'm using three partitions to simulate 3 different zones. Everything appears to be running. However, i am unable to create a new container (keep getting 404 response) and the only reference i can find in the logs is this: Feb 24 15:09:41 ubserver account-server 172.16.225.162 - - [24/Feb/2012:15:09:41 +] HEAD /sdb1/99702/AUTH_admin 507 - tx51735d3079074bfab3900df92d74466e - - 0.0059 Feb 24 15:09:41 ubserver account-server 172.16.225.162 - - [24/Feb/2012:15:09:41 +] HEAD /sdb3/99702/AUTH_admin 507 - tx51735d3079074bfab3900df92d74466e - - 0.0059 Feb 24 15:09:42 ubserver account-server 172.16.225.162 - - [24/Feb/2012:15:09:42 +] HEAD /sdb2/99702/AUTH_admin 507 - tx51735d3079074bfab3900df92d74466e - - 0.0059 Feb 24 15:09:42 ubserver proxy-server 172.16.225.1 172.16.225.1 24/Feb/2012/15/09/42 PUT /v1/AUTH_admin/default HTTP/1.0 404 - curl/7.21.4%20%28universal-apple-darwin11.0%29%20libcurl/7.21.4%20OpenSSL/0.9.8r%20zlib/1.2.5 admin%2CAUTH_tk9c942206e5d743fab3f7b45abb7d8741 - - - tx51735d3079074bfab3900df92d74466e - 0.0459 Any ideas? Regards, Leander ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] Running for Nova PTL
2012/2/24 ed_con...@dell.com: I like most of what you say, but the no new features at all policy for trunk for the Folsom causes concern. I absolutely agree that Nova needs to be more stable, predictable and have more work done around operations. This is especially true for service provider usage. I think if Nova was closer to feature complete, that the no new features at all policy for trunk for the Folsom would be fine. It is probably doable for Folsom if the focus is on private cloud functionality. But for service providers, Nova is not feature complete and there is still much needed from the operations standpoint. I understand it's a trade-off. People may feel there are features missing before they can really use Nova, but noone can use it if it's unstable or doesn't work. I believe everyone will be better off if we spend some time (like, say, 6 months time) and focus exclusively on addressing these things. Thinking we can both add lots of new features as well as rework things for more stability at the same time is how we've ended up here. If you know of a way to achieve both, I'd love to hear about it. As much as I wish everyone would drop what they are doing and start helping in this effort, I understand some groups have certain features they simply cannot defer. I'd like to encourage this to happen collaboratively in public repos, and with frequent rebases against trunk to ease inclusion into trunk later on. In a way, they'd be patch sets more than anything else. How does that sound to you? -- Soren Hansen | http://linux2go.dk/ Senior Software Engineer | http://www.cisco.com/ Ubuntu Developer | http://www.ubuntu.com/ OpenStack Developer | http://www.openstack.org/ ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] [Swift] Cannot create container.
Why not 4 zones? On Fri, Feb 24, 2012 at 7:13 AM, Leander Bessa leande...@gmail.com wrote: Hello, I'm trying to set up a custom swift server in a virtual machine. I have based my install on the SAIO configurations but i'm using repository packages instead of the cloning from git. I'm using three partitions to simulate 3 different zones. Everything appears to be running. However, i am unable to create a new container (keep getting 404 response) and the only reference i can find in the logs is this: Feb 24 15:09:41 ubserver account-server 172.16.225.162 - - [24/Feb/2012:15:09:41 +] HEAD /sdb1/99702/AUTH_admin 507 - tx51735d3079074bfab3900df92d74466e - - 0.0059 Feb 24 15:09:41 ubserver account-server 172.16.225.162 - - [24/Feb/2012:15:09:41 +] HEAD /sdb3/99702/AUTH_admin 507 - tx51735d3079074bfab3900df92d74466e - - 0.0059 Feb 24 15:09:42 ubserver account-server 172.16.225.162 - - [24/Feb/2012:15:09:42 +] HEAD /sdb2/99702/AUTH_admin 507 - tx51735d3079074bfab3900df92d74466e - - 0.0059 Feb 24 15:09:42 ubserver proxy-server 172.16.225.1 172.16.225.1 24/Feb/2012/15/09/42 PUT /v1/AUTH_admin/default HTTP/1.0 404 - curl/7.21.4%20%28universal-apple-darwin11.0%29%20libcurl/7.21.4%20OpenSSL/0.9.8r%20zlib/1.2.5 admin%2CAUTH_tk9c942206e5d743fab3f7b45abb7d8741 - - - tx51735d3079074bfab3900df92d74466e - 0.0459 Any ideas? Regards, Leander ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] Running for Nova PTL
