How to Build a High Performance Application Using Cloud Foundry and Redis (Cl...VMware Tanzu
Technical Track presented by Yiftach Shoolman, CTO & Co-Founder of Redis Labs.
Why Redis? Redis is one of the top 3 databases chosen by developers. Redis is the fastest database available today has many attractive data types and commands for powering modern applications. In this session, you will learn:
Why companies like Twitter, Pinterest, and GitHub rely on Redis as a critical infrastructure component.
How to leverage Redis for real time analytics, social app functionality, job management, geo-search, and many other use cases.
How to utilize CloudFoundry’s PaaS offering to build and maintain an infinitely scalable, highly available, top performing, and fully managed Redis database to power your application.
Four Levels of High Availability in Cloud Foundry (Cloud Foundry Summit 2014)VMware Tanzu
Cloud Foundry Summit 2014 Lightning Talk delivered by Cornelia Davis Platform Engineer, Cloud Foundry.
Platform as a Service is not just for the developer. It must provide equal or greater value to the application operator as well. The Cloud Foundry PaaS has four levels of HA built in! We explain each of them and show you how, collectively, they do an extraordinary job keeping application instances up and running in the face of failures. Your operators will spend less time on recovery and more time on innovation as a result.
Terraform for azure: the good, the bad and the ugly - Giulio Vian
Terraform is an open-source tool for building, changing, and versioning infrastructure safely and efficiently. It allows users to define infrastructure as code and provision resources on cloud platforms like Azure. The document discusses both the benefits of Terraform for Azure, such as treating infrastructure as code and standardized configuration, as well as some challenges, such as limitations in Terraform's language and potential issues with state management. It provides tips for best practices like organizing code and folders, importing existing resources, and handling credentials and IPs. Overall, Terraform is useful for provisioning Azure infrastructure in a repeatable way but requires care around its language and state management.
CloudFoundry is a mature and production-ready opensource Platform-as-a-Service. That can serve as standard app deployment and hosting platform for enterprise. This talk will focus around CloudFoundry capabilities as private-PaaS
Cloud Foundry Compared With Other PaaSes (Cloud Foundry Summit 2014)VMware Tanzu
Business Track presented by Michael Maximilien, Chief Architect PaaS Innovation at IBM & James Bayer, Director of Product Management, Cloud Foundry at Pivotal.
DevOps Toolbox: Infrastructure as codesriram_rajan
This document is a summary of a webinar about infrastructure as code. It introduces the speaker, Srirajan, and discusses how automation tools like Chef, Puppet, Ansible and others can be used to define infrastructure in code. Key benefits of infrastructure as code include automation, repeatability, and disaster recovery. The webinar also discusses testing infrastructure code and version controlling code changes.
Choosing a dev ops paas platform svccd presentation v2 for slideshareJohn Mathon
If you are thinking of a PaaS then you need to consider some important features and understand how to think about the different vendors. There are literally hundreds of PaaS vendors. Why? It's a very important and powerful step in improving time to market and costs for software development. Issues like Resource Sharing, Hybrid, Polyglot, Security, HA / DR, Ecosystem PaaS, Lifecycle management, DevOps vs PaaS, different IaaS Vendors migrating into PaaS services, Autoscaling, Open Source vs Proprietary, Performance Management, Operations
How to Build a High Performance Application Using Cloud Foundry and Redis (Cl...VMware Tanzu
Technical Track presented by Yiftach Shoolman, CTO & Co-Founder of Redis Labs.
Why Redis? Redis is one of the top 3 databases chosen by developers. Redis is the fastest database available today has many attractive data types and commands for powering modern applications. In this session, you will learn:
Why companies like Twitter, Pinterest, and GitHub rely on Redis as a critical infrastructure component.
How to leverage Redis for real time analytics, social app functionality, job management, geo-search, and many other use cases.
How to utilize CloudFoundry’s PaaS offering to build and maintain an infinitely scalable, highly available, top performing, and fully managed Redis database to power your application.
Four Levels of High Availability in Cloud Foundry (Cloud Foundry Summit 2014)VMware Tanzu
Cloud Foundry Summit 2014 Lightning Talk delivered by Cornelia Davis Platform Engineer, Cloud Foundry.
Platform as a Service is not just for the developer. It must provide equal or greater value to the application operator as well. The Cloud Foundry PaaS has four levels of HA built in! We explain each of them and show you how, collectively, they do an extraordinary job keeping application instances up and running in the face of failures. Your operators will spend less time on recovery and more time on innovation as a result.
Terraform for azure: the good, the bad and the ugly - Giulio Vian
Terraform is an open-source tool for building, changing, and versioning infrastructure safely and efficiently. It allows users to define infrastructure as code and provision resources on cloud platforms like Azure. The document discusses both the benefits of Terraform for Azure, such as treating infrastructure as code and standardized configuration, as well as some challenges, such as limitations in Terraform's language and potential issues with state management. It provides tips for best practices like organizing code and folders, importing existing resources, and handling credentials and IPs. Overall, Terraform is useful for provisioning Azure infrastructure in a repeatable way but requires care around its language and state management.
CloudFoundry is a mature and production-ready opensource Platform-as-a-Service. That can serve as standard app deployment and hosting platform for enterprise. This talk will focus around CloudFoundry capabilities as private-PaaS
Cloud Foundry Compared With Other PaaSes (Cloud Foundry Summit 2014)VMware Tanzu
Business Track presented by Michael Maximilien, Chief Architect PaaS Innovation at IBM & James Bayer, Director of Product Management, Cloud Foundry at Pivotal.
DevOps Toolbox: Infrastructure as codesriram_rajan
This document is a summary of a webinar about infrastructure as code. It introduces the speaker, Srirajan, and discusses how automation tools like Chef, Puppet, Ansible and others can be used to define infrastructure in code. Key benefits of infrastructure as code include automation, repeatability, and disaster recovery. The webinar also discusses testing infrastructure code and version controlling code changes.
Choosing a dev ops paas platform svccd presentation v2 for slideshareJohn Mathon
If you are thinking of a PaaS then you need to consider some important features and understand how to think about the different vendors. There are literally hundreds of PaaS vendors. Why? It's a very important and powerful step in improving time to market and costs for software development. Issues like Resource Sharing, Hybrid, Polyglot, Security, HA / DR, Ecosystem PaaS, Lifecycle management, DevOps vs PaaS, different IaaS Vendors migrating into PaaS services, Autoscaling, Open Source vs Proprietary, Performance Management, Operations
Building Cloud Native Applications Using Spring Boot and Spring CloudGeekNightHyderabad
Nowadays enterprises as well as startups are looking to build their software applications leveraging Cloud Platforms so that they can greatly reduce their go to market time and infrastructure setup costs. However, Cloud Native Applications (NCA) should be designed with cloud computing architecture in mind which involves thinking about dynamic provisioning of resources, service downtimes, data redundancy etc. Spring Boot provides a robust platform for building microservices and Spring Cloud provides the capabilities to build Cloud Native Applications by abstracting the low level details. In this talk, we will learn how to develop Cloud Native Applications using Spring Boot and Spring Cloud frameworks.
How Cloudify uses Chef as a Foundation for PaaSNati Shalom
As PaaS is becoming more prevalent than ever, most PaaS environments and frameworks are still strongly opinionated and allow for very limited control and extensibility.
