Re: [openstack-dev] [nova]Proposal for function to manage the resources available to each tenant

Fri, 17 Jul 2015 02:29:25 -0700 


Le 17/07/2015 10:42, Kenji Ishii a écrit :

Hello!

Please give me opinion in terms to be a valuable function for OpenStack 
Community.
We believe that we need a mechanism to easily manage the resources available to 
the each tenant.
In some case, we want to allow only the specific tenant to use the specific 
resources.


We think the two architectures of the following.

a. New concept called vDC
   vDC is "virtual DC".
   It means collection of several logical resources : Availavility Zone(AZ).
   If we use it, we can control the resources to each tenant.

   For example,
     ___vDC_1____    ___vDC_2____
      |            |   |            |
      |  AZ1, AZ2  |   |  AZ3       |
      |____________|   |____________|

      tenant "tenant_001" assigned "vDC_1"
      tenant "tenant_002" assigned "vDC_2"

   tenant_001 can use AZ1 and AZ2, AZ3 is unavailable.
   tenant_002 can use AZ3 , AZ1 and AZ2 is unavailable.



Not sure I fully understand but AggregateMultiTenancyIsolation filter 
already partially does the job (with a certain number of pitfalls, one 
being addressed in https://review.openstack.org/#/c/195783/ )




b. use region
   It will manage the relation between the Region and the tenant.
   The tenant can use only the resources in region that be allowed it to use.

   By the way, this proposal is several problems - Cost of system construction is higher 
than proposal "a"  etc



Nova litterally knows nothing about Regions, that's a pure Keystone 
concept. From my perspective, you just have to make sure that your 
tenants are per region, you don't really need more to have the tenancy 
segregation at the region level. Caution, I'm not a Keystone expert.


-Sylvain





each proposal's detail is following.
https://wiki.openstack.org/wiki/Proposal_vDC

--
Kenji Ishii


__________________________________________________________________________
OpenStack Development Mailing List (not for usage questions)
Unsubscribe: [email protected]?subject:unsubscribe
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev



__________________________________________________________________________
OpenStack Development Mailing List (not for usage questions)
Unsubscribe: [email protected]?subject:unsubscribe
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev






















					Reply via email to