SlideShare a Scribd company logo

Built-in Op Visibility & Analytics Designed for Cloud

Canturk Isci
Canturk Isci

The document discusses building operational visibility and analytics directly into cloud platforms. It describes an agentless system crawler that can provide deep visibility into cloud instances without requiring any action from end users. The crawler collects various system data which is then analyzed to provide operational insights and solve real-world problems. Specific applications discussed include vulnerability advising, configuration analysis, and license discovery. The goal is to design monitoring and analytics that are seamlessly integrated and optimized for cloud environments.

Technology
1 of 42
Download to read offline
0 Built-in Operational Visibility and Analytics Designed for Cloud Canturk Isci IBM Research, NY @canturkisci Boston University Thu Apr 28, 11:00 AM CloudSightResearch Vulnerability Advisor
1 Cloud Evolution: Greats and Needs What is Great What is Great Density Scale Portability Repeatability Speed What Needs Work What Needs Work Visibility Operational Insight Utility Cost Scale Automation Agility (u)Services Operational Intelligence - Modernization of IT infra and SW delivery - Complex made simple - Unprecedented efficiency and TTV - Lots of shiny toys across IT lifecycle - Visibility into our environments remains an issue - Also lots of shiny toys for monitoring & analytics BUT: - Still based on traditional IT Principles!
2 - Provide unmatched deep, seamless visibility into cloud instances - Drive operational insights to solve real-world pain points Our Work: Built-in Op Visibility & Analytics Designed for Cloud
3 - Provide unmatched deep, seamless visibility into cloud instances - Drive operational insights to solve real-world pain points Built-in Operational Visibility & Analytics Designed for Cloud
4 - Provide unmatched deep, seamless and unified visibility into ALL cloud instances - Drive operational insights to solve real-world pain points Built-in Operational Visibility & Analytics Designed for Cloud Agentless System Crawler (ASC)
5 Traditional Monitoring vs. Crawlers OS Host Wkld Agent Agent Agent Agent OS Host Wkld A A AA VM OS Wkld A A AA Host OS Wkld A A AA Cont . Wkld A A AA Cont . Wkld A A AA Cont . VMBMS Container OS Host Wkld OS Host Wkld VM OS Wkld Host OS Wkld Cont . Wkld Cont . Wkld Cont . VMBMS Container
6 Some Data Points From an employee- "This is the BES client agent. I don't know what it does but it's always at 50%. I would be the first customer to remove this evil thing from my machines:” PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND 3515 root 20 0 781m 21m 6272 R 53.8 0.3 51:28.92 BESClient C. Colohan. The Scariest Outage Ever. CMU SDI Seminar Series, 2012. http://pdl.cmu.edu/SDI/2012/083012b.html Amazon. Summary of Oct. 22 '12 AWS Service Event in US-East Region. http://aws.amazon.com/message/680342/
7 ”Users do not have to do anything to get this visibility. It is already there by default” Container Cloud Docker Hosts App Cont .App Cont .App Cont .App Cont . Docker Hosts App Cont .App Cont .App Cont .App Cont . Docker Hosts App Cont .App Cont .App Cont .App Cont . Metrics & Logs Bus Multitenant Index Logmet Svc Provisioning Tenancy Info State Events Built-in in every compute node, all geos Enabled by default for all users in all prod O(10K) metrics/s & logs/s Current State Seamless: Built-in Monitoring & Logging in Bluemix Containers
8 Container Cloud App Cont .App Cont .App Cont .App Cont . Cool! Happy User: Effortless, painless visibility in user world magic Seamless: Built-in Monitoring & Logging in Bluemix Containers ”Users do not have to do anything to get this visibility. It is already there by default”
9 Key Advantages Key Advantages App Cont .App Cont .App Cont .App Cont . Why Agentless System Crawlers magic Monitoring built into the platform not in end-user systems No complexity to end user (They do nothing, all they see is the service) No agents/credentials/access (nothing built into userworld) Works out of the box Makes data consumable* (lower barrier to data collection and analytics) Better Security* for end user (No attack surface, in userworld) Better Availability* of monitoring (From birth to death, inspect even defunct guest) Guest Agnostic (Build for platform, not each user distro) Decoupled* from user context (No overhead/side-effect concerns) Monitoring done right for the processes of the Cloud OS
10 Deep Visibility: What We Actually Collect (and Annotate) - OS Info - Processes - Disk Info - Metrics - Network Info - Packages - Files - Config Info From Container/VM - Docker metadata (docker inspect) - CPU metrics (/cgroup/cpuacct/) - Memory metrics (/cgroup/memory) - Docker history Docker Runtime Config Annotator Vulnerability Annotator Compliance Annotator Password Annotator SW Annotator Licence Annotator
11 Deep Visibility Operational Insights/Analytics Solve Real Problems Index (Data) Data Bus Annotators Index (Data) Vuln. & Compl. Analysis Config Analytics (SecConfig) Cloud Time Machine (Audit/PD) Pipeline Service (DevOps) Remediation Service Analyitcs * All analytics services work from the same data & pipeline! Today’s Special: Vulnerability Advisor- OS Info - Processes - Disk Info - Metrics - Network Info - Packages - Files - Config Info From Container/VM - Docker metadata (docker inspect) - CPU metrics (/cgroup/cpuacct/) - Memory metrics (/cgroup/memory) - Docker history Docker Runtime Config Annotator Vulnerability Annotator Compliance Annotator Password Annotator SW Annotator Licence Annotator
