Hi,
Our user has complained about his "Data loss" in this ticket:
https://jira.fiware.org/browse/HELP-8397
I've offered him to download his disks in the Spanish region. I can't
help but feeling some sorrow for this man who exploited a bug:
(https://jira.fiware.org/browse/SEC-1053) --- I don't know if he did in
bad faith or just being a little bit naive.
Regards,
José Ignacio.
El 16/03/17 a las 14:50, Sébastien LEFEUVRE escribió:
>
> Hello,
>
> We also have 1 VM active of this user "mostafa-hisham" and 4 deleted
> VM in Sophia-Antipolis Node :
>
> nova-manage vm list |grep d5275af31d724a40ac8be3c68c38858a
> cephpro compute-4.c4itas.eu m1.medium deleted 2017-03-14
> 20:16:48+00:00 75a52926-7e03-44d6-a66f-0e987739d328
> d5275af31d724a40ac8be3c68c38858a mostafa-hisham None 0
> iiibk compute-3.c4itas.eu m1.large active 2017-02-04
> 14:31:25+00:00 78f532ce-c3d9-4687-bbae-848aa518da1f
> d5275af31d724a40ac8be3c68c38858a mostafa-hisham None 0
> iiibk compute-1.c4itas.eu m1.medium deleted 2017-02-04
> 14:28:22+00:00 78f532ce-c3d9-4687-bbae-848aa518da1f
> d5275af31d724a40ac8be3c68c38858a mostafa-hisham None 0
> devices compute-3.c4itas.eu m1.large deleted 2017-02-03
> 15:59:38+00:00 4addc951-7861-4122-9262-2ff83cb26f22
> d5275af31d724a40ac8be3c68c38858a mostafa-hisham None 0
> ibro compute-6.c4itas.eu m1.medium deleted 2016-12-11
> 10:58:52+00:00 f99631ac-3caf-46d0-9127-881b77df7bb3
> d5275af31d724a40ac8be3c68c38858a mostafa-hisham None 0
>
> Should we delete the active one ?
>
> Kind Regards,*
> *
>
> *_____________________________________*
>
> *Sébastien Lefeuvre*
>
> *TAS FRANCE*
> Cloud & Managed Services Provider
> ISO 9001 Data Center – PCI DSS Level 1 Service Provider
>
> WTC1 – K, 1300 route des Crètes, 06560 Valbonne - Sophia Antipolis, France
> +33 (0)4 92 94 56 97 | Fax: +33 (0)4 92 94 33 99
> ✉ s.lefeuvre at tasgroup.fr<mailto:s.lefeuvre at tasgroup.fr>
> http://www.tasfrance.com <http://www.tasfrance.com/>
>
> cid:image001.jpg at 01D23C0A.BADA3D90cid:image002.jpg at 01D23C0A.BADA3D90
>
> This message and any attachments may contain confidential or
> privileged information. Opinions expressed therein don't represent any
> commitment between TAS Group and the recipient(s) and no liability is
> accepted by TAS Group. If you are not the intended recipient, please
> advise the sender and delete all copies of this message and any
> attachments.
>
> Le 16/03/2017 à 14:36, Pecetti Mauro a écrit :
>>
>> Hi all,
>>
>> we have also a VM on Vicenza node…..
>>
>> We procede to remove it.
>>
>> BR
>>
>> Mauro
>>
>> *Da:*fiware-lab-federation-nodes-bounces at lists.fiware.org
>> [mailto:fiware-lab-federation-nodes-bounces at lists.fiware.org] *Per
>> conto di * Spyros Argyropoulos
>> *Inviato:* giovedì 16 marzo 2017 14:27
>> *A:* Giorgio Robino; fernando.lopez at fiware.org; Pietropaolo Alfonso;
>> xifi-support at rt4.cesnet.cz
>> *Cc:* fiware-lab-federation-nodes at lists.fiware.org
>> *Oggetto:* Re: [Fiware-lab-federation-nodes] [CESNET #196603] Re:
>> Discovered Unknown/Suspicious VMs on FIWARE Lab Genoa node
>>
>> Hi All,
>>
>> This user has become a 'community user' after a 'FIWARE LAB Upgrade
>> Account' Request to the Region of Crete (FLUA-2658 : Assign Resources
>> and Status for: Creating IoT using mobile sensors).
