April 2013 - Devel - Ovirt List Archives

[Engine-devel] oVirt updates - April 28th, 2013

by Itamar Heim

I thought a summary of things going on from time to time may interest folks: 1. From the Web * Vagrant support for oVirt/RHEV added http://alturl.com/bkauk https://github.com/pradels/vagrant-ovirt http://www.vagrantup.com/ * How to create and provision an oVirt VM with ansible http://www.youtube.com/watch?v=up8X_clAvZk * ovirt_metrics - ActiveRecord-based gem for reading the oVirt History database http://is.gd/hO94Us * DEMO: oVirt - GlusterFS Native Integration for KVM Virtualization http://www.youtube.com/watch?v=0iIuHCz8L04 * Android x86 running on oVirt http://www.youtube.com/watch?v=5nFZLma_Ofw * using oVirt to build a virtualization platform on an IBM BladeCenter http://www.r11networks.com/2013/04/ovirt-meets-ibm-bladecenter/ http://www.r11networks.com/2013/04/ovirt-installation-guide/ 2. Conferences * René Koch (ovido) presented oVirt in a two conferences in Germany oVirt was covered in two OpenStack summit sessions: * Mike Day, IBM: Connected Communities, Innovative Technologies: OpenStack, oVirt, and KVM http://sched.co/WcehtG * Romil Gupta et al, HP: RHEV-M/oVirt Clusters as compute resources http://sched.co/14hte1T http://www.slideshare.net/romilgupta19/hp-rhevmdriverromil) http://alturl.com/vsn5e 3. Bug/feature/patch of the week? Send your candidates for the next update 4. Upcoming * oVirt Shanghai workshop http://www.ovirt.org/Intel_Workshop_May_2013 Feel free to send comments, items, etc for consideration for the next update. Thanks, Itamar

11 years, 7 months

1
0
0 / 0

[Engine-devel] Design wiki page for trusted compute pools integration with oVirt has been updated

by Chen, Wei D

Hi All, Our second approach for trusted compute pools integration with oVirt seems more simple and sensible than previous VM level approach. Welcome any comments on our latest design. Thanks in advance. Link is here, http://www.ovirt.org/Trusted_compute_pools Best Regards, Dave Chen

11 years, 7 months

6
14
0 / 0

[Engine-devel] the procedure of storage-related

by bigclouds

------=_Part_127621_1793542873.1367041256436 Content-Type: text/plain; charset=GBK Content-Transfer-Encoding: 7bit hi,all 1.i am now not very familar with the right procedure of storage, please give me a simply introduction of their concept and relation. help me out StoragePool,StorageDomain image,volume 2.please help me confirm. i find only one place call mount command, which is poolConnectStorageServer. if poolConnectStorageServer is before create and active StoragePool,StorageDomain? 3.if attach is just modify metadata, not anything else? 4.sp.py, deactivateSD if i deactivate ISO storage,it finally umount masterDir, why ? if masterDir is not mastersd? thanks ------=_Part_127621_1793542873.1367041256436 Content-Type: text/html; charset=GBK Content-Transfer-Encoding: 7bit <div style="line-height:1.7;color:#000000;font-size:14px;font-family:arial"><div style="color: rgb(0, 0, 0); line-height: 1.7; font-family: arial; font-size: 14px;"><div>hi,all</div><div>1.i am now not very familar with the right procedure of storage, </div><div>    please give me a simply introduction of their concept and relation. help me out</div><div> </div><div>StoragePool,StorageDomain</div><div>image,volume</div><div> </div><div> </div><div>2.please help me confirm.</div><div>i find only one place call mount command, which is poolConnectStorageServer.</div><div>if poolConnectStorageServer is before create and active StoragePool,StorageDomain?</div><div> </div><div>3.if attach is just modify metadata, not anything else?</div><div> </div><div>4.sp.py, deactivateSD</div><div>  if i deactivate ISO storage,it finally umount masterDir, why  ?</div><div>  if masterDir is not  mastersd?</div><div>thanks</div></div><br><br><span title="neteasefooter"><span id="netease_mail_footer"></span></span></div><br><br><span title="neteasefooter"><span id="netease_mail_footer"></span></span> ------=_Part_127621_1793542873.1367041256436--

11 years, 7 months

1
0
0 / 0

[Engine-devel] enable column resizing on all sub-tabs?

