OpenStack Keystone Rocky Project Update

•Transferir como ODP, PDF•

0 gostou•232 visualizações

The document summarizes updates to the OpenStack Identity (Keystone) project. In the Rocky release, improvements include default roles, unified limits API stabilization, and improved multi-factor authentication. Looking ahead, the Stein release will focus on default roles across services, oslo.limit adoption, and improved federated identity. The document also provides information on how to contribute and lists related sessions.

Tecnologia

Rocky Project Update
Lance Bragstad (@LanceBragstad)
Harry Rybacki (@HarryRybacki)

What is OpenStack Identity?
What was accomplished in Queens?
What are we achieving in Rocky?
Looking ahead to Stein
How you can contribute
Related sessions & talks

What is OpenStack Identity?
a shared service for authentication and authorization
supplies identity information to end users and services
broker between OpenStack and other identity services

2H17 User Survey - Where should we prioritize resources?

What was accomplished in Queens?
application credentials
system scope & system role assignments
oslo.policy improvements
unified limits & flat enforcement
project tags
v2.0 API removal

What are we achieving in Rocky?
default roles
unified limits API stabilization
strict hierarchical enforcement model
application credential capability lists
improved multi-factor authentication

Looking ahead to Stein
default roles across services
oslo.limit adoption
federated identity improvements

How you can contribute
office hours on Tuesdays
weekly reports every Friday

How you can contribute
consistent default roles
oslo.limit integration

Forum sessions
Default Roles on Monday @ 11:35
Project Onboarding on Monday @ 5:10
Edge Architecture on Tuesday @ 11:00
Feedback Session on Tuesday @ 5:30
Unified Limits on Thursday @ 3:30

Related talks
A Unified Approach to Role Based Access Control on Monday @ 3:10
Integrating Keystone with Centralized Authentication on Tuesday @ 9:50
Kubernetes and OpenStack Policy Management on Tuesday @ 1:50
Application Credentials in Keystone on Wednesday @ 5:30
Centralized Policy Enforcement on Thursday @ 11:00

Mais conteúdo relacionado

Semelhante a OpenStack Keystone Rocky Project Update

Rest-Assured - легкий способ автоматизации тестирования REST

Valtech Ukraine

Владимир Логвинов - Rest-Assured - легкий способ автоматизации тестирования REST

Web Tech Fun

soa ppt v7.ppt

PrasannaVenkatesanVe1

Magnitia’s Web services Testing Training will provide you complete knowledge on Web services, API and their functionality. This API Testing course enables you to develop robust automation Framework for API’s test cases and how to test Web services and REST API using SoapUI& Rest Assured. Learn API Testing (POSTMAN, REST ASSURED, BDD-Cucumber, BDD-Karate, CI-CT Pipeline & Microservices Test Automation) by P.Nageswara Rao at Magnitia. Web Services is the mechanism or media used to communicate between two different technology applications / machines which will exchange the data (Request / Response) irrespective of their internal architecture and technology. By the end of this course you will understand the importance and procedure of mocking the web services, how to generate neat reports for execution results and will get clear picture on API Testing. Aspirants who are interested can attend our API Testing training in Hyderabad, or you can take our API Testing online training.

WebServices_Course_Content.pdf

AnanthReddy38

API Platform Cloud Service best practice - OOW17

Phil Wilkins

Azure Kubernetes Service (AKS) is a managed container orchestration service. With Kubernetes continuing to grow in popularity, many developers and IT engineers are curious to get started. Roy will demonstrate hosted microservices applications and the Istio service mesh. Along with how to manage your cluster with the Kubernetes Dashboard, Prometheus, Grafana and Azure Monitor. You will see a practical overview how all these pieces fit together. www.roykim.ca Twitter: @RoyKimYYZ Github: https://github.com/RoyKimYYZ

Microsoft Reactor Toronto 5/5/2020 | Azure Kubernetes In Action - Running and...

