Re: [Openstack] S3 Token

2012-12-11 Thread Adam Young

On 12/11/2012 01:40 AM, Chmouel Boudjnah wrote:
On Mon, Dec 10, 2012 at 4:17 AM, Adam Young ayo...@redhat.com 
mailto:ayo...@redhat.com wrote:


As a Keystone core developer, I have to say that I don't see it as
a huge burden to keep it in place.  We want to maintain API
backward compatability, and removing it would break that. We
should deprecate it and get people to sign off on a complete
removal before taking it out of keystone.


Thanks for the feedback guy, if that's not much of troubles to keep it 
in keystone we can leave it there.


Cheers,
Chmouel.
That being said,  it probably could use better unit test coverage. Feel 
free to contribute code fragments toward that.


http://admiyo.fedorapeople.org/openstack/covhtml/keystone_contrib_ec2_core.html
___
Mailing list: https://launchpad.net/~openstack
Post to : openstack@lists.launchpad.net
Unsubscribe : https://launchpad.net/~openstack
More help   : https://help.launchpad.net/ListHelp


Re: [Openstack] S3 Token

2012-12-11 Thread Adam Young

On 12/11/2012 11:11 AM, Adam Young wrote:

On 12/11/2012 01:40 AM, Chmouel Boudjnah wrote:
On Mon, Dec 10, 2012 at 4:17 AM, Adam Young ayo...@redhat.com 
mailto:ayo...@redhat.com wrote:


As a Keystone core developer, I have to say that I don't see it
as a huge burden to keep it in place.  We want to maintain API
backward compatability, and removing it would break that.  We
should deprecate it and get people to sign off on a complete
removal before taking it out of keystone.


Thanks for the feedback guy, if that's not much of troubles to keep 
it in keystone we can leave it there.


Cheers,
Chmouel.
That being said,  it probably could use better unit test coverage. 
Feel free to contribute code fragments toward that.


http://admiyo.fedorapeople.org/openstack/covhtml/keystone_contrib_ec2_core.html

Make that:


http://admiyo.fedorapeople.org/openstack/covhtml/keystone_contrib_s3_core.html
___
Mailing list: https://launchpad.net/~openstack
Post to : openstack@lists.launchpad.net
Unsubscribe : https://launchpad.net/~openstack
More help   : https://help.launchpad.net/ListHelp


Re: [Openstack] S3 Token

2012-12-10 Thread Chmouel Boudjnah
On Mon, Dec 10, 2012 at 4:17 AM, Adam Young ayo...@redhat.com wrote:

 As a Keystone core developer, I have to say that I don't see it as a huge
 burden to keep it in place.  We want to maintain API backward
 compatability, and removing it would break that.  We should deprecate it
 and get people to sign off on a complete removal before taking it out of
 keystone.


Thanks for the feedback guy, if that's not much of troubles to keep it in
keystone we can leave it there.

Cheers,
Chmouel.
___
Mailing list: https://launchpad.net/~openstack
Post to : openstack@lists.launchpad.net
Unsubscribe : https://launchpad.net/~openstack
More help   : https://help.launchpad.net/ListHelp


Re: [Openstack] S3 Token

2012-12-09 Thread Chmouel Boudjnah
Hello Anne,

Where are those feedbacks? Any chances if I can see them? I am wondering if
people are using s3 with swauth or with keystone.

Cheers,
Chmouel.


On Sat, Dec 8, 2012 at 10:53 PM, Anne Gentle a...@openstack.org wrote:

 Hi Chmouel -
 We get a lot of questions from the doc about supporting S3, but I don't
 know if it's with Keystone or without. Basically, it's this page that gets
 a lot of feedback and use:

 http://docs.openstack.org/trunk/openstack-object-storage/admin/content/configuring-openstack-object-storage-with-s3_api.html

 So, tell me if that's s3 token? Or just using S3 creds sans Keystone? That
 would help me help you decide how to proceed. Whew. :)

 Thanks,
 Anne


  On Sat, Dec 8, 2012 at 2:49 PM, Blair Bethwaite 
 blair.bethwa...@gmail.com wrote:

  Hi Chmouel,

 On 9 December 2012 00:22, Chmouel Boudjnah chmo...@chmouel.com wrote:

 i personally would vote for number three, I don't  think much people
 using this (i.e: swift+keystone+s3) or at least I didn't hear many feedback
 about the middleware.


 Option 3 is very unpalatable IMHO. People have existing clients using the
 EC2 creds with libraries such as Boto and Libcloud, so any kind of complete
 removal would need to be staged over releases to give fair warning. What's
 more, surely part of the point in providing the AWS APIs in the first place
 is to ease porting, requiring different creds for EC2 and S3 APIs
 unnecessarily complicates that.

 I vote for option 1 or 2.

 --
 Cheers,
 ~Blairo

 ___
 Mailing list: https://launchpad.net/~openstack
 Post to : openstack@lists.launchpad.net
 Unsubscribe : https://launchpad.net/~openstack
 More help   : https://help.launchpad.net/ListHelp



___
Mailing list: https://launchpad.net/~openstack
Post to : openstack@lists.launchpad.net
Unsubscribe : https://launchpad.net/~openstack
More help   : https://help.launchpad.net/ListHelp


Re: [Openstack] S3 Token

2012-12-09 Thread Adam Young

On 12/08/2012 08:22 AM, Chmouel Boudjnah wrote:

Hi,

I'm working on removing the swift+keystone middleware from keystone, 
we have moved it already as keystoneauth since last OpenStack release 
into the main swift repository.


