Re: [openstack-dev] PGP keysigning party for Juno summit in Atlanta?
On 03/30/2014 10:00 AM, Mark Atwood wrote: Hi! Are there plans for a PGP keysigning party at the Juno Summit in Atlanta, similar to the one at the Icehouse summit in Hong Kong? Inspired by the URL at https://wiki.openstack.org/wiki/OpenPGP_Web_of_Trust/Icehouse_Summit I looked for https://wiki.openstack.org/wiki/OpenPGP_Web_of_Trust/Juno_Summit to discover that that wiki page does not yet exist and I do not have permission to create it. ..m If there's none, then we should do one. One thing about last key signing party, is that I didn't really like the photocopy method. IMO, it'd be much much nicer to use a file, posted somewhere, containing all participant fingerprints. To check for that file validity, together, we check for its sha256 sum (someone say it out loud, while everyone is checking for its own copy). And everyone, individually, checks for its own PGP fingerprint inside the file. Then we just need to validate entries in this file (with matching ID documents). Otherwise, there's the question of the trustability of the photocopy machine and such... Not that I don't trust Jimmy (I do...)! :) Plus having a text file with all fingerprints in it is more convenient: you can just cut/past the whole fingerprint and do gpg --recv-keys at once (and not just the key ID, which is unsafe because prone to brute-force). That file can be posted anywhere, provided that we check for its sha256 sum. I would happily organize this, if someone can find a *quite* room with decent network. Who can take care of the place and time? Of course, We will need need the fingerprints of every participant in advance, so the wiki page would be useful as well. I therefore created the wiki page: https://wiki.openstack.org/wiki/OpenPGP_Web_of_Trust/Juno_Summit Please add yourself. We'll see if I can make it to Atlanta, and organize something later on. Cheers, Thomas Goirand (zigo) ___ OpenStack-dev mailing list OpenStack-dev@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
Re: [openstack-dev] [Neutron] Problem plugging I/F into Neutron...
Hi Paul,
Please be aware that there was also change in nova to support ovs_hybrid_plug:
https://review.openstack.org/#/c/83190/
I am not sure, but maybe worth to check nova code and nova.conf you are using
to be aligned with neutron code.
Hope it helps,
Irena
From: Paul Michali (pcm) [mailto:p...@cisco.com]
Sent: Saturday, March 29, 2014 1:17 AM
To: openstack-dev@lists.openstack.org
Subject: [openstack-dev] [Neutron] Problem plugging I/F into Neutron...
Hi,
I have a VM that I start up outside of OpenStack (as a short term solution,
until we get it working inside a Nova VM), using KVM. It has scrips associated
with the three interfaces that are created, to hook this VM into Neutron. One
I/F is on br-ex (connected to the public network for DevStack), another to
br-int (connected to a management network that is created), and a third is
connected to br-int (connected to the private network for DevStack). It's
understood these are hacks to get things going and can be brittle. With
DevStack, I have a vanilla localrc, so using ML2, without any ML2 settings
specified.
Now, the first two scripts use internal Neutron client calls to create the
port, and then plug the VIF. The third, uses Neutron to create the port, and
then Nova to plug the VIF. I don't know why - I inherited the scripts.
On one system, where Nova is based on commit b3e2e05 (10 days ago), this all
works just peachy. Interfaces are hooked in and I can ping to my hearts
content. On another system, that I just reimaged today, using the latest and
greatest OpenStack projects, the third script fails.
I talked to Nova folks, and the vic is now an object, instead of a plain dict,
and therefore calls on the object fail (as the script just provides a dict). I
started trying to convert the vif to an object, but in discussing with a
co-worker, we thought that we could too use Neutron calls for all of the setup
of this third interface.
Well, I tried, and the port is created, but unlike the other system, the port
is DOWN, and I cannot ping to or from it (the other ports still work fine, with
this newer OpenStack repo). One difference is that the port is showing
{port_filter: true, ovs_hybrid_plug: true} for binding:vif_details, in the
neutron port-show output. On the older system this is empty (so must be new
changes in Neutron?)
