[openstack-dev] [Heat] [app-catalog] conditional resource exposure - second thoughts

Fox, Kevin M Kevin.Fox at pnnl.gov
Tue Jul 14 21:20:20 UTC 2015

We're kind of debating the same thing for the app catalog. Do we show templates that don't work on a given cloud since they wont work, potentially making useful tools hard to discover, or do we view it as an opportunity for users to complain to their admins that they need X feature in order to do what they need to do. Last time we talked about it, we were leaning towards the latter.

Maybe a happy middle ground is to have enough smarts in the system to show the templates, identify what parts won't work, gray out the template but provide a ui to "notifify the admin" of desire for X to work. That way users can easily feed back their desires.

From: Pavlo Shchelokovskyy [pshchelokovskyy at mirantis.com]
Sent: Tuesday, July 14, 2015 11:34 AM
To: OpenStack Development Mailing List (not for usage questions)
Subject: [openstack-dev] [Heat] conditional resource exposure - second thoughts

Hi Heaters,

currently we already expose to the user only resources for services deployed in the cloud [1], and soon we will do the same based on whether actual user roles allow creating specific resources [2]. Here I would like to get your opinion on some of my thoughts regarding behavior of resource-type-list, resource-type-show and template-validate with this new features.

We already (or soon will) hide unavailable in the cloud / for the user resources from the listing. But what if we add an API flag e.g. --all to show all registered in the engine resources? That would give any user a glimpse of what their Orchestration service can manage in principle, so they can nag the cloud operator to install additional OpenStack components or give them required roles :)

Right now the plan is to disable "showing" unavailable to the user resources. But may be we should leave this as it is, for the same purpose as above (or again add a --all flag or such)?

Right now Heat is failing validation for templates containing resource types not registered in the engine (e.g. typo). Should we also make this call available services- and roles-sensitive? Or should we leave a way for a user to check validity of any template with any in principle supported resources?

The bottom line is we are good in making Heat service to be as much self-documented via its own API as possible - let's keep doing that and make any Heat deployment to be the Heat primer :)

Eager to hear your opinions.

[1] http://specs.openstack.org/openstack/heat-specs/specs/liberty/conditional-resource-exposure-services.html

[2] http://specs.openstack.org/openstack/heat-specs/specs/liberty/conditional-resource-exposure-roles.html

Best regards,

Dr. Pavlo Shchelokovskyy
Senior Software Engineer
Mirantis Inc
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20150714/75423a1c/attachment.html>

More information about the OpenStack-dev mailing list