233 lines
9.3 KiB
HTML
233 lines
9.3 KiB
HTML
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN"
|
|
"http://www.w3.org/TR/html4/strict.dtd">
|
|
<html lang="en" xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">
|
|
<head>
|
|
<meta name="generator" content=
|
|
"HTML Tidy for Linux/x86 (vers 11 February 2007), see www.w3.org" />
|
|
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii" />
|
|
<meta name="google-site-verification" content=
|
|
"Ip5yk0nd8yQHEo8I7SjzVfAiadlHvTvqQHLGwn1GFyU" />
|
|
|
|
<title>OpenStack Docs: Current</title><!-- Google Fonts -->
|
|
<link href='http://fonts.googleapis.com/css?family=PT+Sans&subset=latin'
|
|
rel='stylesheet' type='text/css' /><!-- Framework CSS -->
|
|
<link rel="stylesheet" href=
|
|
"http://openstack.org/themes/openstack/css/blueprint/screen.css" type=
|
|
"text/css" media="screen, projection" />
|
|
<link rel="stylesheet" href=
|
|
"http://openstack.org/themes/openstack/css/blueprint/print.css" type=
|
|
"text/css" media="print" />
|
|
<!--[if lt IE 8]><link rel="stylesheet" href="http://openstack.org/themes/openstack/css/blueprint/ie.css" type="text/css" media="screen, projection"><![endif]-->
|
|
<!-- OpenStack Specific CSS -->
|
|
<link rel="stylesheet" href=
|
|
"http://openstack.org/themes/openstack/css/main.css" type="text/css" media=
|
|
"screen, projection, print" />
|
|
<script type="text/javascript">
|
|
|
|
// Used to record outbound links before the browser resets to the new site
|
|
|
|
function recordOutboundLink(link, category, action) {
|
|
try {
|
|
_gaq.push(['._trackEvent', category , action ]);
|
|
setTimeout('document.location = "' + link.href + '"', 100)
|
|
}catch(err){}
|
|
}
|
|
|
|
</script>
|
|
<script type="text/javascript">
|
|
|
|
var _gaq = _gaq || [];
|
|
_gaq.push(['_setAccount', 'UA-17511903-1']);
|
|
_gaq.push(['_setDomainName', '.openstack.org']);
|
|
_gaq.push(['_trackPageview']);
|
|
|
|
(function() {
|
|
var ga = document.createElement('script'); ga.type = 'text/javascript'; ga.async = true;
|
|
ga.src = ('https:' == document.location.protocol ? 'https://ssl' : 'http://www') + '.google-analytics.com/ga.js';
|
|
var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(ga, s);
|
|
})();
|
|
|
|
</script>
|
|
</head>
|
|
|
|
<body class="docshome" id="docshome">
|
|
|
|
<div class="container">
|
|
<div id="header">
|
|
<div class="span-5">
|
|
<h1 id="logo"><a href="/">OpenStack</a></h1>
|
|
</div>
|
|
<div class="span-19 last blueLine">
|
|
|
|
<div id="navigation" class="span-19">
|
|
<ul id="Menu1">
|
|
|
|
<li><a href="http://www.openstack.org/" title="Go to the Home page">Home</a></li>
|
|
|
|
<li><a href="http://www.openstack.org/software/" title="Go to the Software page" class="link">Software</a></li>
|
|
|
|
<li><a href="http://www.openstack.org/user-stories/" title="Go to the User Stories page" class="link">User Stories</a></li>
|
|
|
|
<li><a href="http://www.openstack.org/community/" title="Go to the Community page" class="link">Community</a></li>
|
|
|
|
<li><a href="http://www.openstack.org/profile/" title="Go to the Profile page" class="link">Profile</a></li>
|
|
|
|
<li><a href="http://www.openstack.org/blog/" title="Go to the OpenStack Blog">Blog</a></li>
|
|
|
|
<li><a href="http://wiki.openstack.org/" title="Go to the OpenStack Wiki">Wiki</a></li>
|
|
|
|
<li><a href="http://docs.openstack.org/" title="Go to OpenStack Documentation" class="current">Documentation</a></li>
|
|
</ul>
|
|
|
|
|
|
</div>
|
|
|
|
</div>
|
|
</div>
|
|
</div>
|
|
|
|
<!-- Page Content -->
|
|
|
|
<div class="container">
|
|
<div class="span-12">
|
|
<h3 class="subhead"><a href="http://docs.openstack.org/">Documentation</a> > Security Guide </h3>
|
|
</div>
|
|
<div class="searchArea span-10 last">
|
|
<div id="cse" style="width: 100%;">
|
|
Loading
|
|
</div>
|
|
|
|
<script src="http://www.google.com/jsapi" type="text/javascript">
|
|
</script>
|
|
<script type="text/javascript">
|
|
//<![CDATA[
|
|
|
|
google.load('search', '1', {language : 'en'});
|
|
var _gaq = _gaq || [];
|
|
_gaq.push(["_setAccount", "UA-17511903-6"]);
|
|
function _trackQuery(control, searcher, query) {
|
|
var gaQueryParamName = "q";
|
|
var loc = document.location;
|
|
var url = [
|
|
loc.pathname,
|
|
loc.search,
|
|
loc.search ? '&' : '?',
|
|
gaQueryParamName == '' ? 'q' : encodeURIComponent(gaQueryParamName),
|
|
'=',
|
|
encodeURIComponent(query)
|
|
].join('');
|
|
_gaq.push(["_trackPageview", url]);
|
|
}
|
|
google.setOnLoadCallback(function() {
|
|
var customSearchControl = new google.search.CustomSearchControl('011012898598057286222:elxsl505o0o');
|
|
customSearchControl.setResultSetSize(google.search.Search.FILTERED_CSE_RESULTSET);
|
|
customSearchControl.setSearchStartingCallback(null, _trackQuery);
|
