OpenStack is an open source cloud computing platform that can manage large networks of virtual machines and physical servers. It uses a distributed architecture with components like Nova (compute), Swift (object storage), Cinder (block storage), and Quantum (networking). OpenStack has been successful due to its scalability, support for multiple hypervisors including Hyper-V, and compatibility with popular programming languages like Python. While OpenStack is best suited for large public and private clouds, its complex installation and lack of unified deployment tools can present challenges, especially for small to mid-sized clouds.
OpenStack Summit 2013 Hong Kong - OpenStack and WindowsAlessandro Pilotti
OpenStack summit session about how to deploy Windows instances using Cloudbase-Init and Heat!
The session takes care of explaining all the issues you might encounter, for example how to choose the rioght KVM VirtIO drivers.
OpenStack is a great platform for Linux as well as for Windows, with the latter growing stronger every year as OpenStack gains more momentum in the enterprise world.
Microsoft's Windows Server / Hyper-V Server 2016 includes a lot of new cloud oriented features which are fully supported in an OpenStack infrastructure, including Storage Spaces Direct for hyper-converged deployments, Shielded VMs for the best guest isolation, Nano Server, a new networking stack and much more.
Windows as a guest on any hypervisor, including KVM, Hyper-V, ESXi, is also a great match for OpenStack thanks to Cloudbase-Init's large set of cloud provisioning actions and support for Heat templates, with lots of new features developed during the Ocata timeframe.
During this session we will talk about all the new OpenStack Windows and Hyper-V related features, demo some great use cases and provide answers to the most common questions about how to make the best out of Windows in OpenStack.
Comparing IaaS: VMware vs OpenStack vs Google’s GanetiGiuseppe Paterno'
No matter if you are a lonely system administrator or the CTO of the largest carrier in the World, getting to know what’s out there is a jungle. Is VMware still the lead? I’ve heard about OpenStack, how mature is that? And what this “Ganeti” I’ve never heard of?
Well, here I am. Guess what, you’re not the only one asking these questions. I traveled most of Europe hearing world’s most famous enterprises, banks and telcos and also in contact with many vendors’ labs, from San Francisco to Munich.
In this presentation I just wish to give a quick overview of the state-of-the-art in the IaaS and virtualization world. This is not a sales or marketing presentation: no vaporware, just pure and real experience from the field.
Enjoy the slides and stay tuned on my twitter channel on @gpaterno
Build cloud like Rackspace with OpenStack AnsibleJirayut Nimsaeng
Build cloud like Rackspace with OpenStack Ansible Workshop in 2nd Cloud OpenStack-Container Conference and Workshop 2016 at Grand Postal Building, Bangrak, Bangkok on September 22-23, 2016
OpenStack Summit 2013 Hong Kong - OpenStack and WindowsAlessandro Pilotti
OpenStack summit session about how to deploy Windows instances using Cloudbase-Init and Heat!
The session takes care of explaining all the issues you might encounter, for example how to choose the rioght KVM VirtIO drivers.
OpenStack is a great platform for Linux as well as for Windows, with the latter growing stronger every year as OpenStack gains more momentum in the enterprise world.
Microsoft's Windows Server / Hyper-V Server 2016 includes a lot of new cloud oriented features which are fully supported in an OpenStack infrastructure, including Storage Spaces Direct for hyper-converged deployments, Shielded VMs for the best guest isolation, Nano Server, a new networking stack and much more.
Windows as a guest on any hypervisor, including KVM, Hyper-V, ESXi, is also a great match for OpenStack thanks to Cloudbase-Init's large set of cloud provisioning actions and support for Heat templates, with lots of new features developed during the Ocata timeframe.
During this session we will talk about all the new OpenStack Windows and Hyper-V related features, demo some great use cases and provide answers to the most common questions about how to make the best out of Windows in OpenStack.
Comparing IaaS: VMware vs OpenStack vs Google’s GanetiGiuseppe Paterno'
No matter if you are a lonely system administrator or the CTO of the largest carrier in the World, getting to know what’s out there is a jungle. Is VMware still the lead? I’ve heard about OpenStack, how mature is that? And what this “Ganeti” I’ve never heard of?
Well, here I am. Guess what, you’re not the only one asking these questions. I traveled most of Europe hearing world’s most famous enterprises, banks and telcos and also in contact with many vendors’ labs, from San Francisco to Munich.
In this presentation I just wish to give a quick overview of the state-of-the-art in the IaaS and virtualization world. This is not a sales or marketing presentation: no vaporware, just pure and real experience from the field.
Enjoy the slides and stay tuned on my twitter channel on @gpaterno
Build cloud like Rackspace with OpenStack AnsibleJirayut Nimsaeng
Build cloud like Rackspace with OpenStack Ansible Workshop in 2nd Cloud OpenStack-Container Conference and Workshop 2016 at Grand Postal Building, Bangrak, Bangkok on September 22-23, 2016
Nowadays there is significant diversity in Infrastructure
as a Service (IaaS) clouds. The differences span from
virtualization technology and hypervisors, through storage
and network configuration, to the cloud management
APIs. These differences make migration of a VM (or
a set of VMs) from a private cloud into a public cloud,
or between different public clouds, complicated or even
impractical for many use-cases.
HVX is a virtualization platform that enables complete
abstraction of underlying cloud infrastructure from the
application virtual machines. HVX allows deployment
of existing VMs into the cloud without any modifications,
mobility between the clouds and easy duplication
of the entire deployment.
HVX can be deployed on almost any existing IaaS
cloud. Each instance of the HVX deployment packs in
a nested hypervisor, virtual hardware, network and storage
configuration.
Combined with image store and management APIs,
the HVX can be used for the creation of a virtual cloud
that utilizes existing cloud provider infrastructure as the
hardware rather than using physical servers, switches and
storage.
Puppet and Nano Server provide an amazing mix when it comes to automated cloud deployments. This slide deck is from my session at PuppetCamp NYC and Boston.
Presentation of OpenStack survey to Internet Research Lab at National Taiwan University, Taiwan. OpenStack framework and architecture overview. (ppt slide for download.) Materials collected from various resources, not originally produced by the author.
Briefly explained Nova, Swift, Glance, Keystone, and Quantum.
CAPS: What's best for deploying and managing OpenStack? Chef vs. Ansible vs. ...Daniel Krook
Presentation at the OpenStack Summit in Tokyo, Japan on October 29, 2015.
http://sched.co/49vI
This talk will cover the pros and cons of four different OpenStack deployment mechanisms. Puppet, Chef, Ansible, and Salt for OpenStack all claim to make it much easier to configure and maintain hundreds of OpenStack deployment resources. With the advent of large-scale, highly available OpenStack deployments spread across multiple global regions, the choice of which deployment methodology to use has become more and more relevant.
Beyond the initial day-one deployment, when it comes to the day-two and beyond questions of updating and upgrading existing OpenStack deployments, it becomes all the more important choose the right tool.
Come join the Bluebox and IBM team to discuss the pros and cons of these approaches. We look at each of these four tools in depth, explore their design and function, and determine which scores higher than others to address your particular deployment needs.
Daniel Krook - Senior Software Engineer, Cloud and Open Source Technologies, IBM
Paul Czarkowski - Cloud Engineer at Blue Box, an IBM company
Daniel Krook - Senior Software Engineer, Cloud and Open Source Technologies, IBM
DevCloud - Setup and Demo on Apache CloudStack buildacloud
Hands-on Hacking Session by Amogh Vasekar
1. Demo of CloudStack using DevCloud
2. How we got there -
A) Building CloudStack from scratch
B) Deploying databases
C) Configuring your own DevCloud using Marvin
This talk covered the OpenStack basics that VMware Administrators need to be aware of to be successful in their deployments. We also had the Tesora team join us on stage to discuss the importance of Database-as-a-Service with the Trove project!
OpenStack Summit Vancouver: Lessons learned on upgradesFrédéric Lepied
Deploying OpenStack in production at any scale, upgrade support is one of the requirements to have a successful deployment. Without upgrade management, adeployment will have bugs and security issues from day 1. Also in longer term, it will miss the latest features that OpenStack offers.
Nowadays there is significant diversity in Infrastructure
as a Service (IaaS) clouds. The differences span from
virtualization technology and hypervisors, through storage
and network configuration, to the cloud management
APIs. These differences make migration of a VM (or
a set of VMs) from a private cloud into a public cloud,
or between different public clouds, complicated or even
impractical for many use-cases.
HVX is a virtualization platform that enables complete
abstraction of underlying cloud infrastructure from the
application virtual machines. HVX allows deployment
of existing VMs into the cloud without any modifications,
mobility between the clouds and easy duplication
of the entire deployment.
HVX can be deployed on almost any existing IaaS
cloud. Each instance of the HVX deployment packs in
a nested hypervisor, virtual hardware, network and storage
configuration.
Combined with image store and management APIs,
the HVX can be used for the creation of a virtual cloud
that utilizes existing cloud provider infrastructure as the
hardware rather than using physical servers, switches and
storage.
Puppet and Nano Server provide an amazing mix when it comes to automated cloud deployments. This slide deck is from my session at PuppetCamp NYC and Boston.
Presentation of OpenStack survey to Internet Research Lab at National Taiwan University, Taiwan. OpenStack framework and architecture overview. (ppt slide for download.) Materials collected from various resources, not originally produced by the author.
Briefly explained Nova, Swift, Glance, Keystone, and Quantum.
CAPS: What's best for deploying and managing OpenStack? Chef vs. Ansible vs. ...Daniel Krook
Presentation at the OpenStack Summit in Tokyo, Japan on October 29, 2015.
http://sched.co/49vI
This talk will cover the pros and cons of four different OpenStack deployment mechanisms. Puppet, Chef, Ansible, and Salt for OpenStack all claim to make it much easier to configure and maintain hundreds of OpenStack deployment resources. With the advent of large-scale, highly available OpenStack deployments spread across multiple global regions, the choice of which deployment methodology to use has become more and more relevant.
