PyDev of the Week: Lance Bragstad

This week we welcome Lance Bragstad (@LanceBragstad) as our PyDev of the Week! Lance is a core developer of the OpenStack project. You can find out more about his passions via his website or his Github profile. Let’s spend some time getting to know Lance!

Can you tell us a little about yourself (hobbies, education, etc):

In 2012, I graduated with a degree in Computer Science from North Dakota State University, located in Fargo (yup, like the movie). Since then I’ve become more and more passionate about open-source software. I spend most of my time in the OpenStack ecosystem.

Besides being passionate about open-source software, I’m an avid outdoorsman. My wife and I train for running events together. I also donate time as a volunteer firefighter for our community of about 700 people.

Why did you start using Python?

After I graduated college, I started working at IBM building an OpenStack distribution. Since OpenStack is written in Python, learning Python was a requirement, and that’s how I was introduced to the language. Despite being given the opportunity to use different languages in college, I never really experimented with Python. Using it in a new setting with a new job was an exciting learning experience.

What projects are you working on now?

Currently, I spend the majority of my time working within OpenStack’s authentication and authorization realm. There is a dedicated identity service, called keystone, along with several libraries that orchestrate authorization across OpenStack.

Since there are many ways to approach identity management, it’s interesting to work on the piece that handles all of that. Keystone can be used to manage users with MySQL. It can also be configured to use LDAP or even identity providers that issue SAML assertions or use OpenID Connect.

The other exciting part is that OpenStack services offer such a rich set of APIs to users. Since services consume authorization information from keystone, keystone has to support protecting all of those APIs, which presents an interesting set of problems to solve.

Which Python libraries are your favorite (core or 3rd party)?

One library that comes to mind is pyca/cryptography. We used this library in keystone to implement a form of authenticated encryption, solving a significant scale and operations issue at the time. We looked around at some other options, but pyca/cryptography was a near perfect fit.

Before formally pulling it in as a dependency, I went through and read the source code and tests. The authors did a great job organizing functionality, and the tests were easy to parse. Despite the complexity involved in a topic like cryptography, it was refreshing to go through the code and see things laid out cleanly. Being able to clearly understand the intricacies of the library made solving a tough problem a little easier.

How did you get started with OpenStack?

I started working on OpenStack in January of 2012, shortly after Diablo was released and the community was busy developing Essex. I was wrapping up my undergraduate degree at NDSU, and we were entering our final semester before graduation in May. I was one of four members working on a capstone project. We were asked to find use cases to deploy Infrastructure-as-a-Service, primarily looking for people who would consume a private OpenStack cloud if we built one.

By the mid-term, we had the Diablo release deployed on three physical machines using crowbar, chef, and juju (fun fact: only two of the hosts had virtualizations extensions). We spent finals week putting the finishing touches on a brand new Essex deployment (including some marginally better hardware) shortly after it was released (2012 April 5).

Our deployment was primarily used by faculty and graduate students, fulfilling HPC use cases for research.

Where is OpenStack going in the future?

This is my own opinion, but I see OpenStack continuing to stabilize. I think we, as the OpenStack community, are getting better at working towards common goals, which is a challenge given the breadth of projects under OpenStack governance. I think this is exciting because it provides a consistent look and feel to our users, and improves the experience they have with the software we write.

For years contributors have poured tons of effort into features and functionality, especially within specific domains like networking, storage, or compute infrastructure. I think now we’re getting to the point where continuing to move forward means smoothing out usability between components.

I see a lot of truth in Robert Martin’s view that software design is a constant dynamic tension instead of a utopian endstate that is written once*. If you look, you can see we are making choices to simplify software across OpenStack. In my opinion, the tension is shifting from intense feature development to stability and simplicity for users and maintainers. It’s exciting to see these transitions happen when you’ve been involved with a project for a long time, and what they bring to everyone involved in our community.

* Uncle Bob talks about this extensively in his book Clean Architecture, which is a great read.

Thanks for doing the interview, Lance!