By the holidays last year, Walmart.com’s entire U.S. production traffic was on OpenStack compute.     LEARN MORE

Encrypted Block Storage: Technical Walkthrough

The Volume Encryption feature in OpenStack presents a normal block storage device to the VM but encrypts the data in the virtualization host before writing to a remote disk. This provides data confidentiality against network traffic interception, compromised storage hosts, and stolen disk drives. To the end user, the block server operates exactly as it would when reading and writing unencrypted blocks. It includes a key manager interface that supports key generation and storage, and the interface allows different key managers to be supported such as Barbican or a KMIP server. This session will be split into two parts, the first covering the set up of the Barbican key management service and the second covering the configuration and use of Cinder and Nova to provide encrypted block storage.

Speakers: Jarret Raim,Joel Coffman

Related Media:

superuser-slides.zip

Nov 05

Nov 06

N/A

Nov 07

Nov 08