[Openstack] [INTERNAL ONLY (NDA)] Fwd: Reqs for OpenStack from Intel IT - Redhat/OpenStack discussions
Adam Young
ayoung at redhat.com
Tue Jul 17 19:10:10 UTC 2012
On 07/17/2012 02:53 PM, Adam Young wrote:
> On 07/17/2012 02:01 PM, Perry Myers wrote:
>> CONFIDENTIAL/INTERNAL ONLY (NDA)
>>
>> Please do not forward this spreadsheet outside of this list. Please do
>> not talk about any of these features externally as "Something Intel has
>> asked for". We can talk about the features themselves upstream, but the
>> context of Intel asking for them needs to be kept internal.
>>
>> I'd like to get input from the team on the contents of this spreadsheet.
>> Specifically for each item here, I think we need to know things like:
>>
>> * already a blueprint or launchpad bug for this? Link please
>> * feasibility/complexity of the change (e.g. could be done for Folsom
>> Milestone 3, needs to be deferred to 'G', probably not even possible
>> in 'G', never going to happen)
>>
>> Basically this list constitutes what Intel believes needs to be closed
>> from a feature gap perspective, to make OpenStack ready for the
>> enterprise. And we need to be able to go back to them next week with
>> our thoughts on each of these items.
>>
>> I don't think that we'd be expected to bear the development load of all
>> of this, but we'll need to be Intel's advocates here in terms of
>> upstream engagement.
>>
>> Respond with thoughts via email on this thread and then once we've
>> gotten enough information captured, I can synthesize and put into the
>> spreadsheet so that Mark and I can go back to Intel to provide them with
>> feedback.
>>
>> Perry
>
>
> line 16 jumps out at me: TLS everywhere. The thing is, Eventlet
> with SSL doesn't make sense, so what should we do for a default?
One bug here: https://bugs.launchpad.net/python-keystoneclient/+bug/1012591/
I have a Patch in for Keystone HTTPD: https://review.openstack.org/#/c/9735/
> line 19 On Federation...I have some ideas WRT Keystone and signing
> certs. I'll write up my ideas in their own document.
>
> line 20: Multifactor is already on the bug list.
Make that Blueprint:
https://blueprints.launchpad.net/keystone/+spec/multi-factor-authn
>
> line 21 RBAC seems to be stalled. I can ping the driver behind it to
> see where we are.
https://blueprints.launchpad.net/keystone/+spec/rbac-keystone
http://etherpad.openstack.org/FolsomRBAC
>
> line 22 Quota Support: I was just looking into it. There is a patch
> brewing for the SQL backends, but there is no clear way to map it to
> LDAP. Not sure I agree that it should be per user: the discussion at
> the summit started off with per user and then dropped it.
http://etherpad.openstack.org/SwiftQuotas
http://markmail.org/message/7agsnjo3n4il56ar
https://blueprints.launchpad.net/keystone/+spec/store-quota-data
>
> line 14 OpenID That is a one solution to SSO, but not necessarily a
> good one.
>
>
>
>
>
More information about the Openstack
mailing list