From: "Daniel P. Berrangé" <berrange@redhat.com>
To: Kevin Wolf <kwolf@redhat.com>
Cc: Markus Armbruster <armbru@redhat.com>,
jdurgin@redhat.com, mreitz@redhat.com, qemu-devel@nongnu.org,
qemu-block@nongnu.org, jcody@redhat.com
Subject: Re: [Qemu-devel] [RFC][BROKEN] rbd: Allow configuration of authentication scheme
Date: Wed, 18 Apr 2018 17:34:58 +0100 [thread overview]
Message-ID: <20180418163458.GB27579@redhat.com> (raw)
In-Reply-To: <20180418162823.GH4971@localhost.localdomain>
On Wed, Apr 18, 2018 at 06:28:23PM +0200, Kevin Wolf wrote:
> Am 18.04.2018 um 17:06 hat Markus Armbruster geschrieben:
> > Note that users can still configure authentication methods with a
> > configuration file. They probably do that anyway if they use Ceph
> > outside QEMU as well.
>
> This solution that we originally intended to offer was dismissed by
> libvirt as unpractical: libvirt allows the user to specify both a config
> file and a key, and if it wanted to use a config file to pass the key,
> it would have to create a merged config file and keep it sync with the
> user config file at all times. Understandable that they want to avoid
> this.
Even if the config file does have auth info setup, we can't assume that
the QEMU VMs are supposed to use the same auth info. In fact to properly
protect against compromised QEMU, ideally every QEMU would use a completely
separate RBD user+password, so that compromised QEMU can't then access
RBD disks belonging to a different user.
So from libvirt POV we want to pretend the config file does not exist at
all and explicitly pass everything that is needed via normal per-disk
setup for blockdev.
Regards,
Daniel
--
|: https://berrange.com -o- https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o- https://fstop138.berrange.com :|
|: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
next prev parent reply other threads:[~2018-04-18 16:35 UTC|newest]
Thread overview: 23+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-04-05 17:06 [Qemu-devel] [RFC][BROKEN] rbd: Allow configuration of authentication scheme Kevin Wolf
2018-04-06 8:04 ` Kevin Wolf
2018-04-18 9:41 ` [Qemu-devel] [Qemu-block] " Kevin Wolf
2018-04-18 13:21 ` [Qemu-devel] " Eric Blake
2018-04-18 13:40 ` Kevin Wolf
2018-04-18 13:26 ` Eric Blake
2018-04-18 13:50 ` Kevin Wolf
2018-04-18 14:16 ` Eric Blake
2018-04-18 14:26 ` Kevin Wolf
2018-04-18 15:06 ` Markus Armbruster
2018-04-18 16:28 ` Kevin Wolf
2018-04-18 16:34 ` Daniel P. Berrangé [this message]
2018-04-18 16:52 ` Kevin Wolf
2018-04-18 17:04 ` Daniel P. Berrangé
2018-04-20 13:34 ` Markus Armbruster
2018-04-20 13:55 ` Daniel P. Berrangé
2018-04-20 14:50 ` Markus Armbruster
2018-04-20 14:53 ` Daniel P. Berrangé
2018-04-20 16:15 ` Markus Armbruster
2018-04-20 14:39 ` Markus Armbruster
2018-04-24 18:26 ` Jeff Cody
2018-04-25 7:50 ` Kevin Wolf
2018-04-27 4:27 ` Jeff Cody
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20180418163458.GB27579@redhat.com \
--to=berrange@redhat.com \
--cc=armbru@redhat.com \
--cc=jcody@redhat.com \
--cc=jdurgin@redhat.com \
--cc=kwolf@redhat.com \
--cc=mreitz@redhat.com \
--cc=qemu-block@nongnu.org \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).