- Extend CloudStack with plugins and include a ServerResource for device access
- Lessons learned include using HTTPRequest to escape Java, serializing JSON objects instead of ported Java classes, writing code against tests, automating with CloudMonkey, adapting existing plugins, using QuickCloud instead of system VMs, and planning to avoid proprietary tools and libraries.
A brief overview of what we do at Gruntwork. Learn what we mean by "DevOps as a Service" and how you can get your entire infrastructure, defined as code, in about a day. https://www.gruntwork.io/
Automatically unseal Vault clusters as a Keybase team. We want to automate the unseal of our on-premise Vault clusters. How can we securely distribute Shamir unseal keys to the team so we can unseal our Vault when we are on-call? How did we initialize our production system in a such way that 2 out 4 people are needed to "unseal the Vault"?
We are using Keybase.io, and automated Vault on Consul cluster, with an Ansible/Vagrant environment to teach and practice.
- Vagrant (tested on Mac)
- Consul OSS
- Vault OSS
- Keybase (vault operator init, vault unseal, KBFS)
- Ansible (Brian Shumate's roles, custom roles)
- Packer (hardened Centos 7)
@bbaassssiiee
https://github.com/dockpack/keybase_unseal
https://github.com/dockpack/vault_dojo
Slides form Config Management Camp, looking at how you can take a collaborative GitFlow approach to Terraform using Remote State, Modules and Dynamically Generated Credentials using Vault
Slides for Building Better Backdoors with WMI - DerbyCon 2017 - Legacy
Code:
https://github.com/0xbadjuju/PowerProvider/
https://github.com/0xbadjuju/WheresMyImplant
AWS Lambda has changed the way we deploy and run software, but this new serverless paradigm has created new challenges to old problems - how do you test a cloud-hosted function locally? How do you monitor them? What about logging and config management? And how do we start migrating from existing architectures?
In this talk Yan will discuss solutions to these challenges by drawing from real-world experience running Lambda in production and migrating from an existing monolithic architecture.
10 Excellent Ways to Secure Your Spring Boot Application - Devoxx Belgium 2019Matt Raible
Spring Boot is an excellent way to build Java applications with the Spring Framework. If you’re developing apps that handle sensitive data, you should make sure they’re secure.
This session will cover HTTPS, dependency checking, CSRF, using a CSP to prevent XSS, OIDC, password hashing, and much more!
You’ll learn how to add these features to a real application, using the Java language you know and love.
* YouTube video: https://www.youtube.com/watch?v=PpqNMhe4Bd0
* Blog post: https://developer.okta.com/blog/2018/07/30/10-ways-to-secure-spring-boot
* Cheat sheet: https://snyk.io/blog/spring-boot-security-best-practices/
A brief overview of what we do at Gruntwork. Learn what we mean by "DevOps as a Service" and how you can get your entire infrastructure, defined as code, in about a day. https://www.gruntwork.io/
Automatically unseal Vault clusters as a Keybase team. We want to automate the unseal of our on-premise Vault clusters. How can we securely distribute Shamir unseal keys to the team so we can unseal our Vault when we are on-call? How did we initialize our production system in a such way that 2 out 4 people are needed to "unseal the Vault"?
We are using Keybase.io, and automated Vault on Consul cluster, with an Ansible/Vagrant environment to teach and practice.
- Vagrant (tested on Mac)
- Consul OSS
- Vault OSS
- Keybase (vault operator init, vault unseal, KBFS)
- Ansible (Brian Shumate's roles, custom roles)
- Packer (hardened Centos 7)
@bbaassssiiee
https://github.com/dockpack/keybase_unseal
https://github.com/dockpack/vault_dojo
Slides form Config Management Camp, looking at how you can take a collaborative GitFlow approach to Terraform using Remote State, Modules and Dynamically Generated Credentials using Vault
Slides for Building Better Backdoors with WMI - DerbyCon 2017 - Legacy
Code:
https://github.com/0xbadjuju/PowerProvider/
https://github.com/0xbadjuju/WheresMyImplant
AWS Lambda has changed the way we deploy and run software, but this new serverless paradigm has created new challenges to old problems - how do you test a cloud-hosted function locally? How do you monitor them? What about logging and config management? And how do we start migrating from existing architectures?
