I don't think either of you is wrong. I too think that in cases where it's
not easy to find a majority, it might make sense to just do what the other
projects are doing.
Unfortunately for us, Keystone adopts the name is unique phylosophy,
whereas nova adopts name is a label.
Is it worth
On 07/17/2012 10:39 AM, Salvatore Orlando wrote:
I don't think either of you is wrong. I too think that in cases where
it's not easy to find a majority, it might make sense to just do what
the other projects are doing.
Unfortunately for us, Keystone adopts the name is unique phylosophy,
Jay Pipes on 16 July 2012 18:31 wrote:
On 07/16/2012 09:55 AM, David Kranz wrote:
Sure, although in this *particular* case the Cinder project is a
bit-for-bit copy of nova-volumes. In fact, the only thing really of
cause for concern are:
* Providing a migration script for the database
Will we also have a separate Cinder API server?
Tom
-Original Message-
From: openstack-bounces+tom.howley=hp@lists.launchpad.net
[mailto:openstack-bounces+tom.howley=hp@lists.launchpad.net] On Behalf Of
Thomas, Duncan
Sent: 17 July 2012 10:47
To: Jay Pipes;
Hi All,
So I've been looking at CloudPipe and have got to a stage where I can
successfully (I presume) create a CloudPipe image and it launches.
But now what? :)
My understanding is that you now execute, from your desktop, openvpn
against the public IP of the CloudPipe image which then allows
On Tue, Jul 17, 2012 at 6:12 PM, Howley, Tom tom.how...@hp.com wrote:
Will we also have a separate Cinder API server?
Yes, we have.
Tom
-Original Message-
From: openstack-bounces+tom.howley=hp@lists.launchpad.net
[mailto:openstack-bounces+tom.howley=hp@lists.launchpad.net]
Yunhong,
Thanks for your interest in our patch. The original purpose of the
instance_type_extra_specs is providing ability to specify any specs that cannot
be enumerated at the nova coding time such as hardware-specific requirements
(like gpu) or any features in the future system (like python
On 06/06/2012 07:24 PM, Sam Morrison wrote:
Hi,
There has been a first attempt at this in keystone.
See https://review.openstack.org/#/c/7437/
And bug: https://bugs.launchpad.net/keystone/+bug/996922
It needs more work to make it secure though.
WHat do you think it needs? Please open a bug
You need an admin token and to go against port 35357 for those types of
operations. A basic user does not have permission to do so. It has
nothing to do with LDAP.
On 05/22/2012 11:47 AM, Sharif Islam wrote:
I think my LDAP bind is working by tenant-list and user-list gives me
Is it up for review somewhere so we can debug by inspection?
-Sean
On 07/16/2012 11:59 PM, Jim Fehlig wrote:
I'm working on a patch that adds a column to the compute_nodes table in
the nova db, but it seems my db migration script fails when calling 'db
sync' in stack.sh. I tried
On 07/16/2012 11:59 PM, Jim Fehlig wrote:
I'm working on a patch that adds a column to the compute_nodes table in
the nova db, but it seems my db migration script fails when calling 'db
sync' in stack.sh. I tried running the command manually, same failure:
stack@virt71:~
On Mon, Jul 16, 2012 at 7:20 PM, Adam Young ayo...@redhat.com wrote:
Usually a Quota is a limitation on a resource. I suspect that the problem
here is we have not nailed down the resource objects that you would then
apply a quota to. If, for example, we were talking about disk quotas, we
-Original Message-
From: Jim Fehlig [mailto:jfeh...@suse.com]
Sent: Tuesday, July 17, 2012 11:37 AM
To: Jiang, Yunhong
Cc: j...@isi.edu; openstack@lists.launchpad.net
Subject: Re: [Openstack] One question on the compute_filter
Jiang, Yunhong wrote:
Hi, Joseph
I’m
-Original Message-
From: Joseph Suh [mailto:j...@isi.edu]
Sent: Tuesday, July 17, 2012 9:38 PM
To: Jiang, Yunhong
Cc: Dugger, Donald D; openstack@lists.launchpad.net
Subject: Re: One question on the compute_filter
Yunhong,
Thanks for your interest in our patch. The original
Hengqing Hu wrote:
There is a test in nova:
You can run run_tests.sh in your nova root like this:
./run_tests.sh -v test_migrations
Thanks for the tip!
