Re: [openstack-dev] [oslo][keystone] oslo_config and wsgi middlewares

2015-08-06 Thread Michael Krotscheck
Hi there! The most recent version of the CORS middleware (~2.4) no longer requires the use of Oslo.config, and supports pastedeploy. While using oslo.config provides far better features - such as multiple origins - it doesn't prevent you from using it in the paste pipeline. The documentation has

[openstack-dev] [TripleO] Proposal to cancel meeting on August 11

2015-08-06 Thread James Slagle
I'll be unavailable next week to run the TripleO meeting (taking the week off). I'm also aware that the majority of our other attendees are tied up in travel as well. So, I propose to cancel the meeting next week on Tuesday August 11th. If there are no objections, consider it cancelled. :). If

[openstack-dev] [cinder][nova][ci] Tintri Cinder CI failures after Nova change

2015-08-06 Thread Skyler Berg
After the change cleanup NovaObjectDictCompat from virtual_interface [1] was merged into Nova on the morning of August 5th, Tintri's CI for Cinder started failing 13 test cases that involve a volume being attached to an instance [2]. I have verified that the tests fail with the above mentioned

Re: [openstack-dev] [app-catalog][heat] Heat template contributors repo

2015-08-06 Thread Fox, Kevin M
Its about both high quality shared heat template components like, a place to house: https://github.com/EMSL-MSC/heat-templates/tree/master/cfn/lib But also a common place for developers to congregate around producing production worthy cloud scaled app templates. So, like your mongodb cluster

Re: [openstack-dev] [Heat] RPC API versioning

2015-08-06 Thread Zane Bitter
On 06/08/15 08:20, Grasza, Grzegorz wrote: -Original Message- From: Zane Bitter [mailto:zbit...@redhat.com] Sent: Thursday, 6 August, 2015 2:57 To: OpenStack Development Mailing List Subject: [openstack-dev] [Heat] RPC API versioning We've been talking about this since before summit

Re: [openstack-dev] [keystone] policy issues when generating trusts with different clients

2015-08-06 Thread Jamie Lennox
- Original Message - From: michael mccune m...@redhat.com To: openstack-dev@lists.openstack.org Sent: Friday, August 7, 2015 1:21:53 AM Subject: Re: [openstack-dev] [keystone] policy issues when generating trusts with different clients On 08/05/2015 10:27 PM, Jamie Lennox wrote:

Re: [openstack-dev] [Keystone] [Horizon] Federated Login

2015-08-06 Thread Jamie Lennox
- Original Message - From: David Chadwick d.w.chadw...@kent.ac.uk To: openstack-dev@lists.openstack.org Sent: Thursday, August 6, 2015 6:25:29 PM Subject: Re: [openstack-dev] [Keystone] [Horizon] Federated Login On 06/08/2015 00:54, Jamie Lennox wrote: - Original

Re: [openstack-dev] [TripleO] Moving instack upstream

2015-08-06 Thread James Slagle
On Thu, Aug 6, 2015 at 8:12 AM, Dan Prince dpri...@redhat.com wrote: One more side effect is that I think it also means we no longer have the capability to test arbitrary Zuul refspecs for projects like Heat, Neutron, Nova, or Ironic in our undercloud CI jobs. We've relied on the

Re: [openstack-dev] How to use the log server in CI ?

2015-08-06 Thread Tang Chen
Hi Asselin, On 08/06/2015 09:44 PM, Asselin, Ramy wrote: Hi Tang, First, I recommend you use os-loganalyze because it significantly increases the value of the log files by making them easier to consume. I'm not sure what the issue you encountered is. The link you provide is to use swift,

[openstack-dev] [Glance] glance_store and glance

2015-08-06 Thread Nikhil Komawar
Hi, During the mid-cycle we had another proposal that wanted to put back the glance_store library back into the Glance repo and not leave it is as a separate repo/project. The questions outstanding are: what are the use cases that want it as a separate library? The original use cases that

[openstack-dev] [Heat] OS::Neutron::Port fails to set security group by name, no way to retrieve group ID from Neutron::SecurityGroup

2015-08-06 Thread jason witkowski
Hey All, I am having issues on the Kilo branch creating an auto-scaling template that builds a security group and then adds instances to it. I have tried every various method I could think of with no success. My issues are as such: 1) OS::Neutron::Port does not seem to recognize security