In this talk Yan will discuss solutions to these challenges by drawing from real-world experience running Lambda in production and migrating from an existing monolithic architecture.
10 Excellent Ways to Secure Your Spring Boot Application - Devoxx Belgium 2019Matt Raible
Spring Boot is an excellent way to build Java applications with the Spring Framework. If you’re developing apps that handle sensitive data, you should make sure they’re secure.
This session will cover HTTPS, dependency checking, CSRF, using a CSP to prevent XSS, OIDC, password hashing, and much more!
You’ll learn how to add these features to a real application, using the Java language you know and love.
* YouTube video: https://www.youtube.com/watch?v=PpqNMhe4Bd0
* Blog post: https://developer.okta.com/blog/2018/07/30/10-ways-to-secure-spring-boot
* Cheat sheet: https://snyk.io/blog/spring-boot-security-best-practices/
Immutable AWS Deployments with Packer and JenkinsManish Pandit
In this session I will talk about Immutable Deployments - which have become almost essential in the world of Microservices. As the frequency of deployments across multiple services increases with increasing granularity, it is critical to have repeatable, predictable and immutable deployments serving our customers. In practice, this is achieved via several DevOps tools. We will use Hashicorp Packer (packer.io) and Jenkins to build a simple, immutable AWS deployment of a hello-world microservice. Familiarity with AWS is recommended but not required for this talk.
Video: https://www.youtube.com/watch?v=b6yLwvNSDck
Here's the showdown you've been waiting for: Node.js vs Play Framework. Both are popular open source web frameworks that are built for developer productivity, asynchronous I/O, and the real time web. But which one is easier to learn, test, deploy, debug, and scale? Should you pick Javascript or Scala? The Google v8 engine or the JVM? NPM or Ivy? Grunt or SBT? Two frameworks enter, one framework leaves.
This is the English version of the presentation. For the version with Japanese subtitles, see http://www.slideshare.net/brikis98/nodejs-vs-play-framework-with-japanese-subtitles
We broke up with the monolith, and started dating #eventSourcing - #symfonyCatJavier Ferrer González
How we're trying to develop a new chat service through WebSockets at letgo coming from a monolithic REST API.
The challenge: Maintain the backwards compatibility. We don't want to force the mobile app users to update in order to use the new system. Furthermore, we have a lot of uncertainty on how the new system will perform, so in order to reduce it, we're taking advantage of an Event Sourcing approach in order to process in the new chat system in the staging environment the actual production load of the current system.
If you want to learn more about the whole process we've followed and not just the synchronization part, come to the Software Craftsmanship Barcelona! This time we (@SergiGP and me, @JavierCane, will try to explain some more interesting things about how we're trying to develop this new chat system and, maybe you could bring some interesting discussion points :D).
I'll do a video summarizing some of the talk conceptos for the http://codely.tv video blog, so stay tuned! http://twitter.com/CodelyTV
This talk was given at the Dutch PHP Conference 2011 and details the use of Comet (aka reverse ajax or ajax push) technologies and the importance of websockets and server-sent events. More information is available at http://joind.in/3237.
Lessons learned from writing over 300,000 lines of infrastructure codeYevgeniy Brikman
This talk is a concise masterclass on how to write infrastructure code. I share key lessons from the “Infrastructure Cookbook” we developed at Gruntwork while creating and maintaining a library of over 300,000 lines of infrastructure code that’s used in production by hundreds of companies. Come and hear our war stories, laugh about all the mistakes we’ve made along the way, and learn what Terraform, Packer, Docker, and Go look like in the wild.
Infrastructure as code: running microservices on AWS using Docker, Terraform,...Yevgeniy Brikman
This is a talk about managing your software and infrastructure-as-code that walks through a real-world example of deploying microservices on AWS using Docker, Terraform, and ECS.
