[openstack-dev] Fwd: FW: [Neutron] Group Based Policy and the way forward

Armando M. armamig at gmail.com
Sat Aug 9 02:13:37 UTC 2014

> On Fri, Aug 8, 2014 at 5:38 PM, Armando M. <armamig at gmail.com> wrote:
>>>   One advantage of the service plugin is that one can leverage the
>>> neutron common framework such as Keystone authentication where common
>>> scoping is done. It would be important in the policy type of framework to
>>> have such scoping
>> The framework you're referring to is common and already reusable, it's
>> not a prerogative of Neutron.
>  Are you suggesting that Service Plugins, L3, IPAM etc become individual
> endpoints, resulting in redundant authentication round-trips for each of
> the components.
> Wouldn't this result in degraded performance and potential consistency
> issues?

The endpoint - in the OpenStack lingo - that exposes the API abstractions
(concepts and operations) can be, logically and physically, different from
the worker that implements these abstractions; authentication is orthogonal
to this and I am not suggesting what you mention.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20140808/6514029e/attachment.html>

More information about the OpenStack-dev mailing list