Video recording and production done by OpenStack Foundation.
Allowing implementors to “trust but verify” OpenStack clouds makes federation work. This is done through SAML & Keystone's federation support for multiple OpenStack clouds. But what about audit data? How can you verify that the events emitted from a cloud service provider are true? And what about keys & secrets? How can you verify that the keys you have in your private cloud are being used by a cloud service provider correctly & securely?
This session looks at what federation use cases have been delivered in previous releases, what is currently being worked on, and the use cases left to help ease the experience of cross-cloud operations. We provide a brief overview of the standard based CADF federation audit format that has been adopted by the OpenStack community. We then discuss enhancements that are being added across OpenStack projects beyond Keystone to support federation and audit capabilities. Finally we discuss future enhancements that are needed to maximize the consumability of OpenStack federated cloud support.