[Engine-devel] the procedure of storage-related
by bigclouds
------=_Part_127621_1793542873.1367041256436
Content-Type: text/plain; charset=GBK
Content-Transfer-Encoding: 7bit
hi,all
1.i am now not very familar with the right procedure of storage,
please give me a simply introduction of their concept and relation. help me out
StoragePool,StorageDomain
image,volume
2.please help me confirm.
i find only one place call mount command, which is poolConnectStorageServer.
if poolConnectStorageServer is before create and active StoragePool,StorageDomain?
3.if attach is just modify metadata, not anything else?
4.sp.py, deactivateSD
if i deactivate ISO storage,it finally umount masterDir, why ?
if masterDir is not mastersd?
thanks
------=_Part_127621_1793542873.1367041256436
Content-Type: text/html; charset=GBK
Content-Transfer-Encoding: 7bit
<div style="line-height:1.7;color:#000000;font-size:14px;font-family:arial"><div style="color: rgb(0, 0, 0); line-height: 1.7; font-family: arial; font-size: 14px;"><div>hi,all</div><div>1.i am now not very familar with the right procedure of storage, </div><div> please give me a simply introduction of their concept and relation. help me out</div><div> </div><div>StoragePool,StorageDomain</div><div>image,volume</div><div> </div><div> </div><div>2.please help me confirm.</div><div>i find only one place call mount command, which is poolConnectStorageServer.</div><div>if poolConnectStorageServer is before create and active StoragePool,StorageDomain?</div><div> </div><div>3.if attach is just modify metadata, not anything else?</div><div> </div><div>4.sp.py, deactivateSD</div><div> if i deactivate ISO storage,it finally umount masterDir, why ?</div><div> if masterDir is not mastersd?</div><div>thanks</div></div><br><br><span title="neteasefooter"><span id="netease_mail_footer"></span></span></div><br><br><span title="neteasefooter"><span id="netease_mail_footer"></span></span>
------=_Part_127621_1793542873.1367041256436--
11 years, 6 months
[Engine-devel] enable column resizing on all sub-tabs?
by Einav Cohen
Vojtech[/others] - what do you think about Gilad's comment below?
would it be possible / more correct to activate column resizing within the
base grid class itself by default (or something similar), rather than enable
it separately for each grid?
[@Gilad - keep in mind that IIUC - each column in each grid still needs to have
its width explicitly set]
----
Thanks,
Einav
----- Original Message -----
> From: gchaplik(a)redhat.com
> To: "Daniel Erez" <derez(a)redhat.com>
> Cc: "Einav Cohen" <ecohen(a)redhat.com>, "Vojtech Szocs" <vszocs(a)redhat.com>, "Alona Kaplan" <alkaplan(a)redhat.com>,
> "Tal Nisan" <tnisan(a)redhat.com>
> Sent: Thursday, April 25, 2013 3:23:56 AM
> Subject: Change in ovirt-engine[master]: webadmin: DataCenters main-tab: sub-tabs resizable columns
>
> Gilad Chaplik has posted comments on this change.
>
> Change subject: webadmin: DataCenters main-tab: sub-tabs resizable columns
> ......................................................................
>
>
> Patch Set 4:
>
> why we need to invoke getTable().enableColumnResizing() on each sub-tab?
> don't we want all grid subtabs to have column resizing?
>
> --
> To view, visit http://gerrit.ovirt.org/14105
> To unsubscribe, visit http://gerrit.ovirt.org/settings
>
> Gerrit-MessageType: comment
> Gerrit-Change-Id: I71465d36e5c18ecb8eb6dbca436feaeea1c902a9
> Gerrit-PatchSet: 4
> Gerrit-Project: ovirt-engine
> Gerrit-Branch: master
> Gerrit-Owner: Daniel Erez <derez(a)redhat.com>
> Gerrit-Reviewer: Alona Kaplan <alkaplan(a)redhat.com>
> Gerrit-Reviewer: Daniel Erez <derez(a)redhat.com>
> Gerrit-Reviewer: Einav Cohen <ecohen(a)redhat.com>
> Gerrit-Reviewer: Gilad Chaplik <gchaplik(a)redhat.com>
> Gerrit-Reviewer: Tal Nisan <tnisan(a)redhat.com>
> Gerrit-Reviewer: Vojtech Szocs <vszocs(a)redhat.com>
>
11 years, 6 months
[Engine-devel] Proposal to make REST API more webapp-friendly
by Vojtech Szocs
Hi guys,
having worked with Engine REST API from web application (JavaScript) perspective, there are things that could be improved to make REST API more webapp-friendly.
First of all, webapps are *not* traditional HTTP clients, i.e. they have *not* full control over HTTP processing. There are some standard conventions and behaviors built into web browsers that any REST API implementation should be aware of.
--
(1) Don't force clients to use cookies for transmitting authentication information! (or don't use cookies at all)
Good explanation can be found at [http://www.berenddeboer.net/rest/cookies.html]. Cookies have many disadvantages:
* cookie parsing/formatting is not trivial
--> extra complexity imposed on REST clients
* in addition to Same-Origin Policy [http://en.wikipedia.org/wiki/Same_origin_policy], cookies can be get/set *only* for the given path
--> JavaScript running at [http://example.com/webapp] *cannot* get/set cookies from requests at [http://example.com/restapi]
* cookies are the primary source of Cross-Site Request Forgery [http://en.wikipedia.org/wiki/Cross-site_request_forgery] attacks
--> malicious websites/scripts can forge requests to REST API that will include the cookie, compromising user session
Alternative: clients could be given the *option* to use regular HTTP header for transmitting authentication information.