>> We provided the requested resources without changing the status of
>> the selected Regions.
>> Now in the the Region of Crete there are two VMs of this user.
>>
>> BR,
>>
>> Spyros.
>>
>> Spyros Argyropoulos, Computer & Informatics Eng.
>> Intelligent Systems Laboratory
>> School of Electrical and Computer Engineering
>> Technical University of Crete
>> University Campus - Kounoupidiana
>> 73100 Chania, Crete
>> GREECE
>> Phone: +3028210 37342
>> Fax: +3028210 37542
>>
>> On 16/3/2017 2:52 μμ, Giorgio Robino wrote:
>>
>> Thanks José, Alfonso, Cristian
>>
>> in facts appears to me an anomaly,
>>
>> here (genoa node) we would proceed with deletion of mentioned VMs.
>>
>> As Cristian did:
>>
>> we keep VMs as suspended and
>>
>> *We’ll wai**t until another decision to see what to do with it.*
>>
>> Looking forward Fernando's feedback
>>
>> giorgio
>>
>> ------ Messaggio originale ------
>>
>> Da: "José Ignacio Carretero via RT" <xifi-support at rt4.cesnet.cz
>> <mailto:xifi-support at rt4.cesnet.cz>>
>>
>> A: giorgio.robino at cnit.it <mailto:giorgio.robino at cnit.it>
>>
>> Cc: fernando.lopez at fiware.org <mailto:fernando.lopez at fiware.org>
>>
>> Inviato: 16/03/2017 13:18:25
>>
>> Oggetto: [CESNET #196603] Re: [Fiware-lab-federation-nodes]
>> Discovered Unknown/Suspicious VMs on FIWARE Lab Genoa node
>>
>> However, it seems that this user has been approved not only
>> in Crete
>>
>> node but it has been approved "more widely". I mean in every
>> node.
>>
>> The user has used resources from other several nodes
>> including Spain2,
>>
>> Crete, Lannion3, Mexico, etc. --- I have changed his
>> privileges to
>>
>> restrict his access to Crete node (that's what he asked for
>> and what it
>>
>> was approved). So, he shouldn't be able to access any other
>> regions
>>
>> using the cloud portal.
>>
>> In Spain2 I've disassociated his Public IP and stopped his
>> VMs (not
>>
>> destroyed them at all).
>>
>> Now we can think about what to do with his "extra" resources
>> in the
>>
>> other nodes. Any suggestions are welcomed.
>>
>> Thank you Giorgio for your notification.
>>
>> Regards,
>>
>> José Ignacio
>>
>> El 16/03/17 a las 12:50, Pietropaolo Alfonso escribió:
>>
>> Searching from Jira the user id mostafa-hisham it seems
>> that the user
>>
>> was approved and hosted on the Crete node...
>>
>> Alfonso
>>
>> *Alfonso Pietropaolo*
>>
>> Research and Development Laboratory
>>
>> Engineering Ingegneria Informatica S.p.A.
>>
>> <https://imail.eng.it/ecp/Customize/www.eng.it>
>>
>> Via Riccardo Morandi, 32 00148 Roma - Italy
>>
>> Tel. 0683074834
>>
>> Skype: alfopietro
>>
>> Il giorno 16 mar 2017, alle ore 12:06, Giorgio Robino
>>
>> <giorgio.robino at cnit.it
>> <mailto:giorgio.robino at cnit.it>
>> <mailto:giorgio.robino at cnit.it
>> <mailto:giorgio.robino at cnit.it>>> ha scritto:
>>
>> Hi Fernando, all,
>>
>> we just discovered two unknown/suspicious VMs in
>> status active, on
>>
>> Genoa node.
>>
>> As far as we know, as administrators of Fiware Lab
>> Genoa node,
>>
>> we are the only ones in charge to allocate VMs
>> requests (replying
>>
>> specific FIWARE FLUA-XXXX tickets).