If there is something wrong in the migration script,
it will show up in the console.
Indeed. And easy to fix problems once you know the
I recently thought about and wrote up a concept for a distributed quota
manager that I have dubbed Boson. Unfortunately, higher priorities at
Rackspace have kept me from working on it, so I wanted to get the
proposal out there for others to comment and cogitate on. The writeup
is at
Joeseph-
My concern is that this means that the compute filter consumes `every` entry in
the `extra_specs' table. I can imagine scenarios where other filters would
want to put data in `extra_specs' that is not intended for the compute filter.
In fact, we do that today with the trusted filter
On 07/17/2012 05:47 AM, Thomas, Duncan wrote:
Jay Pipes on 16 July 2012 18:31 wrote:
On 07/16/2012 09:55 AM, David Kranz wrote:
Sure, although in this *particular* case the Cinder project is a
bit-for-bit copy of nova-volumes. In fact, the only thing really of
cause for concern are:
Yunhong,
I understand your concern. It has a different purpose than the compute_filter,
so it has its own merit and can co-exist. The question is how much the demand
is...
Thanks,
Joseph
(w) 703-248-6160
(f) 703-812-3712
http://www.east.isi.edu/~jsuh
Information Sciences Institute
US Only ... booo!
From: openstack-bounces+sandy.walsh=rackspace@lists.launchpad.net
[openstack-bounces+sandy.walsh=rackspace@lists.launchpad.net] on behalf of
John Purrier [j...@openstack.org]
Sent: Tuesday, July 17, 2012 11:34 AM
To:
Don,
That's an interesting idea, but I am having a difficulty in understanding why
you want to store extra information (not spec) in instance_type_extra_specs. If
you need to keep some extra information, using or creating another flag or
field in database might be a better place for that? The
Adam Young wrote:
On 07/16/2012 11:59 PM, Jim Fehlig wrote:
I'm working on a patch that adds a column to the compute_nodes table in
the nova db, but it seems my db migration script fails when calling 'db
sync' in stack.sh. I tried running the command manually, same failure:
stack@virt71:~
Joseph-
Basically, Vish Sandy convinced me that the `instance_type_extra_specs' was
the right place to put the trust info, rather than creating a new table. I
like the idea of expanding the idea of extra_specs to be used to store extra
information. I can easily imagine cases where someone
On Mon, 16 Jul 2012 22:45:48 +
Victor Rodionov victor.rodio...@nexenta.com wrote:
Most of patch code was restructured, most of logic was moved to middleware
level and use hooks in Swift code. I create separate project (LFS middleware
https://github.com/nexenta/lfs) for now there are only
Don,
Hmm, so the use of the instance_type_extra_specs is not for specifications
purely any more... I am open to your proposed idea that if there is no
operator, it will ignore the item (that is not original behavior of
compute_filter, though). So, let me wait and see if there are any
That URL works for me. Anyhow, here is the patch:
https://review.openstack.org/gitweb?p=stackforge/ceilometer.git;a=commitdiff;h=2b41a361b83140c1ebabcd3e15dff7502cbaecb6;hp=5affdd159a08f81b33a595fa51ed0cb63aaa70f2
diff --git
On 07/17/2012 11:18 AM, Everett Toews wrote:
On Mon, Jul 16, 2012 at 7:20 PM, Adam Young ayo...@redhat.com
mailto:ayo...@redhat.com wrote:
Usually a Quota is a limitation on a resource. I suspect that the
problem here is we have not nailed down the resource objects that
you would
Hello
I think, that changes that I made can be used by you ZaitcevFS all you
need for this is just add support for it to LFS middleware or build your
own middleware. And your middleware maybe will require special hooks
(setup_partition) for prepare file system for files.
