[openstack-dev] [nova][keystone] Message Queue Security
d.w.chadwick at kent.ac.uk
Thu Apr 25 19:03:57 UTC 2013
On 25/04/2013 19:42, Eric Windisch wrote:
>> On 25/04/2013 17:27, Simo Sorce wrote:
>>> On Thu, 2013-04-25 at 17:19 +0100, David Chadwick wrote:
>>>> What happens in a very fast system if two sub-processes create a message
>>>> at the same time and therefore contain the same timestamp?
>>> Well, right now we use eventlet so no concurrency is really allowed.
>>> If we move to a truly concurrent system (something I actually hope we
>>> do) then we'll have to serialize how we get the timestamp. We'll
>>> basically need a single source of time that will just increment by one
>>> hundredth of a second or so if a second request comes in within the same
>>> hundredth of a second. Basically keep a high watermark in shared memory
>>> and use atomic updates to never get a dup.
> We do have true concurrency. It might not be used everywhere, but we have it.
> You could run multiple copies of nova-scheduler on the same host. They could both generate the same timestamp + source, assuming that source was 'service_name + hostname'. The only workaround for that would be to make the source include the PID as well… until/unless we get in-process concurrency, at least. Does the remote system really need to know the PID? That could be a security thread. Perhaps we should hash it… wait, this is getting complicated...
> Why block everything synchronously on a single source of time or counter when we can simply use a nonce?
> Eric Windisch
> OpenStack-dev mailing list
> OpenStack-dev at lists.openstack.org
More information about the OpenStack-dev