On 18/09/15 20:03, OpenStack Mailing List Archive wrote:
> Link: https://openstack.nimeyo.com/59453/?show=59453#q59453
> From: vidya
>
> I am trying to create openstack -dashboard on my VM and
> /usr/share/openstack-dashboard in not create. Please help me what i am
> missing here.
>
> here is wh
+1, to Hongbin’s concerns about exposing passwords. I think we should start
with dedicated kub user in magnum config and moved to keystone domains after.
I just wondering how how Kuryr team planning to solve similar issue (I believe
libnetwork driver require Neutron’s credentials). Can someone c
Another option is for Magnum to do all the necessary set up and leave to
the user the final step of editing the config file with the password. Then
the load balancer feature will be disabled by default and we provide the
instruction for the user to enable it. This would circumvent the issue
with
Hi stackers,
As far as you probably know Rally is using independent release model.
We are doing this to do releases as fast as possible.
Our goal is to have release at least 1 times per 2 week.
The major reason why we have to have separated release model is that we
should ship plugins as soon as
Hello, Li.
On Sat, Sep 19, 2015 at 6:15 AM Li Ma wrote:
> Thanks for your reply, Gus. That's awesome. I'd like to have a look at
> it or test if possible.
>
> Any source code available in the upstream?
>
You can find latest (almost approved from the looks of it) version of
blueprint here: https
Hi stackers,
Rally project is becoming more and more used by Operators to check that
live OpenStack clouds perform well and that they are ready for production.
Results of PAO OPS meeting showed that there are interest in Rally related
tags for projects:
http://www.gossamer-threads.com/lists/opens
Thanks Hongbin.
I was not aware of stack-parameters visibility, so was not able to
figure out actual concerns in Ton's initial approach.
keystone domain approach seems secure enough.
-Vikas
Hongbin,
I believe the domain approach
Hi Vikas,
It's correct that once the password is saved in the k8s master node,
then it would have the same security as the nova-instance. The issue is as
Hongbin noted, the password is exposed along the chain of interaction
between magnum and heat. Users in the same tenant can potentially s
Hi shihanzhang,
As mentioned in the spec, this doesnt support distributed FIP's, it will
still work
if the VMs are on different compute nodes, similar to the way centralized
DNAT works (from the network node)
Distributing port forwarding entries in my opinion is similar to
distributing SNAT, and
As discussed last week we won't have a meeting this Mon., 9/21. Everyone can
concentrate on getting Liberty out the door and we'll meet again next week,
9/28, to talk about Mitaka planning a little.
--
Don Dugger
"Censeo Toto nos in Kansa esse decisse." - D. Gale
Ph: 303/443-3786
_
Hi Ton,
kube-masters will be nova instances only and because any access to
nova-instances is already being secured using keystone, I am not able
to understand what are the concerns in storing password on
master-nodes.
Can you please list down concerns in our current approach?
-Vikas Choudhary
*
Hongbin,
I believe the domain approach is the preferred approach for the solution long
term. It will require more R&D to execute then other options but also be
completely secure.
Regards
-steve
From: Hongbin Lu mailto:hongbin...@huawei.com>>
Reply-To: "OpenStack Development Mailing List (not
On 20/09/15 20:24, Qiming Teng wrote:
Speaking of adding tests, we need hands on improving Heat API tests in
Tempest [1]. The current test cases there is a weird combination of API
tests, resource type tests, template tests etc. If we decide to move
functional tests back to individual projects, s
On Sun, Sep 20, 2015 at 11:30:15AM -0600, John Griffith wrote:
> PTL nomination emails are good, but I have a few questions that I'd like
> to ask to help me in making my vote. Some of these are covered in the
> general proposal announcements, but I'd love to hear some more detail.
>
> It would
2) The same FIP address can be used for different mappings, for example
FIP with IP X
can be used with different ports to map to different VM's X:4001 ->
VM1 IP
X:4002 -> VM2 IP (This is the essence of port forwarding).
So we also need the port mapping
AFAIK, there is a project available in the github that does the same thing.
https://github.com/yeasy/easyOVS
I used it before.
On Mon, Sep 21, 2015 at 12:17 AM, Nodir Kodirov wrote:
> Hello,
>
> I am planning to develop a tool for network debugging. Initially, it
> will handle DVR case, which ca
Hi Ton,
If I understand your proposal correctly, it means the inputted password will be
exposed to users in the same tenant (since the password is passed as stack
parameter, which is exposed within tenant). If users are not admin, they don't
have privilege to create a temp user. As a result, us
Hi all,
as of my larger proposal on improvements to code review workflow [1], we
need to have cores for repositories, not for the whole Fuel. It is the path
we are taking for a while, and new core reviewers added to specific repos
only. Now we need to complete this work.
My proposal is:
1. Get
Hi John,
Thank you for these question. Such questions with answers could be a good
part of PTL proposal in the future.
Please, see my answers inline.
Regards,
Ivan Kolodyazhny
On Sun, Sep 20, 2015 at 8:30 PM, John Griffith
wrote:
> PTL nomination emails are good, but I have a few questions t
Hi everyone,
I am running into a potential issue in implementing the support for
load balancer in k8s services. After a chat with sdake, I would like to
run this by the team for feedback/suggestion.
First let me give a little background for context. In the current k8s
cluster, all k8s pods
PTL nomination emails are good, but I have a few questions that I'd like
to ask to help me in making my vote. Some of these are covered in the
general proposal announcements, but I'd love to hear some more detail.
It would be awesome if the Cinder candidates could spend some time and
answer thes
Excerpts from Renat Akhmerov's message of 2015-09-20 19:06:20 +0300:
>
> > On 19 Sep 2015, at 16:04, Doug Hellmann wrote:
> >
> > Excerpts from Renat Akhmerov's message of 2015-09-19 00:35:49 +0300:
> >> Doug,
> >>
> >> python-mistralclient-1.1.0 (also on pypi) is the final release for
> >> Li
Hello,
I am planning to develop a tool for network debugging. Initially, it
will handle DVR case, which can also be extended to other too. Based
on my OpenStack deployment/operations experience, I am planning to
handle common pitfalls/misconfigurations, such as:
1) check external gateway validity
> On 19 Sep 2015, at 16:04, Doug Hellmann wrote:
>
> Excerpts from Renat Akhmerov's message of 2015-09-19 00:35:49 +0300:
>> Doug,
>>
>> python-mistralclient-1.1.0 (also on pypi) is the final release for Liberty.
>> Here’s the patch updating global-requirements.txt:
>> https://review.openst
On 09/20/2015 02:16 PM, Duncan Thomas wrote:
Certainly for cinder, and I suspect many other project, the openstack
client is a wrapper for python-cinderclient libraries, so if you want
translated exceptions then you need to translate python-cinderclient
too, unless I'm missing something?
Ah - l
Certainly for cinder, and I suspect many other project, the openstack
client is a wrapper for python-cinderclient libraries, so if you want
translated exceptions then you need to translate python-cinderclient too,
unless I'm missing something?
On 18 September 2015 at 17:46, Andreas Jaeger wrote:
Speaking of adding tests, we need hands on improving Heat API tests in
Tempest [1]. The current test cases there is a weird combination of API
tests, resource type tests, template tests etc. If we decide to move
functional tests back to individual projects, some test cases may need
to be deleted fr
Hi,
Greetings for the day.
I am finding problem in finding the CLI commands for congress in which I
can create, delete a rule within a policy and viewing different data
sources.
Can you please provide me the list of CLI commands for the same.
Waiting for the reply.
Regards
Himanshu Sharma
On S
28 matches
Mail list logo
