[ https://issues.apache.org/jira/browse/CLOUDSTACK-5017?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13811825#comment-13811825 ]
ASF subversion and git services commented on CLOUDSTACK-5017: ------------------------------------------------------------- Commit 24af28290ec3ea6a18c66544dbfd8678d6f7d19b in branch refs/heads/master from [~minchen07] [ https://git-wip-us.apache.org/repos/asf?p=cloudstack.git;h=24af282 ] CLOUDSTACK-5017: use LocalHostEndPoint in copying from S3 to cache store during ssvm launch. > If SSVM is unavailable DownloadCommands will be routed to mgmt server > --------------------------------------------------------------------- > > Key: CLOUDSTACK-5017 > URL: https://issues.apache.org/jira/browse/CLOUDSTACK-5017 > Project: CloudStack > Issue Type: Bug > Security Level: Public(Anyone can view this level - this is the > default.) > Components: Storage Controller > Affects Versions: 4.2.0 > Reporter: Darren Shepherd > Assignee: Min Chen > Priority: Blocker > Fix For: 4.3.0 > > > If a SSVM in the zone is not available, meaning either it does not exist or > the host entry is not Up or Connecting, DownloadCommand will get routed to > LocalHostEndpoint. This is particularily dangerous in a NFS setup. If the > mgmt server handles the DownloadCommand it has sudo access to mount NFS and > perform the action. This mean the mgmt server is now in the data path, or > worse, it could hang if it does not have network access to the NFS server. -- This message was sent by Atlassian JIRA (v6.1#6144)