SlideShare a Scribd company logo

vmaf deployement & upgrade for software projects

Download as PPTX, PDF
Thierry Gayet
Thierry Gayet

vmaf deployement & upgrade for software projects

Software
1 of 39
lundi 13 mars 2023 VMAF DEPLOYMENT & UPGRADE Thierry GAYET
 Because the VMAF server will need to de deployed to bytel, the question on how NN6 will deliver the firmware is now an actual question.  In order to not be too specific to TESTTREE, a thinking have been done in order to see how server may be install or upgraded by using generic and common way to proceed. GOAL / INTRODUCTION 2
INTRODUCTION
VMAF – ARCH. 4 STREAMPROBE Rabbit MQ VMAF Pool of vmaf ip address (scalling) HTTPS REST API + OAUTH2 PROTOCOL : HTTPS IPV4(s) PORTS OAUTH2 TOKEN IPV4 PORT USERNAME PASSWORD QUEUE_NAME
 The streamprobe gray interface manage :  Database (mariadb start/stop, reset db  Network (ip interfaces, DNS, NTP  Security (iptables, ldaps, fail2ban, rsyslog)  Storage (fstab, create partition, format, LUKS encryption)  Upgrade  Boot  Actions (reboot,shutdown, hardware inventory STREAMPROBE’S BUILDROOT 5
 The VMAF appliance should not be specific to testtree bu must be usable by any project  That’s why the vmaf appliance has been designed with standard interfaces :  A standard REST API for commands/ input request  A common message broker (rabbitMQ) for responses GOAL 6
DEVSECOPS CYCLE
DEVSECOPS CYCLE 8
DEVSECOPS CYCLE 9
DEVSECOPS CYCLE 10
NEW APPROACH FOR UPGRADING
12 INTERNET CUSTOMER NOSQL DB BACKEND FRONTEND / GUI DOCKER REGISTRY PACKAGE REGISTRY LICENCE REGISTRY PRODUCTION INTEGRATION DEVELOPMENT NN6 NETWORK MQTT MQTT CLIENT GITLAB-CI/CD
 A customer :  View all of his devices with their version and licence  View all release in relation of the devices  Can synchronise upgrade items with the cutomer upgrade appliance  Can download upgrade items within a pgp encrypted archive  Can launch an upgrade process from the main ui to the customer’s site  NN6 team :  View all device with their current release  Locate all customer on a worldmap  Investigate on equipment using encrypted vpn (over a ssl tummel) REQUIREMENTS 13
14 SECURED NETWORK DMZ INTERNET NN6 NETWORK DOCKER REGISTRY (CUSTOMER) UPGRADE BACKEND • HELM / CHART • PROVISIONNING (ANSIBLE, SALT STACK, … ) • … …. manual deploy DOCKER REGISTRY (PROD) MQTT broker MQTT CLIENT registry monitoring Manual/auto docker sync Docker push (subscribe) (publish) https://mqtt.enensys.com dockerregistry.enensys.com CUSTOMER NETWORK BACKEND FRONTEND / GUI NOSQL DB https://dashboard.enensys.com MQTT CLIENT PACKAGE REGISTRY (PROD) DOCKER REGISTRY (CUSTOMER) Package push packerregistry.enensys.com LOCAL GUI LICENCE REGISTRY lm.enensys.com LICENCE CUSTOMER) UPGRADE APPLIANCE
INSTALLING A SERVER
 Streamprobe  Baremetal  Native BIOS : boot from usb key generated from the img  Idrack (DELL) : using the img key  Ipmi (SUPERMICRO) : boot from usb key generated from the img  VMWARE ESXI  Ova image  Mediacast  Baremetal (supermicro)  VMWARE ESXI  Boot from an ISO image then launch an installer that register RPMS Inventory of the way to install (1/2) 16
 Smartgate vt / vt2  Baremetal :  Boot from ISO image then install docker (docker swarm orchestrator)  VMWARE ESXI  Boot from ISO image then install packages  eBox (medicast Mobile + lte gcsas server)  Fedora image install manually then install qemu images (gcow2) Inventory of the way to install (2/2) 17
 Which ALMA release V8 or v9 ?  Using an ISO image burn on an USB key, or directly the ISO image (http://mirror.almalinux.ikoula.com/9.2/isos/x86_64/)  Compatible with:  VMWARE ESXI  BAREMETAL  IDRACK (DELL)  IPMI (SUPERMICRO) ALMA 18
 May use ALMA linux but we require ALPINE as possible  Does not need any base install  HELM/CHARTs is the best deployment method to push docker container and/or services K8S 19
UPGRADING A SERVER
 A customer may :  Have several location with UPGRADE APPLIANCE  Inventory all local appliance (by type/release)  Thus, upgrade may control several point through MQTT connexion Requrements 21
22 SECURED NETWORK DMZ INTERNET NN6 NETWORK DOCKER REGISTRY (CUSTOMER) UPGRADE BACKEND • HELM / CHART • PROVISIONNING (ANSIBLE, SALT STACK, … ) • … …. manual deploy DOCKER REGISTRY (PROD) MQTT broker MQTT CLIENT registry monitoring Manual/auto docker sync Docker push (subscribe) (publish) https://mqtt.enensys.com dockerregistry.enensys.com CUSTOMER NETWORK BACKEND NOSQL DB https://dashboard.enensys.com MQTT CLIENT PACKAGE REGISTRY (PROD) DOCKER REGISTRY (CUSTOMER) Package push packerregistry.enensys.com LOCAL GUI LICENCE REGISTRY lm.enensys.com LICENCE CUSTOMER) FRONTEND / GUI UPGRADE APPLIANCE Licence push Architecture based on an ALMA OS Architecture based on an ALMA OS ALMA OS
23 SECURED NETWORK DMZ INTERNET NN6 NETWORK DOCKER REGISTRY (CUSTOMER) UPGRADE BACKEND • HELM / CHART • PROVISIONNING (ANSIBLE, SALT STACK, … ) • … …. manual deploy DOCKER REGISTRY (PROD) MQTT broker MQTT CLIENT registry monitoring Manual/auto docker sync Docker push (subscribe) (publish) https://mqtt.enensys.com dockerregistry.enensys.com CUSTOMER NETWORK BACKEND NOSQL DB https://dashboard.enensys.com MQTT CLIENT PACKAGE REGISTRY (PROD) DOCKER REGISTRY (CUSTOMER) Package push packerregistry.enensys.com LOCAL GUI LICENCE REGISTRY lm.enensys.com LICENCE CUSTOMER) FRONTEND / GUI UPGRADE APPLIANCE Licence push Architecture based on Kubernetes (K8S) K8S
Upgrade for customer network connected to Internet (ONLINE)
25 SECURED NETWORK DMZ INTERNET NN6 NETWORK DOCKER REGISTRY (CUSTOMER) UPGRADE BACKEND • HELM / CHART • PROVISIONNING (ANSIBLE, SALT STACK, … ) • … …. manual deploy DOCKER REGISTRY (PROD) MQTT broker MQTT CLIENT registry monitoring Manual/auto docker sync Docker push (subscribe) (publish) https://mqtt.enensys.com dockerregistry.enensys.com CUSTOMER NETWORK BACKEND NOSQL DB https://dashboard.enensys.com MQTT CLIENT PACKAGE REGISTRY (PROD) DOCKER REGISTRY (CUSTOMER) Package push packerregistry.enensys.com LOCAL GUI LICENCE REGISTRY lm.enensys.com LICENCE CUSTOMER) 0. At the very beginning the customer network (DMZ) subscribe to the MQTT FRONTEND / GUI UPGRADE APPLIANCE Licence push
26 SECURED NETWORK DMZ INTERNET NN6 NETWORK DOCKER REGISTRY (CUSTOMER) UPGRADE BACKEND • HELM / CHART • PROVISIONNING (ANSIBLE, SALT STACK, … ) • … …. manual deploy DOCKER REGISTRY (PROD) MQTT broker MQTT CLIENT registry monitoring Manual/auto docker sync Docker push (subscribe) (publish) https://mqtt.enensys.com dockerregistry.enensys.com CUSTOMER NETWORK BACKEND NOSQL DB https://dashboard.enensys.com MQTT CLIENT PACKAGE REGISTRY (PROD) DOCKER REGISTRY (CUSTOMER) Package push packerregistry.enensys.com LOCAL GUI LICENCE REGISTRY lm.enensys.com LICENCE CUSTOMER) 1. A new firwmare is released officially, an email may be sent to the customer by the backend FRONTEND / GUI UPGRADE APPLIANCE Licence push
27 SECURED NETWORK DMZ INTERNET NN6 NETWORK DOCKER REGISTRY (CUSTOMER) UPGRADE BACKEND • HELM / CHART • PROVISIONNING (ANSIBLE, SALT STACK, … ) • … …. manual deploy DOCKER REGISTRY (PROD) MQTT broker MQTT CLIENT registry monitoring Manual/auto docker sync Docker push (subscribe) (publish) https://mqtt.enensys.com dockerregistry.enensys.com CUSTOMER NETWORK BACKEND FRONTEND / GUI NOSQL DB https://dashboard.enensys.com MQTT CLIENT PACKAGE REGISTRY (PROD) DOCKER REGISTRY (CUSTOMER) Package push packerregistry.enensys.com LOCAL GUI LICENCE REGISTRY lm.enensys.com LICENCE CUSTOMER) 2. The backend will detect a new release for a customer devices and send an email may be sent to the customer by the backend UPGRADE APPLIANCE Licence push
