• Like
Cloud.ca and CloudOps cs_auth
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

Cloud.ca and CloudOps cs_auth

  • 1,466 views
Published

Cloudstack authentication integration presentation.

Cloudstack authentication integration presentation.

Published in Technology , Education
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
    Be the first to like this
No Downloads

Views

Total Views
1,466
On SlideShare
0
From Embeds
0
Number of Embeds
0

Actions

Shares
Downloads
32
Comments
0
Likes
0

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide

Transcript

  • 1. Integration betweenCloudstack andOpenstackWill StevensDavid Chamard sponsored by
  • 2. Introducing CloudstackCloudstack in 5 seconds:An Apache licensed, open source computestack (like Nova), mostly built in JAVA.What integration currently exists betweenopenstack and cloudstack: Storing VMsnapshots and templates (image files) to Swift.What is missing: Front-end UI andauthentication between the two systems.
  • 3. Love for Openstack and Cloudstack CS + OS
  • 4. What is cs_auth?● Swift authentication middleware.● Authenticate users via the Cloudstack API.● Leverage Cloudstacks user management rather than introducing another auth system.● Removes the need to populate and sync multiple databases for account information.
  • 5. Overview of cs_auth● Handles S3 requests via the swift3 middleware.● Implements ACL, including public containers.● Uses Memcached for caching the users identity.● Works out of the box with common tools: ○ Cyberduck ○ Swift Bench ○ Swift Dispersion ○ Swift Recon
  • 6. Request Flow
  • 7. Anatomy of cs_authtoken = hashlib.sha224(%s%s % (cs[secretkey], cs[apikey])).hexdigest()if self.reseller_prefix != : account_url = %s/v1/%s_%s % (self.storage_url, self.reseller_prefix, quote(cs[account]))else: account_url = %s/v1/%s % (self.storage_url, quote(cs[account]))identity = dict({ username:cs[username], account:cs[account], token:token, account_url:account_url, domain:dict({ id:cs[domainid], name:cs[domain] }), roles:[self.cs_roles[cs[accounttype]], cs[account]], expires:expires})
  • 8. Additional considerations● Still need a UI for Swift in Cloudstack.● Need to work with the swift and keystone teams to improve ACL support for S3 calls.
  • 9. Get the code...http://cloudops.github.com/cs_auth/