Re: [openstack-dev] Inter cloud resource federation [Alliance]
Hi Raildo, Yes, I am trying to separate out the resource federation concerns through Alliance, Identity federation will be intact with Keystone. At the same time Alliance will play as delegate for keystone wherever resource federation across clouds concern need to be addressed. I would love to work with you on this and anyone who is interested. I am putting together a POC and will keep you and community informed on the same. Thanks, Arvind From: Raildo Mascena [mailto:rail...@gmail.com] Sent: Wednesday, July 09, 2014 1:16 PM To: OpenStack Development Mailing List (not for usage questions) Subject: Re: [openstack-dev] Inter cloud resource federation [Alliance] Hi Arvind, First, I quite liked the idea and I am very interested in helping you with that. Second, I have some doubts. What is the similarity (and differences) with Keystone to Keystone blueprint? https://review.openstack.org/#/c/100023/https://blueprints.launchpad.net/keystone/+spec/keystone-to-keystone-federation The federation will be migrated to this new service? Regards, 2014-07-09 14:33 GMT-03:00 Tiwari, Arvind arvind.tiw...@hp.commailto:arvind.tiw...@hp.com: Hi All, I am investigating on inter cloud resource federation across OS based cloud deployments, this is needed to support multi regions, cloud bursting, VPC and more use cases. I came up with a design (link below) which advocate a new service (a.k.a. Alliance), this service sits close to Keystone and help abstracting all the inter cloud concerns from Keystone. This service will be abstracted from end users and there won’t be any direct interactions between user and Alliance service. Keystone will be delegating all inter cloud concerns to Alliance. https://wiki.openstack.org/wiki/Inter_Cloud_Resource_Federation Apart from basic resource federation use cases, Alliance service will add following features 1. UUID token support across cloud 2. PKI Token support 3. Inter Cloud Token Validation 4. Inter Cloud Communication to allow •Region/endpoint Discovery •Service Discovery •Remote Resource Provisioning 5. Resource Access Across Clouds 6. SSO Across Cloud 7. SSOut Across Cloud (or Inter Cloud Token Revocation) 8. Notification to propagate meter info, resource de-provisioning …. I would appreciate if you guys take a look and share your perspective. I am open to any questions, suggestions, discussions on the same. Thanks for your time, Arvind Please excuse any typographical error. ___ OpenStack-dev mailing list OpenStack-dev@lists.openstack.orgmailto:OpenStack-dev@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev -- Raildo Mascena Bachelor of Computer Science. Software Engineer at Laboratory of Distributed Systems - UFCG ___ OpenStack-dev mailing list OpenStack-dev@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
Re: [openstack-dev] Inter cloud resource federation [Alliance]
Hi Matt, It is not about identity federation (which is handled in Keystone), this is about resource federation across clouds, Nova resources are one of them. I don't know much about Nova cells right now, I will try to understand it soon. Thanks, Arvind -Original Message- From: Matt Riedemann [mailto:mrie...@linux.vnet.ibm.com] Sent: Wednesday, July 09, 2014 2:30 PM To: openstack-dev@lists.openstack.org Subject: Re: [openstack-dev] Inter cloud resource federation [Alliance] On 7/9/2014 12:33 PM, Tiwari, Arvind wrote: Hi All, I am investigating on inter cloud resource federation across OS based cloud deployments, this is needed to support multi regions, cloud bursting, VPC and more use cases. I came up with a design (link below) which advocate a new service (a.k.a. Alliance), this service sits close to Keystone and help abstracting all the inter cloud concerns from Keystone. This service will be abstracted from end users and there won't be any direct interactions between user and Alliance service. Keystone will be delegating all inter cloud concerns to Alliance. https://wiki.openstack.org/wiki/Inter_Cloud_Resource_Federation Apart from basic resource federation use cases, Alliance service will add following features 1.UUID token support across cloud 2.PKI Token support 3.Inter Cloud Token Validation 4.Inter Cloud Communication to allow *Region/endpoint Discovery *Service Discovery *Remote Resource Provisioning 5.Resource Access Across Clouds 6.SSO Across Cloud 7.SSOut Across Cloud (or Inter Cloud Token Revocation) 8.Notification to propagate meter info, resource de-provisioning I would appreciate if you guys take a look and share your perspective. I am open to any questions, suggestions, discussions on the same. Thanks for your time, Arvind *Please excuse any typographical error.*** ___ OpenStack-dev mailing list OpenStack-dev@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev Is this only identity (keystone) are other things like booting instances in nova from public/private clouds which are abstracted from the client, and if so have you heard of nova-cells? -- Thanks, Matt Riedemann ___ OpenStack-dev mailing list OpenStack-dev@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev ___ OpenStack-dev mailing list OpenStack-dev@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
