Difference between revisions of "Virtual Machine Image Endorsement"
Jump to navigation
Jump to search
Activity
Images to support as EGI.eu
Communication/documentation:
Line 13: | Line 13: | ||
It is particularly relevant here the [https://documents.egi.eu/document/771 Security Policy for the Endorsement and Operation of Virtual Machine Images] and a [https://wiki.egi.eu/wiki/SPG:Drafts:Virtualisation_Policy draft of a Virtualisation Policy]. | It is particularly relevant here the [https://documents.egi.eu/document/771 Security Policy for the Endorsement and Operation of Virtual Machine Images] and a [https://wiki.egi.eu/wiki/SPG:Drafts:Virtualisation_Policy draft of a Virtualisation Policy]. | ||
[https://wiki.egi.eu/wiki/SPG:Drafts SPG Drafts under development] | |||
= EGI core VM endorsement = | = EGI core VM endorsement = |
Revision as of 15:47, 19 May 2015
Members
- Vincenzo (leader)
- Marios (appdb)
- Enol (fed cloud)
- Gergely (user support)
- Diego (JRA1)
- Sven (CSIRT) TBC
Policies
Policies are defined by the SPG group and are published in the https://wiki.egi.eu/wiki/SPG:Documents
It is particularly relevant here the Security Policy for the Endorsement and Operation of Virtual Machine Images and a draft of a Virtualisation Policy.
EGI core VM endorsement
Here the endorsement of the "core" EGI VM images is shown in detail.
Activity
Enol Fernandéz will set up the workflow and establish the procedure; Vincenzo will take care of the endorsement and give feedback to the procedure.
A security expert is needed to suggest technical checks to be done on the VMs; they can be automated or not; they assure compliance of a given VM to EGI recommendations. Start here: https://wiki.egi.eu/wiki/SPG:Drafts:Virtualisation_Policy
Images to support as EGI.eu
Ubuntu LTS, CentOS6, CentOS7. Update frequency at the moment is "monthly or triggered by security issues"
Communication/documentation:
SSO group available: vm-image-endorsement. Also GDoc available with the "big discussion" (as Vincenzo).
VO VM endorsement (and pilot)
EGI will involve the VOs, inviting them to insert/update their images, following the new guidelines and accepting the relevant policies. EGI can give support especially in the first round of creation of the VO images.
Educating VM/VA preparators on how to prepare secure images. Documentation from the first step (preparation of the VM) is needed, and security advisories/recommendations/procedures.