[openstack-dev] Barbican : Use of consumer resource

Adam Harwell adam.harwell at RACKSPACE.COM
Tue Mar 31 05:20:03 UTC 2015 

As John said, the URI is unrestricted (intentionally so) -- this could be 'mailto:some at person.com' just as easily as a reference to another OpenStack or external service. Originally, the idea was that Loadbalancers would need to use a Container for TLS purposes, so we'd put the LB's URI in there as a back-reference (https://loadbalancers.myservice.com/lbaas/v2/loadbalancers/12345). That way, you could easily show in Horizon that "LB 12345 is using this container".

Registering with that POST has the side-effect of receiving the container's data as though you'd just done a GET - so, the design was that any time a service needed to GET the container data, it would do a POST to register instead - which would give you the data, but also mark interest. The registration action is idempotent, so you can register once, twice, or a hundred times and it has the same effect. The only tricky part is making sure that your service de-registers when you stop using the container.

--Adam


From: John Wood <john.wood at RACKSPACE.COM<mailto:john.wood at RACKSPACE.COM>>
Date: Tuesday, March 31, 2015 12:06 AM
To: Asha Seshagiri <asha.seshagiri at gmail.com<mailto:asha.seshagiri at gmail.com>>, openstack-dev <openstack-dev at lists.openstack.org<mailto:openstack-dev at lists.openstack.org>>
Cc: "Reller, Nathan S." <Nathan.Reller at jhuapl.edu<mailto:Nathan.Reller at jhuapl.edu>>, Douglas Mendizabal <douglas.mendizabal at RACKSPACE.COM<mailto:douglas.mendizabal at RACKSPACE.COM>>, "alee at redhat.com<mailto:alee at redhat.com>" <alee at redhat.com<mailto:alee at redhat.com>>, Paul Kehrer <paul.kehrer at RACKSPACE.COM<mailto:paul.kehrer at RACKSPACE.COM>>, Adam Harwell <adam.harwell at rackspace.com<mailto:adam.harwell at rackspace.com>>
Subject: Re: Barbican : Use of consumer resource

(Including Adam, who implemented this feature last year to make sure I'm not misspeaking here :)

Hello Asha,

The consumers feature allows clients/services to register 'interest' in a given secret or container. The URL provided is unrestricted. Clients that wish to delete a secret or consumer may add logic to hold off deleting if other services have registered their interest in the resource. However for Barbican this data is only informational, with no business logic (such as rejecting delete attempts) associated with it.

I hope that helps.

Thanks,
John


From: Asha Seshagiri <asha.seshagiri at gmail.com<mailto:asha.seshagiri at gmail.com>>
Date: Monday, March 30, 2015 at 5:04 PM
To: openstack-dev <openstack-dev at lists.openstack.org<mailto:openstack-dev at lists.openstack.org>>
Cc: John Wood <john.wood at rackspace.com<mailto:john.wood at rackspace.com>>, "Reller, Nathan S." <Nathan.Reller at jhuapl.edu<mailto:Nathan.Reller at jhuapl.edu>>, Douglas Mendizabal <douglas.mendizabal at RACKSPACE.COM<mailto:douglas.mendizabal at RACKSPACE.COM>>, "alee at redhat.com<mailto:alee at redhat.com>" <alee at redhat.com<mailto:alee at redhat.com>>, Paul Kehrer <paul.kehrer at RACKSPACE.COM<mailto:paul.kehrer at RACKSPACE.COM>>
Subject: Re: Barbican : Use of consumer resource

Including Alee and Paul in the loop

Refining the above question :

The consumer resource allows the clients to register with container resources. Please find the command and response below


POST v1/containers/888b29a4-c7cf-49d0-bfdf-bd9e6f26d718/consumers

Header: content-type=application/json
        X-Project-Id: {project_id}
{
    "name": "foo-service",
    "URL": "https://www.fooservice.com/widgets/1234"
}

I would like to know the following :

1. Who  does the client here refers to ? Openstack Services or any other services as well?

2. Once the client gets registered through the consumer resource , How does client consume or use the consumer resource

Any Help would be appreciated.

Thanks Asha.




On Mon, Mar 30, 2015 at 12:05 AM, Asha Seshagiri <asha.seshagiri at gmail.com<mailto:asha.seshagiri at gmail.com>> wrote:
Hi All,

Once the consumer resource registers to the containers , how does the consumer resource consume the container resource?
Is there any API supporting the above operation.

Could any one please help on this?

--
Thanks and Regards,
Asha Seshagiri



--
Thanks and Regards,
Asha Seshagiri
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20150331/6bb9b838/attachment.html>

More information about the OpenStack-dev mailing list