On 2017-02-20 14:36:15 -0500 (-0500), Clint Byrum wrote: > What exactly is the security concern of the metadata service? Perhaps > those concerns can be addressed directly? [...]
A few I'm aware of: 1. It's something that runs in the control plane but needs to be reachable from untrusted server instances (which may themselves even want to be on completely non-routed networks). 2. If you put a Web proxy between your server instances and the metadata service and also make it reachable without going through that proxy then instances may be able to spoof one another (OSSN-0074). 3. Lots of things, for example facter, like to beat on it heavily which makes for a fun DDoS and so is a bit of a scaling challenge in large deployments. There are probably plenty more I don't know since I'm not steeped in operating OpenStack deployments. -- Jeremy Stanley _______________________________________________ OpenStack-operators mailing list OpenStack-operators@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators