Back To Schedule
Thursday, October 29 • 9:00am - 9:40am
XenSecurity Advisories are Full of VENOM - How to Reboot 'The Cloud'

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Over the past 18 months there have been several security vulnerabilities discovered in the Xen kernel, which powers some of the largest public cloud OpenStack implementations. How do you address a security vulnerability in a timely manner for your customers whilest minimizing the impact as much as possible? What do you do when this happens again 6 months later? On the Rackspace public cloud team we had to tackle this problem. This talk will aim to address how we addressed the first (XSA-108), and what we learned to make subsequent issues (XSA-123, VENOM, etc.) easer to handle. As well as what we are currently working on to make the process even more graceful moving forward.

We used a combination of tools, driven by Ansible, to apply the fixes in a timely manner for our customers. Ultimately this is a simple patch and reboot procedure, however operating at this scale provides unique challenges that have to be accounted for.


Benjamin Burdick

Systems Engineer, Rackspace
avatar for Michael  Porras

Michael Porras

Rackspace - Software Developer
Building tools that make running the cloud a little bit easier. 
avatar for Joel Preas

Joel Preas

Public Cloud Systems Engineer
A cog in the machine at the Rackspace public cloud.

Thursday October 29, 2015 9:00am - 9:40am JST

Attendees (0)