12 Crawler: How it Works for VMs • Leverage VM Introspection (VMI) techniques to access VM Mem and Disk state (We built bunch or our own optimizations that make this very efficient and practical) • Can even remote both (decouple all from VM and host) • Almost no new dependencies on host • Currently support 1000+ kernel distros Hypervisor MEM View KB APP Analytics Apps Memory Crawl API VM OS MEMDisk Disk View Disk Crawl API Cloud Analytics Crawl Logic Structured view of VM states APP APP { ....... ....... } Frames
13 Crawler: How it Works for Containers • Leverage Docker APIs for base container information • Exploit container abstractions (namespace mapping and cgroups) for deeper insight • Provide deep state info at scale with no visible overheads to end user 1) Get visibility into container world by namespace mapping 2) Crawl the container (Crawler dependencies still borrowed from host. No need to inject into container!) 3) Return to original namespace 4) Push data to backend index
14 Crawler: Typical Deployment • Typical deployment, able to track diverse cloud runtimes w parity • Need not be on same host, most crawler functions can be even remoted
15 Crawler: Design • Same crawler across runtimes for unified operational visibility • Multiple fanouts as use cases grow
16 Open Innovation <3 April 13 Open Container Introspection Toolkit for Security Analysis Open Container Introspection Toolkit for Security Analysis
17 DEMO TIME This Session This Session Agentless System Crawler Bluemix Test Drive (live – ldwave) https://developer.ibm.com/bluemix/2015/11/16/ built-in-monitoring-and-logging-for-bluemix-containers/ LogCrawler and JSON Parsing (live – CanoLibUK3) Vanilla LogCrawler (20150619_LogCrawlerDemo) Crawl even Non-responsive systems (oopsRconsole2) Out of Band SIEM (QRadarDemo) TopoLog for Topology Discovery (newTopo) RTop for Realtime Monitoring (RtopAnnotatedMOV) Crawling for Rootkits with RConsole (RConsoleAnnotatedMOV) Sunday & Wednesday Sunday & Wednesday Vulnerability Advisor Coming soon…
18 Bluemix Test Drive Just start a Bluemix Container (https://console.ng.bluemix.net/) Go to Container Overview (Metrics show up in few mins)
19 … Bluemix Test Drive Go to Monitoring and Logs >> Monitoring
20 … Bluemix Test Drive Go to Monitoring and Logs >> Logging
21 Back to: Deep Visibility Operational Insights/Analytics Solve Real Problems - OS Info - Processes - Disk Info - Metrics - Network Info - Packages - Files - Config Info From Container/VM - Docker metadata (docker inspect) - CPU metrics (/cgroup/cpuacct/) - Memory metrics (/cgroup/memory) - Docker history Docker Runtime Config Annotator Vulnerability Annotator Compliance Annotator Password Annotator SW Annotator Licence Annotator How can I identify my vulnerable/non-compliant images before they go live? How can I detect and block systems with password access configurations and weak passwords? 21
22 - OS Info - Processes - Disk Info - Metrics - Network Info - Packages - Files - Config Info From Container/VM - Docker metadata (docker inspect) - CPU metrics (/cgroup/cpuacct/) - Memory metrics (/cgroup/memory) - Docker history Docker Runtime Config Annotator Vulnerability Annotator Compliance Annotator Password Annotator SW Annotator Licence Annotator How can I track, query and analyze my configurations in a simple and robust manner for drift/config analytics? How can I do better resource management and allocation? 22 Deep Visibility Operational Insights/Analytics Solve Real Problems
23 DEMO TIME This Session This Session Vulnerability Advisor, Policy Mgr Go to Bluemix Catalog See VA Image Status (Safe, Caution, Blocked) Go to Create View Explore Status Details (Vulnerabilities, Policy Violations) Browse Policy Manager (Policy Settings, Deployment Impact) Change Org Policies Override Policies (Don’t do it) See Weak Password Discovery Update Image in Local Dev Fix Policy Violation Previously Previously Built-in Monitoring & Logging We just did that one…
24 Getting Started: Let’s Go to London Login to Bluemix London (https://console.eu-gb.bluemix.net/)
25 Deployment Status Login to Bluemix London (https://console.eu-gb.bluemix.net/) Go to Catalog and Look for Containers Hover over containers to see VA verdict: Safe to Deploy
26 Deployment Status Login to Bluemix London (https://console.eu-gb.bluemix.net/) Go to Catalog and Look for Containers Hover over containers to see VA verdict: Safe to Deploy | Deploy with Caution
27 Deployment Status Login to Bluemix London (https://console.eu-gb.bluemix.net/) Go to Catalog and Look for Containers Hover over containers to see VA verdict: Safe to Deploy | Deploy with Caution | Blocked
28 Create View Login to Bluemix London (https://console.eu-gb.bluemix.net/) Go to Catalog and Look for Containers Hover over containers to see VA verdict: Safe to Deploy | Deploy with Caution | Blocked Click on Image to go to Create View See Verdict Details and Explore Options
29 Vulnerability Advisor Report Login to Bluemix London (https://console.eu-gb.bluemix.net/) Go to Catalog and Look for Containers Hover over containers to see VA verdict: Safe to Deploy | Deploy with Caution | Blocked Click on Image to go to Create View See Verdict Details and Explore Options View Vulnerability Advisor Report: Discovered Vulnerabilities | Policy Violations
30 Vulnerability Advisor Report Login to Bluemix London (https://console.eu-gb.bluemix.net/) Go to Catalog and Look for Containers Hover over containers to see VA verdict: Safe to Deploy | Deploy with Caution | Blocked Click on Image to go to Create View See Verdict Details and Explore Options View Vulnerability Advisor Report: Discovered Vulnerabilities | Policy Violations
