[Ovirt-devel] [PATCH server] Replaced the config scripts with configuration encoding.

[Chris Lalancette]

Darryl L. Pierce wrote:
> *** NOTE ***
> This patch is a request for comments. I'm looking for some feedback on the encoding
> strategy I'm using below. The goal is to get away from using embedded scripts and to
> instead just describe the desired state to the node.
> *** NOTE ***
> 
> Rather than sending the node a series of scripts that load
> kernel modules, or are tightly coupled to tools like augeas,
> this patch introduces an encoding scheme for data.
> 
> A line that begins with "kmod" describes a kernel module that
> needs to be loaded. It will containing the module's name, an
> optional alias for the module, and then the module options
> if such are required.
> 
> A line that begins with "ifcfg" describes an network
> interface. It will contain the mac address and interface name,
> followed by all needed configuration values to bring the
> interface up.

This is definitely a step in the right direction.  I'm still a tiny bit
concerned about using the generic "kmod", as opposed to just "bonding"; the
former gives us more flexibility, but still leaves a security hole for loading
any random kernel module.  The latter means that we have to implement something
different for every new thing we want to support, but that's not necessarily a
bad thing.  So instead of:

kmod=[module name]|[module alias]|[module options]

I think I would rather see:

bonding=alias|options

For the ifcfg, that looks fine to me, as long as the number of delimited fields
is unlimited, and all of the additional field would be put in the ifcfg- script.
 That is, this is perfectly valid:

ifcfg=00:11:22:33:44|eth0|BOOTPROTO=dhcp|bridge=ovirtbr0|ONBOOT=yes

but so is:

ifcfg=00:11:22:33:44|eth0|BOOTPROTO=dhcp|bridge=ovirtbr0|ONBOOT=yes|DELAY=0

Chris Lalancette