[openstack-dev] [Fuel] master access control - future work
Evgeniy L
eli at mirantis.com
Thu Sep 11 10:00:45 UTC 2014
Hi Lukasz,
Regarding to 'Node agent authorization' do you have some ideas how it could
be done?
For me it looks really complicated, because we don't upgrade agents on
slave nodes and
I'm not sure if we will be able to do it in the nearest future.
Thanks,
On Tue, Sep 9, 2014 at 1:50 PM, Lukasz Oles <loles at mirantis.com> wrote:
> Dear Fuelers,
>
> I have some ideas and questions to share regarding Fuel Master access
> control.
>
> During 5,1 cycle we made some non optimal decision which we have to fix.
> The following blueprint describes required changes:
>
>
> https://blueprints.launchpad.net/fuel/+spec/access-control-master-node-improvments
>
> The next step to improve security is to introduce secure connection using
> HTTPS, it is described here:
>
> https://blueprints.launchpad.net/fuel/+spec/fuel-ssl-endpoints
>
> And now, there is question about next stages from original blueprint:
>
> https://blueprints.launchpad.net/fuel/+spec/access-control-master-node
>
> For example, from stage 3:
> - Node agent authorization, which will increase security. Currently, any
> one can change node data.
> What do you think do we need it now?
>
> Please read and comment first two blueprints.
>
> --
> Łukasz Oleś
>
> _______________________________________________
> OpenStack-dev mailing list
> OpenStack-dev at lists.openstack.org
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20140911/1585ea03/attachment.html>
More information about the OpenStack-dev
mailing list