28 SECURED NETWORK DMZ INTERNET NN6 NETWORK DOCKER REGISTRY (CUSTOMER) UPGRADE BACKEND • HELM / CHART • PROVISIONNING (ANSIBLE, SALT STACK, … ) • … …. manual deploy DOCKER REGISTRY (PROD) MQTT broker MQTT CLIENT registry monitoring Manual/auto docker sync Docker push (subscribe) (publish) https://mqtt.enensys.com dockerregistry.enensys.com CUSTOMER NETWORK BACKEND FRONTEND / GUI NOSQL DB https://dashboard.enensys.com MQTT CLIENT PACKAGE REGISTRY (PROD) DOCKER REGISTRY (CUSTOMER) Package push packerregistry.enensys.com LOCAL GUI LICENCE REGISTRY lm.enensys.com LICENCE CUSTOMER) 3. Now, the customer check his dashboard of all its devices and the release note and can decide which on to upgrade (just on, a subset or all) UPGRADE APPLIANCE Licence push
29 SECURED NETWORK DMZ INTERNET NN6 NETWORK DOCKER REGISTRY (CUSTOMER) UPGRADE BACKEND • HELM / CHART • PROVISIONNING (ANSIBLE, SALT STACK, … ) • … …. manual deploy DOCKER REGISTRY (PROD) MQTT broker MQTT CLIENT registry monitoring Manual/auto docker sync Docker push (subscribe) (publish) https://mqtt.enensys.com dockerregistry.enensys.com CUSTOMER NETWORK BACKEND NOSQL DB https://dashboard.enensys.com MQTT CLIENT PACKAGE REGISTRY (PROD) DOCKER REGISTRY (CUSTOMER) Package push packerregistry.enensys.com LOCAL GUI LICENCE REGISTRY lm.enensys.com LICENCE CUSTOMER) 5. A message is sent to the upgrade appliance by sending a message throught MQTT. FRONTEND / GUI UPGRADE APPLIANCE Licence push
30 SECURED NETWORK DMZ INTERNET NN6 NETWORK DOCKER REGISTRY (CUSTOMER) UPGRADE BACKEND • HELM / CHART • PROVISIONNING (ANSIBLE, SALT STACK, … ) • … …. manual deploy DOCKER REGISTRY (PROD) MQTT broker MQTT CLIENT registry monitoring Manual/auto docker sync Docker push (subscribe) (publish) https://mqtt.enensys.com dockerregistry.enensys.com CUSTOMER NETWORK BACKEND NOSQL DB https://dashboard.enensys.com MQTT CLIENT PACKAGE REGISTRY (PROD) DOCKER REGISTRY (CUSTOMER) Package push packerregistry.enensys.com LOCAL GUI LICENCE REGISTRY lm.enensys.com LICENCE CUSTOMER) 6. A synchronisation is done to get the new firmware (docker, package, licences, … ) FRONTEND / GUI UPGRADE APPLIANCE Licence push
31 SECURED NETWORK DMZ INTERNET NN6 NETWORK DOCKER REGISTRY (CUSTOMER) UPGRADE BACKEND • HELM / CHART • PROVISIONNING (ANSIBLE, SALT STACK, … ) • … …. manual deploy DOCKER REGISTRY (PROD) MQTT broker MQTT CLIENT registry monitoring Manual/auto docker sync Docker push (subscribe) (publish) https://mqtt.enensys.com dockerregistry.enensys.com CUSTOMER NETWORK BACKEND NOSQL DB https://dashboard.enensys.com MQTT CLIENT PACKAGE REGISTRY (PROD) DOCKER REGISTRY (CUSTOMER) Package push packerregistry.enensys.com LOCAL GUI LICENCE REGISTRY lm.enensys.com LICENCE CUSTOMER) 7. Finaly the upgrade appliance upgrade all devices (by set, not all in the same time), then send a feedback over MQTT to NN6 (for the support team). FRONTEND / GUI UPGRADE APPLIANCE Licence push
Upgrade for customer network not connected to Internet (OFFLINE)
33 SECURED NETWORK DMZ INTERNET NN6 NETWORK DOCKER REGISTRY (CUSTOMER) UPGRADE BACKEND • HELM / CHART • PROVISIONNING (ANSIBLE, SALT STACK, … ) • … …. manual deploy DOCKER REGISTRY (PROD) MQTT broker MQTT CLIENT registry monitoring Docker push https://mqtt.enensys.com dockerregistry.enensys.com CUSTOMER NETWORK BACKEND NOSQL DB https://dashboard.enensys.com MQTT CLIENT PACKAGE REGISTRY (PROD) DOCKER REGISTRY (CUSTOMER) Package push packerregistry.enensys.com LOCAL GUI LICENCE REGISTRY lm.enensys.com LICENCE CUSTOMER) 1. A new firwmare is released officially, an email may be sent to the customer by the backend FRONTEND / GUI UPGRADE APPLIANCE
34 SECURED NETWORK DMZ INTERNET NN6 NETWORK DOCKER REGISTRY (CUSTOMER) UPGRADE BACKEND • HELM / CHART • PROVISIONNING (ANSIBLE, SALT STACK, … ) • … …. manual deploy DOCKER REGISTRY (PROD) MQTT broker MQTT CLIENT registry monitoring Docker push https://mqtt.enensys.com dockerregistry.enensys.com CUSTOMER NETWORK BACKEND NOSQL DB https://dashboard.enensys.com MQTT CLIENT PACKAGE REGISTRY (PROD) DOCKER REGISTRY (CUSTOMER) Package push packerregistry.enensys.com LOCAL GUI LICENCE REGISTRY lm.enensys.com LICENCE CUSTOMER) 2. The backend will detect a new release for a customer devices and send an email may be sent to the customer by the backend FRONTEND / GUI UPGRADE APPLIANCE Licence push
35 SECURED NETWORK DMZ INTERNET NN6 NETWORK DOCKER REGISTRY (CUSTOMER) UPGRADE BACKEND • HELM / CHART • PROVISIONNING (ANSIBLE, SALT STACK, … ) • … …. manual deploy DOCKER REGISTRY (PROD) MQTT broker MQTT CLIENT registry monitoring Docker push https://mqtt.enensys.com dockerregistry.enensys.com CUSTOMER NETWORK BACKEND FRONTEND / GUI NOSQL DB https://dashboard.enensys.com MQTT CLIENT PACKAGE REGISTRY (PROD) DOCKER REGISTRY (CUSTOMER) Package push packerregistry.enensys.com LOCAL GUI LICENCE REGISTRY lm.enensys.com LICENCE CUSTOMER) 3. Now, the customer check his dashboard of all its devices and the release note and can decide which on to upgrade (just on, a subset or all) UPGRADE APPLIANCE Licence push
36 SECURED NETWORK DMZ INTERNET NN6 NETWORK DOCKER REGISTRY (CUSTOMER) UPGRADE BACKEND • HELM / CHART • PROVISIONNING (ANSIBLE, SALT STACK, … ) • … …. manual deploy DOCKER REGISTRY (PROD) MQTT broker MQTT CLIENT registry monitoring Docker push https://mqtt.enensys.com dockerregistry.enensys.com CUSTOMER NETWORK BACKEND NOSQL DB https://dashboard.enensys.com MQTT CLIENT PACKAGE REGISTRY (PROD) DOCKER REGISTRY (CUSTOMER) Package push packerregistry.enensys.com LOCAL GUI LICENCE REGISTRY lm.enensys.com LICENCE CUSTOMER) 4. An encrypted (pgp) tarball is now downloaded PGP TARBALL download ENCRYPTED TARBALL (static update) Generate FRONTEND / GUI UPGRADE APPLIANCE Licence push
37 SECURED NETWORK DMZ INTERNET NN6 NETWORK DOCKER REGISTRY (CUSTOMER) UPGRADE BACKEND • HELM / CHART • PROVISIONNING (ANSIBLE, SALT STACK, … ) • … …. manual deploy DOCKER REGISTRY (PROD) MQTT broker MQTT CLIENT registry monitoring Docker push https://mqtt.enensys.com dockerregistry.enensys.com CUSTOMER NETWORK BACKEND NOSQL DB https://dashboard.enensys.com MQTT CLIENT PACKAGE REGISTRY (PROD) DOCKER REGISTRY (CUSTOMER) Package push packerregistry.enensys.com LOCAL GUI LICENCE REGISTRY lm.enensys.com LICENCE CUSTOMER) ENCRYPTED TARBALL (static update) FRONTEND / GUI UPGRADE APPLIANCE Licence push 5. Now the cutomer can upload the encrypted (pgp) tarball that contains all update for the customer’s devices. Upload
38 SECURED NETWORK DMZ INTERNET NN6 NETWORK DOCKER REGISTRY (CUSTOMER) UPGRADE BACKEND • HELM / CHART • PROVISIONNING (ANSIBLE, SALT STACK, … ) • … …. manual deploy DOCKER REGISTRY (PROD) MQTT broker MQTT CLIENT registry monitoring Manual/auto docker sync Docker push (subscribe) (publish) https://mqtt.enensys.com dockerregistry.enensys.com CUSTOMER NETWORK BACKEND NOSQL DB https://dashboard.enensys.com MQTT CLIENT PACKAGE REGISTRY (PROD) DOCKER REGISTRY (CUSTOMER) Package push packerregistry.enensys.com LOCAL GUI LICENCE REGISTRY lm.enensys.com LICENCE CUSTOMER) 6. Finaly the upgrade appliance upgrade all devices (by set, not all in the same time) ; it may be interesting to got a feedback on the serveur upgraded ! FRONTEND / GUI UPGRADE APPLIANCE Licence push
ENENSYS 4A rue des Buttes CS 37734 35 577 Cesson-Sévigné – France Phone (+33) 1 70 72 51 70 Email contact@test-tree.com www.enensys.com 39