Roy Kim

S+S Architecture Overview

David Solivan

Oracle API Platform Cloud Service Best Practices & Lessons Learnt

luisw19

Service Techmagazine

Bootcamp SCL

DSR Microservices (Day 1, Part 1)

Steve Upton

The Briefing Room with Analyst Dr. Robin Bloor and SOA Live Webcast on May 6, 2014 Watch the archive: Today’s enterprise relies on a host of services and applications to keep business running like a well-oiled machine. The guiding principles behind the service-oriented architecture (SOA) are supposed to ensure a smooth transition between services, but the motley assortment of applications is leaving some organizations over-burdened with complexity and latency. With the increasingly distributed and data-driven information environment, is it time to consider a new approach? Register for this episode of The Briefing Room to learn from veteran Analyst Dr. Robin Bloor as he explains the hopes and dreams of SOA, and why they were never fully achieved. He’ll be briefed by Jason Bloomberg of EnterpriseWeb who will tout his company’s multi-faceted platform, a solution designed to drive agile and flexible business operations and applications. He will demonstrate how EnterpriseWeb circumvents the limitations of SOA and delivers a data-centric environment that dynamically responds to change in real time. Visit InsideAnlaysis.com for more information.

Dynamic APIs: SOA Done Right

Inside Analysis

Architect v (enterprise, soa, cloud, togaf)

Ronnie Reddy

Introduction to Microservices by Jim Tran, Principal Solutions Architect, AWS

Amazon Web Services

Fundamental essentials for api design

Michael James Cyrus

Fundamental essentials for api design

Michael James Cyrus

Fundamental Essentials for API Design

Michael James Cyrus

wepik-maximizing-efficiency-mastering-rest-api-implementation-20240419020545U...

AllstuffRj

[ScaleConf 2020] How to Tame Your Microservices: Evolving Airbnb's Architecture

Jessica Tai

Csg Soa Jr

guesta37dc0

Ibm_interconnect_restapi_workshop

Shubhra Kar

Semelhante a OpenStack Keystone Rocky Project Update (20)

Rest-Assured - легкий способ автоматизации тестирования REST

Владимир Логвинов - Rest-Assured - легкий способ автоматизации тестирования REST

soa ppt v7.ppt

WebServices_Course_Content.pdf

API Platform Cloud Service best practice - OOW17

Microsoft Reactor Toronto 5/5/2020 | Azure Kubernetes In Action - Running and...

S+S Architecture Overview

Oracle API Platform Cloud Service Best Practices & Lessons Learnt

Service Techmagazine

DSR Microservices (Day 1, Part 1)

Dynamic APIs: SOA Done Right

Architect v (enterprise, soa, cloud, togaf)

Introduction to Microservices by Jim Tran, Principal Solutions Architect, AWS

Fundamental essentials for api design

Fundamental Essentials for API Design

wepik-maximizing-efficiency-mastering-rest-api-implementation-20240419020545U...

[ScaleConf 2020] How to Tame Your Microservices: Evolving Airbnb's Architecture

Csg Soa Jr

Ibm_interconnect_restapi_workshop

Último

The value of a flexible API Management solution for Open Banking Steve Melan, Manager for IT Innovation and Architecture - State's and Saving's Bank of Luxembourg Apidays New York 2024: The API Economy in the AI Era (April 30 & May 1, 2024) ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

Apidays New York 2024 - The value of a flexible API Management solution for O...

apidays

Strategies for Landing an Oracle DBA Job as a Fresher

Remote DBA Services

A Beginners Guide to Building a RAG App Using Open Source Milvus

Zilliz

AXA XL - Insurer Innovation Award Americas 2024

The Digital Insurer

ICT role in 21st century education and its challenges

rafiqahmad00786416

Modernizing Securities Finance: The cloud-native prime brokerage platform transforming capital markets. Madhu Subbu, Managing Director, Head of Securities Finance Engineering Apidays Singapore 2024: Connecting Customers, Business and Technology (April 17 & 18, 2024) ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

Apidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu

apidays

Axa Assurance Maroc - Insurer Innovation Award 2024

The Digital Insurer

As privacy and data protection regulations evolve rapidly, organizations operating in multiple jurisdictions face mounting challenges to ensure compliance and safeguard customer data. With state-specific privacy laws coming up in multiple states this year, it is essential to understand what their unique data protection regulations will require clearly. How will data privacy evolve in the US in 2024? How to stay compliant? Our panellists will guide you through the intricacies of these states' specific data privacy laws, clarifying complex legal frameworks and compliance requirements. This webinar will review: - The essential aspects of each state's privacy landscape and the latest updates - Common compliance challenges faced by organizations operating in multiple states and best practices to achieve regulatory adherence - Valuable insights into potential changes to existing regulations and prepare your organization for the evolving landscape

TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments

TrustArc

In the thrilling conclusion to 2023, ransomware groups had a banner year, really outdoing themselves in the "make everyone's life miserable" department. LockBit 3.0 took gold in the hacking olympics, followed by the plucky upstarts Clop and ALPHV/BlackCat. Apparently, 48% of organizations were feeling left out and decided to get in on the cyber attack action. Business services won the "most likely to get digitally mugged" award, with education and retail nipping at their heels. Hackers expanded their repertoire beyond boring old encryption to the much more exciting world of extortion. The US, UK and Canada took top honors in the "countries most likely to pay up" category. Bitcoins were the currency of choice for discerning hackers, because who doesn't love untraceable money?

Ransomware_Q4_2023. The report. [EN].pdf

Overkill Security

Building Digital Trust in a Digital Economy Veronica Tan, Director - Cyber Security Agency of Singapore Apidays Singapore 2024: Connecting Customers, Business and Technology (April 17 & 18, 2024) ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...

apidays

Automating Google Workspace (GWS) & more with Apps Script

wesley chun

MS Copilot expands with MS Graph connectors

Nanddeep Nachan

Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving

Edi Saputra

Webinar Recording: https://www.panagenda.com/webinars/why-teams-call-analytics-is-critical-to-your-entire-business Nothing is as frustrating and noticeable as being in an important call and being unable to see or hear the other person. Not surprising then, that issues with Teams calls are among the most common problems users call their helpdesk for. Having in depth insight into everything relevant going on at the user’s device, local network, ISP and Microsoft itself during the call is crucial for good Microsoft Teams Call quality support. To ensure a quick and adequate solution and to ensure your users get the most out of their Microsoft 365. But did you know that ‘bad calls’ are also an excellent indicator of other problems arising? Precisely because it is so noticeable!? Like the canary in the mine, bad calls can be early indicators of problems. Problems that might otherwise not have been noticed for a while but can have a big impact on productivity and satisfaction. Join this session by Christoph Adler to learn how true Microsoft Teams call quality analytics helped other organizations troubleshoot bad calls and identify and fix problems that impacted Teams calls or the use of Microsoft365 in general. See what it can do to keep your users happy and productive! In this session we will cover - Why CQD data alone is not enough to troubleshoot call problems - The importance of attributing call problems to the right call participant - What call quality analytics can do to help you quickly find, fix-, and prevent problems - Why having retrospective detailed insights matters - Real life examples of how others have used Microsoft Teams call quality monitoring to problem shoot problems with their ISP, network, device health and more.

Why Teams call analytics are critical to your entire business

panagenda

Real Time Object Detection Using Open CV

Khem

ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke

Product Anonymous

Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows. We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases. This video focuses on the deployment of external web forms using Jotform for Bonterra Impact Management. This solution can be customized to your organization’s needs and deployed to support the common use cases below: - Intake and consent - Assessments - Surveys - Applications - Program registration Interested in deploying web form automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.

Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...