Beyond the initial day-one deployment, when it comes to the day-two and beyond questions of updating and upgrading existing OpenStack deployments, it becomes all the more important choose the right tool.
Come join the Bluebox and IBM team to discuss the pros and cons of these approaches. We look at each of these four tools in depth, explore their design and function, and determine which scores higher than others to address your particular deployment needs.
Daniel Krook - Senior Software Engineer, Cloud and Open Source Technologies, IBM
Paul Czarkowski - Cloud Engineer at Blue Box, an IBM company
Daniel Krook - Senior Software Engineer, Cloud and Open Source Technologies, IBM
DevCloud - Setup and Demo on Apache CloudStack buildacloud
Hands-on Hacking Session by Amogh Vasekar
1. Demo of CloudStack using DevCloud
2. How we got there -
A) Building CloudStack from scratch
B) Deploying databases
C) Configuring your own DevCloud using Marvin
This talk covered the OpenStack basics that VMware Administrators need to be aware of to be successful in their deployments. We also had the Tesora team join us on stage to discuss the importance of Database-as-a-Service with the Trove project!
OpenStack Summit Vancouver: Lessons learned on upgradesFrédéric Lepied
Deploying OpenStack in production at any scale, upgrade support is one of the requirements to have a successful deployment. Without upgrade management, adeployment will have bugs and security issues from day 1. Also in longer term, it will miss the latest features that OpenStack offers.
OpenStack Day Seattle 2015, Enterprise Track
Title: Windows Containers, Hyper-V and OpenStack
Speakers: Ben Armstrong, Microsoft & Alessandro Pilotti, Cloubase Solutions
XenServer Virtualization In Cloud EnvironmentsTim Mackey
= As presented at the CloudStack Silicon Valley Meetup in September 2015. =
XenServer is a virtualization platform which has been deployed in a variety of industries and to support a multitude of workloads. In this session we discuss some of the components which make it valuable not just for traditional server and desktop virtualization, but also within "the cloud". This includes discussion of VM density, network scalability, containers (such as Docker) and GPU virtualization. We end with coverage of how XenServer templates are represented within Apache CloudStack.
The Future of SDN in CloudStack by Chiradeep Vittalbuildacloud
The core of CloudStack networking has always been software-defined. As the networking industry evolves to a software-defined future, CloudStack will have to evolve with it.
The presentation will examine the present state of SDN in CloudStack, look at some industry directions and attempt to predict the evolution of CloudStack with those trends.
Bio
Chiradeep Vittal is a Distinguished Engineer in the Converged Infrastructure Group at Citrix where he has technology leadership responsibilities around Citrix Cloud Platform, Citrix Lifecycle Manager and Citrix Workspace Pod. He is also a Project Management Committee member of the Apache CloudStack Project. At cloud.com (acquired by Citrix), he was a founding engineer, often tasked with the thorny details of virtualized networking and storage. Prior to cloud.com, he worked at several Silicon Valley startups in various architectural roles.
Chiradeep has a B.Tech in Computer Science from IIT, Bombay and a M.Sc from the University of Alberta. He has spoken / presented at several conferences, including CloudStack Collab, LISA, OSCON, ONS, SDN Summit and LinuxCon. His twitter handle is @chiradeep and occasionally blogs at http://cloudierthanthou.wordpress.com
Using apache camel for microservices and integration then deploying and managing on Docker and Kubernetes. When we need to make changes to our app, we can use Fabric8 continuous delivery built on top of Kubernetes and OpenShift.
My talk at ScaleConf 2017 in Cape Town on some tips and tactics for scaling WordPress, with reference to WordPress.com and the container-based VIP Go platform.
Video of my talk is here: https://www.youtube.com/watch?v=cs0DcY80spw
Why Kubernetes as a container orchestrator is a right choice for running spar...DataWorks Summit
Building and deploying an analytic service on Cloud is a challenge. A bigger challenge is to maintain the service. In a world where users are gravitating towards a model where cluster instances are to be provisioned on the fly, in order for these to be used for analytics or other purposes, and then to have these cluster instances shut down when the jobs get done, the relevance of containers and container orchestration is more important than ever.
Container orchestrators like Kubernetes can be used to deploy and distribute modules quickly, easily, and reliably. The intent of this talk is to share the experience of building such a service and deploying it on a Kubernetes cluster. In this talk, we will discuss all the requirements which an enterprise grade Hadoop/Spark cluster running on containers bring in for a container orchestrator.
This talk will cover in details how Kubernetes orchestrator can be used to meet all our needs of resource management, scheduling, networking, and network isolation, volume management, etc. We will discuss how we have replaced our home grown container orchestrator with Kubernetes which used to manage the container lifecycle and manage resources in accordance to our requirements. We will also discuss the feature list as container orchestrator which is helping us deploy and patch 1000s of containers and also a list which we believe need improvement or can be enhanced in a container orchestrator.