31 Policy Manager and Deployment Impact Login to Bluemix London (https://console.eu-gb.bluemix.net/) Go to Catalog and Look for Containers Hover over containers to see VA verdict: Safe to Deploy | Deploy with Caution | Blocked Click on Image to go to Create View See Verdict Details and Explore Options View Vulnerability Advisor Report: Discovered Vulnerabilities | Policy Violations Policy Manager and Deployment Impact
32 Policy Manager and Deployment Impact Login to Bluemix London (https://console.eu-gb.bluemix.net/) Go to Catalog and Look for Containers Hover over containers to see VA verdict: Safe to Deploy | Deploy with Caution | Blocked Click on Image to go to Create View See Verdict Details and Explore Options View Vulnerability Advisor Report: Discovered Vulnerabilities | Policy Violations Policy Manager and Deployment Impact Change Org Policy and Observe Impact
33 Policy Override Login to Bluemix London (https://console.eu-gb.bluemix.net/) Go to Catalog and Look for Containers Hover over containers to see VA verdict: Safe to Deploy | Deploy with Caution | Blocked Click on Image to go to Create View See Verdict Details and Explore Options View Vulnerability Advisor Report: Discovered Vulnerabilities | Policy Violations Policy Manager and Deployment Impact Change Org Policy and Observe Impact Create View > Click One-time Override Name your risky container and deploy
34 Also: One-stop Shop “Michael View” for the Purists
3535 Some Nostalgia: Big Vision = Systems as Data Transform systems into documents/frames/data Crawl the cloud like you crawl the web Query & mine the cloud like query/mine the web Learn good & bad sytem/SW configurations automagically
36 Operational Analytics Data Pipeline [Where We Started] Images (Registry) Kafka Configuration Channel Compliance Channel Vulnerability Channel Indexers Vulnerability Annotator Elastic Configuration Index Compliance Index Vulnerability Index Compliance Annotator
37 Operational Analytics Data Pipeline [Where We Are] Images (Registry) Notification Channel Kafka Configuration Channel Compliance Channel Vulnerability Channel Indexers Vulnerability Annotator Discovery Channel Instances (Compute) SecConfig Channel Rootkit Channel Licence Channel Notification Index Elastic Configuration Index Compliance Index Vulnerability Index Discovery Index SecConfig Index Rootkit Index Licence Index USNs Index Compliance Annotator Password Annotator Config Parser SecConfig Annotator SW Discovery Rootkit Annotator Licence Discovery Notification Parser Security Notices
38 Our Other Key Operational Analytics Directions Config Analytics SW and System Discovery by Examples Secure Config Advisor Cloud Time Machine Risk Analysis Licence Discovery Licence Discovery Data Pipeline Licence Db Im g
39 Summary & Open Problems Summary: Challenges: Operational visibility into complex cloud applications; need for real operational intelligence Opportunities: Transform systems to data; New line of ops data analytics; So many low-hanging pain points Agentless System Crawler and Vulnerability Advisor as simple ground-floor examples Parting Thoughts: Operational Visibility >> Metrics & Logs (although a good start, add state, config, interactions, dependencies,…) Cloud lends itself to novel & elegant “monalytics” designed with cloud-native thinking Everything analytics can be as-a-service when we decouple systems | observations | recommendations | actions Open Research Questions: Truly Seamless OpVis: No performance impact (~/~) + Absolutely no side effects (+/-) Extensibility and configurability: Deep visibility into system, application and infra Scale out across runtimes and scale up to many instances; challenges & limits How do you design DDOS-mitigation/admission-control/fair sharing in this model of built-in service Privacy and data sensitivity with Ops data analytics Piecemeal analytics/security solutions Cloud analytics/security roadmap Rules/annotators Actually smart analytics that learn good and bad configs for security, performance, availability, etc. Cross-silo analytics across Time, Space, Dev/Ops [CloudSight Dream]
40 The More You Know Papers: Operational Visibility: IC2E’14, Sigmetrics’14, VEE’15, HotCloud’15, ATC’16 (InterConnect’15) Operational Analytics: BigData’14, IBM JRD’16:{SWDisc,NFM,DevOps} (InterConnect’16) Blogs: Crawl the Cloud Like You Crawl the Web: https://developer.ibm.com/open/2015/07/18/crawl-cloud-like-crawl-web/ Monitoring and Logging for IBM Containers. No configuration needed: https://developer.ibm.com/bluemix/2015/07/06/monitoring-and-logging-for-containers-no-config-required/ Test Driving Built-in Monitoring and Logging in IBM Containers: https://developer.ibm.com/bluemix/2015/11/16/built-in-monitoring-and-logging-for-bluemix-containers/ Is your Docker container secure? Ask Vulnerability Advisor!: https://developer.ibm.com/bluemix/2015/07/02/vulnerability-advisor/ Demos: https://www.youtube.com/channel/UCf8Fn8dKQzBCJRgI1jOlGYg Open Source: dwOpen Tech Talk: https://developer.ibm.com/open/events/dw-open-tech-talk-agentless-system-crawler/ dwOpen Page: https://developer.ibm.com/open/agentless-system-crawler/ Agentless System Crawler: http://github.com/cloudviz/agentless-system-crawler PSVMI Introspection Library: https://github.com/cloudviz/psvmi Try It: As-a-service today: http:///www.bluemix.net Run it yourself: http://github.com/cloudviz/agentless-system-crawler
41 Thank You Seamless, Unified Operational visibility and Analytics Designed fro Cloud [feat. Agentless System Crawler & Vulnerability Advisor] IBM Research Cloud Monitoring, Operational and DevOps Analytics http://www.canturkisci.com/blog @canturkisci

