OpenStack Keystone Rocky Project Update

•Download as ODP, PDF•

0 likes•235 views

The document summarizes updates to the OpenStack Identity (Keystone) project. In the Rocky release, improvements include default roles, unified limits API stabilization, and improved multi-factor authentication. Looking ahead, the Stein release will focus on default roles across services, oslo.limit adoption, and improved federated identity. The document also provides information on how to contribute and lists related sessions.

Technology

Rocky Project Update
Lance Bragstad (@LanceBragstad)
Harry Rybacki (@HarryRybacki)

What is OpenStack Identity?
What was accomplished in Queens?
What are we achieving in Rocky?
Looking ahead to Stein
How you can contribute
Related sessions & talks

What is OpenStack Identity?
a shared service for authentication and authorization
supplies identity information to end users and services
broker between OpenStack and other identity services

2H17 User Survey - Where should we prioritize resources?

What was accomplished in Queens?
application credentials
system scope & system role assignments
oslo.policy improvements
unified limits & flat enforcement
project tags
v2.0 API removal

What are we achieving in Rocky?
default roles
unified limits API stabilization
strict hierarchical enforcement model
application credential capability lists
improved multi-factor authentication

Looking ahead to Stein
default roles across services
oslo.limit adoption
federated identity improvements

How you can contribute
office hours on Tuesdays
weekly reports every Friday

How you can contribute
consistent default roles
oslo.limit integration

Forum sessions
Default Roles on Monday @ 11:35
Project Onboarding on Monday @ 5:10
Edge Architecture on Tuesday @ 11:00
Feedback Session on Tuesday @ 5:30
Unified Limits on Thursday @ 3:30

Related talks
A Unified Approach to Role Based Access Control on Monday @ 3:10
Integrating Keystone with Centralized Authentication on Tuesday @ 9:50
Kubernetes and OpenStack Policy Management on Tuesday @ 1:50
Application Credentials in Keystone on Wednesday @ 5:30
Centralized Policy Enforcement on Thursday @ 11:00

The document discusses OpenStack Identity, which provides authentication, authorization, and auditing services to OpenStack and other systems. It has a 98% adoption rate. The document outlines how to contribute to OpenStack Identity by communicating with the community, filing bugs, writing specifications, registering blueprints, and reviewing code. It also discusses the project architecture and identity libraries that make up the structure of OpenStack Identity.

Uber's new mobile architecture

Dhaval Patel

Introduction to Service Oriented Architecture

DATA Inc.

Overview of SOA and the role of ESB / OSB

Nahser Bakht

This document discusses SOA and the role of Oracle Service Bus (OSB). It describes how traditional integration approaches like point-to-point and EAI can cause issues. SOA addresses these issues by organizing applications into reusable services. OSB acts as an integration backbone that mediates between services, supporting dynamic routing, transformations, composition and more. It provides location transparency and supports multiple protocols. The OSB architecture builds on Oracle WebLogic Server and the Java platform.

This document discusses REST testing and the Rest-Assured library. It begins with an overview of REST including that it is a set of architecture principles for distributed applications using HTTP. It then discusses constraints of REST like being stateless and having a uniform interface. The document outlines what to test for REST APIs like business logic, data format, and naming conventions. It introduces tools for REST testing like Postman and SoapUI. Finally, it provides details on the Rest-Assured Java library for testing REST services including advantages like its fluent API and response assertions.

Владимир Логвинов - Rest-Assured - легкий способ автоматизации тестирования REST

Web Tech Fun

soa ppt v7.ppt

PrasannaVenkatesanVe1

This document provides an overview of service-oriented architecture (SOA). It defines SOA as a design paradigm that specifies the creation of automation logic in the form of discrete, autonomous services. The key benefits of SOA include enabling flexible, federated business processes and optimization through reuse of services across organizations. The document discusses SOA concepts like loose coupling, service contracts, and different service types. It also outlines the layers of a service architecture and some core SOA principles.

