Ability to disable Agent in Murano
Murano Agent has several known security issues (e.g. command to VM may be sent from another VM, not only from Murano). Also Murano Agent uses RabbitMQ as only transport to talk with spawned VMs so connection to RabbitMQ is required. System RabbitMQ (that is used to support work of OpenStack cloud itself) can't be used from security reasons.
We need to have ability to disable Agent functionality completely in order to eliminate requirement for another RabbitMQ and security issues that may arise if Agent is used for running commands on VMs.
Blueprint information
- Status:
- Complete
- Approver:
- ruhe
- Priority:
- High
- Drafter:
- Serg Melikyan
- Direction:
- Approved
- Assignee:
- Steve McLellan
- Definition:
- Approved
- Series goal:
- Accepted for juno
- Implementation:
-
Implemented
- Milestone target:
-
2014.2
- Started by
- Serg Melikyan
- Completed by
- ruhe
Related branches
Related bugs
Sprints
Whiteboard
I (sjmc7) am +1 on this
I think the amount of work is relatively small, probably a case of some of:
1 having the agent class itself check the config, and do nothing if it's disabled
2 make the environment aware that it can't start the agentlistener
3 raise an exception if deployments attempt to use it.
1 and 3 are maybe enough?
(ruhe) +1 on the above and BP itself
Gerrit topic: https:/
Addressed by: https:/
Allow murano-agent to be disabled
[slagun]
The same approach as here: https:/
can be used. The idea is to have policy for different operations of MuranoPL classes (lets start with those written in Python and then extend it to YAML)