Extending a PaaS framework requires deep understating of its internals at best, and in many cases in not even possible.
Cloudify, a new open source PaaS framework, has taken a different approach, by using recipes (As opposed to heavyweight coding and platform extension) as means to introduce new application stacks to the PaaS layer. You can think of it as extending the recipe model of Chef to support application level concerns, such as orchestration, dependency management, multi-tier and multi-host deployments, monitoring and autoscaling.
This presentation covers the foundations of Cloudify, and how it leverages Chef as a key enabler for an open PaaS framework.
This document discusses zero downtime architectures. It defines zero downtime as services being available to end users at all times. It identifies sources of planned and unplanned downtime. It proposes concepts like independent application groups, redundant infrastructure within and between datacenters, and replicating data between datacenters to reduce downtime. It provides examples of implementing high availability for networks, applications, and databases. It also discusses development guidelines and monitoring to support zero downtime operations.
Comparison of Several PaaS Cloud Computing Platformsijsrd.com
Today, the question is less about whether or not to use Platform as a Services (PaaS), but rather which providers to use. PaaS is a computing platform that abstracts the infrastructure, OS, and middleware to drive developer productivity. PaaS offerings are "polyglot" and "polyhost". Selection of Platform as a Service provider is an important process because an ideal vendor will be able to continue to partner with company as company grows. There are many components to be consider while selecting PaaS vendor like Scalability, Availability, Manageability, Performance, Security, Accessibility, Billing At a high-level a PaaS helps organizations, specifically by providing a fast and scalable way to host applications in the cloud.
(APP309) Running and Monitoring Docker Containers at Scale | AWS re:Invent 2014Amazon Web Services
If you have tried Docker but are unsure about how to run it at scale, you will benefit from this session. Like virtualization before, containerization (à; la Docker) is increasing the elastic nature of cloud infrastructure by an order of magnitude. But maybe you still have questions: How many containers can you run on a given Amazon EC2 instance type? Which metric should you look at to measure contention? How do you manage fleets of containers at scale?
Datadog is a monitoring service for IT, operations, and development teams who write and run applications at scale. In this session, the cofounder of Datadog presents the challenges and benefits of running containers at scale and how to use quantitative performance patterns to monitor your infrastructure at this magnitude and complexity. Sponsored by Datadog.
Becoming the master of disaster... with asrnj-azure
The speaker will discuss disaster recovery and Azure Site Recovery. They will cover why disaster recovery matters, an overview of disaster recovery solutions, an in-depth look at Azure Site Recovery for complex workloads, and include demonstrations and a question and answer session. The speaker is a Microsoft Cloud Solution Architect who will guide attendees on how to use Azure Site Recovery to replicate workloads between on-premises and Azure.
Rover: Implementing Landing Zone Using Docker ContainerSujay Pillai
Rover is a Docker container that provides a wrapper for Terraform to help implement Azure landing zones. An Azure landing zone is a predefined set of rules, configurations, and methods for bootstrapping a cloud environment using infrastructure as code. Rover allows users to stand up Azure environments in a fast, reliable, and repeatable way by removing human elements and defining infrastructure through code stored alongside application code. The presentation demonstrates how to use Rover to deploy Azure landing zones defined with Terraform.
Public, private, and hybrid; software, platform, and infrastructure. A discussion of the current state of the Platform-as-a-Service space, and why the keys to success lie in enabling developer productivity, and providing openness and choice. This presentation considers the success of Open Source in general, looks at the Cloud Foundry project, and explains why Cloud Foundry-based PaaSes are the best places to host your applications written in Java and other JVM-based languages.
Presented at GOTO Aarhus 2013
Platforms-as-a-service provide a fantastic application developer experience, enabling large scale zero downtime deployments in a repeatable and scalable way. But Data services are often left behind and require manual deployment and day 2 operations. The next evolution in PaaS provides a range of managed services such as DataStax Cassandra for developers to quickly utilise in their Cloud Native Applications.
This talk describes the approach and challenges of building managed services such as DataStax Enterprise Cassandra with automated lifecycle management using BOSH & Pivotal Cloud Foundry including a detailed discussion of the ease of Day 2 operations such as software upgrades and backups that is supported in the offering.
The presentation includes a demonstration on the use of BOSH and Pivotal Cloud Foundry to build a managed DataStax Enterprise Cassandra service that allows operators to provide a comprehensive Cassandra offering that deploys production ready clusters.
About the Speakers
Ben Lackey Partner Architect, DataStax
I work in the Cloud Strategy group at DataStax where I concentrate on improving the integration between DataStax Enterprise and cloud platforms including Azure, GCP and Pivotal.
Damian O'connor Product Manager, Pivotal
I'm a Technical Product Manager working with Pivotal's Cloud Services team and based out of our Dublin office. My role is to provide Pivotal Cloud Foundry customers with an industry leading Cassandra service running on the Pivotal Cloud Native platform.
Single tenant software to multi-tenant SaaS using K8SCloudLinux
This document discusses how Kubernetes can be used to convert single-tenant software applications into multi-tenant SaaS applications. Key points include:
1) Kubernetes can orchestrate each tenant as a separate pod or set of pods, providing isolation, easy scalability, and the ability to customize deployments for each tenant.
2) This approach simplifies many challenges of traditional SaaS like customer management, billing integration, high availability, upgrades and rollbacks by leveraging Kubernetes features.
3) An initial test project converted an existing PHP/MySQL billing application for 10,000+ companies into a multi-tenant SaaS deployment using Kubernetes, requiring under 40 hours of development.
Azure Bootcamp 2016 - Docker Orchestration on Azure with RancherKarim Vaes
This document discusses Docker orchestration on Azure using Rancher. It begins with an introduction to Docker concepts like containers, images and the Docker workflow. It then demonstrates deploying a Rancher server on Azure, adding nodes, upgrading a sample application, enabling cross-region networking, auto-scaling services, and using a Docker volume plugin to connect to Azure File Storage for persistent storage. The document includes code samples and step-by-step demonstrations of these Rancher and Docker capabilities on Azure.
Using Rancher and Docker with RightScale at Industrie IT RightScale
Many early Docker users are also now looking at clustering solutions such as Rancher. Industrie IT is using Docker, Rancher, and RightScale to help clients build digital applications using continuous integration (CI) and continuous delivery (CD) practices.
analytic engine - a common big data computation service on the awsScott Miao
This document summarizes Scott Miao's presentation on Analytic Engine (AE), a common big data computation service on AWS. AE provides a RESTful API for users to create AWS EMR clusters, submit jobs to clusters, and delete clusters. It handles job scheduling and delivery to clusters to optimize usage of AWS resources. Using AE and AWS services like EMR and S3 allows Trend Micro to scale their data and computation needs elastically with reduced operational overhead compared to managing infrastructure on their own.
Today, the development and operations landscape has shifted to a more collaborative model merging the two (DevOps). Developers need to know much more about the operational components of their software - especially around network programming, services development, and continuous deployment. Likewise, the developer's IT counterpart needs to know much more about development - especially around infrastructure automation (Chef/Puppet), automated testing, and continuous deployment.