Here is the Neutron based code (trimmed) to do the create and plugging:
import neutron.agent.linux.interface as vif_driver
from neutronclient.neutron import client as qclient
qc = qclient.Client('2.0', auth_url=KEYSTONE_URL, username=user,
tenant_name=tenant, password=pw)
prefix, net_name = interface.split('__')
port_name = net_name + '_p'
try:
nw_id = qc.list_networks(name=net_name)['networks'][0]['id']
except qcexp.NeutronClientException as e:
...
p_spec = {'port': {'admin_state_up': True,
'name': port_name,
'network_id': nw_id,
'mac_address': mac_addr,
'binding:host_id': hostname,
'device_id': vm_uuid,
'device_owner': 'compute:None'}}
try:
port = qc.create_port(p_spec)
except qcexp.NeutronClientException as e:
...
port_id = port['port']['id']
br_name = 'br-int'
conf = cfg.CONF
config.register_root_helper(conf)
conf.register_opts(vif_driver.OPTS)
driver = vif_driver.OVSInterfaceDriver(cfg.CONF)
driver.plug(nw_id, port_id, interface, mac_addr, br_name)
Finally, here are the questions (hope you stuck with the long message)...
Any idea why the neutron version is not working? I know there were a bunch of
recent changes.
Is there a way for me to turn off the ova_hybrid_plug and port_filter flags?
Should I?
Should I go back to using Nova and build a VIF object?
If so, any reason why the Neutron version would not work?
Is there a way to do a similar thing, but via using Northbound APIs (so it
isn't as brittle)?
Thanks in advance!
PCM (Paul Michali)
MAIL . p...@cisco.commailto:p...@cisco.com
IRC ... pcm_ (irc.freenode.comhttp://irc.freenode.com)
TW @pmichali
GPG Key ... 4525ECC253E31A83
Fingerprint .. 307A 96BB 1A4C D2C7 931D 8D2D 4525 ECC2 53E3 1A83
___
OpenStack-dev mailing list
OpenStack-dev@lists.openstack.org
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
Re: [openstack-dev] [glance] Switching from sql_connection to [database] connection ?
Hi We have no plan to update sample template in I release for it, but https://review.openstack.org/#/c/77379/ is on reviewing, IFY. zhiyan Sent from my iPad On 2014年3月30日, at 13:04, Tom Fifield t...@openstack.org wrote: On 27/02/14 18:47, Flavio Percoco wrote: On 27/02/14 12:12 +0800, Tom Fifield wrote: Hi, As best I can tell, all other services now use this syntax for configuring database connections: [database] connection = sqlite:///etc,omg whereas glance appears to still use [DEFAULT] ... sql_connection = sqlite:///etc,omg Is there a plan to switch to the former during Icehouse development? From a user standpoint it'd be great to finally have consistency amoungst all the services :) It already did. It looks like the config sample needs to be updated. To be more precise, `sql_connection` is marked as deprecated.[0] [0] https://github.com/openstack/glance/blob/master/glance/openstack/common/db/sqlalchemy/session.py#L329 Just noting that the sample config has still not been updated. Regards, Tom ___ OpenStack-dev mailing list OpenStack-dev@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev ___ OpenStack-dev mailing list OpenStack-dev@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
Re: [openstack-dev] PGP keysigning party for Juno summit in Atlanta?
Excerpts from Thomas Goirand's message of 2014-03-29 23:32:55 -0700: On 03/30/2014 10:00 AM, Mark Atwood wrote: Hi! Are there plans for a PGP keysigning party at the Juno Summit in Atlanta, similar to the one at the Icehouse summit in Hong Kong? Inspired by the URL at https://wiki.openstack.org/wiki/OpenPGP_Web_of_Trust/Icehouse_Summit I looked for https://wiki.openstack.org/wiki/OpenPGP_Web_of_Trust/Juno_Summit to discover that that wiki page does not yet exist and I do not have permission to create it. ..m If there's none, then we should do one. One thing about last key signing party, is that I didn't really like the photocopy method. IMO, it'd be much much nicer to use a file, posted somewhere, containing all participant fingerprints. To check for that file validity, together, we check for its sha256 sum (someone say it out loud, while everyone is checking for its own copy). And everyone, individually, checks for its own PGP fingerprint inside the file. Then we just need to validate entries in this file (with matching ID documents). Otherwise, there's the question of the trustability of the photocopy machine and such... Not that I don't trust Jimmy (I do...)