autoscaling
autoscaling copied to clipboard
Epic: Further network hardening
User stories
As a follow-up to #413, we should also generally make sure that if a hypothetical attacker did have access to our network, they'd have a hard time messing with our systems.
Realistically, there's more important areas of security work to get to first. For now, this epic exists to write down the ideas somewhere to make sure they're tracked. Some of the pieces here are actually quite difficult to set up.
DoD
- All connections between autoscaling components are authenticated.
This is part 2 of 2, for security-related improvements for autoscaling & NeonVM. Part 1 is here.
Contributing Epics & tasks
- [ ] Access to VM's QEMU should be restricted to neonvm-controller
- [ ] neondatabase/security#29
- [ ] Scheduler plugin should authenticate autoscaler-agent connections
- [ ] plugin + agent "dump state" and pprof endpoints should be authenticated
- [ ] agent -> monitor connections should be authenticated by monitor
Related Projects and Epics
- https://github.com/neondatabase/neon_roadmap/issues/122
- #413