The document discusses software reliability engineering (SRE) practices for managing Kubernetes clusters. It describes how SRE teams use infrastructure as code, continuous integration/delivery (CI/CD), monitoring, logging, incident response processes, and other methodologies to ensure reliability and reduce toil. The document recommends that organizations adopt SRE practices gradually by starting small, defining standards, and working closely with development teams.
To really take advantage of cloud, software must be optimized to run in the cloud. This presentation explores what it means to be "Cloud Native" and looks at a real open source project that has built a complete Cloud Native platform. Cloud is not just a better way to run existing software, there are core enhancements that need to be made to software to enable it to run really effectively in a cloud environment. Often the first thought is about massive scalability, but actually there are other key enablers: multi-tenancy, metering, dynamic distribution, self-service and incremental deployment and testability. This presentation explores these enablers and looks at how an Open Source project (Carbon) built on Apache technology was re-built to be cloud native. The presentation will cover not just the concepts but dive into the practical issues in making a cloud native system and also explore which Apache technologies can help along the way.
Introduction to Infrastructure as Code & Automation / Introduction to ChefAll Things Open
The document discusses infrastructure as code and Chef. It introduces Chef as an open source automation framework that allows system administrators to define infrastructure in code. It describes how Chef uses a policy-based approach to ensure nodes comply with defined policies and discusses how this allows for scalable, automated management of infrastructure.
AWS and VMware: How to Architect and Manage Hybrid EnvironmentsRightScale
AWS and VMware are not an either/or decision. Almost every enterprise is looking to leverage AWS in addition to their existing VMware virtualized environments. They want to choose the right venue for each application and move applications between VMware and AWS as their business needs dictate.
In this webinar, you’ll hear how RightScale helps customers to successfully implement and manage hybrid environments that span AWS, VMware vSphere and other clouds.
In this webinar we will:
-5 common use cases for hybrid environments
-Why VMware isn’t the same as a cloud, and what to do about it
-Architecture considerations for hybrid environments
-Is portability a possibility or a pipe dream?
-Demo of a single-pane-of-glass to manage hybrid environments
We are working on building Hybrid Cloud for research and development purpose. Our project goal is to realize managing not only Public Cloud but also Private Cloud by making operations even easier. We are managing Amazon EC2, and our Private Cloud by making our own Cloud management tool by Drupal, which we call Clanavi beyond Drupal as a Content Management System. --- Drupal as a fundamental of PaaS (Platform as a Service).
We are happy to introduce our Clanavi including its requirements, architecture design and business value. We would like to show how Drupal can define to manage multiple Cloud infrastructures and why Drupal can be used as Web Application Framework.
Key Points Covered:
- Cloud Computing Overview (Definition)
- Private Cloud Requiremetns
- Goal, Design and Architecture
- Operation Problems in-the-Cloud
- Business Value by Clanavi
- Future Direction
- Q & A
Building Cloud Native Applications Using Spring Boot and Spring CloudGeekNightHyderabad
Nowadays enterprises as well as startups are looking to build their software applications leveraging Cloud Platforms so that they can greatly reduce their go to market time and infrastructure setup costs. However, Cloud Native Applications (NCA) should be designed with cloud computing architecture in mind which involves thinking about dynamic provisioning of resources, service downtimes, data redundancy etc. Spring Boot provides a robust platform for building microservices and Spring Cloud provides the capabilities to build Cloud Native Applications by abstracting the low level details. In this talk, we will learn how to develop Cloud Native Applications using Spring Boot and Spring Cloud frameworks.
How Cloudify uses Chef as a Foundation for PaaSNati Shalom
As PaaS is becoming more prevalent than ever, most PaaS environments and frameworks are still strongly opinionated and allow for very limited control and extensibility.
Extending a PaaS framework requires deep understating of its internals at best, and in many cases in not even possible.
Cloudify, a new open source PaaS framework, has taken a different approach, by using recipes (As opposed to heavyweight coding and platform extension) as means to introduce new application stacks to the PaaS layer. You can think of it as extending the recipe model of Chef to support application level concerns, such as orchestration, dependency management, multi-tier and multi-host deployments, monitoring and autoscaling.
This presentation covers the foundations of Cloudify, and how it leverages Chef as a key enabler for an open PaaS framework.
This document discusses zero downtime architectures. It defines zero downtime as services being available to end users at all times. It identifies sources of planned and unplanned downtime. It proposes concepts like independent application groups, redundant infrastructure within and between datacenters, and replicating data between datacenters to reduce downtime. It provides examples of implementing high availability for networks, applications, and databases. It also discusses development guidelines and monitoring to support zero downtime operations.
Comparison of Several PaaS Cloud Computing Platformsijsrd.com
Today, the question is less about whether or not to use Platform as a Services (PaaS), but rather which providers to use. PaaS is a computing platform that abstracts the infrastructure, OS, and middleware to drive developer productivity. PaaS offerings are "polyglot" and "polyhost". Selection of Platform as a Service provider is an important process because an ideal vendor will be able to continue to partner with company as company grows. There are many components to be consider while selecting PaaS vendor like Scalability, Availability, Manageability, Performance, Security, Accessibility, Billing At a high-level a PaaS helps organizations, specifically by providing a fast and scalable way to host applications in the cloud.
(APP309) Running and Monitoring Docker Containers at Scale | AWS re:Invent 2014Amazon Web Services
If you have tried Docker but are unsure about how to run it at scale, you will benefit from this session. Like virtualization before, containerization (à; la Docker) is increasing the elastic nature of cloud infrastructure by an order of magnitude. But maybe you still have questions: How many containers can you run on a given Amazon EC2 instance type? Which metric should you look at to measure contention? How do you manage fleets of containers at scale?
Datadog is a monitoring service for IT, operations, and development teams who write and run applications at scale. In this session, the cofounder of Datadog presents the challenges and benefits of running containers at scale and how to use quantitative performance patterns to monitor your infrastructure at this magnitude and complexity. Sponsored by Datadog.
Becoming the master of disaster... with asrnj-azure
The speaker will discuss disaster recovery and Azure Site Recovery. They will cover why disaster recovery matters, an overview of disaster recovery solutions, an in-depth look at Azure Site Recovery for complex workloads, and include demonstrations and a question and answer session. The speaker is a Microsoft Cloud Solution Architect who will guide attendees on how to use Azure Site Recovery to replicate workloads between on-premises and Azure.
Rover: Implementing Landing Zone Using Docker ContainerSujay Pillai
Rover is a Docker container that provides a wrapper for Terraform to help implement Azure landing zones. An Azure landing zone is a predefined set of rules, configurations, and methods for bootstrapping a cloud environment using infrastructure as code. Rover allows users to stand up Azure environments in a fast, reliable, and repeatable way by removing human elements and defining infrastructure through code stored alongside application code. The presentation demonstrates how to use Rover to deploy Azure landing zones defined with Terraform.
Public, private, and hybrid; software, platform, and infrastructure. A discussion of the current state of the Platform-as-a-Service space, and why the keys to success lie in enabling developer productivity, and providing openness and choice. This presentation considers the success of Open Source in general, looks at the Cloud Foundry project, and explains why Cloud Foundry-based PaaSes are the best places to host your applications written in Java and other JVM-based languages.
