Excerpts from Carlos Garza's message of 2014-06-16 16:25:10 -0700:
>
> On Jun 16, 2014, at 4:06 PM, Clint Byrum wrote:
>
> > Excerpts from Doug Wiegley's message of 2014-06-16 13:22:26 -0700:
> >>> nobody is calling Barbican "a database". It is a place to store
> >>
> >> Š did you at least feel
> Look, I'm talking a lot and not showing up with code, so I'm squelching
myself.
Noted, and ditto. Thanks for the dialog.
Doug
On 6/16/14, 5:54 PM, "Clint Byrum" wrote:
>Excerpts from Doug Wiegley's message of 2014-06-16 16:10:51 -0700:
>> Hi Clint,
>>
>> Comments below.
>>
>> On 6/16/1
Excerpts from Doug Wiegley's message of 2014-06-16 16:10:51 -0700:
> Hi Clint,
>
> Comments below.
>
> On 6/16/14, 3:06 PM, "Clint Byrum" wrote:
>
> >Excerpts from Doug Wiegley's message of 2014-06-16 13:22:26 -0700:
> >> > nobody is calling Barbican "a database". It is a place to store
> >>
>
On Jun 16, 2014, at 4:06 PM, Clint Byrum wrote:
> Excerpts from Doug Wiegley's message of 2014-06-16 13:22:26 -0700:
>>> nobody is calling Barbican "a database". It is a place to store
>>
>> Š did you at least feel a heavy sense of irony as you typed those two
>> statements? ³It¹s not a databa
On Jun 16, 2014, at 3:22 PM, Doug Wiegley wrote:
>> nobody is calling Barbican "a database". It is a place to store
>
> Š did you at least feel a heavy sense of irony as you typed those two
> statements? ³It¹s not a database, it just stores things!² :-)
>
> The real irony here is that in thi
Date: Tuesday, June 10, 2014 at 2:41 PM
> To: "OpenStack Development Mailing List (not for usage questions)"
>
> Subject: Re: [openstack-dev] [Neutron][LBaaS] Barbican Neutron LBaaS
> Integration Ideas
>
> Of what use is a database that randomly delete rows? That i
Hi Clint,
Comments below.
On 6/16/14, 3:06 PM, "Clint Byrum" wrote:
>Excerpts from Doug Wiegley's message of 2014-06-16 13:22:26 -0700:
>> > nobody is calling Barbican "a database". It is a place to store
>>
>> Š did you at least feel a heavy sense of irony as you typed those two
>> statements
Excerpts from Doug Wiegley's message of 2014-06-16 13:22:26 -0700:
> > nobody is calling Barbican "a database". It is a place to store
>
> Š did you at least feel a heavy sense of irony as you typed those two
> statements? ³It¹s not a database, it just stores things!² :-)
>
Not at all, though
> nobody is calling Barbican "a database". It is a place to store
Š did you at least feel a heavy sense of irony as you typed those two
statements? ³It¹s not a database, it just stores things!² :-)
The real irony here is that in this rather firm stand of keeping the user
in control of their sec
Excerpts from Doug Wiegley's message of 2014-06-10 14:41:29 -0700:
> Of what use is a database that randomly delete rows? That is, in effect,
> what you’re allowing.
>
> The secrets are only useful when paired with a service. And unless I’m
> mistaken, there’s no undo. So you’re letting users
:41 PM
> To: "OpenStack Development Mailing List (not for usage questions)" <
> openstack-dev@lists.openstack.org>
> Subject: Re: [openstack-dev] [Neutron][LBaaS] Barbican Neutron LBaaS
> Integration Ideas
>
> Of what use is a database that randomly delete rows? Th
10, 2014 at 2:41 PM
To: "OpenStack Development Mailing List (not for usage questions)"
mailto:openstack-dev@lists.openstack.org>>
Subject: Re: [openstack-dev] [Neutron][LBaaS] Barbican Neutron LBaaS
Integration Ideas
Of what use is a database that randomly delete rows? That is, in effec
> -Original Message-
> From: Carlos Garza [mailto:carlos.ga...@rackspace.com]
> Sent: Thursday, June 12, 2014 1:34 AM
> To: OpenStack Development Mailing List (not for usage questions)
> Subject: Re: [openstack-dev] [Neutron][LBaaS] Barbican Neutron LBaaS
> Integratio
ay Venkatachalam [mailto:vijay.venkatacha...@citrix.com]
> Sent: Wednesday, June 11, 2014 4:14 PM
> To: OpenStack Development Mailing List (not for usage questions)
> Subject: [Caution: Message contains Suspicious URL content] Re:
> [openstack-dev] [Neutron][LBaaS] Barbican Neutron LBa
Excerpts from Adam Harwell's message of 2014-06-10 12:04:41 -0700:
> So, it looks like any sort of validation on Deletes in Barbican is going
> to be a no-go. I'd like to propose a third option, which might be the
> safest route to take for LBaaS while still providing some of the
> convenience of u
ds it.
