[openstack-dev] [Nova] bp proposal: discovery of peer instances through metadata service
Justin Santa Barbara
justin at fathomdb.com
Thu Feb 6 00:23:09 UTC 2014
Russell Bryant wrote:
> I'm saying use messaging as the means to implement discovery.
OK. Sorry that I didn't get this before.
>> 1) Marconi isn't widely deployed
>
> Yet.
>
> I think we need to look to the future and decide on the right solution
> to the problem.
Agreed 100%. I actually believe this _is_ the correct long-term
solution. The fact that it doesn't depend on long-term roadmaps for
other projects is merely a nice bonus.
>> 2) There is no easy way for a node to discover Marconi, even if it was deployed.
>
> That's what the Keystone service catalog is for.
Agreed. But, as far as I know, we have not defined how an instance
reaches the Keystone service catalog. Probably, we would need to
expose the Keystone endpoint in the metadata. (And, yes, we should do
that too, but it doesn't really matter until we solve #3...)
>> 3) There is no easy way for a node to authenticate to Marconi, even if
>> we could discover it
>
> huh?
>
> The whole point of Marconi is to allow instances to have a messaging
> service available to them to use. Of course they can auth to it.
As far as I know, we haven't defined any way for an instance to get
credentials to use. The only approach that I know of is that the
end-user puts their credentials into the metadata. But we don't have
particularly fine-grained roles, so I can't see anyone wanting that in
production!
>> I absolutely think we should fix each of those obstacles, and I'm sure
>> we will eventually. But in the meantime, let's get this into
>> Icehouse!
>
> NACK.
Well there's no need to shout :-)
I understand the idea that everything in OpenStack should work
together: I am a big proponent of it. However, this blueprint is a
nice self-contained solution that solves a real problem today. The
alternative Marconi-based approach is not only years away from
public-cloud deployment, but will be more complicated for the end
user. Have you ever tried defining IAM roles on EC2? - yuk!
Even once we reach the happy day where we have Marconi everywhere,
pub-sub queues, IAM, Instance Roles, and Keystone auto-discovery; even
then end-users would still prefer the "it just works" result this
blueprint will provide. As such we're not duplicating functionality,
and we could have discovery in June, not in Juno (or - realistically -
M).
So: Is this a permanent no, or just a not-in-Icehouse no?
Justin
More information about the OpenStack-dev
mailing list