I appreciate that Zane! I’ll set up at least ten alarm clocks to wake up on
time :)
Renat Akhmerov
@ Mirantis Inc.
On 18 Apr 2014, at 06:44, Zane Bitter zbit...@redhat.com wrote:
On 17/04/14 00:34, Renat Akhmerov wrote:
Ooh, I confused the day of meeting :(. My apologies, I’m in a completely
Hi all,
I objected to this and asked (more demanded) for this to be added back into
oslo. It was not. What I did not realize when I was reviewing this nova
patch, was that nova had already synced oslo’s change. And now we’ve
released Icehouse with a conf option missing that existed in
Hi Julio,
+1 for Paul's response. Multiple-provider VPNaaS support is delayed. But you
can take https://review.openstack.org/#/c/74156/ and
https://review.openstack.org/#/c/74144/ as examples to write your own vpnaas
driver without multi-provider support. If any questions or problems in your
Chris Behrens wrote:
+1
FWIW we'll have a cross-project workshop at the design summit about
tracking incoming features -- covering blueprint proposal, approval and
prioritization. We'll discuss extending the -specs repositories
experience and see how it fits the whole picture on the long run:
Ruslan,
welcome to the Murano core team :)!
On Thu, Apr 17, 2014 at 7:32 PM, Anastasia Kuznetsova
akuznets...@mirantis.com wrote:
+1
On Thu, Apr 17, 2014 at 7:11 PM, Stan Lagun sla...@mirantis.com wrote:
+1
Sincerely yours,
Stan Lagun
Principal Software Engineer @ Mirantis
On Thu,
Thanks, Oleg.
Obviously, VXLAN support will be useful after we merge support for multiple
L2 segments:
https://blueprints.launchpad.net/fuel/+spec/multiple-cluster-networks which
is also targeted for 5.1.
On Mon, Apr 14, 2014 at 2:08 PM, Mike Scherbakov
mscherba...@mirantis.comwrote:
Hi Oleg,
Folks, o/
I'm really sorry, but Sylvain and I can't attend today's meeting, that's
why it was decided not to have it.
All Climate related questions and discussions are welcome in our IRC
channel and we might discuss there all things you want to :)
Best regards,
Dina Belova
Software Engineer
On Wed, Apr 16, 2014 at 06:44:28AM +1200, Robert Collins wrote:
I've been watching the nova process, and I think its working out well
- it certainly addresses:
- making design work visible
- being able to tell who has had input
- and providing clear feedback to the designers
I'd like to
Hi,
As for the questions:
1. I’d say there is no reason to keep a separate dashboard along with Project
and Admin, so the panels should go under the “Data processing” panel group in
the Project dashboard. Projects like Trove and Heat have already done that.
2. c) looks like the most
+1 for me as well, I'd like to have a better way to track incoming features.
Also, as part of the migration progress I think that we need a good
wiki page explaining the process of how propose a new feature, with a
template of what's mandatory to fill out and what is optional. I
wouldn't like to
On 04/15/2014 08:44 PM, Robert Collins wrote:
I've been watching the nova process, and I think its working out well
- it certainly addresses:
- making design work visible
- being able to tell who has had input
- and providing clear feedback to the designers
I'd like to do the same thing
Yes, sorry again about not being able to run the meeting...
2014-04-18 11:44 GMT+02:00 Dina Belova dbel...@mirantis.com:
Folks, o/
I'm really sorry, but Sylvain and I can't attend today's meeting, that's
why it was decided not to have it.
All Climate related questions and discussions are
On 04/18/2014 12:03 AM, Scott Devoid wrote:
So I have had a chance to look over the whole review history again. I
agree with Sean Dague and Dean Troyer's concerns that the current patch
affects code outside of lib/storage and extras.d. We should make the
Devstack extension system more flexible
+1
Great idea.
many times you think that you know a way to do something but as you go
you then realize that doing it in another way is much better, so I
think that in order to propose a new feature we should not assume that
the author knows _everything_ at the start.
Absolutely agree.
It would
On Fri, Apr 18, 2014 at 6:32 AM, Sean Dague s...@dague.net wrote:
That being said, there are 2 devstack sessions available at design
summit. So proposing something around addressing the ceph situation
might be a good one. It's a big and interesting problem.
I have add a session that just do
Folks,
As we're discussing single-call approach, I think it would be helpful to
actually implement such API (e,g. practically, in the code) and see how it
works, how compatibility is maintained and such.