Re: [openstack-dev] [neutron][qos][ml2] extensions swallow exceptions

2015-08-06 Thread Ihar Hrachyshka
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On 08/04/2015 08:41 PM, Robert Kukura wrote: The process_[create|update]_resource() extension driver methods are intended to validate user input. Exceptions raised by these need to be returned to users so they know what they did wrong. I am not

Re: [openstack-dev] [Keystone] [Horizon] Federated Login

2015-08-06 Thread Adam Young
On 08/06/2015 04:56 AM, David Chadwick wrote: On 05/08/2015 19:28, Thai Q Tran wrote: I agree with Lance. Quite honestly, the list of Idps does not belong in horizon's settings. Just throwing out some ideas, why not white-list the Idps you want public it in keystone's settings, and have an API

Re: [openstack-dev] [tricircle] local pluggable cascaded service

2015-08-06 Thread joehuang
Hi, Zhiyuan, Good idea. I am also trying to find whether there are other values could be added by a new bottom cascade service. And the most negative part of a bottom cascade service is that it’ll impact the openstack distribution and deployment. Best Regards Chaoyi Huang ( Joe Huang ) From:

Re: [openstack-dev] [Keystone] [Horizon] Federated Login

2015-08-06 Thread Dolph Mathews
On Thu, Aug 6, 2015 at 11:25 AM, Lance Bragstad lbrags...@gmail.com wrote: On Thu, Aug 6, 2015 at 10:47 AM, Dolph Mathews dolph.math...@gmail.com wrote: On Wed, Aug 5, 2015 at 6:54 PM, Jamie Lennox jamielen...@redhat.com wrote: - Original Message - From: David Lyle

[openstack-dev] [all] formatting security patches

2015-08-06 Thread John Dickinson
I suspect that many people do not know that the life of a security patch to an OpenStack project looks different than normal patches. Gerrit is public, so patches for private security bugs can't be proposed or reviewed there. Instead, they need to be proposed to and reviewed in the comments of

Re: [openstack-dev] [Keystone] [Horizon] Federated Login

2015-08-06 Thread Dolph Mathews
On Thu, Aug 6, 2015 at 6:09 PM, Dolph Mathews dolph.math...@gmail.com wrote: On Thu, Aug 6, 2015 at 11:25 AM, Lance Bragstad lbrags...@gmail.com wrote: On Thu, Aug 6, 2015 at 10:47 AM, Dolph Mathews dolph.math...@gmail.com wrote: On Wed, Aug 5, 2015 at 6:54 PM, Jamie Lennox

Re: [openstack-dev] [Neutron] VPNaaS and DVR compatibility

2015-08-06 Thread shihanzhang
I have same question, I have filed a bug on launchpad: https://bugs.launchpad.net/neutron/+bug/1476469, who can help to clarify it? Thanks, Hanzhang, shi At 2015-08-05 00:33:05, Sergey Kolekonov skoleko...@mirantis.com wrote: Hi, I'd like to clarify a situation around VPNaaS and DVR

[openstack-dev] [murano] periodic jobs reminder

2015-08-06 Thread Kirill Zaitsev
hi This letter is just a heads up, that murano now has periodic jobs, that report any failures in stable branches to  http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-stable-maint  mailing list. So if you’re interested — you should subscribe to the mailing list (and possibly add

Re: [openstack-dev] [Keystone] [Horizon] Federated Login

2015-08-06 Thread Jamie Lennox
- Original Message - From: Dolph Mathews dolph.math...@gmail.com To: OpenStack Development Mailing List (not for usage questions) openstack-dev@lists.openstack.org Sent: Friday, August 7, 2015 9:09:25 AM Subject: Re: [openstack-dev] [Keystone] [Horizon] Federated Login On Thu, Aug

Re: [openstack-dev] [CI]How to set proxy for nodepool

2015-08-06 Thread Xie, Xianshan
Hi Ramy, This one you need to skip because you don’t have access to that server. OK, got it. Thanks a lot. Xiexs From: Asselin, Ramy [mailto:ramy.asse...@hp.com] Sent: Wednesday, August 05, 2015 10:19 PM To: OpenStack Development Mailing List (not for usage questions) Subject: Re:

