Hello, everyone!
I'd like to keep my name in the hat as PTL for Keystone during the Juno
release cycle.
As I'm not looking to shake things up for Juno, I'm going to direct you to
my Icehouse PTL candidacy email [1], and promise that I will continue to
deliver on that philosophy in Juno.
On Tue, Apr 1, 2014 at 7:40 PM, Anne Gentle a...@openstack.org wrote:
On Wed, Mar 26, 2014 at 5:30 AM, Thierry Carrez thie...@openstack.orgwrote:
Russell Bryant wrote:
[...]
First, it seems there isn't a common use of deprecated. To me,
marking something deprecated means that the
On Mon, Mar 31, 2014 at 10:40 PM, Adam Young ayo...@redhat.com wrote:
On 03/28/2014 03:01 AM, Tom Fifield wrote:
Thanks to those projects that responded. I've proposed sessions in swift,
ceilometer, tripleO and horizon.
Keystone would also be interested in user feedback, of course.
On Wed, Apr 2, 2014 at 8:43 AM, Russell Bryant rbry...@redhat.com wrote:
On 04/02/2014 09:20 AM, Dolph Mathews wrote:
On Tue, Apr 1, 2014 at 7:40 PM, Anne Gentle a...@openstack.org
mailto:a...@openstack.org wrote:
On Wed, Mar 26, 2014 at 5:30 AM, Thierry Carrez
thie
dogpile.cache would be substantially lighter on the client-side as it only
has a hard dependency on dogpile.core. It supports plenty of backends
beyond memcached and we already use it in keystone quite heavily.
http://dogpilecache.readthedocs.org/en/latest/
On Mon, Mar 31, 2014 at 11:35 AM,
FWIW, that issue is tracked here:
https://bugs.launchpad.net/keystone/+bug/967832
On Fri, Mar 28, 2014 at 1:02 PM, Ryan Hallisey rhall...@redhat.com wrote:
Currently, when you delete a tenant that has 1 or more running instances,
the tenant will be deleted
without warning and the running
On Tue, Mar 25, 2014 at 12:49 PM, Jay Pipes jaypi...@gmail.com wrote:
On Tue, 2014-03-25 at 17:39 +, Miller, Mark M (EB SW Cloud - RD -
Corvallis) wrote:
Why not use Barbican? It stores credentials after encrypting them.
No reason not to add a Barbican driver as well.
If Keystone's
On Tue, Mar 25, 2014 at 5:50 PM, Russell Bryant rbry...@redhat.com wrote:
We discussed the deprecation of the v2 keystone API in the cross-project
meeting today [1]. This thread is to recap and bring that discussion to
some consensus.
The issue is that Keystone has marked the v2 API as
FWIW, I opened a bug [1] and proposed a fix [2].
[1]: https://bugs.launchpad.net/python-keystoneclient/+bug/1296794
[2]: https://review.openstack.org/#/c/82527/
On Fri, Mar 21, 2014 at 12:38 AM, Thomas Goirand z...@debian.org wrote:
On 03/20/2014 11:48 PM, Dolph Mathews wrote:
Yes, those
Yes, those tests are conditionally executed if
https://pypi.python.org/pypi/python-memcached/ is installed and if so,
memcached is assumed to be accessible on localhost. Unfortunately the test
suite doesn't have a sanity check for that following assumption, so the
test failures aren't particularly
On Thu, Mar 20, 2014 at 10:49 AM, Russell Bryant rbry...@redhat.com wrote:
We recently discussed the idea of using gerrit to review blueprint
specifications [1]. There was a lot of support for the idea so we have
proceeded with putting this together before the start of the Juno
development
For posterity, I assume this thread is related to:
http://lists.openstack.org/pipermail/openstack-dev/2014-February/028125.html
Anyway, keystone itself has issued 36-char tenant ID's in the past (diablo,
I believe, if not essex as well). Something like this:
$ python -c import uuid; s =
On Mon, Mar 3, 2014 at 8:48 AM, Jay Pipes jaypi...@gmail.com wrote:
On Sun, 2014-03-02 at 12:05 -0800, Morgan Fainberg wrote:
Having done some work with MySQL (specifically around similar data
sets) and discussing the changes with some former coworkers (MySQL
experts) I am inclined to
or
get these notifications ?
Regards,
Nader.
On Feb 20, 2014, at 9:06 AM, Dolph Mathews dolph.math...@gmail.com
wrote:
Yes, see:
http://docs.openstack.org/developer/keystone/event_notifications.html
On Thu, Feb 20, 2014 at 10:54 AM, Nader Lahouti
nader.laho...@gmail.com
external facing requirements for
storage of user and group IDs (above and beyond what is true today).
Henry
On 27 Feb 2014, at 03:46, Adam Young ayo...@redhat.com wrote:
On 02/26/2014 08:25 AM, Dolph Mathews wrote:
On Tue, Feb 25, 2014 at 2:38 PM, Jay Pipes jaypi...@gmail.com
On Wed, Feb 26, 2014 at 4:23 AM, Marco Fargetta
marco.farge...@ct.infn.itwrote:
Hi Morgan,
On Tue, Feb 25, 2014 at 11:47:43AM -0800, Morgan Fainberg wrote:
For purposes of supporting multiple backends for Identity (multiple
LDAP, mix
of LDAP and SQL, federation, etc) Keystone is planning
On Tue, Feb 25, 2014 at 2:38 PM, Jay Pipes jaypi...@gmail.com wrote:
On Tue, 2014-02-25 at 11:47 -0800, Morgan Fainberg wrote:
For purposes of supporting multiple backends for Identity (multiple
LDAP, mix of LDAP and SQL, federation, etc) Keystone is planning to
increase the maximum size
Yes, see:
http://docs.openstack.org/developer/keystone/event_notifications.html
On Thu, Feb 20, 2014 at 10:54 AM, Nader Lahouti nader.laho...@gmail.comwrote:
Hi All,
I have a question regarding creating/deleting a tenant in openstack (using
horizon or CLI). Is there any notification
On Thu, Feb 20, 2014 at 4:18 AM, Marco Fargetta
marco.farge...@ct.infn.itwrote:
Dear all,
I am interested to the integration of SAML with keystone and I am analysing
the following blueprint and its implementation:
https://blueprints.launchpad.net/keystone/+spec/saml-id
On Wed, Feb 19, 2014 at 10:21 AM, Vinod Kumar Boppanna
vinod.kumar.boppa...@cern.ch wrote:
Dear All,
I am doing some development in Nova and in this regard, i have to write a
code where Nova requests some date through V3 API of keystone. But the
keystoneclient is always falling back to V2
On Wed, Feb 19, 2014 at 12:33 PM, Dan Prince dpri...@redhat.com wrote:
Perhaps one of the lesser know Gerrit features is the ability to
overwrite someone else's patchset/review with a new revision. This can be a
handy thing for collaboration, or perhaps to make minor edits (spelling
fixes for
:35 AM, Yongsheng Gong gong...@unitedstack.comwrote:
It is not easy to enhance it. If we check the tenant_id on creation, if
should we also to do some job when keystone delete tenant?
On Mon, Feb 17, 2014 at 6:41 AM, Dolph Mathews dolph.math...@gmail.comwrote
I just noticed the subject of this email referred to the first batch of
invitations -- are there going to be subsequent batches of invites? If so,
who was not included in the first batch that will be in subsequent batches?
On Tue, Jan 28, 2014 at 2:45 PM, Stefano Maffulli
On Mon, Feb 10, 2014 at 5:23 PM, Frittoli, Andrea (Cloud Services)
fritt...@hp.com wrote:
Hi,
I’m working on a tempest blueprint to make tempest able to run 100% on
keystone v3 (or later versions) – the auth version to be used will be
available via a configuration switch.
The
binding is targeted
for icehouse or juno?
