[openstack-dev] Trove : about trove-guestagent connecting to trove controller and rabbitmq
Nikhil Manchanda
nikhil at manchanda.me
Fri Apr 17 03:04:47 UTC 2015
Hi Benoit:
The rabbitmq server that the trove components use to communicate with
each other doesn't (and in fact _shouldn't_) necessarily be the same
rabbitmq server that the core openstack services are using for
communcation.
In most real-world deployments of OpenStack Trove that I am aware of,
a separate in-cloud rabbitmq cluster is set up for Trove to use. The
Trove control plane (api / taskmanager / conductor) is also deployed
as a workload in the cloud and guest VMs also run as workloads in the
same cloud. Consequently, all communication happens between vms -- all
part of the same cloud. There isn't a necessity for the guest agent to
be able to communicate with the infrastructure rabbitmq server running
on bare-metal, so there really isn't a security concern here.
Hope this helps to clarify the situation,
Thanks,
Nikhil
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20150416/45d68db3/attachment.html>
More information about the OpenStack-dev
mailing list