[Openstack] [ceilometer] Monitoring physical devices
Doug Hellmann
doug.hellmann at dreamhost.com
Mon Nov 5 16:17:11 UTC 2012
On Mon, Nov 5, 2012 at 7:37 AM, Julien Danjou <julien at danjou.info> wrote:
> On Mon, Nov 05 2012, Doug Hellmann wrote:
>
> > If we make the current compute agent take an option telling it which
> > pollster namespace to use, then the same framework can load different
> > pollsters. However, there is a fundamental security issue with
> > communicating from an agent running inside a tenant's OS image using the
> > RPC stack. At DreamHost, and I suspect at other providers, that RPC
> network
> > is completely isolated from any tenant networks. We would not want a
> tenant
> > to be able to listen to the message bus, and definitely would not want it
> > to be able to write anything to the message bus.
>
> What makes you think an agent would run inside an instance? I mean, this
> is not what this is about, we're talking about hardware running OS.
>
When an image is deployed to bare metal, there is no container, right?
Doug
>
> --
> Julien Danjou
> # Free Software hacker & freelance
> # http://julien.danjou.info
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack/attachments/20121105/46946c5d/attachment.html>
More information about the Openstack
mailing list