The CFP is at
http://events.linuxfoundation.org/events/linuxcon-north-america/program/xen-project-user-summit
- this is for the Xen User Summit as part of linuxcon.
While it might not have OpenStack in the title, I'm aware of at least one talk
which has already been submitted with a strong
Hi Brian,
I just realized that my example in the comment of the review was not so good.
The currently implementation of the driver already does what you propose.
The driver addresses this case:
Two labels rules matches a packet; a CIDR of a rule overlaps another one:
iptables -N test1
iptables
Hi,
Starting from 1.9, Swift has get_info() support allowing middleware to get
container and/or account information maintained by Swift.
Middleware can use get_info() on a container to retrieve the container
metadata.
In a similar way, middleware can use get_inf() on an account to retrieve
the
On Tue, Jul 23 2013, Brooklyn Chen wrote:
It would be helpful if ceilometer-api provides following api:
GET /v2/usages/disk/
Parameters: q(list(Query)) Filter rules for the resources to be returned.
Return Type: list(Usage) A list of usage with different tenant,user,
resource
GET
Hi Thierry,
we'll be skipping the release status
meeting tomorrow at 21:00 UTC
I wanted to remind at that meeting about the next stable/grizzly release
2013.1.3, meeting next week would too late so I'll piggy back here.
Proposed freeze is Aug 1st and release Aug 8th. Milestone 2013.1.3 has
Hello everyone!
Mirantis http://www.mirantis.com/ is pleased to announce the release of
Stackalytics http://www.stackalytics.com/ 0.1. You can find complete
details on the Stackalytics
wikihttps://wiki.openstack.org/wiki/Stackalytics page,
but here are the brief release notes:
- Changed the
On 07/23/2013 12:24 AM, Alex Glikson wrote:
Russell Bryant rbry...@redhat.com wrote on 23/07/2013 01:04:24 AM:
[1]
https://blueprints.launchpad.net/nova/+spec/multiple-scheduler-drivers
[2] https://wiki.openstack.org/wiki/Nova/MultipleSchedulerPolicies
[3]
Hi
As part of bp
https://blueprints.launchpad.net/keystone/+spec/policy-on-api-target I have
uploaded some example WIP code showing a proposed approach for just a few API
calls (one easy, one more complex). I'd appreciate early feedback on this
before I take it any further.
Russell Bryant rbry...@redhat.com wrote on 23/07/2013 05:35:18 PM:
#1 - policy associated with a host aggregate
This seems very odd to me. Scheduling policy is what chooses hosts,
so
having a subset of hosts specify which policy to use seems backwards.
This is not what we had in
Excerpts from Steve Baker's message of 2013-07-22 21:43:05 -0700:
On 07/23/2013 10:46 AM, Angus Salkeld wrote:
On 22/07/13 16:52 +0200, Bartosz Górski wrote:
Hi folks,
I would like to start a discussion about the blueprint I raised about
multi region support.
I would like to get
hi Adam,
Can you explain why RoleApi() and ProjectApi() are duplicated
in assignment/backends/ldap.py and identity/backends/ldap.py?
It would seem duplicating the same class in two files should be refactored
into new shared file.
thanks
lex
On Tue, Jul 23, 2013 at 7:21 AM, Adam Young
On Tue, Jul 23, 2013 at 10:40 AM, Henry Nash hen...@linux.vnet.ibm.comwrote:
Hi
As part of bp
https://blueprints.launchpad.net/keystone/+spec/policy-on-api-target I
have uploaded some example WIP code showing a proposed approach for just a
few API calls (one easy, one more complex). I'd
On 07/23/2013 12:02 PM, Alex Glikson wrote:
Russell Bryant rbry...@redhat.com wrote on 23/07/2013 05:35:18 PM:
#1 - policy associated with a host aggregate
This seems very odd to me. Scheduling policy is what chooses hosts, so
having a subset of hosts specify which policy to use seems
Hi evereyone,
We’ve started working on upgrading Savanna architecture in version 0.3 to make
it horizontally scalable.
