I think trusted_filter is not in the scheduler_default_filters, so you have to make sure it's used by the filter scheduler.
Thanks --jyh From: openstack-bounces+yunhong.jiang=intel....@lists.launchpad.net [mailto:openstack-bounces+yunhong.jiang=intel....@lists.launchpad.net] On Behalf Of Dale, StewartX T Sent: Thursday, November 22, 2012 7:28 AM To: openstack@lists.launchpad.net Subject: [Openstack] Getting Trusted Compute Pools working in Open Stack Folsom Hi All, I am trying to get trusted compute pools working in my installation of open stack Folsom but so far am unable to get it to work. Currently when I spawn a new instance I don't see any interaction with the attestation server and the instance spawns just fine on a untrusted host. I have followed all the documentation I could find on TCP (http://wiki.openstack.org/TrustedComputingPools , https://github.com/openstack/nova/blob/stable/folsom/nova/scheduler/filters/trusted_filter.py ) but am still having no luck so I am hoping I missed something while setting it up. Hopefully someone can point out what I am doing wrong. Steps to Setup TCP: 1. Set the following value in nova.conf scheduler_driver=nova.scheduler.filter_scheduler.FilterScheduler 2. Add "trusted_computing" section to nova.conf [trusted_computing] server=10.x.x.x port=8181 server_ca_file=/etc/nova/ssl.10.1.71.206.crt api_url=/AttestationService/resources/PollHosts auth_blob=i-am-openstack 3. Add the "trusted" requirement to an existing flavor by running nova-manage instance_type set_key m1.tiny trust:trusted_host trusted 4. Restart nova-compute and nova-scheduler service At this point I test it by going to openstack page -> projects -> instances and launching a new instance of m1.tiny. At this point I should see a connection attempt on the attestion server (which I don't) and then the instance fail to launch (which it doesn't) since the host is untrusted. My version of open stack is Folsom and nova is 2012.2. Hopefully someone can point out my mistake or what I am missing. -Stewart
_______________________________________________ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp