OpenStack components uses the OSLO messaging security library to communicate with worker processes running on compute nodes and a cloud controller node. For best possible performance and scalability OSLO library does not employ signing or encryption. As a result, messaging security depends on message broker’s security. You need to protect a messaging broker. Mirantis OpenStack uses the RabbitMQ messaging broker.

Recommendations for messaging security and RabbitMQ:

  • Delete the RabbitMQ guest user.

  • Separate API functional publishers (Nova, Cinder, Neutron, and others) by leveraging rabbit_virtual_host configuration setting for each API and creating appropriate Rabbit virtual host:

    rabbitmqctl add_vhost
  • For each RabbitMQ virtual host create unique credentials along with appropriate permissions:

    rabbitmqctl add_user
    rabbitmqctl set_permissions
  • Monitor RabbitMQ network activity with iptables or other monitoring tool to get accounting information.

  • Forward the RabbitMQ and HAProxy logs to the central syslog server.

  • Use TLS for messaging transport security.