AllThingsOpen 2013 - Liberate Your Files
Upcoming SlideShare
Loading in...5

AllThingsOpen 2013 - Liberate Your Files



By leveraging professional open source offerings, its possible to build your own private cloud storage solution

By leveraging professional open source offerings, its possible to build your own private cloud storage solution



Total Views
Views on SlideShare
Embed Views



1 Embed 3 3



Upload Details

Uploaded via as OpenOffice

Usage Rights

CC Attribution-ShareAlike LicenseCC Attribution-ShareAlike License

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
Post Comment
Edit your comment
  • For main parts to the solution <br /> Control – you server <br /> Physical, virtual, private cloud <br /> Where everything is integrated and admins control access and administer the system <br /> Storage – Your storage – AGNOSTIC <br /> NAS, SAN, direct attached – whatever you have or want <br /> Hybrid too if you choose <br /> Access – web clients, mobile devices, desktop clients, and a standard WebDAV connection <br /> Extensibility – the secret sauce of ownCloud, this extensible framework for creating plug-ins <br /> ALL Runs inside your firewall, managed by your admins, to your security and access polocies <br />
  • So what is the problem? <br /> Dropbox created something amazing <br /> Simeple <br /> Easy to get <br /> Easy to use <br /> It just works <br /> Drop a file in the folder, it show up on server, and then to all other devices or users <br /> The problem is it is not secure – lots of news to this affect <br />
  • However, in an attempt to be more productive, users use it anyway <br /> In a recent survey, 44% of enterprise users (>1000+) use dropbox without Its permission <br /> Not all that secure, <br /> Lots of people using it anyway <br /> Opens you to risk of lost sensitive data <br /> The little dropbox can be a big source of leaks – why it is upside down over here <br />
  • And one more layer down, you see the server <br /> The APIs are part of why we are so flexible, as is the standard n-tier architecture <br /> We are PHP, support Oracle, MySQL, Postgres as databases <br /> We have a management panel and logging apps to provide insight and control <br /> External provisioning api for use with automation <br /> Sharing <br /> Capability <br /> Storage abstraction layer: whatever you have plus cloud storage, all abstracted by ownCloud to make it simple to use the storage you have <br />
  • OpenShift provides a Cloud Application Platform that bridges today’s two diverging application development worlds. OpenShift brings Enterprise-class strength and maturity to the Cloud and also enables both proven enterprise application stacks like Java EE as well as newer rapid-development oriented application stacks like LAMP, Ruby and Node.JS. <br /> OpenShift includes the tools needed for rigorous application development like Maven and Jenkins, as well as support for NoSQL databases and Mobile application development. <br /> Soon to be available in either public, private, or hybrid cloud implementations, OpenShift delivers the Control and Security that IT Operations demands and the Velocity and Agility that Application Developers desire. <br /> OpenShift is the industry’s first Open Hybrid PaaS. <br /> <br />
  • One of the unique features of OpenShift is that within the Nodes, OpenShift provides secure, fine-grained, multi-tenancy by leveraging powerful Red Hat Enterprise Linux subsystems such as SELinux (Security Enhanced Linux), CGroups (Control Groups), and NameSpaces to divide up the RHEL instances into slices that can be dedicated to each user application firewalled off from each other. <br /> <br />
