openstack
/
manila-specs
Code Issues Proposed changes

Update patch set 4 

Patch Set 4: Code-Review-1

(10 comments)

Patch-set: 4
Reviewer: Gerrit User 30407 <30407@4a232e18-c5a9-48ee-94c0-e04e7cca6543>
Label: Code-Review=-1, 84623991077acdba9664da865441439ec046c0c8
Attention: {"person_ident":"Gerrit User 15439 \u003c15439@4a232e18-c5a9-48ee-94c0-e04e7cca6543\u003e","operation":"ADD","reason":"\u003cGERRIT_ACCOUNT_30407\u003e replied on the change"}
Attention: {"person_ident":"Gerrit User 32919 \u003c32919@4a232e18-c5a9-48ee-94c0-e04e7cca6543\u003e","operation":"ADD","reason":"\u003cGERRIT_ACCOUNT_30407\u003e replied on the change"}
This commit is contained in:
Gerrit User 30407 2023-12-04 07:41:11 +00:00 committed by Gerrit Code Review
parent c58081b25a
commit 5ce474c498
1 changed files with 228 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

228
7e375d234c48fb3e6c33584ea12452ec0e29ee60 Normal file
View File

@ -0,0 +1,228 @@
{
"comments": [
{
"unresolved": false,
"key": {
"uuid": "fb8099e7_6fdfd705",
"filename": "/PATCHSET_LEVEL",
"patchSetId": 4
},
"lineNbr": 0,
"author": {
"id": 30407
},
"writtenOn": "2023-12-04T07:41:11Z",
"side": 1,
"message": "hi, Kiran Pawar.\nthanks for your idea about share encryption.\nhere are some comments about this.",
"revId": "7e375d234c48fb3e6c33584ea12452ec0e29ee60",
"serverId": "4a232e18-c5a9-48ee-94c0-e04e7cca6543"
},
{
"unresolved": true,
"key": {
"uuid": "212f65a3_e8fe9199",
"filename": "specs/caracal/share_encryption.rst",
"patchSetId": 4
},
"lineNbr": 168,
"author": {
"id": 30407
},
"writtenOn": "2023-12-04T07:41:11Z",
"side": 1,
"message": "in cinder, if we want to create a encryption volume type, encryption-provider must be specified. can not only specify key-size or cipher or control-location.\nso do we need to do like cinder?\nhow about to support add encryption for an existing share type. but not create new share type with encryption.\n\n openstack share encryption-type-create [--cipher \u003ccipher\u003e]\n [--key-size \u003ckey_size\u003e]\n [--control-location \u003ccontrol_location\u003e]\n \u003cshare_type\u003e \u003cprovider\u003e",
"range": {
"startLine": 163,
"startChar": 2,
"endLine": 168,
"endChar": 69
},
"revId": "7e375d234c48fb3e6c33584ea12452ec0e29ee60",
"serverId": "4a232e18-c5a9-48ee-94c0-e04e7cca6543"
},
{
"unresolved": true,
"key": {
"uuid": "b737e94f_f9e08dbc",
"filename": "specs/caracal/share_encryption.rst",
"patchSetId": 4
},
"lineNbr": 173,
"author": {
"id": 30407
},
"writtenOn": "2023-12-04T07:41:11Z",
"side": 1,
"message": "how about:\n\n openstack share encryption-type-show \u003cshare-type\u003e",
"range": {
"startLine": 172,
"startChar": 0,
"endLine": 173,
"endChar": 38
},
"revId": "7e375d234c48fb3e6c33584ea12452ec0e29ee60",
"serverId": "4a232e18-c5a9-48ee-94c0-e04e7cca6543"
},
{
"unresolved": true,
"key": {
"uuid": "3f4a961f_e1973be7",
"filename": "specs/caracal/share_encryption.rst",
"patchSetId": 4
},
"lineNbr": 183,
"author": {
"id": 30407
},
"writtenOn": "2023-12-04T07:41:11Z",
"side": 1,
"message": "openstack SDK has support this command to update an existing share type.\n\n openstack share type set [-h]\n [--extra-specs [\u003ckey\u003dvalue\u003e [\u003ckey\u003dvalue\u003e ...]]]\n [--public \u003cpublic\u003e]\n [--description \u003cdescription\u003e] [--name \u003cname\u003e]\n \u003cshare_type\u003e \n\nso, we use this command again, Easily cause confusion, how about we make new command for encryption share type, just like cinder.\n\n openstack share encryption-type-update [--provider \u003cprovider\u003e]\n [--cipher [\u003ccipher\u003e]]\n [--key-size [\u003ckey-size\u003e]]\n [--control-location \u003ccontrol-location\u003e]\n \u003cshare-type\u003e",
"range": {
"startLine": 179,
"startChar": 0,
"endLine": 183,
"endChar": 37
},
"revId": "7e375d234c48fb3e6c33584ea12452ec0e29ee60",
"serverId": "4a232e18-c5a9-48ee-94c0-e04e7cca6543"
