Discussion on what Keystone needs for large scale and public cloud providers
Running OpenStack for a public cloud provider is complicated, but keystone provides a lot of unique challenges in this space. While running a large scale private cloud has different requirements, large scale clouds in enterprise environments tend to have similar requirements to those of public clouds. The three endpoints of the service catalog, authentication, and authorization are probably the most used endpoints in a public cloud environment and keystone does not necessarily fit well for these endpoints in large providers. There are also some major functionality concepts which are missing (like delegation and user created access control lists). Some of these may have already been addresses by previous work. In some cases it may just be a lack of documentation and status update in order to move forward. I would like to have a discussion with large cloud providers who do and do not use Keystone to determine a research and development roadmap for Icehouse. The goals of this being:
* Discussion of previous work that may need more effort and/or external project integration (trusts, kent, etc)
* A list of what additional features/
* A list of what additional features/
* A discussion on what technologies can be better leveraged instead of re-inventing the wheel
* Some discussion of deployment strategies and pain points for large scale use cases
Blueprint information
- Status:
- Complete
- Approver:
- None
- Priority:
- Undefined
- Drafter:
- Carl Perry
- Direction:
- Needs approval
- Assignee:
- None
- Definition:
- Obsolete
- Series goal:
- None
- Implementation:
- Unknown
- Milestone target:
- None
- Started by
- Completed by
- Dolph Mathews
Related branches
Related bugs
Sprints
Whiteboard
No doubt this would be a hugely beneficial discussion, but this doesn't really fit as a blueprint as there's no release deliverable to track. Did you intend to propose this as a summit session? -Dolph
I did, and I thought submitting a blueprint was the right way to do it. Sorry about that. What should I do for next steps? -Carl