7. Moonshot technologies
Moonshot is built on:
• Strong authentication: EAP/RADIUS
• Strong authorisation: SAML
• Easy service/application integration: SASL/GSS-API
Standardisation approaching completion within the
Internet Engineering Task Force (IETF)
Moonshot
10. Starting the virtualization...
Host 1 Host 2 Host 3 Host 4, etc.
Hypervisor
(VMWare ESX, Citrix XEN Server, KVM, etc.)
Hardware abstraction for each server
Source: OpenStack Foundation
11. ... but how to manage the resources ?
Provisioning ? User management ?
12. Add the missing cloud management layer
APIs Self-service for users
Creates Automates
Pools of Resources deployment
13. Main components of OpenStack
Applications
APIs
Identity Compute Storage Network
Keystone Nova Swift Quantum
Standard Hardware
15. Federated Keystone
Allows to use external Identity Providers (IdP)
Easy user provisioning
Provides Single Sign On (SSO) to the users
Developed as a Keystone middleware
32. Project roadmap
• Study of the existing Moonshot implementations (e.g. Apache / Firefox).
• Fork the PyKerberos library to add flexibility in the usage of the GSS-API
C library.
• Study of the potential needed improvements of the Keystone Federated
protocol.
• Implement the authentication / authorization Moonshot module.
• Validation testing using a OpenStack client (e.g. python-swiftclient).