[openstack-dev] Inter cloud resource federation [Alliance]

Tiwari, Arvind arvind.tiwari at hp.com
Thu Jul 10 15:31:01 UTC 2014 

Hi Raildo,

Yes, I am trying to separate out the resource federation concerns through Alliance, Identity federation will be intact with Keystone. At the same time Alliance will play as delegate for keystone wherever resource federation across clouds concern need to be addressed.
I would love to work with you on this and anyone who is interested. I am putting together a POC and will keep you and community informed on the same.

Thanks,
Arvind

From: Raildo Mascena [mailto:raildom at gmail.com]
Sent: Wednesday, July 09, 2014 1:16 PM
To: OpenStack Development Mailing List (not for usage questions)
Subject: Re: [openstack-dev] Inter cloud resource federation [Alliance]

Hi Arvind,

First, I quite liked the idea and I am very interested in helping you with that.

Second, I have some doubts. What is the similarity (and differences) with Keystone to Keystone blueprint? https://review.openstack.org/#/c/100023/<https://blueprints.launchpad.net/keystone/+spec/keystone-to-keystone-federation>

The federation will be migrated to this new service?

Regards,

2014-07-09 14:33 GMT-03:00 Tiwari, Arvind <arvind.tiwari at hp.com<mailto:arvind.tiwari at hp.com>>:
Hi All,

I am investigating on inter cloud resource federation across OS based cloud deployments, this is needed to support multi regions, cloud bursting, VPC and more use cases. I came up with a design (link below) which advocate a new service (a.k.a. Alliance), this service sits close to Keystone and help abstracting all the inter cloud concerns from Keystone. This service will be abstracted from end users and there won’t be any direct interactions between user and Alliance service. Keystone will be delegating all inter cloud concerns to Alliance.

https://wiki.openstack.org/wiki/Inter_Cloud_Resource_Federation

Apart from basic resource federation use cases, Alliance service will add following features


1.       UUID token support across cloud

2.       PKI Token support

3.       Inter Cloud Token Validation

4.       Inter Cloud Communication to allow

•        Region/endpoint Discovery

•        Service Discovery

•        Remote Resource Provisioning

5.       Resource Access Across Clouds

6.       SSO Across Cloud

7.       SSOut Across Cloud (or Inter Cloud Token Revocation)

8.       Notification to propagate meter info, resource de-provisioning ….

I would appreciate if you guys take a look and share your perspective. I am open to any questions, suggestions, discussions on the same.

Thanks for your time,
Arvind


Please excuse any typographical error.

_______________________________________________
OpenStack-dev mailing list
OpenStack-dev at lists.openstack.org<mailto:OpenStack-dev at lists.openstack.org>
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev



--
Raildo Mascena
Bachelor of Computer Science.
Software Engineer at Laboratory of Distributed Systems - UFCG
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20140710/0ce4327f/attachment.html>

More information about the OpenStack-dev mailing list