One thing that left in keystone is the s3_token middleware. Since in 
OpenStack/Swift we are not supporting third party API this could not 
be moved there.


The options :

1) Keep s3token in keystone


As a Keystone core developer, I have to say that I don't see it as a 
huge burden to keep it in place.  We want to maintain API backward 
compatability, and removing it would break that.  We should deprecate it 
and get people to sign off on a complete removal before taking it out of 
keystone.




2) Remove s3token from keystone and try to convince the swift3 
maintainer to integrate it.


3) Try to figure out if there is actually people using this and if not 
just nuke it.


4) move s3token to its own repo on github somewhere.

i personally would vote for number three, I don't  think much people 
using this (i.e: swift+keystone+s3) or at least I didn't hear many 
feedback about the middleware.


Chmouel.



___
Mailing list: https://launchpad.net/~openstack
Post to : openstack@lists.launchpad.net
Unsubscribe : https://launchpad.net/~openstack
More help   : https://help.launchpad.net/ListHelp


___
Mailing list: https://launchpad.net/~openstack
Post to : openstack@lists.launchpad.net
Unsubscribe : https://launchpad.net/~openstack
More help   : https://help.launchpad.net/ListHelp


[Openstack] S3 Token

2012-12-08 Thread Chmouel Boudjnah
Hi,

I'm working on removing the swift+keystone middleware from keystone, we
have moved it already as keystoneauth since last OpenStack release into the
main swift repository.

One thing that left in keystone is the s3_token middleware. Since in
OpenStack/Swift we are not supporting third party API this could not be
moved there.

The options :

1) Keep s3token in keystone

2) Remove s3token from keystone and try to convince the swift3 maintainer
to integrate it.

3) Try to figure out if there is actually people using this and if not just
nuke it.

4) move s3token to its own repo on github somewhere.

i personally would vote for number three, I don't  think much people using
this (i.e: swift+keystone+s3) or at least I didn't hear many feedback about
the middleware.

Chmouel.
___
Mailing list: https://launchpad.net/~openstack
Post to : openstack@lists.launchpad.net
Unsubscribe : https://launchpad.net/~openstack
More help   : https://help.launchpad.net/ListHelp


Re: [Openstack] S3 Token

2012-12-08 Thread Blair Bethwaite
Hi Chmouel,

On 9 December 2012 00:22, Chmouel Boudjnah chmo...@chmouel.com wrote:

 i personally would vote for number three, I don't  think much people using
 this (i.e: swift+keystone+s3) or at least I didn't hear many feedback about
 the middleware.


Option 3 is very unpalatable IMHO. People have existing clients using the
EC2 creds with libraries such as Boto and Libcloud, so any kind of complete
removal would need to be staged over releases to give fair warning. What's
more, surely part of the point in providing the AWS APIs in the first place
is to ease porting, requiring different creds for EC2 and S3 APIs
unnecessarily complicates that.

I vote for option 1 or 2.

-- 
Cheers,
~Blairo
___
Mailing list: https://launchpad.net/~openstack
Post to : openstack@lists.launchpad.net
Unsubscribe : https://launchpad.net/~openstack
More help   : https://help.launchpad.net/ListHelp


Re: [Openstack] S3 Token

2012-12-08 Thread Anne Gentle
Hi Chmouel -
We get a lot of questions from the doc about supporting S3, but I don't
know if it's with Keystone or without. Basically, it's this page that gets
a lot of feedback and use:
http://docs.openstack.org/trunk/openstack-object-storage/admin/content/configuring-openstack-object-storage-with-s3_api.html

So, tell me if that's s3 token? Or just using S3 creds sans Keystone? That
would help me help you decide how to proceed. Whew. :)

Thanks,
Anne


On Sat, Dec 8, 2012 at 2:49 PM, Blair Bethwaite
blair.bethwa...@gmail.comwrote:

 Hi Chmouel,

 On 9 December 2012 00:22, Chmouel Boudjnah chmo...@chmouel.com wrote:

 i personally would vote for number three, I don't  think much people
 using this (i.e: swift+keystone+s3) or at least I didn't hear many feedback
 about the middleware.


 Option 3 is very unpalatable IMHO. People have existing clients using the
 EC2 creds with libraries such as Boto and Libcloud, so any kind of complete
 removal would need to be staged over releases to give fair warning. What's
 more, surely part of the point in providing the AWS APIs in the first place
 is to ease porting, requiring different creds for EC2 and S3 APIs
 unnecessarily complicates that.

 I vote for option 1 or 2.

 --
 Cheers,
 ~Blairo

 ___
 Mailing list: https://launchpad.net/~openstack
 Post to : openstack@lists.launchpad.net
 Unsubscribe : https://launchpad.net/~openstack
 More help   : https://help.launchpad.net/ListHelp


___
Mailing list: https://launchpad.net/~openstack
Post to : openstack@lists.launchpad.net
Unsubscribe : https://launchpad.net/~openstack
More help   : https://help.launchpad.net/ListHelp