This work is part of the open source testbed setup for Cloud interoperability & portability. Cloud Security Workgroup will further review and generate complete working set as we move along. This is part I of the effort.
Kubernetes Application Deployment with Helm - A beginner Guide!Krishna-Kumar
Google DevFest2019 Presentation at Infosys Campus Bangalore. Application deployment in Kubernetes with Helm is demo'ed in Google Kubernetes Engine (GKE). This is an introductory session on Helm. Several references are given in it to further explore helm3 as it is in Beta state now.
18th Athens Big Data Meetup - 2nd Talk - Run Spark and Flink Jobs on KubernetesAthens Big Data
Title: Run Spark and Flink Jobs on Kubernetes
Speaker: Chaoran Yu (https://linkedin.com/in/chaoran-yu-97b1144a/)
Date: Thursday, November 14, 2019
Event: https://meetup.com/Athens-Big-Data/events/265957761/
Checking in your deployment configuration as code
Helm is a tool that streamlines the creation, deployment and management of your Kubernetes-native applications. In this talk, we take a look at how Helm enables you to manage your deployment configurations as code, and demonstrate how it can be used to power your continuous delivery (CI/CD) pipeline.
KubeCon CloudNativeCon Seattle 2019 Recap - General overview and also summary of some of the application deployment track (App sig, Operator Framework, Helm, Kustomize, CNAB).
Thinking One Step Further with Time-saving DevOps Tools with Open Telekom Clo...Bitnami
For on-demand recording of the webinar, click here: https://youtu.be/aN_DaNFfBx4
Why You Should Watch
Application developers are well-advised to not only think about their actual programming, related time-saving tools and deployment schemes, but also about the specific needs of application operations - in particular with regards to data privacy requirements when dealing with clients in Europe and their customer data which are processed in applications. That's where the Open Telekom Cloud kicks in. As the the "new kid on the block", Open Telekom Cloud's public cloud offering features Bitnami's vast range of open source applications.
Join Bitnami as we host our featured speaker, Max Guhl, from Deutsche Telekom. He will showcase the Open Telekom Cloud's intuitive user interface and how this Public Cloud does not only smoothly integrate Bitnami's application catalog, but also provides answers on how to comply with the upcoming European General Data Protection Regulation already today
Register now to watch and learn:
What the Open Telekom Cloud is
How to launch and manage DevOps tools and instances on Open Telekom Cloud
Actions to keep the new European General Data Protection Regulation (GDPR) in mind
The benefits of using Bitnami with Open Telekom Cloud
An intro to Helm capabilities and how it helps make upgrades and rollbacks in Kubernetes,, packaging and sharing and also managing complex dependencies for K8s applications easier.
Kubernetes Application Deployment with Helm - A beginner Guide!Krishna-Kumar
Google DevFest2019 Presentation at Infosys Campus Bangalore. Application deployment in Kubernetes with Helm is demo'ed in Google Kubernetes Engine (GKE). This is an introductory session on Helm. Several references are given in it to further explore helm3 as it is in Beta state now.
18th Athens Big Data Meetup - 2nd Talk - Run Spark and Flink Jobs on KubernetesAthens Big Data
Title: Run Spark and Flink Jobs on Kubernetes
Speaker: Chaoran Yu (https://linkedin.com/in/chaoran-yu-97b1144a/)
Date: Thursday, November 14, 2019
Event: https://meetup.com/Athens-Big-Data/events/265957761/
Checking in your deployment configuration as code
Helm is a tool that streamlines the creation, deployment and management of your Kubernetes-native applications. In this talk, we take a look at how Helm enables you to manage your deployment configurations as code, and demonstrate how it can be used to power your continuous delivery (CI/CD) pipeline.
KubeCon CloudNativeCon Seattle 2019 Recap - General overview and also summary of some of the application deployment track (App sig, Operator Framework, Helm, Kustomize, CNAB).
Thinking One Step Further with Time-saving DevOps Tools with Open Telekom Clo...Bitnami
For on-demand recording of the webinar, click here: https://youtu.be/aN_DaNFfBx4
Why You Should Watch
Application developers are well-advised to not only think about their actual programming, related time-saving tools and deployment schemes, but also about the specific needs of application operations - in particular with regards to data privacy requirements when dealing with clients in Europe and their customer data which are processed in applications. That's where the Open Telekom Cloud kicks in. As the the "new kid on the block", Open Telekom Cloud's public cloud offering features Bitnami's vast range of open source applications.
Join Bitnami as we host our featured speaker, Max Guhl, from Deutsche Telekom. He will showcase the Open Telekom Cloud's intuitive user interface and how this Public Cloud does not only smoothly integrate Bitnami's application catalog, but also provides answers on how to comply with the upcoming European General Data Protection Regulation already today
Register now to watch and learn:
What the Open Telekom Cloud is
How to launch and manage DevOps tools and instances on Open Telekom Cloud
Actions to keep the new European General Data Protection Regulation (GDPR) in mind
The benefits of using Bitnami with Open Telekom Cloud
An intro to Helm capabilities and how it helps make upgrades and rollbacks in Kubernetes,, packaging and sharing and also managing complex dependencies for K8s applications easier.
Helm - Application deployment management for KubernetesAlexei Ledenev
Use Helm to package and deploy a composed application to any Kubernetes cluster. Manage your releases easily over time and across multiple K8s clusters.
Continuous Delivery for Kubernetes Apps with Helm and ChartMuseumCodefresh
**View the full webinar here: https://codefresh.io/cd-helm-chartmuseum-lp/
Sign up for a FREE Codefresh account today: https://codefresh.io/codefresh-signup/
In this webinar, Stef Arnold from SUSE CaaS Platform & Josh Dolitsky from Codefresh talked about streamlining the delivery of Kubernetes-based applications using the open-source tools Helm and ChartMuseum. They showed you how to use Helm to package your application as a chart, which is a deployable collection of Kubernetes files. Then, how to release your chart to ChartMuseum, which serves as an artifact repository for Helm charts.
An Operator is an application that encodes the domain knowledge of the application and extends the Kubernetes API through custom resources. They enable users to create, configure, and manage their applications. Operators have been around for a while now, and that has allowed for patterns and best practices to be developed.
