Liberate Your Files
Private Cloud Storage on Your Terms

Isaac Christoffersen
Architect, Vizuri
Allen Gigler
Product Consu...
http://mashable.com/2013/05/30/dropbox-outage/
Do you have a Dropbox Problem?
The Problem “Dropbox” Created
The Problem:
“Dropbox” created huge demand for file
sync and share...
•

Simple

•

Free

•
...
The Problem “Dropbox” Created
The Problem:
“Dropbox” created huge demand for file
sync and share...
•

Simple

•

Free

•
...
Let your data out into the
open, not into the wild
Private Cloud Storage … without giving up the
features we want
Extensible
& Open APIs

On-Demand
Scaling

Search &
Retriev...
Open source solutions
enable you to regain
control and freedom
ownCloud – Your data, your cloud, your
control
What is ownCloud
ownCloud helps enterprises concerned about sensitive data
leakage via Dropbox deliver a secure file sync ...
ownCloud's mobile, web, and desktop
clients enable you to ...
●

Host in your data center

●

Store on your storage

●

In...
ownCloud Solution Architecture
Demonstration
ownCloud Deployed in the Cloud
●

ownCloud at OpenShift
–

http://liberate-summit2013.rhcloud.com
●
●

User ...
OpenShift PaaS

…Bridging App Dev Worlds
Established

Enterprise-Class
Strength

• Enterprise Java EE6 via JBoss
• Multi-t...
Unique SELinux Approach Enables
Security and Multi-tenancy
SELinux Policies securely subdivide
the Node instances.

RHEL
B...
OpenShift User Applications Run
in OpenShift Gears
Linux kernel cgroups are used to
contain application processes
and to f...
Application Scaling... Automated!

HA-Proxy

●

●

C
C
oCode
Java
do
Java
d
ePhp
e

MySQL

RHEL
Broker

Node

●

Node

●

...
Demonstration
Deploying your own ownCloud Instance on OpenShift
●

Video of deploying OpenShift

●

ownCloud at OpenShift
...
GLUSTER STORAGE—50,000 FOOT OVERVIEW
RED HAT STORAGE POOL
VIRTUAL

PHYSICAL

Brick
(glusterfsd)

ADMINISTRATOR
Cloud Volum...
FILE-CENTRIC STORAGE USE-CASES & DR
SITE A

SITE B

OR
CLOUD A

CLOUD B
GLUSTERFS STORAGE BENEFITS

Highly Scalable Storage
●

Multiple peta-byte clusters

●

Highly Flexible

Geo-replication to...
Demonstration
Key Components in Action
●

OpenShift
–

●

Gluster Storage
–

●

1 Broker with 2 Nodes
2 Nodes with 1 Brick...
Next-generation cloud storage on your
terms

Title:Vizuri-logo-large-Summit-2011.ep
Creator:Adobe Illustrator(R) 13.0
Crea...
Questions?
●

OpenShift Origin – openshift.github.io

●

GlusterFS – gluster.org

●

owncloud – owncloud.org

●

ownCloud ...
Upcoming SlideShare
Loading in …5
×

AllThingsOpen 2013 - Liberate Your Files

756 views
595 views

Published on

By leveraging professional open source offerings, its possible to build your own private cloud storage solution