Recommended

VMworld 2013: How to Exchange Status Message Between Guest and Host Using RPC
VMworld 2013: How to Exchange Status Message Between Guest and Host Using RPC VMworld 2013: How to Exchange Status Message Between Guest and Host Using RPC
VMworld 2013: How to Exchange Status Message Between Guest and Host Using RPC VMworld
 
How Zalando runs Kubernetes clusters at scale on AWS - AWS re:Invent
How Zalando runs Kubernetes clusters at scale on AWS - AWS re:InventHow Zalando runs Kubernetes clusters at scale on AWS - AWS re:Invent
How Zalando runs Kubernetes clusters at scale on AWS - AWS re:InventHenning Jacobs
 
VMworld Europe 204: Technical Deep Dive on EVO: RAIL, the new VMware Hyper-Co...
VMworld Europe 204: Technical Deep Dive on EVO: RAIL, the new VMware Hyper-Co...VMworld Europe 204: Technical Deep Dive on EVO: RAIL, the new VMware Hyper-Co...
VMworld Europe 204: Technical Deep Dive on EVO: RAIL, the new VMware Hyper-Co...VMworld
 
What_s_New_in_OpenShift_Container_Platform_4.6.pdf
What_s_New_in_OpenShift_Container_Platform_4.6.pdfWhat_s_New_in_OpenShift_Container_Platform_4.6.pdf
What_s_New_in_OpenShift_Container_Platform_4.6.pdfchalermpany
 
Network performance test plan_v0.3
Network performance test plan_v0.3Network performance test plan_v0.3
Network performance test plan_v0.3David Pasek
 
Network Design patters with Docker
Network Design patters with DockerNetwork Design patters with Docker
Network Design patters with DockerDaniel Finneran
 
FreeSWITCH on Docker
FreeSWITCH on DockerFreeSWITCH on Docker
FreeSWITCH on Docker建澄 吳
 
FreeSWITCH on Docker
FreeSWITCH on DockerFreeSWITCH on Docker
FreeSWITCH on DockerChien Cheng Wu
 

Recommended

VMworld 2013: How to Exchange Status Message Between Guest and Host Using RPC
VMworld 2013: How to Exchange Status Message Between Guest and Host Using RPC VMworld 2013: How to Exchange Status Message Between Guest and Host Using RPC
VMworld 2013: How to Exchange Status Message Between Guest and Host Using RPC VMworld
 
How Zalando runs Kubernetes clusters at scale on AWS - AWS re:Invent
How Zalando runs Kubernetes clusters at scale on AWS - AWS re:InventHow Zalando runs Kubernetes clusters at scale on AWS - AWS re:Invent
How Zalando runs Kubernetes clusters at scale on AWS - AWS re:InventHenning Jacobs
 
VMworld Europe 204: Technical Deep Dive on EVO: RAIL, the new VMware Hyper-Co...
VMworld Europe 204: Technical Deep Dive on EVO: RAIL, the new VMware Hyper-Co...VMworld Europe 204: Technical Deep Dive on EVO: RAIL, the new VMware Hyper-Co...
VMworld Europe 204: Technical Deep Dive on EVO: RAIL, the new VMware Hyper-Co...VMworld
 
What_s_New_in_OpenShift_Container_Platform_4.6.pdf
What_s_New_in_OpenShift_Container_Platform_4.6.pdfWhat_s_New_in_OpenShift_Container_Platform_4.6.pdf
What_s_New_in_OpenShift_Container_Platform_4.6.pdfchalermpany
 
Network performance test plan_v0.3
Network performance test plan_v0.3Network performance test plan_v0.3
Network performance test plan_v0.3David Pasek
 
Network Design patters with Docker
Network Design patters with DockerNetwork Design patters with Docker
Network Design patters with DockerDaniel Finneran
 
FreeSWITCH on Docker
FreeSWITCH on DockerFreeSWITCH on Docker
FreeSWITCH on Docker建澄 吳
 
FreeSWITCH on Docker
FreeSWITCH on DockerFreeSWITCH on Docker
FreeSWITCH on DockerChien Cheng Wu
 
Tungsten Fabric Overview
Tungsten Fabric OverviewTungsten Fabric Overview
Tungsten Fabric OverviewMichelle Holley
 