Presented at GOTO Aarhus 2013
Platforms-as-a-service provide a fantastic application developer experience, enabling large scale zero downtime deployments in a repeatable and scalable way. But Data services are often left behind and require manual deployment and day 2 operations. The next evolution in PaaS provides a range of managed services such as DataStax Cassandra for developers to quickly utilise in their Cloud Native Applications.
This talk describes the approach and challenges of building managed services such as DataStax Enterprise Cassandra with automated lifecycle management using BOSH & Pivotal Cloud Foundry including a detailed discussion of the ease of Day 2 operations such as software upgrades and backups that is supported in the offering.
The presentation includes a demonstration on the use of BOSH and Pivotal Cloud Foundry to build a managed DataStax Enterprise Cassandra service that allows operators to provide a comprehensive Cassandra offering that deploys production ready clusters.
About the Speakers
Ben Lackey Partner Architect, DataStax
I work in the Cloud Strategy group at DataStax where I concentrate on improving the integration between DataStax Enterprise and cloud platforms including Azure, GCP and Pivotal.
Damian O'connor Product Manager, Pivotal
I'm a Technical Product Manager working with Pivotal's Cloud Services team and based out of our Dublin office. My role is to provide Pivotal Cloud Foundry customers with an industry leading Cassandra service running on the Pivotal Cloud Native platform.
Single tenant software to multi-tenant SaaS using K8SCloudLinux
This document discusses how Kubernetes can be used to convert single-tenant software applications into multi-tenant SaaS applications. Key points include:
1) Kubernetes can orchestrate each tenant as a separate pod or set of pods, providing isolation, easy scalability, and the ability to customize deployments for each tenant.
2) This approach simplifies many challenges of traditional SaaS like customer management, billing integration, high availability, upgrades and rollbacks by leveraging Kubernetes features.
3) An initial test project converted an existing PHP/MySQL billing application for 10,000+ companies into a multi-tenant SaaS deployment using Kubernetes, requiring under 40 hours of development.
Azure Bootcamp 2016 - Docker Orchestration on Azure with RancherKarim Vaes
This document discusses Docker orchestration on Azure using Rancher. It begins with an introduction to Docker concepts like containers, images and the Docker workflow. It then demonstrates deploying a Rancher server on Azure, adding nodes, upgrading a sample application, enabling cross-region networking, auto-scaling services, and using a Docker volume plugin to connect to Azure File Storage for persistent storage. The document includes code samples and step-by-step demonstrations of these Rancher and Docker capabilities on Azure.
Using Rancher and Docker with RightScale at Industrie IT RightScale
Many early Docker users are also now looking at clustering solutions such as Rancher. Industrie IT is using Docker, Rancher, and RightScale to help clients build digital applications using continuous integration (CI) and continuous delivery (CD) practices.
analytic engine - a common big data computation service on the awsScott Miao
This document summarizes Scott Miao's presentation on Analytic Engine (AE), a common big data computation service on AWS. AE provides a RESTful API for users to create AWS EMR clusters, submit jobs to clusters, and delete clusters. It handles job scheduling and delivery to clusters to optimize usage of AWS resources. Using AE and AWS services like EMR and S3 allows Trend Micro to scale their data and computation needs elastically with reduced operational overhead compared to managing infrastructure on their own.
Today, the development and operations landscape has shifted to a more collaborative model merging the two (DevOps). Developers need to know much more about the operational components of their software - especially around network programming, services development, and continuous deployment. Likewise, the developer's IT counterpart needs to know much more about development - especially around infrastructure automation (Chef/Puppet), automated testing, and continuous deployment.
The document discusses software reliability engineering (SRE) practices for managing Kubernetes clusters. It describes how SRE teams use infrastructure as code, continuous integration/delivery (CI/CD), monitoring, logging, incident response processes, and other methodologies to ensure reliability and reduce toil. The document recommends that organizations adopt SRE practices gradually by starting small, defining standards, and working closely with development teams.
To really take advantage of cloud, software must be optimized to run in the cloud. This presentation explores what it means to be "Cloud Native" and looks at a real open source project that has built a complete Cloud Native platform. Cloud is not just a better way to run existing software, there are core enhancements that need to be made to software to enable it to run really effectively in a cloud environment. Often the first thought is about massive scalability, but actually there are other key enablers: multi-tenancy, metering, dynamic distribution, self-service and incremental deployment and testability. This presentation explores these enablers and looks at how an Open Source project (Carbon) built on Apache technology was re-built to be cloud native. The presentation will cover not just the concepts but dive into the practical issues in making a cloud native system and also explore which Apache technologies can help along the way.
Introduction to Infrastructure as Code & Automation / Introduction to ChefAll Things Open
The document discusses infrastructure as code and Chef. It introduces Chef as an open source automation framework that allows system administrators to define infrastructure in code. It describes how Chef uses a policy-based approach to ensure nodes comply with defined policies and discusses how this allows for scalable, automated management of infrastructure.
AWS and VMware: How to Architect and Manage Hybrid EnvironmentsRightScale
AWS and VMware are not an either/or decision. Almost every enterprise is looking to leverage AWS in addition to their existing VMware virtualized environments. They want to choose the right venue for each application and move applications between VMware and AWS as their business needs dictate.
In this webinar, you’ll hear how RightScale helps customers to successfully implement and manage hybrid environments that span AWS, VMware vSphere and other clouds.
In this webinar we will:
-5 common use cases for hybrid environments
-Why VMware isn’t the same as a cloud, and what to do about it
-Architecture considerations for hybrid environments
-Is portability a possibility or a pipe dream?
-Demo of a single-pane-of-glass to manage hybrid environments
We are working on building Hybrid Cloud for research and development purpose. Our project goal is to realize managing not only Public Cloud but also Private Cloud by making operations even easier. We are managing Amazon EC2, and our Private Cloud by making our own Cloud management tool by Drupal, which we call Clanavi beyond Drupal as a Content Management System. --- Drupal as a fundamental of PaaS (Platform as a Service).
We are happy to introduce our Clanavi including its requirements, architecture design and business value. We would like to show how Drupal can define to manage multiple Cloud infrastructures and why Drupal can be used as Web Application Framework.
Key Points Covered:
- Cloud Computing Overview (Definition)
- Private Cloud Requiremetns
- Goal, Design and Architecture
- Operation Problems in-the-Cloud
- Business Value by Clanavi
- Future Direction
- Q & A
VMworld 2013: Three Advantages of Running Cloud Foundry in a VMware Private C...VMworld
VMworld 2013
Tarik Dwiek, EMC
Steve Flanders, VMware
Learn more about VMworld and register at http://www.vmworld.com/index.jspa?src=socmed-vmworld-slideshare
RightScale: Single Pane of Glass at Computerworld 2013RightScale
RightScale is a cloud management platform that provides tools to manage hybrid cloud environments with a single pane of glass. It offers automation, governance controls, and an open configuration framework to deploy and manage applications across private and public clouds. RightScale helps organizations increase their cloud benefits through templatized workloads, unified monitoring and management, and increased operational efficiency.
Updates to Apache CloudStack and LINBIT SDSShapeBlue
In this session, speakers Giles Sirett and Philipp Reisner shared insights into CloudStack and LINBIT. Giles detailed Apache CloudStack’s scalability, multi-tenancy, and compatibility with various hypervisors. He also discusses CloudStack’s integrated, easy-to-use nature, rapid time-to-value, and its active community. Following this, Giles delves into different use cases, such as IaaS/Cloud Provisioning, Disaster recovery, Sovereign Clouds, and the list goes on. CloudStack’s features, including its support for Kubernetes clusters, its scalable architecture, high availability and other features were also discussed.
