[openstack-dev] Move keypair management out of Nova and into Keystone?
Joe Gordon
joe.gordon0 at gmail.com
Mon Jul 1 17:07:46 UTC 2013
We should not remove it from the v3 API until we know this will be
supported by keystone in Havana.
best,
Joe
sent on the go
On Jul 1, 2013 6:25 PM, "Mauro S M Rodrigues" <maurosr at linux.vnet.ibm.com>
wrote:
> +1.. make sense to me, I always thought that was weird hehe
> Say the word and we will remove it from v3.
>
> On 07/01/2013 01:02 PM, Russell Bryant wrote:
>
>> On 07/01/2013 11:47 AM, Jay Pipes wrote:
>>
>>> Recently a colleague asked me whether their key pair from one of our
>>> deployment zones would be usable in another deployment zone. His
>>> identity credentials are shared between the two zones (we use a shared
>>> identity database) and was wondering if the key pairs were also shared.
>>>
>>> I responded that no, they were not, because Nova, not Keystone, manages
>>> key pairs. But that got me thinking.... is it time to change this?
>>>
>>> Key pairs really are an element of identity/authentication, and not
>>> specific to OpenStack Compute. Has there been any talk of moving the key
>>> pair management API out of Nova and into Keystone?
>>>
>> I haven't heard any talk about it, but it does seem to make sense.
>>
>>
>
> ______________________________**_________________
> OpenStack-dev mailing list
> OpenStack-dev at lists.openstack.**org <OpenStack-dev at lists.openstack.org>
> http://lists.openstack.org/**cgi-bin/mailman/listinfo/**openstack-dev<http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20130701/99300a15/attachment.html>
More information about the OpenStack-dev
mailing list