by Einav Cohen

Vojtech[/others] - what do you think about Gilad's comment below? would it be possible / more correct to activate column resizing within the base grid class itself by default (or something similar), rather than enable it separately for each grid? [@Gilad - keep in mind that IIUC - each column in each grid still needs to have its width explicitly set] ---- Thanks, Einav ----- Original Message ----- > From: gchaplik(a)redhat.com > To: "Daniel Erez" <derez(a)redhat.com> > Cc: "Einav Cohen" <ecohen(a)redhat.com>, "Vojtech Szocs" <vszocs(a)redhat.com>, "Alona Kaplan" <alkaplan(a)redhat.com>, > "Tal Nisan" <tnisan(a)redhat.com> > Sent: Thursday, April 25, 2013 3:23:56 AM > Subject: Change in ovirt-engine[master]: webadmin: DataCenters main-tab: sub-tabs resizable columns > > Gilad Chaplik has posted comments on this change. > > Change subject: webadmin: DataCenters main-tab: sub-tabs resizable columns > ...................................................................... > > > Patch Set 4: > > why we need to invoke getTable().enableColumnResizing() on each sub-tab? > don't we want all grid subtabs to have column resizing? > > -- > To view, visit http://gerrit.ovirt.org/14105 > To unsubscribe, visit http://gerrit.ovirt.org/settings > > Gerrit-MessageType: comment > Gerrit-Change-Id: I71465d36e5c18ecb8eb6dbca436feaeea1c902a9 > Gerrit-PatchSet: 4 > Gerrit-Project: ovirt-engine > Gerrit-Branch: master > Gerrit-Owner: Daniel Erez <derez(a)redhat.com> > Gerrit-Reviewer: Alona Kaplan <alkaplan(a)redhat.com> > Gerrit-Reviewer: Daniel Erez <derez(a)redhat.com> > Gerrit-Reviewer: Einav Cohen <ecohen(a)redhat.com> > Gerrit-Reviewer: Gilad Chaplik <gchaplik(a)redhat.com> > Gerrit-Reviewer: Tal Nisan <tnisan(a)redhat.com> > Gerrit-Reviewer: Vojtech Szocs <vszocs(a)redhat.com> >

11 years, 7 months

4
7
0 / 0

[Engine-devel] Proposal to make REST API more webapp-friendly

by Vojtech Szocs

Hi guys, having worked with Engine REST API from web application (JavaScript) perspective, there are things that could be improved to make REST API more webapp-friendly. First of all, webapps are *not* traditional HTTP clients, i.e. they have *not* full control over HTTP processing. There are some standard conventions and behaviors built into web browsers that any REST API implementation should be aware of. -- (1) Don't force clients to use cookies for transmitting authentication information! (or don't use cookies at all) Good explanation can be found at [http://www.berenddeboer.net/rest/cookies.html]. Cookies have many disadvantages: * cookie parsing/formatting is not trivial --> extra complexity imposed on REST clients * in addition to Same-Origin Policy [http://en.wikipedia.org/wiki/Same_origin_policy], cookies can be get/set *only* for the given path --> JavaScript running at [http://example.com/webapp] *cannot* get/set cookies from requests at [http://example.com/restapi] * cookies are the primary source of Cross-Site Request Forgery [http://en.wikipedia.org/wiki/Cross-site_request_forgery] attacks --> malicious websites/scripts can forge requests to REST API that will include the cookie, compromising user session Alternative: clients could be given the *option* to use regular HTTP header for transmitting authentication information. For example, webapp could read such (sensitive information) header, store it securely via HTML5 Session Storage [http://en.wikipedia.org/wiki/Web_storage] and implement related HTTP processing on its own, e.g. pass this header for all authenticated requests (instead of pushing this responsibility to browser). -- (2) Straight-forward HTTP Basic Auth has some drawbacks! HTTP Basic Auth [http://en.wikipedia.org/wiki/Basic_access_authentication] over (non-secure) HTTP connection means sending user credentials (username/password/domain) in easy-to-decode cleartext, i.e. the value is *not* encrypted or hashed in any way. Using secure lower-level protocol (SSL) fixes the consequence, rather than the root cause of the confidentiality issue. Furthermore, browsers typically remember HTTP Basic Auth information (either via browser-specific popup, or via XmlHttpRequest) until the browser window is closed. This means the webapp has no control over HTTP Basic Auth header after it has been set! This is the reason why it's hard to implement "logout" functionality in webapps when using HTTP Basic Auth. Last but not least, HTTP Basic Auth is vulnerable to Replay attacks [http://en.wikipedia.org/wiki/Replay_attack]. Someone between client and server can intercept requests and replay them, compromising user session. Alternative: clients could be given the *option* to use more advanced authentication scheme. I've just read an excellent article at [http://www.thebuzzmedia.com/designing-a-secure-rest-api-without-oauth-aut...] which describes easy yet secure authentication scheme inspired by Amazon Web Services REST API authentication [http://docs.aws.amazon.com/AmazonS3/latest/dev/RESTAuthentication.html]. The idea is simple: collect auth information, hash (sign) it with a private key, and send everything to server. To guard against Replay attacks, just provide some timestamp to enforce request expiry after some time (say, 5-15 minutes). Easy and simple! -- (3) Support JSON for resource representations! I think this is pretty much obvious. XML has no real advantages over JSON. JSON, on the other hand, has good support in webapps (JavaScript) and maps directly to common data structures (i.e. string, number, boolean, and so on). >From webapp perspective, it's much easier and natural to use JSON than to parse/format XML documents. Alternative: clients could be given the *option* to use JSON, in addition to XML representation. -- Vojtech

