settingsLogin | Registersettings

Recent activity by dstanek_at_dstanek.c

5 responses 9 views

[tl;dr I want to remove the artificial restriction of not allowing FKs between subsystems and I want to stop FK enforcement in code.] The keystone code architecture is pretty simple. The data and functionality are divided up into ...

responded Apr 12, 2017 in openstack-dev
20 responses 206 views

Hello everyone, PKI/PKIZ token has been removed from keystone in Ocata. But recently our production team did some test about PKI and Fernet token (With Keystone Mitaka). They found that in large-scale production environment, Fernet token's ...

responded Feb 15, 2017 in openstack-dev
7 responses 7 views

Hi We have been expericing problems with newer versions of webob (webob 1.7). Reading the changelog, it seems that the upstream developers have introduced some backwards incompatibility with previous versions of webob that seems to be ...

responded Jan 18, 2017 in openstack-dev
2 responses 8 views

Hi all! I got a problem with my keystone federation setup: When I’m logging into Horizon it redirects me into external Identity Provider, I fill in my credentials and everything is fine. Then I’m being redirected back to keystone and ...

responded Jan 17, 2017 in openstack
17 responses 20 views

Hi keystoners, I'd like to open the discussion about the little feature which I'm trying to push forward for a while but I need some feedbacks/opinions/concerns regarding this. Here is the review I'm talking about https://review. ...

responded Dec 5, 2016 in openstack-dev
1 response 11 views

I have a single machine DevStack (Mitaka) setup. I have enabled multi domain functionality and am able to create multiple domains in my setup through Horizon. I created 2 domains, Domain A and Domain B. In Domain A, I created two projects ...

responded Nov 17, 2016 in openstack
13 responses 29 views

I want to welcome Ron De Rose (rderose) to the Keystone core team. In a short time Ron has shown a very positive impact. Ron has contributed feature work for shadowing LDAP and federated users, as well as enhancing password support for SQL ...

responded Sep 1, 2016 in openstack-dev
3 x  
43 responses 48 views

The keystone team is pursuing a trigger-based approach to support rolling, zero-downtime upgrades. The proposed operator experience is documented here: This differs from Nova and ...

responded Sep 1, 2016 in openstack-dev
8 responses 319 views

Hello, I've been looking at options for doing multi-factor auth (MFA) on our infrastructure and I'm just wanting to know if the option I've decided to go with seems sensible. As context, we are running stock Keystone (to be backed by LDAP), ...

responded Jul 18, 2016 in openstack-dev
7 responses 7 views

Hello, vigilant folks of OpenStack Security team! The commit(s) I'd like you to take a look at introduces a new Horizon feature, Create (Glance) Image using CORS (AKA Cross-Origin Resource Sharing) [1]. The main idea is to bypass Horizon ...

responded Jul 7, 2016 in openstack-dev
1 response 149 views

Hi... I tried to use OpenStack Syntribos today for security testing against my devstack kilo cloud. I followed installation and configuration instructions provided at the openstack syntribos repo .Unfortunately, I received some errors after ...

responded Jul 3, 2016 in openstack-dev
19 responses 29 views

Hi Chris, stackers, OK, so I've been a pretty vocal proponent of Chris' approach to the new placement REST API endpoint, which is to use no WSGI frameworks and instead just use the selector library (or Routes as a second choice) for ...

responded Jun 21, 2016 in openstack-dev
3 responses 15 views

Hi all, When orchestrating an openstack service from nothing, there are a few steps that need to occur before you have a running service assuming the database already exists. - Create the service's users and add a password into the databse ...

responded May 31, 2016 in openstack-dev
2 responses 19 views

On Wed, Apr 20, 2016 at 04:13:38PM +0000, Neil Jerram wrote: > A couple of questions about our Austin-related planning tools... > > - Can one's calendar at > > be ...

responded Apr 21, 2016 in openstack-dev
2 x  
8 responses 10 views

Hi Keystone devs, Blueprint [1] related to request-ids is approved for Mitaka and its implementation [2] is up for review for quite a long time. I would like to apply for a goal for this blueprint so that it can be included in Newton. [1] ...

responded Apr 13, 2016 in openstack-dev
11 responses 22 views

Hi stackers, I would like to suggest very simple idea of splitting out of Keystone authentication part in the separated project. Such change has 2 positive outcomes: 1) It will be quite simple to create scalable service with high ...

responded Apr 6, 2016 in openstack-dev
3 x  
42 responses 40 views

All, Does anyone have experience deploying Magnum in a highly-available fashion? If so, I'm interested in learning from your experience. My biggest unknown is the Conductor service. Any insight you can provide is greatly appreciated. ...

responded Mar 18, 2016 in openstack-dev
3 x  
19 responses 20 views

For the sake of completeness: The eventlet package version 0.18.1 seems to be disappeared from the PyPi servers, which is a bad thing, as we use that version in the "upper-constraints.txt" of the requirements project. There is patch [1] in ...

responded Feb 18, 2016 in openstack-dev
16 responses 20 views

I've tagged this message with the projects impacted by a series of change sets: [trove] [neutron] [cinder] [swift] ...

responded Jan 12, 2016 in openstack-dev
2 x  
34 responses 22 views

Hi all, A change to global-requirements[1] introduces mimic, which is an http server that can mock various APIs, including nova and ironic, including control of error codes and timeouts. The ironic team plans to use this for testing ...

responded Jan 8, 2016 in openstack-dev
Drop us a note if you have suggestions on other community mailing lists that should be made searchable here.

For the corporate mailing lists, visit or send a note here

31,319 questions

91,190 responses


5,642 users