! :) If we follow either of these methods: http://keysigning.org/methods/sassaman-efficient http://keysigning.org/methods/sassaman-projected Then everyone should bring their own copy of the file. Note that this implies that one is using their own trusted equipment to do this or verifying painfully that nothing has been altered during that process. So it is important that we socialize this and have people ready _before_ the summit, so they can print at home. The point is, users should still _print it themselves_ to avoid a mass compromise of the key signing process at the time of duplication/printing. Now, having somebody else print the lists is fine as long as you have key owners look at your copy and verify the fingerprint on your list. This is _extremely_ inefficient compared to the Sassaman Efficient protocol, but it works o-k for small groups, as the person can verify your list while you're verifying their government ids, and you can do the same for them. I would suggest making these photocopies on an odd color of paper so that key owners can know to ask for the list to verify it, rather than letting unknowing lazy signers get away with trusting the photocopy. Plus having a text file with all fingerprints in it is more convenient: you can just cut/past the whole fingerprint and do gpg --recv-keys at once (and not just the key ID, which is unsafe because prone to brute-force). That file can be posted anywhere, provided that we check for its sha256 sum. I would happily organize this, if someone can find a *quite* room with decent network. Who can take care of the place and time? There is zero network necessary for the party. In fact it is sort of discouraged, as having network would distract from the single-minded and very social purpose of the party. Or are you requesting a room to do the list creation? Of course, We will need need the fingerprints of every participant in advance, so the wiki page would be useful as well. I therefore created the wiki page: https://wiki.openstack.org/wiki/OpenPGP_Web_of_Trust/Juno_Summit Thanks!! Please add yourself. We'll see if I can make it to Atlanta, and organize something later on. Done. I'm happy to pick up facilitation of this process if you can't make it. Cheers, Thomas Goirand (zigo) ___ OpenStack-dev mailing list OpenStack-dev@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
[openstack-dev] [horizon] Cannot login to dashboard
Hello, guys, I'm new in Horizon. Can anybody tell me how can I login to my local OpenStack dashboard? -- Best regards, Andrew Chul. ___ OpenStack-dev mailing list OpenStack-dev@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
Re: [openstack-dev] [horizon] Cannot login to dashboard
Hello Andrew, If you use devstack you could use admin or demo like user name. Regards, Floren. 2014-03-30 18:34 GMT+02:00 Andrew Chul andymitr...@gmail.com: Hello, guys, I'm new in Horizon. Can anybody tell me how can I login to my local OpenStack dashboard? -- Best regards, Andrew Chul. ___ OpenStack-dev mailing list OpenStack-dev@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev ___ OpenStack-dev mailing list OpenStack-dev@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
[openstack-dev] [heat] Standing down as PTL
I don't intend to run for PTL for the Juno cycle; thankfully there are many Heat developers who would do a great job. Hopefully this wasn't a one-off though. I may run again for Kilmacow, Lacrosse or Mooball. cheers ___ OpenStack-dev mailing list OpenStack-dev@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
Re: [openstack-dev] PGP keysigning party for Juno summit in Atlanta?
On 2014-03-30 09:05:51 -0700 (-0700), Clint Byrum wrote: [...] Now, having somebody else print the lists is fine as long as you have key owners look at your copy and verify the fingerprint on your list. This is _extremely_ inefficient compared to the Sassaman Efficient protocol, but it works o-k for small groups, as the person can verify your list while you're verifying their government ids, and you can do the same for them. [...] I completely agree, but I didn't have information disseminated far enough in advance last time and had to punt by printing a stack myself. This was entirely my fault--the original idea was that for the Icehouse summit we'd jump-start our WoT by trading signatures between members of the Release Cycle Management and Infrastructure programs, and then involve the wider development community during the Juno summit. When requests to do something more formal sprang up shortly beforehand, I ended up making a course correction with little time for proper planning. We can, and will, do better! -- Jeremy Stanley ___ OpenStack-dev mailing list OpenStack-dev@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
Re: [openstack-dev] PGP keysigning party for Juno summit in Atlanta?
On 2014-03-30 14:32:55 +0800 (+0800), Thomas Goirand wrote: [...] One thing about last key signing party, is that I didn't really like the photocopy method. [...] Nor did I, but it was a last-minute production since I didn't expect the majority of attendees to bring cards with their own key fingerprints because they don't (yet) operate in circles where keysigning is commonplace. There are much better methods for high-volume KSPs (Clint links to my favorites in his message later in the thread, so I won't) and we should use one of those this time. -- Jeremy Stanley ___ OpenStack-dev mailing list OpenStack-dev@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
[openstack-dev] [Mistral] Community meeting reminder - 03/30/2014
Hi, This is a reminder that we’ll have a community meeting today as usually at 16.00 UTC at #openstack-meeting. Here’s the agenda (also at https://wiki.openstack.org/wiki/Meetings/MistralAgenda): Review action items Current status (quickly by team members) POC scope and readiness Mistral on top of TaskFlow prototype - summary, next steps Open discussion Looking forward to see you there. Dmitri Zimine @ StackStorm PS. Hope Renat is coming back this week. ___ OpenStack-dev mailing list OpenStack-dev@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
[openstack-dev] 答复: New stackforge project: Openstackdroid
It’s a nice idea. I am not quite familiar with android native app development, but I have some experience on mobile webapps based on jqm and phonegap. I am a little curious to know whether Openstackdroid can use a mobile webapp infrastructure so it is portable across different mobile platforms? -Hao 发件人: Ricardo Carrillo Cruz [mailto:ricardo.carrillo.c...@gmail.com] 发送时间: 2014年3月31日 0:01 收件人: openstack-dev@lists.openstack.org 主题: [openstack-dev] New stackforge project: Openstackdroid Hello guys I'd like to let you know about my humble code contribution to Openstack, an Android application to access Openstack clouds: http://git.openstack.org/cgit/stackforge/openstackdroid/ https://launchpad.net/openstackdroid It's currently quite alpha, it can login to Openstack clouds and access data with your user/pass/tenant ID, no write operations yet. I encourage developers to grab the code, hack it and send out suggestions, patches or whatever you may think of :-) . Kind regards ___ OpenStack-dev mailing list OpenStack-dev@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
[openstack-dev] Doc to with pointers on how to review?
Hi, Just wondering, do we have a document somewhere that educates people on how to do a code review? eg giving a few pointers that reviewers for a particular project normally look for So far everything I've seen (aside from https://wiki.openstack.org/wiki/GerritJenkinsGit#Reviewing_a_Change) is written from the perspective of how the review process works when you're submitting a patch and others are reviewing your code. However, it's early in the morning and it's likely my google-fu is at low levels ... perhaps such a doc exists? Maybe on a blog somewhere? Regards, Tom ___ OpenStack-dev mailing list OpenStack-dev@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
[openstack-dev] [Neutron] servicevm: weekly servicevm IRC meeting
Hi. This is a reminder mail for the servicevm IRC meeting April 1, 2014 Tuesdays 5:00(AM)UTC- - status update - dividing the blueprints into smaller elemental ones -- Isaku Yamahata isaku.yamah...@gmail.com ___ OpenStack-dev mailing list OpenStack-dev@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
Re: [openstack-dev] [horizon] Cannot login to dashboard
Well, I've used this quickstart guide http://docs.openstack.org/developer/horizon/quickstart.html Is it necessary to set up DevStack anyway? 2014-03-30 23:27 GMT+04:00 Floren Llanos florenlla...@gmail.com: Hello Andrew, If you use devstack you could use admin or demo like user name. Regards, Floren. 2014-03-30 18:34 GMT+02:00 Andrew Chul andymitr...@gmail.com: Hello, guys, I'm new in Horizon. Can anybody tell me how can I login to my local OpenStack dashboard? -- Best regards, Andrew Chul. ___ OpenStack-dev mailing list OpenStack-dev@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev ___ OpenStack-dev mailing list OpenStack-dev@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev -- С уважением, Андрей Чуль. ___ OpenStack-dev mailing list OpenStack-dev@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
Re: [openstack-dev] Doc to with pointers on how to review?
On Mon, Mar 31, 2014 at 5:57 AM, Tom Fifield t...@openstack.org wrote: Hi, Just wondering, do we have a document somewhere that educates people on how to do a code review? eg giving a few pointers that reviewers for a particular project normally look for Hi Tom, The closest to your description document is: https://wiki.openstack.org/wiki/ReviewChecklist ___ OpenStack-dev mailing list OpenStack-dev@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
Re: [openstack-dev] Doc to with pointers on how to review?
On 31/03/14 12:24, Ruslan Kamaldinov wrote: On Mon, Mar 31, 2014 at 5:57 AM, Tom Fifield t...@openstack.org wrote: Hi, Just wondering, do we have a document somewhere that educates people on how to do a code review? eg giving a few pointers that reviewers for a particular project normally look for Hi Tom, The closest to your description document is: https://wiki.openstack.org/wiki/ReviewChecklist Thanks! That's just what I was looking for :) Now to link to it from everywhere... Regards, Tom ___ OpenStack-dev mailing list OpenStack-dev@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
Re: [openstack-dev] Doc to with pointers on how to review?