Vsc 71-se-presentation-training
Vsc 71-se-presentation-trainingVsc 71-se-presentation-training
Vsc 71-se-presentation-trainingnarit_ton
 
Kubernetes laravel and kubernetes
Kubernetes laravel and kubernetesKubernetes laravel and kubernetes
Kubernetes laravel and kubernetesWilliam Stewart
 
Cozystack: Free PaaS platform and framework for building clouds
Cozystack: Free PaaS platform and framework for building cloudsCozystack: Free PaaS platform and framework for building clouds
Cozystack: Free PaaS platform and framework for building cloudsAndrei Kvapil
 
Docker Networking - Common Issues and Troubleshooting Techniques
Docker Networking - Common Issues and Troubleshooting TechniquesDocker Networking - Common Issues and Troubleshooting Techniques
Docker Networking - Common Issues and Troubleshooting TechniquesSreenivas Makam
 
DELL (OME) Open Manage Esentials network connections (TCP/UDP ports) and fire...
DELL (OME) Open Manage Esentials network connections (TCP/UDP ports) and fire...DELL (OME) Open Manage Esentials network connections (TCP/UDP ports) and fire...
DELL (OME) Open Manage Esentials network connections (TCP/UDP ports) and fire...David Pasek
 
Next Generation Address Management with VitalQIP - Alcatel-Lucent and Perficient
Next Generation Address Management with VitalQIP - Alcatel-Lucent and PerficientNext Generation Address Management with VitalQIP - Alcatel-Lucent and Perficient
Next Generation Address Management with VitalQIP - Alcatel-Lucent and PerficientPerficient, Inc.
 
The state of the swarm
The state of the swarmThe state of the swarm
The state of the swarmMathieu Buffenoir
 
kubernetes for beginners
kubernetes for beginnerskubernetes for beginners
kubernetes for beginnersDominique Dumont
 
Canary deployment with Traefik and K3S
Canary deployment with Traefik and K3SCanary deployment with Traefik and K3S
Canary deployment with Traefik and K3SJakub Hajek
 
Practical Design Patterns in Docker Networking
Practical Design Patterns in Docker NetworkingPractical Design Patterns in Docker Networking
Practical Design Patterns in Docker NetworkingDocker, Inc.
 
Automação do físico ao NetSecDevOps
Automação do físico ao NetSecDevOpsAutomação do físico ao NetSecDevOps
Automação do físico ao NetSecDevOpsRaul Leite
 
Monitoring CloudStack and components
Monitoring CloudStack and componentsMonitoring CloudStack and components
Monitoring CloudStack and componentsShapeBlue
 
Raisecom GPON Solution Training - Chapter 4 NView_V2.pptx
Raisecom GPON Solution Training - Chapter 4 NView_V2.pptxRaisecom GPON Solution Training - Chapter 4 NView_V2.pptx
Raisecom GPON Solution Training - Chapter 4 NView_V2.pptxJean Carlos Cruz
 
Network Automation Tools
Network Automation ToolsNetwork Automation Tools
Network Automation ToolsEdwin Beekman
 
DCHQ Cloud Application Platform | Linux Containers | Docker PaaS
DCHQ Cloud Application Platform | Linux Containers | Docker PaaSDCHQ Cloud Application Platform | Linux Containers | Docker PaaS
DCHQ Cloud Application Platform | Linux Containers | Docker PaaSdchq
 
Altinity Cluster Manager: ClickHouse Management for Kubernetes and Cloud
Altinity Cluster Manager: ClickHouse Management for Kubernetes and CloudAltinity Cluster Manager: ClickHouse Management for Kubernetes and Cloud
Altinity Cluster Manager: ClickHouse Management for Kubernetes and CloudAltinity Ltd
 
Delivering Docker & K3s worloads to IoT Edge devices
Delivering Docker & K3s worloads to IoT Edge devicesDelivering Docker & K3s worloads to IoT Edge devices
Delivering Docker & K3s worloads to IoT Edge devicesAjeet Singh Raina
 
Time Series Database and Tick Stack
Time Series Database and Tick StackTime Series Database and Tick Stack
Time Series Database and Tick StackGianluca Arbezzano
 
Marriage of Openstack with KVM and ESX at PayPal OpenStack Summit Hong Kong F...
Marriage of Openstack with KVM and ESX at PayPal OpenStack Summit Hong Kong F...Marriage of Openstack with KVM and ESX at PayPal OpenStack Summit Hong Kong F...
Marriage of Openstack with KVM and ESX at PayPal OpenStack Summit Hong Kong F...Scott Carlson
 
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...soniya singh
 
MYjobs Presentation Django-based project
MYjobs Presentation Django-based projectMYjobs Presentation Django-based project
MYjobs Presentation Django-based projectAnoyGreter
 

More Related Content

Similar to vmaf deployement & upgrade for software projects

Tungsten Fabric Overview
Tungsten Fabric OverviewTungsten Fabric Overview
Tungsten Fabric OverviewMichelle Holley
 
Vsc 71-se-presentation-training
Vsc 71-se-presentation-trainingVsc 71-se-presentation-training
Vsc 71-se-presentation-trainingnarit_ton
 
Kubernetes laravel and kubernetes
Kubernetes laravel and kubernetesKubernetes laravel and kubernetes
Kubernetes laravel and kubernetesWilliam Stewart
 
Cozystack: Free PaaS platform and framework for building clouds
Cozystack: Free PaaS platform and framework for building cloudsCozystack: Free PaaS platform and framework for building clouds
Cozystack: Free PaaS platform and framework for building cloudsAndrei Kvapil
 
Docker Networking - Common Issues and Troubleshooting Techniques
Docker Networking - Common Issues and Troubleshooting TechniquesDocker Networking - Common Issues and Troubleshooting Techniques
Docker Networking - Common Issues and Troubleshooting TechniquesSreenivas Makam
 
DELL (OME) Open Manage Esentials network connections (TCP/UDP ports) and fire...
DELL (OME) Open Manage Esentials network connections (TCP/UDP ports) and fire...DELL (OME) Open Manage Esentials network connections (TCP/UDP ports) and fire...
DELL (OME) Open Manage Esentials network connections (TCP/UDP ports) and fire...David Pasek
 
Next Generation Address Management with VitalQIP - Alcatel-Lucent and Perficient
Next Generation Address Management with VitalQIP - Alcatel-Lucent and PerficientNext Generation Address Management with VitalQIP - Alcatel-Lucent and Perficient
Next Generation Address Management with VitalQIP - Alcatel-Lucent and PerficientPerficient, Inc.
 
Canary deployment with Traefik and K3S
Canary deployment with Traefik and K3SCanary deployment with Traefik and K3S
Canary deployment with Traefik and K3SJakub Hajek
 
Practical Design Patterns in Docker Networking
Practical Design Patterns in Docker NetworkingPractical Design Patterns in Docker Networking
Practical Design Patterns in Docker NetworkingDocker, Inc.
 
