[openstack-dev] [security] Security PTG Planning, x-project request for topics.

Luke Hinds lhinds at redhat.com
Tue Feb 6 16:36:57 UTC 2018 

On Tue, Feb 6, 2018 at 4:21 PM, Giuseppe de Candia <
giuseppe.decandia at gmail.com> wrote:

> Hi Folks,
>
> I know the request is very late, but I wasn't aware of this SIG until
> recently. Would it be possible to present a new project to the Security SIG
> at the PTG? I need about 30 minutes. I'm hoping to drum up interest in the
> project, sign on users and contributors and get feedback.
>
> For the past few months I have been working on a new project - Tatu [1]-
> to automate the management of SSH certificates (for both users and hosts)
> in OpenStack. Tatu allows users to generate SSH certificates with
> principals based on their Project role assignments, and VMs automatically
> set up their SSH host certificate (and related config) via Nova vendor
> data. The project also manages bastions and DNS entries so that users don't
> have to assign Floating IPs for SSH nor remember IP addresses.
>
> I have a working demo (including Horizon panels [2] and OpenStack CLI
> [3]), but am still working on the devstack script and patches [4] to get
> Tatu's repositories into OpenStack's GitHub and Gerrit. I'll try to post a
> demo video in the next few days.
>
> best regards,
> Pino
>
>
> References:
>
>    1. https://github.com/pinodeca/tatu (Please note this is still very
>    much a work in progress, lots of TODOs in the code, very little testing and
>    documentation doesn't reflect the latest design).
>    2. https://github.com/pinodeca/tatu-dashboard
>    3. https://github.com/pinodeca/python-tatuclient
>    4. https://review.openstack.org/#/q/tatu
>
>
>
>
Hi Giuseppe, of course you can! I will add you to the agenda. We could get
your an hour if it allows more time for presenting and post discussion?

We will be meeting in an allocated room on Monday (details to follow).

https://etherpad.openstack.org/p/security-ptg-rocky

Luke




>
>
> On Wed, Jan 31, 2018 at 12:03 PM, Luke Hinds <lhinds at redhat.com> wrote:
>
>>
>> On Mon, Jan 29, 2018 at 2:29 PM, Adam Young <ayoung at redhat.com> wrote:
>>
>>> Bug 968696 and System Roles.   Needs to be addressed across the Service
>>> catalog.
>>>
>>
>> Thanks Adam, will add it to the list. I see it's been open since 2012!
>>
>>
>>>
>>> On Mon, Jan 29, 2018 at 7:38 AM, Luke Hinds <lhinds at redhat.com> wrote:
>>>
>>>> Just a reminder as we have not had many uptakes yet..
>>>>
>>>> Are there any projects (new and old) that would like to make use of the
>>>> security SIG for either gaining another perspective on security challenges
>>>> / blueprints etc or for help gaining some cross project collaboration?
>>>>
>>>> On Thu, Jan 11, 2018 at 3:33 PM, Luke Hinds <lhinds at redhat.com> wrote:
>>>>
>>>>> Hello All,
>>>>>
>>>>> I am seeking topics for the PTG from all projects, as this will be
>>>>> where we try out are new form of being a SIG.
>>>>>
>>>>> For this PTG, we hope to facilitate more cross project collaboration
>>>>> topics now that we are a SIG, so if your project has a security need /
>>>>> problem / proposal than please do use the security SIG room where a larger
>>>>> audience may be present to help solve problems and gain x-project consensus.
>>>>>
>>>>> Please see our PTG planning pad [0] where I encourage you to add to
>>>>> the topics.
>>>>>
>>>>> [0] https://etherpad.openstack.org/p/security-ptg-rocky
>>>>>
>>>>> --
>>>>> Luke Hinds
>>>>> Security Project PTL
>>>>>
>>>>
>>>>
>>>> ____________________________________________________________
>>>> ______________
>>>> OpenStack Development Mailing List (not for usage questions)
>>>> Unsubscribe: OpenStack-dev-request at lists.op
>>>> enstack.org?subject:unsubscribe
>>>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
>>>>
>>>>
>>>
>>> ____________________________________________________________
>>> ______________
>>> OpenStack Development Mailing List (not for usage questions)
>>> Unsubscribe: OpenStack-dev-request at lists.op
>>> enstack.org?subject:unsubscribe
>>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
>>>
>>>
>>
>>
>> --
>> Luke Hinds | NFV Partner Engineering | CTO Office | Red Hat
>> e: lhinds at redhat.com | irc: lhinds @freenode | t: +44 12 52 36 2483
>>
>> ____________________________________________________________
>> ______________
>> OpenStack Development Mailing List (not for usage questions)
>> Unsubscribe: OpenStack-dev-request at lists.openstack.org?subject:unsubscrib
>> e
>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
>>
>>
>
> __________________________________________________________________________
> OpenStack Development Mailing List (not for usage questions)
> Unsubscribe: OpenStack-dev-request at lists.openstack.org?subject:unsubscribe
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
>
>


-- 
Luke Hinds | NFV Partner Engineering | CTO Office | Red Hat
e: lhinds at redhat.com | irc: lhinds @freenode | t: +44 12 52 36 2483
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20180206/ef144c71/attachment.html>

More information about the OpenStack-dev mailing list