Thanks,
Vijay V.
From: Adam Harwell [mailto:adam.harw...@rackspace.com]
Sent: Wednesday, June 11, 2014 2:48 AM
To: OpenStack Development Mailing List (not for usage questions)
Subject: Re: [openstack-dev] [Neutron][LBaaS] Barbican Neutron LBaaS
Integration Ideas
Doug: Right, we actually ha
To: "OpenStack Development Mailing List (not for usage questions)"
mailto:openstack-dev@lists.openstack.org>>
Subject: Re: [openstack-dev] [Neutron][LBaaS] Barbican Neutron LBaaS
Integration Ideas
I think that having Barbican decide whether the user is or isn’t allowed to
delete a secr
> Reply-To: "OpenStack Development Mailing List (not for usage questions)" <
> openstack-dev@lists.openstack.org>
> Date: Tuesday, June 10, 2014 4:10 PM
>
> To: "OpenStack Development Mailing List (not for usage questions)" <
> openstack-dev@lis
4:17 PM
To: "OpenStack Development Mailing List (not for usage questions)"
Subject: Re: [openstack-dev] [Neutron][LBaaS] Barbican Neutron LBaaS
Integration Ideas
Doug: Right, we actually have a blueprint draft for EXACTLY this, but the
Barbican team gave us a flat "not happening, we reject
ist (not for usage questions)"
mailto:openstack-dev@lists.openstack.org>>
Subject: Re: [openstack-dev] [Neutron][LBaaS] Barbican Neutron LBaaS
Integration Ideas
A third option, that is neither shadow copying nor policy enforcement:
Ask the Barbican team to put in a small api that is effect
lto:openstack-dev@lists.openstack.org>>
Date: Tuesday, June 10, 2014 3:42 PM
To: "OpenStack Development Mailing List (not for usage questions)"
mailto:openstack-dev@lists.openstack.org>>
Subject: Re: [openstack-dev] [Neutron][LBaaS] Barbican Neutron LBaaS
Integration Ide
y, June 10, 2014 3:42 PM
To: "OpenStack Development Mailing List (not for usage questions)"
mailto:openstack-dev@lists.openstack.org>>
Subject: Re: [openstack-dev] [Neutron][LBaaS] Barbican Neutron LBaaS
Integration Ideas
> Doug: The reasons a LB might be reprovisioned are fa
rom: Adam Harwell
>
> Reply-To: "OpenStack Development Mailing List (not for usage questions)" <
> openstack-dev@lists.openstack.org>
> Date: Tuesday, June 10, 2014 at 2:19 PM
>
> To: "OpenStack Development Mailing List (not for usage questions)" <
>
penstack-dev@lists.openstack.org>>
Subject: Re: [openstack-dev] [Neutron][LBaaS] Barbican Neutron LBaaS
Integration Ideas
Doug: The reasons a LB might be reprovisioned are fairly important — mostly
around HA, for fail overs or capacity — exactly the times we're trying avoid a
failure.
S
y, June 10, 2014 at 1:47 PM
> To: "OpenStack Development Mailing List (not for usage questions)"
>
> Subject: Re: [openstack-dev] [Neutron][LBaaS] Barbican Neutron LBaaS
> Integration Ideas
>
> Adam--
>
> Wouldn't the user see the duplicate key/cert copy in thei
>
>
> From: Stephen Balukoff
> Reply-To: "OpenStack Development Mailing List (not for usage questions)" <
> openstack-dev@lists.openstack.org>
> Date: Tuesday, June 10, 2014 at 1:47 PM
> To: "OpenStack Development Mailing List (not for usage questions)&qu
or usage questions)"
mailto:openstack-dev@lists.openstack.org>>
Subject: Re: [openstack-dev] [Neutron][LBaaS] Barbican Neutron LBaaS
Integration Ideas
> In any case, it strikes me as misleading to have an explicit delete command
> sent to Barbican not have the effect of making
(not for usage questions)"
mailto:openstack-dev@lists.openstack.org>>
Subject: Re: [openstack-dev] [Neutron][LBaaS] Barbican Neutron LBaaS
Integration Ideas
Adam--
Wouldn't the user see the duplicate key/cert copy in their barbican interface,
or are you proposing storing these se
ime the simplest case (I want a cert and I want LBaaS) is met without
> >massive code overhead for edge-cases.