Clients are tracked against the same release milestones of the services, so
the integration can happen whenever someone wants to tackle it and we can
release them when they're ready.
andrea
*From:* Dolph Mathews [mailto:dolph.math...@gmail.com
keystoneclient.middlware.auth_token passes a project ID (and name, for
convenience) to the underlying application through the WSGI environment,
and already ensures that this value can not be manipulated by the end user.
Project ID's (redundantly) passed through other means, such as URLs, are up
On Wed, Feb 12, 2014 at 8:30 AM, Julie Pichon jpic...@redhat.com wrote:
I can definitely sympathise with the comment in Stefano's article that
there are not enough easy tasks / simple issues for newcomers. There's
a lot to learn already when you're starting out (git, gerrit, python,
Sent: Friday, 7 February, 2014 7:13:20 PM
Subject: Re: [openstack-dev] [keystone] Integrating with 3rd party DB
Jamie Lennox jamielen...@redhat.com writes:
- Original Message -
From: Noorul Islam K M noo...@noorul.com
To: Dolph Mathews dolph.math...@gmail.com
Cc
On Wed, Feb 5, 2014 at 10:22 AM, Thierry Carrez thie...@openstack.orgwrote:
(This email is mostly directed to PTLs for programs that include one
integrated project)
The DefCore subcommittee from the OpenStack board of directors asked the
Technical Committee yesterday about which code
On Thu, Feb 6, 2014 at 6:38 AM, Noorul Islam Kamal Malmiyoda
noo...@noorul.com wrote:
Hello stackers,
We have a database with tables users, projects, roles, etc. Is there
any reference implementation or best practices to make keystone use
this DB instead of its own?
What's the problem
Can you open a bug for this at https://bugs.launchpad.net/keystone ? Thanks!
On Sun, Feb 2, 2014 at 9:15 AM, Martinx - ジェームズ
thiagocmarti...@gmail.comwrote:
Guys,
I'm trying to install IceHouse-2 in a dual-stacked environment (Ubuntu
14.04) but, keystone-manage db_sync doesn't work if db
On Sat, Feb 1, 2014 at 12:33 PM, Anne Gentle a...@openstack.org wrote:
On Thu, Jan 23, 2014 at 5:21 AM, Steven Hardy sha...@redhat.com wrote:
Hi all,
I've recently been working on migrating the heat internal interfaces to
use
the keystone v3 API exclusively[1].
This work has mostly
CC'd Adam Young
Several of us were very much in favor of this around the Folsom release,
but we settled on domains as a solution to the most immediate use case
(isolation between flat collections of tenants, without impacting the rest
of openstack). I don't think it has been discussed much in the
On Tue, Jan 28, 2014 at 12:54 PM, Simon Perfer simon.per...@hotmail.comwrote:
Thanks again, Dolph.
First, is there some good documentation on how to write a custom driver?
I'm wondering specifically about how a keystone user-list is mapped to a
specific function in
_check_password() is a private/internal API, so we make no guarantees about
it's stability. Instead, override the public authenticate() method with
something like this:
def authenticate(self, user_id, password, domain_scope=None):
if user_id in SPECIAL_LIST_OF_USERS:
#
From your original email, it sounds like you want to extend the existing
LDAP identity driver implementation, rather than writing a custom driver
from scratch, which is what you've written. The TemplatedCatalog driver
sort of follows that pattern with the KVS catalog driver, although it's not
a
On Thu, Jan 23, 2014 at 4:02 PM, Russell Bryant rbry...@redhat.com wrote:
Greetings,
Last cycle we had A feature proposal deadline across some projects.
This was the date that code associated with blueprints had to be posted
for review to make the release. This was in advance of the
First of all, welcome! As Steve suggested, feel free to ask questions in
#openstack-dev ... it seems there's almost always someone online with deep
knowledge of keystone.