The most part of information is in the wiki page -
https://wiki.openstack.org/wiki/Savanna/NextGenArchitecture.
Additionally there are several blueprints created for this
Excerpts from Robert Collins's message of 2013-07-23 02:52:11 -0700:
We have a bunch of sudo rules in disk-image-builder. They are there
primarily so we could have passwordless sudo on jenkins boxes, but
working with the infra team now, it looks like we'd run on
devstack-gate nodes, not on
On 07/23/2013 12:32 PM, Sergey Lukjanov wrote:
Hi evereyone,
We’ve started working on upgrading Savanna architecture in version 0.3 to
make it horizontally scalable.
The most part of information is in the wiki page -
https://wiki.openstack.org/wiki/Savanna/NextGenArchitecture.
On 07/23/2013 11:38 AM, Peter Pouliot wrote:
Hi All,
I need to cancel the Hyper-V meeting for today. We will resume next week.
I'd like an update from you guys on all of the hyper-v blueprints
targeted for havana-3. I see 6 of them. A few are still marked not
started. Do you still
Hy Russell,
Yep, we are on track with the development, I have to update the BP status.
There's a fairly big one up for review now
https://review.openstack.org/#/c/38160/, the other Nova ones are faster to get
ready for review.
Thanks,
Alessandro
On Jul 23, 2013, at 19:47 , Russell Bryant
When writing a previous ISO standard the approach we took was as follows
Lie to people who are not authorised.
So applying this approach to your situation, you could reply Not Found
to people who are authorised to see the object if it had existed but
does not, and Not Found to those not
Thanks Jarret for all the good information.
It seems KMIP is getting lots of enterprise attention, so I think it may be
good candidate for future (as you already mentioned in your email below)
Barbican feature, as per the link below it seems our community also expects
KMIP to be integrated
Hi Henry
using the XACML processing model, the functionality that you are
describing, which you say is currently partly missing from Keystone, is
that of the context handler. Its job is to marshall all the attributes
that are needed and put them into the request context for calling the
policy
stdout: {{{
GET: /v1/nodes/1be26c0b-03f2-4d2e-ae87-c02d7f33c123 {}
GOT:Response: 401 Unauthorized
Content-Type: text/plain; charset=UTF-8
Www-Authenticate: Keystone uri='https://127.0.0.1:35357'
401 Unauthorized
This server could not verify that you are authorized to access the document
you
On 07/23/2013 12:54 PM, David Chadwick wrote:
When writing a previous ISO standard the approach we took was as follows
Lie to people who are not authorised.
Is that your verbage? I am going to reuse that quote, and I would like
to get the attribution correct.
So applying this approach
On 07/23/2013 01:17 PM, David Chadwick wrote:
Of course the tricky thing is knowing which object attributes to fetch
for which user API requests. In the general case you cannot assume
that Keystone knows the format or structure of the policy rules, or
which attributes each will need, so you
On 07/23/2013 12:15 PM, Alexius Ludeman wrote:
hi Adam,
Can you explain why RoleApi() and ProjectApi() are duplicated
in assignment/backends/ldap.py and identity/backends/ldap.py?
It would seem duplicating the same class in two files should be
refactored into new shared file.
That is the
One thing we could do is:
- Return Forbidden or NotFound if we can determine the correct answer
- When we can't (i.e. the object doesn't exist), then return NotFound unless a
new config value 'policy_harden' (?) is set to true (default false) in which
case we translate NotFound into Forbidden.
Or another idea:
Have each compute node write into redis (thus avoiding saturating the MQ
broker/DB with capabilities information) under 2 keys, one that is updated over
longer periods and one that is updated frequently.
- Possibly like the following
compute-$hostname.slow
I think delay_denial will have to be maintained for awhile for backwards
compatibility no matter what happens.
I think existing auth middlewares can and often do reject requests outright
without forwarding them to swift (no x-auth-token?).
