diff options
| author | Don Dugger <donald.d.dugger@intel.com> | 2012-05-08 18:30:57 -0600 |
|---|---|---|
| committer | Don Dugger <donald.d.dugger@intel.com> | 2012-05-28 23:01:42 -0600 |
| commit | 14c01e09b68b367d708c6ddd6f3d4e440687727c (patch) | |
| tree | c1fdbb6b1b41e75a974089ae4544a4ae819dac6b /tools/hacking.py | |
| parent | d7e613dabc2dbc28d9405a5b450dc2b4dfa9d47b (diff) | |
| download | nova-14c01e09b68b367d708c6ddd6f3d4e440687727c.tar.gz nova-14c01e09b68b367d708c6ddd6f3d4e440687727c.tar.xz nova-14c01e09b68b367d708c6ddd6f3d4e440687727c.zip | |
Add scheduler filter for trustedness of a host
Implements blueprint trusted-computing-pools
Add a scheduling filter that filters based upon the trustedness of
a node. A request is sent to the attestation service to disover the
trustedness of the target node and, only if it matches the `trust_host'
key/value pair in the `extra_specs' for the instance type, then the
instance can be started on that node. More details can be found in the
docspec for the filter in:
nova/scheduler/filters/trusted_filter.py
To setup an attestation server go to the Open Attestation Project at:
https://github.com/OpenAttestation/OpenAttestation
Also add 5 tests for the new filter that verifies:
1) Schedule works with no trust in the extra specs
2) Schedule works with trusted instance and trusted host
3) Schedule works with untrusted instance and untrusted host
4) Schedule fails with trusted instance and untrusted host
5) Scheduel fails with untrusted instance and trusted host
Signed-off-by: Don Dugger <donald.d.dugger@intel.com>
Signed-off-by: Fred Yang <fred.yang@intel.com>
Change-Id: Iafa6aed8061f6cd4630367553aee14bd4b0263e2
Diffstat (limited to 'tools/hacking.py')
0 files changed, 0 insertions, 0 deletions