In this talk, Lili will explain what operators are in the context of Kubernetes and present the different tools out there to create and maintain operators over time. She will end by demoing the building of an operator from scratch, and also using the helper tools available out there.
Kubernetes Helm makes application deployment easy, standardized and reusable. Use of Kubernetes Helm leads to better developer productivity, reduced Kubernetes deployment complexity and enhanced enterprise production readiness.
Enterprises using Kubernetes Helm can speed up the adoption of cloud native applications. These applications can be sourced from open-source community provided repositories, or from an organization’s internal repository of customized application blueprints.
Developers can use Kubernetes Helm as a vehicle for packaging their applications and sharing them with the Kubernetes community. Kubernetes Helm also allows software vendors to offer their containerized applications at “the push of a button.” Through a single command or a few mouse clicks, users can install Kubernetes apps for dev-test or production environments.
Sebastien Thomas, System Architect at Coyote Amerique, gave a presentation on operator frameworks. His talk covered how Operator SDK can be used to create Kubernetes Operators with Go.
Kubernetes Cluster API - managing the infrastructure of multi clusters (k8s ...Tobias Schneck
Thanks to tools like kubeadm, Terraform or Ansible setting up a Kubernetes cluster on a dedicated environment is getting reachable, but what’s about setting up a bunch of cluster in multiple clouds in automatic way? This is still a challenge. Also if you want to do same in your own datacenter. In this talk we will take a look to the approach to orchestrate and manage a whole set of k8s cluster by the Cluster API project of kubernetes (a subproject of sig-cluster-lifecycle). The main idea behind it is to use the Kubernetes API itself to manage multiple clusters with there master and worker nodes in same way you would manage your PODs - define the needed resources and the responsible controller will take care for providing it.
After an overview about the concepts of cluster API, I will show what’s needed to implement a cluster API conform machine class/deployment. There I will see that adding your own provider isn’t that hard as you may aspect. At the end of the day it just requires a simple interface to implement. The corresponding kubermatic controllers we implemented at Loodse are available as open source, so its possible to play around with it. A live demo will show how easy it is to spin up and maintain multiple Kubernetes cluster at different public and on-premise cloud providers over one managing cluster. A final wrap up will summarize the current state of the Cluster API project and the advantages of managing clusters as cattles instead of pets.
Helm is a package manager for Kubernetes. It helps streamline installing and managing applications. This session covers prerequisites for Helm, which include a basic understanding of containers and Kubernetes along with its architecture. It also covers the limitations that come with running deployments using the kubectl binary, Helm's architecture, templating with it and finally ends on a note highlighting the difference between versions 2 and 3.
** Kubernetes Certification Training: https://www.edureka.co/kubernetes-certification **
This Edureka tutorial on "Kubernetes Architecture" will give you an introduction to popular DevOps tool - Kubernetes, and will deep dive into Kubernetes Architecture and its working. The following topics are covered in this training session:
1. What is Kubernetes
2. Features of Kubernetes
3. Kubernetes Architecture and Its Components
4. Components of Master Node and Worker Node
5. ETCD
6. Network Setup Requirements
DevOps Tutorial Blog Series: https://goo.gl/P0zAfF
In this session, we will discuss the architecture of a Kubernetes cluster. we will go through all the master and worker components of a kubernetes cluster. We will also discuss the basic terminology of Kubernetes cluster such as Pods, Deployments, Service etc. We will also cover networking inside Kuberneets. In the end, we will discuss options available for the setup of a Kubernetes cluster.
Test your Kubernetes operator with Operator Lifecycle ManagementBaiju Muthukadan
Operator pattern is pioneered by CoreOS, and it is embraced by the Kubernetes community. The Operator framework from CoreOS/Red Hat is also getting adoption. Operator Lifecycle Management (OLM) is part of the Operator framework. This talk walks you through testing Kubernetes operator with Operator Lifecycle Management (OLM).
Kubernetes has become the defacto standard as a platform for container orchestration. Its ease of extending and many integrations has paved the way for a wide variety of data science and research tooling to be built on top of it.
From all encompassing tools like Kubeflow that make it easy for researchers to build end-to-end Machine Learning pipelines to specific orchestration of analytics engines such as Spark; Kubernetes has made the deployment and management of these things easy. This presentation will showcase some of the larger research tools in the ecosystem and go into how Kubernetes has enabled this easy form of application management.
Kubernetes Deployment Tutorial | Kubernetes Tutorial For Beginners | Kubernet...Edureka!
( Kubernetes Certification Training: https://www.edureka.co/kubernetes-certification )
This Edureka tutorial on "Kubernetes Deployment Tutorial " will help you understand the various concepts related to Deployment in Kubernetes. The topics included in this session are:
1. What is Kubernetes?
2. What is a Pod?
3. Replication Controller & ReplicaSet
4. Deployment Controllers
5. Deployment Use-Cases
DevOps Tutorial Blog Series: https://goo.gl/P0zAfF
Follow us to never miss an update in the future.
Instagram: https://www.instagram.com/edureka_learning/
Facebook: https://www.facebook.com/edurekaIN/
Twitter: https://twitter.com/edurekain
LinkedIn: https://www.linkedin.com/company/edureka
Helm - Application deployment management for KubernetesAlexei Ledenev
Use Helm to package and deploy a composed application to any Kubernetes cluster. Manage your releases easily over time and across multiple K8s clusters.
Continuous Delivery for Kubernetes Apps with Helm and ChartMuseumCodefresh
**View the full webinar here: https://codefresh.io/cd-helm-chartmuseum-lp/
Sign up for a FREE Codefresh account today: https://codefresh.io/codefresh-signup/
In this webinar, Stef Arnold from SUSE CaaS Platform & Josh Dolitsky from Codefresh talked about streamlining the delivery of Kubernetes-based applications using the open-source tools Helm and ChartMuseum. They showed you how to use Helm to package your application as a chart, which is a deployable collection of Kubernetes files. Then, how to release your chart to ChartMuseum, which serves as an artifact repository for Helm charts.