17.07.2012 20:40,
Hello
I think, that changes that I made can be used by you ZaitcevFS all you
need for this is just add support for it to LFS middleware or build your
own middleware. And your middleware may use special hooks
(setup_partition) for prepare file system for files.
17.07.2012 20:40, Pete
On 07/17/2012 01:27 AM, Dan Wendlandt wrote:
Hi Gary, this is an example of when I wish openstack APIs had a
style-guide to try to ensure some consistency across projects.
Yeah, we actually discussed this a long time ago on the PPB and, IIRC,
the decision was made to not have some strict API
On 07/17/2012 11:42 AM, Jim Fehlig wrote:
Hengqing Hu wrote:
There is a test in nova:
You can run run_tests.sh in your nova root like this:
./run_tests.sh -v test_migrations
Thanks for the tip!
To set a breakpoint, you can either run
python -m pdb run_tests.py
or modify your code
Joseph-
Tnx, we couldn't ask for more.
--
Don Dugger
Censeo Toto nos in Kansa esse decisse. - D. Gale
Ph: 303/443-3786
-Original Message-
From: Joseph Suh [mailto:j...@isi.edu]
Sent: Tuesday, July 17, 2012 10:49 AM
To: Dugger, Donald D
Cc: openstack@lists.launchpad.net; Jiang,
On 05/29/2012 01:18 PM, Caitlin Bestler wrote:
One of the major complication I see in the API is that users can be
associated with multiple tenants.
What is the benefit of this? What functionality would be lost if a
human user merely had to use a different account with each tenant?
There
I haven't been thinking about quotas, so bear with me here. A few thoughts:
Certain deployments might not be able to touch the LDAP backend. I am
thinking specifically where there is a corporate AD/LDAP server. I tried to
keep the scheme dependency simple enough that it could be layered
On 07/17/2012 02:42 PM, Ryan Lane wrote:
I haven't been thinking about quotas, so bear with me here. A few thoughts:
Certain deployments might not be able to touch the LDAP backend. I am
thinking specifically where there is a corporate AD/LDAP server. I tried to
keep the scheme dependency
On 07/17/2012 02:53 PM, Adam Young wrote:
On 07/17/2012 02:01 PM, Perry Myers wrote:
CONFIDENTIAL/INTERNAL ONLY (NDA)
Please do not forward this spreadsheet outside of this list. Please do
not talk about any of these features externally as Something Intel has
asked for. We can talk about the
As a non admin user. Querying the keystone v2 API is there a way for me to
get a list of the tenants that I am a member of? Or is that only a v3
thing?
-Matt
___
Mailing list: https://launchpad.net/~openstack
Post to :
On 07/17/2012 03:47 PM, Matt Joyce wrote:
As a non admin user. Querying the keystone v2 API is there a way for
me to get a list of the tenants that I am a member of? Or is that
only a v3 thing?
-Matt
I was just looking into it, and there is no such API yet. The
underlying Identity
On Tue, Jul 17, 2012 at 12:55 PM, Adam Young ayo...@redhat.com wrote:
On 07/17/2012 03:47 PM, Matt Joyce wrote:
As a non admin user. Querying the keystone v2 API is there a way for me
to get a list of the tenants that I am a member of? Or is that only a v3
thing?
-Matt
I was just
The philosophy from the keystone side of the fence is that once you have
non-unique names you can't go back; whereas, it's trivial to go from unique
to non-unique names. So, without a solid business case to push us in either
direction, we started by enforcing uniqueness.
With the Identity API v3
On 07/17/2012 03:55 PM, Matt Joyce wrote:
On Tue, Jul 17, 2012 at 12:55 PM, Adam Young ayo...@redhat.com
mailto:ayo...@redhat.com wrote:
On 07/17/2012 03:47 PM, Matt Joyce wrote:
As a non admin user. Querying the keystone v2 API is there a
way for me to get a list of the
curl -H X-Auth-Token:123456789001234 http://localhost:5000/v2.0/tenants
that seems to do the trick for me for now.
On Tue, Jul 17, 2012 at 1:03 PM, Adam Young ayo...@redhat.com wrote:
On 07/17/2012 03:55 PM, Matt Joyce wrote:
On Tue, Jul 17, 2012 at 12:55 PM, Adam Young ayo...@redhat.com
On 07/17/2012 04:05 PM, Matt Joyce wrote:
curl -H X-Auth-Token:123456789001234http://localhost:5000/v2.0/tenants
that seems to do the trick for me for now.
Ah, I see that is hooked up to: get_tenants_for_token, I was looking
for the wrong API. That then calls: tenant_ids =
Adam speaks lies ;)
Here's a regular user requesting a list of tenants on port 5000 (notice
they only get back 1 tenant):
GET http://localhost:5000/v2.0/tenants
==
X-Auth-Token: a6094f62e38c4fafa57e6edf7bd04961
200 OK
==
Status: 200
Content-Length: 133
+1 The corporate LDAP should be read-only for a source of user, roles and
attributes. Updating the corporate LDAP is not an option in many
environments which can significantly benefit from the structured directory
information available.
Thus, at minimum, allow a r/o LDAP and local DB store for
That's the general area I was going to head with the Active Directory backend
I'm hacking on. Chris Hoge of UOregon presented today (@ OSCON) on a local
keystone hack that they did to enable LDAP AuthN + a fail back to SQL based
system for their scientific computing cluster - follows a very
On Tue, Jul 17, 2012 at 12:56 PM, Adam Young ayo...@redhat.com wrote:
Yes, it is possible to use LDAP for Identity and SQL for the other things,
like Tokens and Policy. Quotas could be done the same way. You just have
to extract the Quotas calls out of the Identity Provider. It might make
Hi,
Just This always happens in Essex release. After I take a snapshot of my VM
( I tried Ubuntu 12.04 or CentOS 5.8), VM can't ping its self floating IP;
before I take a snapshot though, VM can ping its self floating IP.
This looks closely related to https://bugs.launchpad.net/nova/+bug/933640,
Gary,
I think your are making a very good point here.
It is true that the way in which the proposed design (and related patch in
gerrit) addresses only the 'model' problem at the API layer.
I think it is outside of the scope of this blueprint how the plugins, and
then more specifically their
Anyone by any chance know how to read out the auth_token or raw_token that
is acquired in keystoneclient when it performs a client.Client()
Authenticate?
I'd love to be able to read that. And it's totally not documented anywhere
if it exists.
-Matt
On Tue, Jul 17, 2012 at 2:19 PM, Matt Joyce
Hi Kevin,
Overall I really like what you're proposing here. Conceptually this seems
like a comprehensive and scalable solution to the quota issue in OpenStack.
I have a number of questions on it.
Were you envisioning Boson going through the incubation process and
becoming a core project in
Hello all,
I've the openstack (only keystone and swift)setup ready. Now, i want to talk to
this setup from my java application. When i tried to google for java sdk for
openstack, i got two options.
1) java cloud-files from rackspace
(https://github.com/rackspace/java-cloudfiles)
2) Java SDK
Yong,
Regarding the comments you had on whether the owner of the public network
should own the ports attached on it as well, and kind of 'assign' them to
other tenants.
Although I recognize this as a viable approach, I do believe an approach in
which a tenant actually still owns the port even if
Not sure if it's documented outside of tests, but: *
client.Client().auth_token*
from keystoneclient.v2_0 import client
c = client.Client(auth_url='http://localhost:5000/v2.0/',
username='joe', password='secrete', tenant_name='project-x')
print c.auth_token
ec04fe9e554a43d1a853e6c665f3e9b2
Team,
Does anyone know why Quantum is failing to start?
python bin/quantum-server
Traceback (most recent call last):
File bin/quantum-server, line 24, in module
server()
File /opt/stack/quantum/quantum/server/__init__.py, line 34, in main
config.parse(sys.argv)
File
One benefit is the user does not need to have multiple sets of credentials
to interact with multiple projects.
