Thursday, 2016-07-07

*** nkinder has quit IRC00:02
*** randallburt1 has quit IRC00:08
*** zz_dimtruck is now known as dimtruck00:22
*** david-lyle has quit IRC00:42
*** alee_ has quit IRC00:43
*** alee_ has joined #openstack-barbican00:55
*** woodster_ has quit IRC02:59
*** diazjf has joined #openstack-barbican03:16
*** diazjf has quit IRC03:20
openstackgerritOpenStack Proposal Bot proposed openstack/barbican: Updated from global requirements
*** jamielennox is now known as jamielennox|away03:43
*** nkinder has joined #openstack-barbican03:47
*** jamielennox|away is now known as jamielennox03:56
*** nkinder has quit IRC04:02
*** asingh has quit IRC04:25
*** jamielennox is now known as jamielennox|away04:35
*** jamielennox|away is now known as jamielennox04:42
*** dimtruck is now known as zz_dimtruck04:43
*** andreas_s has joined #openstack-barbican06:31
openstackgerrithongzhezheng proposed openstack/python-barbicanclient: Fix argument order for assertEqual to (expected, observed)
*** jsheeren has joined #openstack-barbican07:10
openstackgerritMax Abidi proposed openstack/python-barbicanclient: Validate key order meta fields.
*** openstackgerrit has quit IRC08:18
*** openstackgerrit has joined #openstack-barbican08:18
*** pcaruana has joined #openstack-barbican08:30
*** alee_ has quit IRC09:11
openstackgerritJiong Liu proposed openstack/barbican: Barbican tests fail because of incomplete test dependencies
openstackgerritBin Zhou proposed openstack/barbican: Correct reraising of exception
*** qwebirc82289 has joined #openstack-barbican12:16
*** alee has joined #openstack-barbican13:03
qwebirc82289hi everyone13:13
qwebirc82289I am a university student and I configured barbicab with cinder and nova for Volume encryption. my question is: is it possible to rotate the key(s) used to encrypt the volume? how it works?13:13
qwebirc82289can I set yearly rotation schedule?13:14
*** woodster_ has joined #openstack-barbican13:21
*** jsheeren has quit IRC13:23
*** nkinder has joined #openstack-barbican13:32
*** zz_dimtruck is now known as dimtruck13:38
*** sigmavirus_away is now known as sigmavirus13:45
openstackgerritJiong Liu proposed openstack/barbican: Move rabbit configurations to oslo_messaging_rabbit section
*** dimtruck is now known as zz_dimtruck13:58
*** qwebirc82289 has quit IRC14:04
*** jmckind has joined #openstack-barbican14:08
*** alee_ has joined #openstack-barbican14:12
*** alee has quit IRC14:14
*** spotz_zzz is now known as spotz14:15
*** zz_dimtruck is now known as dimtruck14:21
*** spotz is now known as spotz_zzz14:32
*** spotz_zzz is now known as spotz14:44
*** randallburt has joined #openstack-barbican14:50
*** randallburt1 has joined #openstack-barbican14:52
*** randallburt has quit IRC14:54
*** dave-mccowan has joined #openstack-barbican14:59
*** rhagarty__ has quit IRC15:03
*** diazjf has joined #openstack-barbican15:03
alee_dave-mccowan, ping15:04
alee_hyakuhei, ping15:04
*** diazjf1 has joined #openstack-barbican15:05
dave-mccowanalee_ hi ade15:05
alee_dave-mccowan, hey - are you using barbican for encrypted volumes?15:06
dave-mccowanalee_ only as a proof of concept15:06
alee_dave-mccowan, I'm just wondering what the latest config changes needed are for nova and cinder in order to work15:07
alee_dave-mccowan, I remember making a bunch of changes , but was not sure if they were still all needed15:07
*** diazjf has quit IRC15:08
dave-mccowanalee_ i haven't tried in a while.  i'm not sure if more is built-in now.15:11
alee_dave-mccowan, specifically I remember doing this --
alee_not sure if all the urls are needed -- well, guess I'll wait for kfarr15:12
dave-mccowanalee_ that's what i have too; i have the same config parameters in a devstack local.conf. i don't know if castellan integration has improved that since last year.15:16
alee_dave-mccowan, thats what I was wondering .. anyways I'll start with that15:17
*** andreas_s has quit IRC15:29
*** asingh has joined #openstack-barbican15:34
*** dimtruck is now known as zz_dimtruck15:40
*** pcaruana has quit IRC15:49
diazjf1alee_, kfarr, redrobot, added you to some talks. Make sure you add a picture and profile information. Feel free to edit the abstract as well.16:01
alee_diazjf1, thanks - will do16:02
diazjf1redrobot, I will be sending an email to the mailing list about the midcycle tonight or friday morning. Its been hard getting everything setup but I think it will go well :)16:03
diazjf1hyakuhei, see you there man!!16:04
hyakuheiI’m very excited. So diazjf1 I can tell people to book plane tickets?16:05
diazjf1hyakuhei, sure! It'll be in Austin for sure! If worst comes to worst we can do it at a coffee shop lol16:06
hyakuheiWalking around Austin in the middle of August. What could go wrong?16:06
