Jump to: navigation, search


Project codename: Keystone

Summary (one sentence abstract of the project): OpenStack Identity Service with pluggable AuthN+Z backend and protocols.

Detailed Description: Keystone is an Identity service that integrates the following:

1. Identity stores (database, LDAP, Active Directory, text file, PAM, etc...)

2. Protocols for Authentication, authorization, federation, and delegation (such as OAUTH, OpenID, Basic Auth, Token Auth, SAML, etc...)

3. Middleware that can be plugged in to services to provide Identity and AuthN+Z services.

What is the purpose of the project and vision for it?

Identity is a core concern for any software service and operating system and OpenStack, as a cloud operating system, must address this. Interoperability is also key, which therefore drives the architecture of Keystone (pluggable).

Basic roadmap for the project: https://launchpad.net/keystone/diablo

Location of project source code: http://github.com/rackspace/keystone

Programming language, required technology dependencies: Python. No additional dependencies outside of what Swift and Nova use.

Uses eventlet. Leverages DTest for testing.

Is project currently open sourced? What license?: Yes. Apache 2.0.

Level of maturity of software and team: Functioning prototype with integration with SWIFT, NOVA, GLANCE, and the dashboard. Dedicated team.

Proposed project technical lead and qualifications: Ziad Sawalha http://www.linkedin.com/in/ziadsawalha

Other project developers and qualifications:

Yogeshwar "Yogi" Srikrishnan http://www.linkedin.com/in/yogeshwarsrikrishnan - core developer on Rackspace Auth
Dolph Mathews http://www.linkedin.com/in/dolphmathews

Also received/receiving contributions from:

  • Jesse Andrews
  • Jay Pipes
  • Greg Holt
  • Kevin Mitchell
  • Brian Lamar
  • Dan Prince
  • Khaled Hussein
  • Jorge Williams
  • Vish
  • Termie

Infrastructure requirements (testing, etc): Anyscale - no infrastructure needed outside of Python and Python libraries (see pip-requires for specific dependencies).

Uses eventlet / WSGI. DTest for testing.

Have all current contributors agreed to the OpenStack CLA? Yes

Status: Approved on 6/21/2011