[openstack-dev] [nova][keystone] Message Queue Security

Eric Windisch eric at cloudscaling.com
Thu Apr 25 19:27:30 UTC 2013


> 
> The main reason was to avoid having to store many records on the
> receiving side. Using a monotonic timestamp you just need to keep around
> the last received one and if a message with an equal or older timstamp
> comes around you simply discard it.
> 
> Is it possible to receive 2 valid messages from the same source in the
> wrong order through the massage queue ?


Message are not guaranteed to be in order. First, this is not expected of the RPC abstraction, and secondly, it isn't true of the implementations we have. I can't speak for Rabbit/Qpid, but I know that ZeroMQ will certainly deliver messages out of order as they're sent over separate TCP connections. I suspect the same is probably true of Rabbit/Qpid, at least if you happen to have multiple processes per host (i.e. two processes of 'nova-scheduler'). 
> 
> If that is possible I guess using a nonce will be necessary, but I dread
> having to keep a dictionary of received packets, search through it every
> single time you receive a message, scrub it regularly to prune old
> entries and so on.

Dictionary key lookups are fast. Memory is a bigger concern. You only need to keep signatures, not message contents. There are data structures and patterns that are appropriate for this task that won't require active scrubbing.
> Keep in mind this database would have to be on shared if you really run
> multiple processes with the same name on the same host as they all have
> to share the replay database, so you need to use shared memory or IPC
> and some sort and locking ... which tends to slow done processing and it
> is usually a blocking operation.


At least that will be per-host and not per-service. 

Regards,
Eric Windisch




More information about the OpenStack-dev mailing list