On May 16, 2011, at 12:33 PM, Dave Walker wrote: > Hi Vish, > > This is really useful to know, thank you for the highlevel outline. > > I didn't quite understand the "Consistent Auth", and what it means for ec2 > api for the Diablo release. Would you be able to confirm the extent / > roadmap of the ec2 api breakage expected? Are you expecting the base ec2 api > functionality to be near stable throughout the transition, or are you > expecting large breakage?
If you will be tracking milestone releases, there will most likely be breakages relating to roles and authz. It may also require using a modified ec2 access key for a while as we determine the best way to map access and secret keys using keystone. > > In regards to the loss of RBAC, is this expected to be transitional; and be > fixable in time for Diabalo release? Essentially, can you clarify > "equivalent features". The blueprint[0] or specification on the wiki[1] > doesn't seem to mention "ec2' anywhere, can you confirm where this was > discussed? Authz checking will most likely be moving out of the top level apis, so that a deployment can have consistent authz regardless of which api a user is using. That means that a certain level of access can be specified for launching instances and it would apply to the euca-run-instances and the servers create apis. > > I'd also like to check if consideration on how this might impact possible > future implementation of comparative feature of AWS Identity and Access > Management (IAM)[2] support in both ec2 and openstack API was discussed? we haven't discussed IAM > > Additionally, are the logs of the PTL's meeting available anywhere? It was an impromptu meeting that was held in openstack-meeting last tuesday, but we neglected to use the start-meeting and stop-meeting directives so it looks like it wasn't logged anywhere. > > Thanks. > > [0] https://blueprints.launchpad.net/nova/+spec/integrate-nova-authn > [1] http://wiki.openstack.org/openstack-authn > [2] http://aws.amazon.com/documentation/iam/ > > Kind Regards, > Dave Walker > > _______________________________________________ > Mailing list: https://launchpad.net/~openstack > Post to : openstack@lists.launchpad.net > Unsubscribe : https://launchpad.net/~openstack > More help : https://help.launchpad.net/ListHelp _______________________________________________ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