Published in: Technology
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
756
On SlideShare
0
From Embeds
0
Number of Embeds
4
Actions
Shares
0
Downloads
18
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide
  • For main parts to the solution
    Control – you server
    Physical, virtual, private cloud
    Where everything is integrated and admins control access and administer the system
    Storage – Your storage – AGNOSTIC
    NAS, SAN, direct attached – whatever you have or want
    Hybrid too if you choose
    Access – web clients, mobile devices, desktop clients, and a standard WebDAV connection
    Extensibility – the secret sauce of ownCloud, this extensible framework for creating plug-ins
    ALL Runs inside your firewall, managed by your admins, to your security and access polocies
  • So what is the problem?
    Dropbox created something amazing
    Simeple
    Easy to get
    Easy to use
    It just works
    Drop a file in the folder, it show up on server, and then to all other devices or users
    The problem is it is not secure – lots of news to this affect
  • However, in an attempt to be more productive, users use it anyway
    In a recent survey, 44% of enterprise users (>1000+) use dropbox without Its permission
    Not all that secure,
    Lots of people using it anyway
    Opens you to risk of lost sensitive data
    The little dropbox can be a big source of leaks – why it is upside down over here
  • And one more layer down, you see the server
    The APIs are part of why we are so flexible, as is the standard n-tier architecture
    We are PHP, support Oracle, MySQL, Postgres as databases
    We have a management panel and logging apps to provide insight and control
    External provisioning api for use with automation
    Sharing
    Capability
    Storage abstraction layer: whatever you have plus cloud storage, all abstracted by ownCloud to make it simple to use the storage you have
  • OpenShift provides a Cloud Application Platform that bridges today’s two diverging application development worlds. OpenShift brings Enterprise-class strength and maturity to the Cloud and also enables both proven enterprise application stacks like Java EE as well as newer rapid-development oriented application stacks like LAMP, Ruby and Node.JS.
    OpenShift includes the tools needed for rigorous application development like Maven and Jenkins, as well as support for NoSQL databases and Mobile application development.
    Soon to be available in either public, private, or hybrid cloud implementations, OpenShift delivers the Control and Security that IT Operations demands and the Velocity and Agility that Application Developers desire.
    OpenShift is the industry’s first Open Hybrid PaaS.
    <next slide>
  • One of the unique features of OpenShift is that within the Nodes, OpenShift provides secure, fine-grained, multi-tenancy by leveraging powerful Red Hat Enterprise Linux subsystems such as SELinux (Security Enhanced Linux), CGroups (Control Groups), and NameSpaces to divide up the RHEL instances into slices that can be dedicated to each user application firewalled off from each other.
    <next slide>
  • These slices of RHEL are called OpenShift Gears. OpenShift Gears are super-secure and highly efficient containers that host user applications in OpenShift. To the user, the Gear appears like an instance of RHEL. They can even SSH in to the gear. They can see their processes, their memory, and their filesystem, but they are prevented from seeing or impacting anyone else’s environment or the system as a whole.
    SELinux was built by Red Hat in conjunction with the National Security Agency in order to support some of their strict requirements. It is a “Deny everything, and allow by exception” policy subsystem that allows very strict control of what processes and users can do. In OpenShift, SELinux policies are used to enable hi security in a container based multitenant environment.
    Likewise, Control Groups are used to carefully control what resources an OpenShift Gear is able to consume. Cgroups allow Gears to consume CPU and RAM but also limits that consumption based on configurable policies.
    And finally NameSpaces are used to allow each Gear to have it’s own file system complete with the system directories that it may need including /tmp, /var, and others.
    Red Hat has been able to leverage these technologies to build a secure and yet efficient multi-tenant PaaS because Red Hat has incredible knowledge with respect to the Operating System underneath, Red Hat Enterprise Linux. With some of the best linux kernel coders in the world, Red Hat has used these smarts to build a cloud Platform-as-a-Service on top of the industry leading enterprise Linux operating system.
    OpenShift Gears represent the resulting benefit of leveraging this wealth of knowledge in the Operating System Platform to build a Cloud Application Platform that is both super-secure and highly efficient.
    <Optional statements>
    The OpenShift Gear-based architecture provides two other key benefits:
    Deploying multi-tenancy inside of RHEL Nodes allows many, many applications to be maintained by deploying maintenance to a much smaller set of RHEL Operating System instances. The Sys Admins job becomes much easier when they only need to patch and perform maintenance on a small number of nodes instead of 1000s of Virtual Machine instances (as would be the case with VM-based multi-tenancy).
    OpenShift also has the ability to “Idle” Gears that are not actively being used. In this situation the Broker will take a snapshot of an application Gear and write it to disk to take it out of RAM. Network connections are maintained so when an application URL is requested, the Gear will be “un-idled” and able to service the request quickly. This Idling technology allows many more Gears to be supported within one instance of RHEL because not all Gears will be active at the same time. Implemented for the OpenShift hosted service, this Idling capability is also beneficial to the enterprise that wants to optimize resource consumption as much as possible.
    <next slide>
  • And, once the application is launched within the OpenShift PaaS, OpenShift provides the elasticity expected in a Cloud Application Platform by automatically scaling the application as needed to meet demand.
    When created, applications can be flagged as “Scalable” (some apps may not want to be scaled). When OpenShift sees this flag, it creates an additional Gear and places an HA-Proxy software load-balancer in front of the application. The HA-Proxy then monitors the incoming traffic to the application. When the number of connections to the application crosses a certain pre-defined threshold, OpenShift will then horizontally scale the application by replicating the application code tier of the application across multiple Gears.
    For JBoss applications, OpenShift will scale the application using JBoss Clustering which allows stateful or stateless applications to be scaled gracefully. For Ruby, PHP, Python, and other script-oriented languages, the application will need to be designed for stateless scaling where the application container is replicated across multiple gears. The Database tier is not scaled in OpenShift today.
    Automatic application scaling is a feature that is unique to OpenShift among the popular PaaS offerings that are out there.
    Automatic scaling of production applications is another example of how OpenShift applies automation technologies and a cloud architecture to make life better for both IT Operations and Development.
    <next slide>
  • AllThingsOpen 2013 - Liberate Your Files