EWD 3 Training Course Part 14: Using Ajax for QEWD MessagesRob Tweed
This presentation is Part 14 of the EWD 3 Training Course. It explains how (and when) to use Ajax/HTTP messaging instead of WebSockets within your QEWD applications
Single Page App (SPA) frameworks offer many benefits over traditional web apps which do all of their HTML generation on the server side. Popular SPA frameworks include Vue, React and Angular. Micronaut is very well suited for publishing REST APIs and is a terrific fit for implementing backend logic for SPAs.
Containerizing your Security Operations CenterJimmy Mesta
AppSec USA 2016 talk on using containers and Kubernetes to manage a variety of security tools. Includes best practices for securing Kubernetes implementations.
Immutable AWS Deployments with Packer and JenkinsManish Pandit
In this session I will talk about Immutable Deployments - which have become almost essential in the world of Microservices. As the frequency of deployments across multiple services increases with increasing granularity, it is critical to have repeatable, predictable and immutable deployments serving our customers. In practice, this is achieved via several DevOps tools. We will use Hashicorp Packer (packer.io) and Jenkins to build a simple, immutable AWS deployment of a hello-world microservice. Familiarity with AWS is recommended but not required for this talk.
Video: https://www.youtube.com/watch?v=b6yLwvNSDck
Here's the showdown you've been waiting for: Node.js vs Play Framework. Both are popular open source web frameworks that are built for developer productivity, asynchronous I/O, and the real time web. But which one is easier to learn, test, deploy, debug, and scale? Should you pick Javascript or Scala? The Google v8 engine or the JVM? NPM or Ivy? Grunt or SBT? Two frameworks enter, one framework leaves.
This is the English version of the presentation. For the version with Japanese subtitles, see http://www.slideshare.net/brikis98/nodejs-vs-play-framework-with-japanese-subtitles
We broke up with the monolith, and started dating #eventSourcing - #symfonyCatJavier Ferrer González
How we're trying to develop a new chat service through WebSockets at letgo coming from a monolithic REST API.
The challenge: Maintain the backwards compatibility. We don't want to force the mobile app users to update in order to use the new system. Furthermore, we have a lot of uncertainty on how the new system will perform, so in order to reduce it, we're taking advantage of an Event Sourcing approach in order to process in the new chat system in the staging environment the actual production load of the current system.
If you want to learn more about the whole process we've followed and not just the synchronization part, come to the Software Craftsmanship Barcelona! This time we (@SergiGP and me, @JavierCane, will try to explain some more interesting things about how we're trying to develop this new chat system and, maybe you could bring some interesting discussion points :D).
I'll do a video summarizing some of the talk conceptos for the http://codely.tv video blog, so stay tuned! http://twitter.com/CodelyTV
This talk was given at the Dutch PHP Conference 2011 and details the use of Comet (aka reverse ajax or ajax push) technologies and the importance of websockets and server-sent events. More information is available at http://joind.in/3237.
Lessons learned from writing over 300,000 lines of infrastructure codeYevgeniy Brikman
This talk is a concise masterclass on how to write infrastructure code. I share key lessons from the “Infrastructure Cookbook” we developed at Gruntwork while creating and maintaining a library of over 300,000 lines of infrastructure code that’s used in production by hundreds of companies. Come and hear our war stories, laugh about all the mistakes we’ve made along the way, and learn what Terraform, Packer, Docker, and Go look like in the wild.
Infrastructure as code: running microservices on AWS using Docker, Terraform,...Yevgeniy Brikman
This is a talk about managing your software and infrastructure-as-code that walks through a real-world example of deploying microservices on AWS using Docker, Terraform, and ECS.
EWD 3 Training Course Part 14: Using Ajax for QEWD MessagesRob Tweed
This presentation is Part 14 of the EWD 3 Training Course. It explains how (and when) to use Ajax/HTTP messaging instead of WebSockets within your QEWD applications
Single Page App (SPA) frameworks offer many benefits over traditional web apps which do all of their HTML generation on the server side. Popular SPA frameworks include Vue, React and Angular. Micronaut is very well suited for publishing REST APIs and is a terrific fit for implementing backend logic for SPAs.
