Dave Chen has posted comments on this change.
Change subject: engine:Trusted Compute Pools - Open Attestation integration
with oVirt engine proposal
......................................................................
Patch Set 10: (9 inline comments)
....................................................
File
backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/attestationbroker/AttestThread.java
Line 65: i++;
Line 66: }
Line 67: }
Line 68:
Line 69: public void initVds() {
Omer, I am not quite understand "polling will not start for these hosts", would
you give me more backgroud information?
as to save the status in the db, you mean save host's status, 'nonoperational'
in this place in db?
Line 70: for (VDS vds : vdss) {
Line 71: vds.setStatus(VDSStatus.NonOperational);
Line 72:
vds.setNonOperationalReason(NonOperationalReason.UNINITIALIZED);
Line 73: }
....................................................
File
backend/manager/modules/vdsbroker/src/main/java/org/ovirt/engine/core/vdsbroker/attestation/AttestationService.java
Line 28: private static final String HEADER_VTIME = "vtime";
Line 29: private static final String CONTENT_TYPE = "application/json";
Line 30: private static final AttestationService instance = new
AttestationService();
Line 31: private static final Log log =
LogFactory.getLog(AttestationService.class);
Line 32: private final HashMap<String, AttestationResultEnum>
attestationValues = new HashMap<String, AttestationResultEnum>();
I my testing, the same hostname is not allowed even in different cluster, so, i
am not quite sure which usecase is needed for mapping
GUID->AttestationResultEnum.
Line 33:
Line 34: public static HttpClient getClient() {
Line 35: HttpClient httpClient = new HttpClient();
Line 36: if (Config
....................................................
File
backend/manager/modules/vdsbroker/src/main/java/org/ovirt/engine/core/vdsbroker/ResourceManager.java
Line 165: status = VDSStatus.Unassigned;
Line 166: break;
Line 167: }
Line 168: if (vds.getTrustedService()){
Line 169: status = VDSStatus.Unassigned;
As we discussed previously, the host added into cluster will be set to
"unassigned" at first, the status will be reset when
"InitVdsOnUpCommand:executeCommand()" is invoked.
Line 170: }
Line 171: if (status != vds.getStatus()) {
Line 172: vdsManager.setStatus(status, vds);
Line 173:
vdsManager.UpdateStatisticsData(vds.getStatisticsData());
....................................................
File
backend/manager/modules/vdsbroker/src/main/java/org/ovirt/engine/core/vdsbroker/VdsManager.java
Line 406: "Succeeded to refreshCapabilities for host
{0} , new status will be {1} ",
Line 407: getVdsId(),
Line 408: newStatus);
Line 409: }
Line 410: if (vds.getTrustedService()){
Done
Line 411: List <String> hosts = new ArrayList<String> ();
Line 412: hosts.add(vds.getHostName());
Line 413: AttestationValue value =
AttestationService.getInstance().attestHosts(hosts).get(0);
Line 414:
AttestationCacheManager.getInstance().updateCache(value);
Line 407: getVdsId(),
Line 408: newStatus);
Line 409: }
Line 410: if (vds.getTrustedService()){
Line 411: List <String> hosts = new ArrayList<String> ();
Done
Line 412: hosts.add(vds.getHostName());
Line 413: AttestationValue value =
AttestationService.getInstance().attestHosts(hosts).get(0);
Line 414:
AttestationCacheManager.getInstance().updateCache(value);
Line 415: if (value.getTrustLevel() ==
AttestationResultEnum.TRUSTED) {
Line 410: if (vds.getTrustedService()){
Line 411: List <String> hosts = new ArrayList<String> ();
Line 412: hosts.add(vds.getHostName());
Line 413: AttestationValue value =
AttestationService.getInstance().attestHosts(hosts).get(0);
Line 414:
AttestationCacheManager.getInstance().updateCache(value);
Done
Line 415: if (value.getTrustLevel() ==
AttestationResultEnum.TRUSTED) {
Line 416: vds.setStatus(VDSStatus.Up);
Line 417: } else {
Line 418: vds.setStatus(VDSStatus.NonOperational);
....................................................
