cloudstack-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Nux! <...@li.nux.ro>
Subject Re: [DISCUSS] VR Password server improvement and expiring
Date Wed, 11 Mar 2015 13:09:54 GMT
Hello,

See inline.

> JIRA: https://issues.apache.org/jira/browse/CLOUDSTACK-8272
> PR: https://github.com/apache/cloudstack/pull/106
> 
> I need your comment on the following proposal:
> 
> 1. If a password has been served by the password server, we expire it
> within next 15 minutes (or suggest other values) if acknowledgement is
> not received.

If a guest has confirmed the password was retrieved delete it straight away. I am not sure
this is what you asked. :)

> 
> 2. If a password is not served by the password server in next 1-24 hours
> (because the VM was in stopped state and was never started to receive
> new password and send ack to remove it from VR) it gets expired. What
> should be a good enough time period, 1 hour? 4 hours? 1 day?

Imho the password should be kept forever, awaiting the guest to retrieve it.
There may be cases where people will regularly reset the passwords, a VM could stay offline
for a while before being started and getting the new password.

Will this new python implementation handle SSL connections as well?
I'd be nice if it did https by default with a self-signed cert unless otherwise specified.


Lucian

Mime
View raw message