  • These slices of RHEL are called OpenShift Gears. OpenShift Gears are super-secure and highly efficient containers that host user applications in OpenShift. To the user, the Gear appears like an instance of RHEL. They can even SSH in to the gear. They can see their processes, their memory, and their filesystem, but they are prevented from seeing or impacting anyone else’s environment or the system as a whole. <br /> SELinux was built by Red Hat in conjunction with the National Security Agency in order to support some of their strict requirements. It is a “Deny everything, and allow by exception” policy subsystem that allows very strict control of what processes and users can do. In OpenShift, SELinux policies are used to enable hi security in a container based multitenant environment. <br /> Likewise, Control Groups are used to carefully control what resources an OpenShift Gear is able to consume. Cgroups allow Gears to consume CPU and RAM but also limits that consumption based on configurable policies. <br /> And finally NameSpaces are used to allow each Gear to have it’s own file system complete with the system directories that it may need including /tmp, /var, and others. <br /> Red Hat has been able to leverage these technologies to build a secure and yet efficient multi-tenant PaaS because Red Hat has incredible knowledge with respect to the Operating System underneath, Red Hat Enterprise Linux. With some of the best linux kernel coders in the world, Red Hat has used these smarts to build a cloud Platform-as-a-Service on top of the industry leading enterprise Linux operating system. <br /> OpenShift Gears represent the resulting benefit of leveraging this wealth of knowledge in the Operating System Platform to build a Cloud Application Platform that is both super-secure and highly efficient. <br /> <br /> The OpenShift Gear-based architecture provides two other key benefits: <br /> Deploying multi-tenancy inside of RHEL Nodes allows many, many applications to be maintained by deploying maintenance to a much smaller set of RHEL Operating System instances. The Sys Admins job becomes much easier when they only need to patch and perform maintenance on a small number of nodes instead of 1000s of Virtual Machine instances (as would be the case with VM-based multi-tenancy). <br /> OpenShift also has the ability to “Idle” Gears that are not actively being used. In this situation the Broker will take a snapshot of an application Gear and write it to disk to take it out of RAM. Network connections are maintained so when an application URL is requested, the Gear will be “un-idled” and able to service the request quickly. This Idling technology allows many more Gears to be supported within one instance of RHEL because not all Gears will be active at the same time. Implemented for the OpenShift hosted service, this Idling capability is also beneficial to the enterprise that wants to optimize resource consumption as much as possible. <br /> <br />
  • And, once the application is launched within the OpenShift PaaS, OpenShift provides the elasticity expected in a Cloud Application Platform by automatically scaling the application as needed to meet demand. <br /> When created, applications can be flagged as “Scalable” (some apps may not want to be scaled). When OpenShift sees this flag, it creates an additional Gear and places an HA-Proxy software load-balancer in front of the application. The HA-Proxy then monitors the incoming traffic to the application. When the number of connections to the application crosses a certain pre-defined threshold, OpenShift will then horizontally scale the application by replicating the application code tier of the application across multiple Gears. <br /> For JBoss applications, OpenShift will scale the application using JBoss Clustering which allows stateful or stateless applications to be scaled gracefully. For Ruby, PHP, Python, and other script-oriented languages, the application will need to be designed for stateless scaling where the application container is replicated across multiple gears. The Database tier is not scaled in OpenShift today. <br /> Automatic application scaling is a feature that is unique to OpenShift among the popular PaaS offerings that are out there. <br /> Automatic scaling of production applications is another example of how OpenShift applies automation technologies and a cloud architecture to make life better for both IT Operations and Development. <br /> <br />