Speaker
Rachit Arora, SSE, IBM
Presented at the CloudStack Silicon Valley User Group in September 2015 at Nuage Networks. Discussed impact of containers, emerging software defined networking platforms, NFV, IPv6 and performance.
Do you think that Nova, Cinder, Heat, Ceilometer, and Neutron are all references to global warming and looming apocalypse? For all those who come to the OpenStack community and wonder what all the fuss is about, this quick introduction will answer your many questions. It includes a short history of the largest Open Source project in history and will touch on
the basic OpenStack components, so you will be prepared the next time someone mentions Keystone, Nova and Swift in the same sentence.
This session was presented by Beth Cohen at the OpenStack meetup on Feb 19th, 2014 in Boston. Beth works for Verizon developing cool Cloud based products that she can't talk about without a strict NDA. She is a technical leader with over 25 years of experience architecting leading-edge system infrastructures and managing complex projects in the telecom, manufacturing, financial services, government, and technology industries. She has been involved in building some of the world's largest OpenStack architectures and has way too much fun at OpenStack Summits!
Strategies for migrating workloads from VMware to OpenStackAlessandro Pilotti
As OpenStack adoption increases, companies are looking at ways to migrate workloads from traditional virtualization solutions like VMware or System Center to cloud infrastructures based on OpenStack.
There are multiple angles to this problem to consider:
Pets vs Cattle: when is OpenStack the right choice and when not
Lift and shift: when is worth to use automated migration tools like Coriolis to move virtual machines
App migration: when to migrate individual applications and their data to a new platform (e.g. a PaaS)
Re-develop: when to adopt modern paradigms like microservices, containers etc and redevelop applications
There's no one-size-fits-all answer, but knowing what your options are, you can do the right choice for each use case. Costs also have a big impact, for example it can be worth to lift-and-shift and use the saved money to re-architect the next app generation.
We will also do a fully automated lift-and-shift and DRaaS live demo using the Coriolis project.
Hyper-C is OpenStack on Windows Server 2016, based on Nano Server, Hyper-V, Storage Spaces Direct (S2D) and Open vSwitch for Windows. Bare metal deployment features Cloudbase Solutions Juju charms and MAAS.
The Microsoft cloud ecosystem evolved considerably in recent years to interoperate with a wide range of open source technologies, including hardware (Open Compute), cloud software platforms (OpenStack), networking (Open vSwitch, OpenDaylight) and orchestration (Juju, Heat).
During this session we will show how to deploy in no time an entire OpenStack cloud based on Microsoft Hyper-V using MaaS and Juju. Networking is going to be based on Open vSwitch, which brings OVSDB and VXLAN to Hyper-V, allowing full interoperability with KVM and other hypervisors.
To conclude, we are going to orchestrate with Juju on top of our OpenStack cloud some of the most common Microsoft workloads, including Active Directory, IIS, SQL Server, SharePoint and Exchange, side by side with open source applications.
Here's an FreeRDP based HTML5 client to connect to the Hyper-V console from any client.
We are developing this feature mainly for integration with the OpenStack dashboard, but it can be used in any scenario requiring remote Hyper-V guest management.
A demo webcast is available here: http://bit.ly/VgwMvs
This webcast will show you how to properly configure and deploy Memcached and Solr on Windows, including all the required Drupal integration. The webcast includes also instructions on proper configuration of your Drupal cron tasks for Solr indexing in conjunction with Windows Task Scheduler.
PHP is a first class citizen on IIS. A lot has been done in order to make sure that PHP can work well and fast on Windows. We will start by installing PHP with PHP Manager and discussing all the options including what thread safe vs non thread safe and VC6 vs VC9 means. Next we'll take a look at how to optimize the FastCGI IIS extension that Microsoft and Zend developed to provide a secure and performant environment for PHP applications. The last part of this webcast will show how to build PHP with Profile Guided Optimizations (PGO), a technique that can provide a significant performance boost in a wide range of applications.
When it comes to Drupal management and deployment, Drush is a must. This webcasts is about installing and configuring Drush on Windows, in order to manage local and remote Drupal sites on Windows and Linux.
This webcast covers the theoretical introduction to Web Farms and how to build Drupal Web Farms with IIS. Don't miss the second part of the webcast (also part of this series) where a full demo on creating Drupal Web Farms with 4 virtual machines will be presented. If you are already familiar with Web Farms, Application Request Router, Web Farm Framework you can skip to part 2. Otherwise, this webcast is highly recommended and propaedeutic to grasp all the basic knowledge that you might need later.
This is a webinar done with Acquia introdcing how well you can run Drupal on Windows with a demo about WebPI and Drush.