Automação do físico ao NetSecDevOps
Automação do físico ao NetSecDevOpsAutomação do físico ao NetSecDevOps
Automação do físico ao NetSecDevOpsRaul Leite
 
Monitoring CloudStack and components
Monitoring CloudStack and componentsMonitoring CloudStack and components
Monitoring CloudStack and componentsShapeBlue
 
Raisecom GPON Solution Training - Chapter 4 NView_V2.pptx
Raisecom GPON Solution Training - Chapter 4 NView_V2.pptxRaisecom GPON Solution Training - Chapter 4 NView_V2.pptx
Raisecom GPON Solution Training - Chapter 4 NView_V2.pptxJean Carlos Cruz
 
Network Automation Tools
Network Automation ToolsNetwork Automation Tools
Network Automation ToolsEdwin Beekman
 
DCHQ Cloud Application Platform | Linux Containers | Docker PaaS
DCHQ Cloud Application Platform | Linux Containers | Docker PaaSDCHQ Cloud Application Platform | Linux Containers | Docker PaaS
DCHQ Cloud Application Platform | Linux Containers | Docker PaaSdchq
 
Altinity Cluster Manager: ClickHouse Management for Kubernetes and Cloud
Altinity Cluster Manager: ClickHouse Management for Kubernetes and CloudAltinity Cluster Manager: ClickHouse Management for Kubernetes and Cloud
Altinity Cluster Manager: ClickHouse Management for Kubernetes and CloudAltinity Ltd
 
Delivering Docker & K3s worloads to IoT Edge devices
Delivering Docker & K3s worloads to IoT Edge devicesDelivering Docker & K3s worloads to IoT Edge devices
Delivering Docker & K3s worloads to IoT Edge devicesAjeet Singh Raina
 
Time Series Database and Tick Stack
Time Series Database and Tick StackTime Series Database and Tick Stack
Time Series Database and Tick StackGianluca Arbezzano
 
Marriage of Openstack with KVM and ESX at PayPal OpenStack Summit Hong Kong F...
Marriage of Openstack with KVM and ESX at PayPal OpenStack Summit Hong Kong F...Marriage of Openstack with KVM and ESX at PayPal OpenStack Summit Hong Kong F...
Marriage of Openstack with KVM and ESX at PayPal OpenStack Summit Hong Kong F...Scott Carlson
 

Similar to vmaf deployement & upgrade for software projects (20)

Tungsten Fabric Overview
Tungsten Fabric OverviewTungsten Fabric Overview
Tungsten Fabric Overview
 
Vsc 71-se-presentation-training
Vsc 71-se-presentation-trainingVsc 71-se-presentation-training
Vsc 71-se-presentation-training
 
Kubernetes laravel and kubernetes
Kubernetes laravel and kubernetesKubernetes laravel and kubernetes
Kubernetes laravel and kubernetes
 
Cozystack: Free PaaS platform and framework for building clouds
Cozystack: Free PaaS platform and framework for building cloudsCozystack: Free PaaS platform and framework for building clouds
Cozystack: Free PaaS platform and framework for building clouds
 
Docker Networking - Common Issues and Troubleshooting Techniques
Docker Networking - Common Issues and Troubleshooting TechniquesDocker Networking - Common Issues and Troubleshooting Techniques
Docker Networking - Common Issues and Troubleshooting Techniques
 
DELL (OME) Open Manage Esentials network connections (TCP/UDP ports) and fire...
DELL (OME) Open Manage Esentials network connections (TCP/UDP ports) and fire...DELL (OME) Open Manage Esentials network connections (TCP/UDP ports) and fire...
DELL (OME) Open Manage Esentials network connections (TCP/UDP ports) and fire...
 
Next Generation Address Management with VitalQIP - Alcatel-Lucent and Perficient
Next Generation Address Management with VitalQIP - Alcatel-Lucent and PerficientNext Generation Address Management with VitalQIP - Alcatel-Lucent and Perficient
Next Generation Address Management with VitalQIP - Alcatel-Lucent and Perficient
 
The state of the swarm
The state of the swarmThe state of the swarm
The state of the swarm
 
kubernetes for beginners
kubernetes for beginnerskubernetes for beginners
kubernetes for beginners
 
Canary deployment with Traefik and K3S
Canary deployment with Traefik and K3SCanary deployment with Traefik and K3S
Canary deployment with Traefik and K3S
 
Practical Design Patterns in Docker Networking
Practical Design Patterns in Docker NetworkingPractical Design Patterns in Docker Networking
Practical Design Patterns in Docker Networking
 
Automação do físico ao NetSecDevOps
Automação do físico ao NetSecDevOpsAutomação do físico ao NetSecDevOps
Automação do físico ao NetSecDevOps
 
Monitoring CloudStack and components
Monitoring CloudStack and componentsMonitoring CloudStack and components
Monitoring CloudStack and components
 
Raisecom GPON Solution Training - Chapter 4 NView_V2.pptx
Raisecom GPON Solution Training - Chapter 4 NView_V2.pptxRaisecom GPON Solution Training - Chapter 4 NView_V2.pptx
Raisecom GPON Solution Training - Chapter 4 NView_V2.pptx
 
Network Automation Tools
Network Automation ToolsNetwork Automation Tools
Network Automation Tools
 
DCHQ Cloud Application Platform | Linux Containers | Docker PaaS
DCHQ Cloud Application Platform | Linux Containers | Docker PaaSDCHQ Cloud Application Platform | Linux Containers | Docker PaaS
DCHQ Cloud Application Platform | Linux Containers | Docker PaaS
 
Altinity Cluster Manager: ClickHouse Management for Kubernetes and Cloud
Altinity Cluster Manager: ClickHouse Management for Kubernetes and CloudAltinity Cluster Manager: ClickHouse Management for Kubernetes and Cloud
Altinity Cluster Manager: ClickHouse Management for Kubernetes and Cloud
 
Delivering Docker & K3s worloads to IoT Edge devices
Delivering Docker & K3s worloads to IoT Edge devicesDelivering Docker & K3s worloads to IoT Edge devices
Delivering Docker & K3s worloads to IoT Edge devices
 
Time Series Database and Tick Stack
Time Series Database and Tick StackTime Series Database and Tick Stack
Time Series Database and Tick Stack
 
Marriage of Openstack with KVM and ESX at PayPal OpenStack Summit Hong Kong F...
Marriage of Openstack with KVM and ESX at PayPal OpenStack Summit Hong Kong F...Marriage of Openstack with KVM and ESX at PayPal OpenStack Summit Hong Kong F...
Marriage of Openstack with KVM and ESX at PayPal OpenStack Summit Hong Kong F...
 

Recently uploaded

Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...soniya singh
 
MYjobs Presentation Django-based project
MYjobs Presentation Django-based projectMYjobs Presentation Django-based project
MYjobs Presentation Django-based projectAnoyGreter
 
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...Christina Lin
 
Advancing Engineering with AI through the Next Generation of Strategic Projec...
Advancing Engineering with AI through the Next Generation of Strategic Projec...Advancing Engineering with AI through the Next Generation of Strategic Projec...
Advancing Engineering with AI through the Next Generation of Strategic Projec...OnePlan Solutions
 
Implementing Zero Trust strategy with Azure
Implementing Zero Trust strategy with AzureImplementing Zero Trust strategy with Azure
Implementing Zero Trust strategy with AzureDinusha Kumarasiri
 
Cloud Data Center Network Construction - IEEE
Cloud Data Center Network Construction - IEEECloud Data Center Network Construction - IEEE
Cloud Data Center Network Construction - IEEEVICTOR MAESTRE RAMIREZ
 
Dealing with Cultural Dispersion — Stefano Lambiase — ICSE-SEIS 2024
Dealing with Cultural Dispersion — Stefano Lambiase — ICSE-SEIS 2024Dealing with Cultural Dispersion — Stefano Lambiase — ICSE-SEIS 2024
Dealing with Cultural Dispersion — Stefano Lambiase — ICSE-SEIS 2024StefanoLambiase
 
Building Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop SlideBuilding Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop SlideChristina Lin
 
Professional Resume Template for Software Developers
Professional Resume Template for Software DevelopersProfessional Resume Template for Software Developers
Professional Resume Template for Software DevelopersVinodh Ram
 
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASEBATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASEOrtus Solutions, Corp
 
Asset Management Software - Infographic
Asset Management Software - InfographicAsset Management Software - Infographic
Asset Management Software - InfographicHr365.us smith
 
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...MyIntelliSource, Inc.
 