An Operator is an application that encodes the domain knowledge of the application and extends the Kubernetes API through custom resources. They enable users to create, configure, and manage their applications. Operators have been around for a while now, and that has allowed for patterns and best practices to be developed.
In this talk, Lili will explain what operators are in the context of Kubernetes and present the different tools out there to create and maintain operators over time. She will end by demoing the building of an operator from scratch, and also using the helper tools available out there.
Kubernetes Helm makes application deployment easy, standardized and reusable. Use of Kubernetes Helm leads to better developer productivity, reduced Kubernetes deployment complexity and enhanced enterprise production readiness.
Enterprises using Kubernetes Helm can speed up the adoption of cloud native applications. These applications can be sourced from open-source community provided repositories, or from an organization’s internal repository of customized application blueprints.
Developers can use Kubernetes Helm as a vehicle for packaging their applications and sharing them with the Kubernetes community. Kubernetes Helm also allows software vendors to offer their containerized applications at “the push of a button.” Through a single command or a few mouse clicks, users can install Kubernetes apps for dev-test or production environments.
Sebastien Thomas, System Architect at Coyote Amerique, gave a presentation on operator frameworks. His talk covered how Operator SDK can be used to create Kubernetes Operators with Go.
Kubernetes Cluster API - managing the infrastructure of multi clusters (k8s ...Tobias Schneck
Thanks to tools like kubeadm, Terraform or Ansible setting up a Kubernetes cluster on a dedicated environment is getting reachable, but what’s about setting up a bunch of cluster in multiple clouds in automatic way? This is still a challenge. Also if you want to do same in your own datacenter. In this talk we will take a look to the approach to orchestrate and manage a whole set of k8s cluster by the Cluster API project of kubernetes (a subproject of sig-cluster-lifecycle). The main idea behind it is to use the Kubernetes API itself to manage multiple clusters with there master and worker nodes in same way you would manage your PODs - define the needed resources and the responsible controller will take care for providing it.
After an overview about the concepts of cluster API, I will show what’s needed to implement a cluster API conform machine class/deployment. There I will see that adding your own provider isn’t that hard as you may aspect. At the end of the day it just requires a simple interface to implement. The corresponding kubermatic controllers we implemented at Loodse are available as open source, so its possible to play around with it. A live demo will show how easy it is to spin up and maintain multiple Kubernetes cluster at different public and on-premise cloud providers over one managing cluster. A final wrap up will summarize the current state of the Cluster API project and the advantages of managing clusters as cattles instead of pets.
Helm is a package manager for Kubernetes. It helps streamline installing and managing applications. This session covers prerequisites for Helm, which include a basic understanding of containers and Kubernetes along with its architecture. It also covers the limitations that come with running deployments using the kubectl binary, Helm's architecture, templating with it and finally ends on a note highlighting the difference between versions 2 and 3.
** Kubernetes Certification Training: https://www.edureka.co/kubernetes-certification **
This Edureka tutorial on "Kubernetes Architecture" will give you an introduction to popular DevOps tool - Kubernetes, and will deep dive into Kubernetes Architecture and its working. The following topics are covered in this training session:
1. What is Kubernetes
2. Features of Kubernetes
3. Kubernetes Architecture and Its Components
4. Components of Master Node and Worker Node
5. ETCD
6. Network Setup Requirements
DevOps Tutorial Blog Series: https://goo.gl/P0zAfF
In this session, we will discuss the architecture of a Kubernetes cluster. we will go through all the master and worker components of a kubernetes cluster. We will also discuss the basic terminology of Kubernetes cluster such as Pods, Deployments, Service etc. We will also cover networking inside Kuberneets. In the end, we will discuss options available for the setup of a Kubernetes cluster.
Test your Kubernetes operator with Operator Lifecycle ManagementBaiju Muthukadan
Operator pattern is pioneered by CoreOS, and it is embraced by the Kubernetes community. The Operator framework from CoreOS/Red Hat is also getting adoption. Operator Lifecycle Management (OLM) is part of the Operator framework. This talk walks you through testing Kubernetes operator with Operator Lifecycle Management (OLM).
Kubernetes has become the defacto standard as a platform for container orchestration. Its ease of extending and many integrations has paved the way for a wide variety of data science and research tooling to be built on top of it.
From all encompassing tools like Kubeflow that make it easy for researchers to build end-to-end Machine Learning pipelines to specific orchestration of analytics engines such as Spark; Kubernetes has made the deployment and management of these things easy. This presentation will showcase some of the larger research tools in the ecosystem and go into how Kubernetes has enabled this easy form of application management.
Kubernetes Deployment Tutorial | Kubernetes Tutorial For Beginners | Kubernet...Edureka!
( Kubernetes Certification Training: https://www.edureka.co/kubernetes-certification )
This Edureka tutorial on "Kubernetes Deployment Tutorial " will help you understand the various concepts related to Deployment in Kubernetes. The topics included in this session are:
1. What is Kubernetes?
2. What is a Pod?
3. Replication Controller & ReplicaSet
4. Deployment Controllers
5. Deployment Use-Cases
DevOps Tutorial Blog Series: https://goo.gl/P0zAfF
Follow us to never miss an update in the future.
Instagram: https://www.instagram.com/edureka_learning/
Facebook: https://www.facebook.com/edurekaIN/
Twitter: https://twitter.com/edurekain
LinkedIn: https://www.linkedin.com/company/edureka
Community call: Develop multi tenant apps with the Microsoft identity platformMicrosoft 365 Developer
Building an application that can be provisioned and used in multiple Azure AD tenants goes far beyond just flipping a switch in your app configuration. The developer has to undertake application provisioning, decide on a provisioning strategy, push changes to customers, manage identities flowing from multiple tenants, collect essential information from authentication signals, learn to differentiate the different types of users they will encounter and understand the key differences from the B2B scenarios. In this community call, Kalyan Krishnan reviews the steps and considerations required to develop, configure, provision, and manage multi-tenant applications.
For more information, visit https://aka.ms/identityplatform
Spring Boot - Microservice Metrics MonitoringDonghuKIM2
마이크로서비스 아키텍쳐에서의 분산된 서비스간의 모니터링 방법을 소개합니다.
- Microservice Monitoring with Service Discovery (Eureka) Spring Boot Admin
- Microservice Monitoring with Service Discovery (Consul), Prometheus, Grafana
Leveraging New Features in CA Single-Sign on to Enable Web Services, Social S...CA Technologies
CA Single Sign-On (CA SSO) is constantly evolving, incorporating the latest technologies in secure Web access management. In order to stay secure and competitive, CA SSO makes greater use of the CA Access Gateway (formerly CA SiteMinder Secure Proxy Server). This presentation provides a comprehensive overview of the new features in CA Single Sign On.
For more information on CA Security solutions, please visit: http://bit.ly/10WHYDm
IBM Hybrid Cloud Integration UCC Talk, 21st November 2018Michael O'Sullivan
A lecture to the students of the University College Cork 3rd year Undergraduate Computer Science class, CS3311 (Middleware) module, and MSc Computer Science class, CS6312 (Mobile Devices and Systems) on IBM Hybrid Cloud. The presentation provides a brief overview of the different technologies that can be used to deploy applications on the IBM Cloud (formerly known as IBM Bluemix) - Cloud Foundry applications and services, Docker containers, and Kubernetes clusters. Following, the presentation focuses in on the Hybrid Cloud model, looking at Hybrid Cloud architectures, integration between on-prem, private, and public cloud services, API Economy, and finally, IBM API Connect as one IBM Hybrid Cloud Solution.
Acknowledgements to my team lead Sanjay Nayak for assisting in preparing some of the content used in this presentation that we have built and delivered together over the last few years, and Christopher Phillips for inspiration on topics to discuss.
Azure Networking, Azure Storage, Enterprise Azure Active Directory, Daemon or Server application authentication workflow, Worker processes, Daemon, Daemon application to Web API, Azure Active Directory in old azure portal, ASM, Azure active directory and Mutl-tenant applications, Sharding, Federation, Shared singe, RBAC, Differences between AAD and AD DS, Azure AD Subscription models, Azure Domain Names, Manage Users, Groups,Co-Admin Role, Default Azure Active Directory, Adding access to another azure subscription. Contributor, Owner , Roles in Azure Subscriptions, Roles, MFA, Multi-Factor Authentication, How does MFA works, Scenarios for Azure MFA, Setting up MFA in Azure AD, Setting MFA, Azure Authenticator, Hybrid AD solutions, AD DS, Federated Trust, Domain Controller, AD, AAD Connecter, AD FS, AAD, Active Directory Password synchronization, Benefits of Active Directory, Active Directory Replication, vulnerabilities with multiple Domain Controller, Azure AD features, Synchronization with AD Connect, Write-back policies, Azure AD Health COnnect, Installing Azure AD COnnect Health,Integrating Azure AD and SaaS Applications, Benefits of using SaaS Solutions with your products, Benefits of SaaS Solutions, Azure Marketplace, DropBox Integrations with AAD, New Relic Integrations, New Relic, Dropbox, Azure AD Enterprise Application, VSTS integration for Automated Builds, Federation Overview, Claims, Single Sign On, Federated Trusts, Claim based authentications, Federated trusts, Claims Processing, Web Application Proxy, ADFS Proxy, ADFS 2.0 Proxy, How does ADFS proxy works for internal users, How does ADFS proxy works for internal users,Azure AD B2C Directory, B2C applications, Business 2 Customers application, 3rd Party Authentication, Bearer Token, OAuth, 3rd Party Identity Provider, OAuth server, Azure AD B2C Authentication & Authorization, Implementing Azure AD B2C Directory, Setting up Single Sign On with Facebook, Google, Microsoft. Linkedin, SignUP Policies, SignIN Policies, Email SignUp, SignUpSignIN PolicyID, Configuring Application with Azure Application ID,Modern Applications, Requirements for Modern Apps, API, Logic Applications, Mobile App, Web App, Function App, Go To Market, Microsoft Application Platform, App Service Plan, App Service Environment - Private Infrastructure, Why use App Service, App service Features & Capabilities, Azure App Service, Virtual Machine, Service Fabric & Cloud Services Comparison, Creating a Mobile App, Swagger UI, API Apps, API management, API APPS & API Management, Implementing API APP via Visual Studio,
EduID Mobile App - Use-Cases, Concepts and ImplementationChristian Glahn
This presentation describes the token-agent implementation for openID Connect for authenticating native mobile apps provided by third parties. It presents a standards-based working solution for integrating loosely coupled native apps into a trust federation using. This allows for deeper integrated authentication services on Android and iOS without violating app-store policies.
This presentation has been part of the EduID Mobile App workshop at SWITCH on 25 Apr. 2017.
Thanks to Christoph Graf (SWITCH), Riccardo Mazza (USI), Michael Hausherr (FHNW), Goran Josic (USI), and Yann Cuttaz (USI).
Private Apps in the Public Cloud - DevConTLV March 2016Issac Goldstand
In the current technical world, SaaS providers have plenty to help them out: from public clouds, to containers. From microservices architectures, to limitless scaling potential. But when you need to deploy multiple singe-tenant applications that use these, how do you manage to share resources while keeping sensitive data apart? In this presentation I'll talk about how we did it at ironSource.
Cloud Foundry Integration with Openstack and Docker. Briefly describes the essential elements for the integration of trios. Covered in a 30 minute session at Bangalore Cloud Foundry Meetup.
Identity Server ha sido durante mucho tiempo el framework para OpenIdConnect y OAuth 2 más utilizado en el ámbito de .NET. Usándolo conectábamos de modo seguro front y back, conseguíamos Single Sign-On y en general manejábamos aspectos relativos a la seguridad de nuestras aplicaciones.
Pero nada es eterno, y en Octubre de 2020, desde Duende Software, fundada por los mantainers de Identity Server anunciaban que el soporte se acabaría junto al de .NET Core 3.1 ¡Y eso se acerca! En noviembre de 2022 dejará de mantenerse, y por tanto dejaremos de recibir actualizaciones de seguridad.
¿Qué opciones tenemos?