Following this, Philipp highlighted the 4 key ways in which LINBIT can help an organisation: ‘Protecting data, Always Keeping Your Services On, Shaping Your Destiny and Exceeding with Best Performance”. Philipp also delved into the different reasons why LINBIT SDS is so fast, and what the next steps are for DRBD, LINSTOR and the LINSTOR Driver for CloudStack.
-----------------------------------------
On October 10th 2023, ShapeBlue, Ampere Computing and LINBIT held a joint virtual event – Building Next-Generation IaaS. The event explored how the synergy between ARM, Apache CloudStack and LINBIT’s storage solutions can achieve a formidable price-to-performance ratio. There were a total of 3 sessions held by speakers from all 3 organisations.
If you need to build highly performant, mission critical ,microservice-based system following DevOps best practices, you should definitely check Service Fabric!
Service Fabric is one of the most interesting services Azure offers today. It provide unique capabilities outperforming competitor products.
We are seeing global companies start to use Service Fabric for their mission critical solutions.
In this talk we explore the current state of Service Fabric and dive deeper to highlight best practices and design patterns.
We will cover the following topics:
• Service Fabric Core Concepts
• Cluster Planning and Management
• Stateless Services
• Stateful Services
• Actor Model
• Availability and reliability
• Scalability and perfromance
• Diganostics and Monitoring
• Containers
• Testing
• IoT
Live broadcast on https://www.youtube.com/watch?v=Zuxfhpab6xo
This document provides an overview of Amazon Workspaces, a desktop-as-a-service offering that allows customers to provision cloud-based virtual desktops for remote users. It discusses how Workspaces provides a consistent desktop environment across multiple availability zones, the networking architecture which involves authentication and streaming gateways, and how customers can integrate Workspaces with their existing Active Directory. The document also covers provisioning, authentication, application deployment, monitoring, backups and common issues when using Amazon Workspaces.
This document provides an overview of hybrid cloud scenarios using Microsoft Azure. It discusses using Azure to extend infrastructure to the cloud, processing data in the cloud, and accessing data and applications across cloud and on-premises. It provides examples of hybrid scenarios for infrastructure as a service, platform as a service, development/test, backup/recovery, and enterprise mobility. It also discusses networking options and enhancements for hybrid configurations including virtual networks, gateways, and security groups.
The document provides an agenda and overview of a session on hacking Apache CloudStack. The agenda includes introductions, a session on introducing CloudStack, and a hands-on session with DevCloud. The overview discusses what CloudStack is, how it works as an orchestration platform for IAAS clouds, its architecture and core components, and how users can consume and manage resources through it.
AWS Summit Auckland - Running your Enterprise Windows Workload on AWSAmazon Web Services
This document provides a summary of running Microsoft Windows workloads on AWS. It discusses options for secure remote administration, extending an on-premises network to AWS, using Active Directory services, running SQL Server on AWS, and management tools. It also includes a customer case study of how Xero migrated their accounting software to AWS, discussing their approach to network design, security, and migrating SQL Server databases in phases.
Getting started with MariaDB with DockerMariaDB plc
This document discusses using MariaDB and Docker together from development to production. It begins by outlining the benefits of containers and Docker for database deployments. Requirements for databases in containers like data redundancy, self-discovery, self-healing and application tier discovery are discussed. An overview of MariaDB and how it meets these requirements with Galera cluster and MaxScale is provided. The document then demonstrates how to develop and deploy a Python/Flask app with MariaDB from development to a Docker Swarm production cluster behind HAProxy, including scaling the web tier and implementing a hardened database tier with Galera cluster and MaxScale behind secrets. Considerations around storage, networking and upgrades are discussed.
The document discusses the 12 factor app methodology for building software-as-a-service applications. It covers the 12 factors which are codebase, dependencies, configuration, backing services, build/release/run, processes, port binding, concurrency, disposability, development/production parity, logs, and admin processes. The presentation provides examples and explanations of how to design apps adhering to these 12 factors for scalability, maintainability and portability.
Integrating OpenStack To Existing InfrastructureHui Cheng
This document discusses integrating OpenStack into Sina's existing infrastructure. It describes Sina's business, infrastructure, and challenges faced in integrating OpenStack. Key integration challenges discussed include network deployment, security considerations, load balancing, and evaluating Swift for object storage. The document also outlines Sina's contributions to OpenStack around billing and monitoring integration.
Architecture patterns for distributed, hybrid, edge and global Apache Kafka d...Kai Wähner
Architecture patterns for distributed, hybrid, edge and global Apache Kafka deployments
Multi-cluster and cross-data center deployments of Apache Kafka have become the norm rather than an exception. This session gives an overview of several scenarios that may require multi-cluster solutions and discusses real-world examples with their specific requirements and trade-offs, including disaster recovery, aggregation for analytics, cloud migration, mission-critical stretched deployments and global Kafka.
Key takeaways:
In many scenarios, one Kafka cluster is not enough. Understand different architectures and alternatives for multi-cluster deployments.
Zero data loss and high availability are two key requirements. Understand how to realize this, including trade-offs.
Learn about features and limitations of Kafka for multi cluster deployments
Global Kafka and mission-critical multi-cluster deployments with zero data loss and high availability became the normal, not an exception.
Azure provides several options for security and identity management:
- Azure Active Directory allows centralized management of user access and single sign-on across Azure, Office 365, and other cloud apps. It can extend on-premises directories to the cloud.
- Multi-factor authentication protects access using additional verification beyond a password. It can leverage on-premises Active Directory when used with Azure Active Directory.
- Encryption options in Azure help secure data at rest and in transit. These include BitLocker, storage encryption, and application-level encryption.
Azure en Nutanix: your journey to the hybrid cloudICT-Partners
Op zoek naar oplossingen voor een flexibel, schaalbaar, kostenefficiënt en toekomstvast datacenter? Ontdek dan nu de kracht van Microsoft Azure & Nutanix: twee moderne platformen waarmee u de voordelen van uw on-premise infrastructuur kunt combineren met de voordelen van de public cloud.
Presentatie van 30 april 2015
Getting Started with MariaDB with DockerMariaDB plc
This document discusses deploying MariaDB databases with Docker from development to production. It recommends using Docker containers to encapsulate dependencies and isolate processes for easy deployment on-premise, in the cloud, or in hybrid environments. It highlights challenges like orchestration complexity and outlines requirements for data durability, self-discovery, self-healing, and application discovery of database clusters. It demonstrates building a Python/Flask app in Docker, deploying it to a Swarm cluster, and scaling the web tier behind HAProxy. It also shows deploying a 3-node Galera MariaDB cluster and 2-node MaxScale proxy for high availability.
Similar to Cloud Foundry Summit 2015: Building a Robust Cloud Foundry (HA, Security and DR) (20)
What AI Means For Your Product Strategy And What To Do About ItVMware Tanzu
The document summarizes Matthew Quinn's presentation on "What AI Means For Your Product Strategy And What To Do About It" at Denver Startup Week 2023. The presentation discusses how generative AI could impact product strategies by potentially solving problems companies have ignored or allowing competitors to create new solutions. Quinn advises product teams to evaluate their strategies and roadmaps, ensure they understand user needs, and consider how AI may change the problems being addressed. He provides examples of how AI could influence product development for apps in home organization and solar sales. Quinn concludes by urging attendees not to ignore AI's potential impacts and to have hard conversations about emerging threats and opportunities.
