[openstack-dev] [all][tripleo] New Project -> Kolla: Deploy and Manage OpenStack using Kubernetes and Docker

Chmouel Boudjnah chmouel at enovance.com
Thu Sep 25 06:12:08 UTC 2014


On Thu, Sep 25, 2014 at 6:02 AM, Clint Byrum <clint at fewbar.com> wrote:

> However, this does make me think that Keystone domains should be exposable
> to services inside your cloud for use as SSO. It would be quite handy
> if the keystone users used for the VMs that host Kubernetes could use
> the same credentials to manage the containers.
>


I was exactly thinking about the same and looking at the code here :

https://github.com/GoogleCloudPlatform/kubernetes/blob/master/pkg/client/request.go#L263

it seems to use some basic HTTP auth which should be enough with the
REMOTE_USER/apache feature of keystone :

http://docs.openstack.org/developer/keystone/external-auth.html#using-httpd-authentication

but if we want to have proper full integration with OpenStack we would
probably at some point want to teach modularity and a keystone plugin to
give to k8

Chmouel
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20140925/e734f78d/attachment.html>


More information about the OpenStack-dev mailing list