|
customSearchControl.draw('cse');
|
|
}, true);
|
|
//]]>
|
|
</script>
|
|
</div>
|
|
</div>
|
|
<div class="container">
|
|
<div class="span-12">
|
|
<div class="photo"><img width="100%" src="../common/images/openstack-security-guide.jpg"></div>
|
|
<p><a href="http://docs.openstack.org/security-guide/content/" class="button" onClick="recordOutboundLink(this, 'Outbound Links', 'security-guide.html');return false;" >HTML</a>
|
|
|
|
<a href="openstack-security-guide.epub" class="button" onClick="recordOutboundLink(this, 'Outbound Links', 'openstack-security-guide.epub');return false;" >EPUB</a>
|
|
|
|
<a href="http://docs.openstack.org/security-guide/security-guide.pdf" class="button" onClick="recordOutboundLink(this, 'Outbound Links', security-guide.pdf');return false;" >PDF</a>
|
|
</p>
|
|
</div>
|
|
<div class="span-12 last">
|
|
<div class="photo"><img width="100%" src="../common/images/openstack-security-guide-team.jpg"></div>
|
|
<p>
|
|
<b>The OpenStack Security Guide provides best practices learned by real cloud operators while hardening their OpenStack deployments.</b>
|
|
</p>
|
|
<p>
|
|
This book was written by a close community of security experts from the <a href="https://launchpad.net/~openstack-ossg">OpenStack Security Group</a> in a short, intense
|
|
week-long effort at an undisclosed location. One of the goals for this book is to bring together interested members to capture their collective knowledge and give it
|
|
back to the OpenStack community.
|
|
</p>
|
|
<p>
|
|
In this book you'll find practical security guidance:
|
|
<ul>
|
|
<li> Discussions about each OpenStack service
|
|
<li> Information about isolating security domains and securing domain bridges
|
|
<li> Public and private cloud considerations
|
|
<li> Best practices for management layers and access
|
|
<li> Secure node bootstrapping and hardening
|
|
<li> SSL, SSH, and PKI availability per OpenStack service
|
|
<li> API endpoint best practices
|
|
<li> Security for messaging transport and queues
|
|
<li> Database and data security best practices and considerations
|
|
<li> Hypervisor selection advice
|
|
<li> Security services available for OpenStack instances and trusted images
|
|
<li> Migration information
|
|
<li> Logging information and considerations
|
|
<li> Access control and identity management concepts
|
|
</ul>
|
|
</p>
|
|
<p>You can get the <a href="http://docs.openstack.org/security-guide/security-guide.pdf" onClick="recordOutboundLink(this, 'Outbound Links', security-guide.pdf');return false;" >PDF</a> to print yourself. If you'd like a bound copy, <a href="http://www.lulu.com/commerce/index.php?fBuyContent=13956188" onClick="recordOutboundLink(this, 'Outbound Links', 'securitylulu.com');return false;">buy it from Lulu</a> and all proceeds go to the Foundation to support more book sprints efforts like this one.</p>
|
|
<p>
|
|
<a href="http://www.lulu.com/commerce/index.php?fBuyContent=13956188"><img src="http://static.lulu.com/images/services/buy_now_buttons/us/blue2.gif?20130702092152" border="0" alt="Support independent publishing: Buy this book on Lulu."></a>
|
|
</p>
|
|
|
|
<p align="right">
|
|
<a rel="license" href="http://creativecommons.org/licenses/by/3.0/us/">
|
|
<img alt="Creative Commons License" style="border-width:0" src="http://i.creativecommons.org/l/by/3.0/us/88x31.png" /></a>
|
|
<br />
|
|
This work is licensed under a <a rel="license" href="http://creativecommons.org/licenses/by/3.0/us/">Creative Commons Attribution 3.0 United States License</a>.</p>
|
|
</div>
|
|
|
|
</div>
|
|
<div class="container">
|
|
<div id="footer">
|
|
<hr />
|
|
<p>Documentation treated like code, powered by the community - interested? Here's <a href="http://wiki.openstack.org/Documentation/HowTo">how to contribute</a>. </p>
|
|
<p>The OpenStack project is provided under the Apache 2.0 license.
|
|
Openstack.org is powered by <a href=
|
|
"http://www.rackspacecloud.com/">Rackspace Cloud Computing</a>.</p>
|
|
</div>
|
|
</div>
|
|
<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.js"></script>
|
|
|
|
<script src="http://docs.openstack.org/common/jquery/jquery.hoverIntent.minified.js" type="text/javascript" charset="utf-8">
|
|
</script>
|
|
|
|
|
|
<script type="text/javascript" charset="utf-8">
|
|
//<![CDATA[
|
|
$(document).ready(function() {
|
|
|
|
function addMenu(){
|
|
$(".dropDown").addClass("menuHover");
|
|
}
|
|
|
|
function removeMenu(){
|
|
$(".dropDown").removeClass("menuHover");
|
|
}
|
|
|
|
var menuConfig = {
|
|
interval: 500,
|
|
sensitivity: 4,
|
|
over: addMenu,
|
|
timeout: 500,
|
|
out: removeMenu
|
|
};
|
|
|
|
$(".dropDownTrigger").hoverIntent(menuConfig);
|
|
|
|
|
|
|
|
});
|
|
|
|
|
|
|
|
//]]>
|
|
</script>
|
|
|
|
</body>
|
|
</html>
|
|
|
|
|