    1. 1. Liberate Your Files Private Cloud Storage on Your Terms Isaac Christoffersen Architect, Vizuri Allen Gigler Product Consultant, ownCloud 24 October 2013
    2. 2. http://mashable.com/2013/05/30/dropbox-outage/
    3. 3. Do you have a Dropbox Problem?
    4. 4. The Problem “Dropbox” Created The Problem: “Dropbox” created huge demand for file sync and share... • Simple • Free • Fast to obtain • It just works ...at the risk of user and IT security.
    5. 5. The Problem “Dropbox” Created The Problem: “Dropbox” created huge demand for file sync and share... • Simple • Free • Fast to obtain • It just works * 44% ...at the risk of user and IT security. * Use Dropbox in the enterprise without permission, Osterman Research
    6. 6. Let your data out into the open, not into the wild
    7. 7. Private Cloud Storage … without giving up the features we want Extensible & Open APIs On-Demand Scaling Search & Retrieval Tools Automated File Synchronization Security & Encryption Collaboration & Sharing Access from Anywhere
    8. 8. Open source solutions enable you to regain control and freedom
    9. 9. ownCloud – Your data, your cloud, your control
    10. 10. What is ownCloud ownCloud helps enterprises concerned about sensitive data leakage via Dropbox deliver a secure file sync and share solution on their storage inside their data center. ● Protect and Manage sensitive data by storing it on-site, on their servers, managed to their policies ● Integrate seamlessly into existing infrastructure ● Extend functionality through extensive APIs AND STILL provide the seamless, easy-to-use access to sensitive data that end users have come to expect from consumer-grade services.
    11. 11. ownCloud's mobile, web, and desktop clients enable you to ... ● Host in your data center ● Store on your storage ● Integrate via Plug-ins ● Extend with Plug-ins ● Sync files and folders ● ownCloud Server – the brains Share files and folders iOS and Android – mobile access apps Windows, Mac and Linux – desktop file sync clients
    12. 12. ownCloud Solution Architecture
    13. 13. Demonstration ownCloud Deployed in the Cloud ● ownCloud at OpenShift – http://liberate-summit2013.rhcloud.com ● ● User – admin Password - OpenShiftAdmin
    14. 14. OpenShift PaaS …Bridging App Dev Worlds Established Enterprise-Class Strength • Enterprise Java EE6 via JBoss • Multi-tenancy and Security via Red Hat Enterprise Linux • Jenkins, Maven, Git • Auto-Scaling • On-Premise, Hosted, or Hybrid New Cloud-Class Agility • Designed for No Lock-In • Polyglot with Java, Ruby, PHP, Perl, Python • Mobile and Responsive Web • REST and Javascript OpenShift = Open Hybrid PaaS OpenShift = Open Hybrid PaaS
    15. 15. Unique SELinux Approach Enables Security and Multi-tenancy SELinux Policies securely subdivide the Node instances. RHEL Broker RHEL ● Node ● Node RHEL ● Node AWS / CloudForms / OpenStack (IaaS) / RHEV (Virt) / Bare Metal
