#openstack-meeting log

18:02:57 <morganfainberg> #startmeeting Keystone
18:02:58 <openstack> Meeting started Tue Sep 16 18:02:57 2014 UTC and is due to finish in 60 minutes.  The chair is morganfainberg. Information about MeetBot at http://wiki.debian.org/MeetBot.
18:03:00 <openstack> Useful Commands: #action #agreed #help #info #idea #link #topic #startvote.
18:03:01 <henrynash> bknudson: don’t get no vote
18:03:02 <openstack> The meeting name has been set to 'keystone'
18:03:08 <morganfainberg> Welcome!
18:03:22 <morganfainberg> #topic Juno RC1
18:03:27 <morganfainberg> #link https://launchpad.net/keystone/+milestone/juno-rc1
18:03:53 <morganfainberg> We're getting close. Please, Please, review the open reviews and lets get these bugs through the gate
18:03:59 <morganfainberg> erm bug fixes
18:04:23 <lbragstad> #link https://gist.github.com/dolph/651c6a1748f69637abd0
18:04:54 <morganfainberg> If there are any bugs missing from the LP list please target them to the milestone and let lbragstad, dstanek, or myself know so we can get it added to the gist
18:05:45 <rodrigods> me and raildo put a topic about HM release in the meeting, but seems to be the right time to talk about it =)
18:05:59 <marekd> o/
18:06:06 <raildo> morganfainberg,  Now that hirarchical projects is on a branch and  is being reviewed, it still come into Juno, ie, it must be approved until the release of juno-3?
18:06:11 <morganfainberg> rodrigods, we can also circle back at the end with dedicate topic for that if you wnat.
18:06:28 <morganfainberg> raildo, it can be approved at anytime since it is on the feature branch
18:06:41 <morganfainberg> raildo, it wont be in the official Juno release though.
18:07:09 <rodrigods> we are concerned because we really want it to enter before Kilo
18:07:10 <morganfainberg> raildo, but it can let us get it into the tree and available for testing / working with it so we can get it merged into the master branch early in K
18:07:34 <dstanek> rodrigods: the feature freeze past quite a while ago
18:08:03 <morganfainberg> rodrigods, the reason we put it on a feature branch is so we can get that in w/o needing to rush it for the Juno release.
18:08:16 <rodrigods> dstanek, yeah, so dolphm created the branch and we lost control about its release =(
18:08:41 <morganfainberg> rodrigods, it was put on the feature branch because it likely wasn't going to land before feature freeze and it's a big change.
18:08:42 <raildo> dstanek, when we create a branch for hierarchical projects, I had a feeling it would get in Juno.
18:09:12 <dstanek> rodrigods: i think that's because it was being pushed until after Juno because of time constraints and the progress at the time
18:09:20 <morganfainberg> dstanek, ++
18:09:57 <henrynash> so on rc1 defects in general: https://review.openstack.org/#/c/121246/ is ready to go I think
18:10:06 <morganfainberg> henrynash, great!
18:10:18 <rodrigods> dstanek, morganfainberg, ok, that just wasn't clear to us... bug ok =)
18:10:20 <rodrigods> but*
18:10:26 <raildo> morganfainberg, ok, thanks for the explanation.
18:10:54 <morganfainberg> rodrigods, raildo, we should get it merged on the feature branch soon, cores please review if possible, so we can merge it over to K early on
18:11:12 <rodrigods> morganfainberg, I appreciate that, thanks
18:11:19 <morganfainberg> giving most of the cycle to get other projects that want to use it the ability to do so
18:12:04 <morganfainberg> ok moving on.
18:12:14 <rodrigods> ok
18:12:26 <morganfainberg> #topic Client and middleware releases corresponding with Juno by Thursday, September 18th
18:12:30 <raildo> the Nova fols, is already developing based on our code, but let's moving on
18:12:46 <topol> o/
18:12:57 <morganfainberg> All fixes  etc need to be complete and in the tree by Sept. 18
18:13:14 <morganfainberg> this is so we can make sure we're releasing the appropriate middleware and client with Juno.
18:13:15 <bknudson> morganfainberg: we need to make sure the requirements are synced before the release.
18:13:19 <morganfainberg> bknudson, ++
18:13:46 <henrynash> morganfainberg: ouch…need to push up teh endpoint policy clien linb stuff
18:13:47 <bknudson> so that we don't have oslo.config>=1.4.0.0a3
18:13:48 <morganfainberg> bknudson, lets make sure we have that on the radar (bug / etc) as needed
18:14:01 <bknudson> it should be oslo.config>=1.5.0.0 or whatever they call it.
18:14:01 <morganfainberg> bknudson, if you don't mind.
18:14:20 <marekd> morganfainberg: you are talking fetaures of bugs only?
