← Back to team overview

openstack team mailing list archive

Re: nova and trusted computing


Hey Mark,

I agree with the comments you have made on the merge prop so far, and I'm glad you've been working with the authors to find something more amenable.  I'm all for keeping the responsibilities of nova small and adding plug-in points and extensibility to support these types of features.


On Jan 3, 2012, at 7:00 AM, Mark Washenberger wrote:

> Nova folks,
> I have some concerns about the approach adopted in the trusted computing blueprint 
> https://blueprints.launchpad.net/nova/+spec/trusted-computing-pools
> http://wiki.openstack.org/TrustedComputingPools
> Basically, the assumption of this blueprint is that Nova has to be responsible for caching the "trust" status of hosts. In order to do this without allowing hosts to lie to the scheduler, a long lived component must be created. My sense is that this approach is too invasive and inappropriately pushes responsibilities from the "trust" infrastructure into Nova.
> I have been working with Fred Yang to try to address these concerns--and I'm confident that Nova can adjust in a reasonable way to accommodate trusted computing. However, the blueprint appears to have been approved with the approach I don't like baked in, and I don't want to overstep.
> So I ask: Is there a consensus among nova-core that the approach given in the blueprint needs to be changed? Or the other way around, is there a consensus approving of this approach?
> Thanks
> Mark Washenberger
> Rackspace Hosting
> Software Developer
> mark.washenberger@xxxxxxxxxxxxx
> _______________________________________________
> Mailing list: https://launchpad.net/~openstack
> Post to     : openstack@xxxxxxxxxxxxxxxxxxx
> Unsubscribe : https://launchpad.net/~openstack
> More help   : https://help.launchpad.net/ListHelp

Follow ups