Soren, That can work and may be the only choice if there is an extended feature freeze. Although, that may end up creating a service provider-specific fork...which may not be a bad thing. Thanks! Ed -Original Message- From: Soren Hansen [mailto:so...@linux2go.dk] Sent: Friday, February 24, 2012 10:58 AM To: Conzel, Ed Cc: openstack@lists.launchpad.net Subject: Re: [Openstack] Running for Nova PTL 2012/2/24 ed_con...@dell.com: I like most of what you say, but the no new features at all policy for trunk for the Folsom causes concern. I absolutely agree that Nova needs to be more stable, predictable and have more work done around operations. This is especially true for service provider usage. I think if Nova was closer to feature complete, that the no new features at all policy for trunk for the Folsom would be fine. It is probably doable for Folsom if the focus is on private cloud functionality. But for service providers, Nova is not feature complete and there is still much needed from the operations standpoint. I understand it's a trade-off. People may feel there are features missing before they can really use Nova, but noone can use it if it's unstable or doesn't work. I believe everyone will be better off if we spend some time (like, say, 6 months time) and focus exclusively on addressing these things. Thinking we can both add lots of new features as well as rework things for more stability at the same time is how we've ended up here. If you know of a way to achieve both, I'd love to hear about it. As much as I wish everyone would drop what they are doing and start helping in this effort, I understand some groups have certain features they simply cannot defer. I'd like to encourage this to happen collaboratively in public repos, and with frequent rebases against trunk to ease inclusion into trunk later on. In a way, they'd be patch sets more than anything else. How does that sound to you? -- Soren Hansen | http://linux2go.dk/ Senior Software Engineer | http://www.cisco.com/ Ubuntu Developer | http://www.ubuntu.com/ OpenStack Developer | http://www.openstack.org/ ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] swift keystone help
Thanks guys. This returns my token ( not X-Auth-Token?) that I have in api-paste.ini. How do we list the container or whats the equivalent of this curl -H 'X-Auth-Token: AUTH_tke0f59cda14bf472fbe60e68f78af1c69' http://192.168.122.14:8080/v1/AUTH_admin/ Paras. On Thu, Feb 23, 2012 at 5:09 PM, Chmouel Boudjnah chmo...@chmouel.com wrote: On Thu, Feb 23, 2012 at 10:57 PM, Alan Pevec ape...@gmail.com wrote: On Thu, Feb 23, 2012 at 11:23 PM, Paras pradhan pradhanpa...@gmail.com wrote: Now I have keystone configured at http://192.168.122.14:5000/v2.0 how to use curl in this case to get a token? Example from devstack: By the way for my dev and testing I use this (quickly and hacky written) script : http://p.chmouel.com/ks usage is : ks host user password #account == user here or ks host account:user password (host can be a full URL if you start it with http or it will use as a host and convert it to http://host:5000/v2.0/tokens) it wil auth to keystone print the formatted json (or show the error if there is a problem) and at the end will print the curl command to validate the token on object-storage. hopefully this should be useful for someone else. Chmouel. ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] Running for Nova PTL
2012/2/24 ed_con...@dell.com: That can work and may be the only choice if there is an extended feature freeze. Although, that may end up creating a service provider-specific fork...which may not be a bad thing. That's certainly not my intent nor desire. At least not permanently. I'd love to have a chat about the details of how we can make this work both short and long term. -- Soren Hansen | http://linux2go.dk/ Senior Software Engineer | http://www.cisco.com/ Ubuntu Developer | http://www.ubuntu.com/ OpenStack Developer | http://www.openstack.org/ ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
[Openstack] A brief update on the invites to the Design Summit
Hello folks, As of today about ~150 people registered already out of the 260 invites distributed for the OpenStack Summit. From http://wiki.openstack.org/Summit The design summit is not a classic conference with speakers and presentations. Developers submit session ideas to discuss upcoming features for the next release cycle, which get reviewed and scheduled by the summit drivers. Those sessions are not formal presentations but rather open discussions on a given subject or feature. [...] The OpenStack Design Summit is not the right place to get started or learn the basics of OpenStack. For that it's better to check the various OpenStack meetups organized by user groups around the world or one of the OpenStack conferences. The PTLs have been handing extra invites to the design summit to all the people that we missed in the first batch. If you work on OpenStack as developer, deployer, operator, ask me or your PTL to get an invite. If you have received an invite code, please use it NOW: go to http://www.openstack.org/conference/san-francisco-2012/register/ and register. * IMPORTANT * Invite codes that nave NOT been used by Wednesday February 29th will expire and be put back in the pool, made available for others to join the summit. * We are sending a reminder to all the people that received an invite and haven't registered: use it or lose it, as after February 29th there is no guarantee that you'll get a seat at the summit nor the discount for the conference. On March 1st access to the summit will be open to anybody interested on a first come first served basis. I'm confident we'll be able to accommodate the demand. ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] Running for Nova PTL
