Re: [openstack-dev] [nova][keystone] auth for new metadata plugins

On 09/01/2016 08:48 PM, Michael Still wrote: On Thu, Sep 1, 2016 at 11:58 AM, Adam Young > wrote: On 08/31/2016 07:56 AM, Michael Still wrote: There is a quick sketch of what a service account might look like at https://review.openstack.org/#/c/363606/

Re: [openstack-dev] [nova][keystone] auth for new metadata plugins

On Thu, Sep 1, 2016 at 11:58 AM, Adam Young wrote: > On 08/31/2016 07:56 AM, Michael Still wrote: > > There is a quick sketch of what a service account might look like at > https://review.openstack.org/#/c/363606/ -- I need to do some more > fiddling to get the new option group working, but I cou

Re: [openstack-dev] [nova][keystone] auth for new metadata plugins

On 08/31/2016 07:56 AM, Michael Still wrote: There is a quick sketch of what a service account might look like at https://review.openstack.org/#/c/363606/ -- I need to do some more fiddling to get the new option group working, but I could do that if we wanted to try and get this into Newton.

Re: [openstack-dev] [nova][keystone] auth for new metadata plugins

On 08/30/2016 05:36 PM, Michael Still wrote: Sorry for being slow on this one, I've been pulled into some internal things at work. So... Talking to Matt Riedemann just now, it seems like we should continue to pass through the user authentication details when we have them to the plugin. The pr

Re: [openstack-dev] [nova][keystone] auth for new metadata plugins

There is a quick sketch of what a service account might look like at https://review.openstack.org/#/c/363606/ -- I need to do some more fiddling to get the new option group working, but I could do that if we wanted to try and get this into Newton. Michael On Wed, Aug 31, 2016 at 7:54 AM, Matt Rie

Re: [openstack-dev] [nova][keystone] auth for new metadata plugins

On 8/30/2016 4:36 PM, Michael Still wrote: Sorry for being slow on this one, I've been pulled into some internal things at work. So... Talking to Matt Riedemann just now, it seems like we should continue to pass through the user authentication details when we have them to the plugin. The problem

Re: [openstack-dev] [nova][keystone] auth for new metadata plugins

Sorry for being slow on this one, I've been pulled into some internal things at work. So... Talking to Matt Riedemann just now, it seems like we should continue to pass through the user authentication details when we have them to the plugin. The problem is what to do in the case where we do not (w

Re: [openstack-dev] [nova][keystone] auth for new metadata plugins

On 08/22/2016 11:11 AM, Rob Crittenden wrote: Adam Young wrote: On 08/15/2016 05:10 PM, Rob Crittenden wrote: Review https://review.openstack.org/#/c/317739/ added a new dynamic metadata handler to nova. The basic jist is that rather than serving metadata statically, it can be done dyamically,

Re: [openstack-dev] [nova][keystone] auth for new metadata plugins

Adam Young wrote: On 08/15/2016 05:10 PM, Rob Crittenden wrote: Review https://review.openstack.org/#/c/317739/ added a new dynamic metadata handler to nova. The basic jist is that rather than serving metadata statically, it can be done dyamically, so that certain values aren't provided until th

Re: [openstack-dev] [nova][keystone] auth for new metadata plugins

On 08/15/2016 05:10 PM, Rob Crittenden wrote: Review https://review.openstack.org/#/c/317739/ added a new dynamic metadata handler to nova. The basic jist is that rather than serving metadata statically, it can be done dyamically, so that certain values aren't provided until they are needed, mo

[openstack-dev] [nova][keystone] auth for new metadata plugins

Review https://review.openstack.org/#/c/317739/ added a new dynamic metadata handler to nova. The basic jist is that rather than serving metadata statically, it can be done dyamically, so that certain values aren't provided until they are needed, mostly for security purposes (like credentials t