[openstack-dev] Fwd: FW: [Neutron] Group Based Policy and the way forward
Armando M.
armamig at gmail.com
Sat Aug 9 02:13:37 UTC 2014
>
>
> On Fri, Aug 8, 2014 at 5:38 PM, Armando M. <armamig at gmail.com> wrote:
>
>>
>>
>>> One advantage of the service plugin is that one can leverage the
>>> neutron common framework such as Keystone authentication where common
>>> scoping is done. It would be important in the policy type of framework to
>>> have such scoping
>>>
>>
>> The framework you're referring to is common and already reusable, it's
>> not a prerogative of Neutron.
>>
>
> Are you suggesting that Service Plugins, L3, IPAM etc become individual
> endpoints, resulting in redundant authentication round-trips for each of
> the components.
>
> Wouldn't this result in degraded performance and potential consistency
> issues?
>
The endpoint - in the OpenStack lingo - that exposes the API abstractions
(concepts and operations) can be, logically and physically, different from
the worker that implements these abstractions; authentication is orthogonal
to this and I am not suggesting what you mention.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20140808/6514029e/attachment.html>
More information about the OpenStack-dev
mailing list