[Openstack-operators] [openstack-dev] [nova] Is verification of images in the image cache necessary?
mbooth at redhat.com
Wed May 25 11:28:15 UTC 2016
On Tue, May 24, 2016 at 10:21 PM, Michael Still <mikal at stillhq.com> wrote:
> On Wed, May 25, 2016 at 3:28 AM, Dan Smith <dms at danplanet.com> wrote:
>> > It was my impression we were trying to prevent bitrot, not defend
>> > against an attacker that has gained control over the compute node.
>> I think we've established that addressing bitrot at the nova layer is
>> (far) out of scope and not something we want or need to do in nova.
> Hi, guy from awkward timezone here.
> I wrote this code, in approximately the diablo timeline. So, its been
> around for a long time (before pluggable instance storage backends for
> Originally I wanted to just write the cache cleaner, because that was the
> bit I really needed in my deployment. The image verification thing was
> added at the request of the PTL at the time, presumably for good reasons I
> can't recall any more.
> That said, I think its time has passed. It cases a lot of disk IO,
> especially if you imagine that we're trying to do a checksum on a file that
> might be 100gb. If people really care about this sort of thing, I think an
> optional boot time verification per instance would be a reasonable path to
> So, I vote for removing image verification (but not image cache cleaning).
Thanks, Michael. Patch posted here:
Take a moment to revel in the diffstat:
nova/tests/unit/virt/libvirt/test_imagecache.py | 265
nova/virt/libvirt/imagecache.py | 211 +------------------
2 files changed, 23 insertions(+), 453 deletions(-)
Happy Wednesday :)
Red Hat Engineering, Virtualisation Team
Phone: +442070094448 (UK)
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the OpenStack-operators