Open Stack

While doing some testing, I had something happen that is very concerning 
in regards to security.  Below lays out the variables I'm working with:

* MOS 9.2

* Openstack environment is using Cinder Block Device Driver (chose 'LVM' 
option vs 'Ceph' option when setting the block device option during the 
creation of the environment)

* Instance created, it's disk image lives on 1 compute host that has 
'cinder block device' installed on it and the instance itself was 
migrated to run on a different compute host after it was created.  This 
wasn't intended but happened.

I rebooted both compute nodes as a test to see how it dealt with an 
unexpected outage, one running the instance and one hosting it's root 
disk via Cinder BDD.  Within Horizon, I had the instance's console page 
pull up and during that time, I literally saw the bootup of the compute 
node's host operating system and not the instance itself.  I know this 
because when it finished booting, the hostname was that of the local 
compute node that the instance was running from.  It was also Ubuntu 
14.04 and not the cirros 'TestVM' image (I dont have a Ubuntu 14.04 
image in Glance at all).  The instance that hosted the disk was rebooted 
after the one running the instance meaning the root disk wasn't 
available when the instance attempted to boot.

I've never seen anything like this and was not aware you can get the 
compute node's console via a VNC session.  In any case, I was really 
concerned about this as if this were to happen for whatever reason in a 
production setup, customers other than admin may gain access to the 
compute node's console for brute force attempts, a reboot or other 
potentially malicious activities.

Has anyone ever seen this behaviour before?