WebServices_Course_Content.pdf

AnanthReddy38

Magnitia’s Web services Testing Training will provide you complete knowledge on Web services, API and their functionality. This API Testing course enables you to develop robust automation Framework for API’s test cases and how to test Web services and REST API using SoapUI& Rest Assured. Learn API Testing (POSTMAN, REST ASSURED, BDD-Cucumber, BDD-Karate, CI-CT Pipeline & Microservices Test Automation) by P.Nageswara Rao at Magnitia. Web Services is the mechanism or media used to communicate between two different technology applications / machines which will exchange the data (Request / Response) irrespective of their internal architecture and technology. By the end of this course you will understand the importance and procedure of mocking the web services, how to generate neat reports for execution results and will get clear picture on API Testing. Aspirants who are interested can attend our API Testing training in Hyderabad, or you can take our API Testing online training.

API Platform Cloud Service best practice - OOW17

Phil Wilkins

Microsoft Reactor Toronto 5/5/2020 | Azure Kubernetes In Action - Running and...

Roy Kim

Azure Kubernetes Service (AKS) is a managed container orchestration service. With Kubernetes continuing to grow in popularity, many developers and IT engineers are curious to get started. Roy will demonstrate hosted microservices applications and the Istio service mesh. Along with how to manage your cluster with the Kubernetes Dashboard, Prometheus, Grafana and Azure Monitor. You will see a practical overview how all these pieces fit together. www.roykim.ca Twitter: @RoyKimYYZ Github: https://github.com/RoyKimYYZ

S+S Architecture Overview

David Solivan

Oracle API Platform Cloud Service Best Practices & Lessons Learnt

luisw19

The document provides best practices and lessons learned from implementing Oracle API Platform. It discusses the importance of API management and outlines the key steps in the API lifecycle. It also summarizes the steps recommended for a successful API Platform implementation, including discovery workshops, architecture design, installation tips, and an API design process leveraging API-first principles.

Service Techmagazine

Bootcamp SCL

The document discusses the emergence of API management and the API economy. It describes how modern web APIs are enabling businesses to expose their resources and services through APIs to build value-added ecosystems. This is leading to the growth of the API economy, where companies leverage APIs to unlock additional business value. As APIs and the API economy continue expanding, API management is becoming an important component of service infrastructure to ensure quality, security and governance of APIs.

DSR Microservices (Day 1, Part 1)

Steve Upton

This document provides an overview of microservices from Steve Upton. It discusses the two main histories of microservices - the standard creation story involving moving from a monolithic application to many independent microservices, and an "other story" noting how microservices evolved alongside changes in development practices, hardware, and platforms. Some key advantages of microservices are listed, such as resilience, loose coupling, and independent scalability. The CAP theorem is also introduced, noting the tradeoff between consistency, availability, and partition tolerance that must be considered with distributed systems.

Dynamic APIs: SOA Done Right

Inside Analysis

The Briefing Room with Analyst Dr. Robin Bloor and SOA Live Webcast on May 6, 2014 Watch the archive: Today’s enterprise relies on a host of services and applications to keep business running like a well-oiled machine. The guiding principles behind the service-oriented architecture (SOA) are supposed to ensure a smooth transition between services, but the motley assortment of applications is leaving some organizations over-burdened with complexity and latency. With the increasingly distributed and data-driven information environment, is it time to consider a new approach? Register for this episode of The Briefing Room to learn from veteran Analyst Dr. Robin Bloor as he explains the hopes and dreams of SOA, and why they were never fully achieved. He’ll be briefed by Jason Bloomberg of EnterpriseWeb who will tout his company’s multi-faceted platform, a solution designed to drive agile and flexible business operations and applications. He will demonstrate how EnterpriseWeb circumvents the limitations of SOA and delivers a data-centric environment that dynamically responds to change in real time. Visit InsideAnlaysis.com for more information.

Architect v (enterprise, soa, cloud, togaf)

Ronnie Reddy

This job posting is for an Architect V position in Herndon, VA for a 6 month duration. The role involves supporting the adoption of a SOA strategy and framework, designing cloud native applications on AWS, identifying and designing SOA services based on business processes using technologies like TIBCO and Java. The architect will also develop standards and frameworks to identify and implement services, design service interfaces, and support the creation of metrics to analyze the adoption of services. Experience with Enterprise Architecture frameworks like TOGAF is required.

