team will stay at Paris from Oct.29 to Nov.8.
Best Regards
Chaoyi Huang ( joehuang )
From: Tiwari, Arvind [arvind.tiw...@hp.com]
Sent: 02 October 2014 0:42
To: OpenStack Development Mailing List (not for usage questions)
Subject: Re: [openstack-dev] [all] [tc
Hi Chaoyi,
Thanks for sharing these information.
Sometime back I have stared a project called “Alliance” which trying to address
the same concerns (see the link below). Alliance service is designed to provide
Inter-Cloud Resource Federation which will enable resource sharing across
cloud in
I have logged below bug to enforce 'content-type' check before RBAC enforcement
on POST requests, but seems we have difference in opinion.
https://bugs.launchpad.net/barbican/+bug/1347101
Please look at the above bug and share your thoughts.
IMO -
content-type enforcement is concern of REST
://review.openstack.org/#/c/100023/https://blueprints.launchpad.net/keystone/+spec/keystone-to-keystone-federation
The federation will be migrated to this new service?
Regards,
2014-07-09 14:33 GMT-03:00 Tiwari, Arvind
arvind.tiw...@hp.commailto:arvind.tiw...@hp.com:
Hi All,
I am investigating on inter cloud
Riedemann [mailto:mrie...@linux.vnet.ibm.com]
Sent: Wednesday, July 09, 2014 2:30 PM
To: openstack-dev@lists.openstack.org
Subject: Re: [openstack-dev] Inter cloud resource federation [Alliance]
On 7/9/2014 12:33 PM, Tiwari, Arvind wrote:
Hi All,
I am investigating on inter cloud resource
Hi All,
I am investigating on inter cloud resource federation across OS based cloud
deployments, this is needed to support multi regions, cloud bursting, VPC and
more use cases. I came up with a design (link below) which advocate a new
service (a.k.a. Alliance), this service sits close to
All,
I am working on a new service to address the problems of Inter Cloud Resource
Federation use cases (e.g. multi region, cloud bursting, resource sharing
across clouds, etc . ).
The new service will integrate multiple OpenStack cloud to work in alliance to
provide resource federation
Some thoughts out of the context of this email thread.
As per my understanding of Kite, it is a subset of Barbican or there might be
minor gaps. If that is the true statement then what is the point of having a
services with duplicate feature set? Why not port all the Kite feature to
Barbican
/12/2014 03:16 PM, Tiwari, Arvind wrote:
Some thoughts out of the context of this email thread.
As per my understanding of Kite, it is a subset of Barbican or there might be
minor gaps. If that is the true statement then what is the point of having a
services with duplicate feature set? Why
As per current implementation, containers are immutable.
Do we have any use case to make it mutable? Can we live with new container
instead of updating an existing container?
Arvind
-Original Message-
From: Samuel Bercovici [mailto:samu...@radware.com]
Sent: Monday, June 09, 2014
Barbcan will be used as secret store (or Key Manager) in Open Stack
deployments. That means users can store any kind for secrets (ssh keys , access
keys, password .) in Barbican these secrets are not shared secrets.
In below scenario it seems secrets are not well protected in Barbican
1.
@lists.openstack.org
Subject: Re: [openstack-dev] Hierarchical administrative boundary [keystone]
On 05/08/2014 07:55 PM, Tiwari, Arvind wrote:
Hi All,
Below is my proposal to address VPC use case using hierarchical administrative
boundary. This topic is scheduled in Hierarchical
Multitenancyhttp
Hi All,
Below is my proposal to address VPC use case using hierarchical administrative
boundary. This topic is scheduled in Hierarchical
Multitenancyhttp://junodesignsummit.sched.org/event/20465cd62e9054d4043dda156da5070e#.U2wYXXKLR_9
session of Atlanta design summit.
Hi Chad,
We are working on following topics and expecting some time to discuss in the
summit. Can we accommodate them in the summit?
https://blueprints.launchpad.net/barbican/+spec/secret-isolation-at-user-level
(We are working on POC + API change proposal)
Chad,
Please let me know if you want me to start etherpads for them?
Regards,
Arvind
From: Tiwari, Arvind
Sent: Monday, May 05, 2014 10:22 AM
To: openstack-dev@lists.openstack.org
Subject: RE: [openstack-dev] [barbican] Atlanta Summit Etherpads for Review
Hi Chad,
We are working on following
Hi Henrique,
I agree with your thoughts and in my opinion every OpenStack service has to be
Domain aware. Specially it will be more helpful in large scale OpenStack
deployments where IAM resources are scoped to a domain but other services (e.g.
