----------------------------------------
> Date: Wed, 7 Aug 2013 18:25:47 +1200
> From: [email protected]
> To: [email protected]
> Subject: Re: [openstack-dev] Nova config drive rebuilding
>
> On 7 August 2013 18:08, Uri Simchoni <[email protected]> wrote:
>> Hi,
>>
>> As far as I can tell (from testing and looking at the code, at least for
>> libvirt driver), the config drive is not rebuilt after initial spawning
>> (except for some migration scenarios), which means the guest cannot see
>> updates to its metadata.
>>
>> Is this a valid statement, and would it make sense to have the disk rebuilt
>> on events such as suspend/resume or stop/start?
>
> Thats certainly my understanding and one of the reasons I dislike it :).
>
Looking at the http-based alternative, can it be made to be more secure? On my
OVS-based system I was able to easily steal the metadata of another instance on
the same network by changing my instance's IP address. It appears to be
suitable only for publishing things to instances, but not for sharing secrets.
_______________________________________________
OpenStack-dev mailing list
[email protected]
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
