[Gluster-devel] jdarcy status (October 2014)

James purpleidea at gmail.com
Wed Oct 8 20:50:30 UTC 2014


On Wed, 2014-10-08 at 16:20 -0400, Jeff Darcy wrote:
> In the last few days, I've run into a couple of misunderstandings about
> the status of some projects I've worked on.  At first I set out to
> correct those misunderstandings, but then I realized it wouldn't be a
> bad idea to keep posting status to this llist periodically.  Can't hurt,
> anyway.  This is my first attempt.  I encourage other senior developers
> to do likewise for their projects as well.  I know many of them already
> do status reports for their downstream projects within Red Hat, and most
> of that information not only can but *should* be shared upstream as
> well.  It's just copy and paste.  Besides that, many people seem to have
> side projects in addition to their official responsibilities, and it
> would be good to hear about those.  So, without further ado...

Cool. It's nice to hear about what people are hacking on if it's not too
annoying for you to prepare. I'll pretend your posts are like a niche
blog (my favourite kind).

> 
> = SSL and multi-threading =
> 
> SSL support has been part of the code for two years.  There are a few
> users, but there could be many more.  Why aren't there?  Partly it's
> because the documentation is not easy to find, and copious documentation
> is necessary to do anything SSL-related.  The documentation does exist,
> I've sent the information to various people and to this list before, but
> it really should live in the wiki and/or the source tree.  The other
> problem is that some people just don't seem to get why users might want
> SSL.  Go figure.  Unfortunately, some of those people are the ones who
> control whether resources are assigned to test it, and therefore whether
> it gets mentioned as a feature, so it has effectively remained an
> upstream-only feature all that time.  Maybe, now that OpenStack Manila
> is using it for multi-tenancy, the higher profile will spark some change
> in those attitudes.

I might be misunderstanding some of this, but I thought that the way of
doing SSL (as you say, two years ago), and the mechanism, the generation
and transferring of certificates, and so on, was going to be updated
with a new mechanism in 3.6...?

As soon as the mechanism is "stable" and hopefully won't change too much
(maybe that is already the case) please let me know, and point me to the
authoritative docs/reference/notes/napkins on how to do ssl+gluster and
I'll patch this in to puppet-gluster to aid adoption and for
"documentation as puppet code".

Just to re-iterate-- Should I follow this:
https://lists.gnu.org/archive/html/gluster-devel/2013-05/msg00139.html
or did changes come out of:
http://www.gluster.org/community/documentation/index.php/Features/better-ssl

Thanks,
James

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: This is a digitally signed message part
URL: <http://supercolony.gluster.org/pipermail/gluster-devel/attachments/20141008/208029a4/attachment.sig>


More information about the Gluster-devel mailing list