I think get_info and the env caching is relatively new,
Thanks for your review and comments on the blueprint. A few comments /
clarifications:
* There are about a half dozen key manager products on the market that
support KMIP. They are offered in different form factors / price points: some
are physical appliances (with and without
On Jul 22, 2013 7:13 PM, Joshua Harlow harlo...@yahoo-inc.com wrote:
An interesting idea, I'm not sure how useful it is but it could be.
If you think of the compute node capability information as an 'event
stream' then you could imagine using something like apache flume (
There is an inaccuracy about savanna-conductor role in this document. Now we
have no real reasons to make savanna-conductor as an separated service. The
main goal of declaring savanna-conductor in this doc is to illustrate that we
want to move all db-related operations to the single module that
On Jul 18, 2013, at 4:19 AM, Sean Dague s...@dague.net wrote:
On 07/18/2013 05:54 AM, Nikola Đipanov wrote:
Heya,
Rule is because (I believe at least) - in the spirit of continuous
integration - people should be able to deploy continuously anything on
master.
Due to the nature of
All-
I'd like to propose that Kyle Mestery and Armando Migliaccio be added to the
Neutron core team. Both have been very active with valuable reviews and
contributions to the Neutron community.
Neutron core team members please respond with +1/0/-1.
mark
Hi Sean,
A couple weeks ago after a really *fun* night we started down this
road of uncapping all the python clients to ensure that we're actually
testing the git clients in the gate. We're close, but we need the help
of the horizon and ceilometerclient teams to get us there:
1) we need
A big +2 for both!
They have been doing a great job as of late.
-Original Message-
From: Mark McClain [mailto:mark.mccl...@dreamhost.com]
Sent: Tuesday, July 23, 2013 10:15 PM
To: OpenStack Development Mailing List
Subject: [openstack-dev] [Neutron] Proposal to add new neutron-core
On Jul 19, 2013, at 3:37 PM, Ian Wells ijw.ubu...@cack.org.uk wrote:
[arosen] - sure, in this case though then we'll have to add even more
queries between nova-compute and quantum as nova-compute will need to query
quantum for ports matching the device_id to see if the port was already
Great News!
+1 for both guys
2013/7/23 Aaron Rosen aro...@nicira.com:
+1
I think both Kyle and Armando would be a great addition to the team.
On Tue, Jul 23, 2013 at 12:15 PM, Mark McClain mark.mccl...@dreamhost.com
wrote:
All-
I'd like to propose that Kyle Mestery and Armando
On 07/23/2013 03:19 PM, Lyle, David (Cloud Services) wrote:
Hi Sean,
A couple weeks ago after a really *fun* night we started down this
road of uncapping all the python clients to ensure that we're actually
testing the git clients in the gate. We're close, but we need the help
of the horizon
* periodic updates can overwhelm things. Solution: remove unneeded updates,
most scheduling data only changes when an instance does some state change.
It's not clear that periodic updates do overwhelm things, though.
Boris ran the tests. Apparently 10k nodes updating once a minute
extend the
I agree too. I've posted a work in progress of this here if you want to
start looking at it: https://review.openstack.org/#/c/38230/
Thanks,
Aaron
On Tue, Jul 23, 2013 at 4:21 AM, Samuel Bercovici samu...@radware.comwrote:
Hi,
** **
I agree that the AutZ should be separated and the
On 23/07/2013 18:36, Adam Young wrote:
On 07/23/2013 01:17 PM, David Chadwick wrote:
Of course the tricky thing is knowing which object attributes to fetch
for which user API requests. In the general case you cannot assume
that Keystone knows the format or structure of the policy rules, or
On 23/07/2013 18:31, Adam Young wrote:
On 07/23/2013 12:54 PM, David Chadwick wrote:
When writing a previous ISO standard the approach we took was as follows
Lie to people who are not authorised.
Is that your verbage? I am going to reuse that quote, and I would like
to get the attribution
+1 Absolutely for both!
