← Back to team overview

openstack team mailing list archive

Re: Project Alignment

 

On May 16, 2011, at 12:33 PM, Dave Walker wrote:
> Hi Vish,
> 
> This is really useful to know, thank you for the highlevel outline.
> 
> I didn't quite understand the "Consistent Auth", and what it means for ec2 api for the Diablo release.  Would you be able to confirm the extent / roadmap of the ec2 api breakage expected?  Are you expecting the base ec2 api functionality to be near stable throughout the transition, or are you expecting large breakage?

If you will be tracking milestone releases, there will most likely be breakages relating to roles and authz.  It may also require using a modified ec2 access key for a while as we determine the best way to map access and secret keys using keystone.

> 
> In regards to the loss of RBAC, is this expected to be transitional; and be fixable in time for Diabalo release?  Essentially, can you clarify "equivalent features".  The blueprint[0] or specification on the wiki[1] doesn't seem to mention "ec2' anywhere, can you confirm where this was discussed?

Authz checking will most likely be moving out of the top level apis, so that a deployment can have consistent authz regardless of which api a user is using.  That means that a certain level of access can be specified for launching instances and it would apply to the euca-run-instances and the servers create apis.

> 
> I'd also like to check if consideration on how this might impact possible future implementation of comparative feature of AWS Identity and Access Management (IAM)[2] support in both ec2 and openstack API was discussed?

we haven't discussed IAM

> 
> Additionally, are the logs of the PTL's meeting available anywhere?

It was an impromptu meeting that was held in openstack-meeting last tuesday, but we neglected to use the start-meeting and stop-meeting directives so it looks like it wasn't logged anywhere.

> 
> Thanks.
> 
> [0] https://blueprints.launchpad.net/nova/+spec/integrate-nova-authn
> [1] http://wiki.openstack.org/openstack-authn
> [2] http://aws.amazon.com/documentation/iam/
> 
> Kind Regards,
> Dave Walker
> 
> _______________________________________________
> Mailing list: https://launchpad.net/~openstack
> Post to     : openstack@xxxxxxxxxxxxxxxxxxx
> Unsubscribe : https://launchpad.net/~openstack
> More help   : https://help.launchpad.net/ListHelp




References