On Wed, Jan 22, 2014 at 8:28 PM, Mario Adessi mario.ade...@live.com wrote:
I'd like to begin contributing to the keystone
,
Florent Flament
--
*From: *Dolph Mathews dolph.math...@gmail.com
*To: *OpenStack Development Mailing List (not for usage questions)
openstack-dev@lists.openstack.org
*Sent: *Thursday, January 23, 2014 3:09:51 PM
*Subject: *Re: [openstack-dev] [Keystone] bp proposal
Ooh, I meant to get this done last week as I agree that keystoneclient
needed to see a new release, but it totally slipped my mind.
python-keystoneclient 0.4.2 is now available on pypi!
https://pypi.python.org/pypi/python-keystoneclient/0.4.2
What's included in the milestone:
On Tue, Jan 7, 2014 at 11:01 AM, Adam Young ayo...@redhat.com wrote:
On 01/06/2014 01:10 PM, Jeremy Stanley wrote:
On 2014-01-06 10:19:39 -0500 (-0500), Adam Young wrote:
If it were as easy as just replaceing hteh hash algorithm, we
would have done it a year + ago. I'm guessing you figured
Hello everyone!
We've been talking this for a long while, and we finally have a bunch of
changes to make to keystone-core all at once. A few people have moved on,
the project has grown a bit, and our review queue grows ever longer. As
ayoung phrased it in today's keystone meeting, with entirely
In the past, I've been able to get authors of bug fixes attached to
Launchpad bugs to sign the CLA and submit the patch through gerrit...
although, in one case it took quite a bit of time (and thankfully it wasn't
a critical fix or anything).
This scenario just came up again (example: [1]), so
On Thu, Dec 12, 2013 at 4:48 PM, Morgan Fainberg m...@metacloud.com wrote:
On December 12, 2013 at 14:32:36, Dolph Mathews
(dolph.math...@gmail.com//dolph.math...@gmail.com)
wrote:
On Thu, Dec 12, 2013 at 2:58 PM, Adam Young ayo...@redhat.com wrote:
On 12/04/2013 08:58 AM, Jarret Raim
Services already own their own policy enforcement, and therefore own their
own definitions of roles. A service deployment can already require roles
that are prefixed by a specific string (compute-*), and can already map
actual capabilities onto those roles ({compute-create:
role:compute-manager}).
into
the policy file.
Henry
On 12 Dec 2013, at 03:11, Paul Belanger paul.belan...@polybeacon.com
wrote:
On 13-12-11 11:18 AM, Lyle, David wrote:
+1 on moving the domain admin role rules to the default policy.json
-David Lyle
From: Dolph Mathews [mailto:dolph.math...@gmail.com]
Sent
On Thu, Dec 12, 2013 at 8:50 AM, Adam Young ayo...@redhat.com wrote:
On 12/11/2013 10:11 PM, Paul Belanger wrote:
On 13-12-11 11:18 AM, Lyle, David wrote:
+1 on moving the domain admin role rules to the default policy.json
-David Lyle
From: Dolph Mathews [mailto:dolph.math...@gmail.com
The policy file is protecting v3 API calls at the controller layer, but
you're calling the v2 API. The policy decorators should be moved to the
manager layer to protect both APIs equally... but we'd have to be very
careful not to break deployments depending on the trivial assert_admin
behavior
On Wed, Dec 11, 2013 at 4:25 PM, Stefano Maffulli stef...@openstack.orgwrote:
On 12/06/2013 02:19 AM, Jaromir Coufal wrote:
We are growing. At the moment we are 4 core members and others are
coming in. But honestly, contributors are not coming to specific
projects - they go to reach UX
On Thu, Dec 12, 2013 at 2:58 PM, Adam Young ayo...@redhat.com wrote:
On 12/04/2013 08:58 AM, Jarret Raim wrote:
While I am all for adding a new program, I think we should only add one
if we
rule out all existing programs as a home. With that in mind why not add
this
to the keystone
On Thu, Dec 12, 2013 at 3:46 PM, Robert Collins
robe...@robertcollins.netwrote:
Hi, I'm trying to overhaul the bug triage process for nova (initially)
to make it much lighter and more effective.
