Hi stackers, I would like to share my wonder here about Notifications. I'm working [1] on Heat notifications and I noticed that : 1/ Heat uses his context to store 'password' 2/ Heat and Nova store 'auth_token' in context too. Didn't check for other projects except for neutron which doesn't store auth_token These infos are consequently sent thru their notifications. I guess we consider the broker as securised and network communications with services too BUT should not we delete these data anyway since IIRC they are never in use (at least by ceilometer) and by the way throwing it away the security question ? My other concern is the size (Kb) of notifications : 70% for auth_token (with pki) ! We can reduce the volume drastically and easily by deleting these data from notifications. I know that RabbitMQ (or others) is very robust and can handle this volume but when I see this kind of improvements, I'am tempted to do it. I see an easy way to fix that in oslo-incubator [2] : delete keys of context if existing, config driven with "password" and "auth_token" by default thoughts? [1] https://blueprints.launchpad.net/ceilometer/+spec/handle-heat-notifications [2] https://github.com/openstack/oslo-incubator/blob/master/openstack/common/notifier/rpc_notifier.py and others -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20140129/88facbcb/attachment.html>