This event has ended. Create your own event → Check it out
This event has ended. Create your own
View analytic
Monday, May 18 • 3:40pm - 4:20pm
Storage security in a critical enterprise OpenStack environment

Sign up or log in to save this to your schedule and see who's attending!

Security is essential for critical enterprise OpenStack installations like telco NFV clouds. This includes the often-ignored issue of security for storage of images, objects, and shared file systems (e.g., user data or mission critical configurations like firewall rules). This talk will provide insight into requirements for a secure setup and potential issues, pitfalls, and attack vectors against storage technologies used with an cloud based on OpenStack.


The Ceph distributed storage system has become very popular in OpenStack deployments, and is currently the most commonly deployed solution for block storage. It provides an object store, block devices, and a shared file system. However, distributed systems in particular make it much more complex to achieve robust security compared e.g. to local storage on compute nodes.


By using Ceph as an example, this talk will present what Deutsche Telekom and Red Hat/Inktank, together with the community, are working on to build a security critical cloud with OpenStack and Ceph.


This talk will cover:

  • the security requirements for telco clouds

  • the security issues associated with multi-tenant clouds with a range of security zones sharing a single storage system

  • how to secure the storage setup in an OpenStack cloud

  • the current state of security in Ceph

  • current Ceph development efforts that are underway

  • the security roadmap for Ceph

avatar for Danny Al-Gaaf

Danny Al-Gaaf

Senior Cloud Technologist
Danny Al-Gaaf is a Senior Cloud Technologist working for Deutsche Telekom. As an Ceph upstream developer he is also a driver for using Ceph as a distributed open source storage back-end for OpenStack at Deutsche Telekom. | For the last 10 years his professional focus has been on Linux and open source software. He works actively in upstream communities.
avatar for Sage Weil

Sage Weil

Ceph Principal Architect
Sage originally designed Ceph as part of his PhD research in Storage Systems at the University of California, Santa Cruz. Since graduating, he has continued to refine the system with the goal of providing a stable next generation distributed storage system for Linux.

Monday May 18, 2015 3:40pm - 4:20pm
Room 211

Attendees (347)