On Fri, 2012-02-24 at 09:35 -0600, ed_con...@dell.com wrote: I like the way you have put out your positions in public so everyone can understand your viewpoint. It would be good to see more of this from other PTL nominees. Some of them have added their 'platform' to their names on http://etherpad.openstack.org/Spring2012-Nominees following the suggestion published on http://www.openstack.org/blog/2012/02/openstack-governance-elections-spring-2012-action-item-for-all-candidates/ cheers, stef ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] Basic networking/configuration woes
Justin Santa Barbara wrote Yes, I do have a non-nova DHCP server. However, even if I didn't, and even if iptables allowed talking to 169.254 with the magic link-local, cloud-init still couldn't configure the IP address... :-( If Linux assigned a 169.254 address to an Ethernet port then iptables should be set up for 169.254. But you can't use the link local network for unicast messages unless you have a link local address. I don't believe Linux will assign an 169.254 address by default if another IP address has been assigned manually or by DHCP. ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] Basic networking/configuration woes
The instance firewall should be configured to only allow DHCP responses from the IP it believes to be the correct DHCP server. Perhaps it has the wrong idea? Ah yes - it probably does because of my unusual network subrange config. It seems I'm not missing something, so I've proposed a init script for contrib that can apply the configuration from a config_drive. It solved my problem, and it avoids all of the DHCP/cloud-init complexity without needing direct injection. Still very much a version 1 though: https://review.openstack.org/#change,4498 ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] Running for Nova PTL
On Friday, February 24, 2012 at 12:01 PM, ed_con...@dell.com wrote: That can work and may be the only choice if there is an extended feature freeze. Although, that may end up creating a service provider-specific fork...which may not be a bad thing. It can also be a very, very bad thing. Segmentation of the community and an exponentially increased complexity for those of us playing both sides of the private/public fence. I really can't see any advantage of forking, even temporarily. I'm opposed to a broad Folsom feature freeze as it would too greatly limit progression. However, I also agree that there needs to be a better core focus, rather than on sprawl. I'm not opposed to selective feature inclusion. On the same token, I believe we should either approach the Linux kernel model of include the kitchen sink or not, and by not, Nova would be the core framework upon which various drivers would be provided and could be plumbed. If today, for instance, it was announced that Folsom won't include new features, then it would be impossible for Coraid, Pillar, or some other storage solution provider to offer a driver in Folsom and would have wait until G. Yet, Nexenta just got their driver into Essex. Nexenta's 6 month lead just turned into a 12 month lead! Sure, their competitor could ship separately, but there *is* a difference between inclusion, and now, if only politically and from the perspective of marketing. If new drivers and new code won't be accepted easily, then these third party drivers should be maintained as external plugins. While nice in theory, I don't agree with it at this time. These are contributions to OpenStack and are core, essential to the success of the community. Breaking out drivers, while easier, would fracture the community in potentially devastating ways. -- Eric Windisch ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] A brief update on the invites to the Design Summit