diazjf1hyakuhei, We have rooms booked, not the same room each day unfortunately. I still need to plan some "team-building" events, like visit the bars ;)16:07
*** edtubill has joined #openstack-barbican16:29
*** asingh has quit IRC16:41
*** asingh has joined #openstack-barbican16:53
*** zz_dimtruck is now known as dimtruck17:20
*** diazjf1 has quit IRC17:20
*** edtubill has quit IRC17:45
*** catintheroof has joined #openstack-barbican17:53
*** alee_ is now known as alee_dinner17:56
*** alee_dinner has quit IRC18:04
*** jaosorior has joined #openstack-barbican18:08
*** alee_dinner has joined #openstack-barbican18:17
*** gyee has joined #openstack-barbican18:17
jaosorioralee_dinner: ping18:20
*** woodster_ has quit IRC18:49
*** diazjf has joined #openstack-barbican18:50
openstackgerritPankaj Khandar proposed openstack/barbican: Insecure default PROTOCOL_TLSv1 version in KMIP plugin
alee_dinnerjaosorior, yo19:04
jaosorioralee_dinner: no worries. Pinged ayoung instead. How's stuff there?19:04
alee_dinnersame same .. you back?19:06
*** alee_dinner is now known as alee19:06
aleejaosorior, actually there might be smething you could help debug ..19:07
jaosorioralee: not really. Just needed to ping nkinder about some potential extra PTO in the end of July19:09
jaosoriorI'm actually having some beers in a bar in Mexico :P19:09
aleejaosorior, :)19:09
*** diazjf has quit IRC19:09
aleejaosorior, I'm debugging openstack while watching football in a house in Rundu, namibia19:10
*** diazjf has joined #openstack-barbican19:10
aleejaosorior, any idea why barbican might be trying to connect to https:// for keystone when there appears to be nothing in the config file to specify that?19:11
jaosoriorCheck the keystone endpoint list19:12
jaosoriorMight have https configured there19:12
*** woodster_ has joined #openstack-barbican19:13
aleejaosorior, yeah -- this is a puppet-barbican gate test19:15
aleejaosorior, in the test - keystone is set up without https19:15
jaosoriorWhere is barbican trying to use https to access keystone? Do you know if it's from the barbican client side or is it from the server?19:18
jaosoriorCause barbican client will initially access keystone to get the token19:18
aleejaosorior, it seems to be from the server19:19
aleejaosorior, I see it in the apache logs19:19
jaosoriorAnd the configuration is http?19:20
jaosoriorYou know if something might be setting the X-Forwarded-For or X-Forwarded-Proto header?19:21
aleejaosorior, not sure -- looking to see if something is coming from client side ..19:22
jaosoriorIs there a proxy in between?19:24
aleejaosorior, not sure19:25
woodster_the gate doesn't use the keystone middleware for auth?19:27
aleewoodster_, jaosorior so this is the gate job --
aleewoodster_, jaosorior -- and this is how barbican is configured in the paste file:19:30
aleepaste.filter_factory = keystonemiddleware.auth_token:filter_factory19:30
aleejaosorior, still enjoyinhg that beer?19:31
woodster_yeah so it should be using that auth_url there19:33
aleewoodster_, am I missing something there -- identity_url or somesuch?19:33
aleewoodster_, maybe something that for some reason is taking a default which has https?19:34
woodster_well, I don't see any keystone setup stuff here now:
* woodster_ I guess folks need to add that back when using keystone19:37
* woodster_ prefer to see commented out defaults in conf files19:38
jaosoriorI would need my machine to properly debug that19:38
jaosoriorAnd yeah19:38
aleejaosorior, nice19:44
woodster_jaosorior: where is that?19:46
jaosoriorVeracruz, Mexico19:47
jaosoriorGotta go19:53
jaosoriorHave a good one!19:53
aleejaosorior, have fun!19:55
*** edtubill has joined #openstack-barbican19:58
*** asingh has quit IRC20:17
*** asingh has joined #openstack-barbican20:18
openstackgerritPankaj Khandar proposed openstack/barbican: Insecure default PROTOCOL_TLSv1 version in KMIP plugin
*** diazjf has quit IRC20:46
*** diazjf has joined #openstack-barbican20:55
*** asingh has quit IRC21:17
*** jmckind has quit IRC21:25
*** edtubill has quit IRC21:32
*** ozialien10 has joined #openstack-barbican21:35
*** asingh has joined #openstack-barbican21:51
*** spotz is now known as spotz_zzz22:01
*** diazjf has quit IRC22:01
*** jaosorior has quit IRC22:04
openstackgerritPankaj Khandar proposed openstack/barbican: Insecure default PROTOCOL_TLSv1 version in KMIP plugin
*** sigmavirus is now known as sigmavirus_away22:20
*** ozialien10 has quit IRC22:22
*** dimtruck is now known as zz_dimtruck22:33
*** catintheroof has quit IRC22:40
*** edtubill has joined #openstack-barbican22:40
*** randallburt1 has quit IRC23:03

Generated by 2.14.0 by Marius Gedminas - find it at!