[Openstack] trusted computing and nova

Michael Pittaro mikeyp at lahondaresearch.org
Fri Dec 9 17:46:49 UTC 2011

On Thu, Dec 8, 2011 at 2:27 PM, Mark Washenberger
<mark.washenberger at rackspace.com> wrote:
> Does code specific to Trusted Computing belong in Nova? It seems like it should be supported through Scheduler plugins and API plugins (if necessary). It seems like the ideas of attestation and trusted computing are tangential to the core of Nova.
> I can easily imagine a lot of scheduler variations that Nova should support. Adding custom code to nova for each variation would probably lead to a lot of extra complexity. However, the current trusted computing blueprint sets the precedent that each such variation deserves its own custom code (which nova developers are then presumably expected to support).

I think we need to make sure the appropriate hook's are in place so it
can be added, but beyond that I see an explosion of variations and

My initial impression, like yours, is that it can be accomplished in a
custom scheduler.  But I'm not a trusted computing expert, so I'd be
interested in hearing why that wouldn't work, and what additional
hooks might be needed.

> Context:
> https://blueprints.launchpad.net/nova/+spec/trusted-computing-pools
> http://wiki.openstack.org/TrustedComputingPools
> https://review.openstack.org/1899

More information about the Openstack mailing list