Return-Path: X-Original-To: apmail-cloudstack-dev-archive@www.apache.org Delivered-To: apmail-cloudstack-dev-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 0C38A179CD for ; Wed, 28 Jan 2015 21:01:22 +0000 (UTC) Received: (qmail 31897 invoked by uid 500); 28 Jan 2015 21:01:22 -0000 Delivered-To: apmail-cloudstack-dev-archive@cloudstack.apache.org Received: (qmail 31847 invoked by uid 500); 28 Jan 2015 21:01:22 -0000 Mailing-List: contact dev-help@cloudstack.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@cloudstack.apache.org Delivered-To: mailing list dev@cloudstack.apache.org Received: (qmail 31833 invoked by uid 99); 28 Jan 2015 21:01:21 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 28 Jan 2015 21:01:21 +0000 X-ASF-Spam-Status: No, hits=1.5 required=5.0 tests=HTML_MESSAGE,RCVD_IN_DNSWL_LOW,SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (nike.apache.org: domain of terbolous@gmail.com designates 209.85.212.177 as permitted sender) Received: from [209.85.212.177] (HELO mail-wi0-f177.google.com) (209.85.212.177) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 28 Jan 2015 21:00:56 +0000 Received: by mail-wi0-f177.google.com with SMTP id r20so15426848wiv.4 for ; Wed, 28 Jan 2015 12:58:39 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; bh=l88rIbB8eT47kp8UyFuaDibh7y7xq1i7xNclpRyy3QU=; b=DcCzKVfdyfTOPFm00zxkfEXG7Ph15dHWgkraauSsmjWgHcef0DNai6HWMg/zMNhWle 5OJy8hXfntqhQPy9j7oJXHyqlPXNxdqJU7LhO5IFTqPHd/IEjJH0BPyZs5AkDkfbp2PD 0qlKR3UEHorRlIRinfkle/MPAg1reWHmcaI7mWRPVXZZnWqNWCOWX1pWCJ//ZRs1iCWo fj8SYXFDx/kAmXFsz+uMNaI/hlWuXPmhoY7Fmcz4ZGOfCTtTmgrNuIbn2IhB4n//vsDh 8ypTJFsk3nq52yyDewCgYmIGqjEWtgdhVkZ8JgR09zknXgEU+0Redq/CXtQqPZTAt2T3 a8xA== MIME-Version: 1.0 X-Received: by 10.180.39.175 with SMTP id q15mr11201872wik.50.1422478719673; Wed, 28 Jan 2015 12:58:39 -0800 (PST) Received: by 10.14.88.134 with HTTP; Wed, 28 Jan 2015 12:58:39 -0800 (PST) In-Reply-To: References: Date: Wed, 28 Jan 2015 21:58:39 +0100 Message-ID: Subject: Re: [DISCUSS] we need a better SSVM solution From: Erik Weber To: dev Content-Type: multipart/alternative; boundary=001a11c2283ac96a44050dbca282 X-Virus-Checked: Checked by ClamAV on apache.org --001a11c2283ac96a44050dbca282 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable On Wed, Jan 28, 2015 at 9:44 PM, John Kinsella wrote: > Every time there=E2=80=99s an issue (security or otherwise) with the syst= em VM > ISOs, it=E2=80=99s a relative pain to fix. They=E2=80=99re sort of a clos= ed system, people > know little (relative to other ACS parts, IMHO) about their innards, and > updating them is more difficult than it should be. > > I=E2=80=99d love to see a Better Way. I think these things could be dynam= ically > built, with the option to have them connect to a configuration management > (CM) system such as Puppet, Chef, Salt-Stack or whatever else floats > people=E2=80=99s boat. > > Totally agree, but we should consider the fact that users might not use our builds and make it equally easy to update with a custom one. One possible use case: > * User installs new ACS system. > * User logs into mgmt server, goes to Templates area, clicks button to > fetch default SSVM image. UI allows providing alternative URL, other > options as needed. > * (time passes) > * Security issue is announced. User goes back into Templates area, select= s > SSVM template, clicks =E2=80=9CDownload updated template=E2=80=9D and it = does. Under > infrastructure/system VMs and infrastrucutre/virtual routers, there=E2=80= =99s > buttons to update one or more running instances to use the new template > > If the user is using one of the published templates, why not just download the new one and send a notification that a new template is ready and that systemvms should be scheduled for a restart? > Another possible use case: > * User installs new ACS system > * User uploads SSVM template that has CM agent configured to talk to thei= r > CM server (I=E2=80=99ve been wanting to lab this for a while now) > * As ACS creates system VMs, they phone home to CM server, it provides > them with instructions to install various packages and config as needed t= o > be domr/console proxy/whatever. We provide basic =E2=80=9Crecipes=E2=80= =9D for CM systems > for people to use and grow from. > * Security issue is announced. User updates recipe in CM system, a few > minutes later the SSVMs are up-to-date. > > Modification on that use case: We ship the SSVM with puppet/chef/blah > installed, part of the SSVM =E2=80=9Cpatch=E2=80=9D process configures ap= propriate CM > system. > > What might make the second use case easier would be to have some hooks in > ACS that when a system is created/destroyed/modified, it informs 3rd part= y > via API. > > (Obviously API calls for all of the above to allow process without > touching the UI) > > Thoughts? > > I've wondered for quite some time why we haven't had a simple checkbox in the template register view that says 'Use as System VM' or similar. Anyway, huge +1 --=20 Erik --001a11c2283ac96a44050dbca282--