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdf
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdfGOING AOT WITH GRAALVM – DEVOXX GREECE.pdf
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdfAlina Yurenko
 
chapter--4-software-project-planning.ppt
chapter--4-software-project-planning.pptchapter--4-software-project-planning.ppt
chapter--4-software-project-planning.pptkotipi9215
 
Salesforce Certified Field Service Consultant
Salesforce Certified Field Service ConsultantSalesforce Certified Field Service Consultant
Salesforce Certified Field Service ConsultantAxelRicardoTrocheRiq
 
Der Spagat zwischen BIAS und FAIRNESS (2024)
Der Spagat zwischen BIAS und FAIRNESS (2024)Der Spagat zwischen BIAS und FAIRNESS (2024)
Der Spagat zwischen BIAS und FAIRNESS (2024)OPEN KNOWLEDGE GmbH
 
Folding Cheat Sheet #4 - fourth in a series
Folding Cheat Sheet #4 - fourth in a seriesFolding Cheat Sheet #4 - fourth in a series
Folding Cheat Sheet #4 - fourth in a seriesPhilip Schwarz
 
Automate your Kamailio Test Calls - Kamailio World 2024
Automate your Kamailio Test Calls - Kamailio World 2024Automate your Kamailio Test Calls - Kamailio World 2024
Automate your Kamailio Test Calls - Kamailio World 2024Andreas Granig
 
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptx
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptxKnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptx
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptxTier1 app
 
办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样
办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样
办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样umasea
 

Recently uploaded (20)

Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...
 
MYjobs Presentation Django-based project
MYjobs Presentation Django-based projectMYjobs Presentation Django-based project
MYjobs Presentation Django-based project
 
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...
 
Advancing Engineering with AI through the Next Generation of Strategic Projec...
Advancing Engineering with AI through the Next Generation of Strategic Projec...Advancing Engineering with AI through the Next Generation of Strategic Projec...
Advancing Engineering with AI through the Next Generation of Strategic Projec...
 
Implementing Zero Trust strategy with Azure
Implementing Zero Trust strategy with AzureImplementing Zero Trust strategy with Azure
Implementing Zero Trust strategy with Azure
 
Cloud Data Center Network Construction - IEEE
Cloud Data Center Network Construction - IEEECloud Data Center Network Construction - IEEE
Cloud Data Center Network Construction - IEEE
 
Dealing with Cultural Dispersion — Stefano Lambiase — ICSE-SEIS 2024
Dealing with Cultural Dispersion — Stefano Lambiase — ICSE-SEIS 2024Dealing with Cultural Dispersion — Stefano Lambiase — ICSE-SEIS 2024
Dealing with Cultural Dispersion — Stefano Lambiase — ICSE-SEIS 2024
 
Building Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop SlideBuilding Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
 
Professional Resume Template for Software Developers
Professional Resume Template for Software DevelopersProfessional Resume Template for Software Developers
Professional Resume Template for Software Developers
 
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASEBATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
 
Asset Management Software - Infographic
Asset Management Software - InfographicAsset Management Software - Infographic
Asset Management Software - Infographic
 
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
 
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdf
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdfGOING AOT WITH GRAALVM – DEVOXX GREECE.pdf
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdf
 
chapter--4-software-project-planning.ppt
chapter--4-software-project-planning.pptchapter--4-software-project-planning.ppt
chapter--4-software-project-planning.ppt
 
Salesforce Certified Field Service Consultant
Salesforce Certified Field Service ConsultantSalesforce Certified Field Service Consultant
Salesforce Certified Field Service Consultant
 
Der Spagat zwischen BIAS und FAIRNESS (2024)
Der Spagat zwischen BIAS und FAIRNESS (2024)Der Spagat zwischen BIAS und FAIRNESS (2024)
Der Spagat zwischen BIAS und FAIRNESS (2024)
 
Folding Cheat Sheet #4 - fourth in a series
Folding Cheat Sheet #4 - fourth in a seriesFolding Cheat Sheet #4 - fourth in a series
Folding Cheat Sheet #4 - fourth in a series
 
Automate your Kamailio Test Calls - Kamailio World 2024
Automate your Kamailio Test Calls - Kamailio World 2024Automate your Kamailio Test Calls - Kamailio World 2024
Automate your Kamailio Test Calls - Kamailio World 2024
 
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptx
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptxKnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptx
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptx
 
办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样
办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样
办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样
 

