----- Original Message ----- > On 05/13/2013 11:05 AM, Mike Kolesnik wrote: > > ----- Original Message ----- > >> On 05/13/2013 10:42 AM, Oved Ourfalli wrote: > >>> IMO, the following fields will fit most providers, at least the ones we > >>> plan to support in the near future: > >>> * id > >>> * name > >>> * type > >>> * URL > >>> * requires_authentication (boolean) to support development/POC/testing... > >>> mode > >> > >> redundant with empty username/password? > > > > Empty user/password is an implementation details. > > Seems logical to me to be explicit about it. > > > >> > >>> * username > >>> * password > >> > >> do keystone based services allow to authenticate directly to them, or > >> you need an additional authentication url (to get the ticket)? > >> > > > > No, the OpenStack services require a header with the token: > > "When Keystone is enabled, users that submit requests to the Quantum > > service must provide an authentication token in X-Auth-Token request > > header. You obtain the token by authenticating to the Keystone endpoint." > > > > http://docs.openstack.org/api/openstack-network/2.0/content/Authentication-d1e444.html > > > > so you are missing an 'authentication url' field, although i think there > was some discussion that until we expect more than a single keystone, > may be a config >
I think at this point it makes sense to keep as config value and in the next phase of OpenStack providers integration we can model the keystone & tenant entities properly. I do however, agree with oved, that the username/password should be kept per provider. _______________________________________________ Engine-devel mailing list [email protected] http://lists.ovirt.org/mailman/listinfo/engine-devel
