<div dir="ltr">And one more thing, <div><br></div><div>Sandy Walsh pointed to the client Rackspace developed and use - [1], [2]. Its design is somewhat different and can be expressed by the following formulae:</div><div><br>
</div><div>App -> Host (XenStore) <-> Guest Agent</div><div><br></div><div>(taken from the wiki [3])</div><div><br></div><div>It has an obvious disadvantage - it is hypervisor dependent and currently implemented for Xen only. On the other hand such design should not have shared facility vulnerability as Agent accesses the server not directly but via XenStore (which AFAIU is compute node based).</div>
<div><br></div><div>Thanks,</div><div><br></div><div>Dmitry</div><div><br></div><div><br></div><div>[1] <a href="https://github.com/rackerlabs/openstack-guest-agents-unix">https://github.com/rackerlabs/openstack-guest-agents-unix</a></div>
<div>[2] <a href="https://github.com/rackerlabs/openstack-guest-agents-windows-xenserver" target="_blank" style="font-size:13px;font-family:arial,sans-serif">https://github.com/rackerlabs/openstack-guest-agents-windows-xenserver</a></div>
<div>[3] <a href="https://wiki.openstack.org/wiki/GuestAgent">https://wiki.openstack.org/wiki/GuestAgent</a></div></div><div class="gmail_extra"><br><br><div class="gmail_quote">2013/12/10 Dmitry Mescheryakov <span dir="ltr"><<a href="mailto:dmescheryakov@mirantis.com" target="_blank">dmescheryakov@mirantis.com</a>></span><br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr">Guys,<div><br></div><div>I see two major trends in the thread:</div><div><br></div><div> * use Salt</div>
<div> * write our own solution with architecture similar to Salt or MCollective</div><div><br></div><div>
There were points raised pro and contra both solutions. But I have a concern which I believe was not covered yet. Both solutions use either ZeroMQ or message queues (AMQP/STOMP) as a transport. The thing is there is going to be a shared facility between all the tenants. And unlike all other OpenStack services, this facility will be directly accessible from VMs, which leaves tenants very vulnerable to each other. Harm the facility from your VM, and the whole Region/Cell/Availability Zone will be left out of service.</div>

<div><br></div><div>Do you think that is solvable, or maybe I overestimate the threat?</div><div><br></div><div>Thanks,</div><div><br></div><div>Dmitry</div><div><br></div><div><br></div></div><div class="HOEnZb"><div class="h5">
<div class="gmail_extra"><br>
<br><div class="gmail_quote">2013/12/9 Dmitry Mescheryakov <span dir="ltr"><<a href="mailto:dmescheryakov@mirantis.com" target="_blank">dmescheryakov@mirantis.com</a>></span><br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">

<div dir="ltr"><br><div class="gmail_extra"><br><br><div class="gmail_quote"><div>2013/12/9 Kurt Griffiths <span dir="ltr"><<a href="mailto:kurt.griffiths@rackspace.com" target="_blank">kurt.griffiths@rackspace.com</a>></span><br>


<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">



<div style="font-size:14px;font-family:Calibri,sans-serif;word-wrap:break-word">
<div>This list of features makes me <i>very</i> nervous from a security standpoint. Are we talking about giving an agent an arbitrary shell command or file to install, and it goes and does that, or are we simply triggering a preconfigured action (at the time
 the agent itself was installed)?</div>
<div><br></div></div></blockquote><div><br></div></div><div>I believe the agent must execute only a set of preconfigured actions exactly due to security reasons. It should be up to the using project (Savanna/Trove) to decide which actions must be exposed by the agent.</div>


<div><br></div><div> </div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div><div style="font-size:14px;font-family:Calibri,sans-serif;word-wrap:break-word">
<div>
</div>
<span>
<div style="border-right:medium none;padding-right:0in;padding-left:0in;padding-top:3pt;text-align:left;font-size:11pt;border-bottom:medium none;font-family:Calibri;border-top:#b5c4df 1pt solid;padding-bottom:0in;border-left:medium none">



<span style="font-weight:bold">From: </span>Steven Dake <<a href="mailto:sdake@redhat.com" target="_blank">sdake@redhat.com</a>><br>
<span style="font-weight:bold">Reply-To: </span>OpenStack Dev <<a href="mailto:openstack-dev@lists.openstack.org" target="_blank">openstack-dev@lists.openstack.org</a>><br>
<span style="font-weight:bold">Date: </span>Monday, December 9, 2013 at 11:41 AM<br>
<span style="font-weight:bold">To: </span>OpenStack Dev <<a href="mailto:openstack-dev@lists.openstack.org" target="_blank">openstack-dev@lists.openstack.org</a>><div><br>
<span style="font-weight:bold">Subject: </span>Re: [openstack-dev] Unified Guest Agent proposal<br>
</div></div><div>
<div><br>
</div>
<span style="text-indent:0px;letter-spacing:normal;font-variant:normal;text-align:start;font-style:normal;display:inline!important;font-weight:normal;float:none;line-height:normal;text-transform:none;font-size:medium;white-space:normal;font-family:Calibri;word-spacing:0px">In
 terms of features:</span><br style="text-indent:0px;letter-spacing:normal;font-variant:normal;text-align:start;font-style:normal;font-weight:normal;line-height:normal;text-transform:none;font-size:medium;white-space:normal;font-family:Calibri;word-spacing:0px">