Introduction to Microservices by Jim Tran, Principal Solutions Architect, AWS

Amazon Web Services

This document discusses architecting microservices on AWS. It begins by outlining challenges with monolithic software architectures like long build/test/release cycles and difficulty scaling. It then introduces microservices as a way to decompose applications into independently deployable services. Key principles for microservices include having services communicate over APIs, using the right data store for each service's needs, securing services through defense-in-depth, and collaborating as good ecosystem citizens. The document provides examples of implementing a sample restaurant microservice on AWS using Lambda, API Gateway, DynamoDB, and other services. It emphasizes that microservices require not just technical changes but organizational transformation as well.

Fundamental Essentials for API Design

Michael James Cyrus

Fundamental essentials for api design

Michael James Cyrus

The document provides best practices for designing RESTful APIs, including: 1. Use JSON for responses as it is ubiquitous, human-readable, and allows easy changes to fields. 2. Design RESTful URLs around logical resources that are manipulated using HTTP methods like GET, POST, PUT, and DELETE. 3. Always use SSL to encrypt communications and simplify authentication with access tokens instead of signing requests.

Fundamental essentials for api design

Michael James Cyrus

wepik-maximizing-efficiency-mastering-rest-api-implementation-20240419020545U...

AllstuffRj

[ScaleConf 2020] How to Tame Your Microservices: Evolving Airbnb's Architecture

Jessica Tai

Csg Soa Jr

guesta37dc0

The document discusses the challenges faced by Berkeley in transitioning from siloed and unstructured web services to a service-oriented architecture (SOA). It outlines trends driving this change and Berkeley's initial efforts with web services. It then summarizes Berkeley's plan to build a SOA and "Campus IT Community" to improve flexibility, reuse of components, and quality of systems development. Key challenges discussed include immature technologies, cultural and process issues, resource constraints, and ensuring interoperability between new and existing systems.

Ibm_interconnect_restapi_workshop

Shubhra Kar

This document provides an overview of Shubhra Kar's presentation on using Node.js to build APIs and hyperscale the API economy. The presentation discusses using Node.js for mobile/omni-channel backends, high performance ESBs, and IoT. It also covers why Node.js is well-suited for APIs, which Node.js framework to choose, design patterns, and how to code and deploy an API in 10 minutes. The document includes graphs comparing Node.js performance to other solutions and discusses trends around microservices and decomposing monolithic APIs.

Mariano G Tinti - Decoding SpaceX

Mariano Tinti

Climate Impact of Software Testing at Nordic Testing Days

Kari Kakkonen

My slides at Nordic Testing Days 6.6.2024 Climate impact / sustainability of software testing discussed on the talk. ICT and testing must carry their part of global responsibility to help with the climat warming. We can minimize the carbon footprint but we can also have a carbon handprint, a positive impact on the climate. Quality characteristics can be added with sustainability, and then measured continuously. Test environments can be used less, and in smaller scale and on demand. Test techniques can be used in optimizing or minimizing number of tests. Test automation can be used to speed up testing.

Similar to OpenStack Keystone Rocky Project Update

Rest-Assured - легкий способ автоматизации тестирования REST

Valtech Ukraine

Владимир Логвинов - Rest-Assured - легкий способ автоматизации тестирования REST

Web Tech Fun

soa ppt v7.ppt

PrasannaVenkatesanVe1

WebServices_Course_Content.pdf

AnanthReddy38

API Platform Cloud Service best practice - OOW17

Phil Wilkins

Microsoft Reactor Toronto 5/5/2020 | Azure Kubernetes In Action - Running and...

Roy Kim

S+S Architecture Overview

David Solivan

Oracle API Platform Cloud Service Best Practices & Lessons Learnt

luisw19

Service Techmagazine

Bootcamp SCL

DSR Microservices (Day 1, Part 1)

Steve Upton

Dynamic APIs: SOA Done Right

Inside Analysis

Architect v (enterprise, soa, cloud, togaf)

Ronnie Reddy

Introduction to Microservices by Jim Tran, Principal Solutions Architect, AWS

Amazon Web Services

Fundamental Essentials for API Design

Michael James Cyrus

Fundamental essentials for api design

Michael James Cyrus

Fundamental essentials for api design

Michael James Cyrus

wepik-maximizing-efficiency-mastering-rest-api-implementation-20240419020545U...