I'll be sending a more comprehensive mail shortly but one thing that
has been giving me pause is
gone, it
would be a more interesting, more approachable discussion.
Cheers,
Morgan Fainberg
On December 12, 2013 at 10:32:40, Dolph Mathews
(dolph.math...@gmail.com//dolph.math...@gmail.com)
wrote:
The policy file is protecting v3 API calls at the controller layer, but
you're calling
On Tue, Dec 10, 2013 at 10:49 PM, Jamie Lennox jamielen...@redhat.comwrote:
Using the default policies it will simply check for the admin role and not
care about the domain that admin is limited to. This is partially a left
over from the V2 api when there wasn't domains to worry about.
A
On Mon, Dec 9, 2013 at 9:08 PM, Adam Young ayo...@redhat.com wrote:
On 12/09/2013 05:34 PM, Steven Hardy wrote:
Hi all,
I have some queries about what the future of the ec2tokens API is for
keystone, context as we're looking to move Heat from a horrible mixture of
v2/v3 keystone to just
On Sun, Dec 8, 2013 at 5:20 PM, Monty Taylor mord...@inaugust.com wrote:
Hi!
Thanks - I've been wanting to kill this for a long time. Thanks for
starting the discussion...
On 12/08/2013 07:26 PM, Brant Knudson wrote:
We'd like to get the keystoneclient tests out of keystone. They're
On Wed, Dec 4, 2013 at 7:48 PM, David Stanek dsta...@dstanek.com wrote:
On Wed, Dec 4, 2013 at 6:44 PM, Adrian Otto adrian.o...@rackspace.comwrote:
Jamie,
Thanks for the guidance here. I am checking to see if any of our
developers might take an interest in helping with the upstream work. At
On Mon, Nov 25, 2013 at 4:25 PM, Jamie Lennox jamielen...@redhat.comwrote:
To most of your questions i don't know the answer as the format was in
place before i started with the project. I know that it is similar (though
not exactly the same) as nova's but not where they are documented (as
On Sun, Nov 24, 2013 at 9:39 PM, Adam Young ayo...@redhat.com wrote:
The #1 pain point I hear from people in the field is that they need to
consume read only LDAP but have service users in something Keystone
specific. We are close to having this, but we have not closed the loop.
This was
.
--Morgan
On Wed, Nov 20, 2013 at 2:08 PM, Dolph Mathews
dolph.math...@gmail.com
wrote:
I don't have a great answer -- do any projects depend on it other
than
python-keystoneclient? I'm happy to see it removed -- I see the
immediate
benefit but it's obviously
On Tue, Dec 3, 2013 at 12:46 PM, John Griffith
john.griff...@solidfire.comwrote:
On Tue, Dec 3, 2013 at 11:38 AM, Russell Bryant rbry...@redhat.com
wrote:
On 12/03/2013 09:22 AM, Joe Gordon wrote:
HI all,
Recently I have seen a few patches fixing a few typos. I would like to
point
On Mon, Dec 2, 2013 at 11:55 AM, Russell Bryant rbry...@redhat.com wrote:
On 12/02/2013 12:46 PM, Monty Taylor wrote:
On 12/02/2013 11:53 AM, Russell Bryant wrote:
* Scope
** Project must have a clear and defined scope
This is missing
** Project should not inadvertently
On Wed, Nov 27, 2013 at 8:12 AM, Steven Hardy sha...@redhat.com wrote:
On Tue, Nov 26, 2013 at 10:17:56PM +1030, Christopher Yeoh wrote:
On Mon, Nov 25, 2013 at 7:50 PM, Flavio Percoco fla...@redhat.com
wrote:
On 24/11/13 12:47 -0500, Doug Hellmann wrote:
On Sun, Nov 24, 2013 at
On Tue, Nov 26, 2013 at 5:23 AM, Thierry Carrez thie...@openstack.orgwrote:
Dolph Mathews wrote:
On Mon, Nov 25, 2013 at 8:12 PM, Robert Collins
robe...@robertcollins.net mailto:robe...@robertcollins.net wrote:
So my proposal is that we make it part of the base hygiene
On Tue, Nov 26, 2013 at 2:47 AM, Flavio Percoco fla...@redhat.com wrote:
On 25/11/13 16:50 -0600, Dolph Mathews wrote:
On Mon, Nov 25, 2013 at 2:41 AM, Flavio Percoco fla...@redhat.com
wrote:
On 25/11/13 09:28 +1000, Jamie Lennox wrote:
So the way we have this in keystone
On Mon, Nov 25, 2013 at 2:41 AM, Flavio Percoco fla...@redhat.com wrote:
On 25/11/13 09:28 +1000, Jamie Lennox wrote:
So the way we have this in keystone at least is that querying GET / will
return all available API versions and querying /v2.0 for example is a
similar result with just the v2
On Mon, Nov 25, 2013 at 8:12 PM, Robert Collins
robe...@robertcollins.netwrote:
This has been mentioned in other threads, but I thought I'd call it
out and make it an explicit topic.
