[openstack-dev] [Neutron] - what integration with Keystone is allowed?
Dolph Mathews
dolph.mathews at gmail.com
Sun Sep 21 19:14:43 UTC 2014
Querying keystone for tenant names is certainly fair game.
Keystone should be considered the only source of truth for tenant names
though, as they are mutable and not globally unique on their own, so other
services should not stash any names from keystone into long term
persistence (users, projects, domains, groups, etc-- roles might be an odd
outlier worth a separate conversation if anyone is interested).
Store IDs where necessary, and use IDs on the wire where possible though,
as they are immutable.
On Sat, Sep 20, 2014 at 7:46 PM, Kevin Benton <blak111 at gmail.com> wrote:
> Hello all,
>
> A patch has come up to query keystone for tenant names in the IBM
> plugin.[1] As I understand it, this was one of the reasons another
> mechanism driver was reverted.[2] Can we get some clarity on the level
> of integration with Keystone that is permitted?
>
> Thanks
>
> 1. https://review.openstack.org/#/c/122382
> 2. https://review.openstack.org/#/c/118456
>
> --
> Kevin Benton
>
> _______________________________________________
> OpenStack-dev mailing list
> OpenStack-dev at lists.openstack.org
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20140921/ae8749f8/attachment.html>
More information about the OpenStack-dev
mailing list