Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
OpenStack for Architects

You're reading from   OpenStack for Architects Design production-ready private cloud infrastructure

Arrow left icon
Product type Paperback
Published in May 2018
Publisher Packt
ISBN-13 9781788624510
Length 256 pages
Edition 2nd Edition
Arrow right icon
Authors (2):
Arrow left icon
Michael Solberg Michael Solberg
Author Profile Icon Michael Solberg
Michael Solberg
Ben Silverman Ben Silverman
Author Profile Icon Ben Silverman
Ben Silverman
Arrow right icon
View More author details
Toc

Table of Contents (12) Chapters Close

Preface 1. Introducing OpenStack 2. Architecting the Cloud FREE CHAPTER 3. Planning for Failure and Success 4. Building the Deployment Pipeline 5. Building to Operate 6. Integrating the Platform 7. Securing the Cloud 8. OpenStack Use Cases 9. Containers 10. Conclusion 11. Other Books You May Enjoy

Hardening hypervisors


The Nova service, one of OpenStack's most complex projects, provides compute functionality in the environment. Nova is very pervasive throughout an OpenStack cloud and interacts with most of the other core IaaS services. Proper configuration of this particular service is an important factor in securing an OpenStack deployment.

Standard Linux hardening practices and hypervisors

The key to security in an OpenStack environment is the configuration and hardening of the virtualization technology, also named the hypervisor. Although OpenStack can be configured to use many different hypervisors, by far the most common hypervisor in use is KVM. All of the top operating systems, such as RHEL, Ubuntu, and CentOS, support the KVM hypervisor.

All of the top OpenStack distributions, such as Red Hat OpenStack Platform, Cisco, and SUSE, use KVM as the default hypervisor; other solutions like the one from Canonical have the ability to use LXC/LXD and KVM. Therefore, as KVM is a common...

lock icon The rest of the chapter is locked
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at $19.99/month. Cancel anytime
Banner background image