[openstack-dev] [Neutron] Group Based Policy and the way forward
Kevin Benton
blak111 at gmail.com
Wed Aug 6 16:56:32 UTC 2014
It sounds to me like you are describing how a developer uses Keystone, not
a user. My reference to 'application deployer' was to someone trying to run
something like a mail server on an openstack cloud.
On Aug 6, 2014 7:07 AM, "Russell Bryant" <rbryant at redhat.com> wrote:
> On 08/05/2014 06:13 PM, Kevin Benton wrote:
> > That makes sense. It's not quite a fair analogy though to compare to
> > reintroducing projects or tenants because Keystone endpoints aren't
> > 'user-facing' so to speak. i.e. a regular user (application deployer,
> > instance operator, etc) should never have to see or understand the
> > purpose of a Keystone endpoint.
>
> An end user that is consuming any OpenStack API absolutely must
> understand endpoints in the service catalog. The entire purpose of the
> catalog is so that an application only needs to know the API endpoint to
> keystone and is then able to discover where the rest of the APIs are
> located. They are very much user facing, IMO.
>
> --
> Russell Bryant
>
> _______________________________________________
> OpenStack-dev mailing list
> OpenStack-dev at lists.openstack.org
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20140806/92fa53b8/attachment.html>
More information about the OpenStack-dev
mailing list