AllstuffRj

[ScaleConf 2020] How to Tame Your Microservices: Evolving Airbnb's Architecture

Jessica Tai

Csg Soa Jr

guesta37dc0

Ibm_interconnect_restapi_workshop

Shubhra Kar

Similar to OpenStack Keystone Rocky Project Update (20)

Rest-Assured - легкий способ автоматизации тестирования REST

Владимир Логвинов - Rest-Assured - легкий способ автоматизации тестирования REST

soa ppt v7.ppt

WebServices_Course_Content.pdf

API Platform Cloud Service best practice - OOW17

Microsoft Reactor Toronto 5/5/2020 | Azure Kubernetes In Action - Running and...

S+S Architecture Overview

Oracle API Platform Cloud Service Best Practices & Lessons Learnt

Service Techmagazine

DSR Microservices (Day 1, Part 1)

Dynamic APIs: SOA Done Right

Architect v (enterprise, soa, cloud, togaf)

Introduction to Microservices by Jim Tran, Principal Solutions Architect, AWS

Fundamental Essentials for API Design

Fundamental essentials for api design

wepik-maximizing-efficiency-mastering-rest-api-implementation-20240419020545U...

[ScaleConf 2020] How to Tame Your Microservices: Evolving Airbnb's Architecture

Csg Soa Jr

Ibm_interconnect_restapi_workshop

Recently uploaded

Mariano G Tinti - Decoding SpaceX

Mariano Tinti

Climate Impact of Software Testing at Nordic Testing Days

Kari Kakkonen

Introduction to CHERI technology - Cybersecurity

mikeeftimakis1

Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack

shyamraj55

Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...

SOFTTECHHUB

The choice of an operating system plays a pivotal role in shaping our computing experience. For decades, Microsoft's Windows has dominated the market, offering a familiar and widely adopted platform for personal and professional use. However, as technological advancements continue to push the boundaries of innovation, alternative operating systems have emerged, challenging the status quo and offering users a fresh perspective on computing. One such alternative that has garnered significant attention and acclaim is Nitrux Linux 3.5.0, a sleek, powerful, and user-friendly Linux distribution that promises to redefine the way we interact with our devices. With its focus on performance, security, and customization, Nitrux Linux presents a compelling case for those seeking to break free from the constraints of proprietary software and embrace the freedom and flexibility of open-source computing.

UiPath Test Automation using UiPath Test Suite series, part 6

DianaGray10

Welcome to UiPath Test Automation using UiPath Test Suite series part 6. In this session, we will cover Test Automation with generative AI and Open AI. UiPath Test Automation with generative AI and Open AI webinar offers an in-depth exploration of leveraging cutting-edge technologies for test automation within the UiPath platform. Attendees will delve into the integration of generative AI, a test automation solution, with Open AI advanced natural language processing capabilities. Throughout the session, participants will discover how this synergy empowers testers to automate repetitive tasks, enhance testing accuracy, and expedite the software testing life cycle. Topics covered include the seamless integration process, practical use cases, and the benefits of harnessing AI-driven automation for UiPath testing initiatives. By attending this webinar, testers, and automation professionals can gain valuable insights into harnessing the power of AI to optimize their test automation workflows within the UiPath ecosystem, ultimately driving efficiency and quality in software development processes. What will you get from this session? 1. Insights into integrating generative AI. 2. Understanding how this integration enhances test automation within the UiPath platform 3. Practical demonstrations 4. Exploration of real-world use cases illustrating the benefits of AI-driven test automation for UiPath Topics covered: What is generative AI Test Automation with generative AI and Open AI. UiPath integration with generative AI Speaker: Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP

Pushing the limits of ePRTC: 100ns holdover for 100 days

Adtran

Serial Arm Control in Real Time Presentation

tolgahangng

HCL Notes and Domino License Cost Reduction in the World of DLAU

panagenda

Webinar Recording: https://www.panagenda.com/webinars/hcl-notes-and-domino-license-cost-reduction-in-the-world-of-dlau/ The introduction of DLAU and the CCB & CCX licensing model caused quite a stir in the HCL community. As a Notes and Domino customer, you may have faced challenges with unexpected user counts and license costs. You probably have questions on how this new licensing approach works and how to benefit from it. Most importantly, you likely have budget constraints and want to save money where possible. Don’t worry, we can help with all of this! We’ll show you how to fix common misconfigurations that cause higher-than-expected user counts, and how to identify accounts which you can deactivate to save money. There are also frequent patterns that can cause unnecessary cost, like using a person document instead of a mail-in for shared mailboxes. We’ll provide examples and solutions for those as well. And naturally we’ll explain the new licensing model. Join HCL Ambassador Marc Thomas in this webinar with a special guest appearance from Franz Walder. It will give you the tools and know-how to stay on top of what is going on with Domino licensing. You will be able lower your cost through an optimized configuration and keep it low going forward. These topics will be covered - Reducing license cost by finding and fixing misconfigurations and superfluous accounts - How do CCB and CCX licenses really work? - Understanding the DLAU tool and how to best utilize it - Tips for common problem areas, like team mailboxes, functional/test users, etc - Practical examples and best practices to implement right away

TrustArc Webinar - 2024 Global Privacy Survey

TrustArc

How does your privacy program stack up against your peers? What challenges are privacy teams tackling and prioritizing in 2024? In the fifth annual Global Privacy Benchmarks Survey, we asked over 1,800 global privacy professionals and business executives to share their perspectives on the current state of privacy inside and outside of their organizations. This year’s report focused on emerging areas of importance for privacy and compliance professionals, including considerations and implications of Artificial Intelligence (AI) technologies, building brand trust, and different approaches for achieving higher privacy competence scores. See how organizational priorities and strategic approaches to data security and privacy are evolving around the globe. This webinar will review: - The top 10 privacy insights from the fifth annual Global Privacy Benchmarks Survey - The top challenges for privacy leaders, practitioners, and organizations in 2024 - Key themes to consider in developing and maintaining your privacy program

GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024

Neo4j

Artificial Intelligence for XMLDevelopment

Octavian Nadolu

In the rapidly evolving landscape of technologies, XML continues to play a vital role in structuring, storing, and transporting data across diverse systems. The recent advancements in artificial intelligence (AI) present new methodologies for enhancing XML development workflows, introducing efficiency, automation, and intelligent capabilities. This presentation will outline the scope and perspective of utilizing AI in XML development. The potential benefits and the possible pitfalls will be highlighted, providing a balanced view of the subject. We will explore the capabilities of AI in understanding XML markup languages and autonomously creating structured XML content. Additionally, we will examine the capacity of AI to enrich plain text with appropriate XML markup. Practical examples and methodological guidelines will be provided to elucidate how AI can be effectively prompted to interpret and generate accurate XML markup. Further emphasis will be placed on the role of AI in developing XSLT, or schemas such as XSD and Schematron. We will address the techniques and strategies adopted to create prompts for generating code, explaining code, or refactoring the code, and the results achieved. The discussion will extend to how AI can be used to transform XML content. In particular, the focus will be on the use of AI XPath extension functions in XSLT, Schematron, Schematron Quick Fixes, or for XML content refactoring. The presentation aims to deliver a comprehensive overview of AI usage in XML development, providing attendees with the necessary knowledge to make informed decisions. Whether you’re at the early stages of adopting AI or considering integrating it in advanced XML development, this presentation will cover all levels of expertise. By highlighting the potential advantages and challenges of integrating AI with XML development tools and languages, the presentation seeks to inspire thoughtful conversation around the future of XML development. We’ll not only delve into the technical aspects of AI-powered XML development but also discuss practical implications and possible future directions.

