[openstack-dev] Fwd: FW: [Neutron] Group Based Policy and the way forward
blak111 at gmail.com
Fri Aug 8 21:55:55 UTC 2014
>This is the statement that makes me trip over,
I don't know what that means. Does it mean that you are so incredibly
shocked by the stupidity of that statement that you fall down? Or does it
mean something else?
>Policy decision points can be decentralized from the system under scrutiny,
Unfortunately they can't in this case where some policy needs to be
enforced between plugins. If we could refactor the communication between
service and core plugins to use the API as well, then we probably could
build this as a middleware.
On Fri, Aug 8, 2014 at 1:45 PM, Armando M. <armamig at gmail.com> wrote:
> On 8 August 2014 10:56, Kevin Benton <blak111 at gmail.com> wrote:
>> There is an enforcement component to the group policy that allows you to
>> use the current APIs and it's the reason that group policy is integrated
>> into the neutron project. If someone uses the current APIs, the group
>> policy plugin will make sure they don't violate any policy constraints
>> before passing the request into the regular core/service plugins.
> This is the statement that makes me trip over, and I don't understand why
> GBP and Neutron Core need to be 'integrated' together as they have. Policy
> decision points can be decentralized from the system under scrutiny, we
> don't need to have one giant monolithic system that does everything; it's
> an architectural decision that would make difficult to achieve
> composability and all the other good -ilities of software systems.
> OpenStack-dev mailing list
> OpenStack-dev at lists.openstack.org
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the OpenStack-dev