On 04/18/2018 01:14 PM, Matt Riedemann wrote:
On 4/18/2018 12:09 PM, Chris Friesen wrote:
If this happens, is it clear to the end-user that the reason the boot
failed is that the cloud doesn't support trusted cert IDs for
boot-from-vol? If so, then I think that's totally fine.
If you're creating an image-backed server and requesting specific
trusted certs, you'll get by the API but could land on a compute host
that doesn't support image validation, like any non-libvirt driver, and
at that point the trusted certs request is ignored.
We could fix that the same way I've proposed we fix it for boot from
volume with multiattach volumes in that the compute node resource
provider would have a trait on it for the capability, and we'd add a
placement request filter that detects, from the RequestSpec, that you're
trying to do this specific thing that requires a compute that supports
that capability, otherwise you get NoValidHost.
+1
Still looking for reviews on https://review.openstack.org/#/c/546713/.
Thanks,
-jay
__________________________________________________________________________
OpenStack Development Mailing List (not for usage questions)
Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
