[Openstack-operators] Ops Keystone / Federation Session
Adam Young
ayoung at redhat.com
Tue May 26 02:13:04 UTC 2015
On 05/23/2015 02:50 PM, Tim Bell wrote:
> Joe,
>
> Thanks for the notes.
>
> We had a productive discussion with the Glance folk on how to share
> images across clouds
> (https://libertydesignsummit.sched.org/event/6b4a5dbd177cde2aad7a9927a82534d0#.VWDLPpOqqko)
> and we’ll be working on that spec.
>
> We also had some forward looking discussions with the Keystone team on
> how to manage multi-cloud nested projects.
>
> As joe said, Federated identity is needed but giving users a
> transparent exprience will take much, much more.
>
> Are there blueprints created for this gap ?
I don't think so, as they really are cross-project blueprints.
I was thinking that there needs to be an owner, and the down in the big
tent is something like this:
Ceilometer is responsible for responding to events and kicking off workflows
Mistral is responsible for defining workflows.
While neither should be essential, or required, we should have a
big-tent-only solution that people can use for reference.
Keysteon can provide the "user first seen" event
We need a time out for "user not seen since X" to archive their work
We then need a "Delete all resources" at a later date.
If a project is deliberately deleted, we need to catch and clean up
those events as well.
I suspect if we documented that much, we'd get most of the way home.
>
> Tim
>
> From: joe <joe at topjian.net <mailto:joe at topjian.net>>
> Date: Friday 22 May 2015 23:26
> To: openstack-operators <openstack-operators at lists.openstack.org
> <mailto:openstack-operators at lists.openstack.org>>
> Subject: [Openstack-operators] Ops Keystone / Federation Session
>
> Hello,
>
> Better late than never, here's a summary of the Ops Keystone /
> Federation Session from this past Tuesday:
>
> First, I want to thank everyone from the Keystone team for attending
> the session -- it was very cool to have you guys on-hand to directly
> answer questions and give input and insight into the various items
> being discussed.
>
> This was the first time we had a discussion session dedicated to this
> topic and we could have easily spent entire sessions on each of the
> main items listed in the Etherpad
> <https://etherpad.openstack.org/p/YVR-ops-federation>. I think that
> shows there's a lot to be discussed with regard to federated clouds.
>
> The biggest discussion item to come out of the session was that a
> federated cloud means so much more than just "Keystone". Allocating,
> restricting, automatic provisioning, reporting, and cleanup of any
> type of OpenStack-enabled resource in a federated cloud are all areas
> Operators are interested in learning about, but those areas are either
> not well defined (perhaps because what works for one federation won't
> work for another), are not possible to do yet, or are possible but
> Operators aren't sure how to implement them.
>
> I encourage operators who are interested in this area to keep the
> discussion going on this list by sharing your questions, concerns, and
> trials. As well, I hope to see this topic in future Ops meetups and
> tracks as a more formal way to touch base on this area.
>
> Etherpad: https://etherpad.openstack.org/p/YVR-ops-federation
>
> Thanks,
> Joe
>
>
> _______________________________________________
> OpenStack-operators mailing list
> OpenStack-operators at lists.openstack.org
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-operators/attachments/20150525/905edbf4/attachment.html>
More information about the OpenStack-operators
mailing list