Nova) are just not aware of domains.
Thanks,
Hi JC,
I have proposed BP to address VPC using domain hierarchy and hierarchical
administrative boundary.
https://blueprints.launchpad.net/keystone/+spec/hierarchical-administrative-boundary
Thanks,
Arvind
-Original Message-
From: Martin, JC [mailto:jch.mar...@gmail.com]
Sent:
Hi Chris,
Looking at your requirements, seems my solution (see attached email) is pretty
much aligned. What I am trying to propose is
1. One root domain as owner of virtual cloud. Logically linked to n leaf
domains.
2. All leaf domains falls under admin boundary of virtual cloud owner.
3. No
Hi Vish,
I am sorry as I am proposing just a solution approach below but no code so far.
### Problem and Requirement ###
As per the problem description it seems to me that Martha, the owner of
ProductionIT is not a cloud provider (correct me if wrong) and she uses
someone else cloud
...@canonical.com] On Behalf Of Telles
Mota Vidal Nóbrega
Sent: Thursday, January 16, 2014 6:30 AM
To: Tiwari, Arvind
Subject: Domain ID in Policy_dict
Hi, i'm working on some new features for openstack and this merge that
you submitted https://review.openstack.org/#/c/50488/ does most of what
I need. I
Hi Adam,
I would like to request you to revisit the below link and provide your opinion,
so that we can move forward and try to find a common ground where everyone.
https://review.openstack.org/#/c/61897
Below is my justification for service_id in role model:
In a public cloud deployment
...@kent.ac.uk]
Sent: Tuesday, December 10, 2013 1:30 AM
To: Adam Young; Tiwari, Arvind; OpenStack Development Mailing List (not for
usage questions)
Cc: Henry Nash; dolph.math...@gmail.com; Yee, Guang
Subject: Re: [openstack-dev] [keystone] Service scoped role definition
How about the following which
. https://blueprints.launchpad.net/keystone/+spec/service-scoped-tokens.
Thanks.
Arvind
-Original Message-
From: David Chadwick [mailto:d.w.chadw...@kent.ac.uk]
Sent: Tuesday, December 10, 2013 2:27 PM
To: Tiwari, Arvind; Adam Young; OpenStack Development Mailing List (not for
usage
My Comments in line.
Arvind
-Original Message-
From: Adam Young [mailto:ayo...@redhat.com]
Sent: Tuesday, December 10, 2013 2:54 PM
To: David Chadwick; Tiwari, Arvind; OpenStack Development Mailing List (not for
usage questions)
Cc: Henry Nash; dolph.math...@gmail.com; Yee, Guang
, scope.id, domain_id and project_id makes the composite key.
-Original Message-
From: Adam Young [mailto:ayo...@redhat.com]
Sent: Monday, December 09, 2013 1:28 PM
To: David Chadwick; Tiwari, Arvind; OpenStack Development Mailing List (not for
usage questions)
Cc: Henry Nash; dolph.math
Message-
From: David Chadwick [mailto:d.w.chadw...@kent.ac.uk]
Sent: Monday, December 09, 2013 3:15 PM
To: Tiwari, Arvind; Adam Young; OpenStack Development Mailing List (not for
usage questions)
Cc: Henry Nash; dolph.math...@gmail.com; Yee, Guang
Subject: Re: [openstack-dev] [keystone
Hi David,
Let me capture these details in ether pad. I will drop an email after adding
these details in etherpad.
Thanks,
Arvind
-Original Message-
From: David Chadwick [mailto:d.w.chadw...@kent.ac.uk]
Sent: Thursday, December 05, 2013 4:15 AM
To: Tiwari, Arvind; Adam Young; OpenStack
are right now and
open questions along with my thoughts.
Please take a look and share your comments/suggestion.
Regards,
Arvind
-Original Message-
From: David Chadwick [mailto:d.w.chadw...@kent.ac.uk]
Sent: Thursday, December 05, 2013 5:45 AM
To: Tiwari, Arvind; Adam Young
Cc: OpenStack
://blueprints.launchpad.net/keystone/+spec/service-scoped-tokens BP.
Thanks,
Arvind
-Original Message-
From: Adam Young [mailto:ayo...@redhat.com]
Sent: Tuesday, December 03, 2013 6:52 PM
To: Tiwari, Arvind; OpenStack Development Mailing List (not for usage questions)
Cc: Henry Nash; dolph.math...@gmail.com
://blueprints.launchpad.net/keystone/+spec/service-scoped-tokens BP.