Veremos algunas de ellas, entre las que están otros paquetes open source y soluciones que Microsoft nos ofrece en Azure, como Azure AD B2C.
Similar to CCICI CIP 1.0 Testbed - Security access implementation and reference - v1.0 (20)
Eco System Building Presentation at SODACODE, May 2022.
URL at Sched by Linux Foundation: https://static.sched.com/hosted_files/sodacode2022/da/Day1_S12_SODACODE2022_SODAAmbassadorsEcosystem%20%281%29.pdf
This presentation is delivered as part of the Faculty training program at Kristu Jayanthi College, Bangalore. The intent was to help students build competency and contribute to open source projects. Also which will eventually help them to build professional career in open source connected domains.
This event was organized by the SODA Foundation and lots of fabulous speakers delivered the series. Thank you SODA!!!!
Cloud Native Use Cases / Case Studies - KubeCon 2019 San Diego - RECAPKrishna-Kumar
From KubeCon / CloudNativeCon 2019 customer stories, case studies, use cases - RECAP. Kubernetes & CNCF project use cases summary presented in Bangalore CNCF Meetup.
Cloud interoperability and open standards for digital india open infrasummitKrishna-Kumar
Open Infrastructure Summit Shanghai 2019 Presentation - Describes Cloud interoperability efforts in Digital India with multiple uses cases. A joint Taskforce effort by TSDSI - CCICI.
KubeCon + CloudNativeCon Barcelona and Shanghai 2019 - HighlightsKrishna-Kumar
Presented in Bangalore CNCF Meetup - Summary & Highlights of KubeCon + CloudNativeCon 2019 - Barcelona & Shanghai. Several resource links are provided for further exploration of both the events.
This session was part of the IEEE Bangalore Section webinar organized to orient interested parties to the standards development world. The link to this slide deck is refereed from the other slide deck posted adjacent to this.
Open Source Edge Computing Platforms - OverviewKrishna-Kumar
IEEE 11th International Conference - COMSNETS 2019 - Last MilesTalk - Jan 2019. This talk is for Beginner or intermediate levels only. Kubernetes and related edge platforms are discussed.
cncf overview and building edge computing using kubernetesKrishna-Kumar
Open Source India Conference 2018 Presentation to the general audience - not a deep technical talk. Narrated like a story for make it interesting......
History and Basics of containers, LXC, Docker and Kubernetes. This presentation is given to Engineering colleage students at VIT DevFest 2018. Beginner to Intermediate level.
Containers and workload security an overview Krishna-Kumar
Beginner Level Talk - Presented at Bangalore container conf 2018 - Containers and workload security an overview. Hope it get starts your container security journey :-)
CNCF general introduction to beginners at openstack meetup Pune & Bangalore February 2018. Covers broadly the activities and structure of the Cloud Native Computing Foundation.
Kubernetes for FaaS (Function as a Service) - Serverless evolution, some basic constructs, kubenetes features, comparisons - from Serverless conference 2017 Bangalore.
How to Position Your Globus Data Portal for Success Ten Good PracticesGlobus
Science gateways allow science and engineering communities to access shared data, software, computing services, and instruments. Science gateways have gained a lot of traction in the last twenty years, as evidenced by projects such as the Science Gateways Community Institute (SGCI) and the Center of Excellence on Science Gateways (SGX3) in the US, The Australian Research Data Commons (ARDC) and its platforms in Australia, and the projects around Virtual Research Environments in Europe. A few mature frameworks have evolved with their different strengths and foci and have been taken up by a larger community such as the Globus Data Portal, Hubzero, Tapis, and Galaxy. However, even when gateways are built on successful frameworks, they continue to face the challenges of ongoing maintenance costs and how to meet the ever-expanding needs of the community they serve with enhanced features. It is not uncommon that gateways with compelling use cases are nonetheless unable to get past the prototype phase and become a full production service, or if they do, they don't survive more than a couple of years. While there is no guaranteed pathway to success, it seems likely that for any gateway there is a need for a strong community and/or solid funding streams to create and sustain its success. With over twenty years of examples to draw from, this presentation goes into detail for ten factors common to successful and enduring gateways that effectively serve as best practices for any new or developing gateway.
Exploring Innovations in Data Repository Solutions - Insights from the U.S. G...Globus
The U.S. Geological Survey (USGS) has made substantial investments in meeting evolving scientific, technical, and policy driven demands on storing, managing, and delivering data. As these demands continue to grow in complexity and scale, the USGS must continue to explore innovative solutions to improve its management, curation, sharing, delivering, and preservation approaches for large-scale research data. Supporting these needs, the USGS has partnered with the University of Chicago-Globus to research and develop advanced repository components and workflows leveraging its current investment in Globus. The primary outcome of this partnership includes the development of a prototype enterprise repository, driven by USGS Data Release requirements, through exploration and implementation of the entire suite of the Globus platform offerings, including Globus Flow, Globus Auth, Globus Transfer, and Globus Search. This presentation will provide insights into this research partnership, introduce the unique requirements and challenges being addressed and provide relevant project progress.
Experience our free, in-depth three-part Tendenci Platform Corporate Membership Management workshop series! In Session 1 on May 14th, 2024, we began with an Introduction and Setup, mastering the configuration of your Corporate Membership Module settings to establish membership types, applications, and more. Then, on May 16th, 2024, in Session 2, we focused on binding individual members to a Corporate Membership and Corporate Reps, teaching you how to add individual members and assign Corporate Representatives to manage dues, renewals, and associated members. Finally, on May 28th, 2024, in Session 3, we covered questions and concerns, addressing any queries or issues you may have.
For more Tendenci AMS events, check out www.tendenci.com/events
Quarkus Hidden and Forbidden ExtensionsMax Andersen
Quarkus has a vast extension ecosystem and is known for its subsonic and subatomic feature set. Some of these features are not as well known, and some extensions are less talked about, but that does not make them less interesting - quite the opposite.
Come join this talk to see some tips and tricks for using Quarkus and some of the lesser known features, extensions and development techniques.