[openstack-dev] multiple external networks mapped to the same l3 agent

2015-08-06 Thread ICHIBA Sara
hey there, I'm trying to configure two external networks for openstack. I'm using the same l3 agent. the first external network is connected to eth1 via br-eth1 and the second is connected to eth0 via br-ex. You can find below my configuration. My problem is that I can't ping the external

Re: [openstack-dev] [puppet]puppet-mistral

2015-08-06 Thread Emilien Macchi
The patch were need to review is here: https://review.openstack.org/#/c/208457/ --- Emilien Macchi On Aug 6, 2015 8:26 AM, Emilien Macchi emilien.mac...@gmail.com wrote: https://github.com/openstack/puppet-mistral Thanks for bringing this up, we will look it closely. Any chance to have it

[openstack-dev] puppet-mistral

2015-08-06 Thread BORTMAN, Limor (Limor)
Hi all, I am trying to push mistral puppet but so far no one from the puppet team take a look. can anyone please take a look ? Thanks Limor Stotland ALCATEL-LUCENT SENIOR SOFTWARE ENGINEER CLOUDBAND BUSINESS UNIT 16 Atir Yeda St. Kfar-Saba 44643, ISRAEL T:  +972 (0) 9 793 3166 M: +972 (0) 54

Re: [openstack-dev] How to use the log server in CI ?

2015-08-06 Thread Tang Chen
Hi Joshua, Thanks to reply. On 08/06/2015 07:45 PM, Joshua Hesketh wrote: Hi Tang, For OpenStack's set up, os-loganalyze sits at /htmlify/ and is used to add markup and filter log lines when viewing in a browser. On my box, I don't have a /htmlify/ directory, and I don't think I installed

Re: [openstack-dev] [Fuel] SSL for master node API

2015-08-06 Thread Stanislaw Bogatkin
Hello again, I heard a questions from team how exactly we will implement SSL for master node. There is a way how I look it: 1. We implement ability to use SSL in fuel-nailgun-agent (I already created a patch, it is on review now) and merge it in 7.0 release cycle. Also we will need to implement

Re: [openstack-dev] [puppet]puppet-mistral

2015-08-06 Thread Emilien Macchi
https://github.com/openstack/puppet-mistral Thanks for bringing this up, we will look it closely. Any chance to have it packaged upstream to test it? --- Emilien Macchi On Aug 6, 2015 7:59 AM, Gaël Chamoulaud gcham...@redhat.com wrote: On 06/Aug/2015 .::. 11:44, BORTMAN, Limor (Limor) wrote:

Re: [openstack-dev] How to use the log server in CI ?

2015-08-06 Thread Joshua Hesketh
Hi Tang, For OpenStack's set up, os-loganalyze sits at /htmlify/ and is used to add markup and filter log lines when viewing in a browser. For your own set up you don't need to use this and could simply serve anything straight off your disk. It should be safe to remove the apache matching rules

[openstack-dev] [puppet]puppet-mistral

2015-08-06 Thread BORTMAN, Limor (Limor)
Hi all, I am trying to push mistral puppet but so far no one from the puppet team take a look. can anyone please take a look ? Thanks Limor Stotland ALCATEL-LUCENT SENIOR SOFTWARE ENGINEER CLOUDBAND BUSINESS UNIT 16 Atir Yeda St. Kfar-Saba 44643, ISRAEL T:  +972 (0) 9 793 3166 M: +972 (0) 54

Re: [openstack-dev] [puppet]puppet-mistral

2015-08-06 Thread Gaël Chamoulaud
On 06/Aug/2015 .::. 11:44, BORTMAN, Limor (Limor) wrote: Hi all, I am trying to push mistral puppet but so far no one from the puppet team take a look. can anyone please take a look ? Hi Limor, Where is puppet-mistral module hosted? Can't see it on stackforge. So if you want the community

Re: [openstack-dev] [TripleO] Moving instack upstream

2015-08-06 Thread Dan Prince
On Thu, 2015-07-23 at 07:40 +0100, Derek Higgins wrote: See below On 21/07/15 20:29, Derek Higgins wrote: Hi All, Something we discussed at the summit was to switch the focus of tripleo's deployment method to deploy using instack using images built with tripleo-puppet-elements.

