[openstack-dev] Trove : about trove-guestagent connecting to trove controller and rabbitmq
jazeltq at 163.com
Sun Apr 19 04:35:41 UTC 2015
1) Can you give some best practice for trove?
2) What about the security for trove components?
At 2015-04-17 11:04:47, "Nikhil Manchanda" <nikhil at manchanda.me> wrote:
The rabbitmq server that the trove components use to communicate with
each other doesn't (and in fact _shouldn't_) necessarily be the same
rabbitmq server that the core openstack services are using for
In most real-world deployments of OpenStack Trove that I am aware of,
a separate in-cloud rabbitmq cluster is set up for Trove to use. The
Trove control plane (api / taskmanager / conductor) is also deployed
as a workload in the cloud and guest VMs also run as workloads in the
same cloud. Consequently, all communication happens between vms -- all
part of the same cloud. There isn't a necessity for the guest agent to
be able to communicate with the infrastructure rabbitmq server running
on bare-metal, so there really isn't a security concern here.
Hope this helps to clarify the situation,
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the OpenStack-dev