Folks
We saw several High issues with how keystone manages regular memcached
tokens. I know, this is not the perfect time as you already decided to push
it from 7.0, but I would reconsider declaring it as FFE as it affects HA
and UX poorly. If we can enable tokens simply by altering
I agree. Configuration with memcache made by Fuel now has issues which badly
affect overall OpenStack experience.
On Monday 27 July 2015 14:34:59 Vladimir Kuklin wrote:
Folks
We saw several High issues with how keystone manages regular memcached
tokens. I know, this is not the perfect time
Actually Fernet token IS the best bet on stability and quality.
On Mon, Jul 27, 2015 at 3:23 PM, Sergii Golovatiuk sgolovat...@mirantis.com
wrote:
Guys, I object of merging Fernet tokens. I set -2 for any Fernet related
activities. Firstly, there are some ongoing discussions how we should
I've filed a ticket to test Fernet token on the scale lab:
https://mirantis.jira.com/browse/MOSS-235
If this feature is not granted FFE we still can configure it manually by
changing keystone config.
So I think internal how-to document backed-up with scale and bvt testing
will allow our deployers
Guys, I object of merging Fernet tokens. I set -2 for any Fernet related
activities. Firstly, there are some ongoing discussions how we should
distribute, revoke, rotate SSL keys for Fernet. Secondly, there some
discussion in community about potential security concerns where user may
renew token
On 07/27/2015 04:52 AM, Alexander Makarov wrote:
I've filed a ticket to test Fernet token on the scale lab:
https://mirantis.jira.com/browse/MOSS-235
This is good, but keep in mind that the broader community does not have
access to the Mirantis JIRA :) Probably better to just mention you have
Fuel Library team, I expect your immediate reply here.
I'd like upgrades team to take a look at this one, as well as at the one
which moves Keystone under Apache, in order to check that there are no
issues here.
-1 from me for this time in the cycle. I'm concerned about:
1. I don't see any
Fuel Library team, I expect your immediate reply here.
I'd like upgrades team to take a look at this one, as well as at the one
which moves Keystone under Apache, in order to check that there are no
issues here.
-1 from me for this time in the cycle. I'm concerned about:
1. I don't
Hi,
we were not able to get a working deployment with fernet token support
patches, mostly due to issues with keys generation and deployment
mechanism. I've also spend some time debugging problems with this and I
think it's too risky to land it in 7.0. So I vote for postponing it till
8.0.
Thanks guys. Feature Freeze exception request is declined then. Let's
polish this work before the next release, merge changes to upstream
puppet-openstack, and then just use librarian in the next release.
I'd like to comment Bogdan's email -
unless we fully switch to librarian, I don't agree
Mike,
Thanks! +1 to Let's polish this work before the next release, merge
changes to upstream puppet-openstack, and then just use librarian in
the next release.
-- dims
On Fri, Jul 24, 2015 at 1:39 PM, Mike Scherbakov
mscherba...@mirantis.com wrote:
Thanks guys. Feature Freeze exception
11 matches
Mail list logo
