Doc: Add driver security notes to contributor doc
Document some requirements that driver authors should consider when creating drivers. Change-Id: Ieae8863d5e4c140545d89c4cfa4e019dbb301a36
This commit is contained in:
Eric Harney
parent
a8a9dda300
commit
f032053bfb
@ -55,6 +55,18 @@ Core Functionality
|
|||||||
* Clone Volume
|
* Clone Volume
|
||||||
* Extend Volume
|
* Extend Volume
|
||||||
|
|
||||||
|
Security Requirements
|
||||||
|
---------------------
|
||||||
|
|
||||||
|
* Drivers must delete volumes in a way where volumes deleted from the backend
|
||||||
|
will not leak data into new volumes when they are created. Cinder operates
|
||||||
|
in multi-tenant environments and this is critical to ensure data safety.
|
||||||
|
* Drivers should support secure TLS/SSL communication between the cinder
|
||||||
|
volume service and the backend as configured by the "driver_ssl_cert_verify"
|
||||||
|
and "driver_ssl_cert_path" options in cinder.conf.
|
||||||
|
* Drivers should use standard Python libraries to handle encryption-related
|
||||||
|
functionality, and not contain custom implementations of encryption code.
|
||||||
|
|
||||||
Volume Stats
|
Volume Stats
|
||||||
------------
|
------------
|
||||||
|
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user