OpenStack Compute (Nova)
Go to file
Joel Coffman cf5645fdee Add key manager implementation with static key
Per feedback received on other patch sets, an example key manager
driver is required to support ephemeral storage encryption and
Cinder volume encryption. The ConfKeyManager class reads its key
from the project's configuration file and provides this key for
*all* requests. As such, this key manager is insecure but allows
the aforementioned encryption features to be used without further
integration effort.

To clarify the above statements, the configuration-based key
manager uses a single, fixed key. When used to encrypt data (e.g.,
by the Cinder volume encryption feature), the encryption provides
limited protection for the confidentiality of data. For example,
data cannot be read from a lost or stolen disk, and a volume's
contents cannot be reconstructed if an attacker intercepts the iSCSI
traffic between the compute and storage host. If the key is ever
compromised, then any data encrypted with the key can be decrypted.

Implements blueprint encrypt-cinder-volumes
SecurityImpact

Change-Id: Ia6f4c69e699e68065c0f767e769cd0a6f5cc623b
2013-09-11 06:43:13 -04:00
contrib Enable N302: Import modules only 2013-01-25 12:11:54 -05:00
doc Merge "Makes v3 API keypairs extension core" 2013-09-10 16:44:44 +00:00
etc/nova Add key manager implementation with static key 2013-09-11 06:43:13 -04:00
nova Add key manager implementation with static key 2013-09-11 06:43:13 -04:00
plugins/xenserver Merge "Adds Instance UUID to rsync debug logging" 2013-08-30 22:52:24 +00:00
smoketests Fix and Gate on H303 (no wildcard imports) 2013-07-30 14:34:31 -07:00
tools Updates tools/config/README 2013-08-22 10:15:14 +08:00
.coveragerc Port Cheetah templates to Jinja2 2013-09-02 16:03:34 +02:00
.gitignore add .idea folder to .gitignore pycharm creates this folder 2013-03-07 17:00:22 -06:00
.gitreview Add .gitreview config file for gerrit. 2011-10-24 15:07:19 -04:00
.mailmap Update mailmap 2013-08-18 10:52:51 +08:00
.testr.conf Make testr preserve existing OS_* env vars values 2013-05-29 11:55:49 +03:00
CONTRIBUTING.rst Add a CONTRIBUTING file. 2012-11-21 17:04:48 -05:00
HACKING.rst Use timeutils.utcnow() throughout the code 2013-07-19 16:08:54 +03:00
LICENSE initial commit 2010-05-27 23:05:26 -07:00
MANIFEST.in Finish AUTHORS transition. 2012-07-05 09:11:37 -05:00
README.rst Update references with new Mailing List location 2013-07-28 11:28:46 -07:00
babel.cfg Get rid of distutils.extra. 2012-02-08 19:30:39 -08:00
openstack-common.conf Remove unsafe XML parsing 2013-08-08 13:49:45 +02:00
pylintrc Don't warn about C0111 (No docstrings) 2011-03-16 15:28:09 -07:00
requirements.txt Updated from global requirements 2013-09-05 11:12:57 -04:00
run_tests.sh Merge "emit warning while running flake8 without virtual env" 2013-09-02 07:36:38 +00:00
setup.cfg Revert baremetal v3 API extension 2013-09-05 15:19:31 -07:00
setup.py Updated from global requirements 2013-09-05 11:12:57 -04:00
test-requirements.txt Updated from global requirements 2013-09-05 11:12:57 -04:00
tox.ini Merge "Have tox install via setup.py develop" 2013-09-04 04:46:27 +00:00

README.rst

OpenStack Nova README

OpenStack Nova provides a cloud computing fabric controller, supporting a wide variety of virtualization technologies, including KVM, Xen, LXC, VMware, and more. In addition to its native API, it includes compatibility with the commonly encountered Amazon EC2 and S3 APIs.

OpenStack Nova is distributed under the terms of the Apache License, Version 2.0. The full terms and conditions of this license are detailed in the LICENSE file.

Nova primarily consists of a set of Python daemons, though it requires and integrates with a number of native system components for databases, messaging and virtualization capabilities.

To keep updated with new developments in the OpenStack project follow @openstack on Twitter.

To learn how to deploy OpenStack Nova, consult the documentation available online at:

http://docs.openstack.org

For information about the different compute (hypervisor) drivers supported by Nova, read this page on the wiki:

https://wiki.openstack.org/wiki/HypervisorSupportMatrix

In the unfortunate event that bugs are discovered, they should be reported to the appropriate bug tracker. If you obtained the software from a 3rd party operating system vendor, it is often wise to use their own bug tracker for reporting problems. In all other cases use the master OpenStack bug tracker, available at:

http://bugs.launchpad.net/nova

Developers wishing to work on the OpenStack Nova project should always base their work on the latest Nova code, available from the master GIT repository at:

http://github.com/openstack/nova

Developers should also join the discussion on the mailing list, at:

http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack

Any new code must follow the development guidelines detailed in the HACKING.rst file, and pass all unit tests. Further developer focused documentation is available at:

http://nova.openstack.org/

For information on how to contribute to Nova, please see the contents of the CONTRIBUTING.rst file.

-- End of broadcast