Here's a link to the recorded webinar:
http://tinyurl.com/6rfz3px
Building modern web sites with ASP .Net Web API, WebSockets and RSignalAlessandro Pilotti
My session at ITCamp.ro 2012:
Web site development is an ever changing landscape. Thanks to the latest web browser technologies it's possible to create highly responsive single page applications, requiring a new approach to design and development on the server side. During this session we'll see ho to use .Net technologies to get the best out of the new Web API, WebSockets and the excellent RSignal framework.
Search and Society: Reimagining Information Access for Radical FuturesBhaskar Mitra
The field of Information retrieval (IR) is currently undergoing a transformative shift, at least partly due to the emerging applications of generative AI to information access. In this talk, we will deliberate on the sociotechnical implications of generative AI for information access. We will argue that there is both a critical necessity and an exciting opportunity for the IR community to re-center our research agendas on societal needs while dismantling the artificial separation between the work on fairness, accountability, transparency, and ethics in IR and the rest of IR research. Instead of adopting a reactionary strategy of trying to mitigate potential social harms from emerging technologies, the community should aim to proactively set the research agenda for the kinds of systems we should build inspired by diverse explicitly stated sociotechnical imaginaries. The sociotechnical imaginaries that underpin the design and development of information access technologies needs to be explicitly articulated, and we need to develop theories of change in context of these diverse perspectives. Our guiding future imaginaries must be informed by other academic fields, such as democratic theory and critical theory, and should be co-developed with social science scholars, legal scholars, civil rights and social justice activists, and artists, among others.
Key Trends Shaping the Future of Infrastructure.pdfCheryl Hung
Keynote at DIGIT West Expo, Glasgow on 29 May 2024.
Cheryl Hung, ochery.com
Sr Director, Infrastructure Ecosystem, Arm.
The key trends across hardware, cloud and open-source; exploring how these areas are likely to mature and develop over the short and long-term, and then considering how organisations can position themselves to adapt and thrive.
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualityInflectra
In this insightful webinar, Inflectra explores how artificial intelligence (AI) is transforming software development and testing. Discover how AI-powered tools are revolutionizing every stage of the software development lifecycle (SDLC), from design and prototyping to testing, deployment, and monitoring.
Learn about:
• The Future of Testing: How AI is shifting testing towards verification, analysis, and higher-level skills, while reducing repetitive tasks.
• Test Automation: How AI-powered test case generation, optimization, and self-healing tests are making testing more efficient and effective.
• Visual Testing: Explore the emerging capabilities of AI in visual testing and how it's set to revolutionize UI verification.
• Inflectra's AI Solutions: See demonstrations of Inflectra's cutting-edge AI tools like the ChatGPT plugin and Azure Open AI platform, designed to streamline your testing process.
Whether you're a developer, tester, or QA professional, this webinar will give you valuable insights into how AI is shaping the future of software delivery.
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Tobias Schneck
As AI technology is pushing into IT I was wondering myself, as an “infrastructure container kubernetes guy”, how get this fancy AI technology get managed from an infrastructure operational view? Is it possible to apply our lovely cloud native principals as well? What benefit’s both technologies could bring to each other?
Let me take this questions and provide you a short journey through existing deployment models and use cases for AI software. On practical examples, we discuss what cloud/on-premise strategy we may need for applying it to our own infrastructure to get it to work from an enterprise perspective. I want to give an overview about infrastructure requirements and technologies, what could be beneficial or limiting your AI use cases in an enterprise environment. An interactive Demo will give you some insides, what approaches I got already working for real.
JMeter webinar - integration with InfluxDB and GrafanaRTTS
Watch this recorded webinar about real-time monitoring of application performance. See how to integrate Apache JMeter, the open-source leader in performance testing, with InfluxDB, the open-source time-series database, and Grafana, the open-source analytics and visualization application.
In this webinar, we will review the benefits of leveraging InfluxDB and Grafana when executing load tests and demonstrate how these tools are used to visualize performance metrics.
Length: 30 minutes
Session Overview
-------------------------------------------
During this webinar, we will cover the following topics while demonstrating the integrations of JMeter, InfluxDB and Grafana:
- What out-of-the-box solutions are available for real-time monitoring JMeter tests?
- What are the benefits of integrating InfluxDB and Grafana into the load testing stack?
- Which features are provided by Grafana?
- Demonstration of InfluxDB and Grafana using a practice web application
To view the webinar recording, go to:
https://www.rttsweb.com/jmeter-integration-webinar
UiPath Test Automation using UiPath Test Suite series, part 3DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 3. In this session, we will cover desktop automation along with UI automation.
