GabrielBrascher commented on pull request #4978:
URL: https://github.com/apache/cloudstack/pull/4978#issuecomment-1063033056
@rohityadavcloud @PaulAngus I've addressed your security concerns.
By default, the HA helper service will be provided via HTTP + SSL, with
Basic Auth. If one wants to keep it just HTTP, it is still possible to do it
via the "insecure" mode of the script.
Service is deployed with a default configuration, but can be changed
following the respective arguments:
```
Optional arguments:
-h, --help Show this help message and exit
-i, --insecure Allows to run the HTTP server without SSL
-p, --port PORT Port to be used by the agent-ha-helper server
-u, --username USERNAME Sets the user for server authentication
-k, --password PASSWORD Keyword/password for server authentication
```
This requires that both ends (management and KVM agents) are configured
properly. The default configuration is set to SSL + Authentication with a
default username + password (obviously, admins can easily change it).
With SSL + Authentication, only the management node and configured KVM hosts
are able serve and consume this API.
It is important to raise that this API **DOES NOT** allow to run Libvirt
commands. It only lists the running VMs, and if the host is reachable (`Up` vs
`Down`). If an attacker gets access to such API, it would be able just to
collect the number of running VMs.
Also, note that the "secure mode" works only when the KVM nodes have
certificates provided (via `provisionCertificate`), otherwise the service will
fail.
I will work on the whole documentation needed to make sure users would be
guided, in case this implementation gets merged.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