>>
>> That's correct?
>>
>> Any tenant without an explicit ticket flow request,
>> have to be
>>
>> considered not authorized.
>>
>> That's correct?
>>
>> At the moment, we put VMs in status suspended:
>>
>> root at controller01:~# nova list --all-tenants
>>
>> +--------------------------------------+----------------+----------------------------------+-----------+------------+-------------+------------------------------------------------------------+
>>
>> | ID | Name | Tenant ID
>>
>> | Status | Task State | Power
>> State | Networks |
>>
>> +--------------------------------------+----------------+----------------------------------+-----------+------------+-------------+------------------------------------------------------------+
>>
>> | 4f68086a-968c-43f5-9a83-68f7d5786b27 | Hima1 |
>>
>> d5275af31d724a40ac8be3c68c38858a | SUSPENDED | - |
>> Running
>>
>> | node-int-net-01=172.18.1.176, 130.251.135.187 |
>>
>> | 87756965-5402-4bf0-9785-04d736d1db49 | iotul |
>>
>> d5275af31d724a40ac8be3c68c38858a | SUSPENDED | - |
>> Running
>>
>> | node-int-net-01=172.18.1.191 |
>>
>> +--------------------------------------+----------------+----------------------------------+-----------+------------+-------------+------------------------------------------------------------+
>>
>> VMs details here below:
>>
>> root at controller01:~# nova show
>> 4f68086a-968c-43f5-9a83-68f7d5786b27
>>
>> +--------------------------------------+-------------------------------------------------------------+
>>
>> | Property | Value
>>
>> |
>>
>> +--------------------------------------+-------------------------------------------------------------+
>>
>> | OS-DCF:diskConfig | MANUAL
>>
>> |
>>
>> | OS-EXT-AZ:availability_zone | nova
>>
>> |
>>
>> | OS-EXT-SRV-ATTR:host | compute02.domain.tld |
>>
>> | OS-EXT-SRV-ATTR:hypervisor_hostname |
>> compute02.domain.tld |
>>
>> | OS-EXT-SRV-ATTR:instance_name | instance-00004bed |
>>
>> | OS-EXT-STS:power_state | 1
>>
>> |
>>
>> | OS-EXT-STS:task_state | -
>>
>> |
>>
>> | OS-EXT-STS:vm_state | active
>>
>> |
>>
>> | OS-SRV-USG:launched_at | 2017-03-15T19:09:49.000000 |
>>
>> | OS-SRV-USG:terminated_at | -
>>
>> |
>>
>> | accessIPv4 |
>>
>> |
>>
>> | accessIPv6 |
>>
>> |
>>
>> | config_drive |
>>
>> |
>>
>> | created | 2017-03-15T19:08:30Z |
>>
>> | flavor | m1.large (4)
>>
>> |
>>
>> | hostId |
>>
>> aea193f566c67314b0fdf88a6bad0b12f9c3319119373770630ac724
>> |
>>
>> | id |
>>
>> 4f68086a-968c-43f5-9a83-68f7d5786b27 |
>>
>> | image | orion-psb-image-R5.4
>>
>> (c894ce60-b9a2-48be-b1e2-c28185908fb0) |
>>
>> | key_name | hima
>>
>> |
>>
>> | metadata | {"region": "Genoa", "nid":
>>
>> "344"} |
>>
>> | name | Hima1
>>
>> |
>>
>> | node-int-net-01 network | 172.18.1.176,
>>
>> 130.251.135.187 |
>>
>> | os-extended-volumes:volumes_attached | []
>>
>> |
>>
>> | progress | 0
>>
>> |
>>
>> | security_groups | default
>>
>> |
>>
>> | status | ACTIVE
>>
>> |
>>
>> | tenant_id |
>>
>> d5275af31d724a40ac8be3c68c38858a |
>>
>> | updated | 2017-03-15T19:09:49Z |
>>
>> | user_id | mostafa-hisham
>>
>> |
>>
>> +--------------------------------------+-------------------------------------------------------------+
>>
>> root at controller01:~# nova show
>> 87756965-5402-4bf0-9785-04d736d1db49
>>
