OpenStack Kilo Design Summit has ended
This is the schedule for the Kilo Design Summit, where OpenStack contributors discuss the future of OpenStack development.
Click here for the main OpenStack Summit conference schedule.

Sign up or log in to bookmark your favorites and sync them to your phone or calendar.

Keystone [clear filter]
Wednesday, November 5

09:00 CET

Keystone Object Lifecycle / Object Dependencies
The dependency injection that Keystone is currently using is not really a "dependency injection" pattern. This session is focused on improving the internal-to-Keystone object lifecycle (including dependencies).

* What should the dependency injection pattern in Keystone look like?
* What is the lifecycle of objects (controllers, managers, etc)?
* How do we deal with Optional dependencies?

Led by: David Stanek (dstanek)

Etherpad: kilo-keystone-object-lifecycle
Pre-Session Reading on Object Lifecycle and Dependencies

Wednesday November 5, 2014 09:00 - 09:40 CET

09:50 CET

Hierarchical Multitenancy
A followup session from the Juno cycle focusing on changes needed to authorization and policy for a hierarchical multitenancy enabled OpenStack. This session will also cover expansion of roles to be more fine-grained (handling the reseller use-cases).

Led by: Guang Yee (gyee), Raildo Mascena (raildo), Henry Nash (henrynash)

Etherpad: hierarchical-multitenancy-kilo-summit
Pre-session reading on the state of Hierarchical Multitenency and goals for Kilo.

Wednesday November 5, 2014 09:50 - 10:30 CET

16:30 CET

Keystone-Horizon-CLI Federation/SSO
A federation and SSO focused session around the CLI and Horizon integration with the Keystone implementation (including Keystone-to-Keystone) federation. This session will be focused on both functionality and user-experience.

This is the 2nd part of the session, the first part is part of the Horizon Design Track

* What is the federated user / SSO workflow within Horizon?
* What is the federated user / SSO workflow within openstackclient?
* What changes are needed on the Keystone side to support these workflows?
* What changes are needed on the Horizon side to support these workflows?
* What changes are needed on the CLI (openstackclient) side to support these workflows?

Led by: Adam Young (ayoung), Steve Martinelli (stevemar), Marek Denis (marekd), David Lyle (david-lyle)

Etherpad: kilo-keystone-horizon-cli-federation-sso
Pre-session reading on the next steps for Federated Identity/SSO support in OpenStack.

Wednesday November 5, 2014 16:30 - 17:10 CET

17:20 CET

Keystone Operators, Deployers, and DevOps
A focused session for the Keystone developers to get feedback on Keystone from Operators, Deployers, and the DevOps community.

Starting feedback questions:
* What feedback can you provide us on how we can best improve user experience?
* What feedback can you provide us on where the documentation is most lacking and how best to improve it?
* What integration scenarios are you facing with identity sources and federation?
* What are your biggest pain points around Keystone?

This session will start with but not be limited to the questions outlined above.

Led by: Henry Nash (henrynash), Nathan Kinder (nkinder), Brad Topol (topol)

Etherpad: kilo-keystone-operators-deployers-and-devops

Wednesday November 5, 2014 17:20 - 18:00 CET
Thursday, November 6

09:00 CET

This session is focused on the direction and improvements for python-keystoneclient within the Kilo cycle.

* Authorization Workflow: moving from username/password to token auth in a series of requests
* How should sessions/adapters be used when consuming a series of clients (e.g. python-cinderclient) from another python tool?
* Goals for supporting JSON-Home.
* What does the python-keystoneclient 1.0.0 release look like? What is the timeline to reach 1.0.0?

Led By: Jamie Lennox (jamielennox)

Etherpad: kilo-keystone-python-keystoneclient
Pre-session reading on the current state and direction of keystoneclient.

Thursday November 6, 2014 09:00 - 09:40 CET

14:30 CET

Tokens have had a fair share of pain-points associated with them. This session is focused on addressing how we can move forward and improve the authorization mechanism that Keystone provides to OpenStack.

* How can UUID Tokens be improved (both functionality and user experience)?
* How can PKI/PKIZ Tokens be improved (both functionality and user experience)?
* Are there alternatives we should consider to the current token model?
* Other Improvements (Tokenless Operations, multiple-signers, etc).

Led by: Dolph Mathews (dolphm)

Etherpad: kilo-keystone-authorization
Pre-session reading on the current authorization mechanism.

Thursday November 6, 2014 14:30 - 15:10 CET

15:20 CET

Policy Model and User/Token Capabilities
Based upon the mailing list topic, this session is focused on what can be done with policy across all of OpenStack.

This is the more focused follow up session to Larger Policy Discussion Cross-Project Workshop

This session will include topics on:

* Centralizing policy.json information (in Keystone, in another project)
* What actions can a user perform with a given token? How is this information made available (API)?
* What roles are needed to perform a specific action? How is this information made available (API)?
* Constraints enforced for a given token (proposed spec: https://review.openstack.org/#/c/123726/ )

Led by: Morgan Fainberg (morganfainberg), Adam Young (ayoung), Nathan Kinder (nkinder)

Etherpad: kilo-keystone-policy-model-token-capabilities
Pre-session reading on the current policy model and goals of this session.

Thursday November 6, 2014 15:20 - 16:00 CET
Friday, November 7

13:40 CET

Keystone contributors meetup
The contributors meetup is a informal gathering of the project contributors, with an open agenda.

Friday November 7, 2014 13:40 - 17:10 CET