A quick summary of what happened in the writing applications for the VM and Baremetal forum session. The etherpad is available here: https://etherpad.openstack.org/p/BOS-forum-using-vm-and-baremetal
We had a good number of API users and API developers talking together about the issues facing API users. It would be nice to have involved a more diverse set of API users, but we have a reasonable starting place. There was general agreement on the need for API keys for applications to access OpenStack APIs rather than forcing the user of passwords, etc Plan A was to have a voting excercise on the most important problems facing writing applications for the VM and Baremetal platform. This was abandoned because there was a clear winer in Keystone API keys. For example, LDAP passwords give you access to more things than OpenStack, so you probably don't want to hand those out. Currently service configuration files have lots of service user passwords in them, API keys for each node feels a much better solution, etc, etc. Saddly the people previously working on this feature are no longer working on OpenStack. Lance has been asking for help in this email thread, where the conversation is now continuing: http://lists.openstack.org/pipermail/openstack-dev/2017-May/116596.html We agreed a clear next step, once API keys are implemented, was working out how to limit the access that is granted to a particular API key. Discussion around this was defferred to the forum session called "Cloud-Aware Application support", more details here: https://etherpad.openstack.org/p/pike-forum-cloud-applications Many thanks, johnthetubaguy __________________________________________________________________________ OpenStack Development Mailing List (not for usage questions) Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