I think you could start with basic features available for single call -
e.g. single vip and
Hi all,
I have been trying to enable functional testing for Glance API v2 using
data_api = glance.db.registry.api without great success.
The current functionality of the v2 api+reg relies on the fact that
keystone is used and our current tests does not facilitate that
expectation.
I do
3. Could you describe the most complicated use case that your single-call
API supports? Again, please be very specific here.
Same data can be derived from the link above.
Ok, I'm actually not seeing and complicated examples, but I'm guessing
that any attributes at the top of the page
Hi all,
While investigating possible options for Nova-network to Neutron migration
I faced a couple of issues with libvirt.
One of the key requirements for the migration is that instances should stay
running and don't need restarting. In order to meet this requirement we
need
to either attach new
There's certainly something to be said for having a less-disruptive user
experience. And after all, what we've been discussing is so radical a
change that it's close to starting over from scratch in many ways.
Yes, we assumed that starting from scratch would be the case at least as
far as
Barbicaneers,
Is anyone following the openstack-security list and/or part of the
OpenStack Security Group (OSSG)? This sounds like another group and list
we should keep our eyes on.
In the below thread on the security list, Nathan Kinder is conducting a
security audit of the various
Guys,
I've removed ability to use eggs packages on master node:
https://review.openstack.org/#/c/88012/
Next step is to remove gems mirror: https://review.openstack.org/#/c/88278/
It will be merged when osci team fix rubygem-yajl-ruby package. Hopefully
on Monday.
From that moment all our code
Hello all,
During Icehouse release cycle our team has been working on splitting of
openstack common db code into a separate library blueprint [1]. At the
moment the issues, mentioned in this bp and [2] are solved and we are
moving forward to graduation of oslo.db. You can find the new oslo.db
Hello everyone,
In 25 days we'll gather in Atlanta for the Juno Design Summit (May
13-16). The session schedule for this event is still under construction,
but will gradually be posted as we get closer to the event. Note that
you have until the end of this week to suggest session content. See
Hi everyone,
I would like to propose a change to simplify/allow l3 agent manager
customization and i would like the community feedback.
Just to precise my context, I deploy OpenStack for small specific business
use cases and i often customize it because of specific use case needs.
In
Howdy, folks!
Could someone explain to me the SSL usage scenario where it makes sense to
re-encrypt traffic traffic destined for members of a back-end pool? SSL
termination on the load balancer makes sense to me, but I'm having trouble
understanding why one would be concerned about then
Voting for the TC Election is now open and will remain open until after
1300 utc April 24 2014.
We are electing 7 positions from a pool of 17 candidates[0].
Follow the instructions that are available when you vote. If you are
confused and need more instruction, close the webpage without
Hi Erno,
Just looking for a little more information here. What are the particular
areas around keystone integration in the v2 api+registry stack that you
want to test? Is the v2 api + v2 registry stack using keystone differently
than how v1 api + v1 registry stack uses it?
Thanks
On Fri, Apr
Jeremy:
Thanks, this did the trick. I have zuul connecting with gerrit, and it's
detecting neutron reviews. I still don't have all the pieces working, but I
think I'm closing in.
Thanks,
Dane
-Original Message-
From: Jeremy Stanley [mailto:fu...@yuggoth.org]
Sent: Tuesday, April 15,
On 04/18/2014 11:22 AM, Anita Kuno wrote:
Voting for the TC Election is now open and will remain open until after
1300 utc April 24 2014.
We are electing 7 positions from a pool of 17 candidates[0].
Follow the instructions that are available when you vote. If you are
confused and need
Nice job
-Original Message-
From: Dane Leblanc (leblancd)
Sent: Friday, April 18, 2014 11:25 AM
To: OpenStack Development Mailing List (not for usage questions)
Subject: Re: [openstack-dev] [infra] Basic zuul startup question: Private key
file is encrypted
Jeremy:
Thanks, this did the
On Fri, Apr 18, 2014 at 10:52 PM, lihuiba magazine.lihu...@163.com wrote:
btw, I see but at the moment we had fixed it by network interface
device driver instead of workaround - to limit network traffic slow
down.
Which kind of driver, in host kernel, in guest kernel or in openstack?