>> +--------------------------------------+----------------------------------------------------------+
>>
>> | Property | Value
>>
>> |
>>
>> +--------------------------------------+----------------------------------------------------------+
>>
>> | OS-DCF:diskConfig | MANUAL
>>
>> |
>>
>> | OS-EXT-AZ:availability_zone | nova
>>
>> |
>>
>> | OS-EXT-SRV-ATTR:host | compute03.domain.tld |
>>
>> | OS-EXT-SRV-ATTR:hypervisor_hostname |
>> compute03.domain.tld |
>>
>> | OS-EXT-SRV-ATTR:instance_name | instance-0000460e |
>>
>> | OS-EXT-STS:power_state | 1
>>
>> |
>>
>> | OS-EXT-STS:task_state | -
>>
>> |
>>
>> | OS-EXT-STS:vm_state | active
>>
>> |
>>
>> | OS-SRV-USG:launched_at | 2017-02-28T16:58:58.000000 |
>>
>> | OS-SRV-USG:terminated_at | -
>>
>> |
>>
>> | accessIPv4 |
>>
>> |
>>
>> | accessIPv6 |
>>
>> |
>>
>> | config_drive |
>>
>> |
>>
>> | created | 2017-02-28T16:57:40Z |
>>
>> | flavor | m1.medium (3)
>>
>> |
>>
>> | hostId |
>>
>> 7d3e4c05dd8d58708387259119b5aefe2058623abc4b3f758070299e
>> |
>>
>> | id |
>>
>> 87756965-5402-4bf0-9785-04d736d1db49 |
>>
>> | image | base_debian_7
>>
>> (b66abb99-f08d-4880-9139-b2d6b5e3d3a8) |
>>
>> | key_name | ultk
>>
>> |
>>
>> | metadata | {"region": "Genoa"}
>>
>> |
>>
>> | name | iotul
>>
>> |
>>
>> | node-int-net-01 network | 172.18.1.191
>>
>> |
>>
>> | os-extended-volumes:volumes_attached | []
>>
>> |
>>
>> | progress | 0
>>
>> |
>>
>> | security_groups | default
>>
>> |
>>
>> | status | ACTIVE
>>
>> |
>>
>> | tenant_id |
>>
>> d5275af31d724a40ac8be3c68c38858a |
>>
>> | updated | 2017-02-28T16:58:59Z |
>>
>> | user_id | mostafa-hisham
>>
>> |
>>
>> +--------------------------------------+----------------------------------------------------------+
>>
>> How do you suggest to proceed?
>>
>> Thanks & regards
>>
>> giorgio
>>
>> __________________________________________________________________________________________
>>
>> You can get more information about our cookies and
>> privacy policies
>>
>> on the following links:
>>
>> -http://forge.fiware.org/plugins/mediawiki/wiki/fiware/index.php/FIWARE_Privacy_Policy
>>
>> -http://forge.fiware.org/plugins/mediawiki/wiki/fiware/index.php/Cookies_Policy_FIWARE
>>
>> Fiware-lab-federation-nodes mailing list
>>
>> Fiware-lab-federation-nodes at lists.fiware.org
>> <mailto:Fiware-lab-federation-nodes at lists.fiware.org>
>>
>> <mailto:Fiware-lab-federation-nodes at lists.fiware.org
>> <mailto:Fiware-lab-federation-nodes at lists.fiware.org>>
>>
>> https://lists.fiware.org/listinfo/fiware-lab-federation-nodes
>>
>> __________________________________________________________________________________________
>>
>> You can get more information about our cookies and
>> privacy policies on the following links:
>>
>> -
>> http://forge.fiware.org/plugins/mediawiki/wiki/fiware/index.php/FIWARE_Privacy_Policy
>>
>> -
>> http://forge.fiware.org/plugins/mediawiki/wiki/fiware/index.php/Cookies_Policy_FIWARE
>>
>> Fiware-lab-federation-nodes mailing list
>>
>> Fiware-lab-federation-nodes at lists.fiware.org
>> <mailto:Fiware-lab-federation-nodes at lists.fiware.org>
>>
>> https://lists.fiware.org/listinfo/fiware-lab-federation-nodes
>>
>> --
>>
>> −−−
>>
>> José Ignacio Carretero
>>
>> FIWARE Cloud and Platform Expert
>>
>> FIWARE Foundation
>>
>> FIWARE Foundation
>>