AllThingsOpen 2013 - Liberate Your Files AllThingsOpen 2013 - Liberate Your Files Presentation Transcript

  • Liberate Your Files Private Cloud Storage on Your Terms Isaac Christoffersen Architect, Vizuri Allen Gigler Product Consultant, ownCloud 24 October 2013
  • Do you have a Dropbox Problem?
  • The Problem “Dropbox” Created The Problem: “Dropbox” created huge demand for file sync and share... • Simple • Free • Fast to obtain • It just works the risk of user and IT security.
  • The Problem “Dropbox” Created The Problem: “Dropbox” created huge demand for file sync and share... • Simple • Free • Fast to obtain • It just works * 44% the risk of user and IT security. * Use Dropbox in the enterprise without permission, Osterman Research
  • Let your data out into the open, not into the wild
  • Private Cloud Storage … without giving up the features we want Extensible & Open APIs On-Demand Scaling Search & Retrieval Tools Automated File Synchronization Security & Encryption Collaboration & Sharing Access from Anywhere
  • Open source solutions enable you to regain control and freedom
  • ownCloud – Your data, your cloud, your control
  • What is ownCloud ownCloud helps enterprises concerned about sensitive data leakage via Dropbox deliver a secure file sync and share solution on their storage inside their data center. ● Protect and Manage sensitive data by storing it on-site, on their servers, managed to their policies ● Integrate seamlessly into existing infrastructure ● Extend functionality through extensive APIs AND STILL provide the seamless, easy-to-use access to sensitive data that end users have come to expect from consumer-grade services.
  • ownCloud's mobile, web, and desktop clients enable you to ... ● Host in your data center ● Store on your storage ● Integrate via Plug-ins ● Extend with Plug-ins ● Sync files and folders ● ownCloud Server – the brains Share files and folders iOS and Android – mobile access apps Windows, Mac and Linux – desktop file sync clients
  • ownCloud Solution Architecture
  • Demonstration ownCloud Deployed in the Cloud ● ownCloud at OpenShift – ● ● User – admin Password - OpenShiftAdmin
  • OpenShift PaaS …Bridging App Dev Worlds Established Enterprise-Class Strength • Enterprise Java EE6 via JBoss • Multi-tenancy and Security via Red Hat Enterprise Linux • Jenkins, Maven, Git • Auto-Scaling • On-Premise, Hosted, or Hybrid New Cloud-Class Agility • Designed for No Lock-In • Polyglot with Java, Ruby, PHP, Perl, Python • Mobile and Responsive Web • REST and Javascript OpenShift = Open Hybrid PaaS OpenShift = Open Hybrid PaaS
  • Unique SELinux Approach Enables Security and Multi-tenancy SELinux Policies securely subdivide the Node instances. RHEL Broker RHEL ● Node ● Node RHEL ● Node AWS / CloudForms / OpenStack (IaaS) / RHEV (Virt) / Bare Metal
  • OpenShift User Applications Run in OpenShift Gears Linux kernel cgroups are used to contain application processes and to fairly allocate resources RHEL Broker RHEL ● Node ● Node RHEL ● Node AWS / CloudForms / OpenStack (IaaS) / RHEV (Virt) / Bare Metal
  • Application Scaling... Automated! HA-Proxy ● ● C C oCode Java do Java d ePhp e MySQL RHEL Broker Node ● Node ● Node AWS / CloudForms / OpenStack (IaaS) / RHEV (Virt) / Bare Metal
  • Demonstration Deploying your own ownCloud Instance on OpenShift ● Video of deploying OpenShift ● ownCloud at OpenShift – ● ● User – admin Password - OpenShiftAdmin
  • GLUSTER STORAGE—50,000 FOOT OVERVIEW RED HAT STORAGE POOL VIRTUAL PHYSICAL Brick (glusterfsd) ADMINISTRATOR Cloud Volume Manager (glusterd) SSH Brick (glusterfsd) Brick (glusterfsd) STORAGE CLI z Cloud Volume Manager (glusterd) Brick (glusterfsd) Brick (glusterfsd) Brick (glusterfsd) NFS CIFS Fuse USERS OpenStack Swift Brick (glusterfsd) Cloud Volume Manager (glusterd) Brick (glusterfsd) Brick (glusterfsd)
  • GLUSTERFS STORAGE BENEFITS Highly Scalable Storage ● Multiple peta-byte clusters ● Highly Flexible Geo-replication to disperse data ● ● Physical, virtual, cloud and hybrid deployment models File and object access protocols Highly Cost-Effective ● ● Leverages commodity x86 servers Leverages existing capacity within virtual Machine environment Deployment Agnostic ● Deploy on-premise, in the public cloud or a hybrid setup. Open & Standards Based ● NFS, CIFS, HTTP
  • Demonstration Key Components in Action ● OpenShift – ● Gluster Storage – ● 1 Broker with 2 Nodes 2 Nodes with 1 Brick per Node in a distributed configuration ownCloud – Deployed as an OpenShift Gear ● ● MySQL Php 5.3
  • Next-generation cloud storage on your terms Title:Vizuri-logo-large-Summit-2011.ep Creator:Adobe Illustrator(R) 13.0 CreationDate:4/12/11 LanguageLevel:2 Secure multi-tenant environment with built-in autoscaling and encryption Example text Geo-replication support with massive redundancy and proactive self-healing Mobile, desktop, and web clients let you work from anywhere Example text Integrates with existing infrastructure and corporate audit & compliance policies Free of lock-in and extensible through open APIs Example text Built on top of enterpriseclass, professional open source software
  • Questions? ● OpenShift Origin – ● GlusterFS – ● owncloud – ● ownCloud OpenShift Quickstart – – ● OwnCloud Mobile Clients – Isaac Christoffersen | @ichristo | Allen Gigler | @ownCloud |