Creation of Security Guidelines Documentation¶
https://blueprints.launchpad.net/sahara/+spec/security-guidelines-doc
As Sahara increases in functionality and complexity, the need for clear, concise documentation grows. This is especially true for security related topics as they are currently under-represented. This specification proposes the creation of a document that will provide a source for security related topics, guides, and instructions as they pertain to Sahara.
Problem description¶
There is currently a distinct lack of centralized, security related, documentation for Sahara. Several features have been implemented to address security shortfalls and they could use broadened discussions of their application and proper usage. Additionally there is no current documentation which discusses the specific procedures for securing the individual plugin technologies at use within Sahara.
Proposed change¶
This specification proposes the creation of Sahara specific documentation addressing the security concerns of users and operators. This documentation will cover current features, best practices, and guidelines for installing and operating Sahara.
The documentation generated by this effort will be included in the OpenStack Security Guide[1]. Bug patches will be generated against the current OpenStack manuals, and the OpenStack Security Group will be engaged with respect to finalizing and including the documentation.
The process will be broken down into sub-chapter sections that will make up a Sahara chapter for the OpenStack Security Guide. Initially these sub-chapters will include; Sahara controller installs, current feature discussions, and plugin specific topics.
The information provided is intended to be updated as new methodologies, plugins, and features are implemented. It will also be open to patching through the standard OpenStack workflows by the community at large.
Alternatives¶
Creation of a separate document managed by the Sahara team outside the purview of the OpenStack manuals, and distributed through the Sahara documentation. This solution would be non-ideal as it creates an alternate path for OpenStack manuals that is outside the expected locations for end users.
Creation of a separate document as above with the exception that it will be maintained with the other OpenStack manuals. This option might be more plausible than the previous, but it still suffers from the problem of creating an alternate location for security related guidelines that is separate from the official manual. It also bears the burden of creating a new project within the manuals infrastructure.
Data model impact¶
None
REST API impact¶
None
Other end user impact¶
None
Deployer impact¶
None
Developer impact¶
None
Sahara-image-elements impact¶
None
Sahara-dashboard / Horizon impact¶
None
Implementation¶
Assignee(s)¶
- Primary assignee:
mimccune (Michael McCune)
- Other contributors:
None
Work Items¶
Create a bug against the OpenStack manuals for Sahara chapter inclusion
Create the documentation and change requests for the following sub-chapters:
Sahara controller install guides, with security related focus
Feature discussions and examples
plugin specific topics
Hadoop
Spark
Storm
Dependencies¶
None
Testing¶
Format testing as provided by the security guide project.
Documentation Impact¶
This specification proposes the creation of hypertext and PDF documentation.
References¶
[1]: http://docs.openstack.org/security-guide/content/ch_preface.html
