[openstack-dev] [keystone] Keystone Team Update - Week of 7 May 2018

Colleen Murphy colleen at gazlene.net
Fri May 11 19:03:17 UTC 2018

# Keystone Team Update - Week of 7 May 2018

## News

### Patrole in CI

With all the work that has been happening around fixing policy, it would be good to have better policy validation in CI[1]. However, there are some concerns that using Patrole in a voting gate job will lock us in to unwanted behavior. We agreed to start setting up the framework but to keep the jobs nonvoting until 968696[2] is fully fixed.

[1] http://eavesdrop.openstack.org/meetings/keystone/2018/keystone.2018-05-08-16.00.log.html#l-51
[2] https://bugs.launchpad.net/keystone/+bug/968696

### Multi-Site Keystone

Keystone has never been able to provide straightforward guidance on implementing multi-region/multi-site clouds. We discussed an implementation proposal to "stretch" over existing clouds[3] with a combination of Galera syncing and orchestration around keystone-manage commands. A proof of concept already exists[4] and a spec will be forthcoming. We had also discussed[5] tying this into the default roles spec[6] by perhaps assigning static, non-UUID IDs to the new default roles in order to gain uniformity across distinct sites, but migrating existing clouds would be a challenge and we would need to come up with a solution for domain-specific roles.

[3] http://eavesdrop.openstack.org/meetings/keystone/2018/keystone.2018-05-08-16.00.log.html#l-156
[4] https://github.com/zzzeek/stretch_cluster/tree/standard_tripleo_version
[5] http://eavesdrop.openstack.org/irclogs/%23openstack-keystone/%23openstack-keystone.2018-05-07.log.html#t2018-05-07T17:23:29
[6] https://review.openstack.org/566377

## Open Specs

Search query: https://bit.ly/2G8Ai5q

As discussed last week, the default roles spec has been reproposed to keystone-specs[7]. We also need to prioritize reviews of the unified limits specs[8][9]. The remaining specs are likely to be deferred until next cycle.

[7] https://review.openstack.org/566377
[8] https://review.openstack.org/540803
[9] https://review.openstack.org/565412

## Recently Merged Changes

Search query: https://bit.ly/2IACk3F

We merged 19 changes this week. Among these were patches to enhance service discovery in keystoneauth using service-types-authority.

## Changes that need Attention

Search query: https://bit.ly/2wv7QLK

There are 43 changes that are passing CI, not in merge conflict, have no negative reviews and aren't proposed by bots.

## Bugs

Launchpad report generator: https://github.com/lbragstad/launchpad-toolkit

These week we opened 5 new bugs and closed 4.

## Milestone Outlook


We have about four weeks to get our current spec proposals in shape to be merged, and six weeks to start seeing implementation proposals for those specs.

## Help with this newsletter

Help contribute to this newsletter by editing the etherpad: https://etherpad.openstack.org/p/keystone-team-newsletter
Dashboard generated using gerrit-dash-creator and https://gist.github.com/lbragstad/9b0477289177743d1ebfc276d1697b67

More information about the OpenStack-dev mailing list