Simplifying Your IT Workflow with Katello and ForemanNikhil Kathole
This document discusses how Foreman and Katello can simplify IT workflows by managing infrastructure lifecycles, contents, and configurations. Foreman allows provisioning of various environments and operating systems. Katello adds content management capabilities like repositories and package updates. Ansible roles can be deployed and scheduled through Foreman for configuration management. OpenSCAP is also integrated for security compliance and vulnerability assessments. The presenter takes questions at the end on using Foreman and its future integrations.
This document provides an overview of how Foreman can be used to provision and manage puppet nodes. It discusses how Foreman provisions nodes via PXE boot, images, or virtual machines. It also describes how Foreman acts as a central node classifier and stores variables, parameters and classes. The document then reviews how to install and configure Foreman, including setting up Puppet, PostgreSQL, TFTP, DHCP and more using the Foreman installer. It concludes with instructions on installing Puppet and a offer to answer additional questions.
This document discusses integrating Ansible with Foreman for end-to-end automation. It covers deploying and using Ansible roles through Foreman, Ansible Rex templates, using AWX for dynamic inventory and provisioning callbacks, and Foreman Ansible modules.
The document discusses routed networks in OpenStack Neutron. It describes how routed networks implement layer 3 connectivity while allowing scalability by associating subnets to network segments. Key points include new Neutron APIs for segments and ports in routed networks, integration with the Nova scheduler, and options for implementing distributed virtual routing with features like floating IPs, multiple availability zones, and BGP routing.
OpenStack DevStack Install - 2부 (Multi-nodes)Ian Choi
OLC 온라인 강좌 중 DevStack에 대한 두 번째 자료입니다.
( URL: http://olc.kr/course/course_online_view.jsp?id=480&cid=523 )
DevStack은 OpenStack을 실제 구성하는 대신, 개발 및 테스트 용도로 쉽게 설치 가능한 스크립트입니다.
2부에서는 Multi-nodes 모드 설치 과정을 설명하며, Icehouse Release 기반의 실습 내용을 포함하였습니다.
Cilium - Bringing the BPF Revolution to Kubernetes Networking and SecurityThomas Graf
BPF is one of the fastest emerging technologies of the Linux kernel. The talk provides an introduction to Cilium which brings the powers of BPF to Kubernetes and other orchestration systems to provide highly scalable and efficient networking, security and load balancing for containers and microservices. The talk will provide an introduction to the capabilities of Cilium today but also deep dives into the emerging roadmap involving networking at the socket layer and service mesh datapath capabilities to provide highly efficient connectivity between cloud native apps and sidecar proxies.
In this talk, Vladi looks at the new Volume encryption option (due in CloudStack 4.18). He presents the new ability to use encrypted root and data volumes on different storage types, the benefits and the current limitations of the implementation.
Vladimir Petrov is a QA engineer with more than 20 years of experience in the IT field. He is using and testing Apache CloudStack for almost 3 years now. Currently working as a QA Engineer in ShapeBlue.
-----------------------------------------
CloudStack Collaboration Conference 2022 took place on 14th-16th November in Sofia, Bulgaria and virtually. The day saw a hybrid get-together of the global CloudStack community hosting 370 attendees. The event hosted 43 sessions from leading CloudStack experts, users and skilful engineers from the open-source world, which included: technical talks, user stories, new features and integrations presentations and more.
Simplifying Your IT Workflow with Katello and ForemanNikhil Kathole
This document discusses how Foreman and Katello can simplify IT workflows by managing infrastructure lifecycles, contents, and configurations. Foreman allows provisioning of various environments and operating systems. Katello adds content management capabilities like repositories and package updates. Ansible roles can be deployed and scheduled through Foreman for configuration management. OpenSCAP is also integrated for security compliance and vulnerability assessments. The presenter takes questions at the end on using Foreman and its future integrations.
This document provides an overview of how Foreman can be used to provision and manage puppet nodes. It discusses how Foreman provisions nodes via PXE boot, images, or virtual machines. It also describes how Foreman acts as a central node classifier and stores variables, parameters and classes. The document then reviews how to install and configure Foreman, including setting up Puppet, PostgreSQL, TFTP, DHCP and more using the Foreman installer. It concludes with instructions on installing Puppet and a offer to answer additional questions.
This document discusses integrating Ansible with Foreman for end-to-end automation. It covers deploying and using Ansible roles through Foreman, Ansible Rex templates, using AWX for dynamic inventory and provisioning callbacks, and Foreman Ansible modules.
The document discusses routed networks in OpenStack Neutron. It describes how routed networks implement layer 3 connectivity while allowing scalability by associating subnets to network segments. Key points include new Neutron APIs for segments and ports in routed networks, integration with the Nova scheduler, and options for implementing distributed virtual routing with features like floating IPs, multiple availability zones, and BGP routing.
OpenStack DevStack Install - 2부 (Multi-nodes)Ian Choi
OLC 온라인 강좌 중 DevStack에 대한 두 번째 자료입니다.
( URL: http://olc.kr/course/course_online_view.jsp?id=480&cid=523 )
DevStack은 OpenStack을 실제 구성하는 대신, 개발 및 테스트 용도로 쉽게 설치 가능한 스크립트입니다.
2부에서는 Multi-nodes 모드 설치 과정을 설명하며, Icehouse Release 기반의 실습 내용을 포함하였습니다.
Cilium - Bringing the BPF Revolution to Kubernetes Networking and SecurityThomas Graf
BPF is one of the fastest emerging technologies of the Linux kernel. The talk provides an introduction to Cilium which brings the powers of BPF to Kubernetes and other orchestration systems to provide highly scalable and efficient networking, security and load balancing for containers and microservices. The talk will provide an introduction to the capabilities of Cilium today but also deep dives into the emerging roadmap involving networking at the socket layer and service mesh datapath capabilities to provide highly efficient connectivity between cloud native apps and sidecar proxies.
In this talk, Vladi looks at the new Volume encryption option (due in CloudStack 4.18). He presents the new ability to use encrypted root and data volumes on different storage types, the benefits and the current limitations of the implementation.
Vladimir Petrov is a QA engineer with more than 20 years of experience in the IT field. He is using and testing Apache CloudStack for almost 3 years now. Currently working as a QA Engineer in ShapeBlue.
-----------------------------------------
CloudStack Collaboration Conference 2022 took place on 14th-16th November in Sofia, Bulgaria and virtually. The day saw a hybrid get-together of the global CloudStack community hosting 370 attendees. The event hosted 43 sessions from leading CloudStack experts, users and skilful engineers from the open-source world, which included: technical talks, user stories, new features and integrations presentations and more.
Full Stack Automation with Katello & The ForemanWeston Bassler
This document summarizes a presentation about FullStackAutomationwithKatelloandForeman. It introduces the presenters Justin Miller and Weston Bassler and their backgrounds. The presentation covers the Foreman project, Katello project, and how they work together. Foreman is an open source tool for provisioning, configuring, and managing servers. Katello adds content management capabilities like repositories and subscriptions. The document outlines key features of provisioning, configuration, repositories, subscriptions, and more. It includes links to demo videos showcasing functions like host discovery, bulk actions, and Docker integration.
Openstack Neutron, interconnections with BGP/MPLS VPNsThomas Morin
This document discusses the Openstack Neutron networking-bgpvpn project, which provides a Neutron API and service plugin that allows tenants to interconnect their Openstack networks and routers with BGP/MPLS VPNs. The API exposes constructs like BGPVPNs, network associations, and router associations. It works with drivers for Neutron/OVS, OpenDaylight, OpenContrail, and others. The goal is to provide a common way for tenants to control interconnections in a controller-agnostic manner. The project is part of Openstack and OPNFV, and provides a model for integrating telco functionality into Openstack.
KVM High Availability Regardless of Storage - Gabriel Brascher, VP of Apache ...ShapeBlue
Having High Availability enabled for KVM Hosts can improve greatly the QoS by handling (fence/recover) a problematic Host as well as re-starting its stopped VMs on healthy hosts. However, there is a limitation on CloudStack HA for KVM; it relies mainly on NFS heartbeat script checks. This Talk illustrates how CloudStack HA works for KVM hosts and it presents a way of improving its implementation in a way that KVM HA works with any storage system pluggable on KVM, not just NFS.
About Gabriel Brasher - https://blogs.apache.org/cloudstack/
------------------------------------------
CloudStack European User Group Virtual happened on May 27th. The first CSEUG Virtual proved to be a huge success. It collected people from 23 countries – Germany, the United Kingdom, Switzerland, India, Bulgaria, Greece, Poland, Serbia, Brazil, Chile, Russia, USA, Canada, Japan, France, Uruguay, Korea …
We also had a record number of registrations and attendees for a CloudStack User Group Event. The physical distance was not a stopper for our speakers, who joined the event from 6 different countries.
------------------------------------------
About CloudStack: https://cloudstack.apache.org/
This presentation features a walk through the Linux kernel networking stack covering the essentials and recent developments a developer needs to know. Our starting point is the network card driver as it feeds a packet into the stack. We will follow the packet as it traverses through various subsystems such as packet filtering, routing, protocol stacks, and the socket layer. We will pause here and there to look into concepts such as segmentation offloading, TCP small queues, and low latency polling. We will cover APIs exposed by the kernel that go beyond use of write()/read() on sockets and will look into how they are implemented on the kernel side.
An in depth overview of Kubernetes and it's various components.
NOTE: This is a fixed version of a previous presentation (a draft was uploaded with some errors)
Linux host orchestration with Foreman, Puppet and GitlabBen Tullis
A brief look at the Foreman host lifecycle management system, beginning with its rapid provisioning features and moving onto its integration with the Puppet configuration management system.