We have over 100 recheck bugs open on
http://status.openstack.org/rechecks/ - there is quite a bit of
+1 for using the term project across all services. Projects provide
multi-tenant isolation for resources across the cloud. Part of the reason
we prefer projects in keystone is that domains conceptually provide
multi-tenant isolation within keystone itself, so the overloaded tenant
terminology gets
On Sat, Nov 23, 2013 at 2:27 PM, Caitlin Bestler
caitlin.best...@nexenta.com wrote:
On November 23, 2013 4:09:49 AM Christopher Yeoh cbky...@gmail.com
wrote:
Hi,
So in the past we've used both tenant and project to refer to the same
thing and I think its been a source of confusion for
On Fri, Nov 22, 2013 at 3:31 AM, Thierry Carrez thie...@openstack.orgwrote:
Robert Collins wrote:
I don't understand why branches would be needed here *if* the breaking
changes don't impact any supported release of OpenStack.
Right -- the trick is what does supported mean in that case.
On Wed, Nov 20, 2013 at 9:09 AM, Thierry Carrez thie...@openstack.orgwrote:
Hi everyone,
How should we proceed to make sure UX (user experience) is properly
taken into account into OpenStack development ? Historically it was hard
for UX sessions (especially the ones that affect multiple
On Wed, Nov 20, 2013 at 10:24 AM, Yuriy Taraday yorik@gmail.com wrote:
On Wed, Nov 20, 2013 at 3:21 PM, Sylvain Bauza sylvain.ba...@bull.netwrote:
Yes indeed, that's something coming into my mind. Looking at Nova, I
found a context_is_admin policy in policy.json allowing you to say which
On Wed, Nov 20, 2013 at 10:52 AM, Yuriy Taraday yorik@gmail.com wrote:
Hello, Dolph.
On Wed, Nov 20, 2013 at 8:42 PM, Dolph Mathews dolph.math...@gmail.comwrote:
On Wed, Nov 20, 2013 at 10:24 AM, Yuriy Taraday yorik@gmail.comwrote:
context.is_admin should not be checked directly
I don't have a great answer -- do any projects depend on it other than
python-keystoneclient? I'm happy to see it removed -- I see the immediate
benefit but it's obviously not significant relative to python 3 support.
BTW, this exact issue is being tracked here-
On Wed, Nov 20, 2013 at 1:06 PM, Dmitri Zimin(e) | StackStorm
d...@stackstorm.com wrote:
Thanks Terry for highlighting this:
Yes, tenant isolation is the must. It's not reflected in the prototype -
it queries Solr directly; but the proper implementation will go through the
query API
Hmm, I was sort of thinking along the same lines after writing my
post-summit summary for keystone:
https://gist.github.com/dolph/7366031
Granted this is the first time I've written such a document, I could see
this evolving into a regularly updated document on the long term direction
that
Related BP:
Create a unified request identifier
https://blueprints.launchpad.net/nova/+spec/cross-service-request-id
On Tue, Nov 19, 2013 at 5:04 AM, haruka tanizawa harube...@gmail.comwrote:
Hi stackers!!
