[openstack-dev] Incubation Request for Barbican

Craig Tracey craig at craigtracey.com
Wed Dec 18 00:54:10 UTC 2013


++

As someone who has required patches to Barbican (and not affiliated with
Rackspace) I can attest to the fact that my, albeit simple, changes have
been reviewed and merged in a timely and constructive manner. Even if the
project were to bring on a flood of new developers it wouldn't move this
commit diversity metric for quite some time.

There is already a need for a keystore and I think this need will only
grow. So why not support it as its own composable service?

Thanks for all the work on Barbican!
On Dec 17, 2013 6:17 PM, "Bhandaru, Malini K" <malini.k.bhandaru at intel.com>
wrote:

> Barbican, key manager is essential to openstack, paves the way to greater
> security.
> Instead of rejecting the project because of its current existence owed so
> heavily to Rackspace and to John Wood, why not we adopt it, code review,
> contribute code etc. We can have cores from multiple companies. Swift was a
> project that was born similarly.
> During development John Wood and the whole Rackspace team has been open to
> feature design discussions and providing good code review.
>
> Intel plans to create a plugin for Barbican, along the lines of a low cost
> HSM, essentially using the Intel TXT and the Trusted Platform Module to
> save a master secret used to encrypt all the other secrets.
> Our Intel team is small and some of us had other distractions in October
> and November, but we are back and may even grow in strength.
>
> John, Jarret, and team, thank you for all the hard work.
>
> Malini
>
>
> -----Original Message-----
> From: Jarret Raim [mailto:jarret.raim at RACKSPACE.COM]
> Sent: Tuesday, December 17, 2013 11:44 AM
> To: OpenStack Development Mailing List (not for usage questions)
> Subject: Re: [openstack-dev] Incubation Request for Barbican
>
> On 12/13/13, 4:50 AM, "Thierry Carrez" <thierry at openstack.org> wrote:
>
>
> >If you remove Jenkins and attach Paul Kehrer, jqxin2006 (Michael Xin),
> >Arash Ghoreyshi, Chad Lung and Steven Gonzales to Rackspace, then the
> >picture is:
> >
> >67% of commits come from a single person (John Wood) 96% of commits
> >come from a single company (Rackspace)
> >
> >I think that's a bit brittle: if John Wood or Rackspace were to decide
> >to place their bets elsewhere, the project would probably die instantly.
> >I would feel more comfortable if a single individual didn't author more
> >than 50% of the changes, and a single company didn't sponsor more than
> >80% of the changes.
>
>
> I think these numbers somewhat miss the point. It is true that Rackspace
> is the primary sponsor of Barbican and that John Wood is the developer that
> has been on the project the longest. However, % of commits is not the only
> measure of contributions to the project. That number doesn¹t include the
> work on our chef-automation scripts or design work to figure out the HSM
> interfaces or work on the testing suite or writing our documentation or the
> million other tasks for the project.
>
> Rackspace is committed to this project. If John Wood leaves, we¹ll hire
> additional developers to replace him. There is no risk of the project
> lacking resources because a single person decides to work on something else.
>
> We¹ve seen other folks from HP, RedHat, Nebula, etc. say that they are
> interested in contributing and we are getting outside contributions today.
> That will only continue, but I think the risk of the project somehow
> collapsing is being overstated.
>
> There are problems that aren¹t necessarily the sexiest things to work on,
> but need to be done. It may be hard to get a large number of people
> interested in such a project in a short period of time. I think it would be
> a mistake to reject projects that solve important problems just because the
> team is a bit one sided at the time.
>
>
>
>
>
> Jarret
>
> _______________________________________________
> OpenStack-dev mailing list
> OpenStack-dev at lists.openstack.org
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20131217/e06f0e56/attachment.html>


More information about the OpenStack-dev mailing list