Topics covered:
UI automation Introduction,
UI automation Sample
Desktop automation flow
Pradeep Chinnala, Senior Consultant Automation Developer @WonderBotz and UiPath MVP
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Ramesh Iyer
In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
2. OpenStack
An open source IaaS project
• Apache 2 license
Managed by the OpenStack Foundation
• More than 150 companies joined it including:
• AMD, Intel, Canonical, SUSE Linux, Red Hat, Cisco, Dell,
HP, IBM, NEC, Vmware
Portable
• Mostly used on Linux
Written in Python
3. Releases
Very aggressive schedule
• Twice a year
• Essex
• Apr 2012
• Hyper-V removed
• Folsom
• October 2012
• Cloudbase Solutions involvement - Hyper-V re-included
• Grizzly
• Apr 2013
• Havana
• October 2013
4. Reasons for success
• Most cloud providers want a platform to embed and extend
• E.g. Rackspace, HP
• Most cloud engineers want a platform which is easy to mantain and troubleshoot
• Python, due to it’s dynamic nature, fits the role and is widely known by Linux admins and DevOps
• Great scalability
• Great support for multiple hypervisors
• Nowadays hypervisors are “simple” components in the global architecture, not the focal point anymore
• Difference between products is getting narrower
5. Reasons for success
• Great support for virtual networking
• OpenVSwitch is becoming the “standard de facto” in SDN
• Compatibility with EC2 and S3 API
• Excellent project lifecycle
• Code review
• Unit / System / integration tests
6. Drawbacks
• Setup experience
• Lack of unified deployment tools
• Lack of proper documentation
• Some “youth” issues
• The project is anyway maturing really fast
• The UI is not at the level of the competition
• E.g. Cloudstack
7. Target market
• Public clouds
• Big private clouds
• Not really suitable for mid / small clouds
• Flavors limit flexibility
• Failover clusters are not considered in typical Openstack
deployments, due to large scalability requirements
• Complex installation
• Lack of maturity requires troubleshooting experience
• Not suited for poorly scalable applications
8. Pets vs Cattle
• 2 ways of looking at your VMs
• Pets
• You name them
• Each one has a specific role
• If one “dies”, it’s hard to replace
• Poor scalability
• Cattle
• You don’t name them
• If one “dies”, another will take it’s place
• Great scalability
9. OpenStack Architecture
• Distributed Components
• Can be deployed on a single server or multiple servers
• Public RESTful API
• Bindings available for various languages (including .Net)
• Queues (AMQP) for private APIs
• Great scalability
• Relational DBs for storing the configuration
• MySQL, PostgreSQL, SQLite (and SQL server)
• UI
• CLI tools
• Web dashboard
10. Deployment
• How do you deploy 1000+ physical servers?
• Puppet
• We are working on the CI infrastructure with Microsoft
• Chef
• Crowbar
• Uses mainly Chef
• Dell, Suse, etc
• We are currently adding Hyper-V support for 1.6 and 2.0
11. Crowbar
• Big part of Dell’s cloud strategy
• Bare-metal deployment
• vendor independent
• PXE booting
• Sledgehammer image boots and gets configuration
• Provisioning via Crowbar web site
• Barclams
• Configuration
• Chef recipes
13. Hyper-V 2012 availability
• FREE edition
• Full Hypervisor
• Minimum OS support
• Minimum impact on security updates, etc
• Windows Server 2012
• Just enable the related role
• Windows 8
• For workstation / testing / development usage
• Hyper-V 2012 R2 coming with lots of new features!
14. Components
Compute (Nova)
Object Storage (Swift)
Block Storage (Cinder)
Image Service (Glance)
Networking (Quantum)
Dashboard (Horizon)
Identity (Keystone)
Metering (Ceilometer) - new
Orchestration (Heat) - new
17. Component interaction
• AMQP
• RabbitMQ
• Apache Qpid
• API
• RESTful services
• Database
• Any Python SQLAlchemy provider
• Mostly MySQL
• SQL Server required various bug fixes
18. Keystone
• Single point of integration for:
• Authentication
• Catalog
• Policy
• Token
• Plugin based architecture for backends, e.g.:
• SQL
• LDAP, including Active Directory
• PAM
• Provides Restful APIs
19. Swift
Scalable and fault tolerant object storage
• Achieved via replication
Optional cache (e.g. memcache) used to improve
performance
Objects served via RESTful APIs or raw HTTP requests
Lifecycle independent from the other OpenStack projects
21. Glance images
• Created by providing:
• Container format
• Bare, OVF, AKI, ARI, AMI
• Disk Format
• RAW, VHD, VMDK, VDI, ISO, QCow2, AKI, ARI, AMI
• Metadata properties
• E.g.: hypervisor_type
22. Cinder
• Block storage management
• cinder-api
• cinder-volume
• Mainly iSCSI
• Driver based architecture:
• EMC
• Netapp
• Nexenta
• HP Lefthand
• IBM XIV
• NFS
• LVM
• Windows Storage Server 2012
• And more…
23. Nova
Compute
• nova-compute
Scheduler
• nova-scheduler