Jeffrey Haguewood

Architecting Cloud Native Applications

WSO2

Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood

Juan lago vázquez

presentation ICT roal in 21st century education

jfdjdjcjdnsjd

OpenStack Keystone Rocky Project Update

1. Rocky Project Update Lance Bragstad (@LanceBragstad) Harry Rybacki (@HarryRybacki)

2. What is OpenStack Identity? What was accomplished in Queens? What are we achieving in Rocky? Looking ahead to Stein How you can contribute Related sessions & talks

3. What is OpenStack Identity? a shared service for authentication and authorization supplies identity information to end users and services broker between OpenStack and other identity services

4. What is OpenStack Identity? a shared service for authentication and authorization supplies identity information to end users and services broker between OpenStack and other identity services

5. What is OpenStack Identity? a shared service for authentication and authorization supplies identity information to end users and services broker between OpenStack and other identity services

6. 2H17 User Survey - Where should we prioritize resources?

7. What is OpenStack Identity? What was accomplished in Queens? What are we achieving in Rocky? Looking ahead to Stein How you can contribute Related sessions & talks

8. What was accomplished in Queens? application credentials system scope & system role assignments oslo.policy improvements unified limits & flat enforcement project tags v2.0 API removal

9. What was accomplished in Queens? application credentials system scope & system role assignments oslo.policy improvements unified limits & flat enforcement project tags v2.0 API removal

10. What was accomplished in Queens? application credentials system scope & system role assignments oslo.policy improvements unified limits & flat enforcement project tags v2.0 API removal

11. What was accomplished in Queens? application credentials system scope & system role assignments oslo.policy improvements unified limits & flat enforcement project tags v2.0 API removal

12. What was accomplished in Queens? application credentials system scope & system role assignments oslo.policy improvements unified limits & flat enforcement project tags v2.0 API removal

13. What was accomplished in Queens? application credentials system scope & system role assignments oslo.policy improvements unified limits & flat enforcement project tags v2.0 API removal

14. What is OpenStack Identity? What was accomplished in Queens? What are we achieving in Rocky? Looking ahead to Stein How you can contribute Related sessions & talks

15. What are we achieving in Rocky? default roles unified limits API stabilization strict hierarchical enforcement model application credential capability lists improved multi-factor authentication

16. What are we achieving in Rocky? default roles unified limits API stabilization strict hierarchical enforcement model application credential capability lists improved multi-factor authentication

17. What are we achieving in Rocky? default roles unified limits API stabilization strict hierarchical enforcement model application credential capability lists improved multi-factor authentication

18. What are we achieving in Rocky? default roles unified limits API stabilization strict hierarchical enforcement model application credential capability lists improved multi-factor authentication

19. What are we achieving in Rocky? default roles unified limits API stabilization strict hierarchical enforcement model application credential capability lists improved multi-factor authentication

20. What is OpenStack Identity? What was accomplished in Queens? What are we achieving in Rocky? Looking ahead to Stein How you can contribute Related sessions & talks

21. Looking ahead to Stein default roles across services oslo.limit adoption federated identity improvements

22. Looking ahead to Stein default roles across services oslo.limit adoption federated identity improvements

23. Looking ahead to Stein default roles across services oslo.limit adoption federated identity improvements

24. What is OpenStack Identity? What was accomplished in Queens? What are we achieving in Rocky? Looking ahead to Stein How you can contribute Related sessions & talks

25. How you can contribute office hours on Tuesdays weekly reports every Friday

26. How you can contribute office hours on Tuesdays weekly reports every Friday

27. How you can contribute consistent default roles oslo.limit integration

28. How you can contribute consistent default roles oslo.limit integration

29. What is OpenStack Identity? What was accomplished in Queens? What are we achieving in Rocky? Looking ahead to Stein How you can contribute Related sessions & talks

30. Forum sessions Default Roles on Monday @ 11:35 Project Onboarding on Monday @ 5:10 Edge Architecture on Tuesday @ 11:00 Feedback Session on Tuesday @ 5:30 Unified Limits on Thursday @ 3:30