Do you know when the conference agenda will be available (19 and 20th) for users? Prakashan On 02/24/2012 09:45 AM, Stefano Maffulli wrote: Hello folks, As of today about ~150 people registered already out of the 260 invites distributed for the OpenStack Summit. From http://wiki.openstack.org/Summit The design summit is not a classic conference with speakers and presentations. Developers submit session ideas to discuss upcoming features for the next release cycle, which get reviewed and scheduled by the summit drivers. Those sessions are not formal presentations but rather open discussions on a given subject or feature. [...] The OpenStack Design Summit is not the right place to get started or learn the basics of OpenStack. For that it's better to check the various OpenStack meetups organized by user groups around the world or one of the OpenStack conferences. The PTLs have been handing extra invites to the design summit to all the people that we missed in the first batch. If you work on OpenStack as developer, deployer, operator, ask me or your PTL to get an invite. If you have received an invite code, please use it NOW: go to http://www.openstack.org/conference/san-francisco-2012/register/ and register. * IMPORTANT * Invite codes that nave NOT been used by Wednesday February 29th will expire and be put back in the pool, made available for others to join the summit. * We are sending a reminder to all the people that received an invite and haven't registered: use it or lose it, as after February 29th there is no guarantee that you'll get a seat at the summit nor the discount for the conference. On March 1st access to the summit will be open to anybody interested on a first come first served basis. I'm confident we'll be able to accommodate the demand. ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] Wish: Please rename all OpenStack packages to openstack-*
On 02/23/2012 10:36 PM, Alexey Eromenko wrote: Current way makes it difficult to see which openstack packages are installed in a single list, and find what's lacking... I'm all for raising this at the upcoming Ubuntu Developer Summit for 12.10 -- Robbie Williamson rob...@ubuntu.com robbiew[irc.freenode.net] Don't make me angry...you wouldn't like me when I'm angry. -Bruce Banner ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] Object Storage Swift on rhel6.0
U can check out https://github.com/yahoo/Openstack-DevstackPy And specifically: https://github.com/yahoo/Openstack-DevstackPy/blob/master/devstack/components/swift.py We haven't done much with the swift section/code but it should be a start. -Josh On 2/19/12 8:23 PM, Sudhakar Maiya sma...@gmail.com wrote: Hi, i would like to configure object storage swift on rhel6.0.. can some one provide me the steps to install package/configure on each node. Regards Sudhakar Maiya.P ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] Orchestration meetings/futures
How about a big session on this at the folsom summit? This is really a very important part and should be heavily discussed (to avoid the zones code problem happening again). -Josh On 2/20/12 12:46 PM, Sriram Subramanian sri...@computenext.com wrote: +1 for the same slot and for both of your proposals/ suggestions. What is the current state of the Orchestration project - I don't see any entries in the wiki/ getting started guides. Did I look at wrong place? -Original Message- From: Dugger, Donald D [mailto:donald.d.dug...@intel.com] Sent: Monday, February 20, 2012 12:42 PM To: Sriram Subramanian; nova-orchestrat...@lists.launchpad.net Cc: openstack Subject: RE: Orchestration meetings/futures Still works for me. -- Don Dugger Censeo Toto nos in Kansa esse decisse. - D. Gale Ph: 303/443-3786 -Original Message- From: Sriram Subramanian [mailto:sri...@computenext.com] Sent: Monday, February 20, 2012 1:41 PM To: Dugger, Donald D; nova-orchestrat...@lists.launchpad.net Cc: openstack Subject: RE: Orchestration meetings/futures Is Thurs 12 - 1 pm still a good time for Orchestration chat? -Original Message- From: openstack-bounces+sriram=computenext@lists.launchpad.net [mailto:openstack-bounces+sriram=computenext@lists.launchpad.net] On Behalf Of Dugger, Donald D Sent: Monday, February 20, 2012 11:15 AM To: nova-orchestrat...@lists.launchpad.net Cc: openstack Subject: [Openstack] Orchestration meetings/futures All- The orchestration sub-group activity has dropped off since the start of the year and we need to re-evaluate what should be done in this area. There are still latency/serialization concerns that need to be addressed but people have more immediate concerns that seem to be occupying people's time right now. I'm going to propose that we move any orchestration email threads to the main mailing list so that no issues get forgotten about. The volume seems a little low so the main list shouldn't be a problem. Creating an orchestration session at the Design Summit would be a good way to get people's attention and identify what issues need to be addressed and who is still interested in the area. In the mean time I will still be hanging out on the IRC meeting channel to chair the weekly orchestration meetings for anyone who is still interested. We can come to a definitive agreement on what to do about orchestration at the summit but I want to keep all communication channels open until then. -- Don Dugger Censeo Toto nos in Kansa esse decisse. - D. Gale Ph: 303/443-3786 ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] Question on i8ln?
