yahoo-eng-team team mailing list archive

Thread
Date

[Bug 1284741] Re: EC2 metadata service doesn't account for request forwarding when using neutron metadata-proxy

To: yahoo-eng-team@xxxxxxxxxxxxxxxxxxx
From: "Davanum Srinivas \(DIMS\)" <davanum@xxxxxxxxx>
Date: Sun, 02 Aug 2015 23:07:17 -0000
Reply-to: Bug 1284741 <1284741@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

** Changed in: nova
       Status: Confirmed => Won't Fix

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Compute (nova).
https://bugs.launchpad.net/bugs/1284741

Title:
  EC2 metadata service doesn't account for request forwarding when using
  neutron metadata-proxy

Status in ec2-api:
  Confirmed
Status in OpenStack Compute (nova):
  Won't Fix

Bug description:
  When an EC2 metadata request is received via the neutron metadata
  proxy Nova assumes that the X-Forwarded-For item in teh header is the
  address of the instance:

  https://github.com/openstack/nova/blob/master/nova/api/metadata/handler.py#L149

  In fact depending on the network path this could be a comma separated
  list of of addresses, only the first element of which is the address
  of the instance.

  The correct handling should be something like:

  remote_address = req.headers.get('X-Forwarded-For').split(',')[0]

To manage notifications about this bug go to:
https://bugs.launchpad.net/ec2-api/+bug/1284741/+subscriptions

References

[Bug 1284741] [NEW] EC2 metadata service doesn't account for request forwarding when using neutron metadata-proxy
From: Phil Day, 2014-02-25