[openstack-dev] [security] Security PTG Planning, x-project request for topics.

Luke Hinds lhinds at redhat.com
Mon Feb 12 08:45:32 UTC 2018


On Sun, Feb 11, 2018 at 4:01 PM, Pino de Candia <giuseppe.decandia at gmail.com
> wrote:

> I uploaded the demo video (https://youtu.be/y6ICCPO08d8) and linked it
> from the slides.
>

Thanks Pino , i added these to the agenda:

https://etherpad.openstack.org/p/security-ptg-rocky

Please let me know before the PTG, if it will be your colleague or if we
need to find a projector to conference you in.


> On Fri, Feb 9, 2018 at 5:51 PM, Pino de Candia <
> giuseppe.decandia at gmail.com> wrote:
>
>> Hi Folks,
>>
>> here are the slides for the Tatu presentation: https://docs.goo
>> gle.com/presentation/d/1HI5RR3SNUu1If-A5Zi4EMvjl-3TKsBW20xEUyYHapfM
>>
>> I meant to record the demo video as well but I haven't gotten around to
>> editing all the bits. Please stay tuned.
>>
>> thanks,
>> Pino
>>
>>
>> On Tue, Feb 6, 2018 at 10:52 AM, Giuseppe de Candia <
>> giuseppe.decandia at gmail.com> wrote:
>>
>>> Hi Luke,
>>>
>>> Fantastic! An hour would be great if the schedule allows - there are
>>> lots of different aspects we can dive into and potential future directions
>>> the project can take.
>>>
>>> thanks!
>>> Pino
>>>
>>>
>>>
>>> On Tue, Feb 6, 2018 at 10:36 AM, Luke Hinds <lhinds at redhat.com> wrote:
>>>
>>>>
>>>>
>>>> On Tue, Feb 6, 2018 at 4:21 PM, Giuseppe de Candia <
>>>> giuseppe.decandia at gmail.com> wrote:
>>>>
>>>>> Hi Folks,
>>>>>
>>>>> I know the request is very late, but I wasn't aware of this SIG until
>>>>> recently. Would it be possible to present a new project to the Security SIG
>>>>> at the PTG? I need about 30 minutes. I'm hoping to drum up interest in the
>>>>> project, sign on users and contributors and get feedback.
>>>>>
>>>>> For the past few months I have been working on a new project - Tatu
>>>>> [1]- to automate the management of SSH certificates (for both users and
>>>>> hosts) in OpenStack. Tatu allows users to generate SSH certificates with
>>>>> principals based on their Project role assignments, and VMs automatically
>>>>> set up their SSH host certificate (and related config) via Nova vendor
>>>>> data. The project also manages bastions and DNS entries so that users don't
>>>>> have to assign Floating IPs for SSH nor remember IP addresses.
>>>>>
>>>>> I have a working demo (including Horizon panels [2] and OpenStack CLI
>>>>> [3]), but am still working on the devstack script and patches [4] to get
>>>>> Tatu's repositories into OpenStack's GitHub and Gerrit. I'll try to post a
>>>>> demo video in the next few days.
>>>>>
>>>>> best regards,
>>>>> Pino
>>>>>
>>>>>
>>>>> References:
>>>>>
>>>>>    1. https://github.com/pinodeca/tatu (Please note this is still
>>>>>    very much a work in progress, lots of TODOs in the code, very little
>>>>>    testing and documentation doesn't reflect the latest design).
>>>>>    2. https://github.com/pinodeca/tatu-dashboard
>>>>>    3. https://github.com/pinodeca/python-tatuclient
>>>>>    4. https://review.openstack.org/#/q/tatu
>>>>>
>>>>>
>>>>>
>>>>>
>>>> Hi Giuseppe, of course you can! I will add you to the agenda. We could
>>>> get your an hour if it allows more time for presenting and post discussion?
>>>>
>>>> We will be meeting in an allocated room on Monday (details to follow).
>>>>
>>>> https://etherpad.openstack.org/p/security-ptg-rocky
>>>>
>>>> Luke
>>>>
>>>>
>>>>
>>>>
>>>>>
>>>>>
>>>>> On Wed, Jan 31, 2018 at 12:03 PM, Luke Hinds <lhinds at redhat.com>
>>>>> wrote:
>>>>>
>>>>>>
