cloudstack-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Marcus <shadow...@gmail.com>
Subject Re: [jira] [Commented] (CLOUDSTACK-8339) Allow non-root credentials for adding KVM hypervisor
Date Mon, 25 May 2015 06:02:45 GMT
On Sun, May 24, 2015 at 8:46 PM, ASF GitHub Bot (JIRA) <jira@apache.org>
wrote:

>
>     [
> https://issues.apache.org/jira/browse/CLOUDSTACK-8339?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14557951#comment-14557951
> ]
>
> ASF GitHub Bot commented on CLOUDSTACK-8339:
> --------------------------------------------
>
> Github user remibergsma commented on the pull request:
>
>     https://github.com/apache/cloudstack/pull/288#issuecomment-105115006
>
>     For now, I think the quick win is to make the proposed use of 'sudo'
> work, so that works what worked before (we require root credentials to add
> a host) and alternatively one can specify other credentials with proper
> sudo config pre-setup (which we should document properly). Then we can
> merge this PR. I actually think this is a great improvement!
>
>     Next, let's discuss a redesign of the agent. I've heard many people
> doing all sorts of suggestions and I can think of some myself as well. It
> might even be part of a bigger architecture change. Let's use a new thread
> for that.
>

The agent redesign has been discussed back and forth over the years. At one
point people were talking about rewriting it in python. I'm not entirely
against such efforts, but I never got a response that gave a good reason
for doing it other than thinking it might invite more developers.

Having worked on KVM over the last 3 years, I've seen a lot of sweat and
tears go into handling odd corner cases and various pitfalls (libvirt bugs,
etc) that I fear may need to happen again for a redesign/rewrite. There are
also a lot of features that have been added by various parties who may not
be interested in reimplementing them without a good reason, and we may not
have expertise or time to do it without them. Last, I know of a small
handful of third parties who have vendor plugins on the agent side to
support their products, they may not be excited about us breaking their
cloudstack support without good reason.

My biggest complaint with the agent has not really been to do with
functionality, it works fairly well, but with the organization of code.
There's been a lot of work to improve this recently. Perhaps this is the
wrong venue, but I'd be interested at some point to hear what other issues
people are wanting to address.


>
> > Allow non-root credentials for adding KVM hypervisor
> > ----------------------------------------------------
> >
> >                 Key: CLOUDSTACK-8339
> >                 URL:
> https://issues.apache.org/jira/browse/CLOUDSTACK-8339
> >             Project: CloudStack
> >          Issue Type: Bug
> >      Security Level: Public(Anyone can view this level - this is the
> default.)
> >          Components: KVM
> >    Affects Versions: 4.5.0
> >            Reporter: Marcus Sorensen
> >            Assignee: Marcus Sorensen
> >             Fix For: 4.6.0
> >
> >
> > Users prefer to not provide root ssh just to run the hypervisor add from
> the UI. Testing a fix.
>
>
>
> --
> This message was sent by Atlassian JIRA
> (v6.3.4#6332)
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message