Feature #37522

Keystone type user creation

Added by Roberto Valverde 8 months ago.

Target version:
Start date:
Due date:
% Done:


Affected Versions:
Pull request ID:


Dear all,

At CERN, we are currently adding the radosgw component in our private cloud OpenStack based offering. In order to ease the integration with lifecycle management, we are proposing to enable the possibility to add users with the keystone type through the radosgw Admin Ops API. During the integration process, we observed that the users are created upon first user request onto the radosgw. For the quota configuration, this is taken from the default values configured and once this user has been created,then it can be modified later.

For the lifecycle management of resources, we are using OpenStack Mistral that is orchestrating the needed steps to configure the project from creation to be ready to be offered to the user. In this workflow, we configure the services that the project has access and the quotas associated with them.

For the radosgw component we need to consider two different events: Provisioning and decommissioning of resources in it. On the cleanup / decommissioning side every bit is covered through the admin operations api.

Here comes our problem:

On the provisioning side, we could not apply quotas to users that have not yet been created by radosgw (as it waits for the first user request). Once they are created, they have a type attribute with the value keystone.
So we would like to be able to create the users on radosgw with the keystone type, way before the first user request, by adding the possibility to specify the type on user creation.

We think this addition has added value for other OpenStack operators that are using radosgw for their S3/Swift offering and gives them flexibility for lifecycle management of the resources contained in radosgw.

Thank you in advance,

Also available in: Atom PDF