openstack team mailing list archive
-
openstack team
-
Mailing list archive
-
Message #06060
Re: trusted computing and nova
> Behalf Of Mark Washenberger
> Do we need anything more than a way to inject a third-party filter into
> schedulers?
>
> I'm assuming that we need to schedule based on whether or not the
> attestation server verifies the host. And I understand that this
> situation introduces some peculiar and novel requirements on the
> scheduler. But I don't think it makes sense to deduce from that that we
> should write an attestation client into nova and create a new scheduler
> and manager service. Instead, we should robustify (is that even a
> word? :-) the plug-ability of the scheduler with these requirements in
> mind.
>
> I really appreciate the work that has gone into making this transparent
> and generic with the standalone http-based attestation server. I just
> don't think it goes quite as far as it needs to.
Not to be pressed! :-). not a good idea to plug client connection into scheduler.
The original idea was to only add new filters on base code per requirement, new capability handling is a little bit invasive.
Looking into Admin API approach per other thread
thx
-Fred
References