[openstack-dev] [Heat] Continue discussing multi-region orchestration
Georgy Okrokvertskhov
gokrokvertskhov at mirantis.com
Fri Nov 15 20:17:11 UTC 2013
On Fri, Nov 15, 2013 at 10:44 AM, Stephen Gran <stephen.gran at theguardian.com
> wrote:
>
>
> Surely those are local deployment policy decisions that shouldn't affect
> the development of capabilities in heat itself, right? If a deployer does
> not want one heat deployment to be able to reach some endpoints, they'll
> set up a local heat that can reach those endpoints and deploy their stack
> through that one, right?
>
>
You are right. At the same time heat feature should not enforce some
specific deployment requirements to other openstack components especially
taking into account different security considerations. I am trying to rise
a concern about possible security implications of that particular approach
of using exposed openstack APIs and bring security requirements to the
table for discussion. Probably this will help to design better solution for
heat to heat or DC to DC communication if it exists. I hope that there is a
room for discussion and it is possible to influence on the final design and
implementation. I really want this feature to be flexible and useful for
most of OpenStack deployments rather then for some specific deployment case.
--
Georgy Okrokvertskhov
Technical Program Manager,
Cloud and Infrastructure Services,
Mirantis
http://www.mirantis.com
Tel. +1 650 963 9828
Mob. +1 650 996 3284
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20131115/93759e76/attachment.html>
More information about the OpenStack-dev
mailing list