GItlab is introduced to the mix and an example is given of how it can be integrated with Forman and Puppet to form an on-premise configuration versioning component. This configuration, which builds upon the Puppet multiple environments feature, is currently being employed in the task of building a test-driven continuous delivery system for the OpenCorporates project.
Provide network interconnections between Openstack clouds/regions ?
Neutron offers floating IPs and IPSec VPNaaS. However this is not always good enough: sometimes network isolation is needed, but without the the overhead of IPSec encryption.
How to avoid putting the burden on an orchestrator ?
Solutions exist to create interconnections in ways specific to each overlay technology or SDN backends, but they require central coordination via an orchestrator (not always easy), and sometimes also the provisioing of network devices (not always simple).
"Neutron talking to Neutron"
This presentation exposes a solution developed in the Neutron project, where tenants define their network interconnection needs across regions or clouds, and Neutron components in the different regions coordinate together to setup these private isolated interconnections. Without orchestration nor network device configuration.
Prow, a system developed of Kubernetes, by Kubernetes, and for Kubernetes is an indispensable unit of Kubernetes test infra project. With a plethora of plugins, it handles GitHub events and commands for Kubernetes enabling oodles of testing on the order of 10000 jobs per day covering everything from build and unit tests to end-to-end testing on real clusters deployed from source all the way up to ~5000 nodes. This presentation takes an example-driven approach to introduce Prow, the benefits of using it and integrating it with your project.
This document provides an overview of Ansible, an open source tool for configuration management and application deployment. It discusses how Ansible aims to simplify infrastructure automation tasks through a model-driven approach without requiring developers to learn DevOps tools. Key points:
- Ansible uses YAML playbooks to declaratively define server configurations and deployments in an idempotent and scalable way.
- It provides ad-hoc command execution and setup facts gathering via SSH. Playbooks can target groups of servers to orchestrate complex multi-server tasks.
- Variables, templates, conditionals allow playbooks to customize configurations for different environments. Plugins support integration with cloud, monitoring, messaging tools.
- Ansible aims to reduce complexity compared
Podman is an open source tool for managing OCI containers and container images. It allows users to find, run, build, share and deploy applications using containers. Some key points about Podman include:
- It is daemonless, secure, and designed for Linux containers.
- Podman manages the entire container lifecycle from creation to deletion. It handles mounting, networking, and the container runtime.
- When running a container, Podman generates an OCI specification, pulls the image if needed, configures networking using Netavark, and uses Conmon to monitor the container process.
- Podman 4 introduced a new network stack based on Netavark and Aardvark-dns
Linux offers an extensive selection of programmable and configurable networking components from traditional bridges, encryption, to container optimized layer 2/3 devices, link aggregation, tunneling, several classification and filtering languages all the way up to full SDN components. This talk will provide an overview of many Linux networking components covering the Linux bridge, IPVLAN, MACVLAN, MACVTAP, Bonding/Team, OVS, classification & queueing, tunnel types, hidden routing tricks, IPSec, VTI, VRF and many others.
This document provides an overview of OpenStack APIs and the WSGI (Web Server Gateway Interface) that powers them. It begins with an introduction to WSGI and how OpenStack services are implemented as WSGI applications. It then demonstrates how the OpenStack APIs can be accessed via libraries like novaclient or directly with HTTP requests. Code examples are provided showing how to authenticate against Keystone and retrieve images using urllib2. The document concludes with explanations of how WSGI, WebOb, and Paste are used to implement the OpenStack "web stack".
Kubernetes Helm makes application deployment easy, standardized and reusable. Use of Kubernetes Helm leads to better developer productivity, reduced Kubernetes deployment complexity and enhanced enterprise production readiness.
Enterprises using Kubernetes Helm can speed up the adoption of cloud native applications. These applications can be sourced from open-source community provided repositories, or from an organization’s internal repository of customized application blueprints.
Developers can use Kubernetes Helm as a vehicle for packaging their applications and sharing them with the Kubernetes community. Kubernetes Helm also allows software vendors to offer their containerized applications at “the push of a button.” Through a single command or a few mouse clicks, users can install Kubernetes apps for dev-test or production environments.
alphorm.com - Formation Linux LPIC-1/Comptia Linux+Alphorm
La formation complète est disponible ici:
http://www.alphorm.com/tutoriel/formation-en-ligne-linux-lpic-1-comptia-linuxplus
Le Linux Professionnal Institute (LPI) a été créé en vue d’apporter un processus reconnu, identifiant et certifiant le talent et les compétences des utilisateurs GNU/Linux partout dans le monde.
La LPIC est aujourd’hui la certification la plus demandée dans le monde de l’Open Source. Indépendante de toute distribution Linux, la certification LPI est devenue dans la pratique une certification incontournable pour qui veut évaluer ses compétences dans l’administration Linux.
L'expert de l’Open Source Noël Macé vous accompagne durant cette première formation afin d’acquérir votre LPIC-1. La LPIC-1 vous permet d'acquérir et maîtriser les bases de l’administration système sous GNU/Linux.
Cette même formation vous permettra également de valider les connaissances exigées par la certification Comptia Linux+ et ainsi la réussir.
Deploying CloudStack and Ceph with flexible VXLAN and BGP networking ShapeBlue
1) The document discusses using VXLAN, BGP and EVPN to implement a layer 3 network for a cloud deployment using Ceph and CloudStack. This allows scaling beyond the limits of layer 2 networks and VLANs.
2) Key infrastructure components discussed include Dell S5232F-ON switches running Cumulus Linux, SuperMicro hypervisors and Ceph storage servers using NVMe SSDs.
3) The deployment provides high performance private and public cloud infrastructure with scalable networking and over 650TB of reliable Ceph storage per rack.
OpenNebula, the foreman and CentOS play nice, tooinovex GmbH
This document discusses setting up a private cloud using OpenNebula and the Foreman. It begins with an introduction and agenda. It then covers installing CentOS, setting up a local YUM repository using Pulp, installing the Foreman for bare metal provisioning, and using Puppet modules. It demonstrates deploying OpenNebula nodes using the Foreman and provides an overview of accessing the new cloud. It notes there are some rough edges to address but the modules are minor. It concludes by thanking the audience and providing contact information.
This document provides an overview of common Kubernetes concepts including clusters, namespaces, nodes, pods, services, deployments, horizontal pod autoscaling, ingress, persistent volume claims, configmaps, statefulsets, jobs, cronjobs, monitoring, and logging. It also discusses best practices for deploying applications on Kubernetes including using deployments instead of regular pods, validating Helm upgrades, and monitoring for CPU throttling issues.
Full Stack Automation with Katello & The ForemanWeston Bassler
This document summarizes a presentation about FullStackAutomationwithKatelloandForeman. It introduces the presenters Justin Miller and Weston Bassler and their backgrounds. The presentation covers the Foreman project, Katello project, and how they work together. Foreman is an open source tool for provisioning, configuring, and managing servers. Katello adds content management capabilities like repositories and subscriptions. The document outlines key features of provisioning, configuration, repositories, subscriptions, and more. It includes links to demo videos showcasing functions like host discovery, bulk actions, and Docker integration.
Openstack Neutron, interconnections with BGP/MPLS VPNsThomas Morin
This document discusses the Openstack Neutron networking-bgpvpn project, which provides a Neutron API and service plugin that allows tenants to interconnect their Openstack networks and routers with BGP/MPLS VPNs. The API exposes constructs like BGPVPNs, network associations, and router associations. It works with drivers for Neutron/OVS, OpenDaylight, OpenContrail, and others. The goal is to provide a common way for tenants to control interconnections in a controller-agnostic manner. The project is part of Openstack and OPNFV, and provides a model for integrating telco functionality into Openstack.
KVM High Availability Regardless of Storage - Gabriel Brascher, VP of Apache ...ShapeBlue
Having High Availability enabled for KVM Hosts can improve greatly the QoS by handling (fence/recover) a problematic Host as well as re-starting its stopped VMs on healthy hosts. However, there is a limitation on CloudStack HA for KVM; it relies mainly on NFS heartbeat script checks. This Talk illustrates how CloudStack HA works for KVM hosts and it presents a way of improving its implementation in a way that KVM HA works with any storage system pluggable on KVM, not just NFS.
About Gabriel Brasher - https://blogs.apache.org/cloudstack/
------------------------------------------
CloudStack European User Group Virtual happened on May 27th. The first CSEUG Virtual proved to be a huge success. It collected people from 23 countries – Germany, the United Kingdom, Switzerland, India, Bulgaria, Greece, Poland, Serbia, Brazil, Chile, Russia, USA, Canada, Japan, France, Uruguay, Korea …
We also had a record number of registrations and attendees for a CloudStack User Group Event. The physical distance was not a stopper for our speakers, who joined the event from 6 different countries.
------------------------------------------
About CloudStack: https://cloudstack.apache.org/
This presentation features a walk through the Linux kernel networking stack covering the essentials and recent developments a developer needs to know. Our starting point is the network card driver as it feeds a packet into the stack. We will follow the packet as it traverses through various subsystems such as packet filtering, routing, protocol stacks, and the socket layer. We will pause here and there to look into concepts such as segmentation offloading, TCP small queues, and low latency polling. We will cover APIs exposed by the kernel that go beyond use of write()/read() on sockets and will look into how they are implemented on the kernel side.
An in depth overview of Kubernetes and it's various components.
