[Openstack-operators] [nova] Metadata service over virtio-vsock
Jeremy Stanley
fungi at yuggoth.org
Mon Feb 20 20:08:00 UTC 2017
On 2017-02-20 14:36:15 -0500 (-0500), Clint Byrum wrote:
> What exactly is the security concern of the metadata service? Perhaps
> those concerns can be addressed directly?
[...]
A few I'm aware of:
1. It's something that runs in the control plane but needs to be
reachable from untrusted server instances (which may themselves even
want to be on completely non-routed networks).
2. If you put a Web proxy between your server instances and the
metadata service and also make it reachable without going through
that proxy then instances may be able to spoof one another
(OSSN-0074).
3. Lots of things, for example facter, like to beat on it heavily
which makes for a fun DDoS and so is a bit of a scaling challenge in
large deployments.
There are probably plenty more I don't know since I'm not steeped in
operating OpenStack deployments.
--
Jeremy Stanley
More information about the OpenStack-operators
mailing list