+1 to @markmc's "default is global value and override for project specific key" suggestion.
-- dims On Wed, Dec 3, 2014 at 11:57 PM, Matt Riedemann <mrie...@linux.vnet.ibm.com> wrote: > I've posted this to the 12/4 nova meeting agenda but figured I'd socialize > it here also. > > SSL options - do we make them per-project or global, or both? Neutron and > Cinder have config-group specific SSL options in nova, Glance is using oslo > sslutils global options since Juno which was contentious for a time in a > separate review in Icehouse [1]. > > Now [2] wants to break that out for Glance, but we also have a patch [3] for > Keystone to use the global oslo SSL options, we should be consistent, but > does that require a blueprint now? > > In the Icehouse patch, markmc suggested using a DictOpt where the default > value is the global value, which could be coming from the oslo [ssl] group > and then you could override that with a project-specific key, e.g. cinder, > neutron, glance, keystone. > > [1] https://review.openstack.org/#/c/84522/ > [2] https://review.openstack.org/#/c/131066/ > [3] https://review.openstack.org/#/c/124296/ > > -- > > Thanks, > > Matt Riedemann > > > _______________________________________________ > OpenStack-dev mailing list > OpenStack-dev@lists.openstack.org > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev -- Davanum Srinivas :: https://twitter.com/dims _______________________________________________ OpenStack-dev mailing list OpenStack-dev@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev