Linux Plumbers Conference

Security and Storage

Registered by Paul Moore on 2012-04-25

Virtualization Topics:
1. Virtualization Security Discussion
2. Storage Virtualization for KVM

=== Virtualization Security Discussion ===

[Slides](http://www.linuxplumbersconf.org/2012/wp-content/uploads/2012/09/2012-lpc-virt-security-pmoore.pdf)

This proposal is for a discussion of the threats facing Linux based Virtualization technologies and what can be done to help mitigate these threats. The focus will be on hypervisor based virtualization, e.g. KVM, but container based virtualization can also be discussed if there is sufficient interest among the attendees.

Possible topics of discussion include:
* Confining malicious/exploited guests
* Validating host identity and integrity from the guest
* Enforcing network separation/virtualization

Topic Lead: Paul Moore
Paul has been involved in various Linux security efforts for the past eight years, with a strong focus on mandatory access control and network security. He has served as the Linux Kernel's labeled networking maintainer since 2007. Paul has given a number of presentations over the years at Linux conferences on Linux security, SELinux, SELinux/MLS, and labeled networking.

=== Storage Virtualization for KVM ===

[Slides](http://www.linuxplumbersconf.org/2012/wp-content/uploads/2012/09/2012-lpc-virt-storage-virt-kvm-rao.pdf)

In KVM based virtualization ecosystem, there are multiple choices for filesytem/storage and management tools. While this allows for different custom solutions, there is no single default storage solution that caters to the majority of use case scenarios. In this presentation, we will look at integrating different individual projects like QEMU, GlusterFS, oVirt/VDSM and libstoragemgmt to arrive at one filesystem/storage solution for KVM that works for most of the scenarios. Various aspects like making GlusterFS virtualization-ready and cross-vendor storage array integration will be discussed. We will finally discuss how some of the virtualization features like VM migration, taking snapshots etc can be done seamlessly in our storage solution using oVirt. Virtualization/Data Center administrators and users of KVM based virtualization will benefit from attending this presentation.

Topic Lead: Bharata B Rao <email address hidden>
Bharata B Rao is part of IBM Linux Technology Center, Bangalore He is currently working in the area of Virtualization. Earlier he has worked in the area of File Systems, Scheduler, Debuggers, Embedded Linux and Linux Clusters. Bharata graduated from The National Institute of Engineering, Mysore in 1999 and did his post graduation(MS) from BITS, Pilani in 2003.

In his spare time, Sanskrit language, Mountains and Mridangam (an Indian percussion instrument) keep him engaged.

Topic Lead: Deepak C Shetty <email address hidden>
Deepak C Shetty is working with IBM's Linux Technology Center (LTC), Bangalore in the area of open virtualisation. Earlier he has worked in area of Virtualisation aware File Systems. Prior to being part of LTC, Deepak worked in the areas of Platform Management (IBM Systems Director product) and Hardware Validation of IBM Power systems, in IBM. Deepak holds a Bachelor of Engineering degree in Electronics from Pune University, India and Diploma in Advanced Computing from C-DAC, Pune, India.

Other areas of interest include Software design and Stamp collection (Philately).

Topic Lead: M Mohan Kumar <email address hidden>
M. Mohan Kumar is an open source developer working at IBM Linux Technology Center, Bangalore. He has contributed to various components of Linux ecosystem including kexec (fast boot), kdump (kernel crash dump mechanism) for PowerPC, 9p file system and QEMU. Prior to IBM he has worked on various SCSI and Fibre Channel related Linux projects.

Mohan obtained his Bachelor of Engineering in Computer Science and Engineering from Bharathiar University, TamilNadu, India. He has 11 years of experience in Linux area.

Topic Lead: Balamurugan Aramugam <email address hidden>
Balamurugan works as Principle Software Engineer in Red Hat. He is contributor to the upstream VDSM project, focusing on adding Gluster support. He has been involved in design/development of various Gluster products, FreeIPMI etc. Balamurugan works out of the Red Hat office in Bengaluru and his topics of interest include cloud technologies, Big Data, Kernel Development, Artificial Intelligence etc

Topic Lead: Shireesh Anjal <email address hidden>
Shireesh Anjal works as a Principal Software Engineer with Red Hat. He is a contributor to the upstream oVirt project, focusing on adding GlusterFS support. He has been involved with building scalable Banking and eGovernance systems over the past 12 years. Shireesh works out of the Red Hat office in Bengaluru and his topics of interest include cloud technologies, Big Data and mobile computing.

Blueprint information

Status:
Not started
Approver:
None
Priority:
Undefined
Drafter:
None
Direction:
Needs approval
Assignee:
None
Definition:
New
Series goal:
None
Implementation:
Unknown
Milestone target:
None

Related branches

Sprints

Whiteboard

(?)

Work Items

This blueprint contains Public information 
Everyone can see this information.