> >
> >
> >From: Vijay Venkatachalam
> >mailto:vijay.venkatacha...@citrix.com>>
> >Reply-To: OpenStack List
> > openstack-...@lists.opensta
to:vijay.venkatacha...@citrix.com>>
>Reply-To: OpenStack List
>mailto:openstack-...@lists.openstack.or
>g>>
>Date: Tuesday, 10 June 2014 05:48
>To: OpenStack List
>mailto:openstack-...@lists.openstack.or
>g>>
>Subject: Re: [openstack-dev] [Neutron][LBaaS] Ba
penstack-dev@lists.openstack.org>>
Subject: Re: [openstack-dev] [Neutron][LBaaS] Barbican Neutron LBaaS
Integration Ideas
My vote is for option #2 (without the registration). It is simpler to start
with this approach. How is delete handled though?
Ex. What is the expectation when user attempts to del
Excerpts from Vijay Venkatachalam's message of 2014-06-09 21:48:43 -0700:
>
> My vote is for option #2 (without the registration). It is simpler to start
> with this approach. How is delete handled though?
>
> Ex. What is the expectation when user attempts to delete a
> certificate/container wh
: Re: [openstack-dev] [Neutron][LBaaS] Barbican Neutron LBaaS
Integration Ideas
Weighing in here:
I'm all for option #2 as well.
Stephen
On Mon, Jun 9, 2014 at 4:42 PM, Clint Byrum
mailto:cl...@fewbar.com>> wrote:
Excerpts from Douglas Mendizabal's message of 2014-06-09 16:08:02
Weighing in here:
I'm all for option #2 as well.
Stephen
On Mon, Jun 9, 2014 at 4:42 PM, Clint Byrum wrote:
> Excerpts from Douglas Mendizabal's message of 2014-06-09 16:08:02 -0700:
> > Hi all,
> >
> > I’m strongly in favor of having immutable TLS-typed containers, and very
> > much opposed
Excerpts from Douglas Mendizabal's message of 2014-06-09 16:08:02 -0700:
> Hi all,
>
> I’m strongly in favor of having immutable TLS-typed containers, and very
> much opposed to storing every revision of changes done to a container. I
> think that storing versioned containers would add too much c
___
>From: Tiwari, Arvind [arvind.tiw...@hp.com]
>Sent: Monday, June 09, 2014 2:54 PM
>To: OpenStack Development Mailing List (not for usage questions)
>Subject: Re: [openstack-dev] [Neutron][LBaaS] Barbican Neutron LBaaS
>Integration Ideas
>
>As per current implementation, con
Development Mailing List (not for usage questions)
> Subject: Re: [openstack-dev] [Neutron][LBaaS] Barbican Neutron LBaaS
> Integration Ideas
>
> As far as I understand the Current Barbican implementation is immutable.
> Can anyone from Barbican comment on this?
>
>
questions)
Subject: Re: [openstack-dev] [Neutron][LBaaS] Barbican Neutron LBaaS
Integration Ideas
As per current implementation, containers are immutable.
Do we have any use case to make it mutable? Can we live with new container
instead of updating an existing container?
Arvind
-Original Message
Original Message-
>From: Samuel Bercovici [mailto:samu...@radware.com]
>Sent: Monday, June 09, 2014 1:31 PM
>To: OpenStack Development Mailing List (not for usage questions)
>Subject: Re: [openstack-dev] [Neutron][LBaaS] Barbican Neutron LBaaS
>Integration Ideas
>
>As far as
Message-
> From: Jain, Vivek [mailto:vivekj...@ebay.com]
> Sent: Monday, June 09, 2014 8:34 PM
> To: OpenStack Development Mailing List (not for usage questions)
> Subject: Re: [openstack-dev] [Neutron][LBaaS] Barbican Neutron LBaaS
> Integration Ideas
>
> +1 for th
:31 PM
To: OpenStack Development Mailing List (not for usage questions)
Subject: Re: [openstack-dev] [Neutron][LBaaS] Barbican Neutron LBaaS
Integration Ideas
As far as I understand the Current Barbican implementation is immutable.
Can anyone from Barbican comment on this?
-Original Message
: Re: [openstack-dev] [Neutron][LBaaS] Barbican Neutron LBaaS
Integration Ideas
+1 for the idea of making certificate immutable.
