[openstack-dev] [security] Security PTG Planning, x-project request for topics.

Pino de Candia giuseppe.decandia at gmail.com
Fri Feb 9 23:51:46 UTC 2018


Hi Folks,

here are the slides for the Tatu presentation:
https://docs.google.com/presentation/d/1HI5RR3SNUu1If-A5Zi4EMvjl-3TKsBW20xEUyYHapfM

I meant to record the demo video as well but I haven't gotten around to
editing all the bits. Please stay tuned.

thanks,
Pino


On Tue, Feb 6, 2018 at 10:52 AM, Giuseppe de Candia <
giuseppe.decandia at gmail.com> wrote:

> Hi Luke,
>
> Fantastic! An hour would be great if the schedule allows - there are lots
> of different aspects we can dive into and potential future directions the
> project can take.
>
> thanks!
> Pino
>
>
>
> On Tue, Feb 6, 2018 at 10:36 AM, Luke Hinds <lhinds at redhat.com> wrote:
>
>>
>>
>> On Tue, Feb 6, 2018 at 4:21 PM, Giuseppe de Candia <
>> giuseppe.decandia at gmail.com> wrote:
>>
>>> Hi Folks,
>>>
>>> I know the request is very late, but I wasn't aware of this SIG until
>>> recently. Would it be possible to present a new project to the Security SIG
>>> at the PTG? I need about 30 minutes. I'm hoping to drum up interest in the
>>> project, sign on users and contributors and get feedback.
>>>
>>> For the past few months I have been working on a new project - Tatu [1]-
>>> to automate the management of SSH certificates (for both users and hosts)
>>> in OpenStack. Tatu allows users to generate SSH certificates with
>>> principals based on their Project role assignments, and VMs automatically
>>> set up their SSH host certificate (and related config) via Nova vendor
>>> data. The project also manages bastions and DNS entries so that users don't
>>> have to assign Floating IPs for SSH nor remember IP addresses.
>>>
>>> I have a working demo (including Horizon panels [2] and OpenStack CLI
>>> [3]), but am still working on the devstack script and patches [4] to get
>>> Tatu's repositories into OpenStack's GitHub and Gerrit. I'll try to post a
>>> demo video in the next few days.
>>>
>>> best regards,
>>> Pino
>>>
>>>
>>> References:
>>>
>>>    1. https://github.com/pinodeca/tatu (Please note this is still very
>>>    much a work in progress, lots of TODOs in the code, very little testing and
>>>    documentation doesn't reflect the latest design).
>>>    2. https://github.com/pinodeca/tatu-dashboard
>>>    3. https://github.com/pinodeca/python-tatuclient
>>>    4. https://review.openstack.org/#/q/tatu
>>>
>>>
>>>
>>>
>> Hi Giuseppe, of course you can! I will add you to the agenda. We could
>> get your an hour if it allows more time for presenting and post discussion?
>>
>> We will be meeting in an allocated room on Monday (details to follow).
>>
>> https://etherpad.openstack.org/p/security-ptg-rocky
>>
>> Luke
>>
>>
>>
>>
>>>
>>>
>>> On Wed, Jan 31, 2018 at 12:03 PM, Luke Hinds <lhinds at redhat.com> wrote:
>>>
>>>>
>>>> On Mon, Jan 29, 2018 at 2:29 PM, Adam Young <ayoung at redhat.com> wrote:
>>>>
>>>>> Bug 968696 and System Roles.   Needs to be addressed across the
>>>>> Service catalog.
>>>>>
>>>>
>>>> Thanks Adam, will add it to the list. I see it's been open since 2012!
>>>>
>>>>
>>>>>
>>>>> On Mon, Jan 29, 2018 at 7:38 AM, Luke Hinds <lhinds at redhat.com> wrote:
>>>>>
>>>>>> Just a reminder as we have not had many uptakes yet..
>>>>>>
>>>>>> Are there any projects (new and old) that would like to make use of
>>>>>> the security SIG for either gaining another perspective on security
>>>>>> challenges / blueprints etc or for help gaining some cross project
>>>>>> collaboration?
>>>>>>
>>>>>> On Thu, Jan 11, 2018 at 3:33 PM, Luke Hinds <lhinds at redhat.com>
>>>>>> wrote:
>>>>>>
>>>>>>> Hello All,
>>>>>>>
>>>>>>> I am seeking topics for the PTG from all projects, as this will be
>>>>>>> where we try out are new form of being a SIG.
>>>>>>>
>>>>>>> For this PTG, we hope to facilitate more cross project collaboration
>>>>>>> topics now that we are a SIG, so if your project has a security need /
>>>>>>> problem / proposal than please do use the security SIG room where a larger
>>>>>>> audience may be present to help solve problems and gain x-project consensus.
>>>>>>>
>>>>>>> Please see our PTG planning pad [0] where I encourage you to add to
>>>>>>> the topics.
>>>>>>>
>>>>>>> [0] https://etherpad.openstack.org/p/security-ptg-rocky
>>>>>>>
>>>>>>> --
>>>>>>> Luke Hinds
>>>>>>> Security Project PTL
>>>>>>>
>>>>>>
>>>>>>
>>>>>> ____________________________________________________________
>>>>>> ______________
>>>>>> OpenStack Development Mailing List (not for usage questions)
>>>>>> Unsubscribe: OpenStack-dev-request at lists.op
>>>>>> enstack.org?subject:unsubscribe
>>>>>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
>>>>>>
>>>>>>
>>>>>
>>>>> ____________________________________________________________
>>>>> ______________
>>>>> OpenStack Development Mailing List (not for usage questions)
>>>>> Unsubscribe: OpenStack-dev-request at lists.op
>>>>> enstack.org?subject:unsubscribe
>>>>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
>>>>>
>>>>>
>>>>
>>>>
>>>> --
>>>> Luke Hinds | NFV Partner Engineering | CTO Office | Red Hat
>>>> e: lhinds at redhat.com | irc: lhinds @freenode | t: +44 12 52 36 2483
>>>>
>>>> ____________________________________________________________
>>>> ______________
>>>> OpenStack Development Mailing List (not for usage questions)
>>>> Unsubscribe: OpenStack-dev-request at lists.op
>>>> enstack.org?subject:unsubscribe
>>>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
>>>>
>>>>
>>>
>>> ____________________________________________________________
>>> ______________
>>> OpenStack Development Mailing List (not for usage questions)
>>> Unsubscribe: OpenStack-dev-request at lists.op
>>> enstack.org?subject:unsubscribe
>>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
>>>
>>>
>>
>>
>> --
>> Luke Hinds | NFV Partner Engineering | CTO Office | Red Hat
>> e: lhinds at redhat.com | irc: lhinds @freenode | t: +44 12 52 36 2483
>>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20180209/0f204825/attachment.html>


More information about the OpenStack-dev mailing list