| Thread Previous • Date Previous • Date Next • Thread Next |
On 03/19/2012 10:42 AM, Mark Washenberger wrote:
Out of curiosity, why prefer keystone for centrally managing quota groups rather than an admin api in nova? From my perspective, a nova admin api would save a data migration and preserve nova-manage backwards compatibility.
Because more services than Nova can/should have Quotas/limits. Glance would like to piggy back on some common quota code if possible, instead of inventing something new :)
Also, since quota clearly isn't an auth-n thing, is keystone way more auth-z than I realized?
RBAC and other functionality planned for Keystone is all about auth-z.But, that said, I would not be opposed to having the quota/limits stuff outside of Keystone. I think Kevin's Turnstile is a pretty good solution that offers middleware that does distributed ratelimiting in a flexible architecture and has some nice advantages over the Swift ratelimit middleware, including having a control thread that allows admins to reconfigure the ratelimit middleware without restarting the service that houses the middleware -- just send a message to the control daemon's pubsub channel...
Would be awesome if the benefits of the Swift middleware -- namely, the ability to use existing Memcache infrastructure -- were married to the Turnstile solution, though. :)
Best, -jay
"Day, Phil"<philip.day@xxxxxx> said:+1 And make the whole combine quota/limits module pluggable - so that all of these "per-user" configuration items can be managed in a central system (e.g keystone) -----Original Message----- From: openstack-bounces+philip.day=hp.com@xxxxxxxxxxxxxxxxxxx [mailto:openstack-bounces+philip.day=hp.com@xxxxxxxxxxxxxxxxxxx] On Behalf Of Jay Pipes Sent: 17 March 2012 16:25 To: openstack@xxxxxxxxxxxxxxxxxxx Subject: Re: [Openstack] Quota classes On 03/16/2012 07:02 PM, Jesse Andrews wrote:There is the concept of "limits" that are very similar. Should we align quotas& limits?Oh, yes please! :) And make it configurable via a REST API, since editing config files ain't the most admin-friendly thang ;) /me waits for Jorge to bring up Repose... best, -jay _______________________________________________ Mailing list: https://launchpad.net/~openstack Post to : openstack@xxxxxxxxxxxxxxxxxxx Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp _______________________________________________ Mailing list: https://launchpad.net/~openstack Post to : openstack@xxxxxxxxxxxxxxxxxxx Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp_______________________________________________ Mailing list: https://launchpad.net/~openstack Post to : openstack@xxxxxxxxxxxxxxxxxxx Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
| Thread Previous • Date Previous • Date Next • Thread Next |
