On 10/03/2017 03:16 PM, Sean Dague wrote:
= Where I think we are? =
I think with all this data we're at the following:
Q: Should we add this to rebuild
A: Yes, probably - after some enhancement to the spec *
* - we really should have much better use cases about the situations it
is expected to be used in. We spend a lot of time 2 and 3 years out
trying to figure out how anyone would ever use a feature, and adding
another one without this doesn't seem good
Here's an example from my use: I create a Heat stack, then realize I
deployed some of the instances with the wrong keypair. I'd rather not
tear down the entire stack just to fix that, and being able to change
keys on rebuild would allow me to avoid doing so. I can rebuild a
Heat-owned instance without causing any trouble, but I can't re-create it.
I don't know how common this is, but it's definitely something that has
happened to me in the past.
Q: should this also be on reboot?
A: NO - it would be too fragile
I also think figuring out a way to get Nova out of the key storage
business (which it really shouldn't be in) would be good. So if anyone
wants to tackle Nova using Barbican for keys, that would be ++. Rebuild
doesn't wait on that, but Barbican urls for keys seems like a much
better world to be in.
-Sean
__________________________________________________________________________
OpenStack Development Mailing List (not for usage questions)
Unsubscribe: [email protected]?subject:unsubscribe
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
