a7115e22f7
This is an interim commit of the changes for secure oslo-messaging.rpc. In this commit we introduce the code for serializers that will encrypt all traffic being sent on oslo_messaging.rpc. Each guest communicates with the control plane with traffic encrypted using a per-instance key. This includes both traffic from the taskmanager to the guest as well as the guest and the conductor. Per-instance keys are stored in the infrastructure database. These keys are further encrypted in the database. Tests that got annoyed have been placated. Upgrade related changes have been proposed. If an instance has no key, no encryption is performed. If the guest gets no key, it won't encrypt, just pass through. When an instance is upgraded, keys are added. The output of the trove show command (and the show API) have been augmented to show which instances are using secure RPC communication ** if the requestor is an administrator **. A simple caching mechanism for encryption keys has been proposed; this will avoid the frequent database access to get the encryption keys. For Ocata, to handle the upgrade case, None as an encryption_key is a valid one, and is therefore not cached. This is why we can't use something like lrucache. A brief writeup has been included in dev docs (dev/secure_oslo_messaging.rst) which shows how the feature can be used and would help the documentation team write up the documentation for this capability. Change-Id: Iad03f190c99039fd34cbfb0e6aade23de8654b28 DocImpact: see dev/secure_oslo_messaging.rst Blueprint: secure-oslo-messaging-messages Related: If0146f08b3c5ad49a277963fcc685f5192d92edb Related: I04cb76793cbb8b7e404841e9bb864fda93d06504 |
||
---|---|---|
.. | ||
install_venv.py | ||
start-fake-mode.sh | ||
stop-fake-mode.sh | ||
trove-pylint.config | ||
trove-pylint.py | ||
trove-pylint.README | ||
with_venv.sh |