Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

agent: drop openstack uuid option #799

Merged
merged 2 commits into from Dec 13, 2021
Merged

agent: drop openstack uuid option #799

merged 2 commits into from Dec 13, 2021

Conversation

THS-on
Copy link
Member

@THS-on THS-on commented Nov 30, 2021

The current code is not generic enough to be useful.

@mpeters
Copy link
Member

mpeters commented Dec 2, 2021

I'm not sure why we would drop this. In fact, I was thinking of expanding it to other "cloudish" providers like AWS, GCE and Azure. It can be useful is the agent UUID is also tied to the broader inventory of virtual machines you have and the unique ID from your cloud is a good one to use.

@THS-on
Copy link
Member Author

THS-on commented Dec 2, 2021

The issue is not the functionality itself, but the implementation which has no configuration options to make it useful.
I think providing a way to fetch the UUID from a third party is a good idea.

If we implement this it should be done such that is easy implementable also in the rust agent.

@mpeters
Copy link
Member

mpeters commented Dec 3, 2021

The issue is not the functionality itself, but the implementation which has no configuration options to make it useful.

What do you mean by this? What configuration options should exist?

If we implement this it should be done such that is easy implementable also in the rust agent.

How would that work? A separate binary that fetched the UUID somehow?

@THS-on
Copy link
Member Author

THS-on commented Dec 3, 2021

What do you mean by this? What configuration options should exist?

The current code just hard codes the metadata service. This should be at least configurable.

keylime/keylime/openstack.py

Lines 14 to 16 in 53b47c5

def get_openstack_uuid(uuid_service_ip='169.254.169.254',
uuid_service_resource='/openstack/2012-08-10/meta_data.json'):

How would that work? A separate binary that fetched the UUID somehow?

Either that or is there a reason why the UUID cannot be configured using environment variable during startup?

@mpeters
Copy link
Member

mpeters commented Dec 6, 2021

Either that or is there a reason why the UUID cannot be configured using environment variable during startup?

I like this option. So maybe we deprecate openstack and add a new environment which uses the KEYLIME_AGENT_UUID environment variable which can be set in whatever way the user wants.

@THS-on
Copy link
Member Author

THS-on commented Dec 6, 2021

@mpeters that sound like a good idea. I'll add that to this PR.

@THS-on
agent: drop openstack uuid option
d92a228 
The current code is not generic enough to be useful.

Signed-off-by: Thore Sommer <mail@thson.de>
@THS-on THS-on force-pushed the drop-openstack branch 2 times, most recently from 2bd4428 to a7a7f2c Compare December 13, 2021 12:29
@THS-on
agent: add UUID option environment
2748f26 
When agent_uuid in keylime.conf is set to 'environment' the agent tries to
use the value of the environment variable 'KEYLIME_AGENT_UUID' as the UUID.

Signed-off-by: Thore Sommer <mail@thson.de>
@THS-on
Copy link
Member Author

THS-on commented Dec 13, 2021

I've now added to option to set the UUID via the KEYLIME_AGENT_UUID environment variable.

@mpeters mpeters merged commit 7d8f721 into keylime:master Dec 13, 2021
@THS-on THS-on deleted the drop-openstack branch February 6, 2022 18:27
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mpeters mpeters mpeters approved these changes

@keylime-bot keylime-bot Awaiting requested review from keylime-bot

@lukehinds lukehinds Awaiting requested review from lukehinds

Assignees

@mpeters mpeters

@lukehinds lukehinds

@keylime-bot keylime-bot

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@THS-on @mpeters @lukehinds @keylime-bot