The region controller assumes the first cluster to connect is the "local" cluster
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
MAAS |
Fix Released
|
Critical
|
Raphaël Badin | ||
1.2 |
Fix Released
|
Critical
|
Raphaël Badin |
Bug Description
The first cluster controller to connect to the region is assumed to be the local (i.e. running on the same machine as the region) cluster controller. It is automatically accepted and the hostname sent to the nodes handled by this cluster will be the one used by the region controller itself.
Two problems:
- accepting a remote cluster is a security risk
- if the first cluster to connect is not the one installed alongside the region (i.e. if "maas-region-
Either we fix these 2 problems or we force the installation of a cluster controller alongside the region controller (i.e. we make 'maas-region-
Related branches
- Gavin Panella (community): Approve
-
Diff: 219 lines (+103/-3)5 files modifiedsrc/maas/settings.py (+5/-0)
src/maasserver/api.py (+16/-2)
src/maasserver/tests/test_api.py (+32/-1)
src/maasserver/utils/__init__.py (+23/-0)
src/maasserver/utils/tests/test_utils.py (+27/-0)
- Raphaël Badin (community): Approve
-
Diff: 219 lines (+103/-3)5 files modifiedsrc/maas/settings.py (+5/-0)
src/maasserver/api.py (+16/-2)
src/maasserver/tests/test_api.py (+32/-1)
src/maasserver/utils/__init__.py (+23/-0)
src/maasserver/utils/tests/test_utils.py (+27/-0)
description: | updated |
Changed in maas: | |
status: | Triaged → In Progress |
Changed in maas: | |
status: | In Progress → Fix Committed |
Changed in maas: | |
status: | Fix Committed → Fix Released |
More info here: https:/ /bugs.launchpad .net/maas/ +bug/1103195/ comments/ 3