openstack team mailing list archive
-
openstack team
-
Mailing list archive
-
Message #18274
Re: [ceilometer] Monitoring physical devices
On Mon, Nov 05 2012, Doug Hellmann wrote:
> If we make the current compute agent take an option telling it which
> pollster namespace to use, then the same framework can load different
> pollsters. However, there is a fundamental security issue with
> communicating from an agent running inside a tenant's OS image using the
> RPC stack. At DreamHost, and I suspect at other providers, that RPC network
> is completely isolated from any tenant networks. We would not want a tenant
> to be able to listen to the message bus, and definitely would not want it
> to be able to write anything to the message bus.
What makes you think an agent would run inside an instance? I mean, this
is not what this is about, we're talking about hardware running OS.
--
Julien Danjou
# Free Software hacker & freelance
# http://julien.danjou.info
Attachment:
pgpxnOJqN25Wp.pgp
Description: PGP signature
Follow ups
References