Jason
From: openstack-bounces+jason.rouault=hp@lists.launchpad.net
[mailto:openstack-bounces+jason.rouault=hp@lists.launchpad.net] On
Behalf Of Adam Young
Sent: Tuesday,
I tried this backport in my mini environment, it looks like works fine.
Thank you, Gabriel.
Thanks,
Sam
On Sun, Jul 15, 2012 at 12:19 AM, Gabriel Hurley
gabriel.hur...@nebula.comwrote:
Already happened.
https://github.com/openstack/horizon/commit/fec36c45dbbca4f3b446cdb231f53e4ab2f6f507
I have tried with both KVM and qemu. Solaris starts to boot and hits
grub then cycles boot. Anyone experienced this?
___
Mailing list: https://launchpad.net/~openstack
Post to : openstack@lists.launchpad.net
Unsubscribe :
I suspect that you need the right solaris (more likely illumos) bits
to get guest side support for virtio. We tried a while ago and the
default openindiana at the time didn't work.
-nld
On Tue, Jul 17, 2012 at 7:43 PM, Joshua j...@root.bz wrote:
I have tried with both KVM and qemu. Solaris
On Mon, Jul 16, 2012 at 3:30 AM, Gary Kotton gkot...@redhat.com wrote:
Hi,
The patch
https://review.openstack.org/#**/c/9591/https://review.openstack.org/#/c/9591/contains
the initial support for the scalable agents (this is currently
implemented on the linux bridge). At the moment this
Hi Edgar,
The easiest thing to do right now is to delete the following line from
your quantum.conf (And any line that does not have anything after the
'=' ).
api_extensions_path =
Alternatively, you could apply the following patch:
https://review.openstack.org/#/c/9892/
Thanks,
Aaron
On
On 07/17/2012 06:06 PM, Matt Joyce wrote:
Anyone by any chance know how to read out the auth_token or raw_token
that is acquired in keystoneclient when it performs a client.Client()
Authenticate?
The token is just a UUID, randomly generated.
In the PKI proposal, it is a base64 encoding of a
Hi Salvatore,
I have a few questions regarding your proposal mostly related to L3 services.
I've read in another thread that L3 services are out of Quantum's scope for
Folsom, but I'd like to know how this public network model would work
with those services.
1. What are the assumptions for
So creating the configuration file used to be done automatically via a
nova-manage project zipfile, but it got removed along with the deprecated auth
removal. A user should be able to generate the required certificate and private
key from nova using novaclient via:
nova x509-create-cert (it
Thanks!
Edgar
-Original Message-
From: Aaron Rosen [mailto:aro...@nicira.com]
Sent: Tuesday, July 17, 2012 6:28 PM
To: Edgar Magana (eperdomo)
Cc: openstack@lists.launchpad.net
Subject: Re: [Openstack] [Quantum] Quantum servers fails to start
Hi Edgar,
The easiest thing to do right
hi, all
My team is trying to deploy openstack in production environment.
We tried to get libvirt + xen 3.4.3 + CenOS 5.4 + Openstack 2012.2
working, but encountered lots of issues.
We already have thousands of virtual machines running in production,
and that's why we
I'd suggest: CentOS 6.3/RHEL 6.3 + KVM + OpenStack Essex, you may
replace CentOS with Ubuntu/Fedora if you want. If you are big fan of
Xen or having huge legacy PV VMs, you might want to try XenServer +
XenAPI + OpenStack Essex.
On Wed, Jul 18, 2012 at 12:20 PM, Wang Li fox...@gmail.com wrote:
Forcing a user to remember different usernames and/or passwords for each
project they are a part of, when it is possible they are part of N projects,
really isn't an acceptable option in my opinion.
I believe that regardless of the engineering complexities, the end users
shouldn't have to feel
at 20120717
69 matches
Mail list logo