Containerizing your Security Operations CenterJimmy Mesta
AppSec USA 2016 talk on using containers and Kubernetes to manage a variety of security tools. Includes best practices for securing Kubernetes implementations.
Slides for the path that the Productivity Engineering team at Box took to move from bare-metal servers to a modern cloud platform, consisting of OpenStack and AWS. This was done on the back of two open-source tools by HashiCorp: Packer & Terraform.
The Productivity Engineering exists to make other engineers at Box more productive.
Do any VM's contain a particular indicator of compromise? E.g. Run a YARA signature over all executables on my virtual machines and tell me which ones match.
Get hands-on with security features and best practices to protect your containerized services. Learn to push and verify signed images with Docker Content Trust, and collaborate with delegation roles. Intermediate to advanced level Docker experience recommended, participants will be building and pushing with Docker during the workshop.
Led By Docker Security Experts:
Riyaz Faizullabhoy
David Lawrence
Viktor Stanchev
Experience Level: Intermediate to advanced level Docker experience recommended
"13 ways to run web applications on the Internet" Andrii ShumadaFwdays
So, we wrote our app. Using Node.js, React, or Angular. And what's next? How your masterpiece can be shown to the entire Internet, or at least your mom, client, or friends. Probably you should find a DevOps, that will launch it for us... But what if I tell you, how to do it on your own? At this talk I'll show you 13 ways, how to launch your app on the Internet, what is the difference between them, and which method you should choose in a particular situation, from simple to complex, from free to expensive and robust.
In this talk, Carlos de la Guardia shows how a Pyramid application can be deployed using a front end web server, like Apache or Nginx. He also covers how to automate deployment using buildout and a PyPI clone, and post-deployment creation of a variety of maintenance scripts and cron jobs that perform application specific tasks through Pyramid.
A link to audio of the presentation is here: http://2011ploneconference.sched.org/event/29a2f357905e4ab0fe3048c53bc1c94c
A team's learnings from adopting devops and automating an otherwise labor-intensive server fleet. The bottom line: As with code, automated tests and CI are king.
This talk was held at Barcamp Salzburg in October 2016.
In addition to authorization policies that control what a user can do, OpenShift Container Platform gives its administrators the ability to manage a set of security context constraints (SCCs) for limiting pods and securing their cluster.
Default security context may be too restrictive for containers pulled down from DockerHub, thorugh this talk we'll explore the various steps to execute for enabling required permissions on selected OpenShift's pods.
Key Trends Shaping the Future of Infrastructure.pdfCheryl Hung
Keynote at DIGIT West Expo, Glasgow on 29 May 2024.
Cheryl Hung, ochery.com
Sr Director, Infrastructure Ecosystem, Arm.
The key trends across hardware, cloud and open-source; exploring how these areas are likely to mature and develop over the short and long-term, and then considering how organisations can position themselves to adapt and thrive.
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
Generative AI Deep Dive: Advancing from Proof of Concept to ProductionAggregage
Join Maher Hanafi, VP of Engineering at Betterworks, in this new session where he'll share a practical framework to transform Gen AI prototypes into impactful products! He'll delve into the complexities of data collection and management, model selection and optimization, and ensuring security, scalability, and responsible use.
Welocme to ViralQR, your best QR code generator.ViralQR
Welcome to ViralQR, your best QR code generator available on the market!
At ViralQR, we design static and dynamic QR codes. Our mission is to make business operations easier and customer engagement more powerful through the use of QR technology. Be it a small-scale business or a huge enterprise, our easy-to-use platform provides multiple choices that can be tailored according to your company's branding and marketing strategies.
Our Vision
We are here to make the process of creating QR codes easy and smooth, thus enhancing customer interaction and making business more fluid. We very strongly believe in the ability of QR codes to change the world for businesses in their interaction with customers and are set on making that technology accessible and usable far and wide.
Our Achievements
Ever since its inception, we have successfully served many clients by offering QR codes in their marketing, service delivery, and collection of feedback across various industries. Our platform has been recognized for its ease of use and amazing features, which helped a business to make QR codes.
