Open Stack

On 11/24/2015 03:27 PM, Nathan Reller wrote:
>> the cinder admin and the nova admin are ALWAYS the same people
>
> There is interest in hybrid clouds where the Nova and Cinder services
> are managed by different providers. The customer would place higher
> trust in Nova because you must trust the compute service, and the
> customer would place less trust in Cinder. One way to achieve this
> would be to have all encryption done by Nova. Cinder would simply see
> encrypted data and provide a good cheap storage solution for data.
>
> Consider a company with sensitive data. They can run the compute nodes
> themselves and offload Cinder service to some third-party service.
> This way they are the only ones who can manage the machines that see
> the plaintext.

If you have that level of paranoia, I suggest running LUKS inside the 
guest VM and not relying on OpenStack to handle your encryption. Then 
you don't have to worry about whether nova is sharing your keys with 
cinder because even nova won't have them.

Trying to design a system where we expect nova to do data encryption but 
not cinder will not work in the long run. The eventual result will be 
that nova will have to take on most of the functionality of cinder and 
we'll be back to the nova-volume days.

Also in case it's not obvious, if you use different providers for 
compute and storage, your performance is going to be absolutely terrible.

-Ben

> -Nate
>
> __________________________________________________________________________
> OpenStack Development Mailing List (not for usage questions)
> Unsubscribe: OpenStack-dev-request at lists.openstack.org?subject:unsubscribe
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
>