<p dir="ltr"><br>
On Dec 3, 2013 6:49 PM, "John Dickinson" <<a href="mailto:me@not.mn">me@not.mn</a>> wrote:<br>
><br>
><br>
> On Dec 3, 2013, at 8:05 AM, Jay Pipes <<a href="mailto:jaypipes@gmail.com">jaypipes@gmail.com</a>> wrote:<br>
><br>
> > On 12/03/2013 10:04 AM, John Dickinson wrote:<br>
> >> How are you proposing that this integrate with Swift's account and container quotas (especially since there may be hundreds of thousands of accounts and millions (billions?) of containers in a single Swift cluster)? A centralized lookup for quotas doesn't really seem to be a scalable solution.<br>
> ><br>
> > From reading below, it does not look like a centralized lookup is what the design is. A push-change strategy is what is described, where the quota numbers themselves are stored in a canonical location in Keystone, but when those numbers are changed, Keystone would send a notification of that change to subscribing services such as Swift, which would presumably have one or more levels of caching for things like account and container quotas...<br>
><br>
> Yes, I get that, and there are already methods in Swift to support that. The trick, though, is either (1) storing all the canonical info in Keystone and scaling that or (2) storing some "boiled down" version, if possible, and fanning that out to all of the resources in Swift. Both are difficult and require storing the information in the central Keystone store.</p>
<p dir="ltr">If I remember correctly the motivation for using keystone for quotas is so there is one easy place to set quotas across all projects. Why not hide this complexity with the unified client instead? That has been the answer we have been using for pulling out assorted proxy APIs in nova (nova image-list volume-list) etc.</p>
<p dir="ltr">><br>
> ><br>
> > Best,<br>
> > -jay<br>
> ><br>
> >> --John<br>
> >><br>
> >><br>
> >> On Dec 3, 2013, at 6:53 AM, Oleg Gelbukh <<a href="mailto:ogelbukh@mirantis.com">ogelbukh@mirantis.com</a>> wrote:<br>
> >><br>
> >>> Chmouel,<br>
> >>><br>
> >>> We reviewed the design of this feature at the summit with CERN and HP teams. Centralized quota storage in Keystone is an anticipated feature, but there are concerns about adding quota enforcement logic for every service to Keystone. The agreed solution is to add quota numbers storage to Keystone, and add mechanism that will notify services about change to the quota. Service, in turn, will update quota cache and apply the new quota value according to its own enforcement rules.<br>
> >>><br>
> >>> More detailed capture of the discussion on etherpad:<br>
> >>> <a href="https://etherpad.openstack.org/p/CentralizedQuotas">https://etherpad.openstack.org/p/CentralizedQuotas</a><br>
> >>><br>
> >>> Re this particular change, we plan to reuse this API extension code, but extended to support domain-level quota as well.<br>
> >>><br>
> >>> --<br>
> >>> Best regards,<br>
> >>> Oleg Gelbukh<br>
> >>> Mirantis Labs<br>
> >>><br>
> >>><br>
> >>> On Mon, Dec 2, 2013 at 5:39 PM, Chmouel Boudjnah <<a href="mailto:chmouel@enovance.com">chmouel@enovance.com</a>> wrote:<br>
> >>> Hello,<br>
> >>><br>
> >>> I was wondering what was the status of Keystone being the central place across all OpenStack projects for quotas.<br>
> >>><br>
> >>> There is already an implementation from Dmitry here :<br>
> >>><br>
> >>> <a href="https://review.openstack.org/#/c/40568/">https://review.openstack.org/#/c/40568/</a><br>
> >>><br>
> >>> but hasn't seen activities since october waiting for icehouse development to be started and a few bits to be cleaned and added (i.e: the sqlite migration).<br>
> >>><br>
> >>> It would be great if we can get this rekicked to get that for icehouse-2.<br>
> >>><br>
> >>> Thanks,<br>
> >>> Chmouel.<br>
> >>><br>
> >>> _______________________________________________<br>
> >>> OpenStack-dev mailing list<br>
> >>> <a href="mailto:OpenStack-dev@lists.openstack.org">OpenStack-dev@lists.openstack.org</a><br>
> >>> <a href="http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev">http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev</a><br>
> >>><br>
> >>><br>
> >>> _______________________________________________<br>
> >>> OpenStack-dev mailing list<br>
> >>> <a href="mailto:OpenStack-dev@lists.openstack.org">OpenStack-dev@lists.openstack.org</a><br>
> >>> <a href="http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev">http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev</a><br>
> >><br>
> >><br>
> >><br>
> >> _______________________________________________<br>
> >> OpenStack-dev mailing list<br>
> >> <a href="mailto:OpenStack-dev@lists.openstack.org">OpenStack-dev@lists.openstack.org</a><br>
> >> <a href="http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev">http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev</a><br>
> >><br>
> ><br>
> ><br>
> > _______________________________________________<br>
> > OpenStack-dev mailing list<br>
> > <a href="mailto:OpenStack-dev@lists.openstack.org">OpenStack-dev@lists.openstack.org</a><br>
> > <a href="http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev">http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev</a><br>
><br>
><br>
> _______________________________________________<br>
> OpenStack-dev mailing list<br>
> <a href="mailto:OpenStack-dev@lists.openstack.org">OpenStack-dev@lists.openstack.org</a><br>
> <a href="http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev">http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev</a><br>
><br>
</p>