Re: [openstack-dev] [Heat] RPC API versioning

2015-08-06 Thread Grasza, Grzegorz
-Original Message- From: Zane Bitter [mailto:zbit...@redhat.com] Sent: Thursday, 6 August, 2015 2:57 To: OpenStack Development Mailing List Subject: [openstack-dev] [Heat] RPC API versioning We've been talking about this since before summit without much consensus. I think a

Re: [openstack-dev] [oslo][keystone] oslo_config and wsgi middlewares

2015-08-06 Thread Julien Danjou
On Thu, Aug 06 2015, Mehdi Abaakouk wrote: This is confusing for developer to have some middlewares that need pre-setup, enforce them to rely on global python object, and some others not. This is confusing for deployer their can't do the configuration of middlewares in the same way for each

Re: [openstack-dev] [app-catalog][heat] Heat template contributors repo

2015-08-06 Thread Zane Bitter
On 06/08/15 13:53, Christopher Aedo wrote: Today during the app-catalog IRC meeting we talked about hosting Heat templates for contributors. Right now someone who wants to create their own templates can easily self-host them on github, but until they get people pointed at it, nobody will know

Re: [openstack-dev] [app-catalog][heat] Heat template contributors repo

2015-08-06 Thread Ryan Brown
On 08/06/2015 01:53 PM, Christopher Aedo wrote: Today during the app-catalog IRC meeting we talked about hosting Heat templates for contributors. Right now someone who wants to create their own templates can easily self-host them on github, but until they get people pointed at it, nobody will

[openstack-dev] [app-catalog] App Catalog IRC meeting minutes - 8/6/2015

2015-08-06 Thread Christopher Aedo
Thanks again for a great meeting this week, and I'm really encouraged to see the conversation around building up the Community App Catalog is continuing to grow. One thing we touched on this week was the idea of creating a new repo for Heat contributors to host their templates on. I sent a note

Re: [openstack-dev] [oslo][keystone] oslo_config and wsgi middlewares

2015-08-06 Thread Mehdi Abaakouk
On Thu, Aug 06, 2015 at 04:25:58PM +, Michael Krotscheck wrote: Hi there! The most recent version of the CORS middleware (~2.4) no longer requires the use of Oslo.config, and supports pastedeploy. While using oslo.config provides far better features - such as multiple origins - it

[openstack-dev] [app-catalog][heat] Heat template contributors repo

2015-08-06 Thread Christopher Aedo
Today during the app-catalog IRC meeting we talked about hosting Heat templates for contributors. Right now someone who wants to create their own templates can easily self-host them on github, but until they get people pointed at it, nobody will know about their work on that template, and getting

Re: [openstack-dev] [nova] Bug Triage Day - Liberty

2015-08-06 Thread Markus Zoeller
How did we do on our bug triage day for Liberty? The results are at [1] and I would say we did a good job to prioritize undecided bugs, which is a good thing for our upcoming bug review day. We could also reduce the new bugs, which could have the potential to be serious issues. Thanks a lot for

Re: [openstack-dev] [app-catalog][heat] Heat template contributors repo

2015-08-06 Thread Fox, Kevin M
Heat templates so far seems to be a place to dump examples for showing off how to use specific heat resources/features. Are there any intentions to maintain production ready heat templates in it? Last I asked the answer seemed to be no. If I misunderstood, heat-templates would be a logical

Re: [openstack-dev] [Heat] RPC API versioning

2015-08-06 Thread Zane Bitter
On 06/08/15 10:08, Dan Smith wrote: This is, I believe, sufficient to solve our entire problem. Specifically, we have no need for an indirection API that rebroadcasts messages that are too new (since that can't happen with pinning) and no need for Versioned Objects in the RPC layer. (Versioned

Re: [openstack-dev] [app-catalog][heat] Heat template contributors repo

2015-08-06 Thread Fox, Kevin M
+1. I have some heat template libraries here: https://github.com/EMSL-MSC/heat-templates/tree/master/cfn/lib that I'd like to get contributed somewhere. Also, in the parent directory are a bunch of other templates that would be nice to contribute too. CI would definitely be a plus. I'm not sure