    16. 16. OpenShift User Applications Run in OpenShift Gears Linux kernel cgroups are used to contain application processes and to fairly allocate resources RHEL Broker RHEL ● Node ● Node RHEL ● Node AWS / CloudForms / OpenStack (IaaS) / RHEV (Virt) / Bare Metal
    17. 17. Application Scaling... Automated! HA-Proxy ● ● C C oCode Java do Java d ePhp e MySQL RHEL Broker Node ● Node ● Node AWS / CloudForms / OpenStack (IaaS) / RHEV (Virt) / Bare Metal
    18. 18. Demonstration Deploying your own ownCloud Instance on OpenShift ● Video of deploying OpenShift ● ownCloud at OpenShift – http://liberate-summit2013.rhcloud.com ● ● User – admin Password - OpenShiftAdmin
    19. 19. GLUSTER STORAGE—50,000 FOOT OVERVIEW RED HAT STORAGE POOL VIRTUAL PHYSICAL Brick (glusterfsd) ADMINISTRATOR Cloud Volume Manager (glusterd) SSH Brick (glusterfsd) Brick (glusterfsd) STORAGE CLI z Cloud Volume Manager (glusterd) Brick (glusterfsd) Brick (glusterfsd) Brick (glusterfsd) NFS CIFS Fuse USERS OpenStack Swift Brick (glusterfsd) Cloud Volume Manager (glusterd) Brick (glusterfsd) Brick (glusterfsd)
    20. 20. FILE-CENTRIC STORAGE USE-CASES & DR SITE A SITE B OR CLOUD A CLOUD B
    21. 21. GLUSTERFS STORAGE BENEFITS Highly Scalable Storage ● Multiple peta-byte clusters ● Highly Flexible Geo-replication to disperse data ● ● Physical, virtual, cloud and hybrid deployment models File and object access protocols Highly Cost-Effective ● ● Leverages commodity x86 servers Leverages existing capacity within virtual Machine environment Deployment Agnostic ● Deploy on-premise, in the public cloud or a hybrid setup. Open & Standards Based ● NFS, CIFS, HTTP
    22. 22. Demonstration Key Components in Action ● OpenShift – ● Gluster Storage – ● 1 Broker with 2 Nodes 2 Nodes with 1 Brick per Node in a distributed configuration ownCloud – Deployed as an OpenShift Gear ● ● MySQL Php 5.3
    23. 23. Next-generation cloud storage on your terms Title:Vizuri-logo-large-Summit-2011.ep Creator:Adobe Illustrator(R) 13.0 CreationDate:4/12/11 LanguageLevel:2 Secure multi-tenant environment with built-in autoscaling and encryption Example text Geo-replication support with massive redundancy and proactive self-healing Mobile, desktop, and web clients let you work from anywhere Example text Integrates with existing infrastructure and corporate audit & compliance policies Free of lock-in and extensible through open APIs Example text Built on top of enterpriseclass, professional open source software
    24. 24. Questions? ● OpenShift Origin – openshift.github.io ● GlusterFS – gluster.org ● owncloud – owncloud.org ● ownCloud OpenShift Quickstart – – ● github.com/ichristo/owncloud-openshift-quickstart OwnCloud Mobile Clients – https://owncloud.com/products/mobileapps Isaac Christoffersen | @ichristo | ichristoffersen@vizuri.com Allen Gigler | @ownCloud | agigler@owncloud.com

    ×