vmaf deployement & upgrade for software projects

  • 1. lundi 13 mars 2023 VMAF DEPLOYMENT & UPGRADE Thierry GAYET
  • 2.  Because the VMAF server will need to de deployed to bytel, the question on how NN6 will deliver the firmware is now an actual question.  In order to not be too specific to TESTTREE, a thinking have been done in order to see how server may be install or upgraded by using generic and common way to proceed. GOAL / INTRODUCTION 2
  • 4. VMAF – ARCH. 4 STREAMPROBE Rabbit MQ VMAF Pool of vmaf ip address (scalling) HTTPS REST API + OAUTH2 PROTOCOL : HTTPS IPV4(s) PORTS OAUTH2 TOKEN IPV4 PORT USERNAME PASSWORD QUEUE_NAME
  • 5.  The streamprobe gray interface manage :  Database (mariadb start/stop, reset db  Network (ip interfaces, DNS, NTP  Security (iptables, ldaps, fail2ban, rsyslog)  Storage (fstab, create partition, format, LUKS encryption)  Upgrade  Boot  Actions (reboot,shutdown, hardware inventory STREAMPROBE’S BUILDROOT 5
  • 6.  The VMAF appliance should not be specific to testtree bu must be usable by any project  That’s why the vmaf appliance has been designed with standard interfaces :  A standard REST API for commands/ input request  A common message broker (rabbitMQ) for responses GOAL 6
  • 11. NEW APPROACH FOR UPGRADING
  • 12. 12 INTERNET CUSTOMER NOSQL DB BACKEND FRONTEND / GUI DOCKER REGISTRY PACKAGE REGISTRY LICENCE REGISTRY PRODUCTION INTEGRATION DEVELOPMENT NN6 NETWORK MQTT MQTT CLIENT GITLAB-CI/CD
  • 13.  A customer :  View all of his devices with their version and licence  View all release in relation of the devices  Can synchronise upgrade items with the cutomer upgrade appliance  Can download upgrade items within a pgp encrypted archive  Can launch an upgrade process from the main ui to the customer’s site  NN6 team :  View all device with their current release  Locate all customer on a worldmap  Investigate on equipment using encrypted vpn (over a ssl tummel) REQUIREMENTS 13
  • 14. 14 SECURED NETWORK DMZ INTERNET NN6 NETWORK DOCKER REGISTRY (CUSTOMER) UPGRADE BACKEND • HELM / CHART • PROVISIONNING (ANSIBLE, SALT STACK, … ) • … …. manual deploy DOCKER REGISTRY (PROD) MQTT broker MQTT CLIENT registry monitoring Manual/auto docker sync Docker push (subscribe) (publish) https://mqtt.enensys.com dockerregistry.enensys.com CUSTOMER NETWORK BACKEND FRONTEND / GUI NOSQL DB https://dashboard.enensys.com MQTT CLIENT PACKAGE REGISTRY (PROD) DOCKER REGISTRY (CUSTOMER) Package push packerregistry.enensys.com LOCAL GUI LICENCE REGISTRY lm.enensys.com LICENCE CUSTOMER) UPGRADE APPLIANCE
  • 16.  Streamprobe  Baremetal  Native BIOS : boot from usb key generated from the img  Idrack (DELL) : using the img key  Ipmi (SUPERMICRO) : boot from usb key generated from the img  VMWARE ESXI  Ova image  Mediacast  Baremetal (supermicro)  VMWARE ESXI  Boot from an ISO image then launch an installer that register RPMS Inventory of the way to install (1/2) 16
  • 17.  Smartgate vt / vt2  Baremetal :  Boot from ISO image then install docker (docker swarm orchestrator)  VMWARE ESXI  Boot from ISO image then install packages  eBox (medicast Mobile + lte gcsas server)  Fedora image install manually then install qemu images (gcow2) Inventory of the way to install (2/2) 17
  • 18.  Which ALMA release V8 or v9 ?  Using an ISO image burn on an USB key, or directly the ISO image (http://mirror.almalinux.ikoula.com/9.2/isos/x86_64/)  Compatible with:  VMWARE ESXI  BAREMETAL  IDRACK (DELL)  IPMI (SUPERMICRO) ALMA 18
  • 19.  May use ALMA linux but we require ALPINE as possible  Does not need any base install  HELM/CHARTs is the best deployment method to push docker container and/or services K8S 19
  • 21.  A customer may :  Have several location with UPGRADE APPLIANCE  Inventory all local appliance (by type/release)  Thus, upgrade may control several point through MQTT connexion Requrements 21
  • 22. 22 SECURED NETWORK DMZ INTERNET NN6 NETWORK DOCKER REGISTRY (CUSTOMER) UPGRADE BACKEND • HELM / CHART • PROVISIONNING (ANSIBLE, SALT STACK, … ) • … …. manual deploy DOCKER REGISTRY (PROD) MQTT broker MQTT CLIENT registry monitoring Manual/auto docker sync Docker push (subscribe) (publish) https://mqtt.enensys.com dockerregistry.enensys.com CUSTOMER NETWORK BACKEND NOSQL DB https://dashboard.enensys.com MQTT CLIENT PACKAGE REGISTRY (PROD) DOCKER REGISTRY (CUSTOMER) Package push packerregistry.enensys.com LOCAL GUI LICENCE REGISTRY lm.enensys.com LICENCE CUSTOMER) FRONTEND / GUI UPGRADE APPLIANCE Licence push Architecture based on an ALMA OS Architecture based on an ALMA OS ALMA OS
  • 23. 23 SECURED NETWORK DMZ INTERNET NN6 NETWORK DOCKER REGISTRY (CUSTOMER) UPGRADE BACKEND • HELM / CHART • PROVISIONNING (ANSIBLE, SALT STACK, … ) • … …. manual deploy DOCKER REGISTRY (PROD) MQTT broker MQTT CLIENT registry monitoring Manual/auto docker sync Docker push (subscribe) (publish) https://mqtt.enensys.com dockerregistry.enensys.com CUSTOMER NETWORK BACKEND NOSQL DB https://dashboard.enensys.com MQTT CLIENT PACKAGE REGISTRY (PROD) DOCKER REGISTRY (CUSTOMER) Package push packerregistry.enensys.com LOCAL GUI LICENCE REGISTRY lm.enensys.com LICENCE CUSTOMER) FRONTEND / GUI UPGRADE APPLIANCE Licence push Architecture based on Kubernetes (K8S) K8S
  • 24. Upgrade for customer network connected to Internet (ONLINE)
  • 25. 25 SECURED NETWORK DMZ INTERNET NN6 NETWORK DOCKER REGISTRY (CUSTOMER) UPGRADE BACKEND • HELM / CHART • PROVISIONNING (ANSIBLE, SALT STACK, … ) • … …. manual deploy DOCKER REGISTRY (PROD) MQTT broker MQTT CLIENT registry monitoring Manual/auto docker sync Docker push (subscribe) (publish) https://mqtt.enensys.com dockerregistry.enensys.com CUSTOMER NETWORK BACKEND NOSQL DB https://dashboard.enensys.com MQTT CLIENT PACKAGE REGISTRY (PROD) DOCKER REGISTRY (CUSTOMER) Package push packerregistry.enensys.com LOCAL GUI LICENCE REGISTRY lm.enensys.com LICENCE CUSTOMER) 0. At the very beginning the customer network (DMZ) subscribe to the MQTT FRONTEND / GUI UPGRADE APPLIANCE Licence push
  • 26. 26 SECURED NETWORK DMZ INTERNET NN6 NETWORK DOCKER REGISTRY (CUSTOMER) UPGRADE BACKEND • HELM / CHART • PROVISIONNING (ANSIBLE, SALT STACK, … ) • … …. manual deploy DOCKER REGISTRY (PROD) MQTT broker MQTT CLIENT registry monitoring Manual/auto docker sync Docker push (subscribe) (publish) https://mqtt.enensys.com dockerregistry.enensys.com CUSTOMER NETWORK BACKEND NOSQL DB https://dashboard.enensys.com MQTT CLIENT PACKAGE REGISTRY (PROD) DOCKER REGISTRY (CUSTOMER) Package push packerregistry.enensys.com LOCAL GUI LICENCE REGISTRY lm.enensys.com LICENCE CUSTOMER) 1. A new firwmare is released officially, an email may be sent to the customer by the backend FRONTEND / GUI UPGRADE APPLIANCE Licence push
  • 27. 27 SECURED NETWORK DMZ INTERNET NN6 NETWORK DOCKER REGISTRY (CUSTOMER) UPGRADE BACKEND • HELM / CHART • PROVISIONNING (ANSIBLE, SALT STACK, … ) • … …. manual deploy DOCKER REGISTRY (PROD) MQTT broker MQTT CLIENT registry monitoring Manual/auto docker sync Docker push (subscribe) (publish) https://mqtt.enensys.com dockerregistry.enensys.com CUSTOMER NETWORK BACKEND FRONTEND / GUI NOSQL DB https://dashboard.enensys.com MQTT CLIENT PACKAGE REGISTRY (PROD) DOCKER REGISTRY (CUSTOMER) Package push packerregistry.enensys.com LOCAL GUI LICENCE REGISTRY lm.enensys.com LICENCE CUSTOMER) 2. The backend will detect a new release for a customer devices and send an email may be sent to the customer by the backend UPGRADE APPLIANCE Licence push
