On 07/13/2015 09:40 PM, Li, Chen wrote:
Thanks, this is very helpful.
1. The purpose of admin user & proxy user are the same => to work without user's
own username & password.
sort of, the proxy user is to work without the user's credentials,
whereas the admin user needs a trust to operate on the user's project
2. For transient cluster, what sahara need is to be able to operate.
3. For swift access , using user's own credentials is not safe. Because the credentials
is not used by sahara only, it will appear in "user space" (on the cluster
nodes) at end.
Using admin user is silly, doesn't gain any benefit, but create a more
=> proxy user must(better to) use proxy user, for security reason.
=> transient cluster can work both way, but proxy user introduce extra effect
which is not nessary, so admin user is enough.
i would say that is accurate.
OpenStack Development Mailing List (not for usage questions)