f394703f7e
In May 2019, four new microprocessor security flaws, known as "MDS" (Microarchitectural Data Sampling) have been discovered. These flaws affect unpatched Nova Compute nodes and instances running on Intel x86_64 CPUs. The said security flaws are also referred to as "RIDL" (Rogue In-Flight Data Load) and "Fallout". Refer to the following pages for further details: - https://access.redhat.com/security/vulnerabilities/mds - https://mdsattacks.com/ - https://zombieloadattack.com/ * * * If we're adding the guide for "MDS" flaws, then it begs the question: "What about mitigation guides for previous vulnerabilities?" Two points: (a) Write the mitigation document for rest of the previous vulnerabilities too, for completeness' sake. (In April 2018 I wrote this doc[1] for Meltdown — polish it and submit it. Parts of that document's content is already incorporated into the help text for the config attribute `cpu_model_extra_flags`.) (b) For now, we can live with the cliché, "something is better than nothing"; we'll add the other docs "when we get to it". Meanwhile, operators get mitigation details from various other places — processor vendors, Linux distributions, etc. [1] https://kashyapc.fedorapeople.org/Reducing-OpenStack-Guest-Perf-Impact-from-Meltdown.txt Change-Id: I1bb472c3438cc9a91945999d2350b2c59fa6a1f3 Signed-off-by: Kashyap Chamarthy <kchamart@redhat.com>
Team and repository tags
OpenStack Nova
OpenStack Nova provides a cloud computing fabric controller, supporting a wide variety of compute technologies, including: libvirt (KVM, Xen, LXC and more), Hyper-V, VMware, XenServer, OpenStack Ironic and PowerVM.
Use the following resources to learn more.
API
To learn how to use Nova's API, consult the documentation available online at:
For more information on OpenStack APIs, SDKs and CLIs in general, refer to:
Operators
To learn how to deploy and configure OpenStack Nova, consult the documentation available online at:
In the unfortunate event that bugs are discovered, they should be reported to the appropriate bug tracker. If you obtained the software from a 3rd party operating system vendor, it is often wise to use their own bug tracker for reporting problems. In all other cases use the master OpenStack bug tracker, available at:
Developers
For information on how to contribute to Nova, please see the contents of the CONTRIBUTING.rst.
Any new code must follow the development guidelines detailed in the HACKING.rst file, and pass all unit tests.
Further developer focused documentation is available at:
Other Information
During each Summit and Project Team Gathering, we agree on what the whole community wants to focus on for the upcoming release. The plans for nova can be found at: