Hi Folks, We’ve discussed a lot in the last Summit about the Reseller use case. OpenStack needs to grow support for hierarchical ownership of objects.This enables the management of subsets of users and projects in a way that is much more comfortable for private clouds, besides giving to public cloud providers the option of reselling a piece of their cloud. More detailed information can be found in the spec for this change at: https://review.openstack.org/#/c/139824 The current code change for this is split into 8 patches (to make it easier to review). We currently have 7 patches in code review and we are finishing the last one. Here is the workflow of our patches: 1- Adding a field to enable the possibility to have a project with the domain "feature": https://review.openstack.org/#/c/157427/ 2- Change some constraints and create some options to list projects (for is_domain flag, for parent_id): https://review.openstack.org/#/c/159944/ https://review.openstack.org/#/c/158398/ https://review.openstack.org/#/c/161378/ https://review.openstack.org/#/c/158372/ 3- Reflect domain operations to project table, mapping domains to projects that have the is_domain attribute set to True. In addition, it changes the read operations to use only the project table. Then, we will drop the Domain Table. https://review.openstack.org/#/c/143763/ https://review.openstack.org/#/c/161854/ (Only patch with work in progress) 4- Finally, the inherited role will not be applied to a subdomain and its sub hierarchy. https://review.openstack.org/#/c/164180/ Since we have the implementation almost completed, waiting for code review, I am requesting an FFE to enable the implementation of this last patch and work to have this implementation merged in Kilo. Raildo -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20150317/5cd77759/attachment.html>