[openstack-dev] [Oslo][oslo.messaging][all] Notice: upcoming change to oslo.messaging RPC server

Ken Giusti kgiusti at gmail.com
Tue Sep 26 20:17:57 UTC 2017 

Hi Folks,

Just a head's up:

In Queens the default access policy for RPC Endpoints will change from
LegacyRPCAccessPolicy to DefaultRPCAccessPolicy.  RPC calls to private
('_' prefix) methods will no longer be possible.  If you want to allow
RPC Clients to invoke private methods, you must explicitly set the
access_policy to LegacyRPCAccessPolicy when you call get_rpc_server()
or instantiate an RPCDispatcher.  This change [0] has been merged to
oslo.messaging master and will appear in the next release of
oslo.messaging.

"Umm.... What?"

Good question!  Here's the TL;DR details:

Since forever it's been possible for a client to make an RPC call
against _any_ method defined in the RPC Endpoint object.  And by "any"
we mean "all methods including private ones (method names prefixed by
'_' )"

Naturally this ability came as a surprise many folk [1], including
yours truly and others on the oslo team [2].  It was agreed that
having this be the default behavior was indeed A Bad Thing.

So starting in Ocata oslo.messaging has provided a means for
controlling access to Endpoint methods [3].  Oslo.messaging now
defines three different "access control policies" that can be applied
to an RPC Server:

LegacyRPCAccessPolicy: original behavior - any method can be invoked
by an RPC client
DefaultRPCAccessPolicy: prevent RPC access to private '_' methods, all
others may be invoked
ExplicitRPCAccessPolicy: only allow access to those methods that have
been decorated with @expose decorator

See [4] for more details.

In order not to break anything at the time the default access policy
was set to 'LegacyRPCAccessPolicy'.  This has been the default for
Ocata and Pike.

Starting in Queens this will no longer be the case.
DefaultRPCAccessPolicy will become the default if no access policy is
specified when calling get_rpc_server() or directly instantiating an
RPCDispatcher.  To keep the old behavior you must explicitly set the
access policy to LegacyRPCAccessPolicy:

from oslo_messaging.rpc import LegacyRPCAccessPolicy
...
server = get_rpc_server(transport, target, endpoints,
                                     access_policy=LegacyRPCAccessPolicy)



Reply here if you have any questions or hit any issues, thanks!

-K

[0] https://review.openstack.org/#/c/500456/
[1] https://bugs.launchpad.net/oslo.messaging/+bug/1194279
[2] https://bugs.launchpad.net/oslo.messaging/+bug/1555845
[3] https://review.openstack.org/#/c/358359/
[4] https://docs.openstack.org/oslo.messaging/latest/reference/server.html
-- 
Ken Giusti  (kgiusti at gmail.com)

More information about the OpenStack-dev mailing list