mariadb and rabbitdb on the undercloud have the ports accessible from everywhere
Bug #1617537 reported by
Michele Baldessari
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
tripleo |
Fix Released
|
High
|
Michele Baldessari |
Bug Description
In Liberty and Mitaka the network ports of mariadb and rabbit were not accessible on the ctlplane (and any other networks). With the firewall migration to puppet they became exposed. Since we currently do not set a password for the root sql user on the undercloud, this would be a security regression.
Changed in tripleo: | |
assignee: | nobody → Michele Baldessari (michele) |
status: | New → In Progress |
Changed in tripleo: | |
milestone: | none → newton-rc1 |
importance: | Undecided → High |
To post a comment you must log in.
https:/ /review. openstack. org/#/c/ 352484/