Hi, We are using folsom with nova-networking multi_host=True, which means that every host has direct access to the internet. In our environment that also meant that every host had it's own public ip(office ip).
We set it to 0.0.0.0 because we needed to support live-migration and changed to multi_host later so the config was still there. Related documentation: http://docs.openstack.org/trunk/openstack-compute/admin/content/important-nova-compute-options.html But this is a big security problem, because it will make the instances accessible to everybody who can reach an compute node. We solved it by running nova-novncproxy on every compute node and setting the vncserver_listen to 127.0.0.1. How did other people solve this problem? Is this ok? Didn't see any documentation about this. I think this problem is an obvious problem that people should notice themself, but we were just switching to multi_host mode so overlooked this small configuration. To prevent this happening to somebody else we could do the following: 1. In the documentation explicitly tell the user that when you enable multi_host that you can't use vncserver_listen=0.0.0.0 2. Do some sanity checks on nova.conf options, if we notice that vncserver_listen: 0.0.0.0 and multi_host true, we don't allow starting the nova-compute service and give a clear error message saying that it's stupid to do something like that and what the user should do instead. Regards, Sam Stoelinga
_______________________________________________ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