Our Services
At ViralQR, here is a comprehensive suite of services that caters to your very needs:
Static QR Codes: Create free static QR codes. These QR codes are able to store significant information such as URLs, vCards, plain text, emails and SMS, Wi-Fi credentials, and Bitcoin addresses.
Dynamic QR codes: These also have all the advanced features but are subscription-based. They can directly link to PDF files, images, micro-landing pages, social accounts, review forms, business pages, and applications. In addition, they can be branded with CTAs, frames, patterns, colors, and logos to enhance your branding.
Pricing and Packages
Additionally, there is a 14-day free offer to ViralQR, which is an exceptional opportunity for new users to take a feel of this platform. One can easily subscribe from there and experience the full dynamic of using QR codes. The subscription plans are not only meant for business; they are priced very flexibly so that literally every business could afford to benefit from our service.
Why choose us?
ViralQR will provide services for marketing, advertising, catering, retail, and the like. The QR codes can be posted on fliers, packaging, merchandise, and banners, as well as to substitute for cash and cards in a restaurant or coffee shop. With QR codes integrated into your business, improve customer engagement and streamline operations.
Comprehensive Analytics
Subscribers of ViralQR receive detailed analytics and tracking tools in light of having a view of the core values of QR code performance. Our analytics dashboard shows aggregate views and unique views, as well as detailed information about each impression, including time, device, browser, and estimated location by city and country.
So, thank you for choosing ViralQR; we have an offer of nothing but the best in terms of QR code services to meet business diversity!
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
Accelerate your Kubernetes clusters with Varnish CachingThijs Feryn
A presentation about the usage and availability of Varnish on Kubernetes. This talk explores the capabilities of Varnish caching and shows how to use the Varnish Helm chart to deploy it to Kubernetes.
This presentation was delivered at K8SUG Singapore. See https://feryn.eu/presentations/accelerate-your-kubernetes-clusters-with-varnish-caching-k8sug-singapore-28-2024 for more details.
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdfPeter Spielvogel
Building better applications for business users with SAP Fiori.
• What is SAP Fiori and why it matters to you
• How a better user experience drives measurable business benefits
• How to get started with SAP Fiori today
• How SAP Fiori elements accelerates application development
• How SAP Build Code includes SAP Fiori tools and other generative artificial intelligence capabilities
• How SAP Fiori paves the way for using AI in SAP apps
Elevating Tactical DDD Patterns Through Object CalisthenicsDorra BARTAGUIZ
After immersing yourself in the blue book and its red counterpart, attending DDD-focused conferences, and applying tactical patterns, you're left with a crucial question: How do I ensure my design is effective? Tactical patterns within Domain-Driven Design (DDD) serve as guiding principles for creating clear and manageable domain models. However, achieving success with these patterns requires additional guidance. Interestingly, we've observed that a set of constraints initially designed for training purposes remarkably aligns with effective pattern implementation, offering a more ‘mechanical’ approach. Let's explore together how Object Calisthenics can elevate the design of your tactical DDD patterns, offering concrete help for those venturing into DDD for the first time!
