From: Eric Day [e...@oddments.org]
> The extra cost is this introduces a new type. If we are going with an
> authenticated user returning a list of accounts or account/action
> tuples, then having another type for resource groups seems
> excessive. It seems we only need one mapping layer here, not
On Tue, Apr 05, 2011 at 01:53:46AM +, Sandy Walsh wrote:
> From: Vishvananda Ishaya [vishvana...@gmail.com]
> > Eric:
> > I agree that your suggestion is simpler, but I think we are too limited if
> > we remove multi-membership and per-
> > object overrides. Imagine that alice is an organizat
From: Vishvananda Ishaya [vishvana...@gmail.com]
> Eric:
> I agree that your suggestion is simpler, but I think we are too limited if we
> remove multi-membership and per-
> object overrides. Imagine that alice is an organization that has 10 users
> and a lot of instances. If i create a group
>
Hi Vish,
On Mon, Apr 04, 2011 at 05:56:38PM -0700, Vishvananda Ishaya wrote:
> I agree that your suggestion is simpler, but I think we are too limited if we
> remove multi-membership and per-object overrides. Imagine that alice is an
> organization that has 10 users and a lot of instances. If
> From: Vishvananda Ishaya [vishvana...@gmail.com]
> I don't see how one would give access to an entire organization at once.
We don't need to. When a user auths into the SP world we get a set of
permissions for that user from MyCo. If everyone in MyCo auth'ed against the SP
they would all hav
From: Eric Day [e...@oddments.org]
> Service Provider zones could be configured to access authz.myco.com
> for any authentication requests that come in for the myco.com namespace.
Hmm, yes I think that might be possible (with the obvious performance
concerns).
My concern was that we would have
hi,
I've been trying to get https://github.com/rackspace/csharp-cloudfiles
to work with a local Swift install, but no dice yet. Has anybody else
succeeded with that?
(I happen to be running it all on Mono on Mac OS X oh brother. I
hacked up a demo C# app myself that does successful REST AuthN and
Eric:
I agree that your suggestion is simpler, but I think we are too limited if we
remove multi-membership and per-object overrides. Imagine that alice is an
organization that has 10 users and a lot of instances. If i create a group
called alice_shares, then I have to remember to add all of
I don't see how one would give access to an entire organization at once. That
was the purpose of returning multiple subjects from auth in the other proposal.
If I want to give everyone in the "bar" organization in my instance, the check
somehow has to be able to find out that bob is a member o
On Mon, Apr 04, 2011 at 06:15:42PM -0500, Greg Holt wrote:
>
> On Apr 4, 2011, at 5:58 PM, Zed A. Shaw wrote:
>
> > Yep, that's what I ended up doing, also there's a few discrepancies
> > between LOG_LEVEL0 as the "default" in the docs, rsyslog not being
> > configured with LOG_LEVEL0, and the us
Hey guys,
I'm referring to the restoration of a persistent VM in the event that a host
fails. Obviously replication of the volume to another or several other machines
is required along with some resource scheduling and re-replicating the degraded
volume after the failure.
On 04/04/2011, at
Hi Sandy,
Thanks for putting this together, it really helps to facilitate the
discussion. I do have a couple concerns though with this latest design.
The AuthZ services talk to each other. I don't see why this should
be happening, since a zone can be configured to talk with a number
of authz serv
On Mon, Apr 04, 2011 at 05:54:53PM -0500, Michael Barton wrote:
> On Mon, Apr 4, 2011 at 4:50 PM, Zed A. Shaw wrote:
> > I'm currently trying to debug some changes to the Swift proxy server and
> > finding the logging facilities a little obtuse. Reading through:
>
> Most tracebacks should go to
On Mon, Apr 4, 2011 at 4:50 PM, Zed A. Shaw wrote:
> I'm currently trying to debug some changes to the Swift proxy server and
> finding the logging facilities a little obtuse. Reading through:
Most tracebacks should go to the logs, but yeah, there just isn't a
lot of debug-level logging in the
I'm trying to understand how best to implement our architecture-aware scheduler
for Diablo:
https://blueprints.launchpad.net/nova/+spec/schedule-instances-on-heterogeneous-architectures
Right now our scheduler is similar in approach to SimpleScheduler with a few
extra filters on instances and co
I'm currently trying to debug some changes to the Swift proxy server and
finding the logging facilities a little obtuse. Reading through:
http://swift.openstack.org/deployment_guide.html#general-server-configuration
It seems there's an ability to do this:
log_level = INFO
Which, to me means I
> > I also worked on swift. Can you have a look? I'm not so sure what I did
> > is fully correct yet, because I didn't succeed in running everything
> > fully. It seems that swift doesn't like using device-mapper as
> > partitions, is that correct? Which leads me to reinstall my test server
> > fro
> Hello,
>
> I do not know if you can help me, but if this is not the case, I
> apologize in advance.
>
> my name is Khalid abbou, Moroccan, I am currently in 3rd yearengineering
> student at the National Institute of Posts andTelecommunications (INPT), and
> as part of my final projec
Hello,
I do not know if you can help me, but if this is not the case, I
apologize in advance.
my name is Khalid abbou, Moroccan, I am currently in 3rd yearengineering
student at the National Institute of Posts andTelecommunications (INPT), and
as part of my final project thatstudies on "
2011/4/4 Thomas Goirand :
> I'm Cc:-ing the list (and changed this silly subject that I used), if
> you don't mind.
Sure. We usually do this through merge proposals, though, but whatever
works.
> On 04/04/2011 08:42 PM, Soren Hansen wrote:
>> * You refer to a "cloud controller". There's no such
Phew, ok, I've boiled down the various federated AuthZ discussions with eday,
vish & jorge.
I've superseded the old blueprint since the bulk of the work is clearly in the
Federated AuthZ camp and not the AuthN camp.
http://wiki.openstack.org/FederatedAuthZwithZones
Shorter and more succinct.
hi,
Anybody know of any purely web-browser-client-side-javascript to
upload a file to a Swift install? (From what I've googled up on it so
far there isn't, and even if there were it would need to deal with
security issues. I've seen a Flash tool for uploading directly to S3
but I suspect the authn
Hi everyone -
I have been hemming and hawing on this for a while (wow, that's some
idiomatic speech there), but I'm pleased to let you know we're having a
dedicated doc day prior to the Cactus release.
This Wednesday, April 6th, you can drop everything and give yourself
permission to focus just on
On Mon, Apr 4, 2011 at 3:27 PM, Jay Pipes wrote:
> Persistence != HA. What are we talking about here? Both? I'm not sure...
Agree. Replication has to do more with DR services than HA. I tried to
prioritize instances Highly Avalaible and persistent instances (two
different features) before DR.
>
Persistence != HA. What are we talking about here? Both? I'm not sure...
-jay
On Mon, Apr 4, 2011 at 12:20 AM, Jacob Gardiner wrote:
> I think the lines are blurring slightly.
> It's not the responsibility of the infrastructure layer to ensure that the
> application layer self-heals after an uns
Hi everyone,
We have until the end of Thursday to fix random bugs, after that we'll
go into GammaFreeze, which enforces more controls on what goes in
(basically, "is the benefit of the bugfix worth the risk of regression
it brings in"). So let's get as many bugfixes in as we can until then.
Thank
On Apr 2, 2011, at 10:03 PM, Jagane Sundar wrote:
> I was wondering if there has been any progress on the following proposal:
>
> http://wiki.openstack.org/RequestCapabilities
>
> I am interested in implementing 'thin provisioning' capability using the
> framework outlined at the above webpage.
27 matches
Mail list logo