Jump to: navigation, search

Nova/AuthManagerSpec

< Nova
Revision as of 18:37, 12 May 2011 by Brian (talk)
  • Launchpad Entry: NovaSpec:finalize-nova-auth
  • Created: May 12, 2011
  • Contributors: Brian Waldon, Brian Lamar

Summary

Currently, the AuthManager simply utilizes the database to store all authn/authz information. We want Nova users to be able to choose an authentication & authorization system that works best for them. Right now, we are only planning on adding support for Keystone.

User stories

As a deployer of Nova, I want to use Keystone as my authn/authz backend.

As a deployer of Nova, I want to use the existing authn/authz backend.

As a deployer of Nova, I want it to be painless to transition an existing deployment from the existing database into Keystone.

Implementation

Code Changes

This approach will help minimize code changes across the project. We need to refactor AuthManager in Nova to support pluggable drivers, similar to our virtualization drivers.

Migration

We plan to design a set of scripts that will assist in data migrations between local and Keystone drivers.

Retrieved from "https://wiki.openstack.org/w/index.php?title=Nova/AuthManagerSpec&oldid=4330"