API (including metadata)
• nova-api
• EC2 API compatibility
• Metadata API for guests
Console
• nova-novncproxy
• nova-xvpvncproxy
• nova-consoleauth
No-DB-Compute (Grizzly)
• nova-conductor
Network (deprecated, replaced by Quantum)
• nova –network
Volume (deprecated, replaced by Cinder)
• nova-volume
24. nova-compute
Includes drivers for most hypervisors:
• Libvirt (KVM, QEMU)
• Xen
• Hyper-V
• ESX / ESXi / vCenter
• Baremetal
• Mixed deployments are common
• e.g. KVM and Hyper-V
Starting with Grizzly, no database access is needed
• Uses AMQP for scalability
25. nova-scheduler
Scheduling instance deployment is a fundamental feature
• Makes sure that instances are distributed in the best possible
way, based on a set of rules called “filters”
• ComputeFilter checks the image compatibility with the host
(e.g. CPU architecture, hypervisor)
• Custom filters can be easily implemented in Python
26. Compute driver actions
• Driver actions include
• Spawn / destroy VMs
• Retrieving VM info
• Retrieving host info
• Change VM status
• start, stop, reboot, pause, suspend, etc
• Snapshot management
• A snapshot is an image created from an existing VM
• Live migration
• Cold migration / resize
• Volumes attach / detach
• Rescue / unrescue
• Networking (deprecated)
27. OpenStack instances
• Virtual machines (instances) are spawned based on the
following data:
• Glance image
• Hypervisors specific template disk (e.g. VHD, QCow2)
• Flavor
• RAM
• Root disk size
• Ephemeral disk size
• vCPUs
• Specific networks can be specified as well
• Creates one vNic per network
28. Hyper-V driver
WMI
• Currently V1 namespace (root/virtualization)
• V2 namespace used for live migration
• Complete migration to V2 for Havana
Grizzly OS support
• Windows Server / Hyper-V 2008 R2, 2012
• Windows 8 supported for development
Havana OS Support
• New features will target 2012 and above only
29. Hyper-V driver disks
• Copy on write (CoW) implemented with differencing
disks
• Reconnected and merged during snapshots
• Reconnected and merged on resize
• Not necessary for VHDX (Havana)
30. Quantum
• Network connectivity as a service
• Plugin based architecture
• Official plugins:
• Open vSwitch
• Cisco UCS/Nexus
• Linux bridge
• Nicira NVP
• Ryu OpenFlow
• NEC OpenFlow
• Big Switch OpenFlow
• Hyper-V
31. Hyper-V plugin
Quantum plugin
• Runs in quantum-server
• Database based configuration
• Networks, subnets, ports
Quantum agent
• Runs on any compute node
• Supports:
• Local (private vSwitch)
• Flat
• VLAN
• NVGRE (Havana)
• Communicates with plugin via AMQP
L3 support:
• Using the Linux L3 and DHCP plugins
32. Hyper-V plugin
Nova compute driver
• Creates the vNics (one per network)
• Does not connect them
Quantum agent
• Creates the vswitch ports
• Sets the VLAN ID and proper vswitch mode
• For NVGRE creates instances of:
• MSFT_NetVirtualizationLookupRecordSettingData
• etc
33. Quantum OVS interop
• Quantum plugin / agent AMQP RPC protocol is compatible
with OpenVSwitch!!
• You can use the OVS plugin with Hyper-V agents (or vice
versa)
• Limited to compatible L2 protocols: Flat / VLAN
• You can use the L3 and DHCP agents with the Hyper-V
plugin
• Using the OVS L2 agent on the networking nodes
• Great for interoperability (e.g. KVM + Hyper-V)
35. Why OpenVSwitch?
• De facto standard for SDN
• Great interoperability
• Hyper-V / KVM / etc
• OpenFlow
• Tunnelling
• VXLAN
• GRE
• Quantum OVS plugin
• No need for a different one
36. OpenVSwitch porting
• Porting Posix calls to Windows API
• Same CLI as on Linux
• Open Source
• Windows kernel drivers
• NDIS Hyper-V extensions
• VXLAN, GRE
• Best performance
• Support for Hyper-V 2012 and above
38. Horizon
• Main UI
• Implemented in Python with Django
• Typically deployed on Apache with mod_wsgi
• Includes console access
• Currently only VNC
• RDP to be added for Havana
40. Dashboard integration
• Hyper-V uses RDP for accessing the console instead of
VNC
• By default it accepts connections on port 2179
• Not the RDP connection on 3389!
• Access to any guest: Windows, Linux, FreeRDP, etc
• The VM id is provided as part of an RDP protocol
additional buffer called PCB (Pre Connection Buffer)
• Authentication is performed against the host, not the
guest!
41. Dashboard integration
Decoupling from VNC
• Create plugin that embed the canvas in the Dashboard
Authentication layer
• Keystone token validation
Logic for retrieving VM id from OpenStack instance ID
• Ask Nova about the instance details, in particular the Hyper-V host running it
• Get cached hypervisor credentials from keyring or similar
• Query the Hyper-V host about the RDP console port (2179 by default)
• Retrieve the VM id from the host given the instance name
• Perform connection via wsgate
Webcast: http://bit.ly/VgwMvs
42. FreeRDP
• FreeRDP is an amazing RDP open source client.