Re: [openstack-dev] Inter cloud resource federation [Alliance]
Hi Arvind, Now it's clear to me. It will be a pleasure for me and my team help you. I'll be awaiting to see the POC. Regards, 2014-07-10 12:36 GMT-03:00 Tiwari, Arvind arvind.tiw...@hp.com: Hi Matt, It is not about identity federation (which is handled in Keystone), this is about resource federation across clouds, Nova resources are one of them. I don't know much about Nova cells right now, I will try to understand it soon. Thanks, Arvind -Original Message- From: Matt Riedemann [mailto:mrie...@linux.vnet.ibm.com] Sent: Wednesday, July 09, 2014 2:30 PM To: openstack-dev@lists.openstack.org Subject: Re: [openstack-dev] Inter cloud resource federation [Alliance] On 7/9/2014 12:33 PM, Tiwari, Arvind wrote: Hi All, I am investigating on inter cloud resource federation across OS based cloud deployments, this is needed to support multi regions, cloud bursting, VPC and more use cases. I came up with a design (link below) which advocate a new service (a.k.a. Alliance), this service sits close to Keystone and help abstracting all the inter cloud concerns from Keystone. This service will be abstracted from end users and there won't be any direct interactions between user and Alliance service. Keystone will be delegating all inter cloud concerns to Alliance. https://wiki.openstack.org/wiki/Inter_Cloud_Resource_Federation Apart from basic resource federation use cases, Alliance service will add following features 1.UUID token support across cloud 2.PKI Token support 3.Inter Cloud Token Validation 4.Inter Cloud Communication to allow *Region/endpoint Discovery *Service Discovery *Remote Resource Provisioning 5.Resource Access Across Clouds 6.SSO Across Cloud 7.SSOut Across Cloud (or Inter Cloud Token Revocation) 8.Notification to propagate meter info, resource de-provisioning I would appreciate if you guys take a look and share your perspective. I am open to any questions, suggestions, discussions on the same. Thanks for your time, Arvind *Please excuse any typographical error.*** ___ OpenStack-dev mailing list OpenStack-dev@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev Is this only identity (keystone) are other things like booting instances in nova from public/private clouds which are abstracted from the client, and if so have you heard of nova-cells? -- Thanks, Matt Riedemann ___ OpenStack-dev mailing list OpenStack-dev@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev ___ OpenStack-dev mailing list OpenStack-dev@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev -- Raildo Mascena Bachelor of Computer Science. Software Engineer at Laboratory of Distributed Systems - UFCG ___ OpenStack-dev mailing list OpenStack-dev@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
[openstack-dev] Inter cloud resource federation [Alliance]
Hi All, I am investigating on inter cloud resource federation across OS based cloud deployments, this is needed to support multi regions, cloud bursting, VPC and more use cases. I came up with a design (link below) which advocate a new service (a.k.a. Alliance), this service sits close to Keystone and help abstracting all the inter cloud concerns from Keystone. This service will be abstracted from end users and there won't be any direct interactions between user and Alliance service. Keystone will be delegating all inter cloud concerns to Alliance. https://wiki.openstack.org/wiki/Inter_Cloud_Resource_Federation Apart from basic resource federation use cases, Alliance service will add following features 1. UUID token support across cloud 2. PKI Token support 3. Inter Cloud Token Validation 4. Inter Cloud Communication to allow *Region/endpoint Discovery *Service Discovery *Remote Resource Provisioning 5. Resource Access Across Clouds 6. SSO Across Cloud 7. SSOut Across Cloud (or Inter Cloud Token Revocation) 8. Notification to propagate meter info, resource de-provisioning I would appreciate if you guys take a look and share your perspective. I am open to any questions, suggestions, discussions on the same. Thanks for your time, Arvind Please excuse any typographical error. ___ OpenStack-dev mailing list OpenStack-dev@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
Re: [openstack-dev] Inter cloud resource federation [Alliance]