NOTE: This is a fixed version of a previous presentation (a draft was uploaded with some errors)
Linux host orchestration with Foreman, Puppet and GitlabBen Tullis
A brief look at the Foreman host lifecycle management system, beginning with its rapid provisioning features and moving onto its integration with the Puppet configuration management system.
GItlab is introduced to the mix and an example is given of how it can be integrated with Forman and Puppet to form an on-premise configuration versioning component. This configuration, which builds upon the Puppet multiple environments feature, is currently being employed in the task of building a test-driven continuous delivery system for the OpenCorporates project.
Provide network interconnections between Openstack clouds/regions ?
Neutron offers floating IPs and IPSec VPNaaS. However this is not always good enough: sometimes network isolation is needed, but without the the overhead of IPSec encryption.
How to avoid putting the burden on an orchestrator ?
Solutions exist to create interconnections in ways specific to each overlay technology or SDN backends, but they require central coordination via an orchestrator (not always easy), and sometimes also the provisioing of network devices (not always simple).
"Neutron talking to Neutron"
This presentation exposes a solution developed in the Neutron project, where tenants define their network interconnection needs across regions or clouds, and Neutron components in the different regions coordinate together to setup these private isolated interconnections. Without orchestration nor network device configuration.
Prow, a system developed of Kubernetes, by Kubernetes, and for Kubernetes is an indispensable unit of Kubernetes test infra project. With a plethora of plugins, it handles GitHub events and commands for Kubernetes enabling oodles of testing on the order of 10000 jobs per day covering everything from build and unit tests to end-to-end testing on real clusters deployed from source all the way up to ~5000 nodes. This presentation takes an example-driven approach to introduce Prow, the benefits of using it and integrating it with your project.
This document provides an overview of Ansible, an open source tool for configuration management and application deployment. It discusses how Ansible aims to simplify infrastructure automation tasks through a model-driven approach without requiring developers to learn DevOps tools. Key points:
- Ansible uses YAML playbooks to declaratively define server configurations and deployments in an idempotent and scalable way.
- It provides ad-hoc command execution and setup facts gathering via SSH. Playbooks can target groups of servers to orchestrate complex multi-server tasks.
- Variables, templates, conditionals allow playbooks to customize configurations for different environments. Plugins support integration with cloud, monitoring, messaging tools.
- Ansible aims to reduce complexity compared
Podman is an open source tool for managing OCI containers and container images. It allows users to find, run, build, share and deploy applications using containers. Some key points about Podman include:
- It is daemonless, secure, and designed for Linux containers.
- Podman manages the entire container lifecycle from creation to deletion. It handles mounting, networking, and the container runtime.
- When running a container, Podman generates an OCI specification, pulls the image if needed, configures networking using Netavark, and uses Conmon to monitor the container process.
- Podman 4 introduced a new network stack based on Netavark and Aardvark-dns
Linux offers an extensive selection of programmable and configurable networking components from traditional bridges, encryption, to container optimized layer 2/3 devices, link aggregation, tunneling, several classification and filtering languages all the way up to full SDN components. This talk will provide an overview of many Linux networking components covering the Linux bridge, IPVLAN, MACVLAN, MACVTAP, Bonding/Team, OVS, classification & queueing, tunnel types, hidden routing tricks, IPSec, VTI, VRF and many others.
This document provides an overview of OpenStack APIs and the WSGI (Web Server Gateway Interface) that powers them. It begins with an introduction to WSGI and how OpenStack services are implemented as WSGI applications. It then demonstrates how the OpenStack APIs can be accessed via libraries like novaclient or directly with HTTP requests. Code examples are provided showing how to authenticate against Keystone and retrieve images using urllib2. The document concludes with explanations of how WSGI, WebOb, and Paste are used to implement the OpenStack "web stack".
Kubernetes Helm makes application deployment easy, standardized and reusable. Use of Kubernetes Helm leads to better developer productivity, reduced Kubernetes deployment complexity and enhanced enterprise production readiness.
Enterprises using Kubernetes Helm can speed up the adoption of cloud native applications. These applications can be sourced from open-source community provided repositories, or from an organization’s internal repository of customized application blueprints.
Developers can use Kubernetes Helm as a vehicle for packaging their applications and sharing them with the Kubernetes community. Kubernetes Helm also allows software vendors to offer their containerized applications at “the push of a button.” Through a single command or a few mouse clicks, users can install Kubernetes apps for dev-test or production environments.
alphorm.com - Formation Linux LPIC-1/Comptia Linux+Alphorm
La formation complète est disponible ici:
http://www.alphorm.com/tutoriel/formation-en-ligne-linux-lpic-1-comptia-linuxplus
Le Linux Professionnal Institute (LPI) a été créé en vue d’apporter un processus reconnu, identifiant et certifiant le talent et les compétences des utilisateurs GNU/Linux partout dans le monde.
La LPIC est aujourd’hui la certification la plus demandée dans le monde de l’Open Source. Indépendante de toute distribution Linux, la certification LPI est devenue dans la pratique une certification incontournable pour qui veut évaluer ses compétences dans l’administration Linux.
L'expert de l’Open Source Noël Macé vous accompagne durant cette première formation afin d’acquérir votre LPIC-1. La LPIC-1 vous permet d'acquérir et maîtriser les bases de l’administration système sous GNU/Linux.
Cette même formation vous permettra également de valider les connaissances exigées par la certification Comptia Linux+ et ainsi la réussir.
Deploying CloudStack and Ceph with flexible VXLAN and BGP networking ShapeBlue
1) The document discusses using VXLAN, BGP and EVPN to implement a layer 3 network for a cloud deployment using Ceph and CloudStack. This allows scaling beyond the limits of layer 2 networks and VLANs.
2) Key infrastructure components discussed include Dell S5232F-ON switches running Cumulus Linux, SuperMicro hypervisors and Ceph storage servers using NVMe SSDs.
3) The deployment provides high performance private and public cloud infrastructure with scalable networking and over 650TB of reliable Ceph storage per rack.
OpenNebula, the foreman and CentOS play nice, tooinovex GmbH
This document discusses setting up a private cloud using OpenNebula and the Foreman. It begins with an introduction and agenda. It then covers installing CentOS, setting up a local YUM repository using Pulp, installing the Foreman for bare metal provisioning, and using Puppet modules. It demonstrates deploying OpenNebula nodes using the Foreman and provides an overview of accessing the new cloud. It notes there are some rough edges to address but the modules are minor. It concludes by thanking the audience and providing contact information.
This document provides an overview of common Kubernetes concepts including clusters, namespaces, nodes, pods, services, deployments, horizontal pod autoscaling, ingress, persistent volume claims, configmaps, statefulsets, jobs, cronjobs, monitoring, and logging. It also discusses best practices for deploying applications on Kubernetes including using deployments instead of regular pods, validating Helm upgrades, and monitoring for CPU throttling issues.
An introduction about DRLM (Disaster Recovery Linux Manager) features, news and a complete workshop on DR management with ReaR and DRLM.
DRLM Project Intro: will explain the following items:
- What is DRLM ?
- DRLM Short History
- DRLM Features
- News on version 2.1.0
- How to contribute ?
Workshop: will provide the opportunity to dig into topics relevant to real DR needs and to get your questions/doubts answered
- How to set up DRLM
- DRLM Operations (manage networks, clients, backups, jobs, import/export dr images)
- Best Practices
- Questions & Answers
Workshop instructions: https://github.com/brainupdaters/fosdem17_workshop
This document discusses automating the provisioning of Hadoop clusters using Ansible and Cobbler. It describes wanting to automate all tasks for installing and configuring hardware, operating systems, and cluster software in order to easily scale clusters and experiment with different configurations. The solution presented uses Cobbler for machine configuration and OS installation and Ansible to automate all software installation and configuration tasks across nodes. Demo code is provided to show how nodes are added to Cobbler and Ansible configuration.
NRPE - Nagios Remote Plugin Executor. NRPE plugin for Nagios Core 4 and others.Marc Trimble
The NRPE documentation provides instructions for installing and configuring the Nagios Remote Plugin Executor (NRPE) to allow the Nagios monitoring system to check system resources on remote Linux/Unix machines. It describes installing the NRPE daemon on the remote host, along with Nagios plugins. It also covers installing the check_nrpe plugin on the Nagios monitoring host and configuring it to communicate with the NRPE daemon. Host and service definitions are created to define the remote machine and the specific system metrics that will be monitored, such as CPU load, disk usage, and number of users.
A Detailed Look At cassandra.yaml (Edward Capriolo, The Last Pickle) | Cassan...DataStax
Successfully running Apache Cassandra in production often means knowing what configuration settings to change and which ones to leave as default. Over the years the cassandra.yaml file has grown to provide a number of settings that can improve stability and performance. While the file contains plenty of helpful comments, there is more to be said about the settings and when to change them.
In this talk Edward Capriolo, Consultant at The Last Pickle, will break down the parameters in the configuration files. Looking at those that are essential to getting started, those that impact performance, those that improve availability, the exotic ones, and the ones that should not be played with. This talk is ideal for someone someone setting up Cassandra for the first time up to people with deployments in productions and wondering what the more exotic configuration options do.
About the Speaker
Edward Capriolo Consultant, The Last Pickle
Long time Apache Cassandra user, big data enthusiast.
The document discusses many challenges faced when adopting configuration management and DevOps practices. It argues that challenges are now less technical and more cultural, with unrealistic expectations from leadership, an overemphasis on automation over culture, and failure to consider operational aspects like monitoring. It advocates focusing on people over tools, improving code quality, and learning from past experiences rather than jumping to new technologies without understanding challenges already addressed.
