This talks explains why there should be a European Cloud and how to build it. Sharing, the foundation of every Cloud leads to the question why not share IaaS and PaaS globally? Looking at latest security news in conjunction with having a look at Safe Harbour and Patriot Act leads to the question where to draw the line between security and freedom. Building a European cloud helps to allow European customers to draw their own line. OpenStack and Cloud Foundry are suitable open source technologies to build such a cloud.
10. Any transfer of personal data
of EU citizen to a non-EU
state with a lower data
privacy level compared to EU
standards is prohibited.
- Directive 95/46/EC
Mittwoch, 16. Oktober 13
15. A memo from the
EU commision:
Mittwoch, 16. Oktober 13
16. "The Safe HarbourĀ agreementĀ may not
be soĀ safe after all."
European Commission
MEMO/13/710 19/07/2013
http://rh.gd/1hBKIrf
Mittwoch, 16. Oktober 13
18. "Uniting (and) Strengthening America
(by) Providing Appropriate Tools
Required (to) Intercept (and) Obstruct
Terrorism Act of 2001."
Mittwoch, 16. Oktober 13
19. ā¢ United States federal law
ā¢ Signiļ¬cantly enhanced and broadened
federal government powers in the realm
ofĀ
ā¢ Electronic SurveillanceĀ
ā¢ Anti-money launderingĀ
ā¢ Border Security, ...
Mittwoch, 16. Oktober 13
20. 10 Titles of the Patriot Act
Mittwoch, 16. Oktober 13
21. ā¢ Title I: Enhancing domestic security against terrorism
ā¢ Title II: Surveillance procedures
ā¢ Title III: Anti-money-laundering to prevent terrorism
ā¢ Title IV: Border security
ā¢ Title V: Removing obstacles to investigating terrorism
ā¢ Title VI: Victims and families of victims of terrorism
ā¢ Title VII: Increased information sharing for critical infrastructure
protection
ā¢ Title VIII: Terrorism criminal law
ā¢ Title IX: Improved Intelligence
ā¢ Title X: Miscellaneous Ā Ā Ā Ā Ā
Mittwoch, 16. Oktober 13
25. ā¢ Encrypted email service (*2004) by
Ladar Levison
ā¢ Used by Edward Snowden
ā¢ Ordered to turn over its SSL private key
Mittwoch, 16. Oktober 13
26. Levison's was put to the decision:
shutdown or ābecome complicit in
crimes against the American peopleā.
Mittwoch, 16. Oktober 13
28. "This experience has taught me one
very important lesson: without
congressional action or a strong
judicial precedent, I would strongly
recommend against anyone trusting
their private data to a company with
physical ties to the United States".
- Ladar Levison, Lavabit.com
Mittwoch, 16. Oktober 13
29. ā¢ It's not about having data on European
servers
ā¢ It's not about having a European
company
Mittwoch, 16. Oktober 13
30. Itās about
staying completely off any
US provider and donāt tie
to the US in person or with
your company.
Mittwoch, 16. Oktober 13
60. API request
Router
Router
Droplet request
DEA
DEA
DEA
DEA
DEA
Router
Cloud Controller
Droplet change
notiļ¬cations
Request droplet
start/stop
Droplet heartbeat &
exit messages
Router
Health Manager
Get desired states
Droplet / Service metadata
Cloud
Controller
Database
Consume a service
Service
Services
Services
(e.g. MySQL)
Services
(e.g. MySQL)
(e.g. MySQL)
(e.g. MySQL)
Mittwoch, 16. Oktober 13
61. Cloud Controller
API request
Router
Router
Droplet request
DEA
DEA
DEA
DEA
DEA
Router
Cloud Controller
Droplet change
notiļ¬cations
Request droplet
start/stop
ā¢ Offers the CF API endpoint
ā¢ System authority for issuing
commands
Droplet heartbeat &
exit messages
Router
Health Manager
Get desired states
Droplet / Service metadata
Cloud
Controller
Database
ā¢ Start apps
ā¢ Create service
ā¢ Binding services
Consume a service
Service
Services
Services
(e.g. MySQL)
Services
(e.g. MySQL)
(e.g. MySQL)
(e.g. MySQL)
Mittwoch, 16. Oktober 13
62. DEA
API request
Router
Router
Droplet request
DEA
DEA
DEA
DEA
DEA
Router
Cloud Controller
Droplet change
notiļ¬cations
Request droplet
start/stop
Droplet heartbeat &
exit messages
Router
Health Manager
Get desired states
Droplet / Service metadata
Cloud
Controller
Database
Consume a service
Service
Services
Services
(e.g. MySQL)
Services
(e.g. MySQL)
(e.g. MySQL)
(e.g. MySQL)
Mittwoch, 16. Oktober 13
ā¢ droplet = dea.staging(app_code)
ā¢ Staging = executing buildpacks
ā¢ Warden
ā¢ Starts and runs droplets
63. Health Manager
API request
Router
Router
Droplet request
DEA
DEA
DEA
DEA
DEA
Router
Cloud Controller
Droplet change
notiļ¬cations
Request droplet
start/stop
Droplet heartbeat &
exit messages
ā¢ compares desired system state
Router
Health Manager
with actual system state
Get desired states
Droplet / Service metadata
Cloud
Controller
Database
Consume a service
Service
Services
Services
(e.g. MySQL)
Services
(e.g. MySQL)
(e.g. MySQL)
(e.g. MySQL)
Mittwoch, 16. Oktober 13
ā¢ sends advice to CC
ā¢ CC acts
64. Router
API request
Router
Router
Droplet request
DEA
DEA
DEA
DEA
DEA
Router
Cloud Controller
Droplet change
notiļ¬cations
Request droplet
start/stop
Droplet heartbeat &
exit messages
Get desired states
Droplet / Service metadata
Consume a service
Service
Services
Services
(e.g. MySQL)
Services
(e.g. MySQL)
(e.g. MySQL)
(e.g. MySQL)
Mittwoch, 16. Oktober 13
app instances are
ā¢ routes incoming requests to
Router
Health Manager
Cloud
Controller
Database
ā¢ knows on which DEAs your
the right DEAs
65. Services
API request
Router
Router
Droplet request
DEA
DEA
DEA
DEA
DEA
Router
Cloud Controller
Droplet change
notiļ¬cations
Request droplet
start/stop
Droplet heartbeat &
exit messages
Router
Health Manager
Get desired states
Droplet / Service metadata
Cloud
Controller
Database
Consume a service
Service
Services
Services
(e.g. MySQL)
Services
(e.g. MySQL)
(e.g. MySQL)
(e.g. MySQL)
Mittwoch, 16. Oktober 13
ā¢ Create service = provision
ā¢ Bind = create credentials
ā¢ Apps bind to services
ā¢ Credentials as ENV variables