Thanks,
Arvind
-Original Message-
From: David Chadwick [mailto:d.w.chadw...@kent.ac.uk]
Sent: Wednesday, December 04, 2013 2:16 AM
To: Tiwari, Arvind; OpenStack Development Mailing List (not for usage
questions); Adam
]
Sent: Wednesday, December 04, 2013 10:41 AM
To: Adam Young; Tiwari, Arvind; OpenStack Development Mailing List (not for
usage questions)
Cc: Henry Nash; dolph.math...@gmail.com
Subject: Re: [openstack-dev] [keystone] Service scoped role definition
Hi Adam
I understand your problem: having
, Arvind; Adam Young
Cc: OpenStack Development Mailing List (not for usage questions)
Subject: Re: [openstack-dev] [keystone] Service scoped role definition
On 04/12/2013 17:28, Tiwari, Arvind wrote:
Hi David,
Thanks for your valuable comments.
I have updated
https://etherpad.openstack.org/p
Hi David,
I have added my comments underneath line # 97 till line #110, it is mostly
aligned with your proposal with some modification.
https://etherpad.openstack.org/p/service-scoped-role-definition
Thanks for your time,
Arvind
-Original Message-
From: Tiwari, Arvind
Sent
which can fit in my Plan B
and I think Adam is cool with plan B.
Please let me know if David's proposal for role-def scoping is cool for
everybody?
Thanks,
Arvind
-Original Message-
From: Adam Young [mailto:ayo...@redhat.com]
Sent: Wednesday, November 27, 2013 8:44 AM
To: Tiwari, Arvind
-Original Message-
From: David Chadwick [mailto:d.w.chadw...@kent.ac.uk]
Sent: Monday, November 25, 2013 12:12 PM
To: Tiwari, Arvind; OpenStack Development Mailing List
Cc: Henry Nash; ayo...@redhat.com; dolph.math...@gmail.com; Yee, Guang
Subject: Re: [openstack-dev] [keystone] Service
.
Feel free to update the etherpad.
Regards,
Arvind
-Original Message-
From: Tiwari, Arvind
Sent: Tuesday, November 26, 2013 4:08 PM
To: David Chadwick; OpenStack Development Mailing List
Subject: Re: [openstack-dev] [keystone] Service scoped role definition
Hi David,
Thanks for your
Hi,
Based on our discussion in design summit , I have redone the service_id binding
with roles
BPhttps://blueprints.launchpad.net/keystone/+spec/serviceid-binding-with-role-definition.
I have added a new BP (link below) along with detailed use case to support
this BP.
Mailing List
Cc: Tiwari, Arvind
Subject: Re: [openstack-dev] [keystone] Extending policy checking to include
target entities
I have responded to your post, as I dont think it solves the identified
problem
regards
David
On 24/07/2013 23:26, Tiwari, Arvind wrote:
I have added my proposal
are on track for our 1.0 release for
Havana. I would encourage anyone interested to check our what we are working on
and come help us out. We use this list for most of our discussions and we hang
out on #openstack-cloudkeep on free node.
From: Tiwari, Arvind [mailto:arvind.tiw...@hp.com]
Sent
Hi Henry,
Do you have etherpad to capture these stuff?
Arvind
-Original Message-
From: Henry Nash [mailto:hen...@linux.vnet.ibm.com]
Sent: Tuesday, July 23, 2013 4:48 PM
To: David Chadwick
Cc: OpenStack Development Mailing List
Subject: Re: [openstack-dev] [keystone] Extending
Hi All,
I am following Barbican project and I have some question around it, I would
appreciate if someone can answer them or point me to the correct resource
1. What is the state of the project, is it in the state where it can be
utilized in production deployments?
2.Dose
All,
Added etherpad link, please share your comments or suggestion
https://etherpad.openstack.org/serviceid-binding-with-role-definition
Arvind
From: Tiwari, Arvind
Sent: Wednesday, June 19, 2013 4:42 PM
To: OpenStack Development Mailing List
Subject: New BP - ServiceId binding with role
All,
I have added a new BP, which advocates service id binding with role definition
https://blueprints.launchpad.net/keystone/+spec/serviceid-binding-with-role-definition
Please look at it and share your comments.
Arvind
___
OpenStack-dev mailing
43 matches
Mail list logo