ou...@jhuapl.edu]
Sent: Wednesday, September 09, 2015 9:54 AM
To: OpenStack Development Mailing List (not for usage
questions)
Cc: stuart.mcla...@hp.com
Subject: Re: [openstack-dev] [glance] [nova]
Verification of
to reside
>> in Glance
>>In a "killed" state. This would be less of an issue
>> "killed"
>> images still
>> consume storage quota until actually deleted.
>>Also given MD-5 less secure,
Malini
-Original Message-
From: Poulos, Brianna L. [mailto:brianna.pou...@jhuapl.edu]
Sent: Wednesday, September 09, 2015 9:54 AM
To: OpenStack Development Mailing List (not for usage
questions)
Cc:
quot; state. This would be less of an issue "killed" images
>>>> still
>>>> consume storage quota until actually deleted.
>>>> Also given MD-5 less secure, why not have the default hash be SHA-1
>>>> or 2?
>>>> Regards
>>&g
r 2?
Regards
Malini
-Original Message-
From: Poulos, Brianna L. [mailto:brianna.pou...@jhuapl.edu]
Sent: Wednesday, September 09, 2015 9:54 AM
To: OpenStack Development Mailing List (not for usage questions)
Cc: stuart.mcla...@hp.com
Subject: Re: [openstack-dev] [glance] [nova] Verification o
uota until actually deleted.
>> Also given MD-5 less secure, why not have the default hash be SHA-1 or 2?
>> Regards
>> Malini
>>
>> -Original Message-
>> From: Poulos, Brianna L. [mailto:brianna.pou...@jhuapl.edu]
>> Sent: Wednesday, September 09, 2015 9:54 AM
t;From: Poulos, Brianna L. [mailto:brianna.pou...@jhuapl.edu]
>Sent: Wednesday, September 09, 2015 9:54 AM
>To: OpenStack Development Mailing List (not for usage questions)
>Cc: stuart.mcla...@hp.com
>Subject: Re: [openstack-dev] [glance] [nova] Verification of glance
>images before boot
&
: Re: [openstack-dev] [glance] [nova] Verification of glance images
before boot
Stuart is right about what will currently happen in Nova when an image is
downloaded, which protects against unintentional modifications to the image
data.
What is currently being worked on is adding the ability to ve
On 09/09/2015 10:53 AM, Poulos, Brianna L. wrote:
Stuart is right about what will currently happen in Nova when an image is
downloaded, which protects against unintentional modifications to the
image data.
What is currently being worked on is adding the ability to verify a
signature of the check
Stuart is right about what will currently happen in Nova when an image is
downloaded, which protects against unintentional modifications to the
image data.
What is currently being worked on is adding the ability to verify a
signature of the checksum. The flow of this is as follows:
1. The user cr
That's correct.
The size and the checksum are to be verified outside of Glance, in this
case Nova. However, you may want to note that it's not necessary that
all Nova virt drivers would use py-glanceclient so you would want to
check the download specific code in the virt driver your Nova deploymen
The glance client (running 'inside' the Nova server) will re-calculate
the checksum as it downloads the image and then compare it against the
expected value. If they don't match an error will be raised.
How can I know that the image that a new instance is spawned from - is
actually the image th
How can I know that the image that a new instance is spawned from - is
actually the image that was originally registered in glance - and has
not been maliciously tampered with in some way?
Is there some kind of verification that is performed against the md5sum
of the registered image in glance
13 matches
Mail list logo
