OpenStack Security

• Basic networking knowledge
• Basic knowledge of cloud computing paradigm
• Practical knowledge of administering Linux operating systems

The course is providing practical knowledge on OpenStack and private cloud security. It starts from the introduction to the system, then the participants are getting practical knowledge on security in private clouds and securing OpenStack installation. During the course, each of the core OpenStack modules is presented, participants are building up virtual identity, image, network, compute and storage resources while discussing relevant security topics. Each participant is getting their own training environment with a complete OpenStack installation based on selected cloud architecture (eg. storage, networking). The training could be highly customized based on the needs of the client.

Customization options
The training can be contracted to 2 days, focusing on core aspects relevant for the customer. The training can be also extended regarding administrative, design, networking and/or troubleshooting topics concerning OpenStack deployments
 

1. Introduction to OpenStack

• History of the cloud and OpenStack
• Cloud features
• Cloud models
  • private, public, hybrid
  • on-premise, IaaS, PaaS, SaaS
• Public and private cloud deployments based on OpenStack
• Open source and commercial OpenStack distributions
• OpenStack deployment models
• OpenStack ecosystem
  • Modules
  • Underlying tools
  • Integrations
• OpenStack lifecycle
• OpenStack certification

2. Cloud security and OpenStack

3. OpenStack architecture and security

• Configuring Cinder storage type for volume encryption
• Limitations of volume encryption
• Storing X.509 certificate bundles

4. Other aspects related to architecture & security

• Tenant data privacy
• Instance security
• Oslo.policy - creating custom role and API authorization
• High Availability in OpenStack