Recommended

What’s New in UniVerse 11.2
What’s New in UniVerse 11.2What’s New in UniVerse 11.2
What’s New in UniVerse 11.2Rocket Software
 
Troubleshooting UniData
Troubleshooting UniDataTroubleshooting UniData
Troubleshooting UniDataRocket Software
 
UniVerse Files
UniVerse FilesUniVerse Files
UniVerse FilesRocket Software
 
D3 MVS Toolkit
D3 MVS ToolkitD3 MVS Toolkit
D3 MVS ToolkitRocket Software
 
Developing for Industrial IoT with Linux OS on DragonBoard™ 410c: Session 4
Developing for Industrial IoT with Linux OS on DragonBoard™ 410c: Session 4Developing for Industrial IoT with Linux OS on DragonBoard™ 410c: Session 4
Developing for Industrial IoT with Linux OS on DragonBoard™ 410c: Session 4Qualcomm Developer Network
 
Software update for embedded systems - elce2014
Software update for embedded systems - elce2014Software update for embedded systems - elce2014
Software update for embedded systems - elce2014Stefano Babic
 
Developing for Industrial IoT with Linux OS on DragonBoard™ 410c: Session 2
Developing for Industrial IoT with Linux OS on DragonBoard™ 410c: Session 2Developing for Industrial IoT with Linux OS on DragonBoard™ 410c: Session 2
Developing for Industrial IoT with Linux OS on DragonBoard™ 410c: Session 2Qualcomm Developer Network
 
Quick and Easy Device Drivers for Embedded Linux Using UIO
Quick and Easy Device Drivers for Embedded Linux Using UIOQuick and Easy Device Drivers for Embedded Linux Using UIO
Quick and Easy Device Drivers for Embedded Linux Using UIOChris Simmonds
 

Recommended

What’s New in UniVerse 11.2
What’s New in UniVerse 11.2What’s New in UniVerse 11.2
What’s New in UniVerse 11.2Rocket Software
 
Troubleshooting UniData
Troubleshooting UniDataTroubleshooting UniData
Troubleshooting UniDataRocket Software
 
UniVerse Files
UniVerse FilesUniVerse Files
UniVerse FilesRocket Software
 
D3 MVS Toolkit
D3 MVS ToolkitD3 MVS Toolkit
D3 MVS ToolkitRocket Software
 
Developing for Industrial IoT with Linux OS on DragonBoard™ 410c: Session 4
Developing for Industrial IoT with Linux OS on DragonBoard™ 410c: Session 4Developing for Industrial IoT with Linux OS on DragonBoard™ 410c: Session 4
Developing for Industrial IoT with Linux OS on DragonBoard™ 410c: Session 4Qualcomm Developer Network
 
Software update for embedded systems - elce2014
Software update for embedded systems - elce2014Software update for embedded systems - elce2014
Software update for embedded systems - elce2014Stefano Babic
 
Developing for Industrial IoT with Linux OS on DragonBoard™ 410c: Session 2
Developing for Industrial IoT with Linux OS on DragonBoard™ 410c: Session 2Developing for Industrial IoT with Linux OS on DragonBoard™ 410c: Session 2
Developing for Industrial IoT with Linux OS on DragonBoard™ 410c: Session 2Qualcomm Developer Network
 
Quick and Easy Device Drivers for Embedded Linux Using UIO
Quick and Easy Device Drivers for Embedded Linux Using UIOQuick and Easy Device Drivers for Embedded Linux Using UIO
Quick and Easy Device Drivers for Embedded Linux Using UIOChris Simmonds
 
Balancing Power & Performance Webinar
Balancing Power & Performance WebinarBalancing Power & Performance Webinar
Balancing Power & Performance WebinarQualcomm Developer Network
 
[ELCE] Activities of super long term support kernel workgroup in civil infras...
[ELCE] Activities of super long term support kernel workgroup in civil infras...[ELCE] Activities of super long term support kernel workgroup in civil infras...
[ELCE] Activities of super long term support kernel workgroup in civil infras...SZ Lin
 
Linux field-update-2015
Linux field-update-2015Linux field-update-2015
Linux field-update-2015Chris Simmonds
 
Developing for Industrial IoT with Linux OS on DragonBoard™ 410c: Session 3
Developing for Industrial IoT with Linux OS on DragonBoard™ 410c: Session 3Developing for Industrial IoT with Linux OS on DragonBoard™ 410c: Session 3
Developing for Industrial IoT with Linux OS on DragonBoard™ 410c: Session 3Qualcomm Developer Network
 
Linux power management: are you doing it right?
Linux power management: are you doing it right?Linux power management: are you doing it right?
Linux power management: are you doing it right?Chris Simmonds
 
Build Your Own Middleware Machine
Build Your Own Middleware MachineBuild Your Own Middleware Machine
Build Your Own Middleware MachineSimon Haslam
 
Using open source software to build an industrial grade embedded linux platfo...
Using open source software to build an industrial grade embedded linux platfo...Using open source software to build an industrial grade embedded linux platfo...
Using open source software to build an industrial grade embedded linux platfo...SZ Lin
 
Software update for IoT Embedded World 2017
Software update for IoT Embedded World 2017Software update for IoT Embedded World 2017
Software update for IoT Embedded World 2017Chris Simmonds
 
Introduction to Civil Infrastructure Platform
Introduction to Civil Infrastructure PlatformIntroduction to Civil Infrastructure Platform
Introduction to Civil Infrastructure PlatformSZ Lin
 
Read-only rootfs: theory and practice
Read-only rootfs: theory and practiceRead-only rootfs: theory and practice
Read-only rootfs: theory and practiceChris Simmonds
 
Reducing boot time in embedded Linux
Reducing boot time in embedded LinuxReducing boot time in embedded Linux
Reducing boot time in embedded LinuxChris Simmonds
 
Software update for IoT: the current state of play
Software update for IoT: the current state of playSoftware update for IoT: the current state of play
Software update for IoT: the current state of playChris Simmonds
 
The ultimate guide to software updates on embedded linux devices
The ultimate guide to software updates on embedded linux devicesThe ultimate guide to software updates on embedded linux devices
The ultimate guide to software updates on embedded linux devicesMender.io
 
XPDS16: A Paravirtualized Interface for Socket Syscalls - Dimitri Stiliadis, ...
XPDS16: A Paravirtualized Interface for Socket Syscalls - Dimitri Stiliadis, ...XPDS16: A Paravirtualized Interface for Socket Syscalls - Dimitri Stiliadis, ...
XPDS16: A Paravirtualized Interface for Socket Syscalls - Dimitri Stiliadis, ...The Linux Foundation
 
Embedded Android: Android beyond the smartphone
Embedded Android: Android beyond the smartphoneEmbedded Android: Android beyond the smartphone
Embedded Android: Android beyond the smartphoneChris Simmonds
 
y2038 issue
y2038 issuey2038 issue
y2038 issueSZ Lin
 
Long-term Maintenance Model of Embedded Industrial Linux Distribution
Long-term Maintenance Model of Embedded Industrial Linux DistributionLong-term Maintenance Model of Embedded Industrial Linux Distribution
Long-term Maintenance Model of Embedded Industrial Linux DistributionSZ Lin
 
The end of embedded Linux (as we know it)
The end of embedded Linux (as we know it)The end of embedded Linux (as we know it)
The end of embedded Linux (as we know it)Chris Simmonds
 
Userspace drivers-2016
Userspace drivers-2016Userspace drivers-2016
Userspace drivers-2016Chris Simmonds
 
OSMC 2010 | Insides SUSE Linux by Joachim Werner
OSMC 2010 | Insides SUSE Linux by Joachim WernerOSMC 2010 | Insides SUSE Linux by Joachim Werner
OSMC 2010 | Insides SUSE Linux by Joachim WernerNETWAYS
 
Agentless System Crawler - InterConnect 2016
Agentless System Crawler - InterConnect 2016Agentless System Crawler - InterConnect 2016
Agentless System Crawler - InterConnect 2016Canturk Isci
 
Rutgers Cloud Seminar 2017
Rutgers Cloud Seminar 2017Rutgers Cloud Seminar 2017
Rutgers Cloud Seminar 2017Canturk Isci
 

More Related Content

What's hot

[ELCE] Activities of super long term support kernel workgroup in civil infras...
[ELCE] Activities of super long term support kernel workgroup in civil infras...[ELCE] Activities of super long term support kernel workgroup in civil infras...
[ELCE] Activities of super long term support kernel workgroup in civil infras...SZ Lin
 
Linux field-update-2015
Linux field-update-2015Linux field-update-2015
Linux field-update-2015Chris Simmonds
 
Developing for Industrial IoT with Linux OS on DragonBoard™ 410c: Session 3
Developing for Industrial IoT with Linux OS on DragonBoard™ 410c: Session 3Developing for Industrial IoT with Linux OS on DragonBoard™ 410c: Session 3
Developing for Industrial IoT with Linux OS on DragonBoard™ 410c: Session 3Qualcomm Developer Network
 
Linux power management: are you doing it right?
Linux power management: are you doing it right?Linux power management: are you doing it right?
Linux power management: are you doing it right?Chris Simmonds
 
Build Your Own Middleware Machine
Build Your Own Middleware MachineBuild Your Own Middleware Machine
Build Your Own Middleware MachineSimon Haslam
 
Using open source software to build an industrial grade embedded linux platfo...
Using open source software to build an industrial grade embedded linux platfo...Using open source software to build an industrial grade embedded linux platfo...
Using open source software to build an industrial grade embedded linux platfo...SZ Lin
 
Software update for IoT Embedded World 2017
Software update for IoT Embedded World 2017Software update for IoT Embedded World 2017
Software update for IoT Embedded World 2017Chris Simmonds
 