Programming Foundation Models with DSPy - Meetup Slides

Zilliz

Removing Uninteresting Bytes in Software Fuzzing

Aftab Hussain

Imagine a world where software fuzzing, the process of mutating bytes in test seeds to uncover hidden and erroneous program behaviors, becomes faster and more effective. A lot depends on the initial seeds, which can significantly dictate the trajectory of a fuzzing campaign, particularly in terms of how long it takes to uncover interesting behaviour in your code. We introduce DIAR, a technique designed to speedup fuzzing campaigns by pinpointing and eliminating those uninteresting bytes in the seeds. Picture this: instead of wasting valuable resources on meaningless mutations in large, bloated seeds, DIAR removes the unnecessary bytes, streamlining the entire process. In this work, we equipped AFL, a popular fuzzer, with DIAR and examined two critical Linux libraries -- Libxml's xmllint, a tool for parsing xml documents, and Binutil's readelf, an essential debugging and security analysis command-line tool used to display detailed information about ELF (Executable and Linkable Format). Our preliminary results show that AFL+DIAR does not only discover new paths more quickly but also achieves higher coverage overall. This work thus showcases how starting with lean and optimized seeds can lead to faster, more comprehensive fuzzing campaigns -- and DIAR helps you find such seeds. - These are slides of the talk given at IEEE International Conference on Software Testing Verification and Validation Workshop, ICSTW 2022.

RESUME BUILDER APPLICATION Project for students

KAMESHS29

AI 101: An Introduction to the Basics and Impact of Artificial Intelligence

IndexBug

GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...

Neo4j

Dr. Sean Tan, Head of Data Science, Changi Airport Group Discover how Changi Airport Group (CAG) leverages graph technologies and generative AI to revolutionize their search capabilities. This session delves into the unique search needs of CAG’s diverse passengers and customers, showcasing how graph data structures enhance the accuracy and relevance of AI-generated search results, mitigating the risk of “hallucinations” and improving the overall customer journey.

Communications Mining Series - Zero to Hero - Session 1

DianaGray10

This session provides introduction to UiPath Communication Mining, importance and platform overview. You will acquire a good understand of the phases in Communication Mining as we go over the platform with you. Topics covered: • Communication Mining Overview • Why is it important? • How can it help today’s business and the benefits • Phases in Communication Mining • Demo on Platform overview • Q/A

How to use Firebase Data Connect For Flutter

Daiki Mogmet Ito

Cosa hanno in comune un mattoncino Lego e la backdoor XZ?

Speck&Tech

ABSTRACT: A prima vista, un mattoncino Lego e la backdoor XZ potrebbero avere in comune il fatto di essere entrambi blocchi di costruzione, o dipendenze di progetti creativi e software. La realtà è che un mattoncino Lego e il caso della backdoor XZ hanno molto di più di tutto ciò in comune. Partecipate alla presentazione per immergervi in una storia di interoperabilità, standard e formati aperti, per poi discutere del ruolo importante che i contributori hanno in una comunità open source sostenibile. BIO: Sostenitrice del software libero e dei formati standard e aperti. È stata un membro attivo dei progetti Fedora e openSUSE e ha co-fondato l'Associazione LibreItalia dove è stata coinvolta in diversi eventi, migrazioni e formazione relativi a LibreOffice. In precedenza ha lavorato a migrazioni e corsi di formazione su LibreOffice per diverse amministrazioni pubbliche e privati. Da gennaio 2020 lavora in SUSE come Software Release Engineer per Uyuni e SUSE Manager e quando non segue la sua passione per i computer e per Geeko coltiva la sua curiosità per l'astronomia (da cui deriva il suo nickname deneb_alpha).

Recently uploaded (20)

Mariano G Tinti - Decoding SpaceX

Climate Impact of Software Testing at Nordic Testing Days

Introduction to CHERI technology - Cybersecurity

Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack

Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...

UiPath Test Automation using UiPath Test Suite series, part 6

Pushing the limits of ePRTC: 100ns holdover for 100 days

Serial Arm Control in Real Time Presentation

HCL Notes and Domino License Cost Reduction in the World of DLAU

TrustArc Webinar - 2024 Global Privacy Survey

GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024

Artificial Intelligence for XMLDevelopment

Programming Foundation Models with DSPy - Meetup Slides

Removing Uninteresting Bytes in Software Fuzzing

RESUME BUILDER APPLICATION Project for students

AI 101: An Introduction to the Basics and Impact of Artificial Intelligence

GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...