},
{
"unresolved": true,
"key": {
"uuid": "8965561d_c9c86070",
"filename": "specs/caracal/share_encryption.rst",
"patchSetId": 4
},
"lineNbr": 195,
"author": {
"id": 30407
},
"writtenOn": "2023-12-04T07:41:11Z",
"side": 1,
"message": "(ansible)[root@ /]# openstack share type unset -h\nusage: openstack share type unset [-h] \u003cshare_type\u003e \u003ckey\u003e [\u003ckey\u003e ...]\n\nwe know this command has been used to remove some extra-spec.\n\nso how about:\n\n openstack share encryption-type-delete \u003cshare-type\u003e",
"range": {
"startLine": 194,
"startChar": 0,
"endLine": 195,
"endChar": 39
},
"revId": "7e375d234c48fb3e6c33584ea12452ec0e29ee60",
"serverId": "4a232e18-c5a9-48ee-94c0-e04e7cca6543"
},
{
"unresolved": true,
"key": {
"uuid": "03856523_87f8c966",
"filename": "specs/caracal/share_encryption.rst",
"patchSetId": 4
},
"lineNbr": 201,
"author": {
"id": 30407
},
"writtenOn": "2023-12-04T07:41:11Z",
"side": 1,
"message": "how about:\n\n openstack share encryption-type-list \u003cshare-type\u003e",
"range": {
"startLine": 201,
"startChar": 0,
"endLine": 201,
"endChar": 45
},
"revId": "7e375d234c48fb3e6c33584ea12452ec0e29ee60",
"serverId": "4a232e18-c5a9-48ee-94c0-e04e7cca6543"
},
{
"unresolved": true,
"key": {
"uuid": "49a5a6a1_d8edb79c",
"filename": "specs/caracal/share_encryption.rst",
"patchSetId": 4
},
"lineNbr": 220,
"author": {
"id": 30407
},
"writtenOn": "2023-12-04T07:41:11Z",
"side": 1,
"message": "In cinder, because qemu natively supports luks encryption and decryption, front-end encryption or decryption can use the host\u0027s qemu to read encrypted data and decrypt it. If front-end encryption is still used, share is mounted using NFS. Can NFS decrypt luks encrypted data? Or do we only support back-end encryption?",
"range": {
"startLine": 220,
"startChar": 32,
"endLine": 220,
"endChar": 41
},
"revId": "7e375d234c48fb3e6c33584ea12452ec0e29ee60",
"serverId": "4a232e18-c5a9-48ee-94c0-e04e7cca6543"
},
{
"unresolved": true,
"key": {
"uuid": "538d576d_95d31aa4",
"filename": "specs/caracal/share_encryption.rst",
"patchSetId": 4
},
"lineNbr": 225,
"author": {
"id": 30407
},
"writtenOn": "2023-12-04T07:41:11Z",
"side": 1,
"message": "if all fields are needed. then command\n\n openstack share encryption-type-create [--cipher \u003ccipher\u003e]\n [--key-size \u003ckey_size\u003e]\n [--control-location \u003ccontrol_location\u003e]\n \u003cshare_type\u003e \u003cprovider\u003e\n \nshould change to:\n\n openstack share encryption-type-create \n \u003cshare_type\u003e \u003cprovider\u003e \u003ccipher\u003e \u003ckey_size\u003e \u003ccontrol_location\u003e",
"range": {
"startLine": 225,
"startChar": 0,
"endLine": 225,
"endChar": 52
},
"revId": "7e375d234c48fb3e6c33584ea12452ec0e29ee60",
"serverId": "4a232e18-c5a9-48ee-94c0-e04e7cca6543"
},
{
"unresolved": true,
"key": {
"uuid": "7ad331af_e53291ec",
"filename": "specs/caracal/share_encryption.rst",
"patchSetId": 4
},
"lineNbr": 304,
"author": {
"id": 30407
},
"writtenOn": "2023-12-04T07:41:11Z",
"side": 1,
"message": "This looks like back-end encryption, i.e. control_location is back-end.",
"range": {
"startLine": 304,
"startChar": 0,
"endLine": 304,
"endChar": 39
},
"revId": "7e375d234c48fb3e6c33584ea12452ec0e29ee60",
"serverId": "4a232e18-c5a9-48ee-94c0-e04e7cca6543"
},
{
"unresolved": true,
"key": {
"uuid": "b299aa27_76186dd7",
"filename": "specs/caracal/share_encryption.rst",
"patchSetId": 4
},
"lineNbr": 330,
"author": {
"id": 30407
},
"writtenOn": "2023-12-04T07:41:11Z",
"side": 1,
"message": "if we only support back-end encryption, the default value of control_location could be back-end, and user do not need to specify it when create new encryption for share type.",
"range": {
"startLine": 330,
"startChar": 3,
"endLine": 330,
"endChar": 35
},
"revId": "7e375d234c48fb3e6c33584ea12452ec0e29ee60",
"serverId": "4a232e18-c5a9-48ee-94c0-e04e7cca6543"
}
]
}