In compute
On Fri, Apr 18, 2014 at 5:32 AM, Sean Dague s...@dague.net wrote:
On 04/18/2014 12:03 AM, Scott Devoid wrote:
So I have had a chance to look over the whole review history again. I
agree with Sean Dague and Dean Troyer's concerns that the current patch
affects code outside of lib/storage
Hello Stephen,
One use case we have, which was actually a highly requested feature for our
service, was to ensure that traffic within the internal cloud network was not
passed in the clear. I believe this mainly stems from the customers security
requirements. I understand this reasoning to
Is anyone following the openstack-security list and/or part of the
OpenStack Security Group (OSSG)? This sounds like another group and list
we should keep our eyes on.
I'm one of the OSSG leads. We'd certainly welcome your involvement in
OSSG. In fact, there has been much interest in
As many of you are probably aware the gate isn't in great shape right
now. There are a few patches [1][2][3] lined up to fix this, but
rechecking is probably futile until those are merged.
We could also use another nova core to +A this [4] so we can track down
some racy ec2 test failures.
On Fri, Apr 18, 2014 at 10:51 AM, Scott Devoid dev...@anl.gov wrote:
The issue is that it is very easy to suggest new features and refactoring
when you are very familiar with the codebase. To a newcomer, though, you
are basically asking me to do something that is impossible, so the logical
On Fri, Apr 18, 2014 at 8:52 AM, Oleg Bondarev obonda...@mirantis.com wrote:
Hi all,
While investigating possible options for Nova-network to Neutron migration
I faced a couple of issues with libvirt.
One of the key requirements for the migration is that instances should stay
running and
Hi Stephen,
The use case is that the Load Balancer needs to look at the HTTP requests be it
to add an X-Forward field or change the timeout – but the network between the
load balancer and the nodes is not completely private and the sensitive
information needs to be again transmitted encrypted.
Dang. I was hoping this wasn't the case. (I personally think it's a
little silly not to trust your service provider to secure a network when
they have root access to all the machines powering your cloud... but I
digress.)
Part of the reason I was hoping this wasn't the case, isn't just because
There is no reasoning mentioned in AWS, but they do allow re-encryption.
http://docs.aws.amazon.com/ElasticLoadBalancing/latest/DeveloperGuide/config-backend-auth.html
For reasons I don’t understand, the workflow allows to configure backend-server
certificates to be trusted and it doesn’t
On Fri, Apr 18, 2014 at 11:41 AM, Dean Troyer dtro...@gmail.com wrote:
On Fri, Apr 18, 2014 at 10:51 AM, Scott Devoid dev...@anl.gov wrote:
The issue is that it is very easy to suggest new features and refactoring
when you are very familiar with the codebase. To a newcomer, though, you
are
Nice work, Victor!
I left a few comments on the commits that were made after the original
history was exported from the incubator. There were a couple of small
things to address before importing the library, and a couple that can
wait until we have the normal code review system. I'd say just add
I put together links to every candidate's nomination email at
https://wiki.openstack.org/wiki/Governance/TechnicalCommittee/candidates
--John
On Apr 18, 2014, at 8:29 AM, Anita Kuno ante...@anteaya.info wrote:
On 04/18/2014 11:22 AM, Anita Kuno wrote:
Voting for the TC Election is now
Excerpts from Stephen Balukoff's message of 2014-04-18 10:36:11 -0700:
Dang. I was hoping this wasn't the case. (I personally think it's a
little silly not to trust your service provider to secure a network when
they have root access to all the machines powering your cloud... but I
digress.)
I had completely missed the links Anita had put together. Use her list (ie the
officially updated one).
https://wiki.openstack.org/wiki/TC_Elections_April_2014#Candidates
Sorry about that, Anita!
--John
On Apr 18, 2014, at 11:33 AM, John Dickinson m...@not.mn wrote:
I put together links
On 04/18/2014 03:07 PM, John Dickinson wrote:
I had completely missed the links Anita had put together. Use her
list (ie the officially updated one).
https://wiki.openstack.org/wiki/TC_Elections_April_2014#Candidates
Sorry about that, Anita!
--John
No worries, John.
I'll do a better
Recently, as a result of the nova 2.1/3.0 discussion, tempest has been
adding validation of the json dictionaries and headers returned by nova
api calls. This is done by specifying json schema for these values. As
proposed, these schema do not specify additionalProperties: False,
which means
Hi folks:
I just wanted to let people know that we've merged a few patches [1]
to the neutron-specs repository over the past week which have updated
the template.rst file. Specifically, Nachi has provided some
instructions for using Sphinx diagram tools in lieu of asciiflow.com.
Either approach
That's cool actually.
I have a few specific questions:
1. How does it impact development process? If I change code of, let's
say, shotgun, and then run make iso, will I get an ISO with my code of
shotgun? What about other packages, sources of which I did not touch (let's
say nailgun)
Apologies if this is posted to the wrong place, but after talking with Kyle
Mestery (mest...@cisco.com), he suggested that I bring my question here...
I'm trying to make sense of the allow_overlapping_ips configuration
parameter in neutron.
When this entry is true, then a tenant can have
+1 for German's use cases. We need SSL re-encryption for decisions the
load balancer needs to make at the l7 layer as well. Thanks Clint, for
your thorough explanation from a security standpoint.
Cheers,
--Jorge
On 4/18/14 1:38 PM, Clint Byrum cl...@fewbar.com wrote:
Excerpts from Stephen
On Apr 17, 2014, at 8:39 PM, Stephen Balukoff
sbaluk...@bluebox.netmailto:sbaluk...@bluebox.net
wrote:
Hello German and Brandon!
Responses in-line:
On Thu, Apr 17, 2014 at 3:46 PM, Brandon Logan
brandon.lo...@rackspace.commailto:brandon.lo...@rackspace.com wrote:
Stephen,
I have responded
On Apr 18, 2014, at 17:03, Ryan Moats
rmo...@us.ibm.commailto:rmo...@us.ibm.com wrote:
Apologies if this is posted to the wrong place, but after talking with Kyle
Mestery (mest...@cisco.commailto:mest...@cisco.com), he suggested that I
bring my question here...
I'm trying to make sense of
+1 for the discussion
Remember, a cloud does not always have all its backend co-located. There are
sometimes AZs and often other hidden network hops.
And, to ask the obvious, what do you think the response is when you whisper
NSA in a crowded Google data center?
--Rocky
-Original
On Apr 18, 2014, at 10:21 AM, Stephen Balukoff sbaluk...@bluebox.net wrote:
Howdy, folks!
Could someone explain to me the SSL usage scenario where it makes sense to
re-encrypt traffic traffic destined for members of a back-end pool? SSL
termination on the load balancer makes sense to
On Apr 18, 2014, at 12:59 PM, Vijay Venkatachalam
vijay.venkatacha...@citrix.commailto:vijay.venkatacha...@citrix.com wrote:
There is no reasoning mentioned in AWS, but they do allow re-encryption.
Is their also no reason to mention:
BigIp's F5 LoadBalancers
On Apr 18, 2014, at 12:36 PM, Stephen Balukoff
sbaluk...@bluebox.netmailto:sbaluk...@bluebox.net wrote:
Dang. I was hoping this wasn't the case. (I personally think it's a little
silly not to trust your service provider to secure a network when they have
root access to all the machines
Hi,
It seems there could be a potential issue in OVSNeutronAgent where
self.enable_tunneling is initialized.
Here is the code:
116
http://www.xrefs.info/openstack-neutron-latest/xref/neutron/plugins/openvswitch/agent/ovs_neutron_agent.py#116*class*
OVSNeutronAgent
I hava a problem that in windows 7 VM about the number of vCPU. Then I set up
windows instance and give it 8cores, and in windonw7 Device Manager I check out
that there are 8 cores. But In cmd.exe execute “wmic-cpu get * find it out
that there are 2 single core, I don't know Why. And I modify
Hi Everyone,
Just like Nova [1] the QA program has adopted the proposal [2] to use gerrit to
review blueprint specifications.
The openstack/qa-specs repo is now ready for submissions. Changes are submitted
to it like any other gerrit project. The README and a template for submitting
new
Hi y'all!
Carlos: When I say 'client cert' I'm talking about the certificate / key
combination the load balancer will be using to initiate the SSL connection
to the back-end server. The implication here is that if the back-end server
doesn't like the client cert, it will reject the connection (as
Do I need any permission to upload a design specification in the
'specs/juno' folder in neutron-specs?
I tried to upload and get this message:
fatal: unable to access 'https://github.com/openstack/neutron-specs.git/':
The requested URL returned error: 403
Please advise.
Thanks,
Nader.
On
Hi y'all!
Yes-- I agree that is a very bad idea to delete a primitive that's being
shared by other load balancing configurations. The only case where this
seems acceptable to me is the case that German mentioned where all assets
on a given user's account are being wrapped up. But even in this
64 matches
Mail list logo