Introduction to Civil Infrastructure Platform
Introduction to Civil Infrastructure PlatformIntroduction to Civil Infrastructure Platform
Introduction to Civil Infrastructure PlatformSZ Lin
 
Read-only rootfs: theory and practice
Read-only rootfs: theory and practiceRead-only rootfs: theory and practice
Read-only rootfs: theory and practiceChris Simmonds
 
Reducing boot time in embedded Linux
Reducing boot time in embedded LinuxReducing boot time in embedded Linux
Reducing boot time in embedded LinuxChris Simmonds
 
Software update for IoT: the current state of play
Software update for IoT: the current state of playSoftware update for IoT: the current state of play
Software update for IoT: the current state of playChris Simmonds
 
The ultimate guide to software updates on embedded linux devices
The ultimate guide to software updates on embedded linux devicesThe ultimate guide to software updates on embedded linux devices
The ultimate guide to software updates on embedded linux devicesMender.io
 
XPDS16: A Paravirtualized Interface for Socket Syscalls - Dimitri Stiliadis, ...
XPDS16: A Paravirtualized Interface for Socket Syscalls - Dimitri Stiliadis, ...XPDS16: A Paravirtualized Interface for Socket Syscalls - Dimitri Stiliadis, ...
XPDS16: A Paravirtualized Interface for Socket Syscalls - Dimitri Stiliadis, ...The Linux Foundation
 
Embedded Android: Android beyond the smartphone
Embedded Android: Android beyond the smartphoneEmbedded Android: Android beyond the smartphone
Embedded Android: Android beyond the smartphoneChris Simmonds
 
y2038 issue
y2038 issuey2038 issue
y2038 issueSZ Lin
 
Long-term Maintenance Model of Embedded Industrial Linux Distribution
Long-term Maintenance Model of Embedded Industrial Linux DistributionLong-term Maintenance Model of Embedded Industrial Linux Distribution
Long-term Maintenance Model of Embedded Industrial Linux DistributionSZ Lin
 
The end of embedded Linux (as we know it)
The end of embedded Linux (as we know it)The end of embedded Linux (as we know it)
The end of embedded Linux (as we know it)Chris Simmonds
 
Userspace drivers-2016
Userspace drivers-2016Userspace drivers-2016
Userspace drivers-2016Chris Simmonds
 
OSMC 2010 | Insides SUSE Linux by Joachim Werner
OSMC 2010 | Insides SUSE Linux by Joachim WernerOSMC 2010 | Insides SUSE Linux by Joachim Werner
OSMC 2010 | Insides SUSE Linux by Joachim WernerNETWAYS
 

What's hot (20)

Balancing Power & Performance Webinar
Balancing Power & Performance WebinarBalancing Power & Performance Webinar
Balancing Power & Performance Webinar
 
[ELCE] Activities of super long term support kernel workgroup in civil infras...
[ELCE] Activities of super long term support kernel workgroup in civil infras...[ELCE] Activities of super long term support kernel workgroup in civil infras...
[ELCE] Activities of super long term support kernel workgroup in civil infras...
 
Linux field-update-2015
Linux field-update-2015Linux field-update-2015
Linux field-update-2015
 
Developing for Industrial IoT with Linux OS on DragonBoard™ 410c: Session 3
Developing for Industrial IoT with Linux OS on DragonBoard™ 410c: Session 3Developing for Industrial IoT with Linux OS on DragonBoard™ 410c: Session 3
Developing for Industrial IoT with Linux OS on DragonBoard™ 410c: Session 3
 
Linux power management: are you doing it right?
Linux power management: are you doing it right?Linux power management: are you doing it right?
Linux power management: are you doing it right?
 
Build Your Own Middleware Machine
Build Your Own Middleware MachineBuild Your Own Middleware Machine
Build Your Own Middleware Machine
 
Using open source software to build an industrial grade embedded linux platfo...
Using open source software to build an industrial grade embedded linux platfo...Using open source software to build an industrial grade embedded linux platfo...
Using open source software to build an industrial grade embedded linux platfo...
 
Software update for IoT Embedded World 2017
Software update for IoT Embedded World 2017Software update for IoT Embedded World 2017
Software update for IoT Embedded World 2017
 
Introduction to Civil Infrastructure Platform
Introduction to Civil Infrastructure PlatformIntroduction to Civil Infrastructure Platform
Introduction to Civil Infrastructure Platform
 
Read-only rootfs: theory and practice
Read-only rootfs: theory and practiceRead-only rootfs: theory and practice
Read-only rootfs: theory and practice
 
Reducing boot time in embedded Linux
Reducing boot time in embedded LinuxReducing boot time in embedded Linux
Reducing boot time in embedded Linux
 
Software update for IoT: the current state of play
Software update for IoT: the current state of playSoftware update for IoT: the current state of play
Software update for IoT: the current state of play
 
The ultimate guide to software updates on embedded linux devices
The ultimate guide to software updates on embedded linux devicesThe ultimate guide to software updates on embedded linux devices
The ultimate guide to software updates on embedded linux devices
 
XPDS16: A Paravirtualized Interface for Socket Syscalls - Dimitri Stiliadis, ...
XPDS16: A Paravirtualized Interface for Socket Syscalls - Dimitri Stiliadis, ...XPDS16: A Paravirtualized Interface for Socket Syscalls - Dimitri Stiliadis, ...
XPDS16: A Paravirtualized Interface for Socket Syscalls - Dimitri Stiliadis, ...
 