In 2015, I used to write extensions for Joomla, WordPress, phpBB3, etc and I ...Juraj Vysvader
In 2015, I used to write extensions for Joomla, WordPress, phpBB3, etc and I didn't get rich from it but it did have 63K downloads (powered possible tens of thousands of websites).
Strategies for Successful Data Migration Tools.pptxvarshanayak241
Data migration is a complex but essential task for organizations aiming to modernize their IT infrastructure and leverage new technologies. By understanding common challenges and implementing these strategies, businesses can achieve a successful migration with minimal disruption. Data Migration Tool like Ask On Data play a pivotal role in this journey, offering features that streamline the process, ensure data integrity, and maintain security. With the right approach and tools, organizations can turn the challenge of data migration into an opportunity for growth and innovation.
A Comprehensive Look at Generative AI in Retail App Testing.pdfkalichargn70th171
Traditional software testing methods are being challenged in retail, where customer expectations and technological advancements continually shape the landscape. Enter generative AI—a transformative subset of artificial intelligence technologies poised to revolutionize software testing.
Unleash Unlimited Potential with One-Time Purchase
BoxLang is more than just a language; it's a community. By choosing a Visionary License, you're not just investing in your success, you're actively contributing to the ongoing development and support of BoxLang.
Providing Globus Services to Users of JASMIN for Environmental Data AnalysisGlobus
JASMIN is the UK’s high-performance data analysis platform for environmental science, operated by STFC on behalf of the UK Natural Environment Research Council (NERC). In addition to its role in hosting the CEDA Archive (NERC’s long-term repository for climate, atmospheric science & Earth observation data in the UK), JASMIN provides a collaborative platform to a community of around 2,000 scientists in the UK and beyond, providing nearly 400 environmental science projects with working space, compute resources and tools to facilitate their work. High-performance data transfer into and out of JASMIN has always been a key feature, with many scientists bringing model outputs from supercomputers elsewhere in the UK, to analyse against observational or other model data in the CEDA Archive. A growing number of JASMIN users are now realising the benefits of using the Globus service to provide reliable and efficient data movement and other tasks in this and other contexts. Further use cases involve long-distance (intercontinental) transfers to and from JASMIN, and collecting results from a mobile atmospheric radar system, pushing data to JASMIN via a lightweight Globus deployment. We provide details of how Globus fits into our current infrastructure, our experience of the recent migration to GCSv5.4, and of our interest in developing use of the wider ecosystem of Globus services for the benefit of our user community.
Code reviews are vital for ensuring good code quality. They serve as one of our last lines of defense against bugs and subpar code reaching production.
Yet, they often turn into annoying tasks riddled with frustration, hostility, unclear feedback and lack of standards. How can we improve this crucial process?
In this session we will cover:
- The Art of Effective Code Reviews
- Streamlining the Review Process
- Elevating Reviews with Automated Tools
By the end of this presentation, you'll have the knowledge on how to organize and improve your code review proces
Gamify Your Mind; The Secret Sauce to Delivering Success, Continuously Improv...Shahin Sheidaei
Games are powerful teaching tools, fostering hands-on engagement and fun. But they require careful consideration to succeed. Join me to explore factors in running and selecting games, ensuring they serve as effective teaching tools. Learn to maintain focus on learning objectives while playing, and how to measure the ROI of gaming in education. Discover strategies for pitching gaming to leadership. This session offers insights, tips, and examples for coaches, team leads, and enterprise leaders seeking to teach from simple to complex concepts.
In software engineering, the right architecture is essential for robust, scalable platforms. Wix has undergone a pivotal shift from event sourcing to a CRUD-based model for its microservices. This talk will chart the course of this pivotal journey.
Event sourcing, which records state changes as immutable events, provided robust auditing and "time travel" debugging for Wix Stores' microservices. Despite its benefits, the complexity it introduced in state management slowed development. Wix responded by adopting a simpler, unified CRUD model. This talk will explore the challenges of event sourcing and the advantages of Wix's new "CRUD on steroids" approach, which streamlines API integration and domain event management while preserving data integrity and system resilience.
Participants will gain valuable insights into Wix's strategies for ensuring atomicity in database updates and event production, as well as caching, materialization, and performance optimization techniques within a distributed system.
Join us to discover how Wix has mastered the art of balancing simplicity and extensibility, and learn how the re-adoption of the modest CRUD has turbocharged their development velocity, resilience, and scalability in a high-growth environment.
Understanding Globus Data Transfers with NetSageGlobus
NetSage is an open privacy-aware network measurement, analysis, and visualization service designed to help end-users visualize and reason about large data transfers. NetSage traditionally has used a combination of passive measurements, including SNMP and flow data, as well as active measurements, mainly perfSONAR, to provide longitudinal network performance data visualization. It has been deployed by dozens of networks world wide, and is supported domestically by the Engagement and Performance Operations Center (EPOC), NSF #2328479. We have recently expanded the NetSage data sources to include logs for Globus data transfers, following the same privacy-preserving approach as for Flow data. Using the logs for the Texas Advanced Computing Center (TACC) as an example, this talk will walk through several different example use cases that NetSage can answer, including: Who is using Globus to share data with my institution, and what kind of performance are they able to achieve? How many transfers has Globus supported for us? Which sites are we sharing the most data with, and how is that changing over time? How is my site using Globus to move data internally, and what kind of performance do we see for those transfers? What percentage of data transfers at my institution used Globus, and how did the overall data transfer performance compare to the Globus users?
Cyaniclab : Software Development Agency Portfolio.pdfCyanic lab
CyanicLab, an offshore custom software development company based in Sweden,India, Finland, is your go-to partner for startup development and innovative web design solutions. Our expert team specializes in crafting cutting-edge software tailored to meet the unique needs of startups and established enterprises alike. From conceptualization to execution, we offer comprehensive services including web and mobile app development, UI/UX design, and ongoing software maintenance. Ready to elevate your business? Contact CyanicLab today and let us propel your vision to success with our top-notch IT solutions.
