On 11/29/2013 10:06 AM, Mark McLoughlin wrote:
Hey
Anyone got an update on this?
The keystone blueprint for KDS was marked approved on Tuesday:
https://blueprints.launchpad.net/keystone/+spec/key-distribution-server
and a new keystone review was added on Sunday, but it must be a draft
sinc
> I also don't like that the discussions suggested that because it would be
hard
> to get Barbican incubated/integrated it should not be used. That is just
crazy
> talk. TripleO merged with Tuskar because Tuskar is part of deployment.
We are completing our incubation request for Barbican right now
Excerpts from Adam Young's message of 2013-11-25 20:25:50 -0800:
> Back in the Day, Barbican was just one Service of Cloud Keep. While I
> would say that KDS belongs in the Cloud Keep, it is not the same as, and
> should not be deployed with Barbican. Is it possible to keep them as
> separate
Hey
Anyone got an update on this?
The keystone blueprint for KDS was marked approved on Tuesday:
https://blueprints.launchpad.net/keystone/+spec/key-distribution-server
and a new keystone review was added on Sunday, but it must be a draft
since I can't access it:
https://review.openstack.
On Tue, Nov 26, 2013 at 5:25 AM, Adam Young wrote:
> Back in the Day, Barbican was just one Service of Cloud Keep. While I
> would say that KDS belongs in the Cloud Keep, it is not the same as, and
> should not be deployed with Barbican. Is it possible to keep them as
> separate services? I th
[thie...@openstack.org]
Sent: Monday, November 25, 2013 4:17 AM
To: openstack-dev@lists.openstack.org
Subject: Re: [openstack-dev] [Keystone][Oslo] Future of Key Distribution
Server, Trusted Messaging
Adam Young wrote:
Keep KDS configuration separate from the Keystone configuration: the
fact that
bject: Re: [openstack-dev] [Keystone][Oslo] Future of Key Distribution
Server, Trusted Messaging
Adam Young wrote:
> Keep KDS configuration separate from the Keystone configuration: the
> fact that they both point to the same host and port is temporary. In
> fact, we should probably spin
Adam Young wrote:
> Keep KDS configuration separate from the Keystone configuration: the
> fact that they both point to the same host and port is temporary. In
> fact, we should probably spin up a separate wsgi service/port inside
> Keystone for just the KDS. This is not hard to do, and will supp
On Sun, Nov 24, 2013 at 1:52 PM, Morgan Fainberg wrote:
> The other concern is the library interfacing with KDS (I would assume this
> goes into keystoneclient? At least for the time being).
>
I would rather see the client get its own repo, too. We still need to do
that with the middleware.
dt
> I hear a concerted effort to get this bootstrapped in Keystone. We can do
> this if it is the voice of the majority.
>
>
> If we do:
>
> Keep KDS configuration separate from the Keystone configuration: the fact
> that they both point to the same host and port is temporary. In fact, we
> should
On 11/22/2013 01:49 PM, Mark McLoughlin wrote:
On Fri, 2013-11-22 at 11:04 +0100, Thierry Carrez wrote:
Russell Bryant wrote:
[...]
I'm not thrilled about the prospect of this going into a new project for
multiple reasons.
- Given the priority and how long this has been dragging out, having
On Fri, 2013-11-22 at 11:04 +0100, Thierry Carrez wrote:
> Russell Bryant wrote:
> > [...]
> > I'm not thrilled about the prospect of this going into a new project for
> > multiple reasons.
> >
> > - Given the priority and how long this has been dragging out, having to
> > wait for a new project
On 11/21/13, 7:51 PM, "Jamie Lennox" wrote:
>So i've a feeling that this was proposed and dismissed once before. I
>don't remember why.
>
>So my concern with barbican is that i'm under the impression that
>barbican was going to be an 'overcloud' service. That's a really bad way
>of putting it, b
Russell Bryant wrote:
> [...]
> I'm not thrilled about the prospect of this going into a new project for
> multiple reasons.
>
> - Given the priority and how long this has been dragging out, having to
> wait for a new project to make its way into OpenStack is not very appealing.
>
> - A new pro
So i've a feeling that this was proposed and dismissed once before. I
don't remember why.
So my concern with barbican is that i'm under the impression that
barbican was going to be an 'overcloud' service. That's a really bad way
of putting it, but it is service and user facing and discovered via t
On 11/21/2013 03:08 PM, Jarret Raim wrote:
The Barbican team has been taking a look at the KDS feature and the
proposed patch and I think this may be better placed in Barbican rather
than Keystone. The patch, from what I can tell, seems to require that a
service account create & use a key under i
On Thu, Nov 21, 2013 at 2:08 PM, Jarret Raim wrote:
> The Barbican team has been taking a look at the KDS feature and the
> proposed patch and I think this may be better placed in Barbican rather
> than Keystone. The patch, from what I can tell, seems to require that a
> service account create & u
The Barbican team has been taking a look at the KDS feature and the
proposed patch and I think this may be better placed in Barbican rather
than Keystone. The patch, from what I can tell, seems to require that a
service account create & use a key under its own tenant. In this use case,
Barbican can
On 11/21/2013 01:55 AM, Russell Bryant wrote:
Greetings,
I'd like to check in on the status of this API addition:
https://review.openstack.org/#/c/40692/
The last comment is:
"propose against stackforge as discussed at summit?"
Yes, it was discussed in a small group, and not offici
Greetings,
I'd like to check in on the status of this API addition:
https://review.openstack.org/#/c/40692/
The last comment is:
"propose against stackforge as discussed at summit?"
I don't see a session about this and from a quick look, don't see notes
related to it in other session et
20 matches
Mail list logo