File
backend/manager/modules/vdsbroker/src/main/java/org/ovirt/engine/core/vdsbroker/VdsUpdateRunTimeInfo.java
Line 524: }
Line 525: } else {
Line 526: // refresh dynamic data
Line 527: final AtomicBoolean processHardwareNeededAtomic = new
AtomicBoolean();
Line 528: boolean checkOtherParams = _vds.getTrustedService()?
false: true;
Done
Line 529: if (_vds.getTrustedService()){
Line 530: AttestationResultEnum trustLevel =
AttestationService.getInstance().getAttestationValues().remove(_vds.getHostName());
Line 531: if (trustLevel != null && trustLevel !=
AttestationResultEnum.TRUSTED){
Line 532: _vds.setStatus(VDSStatus.NonOperational);
Line 524: }
Line 525: } else {
Line 526: // refresh dynamic data
Line 527: final AtomicBoolean processHardwareNeededAtomic = new
AtomicBoolean();
Line 528: boolean checkOtherParams = _vds.getTrustedService()?
false: true;
Done
Line 529: if (_vds.getTrustedService()){
Line 530: AttestationResultEnum trustLevel =
AttestationService.getInstance().getAttestationValues().remove(_vds.getHostName());
Line 531: if (trustLevel != null && trustLevel !=
AttestationResultEnum.TRUSTED){
Line 532: _vds.setStatus(VDSStatus.NonOperational);
Line 526: // refresh dynamic data
Line 527: final AtomicBoolean processHardwareNeededAtomic = new
AtomicBoolean();
Line 528: boolean checkOtherParams = _vds.getTrustedService()?
false: true;
Line 529: if (_vds.getTrustedService()){
Line 530: AttestationResultEnum trustLevel =
AttestationService.getInstance().getAttestationValues().remove(_vds.getHostName());
yes, this is also a suggestion got from someone else, the purpose is to keep
all of value in the hashmap is needed and necessary. Emily will forward you the
email once she back to work.
Line 531: if (trustLevel != null && trustLevel !=
AttestationResultEnum.TRUSTED){
Line 532: _vds.setStatus(VDSStatus.NonOperational);
Line 533:
_vds.setNonOperationalReason(NonOperationalReason.UNTRUSTED);
Line 534: _saveVdsDynamic = true;
--
To view, visit http://gerrit.ovirt.org/14605
To unsubscribe, visit http://gerrit.ovirt.org/settings
Gerrit-MessageType: comment
Gerrit-Change-Id: I8ce3448a821c74521d277f92f2c8d63ba0accfed
Gerrit-PatchSet: 10
Gerrit-Project: ovirt-engine
Gerrit-Branch: master
Gerrit-Owner: Dave Chen <wei.d.c...@intel.com>
Gerrit-Reviewer: Dave Chen <wei.d.c...@intel.com>
Gerrit-Reviewer: Doron Fediuck <dfedi...@redhat.com>
Gerrit-Reviewer: Eli Mesika <emes...@redhat.com>
Gerrit-Reviewer: Emily Zhang <lijuan.zh...@intel.com>
Gerrit-Reviewer: Gang Wei <gang....@intel.com>
Gerrit-Reviewer: Omer Frenkel <ofren...@redhat.com>
Gerrit-Reviewer: Tal Nisan <tni...@redhat.com>
Gerrit-Reviewer: Yair Zaslavsky <yzasl...@redhat.com>
Gerrit-Reviewer: oVirt Jenkins CI Server
Gerrit-Reviewer: ofri masad <oma...@redhat.com>
_______________________________________________
Engine-patches mailing list
Engine-patches@ovirt.org
http://lists.ovirt.org/mailman/listinfo/engine-patches
