Monday, 2017-08-07

*** daidv has quit IRC00:53
*** liujiong has joined #openstack-barbican01:19
*** randomhack has joined #openstack-barbican01:41
*** randomhack has quit IRC01:46
*** daidv has joined #openstack-barbican02:58
*** dave-mccowan has quit IRC03:09
*** jaosorior has joined #openstack-barbican05:24
*** randomhack has joined #openstack-barbican05:42
*** randomhack has quit IRC05:47
openstackgerritRajat Sharma proposed openstack/python-barbicanclient master: Add 'rm -f .testrepository/times.dbm' command in testenv
openstackgerritmelissaml proposed openstack/barbican master: Update openstackdocstheme>=1.16.0
*** randomhack has joined #openstack-barbican08:18
*** randomhack has quit IRC08:24
*** shohel has joined #openstack-barbican08:24
*** shohel has quit IRC08:29
openstackgerritNam Nguyen Hoai proposed openstack/barbican-specs master: Specs rolling upgrade for Barbican
*** jaosorior has quit IRC09:27
*** salmankhan has joined #openstack-barbican09:31
*** hieulq has quit IRC09:32
*** daidv has quit IRC09:32
*** daidv has joined #openstack-barbican09:33
*** hieulq has joined #openstack-barbican09:33
*** jaosorior has joined #openstack-barbican09:45
openstackgerritNam Nguyen Hoai proposed openstack/barbican master: Create multiple phases to upgrade Barbican database
*** liujiong has quit IRC10:18
*** salmankhan has quit IRC10:25
*** salmankhan has joined #openstack-barbican10:25
*** strigazi_OFF is now known as strigazi11:05
*** salmankhan has quit IRC11:18
*** salmankhan has joined #openstack-barbican11:18
*** catintheroof has joined #openstack-barbican11:28
*** catintheroof has quit IRC11:38
*** catintheroof has joined #openstack-barbican11:50
*** catintheroof has quit IRC11:55
*** raildo has joined #openstack-barbican12:00
*** catintheroof has joined #openstack-barbican12:30
*** dave-mccowan has joined #openstack-barbican12:50
*** livelace2 has joined #openstack-barbican13:38
*** randomhack has joined #openstack-barbican13:53
*** openstackstatus has quit IRC16:42
*** openstackstatus has joined #openstack-barbican16:43
*** ChanServ sets mode: +v openstackstatus16:43
*** pcaruana has quit IRC17:15
*** randomhack has quit IRC17:35
*** randomhack has joined #openstack-barbican17:38
*** randomhack has quit IRC18:04
*** salmankhan has quit IRC18:12
*** csaikia has joined #openstack-barbican18:17
csaikiahey I am trying to authenticate a keystone session for Barbican using the devstack deployment. I am not able to authenticate the session and it always gives me the error " The resource could not be found."18:18
csaikiaCan anyone help me out with it?18:18
csaikiaI am using a Python shell18:19
*** livelace2 has quit IRC18:20
*** randomhack has joined #openstack-barbican18:30
*** kfarr has joined #openstack-barbican18:34
dave-mccowancsaikia do you have some more details on how you're trying to authenticate a keystone session?18:56
dave-mccowanHappy Monday Barbicaneers!  Reminder, weekly IRC meeting is today in one hour in #openstack-meting-alt18:56
*** salmankhan has joined #openstack-barbican19:26
csaikiadave-mccowan I am following Keystone API Version 3 authentication from this doc: and using the environment variables set by devstack.19:28
csaikiadave-mccowan my auth_url from devstack however looks like this: http://1X.1X.5X.1XX/identity19:30
*** salmankhan has quit IRC19:30
*** randomhack has quit IRC19:34
dave-mccowancsaikia are you getting "resource not found" in the barbican logs, or as output from an openstack command you entered?19:38
*** randomhack has joined #openstack-barbican19:41
csaikiaI am getting it as an exception when I am creating a secret object in the python shell and then doing a
csaikiadave-mccowan I am not using openstack command19:44
openstackgerritMerged openstack/castellan master: Updated from global requirements
csaikiadave-mccowan I am using secret = barbican.secrets.create(<content>) and then doing a
dave-mccowancsaikia is returning 404?  or is it identity.V3Password()?19:47
