[openstack-dev] [all] who is the ptl of trove?
Nikhil Manchanda
nikhil at manchanda.me
Fri May 8 07:45:27 UTC 2015
Comments and answers inline.
Li Tianqing writes:
> [...]
> 1) why we put the trove vm into user's tenant, not the trove's
> tenant? User can login on that vm, and that vm must connect to
> rabbitmq. It is quite insecure.
> what's about put the tenant into trove tenant?
While the default configuration of Trove in devstack puts Trove guest
VMs into the users' respective tenants, it's possible to configure Trove
to create VMs in a single "Trove" tenant. You would do this by
overriding the default novaclient class in Trove's remote.py with one
that creates all Trove VMs in a particular tenant whose user credentials
you will need to supply. In fact, most production instances of Trove do
something like this.
> 2) Why there is no trove mgmt cli, but mgmt api is in the code?
> Does it disappear forever ?
The reason for this is because the old legacy Trove client was rewritten
to be in line with the rest of the openstack clients. The new client
has bindings for the management API, but we didn't complete the work on
writing the shell pieces for it. There is currently an effort to
support Trove calls in the openstackclient, and we're looking to
support the management client calls as part of this as well. If this is
something that you're passionate about, we sure could use help landing
this in Liberty.
> 3) The trove-guest-agent is in vm. it is connected by taskmanager
> by rabbitmq. We designed it. But is there some prectise to do this?
> how to make the vm be connected in vm-network and management
> network?
Most deployments of Trove that I am familiar with set up a separate
RabbitMQ server in cloud that is used by Trove. It is not recommended to
use the same infrastructure RabbitMQ server for Trove for security
reasons. Also most deployments of Trove set up a private (neutron)
network that the RabbitMQ server and guests are connected to, and all
RPC messages are sent over this network.
Hope this helps,
Thanks,
Nikhil
> [...]
More information about the OpenStack-dev
mailing list