Make the Right Thing the Obvious Thing at Cardinal Health 2023VMware Tanzu
This document discusses the evolution of internal developer platforms and defines what they are. It provides a timeline of how technologies like infrastructure as a service, public clouds, containers and Kubernetes have shaped developer platforms. The key aspects of an internal developer platform are described as providing application-centric abstractions, service level agreements, automated processes from code to production, consolidated monitoring and feedback. The document advocates that internal platforms should make the right choices obvious and easy for developers. It also introduces Backstage as an open source solution for building internal developer portals.
Enhancing DevEx and Simplifying Operations at ScaleVMware Tanzu
Cardinal Health introduced Tanzu Application Service in 2016 and set up foundations for cloud native applications in AWS and later migrated to GCP in 2018. TAS has provided Cardinal Health with benefits like faster development of applications, zero downtime for critical applications, hosting over 5,000 application instances, quicker patching for security vulnerabilities, and savings through reduced lead times and staffing needs.
Dan Vega discussed upcoming changes and improvements in Spring including Spring Boot 3, which will have support for JDK 17, Jakarta EE 9/10, ahead-of-time compilation, improved observability with Micrometer, and Project Loom's virtual threads. Spring Boot 3.1 additions were also highlighted such as Docker Compose integration and Spring Authorization Server 1.0. Spring Boot 3.2 will focus on embracing virtual threads from Project Loom to improve scalability of web applications.
Platforms, Platform Engineering, & Platform as a ProductVMware Tanzu
This document discusses building platforms as products and reducing developer toil. It notes that platform engineering now encompasses PaaS and developer tools. A quote from Mercedes-Benz emphasizes building platforms for developers, not for the company itself. The document contrasts reactive, ticket-driven approaches with automated, self-service platforms and products. It discusses moving from considering platforms as a cost center to experts that drive business results. Finally, it provides questions to identify sources of developer toil, such as issues with workstation setup, running software locally, integration testing, committing changes, and release processes.
This document provides an overview of building cloud-ready applications in .NET. It defines what makes an application cloud-ready, discusses common issues with legacy applications, and recommends design patterns and practices to address these issues, including loose coupling, high cohesion, messaging, service discovery, API gateways, and resiliency policies. It includes code examples and links to additional resources.
Dan Vega discussed new features and capabilities in Spring Boot 3 and beyond, including support for JDK 17, Jakarta EE 9, ahead-of-time compilation, observability with Micrometer, Docker Compose integration, and initial support for Project Loom's virtual threads in Spring Boot 3.2 to improve scalability. He provided an overview of each new feature and explained how they can help Spring applications.
Spring Cloud Gateway - SpringOne Tour 2023 Charles Schwab.pdfVMware Tanzu
Spring Cloud Gateway is a gateway that provides routing, security, monitoring, and resiliency capabilities for microservices. It acts as an API gateway and sits in front of microservices, routing requests to the appropriate microservice. The gateway uses predicates and filters to route requests and modify requests and responses. It is lightweight and built on reactive principles to enable it to scale to thousands of routes.
This document appears to be from a VMware Tanzu Developer Connect presentation. It discusses Tanzu Application Platform (TAP), which provides a developer experience on Kubernetes across multiple clouds. TAP aims to unlock developer productivity, build rapid paths to production, and coordinate the work of development, security and operations teams. It offers features like pre-configured templates, integrated developer tools, centralized visibility and workload status, role-based access control, automated pipelines and built-in security. The presentation provides examples of how these capabilities improve experiences for developers, operations teams and security teams.
The document provides information about a Tanzu Developer Connect Workshop on Tanzu Application Platform. The agenda includes welcome and introductions on Tanzu Application Platform, followed by interactive hands-on workshops on the developer experience and operator experience. It will conclude with a quiz, prizes and giveaways. The document discusses challenges with developing on Kubernetes and how Tanzu Application Platform aims to improve the developer experience with features like pre-configured templates, developer tools integration, rapid iteration and centralized management.
The Tanzu Developer Connect is a hands-on workshop that dives deep into TAP. Attendees receive a hands on experience. This is a great program to leverage accounts with current TAP opportunities.
The Tanzu Developer Connect is a hands-on workshop that dives deep into TAP. Attendees receive a hands on experience. This is a great program to leverage accounts with current TAP opportunities.
Simplify and Scale Enterprise Apps in the Cloud | Dallas 2023VMware Tanzu
This document discusses simplifying and scaling enterprise Spring applications in the cloud. It provides an overview of Azure Spring Apps, which is a fully managed platform for running Spring applications on Azure. Azure Spring Apps handles infrastructure management and application lifecycle management, allowing developers to focus on code. It is jointly built, operated, and supported by Microsoft and VMware. The document demonstrates how to create an Azure Spring Apps service, create an application, and deploy code to the application using three simple commands. It also discusses features of Azure Spring Apps Enterprise, which includes additional capabilities from VMware Tanzu components.
SpringOne Tour: Deliver 15-Factor Applications on Kubernetes with Spring BootVMware Tanzu
The document discusses 15 factors for building cloud native applications with Kubernetes based on the 12 factor app methodology. It covers factors such as treating code as immutable, externalizing configuration, building stateless and disposable processes, implementing authentication and authorization securely, and monitoring applications like space probes. The presentation aims to provide an overview of the 15 factors and demonstrate how to build cloud native applications using Kubernetes based on these principles.
SpringOne Tour: The Influential Software EngineerVMware Tanzu
The document discusses the importance of culture in software projects and how to influence culture. It notes that software projects involve people and personalities, not just technology. It emphasizes that culture informs everything a company does and is very difficult to change. It provides advice on being aware of your company's culture, finding ways to inculcate good cultural values like writing high-quality code, and approaches for influencing decision makers to prioritize culture.
SpringOne Tour: Domain-Driven Design: Theory vs PracticeVMware Tanzu
This document discusses domain-driven design, clean architecture, bounded contexts, and various modeling concepts. It provides examples of an e-scooter reservation system to illustrate domain modeling techniques. Key topics covered include identifying aggregates, bounded contexts, ensuring single sources of truth, avoiding anemic domain models, and focusing on observable domain behaviors rather than implementation details.
TrustArc Webinar - 2024 Global Privacy SurveyTrustArc
How does your privacy program stack up against your peers? What challenges are privacy teams tackling and prioritizing in 2024?
In the fifth annual Global Privacy Benchmarks Survey, we asked over 1,800 global privacy professionals and business executives to share their perspectives on the current state of privacy inside and outside of their organizations. This year’s report focused on emerging areas of importance for privacy and compliance professionals, including considerations and implications of Artificial Intelligence (AI) technologies, building brand trust, and different approaches for achieving higher privacy competence scores.
See how organizational priorities and strategic approaches to data security and privacy are evolving around the globe.
