Cloud, Security and opensource 2012-12-28 at SSU
Upcoming SlideShare
Loading in...5
×
 

Cloud, Security and opensource 2012-12-28 at SSU

on

  • 619 views

 

Statistics

Views

Total Views
619
Views on SlideShare
619
Embed Views
0

Actions

Likes
1
Downloads
6
Comments
1

0 Embeds 0

No embeds

Accessibility

Categories

Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

Cloud, Security and opensource 2012-12-28 at SSU Cloud, Security and opensource 2012-12-28 at SSU Presentation Transcript

  • Cloud & Securityand opensourceBae KwonHan <darjeeling@gmail.com>
  • Q : What is Cloud?
  • • Data Sync Service on the cloud• Commercial Cloud Service• Cloud Service Implementation with open source or closed source• Any Cloud Service use instead of legacy infrastructure• http://en.wikipedia.org/wiki/ Cloud_computing
  • • Infrastructure as a Service• Platform as a Service• Service as a Service• Backend as a Service• Blah as a Service
  • COST
  • SURPLUS
  • Automation
  • IaaS• Packaging VM with network• Multitenancy• Volume Service• Object Store Service• AAA• Network Security Manager ( ACL )• API / CLI / GUI
  • Security on IaaS• network Isolation!!• VM access• VM host• ACL• IaaS Manager
  • IaaS safe?• VM data?• VM memory access?• volume data?• DDOS?• think about a service• multi service distribution
  • AWS security support• VPC ( Virtual Private Cloud )• S3 Encryption• AWS Identity and Access Management• AWS Security Group
  • Commercial IaaS Implementation• Amazon AWS EC2• MS Azure Virtual Machines• Google CE• HP Cloud• Joyent• Rackspace Cloud• cafe24?• KT uCloud Biz• SKT tCloud Biz• Hostway?• VMWARE Product
  • OpenSource IaaS Implementation• Openstack• Cloudstack• Eucalyptus• others
  • http://ken.pepple.info/ openstack/2012/09/25/openstack-folsom-architecture/
  • PaaS• Packaging Process with database on IaaS• runtime, middleware, os• Multitenancy• AAA• ACL on Process• API / CLI / GUI
  • Security on PaaS• API• Process Isolation• Database Isolation• PaaS Manager
  • Commercial Platform as a Service• Heroku• Google App Engine• Engine Yard• Openshift• Windows Azure• vmware CloudFoundry • appfog • appcera
  • Opensource Platform as a Service• VMWARE CloudFoundry• Redhat OpenShift
  • Security on PaaS• DDOS• Manager Problem• Application Problem
  • SaaS• Packaging Service on Infrastructure
  • Security on SaaS• API• SaaS Manager• connection hook
  • SaaS Implementation• Google Apps• iCloud• SalesForce• others?
  • Plus Baremetal as a Service or Metal as a Service• automate installing os• use out of band management • IPMI • dell Drac • KVM over IP • HP ILO • IBM Remote Supervisor Adapter
  • MAAS Implementation• opensource • ubuntu juju• every hardware vender sells MAAS
  • Chain of aaS• MaaS• IaaS• PaaS• SaaS
  • Cloud Service User
  • • Cost• you should know what/how you are doing• you should know what/how they are doing• focus on application programming• focus on management console• focus on AAA
  • OpenSource
  • why open source?
  • everything isopen source
  • open source• openstack• openvswich• cloudfoundry• openshift• opensource VM implementation • KVM ( Kernel-based Virtual Machine ) • XEN • LXC • OpenVZ • QEMU • VirtualBOX
  • OpenStack• Infrastructure as a Service• started by rackspace cloud and NASA since 2010 • Compute ( nova ) • Object Storage ( Swift ) • Image Service ( Glance ) • Identity Service ( Keystone ) • Dashboard ( Horizon ) • Networking ( Quantum ) • Block Storage ( Cinder ) • Metering ( Ceilometer - Beta ) • Basic Cloud Ochestration ( Heat - Beta - PaaS )
  • openvswitch• http://openvswitch.org/• security : vlan isolation, traffic filtering• QoS : traffic queuing, traffic shaping• monitoring : NetFlow, sFlow, SPAN, RSPAN• automated control
  • DevOps?
  • what we should know?• What is cloud• Every component of cloud service• Every boundary of cloud component• how application works
  • Q &A