Thank you for your reply. I will test and let you know. Nguyen Huu Khoi On Fri, Jan 27, 2023 at 5:16 PM Jake Yip <jake.yip at ardc.edu.au> wrote: > Hi Nguyen, > > This is quite an old (2016) CVE, and I see that there have been a patch > for it already. > > On why Trust is needed - the Kubernetes cluster needs to have OpenStack > credentials to be able to spin up OpenStack resources like Cinder > Volumes and Octavia Loadbalancers. > > You should use [trust]/roles in magnum config to limit the amount of > roles that the trust is created with. Typically only Member is necessary > but this can vary from cloud to cloud, depending on whether your cloud > have custom policies. > > Regards, > Jake > > On 23/1/2023 1:59 am, Nguyễn Hữu Khôi wrote: > > Hello guys. > > I am going to use Magnum for production but I see that > > https://nvd.nist.gov/vuln/detail/CVE-2016-7404 > > <https://nvd.nist.gov/vuln/detail/CVE-2016-7404> if I want to use > cinder > > for k8s cluster. Is there any way to fix or minimize this problem? > > Thanks. > > Nguyen Huu Khoi > -------------- next part -------------- An HTML attachment was scrubbed... URL: <https://lists.openstack.org/pipermail/openstack-discuss/attachments/20230130/bbdb851d/attachment.htm>