BTW. I also would like to propose to Eugene Nikanorov
Thanks,
Edgar
On 7/23/13 12:15 PM, Mark McClain mark.mccl...@dreamhost.com wrote:
All-
I'd like to propose that Kyle Mestery and Armando Migliaccio be added to
the Neutron core team. Both have been very active
On 07/23/2013 03:15 PM, Mark McClain wrote:
All-
I'd like to propose that Kyle Mestery and Armando Migliaccio be added to the
Neutron core team. Both have been very active with valuable reviews and
contributions to the Neutron community.
Neutron core team members please respond with
Ian,
There are serious scalability and performance problems with DB usage in
current scheduler.
Rapid Updates + Joins makes current solution absolutely not scalable.
Bleuhost example just shows personally for me just a trivial thing. (It
just won't work)
We will add tomorrow antother graphic:
Just some added info for that talk, we are using qpid as our messaging
backend. I have no data for RabbitMQ, but our schedulers are _always_
behind on processing updates. It may be different with rabbit.
-Mike
On Tue, Jul 23, 2013 at 1:56 PM, Joe Gordon joe.gord...@gmail.com wrote:
On Jul
On Tue, Jul 23, 2013 at 1:09 PM, Boris Pavlovic bo...@pavlovic.me wrote:
Ian,
There are serious scalability and performance problems with DB usage in
current scheduler.
Rapid Updates + Joins makes current solution absolutely not scalable.
Bleuhost example just shows personally for me just
On 23/07/2013 19:02, Henry Nash wrote:
One thing we could do is:
- Return Forbidden or NotFound if we can determine the correct answer
- When we can't (i.e. the object doesn't exist), then return NotFound
unless a new config value 'policy_harden' (?) is set to true (default
false) in which
Russell Bryant rbry...@redhat.com wrote on 23/07/2013 07:19:48 PM:
I understand the use case, but can't it just be achieved with 2 flavors
and without this new aggreagte-policy mapping?
flavor 1 with extra specs to say aggregate A and policy Y
flavor 2 with extra specs to say aggregate B
Joe,
Sure we will.
Mike,
Thanks for sharing information about scalability problems, presentation was
great.
Also could you say what do you think is 150 req/sec is it big load for qpid
or rabbit? I think it is just nothing..
Best regards,
Boris Pavlovic
---
Mirantis Inc.
On Wed, Jul 24, 2013
+1's from this emeritus member of the core team :)
On Tue, Jul 23, 2013 at 1:04 PM, Robert Kukura rkuk...@redhat.com wrote:
On 07/23/2013 03:15 PM, Mark McClain wrote:
All-
I'd like to propose that Kyle Mestery and Armando Migliaccio be added to
the Neutron core team. Both have been
totally +1 for mestery
+1 for Armax only if he stops serially -1'ing my patches.
Cheers,
Salvatore
PS: of course the official vote is +1 for both.
On 23 July 2013 13:37, Dan Wendlandt d...@nicira.com wrote:
+1's from this emeritus member of the core team :)
On Tue, Jul 23, 2013 at 1:04
I'm sure this has been asked before, but what exactly is the plan for
Python 3 support?
Is the plan to support 2 and 3 at the same time? I was looking around for a
blue print or something but I can't seem to find anything.
If Python 3 support is part of the plan, can I start running 2to3 and
On Tue, Jul 23, 2013 at 4:41 PM, Logan McNaughton lo...@bacoosta.comwrote:
I'm sure this has been asked before, but what exactly is the plan for
Python 3 support?
Is the plan to support 2 and 3 at the same time? I was looking around for
a blue print or something but I can't seem to find
On 07/23/2013 04:24 PM, Alex Glikson wrote:
Russell Bryant rbry...@redhat.com wrote on 23/07/2013 07:19:48 PM:
I understand the use case, but can't it just be achieved with 2 flavors
and without this new aggreagte-policy mapping?
flavor 1 with extra specs to say aggregate A and policy Y
Excerpts from Boris Pavlovic's message of 2013-07-19 07:52:55 -0700:
Hi all,
In Mirantis Alexey Ovtchinnikov and me are working on nova scheduler
improvements.