  • 28. 28 SECURED NETWORK DMZ INTERNET NN6 NETWORK DOCKER REGISTRY (CUSTOMER) UPGRADE BACKEND • HELM / CHART • PROVISIONNING (ANSIBLE, SALT STACK, … ) • … …. manual deploy DOCKER REGISTRY (PROD) MQTT broker MQTT CLIENT registry monitoring Manual/auto docker sync Docker push (subscribe) (publish) https://mqtt.enensys.com dockerregistry.enensys.com CUSTOMER NETWORK BACKEND FRONTEND / GUI NOSQL DB https://dashboard.enensys.com MQTT CLIENT PACKAGE REGISTRY (PROD) DOCKER REGISTRY (CUSTOMER) Package push packerregistry.enensys.com LOCAL GUI LICENCE REGISTRY lm.enensys.com LICENCE CUSTOMER) 3. Now, the customer check his dashboard of all its devices and the release note and can decide which on to upgrade (just on, a subset or all) UPGRADE APPLIANCE Licence push
  • 29. 29 SECURED NETWORK DMZ INTERNET NN6 NETWORK DOCKER REGISTRY (CUSTOMER) UPGRADE BACKEND • HELM / CHART • PROVISIONNING (ANSIBLE, SALT STACK, … ) • … …. manual deploy DOCKER REGISTRY (PROD) MQTT broker MQTT CLIENT registry monitoring Manual/auto docker sync Docker push (subscribe) (publish) https://mqtt.enensys.com dockerregistry.enensys.com CUSTOMER NETWORK BACKEND NOSQL DB https://dashboard.enensys.com MQTT CLIENT PACKAGE REGISTRY (PROD) DOCKER REGISTRY (CUSTOMER) Package push packerregistry.enensys.com LOCAL GUI LICENCE REGISTRY lm.enensys.com LICENCE CUSTOMER) 5. A message is sent to the upgrade appliance by sending a message throught MQTT. FRONTEND / GUI UPGRADE APPLIANCE Licence push
  • 30. 30 SECURED NETWORK DMZ INTERNET NN6 NETWORK DOCKER REGISTRY (CUSTOMER) UPGRADE BACKEND • HELM / CHART • PROVISIONNING (ANSIBLE, SALT STACK, … ) • … …. manual deploy DOCKER REGISTRY (PROD) MQTT broker MQTT CLIENT registry monitoring Manual/auto docker sync Docker push (subscribe) (publish) https://mqtt.enensys.com dockerregistry.enensys.com CUSTOMER NETWORK BACKEND NOSQL DB https://dashboard.enensys.com MQTT CLIENT PACKAGE REGISTRY (PROD) DOCKER REGISTRY (CUSTOMER) Package push packerregistry.enensys.com LOCAL GUI LICENCE REGISTRY lm.enensys.com LICENCE CUSTOMER) 6. A synchronisation is done to get the new firmware (docker, package, licences, … ) FRONTEND / GUI UPGRADE APPLIANCE Licence push
  • 31. 31 SECURED NETWORK DMZ INTERNET NN6 NETWORK DOCKER REGISTRY (CUSTOMER) UPGRADE BACKEND • HELM / CHART • PROVISIONNING (ANSIBLE, SALT STACK, … ) • … …. manual deploy DOCKER REGISTRY (PROD) MQTT broker MQTT CLIENT registry monitoring Manual/auto docker sync Docker push (subscribe) (publish) https://mqtt.enensys.com dockerregistry.enensys.com CUSTOMER NETWORK BACKEND NOSQL DB https://dashboard.enensys.com MQTT CLIENT PACKAGE REGISTRY (PROD) DOCKER REGISTRY (CUSTOMER) Package push packerregistry.enensys.com LOCAL GUI LICENCE REGISTRY lm.enensys.com LICENCE CUSTOMER) 7. Finaly the upgrade appliance upgrade all devices (by set, not all in the same time), then send a feedback over MQTT to NN6 (for the support team). FRONTEND / GUI UPGRADE APPLIANCE Licence push
  • 32. Upgrade for customer network not connected to Internet (OFFLINE)
  • 33. 33 SECURED NETWORK DMZ INTERNET NN6 NETWORK DOCKER REGISTRY (CUSTOMER) UPGRADE BACKEND • HELM / CHART • PROVISIONNING (ANSIBLE, SALT STACK, … ) • … …. manual deploy DOCKER REGISTRY (PROD) MQTT broker MQTT CLIENT registry monitoring Docker push https://mqtt.enensys.com dockerregistry.enensys.com CUSTOMER NETWORK BACKEND NOSQL DB https://dashboard.enensys.com MQTT CLIENT PACKAGE REGISTRY (PROD) DOCKER REGISTRY (CUSTOMER) Package push packerregistry.enensys.com LOCAL GUI LICENCE REGISTRY lm.enensys.com LICENCE CUSTOMER) 1. A new firwmare is released officially, an email may be sent to the customer by the backend FRONTEND / GUI UPGRADE APPLIANCE
  • 34. 34 SECURED NETWORK DMZ INTERNET NN6 NETWORK DOCKER REGISTRY (CUSTOMER) UPGRADE BACKEND • HELM / CHART • PROVISIONNING (ANSIBLE, SALT STACK, … ) • … …. manual deploy DOCKER REGISTRY (PROD) MQTT broker MQTT CLIENT registry monitoring Docker push https://mqtt.enensys.com dockerregistry.enensys.com CUSTOMER NETWORK BACKEND NOSQL DB https://dashboard.enensys.com MQTT CLIENT PACKAGE REGISTRY (PROD) DOCKER REGISTRY (CUSTOMER) Package push packerregistry.enensys.com LOCAL GUI LICENCE REGISTRY lm.enensys.com LICENCE CUSTOMER) 2. The backend will detect a new release for a customer devices and send an email may be sent to the customer by the backend FRONTEND / GUI UPGRADE APPLIANCE Licence push
  • 35. 35 SECURED NETWORK DMZ INTERNET NN6 NETWORK DOCKER REGISTRY (CUSTOMER) UPGRADE BACKEND • HELM / CHART • PROVISIONNING (ANSIBLE, SALT STACK, … ) • … …. manual deploy DOCKER REGISTRY (PROD) MQTT broker MQTT CLIENT registry monitoring Docker push https://mqtt.enensys.com dockerregistry.enensys.com CUSTOMER NETWORK BACKEND FRONTEND / GUI NOSQL DB https://dashboard.enensys.com MQTT CLIENT PACKAGE REGISTRY (PROD) DOCKER REGISTRY (CUSTOMER) Package push packerregistry.enensys.com LOCAL GUI LICENCE REGISTRY lm.enensys.com LICENCE CUSTOMER) 3. Now, the customer check his dashboard of all its devices and the release note and can decide which on to upgrade (just on, a subset or all) UPGRADE APPLIANCE Licence push
  • 36. 36 SECURED NETWORK DMZ INTERNET NN6 NETWORK DOCKER REGISTRY (CUSTOMER) UPGRADE BACKEND • HELM / CHART • PROVISIONNING (ANSIBLE, SALT STACK, … ) • … …. manual deploy DOCKER REGISTRY (PROD) MQTT broker MQTT CLIENT registry monitoring Docker push https://mqtt.enensys.com dockerregistry.enensys.com CUSTOMER NETWORK BACKEND NOSQL DB https://dashboard.enensys.com MQTT CLIENT PACKAGE REGISTRY (PROD) DOCKER REGISTRY (CUSTOMER) Package push packerregistry.enensys.com LOCAL GUI LICENCE REGISTRY lm.enensys.com LICENCE CUSTOMER) 4. An encrypted (pgp) tarball is now downloaded PGP TARBALL download ENCRYPTED TARBALL (static update) Generate FRONTEND / GUI UPGRADE APPLIANCE Licence push
  • 37. 37 SECURED NETWORK DMZ INTERNET NN6 NETWORK DOCKER REGISTRY (CUSTOMER) UPGRADE BACKEND • HELM / CHART • PROVISIONNING (ANSIBLE, SALT STACK, … ) • … …. manual deploy DOCKER REGISTRY (PROD) MQTT broker MQTT CLIENT registry monitoring Docker push https://mqtt.enensys.com dockerregistry.enensys.com CUSTOMER NETWORK BACKEND NOSQL DB https://dashboard.enensys.com MQTT CLIENT PACKAGE REGISTRY (PROD) DOCKER REGISTRY (CUSTOMER) Package push packerregistry.enensys.com LOCAL GUI LICENCE REGISTRY lm.enensys.com LICENCE CUSTOMER) ENCRYPTED TARBALL (static update) FRONTEND / GUI UPGRADE APPLIANCE Licence push 5. Now the cutomer can upload the encrypted (pgp) tarball that contains all update for the customer’s devices. Upload
  • 38. 38 SECURED NETWORK DMZ INTERNET NN6 NETWORK DOCKER REGISTRY (CUSTOMER) UPGRADE BACKEND • HELM / CHART • PROVISIONNING (ANSIBLE, SALT STACK, … ) • … …. manual deploy DOCKER REGISTRY (PROD) MQTT broker MQTT CLIENT registry monitoring Manual/auto docker sync Docker push (subscribe) (publish) https://mqtt.enensys.com dockerregistry.enensys.com CUSTOMER NETWORK BACKEND NOSQL DB https://dashboard.enensys.com MQTT CLIENT PACKAGE REGISTRY (PROD) DOCKER REGISTRY (CUSTOMER) Package push packerregistry.enensys.com LOCAL GUI LICENCE REGISTRY lm.enensys.com LICENCE CUSTOMER) 6. Finaly the upgrade appliance upgrade all devices (by set, not all in the same time) ; it may be interesting to got a feedback on the serveur upgraded ! FRONTEND / GUI UPGRADE APPLIANCE Licence push
  • 39. ENENSYS 4A rue des Buttes CS 37734 35 577 Cesson-Sévigné – France Phone (+33) 1 70 72 51 70 Email contact@test-tree.com www.enensys.com 39