<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<style type="text/css" style="display:none"><!-- p { margin-top: 0px; margin-bottom: 0px; }--></style>
</head>
<body dir="ltr" style="font-size:10pt;color:#000000;background-color:#FFFFFF;font-family:'Courier New',monospace;">
<p>Yeah, I don't think anyone would give access to the production rabbitmq directly.<br>
</p>
<p><br>
</p>
<p>We use Yagi [1] to pipe it to AtomHopper [2] for downstream consumption/sanitizing.<br>
</p>
<p><br>
</p>
<p>-S<br>
</p>
<p><br>
</p>
<p>[1] <a href="https://github.com/rackerlabs/yagi">https://github.com/rackerlabs/yagi</a><br>
</p>
<p>[2] <a href="http://atomhopper.org/">http://atomhopper.org/</a><br>
</p>
<p><br>
</p>
<p><br>
</p>
<div style="color: rgb(33, 33, 33);">
<hr tabindex="-1" style="display:inline-block; width:98%">
<div id="divRplyFwdMsg" dir="ltr"><font face="Calibri, sans-serif" color="#000000" style="font-size:11pt"><b>From:</b> Duncan Thomas <duncan.thomas@gmail.com><br>
<b>Sent:</b> Wednesday, April 8, 2015 2:03 PM<br>
<b>To:</b> OpenStack Development Mailing List (not for usage questions)<br>
<b>Subject:</b> Re: [openstack-dev] [all] how to send messages (and events) to our users</font>
<div> </div>
</div>
<div>
<div dir="ltr">From a security point, it certainly scares the hell out of me</div>
<div class="gmail_extra"><br>
<div class="gmail_quote">On 7 April 2015 at 08:45, Chris Friesen <span dir="ltr">
<<a href="mailto:chris.friesen@windriver.com" target="_blank">chris.friesen@windriver.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex; border-left:1px #ccc solid; padding-left:1ex">
<span class="">On 04/06/2015 10:08 PM, Angus Salkeld wrote:<br>
</span>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex; border-left:1px #ccc solid; padding-left:1ex">
<span class="">On Tue, Apr 7, 2015 at 1:53 PM, Chris Friesen <<a href="mailto:chris.friesen@windriver.com" target="_blank">chris.friesen@windriver.com</a><br>
</span>
<div>
<div class="h5"><mailto:<a href="mailto:chris.friesen@windriver.com" target="_blank">chris.friesen@<u></u>windriver.com</a>>> wrote:<br>
<br>
On 04/06/2015 08:55 PM, Angus Salkeld wrote:<br>
<br>
Hi all<br>
<br>
For quite some time we (Heat team) have wanted to be able to send<br>
messages to our<br>
users (by user I do not mean the Operator, but the User that is<br>
interacting with<br>
the client).<br>
<br>
What do I mean by "user messages", and how do they differ from our<br>
current log<br>
messages and notifications?<br>
- Our current logs are for the operator and have information that the user<br>
should not have<br>
(ip addresses, hostnames, configuration options, other tenant info<br>
etc..)<br>
- Our notifications (that Ceilometer uses) *could* be used, but I am not<br>
sure if<br>
it quite fits.<br>
(they seem a bit heavy weight for a log message and aimed at higher<br>
level events)<br>
<br>
<br>
<snip><br>
<br>
What are some options we could investigate:<br>
1. remote syslog<br>
2. Zaqar<br>
3. Other options:<br>
Please chip in with suggestions/links!<br>
<br>
<br>
What about a per-user notification topic using the existing notification<br>
backend?<br>
<br>
<br>
Wouldn't that require the Operator to provide the end user with access to the<br>
message bus?<br>
Seems scary to me.<br>
</div>
</div>
</blockquote>
<br>
AMQP supports access controls, so is it really all that scary? Maybe set up a virtual host per user if we want to be paranoid? (Just throwing it out there as an option since we're already using it...)
<div class="HOEnZb">
<div class="h5"><br>
<br>
Chris<br>
<br>
______________________________<u></u>______________________________<u></u>______________<br>
OpenStack Development Mailing List (not for usage questions)<br>
Unsubscribe: <a href="http://OpenStack-dev-request@lists.openstack.org?subject:unsubscribe" target="_blank">
OpenStack-dev-request@lists.<u></u>openstack.org?subject:<u></u>unsubscribe</a><br>
<a href="http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev" target="_blank">http://lists.openstack.org/<u></u>cgi-bin/mailman/listinfo/<u></u>openstack-dev</a><br>
</div>
</div>
</blockquote>
</div>
<br>
<br clear="all">
<div><br>
</div>
-- <br>
<div class="gmail_signature">Duncan Thomas</div>
</div>
</div>
</div>
</body>
</html>