csaikiadave-mccowan is. Also, following the doc link i mentioned, a sess.get_user_id() is also giving me the same exception19:51
csaikiaPlease let me know if I am using the correct auth_url19:51
csaikiaand correct credentials to create a session. I am using the env variables devstack had set19:52
dave-mccowancsaikia i know there has been some changes with keystone url recently.  i think /identity is right.  they removed support for :5000.20:03
dave-mccowancsaikia can you do other keystone commands?  i think the first step, before using barbican client, is to make sure keystone api is working.20:04
openstackgerritMerged openstack/barbican master: Remove install-guide env which is no longer effective
csaikia[stack@devstack3 devstack]$ systemctl | grep keystone20:05
csaikia  devstack@keystone.service                                                                 loaded    active running   Devstack devstack@keystone.service20:05
csaikiadave-mccowan it is running fine when I am using all the openstack/nova/cinder commands but not within the shell20:06
csaikiaI can see a set of conf variables in /etc/barbican/barbican.conf file which I also used to create a session, but that fails as well.20:07
dave-mccowancsaikia it sounds like it's not specific to barbican then?  maybe the keystone guys will know better.20:09
openstackgerritMerged openstack/barbican master: Updated from global requirements
openstackgerritMerged openstack/barbican master: Use devstack functions for deploying barbican-svc
*** rfxn has joined #openstack-barbican20:14
openstackgerritKaitlin Farr proposed openstack/barbican-tempest-plugin master: test
csaikiadave-mccowan okay thank you!20:19
dave-mccowancsaikia please come back and let us know what you find out, especially if it does seem to be a problem with barbican or barbican documentation.20:20
*** nkinder has quit IRC20:23
rfxnis a HSM absolutely needed w/ barbican?20:24
*** nkinder has joined #openstack-barbican20:24
dave-mccowanrfxn there are configuration options that work without an HSM.  it depends on your security needs.20:28
rfxn@dave-mccowan any good examples that you can help point me too :) ?20:30
dave-mccowansimple_crypto and dogtag_plugin do not use an hsm20:32
dave-mccowanrfxn simple_crypto is generally considered not secure, since secrets are encrypted using a fixed key stored in the barbican.conf file. however, that is the quickest/easiest way to get going.20:34
*** randomha1k has joined #openstack-barbican20:40
*** randomhack has quit IRC20:43
*** randomha1k has quit IRC20:44
rfxndave-mccowan, thx, gotcha!20:49
rfxndogtag is out but for now think simple_crypto will be just fine20:49
kfarrdave-mccowan I am seeing that error from the uwsgi branch in barbican-tempest-plugin now21:04
dave-mccowankfarr yea, it looks like glance is failing on a PUT image.21:08
openstackLaunchpad bug 1703856 in Glance "502 Bad gateway error on image-create" [High,Confirmed]21:09
kfarrdave-mccowan oh great, glad you found that bug report.  glad it's not a barbican issue21:12
*** chaynikasaikia has joined #openstack-barbican21:13
*** Teck7 has joined #openstack-barbican21:13
dave-mccowankfarr the comments in the bug show that we can increase the socket timeout in glance-api.conf as a workaround.  maybe that is something we can do for tempest tests.21:14
*** csaikia has quit IRC21:15
kfarrdave-mccowan, ok I will look into that! gotta go for now21:17
*** kfarr has quit IRC21:17
*** rfxn has quit IRC21:17
*** chaynikasaikia has quit IRC21:18
*** catintheroof has quit IRC21:20
*** rfxn has joined #openstack-barbican21:23
*** Teck7 has quit IRC21:26
*** csaikia has joined #openstack-barbican21:51
*** pbourke has quit IRC23:06
*** pbourke has joined #openstack-barbican23:08
*** catintheroof has joined #openstack-barbican23:28
-openstackstatus- NOTICE: The Gerrit service on will be offline momentarily at 00:00 utc for a quick reconfiguration-related restart23:32
*** raildo has quit IRC23:35
*** catintheroof has quit IRC23:50

Generated by 2.15.3 by Marius Gedminas - find it at!