[Openstack-operators] Managing security incidents: how to find the guilty VM ?

gustavo panizzo <gfa> gfa at zumbi.com.ar
Sat Aug 1 03:27:29 UTC 2015


On Fri, Jul 31, 2015 at 05:48:19 +0200, Antonio Messina wrote:
> I've tested briefly ulogd, and it basically works.
> 
> The only issue is that the "ulogd" daemon needs to run on the
> qrouter-<uuid> namespace, therefore neutron should start ulogd daemon
> on a router namespace whenever is created (and deleted whenever the
> router is deleted).
> 
> Alternative solutions:
> 
> a) in case neutron supports "triggers" (but I don't think so), e.g.
> shell commands that are executed whenever a namespace is created,
> startup of ulogd could be executed by the trigger

for a long time I wish neutron had triggers/hooks before and after setup
the network namespaces, I would happily help to define an RFE, spec, of it.

my usecase is similar, I want to modify the firewall inside the
namespace

-- 
1AE0 322E B8F7 4717 BDEA BF1D 44BB 1BA7 9F6C 6333

keybase: http://keybase.io/gfa



More information about the OpenStack-operators mailing list