From 5329342b79dd95f1f24306bb354aa0eea02fb83d Mon Sep 17 00:00:00 2001 From: Sean Handley Date: Fri, 29 Sep 2017 15:04:56 +0100 Subject: [PATCH] Passport Programm draft spec. Change-Id: Iff9917386ebbf49fd76bceccb5709dd018477ea9 --- doc/source/conf.py | 4 ++ doc/source/index.rst | 1 + doc/source/passport_program.rst | 88 +++++++++++++++++++++++++++++++++ 3 files changed, 93 insertions(+) create mode 100644 doc/source/passport_program.rst diff --git a/doc/source/conf.py b/doc/source/conf.py index d8200ca..f717b2b 100755 --- a/doc/source/conf.py +++ b/doc/source/conf.py @@ -26,6 +26,10 @@ extensions = [ #'sphinx.ext.intersphinx', ] +# Feed configuration for yasfb +feed_base_url = 'http://specs.openstack.org/openstack/publiccloud-wg' +feed_author = 'OpenStack Public Cloud Working Group' + # autodoc generation is a bit aggressive and a nuisance when doing heavy # text edit cycles. # execute "export SPHINX_DEBUG=1" in your terminal to disable diff --git a/doc/source/index.rst b/doc/source/index.rst index aa7d944..1d187c4 100644 --- a/doc/source/index.rst +++ b/doc/source/index.rst @@ -13,6 +13,7 @@ Contents: :maxdepth: 2 readme + passport_program Indices and tables ================== diff --git a/doc/source/passport_program.rst b/doc/source/passport_program.rst new file mode 100644 index 0000000..3cacfdd --- /dev/null +++ b/doc/source/passport_program.rst @@ -0,0 +1,88 @@ +.. _passport_program: + +The OpenStack Passport Program +============================== + +What? +----- + +The OpenStack Passport program is a joint initiative between the Public Cloud Working Group and the OpenStack Foundation. + +There are 60+ OpenStack public clouds available globally. Armed with an OpenStack Passport, a user will have the ability to easily gain a trial account on any participating cloud. + +The passports will be created by the OpenStack Foundation and distributed in both print and digital forms. + +Why? +---- + +To allow the OpenStack Foundation to act as a unified point of entry for public cloud users, and to help public cloud providers grow their userbases. + +When? +----- + +A low-tech landing page will be implemented for version 0 of the scheme and will be launched in November 2017 at the OpenStack Summit in Sydney. + +Version 1 is currently forecast to land in May 2018 in time for the OpenStack Summit in Vancouver. + +How? +---- + +Version 0 +^^^^^^^^^ + +* Landing page promoting various OpenStack-based public clouds that have signed up to the Passport program +* Marketing exercise to raise awareness and guage interest from users and operators +* Foundation understanding the various public cloud operators commercial offerings - sign up process, how much resource they have available, what services are on offer +* The message: "valid for at least XX resources on any participating public cloud for 1 month" +* To avoid value comparison, agree on a minimal amount of resources a token would be valid (it's ok to offer more)+1 +* Should be limited in time. +* APPLICATION CRITERIA: OpenStack interop - OpenStack powered as a requirement for Passport program participation (confirm with participants) +* Public clouds report summary usage to the foundation every month or so (preserving personal information disclosure requirements)+1 +* Success of this step will determine the rest... + +Version 1 +^^^^^^^^^ + +* How to measure utilisation - maybe don't base it on a dollar value, more on usage i.e a set quota of certain number of instances / volumes etc.+1 +* Recommendation is that the public cloud operators are responsible for operating and maintaining any kind of centralized (or decentralized - blockchain?) method of token validation / revocation as well as usage tracking. +* Foundation can generate signed tokens that can be validated on each public cloud using a public key +* Local sig validation approach means that tokens can be reused across multiple public clouds, but that's actually not a bad thing +* Public clouds must locally mark tokens as used so that they can't be infinitely reused on their cloud +* Public clouds report summary usage to the foundation every month or so (preserving personal information disclosure requirements) +* Code / token generation +* Unique URL / QR code -- need to find a printer that would be OK printing lots of different QR codes +* Something equivalent to the length of a Windows licensing key +* QR code contains a URL like http://opensta.ck/?token=25495720598743957495874359874359845984375643509747350987823509473258572390857342095878 +* leads to Foundation-hosted static page listing the participating clouds and the token (ready to be copy-pasted) +* Token can be included as a parameter to the various public cloud links +* Keys used to sign codes to be regenerated every ~ 6 months +* Longevity of tokens (6 months, 1year...) +* Is it more complex than it needs to be ? +* Bunch of trial links on a page gets you 90% there. Let's see after step 0 if that level of complexity is actually necessary +* Being able to terminate trial sign-ups in case of capacity issues + +Version 2 +^^^^^^^^^ + +TBA + + +Selection Criteria +------------------ + +Participating cloud vendors need to meet the following criteria: + +1) They must currently offer a free trial for new public cloud users. +2) They must provide a quality user experience, because confusing/longwinded processes dissuade users. There will be a definition of what a quality UX entails soon. +3) They must have a privacy policy, because OpenStack.org will be sending users to sign up directly for their service + + +implement an official OpenStack graphic and agreed-upon text on your own website's landing page (details TBA); +You are strongly encouraged to get involved with the bi-weekly IRC meetings hosted by the Public Cloud Working Group (more details below); +You acknowledge that participation in the program does not necessarily guarantee traffic or users. + +Questions +--------- + +1. Can you use one passport on multiple clouds? +2. How do you limit the scope of the trial? Preloaded dollar value? VCPU hours? A dict of quotas for all resource types? \ No newline at end of file