Free radius billing server with practical vpn exmapleChanaka Lasantha
This document provides instructions for setting up a total site-to-site Linux-based OpenVPN solution with dynamic DNS (DDNS) in 3 pages. It includes steps to install and configure a DDNS client, FreeRADIUS server, MySQL database, OpenVPN server, firewall rules, and a web interface for managing the FreeRADIUS server. The full document contains technical details for installing packages, editing configuration files, testing the setup, and securing the system.
This document discusses tools for managing large scale computing environments: Cobbler, Puppet, and Func. Cobbler is a provisioning system that automates OS installation and configuration. Puppet is a configuration management tool that defines system configurations and ensures consistency. Func provides a Python API to manage systems, allowing them to be treated as Python objects. It includes modules to control services, run commands, and integrate with monitoring tools like Nagios. These tools help reduce complexity and enable consistent configuration of large numbers of systems.
Cobbler, Func and Puppet: Tools for Large Scale EnvironmentsMichael Zhang
This document discusses tools for managing large scale computing environments: Cobbler, Puppet, and Func. Cobbler is a provisioning system that automates OS installation and configuration. Puppet is a configuration management tool that defines system configurations and ensures consistency. Func provides a Python API to manage systems, allowing them to be treated as Python objects. It includes modules to control services, run commands, and integrate with monitoring tools like Nagios. These tools help reduce complexity and enable consistent configuration of large numbers of systems.
Install MariaDB on IBM i - Tips, troubleshooting, and moreRod Flohr
MariaDB is the new open source drop-in replacement for MySQL that has been adopted by IBM for use on Power Linux and IBM i. ZendDBi is the installer provided by Zend for installation of MariaDB on the IBM i. In this session we'll show how to use ZendDBi to install MariaDB and provide some important tips for post-installation. We'll also demonstrate troubleshooting some common installation issues. While most installations of MariaDB are trouble free, the troubleshooting procedures will give us a chance to understand a bit more about the operation of MariaDB on the IBM i. It'll also give us the opportunity to explore some concepts on IBM i that may not be familiar to some RPG programmers.
NML is a project for out-of-band server management that allows for extremely configurable OS installation with minimal human intervention. It aims to build an open-source matrix of server hardware and OS distribution combinations. The current status is that it is hosted on GitHub and has two main members. NML encapsulates intelligence in HTTP and uses technologies like iPXE, DHCP, and preseeding/kickstarting to remotely install and configure operating systems on servers. It focuses on flexibility and independence from specific OSes or hardware.
The document discusses kdump, a tool used to capture kernel crash dumps in Linux. It begins with an agenda that covers background information, an overview of kexec and kdump, installing and configuring kdump, using kdump on Xen guests, analyzing core dumps with crash, related bugs, and Q&A. The document provides information on how kdump works by using kexec to quickly boot a dump-capture kernel to preserve memory after a crash, how to configure kernels and install/configure kdump, and considerations for using kdump on Xen virtual machines.
Hands on Docker - Launch your own LEMP or LAMP stack - SunshinePHPDana Luther
In this tutorial we will go over setting up a standard LEMP stack for development use and learn how to modify it to mimic your production/pre-production environments as closely as possible. We will go over how to switch from Nginx to Apache, upgrade PHP versions and introduce additional storage engines such as Redis to the equation. We'll also step through how to run both unit and acceptance suites using headless Selenium images in the stack. Leave here fully confident in knowing that whatever environment you get thrown into, you can replicate it and work in it comfortably.
Building Apache Cassandra clusters for massive scaleAlex Thompson
Covering theory and operational aspects of bring up Apache Cassandra clusters - this presentation can be used as a field reference. Presented by Alex Thompson at the Sydney Cassandra Meetup.
While probably the most prominent, Docker is not the only tool for building and managing containers. Originally meant to be a "chroot on steroids" to help debug systemd, systemd-nspawn provides a fairly uncomplicated approach to work with containers. Being part of systemd, it is available on most recent distributions out-of-the-box and requires no additional dependencies.
This deck will introduce a few concepts involved in containers and will guide you through the steps of building a container from scratch. The payload will be a simple service, which will be automatically activated by systemd when the first request arrives.
RAC-Installing your First Cluster and DatabaseNikhil Kumar
RAC - Installing your First RAC
Abstract : Oracle Real Application Clusters have been one of the hottest technologies in the market since 2001 prior this is know OPS in 8i. Oracle has brought revolution in the field of database by enhancing RAC technologies in it each version. This presentation will give introduction of RAC and features introduced in each version of RAC. This presentation contains the demo of building Oracle clusterware from the scratch. Also we will discuss the new components and its features during installation. This presentation and demo will be done on version 11GR2. Which will be used as a base for our next presentation Viz. Upgradation of RAC 11GR2 to 12C RAC.
This presentation will give brief insight information of RAC infrastructure setup. Sometimes DBA doesn’t fully aware of prerequisite and verification steps that needs to perform before installing clusterware, So this session will cover thing to consider before installing clusterware and best practices followed during the whole process.
Agenda
Introduction of RAC
Installation of Clusterware.
Creating diskgroup / Adding disk to Diskgroup using ASMCA.
Creation of ACFS Volume.
Installation of RAC Database using DBCA.
DoS and DDoS mitigations with eBPF, XDP and DPDKMarian Marinov
The document compares eBPF, XDP and DPDK for packet inspection. It describes the speaker's experience using these tools to build a virtual machine that can handle 10Gbps of traffic and drop packets to mitigate DDoS attacks. It details how eBPF and XDP were able to achieve higher packet drop rates than iptables or a custom module. While DPDK could drop traffic at line rate, it required specialized hardware and expertise. Ultimately, XDP provided the best balance of performance, driver support and programmability using eBPF to drop millions of packets per second.
图文详解安装Net backup 6.5备份恢复oracle 10g rac 数据库maclean liu
This document describes how to install and configure NetBackup 6.5 to backup an Oracle 10g RAC database. It discusses installing NetBackup server software on a NAS host, defining storage units and backup policies, installing NetBackup client software and the Oracle agent on RAC nodes, and linking the Oracle homes. It also provides an example of using RMAN to backup the control file and archive logs to the NetBackup server.
Similar to Deploying Foreman in Enterprise Environments (20)
lldb kann mehr als nur einfache Breakpoints oder po. In dem Vortrag zeigt Oliver Bayer, wie sich mit Hilfe von lldb Programmcode zur Ausführungszeit manipulieren lässt, ohne das hierfür der Sourcecode anzupassen ist. Sei es, damit Test- oder Debugcode nicht in die produktiv App gelangt, oder weil der Sourcecode für einen Teil der App nicht vorliegt.
Event: macoun, 04.10.2019
Speaker: Oliver Bayer, inovex
Mehr Tech-Vorträge: inovex.de/vortraege
Mehr Tech-Artikel: inovex.de/blog
Are you sure about that?! Uncertainty Quantification in AIinovex GmbH
With the advent of Deep Learning (DL), the field of AI made a giant leap forward and it is nowadays applied in many industrial use-cases. Especially critical systems like autonomous driving, require that DL methods not only produce a prediction but also state the certainty about the prediction in order to assess risks and failure.
In my talk, I will give an introduction to different kinds of uncertainty, i.e. epistemic and aleatoric. To have a baseline for comparison, the classical method of Gaussian Processes for regression problems is presented. I then elaborate on different DL methods for uncertainty quantification like Quantile Regression, Monte-Carlo Dropout, and Deep Ensembles. The talk is concluded with a comparison of these techniques to Gaussian Processes and the current state of the art.
Speaker: Dr. Florian Wilhelm, Simon Bachstein, inovex
Event: PyCon/PyData Berlin 2019
Datum: 10.10.2019
Mehr Tech-Vorträge: inovex.de/vortraege
Mehr Tech-Artikel: inovex.de/blog
Why natural language is next step in the AI evolutioninovex GmbH
In 2010 ImageNet finally ended the AI winter and gave machines the sense of sight. Within the following years dramatic improvements in tasks such as image classification and object detection lead to innovations like face ID and autonomous driving. Recently, similar developments happened in the field of natural language. Using Attention mechanism and transformers tasks such as question answering and text summarization reached new benchmarks.
This talk will not only explain those, but point out how Transfer Learning and open source models such as Google Bert will open the field to new innovations in AI.
Speaker: Nico Kreiling, inovex
Event: AIxIA, 01.10.2019
Mehr Tech-Vorträge: inovex.de/vortraege
Mehr Tech-Artikel: inovex.de/blog
Die Worldwide Developers Conference (WWDC) ist eine von Apple jährlich durchgeführte Konferenz für Software-Entwickler (MacOS, iOS und WatchOS). Um die WWDC 2019 nochmal Revue passieren zu lassen, wurde beim Mobile Development Karlsruhe Meetup zu einer offenen Diskussionsrunde eingeladen. Die Slides fassen die für inovexler Philipp interessantesten Neuigkeiten der WWDC2019 zusammen und dienten beim Meetup als Diskussionsgrundlage.
Event: 9. Mobile Development Meetup (WWDC Edition)
Speaker: Philipp Wallrich, inovex
Datum: 17.06.2019
Mehr Tech-Vorträge: inovex.de/vortraege
Mehr Tech-Artikel: inovex.de/blog
Trust is good, control is better – A short story about Network Policies.
Abstract:
Probably everybody who uses Kubernetes in a productive environment with multiple users possibly has looked at policies. Often the operators of the cluster(s) just trust the policies but in some cases it might be useful to control if the policies actually have taken action and often there are just to many Policies in the cluster setup to manually test them all (and obviously you don’t want to do this). Testing the effectiveness of the Network Policies can be done in different approaches. In this talk we will show you the benefits and drawbacks of different approaches and what solution we finally chose. Also we will show you some other tools and how they complement our solution. As a takeaway you will get an overview of different testing strategies for policies, as well as understanding challenges in testing policies in general and the Kubernetes ecosystem.
Event: ContainerDays 2019
Datum: 26.06.2019
Speaker: Johannes M. Scheuermann, Maximilian Bischoff (beide inovex)
Mehr Tech-Vorträge: inovex.de/vortraege
Mehr Tech-Artikel: inovex.de/blog
Interpretierbarkeit von ML-Modellen hat die Zielsetzung, die Ursachen einer Prognose offenzulegen und eine daraus abgeleitete Entscheidung für einen Menschen nachvollziehbar zu erklären. Durch die Nachvollziehbarkeit von Prognosen lässt sich beispielsweise sicherstellen, dass deren Herleitung konsistent zum Domänenwissen eines Experten ist. Auch ein unfairer Bias lässt sich durch die Erklärung aussagekräftiger Beispiele identifizieren.
Prognosemodelle lassen sich grob in intrinsisch interpretierbare Modelle und nicht-interpretierbare (auch Blackbox-) Modelle unterscheiden. Intrinsisch interpretierbare Modelle sind dafür bekannt, dass sie für einen Menschen leicht nachvollziehbar sind. Ein typisches Beispiel für ein solches Modell ist der Entscheidungsbaum, dessen regelbasierter Entscheidungsprozess intuitiv und leicht zugänglich ist. Im Gegensatz dazu gelten Neuronale Netze als Blackbox-Modelle, deren Prognosen durch die komplexe Netzstruktur schwer nachvollziehbar sind.
In diesem Talk erläuterte Marcel Spitzer das Konzept von Interpretierbarkeit im Kontext von Machine Learning und stellte gängige Verfahren zur Interpretation von Modellen vor. Besonderen Fokus legte er dabei auf modellunabhängige Verfahren, die sich auch auf prognosestarke Blackbox-Modelle anwenden lassen.
Event: M3 Minds Mastering Machines
Speaker: Marcel Spitzer
Blog-Artikel: https://www.inovex.de/blog/machine-learning-interpretability/
Mehr Tech-Vorträge: inovex.de/vortraege
Mehr Tech-Artikel: inovex.de/blog
Jenkins X – CI/CD in wolkigen Umgebungeninovex GmbH
Das Ökosystem rund um Kubernetes wächst täglich. Insbesondere cloud-native Continuous-Deployment-Strategien stehen Hoch im Kurs und werden in diversen Open-Source-Projekten vorangetrieben. In einer Reihe von Evalutionen nimmt inovex diese Tools genauer unter die Lupe - den Anfang macht Jenkins X.
Jenkins X wurde im März 2018 veröffentlicht. Das Konzept hinter dem Tool ist primär, bestehende Teillösungen (Helm, Skaffold, Prow, Tekton) einzusetzen, um sie abstrahiert in ein Kommandozeilen-Interface zu packen. Der Vortrag beschreibt sowohl die klassische Architektur als auch den "Severless"-Ansatz. Des weiteren werden das Kommandozeilen-Tool "jx", der allgemeine Entwicklungs-Workflow sowie diverse Features vorgestellt.
Bei unseren Tests im Rahmen der Evaluation sind uns einige Stolpersteine aufgefallen. Es sind vor allem die vielen eingesetzten Dritt-Tools, die den Betrieb und den Upkeep eines mit Jenkins X erstellten Clusters verkomplizieren. Als Fazit stellen wir Jenkins X im Mai 2019 ein "befriedigend" aus und beobachten gespannt, wie sich das Tool in den kommmenden Monaten und Jahren weiterentwickeln wird.
Event: Talk4Nerds, 29.04.2019
Speaker: Simon Kienzler, Johannes M. Scheuermann (beide inovex)
Mehr Tech-Vorträge: inovex.de/vortraege
Mehr Tech-Artikel: inovex.de/blog
Neben dem großen Machine-Learning-Trend in der Cloud zeichnet sich zunehmend die Tendenz ab, bestimmte Aufgaben direkt auf Edge-Geräten auszuführen. Wir erkunden die Vorteile von Auswertungen direkt an der Quelle der Daten und die damit verbundenen Herausforderungen. Denn die Rechenleistung der Cloud steht uns hier leider nicht zur Verfügung.
Zur Lösung stehen uns verschiedene Hardwareoptionen wie CPUs, GPUs, FPGAs oder spezielle ASICs und Frameworks zur Verfügung, die wir am Beispiel von einem Convolutional Neural Network evaluieren. Dabei gibt es praktische Tipps und Erfahrungen aus realen Projekten sowie anschauliche Demos auf verschiedenen Hardwareplattformen.
Vorkenntnisse:
Vorkenntnisse über tiefe neuronale Netze sind von Vorteil.
Lernziele:
- Verständnis über die Vorteile von AI auf Edge-Geräten und den damit verbundenen Herausforderungen.
- Wissen über die verschiedenen Hard- und Softwarelösungen erlangen, um diese in eigenen Projekten einzusetzen.
Event: building IoT, 03.04.2019
Speaker: Dominik Helleberg, inovex
Mehr Tech-Vorträge: inovex.de/vortraege
Mehr Blog-Artikel: inovex.de/blog
This document discusses Prometheus on Kubernetes. It provides an overview of Prometheus and its ecosystem, including how it is used for service discovery on Kubernetes, collecting and storing metrics, ensuring high availability and scalability through sharding, and defining and alerting on service level agreements. It also covers instrumentation using exporters, the Prometheus query language PromQL, and components of the Prometheus ecosystem like Grafana and Alertmanager.
Recommender systems support the decision making processes of customers with personalized suggestions. These widely used systems influence the daily life of almost everyone across domains like ecommerce, social media, and entertainment. However, the efficient generation of relevant recommendations in large-scale systems is a very complex task. In order to provide personalization, engines and algorithms need to capture users’ varying tastes and find mostly nonlinear dependencies between them and a multitude of items. Enormous data sparsity and ambitious real-time requirements further complicate this challenge. At the same time, deep learning has been proven to solve complex tasks like object or speech recognition where traditional machine learning failed or showed mediocre performance.
Join Marcel Kurovski to explore a use case for vehicle recommendations at mobile.de, Germany’s biggest online vehicle market. Marcel shares a novel regularization technique for the optimization criterion and evaluates it against various baselines. To achieve high scalability, he combines this method with strategies for efficient candidate generation based on user and item embeddings—providing a holistic solution for candidate generation and ranking.
The proposed approach outperforms collaborative filtering and hybrid collaborative-content-based filtering by 73% and 143% for MAP@5. It also scales well for millions of items and users returning recommendations in tens of milliseconds.
Event: O'Reilly Artificial Intelligence Conference, New York, 18.04.2019
Speaker: Marcel Kurovski, inovex GmbH
Mehr Tech-Vorträge: inovex.de/vortraege
Mehr Tech-Artikel: inovex.de/blog
In seinem Meetup Talk berichtete Maximilian von den aktuellen Problemen von Cloud Computing – insbesondere im Internet of Things – und wie diese durch Edge Computing mitigiert werden können. Er erklärte, wie eine generische Edge-Computing-Architektur aussehen kann und zeigte Anwendungsfälle, von denen manche auch schon in existierenden Produkten umgesetzt sind.
Im Anschluss stellte er Azure IoT Edge vor und erläuterte, wie es das bestehende IoT Framework von Microsoft erweitert sowie die Grundkonzepte, die IoT Edge bereitstellt. Auch die Probleme in dem noch jungen Produkt wurden angesprochen, aber auch die Vorteile und Features, die es liefert.
In der gemeinsamen Demo mit Eli haben dann beide Speaker die technischen Details von Azure IoT Edge gezeigt und demonstriert, beispielsweise wie Code automatisiert von einer CI/CD-Pipeline in Azure DevOps auf ein IoT-Gerät deployed werden kann.
Event: inovex Meetup, 12.03.& 19.03.2019
Speaker: Maximilian Bischoff, inovex
Mehr Tech-Vorträge: inovex.de/vortraege
Mehr Tech-Artikel: inovex.de/blog
Es liegt in der Natur des Menschen das Unvorhersehbare vorherzusagen: Wetter, Aktienkurse, Krankheitsverläufe, die Reaktion eines Menschen. Neueste Deep Learning Ansätze sind in der Lage solche sequentielle Sachverhalte immer genauer zu prognostizieren, setzen aber auch immer größere Datenmengen und Rechenleistungen voraus, die sowohl in Forschung als auch in der Praxis häufig nicht vorliegen. Wie kann man gute Ergebnisse erreichen, wenn nur wenig Daten vorliegen?
Marisa Mohr stellte in ihrem Vortrag einen neuen und vielversprechenden informationstheoretischen Ansatz zum Feature Learning von sequentiellen Daten vor, der potenziell auch mit wenigen Daten auskommt. Dabei ging es speziell um ordinale Muster in Zeitreihen, wie sie beispielsweise als Veränderung von Emotionen im Gesprächsverlauf zu finden sind. Eine solche Entwicklung ist für Menschen in der Regel leicht zu erkennen. Chatbots hingegen können nicht intuitiv auf solche Emotionsverläufe reagieren, sondern müssen entsprechend programmiert werden.
