Open Stack

This came up in the operators mailing list back in June [1] but given 
the subject probably didn't get much attention.

Basically there is a really old bug [2] from Grizzly that is still a 
problem and affects multiple projects.  A tenant can be deleted in 
Keystone even though other resources in other projects are under that 
project, and those resources aren't cleaned up.

Keystone implemented event notifications back in Havana [3] but the 
other projects aren't listening on them to know when a project has been 
deleted and act accordingly.

The bug has several people saying "we should talk about this at the 
summit" for several summits, but I can't find any discussion or summit 
sessions related back to the bug.

Given this is an operations and cross-project issue, I'd like to bring 
it up again for the Vancouver summit if there is still interest (which 
I'm assuming there is from operators).

There is a blueprint specifically for the tenant deletion case but it's 
targeted at only Horizon [4].

Is anyone still working on this? Is there sufficient interest in a 
cross-project session at the L summit?

Thinking out loud, even if nova doesn't listen to events from keystone, 
we could at least have a periodic task that looks for instances where 
the tenant no longer exists in keystone and then take some action (log a 
warning, shutdown/archive/, reap, etc).

There is also a spec for L to transfer instance ownership [5] which 
could maybe come into play, but I wouldn't depend on it.

[1] 
http://lists.openstack.org/pipermail/openstack-operators/2014-June/004559.html
[2] https://bugs.launchpad.net/nova/+bug/967832
[3] https://blueprints.launchpad.net/keystone/+spec/notifications
[4] https://blueprints.launchpad.net/horizon/+spec/tenant-deletion
[5] https://review.openstack.org/#/c/105367/

-- 

Thanks,

Matt Riedemann