• Apache 2 license
• Multiplatform
• Linux
• Mac OS X
• Windows
• It provides support for the PCB parameter required by
Hyper-V
• We are using it as a standalone client on the free
Hyper-V server and on Linux, Mac OS X
43. FreeRDP - Web Gateway
Client
• HTML5
• Works on any modern browser
• Web sockets for data transfer
• Canvas for painting
• Can be embedded in any web site
Server proxy
• (wsgate) written in C++
• Currently working on Linux
• can work on Windows
45. Metadata access
• Metadata needs to be provided to the guest:
• Metadata API, accessed via 169.254.169.254
• Openstack or EC2 format
• ConfigDriveV2
46. Cloud-Init
Project provided by Canonical
• Currently Linux specific
• GPL
• Windows Cloud-Init (cloudbase-init)
• Written in Python
• Apache 2
• Very easy to install
• Supports any Hypervisor
47. Windows Cloud-Init
• Cloudbase-init (aka Windows Cloud-Init)
• Similar to the Linux cloud-init
• License: Apache 2
• Porting Cloud-Init to Linux was not possible
• It requires some major refactoring
• Supported data sources:
• OpenStack HTTP metadata
• ConfigDrive V2
• EC2 HTTP metadata (contributed by Mirantis)
50. Password generation
• New Grizzly feature
1. Password is randomly generated
• Can be forced to the value injected by Nova
2. Password in encrypted with the SSH public key
3. Password is POSTed to the metadata service
4. Password can be retrieved by the client and decrypted
with the SSH private key
• nova get-password vm1 .ssh/id_rsa
52. Unattended mode
• Like all our installers, it can be executed in fully
unattended mode:
• msiexec /i CloudbaseInitSetup.msi /qn /l*v log.txt
NETWORKADAPTERNAME="Intel(R) PRO/1000 MT
Network Connection"
55. OpenStack WS2012
• Complete with:
• Drivers / tools:
• VirtIO / XenServer Tools
• Cloudbase-Init
• Sysprepped
• Eval edition can be upgraded with a simple uder_data script:
• DISM /online /Set-Edition:ServerStandard /ProductKey:XXXXX-
XXXXX-XXXXX-XXXXX-XXXXX /AcceptEula
• Make sure to respect the eval license!!
56. Nova Compute Installer
• Independent Python environment to avoid conflicts with
existing applications
• Installs and registers all the required dependencies
• Generates dynamically a nova.conf file based on the
parameters provided by the user
57. Nova Compute Installer
• Creates a new Hyper-V external switch if required
• Registers nova-compute as a service and starts it
• Registers quantum-hyperv-agent as a service and
starts it (optional)
• Enables the Microsoft iSCSI Initiator service (optional)
58. Nova Compute Installer
• Enables and configures Hyper-V Live Migration
(optional )
• FreeRDP for Hyper-V console access
• Installs a command prompt shortcut in the applications
menu for a ready made OpenStack prompt (optional)
• Can be executed fully unattended and automated
59. Unattended mode
• Can be installed in fully unattended mode, great for:
• Chef, Puppet, Group Policies…
• msiexec /i HyperVNovaCompute.msi /qn /l*v log.txt
ADDLOCAL=HyperVNovaCompute,QuantumHyperVAgent,iSCSISWInitiator
,OpenStackCmdPrompt INSTALLDIR=C:OpenStackNova
GLANCEHOST=glancehost GLANCEPORT=9292 RABBITHOST=rabbithost
RABBITPORT=5672 RABBITPASSWORD=12345678
NOVASQLCONNECTION=mysql://user:password@host/nova
INSTANCESPATH=C:HyperV ADDVSWITCH=0 VSWITCHNAME=external1
LIMITCPUFEATURES=”" USECOWIMAGES=1 LOGDIR=C:log
ENABLELOGGING=1 VERBOSELOGGING=1
QUANTUMURL=http://quantumhost:9696
QUANTUMADMINTENANTNAME=service
QUANTUMADMINUSERNAME=quantum
QUANTUMADMINPASSWORD=12345678
QUANTUMADMINAUTHURL=http://keystonehost:35357/v2.0
67. VLAN drivers issues
• BEWARE: Some Windows NIC drivers disable VLAN access
by default!
• HKEY_LOCAL_MACHINESYSTEMCurrentControlSetCo
ntrolClass{4d36e972-e325-11ce-bfc1-08002be10318}
• Look in all the child keys xxxx, e.g. 0001, 0002 etc for a
value "VLanFiltering". Make sure that if present it's set to 0.
• In case of changes, reboot the server or restart the
corresponding adapters.
69. Havana!!
• Planning for Havana now!
• Console integration
• More Quantum
• Ceilometer Hyper-V agent
• Heat Windows Cloud-Init support
• VHDX support
• Ephemeral storage
• Support for more image formats (e.g. AMI/ARI/AKI)
• Nova rescue
• Active Directory Keystone scalability
• VDI support
• Fibre channel
• VM dynamic memory support
• Cinder improvements…