Communications Mining Series - Zero to Hero - Session 1

How to use Firebase Data Connect For Flutter

Cosa hanno in comune un mattoncino Lego e la backdoor XZ?

OpenStack Keystone Rocky Project Update

1. Rocky Project Update Lance Bragstad (@LanceBragstad) Harry Rybacki (@HarryRybacki)

2. What is OpenStack Identity? What was accomplished in Queens? What are we achieving in Rocky? Looking ahead to Stein How you can contribute Related sessions & talks

3. What is OpenStack Identity? a shared service for authentication and authorization supplies identity information to end users and services broker between OpenStack and other identity services

4. What is OpenStack Identity? a shared service for authentication and authorization supplies identity information to end users and services broker between OpenStack and other identity services

5. What is OpenStack Identity? a shared service for authentication and authorization supplies identity information to end users and services broker between OpenStack and other identity services

6. 2H17 User Survey - Where should we prioritize resources?

7. What is OpenStack Identity? What was accomplished in Queens? What are we achieving in Rocky? Looking ahead to Stein How you can contribute Related sessions & talks

8. What was accomplished in Queens? application credentials system scope & system role assignments oslo.policy improvements unified limits & flat enforcement project tags v2.0 API removal

9. What was accomplished in Queens? application credentials system scope & system role assignments oslo.policy improvements unified limits & flat enforcement project tags v2.0 API removal

10. What was accomplished in Queens? application credentials system scope & system role assignments oslo.policy improvements unified limits & flat enforcement project tags v2.0 API removal

11. What was accomplished in Queens? application credentials system scope & system role assignments oslo.policy improvements unified limits & flat enforcement project tags v2.0 API removal

12. What was accomplished in Queens? application credentials system scope & system role assignments oslo.policy improvements unified limits & flat enforcement project tags v2.0 API removal

13. What was accomplished in Queens? application credentials system scope & system role assignments oslo.policy improvements unified limits & flat enforcement project tags v2.0 API removal

14. What is OpenStack Identity? What was accomplished in Queens? What are we achieving in Rocky? Looking ahead to Stein How you can contribute Related sessions & talks

15. What are we achieving in Rocky? default roles unified limits API stabilization strict hierarchical enforcement model application credential capability lists improved multi-factor authentication

16. What are we achieving in Rocky? default roles unified limits API stabilization strict hierarchical enforcement model application credential capability lists improved multi-factor authentication

17. What are we achieving in Rocky? default roles unified limits API stabilization strict hierarchical enforcement model application credential capability lists improved multi-factor authentication

18. What are we achieving in Rocky? default roles unified limits API stabilization strict hierarchical enforcement model application credential capability lists improved multi-factor authentication

19. What are we achieving in Rocky? default roles unified limits API stabilization strict hierarchical enforcement model application credential capability lists improved multi-factor authentication

20. What is OpenStack Identity? What was accomplished in Queens? What are we achieving in Rocky? Looking ahead to Stein How you can contribute Related sessions & talks

21. Looking ahead to Stein default roles across services oslo.limit adoption federated identity improvements

22. Looking ahead to Stein default roles across services oslo.limit adoption federated identity improvements

23. Looking ahead to Stein default roles across services oslo.limit adoption federated identity improvements

24. What is OpenStack Identity? What was accomplished in Queens? What are we achieving in Rocky? Looking ahead to Stein How you can contribute Related sessions & talks

25. How you can contribute office hours on Tuesdays weekly reports every Friday

26. How you can contribute office hours on Tuesdays weekly reports every Friday

27. How you can contribute consistent default roles oslo.limit integration

28. How you can contribute consistent default roles oslo.limit integration

29. What is OpenStack Identity? What was accomplished in Queens? What are we achieving in Rocky? Looking ahead to Stein How you can contribute Related sessions & talks

30. Forum sessions Default Roles on Monday @ 11:35 Project Onboarding on Monday @ 5:10 Edge Architecture on Tuesday @ 11:00 Feedback Session on Tuesday @ 5:30 Unified Limits on Thursday @ 3:30

