misteritguru at gmx
Aug 18, 2012, 3:46 AM
Post #7 of 7
On 14 Aug 2012, at 14:59, Brian Schott <brian.schott [at] nimbisservices> wrote:
Re: Newbie Question - Can I interface with open stack providers from my desktop?
[In reply to]
> I remember this being raised in the Horizon session at the last summit. It's theoretically possible with some code refactoring, but there are several issues that would have to be addressed.
> 1. The Horizon auth system is tied to Keystone, so that means you have to login N times or build an supplementary auth system that holds those multiple keystone credentials on behalf of the user.
I thought about keystone - and on reading this, I think I've misunderstood how it functions. I thought that being an authentication proxy, (please correct me if I'm wrong, I'd like to learn), it would be the job of my keystone box to authenticate with my providers on behalf on my horizon setup - and get a 'temporary token' back so that it (horizon) can speak to the Nova Box my provider has. Read that last sentence twice, even I'm confused a bit.
> 2. Horizon is essentially stateless, so every interaction with Horizon involves one or more round-trip queries through the OS API service. Trying to do N queries during the span of a web GET or POST context will run the risk of timing out, not to mention the fun of handling "partial" errors if one of the queries fails.
I've just had a thought … am I blurring the line between dashboard, and control panel here? If horizon is stateless - then for each refresh it's going to fetch the data in real time, right? In that case, I can see the potential problems.
> 3. It would break a lot of Horizon interfaces. There are ambiguities in some of the panel controls where the semantics wouldn't be clear where an action should happen. Create a security group? On which cloud(s)? A browser-side approach like ElasticFox is easier where you just pull down and work with one cloud at a time, but providing a seamless view that also gives the user control is hard.
I had assumed that horizon would poll the different parts of the infrastructure, and store that data locally, maybe in a MySQL database, and then use that status information to provide a dashboard to the user, with user authentication via keystone, so that particular user only gets the info, and the ability to issue commands to the parts he has access to.
> In short, the core panels could be repurposed but a lot of the plumbing would have to be refactored. Also, there are many unified cloud interfaces out there that support OpenStack: JCloud, CloudStack, RightScale to name a few.
> Brian Schott, CTO
> Nimbis Services, Inc.
> brian.schott [at] nimbisservices
> ph: 443-274-6064 fx: 443-274-6060
I'll take a look at those unifying cloud interfaces you've mentioned. /* my opinion - it would improve the OOTB experience if some sort of unifying cloud interface came too … hint hint! */
> On Aug 13, 2012, at 8:12 PM, Matt Joyce <matt [at] nycresistor> wrote:
>> It's an interesting use case. I mean in theory horizon can do EXACTLY
>> this. Because it understands ACLs all it really needs is access to
>> the API endpoints.... which keystone's directory service should
>> And that means...
>> A user who has openstack tm compatible images running on a variety of
>> clouds could provide a unified web interface on all those clouds
>> rather than relying on white labeled / customized interfaces. I could
>> see this as a legitimate use case for hybrid cloud deployments.
>> It's interesting to consider that sort of use case. Never thought of
>> doing it myself. A little bit inception like.
>> On Mon, Aug 13, 2012 at 2:17 PM, Trey Duskin <trey [at] maldivica> wrote:
>>> I'm not sure if Horizon will support this, although if the cloud provider's
>>> APIs are standard, it might be possible to set up Horizon and point it at
>>> the provider's endpoints.
>>> However, why would you want to do this? If we're talking Rackspace or HP,
>>> they have consoles which appear to give you the same basic functionality as
>>> Horizon. Right now you should be able to "run [your] own cloud from an old
>>> crusty pentium laptop with 512MB of memory." Am I missing something?
>>> On Sun, Aug 12, 2012 at 7:57 PM, Mr IT Guru <misteritguru [at] gmx> wrote:
>>>> Good Morning Open Stack People,
>>>> Please forgive this naive question.
>>>> I've been trying to follow Open Stack, and to be honest, I think it's
>>>> pretty awesome. From my understanding of Horizon, it's a dashboard for
>>>> controlling the features of the stack as a whole. I can't help but thinking
>>>> that, that's great for managing my own private setup - But can I use it to
>>>> interface with a third party implementation - for example, My Rack Space
>>>> account? And if not why not!!! (Just kidding). If this is off topic for the
>>>> list, then I'm sorry, but my mind keeps racing as I think of the
>>>> possibilities. If I'm off target, or if this is not the aim of Horizon, then
>>>> I think I'll be a bit disappointed. I've been following this project since
>>>> it was announced just to see the day where I can run my own cloud from an
>>>> old crusty pentium laptop with 512MB of memory!!
>>>> OpenStack-operators mailing list
>>>> OpenStack-operators [at] lists
>>> Trey Duskin
>>> Dir. of Technical Services, Maldivica
>>> 404.955.7490 (c)
>>> OpenStack-operators mailing list
>>> OpenStack-operators [at] lists
>> OpenStack-operators mailing list
>> OpenStack-operators [at] lists
> OpenStack-operators mailing list
> OpenStack-operators [at] lists
OpenStack-operators mailing list
OpenStack-operators [at] lists