On 7 December 2015 at 14:33, Clint Byrum <cl...@fewbar.com> wrote: > > Indeed, this is one paradigm where it actually creates a hardened core, > not a squisy one, so I think it's not a terrible idea. > > I tend to agree, just wish we were already there :)
> > > What I mean is, you'd just have two completely separate _services_, > instead of one service, with two separate endpoint "interface" entries: > > <snip example> > I guess if the clients already have mechanisms to determine whether to use the public url or the admin url, they can determine which service to look up just the same. However, that brings me back to wondering if there's any real difference? I'm missing something. But like you say, if we don't have Keystone running such that we trust it enough to call it hardened, then that's a much more pressing issue. What are other public cloud ops doing wrt public facing API services that can expose admin type operations?
_______________________________________________ OpenStack-operators mailing list OpenStack-operators@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators
