Open Stack

Dims,
There is a similar prototype  https://review.openstack.org/#/c/237521/. 
Our idea is to provide a more generic one instead of Fortress. 
Ruan


-----Original Message-----
From: Davanum Srinivas [mailto:davanum at gmail.com] 
Sent: jeudi 10 août 2017 16:32
To: OpenStack Development Mailing List (not for usage questions)
Cc: DUVAL Thomas OBS/OAB
Subject: Re: [openstack-dev] [openstack][oslo.policy] A new Keystone-Oslo hook for external PDP

Ruan,

Have you prototyped to see if you have all the information you need is available in the context (or can be gathered from Nova)?
( quickly check what the existing HttpCheck mechanism sends over the wire )

Thanks,
Dims

On Thu, Aug 10, 2017 at 10:17 AM,  <ruan.he at orange.com> wrote:
> Hello,
>
> We would like to have an external and centralized security policy 
> engine
> (PDP) that can pilot both OpenStack and SDN controllers. For this 
> reason, we have developed and upstreamed a hook for the new 
> OpenDaylight release Carbon 
> (https://git.opendaylight.org/gerrit/#/c/46146/), and we’d like to develop a similar hook for the OpenStack/Oslo-policy.
>
>
>
> A blueprint was submitted to
> https://blueprints.launchpad.net/pbr/+spec/external-pdp-for-oslo-polic
> y, and the spec is submitted to https://review.openstack.org/#/c/492543/.
>
> We hope that this topic can be discussed in the next oslo meeting.
>
> Thank you,
>
> Ruan HE
>
>
>
> ______________________________________________________________________
> ___________________________________________________
>
> Ce message et ses pieces jointes peuvent contenir des informations 
> confidentielles ou privilegiees et ne doivent donc pas etre diffuses, 
> exploites ou copies sans autorisation. Si vous avez recu ce message 
> par erreur, veuillez le signaler a l'expediteur et le detruire ainsi 
> que les pieces jointes. Les messages electroniques etant susceptibles 
> d'alteration, Orange decline toute responsabilite si ce message a ete 
> altere, deforme ou falsifie. Merci.
>
> This message and its attachments may contain confidential or 
> privileged information that may be protected by law; they should not 
> be distributed, used or copied without authorisation.
> If you have received this email in error, please notify the sender and 
> delete this message and its attachments.
> As emails may be altered, Orange is not liable for messages that have 
> been modified, changed or falsified.
> Thank you.
>
>
> ______________________________________________________________________
> ____ OpenStack Development Mailing List (not for usage questions)
> Unsubscribe: 
> OpenStack-dev-request at lists.openstack.org?subject:unsubscribe
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
>



--
Davanum Srinivas :: https://twitter.com/dims

__________________________________________________________________________
OpenStack Development Mailing List (not for usage questions)
Unsubscribe: OpenStack-dev-request at lists.openstack.org?subject:unsubscribe
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev

_________________________________________________________________________________________________________________________

Ce message et ses pieces jointes peuvent contenir des informations confidentielles ou privilegiees et ne doivent donc
pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu ce message par erreur, veuillez le signaler
a l'expediteur et le detruire ainsi que les pieces jointes. Les messages electroniques etant susceptibles d'alteration,
Orange decline toute responsabilite si ce message a ete altere, deforme ou falsifie. Merci.

This message and its attachments may contain confidential or privileged information that may be protected by law;
they should not be distributed, used or copied without authorisation.
If you have received this email in error, please notify the sender and delete this message and its attachments.
As emails may be altered, Orange is not liable for messages that have been modified, changed or falsified.
Thank you.