<html><head></head><body>Hi,<br><br>Very good point about the naming.<br><br>My quick opinion is that ephemeral is not perfect but was used for years so some users are used to it anyway.<br>Renaming now should be for a very understandable naming.<br><br>Anyway, I'll forward this to some of my colleagues that could have a much stronger opinion on this.<br><br>Cheers,<br>Arnaud<br><br><div class="gmail_quote">Le 14 juillet 2022 01:16:58 GMT+02:00, melanie witt <melwittt@gmail.com> a écrit :<blockquote class="gmail_quote" style="margin: 0pt 0pt 0pt 0.8ex; border-left: 1px solid rgb(204, 204, 204); padding-left: 1ex;">
<pre dir="auto" class="k9mail">Hi everyone,<br><br>A potential issue regarding naming has come up during review of the <br>ephemeral storage encryption feature [1][2] patch series [3] and we're <br>looking for input before moving forward with any naming/terminology <br>changes across the specs and the entire patch series.<br><br>The concern that has been raised is around use of the term "ephemeral" <br>for the name of this feature including traits, extra specs, and image <br>properties [4].<br><br>For context, the objective of this feature is to provide users with the <br>ability to specify that all local disks for the instance be encrypted. <br>This includes the root disk and any other local disks.<br><br>The initial concern is around use of the word "ephemeral" for the root disk.<br><br>My general interpretation of the word "ephemeral" for storage in nova <br>has been that it means attached storage that only persists for the <br>lifetime of the instance and is destroyed if and when the instance is <br>destroyed. This is in contrast to attached cinder volumes which can <br>persist after instance deletion.<br><br>But should "ephemeral" ever be used to describe a root disk? Is it <br>incorrect and/or ambiguous to refer to it as such?<br><br>This is part of what is being discussed in [4].<br><br>During discussion, I also realized there is a separate gap in the above <br>interpretation of "ephemeral" in nova. When cinder volumes are attached <br>to an instance, their persistence after the instance is deleted depends <br>on whether the 'delete_on_termination' attribute is set to true in the <br>request payload when the instance is created [5] or when attaching a <br>volume to the instance [6] or updating a volume attached to the instance <br>[7].<br><br>This means that in the currently proposed patches, if a user specifies <br>hw:ephemeral_encryption in the extra_specs, for example, and they also <br>have a volume with delete_on_termination=True attached, only the root <br>disk will be encrypted via the extra spec -- the volume would not be <br>encrypted. Encryption of the volume has to be requested in cinder.<br><br>Could this mislead a user into thinking both the root disk and cinder <br>volume are encrypted when only the root disk is?<br><br>Because of the above issues, we are considering whether we should change <br>the terminology used in this feature at this stage. Some ideas include <br>"local encryption", "local disk encryption", "disk encryption". IMHO <br>"disk_encryption" is ambiguous in its own way because an attached cinder <br>volume also has a disk.<br><br>Changing the naming will be a non-trivial amount of work, so we wanted <br>to get additional input before going ahead with such a change.<br><br>Another thing noted in a comment on another patch in the series [8] is <br>that the os-traits for this feature have already been merged [9]. If we <br>decide to change the naming, should we go ahead and use these traits <br>as-is and have them not match the naming in nova or should we deprecate <br>them and add new traits that match the new name and use those?<br><br>I hope this makes sense and your input would be much appreciated.<br><br>Cheers,<br>-melwitt<br><br>[1] <br><a href="https://specs.openstack.org/openstack/nova-specs/specs/yoga/approved/ephemeral-storage-encryption.html">https://specs.openstack.org/openstack/nova-specs/specs/yoga/approved/ephemeral-storage-encryption.html</a><br>[2] <br><a href="https://specs.openstack.org/openstack/nova-specs/specs/yoga/approved/ephemeral-encryption-libvirt.html">https://specs.openstack.org/openstack/nova-specs/specs/yoga/approved/ephemeral-encryption-libvirt.html</a><br>[3] <br><a href="https://review.opendev.org/q/topic:specs%252Fyoga%252Fapproved%252Fephemeral-encryption-libvirt">https://review.opendev.org/q/topic:specs%252Fyoga%252Fapproved%252Fephemeral-encryption-libvirt</a><br>[4] <br><a href="https://review.opendev.org/c/openstack/nova/+/764486/10/nova/api/validation/extra_specs/hw.py#516">https://review.opendev.org/c/openstack/nova/+/764486/10/nova/api/validation/extra_specs/hw.py#516</a><br>[5] <br><a href="https://docs.openstack.org/api-ref/compute/?expanded=create-server-detail#create-server">https://docs.openstack.org/api-ref/compute/?expanded=create-server-detail#create-server</a><br>[6] <br><a href="https://docs.openstack.org/api-ref/compute/?expanded=attach-a-volume-to-an-instance-detail">https://docs.openstack.org/api-ref/compute/?expanded=attach-a-volume-to-an-instance-detail</a><br>[7] <br><a href="https://docs.openstack.org/api-ref/compute/?expanded=update-a-volume-attachment-detail">https://docs.openstack.org/api-ref/compute/?expanded=update-a-volume-attachment-detail</a><br>[8] <br><a href="https://review.opendev.org/c/openstack/nova/+/760456/10/nova/scheduler/request_filter.py#425">https://review.opendev.org/c/openstack/nova/+/760456/10/nova/scheduler/request_filter.py#425</a><br>[9] <br><a href="https://github.com/openstack/os-traits/blob/f64d50e4dd2f21558fb73dd4b59cd1d4b121b707/os_traits/compute/ephemeral.py">https://github.com/openstack/os-traits/blob/f64d50e4dd2f21558fb73dd4b59cd1d4b121b707/os_traits/compute/ephemeral.py</a><br><br></pre></blockquote></div></body></html>