Difference between revisions of "KeystoneR1"
| Line 1: | Line 1: | ||
__NOTOC__ | __NOTOC__ | ||
| − | * '''Launchpad Entry''': [[KeystoneSpec]]:openstack-identity-service | + | * '''Launchpad Entry''': [[KeystoneSpec]]; https://blueprints.launchpad.net/keystone/+spec/openstack-identity-service |
* '''Created''': | * '''Created''': | ||
* '''Contributors''': ziad-sawalha, jorgew, khussein, anotherjesse | * '''Contributors''': ziad-sawalha, jorgew, khussein, anotherjesse | ||
| Line 26: | Line 26: | ||
== Design == | == Design == | ||
| − | + | Python service modeled after other [[OpenStack]] services. Using pluggable protocol and backend model (see Burrow), WSGI, and eventlet. | |
| + | |||
| + | Support [[RackspaceAuth]]; http://docs.rackspacecloud.com/files/api/v1/cfdevguide_d5/content/ch03s01.html protocol. | ||
| + | |||
| + | [[AnyScale]] - runs on one laptop and can be scaled for production load. | ||
== Implementation == | == Implementation == | ||
| − | + | === Release 1 - Early June 2011 === | |
| − | |||
| − | === | ||
| − | + | Rackspace Auth protocol, endpoints, | |
=== Code Changes === | === Code Changes === | ||
Revision as of 04:46, 24 May 2011
- Launchpad Entry: KeystoneSpec; https://blueprints.launchpad.net/keystone/+spec/openstack-identity-service
- Created:
- Contributors: ziad-sawalha, jorgew, khussein, anotherjesse
Summary
OpenStack Identity service (Keystone; https://launchpad.net/keystone).
See also: AuthMiddlewareSpec; http://wiki.openstack.org/openstack-authn
See also: AuthSpec; http://wiki.openstack.org/AuthnAuthz
Release Note
This first release is intended to address existing use cases for authentication and identity in Nova and Swift (and planned integration with Glance and other core or affiliated services). The goal is to be able to download the set of OpenStack services and be able to run them as an integrated suite. Keystone will provide the common identity components (user store, authentication service, endpoint management, and middleware to integrate with services.
Rationale
For OpenStack to be a cohesive suite, a common identity store and integration middleware is needed.
User stories
- As someone considering OpenStack, I can download the code, follow simple instructions, and get the stack up and running to test the capabilities and APIs and play around with the dashboard and mobile apps without heavy, external dependencies.
- As a service developer, I don't need to develop authentication code. I just plug in the Keystone middleware and my service can support a variety of pluggable authentication protocols and identity providers.
Assumptions
Design
Python service modeled after other OpenStack services. Using pluggable protocol and backend model (see Burrow), WSGI, and eventlet.
Support RackspaceAuth; http://docs.rackspacecloud.com/files/api/v1/cfdevguide_d5/content/ch03s01.html protocol.
AnyScale - runs on one laptop and can be scaled for production load.
Implementation
Release 1 - Early June 2011
Rackspace Auth protocol, endpoints,
Code Changes
Code changes should include an overview of what needs to change, and in some cases even the specific details.
Migration
Include:
- data migration, if any
- redirects from old URLs to new ones, if any
- how users will be pointed to the new way of doing things, if necessary.
Test/Demo Plan
This need not be added or completed until the specification is nearing beta.
Unresolved issues
This should highlight any issues that should be addressed in further specifications, and not problems with the specification itself; since any specification with problems cannot be approved.
BoF agenda and discussion
Use this section to take notes during the BoF; if you keep it in the approved spec, use it for summarising what was discussed and note any options that were rejected.