Details:
Deep-Learning-Ansätze wie LSTMs, RNNs oder TCNs haben sich im Umgang mit sequentiellen Daten bewährt. Neuronale Netzwerke sind tief im technischen Sinn, weil sie mehrere (verborgene) Schichten besitzen, aber nicht weil sie ein tiefes Verständnis von Problemen entwickeln. In diesem Vortrag stellte Marisa einen symbolischen informationstheoretischen Ansatz des Representation Learnings von Zeitreihen vor und damit eine Möglichkeit, konzeptionelle Schichten zu konstruieren. Die Idee hinter der sogenannten Permutationsentropie besteht darin, anstelle der Werte einer Zeitreihe die Ordnungsrelation zwischen den Werten zu betrachten, und so auf das natürliche Auf und Ab des zugrundeliegenden dynamischen Systems zurückzugreifen.
Event: inovex Meetup: Das Unvorhersehbare vorhersagen: Zeitreihen und Chatbots, 26.03.2019
Speakerin: Marisa Mohr (inovex)
Mehr Tech-Vorträge: inovex.de/vortraege
Mehr Tech-Artikel: inovex.de/blog
Talk to me – Chatbots und digitale Assistenteninovex GmbH
Menschliche Kommunikation folgt zwar einer ganzen Reihe von Regeln, diese lassen sich aber schwer formalisieren. Nicht zuletzt deshalb, weil in unseren Interaktionen immer auch eine Fülle von Welt- und implizitem Kontextwissen eine Rolle spielt. Rein regelbasierte Chatbots sind daher nicht nur äußert komplex in der Programmierung, sondern stoßen in vielen Anwendungsbereichen schnell an ihre Grenzen.
In diesem Vortrag gab Anna Weißhaar einen Überblick über die aktuellen Lösungen und Herausforderungen im Bereich digitale Assistenten. Der Fokus lag dabei auf Ansätzen, die Chatbots „chatty“ machen, sie also möglichst adäquat auf im Voraus unbekannte Nutzereingaben reagieren zu lassen.
Event: inovex Meetup: Das Unvorhersehbare vorhersagen: Zeitreihen und Chatbots, 26.03.2019
Speaker: Anna Weißhaar (inovex)
Mehr Tech-Vorträge: inovex.de/vortraege
Mehr Tech-Artikel: inovex.de/blog
Nicht zuletzt durch die medienwirksame Erfolge des maschinellen Lernens durch DeepMind, OpenAI und Kollegen ist Künstliche Intelligenz im Moment wieder in aller Munde. Einerseits locken zahlreiche neue, vorher undenkbare Anwendungen wie die automatische Diagnose von Krankheiten, autonome Fahrzeuge und Drohnen, oder die automatische Übersetzung gesprochener Wörter. Andererseits warnen mahnenden Stimmen wird vor dem zunehmendem Einflussnahme der „Algorithmen“ auf fast alle Bereiche unseres Lebens sowie vor unerwünschten Folgen von sich verselbstständigenden Computern gewarnt. Einige träumen von – oder fürchten sich vor – der vermeintlich unausweichlichen Singularität, an der sich nichts weniger als das Schicksal der gesamten Menschheit entscheiden wird. Doch was verbirgt sich hinter dem Begriff Künstliche Intelligenz? Je nachdem, wen man fragt, erhält man unterschiedliche, bisweilen gegensätzliche Antworten. Dieser Vortrag stellt einige dieser Antworten vor und versucht sie (nicht nur) anhand von Beispielen aus Forschung und Anwendung einzuordnen.
Event: Business Analytics Day, 07.03.2019
Speaker: Dr. Matthias Richter, Dr. Stefan Igel (inovex)
Mehr Tech-Vorträge: inovex.de/vortraege
Mehr Tech-Artikel: inovex.de/blog
In den letzten drei Jahren haben wir die Infrastruktur der Fernseh-Plattform waipu.tv gebaut. Dabei haben wir angefangen Tools für den Betrieb in Golang zu schreiben. Aus einigen der Tools wurden Core-Services, die auch die Last einer Fußball-WM-Übertragung locker wegstecken. Wir wollen euch zeigen, wie wir mit der selben Tool-Chain (Golang & Co) Betriebs-Probleme lösen und kritische Business-Applikationen entwickeln. Klassisch DevOps oder Golden Hammer?
Speaker: Christoph Petrausch, Igor Lankin (beide inovex)
Event: DevOpsConference, 04.12.2018
Mehr Tech-Vorträge: inovex.de/vortraege
Mehr Tech-Artikel: inovex.de/blog
Das Android Open Source Project, kurz AOSP, ist das Betriebssystem, das auf den meisten heutigen und wahrscheinlich auch auf deinem Smartphone läuft. Es ist die Basis für das Android-App-Universum und wird von Millionen Nutzern und Entwicklern auf der Welt verwendet. Wegen der offenen Verfügbarkeit des Source Codes ist es auch die Basis für bekannte Custom ROMs wie LineageOS.
Der erste Teil des Talks gab eine Übersicht über die Architektur des Betriebssystems, das App-Ökosystem, den Hardware Abstraction Layer (HAL), die Sicherheitskonzepte und einige neue Betriebssystementwicklungen wie Project Treble in Android 8.0.
Der zweite Teil des Talks gab einen Einblick in den Quellcode und die Struktur des AOSP: Wie lädt man sich den Source Code herunter, wie baut man das AOSP für unterstützte Geräte und wie kann man die eigenen ROMs auf ein Smartphone flashen? Zum Spaß wurde auch noch in einige Implementierungsdetails von Android-App-API-Funktionen geblickt, die man als App Developer schon aufgerufen hat.
Speaker: Stefan Lengfeld, inovex
Event: inovex Meetup Köln, 23.10.2018
Mehr Tech-Vorträge: www.inovex.de/vortraege
Mehr Tech-Artikel: www.inovex.de/blog
This document discusses machine learning interpretability. It defines interpretation as giving explanations to humans for machine learning models and decisions. It notes that humans create, are affected by, and demand explanations for decision systems. The document outlines different techniques for model interpretability including intrinsically interpretable models, post-hoc interpretability techniques that provide explanations for black box models, and model-specific and model-agnostic techniques. It provides examples like partial dependence plots, individual conditional expectation, and local surrogate models. It recommends choosing techniques based on the recipient and purpose of explanations.
Performance evaluation of GANs in a semisupervised OCR use caseinovex GmbH
Online vehicle marketplaces are embracing artificial intelligence to ease the process of selling a vehicle on their platform. The tedious work of copying information from the vehicle registration document into some web form can be automated with the help of smart text-spotting systems, in which the seller takes a picture of the document, and the necessary information is extracted automatically.
Florian Wilhelm details the components of a text-spotting system, including the subtasks of object detection and optical character recognition (OCR). Florian elaborates on the challenges of OCR in documents with various distortions and artifacts, which rule out off-the-shelf products for this task. After offering an overview of semisupervised learning based on generative adversarial networks (GANs), Florian evaluates the performance gains of this method compared to supervised learning. More specifically, for a varying amount of labeled data, he compares the accuracy of a convolution neural network (CNN) to a GANthat uses additional unlabeled data during the training phase, showing that GANs significantly outperform classical CNNs in use cases with a lack of labeled data.
What you'll learn:
Understand how semisupervised learning with GANs works
Explore beneficial semisupervised methods based on GANs for use cases with a limited amount of labeled data
Gain insight into an interesting OCR use case of an online vehicle marketplace
Event: O'Reilly Artificial Intelligence Conference, London, 11.10.2018
Speaker: Dr. Florian Wilhelm
Mehr Tech-Vorträge: www.inovex.de/vortraege
Mehr Tech-Artikel: www.inovex.de/blog
People & Products – Lessons learned from the daily IT madnessinovex GmbH
IT im 21. Jahrhundert – What a time to be alive! Es gibt einen (unüberschaubaren) Zoo an Methoden und Produkten die uns so viel Freude an der Arbeit bereiten! Sie sind modern, weil sie neu sind. Sie fordern unser Können heraus, weil sie komplex sind. Sie lösen einige Probleme, die wir vorher nicht hatten. Jeder will sie verwenden, weil Google, Netflix & Co. sie propagieren und Hand auf’s Herz: Will nicht jeder gerne so arbeiten wie Google, Netflix & Co.? Aber macht das wirklich Sinn?
In diesem Vortrag blicken wir auf diverse Erkenntnisse aus dem Einsatz agiler Produktentwicklung, DevOps, Continuous Integration/Delivery, Infrastructure as Code, Immutable Infrastructure (bspw. Docker/Kubernetes), Application Logging und Service Monitoring.
Learning Goals:
- Wir müssen den Einsatz von Methoden und Tools an die Menschen ausrichten, die sie (weiter-)entwickeln und benutzen sollen.
- Manchmal lösen wir mit neuen Tools Probleme, die wir vorher nicht hatten.
- Die Suche nach einfachen Lösungen für komplexe Probleme ist essentiell, aber nicht immer einfach.
Event: Continuous Lifecycle, 15.11.2018
Speaker: Arnold Bechtoldt
Mehr Tech-Vorträge: www.inovex.de/vortraege
Mehr Tech-Artikel: www.inovex.de/blog
Infrastructure as (real) Code – Manage your K8s resources with Pulumiinovex GmbH
Pulumi (pulumi.io) offers an open source platform to create/manage and deploy your infrastructure in realy programming languages like JavaScript/TypeScript, Go and Python. As Cloud platforms the major 3 cloud providers are supported and additionally you can also use Pulumi with OpenStack and Kubernetes to deploy your applications in the cloud.