>>>>>> On Mon, Jan 29, 2018 at 2:29 PM, Adam Young <ayoung at redhat.com>
>>>>>> wrote:
>>>>>>
>>>>>>> Bug 968696 and System Roles.   Needs to be addressed across the
>>>>>>> Service catalog.
>>>>>>>
>>>>>>
>>>>>> Thanks Adam, will add it to the list. I see it's been open since 2012!
>>>>>>
>>>>>>
>>>>>>>
>>>>>>> On Mon, Jan 29, 2018 at 7:38 AM, Luke Hinds <lhinds at redhat.com>
>>>>>>> wrote:
>>>>>>>
>>>>>>>> Just a reminder as we have not had many uptakes yet..
>>>>>>>>
>>>>>>>> Are there any projects (new and old) that would like to make use of
>>>>>>>> the security SIG for either gaining another perspective on security
>>>>>>>> challenges / blueprints etc or for help gaining some cross project
>>>>>>>> collaboration?
>>>>>>>>
>>>>>>>> On Thu, Jan 11, 2018 at 3:33 PM, Luke Hinds <lhinds at redhat.com>
>>>>>>>> wrote:
>>>>>>>>
>>>>>>>>> Hello All,
>>>>>>>>>
>>>>>>>>> I am seeking topics for the PTG from all projects, as this will be
>>>>>>>>> where we try out are new form of being a SIG.
>>>>>>>>>
>>>>>>>>> For this PTG, we hope to facilitate more cross project
>>>>>>>>> collaboration topics now that we are a SIG, so if your project has a
>>>>>>>>> security need / problem / proposal than please do use the security SIG room
>>>>>>>>> where a larger audience may be present to help solve problems and gain
>>>>>>>>> x-project consensus.
>>>>>>>>>
>>>>>>>>> Please see our PTG planning pad [0] where I encourage you to add
>>>>>>>>> to the topics.
>>>>>>>>>
>>>>>>>>> [0] https://etherpad.openstack.org/p/security-ptg-rocky
>>>>>>>>>
>>>>>>>>> --
>>>>>>>>> Luke Hinds
>>>>>>>>> Security Project PTL
>>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> ____________________________________________________________
>>>>>>>> ______________
>>>>>>>> OpenStack Development Mailing List (not for usage questions)
>>>>>>>> Unsubscribe: OpenStack-dev-request at lists.op
>>>>>>>> enstack.org?subject:unsubscribe
>>>>>>>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
>>>>>>>>
>>>>>>>>
>>>>>>>
>>>>>>> ____________________________________________________________
>>>>>>> ______________
>>>>>>> OpenStack Development Mailing List (not for usage questions)
>>>>>>> Unsubscribe: OpenStack-dev-request at lists.op
>>>>>>> enstack.org?subject:unsubscribe
>>>>>>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
>>>>>>>
>>>>>>>
>>>>>>
>>>>>>
>>>>>> --
>>>>>> Luke Hinds | NFV Partner Engineering | CTO Office | Red Hat
>>>>>> e: lhinds at redhat.com | irc: lhinds @freenode | t: +44 12 52 36 2483
>>>>>>
>>>>>> ____________________________________________________________
>>>>>> ______________
>>>>>> OpenStack Development Mailing List (not for usage questions)
>>>>>> Unsubscribe: OpenStack-dev-request at lists.op
>>>>>> enstack.org?subject:unsubscribe
>>>>>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
>>>>>>
>>>>>>
>>>>>
>>>>> ____________________________________________________________
>>>>> ______________
>>>>> OpenStack Development Mailing List (not for usage questions)
>>>>> Unsubscribe: OpenStack-dev-request at lists.op
>>>>> enstack.org?subject:unsubscribe
>>>>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
>>>>>
>>>>>
>>>>
>>>>
>>>> --
>>>> Luke Hinds | NFV Partner Engineering | CTO Office | Red Hat
>>>> e: lhinds at redhat.com | irc: lhinds @freenode | t: +44 12 52 36 2483
>>>>
>>>
>>>
>>
>


-- 
Luke Hinds | NFV Partner Engineering | CTO Office | Red Hat
e: lhinds at redhat.com | irc: lhinds @freenode | t: +44 12 52 36 2483
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20180212/f34eef84/attachment.html>


More information about the OpenStack-dev mailing list