Maybe that's a problem as well. Log files might be best just for log messages ;) On 2/21/12 6:01 AM, David Kranz david.kr...@qrclab.com wrote: Because at least some OpenStack projects use log files for more than just error messages, there may not be a one-size-fits all answer to this. I agree strongly with point 1 below but have also gotten a lot of value from generic web searching of error snippets from log files, including searches of the bug databases. -David On 2/20/2012 10:41 AM, Ahn, Jaesuk wrote: We have a small discussion at OpenStack Korea Community about logging in local language. Most of participants said that they prefers having logging message in English only. Reasons are: 1. Logging messages are searchable keywords. Having a single entry point for searching is important. 2. Keeping the exact translation for logging message is very important for the localization. It is not an easy task to do. Suggestions are: - It would be helpful if we can have a place (website) to look-up for the translation. - It would be good if each error message has corresponding error code, and a look-up website to search for localized translation with the error-code. - It is also possible that we can have an option to generate localized error message along with original English message. - Having an official website to put feedback, related information, possible cause of error message in various languages is more important than having translated logging message. This is just an opinion from small set of developers in Korea Community. We are happy to join a discussion on this subject at Folsom design summit, or we can try to gather much broader consensus on this subject within Korea Community. Cheers, ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] Orchestration meetings/futures
On Fri, Feb 24, 2012 at 11:16 AM, Joshua Harlow harlo...@yahoo-inc.com wrote: How about a big session on this at the folsom summit? This is really a very important part and should be heavily discussed (to avoid the zones code problem happening again). -Josh +1 I would like to see a session around this early in the summit, so we can coordinate more sessions. 'Orchestration' can quickly expand to cover a lot of areas, and we need to divide and conquer. mike ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] Orchestration meetings/futures
+1 That's a plan that works for me. -- Don Dugger Censeo Toto nos in Kansa esse decisse. - D. Gale Ph: 303/443-3786 -Original Message- From: Michael Pittaro [mailto:mik...@lahondaresearch.org] Sent: Friday, February 24, 2012 3:03 PM To: Joshua Harlow Cc: Sriram Subramanian; Dugger, Donald D; nova-orchestrat...@lists.launchpad.net; openstack Subject: Re: [Openstack] Orchestration meetings/futures On Fri, Feb 24, 2012 at 11:16 AM, Joshua Harlow harlo...@yahoo-inc.com wrote: How about a big session on this at the folsom summit? This is really a very important part and should be heavily discussed (to avoid the zones code problem happening again). -Josh +1 I would like to see a session around this early in the summit, so we can coordinate more sessions. 'Orchestration' can quickly expand to cover a lot of areas, and we need to divide and conquer. mike ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] Question on i8ln?
When it comes to server software, log files are not just for developers. In my experience, the first people who look at log files are operators and users. For non-English speakers, something as simple as the absence of the word 'ERROR' or 'WARNING' in a critical message can mean the difference between a quick solution and hours of troubleshooting. I'm 100% in favor of localization of messages. If anything more formal is needed, then you can always use message ids and codes, but I personally never found that useful. mike ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] A brief update on the invites to the Design Summit
On Fri, 2012-02-24 at 10:18 -0800, Prakashan Korambath wrote: Do you know when the conference agenda will be available (19 and 20th) for users? The first speakers (keynotes and such) will hopefully be announced early March, and we hope to have the full agenda around mid March. It will be an awesome conference: book your hotel room and make the flight arrangement now :) thanks, /stef ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] Running for Nova PTL
2012/2/24 Eric Windisch e...@cloudscaling.com: On Friday, February 24, 2012 at 12:01 PM, ed_con...@dell.com wrote: That can work and may be the only choice if there is an extended feature freeze. Although, that may end up creating a service provider-specific fork...which may not be a bad thing. It can also be a very, very bad thing. Segmentation of the community and an exponentially increased complexity for those of us playing both sides of the private/public fence. I really can't see any advantage of forking, even temporarily. Forking has a number of connotations, not all of which necessarily strictly apply here. We have some fundamental problems we need to address. To do so effectively while still letting others move forward towards their goals, the proposal (in its current form) is to let people work on the things they need to meet their goals in a separate branch (probably in a separate repository), yet still under the Nova umbrella. Once we feel we've addressed the aforementioned problems, we can start merging the features in from these other branches. As I said, I'm expecting these experimental (or whatever designation is appropriate) branches will frequently be rebased on top of trunk so as to ease a later merge of the branches. The fact that these forks are still in many ways part of the project (albeit do not follow the rigour of the OpenStack release cycle), as well as the fact that they are expected to rebase often, make them fail to qualify as forks, at least in the traditional sense. I'm opposed to a broad Folsom feature freeze as it would too greatly limit progression. However, I also agree that there needs to be a better core focus, rather than on sprawl. I don't believe what Nova needs is features, be they core or in the various drivers. We need stability and dependability. I'm not opposed to selective feature inclusion. On the same token, I believe we should either approach the Linux kernel model of include the kitchen sink or not, and by not, Nova would be the core framework upon which various drivers would be provided and could be plumbed. Would you mind proposing this as a session for the summit? It sounds like a good chat to have face to face. One of the things I'd like for us to address in Folsom is actually to make this easier. Many parts of the nova code base can't easily be split out, but drivers should be fairly easy to maintain separately. We should make that simpler. This, like other things I've suggested, is mostly a job of clarifying contracts between various components. If today, for instance, it was announced that Folsom won't include new features, then it would be impossible for Coraid, Pillar, or some other storage solution provider to offer a driver in Folsom and would have wait until G. Yet, Nexenta just got their driver into Essex. Nexenta's 6 month lead just turned into a 12 month lead! Sure, their competitor could ship separately, but there *is* a difference between inclusion, and now, if only politically and from the perspective of marketing. That is a very good point, and like all good policies, exceptions can be made. A change that simply adds a new driver (and doesn't really touch any core parts of Nova at all) would be a very good candidate for an exception, particularly in the volume subsystem, which, last I looked at it, seemed quite well behaved. If new drivers and new code won't be accepted easily, then these third party drivers should be maintained as external plugins. While nice in theory, I don't agree with it at this time. These are contributions to OpenStack and are core, essential to the success of the community. Breaking out drivers, while easier, would fracture the community in potentially devastating ways. That's a valid point of view. However, when we need to weigh it against the burden of maintaining potentially unmaintainable plugins, it's not always an easy decision. We'd certainly need to clarify the social contracts better than we have in the past. So, in case we have to accept into core a driver for some piece of infrastructure we cannot easily get access to (and as a team don't really have a vested interest in), someone needs to be all over it. We need to make sure those expectations are clearly communicated. -- Soren Hansen | http://linux2go.dk/ Senior Software Engineer | http://www.cisco.com/ Ubuntu Developer | http://www.ubuntu.com/ OpenStack Developer | http://www.openstack.org/ ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
[Openstack] OpenStack Community Newsletter –February 24, 2012
OpenStack Community Newsletter –February 24, 2012 HIGHLIGHTS * OpenStack Governance Elections Spring 2012: Action Item For All Candidates http://www.openstack.org/blog/2012/02/openstack-governance-elections-spring-2012-action-item-for-all-candidates/ * Nominations close on Monday * Announcing StackTach: a little debugging tool to watch the flow of an operation through the various parts of OpenStack https://lists.launchpad.net/openstack/msg07765.html * Quantum promoted to core project: it will be part of Folsom release, in Autumn 2012 * A brief update on the invites to the Design Summit https://lists.launchpad.net/openstack/msg07765.html * A proposal for the OpenStack Foundation Technical Committee http://lists.openstack.org/pipermail/foundation/2012-February/000146.html * New graph: now tracking contributions to Tempest (see below) EVENTS * OpenStack 1st Global Hack-In Day Mar 01, 2012 – Around the world http://wiki.openstack.org/OpenStackUsersGroup/EssexGlobalHackIn * TryStack.org – a Sandbox for OpenStack! Mar 06, 2012 – San Francisco, CA http://www.meetup.com/openstack/events/52464312/ * OpenStack Essex Doc Day Mar 06, 2012 – San Francisco, CA