I'd like to ask for your opinions about my idea of identifying request.
It sounds like you're looking for barbican :)
https://github.com/stackforge/barbican
On Thu, Nov 14, 2013 at 8:55 PM, Nachi Ueno na...@ntti3.com wrote:
Hi Keystone guys
I'm going to use keystone credentials API to store SSL-VPN certificate.
However I have a concern about blob attribute.
On Wed, Nov 13, 2013 at 6:46 PM, Robert Collins
robe...@robertcollins.netwrote:
Hi so - in http://docs.openstack.org/developer/hacking/
it has as bullet point 4:
Long lines should be wrapped in parentheses in preference to using a
backslash for line continuation.
I'm seeing in some reviews
so in this case how does the Active Directory user gets a id , and
how do you map the user to a role? Is there any example you can point me
to?
On Wed, Nov 13, 2013 at 11:24 AM, Dolph Mathews
dolph.math...@gmail.comwrote:
Yes, that's the preferred approach in Havana: Users and Groups via
On Sat, Nov 2, 2013 at 11:06 AM, Steven Hardy sha...@redhat.com wrote:
Hi all,
Looking to start a wider discussion, prompted by:
https://review.openstack.org/#/c/54651/
https://blueprints.launchpad.net/heat/+spec/management-api
https://etherpad.openstack.org/p/heat-management-api
Summary
On Thu, Nov 14, 2013 at 2:55 PM, Matt Riedemann
mrie...@linux.vnet.ibm.comwrote:
On 11/14/2013 2:43 PM, David Ripton wrote:
On 11/11/2013 03:35 PM, David Ripton wrote:
I'll volunteer to do this release. I'll wait 24 hours from the
timestamp of this email for input first. So, if anyone
On Thu, Nov 14, 2013 at 11:43 AM, Steven Hardy sha...@redhat.com wrote:
On Thu, Nov 14, 2013 at 10:20:02AM -0600, Dolph Mathews wrote:
On Sat, Nov 2, 2013 at 11:06 AM, Steven Hardy sha...@redhat.com wrote:
Hi all,
Looking to start a wider discussion, prompted by:
https
On Thursday, November 14, 2013, David Ripton wrote:
On 11/14/2013 03:55 PM, Matt Riedemann wrote:
On 11/14/2013 2:43 PM, David Ripton wrote:
On 11/11/2013 03:35 PM, David Ripton wrote:
I'll volunteer to do this release. I'll wait 24 hours from the
timestamp of this email for input
I guarantee there's a few things I'm forgetting, but this is my collection
of things we discussed at the summit and determined to be good things to
pursue during the icehouse timeframe. The contents represent a high level
mix of etherpad conclusions and hallway meetings.
On Wed, Nov 13, 2013 at 9:47 AM, John Griffith
john.griff...@solidfire.comwrote:
On Wed, Nov 13, 2013 at 7:21 AM, Andrew Laski
andrew.la...@rackspace.com wrote:
On 11/13/13 at 05:48am, Gary Kotton wrote:
I recall a few cycles ago having str(uuid.uuid4()) replaced by
generate_uuid().
UserID: id of user this attribute is assigned to
AttributeID: id of attribute from above table
Value: the value of the assigned attribute
you dont need to change the existing APIs and procedure calls, as they can
be re-written to access the new tables.
regards
David
On 13/11/2013 16:04, Dolph
On Wed, Nov 13, 2013 at 7:58 AM, Russell Bryant rbry...@redhat.com wrote:
On 11/13/2013 08:15 AM, Thierry Carrez wrote:
Two options are possible for that off week:
* Week of April 21 - this one is just after release, and some people
still have a lot to do during that week. On the plus
Yes, that's the preferred approach in Havana: Users and Groups via LDAP,
and everything else via SQL.
