openstack team mailing list archive

Thread
Date

nova and trusted computing

To: "Openstack Mailing List" <openstack@xxxxxxxxxxxxxxxxxxx>
From: "Mark Washenberger" <mark.washenberger@xxxxxxxxxxxxx>
Date: Tue, 3 Jan 2012 10:00:03 -0500 (EST)
Importance: Normal

Nova folks,

I have some concerns about the approach adopted in the trusted computing blueprint 

https://blueprints.launchpad.net/nova/+spec/trusted-computing-pools
http://wiki.openstack.org/TrustedComputingPools

Basically, the assumption of this blueprint is that Nova has to be responsible for caching the "trust" status of hosts. In order to do this without allowing hosts to lie to the scheduler, a long lived component must be created. My sense is that this approach is too invasive and inappropriately pushes responsibilities from the "trust" infrastructure into Nova.

I have been working with Fred Yang to try to address these concerns--and I'm confident that Nova can adjust in a reasonable way to accommodate trusted computing. However, the blueprint appears to have been approved with the approach I don't like baked in, and I don't want to overstep.

So I ask: Is there a consensus among nova-core that the approach given in the blueprint needs to be changed? Or the other way around, is there a consensus approving of this approach?

Thanks


Mark Washenberger
Rackspace Hosting
Software Developer
mark.washenberger@xxxxxxxxxxxxx

Follow ups

Re: nova and trusted computing
From: Vishvananda Ishaya, 2012-01-03