http://www.meetup.com/openstack/events/52466462/ * OpenStack Spring 2012 Design Summit Apr 16 – 18 and Conference Apr 19-20 – San Francisco, California http://openstack.org/conference/ OTHER NEWS * Open development, releases and quality (Thierry Carrez) http://fnords.wordpress.com/2012/02/21/open-dev-releases-quality/ * Revisiting OpenStack Architecture: Essex Edition (Ken Pepple) http://ken.pepple.info/openstack/2012/02/21/revisit-openstack-architecture-diablo/ * OpenStack Wiki Recent Changes – http://wiki.openstack.org/RecentChanges * Keystone Use Cases http://wiki.openstack.org/KeystoneUseCases * OpenStack Dashboard design concepts http://wiki.openstack.org/Design * Get started with Quantum fixing these easy bugs http://wiki.openstack.org/QuantumStarterBugs * Project meeting summary http://eavesdrop.openstack.org/meetings/openstack-meeting/2012/openstack-meeting.2012-02-21-21.04.html COMMUNITY STATISTICS * Activity on the main branch of OpenStack repositories, lines of code added and removed per developer during week 7 of 2012 (from Mon Feb 13 00:00:00 UTC 2012 to Mon Feb 20 00:00:00 UTC 2012) Changes to Tempest project week 07 2012 Changes to Tempest project week 07 2012 Changes to Horizon project week 07 2012 Changes to Horizon project week 07 2012 Changes to Swift project week 07 2012 Changes to Swift project week 07 2012 Changes to Manuals project week 07 2012 Changes to Manuals project week 07 2012 Changes to Keystone project week 07 2012 Changes to Keystone project week 07 2012 Changes to Quantum project week 07 2012 Changes to Quantum project week 07 2012 Changes to Glance project week 07 2012 Changes to Glance project week 07 2012 Changes to Nova project week 07 2012 Changes to Nova project week 07 2012 ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
[Openstack] TODO for the weekend: fix the Authors files
Hello folks, we are relying on the Authors file in each project's repository for a bunch of very relevant things and I found out is that we can't rely on them. We need to have them maintained with full name *and* email address of each person that contributed to the project. We use the Authors list twice a year to send out the invitations for the OpenStack summit and twice a year for the election of PTLs. If we don't have email addresses on those files or we have the wrong email addresses we put unnecessary strain on people running elections and summit. We have three days before the elections of PTL and I kindly ask your help to please make sure that the Authors file of your project has your full name and email. In particular: - Keystone: create the file, populate it - Swift: add the email addresses - other: make sure you check the emailbox you listed there I, Lloyd and Dave will be very grateful because you'll save us all from the flood of 'OMG, I haven't received the link to vote and my colleagues did'. Thanks, stef PS I'll send a reminder on Monday, just before we close the nominations. After that I'll feel much better when I'll ignore the OMG messages mentioned above evil grin. ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
[Openstack] swift authors list
Stefano has asked that swift start keeping email addresses in our AUTHORS file. I'll be adding these soon, but some contributors have more than one email. If you have a particular email address you'd like to have me add to your name, please let me know. Otherwise, I will use one from git log. No need to respond to the list for this; just respond to me privately. Please let me know ASAP so that we don't hold up any election plans. --John smime.p7s Description: S/MIME cryptographic signature ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack-qa-team] Tempest tests almost passing against devstack
On 2/24/2012 2:30 PM, Jay Pipes wrote: Nice job, David! Keep up the good work. I approved that skipper for the bug so we should be getting close now. Going to get to the remaining reviews now. Cheers, -jay OK, great. If you create a stable-diablo branch I can get those tests in shape as well. -David -- Mailing list: https://launchpad.net/~openstack-qa-team Post to : openstack-qa-team@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack-qa-team More help : https://help.launchpad.net/ListHelp
Re: [Openstack-qa-team] Tempest resize tests
I've heard KVM/libvert support was added in Essex. I can confirm resize is still working with Xen Server, so the issue must be with those implementations. Daryl On Feb 24, 2012, at 2:58 PM, David Kranz wrote: I am not sure why the resize tests are failing but there is an error in the compute log so I filed a bug: https://bugs.launchpad.net/nova/+bug/940619 -David -- Mailing list: https://launchpad.net/~openstack-qa-team Post to : openstack-qa-team@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack-qa-team More help : https://help.launchpad.net/ListHelp -- Mailing list: https://launchpad.net/~openstack-qa-team Post to : openstack-qa-team@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack-qa-team More help : https://help.launchpad.net/ListHelp