However, if Barbican allows updating certs/containers then versioning is a must.
Thanks,
Vivek
On 6/8/14, 11:48 PM, "Samuel Bercovici" wrote:
>Hi,
&g
]
>Sent: Friday, June 06, 2014 10:16 PM
>To: OpenStack Development Mailing List (not for usage questions)
>Subject: [openstack-dev] [Neutron][LBaaS] Barbican Neutron LBaaS
>Integration Ideas
>
>Hey everyone,
>
>Per our IRC discussion yesterday I'd like to continue th
arbican would still delete a
>> Container/Secret even if it had registered services.
>>
>> Does that all make sense though?
>>
>> Thanks,
>> John
>>
>>
>> From: Youcef Laribi [youcef.lar...@citrix
>implement first and I agree with Jorge + John that this should likely be
>#2.
>
>German
>
>-----Original Message-
>From: Jorge Miramontes [mailto:jorge.miramon...@rackspace.com]
>Sent: Friday, June 06, 2014 3:05 PM
>To: OpenStack Development Mailing List (not for us
-
From: Samuel Bercovici
Sent: Monday, June 09, 2014 9:49 AM
To: OpenStack Development Mailing List (not for usage questions)
Cc: Samuel Bercovici; Evgeny Fedoruk
Subject: RE: [openstack-dev] [Neutron][LBaaS] Barbican Neutron LBaaS
Integration Ideas
Hi,
I think that option 2 should be preferred
Miramontes [mailto:jorge.miramon...@rackspace.com]
Sent: Friday, June 06, 2014 10:16 PM
To: OpenStack Development Mailing List (not for usage questions)
Subject: [openstack-dev] [Neutron][LBaaS] Barbican Neutron LBaaS Integration
Ideas
Hey everyone,
Per our IRC discussion yesterday I'd li
Excerpts from Eichberger, German's message of 2014-06-06 15:52:54 -0700:
> Jorge + John,
>
> I am most concerned with a user changing his secret in barbican and then the
> LB trying to update and causing downtime. Some users like to control when the
> downtime occurs.
>
Couldn't you allow a us
o
> what we should
> >implement first and I agree with Jorge + John that this
> should likely be
> >#2.
> >
> >German
> >
> >-Original Message-
> >From: Jorge Miramontes
&
27;s who
> >like #2 juts hit the flag. Then the discussion changes to what we should
> >implement first and I agree with Jorge + John that this should likely be
> >#2.
> >
> >German
> >
> >-----Original Message-
> >From: Jorge Miramontes [mailto:jorg
d I agree with Jorge + John that this should likely be
>#2.
>
>German
>
>-Original Message-
>From: Jorge Miramontes [mailto:jorge.miramon...@rackspace.com]
>Sent: Friday, June 06, 2014 3:05 PM
>To: OpenStack Development Mailing List (not for usage questions)
>Subject:
be #2.
German
-Original Message-
From: Jorge Miramontes [mailto:jorge.miramon...@rackspace.com]
Sent: Friday, June 06, 2014 3:05 PM
To: OpenStack Development Mailing List (not for usage questions)
Subject: Re: [openstack-dev] [Neutron][LBaaS] Barbican Neutron LBaaS
Integration Id
secret
>has changed (lazy detection).
>
>Youcef
>
>-Original Message-
>From: Jorge Miramontes [mailto:jorge.miramon...@rackspace.com]
>Sent: Friday, June 06, 2014 12:16 PM
>To: OpenStack Development Mailing List (not for usage questions)
>Subject: [openstack-dev] [Ne
Jorge Miramontes [mailto:jorge.miramon...@rackspace.com]
Sent: Friday, June 06, 2014 12:16 PM
To: OpenStack Development Mailing List (not for usage questions)
Subject: [openstack-dev] [Neutron][LBaaS] Barbican Neutron LBaaS Integration
Ideas
Hey everyone,
Per our IRC discussion yesterday I'
]
Sent: Friday, June 06, 2014 12:16 PM
To: OpenStack Development Mailing List (not for usage questions)
Subject: [openstack-dev] [Neutron][LBaaS] Barbican Neutron LBaaS Integration
Ideas
Hey everyone,
Per our IRC discussion yesterday I'd like to continue the discussion on how
Barbican and Ne
Hey everyone,
Per our IRC discussion yesterday I'd like to continue the discussion on
how Barbican and Neutron LBaaS will interact. There are currently two
ideas in play and both will work. If you have another idea please free to
add it so that we may evaluate all the options relative to each othe
56 matches
Mail list logo