For example, webapp could read such (sensitive information) header, store it securely via HTML5 Session Storage [http://en.wikipedia.org/wiki/Web_storage] and implement related HTTP processing on its own, e.g. pass this header for all authenticated requests (instead of pushing this responsibility to browser).
--
(2) Straight-forward HTTP Basic Auth has some drawbacks!
HTTP Basic Auth [http://en.wikipedia.org/wiki/Basic_access_authentication] over (non-secure) HTTP connection means sending user credentials (username/password/domain) in easy-to-decode cleartext, i.e. the value is *not* encrypted or hashed in any way. Using secure lower-level protocol (SSL) fixes the consequence, rather than the root cause of the confidentiality issue.
Furthermore, browsers typically remember HTTP Basic Auth information (either via browser-specific popup, or via XmlHttpRequest) until the browser window is closed. This means the webapp has no control over HTTP Basic Auth header after it has been set! This is the reason why it's hard to implement "logout" functionality in webapps when using HTTP Basic Auth.
Last but not least, HTTP Basic Auth is vulnerable to Replay attacks [http://en.wikipedia.org/wiki/Replay_attack]. Someone between client and server can intercept requests and replay them, compromising user session.
Alternative: clients could be given the *option* to use more advanced authentication scheme.
I've just read an excellent article at [http://www.thebuzzmedia.com/designing-a-secure-rest-api-without-oauth-aut...] which describes easy yet secure authentication scheme inspired by Amazon Web Services REST API authentication [http://docs.aws.amazon.com/AmazonS3/latest/dev/RESTAuthentication.html]. The idea is simple: collect auth information, hash (sign) it with a private key, and send everything to server. To guard against Replay attacks, just provide some timestamp to enforce request expiry after some time (say, 5-15 minutes). Easy and simple!
--
(3) Support JSON for resource representations!
I think this is pretty much obvious. XML has no real advantages over JSON. JSON, on the other hand, has good support in webapps (JavaScript) and maps directly to common data structures (i.e. string, number, boolean, and so on).
>From webapp perspective, it's much easier and natural to use JSON than to parse/format XML documents.
Alternative: clients could be given the *option* to use JSON, in addition to XML representation.
--
Vojtech
11 years, 6 months
[Engine-devel] UiCommon models in UserPortal - note about optimization logic
by Vojtech Szocs
Hi,
recently we faced an issue [1] where UserPortal UI refresh optimization logic [2] interfered with direct UiCommon model updates.
The optimization logic compares freshly received data with existing data and doesn't trigger UI refresh when there's no change. This inherently implies that UiCommon SearchableListModel shouldn't manipulate its item data directly, or it risks the situation when the optimization logic thinks there's no change (data retrieved from server matches updated item data).
(Possible improvement: add "dirty" flag to item model type (UserPortalItemModel) that would be called when UiCommon SearchableListModel does direct item manipulation.)
Vojtech
[1] http://gerrit.ovirt.org/#/c/14148/
[2] AbstractUserPortalListProvider.updateDataProvider method override
11 years, 6 months
[Engine-devel] Database Caching
by Liran Zelkha
Hi
I've created Change I04d7edea (http://gerrit.ovirt.org/#/c/14188/) that adds automatic database caching capabilities to the engine.
To cache a business entity, just add an annotation called TimeToLiveInCache that accepts as a parameter the number of seconds this object can live in the cache until it is refreshed from the database.
The next stage is improving the cache update mechanism, using Infinispan, and the ability to capture more query types.
Would love input and suggestions.
Thanks,
Liran
11 years, 6 months
[Engine-devel] storage overallocation ratio
by Michal Skrivanek
Hi,
I was trying to find out how is this actually calculated. Doesn't look very straightforward…:)
I'm curious about the following - vdsm reports something like truesize and apparentsize which IIUC should be distinct but then in engine, in backend/manager/modules/vdsbroker/src/main/java/org/ovirt/engine/core/vdsbroker/irsbroker/GetImageInfoVDSCommand.java it's written to the same engine property actual_size.
That doesn't sound right.
Can someone enlighten me please?
Thanks,
michal
11 years, 6 months
[Engine-devel] rewrite the engine-notifier service wrapper
by Alon Bar-Lev
Hello,
After finish to cleanup the engine-service to use downstream services and be portable to other distributions (upstart, openrc), we can use the same infrastructure for the engine notifier script.
It is very similar to the engine-service in operation (running java), except it is written in bash instead of python and has no systemd support, and have its own configuration.
What I suggest is to rewrite the notifier service in python and reuse the engine-service code.
Also, drop the /etc/ovirt-engine/notifier/notifier.conf in favor of variables within the /etc/ovirt-engine/engine.conf[.d/*], this will provide a single point of configuration for all services.
And of course proper systemd support and development environment support.
Any comments? thoughts?
Alon
11 years, 6 months