I have a spec[1] and a corresponding branch[2] about making basic use of libvirt's nwfilter support. It basically just adds a snippet to the libvirt templates that enables a number of network filtering techniques. Specifically, it prevents MAC spoofing, ARP spoofing, and IP spoofing. I didn't bother making this configurable, since it seems like the sort of thing everyone will always want. As such, there's no API call to enable it, nor is there a setting in the datamodel that enables/disables it.
While this is a great feature to have, it raises a few questions about the non-libvirt hypervisors. Ideally, of course, we don't want the choice of hypervisors to affect the utility of Nova. Lacking decent network filtering IMO limits a cloud computing platform's utility significantly. So, what to do? Should we more clearly define the contract to which a hypervisor driver is meant to adhere and list the above mentioned spoofing protections as requirements? We could assign specific people as designated maintainers of the different hypervisor drivers, and make it their responsibility to make their driver conformant to the contract. Other suggestions? I also have another spec[3] and a corresponding branch[4] that implements EC2 style security groups using libvirt's nwfilter. This is a bigger chunk of work, but it seems like it should follow the same pattern. [1]: https://blueprints.launchpad.net/nova/+spec/austin-nwfilter [2]: https://code.launchpad.net/~soren/nova/nwfilter [3]: https://blueprints.launchpad.net/nova/+spec/austin-ec2-security-groups [4]: https://code.launchpad.net/~soren/nova/ec2-security-groups -- Soren Hansen Ubuntu Developer http://www.ubuntu.com/ OpenStack Developer http://www.openstack.org/ _______________________________________________ Mailing list: https://launchpad.net/~nova Post to : [email protected] Unsubscribe : https://launchpad.net/~nova More help : https://help.launchpad.net/ListHelp
