[chef] Re: Re: Chef and information security between nodes


Chronological Thread 
  • From: Ranjib Dey < >
  • To:
  • Subject: [chef] Re: Re: Chef and information security between nodes
  • Date: Tue, 24 Apr 2012 11:25:51 +0530

we had faced the exact problem, as we run a large CI grid which serves multiple clients and everything is maintained via chef. Chef environments are not first class, i.e. the isolation is only limited to  run list and attributes. Also, a node can rejoin to other environments, theres no easy way to restrict them or bind them to a particular environment by server side configuration. We have ended up using multiple chef server. We also had the requirement of per client network isolation (VLAN) and i think its just easier to maintain multiple chef api server , solr instances , but you can re-use the couch db or rabbitmq server.

On Tue, Apr 24, 2012 at 5:52 AM, Jesse Nelson < " target="_blank"> > wrote:
Sounds like you need to run a server per client. Use platform.  Or code OSS server to support organizations like platform.




On Apr 24, 2012, at 5:51 AM, < "> > wrote:

> Hello,
>
> We have evaluated Puppet and Chef during one and a half month and have "almost"
> decided to go with Chef !
>
> "Almost" because we have got a "no-go" from the responsable of the
> infrastructure due to the lack of security on node informations :(
>
> I explain:
> We will have different VMs for different customers connected to the same Chef
> Server.
>
> When a node is connected to the Chef Server, with a properly knife configured
> on it, it is possible to retrieve the list of all nodes from the Chef Server,
> show the attributes of the different nodes, search the attributes among all the
> nodes, and so on...
>
> This is a big issue for us since we must prevent a customer to see any
> information about other customer. And I guess we are not the only ones who met
> this issue...
>
> We consider as a security threat that, from a node, it is possible to show
> information on other nodes.
>
> We have looked for solution, and the only one we have found so far is to modify
> the source code of the Chef Server API in order to add restriction such "a node
> is able to see only its own information".
>
> Before we start to look more deeply in this solution, could you please let us
> know if you see any other solution to our problem please ?
>
> Thanks in advance for your feedback.
>
> Best regards,
> Christophe




Archive powered by MHonArc 2.6.16.

§