How Recreation Management Software Can Streamline Your Operations.pptxwottaspaceseo
Recreation management software streamlines operations by automating key tasks such as scheduling, registration, and payment processing, reducing manual workload and errors. It provides centralized management of facilities, classes, and events, ensuring efficient resource allocation and facility usage. The software offers user-friendly online portals for easy access to bookings and program information, enhancing customer experience. Real-time reporting and data analytics deliver insights into attendance and preferences, aiding in strategic decision-making. Additionally, effective communication tools keep participants and staff informed with timely updates. Overall, recreation management software enhances efficiency, improves service delivery, and boosts customer satisfaction.
Designing for Privacy in Amazon Web ServicesKrzysztofKkol1
Data privacy is one of the most critical issues that businesses face. This presentation shares insights on the principles and best practices for ensuring the resilience and security of your workload.
Drawing on a real-life project from the HR industry, the various challenges will be demonstrated: data protection, self-healing, business continuity, security, and transparency of data processing. This systematized approach allowed to create a secure AWS cloud infrastructure that not only met strict compliance rules but also exceeded the client's expectations.
Why React Native as a Strategic Advantage for Startup Innovation.pdfayushiqss
Do you know that React Native is being increasingly adopted by startups as well as big companies in the mobile app development industry? Big names like Facebook, Instagram, and Pinterest have already integrated this robust open-source framework.
In fact, according to a report by Statista, the number of React Native developers has been steadily increasing over the years, reaching an estimated 1.9 million by the end of 2024. This means that the demand for this framework in the job market has been growing making it a valuable skill.
But what makes React Native so popular for mobile application development? It offers excellent cross-platform capabilities among other benefits. This way, with React Native, developers can write code once and run it on both iOS and Android devices thus saving time and resources leading to shorter development cycles hence faster time-to-market for your app.
Let’s take the example of a startup, which wanted to release their app on both iOS and Android at once. Through the use of React Native they managed to create an app and bring it into the market within a very short period. This helped them gain an advantage over their competitors because they had access to a large user base who were able to generate revenue quickly for them.
top nidhi software solution freedownloadvrstrong314
This presentation emphasizes the importance of data security and legal compliance for Nidhi companies in India. It highlights how online Nidhi software solutions, like Vector Nidhi Software, offer advanced features tailored to these needs. Key aspects include encryption, access controls, and audit trails to ensure data security. The software complies with regulatory guidelines from the MCA and RBI and adheres to Nidhi Rules, 2014. With customizable, user-friendly interfaces and real-time features, these Nidhi software solutions enhance efficiency, support growth, and provide exceptional member services. The presentation concludes with contact information for further inquiries.
1. CCICI
Cloud Interoperability 1.0 Testbed
Security Access Implementation & References
A presentation by
Krishna Kumar & Chengappa Munjandira
May 2021
2. Cloud Interoperability & Portability
Report 1.0 based
TestBed Setup
If you likes to be part of this open source project, join here
1) https://www.linkedin.com/groups/8247749/
2) https://ccici.in/
3. Cloud InterOp TestBed Architecture Framework
Cloud Provider Resources
(Compute, Network, Storage, etc.)
Infrastructure as Code
(Tosca, Terraform, Docker, Openstack, etc.)
Application / Services
(k8s, Compose, Vault, Consul, ServiceBrokers, etc.)
Data Access Layer
(CSI, SODA, VirtualDB, VirtualFS, etc.)
Security
&
Compliance
Monitoring
&
Logging
App/Service
Management
Data
Management
Network
Management
Standards
for
India
Cloud
End Users (ISP, SMBs, Startups, Incubators, Government Agencies, Universities)
vendor
Neutral
4. Authentication Flow - service to service across clouds
Cloud1
Service1
Cloud2
Service2
Zero trust network
1
2
The Operations flow legends:
1. Service1 initiate Service2/Cloud2
2. Cloud1 request OAuth Token from
Cloud2 (See the format of request)
3. Cloud2 process Token for specific
service with access and token
expiration
4. Cloud2 send Token back to Cloud1
5. Service1 call Service2 with access
token
6. Service1 consume Service2 action
(e.g: storage.objectread)
7. Service2 ACK/ERROR on call and
log the entries in Cloud2 logs
8. Service1 stop the service2 call as
needed by the operation
9. Cloud2 access Token expire
10. Service1 continue further operation
UR1. IUR
Token Request Format
1. Provider URI
2. Service Account
3. Account Key
4. Action*
5. Token expiration
InterOp Format
*Action Format
● compute.*
● network.*
● storage.*
● operations.*
3
4
5 6
7
8
5. Multi cloud Authentication & Authorization for Service provisioning
User /
Agent
Cloud 1:
Id Provider
Cloud 1:
Service Consumer
Zero Trust Tunnel
Cloud 2:
Id Provider 2
Cloud 2:
Service Provider
Connect to Cloud
Authentication : Access Token
Request Service Roll
Request Service mapping
Authorization Bearer Token
Authorized: Access Grants
Broker
Agent
Broker
Agent
Discovery
Selection
Monitoring
JWT:
valid?
expired?
Cloud Actor
Access
flow
1
Access flow 1
Cloud Auditor
Service
Templates
Service
provisioning
workflow
6. Authentication & Authorization OPTIONS:
The following will be in place:
1. Single Sign-On & Cloud Federated Identity prefered by the Organization, like Microsoft AD.
2. Multi-Factor Authentication with app/otp generated approval to avoid phishing attacks:
3. Legacy system IAM using solutions Security Assertion Markup Language (SAML) 2.0 Identity Provider (IdP)
4. Third party Identity service Identity-Management-as-a-Service (IDaaS) like OKTA
5. If you want to allow anonymous users access (quite common for eCommerce applications) to any part of our
application then you need to determine if you will be redirecting right away or prompting your users to redirect only
when required.
6. Auth0 Universal Login - the so-called Bring Your Own Identity scenarios provided via Social Login.
a. OpenID Connect & OAuth2.0
OAuth 2.0 is a framework that controls authorization, is a authorization protocol(OAuth only authorizes devices, API, servers with
access tokens rather than credentials and it works over HTTPS.); OpenID Connect and SAML are both industry standards for
federated authentication; OpenID Connect uses OAuth2.0 & JWT - mainly in websites and mobile (allows for ‘Federated
Authentication’); SAML - OAuth with XML format - mainly in enterprise user login in multiple apps. SAML is used for both
authentication & authorization between two parties;
https://medium.com/@jad.karaki/identity-management-saml-vs-oauth2-vs-openid-connect-c9a06548b4c5
7.
