Openstack Engineer - remote

WSM International LLC
Posted 3 years ago

WSM is looking for an Openstack engineer to design, implement, test, and commit changes to upstream Openstack source code. Goal is not to have a forked solution, which would complicate future version upgrades. Desired solution should be password compliant with regards to PCI DSS for audit purposes. Proposed solution should encrypt and potentially rotate credentials periodically, to maintain compliance.

SCOPE

  • Solution Design and Spec Approval by Openstack code reviewers - Create/Update design spec for proposed solution. Work with PTL and external reviewers to get design spec approved.
  • Source Code changes approved by Openstack code reviewers. - Build out Implementation and Test, End-User Testing, Source Code Approval, Apply the recommended code changes in the following Openstack projects: Oslo, Openstack-Ansible, Keystone, Test the changes to ensure functionality works as expected and no other issues are introduced.
  • Source Code Ported into Official Openstack Releases - Facilitate getting the changes approved in upstream repository.

Project Duration - The estimated project duration is 6 months.

ASSUMPTIONS.

  • There is already an existing Openstack spec for this password solution. Developer most likely will utilize this same spec. But there is a possibility that a new spec could be created, if there are challenges encountered that could limit us from using the existing spec.
  • The solution could involve encrypting the passwords in the configuration file or utilizing an external vault to natively provide encryption and password rotation. The Openstack engineer will decide on the best solution, that minimizes risk, and increases the chance of acceptance.
  •  The Oslo module is a majority of where the code changes will occur.  The Openstack-Ansible project will need to be updated, to enable the new password encryption solution. Backend driver in Keystone will need to be changed.