Hacker News new | ask | show | jobs
by justinsb 4620 days ago
The APIs are re-implemented from scratch, from the OpenStack docs. The docs are pretty good, and the OpenStack community has been pretty good about improving them where there were gaps as well.

Part of the idea was not to use _any_ of the existing OpenStack code. Otherwise the temptation to copy-and-paste from OpenStack would have been too high, and copying and pasting defeats the whole purpose of doing a second implementation.

Equally, while I think there are some concepts that I hope will make it into the official OpenStack (such as a consistent Swift), there can be no copy and paste 'upstream' either because of the language barrier, which means that FathomCloud can be a true playground for experimentation.
1 comments
nl 4620 days ago
IMHO that's good. I've done some OpenStack work (a JS client), and I think it could benefit from an alternate implementation - there was too much reverse engineering involved.
link
justinsb 4620 days ago
Sounds interesting - would love a link to your work if it's open source!
link
nl 4620 days ago
I raised a bug on CORS support[1], and then switched over to doing it all Serverside.

I was writing a cross-provider control console. Got a fair way along, but haven't released it.

[1]https://bugs.launchpad.net/oslo/+bug/987044

link
justinsb 4620 days ago
Cool idea. I don't see any reason not to support CORS; all the OpenStack requests require a custom Auth http header anyway, so I don't think there's any danger in turning on CORS there. I didn't see anyone in the Launchpad bug report that was against it.

The only call that I think _might_ be dangerous to expose is the login API, but that should be rate-limited and / or have lockout anyway.

I've opened a bug to support CORS in FathomCloud. It's not a lot of work (I already have the filter in the repo, it's just not configured in). I just want to think it through to make sure it's safe: https://github.com/fathomdb/cloud/issues/50

link
nl 4619 days ago
If you follow the bug links there was actually an attempt made to fix it, but it was rejected as being incomplete.

I haven't chased it up, but I think it's an important use-case.

link
justinsb 4619 days ago
Thanks for pointing out the patch - I'll review the discussion.

It's definitely an important use case - no argument here :-)

link