Community interest in osb-cmdb ?


Guillaume Berche
 

Thanks Benjamin for your interest in this talk and the ideas shared around extended use-cases around CF marketplace!

Regarding the CF-as-IAM use-case, your understanding is correct, the idea is to periodically schedule a `cf update service` API call for every cloud subscription nested within a project subscription, when the latter may have some changes in their member list. This could potentially be osb-cmdb that supports broker opt-ins to receive the scheduled api calls. See placeholder describing this potential feature at https://github.com/orange-cloudfoundry/osb-cmdb/issues/105

Regards,

Guillaume.



On Fri, Mar 19, 2021 at 12:43 AM Benjamin Gandon <benjamin@...> wrote:
Hi Guillaume,

I’ve just finished watching the video playback of the February Community Advisory Board and I’m impressed how creative you guys have been in terms of re-using existing components for new use-cases.

Using an existing cloud controller as a meta service broker, just adding a mere shim in front in order to convert incoming OSB API call to CF API calls, that’s… brilliant.

The 2nd CF-as-IAM solution is very creative either. Leveraging the CF Terraform provider into a Brokerpack for the new Cloud Broker… just blew my mind.
One feedback though, is about off-boardiing. In many companies, revoking authorizations when people go away is harder that granting them in the first place. This arises for many reasons, mostly non-technical. Here with CF-as-IAM, when you update the teammates list in your team CF space, that act as a template to provision authorisations on remote foundations, how do you enforce the new authorizations to the remote foundation ? Maybe you already push those with a `cf update service` API call, but as you didn’t mention this in your talk, I was curious.

Anyway, congrats for those creative experiments around OSB API, and ways to manage complexity in large scale organisations, when provisioning large numbers of CF foundations.

Benjamin


Le 22 févr. 2021 à 18:40, Guillaume Berche <bercheg@...> a écrit :

Hi,

Orange has contributed a component to ease sharing of an open-service-broker marketplace among multiple client platforms. See cab recording at [1], and a longer full slide deck at [2] and actual repo at [3].

Before proposing this project to the cf-extension pmc (or new working group in new CF technical governance), I'd like to hear if there is community interest in using or contributing to this project ?

Thanks in advance for your feedback,


Benjamin Gandon
 

Hi Guillaume,

I’ve just finished watching the video playback of the February Community Advisory Board and I’m impressed how creative you guys have been in terms of re-using existing components for new use-cases.

Using an existing cloud controller as a meta service broker, just adding a mere shim in front in order to convert incoming OSB API call to CF API calls, that’s… brilliant.

The 2nd CF-as-IAM solution is very creative either. Leveraging the CF Terraform provider into a Brokerpack for the new Cloud Broker… just blew my mind.
One feedback though, is about off-boardiing. In many companies, revoking authorizations when people go away is harder that granting them in the first place. This arises for many reasons, mostly non-technical. Here with CF-as-IAM, when you update the teammates list in your team CF space, that act as a template to provision authorisations on remote foundations, how do you enforce the new authorizations to the remote foundation ? Maybe you already push those with a `cf update service` API call, but as you didn’t mention this in your talk, I was curious.

Anyway, congrats for those creative experiments around OSB API, and ways to manage complexity in large scale organisations, when provisioning large numbers of CF foundations.

Benjamin


Le 22 févr. 2021 à 18:40, Guillaume Berche <bercheg@...> a écrit :

Hi,

Orange has contributed a component to ease sharing of an open-service-broker marketplace among multiple client platforms. See cab recording at [1], and a longer full slide deck at [2] and actual repo at [3].

Before proposing this project to the cf-extension pmc (or new working group in new CF technical governance), I'd like to hear if there is community interest in using or contributing to this project ?

Thanks in advance for your feedback,


Guillaume Berche
 

Hi,

Orange has contributed a component to ease sharing of an open-service-broker marketplace among multiple client platforms. See cab recording at [1], and a longer full slide deck at [2] and actual repo at [3].

Before proposing this project to the cf-extension pmc (or new working group in new CF technical governance), I'd like to hear if there is community interest in using or contributing to this project ?

Thanks in advance for your feedback,