Fuel for OpenStack

Gaps in the documentation regarding MOS security

Bug #1408792 reported by Adam Heczko
258
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Fuel for OpenStack
Confirmed
Medium
Fuel Documentation Team
Fuel for OpenStack 8.0

Bug Description

There is not enough documentation regarding to MOS cluster security and Fuel node security.
This basic documentation on IT security should cover at least topics related to:
- network security / firewall considerations and TCP/UDP ports used by MOS services, MOS API's and other components required for proper MOS cluster operations
- guidance on securing API endpoints, some short guidance on securing API communications by applying SSL/TLS encryption using self-signed certificates
- guidance on working with external X.509 Certificate Authorities and X.509 certificates signed externally

This security guidance should be present in the following locations:
1). http://docs.mirantis.com/openstack/
2). It should be distributed with the installation ISO and available on the Fuel on-line help, during MOS cluster deployment and MOS cluster operations

Tomasz 'Zen' Napierala (tzn)
Changed in fuel:
assignee: nobody → Tomasz 'Zen' Napierala (tzn)
Tomasz 'Zen' Napierala (tzn)
Changed in fuel:
importance: Undecided → Medium
status: New → Confirmed
milestone: none → 6.1
Tomasz 'Zen' Napierala (tzn)
Changed in fuel:
assignee: Tomasz 'Zen' Napierala (tzn) → Fuel Documentation Team (fuel-docs)
milestone: 6.1 → 7.0
information type: Private Security → Public Security
Nastya Urlapova (aurlapova)
tags: added: qa-agree-7.0
Igor Shishkin (teran)
Changed in fuel:
milestone: 7.0 → 8.0
Dmitry Pyzhov (dpyzhov)
tags: added: area-docs
To post a comment you must log in.
This report contains Public Security information  
Everyone can see this security related information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.