In this talk we will take a look how Pulumi is different to traditional solutions like Terraform or the Cloud Provider specific solutions (e.g. CloudFormation). The main focus will be on deploying your services on top of Kubernetes. The talk will contain a little theory part about Pulumi, the rest of the talk is more focused on demos and practical parts. One focus of the talk is the difference of Pulumi to kubectl and helm (or to be precise how they complement each other.
As a takeaway of this talk you should understand the basics of Pulumi and know what are the differences to the traditional deployment tools.
Event: CNCF Meetup Hamburg & Stuttgart, 29.10.2018 & 07.11.2018
Speaker: Johannes M. Scheuermann, inovex
Mehr Tech-Vorträge: https://www.inovex.de/de/content-pool/vortraege/
Mehr Tech-Artikel: https://www.inovex.de/blog/
Skybuffer AI: Advanced Conversational and Generative AI Solution on SAP Busin...Tatiana Kojar
Skybuffer AI, built on the robust SAP Business Technology Platform (SAP BTP), is the latest and most advanced version of our AI development, reaffirming our commitment to delivering top-tier AI solutions. Skybuffer AI harnesses all the innovative capabilities of the SAP BTP in the AI domain, from Conversational AI to cutting-edge Generative AI and Retrieval-Augmented Generation (RAG). It also helps SAP customers safeguard their investments into SAP Conversational AI and ensure a seamless, one-click transition to SAP Business AI.
With Skybuffer AI, various AI models can be integrated into a single communication channel such as Microsoft Teams. This integration empowers business users with insights drawn from SAP backend systems, enterprise documents, and the expansive knowledge of Generative AI. And the best part of it is that it is all managed through our intuitive no-code Action Server interface, requiring no extensive coding knowledge and making the advanced AI accessible to more users.
This presentation provides valuable insights into effective cost-saving techniques on AWS. Learn how to optimize your AWS resources by rightsizing, increasing elasticity, picking the right storage class, and choosing the best pricing model. Additionally, discover essential governance mechanisms to ensure continuous cost efficiency. Whether you are new to AWS or an experienced user, this presentation provides clear and practical tips to help you reduce your cloud costs and get the most out of your budget.
Salesforce Integration for Bonterra Impact Management (fka Social Solutions A...Jeffrey Haguewood
Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows.
We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases.
This video focuses on integration of Salesforce with Bonterra Impact Management.
Interested in deploying an integration with Salesforce for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.
FREE A4 Cyber Security Awareness Posters-Social Engineering part 3Data Hops
Free A4 downloadable and printable Cyber Security, Social Engineering Safety and security Training Posters . Promote security awareness in the home or workplace. Lock them Out From training providers datahops.com
TrustArc Webinar - 2024 Global Privacy SurveyTrustArc
How does your privacy program stack up against your peers? What challenges are privacy teams tackling and prioritizing in 2024?
In the fifth annual Global Privacy Benchmarks Survey, we asked over 1,800 global privacy professionals and business executives to share their perspectives on the current state of privacy inside and outside of their organizations. This year’s report focused on emerging areas of importance for privacy and compliance professionals, including considerations and implications of Artificial Intelligence (AI) technologies, building brand trust, and different approaches for achieving higher privacy competence scores.
See how organizational priorities and strategic approaches to data security and privacy are evolving around the globe.
This webinar will review:
- The top 10 privacy insights from the fifth annual Global Privacy Benchmarks Survey
- The top challenges for privacy leaders, practitioners, and organizations in 2024
- Key themes to consider in developing and maintaining your privacy program
Programming Foundation Models with DSPy - Meetup SlidesZilliz
Prompting language models is hard, while programming language models is easy. In this talk, I will discuss the state-of-the-art framework DSPy for programming foundation models with its powerful optimizers and runtime constraint system.
Your One-Stop Shop for Python Success: Top 10 US Python Development Providersakankshawande
Simplify your search for a reliable Python development partner! This list presents the top 10 trusted US providers offering comprehensive Python development services, ensuring your project's success from conception to completion.
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAUpanagenda
Webinar Recording: https://www.panagenda.com/webinars/hcl-notes-und-domino-lizenzkostenreduzierung-in-der-welt-von-dlau/
DLAU und die Lizenzen nach dem CCB- und CCX-Modell sind für viele in der HCL-Community seit letztem Jahr ein heißes Thema. Als Notes- oder Domino-Kunde haben Sie vielleicht mit unerwartet hohen Benutzerzahlen und Lizenzgebühren zu kämpfen. Sie fragen sich vielleicht, wie diese neue Art der Lizenzierung funktioniert und welchen Nutzen sie Ihnen bringt. Vor allem wollen Sie sicherlich Ihr Budget einhalten und Kosten sparen, wo immer möglich. Das verstehen wir und wir möchten Ihnen dabei helfen!
Wir erklären Ihnen, wie Sie häufige Konfigurationsprobleme lösen können, die dazu führen können, dass mehr Benutzer gezählt werden als nötig, und wie Sie überflüssige oder ungenutzte Konten identifizieren und entfernen können, um Geld zu sparen. Es gibt auch einige Ansätze, die zu unnötigen Ausgaben führen können, z. B. wenn ein Personendokument anstelle eines Mail-Ins für geteilte Mailboxen verwendet wird. Wir zeigen Ihnen solche Fälle und deren Lösungen. Und natürlich erklären wir Ihnen das neue Lizenzmodell.
Nehmen Sie an diesem Webinar teil, bei dem HCL-Ambassador Marc Thomas und Gastredner Franz Walder Ihnen diese neue Welt näherbringen. Es vermittelt Ihnen die Tools und das Know-how, um den Überblick zu bewahren. Sie werden in der Lage sein, Ihre Kosten durch eine optimierte Domino-Konfiguration zu reduzieren und auch in Zukunft gering zu halten.
Diese Themen werden behandelt
- Reduzierung der Lizenzkosten durch Auffinden und Beheben von Fehlkonfigurationen und überflüssigen Konten
- Wie funktionieren CCB- und CCX-Lizenzen wirklich?
- Verstehen des DLAU-Tools und wie man es am besten nutzt
- Tipps für häufige Problembereiche, wie z. B. Team-Postfächer, Funktions-/Testbenutzer usw.
- Praxisbeispiele und Best Practices zum sofortigen Umsetzen
Fueling AI with Great Data with Airbyte WebinarZilliz
This talk will focus on how to collect data from a variety of sources, leveraging this data for RAG and other GenAI use cases, and finally charting your course to productionalization.
Generating privacy-protected synthetic data using Secludy and MilvusZilliz
During this demo, the founders of Secludy will demonstrate how their system utilizes Milvus to store and manipulate embeddings for generating privacy-protected synthetic data. Their approach not only maintains the confidentiality of the original data but also enhances the utility and scalability of LLMs under privacy constraints. Attendees, including machine learning engineers, data scientists, and data managers, will witness first-hand how Secludy's integration with Milvus empowers organizations to harness the power of LLMs securely and efficiently.
Freshworks Rethinks NoSQL for Rapid Scaling & Cost-EfficiencyScyllaDB
Freshworks creates AI-boosted business software that helps employees work more efficiently and effectively. Managing data across multiple RDBMS and NoSQL databases was already a challenge at their current scale. To prepare for 10X growth, they knew it was time to rethink their database strategy. Learn how they architected a solution that would simplify scaling while keeping costs under control.
For the full video of this presentation, please visit: https://www.edge-ai-vision.com/2024/06/temporal-event-neural-networks-a-more-efficient-alternative-to-the-transformer-a-presentation-from-brainchip/
Chris Jones, Director of Product Management at BrainChip , presents the “Temporal Event Neural Networks: A More Efficient Alternative to the Transformer” tutorial at the May 2024 Embedded Vision Summit.
The expansion of AI services necessitates enhanced computational capabilities on edge devices. Temporal Event Neural Networks (TENNs), developed by BrainChip, represent a novel and highly efficient state-space network. TENNs demonstrate exceptional proficiency in handling multi-dimensional streaming data, facilitating advancements in object detection, action recognition, speech enhancement and language model/sequence generation. Through the utilization of polynomial-based continuous convolutions, TENNs streamline models, expedite training processes and significantly diminish memory requirements, achieving notable reductions of up to 50x in parameters and 5,000x in energy consumption compared to prevailing methodologies like transformers.
Integration with BrainChip’s Akida neuromorphic hardware IP further enhances TENNs’ capabilities, enabling the realization of highly capable, portable and passively cooled edge devices. This presentation delves into the technical innovations underlying TENNs, presents real-world benchmarks, and elucidates how this cutting-edge approach is positioned to revolutionize edge AI across diverse applications.
zkStudyClub - LatticeFold: A Lattice-based Folding Scheme and its Application...Alex Pruden
Folding is a recent technique for building efficient recursive SNARKs. Several elegant folding protocols have been proposed, such as Nova, Supernova, Hypernova, Protostar, and others. However, all of them rely on an additively homomorphic commitment scheme based on discrete log, and are therefore not post-quantum secure. In this work we present LatticeFold, the first lattice-based folding protocol based on the Module SIS problem. This folding protocol naturally leads to an efficient recursive lattice-based SNARK and an efficient PCD scheme. LatticeFold supports folding low-degree relations, such as R1CS, as well as high-degree relations, such as CCS. The key challenge is to construct a secure folding protocol that works with the Ajtai commitment scheme. The difficulty, is ensuring that extracted witnesses are low norm through many rounds of folding. We present a novel technique using the sumcheck protocol to ensure that extracted witnesses are always low norm no matter how many rounds of folding are used. Our evaluation of the final proof system suggests that it is as performant as Hypernova, while providing post-quantum security.