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
How to add a new hypervisor to CloudStack:Lessons learned from Hyper-V effort
1. How to add a new hypervisor to CloudStack:
Lessons learned from Hyper-V effort
Donal Lafferty
Friday, 15 November 2013
2. Summary
• Extend CloudStack with Plug-ins
• Include ServerResource for device access
• Lessons:
• HTTPRequest lets you escape Java
• Serialise JSON objects, not ported Java classes
• TDD: write you code against tests
• Automate with CloudMonkey
• Adapt existing plug-ins
• QuickCloud instead of System VMs
• Plan to avoid proprietary tools & libs
3. Background: Extend CloudStack with Plug-ins
• Java centric
• Plug-ins are distributed
• .jar
• Modules are loaded
• Spring config + class loader
• Extensions implement
• .class file implementing
interface
(e.g. Discoverer)
(e.g. Compute)
(e.g. cloud-plugin-hypervisor-hyperv-4.3.0.jar)
4. • ServerResource
• Steps around Javas limits
• Two Agent types
• implemented directly by
the ServerResource
• E.g. XAPI calls
• running remotely,
connected to mgmt server
• E.g. KVM Agent
Discoverer Module
Background: ServerResource for Device Access
Remote CloudStack Agent
CloudStack Message Bus
Connected Agent Direct Connect Agent
Extension: Discoverer
- Brings resource under CloudStack control
ServerResource
- Provides a communication layer in the form of an Agent
Device-specific
Connection
Extensible API
5. Problem: Create Plug-in for Hyper-V Support
• VM lifecycle
• Avoid intermediaries
• CIFS for primary & secondary storage
• Analogous to NFS
• Hyper-V is SMB centric
• Advanced networking (ideally)
• Esp. VLANs for tenant isolation
• Console access (ideally)
6. Solution: Remote agent
AgentShell
(Windows Service)
Message Bus Agent
(Java - NIO)
Hyper-V API
(Python)
Server Resource
(Java)
Mgmt Server
(AgentManager)
Phase 1 – Connected Agent
Custom
TCP/JSON
7. Lesson: HTTPRequest lets you escape Java
AgentShell
(C# - Windows Service)
Web Server
(C# - not IIS)
Hyper-V API
(WMI)
Server Resource
(C# - ASP.NET MVC4)
Mgmt Server
(Direct Connect Agent)
Phase 2 – Direct Connect Agent
JSON over
HTTP
10. Lesson: Automate with CloudMonkey
cloudmonkey api createZone networktype="Advanced" securitygroupenabled="false" guestcidraddress="10.1.1.0/24“
name="HybridZone" localstorageenabled="true" dns1="4.4.4.4" internaldns1="10.70.176.118“
internaldns2="10.70.160.66"
…
apirequest=cloudmonkey api addSecondaryStorage zoneid=$zone
url="cifs://10.70.176.4/secondary?user=administrator&password=1pass%40word1"
cacheid=echo $apiresult | sed -e s/^.*"id": //; s/,.*$//
…
apiresult=cloudmonkey api addHost zoneid=$zone podid=$pod url="http://10.70.176.4" password="1pass@word1“
username="root" hypervisor="Hyperv" clusterid=$cluster
hostid=echo $apiresult | sed -e s/^.*"id": //; s/,.*$//
…
apiresult=cloudmonkey api listNetworkOfferings name="QuickCloudNoServices"
qcNetOffId=echo $apiresult | sed -e s/^.*"id": //; s/,.*$//
cloudmonkey api createNetwork zoneid=$zone networkofferingid=$qcNetOffId physicalnetworkid=$physnetid
name="QuickCloudNetName" displaytext="QuickCloudNetDesc" vlan=untagged acltype=domain gateway="10.70.176.1"
netmask="255.255.240.0" startip="10.70.176.124" endip="10.70.176.144"
11. Lesson: Adapt existing plug-ins
• Add CIFS support to NFS plug-in
• Similar workflow
• Mount, use local file system operations
• Can be specified in similar format
• cifs://192.168.1.128/CSHV3?user=root+password=1pass%40word1
• nfs://192.168.1.128/CSHV3
• Avoid scope creep…
“While you’re at Ikea for some towels, could you pick me up a couch?”
– unnamed flatmate
12. Lesson: QuickCloud instead of System VMs
Virtual
Router VM
Console VM
Secondary
Storage VM
CloudStack
Mgmt Server
• System VMs
• VM application
• Offload cloud services
• 3 kinds
• Hypervisor specific
• Esp boot args!
• QuickCloud alternative:
• Daemon for Secondary Storage
Service
• QuickCloudNoServices network
• No console VM
13. Lesson: Plan to avoid proprietary tools & libs
• Provide opensource build
• Mono
• Donation process takes time
• Proposal
• Vote
• Post source on Review Board
• SGA
14. Summary
• Extend CloudStack with Plug-ins
• Include ServerResource for device access
• Lessons:
• HTTPRequest lets you escape Java
• Serialise JSON objects, not ported Java classes
• TDD: write your code against tests
• Automate with CloudMonkey
• Adapt existing plug-ins
• QuickCloud instead of System VMs
• Plan to avoid proprietary tools & libs