[openstack-dev] [Oslo] Code review I7ec346db: Improve usability when backdoor_port is nonzero
Eric Windisch
eric at cloudscaling.com
Thu Jun 13 20:25:42 UTC 2013
On June 13, 2013 at 16:18:18 , Ray Pekowski (pekowski at gmail.com) wrote:
On Thu, Jun 13, 2013 at 12:49 PM, Eric Windisch <eric at cloudscaling.com> wrote:
However, has anyone considered simply switching to Unix domain sockets? You'd no longer be able to use a telnet client, nor could you connect remotely, but tools like 'socat' could be used to connect instead (from the local host).
Thanks for pointing out the 'socat' tool. That looks like a good one to put in the tool chest. What exactly is the benefit of using Unix domain sockets? Sorry if it is obvious.
1. Only local users can access the backdoor, limited by filesystem/user permissions.
2. Unix sockets have filenames. You can set this based on the RPC topic, the process ID (pid), randomly, or some other mechanism. Overall, you get better/more options for your namespace than port numbers which as you've noticed can be problematic.
--
Eric Windisch
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20130613/289c393d/attachment.html>
More information about the OpenStack-dev
mailing list