Paper Link: https://eprint.iacr.org/2024/257
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdfChart Kalyan
A Mix Chart displays historical data of numbers in a graphical or tabular form. The Kalyan Rajdhani Mix Chart specifically shows the results of a sequence of numbers over different periods.
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdf
Deploying Foreman in Enterprise Environments
1. Deploying Foreman in Enterprise Environments
best practices
and lessons learned…
Nils Domrose
Gent, February, 3 2014
2. About me
▸ senior linux systems engineer at
inovex GmbH
▸ worked as a network engineer,
software developer and systems
engineer
▸ using foreman for about 1 year
▸ using bare-metal deployment for
ages
▸ life is short – let’s focus on
interesting stuff!
#irc
__endy__
@endyman
https://plus.google.com/+NilsDomrose
2
3. About inovex
We use technology to make our customers happy. And ourselves.
▸ http://www.inovex.de
▸ offices in [‘Pforzheim’, ‘Karlsruhe’, ‘Cologne’, ‘Munich’]
▸ we have open positions...
1
SHAPE
Consulting
2
BUILD
Application
Development
3
RUN
IT Engineering &
Operations
4
TRACK
Business
Intelligence
5
TEACH
Academy
3
5. The Chicken & Egg Problem
...deploying your deployment infrastructure
▸ some shell scripts to push
installer and answers.yaml to
new system (installer is subject
to rpm/deb packaging)
▸ run a custom kafo installer
▸ setup repos
▸ configure nics (bonding)
▸ setup pacemaker &
corosync
▸ setup drbd
▸ setup dhcp server
▸ setup postgreSQL
▸ setup puppetDB
▸ run foreman kafo installer
6. The Chicken & Egg Problem
build your first kafo installer
▸ kafo?
▸ kafo! - imagine master-less
puppet plus config data in yaml
(like hiera)
▸ can’t tell wether it’s the chicken
or the egg or both but it’s cool
▸ stores parameters for your
modules in answers.yaml
▸ simply copy your modules into
the installer’s modules directory
▸ or even use puppet-librarian to
manage your modules (poor
man’s git-submodules)
https://github.com/rodjek/librarian-puppet
https://github.com/theforeman/kafo
7. The Chicken & Egg Problem
kafo - getting started
▸ Never give up, never surrender!:
depending on your kafo gem it
might not (yet) be as easy as:
root@foreman:~# cd /var/tmp/
root@foreman:/var/tmp# i=my-installer; mkdir $i; cd $i; kafofy $i
▸ It’s more like:
i=my-installer; mkdir $i && cd $i && kafofy $i && mkdir /etc/$i && cat
> /etc/$i/$i.yaml << EOF
> -->
:log_dir: /var/log/$i
>
:log_name: configuration.log
>
:log_level: info
>
:no_prefix: false
>
:mapping: {}
>
:answer_file: /etc/$i/answers.yaml
>
:installer_dir: $(pwd)
>
:modules_dir: $(pwd)/modules
>
:default_values_dir: /tmp
>
:colors: true
>
:kafo_modules_dir: /usr/lib/ruby/vendor_ruby/kafo/modules
> EOF
8. The Chicken & Egg Problem
get the modules
▸ delete the modules directory
root@foreman:/var/tmp/my-installer# rm -Rf modules/
▸ create a Puppetfile
root@foreman:/var/tmp/my-installer# cat Puppetfile
forge "http://forge.puppetlabs.com"
mod 'puppetlabs/stdlib'
mod 'ntp',
:git => 'git://github.com/puppetlabs/puppetlabs-ntp.git'
▸ run the librarian
root@foreman:/var/tmp/my-installer# librarian-puppet install --clean
root@foreman:/var/tmp/my-installer# ll modules
total 16
drwxr-xr-x 4 root root 4096 Jan 29 12:25 ./
drwxr-xr-x 7 root root 4096 Jan 29 12:17 ../
drwxr-xr-x 7 root root 4096 Jan 29 12:25 ntp/
drwxr-xr-x 6 root root 4096 Jan 29 12:24 stdlib/
▸ next: package it, install it
9. Foreman Components
foreman
▸
▸
▸
▸
▸
rails application
apache mod_passenger
Webinterface
REST API
unattended resources –
rendered templates
database
REST API
unattended
resources
foreman
frontend
apache mod_passenger
Port 80 HTTP
Port 443 HTTPS
9
10. Foreman Components
smart-proxy
▸ WEBrick based REST
server to manage
supporting infrastructure
Port 8443 HTTPS
WEBrick server
puppet
CA
puppet
apache
mod_passenger
Port 8140 HTTPS
BMC
DHCP
TFTP
DNS
ipmitool
ISC
dhcpd
tftpd
nsupdate
Port 67
UDP
Port 69
UDP
10
11. Foreman Components
placement of foreman components
▸
▸
▸
▸
flows at each side to local puppet
and smart proxy
all VLANs directly access puppet ca
all VLANs directly access foreman
unattended resources
we need DNS only once (so let’s
limit TSIG key distribution)
VLAN D Site2
mgmt VLAN2
fw
VLAN C Site2
Smartproxy, puppet,
DHCP
VLAN A Site1
mgmt VLAN1
fw
Foreman
Smartproxy, puppet, CA,
DNS, DHCP
VLAN B Site1
11
12. Foreman Components
optimizing comms flows
▸
limit access to the smartproxy and
foreman to local clients only
▸
open dedicate flow from proxy to
foreman and puppet
VLAN D Site2
mgmt VLAN2
fw
VLAN C Site2
smartproxy, puppet,
DHCP, Proxy
VLAN A Site1
mgmt VLAN1
fw
Foreman
smartproxy, puppet, CA,
DNS, DHCP
VLAN B Site1
12
14. Foreman Components
foreman customization
▸
▸
▸
we must identify proxied servers
foreman url must be customized
templates must be adapted
▸
enable tokens (default in 1.4)
▸
create parameter in hostgroups for each
segment (unattended_url in 1.4 does not
seam to help here…)
▸ adapt templates
14
15. Resistance is futile
Integrating foreman into corporate infrastructure
Integrating foreman into corporate
infrastructure is:
▸ not a technical issue
▸ mostly even not a security issue
▸ It’s about convincing people to do
things differently
▸ It’s about responsibilities
▸ It’s about fear
▸ It’s about laziness
15
16. Resistance is futile
The one with the wrong <enter vendor name> DHCP product
The corporate DHCP does not provide a proper API
and changes are distributed across the DHCP
infrastructure in a slow, asynchronous manner…
Deploy your own DHCP server:
- You must be able to create and delete leases
instantly
- You only need it to bootstrap your servers. Later a
static NIC configuration can be applied using your
favorite cfgmgmt. No, it’s not that static – we can
use ENC variables to update IP addresses.
- Repeat: I won’t create my leases manually and I
won’t wait for changes to be replicated until I
power-on my server
16
17. Resistance is futile
The one with the DHCP caused Zombiecalypse
You are about to deploy your own DHCP but people
complain that your DHCP will nuke the corporate
datacenter and will cause an epic loss of revenue…
Ask for dedicated VLANs and for ip-helper configs
on routers and firewalls
- Your DHCP is limited to your VLANs only
- You only need one DHCP server
- It’s not an evil plan to make the guy running the
corporate DHCP redundant
17
18. Resistance is futile
The one with static DNS
You kindly ask for TSIG keys to create your A and
PTR records automatically but the DNS is managed
manually and there is no TSIG key although dynamic
updates are enabled…
Make a deal: you won’t talk about the missing TSIG
keys and get your key or keytab and permissions
right after the guy fixed the security issue.
Ask for dedicated zones and for credentials which
allow you to manage your zones using nsupdate
- Alternatively ask for delegation of your zones and
setup a dedicated DNS server (protected by keys)
18
19. FAIL!
Foreman HA
▸
use pacemaker/corosync to provide
basic resilience for postgreSQL and
puppetDB, puppetCA
▸
If you scale out, you might setup a
nice pg-pool2 cluster
▸
puppetmasters could be ran active
active as well as the foreman rails
application (keep memcached in
mind)
▸
on pure smartproxies no pacemaker
cluster is required. A simple failover
using VRRP (via keepalived) should
be sufficient – if you replicate the
tftp and dhcp data (for puppet you’ll
have to do the exercise anyhow.)
HA IP(s)
HA IP(s)
puppetDB
puppetDB
Apache
mod_passenger
Apache
mod_passenger
postgreSQL
postgreSQL
DRBD
DRBD
pacemaker
pacemaker
corosync
node1
node2
19
20. Best practices
▸
use separate IP addresses for each service so you
can split up stuff later on
▸
If you can’t use DHCP the bootdisk plugin might be
an option (currently .deb package 1.2.3 is broken
for 1.4 but version plugin source is ready for 1.4)
▸
LDAP or kerberos5 (1.4) for user authentication
▸
use Locations for filtering
▸
classes are not tight to locations so you better use
the same set of classes and import only once from
you master puppet master
▸
use the column plugin for better overview
▸
ENC and smart variables are nice – ever configured
dhcp pool as yaml hash? Use smart variables as
switches, and for simple datatypes only - do the
complex stuff in service modules - ideally by using
data in modules
20
21. Wishlist
...secret guide to world domination
▸ integrate the reverse proxy feature into
smart-proxy (there is a ticket for that
somewhere)
▸ implement iso image provisioning based
vm installation in conjunction with the
bootdisk plugin
▸ support more configuration management
stacks
▸ better support for discovery, ipmi and
hardware provisioning (like HW-Raid)
21