2137d4c0f0
In this commit, 1.) replace :file: with double backticks (`` ``) 2.) Add markup :option: for option values Change-Id: Ibc17b1bdced7bcb59d744c1c7daab5afb9ae06c4 Closes-Bug: #1541422
1.1 KiB
Compute
The OpenStack Compute service (nova) is one of the more complex
OpenStack services. It runs in many locations throughout the cloud and
interacts with a variety of internal services. The OpenStack Compute
service offers a variety of configuration options which may be
deployment specific. In this chapter we will call out general best
practice around Compute security as well as specific known
configurations that can lead to security issues. In general, the
nova.conf file and the /var/lib/nova locations
should be secured. Controls like centralized logging, the
policy.json file, and a mandatory access control framework
should be implemented. Additionally, there are environmental
considerations to keep in mind, depending on what functionality is
desired for your cloud.
compute/hypervisor-selection.rst compute/hardening-the-virtualization-layers.rst compute/hardening-deployments.rst compute/vulnerability-awareness.rst compute/how-to-select-virtual-consoles.rst compute/case-studies.rst compute/checklist.rst