11 years, 7 months

4
8
0 / 0

[Engine-devel] UiCommon models in UserPortal - note about optimization logic

by Vojtech Szocs

Hi, recently we faced an issue [1] where UserPortal UI refresh optimization logic [2] interfered with direct UiCommon model updates. The optimization logic compares freshly received data with existing data and doesn't trigger UI refresh when there's no change. This inherently implies that UiCommon SearchableListModel shouldn't manipulate its item data directly, or it risks the situation when the optimization logic thinks there's no change (data retrieved from server matches updated item data). (Possible improvement: add "dirty" flag to item model type (UserPortalItemModel) that would be called when UiCommon SearchableListModel does direct item manipulation.) Vojtech [1] http://gerrit.ovirt.org/#/c/14148/ [2] AbstractUserPortalListProvider.updateDataProvider method override

11 years, 7 months

1
0
0 / 0

[Engine-devel] find-bugs errors - please investigate/fix

by Einav Cohen

ovirt find-bugs errors in jenkins - please investigate/fix asap. [@Eyal - FYI: some of them seem really strange - see Michal's section below] @Sahina Bose: find-bugs error details: http://jenkins.ovirt.org/job/ovirt_engine_find_bugs/4064/findbugsResult/N... caused by: http://gerrit.ovirt.org/#/c/13831/ @Michael Kublin: find-bugs error details: http://jenkins.ovirt.org/job/ovirt_engine_find_bugs/4064/findbugsResult/N... caused by: http://gerrit.ovirt.org/#/c/13740/ @Michal Skrivanek: the following seem strange - can you please investigate? could be false positives. - find-bugs error details: http://jenkins.ovirt.org/job/ovirt_engine_find_bugs/4064/findbugsResult/N... [not sure when introduced - seems old, hence I suspect it is a false positive] - Two additional errors in the same file as ^^^, you can see them at: http://jenkins.ovirt.org/job/ovirt_engine_find_bugs/4064/findbugsResult/N... when clicking on them, there aren't any details, however according to their tool-tips, it seems to be an "unreachable OnSuccess method within an anonymous class" or something similar. - another suspicious error is in VmListModel.java: http://jenkins.ovirt.org/job/ovirt_engine_find_bugs/4064/findbugsResult/N... [again - not sure when introduced - seems old, hence I suspect it is a false positive] ---- Thanks, Einav

11 years, 7 months

5
6
0 / 0

[Engine-devel] Database Caching

by Liran Zelkha

Hi I've created Change I04d7edea (http://gerrit.ovirt.org/#/c/14188/) that adds automatic database caching capabilities to the engine. To cache a business entity, just add an annotation called TimeToLiveInCache that accepts as a parameter the number of seconds this object can live in the cache until it is refreshed from the database. The next stage is improving the cache update mechanism, using Infinispan, and the ability to capture more query types. Would love input and suggestions. Thanks, Liran

11 years, 7 months

1
0
0 / 0

[Engine-devel] storage overallocation ratio

by Michal Skrivanek

Hi, I was trying to find out how is this actually calculated. Doesn't look very straightforward…:) I'm curious about the following - vdsm reports something like truesize and apparentsize which IIUC should be distinct but then in engine, in backend/manager/modules/vdsbroker/src/main/java/org/ovirt/engine/core/vdsbroker/irsbroker/GetImageInfoVDSCommand.java it's written to the same engine property actual_size. That doesn't sound right. Can someone enlighten me please? Thanks, michal

11 years, 7 months

2
1
0 / 0

[Engine-devel] rewrite the engine-notifier service wrapper

by Alon Bar-Lev

Hello, After finish to cleanup the engine-service to use downstream services and be portable to other distributions (upstart, openrc), we can use the same infrastructure for the engine notifier script. It is very similar to the engine-service in operation (running java), except it is written in bash instead of python and has no systemd support, and have its own configuration. What I suggest is to rewrite the notifier service in python and reuse the engine-service code. Also, drop the /etc/ovirt-engine/notifier/notifier.conf in favor of variables within the /etc/ovirt-engine/engine.conf[.d/*], this will provide a single point of configuration for all services. And of course proper systemd support and development environment support. Any comments? thoughts? Alon

11 years, 7 months

3
2
0 / 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

Devel April 2013