[openstack-dev] Unified Guest Agent proposal

Fox, Kevin M kevin.fox at pnnl.gov
Mon Dec 16 17:10:29 UTC 2013

The idea being discussed is using for long term messaging between a vm and some other process. For example, Trove -> TroveVM.

I guess this thread is getting too long. The details are getting lost.


From: Lars Kellogg-Stedman [lars at redhat.com]
Sent: Monday, December 16, 2013 8:18 AM
To: OpenStack Development Mailing List (not for usage questions)
Subject: Re: [openstack-dev] Unified Guest Agent proposal

On Fri, Dec 13, 2013 at 11:32:01AM -0800, Fox, Kevin M wrote:
> I hadn't thought about that use case, but that does sound like it
> would be a problem.

That, at least, is not much of a problem, because you can block access
to the metadata via a blackhole route or similar after you complete
your initial configuration:

  ip route add blackhole

This prevents access to the metadata unless someone already has root
access on the instance.

Lars Kellogg-Stedman <lars at redhat.com> | larsks @ irc
Cloud Engineering / OpenStack          | "   "  @ twitter

More information about the OpenStack-dev mailing list