Open Stack

Yuriy Taraday wrote:
> On Thu, Mar 20, 2014 at 5:41 PM, Miguel Angel Ajo <majopela at redhat.com
> <mailto:majopela at redhat.com>> wrote:
>>        If this coupled to neutron in a way that it can be accepted for
>>     Icehouse (we're killing a performance bug), or that at least it can
>>     be y backported, you'd be covering both the short & long term needs.
> 
> As I said on the meeting I plan to provide change request to Neutron
> with some integration with this patch.
> I'm also going to engage people involved in rootwrap about my change
> request.

Temporarily removing my rootwrap maintainer hat and putting on my
OpenStack release manager hat: as you probably know we are well into
Icehouse feature freeze at this point, and there is no way I would
consider such a significant change for inclusion in the Icehouse release
at this point.

The work on both the daemon and the shedskin stuff is very promising,
but the nature of this beast makes it necessary to undergo a lot of
testing and security audits before it can be accepted. Not exactly
something I'd consider 4 weeks before a final release.

Frankly, this issue has been on the table forever and this is just the
wrong timing to rush a new implementation to fix it.

I filed a rootwrap session for the Juno Design summit -- ideally we'll
have various solutions ready by then and we'd make the final choice for
early integration in Juno, leaving plenty of time to catch the weird
regressions (or security holes) that it may cause.

-- 
Thierry Carrez (ttx)