<span style="text-indent:0px;letter-spacing:normal;font-variant:normal;text-align:start;font-style:normal;display:inline!important;font-weight:normal;float:none;line-height:normal;text-transform:none;font-size:medium;white-space:normal;font-family:Calibri;word-spacing:0px">*
 run shell commands</span><br style="text-indent:0px;letter-spacing:normal;font-variant:normal;text-align:start;font-style:normal;font-weight:normal;line-height:normal;text-transform:none;font-size:medium;white-space:normal;font-family:Calibri;word-spacing:0px">



<span style="text-indent:0px;letter-spacing:normal;font-variant:normal;text-align:start;font-style:normal;display:inline!important;font-weight:normal;float:none;line-height:normal;text-transform:none;font-size:medium;white-space:normal;font-family:Calibri;word-spacing:0px">*
 install files (with selinux properties as well)</span><br style="text-indent:0px;letter-spacing:normal;font-variant:normal;text-align:start;font-style:normal;font-weight:normal;line-height:normal;text-transform:none;font-size:medium;white-space:normal;font-family:Calibri;word-spacing:0px">



<span style="text-indent:0px;letter-spacing:normal;font-variant:normal;text-align:start;font-style:normal;display:inline!important;font-weight:normal;float:none;line-height:normal;text-transform:none;font-size:medium;white-space:normal;font-family:Calibri;word-spacing:0px">*
 create users and groups (with selinux properties as well)</span><br style="text-indent:0px;letter-spacing:normal;font-variant:normal;text-align:start;font-style:normal;font-weight:normal;line-height:normal;text-transform:none;font-size:medium;white-space:normal;font-family:Calibri;word-spacing:0px">



<span style="text-indent:0px;letter-spacing:normal;font-variant:normal;text-align:start;font-style:normal;display:inline!important;font-weight:normal;float:none;line-height:normal;text-transform:none;font-size:medium;white-space:normal;font-family:Calibri;word-spacing:0px">*
 install packages via yum, apt-get, rpm, pypi</span><br style="text-indent:0px;letter-spacing:normal;font-variant:normal;text-align:start;font-style:normal;font-weight:normal;line-height:normal;text-transform:none;font-size:medium;white-space:normal;font-family:Calibri;word-spacing:0px">



<span style="text-indent:0px;letter-spacing:normal;font-variant:normal;text-align:start;font-style:normal;display:inline!important;font-weight:normal;float:none;line-height:normal;text-transform:none;font-size:medium;white-space:normal;font-family:Calibri;word-spacing:0px">*
 start and enable system services for systemd or sysvinit</span><br style="text-indent:0px;letter-spacing:normal;font-variant:normal;text-align:start;font-style:normal;font-weight:normal;line-height:normal;text-transform:none;font-size:medium;white-space:normal;font-family:Calibri;word-spacing:0px">



<span style="text-indent:0px;letter-spacing:normal;font-variant:normal;text-align:start;font-style:normal;display:inline!important;font-weight:normal;float:none;line-height:normal;text-transform:none;font-size:medium;white-space:normal;font-family:Calibri;word-spacing:0px">*
 Install and unpack source tarballs</span><br style="text-indent:0px;letter-spacing:normal;font-variant:normal;text-align:start;font-style:normal;font-weight:normal;line-height:normal;text-transform:none;font-size:medium;white-space:normal;font-family:Calibri;word-spacing:0px">



<span style="text-indent:0px;letter-spacing:normal;font-variant:normal;text-align:start;font-style:normal;display:inline!important;font-weight:normal;float:none;line-height:normal;text-transform:none;font-size:medium;white-space:normal;font-family:Calibri;word-spacing:0px">*
 run scripts</span><br style="text-indent:0px;letter-spacing:normal;font-variant:normal;text-align:start;font-style:normal;font-weight:normal;line-height:normal;text-transform:none;font-size:medium;white-space:normal;font-family:Calibri;word-spacing:0px">



<span style="text-indent:0px;letter-spacing:normal;font-variant:normal;text-align:start;font-style:normal;display:inline!important;font-weight:normal;float:none;line-height:normal;text-transform:none;font-size:medium;white-space:normal;font-family:Calibri;word-spacing:0px">*
 Allow grouping, selection, and ordering of all of the above operations</span></div></span>
</div>

<br></div><div>_______________________________________________<br>
OpenStack-dev mailing list<br>
<a href="mailto:OpenStack-dev@lists.openstack.org" target="_blank">OpenStack-dev@lists.openstack.org</a><br>
<a href="http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev" target="_blank">http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev</a><br>
<br></div></blockquote></div><br></div></div>
</blockquote></div><br></div>
</div></div></blockquote></div><br></div>