Re: [openstack-dev] [tc][appcat] The future of the App Catalog

2017-03-12 Thread Fox, Kevin M
I totally agree that policy management is a major problem too. A much bigger one then instance users, and something I was hoping to get to after instance users, but never made it past the easier of the two. :/ The just inject creds solution keeps getting proposed, but only looks at the

Re: [openstack-dev] [tc][appcat] The future of the App Catalog

2017-03-12 Thread Jeremy Stanley
On 2017-03-10 13:37:10 -0500 (-0500), Zane Bitter wrote: [...] > *That* discussion (the TC vision one) was scheduled to happen in the > Stewardship Working Group meeting at the PTG in Atlanta: > https://etherpad.openstack.org/p/AtlantaPTG-SWG-TCVision > > Then it was cancelled because it became

[openstack-dev] [tc][keystone][tacker]

2017-03-12 Thread yanxin...@cmss.chinamobile.com
Hi, folks: Currently tacker server node stores fernet keys for vim password decryption on local root file system. If Tacker service serves API requests through a load balancer, then the operation will fail if the request is not fulfilled by the server node which created and stored the

Re: [openstack-dev] [tc][keystone][tacker]

2017-03-12 Thread Shake Chen
Hi why not use barbican? On Sun, Mar 12, 2017 at 10:33 PM, yanxin...@cmss.chinamobile.com < yanxin...@cmss.chinamobile.com> wrote: > > Hi, folks: > > Currently tacker server node stores fernet keys for vim > password decryption on local root file system. > If Tacker service serves API

Re: [openstack-dev] [tc][appcat] The future of the App Catalog

2017-03-12 Thread Tim Bell
> On 11 Mar 2017, at 08:19, Clint Byrum wrote: > > Excerpts from Christopher Aedo's message of 2017-03-10 19:30:18 -0800: >> On Fri, Mar 10, 2017 at 6:20 PM, Clint Byrum wrote: >>> Excerpts from Fox, Kevin M's message of 2017-03-10 23:45:06 +: So,

Re: [openstack-dev] [tc][appcat] The future of the App Catalog

2017-03-12 Thread Clint Byrum
Excerpts from Fox, Kevin M's message of 2017-03-11 21:31:40 +: > No, they are treated as second class citizens. Take Trova again as an > example. The underlying OpenStack infrastructure does not provide a good > security solution for Trove's use case. As its more then just IaaS. So they >

Re: [openstack-dev] [tc][keystone][tacker]

2017-03-12 Thread yanxingan
Thanks, Shake Chen. Seems barbican is a better way. On 2017/3/12 22:59, Shake Chen wrote: Hi why not use barbican? On Sun, Mar 12, 2017 at 10:33 PM, yanxin...@cmss.chinamobile.com >

Re: [openstack-dev] [storlets] Mascot request

2017-03-12 Thread Eran Rom
Heidi, Thanks very much for the draft. The mascot is awesome. I guess I am struggling with how to distinguish a stork from a storklet: The mascot looks more like a stork. I think that what distinguishes a stork chick from other similar chicks (of e.g. herons / gannets / ) is the long and thick

Re: [openstack-dev] [tc][appcat] The future of the App Catalog

2017-03-12 Thread Clint Byrum
Excerpts from Fox, Kevin M's message of 2017-03-12 16:54:20 +: > I totally agree that policy management is a major problem too. A much bigger > one then instance users, and something I was hoping to get to after instance > users, but never made it past the easier of the two. :/ > > > The

[openstack-dev] [Murano] Where to find list of Newton Murano bugs, and post-Newton commits

2017-03-12 Thread Waines, Greg
We have integrated a NEWTON-version of Murano into our OpenStack product. And are beginning to do some testing of Murano. Where can I find a current list of bugs that exist in NEWTON-version of MURANO ? AND Where can I find a list of post-NEWTON commits to MURANO ? (i.e. bug fixes,

[openstack-dev] Fwd: How to fix this bug?

2017-03-12 Thread Sam
Hi all, I'm installing openstack ocata version, in this step: https://docs.openstack.org/ocata/install-guide-ubuntu/keystone-users.html I got error while run 'openstack' command: Unauthorized: The request you have made requires authentication. (HTTP 401) (Request-ID:

Re: [openstack-dev] [mistral] Mistral Custom Actions API Design

2017-03-12 Thread Renat Akhmerov
> One of the pain points for me as an action developer is the OpenStack > actions[1]. Since they all use the same method name to retrieve the > underlying client, you cannot simply inherit from more than one so you are > forced to rewrite the client access methods. We saw this in creating

[openstack-dev] [oslo] Oslo weekly meeting

2017-03-12 Thread ChangBo Guo
Hi, We have weekly Oslo meeting today, The meeting would be held on Monday UTC 1400 at irc channel #openstack-meeting-3. Please feel free to add items to the section [High prioritiy items] on https://etherpad.openstack.org/p/oslo-pike-tracking If you have anything to raise. Thanks --