[library] RabbitMQ management API port is opened on public IP addresses
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| Fuel for OpenStack |
Invalid
|
High
|
Fuel Library (Deprecated) | ||
| 6.1.x |
Won't Fix
|
High
|
MOS Maintenance | ||
| Mitaka |
Invalid
|
High
|
Fuel Library (Deprecated) | ||
Bug Description
Detailed bug description:
MOS HA deployment has RabbitMQ management plugin enabled on controllers. It listens on 0.0.0.0 port 15672. As far as controllers has public IP addresses configured the management API is also exposed to the Internet.
Steps to reproduce:
Deploy HA environment with Fuel, try to access http://
Expected results:
You should see login screen of the RabbitMQ management plugin
Description of the environment:
api: '1.0'
astute_sha: 1ea8017fe888941
auth_required: true
build_id: 2015-06-19_13-02-31
build_number: '525'
feature_groups:
- mirantis
fuel-library_sha: 2e7a08ad9792c70
fuel-ostf_sha: 8fefcf7c4649370
fuelmain_sha: a3998372183468f
nailgun_sha: dbd54158812033d
openstack_version: 2014.2.2-6.1
production: docker
python-
release: '6.1'
release_versions:
2014.2.2-6.1:
VERSION:
api: '1.0'
astute_sha: 1ea8017fe888941
build_id: 2015-06-19_13-02-31
build_number: '525'
feature_
- mirantis
fuel-
fuel-
fuelmain_sha: a3998372183468f
nailgun_sha: dbd54158812033d
openstack
production: docker
python-
release: '6.1'
| summary: |
- [library] RabbitMQ management API port is open on public IP addresses + [library] RabbitMQ management API port is opened on public IP addresses |
| Changed in fuel: | |
| milestone: | none → 6.1-updates |
| importance: | Undecided → High |
| assignee: | nobody → Fuel Library Team (fuel-library) |
| Bogdan Dobrelya (bogdando) wrote | #1 |
| information type: | Public → Public Security |
| Alexey Stupnikov (astupnikov) wrote | #2 |
Fixed for Mitaka