Hi team, Based on requests, I propose to add support for Keystone authentication for k8s bay. A blueprint was created for that:
https://blueprints.launchpad.net/magnum/+spec/keystone-for-k8s-bay A goal is to enable other OpenStack services to access the APIs of k8s bays. So far, I received a use case from a under-developing Horizon k8s plugin. I believe there will be more similar use cases from other services. For the implementation, I think it is straightforward. Keystone authentication is already supported in k8s upstream [1]. Magnum could simply add an option for users to turn it on. As an initial step, I suggest to support passing the auth option via labels (e.g. '-labels k8s-auth=keystone'). If Keystone is supported by other COEs in the future, we could promote this option as a baymodel attribute. Thoughts? [1] http://kubernetes.io/docs/admin/authentication/ Best regards, Hongbin
__________________________________________________________________________ OpenStack Development Mailing List (not for usage questions) Unsubscribe: [email protected]?subject:unsubscribe http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
