6.1 KiB
| Configuration option = Default value | Description |
|---|---|
| [trusted_computing] | |
|
(String) The URL on the attestation server to use. See the attestation_server help text for more information about host verification. This value must be just that path portion of the full URL, as it will be joined to the host specified in the attestation_server option. This option is only used by the FilterScheduler and its subclasses; if you use a different scheduler, this option has no effect. Also note that this setting only affects scheduling if the 'TrustedFilter' filter is enabled.
|
|
(String) Attestation servers require a specific blob that is used to authenticate. The content and format of the blob are determined by the particular attestation server being used. There is no default value; you must supply the value as specified by your attestation service. See the attestation_server help text for more information about host verification. This option is only used by the FilterScheduler and its subclasses; if you use a different scheduler, this option has no effect. Also note that this setting only affects scheduling if the 'TrustedFilter' filter is enabled.
|
|
(Integer) This value controls how long a successful attestation is cached. Once this period has elapsed, a new attestation request will be made. See the attestation_server help text for more information about host verification. The value is in seconds. Valid values must be positive integers for any caching; setting this to zero or a negative value will result in calls to the attestation_server for every request, which may impact performance. This option is only used by the FilterScheduler and its subclasses; if you use a different scheduler, this option has no effect. Also note that this setting only affects scheduling if the 'TrustedFilter' filter is enabled.
|
|
(Boolean) When set to True, the SSL certificate verification is skipped for the attestation service. See the attestation_server help text for more information about host verification. Valid values are True or False. The default is False. This option is only used by the FilterScheduler and its subclasses; if you use a different scheduler, this option has no effect. Also note that this setting only affects scheduling if the 'TrustedFilter' filter is enabled.
|
|
(String) The port to use when connecting to the attestation server. See the attestation_server help text for more information about host verification. Valid values are strings, not integers, but must be digits only. This option is only used by the FilterScheduler and its subclasses; if you use a different scheduler, this option has no effect. Also note that this setting only affects scheduling if the 'TrustedFilter' filter is enabled.
|
|
(String) The host to use as the attestation server. Cloud computing pools can involve thousands of compute nodes located at different geographical locations, making it difficult for cloud providers to identify a node's trustworthiness. When using the Trusted filter, users can request that their VMs only be placed on nodes that have been verified by the attestation server specified in this option. The value is a string, and can be either an IP address or FQDN. This option is only used by the FilterScheduler and its subclasses; if you use a different scheduler, this option has no effect. Also note that this setting only affects scheduling if the 'TrustedFilter' filter is enabled.
|
|
(String) The absolute path to the certificate to use for authentication when connecting to the attestation server. See the attestation_server help text for more information about host verification. The value is a string, and must point to a file that is readable by the scheduler. This option is only used by the FilterScheduler and its subclasses; if you use a different scheduler, this option has no effect. Also note that this setting only affects scheduling if the 'TrustedFilter' filter is enabled.
|