OpenStack Summit May 2015 Vancouver has ended
Back To Schedule
Monday, May 18 • 3:40pm - 4:20pm
Storage security in a critical enterprise OpenStack environment

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Security is essential for critical enterprise OpenStack installations like telco NFV clouds. This includes the often-ignored issue of security for storage of images, objects, and shared file systems (e.g., user data or mission critical configurations like firewall rules). This talk will provide insight into requirements for a secure setup and potential issues, pitfalls, and attack vectors against storage technologies used with an cloud based on OpenStack.


The Ceph distributed storage system has become very popular in OpenStack deployments, and is currently the most commonly deployed solution for block storage. It provides an object store, block devices, and a shared file system. However, distributed systems in particular make it much more complex to achieve robust security compared e.g. to local storage on compute nodes.


By using Ceph as an example, this talk will present what Deutsche Telekom and Red Hat/Inktank, together with the community, are working on to build a security critical cloud with OpenStack and Ceph.


This talk will cover:

  • the security requirements for telco clouds

  • the security issues associated with multi-tenant clouds with a range of security zones sharing a single storage system

  • how to secure the storage setup in an OpenStack cloud

  • the current state of security in Ceph

  • current Ceph development efforts that are underway

  • the security roadmap for Ceph

avatar for Danny Al-Gaaf

Danny Al-Gaaf

Senior Cloud Technologist, Deutsche Telekom AG
Danny Al-Gaaf is a Senior Cloud Technologist working for Deutsche Telekom. As a Ceph upstream developer he is a driver for using Ceph at Deutsche Telekom. For the last 15 years his professional focus has been on Linux and open source. He works actively in several upstream communities... Read More →
avatar for Sage


Ceph Principal Architect, Red Hat
Sage originally designed Ceph as part of his PhD research at the University of California, Santa Cruz. Since then he has worked to build an open source community around the project to provide a robust and stable object, block, and file storage solution that is free as in speech and... Read More →

Monday May 18, 2015 3:40pm - 4:20pm PDT
Room 211

Attendees (0)