[openstack-dev] [keystone] newton midcycle recap

Steve Martinelli s.martinelli at gmail.com
Thu Jul 28 13:39:55 UTC 2016

Hey Keystoners!

I’ve written up a summary for a few of the technical aspects of the
mid-cycle [1]. Dolph has written up a mid-cycle retrospective [2]. For a
full summary see the etherpad [3].

We came out of the mid-cycle with a lot of TODOs, here is a summary of the
action items.

  - Review the code for bp views [4]
  - Review the code for bp PCI [5]
  - Review the code for bp credential encryption [6]
  - Review the spec and code for MFA
  - Spend 10 minutes looking at bugs and blueprints you own, mark as
invalid | fix released or implemented | obsolete as needed

  - Modify policy files of each project so they can use “is_admin_project”
and document how to upgrade

  - Come up with a list of reviews/examples that violated the idea of
tracking/deploying master. Use that list of anti-patterns to generate solid
code review documentation so we are less likely to do it again.

  - Implement bp ldap-preprocessing [7]

  - Implement bp keystone-doctor [8] (DONE)
  - Create a performance doc, bootstrap it with content (DONE)

  - Finalize the rolling upgrade spec
  - Implement support for rolling upgrades
  - Write up a reseller spec using sub domains including the auth URL idea

  - Implement the work bp views [4]
  - Create spec to resolve long running operations problem

  - Create a spec for notifications for PCI events

  - Implement bp PCI [5]

  - Create a facade for keystone LDAP code to make it nicer to use in the
identity backend.   Compare performance of ldap3 vs pyldap

  - Submit bugs for RFEs for keystone doctor (DONE)
  - Bump implementation of Unified Delegation to Ocata (DONE)

henrynash or bknudson
  - Change federation shadow mapping to use the existing ID mapping (LDAP
already uses it) (Ocata)

bknudson and karthikb
  - Propose patches to oslo.policy for improvements to external


[2] http://dolphm.com/retrospective-on-openstack-midcycles
[3] https://etherpad.openstack.org/p/keystone-newton-midcycle
[4] https://review.openstack.org/#/q/topic:bp/views
[5] https://review.openstack.org/#/q/topic:bp/pci-dss
[6] https://review.openstack.org/#/q/topic:bp/credential-encryption
[7] https://blueprints.launchpad.net/keystone/+spec/ldap-preprocessing
[8] https://blueprints.launchpad.net/keystone/+spec/keystone-manage-doctor
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20160728/7a1caaa7/attachment.html>

More information about the OpenStack-dev mailing list