Trove uses rabbitmq to communicate between the API and the database hosts (which are VMs).
Currently rabbit is locked down so that only cloudcontrol/cloudservices/cloudnet nodes can talk to it. Opening it up to access for guests raises some concerns:
- Does this break our nascent policies about network isolation?
- How can we mitigate the risk of a non-trove guest launching a DOS against Rabbit?
- Does creating a new rabbit cluster just for trove help with any of these issues?