On Wednesday, November 13, 2013, Avi L wrote:
Hi,
I understand that the LDAP provider in keystone can be used for
authenticating a user (i.e validate username and password) , and it also
On Fri, Nov 8, 2013 at 2:38 AM, Matthias Runge mru...@redhat.com wrote:
Those are my primary targets I'd like to see addressed in Horizon during
the cycle. Another thing I'd like to see addressed is the lack of
listening to a notification service. That's probably an integration
point with
On Sun, Nov 10, 2013 at 3:06 PM, Monty Taylor mord...@inaugust.com wrote:
https://review.openstack.org/#/mine/important/
Shows me old changes at the top of the reviewable section. Do you use
that view at all?
That shows me all my own reviews merged abandoned first, which are just
noise
So, there's a bunch of use case questions here where I suspect there are no
correct answers (so preferences will vary per deployment). The first ones
that come to mind-
Are the users accessing this web form trusted or untrusted?
Do they need to be verified, somehow? Are they going to be billed
On Thu, Oct 31, 2013 at 8:38 AM, Sebastian Porombka
porom...@uni-paderborn.de wrote:
Hello Folks.
I have a problem after grizzly-havana migration where i’m unable to
rescue myself.
When I open the Admin - Resource-Usage View i get no results – only a
red error box with the message
On Mon, Oct 28, 2013 at 5:46 PM, Qing He qing...@radisys.com wrote:
In my hard drive-less use case, I need an in-core-db/cache that can be in
the same db cluster with real db (with hard drive) with the same sql api so
that the current openstack code do not need to be changed, instead, just a
On Wed, Oct 30, 2013 at 5:08 PM, Peter Feiner pe...@gridcentric.ca wrote:
Hi Brant,
In addition to the race you've fixed in
https://review.openstack.org/#/c/50767/, it looks like there are quite
a few more races in the SQL backend of keystone.assignment. I filed a
bug to this effect:
On Mon, Oct 28, 2013 at 3:18 AM, Mark McLoughlin mar...@redhat.com wrote:
On Sun, 2013-10-27 at 21:50 -0400, Monty Taylor wrote:
Hey all!
We're adding a little bit of code to pbr to make the auto-generated
ChangeLog files a bit more useful. Currently, they are just the git
changelog,
It's not specific to mysql (or sql at all), but keystone is using
dogpile.cache around driver calls to a similar effect.
http://dogpilecache.readthedocs.org/en/latest/
It can persist to memcache, redis, etc.
https://github.com/openstack/keystone/blob/master/keystone/common/cache/core.py
On
On Thu, Oct 24, 2013 at 1:48 PM, Robert Collins
robe...@robertcollins.netwrote:
*) They help casual contributors *more* than long time core
contributors : and those are the folk that are most likely to give up
and walk away. Keeping barriers to entry low is an important part of
making
On Fri, Oct 25, 2013 at 2:43 PM, Robert Collins
robe...@robertcollins.netwrote:
On 26 October 2013 08:40, Dolph Mathews dolph.math...@gmail.com wrote:
On Thu, Oct 24, 2013 at 1:48 PM, Robert Collins
robe...@robertcollins.net
wrote:
*) They help casual contributors *more* than long
On Wed, Oct 23, 2013 at 8:14 AM, Chmouel Boudjnah chmo...@enovance.comwrote:
Hello,
If i understand correctly (and I may be wrong) we are moving away from
user_crud to use /credentials for updating password including ec2. The
credentials facility was implemented in this blueprint :
On Wed, Oct 23, 2013 at 1:20 PM, Sean Dague s...@dague.net wrote:
One of the efforts that we're working on from the QA team is tooling that
ensures we aren't stack tracing into our test logs during normal tempest
runs. Random stack traces are scary to cloud admins consuming OpenStack
logs,
201 - 300 of 382 matches
Mail list logo