What’s next for OpenStack Keystone

At the Open Infrastructure Summit in Denver, project team leads (PTLs) and core team members offered updates for the OpenStack projects they manage, what’s new for this release and what to expect for the next one, plus how you can get involved and influence the roadmap.

Superuser features summaries of the videos; you can also catch them on the OpenStack Foundation YouTube channel.

What

Keystone is an OpenStack project that provides identity, token, catalog and policy services. It’s a shared service for authentication and authorization broker between OpenStack and other identity services.

Who

Current PTL Colleen Murphy, who works at SUSE as a cloud developer and Lance Bragstad, Huawei, former PTL.

What’s new

They started by sharing some metrics from the Rocky to Stein release.

“We noticed a pretty significant uptick in the number of commits — 73 percent — these are patches that were proposed, reviewed and landed during the Stein development cycle to any Keystone-related project or repository,” Bragstad says.

The team also noticed a slight uptick in the number of people who landed a patch. More commits equals more reviews, “which is why you’re seeing a 42 percent increase from Rocky,” Bragstad adds. “We did notice our core team was reduced by a third,” Bragstad says. There was also a 60 percent increase in the number of bugs opened against identity-related projects — but community members also managed to double the number of bugs squashed.

The pair outlined what the community delivered in the Stein release:

• MFA Receipts
• JWS tokens
• Domain-level quota limits
• System scope APIs
• Read-only role

What’s next

There’s an impressive amount of work expected to deliver with the upcoming release, Train:

• Access rules for application credentials
• Renewable application credentials
• Client support for MFA receipts
• System scope policy changes were completed
• Read-only role implementation polished
• Immutable resources

The team also already has in sight features and improvements for upcoming releases, including:

• Federation and edge improvements
• Identity provider proxy
• Hierarchical enforcement models for unified limits
• Enhance tokenless authentication

Cross-project initiatives include adoption of unified limits,properly consuming scope types and default roles support.

Get involved

Use Ask OpenStack for general questions
For roadmap or development issues, subscribe to the mailing list openstack-discuss at lists.openstack.org and use the tag [keystone]
Participate in the weekly meeting, Tuesdays at 1600 UTC in #openstack-meeting-alt

Catch the whole 15-minute session below.

Photo // CC BY NC

Tags: Keystone, OpenStack, project updates

• Author
• Recent Posts

Superuser

Superuser Magazine is the Open Infrastructure Foundation's official online publication. It covers open infrastructure ecosystem news, case studies, event recaps, product updates and announcements, project releases, and more.

Latest posts by Superuser (see all)

• Exploring the Open Infrastructure Blueprint: Huawei Dual Engine - September 25, 2024
• Open Infrastructure Blueprint: Atmosphere Deep Dive - September 18, 2024
• Datacomm’s Success Story: Launching A New Data Center Seamlessly With FishOS - September 12, 2024

Share this...

Facebook

Twitter

Linkedin

Email