yahoo-eng-team team mailing list archive

["Markus Zoeller \(markus_z\)" <mzoeller@xxxxxxxxxx>]

This wishlist bug has been open a year without any activity. I'm going
to move it to "Opinion / Wishlist", which is an easily-obtainable queue
of older requests that have come on.

In case you want to work on that, consider writing a blueprints [1] and
spec [2]. I'll recommend to read [3] if not yet done. The effort to
implement the requested feature is then driven only by the blueprint
(and spec).

References:
[1] https://blueprints.launchpad.net/nova/
[2] https://github.com/openstack/nova-specs
[3] https://wiki.openstack.org/wiki/Blueprints

** Changed in: nova
       Status: Confirmed => Opinion

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Compute (nova).
https://bugs.launchpad.net/bugs/1340834

Title:
  Support configdrive in LXC

Status in OpenStack Compute (nova):
  Opinion

Bug description:
  We'd like to support configdrive in Libvirt+LXC so that we can use
  cloud-init to configure guest networking, inject SSH keys, etc.

  Currently configdrive uses block devices which are attached to VM and
  then are mounted by the guest.

  For LXC our requirements are:

  * We'd like to avoid using blockdevices (CAP_SYS_MOUNT maybe dropped
  within a guest...not stock Libvirt, but it's possible we'd like to
  support that use case eventually)

  * We'd like avoid bind-mounts. Recent security concerns around bind-
  mount have surfaced where a user could traverse to the top of a bind-
  mounted FS. (User namespaces mitigated this, but we'd like to be
  extra-safe)

  
  The proposed implementation:

  * Adds a `fs` configdrive type, that just drops the config-drive
  information into a directory on the host, avoiding the creation of a
  blockdevice

  * Moves that config-drive directory into the root filesystem of the
  guest at spawn time.

To manage notifications about this bug go to:
https://bugs.launchpad.net/nova/+bug/1340834/+subscriptions