[Engine-devel] Design wiki page for trusted compute pools integration with oVirt has been updated

Doron Fediuck dfediuck at redhat.com
Sun Apr 21 15:58:01 UTC 2013



----- Original Message -----
> From: "Wei D Chen" <wei.d.chen at intel.com>
> To: "Ofri Masad" <omasad at redhat.com>
> Cc: "Oved Ourfalli" <ovedo at redhat.com>, engine-devel at ovirt.org
> Sent: Sunday, April 21, 2013 4:00:55 PM
> Subject: Re: [Engine-devel] Design wiki page for trusted compute pools integration with oVirt has been updated
> 
> Ofri,
> 
> Absolutely right, aggregated query has a significantly time improve compared
> to separated queries. I agree a aggregated query on engine's starting. Is it
> possible to invoke attestation service in engine's initialization code block
> instead of "quartz job"? Is there any class similar with "
> InitVdsOnUpCommand " for engine's initialization?
> 
> Best Regards,
> Dave Chen
> 
org.ovirt.engine.core.bll.Backend.Initialize()

Note you cannot block this method while waiting for results.
Instead I suggest you fire a one-time background request from
this method.


> -----Original Message-----
> From: Ofri Masad [mailto:omasad at redhat.com]
> Sent: Sunday, April 21, 2013 3:29 PM
> To: Chen, Wei D
> Cc: Oved Ourfalli; engine-devel at ovirt.org; Itamar Heim
> Subject: Re: [Engine-devel] Design wiki page for trusted compute pools
> integration with oVirt has been updated
> 
> Dave,
> 
> If I'm not mistaking, there is a big difference between separated queries to
> the attestation server and aggregated one?
> Is it true?
> 
> Thanks,
> Ofri
> 
> ----- Original Message -----
> > From: "Itamar Heim" <iheim at redhat.com>
> > To: "Ofri Masad" <omasad at redhat.com>
> > Cc: "Oved Ourfalli" <ovedo at redhat.com>, "Wei D Chen"
> > <wei.d.chen at intel.com>, engine-devel at ovirt.org
> > Sent: Sunday, April 21, 2013 10:20:17 AM
> > Subject: Re: [Engine-devel] Design wiki page for trusted compute pools
> > integration with oVirt has been updated
> > 
> > On 04/21/2013 10:13 AM, Ofri Masad wrote:
> > > Hi,
> > > One more thing we need to think about for the second approach -
> > > aggregated query. On engine start we need to determine the trust
> > > state of all the hosts. sending a separate query for each host will
> > > overload the attestation host and the network. an initial aggregated
> > > query needs to be send when the engine starts.
> > > Same thing can happen after management network fail and so on.
> > > Maybe we can run a quartz job every x minutes, checking if a large
> > > part of the hosts in the cluster (like 30%) are untrusted - in that
> > > case run the aggregated query.
> > 
> > are we sure this optimization is needed?
> > how heavy/latent is the call to the attestation service?
> > 
> _______________________________________________
> Engine-devel mailing list
> Engine-devel at ovirt.org
> http://lists.ovirt.org/mailman/listinfo/engine-devel
> 



More information about the Engine-devel mailing list