[openstack-dev] [Keystone] Announcing Keystone Middleware Project

Morgan Fainberg morgan.fainberg at gmail.com
Tue Jun 24 23:24:46 UTC 2014


The Keystone team would like to announce the official split of python-keystoneclient and the Keystone middleware code.
Over time the middleware (auth_token, s3_token, ec2_token) has developed into a fairly expansive code base and
includes dependencies that are not necessarily appropriate for the python-keystoneclient library and CLI tools. Combined
with the desire to be able to release updates of the middleware code without requiring an update of the CLI and
 python-keystoneclient library itself, we have opted to split the packaging of the middleware.

Launchpad Project (bug/bp tracker): https://launchpad.net/keystonemiddleware
Repository: git://git.openstack.org/openstack/keystonemiddleware
Repository (Browsable): https://git.openstack.org/cgit/openstack/keystonemiddleware
PyPI location: https://pypi.python.org/pypi/keystonemiddleware
Open Reviews in Gerrit: https://review.openstack.org/#/q/status:open+project:openstack/keystonemiddleware,n,z

Detailed information on the approved specification for this split: https://review.openstack.org/#/c/95987/

Middleware code that has been included in the new repository:
    * auth_token middleware
    * ec2_token middleware
    * s3_token middleware
    * memcache_crypt (utility code)

Impact for deployers:
    * New keystonemiddleware package will need to be installed (once released)
    * Paste pipelines will need to be updated to reference the keystonemiddleware package instead of keystoneclient

Impact for Projects and Infra:
    * Keystonemiddleware is in process of being added to devstack and devstack-gate
    * Global requirements update (once the 1.0.0 release occurs) will be updated to include keystonemiddleware
    * Updates to the example paste pipelines to reference the new keystonemiddleware package will be proposed

Impact for packagers (once released):
    * Keystonemiddleware will need to be packaged and made available via your distribution's repositories (apt, yum, etc)

For the time being, we will be maintaining the current state of the middleware in the python-keystoneclient library. This
will allow for a transition period and ensure that production deployments relying on the current location of the
middleware will continue to work. However, the code located in the keystoneclient.middleware module will 
only receive security related fixes going forward. All new code development should be proposed to the new
keystonemiddleware repository. 

We are targeting a 1.0.0 (stable) release of the new keystonemiddleware in the near term. The Keystone team will work with
the OpenStack projects that consume Keystone middlewares to convert over to the new keystonemiddleware package.

Feel free to join us in #openstack-keystone (on Freenode) to discuss the middleware, these changes, or any other
OpenStack Identity related topics.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20140624/b11d74b8/attachment.html>


More information about the OpenStack-dev mailing list