Barcelona, Spain
October 25-28, 2016
Magnum: Work session
Creds/Certs Management
When an individual leaves an organization, his or her former employer is expected to revoke that individual's access to any systems, including Magnum clusters. Magnum allows native API access directly to COEs, so this means having a way to revoke or re-issue a TLS certificate used by the COE. Today, the only option is to delete the bay and create a new one. We'd like to add a feature to Magnum that keeps the data plane in place, but revokes or replaces certificates in place. We realize that revoking individual user certs from a cluster might require contributions to upstream k8s and swarm projects, and potentially other driver types as well. Should we consider forming teams to contribute to these projects?
See also: Kubernetes OpenStack SIG session Tuesday, October 25, 2:15pm-2:55pm
See also: kubernetes-openstack special interest group
When an individual leaves an organization, his or her former employer is expected to revoke that individual's access to any systems, including Magnum clusters. Magnum allows native API access directly to COEs, so this means having a way to revoke or re-issue a TLS certificate used by the COE. Today, the only option is to delete the bay and create a new one. We'd like to add a feature to Magnum that keeps the data plane in place, but revokes or replaces certificates in place. We realize that revoking individual user certs from a cluster might require contributions to upstream k8s and swarm projects, and potentially other driver types as well. Should we consider forming teams to contribute to these projects?
See also: Kubernetes OpenStack SIG session Tuesday, October 25, 2:15pm-2:55pm
See also: kubernetes-openstack special interest group
Registration Opening Soon
Registration will open for you to purchase passes for the OpenStack Summit very soon!
We're excited to see you there!
Download App
