Change in vdsm[master]: vdsm-imaged: Support random io to oVirt disks

Tue, 02 Jun 2015 13:46:43 -0700 

Nir Soffer has posted comments on this change.

Change subject: vdsm-imaged: Support random io to oVirt disks
......................................................................


Patch Set 2:

(2 comments)

https://gerrit.ovirt.org/#/c/41824/2/vdsm-imaged/README
File vdsm-imaged/README:

Line 14:                   available via HTTP on port 54322.
Line 15: 
Line 16: - ticket service  manage session tickets authorizing image service
Line 17:                   operations. This service is available via HTTP over
Line 18:                   unix domain socket.
> the engine should get the stat as you can also request a url to be download
Ok
Line 19: 
Line 20: Transfer session flow
Line 21: 
Line 22: - Client starts an engine transfer session using oVirt REST API.


Line 33: - Vdsm deletes session ticket from vdsm-imaged.
Line 34: 
Line 35: Session tickets are ephemeral; A client needs to request Engine to 
renew
Line 36: the ticket from time to time, otherwise a ticket will expire and the
Line 37: transfer session will be aborted.
> I do not follow.
This is the flow as I'm planning.

1. Engine create a transation ticket, and include an access token for the 
vdsm-imaged

For example:

    {
         "access_token": "4f7e9709-0d81-4443-97ab-ed8395b5c56c",
         "domain_uuid": "0dce46c6-4a41-46de-983d-58d93581e219",
         "image_uuid": "0447bd3e-2ce3-452c-89b2-5bd9b6b1142f",
         "volume_uuid": "ffd35e40-c868-4507-94a3-ea3f999abf7f",
         "expires": 1433277196,
    }

- access_token is random value generated for each transfer ticket, and it 
should not be available to anyone except the client initiating the transfer and 
vdsm on the host.
- domain_uuid, image_uuid and volume_uuid are the standard way to identify a 
volume. These are required for vdsm to prepare the volume so vdsm-imaged can 
read or write to it.
- expires is the GMT time where this ticket expire

2. Vdsm will prepare the image, and pass new ticket to vdsm-imaged:

    {
         "access_token": "4f7e9709-0d81-4443-97ab-ed8395b5c56c",
         "path": 
"/var/run/vdsm/storage/0dce46c6-4a41-46de-983d-58d93581e219/images/0447bd3e-2ce3-452c-89b2-5bd9b6b1142f/ffd35e40-c868-4507-94a3-ea3f999abf7f",
         "expires": 1433277196,
    }

- path is the path were this volume is accessible. This may be a symbolic link 
to an lv, or to a file on NFS. This path is using the values of the domain, 
image and volume id, but vdsm may change it anytime. In the context of 
vdsm-imaged, it does not matter how the path is constructed.

3. Engine creates an access ticket:

    {
         "access_token": "4f7e9709-0d81-4443-97ab-ed8395b5c56c",
         "host": "10.35.0.1",
         "port": 54322,
         "expires": 4551643,
    }

This ticket must include the access_token, and whatever info needed for the 
proxy. I understood that this ticket will be signed by engine, so the proxy can 
validate it.

4. The client will send the data in the access tiket to the proxy (I don't care 
how)
5. The proxy will use send the access token to vdsm-image using the path:

    PUT /images/4f7e9709-0d81-4443-97ab-ed8395b5c56c

6. vdsm-imaged will get the transfter ticket using the access_token, and 
perform the io to the path in the ticket passed by vdsm.

While the ticket is valid, proxy can send multiple request to 
/images/4f7e9709-0d81-4443-97ab-ed8395b5c56c, performing read or write 
operations.

In the code, I called the "access_token" "uuid", and I when used in the request 
path, I called it "ticket_id".

Hope this is clear now. Do you see any issue with this scheme?
Line 38: 
Line 39: Session tickets are not persisted. In case of vdsm-imaged crash or
Line 40: reboot, Engine will provide a new session ticket and possibly point


-- 
To view, visit https://gerrit.ovirt.org/41824
To unsubscribe, visit https://gerrit.ovirt.org/settings

Gerrit-MessageType: comment
Gerrit-Change-Id: If3339fa94ef8464228cd036f4fe8eea61887e337
Gerrit-PatchSet: 2
Gerrit-Project: vdsm
Gerrit-Branch: master
Gerrit-Owner: Nir Soffer <[email protected]>
Gerrit-Reviewer: Adam Litke <[email protected]>
Gerrit-Reviewer: Allon Mureinik <[email protected]>
Gerrit-Reviewer: Alon Bar-Lev <[email protected]>
Gerrit-Reviewer: Amit Aviram <[email protected]>
Gerrit-Reviewer: Dan Kenigsberg <[email protected]>
Gerrit-Reviewer: Daniel Erez <[email protected]>
Gerrit-Reviewer: Federico Simoncelli <[email protected]>
Gerrit-Reviewer: Francesco Romani <[email protected]>
Gerrit-Reviewer: Greg Padgett <[email protected]>
Gerrit-Reviewer: Jenkins CI
Gerrit-Reviewer: Nir Soffer <[email protected]>
Gerrit-Reviewer: Yaniv Bronhaim <[email protected]>
Gerrit-Reviewer: [email protected]
Gerrit-HasComments: Yes
_______________________________________________
vdsm-patches mailing list
[email protected]
https://lists.fedorahosted.org/mailman/listinfo/vdsm-patches

Reply via email to