Re: [openstack-dev] [TripleO] Moving instack upstream

2015-08-06 Thread Dougal Matthews
- Original Message - From: Dan Prince dpri...@redhat.com To: OpenStack Development Mailing List (not for usage questions) openstack-dev@lists.openstack.org Sent: Thursday, 6 August, 2015 1:12:42 PM Subject: Re: [openstack-dev] [TripleO] Moving instack upstream On Thu, 2015-07-23

Re: [openstack-dev] [Heat] RPC API versioning

2015-08-06 Thread Dan Smith
This is, I believe, sufficient to solve our entire problem. Specifically, we have no need for an indirection API that rebroadcasts messages that are too new (since that can't happen with pinning) and no need for Versioned Objects in the RPC layer. (Versioned objects for the DB are still

Re: [openstack-dev] [neutron][dvr] Removing fip namespace when restarting L3 agent.

2015-08-06 Thread Korzeniewski, Artur
Thanks Kevin for that hint. But it does not resolve the connectivity problem, it is just not removing the namespace when it is asked to. The real question is, why do we invoke the /neutron/neutron/agent/l3/dvr_fip_ns.py FipNamespace.delete() method in the first place? I’ve captured the

Re: [openstack-dev] [third-party-ci]Issue with running noop-check-communication

2015-08-06 Thread Asselin, Ramy
I added it very recently. From: Eduard Matei [mailto:eduard.ma...@cloudfounders.com] Sent: Thursday, August 06, 2015 2:08 AM To: OpenStack Development Mailing List (not for usage questions) Subject: Re: [openstack-dev] [third-party-ci]Issue with running noop-check-communication Thanks, Indeed

Re: [openstack-dev] How to use the log server in CI ?

2015-08-06 Thread Asselin, Ramy
Hi Tang, First, I recommend you use os-loganalyze because it significantly increases the value of the log files by making them easier to consume. I'm not sure what the issue you encountered is. The link you provide is to use swift, but that is the newer alternative to the old-fashion files on

Re: [openstack-dev] [Keystone] [Horizon] Federated Login

2015-08-06 Thread David Chadwick
On 05/08/2015 18:36, Dolph Mathews wrote: On Wed, Aug 5, 2015 at 5:39 AM, David Chadwick d.w.chadw...@kent.ac.uk mailto:d.w.chadw...@kent.ac.uk wrote: On 04/08/2015 18:59, Steve Martinelli wrote: Right, but that API is/should be protected. If we want to list IdPs

Re: [openstack-dev] [third-party-ci]Issue with running noop-check-communication

2015-08-06 Thread Eduard Matei
Thanks, Indeed running on a slave did the trick. Strange how i missed that part in the README. -- *Eduard Biceri Matei, Senior Software Developer* www.cloudfounders.com | eduard.ma...@cloudfounders.com __ OpenStack

Re: [openstack-dev] [heat][ec2tokens] Questions about ec2tokens under keystone v3 api.

2015-08-06 Thread Ethan Lynn
That helps a lot! Thanks for the reply! Seems heat didn't deal with keystone v3 response, I will report a bug. 2015-08-05 21:37 GMT+08:00 Andrey Pavlov andrey...@gmail.com: As I saw heat`s ec2tokens can work only with keystone v2 URL. It happens because keystone has different responses for v2

Re: [openstack-dev] [puppet] Parameters possible default value

2015-08-06 Thread Yanis Guenane
Hi Andrew, Sorry for the delay in this answer On 07/30/2015 09:20 PM, Andrew Woodward wrote: On Thu, Jul 30, 2015 at 3:36 AM Sebastien Badia sba...@redhat.com wrote: On Mon, Jul 27, 2015 at 09:43:28PM (+), Andrew Woodward wrote: Sorry, I forgot to finish this up and send it out.

Re: [openstack-dev] [Keystone] [Horizon] Federated Login

2015-08-06 Thread David Chadwick
On 05/08/2015 19:28, Thai Q Tran wrote: I agree with Lance. Quite honestly, the list of Idps does not belong in horizon's settings. Just throwing out some ideas, why not white-list the Idps you want public it in keystone's settings, and have an API call for that? that was the conclusion

[openstack-dev] [nova] Nova API sub-team meeting

2015-08-06 Thread Alex Xu
Hi, We have weekly Nova API meeting this week. The meeting is being held tomorrow Friday UTC1200. In other timezones the meeting is at: EST 08:00 (Fri) Japan 21:00 (Fri) China 20:00 (Fri) United Kingdom 13:00 (Fri) The proposed agenda and meeting details are here:

Re: [openstack-dev] [Keystone] [Horizon] Federated Login

2015-08-06 Thread Lance Bragstad
On Thu, Aug 6, 2015 at 10:47 AM, Dolph Mathews dolph.math...@gmail.com wrote: On Wed, Aug 5, 2015 at 6:54 PM, Jamie Lennox jamielen...@redhat.com wrote: - Original Message - From: David Lyle dkly...@gmail.com To: OpenStack Development Mailing List (not for usage questions)

Re: [openstack-dev] [Keystone] [Horizon] Federated Login

2015-08-06 Thread David Chadwick
On 06/08/2015 00:54, Jamie Lennox wrote: - Original Message - From: David Lyle dkly...@gmail.com To: OpenStack Development Mailing List (not for usage questions) openstack-dev@lists.openstack.org Sent: Thursday, August 6, 2015 5:52:40 AM Subject: Re: [openstack-dev] [Keystone]

Re: [openstack-dev] How to use the log server in CI ?

2015-08-06 Thread Tang Chen
Hi Abhishek, After I setup a log server, if the request ends in .txt.gz, console.html or console.html.gz rewrite the url to prepend /htmlify/ . But actually the log file is on my local machine. Is this done by os-loganalyze ? Is this included in install_log_server.sh ? (I don't think so.)

Re: [openstack-dev] [keystone] policy issues when generating trusts with different clients

2015-08-06 Thread michael mccune
On 08/05/2015 10:27 PM, Jamie Lennox wrote: Hey Mike, I think it could be one of the hacks that are in place to try and keep compatibility with the old and new way of using the client is returning the wrong thing. Compare the output of trustor.user_id and trustor_auth.get_user_id(sess). For

Re: [openstack-dev] [neutron][dvr] Removing fip namespace when restarting L3 agent.

2015-08-06 Thread Oleg Bondarev
On Thu, Aug 6, 2015 at 5:23 PM, Korzeniewski, Artur artur.korzeniew...@intel.com wrote: Thanks Kevin for that hint. But it does not resolve the connectivity problem, it is just not removing the namespace when it is asked to. The real question is, why do we invoke the

Re: [openstack-dev] [murano] [mistral] [yaql] Prepare to Yaql 1.0 release

2015-08-06 Thread Lingxian Kong
Thanks Alexander for the effort! With so many new features and improvements, I'd like to see a detailed documentation as the guideline or introduction ​to​ YAQL ​ for developer or orchestrator​ , we can start with simple samples ​ (maybe it have been covered in [1] ​for ​ a little bit) ​ ​ and

Re: [openstack-dev] [Keystone] [Horizon] Federated Login

2015-08-06 Thread Dolph Mathews
On Wed, Aug 5, 2015 at 6:54 PM, Jamie Lennox jamielen...@redhat.com wrote: - Original Message - From: David Lyle dkly...@gmail.com To: OpenStack Development Mailing List (not for usage questions) openstack-dev@lists.openstack.org Sent: Thursday, August 6, 2015 5:52:40 AM

[openstack-dev] [oslo][keystone] oslo_config and wsgi middlewares

2015-08-06 Thread Mehdi Abaakouk
Hi, I want to share with you some problems I have recently encountered with openstack middlewares and oslo.config. The issues -- In project Gnocchi, I would use oslo.middleware.cors, I have expected to just put the name of the middleware to the wsgi pipeline, but I can't. The

Re: [openstack-dev] [Security] Would people see a value in the cve-check-tool? (Reshetova, Elena)

2015-08-06 Thread Reshetova, Elena
I guess it depends on whether the tool needs to read the entire database to perform its queries (in which case using AFS would be basically the same as downloading). I am including below the reply from Michael, cve-check-tool maintainer, and also including him in this conversation. Right now

[openstack-dev] [Rally][Meeting][Agenda]

2015-08-06 Thread Roman Vasilets
Hi, its a friendly reminder that if you what to discuss some topics at Rally meetings, please add you topic to our Meeting agenda https://wiki.openstack.org/wiki/Meetings/Rally#Agenda. Don't forget to specify by whom led this topic. Add some information about topic(links, etc.) Thank you for your