)]}' { "log": [ { "commit": "18d4778cf7bffa60eb2e996a13c129c64f83575f", "tree": "d6d934b05026d32d6942b34a5e3a359202b3996c", "parents": [ "d60c10d6dbe44445aaab9e3fcc0127e39e989f40" ], "author": { "name": "Rob Crittenden", "email": "rcritten@redhat.com", "time": "Wed Mar 19 17:47:42 2014 -0400" }, "committer": { "name": "Rob Crittenden", "email": "rcritten@redhat.com", "time": "Wed Sep 24 18:36:37 2014 -0400" }, "message": "Configure endpoints to use SSL natively or via proxy\n\nConfigure nova, cinder, glance, swift and neutron to use SSL\non the endpoints using either SSL natively or via a TLS proxy\nusing stud.\n\nTo enable SSL via proxy, in local.conf add\n\nENABLED_SERVICES+\u003d,tls-proxy\n\nThis will create a new test root CA, a subordinate CA and an SSL\nserver cert. It uses the value of hostname -f for the certificate\nsubject. The CA certicates are also added to the system CA bundle.\n\nTo enable SSL natively, in local.conf add:\n\nUSE_SSL\u003dTrue\n\nNative SSL by default will also use the devstack-generate root and\nsubordinate CA.\n\nYou can override this on a per-service basis by setting\n\n\u003cSERVICE\u003e_SSL_CERT\u003d/path/to/cert\n\u003cSERVICE\u003e_SSL_KEY\u003d/path/to/key\n\u003cSERVICE\u003e_SSL_PATH\u003d/path/to/ca\n\nYou should also set SERVICE_HOST to the FQDN of the host. This\nvalue defaults to the host IP address.\n\nChange-Id: I36fe56c063ca921131ad98439bd452cb135916ac\nCloses-Bug: 1328226\n" }, { "commit": "14f6c50b187d0d35c0d344700de06fa478845237", "tree": "49c49eb702dc1505abb6ef6ef0cc2d4d2ee58085", "parents": [ "8fe3f70efd6c74479d2f17b789976fb3dfb8efd2", "b4495eb410e3ad348700f127dcf7c0562014c325" ], "author": { "name": "Jenkins", "email": "jenkins@review.openstack.org", "time": "Thu Sep 25 03:43:29 2014 +0000" }, "committer": { "name": "Gerrit Code Review", "email": "review@openstack.org", "time": "Thu Sep 25 03:43:29 2014 +0000" }, "message": "Merge \"Use mod_version to clean-up apache version matching\"" }, { "commit": "8b3217e31083625667225e5cddadf99d430a6206", "tree": "40fdc3e02b05c5767aaf9cb07571b7cc23efaa9a", "parents": [ "7a68f21b296464aed54da7e3c8f3e5de238ce61d", "2a6ce7197e5da9fddddaba2faff2a18c04ece957" ], "author": { "name": "Jenkins", "email": "jenkins@review.openstack.org", "time": "Mon Sep 08 16:23:11 2014 +0000" }, "committer": { "name": "Gerrit Code Review", "email": "review@openstack.org", "time": "Mon Sep 08 16:23:11 2014 +0000" }, "message": "Merge \"Change httpd Keystone access log to keystone_access.log\"" }, { "commit": "b4495eb410e3ad348700f127dcf7c0562014c325", "tree": "a2af0cc87edd09d37ab764ebc014264c60b79a00", "parents": [ "3d458eb703e52606d8aa8d58757285e61cb47b8b" ], "author": { "name": "Noboru Iwamatsu", "email": "n_iwamatsu@jp.fujitsu.com", "time": "Wed Jul 02 18:31:31 2014 +0900" }, "committer": { "name": "Ian Wienand", "email": "iwienand@redhat.com", "time": "Mon Sep 08 15:59:29 2014 +1000" }, "message": "Use mod_version to clean-up apache version matching\n\nThis change uses mod_version (shipped by default on everything we care\nabout) to set-up version-specific config within apache rather than\nwithin devstack scripts.