Ability to disable Agent in Murano

Registered by Serg Melikyan on 2014-07-17

Murano Agent has several known security issues (e.g. command to VM may be sent from another VM, not only from Murano). Also Murano Agent uses RabbitMQ as only transport to talk with spawned VMs so connection to RabbitMQ is required. System RabbitMQ (that is used to support work of OpenStack cloud itself) can't be used from security reasons.

We need to have ability to disable Agent functionality completely in order to eliminate requirement for another RabbitMQ and security issues that may arise if Agent is used for running commands on VMs.

Blueprint information

Status:
Complete
Approver:
Ruslan Kamaldinov
Priority:
High
Drafter:
Serg Melikyan
Direction:
Approved
Assignee:
Steve McLellan
Definition:
Approved
Series goal:
Accepted for juno
Implementation:
Implemented
Milestone target:
milestone icon 2014.2
Started by
Serg Melikyan
Completed by
Ruslan Kamaldinov

Related branches

Sprints

Whiteboard

I (sjmc7) am +1 on this
I think the amount of work is relatively small, probably a case of some of:

1 having the agent class itself check the config, and do nothing if it's disabled
2 make the environment aware that it can't start the agentlistener
3 raise an exception if deployments attempt to use it.

1 and 3 are maybe enough?

(ruhe) +1 on the above and BP itself

Gerrit topic: https://review.openstack.org/#q,topic:bp/disable-murano-agent,n,z

Addressed by: https://review.openstack.org/109769
    Allow murano-agent to be disabled

[slagun]
The same approach as here: https://review.openstack.org/#/c/94657/
can be used. The idea is to have policy for different operations of MuranoPL classes (lets start with those written in Python and then extend it to YAML)

(?)

Work Items

This blueprint contains Public information 
Everyone can see this information.

Subscribers

No subscribers.