This webinar will review:
- The top 10 privacy insights from the fifth annual Global Privacy Benchmarks Survey
- The top challenges for privacy leaders, practitioners, and organizations in 2024
- Key themes to consider in developing and maintaining your privacy program
Driving Business Innovation: Latest Generative AI Advancements & Success StorySafe Software
Are you ready to revolutionize how you handle data? Join us for a webinar where we’ll bring you up to speed with the latest advancements in Generative AI technology and discover how leveraging FME with tools from giants like Google Gemini, Amazon, and Microsoft OpenAI can supercharge your workflow efficiency.
During the hour, we’ll take you through:
Guest Speaker Segment with Hannah Barrington: Dive into the world of dynamic real estate marketing with Hannah, the Marketing Manager at Workspace Group. Hear firsthand how their team generates engaging descriptions for thousands of office units by integrating diverse data sources—from PDF floorplans to web pages—using FME transformers, like OpenAIVisionConnector and AnthropicVisionConnector. This use case will show you how GenAI can streamline content creation for marketing across the board.
Ollama Use Case: Learn how Scenario Specialist Dmitri Bagh has utilized Ollama within FME to input data, create custom models, and enhance security protocols. This segment will include demos to illustrate the full capabilities of FME in AI-driven processes.
Custom AI Models: Discover how to leverage FME to build personalized AI models using your data. Whether it’s populating a model with local data for added security or integrating public AI tools, find out how FME facilitates a versatile and secure approach to AI.
We’ll wrap up with a live Q&A session where you can engage with our experts on your specific use cases, and learn more about optimizing your data workflows with AI.
This webinar is ideal for professionals seeking to harness the power of AI within their data management systems while ensuring high levels of customization and security. Whether you're a novice or an expert, gain actionable insights and strategies to elevate your data processes. Join us to see how FME and AI can revolutionize how you work with data!
Programming Foundation Models with DSPy - Meetup SlidesZilliz
Prompting language models is hard, while programming language models is easy. In this talk, I will discuss the state-of-the-art framework DSPy for programming foundation models with its powerful optimizers and runtime constraint system.
Generating privacy-protected synthetic data using Secludy and MilvusZilliz
During this demo, the founders of Secludy will demonstrate how their system utilizes Milvus to store and manipulate embeddings for generating privacy-protected synthetic data. Their approach not only maintains the confidentiality of the original data but also enhances the utility and scalability of LLMs under privacy constraints. Attendees, including machine learning engineers, data scientists, and data managers, will witness first-hand how Secludy's integration with Milvus empowers organizations to harness the power of LLMs securely and efficiently.
How to Get CNIC Information System with Paksim Ga.pptxdanishmna97
Pakdata Cf is a groundbreaking system designed to streamline and facilitate access to CNIC information. This innovative platform leverages advanced technology to provide users with efficient and secure access to their CNIC details.
Threats to mobile devices are more prevalent and increasing in scope and complexity. Users of mobile devices desire to take full advantage of the features
available on those devices, but many of the features provide convenience and capability but sacrifice security. This best practices guide outlines steps the users can take to better protect personal devices and information.
Ivanti’s Patch Tuesday breakdown goes beyond patching your applications and brings you the intelligence and guidance needed to prioritize where to focus your attention first. Catch early analysis on our Ivanti blog, then join industry expert Chris Goettl for the Patch Tuesday Webinar Event. There we’ll do a deep dive into each of the bulletins and give guidance on the risks associated with the newly-identified vulnerabilities.
Infrastructure Challenges in Scaling RAG with Custom AI modelsZilliz
Building Retrieval-Augmented Generation (RAG) systems with open-source and custom AI models is a complex task. This talk explores the challenges in productionizing RAG systems, including retrieval performance, response synthesis, and evaluation. We’ll discuss how to leverage open-source models like text embeddings, language models, and custom fine-tuned models to enhance RAG performance. Additionally, we’ll cover how BentoML can help orchestrate and scale these AI components efficiently, ensuring seamless deployment and management of RAG systems in the cloud.
GraphRAG for Life Science to increase LLM accuracyTomaz Bratanic
GraphRAG for life science domain, where you retriever information from biomedical knowledge graphs using LLMs to increase the accuracy and performance of generated answers
Have you ever been confused by the myriad of choices offered by AWS for hosting a website or an API?
Lambda, Elastic Beanstalk, Lightsail, Amplify, S3 (and more!) can each host websites + APIs. But which one should we choose?
Which one is cheapest? Which one is fastest? Which one will scale to meet our needs?
Join me in this session as we dive into each AWS hosting service to determine which one is best for your scenario and explain why!
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAUpanagenda
Webinar Recording: https://www.panagenda.com/webinars/hcl-notes-und-domino-lizenzkostenreduzierung-in-der-welt-von-dlau/
DLAU und die Lizenzen nach dem CCB- und CCX-Modell sind für viele in der HCL-Community seit letztem Jahr ein heißes Thema. Als Notes- oder Domino-Kunde haben Sie vielleicht mit unerwartet hohen Benutzerzahlen und Lizenzgebühren zu kämpfen. Sie fragen sich vielleicht, wie diese neue Art der Lizenzierung funktioniert und welchen Nutzen sie Ihnen bringt. Vor allem wollen Sie sicherlich Ihr Budget einhalten und Kosten sparen, wo immer möglich. Das verstehen wir und wir möchten Ihnen dabei helfen!
Wir erklären Ihnen, wie Sie häufige Konfigurationsprobleme lösen können, die dazu führen können, dass mehr Benutzer gezählt werden als nötig, und wie Sie überflüssige oder ungenutzte Konten identifizieren und entfernen können, um Geld zu sparen. Es gibt auch einige Ansätze, die zu unnötigen Ausgaben führen können, z. B. wenn ein Personendokument anstelle eines Mail-Ins für geteilte Mailboxen verwendet wird. Wir zeigen Ihnen solche Fälle und deren Lösungen. Und natürlich erklären wir Ihnen das neue Lizenzmodell.
Nehmen Sie an diesem Webinar teil, bei dem HCL-Ambassador Marc Thomas und Gastredner Franz Walder Ihnen diese neue Welt näherbringen. Es vermittelt Ihnen die Tools und das Know-how, um den Überblick zu bewahren. Sie werden in der Lage sein, Ihre Kosten durch eine optimierte Domino-Konfiguration zu reduzieren und auch in Zukunft gering zu halten.
Diese Themen werden behandelt
- Reduzierung der Lizenzkosten durch Auffinden und Beheben von Fehlkonfigurationen und überflüssigen Konten
- Wie funktionieren CCB- und CCX-Lizenzen wirklich?
- Verstehen des DLAU-Tools und wie man es am besten nutzt
- Tipps für häufige Problembereiche, wie z. B. Team-Postfächer, Funktions-/Testbenutzer usw.
- Praxisbeispiele und Best Practices zum sofortigen Umsetzen
Taking AI to the Next Level in Manufacturing.pdfssuserfac0301
Read Taking AI to the Next Level in Manufacturing to gain insights on AI adoption in the manufacturing industry, such as:
1. How quickly AI is being implemented in manufacturing.
2. Which barriers stand in the way of AI adoption.
3. How data quality and governance form the backbone of AI.
4. Organizational processes and structures that may inhibit effective AI adoption.
6. Ideas and approaches to help build your organization's AI strategy.
AI 101: An Introduction to the Basics and Impact of Artificial IntelligenceIndexBug
Imagine a world where machines not only perform tasks but also learn, adapt, and make decisions. This is the promise of Artificial Intelligence (AI), a technology that's not just enhancing our lives but revolutionizing entire industries.