8. Standards/Benchmark Applicable
1. CIS benchmark - (e.g: kubernetes, cloud service providers, etc.)
2. Payment Card Industry Data Security Standard 3.2.1 (PCI-DSS v3.2.1)
3. OWASP Top Ten (OWASP - A1:A10)
4. National Institute of Standards and Technology 800-53 (NIST 800-53)
5. International Organization for Standardization ISO 27001/17/18
6. FIPS 140-2 standards
7. Cloud Security Alliances (CSA)
8. Cloud Computing Compliance Criteria Catalogue (CS:2020)
9. SOC for service Organizations - (AICPA SOC)
10. Refer:
a. AWS Compliance Programs - https://aws.amazon.com/compliance/programs/
b. Azure Compliance Offerings - https://docs.microsoft.com/en-us/azure/compliance/
c. Google Cloud Compliance Resource - https://cloud.google.com/security/compliance
9. Open solutions available for Cloud Interop
1. Crossplane - Manage any infrastructure your applications need directly from Kubernetes - https://crossplane.io/
2. Liqo - project that dynamically creates a big cluster - https://github.com/liqotech/liqo
3. Kubefed - coordinate the configuration of multiple Kubernetes clusters from a single set of APIs in a hosting cluster -
https://github.com/kubernetes-sigs/kubefed
4. Konveyor - help modernize/migrate applications - forklift(to KubeVirt), pelorus, windup - https://konveyor.io/
5. KubeVirt - virtuaization APIs for k8s - https://kubevirt.io/
6. oVirt - Virtualization with kvm hypervisor - https://www.ovirt.org/
7. Thanos - Prometheus at scale - https://thanos.io/
8. Open Data Initiative - a platform for a single, comprehensive view of your data -
https://www.microsoft.com/en-us/open-data-initiative
9. OAM model - runtime-agnostic specification that defines cloud native apps - https://oam.dev/
10. CloudARK - framework to offer platform services as-Code - https://cloudark.io/
11. KubePlus - CRD for CRDs for platform services - https://github.com/cloud-ark/kubeplus
12. Cloud Custodian - Cloud Security, Governance, and Management - https://cloudcustodian.io/
13. Edge - Akri, OpenYurt, OpenNESS, k3s, kubeedge
14. Storage - Ceph, EdgeFS, Rook, ChubaoFS, Longhorn, OpenEBS
15. Runtime - CRI-O, CSI, CNI
16. CNCF Projects - https://www.cncf.io/ & case studies https://www.cncf.io/case-studies/
17. Apache project list - https://www.apache.org/
10. TOP Announcements from Major Cloud Vendors in last 1+yrs:
● AWS re:invent
○ - https://aws.amazon.com/blogs/aws/aws-reinvent-announcements-2020/
● MicroSoft Build -
○ https://www.cloudwithchris.com/blog/build-2021-summary/
○ https://www.cnbc.com/2020/05/22/microsoft-build-2020-recap-windows-azure-and-teams-tools.html
● Google Cloud Next -
○ https://www.cnet.com/news/google-io-2021-every-announcement-developers-conference/
○ https://cloud.google.com/blog/topics/google-cloud-next/complete-list-of-announcements-from-google-cloud-next20-onair
● IBM Think -
○ https://www.ibm.com/cloud/blog/ibm-think-2021-key-announcements
○ https://www.eweek.com/innovation/ibm-think-2020-digital-building-reliability-resiliency-in-uncertain-times
● Oracle World -
○ https://www.forbes.com/sites/oracle/2019/09/25/larry-ellison-at-oracle-openworld-5-highlights-from-oracles-leader/?sh=22
1998582670
● VMWorld -
○ https://www.vmware.com/company/news/updates/2020/vmworld-2020-news-announcement-summary.html
● Alibaba Apsara -
○ https://www.cloudmanagementinsider.com/alibaba-cloud-enters-next-phase-with-cloud-2-0-new-cloud-os-first-cloud-comp
uter/
Look for latest on interoperability / Hybrid cloud solutions...
12. OAuth2 Flow Diagram Get Access Token flow has 5
steps (as shown in the diagram):
1. Pre-register Client (App)
with OAuth Server to get
Client ID/Client Secret
2. OAuth Server
authenticates user when
she clicks on the App’s
social login button, which
is tagged with Client ID
3. OAuth Server solicits user
permission to allow the
App to perform something
on her behalf
4. OAuth Server sends secret
Code to App
5. App acquires Key/Access
Token from OAuth Server
by presenting secret Code
and Client Secret
https://blog.oauth.io/introduction-oauth
2-flow-diagrams/
13. BANZAI CLOUD - Zero Touch Authentication Flow This is how the whole flow looks:
1. The user uses the Backyards CLI to perform a
Backyards command.
2. The Backyards CLI creates a proxy endpoint to reach
the Backyards service (we call it the “Server” from
here on in), on a local port.
3. The Backyards CLI uses client-go to create an HTTP
Transport that will automatically authenticate
against the auth provider and will add a valid Bearer
token to every request, except when Client
Certificates are being used. In the event that Client
Certificates are being used, the CLI will simply add
the Client Certificates to the login request’s body.
4. The Backyards CLI calls the login API on the Server.
5. The Server verifies Bearer Tokens using the
TokenReview API (or the Server verifies Client
Certificates through a separate client)
6. The Server also uses the SubjectAccessReview API to
get information about the user’s capabilities.
7. The Server issues a JWT, encoding all the user’s
groups and capabilities with a longer expiration (10h),
and wraps it in an encrypted JWE with a shorter
expiration (5s).
8. The Backyards CLI receives the tokens, and can
cache and work with the JWT for as long as it’s valid.
9. If the user calls the dashboard command, then the
Backyards CLI has to use the encrypted JWE to open
the browser tab.
https://banzaicloud.com/blog/zero-touch-authentica
tion-on-kubernetes/