\n\nClean up the horizon and keystone config file generation to use the\ninternal apache matching.\n\nSince I6478db385fda2fa1c75ced12d3e886b2e1152852 the apache matching in\n\u0027functions\u0027 is actually duplicated. just leave get_apache_version in\nlib/apache as it is used for config-file name matching in there.\n\nChange-Id: I6478db385fda2fa1c75ced12d3e886b2e1152852\n" }, { "commit": "d074dc7f7e37c8ff1ce781f0bbc7f88196567f00", "tree": "60995ba98b831d71ccb931f357fd4d11573a0046", "parents": [ "a90898d90438834ac32224162500b7d54fe2e603" ], "author": { "name": "Morgan Fainberg", "email": "morgan.fainberg@gmail.com", "time": "Tue Jun 24 21:33:39 2014 -0700" }, "committer": { "name": "Morgan Fainberg", "email": "morgan.fainberg@gmail.com", "time": "Thu Aug 28 08:39:50 2014 -0700" }, "message": "Use the apache 2.4 ErrorLogFormat directive\n\nUse the new ErrorLogFormat directive to make the Keystone logs\nunder Apache to look like the standard oslo log format.\n\nChange-Id: Ie823abf2fa06b8ce22027c21bef455808a4a768e\n" }, { "commit": "2a6ce7197e5da9fddddaba2faff2a18c04ece957", "tree": "eaf93a05bcf32d2f158ca3968449568cddc11edd", "parents": [ "11d6bde264a90fde1d8bb8b15e9229f7af808840" ], "author": { "name": "Brant Knudson", "email": "bknudson@us.ibm.com", "time": "Thu Aug 21 18:23:12 2014 -0500" }, "committer": { "name": "Brant Knudson", "email": "bknudson@us.ibm.com", "time": "Tue Aug 26 18:43:41 2014 -0500" }, "message": "Change httpd Keystone access log to keystone_access.log\n\nKeystone\u0027s access log was going to httpd/access.log, which is the\ncommon place for all access logging. This made it difficult to see\nKeystone accesses apart from other access. Keystone\u0027s access log\nwill now be keystone_access.log\n\nThis makes the Keystone configuration similar to Horizon which uses\nhorizon_access.log.\n\nChange-Id: I6e5ac121302b3d138758e6c49dffa9f05ad2fb85\nPartial-Bug: #1359995\n" }, { "commit": "e1d004aa4441ec031b6b09ea67e707f9143f91c1", "tree": "fe2f538c2686dcd63b5a79c102a3c8793216dfef", "parents": [ "a8f0d966a159220af11fe0171ae6dca24bc51b97" ], "author": { "name": "Brant Knudson", "email": "bknudson@us.ibm.com", "time": "Thu Aug 21 18:22:00 2014 -0500" }, "committer": { "name": "Steve Martinelli", "email": "stevemar@ca.ibm.com", "time": "Sun Aug 24 17:53:46 2014 -0400" }, "message": "Change httpd Keystone log level to default\n\nHaving Keystone\u0027s log level at debug caused a lot of uninteresting\nHttpd-related log lines to be displayed which makes debugging more\ndifficult than it should be.\n\nRather than set the log level explicitly, Keystone will use the\nHttpd server\u0027s setting, which defaults to warn.\n\nPartial-Bug: #1359995\nChange-Id: Ieef882944bafd98f7b27497a5276124b21c3e576\n" }, { "commit": "cfc9465ee0ce212287f8426a883a94c1eee675a0", "tree": "3cdcd733d089fe6ddd26251d4e7b3e64bb02905b", "parents": [ "219e9c227832371f10f718dc3d793b03904f5968" ], "author": { "name": "Brant Knudson", "email": "bknudson@us.ibm.com", "time": "Thu Aug 21 18:25:29 2014 -0500" }, "committer": { "name": "Brant Knudson", "email": "bknudson@us.ibm.com", "time": "Fri Aug 22 16:49:02 2014 -0500" }, "message": "Change httpd Keystone log to keystone.log\n\nThe normal extension for log files is .log. Log rotation should\nwork because the extension is as expected.