Hi Arvind, First, I quite liked the idea and I am very interested in helping you with that. Second, I have some doubts. What is the similarity (and differences) with Keystone to Keystone blueprint? https://review.openstack.org/#/c/100023/ https://blueprints.launchpad.net/keystone/+spec/keystone-to-keystone-federation The federation will be migrated to this new service? Regards, 2014-07-09 14:33 GMT-03:00 Tiwari, Arvind arvind.tiw...@hp.com: Hi All, I am investigating on inter cloud resource federation across OS based cloud deployments, this is needed to support multi regions, cloud bursting, VPC and more use cases. I came up with a design (link below) which advocate a new service (a.k.a. Alliance), this service sits close to Keystone and help abstracting all the inter cloud concerns from Keystone. This service will be abstracted from end users and there won’t be any direct interactions between user and Alliance service. Keystone will be delegating all inter cloud concerns to Alliance. https://wiki.openstack.org/wiki/Inter_Cloud_Resource_Federation Apart from basic resource federation use cases, Alliance service will add following features 1. UUID token support across cloud 2. PKI Token support 3. Inter Cloud Token Validation 4. Inter Cloud Communication to allow •Region/endpoint Discovery •Service Discovery •Remote Resource Provisioning 5. Resource Access Across Clouds 6. SSO Across Cloud 7. SSOut Across Cloud (or Inter Cloud Token Revocation) 8. Notification to propagate meter info, resource de-provisioning …. I would appreciate if you guys take a look and share your perspective. I am open to any questions, suggestions, discussions on the same. Thanks for your time, Arvind *Please excuse any typographical error.* ___ OpenStack-dev mailing list OpenStack-dev@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev -- Raildo Mascena Bachelor of Computer Science. Software Engineer at Laboratory of Distributed Systems - UFCG ___ OpenStack-dev mailing list OpenStack-dev@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
Re: [openstack-dev] Inter cloud resource federation [Alliance]
On 7/9/2014 12:33 PM, Tiwari, Arvind wrote: Hi All, I am investigating on inter cloud resource federation across OS based cloud deployments, this is needed to support multi regions, cloud bursting, VPC and more use cases. I came up with a design (link below) which advocate a new service (a.k.a. Alliance), this service sits close to Keystone and help abstracting all the inter cloud concerns from Keystone. This service will be abstracted from end users and there won’t be any direct interactions between user and Alliance service. Keystone will be delegating all inter cloud concerns to Alliance. https://wiki.openstack.org/wiki/Inter_Cloud_Resource_Federation Apart from basic resource federation use cases, Alliance service will add following features 1.UUID token support across cloud 2.PKI Token support 3.Inter Cloud Token Validation 4.Inter Cloud Communication to allow •Region/endpoint Discovery •Service Discovery •Remote Resource Provisioning 5.Resource Access Across Clouds 6.SSO Across Cloud 7.SSOut Across Cloud (or Inter Cloud Token Revocation) 8.Notification to propagate meter info, resource de-provisioning …. I would appreciate if you guys take a look and share your perspective. I am open to any questions, suggestions, discussions on the same. Thanks for your time, Arvind *Please excuse any typographical error.*** ___ OpenStack-dev mailing list OpenStack-dev@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev Is this only identity (keystone) are other things like booting instances in nova from public/private clouds which are abstracted from the client, and if so have you heard of nova-cells? -- Thanks, Matt Riedemann ___ OpenStack-dev mailing list OpenStack-dev@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
Re: [openstack-dev] Inter Cloud Resource Federation (Alliance)
Will this work will be built to exploit the existing federated authentication and role mapping code in Icehouse ? Resource discover/access/provisioning is a natural next step but I hope it is built on the existing identity frameworks. Tim From: Tiwari, Arvind [mailto:arvind.tiw...@hp.com] Sent: 02 July 2014 00:52 To: OpenStack Development Mailing List (not for usage questions) Subject: [openstack-dev] Inter Cloud Resource Federation (Alliance) All, I am working on a new service to address the problems of Inter Cloud Resource Federation use cases (e.g. multi region, cloud bursting, resource sharing across clouds, etc . ). The new service will integrate multiple OpenStack cloud to work in alliance to provide resource federation and resource sharing across clouds. Please take a look at link below which explains use cases for resource federation and solution. This link also explains high level components of the new service. https://wiki.openstack.org/wiki/Inter_Cloud_Resource_Federation Please share your thoughts and comments. Thanks, Arvind ___ OpenStack-dev mailing list OpenStack-dev@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
[openstack-dev] Inter Cloud Resource Federation (Alliance)
All, I am working on a new service to address the problems of Inter Cloud Resource Federation use cases (e.g. multi region, cloud bursting, resource sharing across clouds, etc . ). The new service will integrate multiple OpenStack cloud to work in alliance to provide resource federation and resource sharing across clouds. Please take a look at link below which explains use cases for resource federation and solution. This link also explains high level components of the new service. https://wiki.openstack.org/wiki/Inter_Cloud_Resource_Federation Please share your thoughts and comments. Thanks, Arvind ___ OpenStack-dev mailing list OpenStack-dev@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