31. Related talks A Unified Approach to Role Based Access Control on Monday @ 3:10 Integrating Keystone with Centralized Authentication on Tuesday @ 9:50 Kubernetes and OpenStack Policy Management on Tuesday @ 1:50 Application Credentials in Keystone on Wednesday @ 5:30 Centralized Policy Enforcement on Thursday @ 11:00

Editor's Notes

Monday, May 21 @ 3:35-3:55 pm Lance &lt;number&gt;
Harry &lt;number&gt;
Lance &lt;number&gt;
Lance &lt;number&gt;
Lance &lt;number&gt;
Lance &lt;number&gt;
Harry &lt;number&gt;
Harry Users can create application credentials from which their apps may authenticate to keystone using it and a secret string. Allows users can delegate a subset of their role assignments on a project to an application credential, granting the same or restricted authorization to said project. Soon users will also be able to specify which endpoints for a given role an application credential will be able to access &lt;number&gt;
Harry We have added the concept of system and system role assignments System scope provides a new auth target The goal is enhance services’ ability to protect APIs that cover system-wide actions e.g. live-migration of instances or endpoint mgmt &lt;number&gt;
Harry In preparation for system scope adoption across services and general policy improvements we had to expand the functionality of oslo.policy Oslo.policy now understands system scope and Oslo.policy now has a process for deprecating policies in a consistent manner &lt;number&gt;
Harry Landed unified limits with a flat enforcement model -- marked as experimental Provide a consistent experience across the system to provide limits (ignoring project hierarchy (for now)) Presently you can model whatever hierarchy you want with lots of api requests (complicated) Strict hierarchical limits coming &lt;number&gt;
Harry Projects can now be tagged within keystone using simple strings This makes projects more categorizable and filterable (easier to find) Kristi’s example about semester-based instances being easily searched/cleaned up &lt;number&gt;
Harry Deprecated ~4 years ago. It’s finally gone &lt;number&gt;
Lance &lt;number&gt;
Lance &lt;number&gt;
Lance &lt;number&gt;
Lance &lt;number&gt;
Lance &lt;number&gt;
Lance &lt;number&gt;
Harry &lt;number&gt;
Harry Adding default roles (auditor, member, admin) to several services Let’s make the policy experience better out-of-the-box w/ testing Hoping to increase adoption across services during Stein Pushing for community goal in T-Release for OpenStack wide default roles &lt;number&gt;
Harry Oslo.limit library was created We are aiming to mark the unified limits as stable in Rocky Next step is reaching out to services to integrate oslo.limits into their respective workflows &lt;number&gt;
Harry Federated Identity Improvements Continued work with shadow users Native SAML support k2k federated performance &lt;number&gt;
Lance &lt;number&gt;
Lance &lt;number&gt;
Lance &lt;number&gt;
Lance &lt;number&gt;
Lance &lt;number&gt;
Harry &lt;number&gt;
Harry Related talks: Default Roles on Monday @ 11:35 (Forum session) Project Onboarding on Monday @ 5:10 (Forum session) Edge Architecture on Tuesday @ 11:00 (Forum) Feedback Session on Tuesday @ 5:30 (Forum session) Unified Limits on Thursday @ 3:30 (Forum session) &lt;number&gt;
Harry Related talks: A Unified Approach to Role Based Access Control on Monday @ 3:10 (Container Infrastructure) Kubernetes and OpenStack Policy Management on Tuesday @ 1:50 (Private & Hybrid Cloud) Enabling Cloud Native Applications With Application Credentials in Keystone on Wednesday @ 5:30 (Public Cloud) &lt;number&gt;
(leave 10 minutes) That takes care of our project update We have time for comments, questions, and concerns Please use the mic in the center of the room, or we can repeat you question &lt;number&gt;

OpenStack Keystone Rocky Project Update

Recommended

Recommended

More Related Content

Similar to OpenStack Keystone Rocky Project Update

Similar to OpenStack Keystone Rocky Project Update (20)

Recently uploaded

Recently uploaded (20)

OpenStack Keystone Rocky Project Update

Editor's Notes