Page MenuHomePhabricator

Make a plan for Trove v. rabbit
Open, Needs TriagePublic

Description

Trove uses rabbitmq to communicate between the API and the database hosts (which are VMs).

Currently rabbit is locked down so that only cloudcontrol/cloudservices/cloudnet nodes can talk to it. Opening it up to access for guests raises some concerns:

  • Does this break our nascent policies about network isolation?
  • How can we mitigate the risk of a non-trove guest launching a DOS against Rabbit?
  • Does creating a new rabbit cluster just for trove help with any of these issues?

Event Timeline

We discussed this during a team meeting and decided that the risk of exposing our primary rabbitmq cluster to VMs doesn't really scare anyone.

https://gerrit.wikimedia.org/r/c/operations/puppet/+/675899