> Overall, it seems like having clients connect *directly* to the >> snapshot volumes once they've been started might have avoided some >> complexity or problems. Was this considered? > Yes this was considered. I have mentioned the two reasons why this was > dropped in the other mail. I look forward to the next version of the design which reflects the new ideas since this email thread started. > They were: a) snap view generation requires privileged ops to > glusterd. So moving this task to the server side solves a lot of those > challenges. Not really. A server-side component issuing privileged requests whenever a client asks it to is no more secure than a client-side component issuing them directly. There needs to be some sort of authentication and authorization at the glusterd level (the only place these all converge). This is a more general problem that we've had with glusterd for a long time. If security is a sincere concern for USS, shouldn't we address it by trying to move the general solution forward? _______________________________________________ Gluster-devel mailing list Gluster-devel@xxxxxxxxxxx http://supercolony.gluster.org/mailman/listinfo/gluster-devel