18:14:21 <bknudson> morganfainberg: want me to open a bug?
18:14:25 <morganfainberg> bknudson, please do.
18:14:31 <bknudson> ok
18:14:39 <morganfainberg> marekd, anything that needs to be in middleware or client, needs to be merged by the 18th
18:14:47 <marekd> morganfainberg: ack.
18:15:04 <morganfainberg> bknudson, it means we don't miss it for some silly reason (since it'll be tagged to the milestone)
18:15:39 <morganfainberg> #link https://gist.github.com/dolph/651c6a1748f69637abd0
18:15:52 <morganfainberg> again for the blocking reviews on all the Identity projects
18:16:17 <morganfainberg> #topic OPW
18:16:21 <morganfainberg> #link https://wiki.openstack.org/wiki/OutreachProgramForWomen
18:16:28 <morganfainberg> vkmc, Tahmina, o/
18:16:37 <Tahmina> o/
18:16:40 <vkmc> hi all o/
18:16:40 <morganfainberg> the floor is yours.
18:16:45 <vkmc> thanks morganfainberg
18:17:06 <vkmc> earlier today I joined #openstack-keystone to ask if someone is interested in becoming a mentor for the next OPW round
18:17:08 <Tahmina> thanks morganfainberg
18:17:11 <vkmc> https://wiki.openstack.org/wiki/OutreachProgramForWomen
18:17:33 <vkmc> OpenStack has been participating for two years now, with really great results
18:17:52 <vkmc> its a great experience for both mentor and mentee, and it doesn't take too much from the mentors
18:18:12 <vkmc> Tahmina joined us last week with a proposal for Keystone
18:18:37 <vkmc> Tahmina, feel free to let them know about you and your proposal :)
18:18:46 <topol> vkmc what are the requirements for mentors?
18:18:54 <Tahmina> Hi everyone I am Tahmina Ahmed
18:18:59 <topol> just ATC or you want cores?
18:19:06 <vkmc> topol, just ATC
18:19:06 <Tahmina> I am a phd student at UTSA
18:19:26 <Tahmina> thanks vkmc for introducing me
18:19:30 <topol> Hi
18:19:44 <Tahmina> I am verymuch interested about openstack and opw
18:20:38 <Tahmina> I have a theoretical model for access control that I want to implement for any cloud IaaS and openstack is the best choice for me
18:20:47 <Tahmina> https://wiki.openstack.org/wiki/OutreachProgramForWomen/Ideas#Keystone_-_Implementation_of_Attribute_and_Graph_Based_Access_Control_Model_.28AGBAC.29_for_Openstack
18:20:59 <Tahmina> Here is my proposal
18:21:16 <henrynash> vkmc, Tahmina: so I’m happy to be a mentor
18:21:28 <Tahmina> It's Attribute and Graph Based Access Control Model
18:21:33 <topol> me too
18:21:51 <vkmc> henrynash, topol, that's awesome! thanks :)
18:21:59 <vkmc> generally mentors propose tasks for mentees
18:22:17 <morganfainberg> you're also always welcome to reach out to me for help on any front.
18:22:43 <ayoung> Is it tuesday already?
18:22:47 <vkmc> in this case Tahmina already had an idea and decided to propose it, but if it doesn't fit the project plans then you can suggest some task for her to do during her internship
18:23:03 <vkmc> henrynash, topol ^
18:23:05 <Tahmina> we can have contextual association of different entities if we abstract the identity backend as a graph
18:23:16 <topol> Tahmina, I would recommend  henrynash for keystone specific stuff and myself for more general mentoring
18:23:41 <Tahmina> oh thank you henrynash and topol
18:23:57 <bknudson> we already do have proposals for different access control models
18:24:12 <bknudson> maybe we need to make it pluggable for different experiments
18:24:25 <morganfainberg> bknudson, that sounds like a good direction
18:24:55 <topol> Tahmina, I have a Ph.D. and can serve as an external member of your dissertation commiteee when you are ready. I have done that for oothers before
18:25:25 <ayoung> Tahmina, when you say Graph,  are you talking Graph Databases?
18:25:42 <Tahmina> yes
18:26:00 <Tahmina> yes ayoung
18:26:23 <ayoung> Tahmina, OK,  we had a proposal along those lines back at the mid -cycle meetup
18:26:35 <Tahmina> actually I have started changing identity backend to neo4j a graph database
18:26:40 <ayoung> I don't think it is the right point.  The Keystone token is a snapshot of that data
18:26:57 <ayoung> What you need to do is focus on the Policy Enforcement,
18:27:02 <ayoung> and that is in auth_token middleware
18:27:33 <morganfainberg> ayoung, still within scope of working within Keystone with topol  and henrynash as mentors
18:27:33 <ayoung> So...I'm willing to act as a ....wll, not a mentor, we'll let henrynash be that.  How about a reality check?
