Re: [openstack-dev] Neutron and ACLs
Hey, as a matter of fact in Barbican we are also in need of proper ACLs and there is currently work on-going on implementing them: http://specs.openstack.org/openstack/barbican-specs/specs/kilo/add-creator-only-option.html On Wed, Apr 8, 2015 at 7:58 PM, Rich Wellner r...@objenv.com wrote: Yeah, sounds like a plan. FWIW, our target implementation will be Arista switches. rw2 On 4/8/15 11:52 AM, Kevin Benton wrote: My plan is to repropose that for Liberty. I will re upload it to the spec repo in the next couple of weeks. When I do that it would be great to get your feedback. Perhaps we can divide up the work or you can expand the model to things other than subnets. On Apr 8, 2015 9:43 AM, Rich Wellner r...@objenv.com wrote: On 4/8/15 11:17 AM, Kevin Benton wrote: What do you mean by ACLs? Is it anything similar to the following? https://review.openstack.org/#/c/132661/ Yes, our goals are very closely aligned with yours. And the rst doc as well as the messages on that thread file in a lot of gaps for me. Thanks. What's your plan going forward? rw2 __ OpenStack Development Mailing List (not for usage questions) Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev __ OpenStack Development Mailing List (not for usage questions) Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribehttp://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev __ OpenStack Development Mailing List (not for usage questions) Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev -- Juan Antonio Osorio R. e-mail: jaosor...@gmail.com All truly great thoughts are conceived by walking. - F.N. __ OpenStack Development Mailing List (not for usage questions) Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
[openstack-dev] Neutron and ACLs
Hello everyone, I (and my sponsor) are interested in adding ACLs to neutron and after trying IRC, emailing some githubbers directly and asking in a couple other places I've been told that this might be the place to have the discussion. Here's what I've been told so far: 1) There was a proposal for Quantum ACLs that was never approved. 2) There might be a push to put ACLs in Keystone and have other services depend on this central resource for ACL information. 3) Swift has ACLs built into it (notably, not using Keystone) 4) I don't see ACLs in any service other than Swift. So my question is: How can I meaningfully engage with the right people to understand what the current thoughts are for ACLs for all of open stack as well as Neutron? If you google my name and open source you'll see that I've been in the game a while and have worked in a few different communities. As such, I found one piece of advice I was given while researching Neutron code up your proposal and submit it to be a bit naive. It's clear there have been some conversations about this in the past and I would really not want to spend a couple months starting from zero, coming up with a solution that *I* like and is objectively good but have it rejected because the community already has inertia going in a different direction. So what I think I need to understand is something like: o What are the current thoughts on ACLs globally and with regard to Neutron o What people should I engage with (both for neutron and other services like keystone) Thanks in advance to all who reply. rw2 __ OpenStack Development Mailing List (not for usage questions) Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
Re: [openstack-dev] Neutron and ACLs
What do you mean by ACLs? Is it anything similar to the following? https://review.openstack.org/#/c/132661/ On Wed, Apr 8, 2015 at 9:02 AM, Rich Wellner r...@objenv.com wrote: Hello everyone, I (and my sponsor) are interested in adding ACLs to neutron and after trying IRC, emailing some githubbers directly and asking in a couple other places I've been told that this might be the place to have the discussion. Here's what I've been told so far: 1) There was a proposal for Quantum ACLs that was never approved. 2) There might be a push to put ACLs in Keystone and have other services depend on this central resource for ACL information. 3) Swift has ACLs built into it (notably, not using Keystone) 4) I don't see ACLs in any service other than Swift. So my question is: How can I meaningfully engage with the right people to understand what the current thoughts are for ACLs for all of open stack as well as Neutron? If you google my name and open source you'll see that I've been in the game a while and have worked in a few different communities. As such, I found one piece of advice I was given while researching Neutron code up your proposal and submit it to be a bit naive. It's clear there have been some conversations about this in the past and I would really not want to spend a couple months starting from zero, coming up with a solution that *I* like and is objectively good but have it rejected because the community already has inertia going in a different direction. So what I think I need to understand is something like: o What are the current thoughts on ACLs globally and with regard to Neutron o What people should I engage with (both for neutron and other services like keystone) Thanks in advance to all who reply. rw2 __ OpenStack Development Mailing List (not for usage questions) Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev -- Kevin Benton __ OpenStack Development Mailing List (not for usage questions) Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
Re: [openstack-dev] Neutron and ACLs
On 4/8/15 11:17 AM, Kevin Benton wrote: What do you mean by ACLs? Is it anything similar to the following? https://review.openstack.org/#/c/132661/ Yes, our goals are very closely aligned with yours. And the rst doc as well as the messages on that thread file in a lot of gaps for me. Thanks. What's your plan going forward? rw2 __ OpenStack Development Mailing List (not for usage questions) Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
Re: [openstack-dev] Neutron and ACLs
My plan is to repropose that for Liberty. I will re upload it to the spec repo in the next couple of weeks. When I do that it would be great to get your feedback. Perhaps we can divide up the work or you can expand the model to things other than subnets. On Apr 8, 2015 9:43 AM, Rich Wellner r...@objenv.com wrote: On 4/8/15 11:17 AM, Kevin Benton wrote: What do you mean by ACLs? Is it anything similar to the following? https://review.openstack.org/#/c/132661/ Yes, our goals are very closely aligned with yours. And the rst doc as well as the messages on that thread file in a lot of gaps for me. Thanks. What's your plan going forward? rw2 __ OpenStack Development Mailing List (not for usage questions) Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev __ OpenStack Development Mailing List (not for usage questions) Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
Re: [openstack-dev] Neutron and ACLs
Yeah, sounds like a plan. FWIW, our target implementation will be Arista switches. rw2 On 4/8/15 11:52 AM, Kevin Benton wrote: My plan is to repropose that for Liberty. I will re upload it to the spec repo in the next couple of weeks. When I do that it would be great to get your feedback. Perhaps we can divide up the work or you can expand the model to things other than subnets. On Apr 8, 2015 9:43 AM, Rich Wellner r...@objenv.com mailto:r...@objenv.com wrote: On 4/8/15 11:17 AM, Kevin Benton wrote: What do you mean by ACLs? Is it anything similar to the following? https://review.openstack.org/#/c/132661/ Yes, our goals are very closely aligned with yours. And the rst doc as well as the messages on that thread file in a lot of gaps for me. Thanks. What's your plan going forward? rw2 __ OpenStack Development Mailing List (not for usage questions) Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe http://openstack-dev-requ...@lists.openstack.org?subject:unsubscribe http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev __ OpenStack Development Mailing List (not for usage questions) Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev __ OpenStack Development Mailing List (not for usage questions) Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev