cf5645fdee
Per feedback received on other patch sets, an example key manager driver is required to support ephemeral storage encryption and Cinder volume encryption. The ConfKeyManager class reads its key from the project's configuration file and provides this key for *all* requests. As such, this key manager is insecure but allows the aforementioned encryption features to be used without further integration effort. To clarify the above statements, the configuration-based key manager uses a single, fixed key. When used to encrypt data (e.g., by the Cinder volume encryption feature), the encryption provides limited protection for the confidentiality of data. For example, data cannot be read from a lost or stolen disk, and a volume's contents cannot be reconstructed if an attacker intercepts the iSCSI traffic between the compute and storage host. If the key is ever compromised, then any data encrypted with the key can be decrypted. Implements blueprint encrypt-cinder-volumes SecurityImpact Change-Id: Ia6f4c69e699e68065c0f767e769cd0a6f5cc623b |
||
|---|---|---|
| contrib | ||
| doc | ||
| etc/nova | ||
| nova | ||
| plugins/xenserver | ||
| smoketests | ||
| tools | ||
| .coveragerc | ||
| .gitignore | ||
| .gitreview | ||
| .mailmap | ||
| .testr.conf | ||
| CONTRIBUTING.rst | ||
| HACKING.rst | ||
| LICENSE | ||
| MANIFEST.in | ||
| README.rst | ||
| babel.cfg | ||
| openstack-common.conf | ||
| pylintrc | ||
| requirements.txt | ||
| run_tests.sh | ||
| setup.cfg | ||
| setup.py | ||
| test-requirements.txt | ||
| tox.ini | ||
README.rst
OpenStack Nova README
OpenStack Nova provides a cloud computing fabric controller, supporting a wide variety of virtualization technologies, including KVM, Xen, LXC, VMware, and more. In addition to its native API, it includes compatibility with the commonly encountered Amazon EC2 and S3 APIs.
OpenStack Nova is distributed under the terms of the Apache License, Version 2.0. The full terms and conditions of this license are detailed in the LICENSE file.
Nova primarily consists of a set of Python daemons, though it requires and integrates with a number of native system components for databases, messaging and virtualization capabilities.
To keep updated with new developments in the OpenStack project follow @openstack on Twitter.
To learn how to deploy OpenStack Nova, consult the documentation available online at:
For information about the different compute (hypervisor) drivers supported by Nova, read this page on the wiki:
In the unfortunate event that bugs are discovered, they should be reported to the appropriate bug tracker. If you obtained the software from a 3rd party operating system vendor, it is often wise to use their own bug tracker for reporting problems. In all other cases use the master OpenStack bug tracker, available at:
Developers wishing to work on the OpenStack Nova project should always base their work on the latest Nova code, available from the master GIT repository at:
Developers should also join the discussion on the mailing list, at:
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Any new code must follow the development guidelines detailed in the HACKING.rst file, and pass all unit tests. Further developer focused documentation is available at:
For information on how to contribute to Nova, please see the contents of the CONTRIBUTING.rst file.
-- End of broadcast