[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] [PATCH RFC v3 for-2.9 09/11] rbd: Revert -blockdev para

From: Max Reitz
Subject: Re: [Qemu-devel] [PATCH RFC v3 for-2.9 09/11] rbd: Revert -blockdev parameter password-secret
Date: Mon, 3 Apr 2017 14:42:48 +0200
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.8.0

On 03.04.2017 13:37, Daniel P. Berrange wrote:
> On Mon, Mar 27, 2017 at 03:26:33PM +0200, Markus Armbruster wrote:
>> This reverts a part of commit 8a47e8e.  We're having second thoughts
>> on the QAPI schema (and thus the external interface), and haven't
>> reached consensus, yet.  Issues include:
>> * BlockdevOptionsRbd member @password-secret isn't actually a
>>   password, it's a key generated by Ceph.
>> * We're not sure where member @password-secret belongs (see the
>>   previous commit).
>> * How @password-secret interacts with settings from a configuration
>>   file specified with @conf is undocumented.  I suspect it's untested,
>>   too.
>> Let's avoid painting ourselves into a corner now, and revert the
>> feature for 2.9.
>> Note that users can still configure an authentication key with a
>> configuration file.  They probably do that anyway if they use Ceph
>> outside QEMU as well.
> NB, this makes blockdev-add largely useless for RBD from libvirt's POV,
> since we rely on the password-secret facility working to support apps
> like openstack which won't configure the global config file for RBD.
> Not a regression though, since blockdev-add is new - just means we won't
> be able to use the new feature yet :-(

How does it make blockdev-add totally useless? The only thing you cannot
do is set passwords for rbd. Can this not be added as a new feature in
the future?


Attachment: signature.asc
Description: OpenPGP digital signature

reply via email to

[Prev in Thread] Current Thread [Next in Thread]