On Thu, Sep 25, 2014 at 6:02 AM, Clint Byrum <cl...@fewbar.com> wrote:

> However, this does make me think that Keystone domains should be exposable
> to services inside your cloud for use as SSO. It would be quite handy
> if the keystone users used for the VMs that host Kubernetes could use
> the same credentials to manage the containers.

I was exactly thinking about the same and looking at the code here :


it seems to use some basic HTTP auth which should be enough with the
REMOTE_USER/apache feature of keystone :


but if we want to have proper full integration with OpenStack we would
probably at some point want to teach modularity and a keystone plugin to
give to k8

OpenStack-dev mailing list

Reply via email to