← Back to team overview

openstack team mailing list archive

Re: trusted computing and nova

 

On Thu, Dec 8, 2011 at 2:27 PM, Mark Washenberger
<mark.washenberger@xxxxxxxxxxxxx> wrote:
> Does code specific to Trusted Computing belong in Nova? It seems like it should be supported through Scheduler plugins and API plugins (if necessary). It seems like the ideas of attestation and trusted computing are tangential to the core of Nova.
>
> I can easily imagine a lot of scheduler variations that Nova should support. Adding custom code to nova for each variation would probably lead to a lot of extra complexity. However, the current trusted computing blueprint sets the precedent that each such variation deserves its own custom code (which nova developers are then presumably expected to support).
>

I think we need to make sure the appropriate hook's are in place so it
can be added, but beyond that I see an explosion of variations and
dependencies.

My initial impression, like yours, is that it can be accomplished in a
custom scheduler.  But I'm not a trusted computing expert, so I'd be
interested in hearing why that wouldn't work, and what additional
hooks might be needed.

> Context:
> https://blueprints.launchpad.net/nova/+spec/trusted-computing-pools
> http://wiki.openstack.org/TrustedComputingPools
> https://review.openstack.org/1899
>
>
mike


Follow ups

References