[openstack-dev] [all] [barbican] [security] Why are projects trying to avoid Barbican, still?
Jay Pipes
jaypipes at gmail.com
Mon Jan 16 21:57:48 UTC 2017
On 01/16/2017 04:09 PM, Fox, Kevin M wrote:
> If the developers that had issue with the lack of functionality,
> contributed to Barbican rather then go off on their own, the problem
> would have been solved much more quickly. The lack of sharing means
> the problems don't get fixed as fast.
Agreed completely.
> As for operators, If the more common projects all started depending
> on it, it would be commonly deployed.
Also agreed.
> Would the operators deploy Barbican just for Magnum? maybe not. maybe
> so. For Magnum, Ironic, and Sahara, more likely . Would they deploy
> it if Neutron and Keystone depended on it, yeah. they would. And then
> all the other projects would benefit from it being there, such as
> Magnum.
Totally agreed.
> The sooner OpenStack as a whole can decide on some new core
> components so that projects can start hard depending on them, the
> better I think. That process kind of stopped with the arrival of the
> big tent.
You are using a false equivalence again.
As I've mentioned numerous times before on the mailing list, the Big
Tent was NOT either of these things:
* Expanding what the "core components" of OpenStack
* Expanding the mission or scope of OpenStack
What the Big Tent -- technically "Project Structure Reform" -- was about
was actually the following:
* No longer having a formal incubation and graduation period/review for
applying projects
* Having a single, objective list of requirements and responsibilities
for inclusion into the OpenStack development community
* Specifically allowing competition of different source projects in the
same "space" (e.g. deployment or metrics)
What you are complaining about (rightly IMHO) regarding OpenStack
project contributors not contributing missing functionality to Barbican
has absolutely nothing to do with the Big Tent:
There's no competing secret storage project in OpenStack other than
Barbican/Castellan.
Furthermore, this behaviour of projects choosing to DIY/NIH something
that existed in other projects was around long before the advent of the
Big Tent. In fact, in this specific case, the Magnum team knew about
Barbican, previously depended on it, and chose to make Barbican an
option not because Barbican wasn't OpenStack -- it absolutely WAS -- but
because it wasn't commonly deployed, which limited their own adoption.
What you are asking for, Kevin, is a single opinionated and consolidated
OpenStack deployment; a single OpenStack "product" if you will. This is
a perfectly valid request. However it has nothing to do with the Big
Tent governance reform.
Best,
-jay
More information about the OpenStack-dev
mailing list