18:29:09 <ayoung> morganfainberg, this is very cool...its just that the problem definition is off
18:29:30 <Tahmina> actually my point is attribute of different entity association can express the context of that association which cannot be done only with token ayoung
18:29:30 <ayoung> Tahmina, I'
18:29:38 <ayoung> m happy to discuss with you as well.
18:29:41 <vkmc> willing-to-be mentors can reach flaper87 for doubts about the OPW mentoring process
18:29:47 <flaper87> o/
18:29:54 * flaper87 is happy to help
18:30:03 <vkmc> he has been a mentor for three rounds now :)
18:30:06 <ayoung> flaper87, you are always happy to help
18:30:08 <Tahmina> thank you ayoung
18:30:09 <morganfainberg> Tahmina, thanks for joining us! and looking forward to seeing how this proposal shapes up!
18:30:18 <morganfainberg> it looks really cool
18:30:23 <vkmc> also, please join us in #openstack-opw
18:30:35 <vkmc> for any doubt or concern
18:30:40 <Tahmina> thanks morganfrainberg , thanks every one to let me speak up
18:30:56 <flaper87> ayoung: that's so true :D
18:31:14 <ayoung> Tahmina, were you are the mid-cycle meetup?
18:31:27 <ayoung> is this the same professor we discussed this over with back then?
18:31:56 <Tahmina> I wast not there
18:32:42 <morganfainberg> ayoung, might be related he said he had a student (phd candidate)
18:32:43 <Tahmina> I think you may have some idea from ICS associate director
18:32:52 <morganfainberg> might have been refering to Tahmina
18:33:14 <morganfainberg> Tahmina, are you going to make it to the summit in Paris? if not hopefully we can get you to the mid-cycle meetup
18:33:30 <morganfainberg> well in either case hopefully to the mid-cycle meetup (even if you do make it to paris)
18:34:01 <Tahmina> I am not going Paris. but for midcycle where to meet morganfrainberg
18:35:15 <lbragstad> Tahmina: the Keystone mid-cycle meet up has been hosted at Geekdom in San Antonio
18:35:25 <morganfainberg> lbragstad, hopefully we can do that again
18:35:37 <topol> +++
18:35:45 <morganfainberg> but we will figure out the meetup location once we get done with the summit.
18:35:49 <topol> zinc burgers and lamb burgers
18:35:53 <morganfainberg> we need to know what the release schedule is going to look like
18:36:04 <morganfainberg> which will come with the summit
18:36:05 <Tahmina> ok then. I will be there hopefully
18:36:39 <topol> Tahmina I sent you my contact info in an IRC personal chat window
18:36:56 <vkmc> lastly, if someone wants to propose tasks for this round applicants, you can do it in the wiki :) https://wiki.openstack.org/wiki/OutreachProgramForWomen/Ideas
18:37:18 <morganfainberg> vkmc, awesome thanks!
18:37:50 <vkmc> morganfainberg, thanks to you!
18:38:00 <morganfainberg> ok lets wind the meeting down, bug report (weekly)
18:38:08 <morganfainberg> #topic Weekly bug reports
18:38:14 <morganfainberg> #link http://keystone-weekly-bug-report.tempusfrangit.org/weekly-bug-reports/keystone-weekly-bug-report.html
18:38:32 <Tahmina> thanks morganfainberg, vkmc and everyone
18:38:56 <vkmc> thanks all o/
18:39:15 <morganfainberg> lbragstad thanks for the report and we should probably get those triaged and see if anything needs to hit RC
18:39:17 <bknudson> we get lots of bug reports.
18:39:22 <morganfainberg> most look pretty benign
18:39:30 <lbragstad> https://bugs.launchpad.net/keystone/+bug/1370022
18:39:32 <uvirtbot> Launchpad bug 1370022 in keystone "Keystone cannot cope with being behind an SSL terminator for version list" [Undecided,New]
18:39:36 <lbragstad> that one just rolled through not long ago
18:40:06 <morganfainberg> huh.
18:40:06 <bknudson> lbragstad: they already answered the question themselves. Set admin_endpoint and public_endpoint.
18:40:11 <lbragstad> I've been trying to keep close tabs on the new bugs incase we should include them for RC1
18:40:39 <dstanek> lol
18:40:54 <morganfainberg> yeah so.. uh configure keystone! we might need to tag that as a doc bug
18:40:59 <lbragstad> "Also - if I set public_endpoint and admin_endpoint in keystone.conf to use 'https' proto then all works."
18:41:06 <morganfainberg> but it looks like there is nothing to be done on our end.
