[Engine-devel] Open Attestation integration with oVirt engine proposal, how to improve engine's performance?
11:42 a.m.
Open Attestation is a project aim to enable basic open sourced SDK with Intel TXT
technology to get node's trustworthiness in a cloud usage environment. Integration
Open Attestation with Ovirt will definitely provide a more secure cloud ecosystem which
will give end user a choice of whether guest virtual machine need launch on a trusted host
server or not.
Initially, we want to attest the host's trustworthiness every time when every guest
virtual machine launch on the host, thanks to Doron Fediuck's reminding, we just need
attest the host at the first request and cache the result for subsequent requests is
enough, further, we want to bring down server's response time in case of large
concurrence request. To resolve/improve engine's performance, we decide to tackle this
issue by caching all of node's trustworthiness while the first guest virtual
machine's launching, this will take a little longer before its running. Node's
trustworthiness would be stored in database or just in system memory, the value will be
effective within one hour or so, of course, the period of validity could be configured,
node's status need to be updated in the case of end user reboot the virtual machine
and the duration exceed valid time.
Does this acceptable and any good suggestion?
Some details can be found in this link: http://wiki.ovirt.org/Trusted_compute_pools
Best Regards,
Dave Chen
7:07 p.m.
----- Original Message -----
From: "Wei D Chen" <wei.d.chen(a)intel.com>
To: "engine-devel(a)ovirt.org" <engine-devel(a)ovirt.org>
Cc: "Lijuan Zhang" <lijuan.zhang(a)intel.com>
Sent: Monday, January 28, 2013 10:42:19 AM
Subject: [Engine-devel] Open Attestation integration with oVirt engine proposal, how to
improve engine's performance?
Open Attestation is a project aim to enable basic open sourced SDK
with Intel TXT technology to get node's trustworthiness in a cloud
usage environment. Integration Open Attestation with Ovirt will
definitely provide a more secure cloud ecosystem which will give end
user a choice of whether guest virtual machine need launch on a
trusted host server or not.
Initially, we want to attest the host's trustworthiness every time
when every guest virtual machine launch on the host, thanks to Doron
Fediuck's reminding, we just need attest the host at the first
request and cache the result for subsequent requests is enough,
further, we want to bring down server's response time in case of
large concurrence request. To resolve/improve engine's performance,
we decide to tackle this issue by caching all of node's
trustworthiness while the first guest virtual machine's launching,
this will take a little longer before its running. Node's
trustworthiness would be stored in database or just in system
memory, the value will be effective within one hour or so, of
course, the period of validity could be configured, node's status
need to be updated in the case of end user reboot the virtual
machine and the duration exceed valid time.
Does this acceptable and any good suggestion?
Some details can be found in this link:
http://wiki.ovirt.org/Trusted_compute_pools
Best Regards,
Dave Chen
Hi Dave,
As already commented in a different thread, I think moving the trust
constraint from VM level to cluster level may do you good. Current
design suggests that VMs may fail to migrate because there's no trusted
host in the current cluster. However, if you decide that all hosts in the
cluster must be trusted, than this will remove the need to check it for
each VM. You will need a quartz job running to perform the attestation
verification for every host one in a given (configurable) time. If attestation
fail you may choose to move this host into a different status until its
attestation level is handled.
4302
days inactive
4315
days old
1 comments
2 participants
participants (2)
-
Chen, Wei D -
Doron Fediuck