\n\nChange-Id: Ia5e42ea9d953e8395b86ab58cdef6c2d852efc94\nRelated-Bug: #1359995\n" }, { "commit": "2c95fcd60c71e0a0c0a7b3801b1a5ca17507f20b", "tree": "c6c3752be349eb7a99aabb319f316faeb1278a94", "parents": [ "6db41b9716c5a82a32818d87ad3af662ecc1382a" ], "author": { "name": "Felipe Reyes", "email": "freyes@suse.com", "time": "Thu Aug 14 17:41:55 2014 +0200" }, "committer": { "name": "Felipe Reyes", "email": "freyes@suse.com", "time": "Thu Aug 14 17:48:33 2014 +0200" }, "message": "Set display name in apache processes\n\nThis change makes apache set process group name in the process name,\nso when listing the processes the user can easily identify what\u0027s\nrunning in each apache process. This is specially useful to debug\nmemory consumption or when a process consumming too much CPU.\n\nChange-Id: I9787980052f451f452d3b8e5e51385ad5aa01e6a\n" }, { "commit": "dcdcb5ace8ea30ffe164310e6771cbffac4374ab", "tree": "0287e8267d2249937fcbea307db80e40c8ab9697", "parents": [ "5e93727a23e3922efcdd80600a0b7fce5adb62cf" ], "author": { "name": "Ian Wienand", "email": "iwienand@redhat.com", "time": "Thu Jul 17 19:54:50 2014 +1000" }, "committer": { "name": "Ian Wienand", "email": "iwienand@redhat.com", "time": "Fri Jul 18 17:52:11 2014 +1000" }, "message": "Add WSGISocketPrefix to apache keystone config\n\nI think since probably fdf1cffbd5d2a7b47d5bdadbc0755fcb2ff6d52f\ndevstack on RHEL6 fails and it comes down to:\n\n---\n2014-07-17 05:05:49.235 | +++ openstack role create admin -f value -c id\n2014-07-17 05:05:49.615 | ERROR: cliff.app Service Unavailable (HTTP 503)\n\n[Thu Jul 17 15:05:46 2014] [error] [client 10.0.2.15]\n (13)Permission denied: mod_wsgi (pid\u003d30125): Unable to connect to WSGI\n daemon process \u0027keystone-public\u0027 on\n \u0027/etc/httpd/logs/wsgi.30098.0.1.sock\u0027 after multiple attempts.\n---\n\nThe apache user doesn\u0027t have permissons to this directory. Adding\nWSGISocketPath to /var/run solves it\n\nChange-Id: If4b74019b6bd389b576fc981154bb1b3aa471c9b\n" }, { "commit": "a00e5f8810b6ca3b0b5d63cc228125e19bc91955", "tree": "fb91d81e881a549a02877141ccccabf67ea4fef4", "parents": [ "5470701e10ee68c80860d4cf7e0fa5d8a913c288" ], "author": { "name": "Jamie Lennox", "email": "jlennox@redhat.com", "time": "Tue Sep 17 12:47:03 2013 +1000" }, "committer": { "name": "Gerrit Code Review", "email": "review@openstack.org", "time": "Tue Sep 24 01:14:28 2013 +0000" }, "message": "Allow keystone to run from apache\n\nProvide a template for running keystone as a mod_wsgi process and enable\nit from configuration.\n\nBased on: https://review.openstack.org/#/c/36474/\nAlso-by: zhang-hare \u003czhuadl@cn.ibm.com\u003e\nImplements: blueprint devstack-setup-apache-keystone\n\nChange-Id: Icc9d7ddfa4a488c08816ff4ae0b53c0134a1016b\n" } ] }