Tom Fifield wrote: Just wondering, do we have a document somewhere that educates people on how to do a code review? eg giving a few pointers that reviewers for a particular project normally look for I asked this very question on IRC a few days ago, and was pointed at https://wiki.openstack.org/wiki/ReviewChecklist There are any number of projects that may have specific requirements that aren't documented on that page (please add them), but I found that having read that gave me great confidence to submit more reviews. -- Emmet HIKORY ___ OpenStack-dev mailing list OpenStack-dev@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
Re: [openstack-dev] [Mistral] task update at end of handle_task in executor
I agree with all the explanations given here. On Thu, Mar 27, 2014 at 9:47 AM, Manas Kelshikar ma...@stackstorm.com wrote: Yes. It is a bug and should be done before line 119: self._do_task_action(db_task). It can definitely lead to bugs especially since _do_task_action itself updates the status. On Wed, Mar 26, 2014 at 8:46 PM, W Chan m4d.co...@gmail.com wrote: In addition, for sync tasks, it'll overwrite the task state from SUCCESS to RUNNING. Guys, good catch. Has it been addressed yet? Renat Akhmerov @ Mirantis Inc. ___ OpenStack-dev mailing list OpenStack-dev@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
[openstack-dev] [Aws as a seervice] Jumpgate review
A good article mentioned here: http://bodenr.blogspot.fr/2014/03/managing-openstack-softlayer-resources.html for me, it's a gateway instead of I think our better approach of drivers inside openstack. I would imagine it's not a static one and would pass down everything it doesn't know about. If we had time/resources it would have been nice to quickly evaluate this (that blog article should help since pretty hands-on and detailled). Chmouel. ___ OpenStack-dev mailing list OpenStack-dev@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
Re: [openstack-dev] New stackforge project: Openstackdroid
Hi Ricardo, The title of 'Android application to access Openstack clouds' certainly sounds nice to me, but since i am not a Spanish speaker I find it hard to understand what this project is about. Do you have also information about functional specifications and architecture in English? All the best, Gil Vernik. From: Ricardo Carrillo Cruz ricardo.carrillo.c...@gmail.com To: openstack-dev@lists.openstack.org, Date: 30/03/2014 07:03 PM Subject:[openstack-dev] New stackforge project: Openstackdroid Hello guys I'd like to let you know about my humble code contribution to Openstack, an Android application to access Openstack clouds: http://git.openstack.org/cgit/stackforge/openstackdroid/ https://launchpad.net/openstackdroid It's currently quite alpha, it can login to Openstack clouds and access data with your user/pass/tenant ID, no write operations yet. I encourage developers to grab the code, hack it and send out suggestions, patches or whatever you may think of :-) . Kind regards___ OpenStack-dev mailing list OpenStack-dev@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev ___ OpenStack-dev mailing list OpenStack-dev@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
[openstack-dev] [nova][vmware] spawn() refactor: proposal to address branch complexity
Work has begun to convert a bunch of nested functions in VMwareVMOps::spawn()
to improve its {read,test,review}-ability.
(See https://blueprints.launchpad.net/nova/+spec/vmware-spawn-refactor)
Much of it has already been hashed out in irc, so not much to add here.
But this work in very unlikely to address the other main issue with the method,
which is that it will continue to contain a large block of hard-to-follow code
with a high level of branches unless something is done about it.
Presented here is a proposal to address the above-mentioned issue:
https://etherpad.openstack.org/p/vmware-spawn-refactor-design
The TL;DR version:
Through analyzing the current code as well several proposed functional changes
that would affect it, it was found that the areas of variability in the method
centers mostly around how the image is obtained, processed, and eventually
employed by a newly created instance. So, the proposal is to refactor the
method by building some structure around those three areas of responsibilities.
The result should hopefully lead to shorter, more decoupled code, as well as
facilitate future additions to those areas in a more isolated fashion.
A draft implementation of the proposal is at:
https://review.openstack.org/#/c/82958/
I am interested to hear opinions on whether this is a reasonable approach to
take, as well as other suggestions/comments related to this topic.
Cheers,
Vui
___
OpenStack-dev mailing list
OpenStack-dev@lists.openstack.org
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
[openstack-dev] [Swift] Request's Round trip time
Hi I want to see the Round Trip Time for swift request in proxy log. I am able to see RTT for failures and timeouts and no RTT for normal requests. Do I need to set and config param. Thanks sumit ___ OpenStack-dev mailing list OpenStack-dev@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
