You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: draft-THREAT-MODEL.md
+4-5Lines changed: 4 additions & 5 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -90,7 +90,7 @@ private/public cloud control plane", not a hosted-as-a-service appliance.
90
90
91
91
- A multi-tenant IaaS control plane deployed by an operator inside a
92
92
controlled datacenter or cloud, exposing compute / storage / network
93
-
orchestration to authenticated end users via a JSON API and a Vue.js Web
93
+
orchestration to authenticated end users via APIs which return responses in JSON or XML and a Vue.js Web
94
94
UI, with separately authenticated administrators *(documented: `README.md`,
95
95
`INSTALL.md`)*.
96
96
- Used both for service-provider public clouds and for on-premises private
@@ -134,7 +134,7 @@ single-instance is also a supported topology)*.
134
134
135
135
| Family | Representative entry point | Touches outside the process? | In-model? |
136
136
| --- | --- | --- | --- |
137
-
| Management server JSON API|`client/.../ApiServlet`, HTTPS on `:8080` (admin), `:8080/client/api` (user), HTTPS on `:8443` integration port *(documented: `server/src/main/java/com/cloud/api/ApiServlet.java`, `client/`)*| network (TCP, optionally TLS) |**yes**|
137
+
| Management server JSON and XML APIs|`client/.../ApiServlet`, HTTPS on `:8080` (admin), `:8080/client/api` (user), HTTPS on `:8443` integration port *(documented: `server/src/main/java/com/cloud/api/ApiServlet.java`, `client/`)*| network (TCP, optionally TLS) |**yes**|
138
138
| Management server Web UI | Vue.js SPA under `ui/`, served by the same servlet container *(documented: `ui/`)*| network |**yes** (auth is the API auth) |
139
139
| Management server cluster RPC (peer-to-peer) | NIO + TLS between management-server replicas, `:9090`*(documented: `framework/cluster/`, `utils/.../nio/`)*| network |**yes** (peer auth via Root CA) |
140
140
| Management server → agent RPC | NIO + TLS on `:8250` (default `agent.properties`) *(documented: `agent/conf/agent.properties` line 47, `utils/.../nio/NioServer.java`)*| network |**yes** (mutually authenticated via Root CA) |
@@ -199,7 +199,7 @@ requiring any of these will be closed with the cited disposition:
199
199
resource-limit case.
200
200
6.**A sandbox for templates, ISO images, or user-data scripts.** A
201
201
user-uploaded template (via `registerTemplate`) is run by the
202
-
hypervisor with the privileges the offering grants. cloud-init /
202
+
hypervisor with the privileges the system grants. cloud-init /
203
203
user-data / metadata is passed through to the guest; CloudStack does
204
204
not parse or sanitize its semantics *(documented: kubernetes-service
CloudStack ships as a family of packages: 'cloudstack-agent', 'cloudstack-baremetal-agent', 'cloudstack-common', 'cloudstack-integration-tests', 'cloudstack-management', 'cloudstack-marvin', 'cloudstack-mysql-ha', 'cloudstack-ui', 'cloudstack-usage'
342
341
*(documented: `debian/`, `packaging/`)*. A sizable number of runtime
343
342
configuration knobs materially change the security envelope. The
0 commit comments