Cloud, Security and opensource 2012-12-28 at SSU

576 views

Published on

1 Comment
1 Like
Statistics
Notes
No Downloads
Views
Total views
576
On SlideShare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
8
Comments
1
Likes
1
Embeds 0
No embeds

No notes for slide

Cloud, Security and opensource 2012-12-28 at SSU

  1. 1. Cloud & Securityand opensourceBae KwonHan <darjeeling@gmail.com>
  2. 2. Q : What is Cloud?
  3. 3. • Data Sync Service on the cloud• Commercial Cloud Service• Cloud Service Implementation with open source or closed source• Any Cloud Service use instead of legacy infrastructure• http://en.wikipedia.org/wiki/ Cloud_computing
  4. 4. • Infrastructure as a Service• Platform as a Service• Service as a Service• Backend as a Service• Blah as a Service
  5. 5. COST
  6. 6. SURPLUS
  7. 7. Automation
  8. 8. IaaS• Packaging VM with network• Multitenancy• Volume Service• Object Store Service• AAA• Network Security Manager ( ACL )• API / CLI / GUI
  9. 9. Security on IaaS• network Isolation!!• VM access• VM host• ACL• IaaS Manager
  10. 10. IaaS safe?• VM data?• VM memory access?• volume data?• DDOS?• think about a service• multi service distribution
  11. 11. AWS security support• VPC ( Virtual Private Cloud )• S3 Encryption• AWS Identity and Access Management• AWS Security Group
  12. 12. Commercial IaaS Implementation• Amazon AWS EC2• MS Azure Virtual Machines• Google CE• HP Cloud• Joyent• Rackspace Cloud• cafe24?• KT uCloud Biz• SKT tCloud Biz• Hostway?• VMWARE Product
  13. 13. OpenSource IaaS Implementation• Openstack• Cloudstack• Eucalyptus• others
  14. 14. http://ken.pepple.info/ openstack/2012/09/25/openstack-folsom-architecture/
  15. 15. PaaS• Packaging Process with database on IaaS• runtime, middleware, os• Multitenancy• AAA• ACL on Process• API / CLI / GUI
  16. 16. Security on PaaS• API• Process Isolation• Database Isolation• PaaS Manager
  17. 17. Commercial Platform as a Service• Heroku• Google App Engine• Engine Yard• Openshift• Windows Azure• vmware CloudFoundry • appfog • appcera
  18. 18. Opensource Platform as a Service• VMWARE CloudFoundry• Redhat OpenShift
  19. 19. Security on PaaS• DDOS• Manager Problem• Application Problem
  20. 20. SaaS• Packaging Service on Infrastructure
  21. 21. Security on SaaS• API• SaaS Manager• connection hook
  22. 22. SaaS Implementation• Google Apps• iCloud• SalesForce• others?
  23. 23. Plus Baremetal as a Service or Metal as a Service• automate installing os• use out of band management • IPMI • dell Drac • KVM over IP • HP ILO • IBM Remote Supervisor Adapter
  24. 24. MAAS Implementation• opensource • ubuntu juju• every hardware vender sells MAAS
  25. 25. Chain of aaS• MaaS• IaaS• PaaS• SaaS
  26. 26. Cloud Service User
  27. 27. • Cost• you should know what/how you are doing• you should know what/how they are doing• focus on application programming• focus on management console• focus on AAA
  28. 28. OpenSource
  29. 29. why open source?
  30. 30. everything isopen source
  31. 31. open source• openstack• openvswich• cloudfoundry• openshift• opensource VM implementation • KVM ( Kernel-based Virtual Machine ) • XEN • LXC • OpenVZ • QEMU • VirtualBOX
  32. 32. OpenStack• Infrastructure as a Service• started by rackspace cloud and NASA since 2010 • Compute ( nova ) • Object Storage ( Swift ) • Image Service ( Glance ) • Identity Service ( Keystone ) • Dashboard ( Horizon ) • Networking ( Quantum ) • Block Storage ( Cinder ) • Metering ( Ceilometer - Beta ) • Basic Cloud Ochestration ( Heat - Beta - PaaS )
  33. 33. openvswitch• http://openvswitch.org/• security : vlan isolation, traffic filtering• QoS : traffic queuing, traffic shaping• monitoring : NetFlow, sFlow, SPAN, RSPAN• automated control
  34. 34. DevOps?
  35. 35. what we should know?• What is cloud• Every component of cloud service• Every boundary of cloud component• how application works
  36. 36. Q &A

×