Embedded Android: Android beyond the smartphone
Embedded Android: Android beyond the smartphoneEmbedded Android: Android beyond the smartphone
Embedded Android: Android beyond the smartphone
 
y2038 issue
y2038 issuey2038 issue
y2038 issue
 
Long-term Maintenance Model of Embedded Industrial Linux Distribution
Long-term Maintenance Model of Embedded Industrial Linux DistributionLong-term Maintenance Model of Embedded Industrial Linux Distribution
Long-term Maintenance Model of Embedded Industrial Linux Distribution
 
The end of embedded Linux (as we know it)
The end of embedded Linux (as we know it)The end of embedded Linux (as we know it)
The end of embedded Linux (as we know it)
 
Userspace drivers-2016
Userspace drivers-2016Userspace drivers-2016
Userspace drivers-2016
 
OSMC 2010 | Insides SUSE Linux by Joachim Werner
OSMC 2010 | Insides SUSE Linux by Joachim WernerOSMC 2010 | Insides SUSE Linux by Joachim Werner
OSMC 2010 | Insides SUSE Linux by Joachim Werner
 

Similar to Built-in Op Visibility & Analytics Designed for Cloud

Agentless System Crawler - InterConnect 2016
Agentless System Crawler - InterConnect 2016Agentless System Crawler - InterConnect 2016
Agentless System Crawler - InterConnect 2016Canturk Isci
 
Rutgers Cloud Seminar 2017
Rutgers Cloud Seminar 2017Rutgers Cloud Seminar 2017
Rutgers Cloud Seminar 2017Canturk Isci
 
20160221 va interconnect_pub
20160221 va interconnect_pub20160221 va interconnect_pub
20160221 va interconnect_pubCanturk Isci
 
EclipseCon 2016 - OCCIware : one Cloud API to rule them all
EclipseCon 2016 - OCCIware : one Cloud API to rule them allEclipseCon 2016 - OCCIware : one Cloud API to rule them all
EclipseCon 2016 - OCCIware : one Cloud API to rule them allMarc Dutoo
 
OCCIware Project at EclipseCon France 2016, by Marc Dutoo, Open Wide
OCCIware Project at EclipseCon France 2016, by Marc Dutoo, Open WideOCCIware Project at EclipseCon France 2016, by Marc Dutoo, Open Wide
OCCIware Project at EclipseCon France 2016, by Marc Dutoo, Open WideOCCIware
 
Common primitives in Docker environments
Common primitives in Docker environmentsCommon primitives in Docker environments
Common primitives in Docker environmentsalexandru giurgiu
 
Open shift and docker - october,2014
Open shift and docker - october,2014Open shift and docker - october,2014
Open shift and docker - october,2014Hojoong Kim
 
Build cloud native solution using open source
Build cloud native solution using open source Build cloud native solution using open source
Build cloud native solution using open source Nitesh Jadhav
 
Kubernetes Monitoring & Best Practices
Kubernetes Monitoring & Best PracticesKubernetes Monitoring & Best Practices
Kubernetes Monitoring & Best PracticesAjeet Singh Raina
 
The DevOps paradigm - the evolution of IT professionals and opensource toolkit
The DevOps paradigm - the evolution of IT professionals and opensource toolkitThe DevOps paradigm - the evolution of IT professionals and opensource toolkit
The DevOps paradigm - the evolution of IT professionals and opensource toolkitMarco Ferrigno
 
The DevOps Paradigm
The DevOps ParadigmThe DevOps Paradigm
The DevOps ParadigmNaLUG
 
DevOps with Kubernetes and Helm - Jenkins World Edition
DevOps with Kubernetes and Helm - Jenkins World EditionDevOps with Kubernetes and Helm - Jenkins World Edition
DevOps with Kubernetes and Helm - Jenkins World EditionJessica Deen
 
Sumo Logic Cert Jam - Advanced Metrics with Kubernetes
Sumo Logic Cert Jam - Advanced Metrics with KubernetesSumo Logic Cert Jam - Advanced Metrics with Kubernetes
Sumo Logic Cert Jam - Advanced Metrics with KubernetesSumo Logic
 
What's New in Docker - February 2017
What's New in Docker - February 2017What's New in Docker - February 2017
What's New in Docker - February 2017Patrick Chanezon
 
Docker in Production: How RightScale Delivers Cloud Applications
Docker in Production: How RightScale Delivers Cloud ApplicationsDocker in Production: How RightScale Delivers Cloud Applications
Docker in Production: How RightScale Delivers Cloud ApplicationsRightScale
 
Microservices Architecture - Cloud Native Apps
Microservices Architecture - Cloud Native AppsMicroservices Architecture - Cloud Native Apps
Microservices Architecture - Cloud Native AppsAraf Karsh Hamid
 
Weave User Group Talk - DockerCon 2017 Recap
Weave User Group Talk - DockerCon 2017 RecapWeave User Group Talk - DockerCon 2017 Recap
Weave User Group Talk - DockerCon 2017 RecapPatrick Chanezon
 
Driving Digital Transformation With Containers And Kubernetes Complete Deck
Driving Digital Transformation With Containers And Kubernetes Complete DeckDriving Digital Transformation With Containers And Kubernetes Complete Deck
Driving Digital Transformation With Containers And Kubernetes Complete DeckSlideTeam
 

