openstack team mailing list archive

[Tom Fifield <fifieldt@xxxxxxxxxxxxxx>]

Just to echo Tim's comments here about the research space - we certainly 
have this requirement over in NeCTAR (Australia's national cloud for 
research).

Australia actually has entire institutions setup to work in this mode - 
helping out multiple universities simultaneously with software 
development et al, and it's certainly a common case with our OpenStack 
cloud.

Regards,

Tom

On 05/30/2012 07:16 AM, Gabriel Hurley wrote:
> Terminology:
>
> Project == Tenant. They are equivalent in Keystone parlance.
>
> What you're referring to as a "tenant" in that last email is the role a "domain" might play going forward in Keystone.
>
> All the best,
>
>      - Gabriel
>
> > -----Original Message-----
> > From: openstack-bounces+gabriel.hurley=nebula.com@xxxxxxxxxxxxxxxxxxx
> > [mailto:openstack-
> > bounces+gabriel.hurley=nebula.com@xxxxxxxxxxxxxxxxxxx] On Behalf Of
> > Caitlin Bestler
> > Sent: Tuesday, May 29, 2012 11:47 AM
> > To: Tim Bell; openstack@xxxxxxxxxxxxxxxxxxx
> > Subject: Re: [Openstack] Identity API v3 - Why allow multi-tenant users?
> >
> > Tim Bell wrote:
> >
> > ➢ In the research environment, we have frequent cases where a user is
> > associated with multiple tenants.
> >
> > >   For example, when you are finishing work on a previous project but are
> > mainly working on the new one.
> >
> > > As we move towards domain/tenant/user, we need to ensure that the
> > tools support multi-tenant per user. Correct accounting is critical.
> >
> > > This does require extra code but it is relevant given the use cases.
> >
> > What you are describing strikes me as a single tenant with multiple projects.
> > It is similar to a corporate environment with multiple departments.
> >
> > I am seeing a major problem here when the tenants are truly separate and
> > the only possible administrator in common is the service provider.