On 2018-06-27 12:37:43 -0400 (-0400), Jay Pipes wrote:
[...]
> the hostId was not, in fact, the host identifier, but rather a
> SHA-224 hash of the host and project_id.
[...]
Oh, that's slick. Yeah, it would basically take brute-forcing the
UUID space to divine the actual host identifier from
On 06/27/2018 12:20 PM, Matt Riedemann wrote:
On 6/27/2018 10:13 AM, Jay Pipes wrote:
I'm -2'd the patch in question because of these concerns about
crossing the line between administrative and guest/virtual domains. It
may seem like a very trivial patch, but from what I can tell, it would
be
On 06/27/18 11:20, Matt Riedemann wrote:
To be clear, this is exposing the exact same hashed host+project_id
value via the metadata API that you can already get, as a non-admin
user, from the compute REST API:
On 2018-06-27 11:13:04 -0400 (-0400), Jay Pipes wrote:
[...]
> Virtual machines and the software running in them should not need
> to know what particular piece of hardware they are running on. VMs
> having knowledge of the underlying hardware and host violates the
> principle of least privilege
On 6/27/2018 10:13 AM, Jay Pipes wrote:
I'm -2'd the patch in question because of these concerns about crossing
the line between administrative and guest/virtual domains. It may seem
like a very trivial patch, but from what I can tell, it would be a very
big departure from the types of
On 06/25/2018 05:28 PM, Mohammed Naser wrote:
Hi everyone:
While working with the OpenStack infrastructure team, we noticed that
we were having some intermittent issues where we wanted to identify a
theory if all VMs with this issue were landing on the same hypervisor.
However, there seems to
We only bump the version if something has changed IIRC. I think bumping
when nothing has changed would create a burden for implementers of client
software. So its not like you get a chance to sneak this in "for free".
Does this information really need to be available in the host OS? Its
trivial
Hi everyone:
While working with the OpenStack infrastructure team, we noticed that
we were having some intermittent issues where we wanted to identify a
theory if all VMs with this issue were landing on the same hypervisor.
However, there seems to be no way of directly accessing `hostId` from
