[openstack-dev] Key Manager blueprint updated

Bhandaru, Malini K malini.k.bhandaru at intel.com
Wed Apr 24 19:10:10 UTC 2013


The Intel Key Manager effort (developed on the Openstack mailing list with blueprints) and the Rackspace effort announced last week
back  are getting to know each other and collaborate. Early stages.

CloudKeep is still in the very early stages. Parts of it will be re-usable as is, their event logging (demo-ed at the summit) is rich, while others such as the use of Falcon may have to be re-visited (separate discussion going on the mailing list about pecan/falcon), and API functionality still needs to be built in.

Also need a close partner for using the keys from the Key Manager, the volume encryption folks. Or a simpler first use, saving the Nova public certificates that are injected into VMs to support ssh.  

The only published blueprint is mine, and as good a placeholder for your comments/feedback as any other, or this mailing list.
A first successful Intel/Rackspace co-operation would be a revised blueprint, and sub-blueprints (representing feature coding chunks)
and publishing a git repository for code and community contributions.

Name, we have had some good suggestions on this list, anything is fine.
Barbican, Jangle, Ignite, Clipper .. 
(CloudKeep == Cloud is common to all our projects, Keystore  == too similar to Keystone)

Regards
Malini 


-----Original Message-----
From: Mac Innes, Kiall [mailto:kiall at hp.com] 
Sent: Wednesday, April 24, 2013 10:30 AM
To: OpenStack Development Mailing List
Subject: Re: [openstack-dev] Key Manager blueprint updated

What about "CloudKeep"?

(Hint: I don't see anything on the wiki page explaining why RackSpace's existing implementation can't be used as a starting point!)

Kiall Mac Innes
HP Cloud Services - DNSaaS

Mobile:   +353 86 345 9333
Landline: +353 1 524 2177
GPG:      E9498407

On 24/04/13 18:07, Atwood, Mark wrote:
> Clipper?
>
> Mark Atwood <mark.atwood at hp.com <mailto:mark.atwood at hp.com>> Director 
> of Open Source Evangelism for HP Cloud Services
> +1-206-473-7118
>
>
> On Tue, Apr 23, 2013 at 1:09 AM, Bhandaru, Malini K 
> <malini.k.bhandaru at intel.com <mailto:malini.k.bhandaru at intel.com>> wrote:
>
>     Hello Everyone!____
>
>     __ __
>
>     Thank you to those of you who attended the key manager design summit
>     session and provided input.____
>
>     Missed some of you who have provided feedback on the mailing 
> list.____
>
>     __ __
>
>     I've updated the blueprint based on the discussions.  Do let me know
>     if you are in favor of____
>
>     Limiting access to keys based on original owner
>     (user/project/tenant). With this approach, a put/create would need
>     an additional____
>
>     Argument to indicate scope.____
>
>     __ __
>
>     I anticipate over this week breaking out the details into
>     sub-blueprints for easier parceling into implementation 
> sub-units.____
>
>     __ __
>
>     https://wiki.openstack.org/wiki/KeyManager____
>
>     __ __
>
>     Also open to suggestions for a name for the project J____
>
>     __ __
>
>     Jangle - the sound a bunch of keys  make?____
>
>     Key Manager   (no obfuscation !)____
>
>     (keystore is too similar to keystone ..  -1)____
>
>     __ __
>
>     Regards____
>
>     Malini____
>
>
>     _______________________________________________
>     OpenStack-dev mailing list
>     OpenStack-dev at lists.openstack.org
>     <mailto:OpenStack-dev at lists.openstack.org>
>     http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
>
>

_______________________________________________
OpenStack-dev mailing list
OpenStack-dev at lists.openstack.org
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev



More information about the OpenStack-dev mailing list