>> Franklinstrasse 13A
>>
>> 10587 Berlin
>>
>> email: joseignacio.carretero at fiware.org
>> <mailto:joseignacio.carretero at fiware.org>
>>
>> <mailto:joseignacio.carretero at fiware.org
>> <mailto:joseignacio.carretero at fiware.org>>
>>
>> www: http://fiware.org
>>
>> twitter: @jicarreterogu @FIWARE
>>
>> skype: jicarretero
>>
>>
>>
>>
>> __________________________________________________________________________________________
>>
>> You can get more information about our cookies and privacy policies on the following links:
>>
>> -http://forge.fiware.org/plugins/mediawiki/wiki/fiware/index.php/FIWARE_Privacy_Policy
>>
>> -http://forge.fiware.org/plugins/mediawiki/wiki/fiware/index.php/Cookies_Policy_FIWARE
>>
>> Fiware-lab-federation-nodes mailing list
>>
>> Fiware-lab-federation-nodes at lists.fiware.org
>> <mailto:Fiware-lab-federation-nodes at lists.fiware.org>
>>
>> https://lists.fiware.org/listinfo/fiware-lab-federation-nodes
>>
>>
>>
>> __________________________________________________________________________________________
>>
>> You can get more information about our cookies and privacy policies on the following links:
>> -http://forge.fiware.org/plugins/mediawiki/wiki/fiware/index.php/FIWARE_Privacy_Policy
>> -http://forge.fiware.org/plugins/mediawiki/wiki/fiware/index.php/Cookies_Policy_FIWARE
>>
>> Fiware-lab-federation-nodes mailing list
>> Fiware-lab-federation-nodes at lists.fiware.org
>> https://lists.fiware.org/listinfo/fiware-lab-federation-nodes
>>
>
>
>
> __________________________________________________________________________________________
>
> You can get more information about our cookies and privacy policies on the following links:
> - http://forge.fiware.org/plugins/mediawiki/wiki/fiware/index.php/FIWARE_Privacy_Policy
> - http://forge.fiware.org/plugins/mediawiki/wiki/fiware/index.php/Cookies_Policy_FIWARE
>
> Fiware-lab-federation-nodes mailing list
> Fiware-lab-federation-nodes at lists.fiware.org
> https://lists.fiware.org/listinfo/fiware-lab-federation-nodes
>
--
−−−
José Ignacio Carretero
FIWARE Cloud and Platform Expert
FIWARE Foundation
FIWARE Foundation
Franklinstrasse 13A
10587 Berlin
email: joseignacio.carretero at fiware.org
<mailto:joseignacio.carretero at fiware.org>
www: http://fiware.org
twitter: @jicarreterogu @FIWARE
skype: jicarretero
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.fiware.org/private/fiware-lab-federation-nodes/attachments/20170320/b40e3958/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: image/jpeg
Size: 22366 bytes
Desc: not available
URL: <https://lists.fiware.org/private/fiware-lab-federation-nodes/attachments/20170320/b40e3958/attachment-0002.jpe>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: image/jpeg
Size: 25197 bytes
Desc: not available
URL: <https://lists.fiware.org/private/fiware-lab-federation-nodes/attachments/20170320/b40e3958/attachment-0003.jpe>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: Foundation-31B.png
Type: image/png
Size: 251283 bytes
Desc: not available
URL: <https://lists.fiware.org/private/fiware-lab-federation-nodes/attachments/20170320/b40e3958/attachment-0001.png>
You can get more information about our cookies and privacy policies clicking on the following links: Privacy policy Cookies policy