Unlocking Productivity: Leveraging the Potential of Copilot in Microsoft 365, a presentation by Christoforos Vlachos, Senior Solutions Manager – Modern Workplace, Uni Systems
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?Speck&Tech
ABSTRACT: A prima vista, un mattoncino Lego e la backdoor XZ potrebbero avere in comune il fatto di essere entrambi blocchi di costruzione, o dipendenze di progetti creativi e software. La realtà è che un mattoncino Lego e il caso della backdoor XZ hanno molto di più di tutto ciò in comune.
Partecipate alla presentazione per immergervi in una storia di interoperabilità, standard e formati aperti, per poi discutere del ruolo importante che i contributori hanno in una comunità open source sostenibile.
BIO: Sostenitrice del software libero e dei formati standard e aperti. È stata un membro attivo dei progetti Fedora e openSUSE e ha co-fondato l'Associazione LibreItalia dove è stata coinvolta in diversi eventi, migrazioni e formazione relativi a LibreOffice. In precedenza ha lavorato a migrazioni e corsi di formazione su LibreOffice per diverse amministrazioni pubbliche e privati. Da gennaio 2020 lavora in SUSE come Software Release Engineer per Uyuni e SUSE Manager e quando non segue la sua passione per i computer e per Geeko coltiva la sua curiosità per l'astronomia (da cui deriva il suo nickname deneb_alpha).
5. High Availability Focus
Keep apps and services running in a performant,
reliable and recoverable manner with timely error
detection
1. Application Instances
2. Platform Processes
3. Platform VMs
4. Availability Zones
Keep Cloud Foundry running in a performant, reliable
and recoverable manner with timely error detection
6. HA Deployments
Data Center Data Center
vs
Single Foundation
Deployment
Dual Foundation
Deployment
Data Center
AZ AZ
RDS
7. WHAT IF I TOLD YOU
IT’S POSSIBLE TO SANELY
STREACH LAYER 2
8. User Targets
myapp.mycf.com
DNS
Resolution
NSX Boundary NSX Boundary
VIP VIP
SSL Termination
SSL Termination
DNS Global Traffic Management (GTM)
HA ProxyHA Proxy
LTM ApplianceLTM Appliance
HA ProxyHA Proxy
LTM Appliance LTM Appliance
14. HA Deployments
Data Center Data Center
vs
Single Foundation
Deployment
Dual Foundation
Deployment
Data Center
AZ AZ
RDS
15. Customer Requirements
• AWS with One VPC
• Specific IP Ranges
• Using their internal corporate DNS
• no ELBs or Route 53 due to security setup
• Multiple Deployments of Cloud Foundry
• Availability Requirements:
• App uptime
• Failure matrix for downtime situations 15
16. 16
HA Proxy HA Proxy
Bind DNS
CF Router CF Router
HA Proxy HA ProxySSL Termination
17. Who does the deployment need to
be highly available for?
• Users
17
• Developers
• Operations
18. Any non-critical jobs?
• clock_global
• used to clean up cc jobs.
• Rely on Resurrector?
• Redeploy to a different AZ by changing
the resource_pool
18
21. Caveats with this design
• Single points of failure?
• DNS
• Bosh
• Jumpbox
• Human interaction required in outage
• Bind DNS does not do health monitoring.
Monitoring scripts were outside the scope
of the engagement. 21
22. 22
AZ 2 Private Subnet
Customer
Managed
Interstate Data
Center
VPC
10.202.64.0/19
AZ 1 Private Subnet Bosh Subnet
jumpbox
CF SG
Direct
connect
Bosh SG
login
uaa
bosh
router
dea cc
natshealth etcd
doppler
cc
worker
loggregator
traffic
controller
clock
RDS Subnet
RDS SG
boshdb
uaadb
ccdb
apps
manager
router
bind dns
Customer Managed
NAT
bastion
ha
Proxy
ha
Proxy
ha
Proxy
ha
Proxy
router
router
login
uaadea cc
natshealth etcd
doppler
cc
worker
loggregator
traffic
controller
AZ 1
AZ 2
23. How We Deployed Services
• Proxy is a Single Point of
Failure
• No Load Balancer to use
• Acceptable by customer in
failure matrix 23
Proxy Server
Server
App
Proxy
Proxy
24. Best Practices for Services
24
• By Default the service
binding uses the first
proxy address only
Proxy
Proxy Server
Server
Server
App
Load
Balancer
25. Which Deployment
25
Data Center Data Center
Dual Foundation
Deployment
Single Foundation
Dual AZs
Data Center
Single Foundation
Single DC
Data Center
AZ AZ
RDS
30. Restrict Containers
• Cloud Foundry
• Application Security Groups
• dea network properties
• (allow_networks, deny_networks)
30
31. Pivotal Cloud Foundry for AWS 1.4
31
VPC
10.0.0.0/16
RDS Subnet
Private Subnet
Public
Subnet
Ops
Manager
Elastic Runtime SG
ELB
Internet
Gateway
NAT SG
Ops Manager SG
RDS SG
login
uaa micro
router
vpc
all
NAT
restricted ip
80, 443, 22*
dea
Common traffic flow
sg allow rules
cc
natshealth etcd
doppler
cc
worker
loggregator
traffic
controller
clock
boshdbuaadb ccdb
apps
manager
db
autoscaling
ELB SG
80?,443
vpc
all
vpc
all
was it just DEAs that used NAT?
32. Limit Scope if Compromised
• Different user/pass for each component
• Strong passwords (and usernames)
• 20 Characters Long
• RANDOM
• Both Cases
• best avoid special characters
• eg: YxLIodYrUBQJrvMRYSQL
• Avoid cloud cow 32
http://vanmethod.deviantart.com/art/Purple-‐Cow-‐on-‐a-‐Cloud-‐146265642
33. Limit Scope if Compromised
33
Runner
UAA
Login
uaadb
mySql App
Data
34. Post Breach Security Measures
• Roll
• AWS Credentials
• Username and password (Manifest)
• PEMs
• Investigate:
• Vm Logs (stored in Splunk / CloudWatch Logs)
• Bosh and Login Audit Trail
• Isolate the VM for investigation
• Resurrector will resurrect a non compromised VM
• Feedback:
• Incident Reports and Management Support 34
35. Paranoid Level Security for AWS
• Cloudtrail
• Alerts
• Audit Logs
• Rollback’
• Remove ability to delete
• s3 buckets
• subnets / vpc
• backups
• Everything else can be recovered from a backup… 35
43. Restoring Bosh With PCF
Export
Configuration Import
Configuration
:/var/tempest/workspaces/default/deployments/micro
BOSH
Director
+ bosh.yml
44. Restoring Bosh Manually
BOSH
BOSH DB
bosh.yml
pg_dump /var/vcap/store
/dev/xvda
/dev/sdb
/dev/sdf
Volume:
BOSH DB
External MySQL
Blobstore
45. Critical Databases
Backup Cloud Controller DB Encryption Credentials
Locate Databases Info From Deployment Manifest
bosh download manifest cf-c700aee17d9f801eb152 cfmanifest.yml