31. Related talks A Unified Approach to Role Based Access Control on Monday @ 3:10 Integrating Keystone with Centralized Authentication on Tuesday @ 9:50 Kubernetes and OpenStack Policy Management on Tuesday @ 1:50 Application Credentials in Keystone on Wednesday @ 5:30 Centralized Policy Enforcement on Thursday @ 11:00

Notas do Editor

Monday, May 21 @ 3:35-3:55 pm Lance &lt;number&gt;
Harry &lt;number&gt;
Lance &lt;number&gt;
Lance &lt;number&gt;
Lance &lt;number&gt;
Lance &lt;number&gt;
Harry &lt;number&gt;
Harry Users can create application credentials from which their apps may authenticate to keystone using it and a secret string. Allows users can delegate a subset of their role assignments on a project to an application credential, granting the same or restricted authorization to said project. Soon users will also be able to specify which endpoints for a given role an application credential will be able to access &lt;number&gt;
Harry We have added the concept of system and system role assignments System scope provides a new auth target The goal is enhance services’ ability to protect APIs that cover system-wide actions e.g. live-migration of instances or endpoint mgmt &lt;number&gt;
Harry In preparation for system scope adoption across services and general policy improvements we had to expand the functionality of oslo.policy Oslo.policy now understands system scope and Oslo.policy now has a process for deprecating policies in a consistent manner &lt;number&gt;
Harry Landed unified limits with a flat enforcement model -- marked as experimental Provide a consistent experience across the system to provide limits (ignoring project hierarchy (for now)) Presently you can model whatever hierarchy you want with lots of api requests (complicated) Strict hierarchical limits coming &lt;number&gt;
Harry Projects can now be tagged within keystone using simple strings This makes projects more categorizable and filterable (easier to find) Kristi’s example about semester-based instances being easily searched/cleaned up &lt;number&gt;
Harry Deprecated ~4 years ago. It’s finally gone &lt;number&gt;
Lance &lt;number&gt;
Lance &lt;number&gt;
Lance &lt;number&gt;
Lance &lt;number&gt;
Lance &lt;number&gt;
Lance &lt;number&gt;
Harry &lt;number&gt;
Harry Adding default roles (auditor, member, admin) to several services Let’s make the policy experience better out-of-the-box w/ testing Hoping to increase adoption across services during Stein Pushing for community goal in T-Release for OpenStack wide default roles &lt;number&gt;
Harry Oslo.limit library was created We are aiming to mark the unified limits as stable in Rocky Next step is reaching out to services to integrate oslo.limits into their respective workflows &lt;number&gt;
Harry Federated Identity Improvements Continued work with shadow users Native SAML support k2k federated performance &lt;number&gt;
Lance &lt;number&gt;
Lance &lt;number&gt;
Lance &lt;number&gt;
Lance &lt;number&gt;
Lance &lt;number&gt;
Harry &lt;number&gt;
Harry Related talks: Default Roles on Monday @ 11:35 (Forum session) Project Onboarding on Monday @ 5:10 (Forum session) Edge Architecture on Tuesday @ 11:00 (Forum) Feedback Session on Tuesday @ 5:30 (Forum session) Unified Limits on Thursday @ 3:30 (Forum session) &lt;number&gt;
Harry Related talks: A Unified Approach to Role Based Access Control on Monday @ 3:10 (Container Infrastructure) Kubernetes and OpenStack Policy Management on Tuesday @ 1:50 (Private & Hybrid Cloud) Enabling Cloud Native Applications With Application Credentials in Keystone on Wednesday @ 5:30 (Public Cloud) &lt;number&gt;
(leave 10 minutes) That takes care of our project update We have time for comments, questions, and concerns Please use the mic in the center of the room, or we can repeat you question &lt;number&gt;

OpenStack Keystone Rocky Project Update

Recomendados

Recomendados

Mais conteúdo relacionado

Semelhante a OpenStack Keystone Rocky Project Update

Semelhante a OpenStack Keystone Rocky Project Update (20)

Último

Último (20)

OpenStack Keystone Rocky Project Update

Notas do Editor