As far as we can see the problem, now scheduler has two major issues:
1) Scalability. Factors that contribute to bad
On Jul 23, 2013, at 11:03 AM, Clint Byrum cl...@fewbar.com
wrote:
Excerpts from Steve Baker's message of 2013-07-22 21:43:05 -0700:
On 07/23/2013 10:46 AM, Angus Salkeld wrote:
On 22/07/13 16:52 +0200, Bartosz Górski wrote:
Hi folks,
I would like to start a discussion about the blueprint
On Jul 23, 2013, at 3:51 PM, Eric Windisch
e...@cloudscaling.commailto:e...@cloudscaling.com
wrote:
On Tue, Jul 23, 2013 at 4:41 PM, Logan McNaughton
lo...@bacoosta.commailto:lo...@bacoosta.com wrote:
I'm sure this has been asked before, but what exactly is the plan for Python 3
support?
I like the idea clint.
It appears to me that the kind of scheduler 'buckets' that are being
established allow for different kind of policies around how accurate and
how 'global' the deployer wants scheduling to be (which might be a
differing policies depending on the deployer). All of these kind
Most of my navigation related issues can be summed up into 3 problems.
1. Not having a secondary level of navigation in the left-nav really
restricts the level of granularity that can be achieved through the navigation.
Having an accordion-like nav structure would help this as well as
Hi Henry,
Do you have etherpad to capture these stuff?
Arvind
-Original Message-
From: Henry Nash [mailto:hen...@linux.vnet.ibm.com]
Sent: Tuesday, July 23, 2013 4:48 PM
To: David Chadwick
Cc: OpenStack Development Mailing List
Subject: Re: [openstack-dev] [keystone] Extending
+1, congrats and welcome Kyle and Armando.
~Sumit.
On Tue, Jul 23, 2013 at 12:15 PM, Mark McClain
mark.mccl...@dreamhost.com wrote:
All-
I'd like to propose that Kyle Mestery and Armando Migliaccio be added to the
Neutron core team. Both have been very active with valuable reviews and
On Tue, 2013-07-23 at 23:47 +0100, Henry Nash wrote:
...the problem is that if the object does not exists we might not be able
tell whether the use is authorized or not (since authorization might depend
on attributes of the object itself)so how do we know wether to lie or not?
If the
+1, Welcome to the team, Kyle and Armando!
Akihiro
2013/7/24 Sumit Naiksatam sumitnaiksa...@gmail.com
+1, congrats and welcome Kyle and Armando.
~Sumit.
On Tue, Jul 23, 2013 at 12:15 PM, Mark McClain
mark.mccl...@dreamhost.com wrote:
All-
I'd like to propose that Kyle Mestery and
Clint,
On Jul 23, 2013, at 10:03 AM, Clint Byrum cl...@fewbar.com
wrote:
Excerpts from Steve Baker's message of 2013-07-22 21:43:05 -0700:
On 07/23/2013 10:46 AM, Angus Salkeld wrote:
On 22/07/13 16:52 +0200, Bartosz Górski wrote:
Hi folks,
I would like to start a discussion about the
+1 for Kyle and
+1 for Armando
Both are going to adding muscle to Neutron Core Team.
Congrats Guys!
On 07/23/2013 03:15 PM, Mark McClain wrote:
All-
I'd like to propose that Kyle Mestery and Armando Migliaccio be added to the
Neutron core team. Both have been very active with valuable
On Thu, 2013-05-02 at 00:46 +, Gabriel Hurley wrote:
Based on input from several of the PTLs (and others), I'd like to propose the
following outline for how version discovery should be handled across
heterogeneous clouds:
https://etherpad.openstack.org/api-version-discovery-proposal
67 matches
Mail list logo