18:41:07 <lbragstad> marking as invalid
18:41:46 <morganfainberg> lbragstad, lets check if we have something in the configuration.rst that could help with knowing to set those values
18:41:52 <morganfainberg> but other wise yes, invalid
18:42:35 <morganfainberg> https://bugs.launchpad.net/keystone/+bug/1368690 looks like something that should be tagged to RC
18:42:37 <uvirtbot> Launchpad bug 1368690 in keystone "Keystone2Keystone extension leaks file descriptors" [Low,New]
18:42:47 <morganfainberg> oh wait
18:42:56 <morganfainberg> why do we have a bug for this? it's a pysaml bug?
18:43:02 <morganfainberg> marekd, o/
18:43:26 <morganfainberg> marekd, is this a requirements update?
18:44:17 <bknudson> I don't think we need to update keystone requirements to force using a new version to avoid a bug... should just be for use of a new api.
18:44:21 <morganfainberg> k
18:44:37 <morganfainberg> other than that...
18:44:47 <morganfainberg> Anything else we need to bring up?
18:44:51 <morganfainberg> #topic Open Discussion
18:45:26 <bknudson> can anyone just take over jamielennox changes to keep them moving?
18:45:54 <morganfainberg> bknudson, sure, i'm trying to keep my eyes on them the best i can
18:46:03 <morganfainberg> especially the config / infra ones.
18:46:16 <bknudson> he's only got about 50 changes in flight
18:46:31 <morganfainberg> yeah it's quite a list.
18:46:34 <dstanek> bknudson: all for this week?
18:46:51 <bknudson> dstanek: he's going to be gone longer than a week
18:47:07 <morganfainberg> he's out for ~3wks ithink
18:47:20 <dstanek> bknudson: yeah, but which ones are the critical ones (if any) that need attention?
18:47:28 <dstanek> are they all on dolphm's gist?
18:47:46 <marekd> morganfainberg: nope
18:48:07 <marekd> morganfainberg: (sorry,  was distracted)
18:48:16 <morganfainberg> marekd, no worries
18:48:54 <marekd> morganfainberg: so one function from pysaml, the function we actually use was leaking file decsriptors - simply open() without close() (not even speaking about with statement and so on).
18:48:57 <bknudson> dstanek: a couple of the keystonclient ones are in dolphm's gist
18:49:36 <marekd> i spoke with dolphm and proposed that we don't use this function (it's not very complicated) and I can implemet it myself, but he advised filing a bug, and rather proposing a fix for pysaml2.
18:49:46 <marekd> i did that and fix is aleady merged.
18:49:56 <morganfainberg> marekd, ah so we should mark that as fixed
18:50:11 <morganfainberg> marekd, oh wait i see.
18:50:24 <morganfainberg> marekd, we might need to handle it in juno so we don't need a requirements update this late
18:50:54 <dstanek> marekd: has the fix been released?
18:50:57 <morganfainberg> marekd, since we're past dep freeze, though this warrants if they have a release with the fix in it, asking for an exception.
18:51:00 <morganfainberg> i think
18:51:20 <marekd> dstanek: same day i filed a bug and proposed a fix .
18:51:36 <dstanek> do we actually need to update requirements? i don't think we pin pysaml
18:51:57 <morganfainberg> dstanek, we would want to set a lower bound on it
18:51:59 <marekd> dstanek: morganfainberg but the fact that fix is in the master don't need to mean that pipi is also updated.
18:52:09 <marekd> dstanek: no requirements update.
18:52:20 <morganfainberg> dstanek, if possible.  but meh.
18:52:21 <marekd> dstanek: are you talking about my todays proposal about missing pysaml in requirements.txt?
18:52:31 <morganfainberg> so we can probably just let this slide.
18:52:44 <dstanek> marekd: yeah, it hasn't been released yet
18:53:22 <dstanek> marekd: no, about updating the requirements to reflect the new version with your fix to pysaml
18:53:29 <marekd> dstanek: ah.
18:54:57 <marekd> morganfainberg: dstanek so what do you suggest actualy? I can ask for new pysaml2 release
18:55:13 <morganfainberg> it would be good to have it released prior to RC
18:55:18 <bknudson> this all seems to be a pysaml bug and not a keystone bug
18:55:23 <marekd> bknudson: yes.
18:55:26 <morganfainberg> it means the packagers are likely to pick it up
18:55:44 <dstanek> marekd: yes, otherwise packages can't/won't package it
18:55:55 <bknudson> of course we will
18:56:16 <marekd> dstanek: i will shoot an e-mail to the author.
18:56:21 <morganfainberg> marekd, awesome. thnx
18:56:31 <marekd> morganfainberg: sure.
18:56:32 <marekd> :-)
18:56:40 <morganfainberg> anything else or are we done a bit early? :)
18:56:42 <dstanek> marekd: awesome
18:57:21 <morganfainberg> ok gonna call this the end
18:57:23 <morganfainberg> #endmeeting