Similar to Built-in Op Visibility & Analytics Designed for Cloud (20)

Agentless System Crawler - InterConnect 2016
Agentless System Crawler - InterConnect 2016Agentless System Crawler - InterConnect 2016
Agentless System Crawler - InterConnect 2016
 
Rutgers Cloud Seminar 2017
Rutgers Cloud Seminar 2017Rutgers Cloud Seminar 2017
Rutgers Cloud Seminar 2017
 
Rutgers Cloud Seminar 2017
Rutgers Cloud Seminar 2017Rutgers Cloud Seminar 2017
Rutgers Cloud Seminar 2017
 
20160221 va interconnect_pub
20160221 va interconnect_pub20160221 va interconnect_pub
20160221 va interconnect_pub
 
EclipseCon 2016 - OCCIware : one Cloud API to rule them all
EclipseCon 2016 - OCCIware : one Cloud API to rule them allEclipseCon 2016 - OCCIware : one Cloud API to rule them all
EclipseCon 2016 - OCCIware : one Cloud API to rule them all
 
OCCIware Project at EclipseCon France 2016, by Marc Dutoo, Open Wide
OCCIware Project at EclipseCon France 2016, by Marc Dutoo, Open WideOCCIware Project at EclipseCon France 2016, by Marc Dutoo, Open Wide
OCCIware Project at EclipseCon France 2016, by Marc Dutoo, Open Wide
 
Common primitives in Docker environments
Common primitives in Docker environmentsCommon primitives in Docker environments
Common primitives in Docker environments
 
Open shift and docker - october,2014
Open shift and docker - october,2014Open shift and docker - october,2014
Open shift and docker - october,2014
 
Cont0519
Cont0519Cont0519
Cont0519
 
Build cloud native solution using open source
Build cloud native solution using open source Build cloud native solution using open source
Build cloud native solution using open source
 
Kubernetes Monitoring & Best Practices
Kubernetes Monitoring & Best PracticesKubernetes Monitoring & Best Practices
Kubernetes Monitoring & Best Practices
 
The DevOps paradigm - the evolution of IT professionals and opensource toolkit
The DevOps paradigm - the evolution of IT professionals and opensource toolkitThe DevOps paradigm - the evolution of IT professionals and opensource toolkit
The DevOps paradigm - the evolution of IT professionals and opensource toolkit
 
The DevOps Paradigm
The DevOps ParadigmThe DevOps Paradigm
The DevOps Paradigm
 
DevOps with Kubernetes and Helm - Jenkins World Edition
DevOps with Kubernetes and Helm - Jenkins World EditionDevOps with Kubernetes and Helm - Jenkins World Edition
DevOps with Kubernetes and Helm - Jenkins World Edition
 
Sumo Logic Cert Jam - Advanced Metrics with Kubernetes
Sumo Logic Cert Jam - Advanced Metrics with KubernetesSumo Logic Cert Jam - Advanced Metrics with Kubernetes
Sumo Logic Cert Jam - Advanced Metrics with Kubernetes
 
What's New in Docker - February 2017
What's New in Docker - February 2017What's New in Docker - February 2017
What's New in Docker - February 2017
 
Docker in Production: How RightScale Delivers Cloud Applications
Docker in Production: How RightScale Delivers Cloud ApplicationsDocker in Production: How RightScale Delivers Cloud Applications
Docker in Production: How RightScale Delivers Cloud Applications
 
Microservices Architecture - Cloud Native Apps
Microservices Architecture - Cloud Native AppsMicroservices Architecture - Cloud Native Apps
Microservices Architecture - Cloud Native Apps
 
Weave User Group Talk - DockerCon 2017 Recap
Weave User Group Talk - DockerCon 2017 RecapWeave User Group Talk - DockerCon 2017 Recap
Weave User Group Talk - DockerCon 2017 Recap
 
Driving Digital Transformation With Containers And Kubernetes Complete Deck
Driving Digital Transformation With Containers And Kubernetes Complete DeckDriving Digital Transformation With Containers And Kubernetes Complete Deck
Driving Digital Transformation With Containers And Kubernetes Complete Deck
 

Recently uploaded

Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionDilum Bandara
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
Generative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersGenerative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersRaghuram Pandurangan
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfLoriGlavin3
 
unit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxunit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxBkGupta21
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.Curtis Poe
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningLars Bell
 
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESSALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESmohitsingh558521
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .Alan Dix
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxLoriGlavin3
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfMounikaPolabathina
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...Rick Flair
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxLoriGlavin3
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek SchlawackFwdays
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 

Recently uploaded (20)

Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An Introduction
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
Generative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersGenerative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information Developers
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdf
 
unit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxunit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptx
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine Tuning
 
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESSALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdf
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 

Built-in Op Visibility & Analytics Designed for Cloud

  • 1. 0 Built-in Operational Visibility and Analytics Designed for Cloud Canturk Isci IBM Research, NY @canturkisci Boston University Thu Apr 28, 11:00 AM CloudSightResearch Vulnerability Advisor
  • 2. 1 Cloud Evolution: Greats and Needs What is Great What is Great Density Scale Portability Repeatability Speed What Needs Work What Needs Work Visibility Operational Insight Utility Cost Scale Automation Agility (u)Services Operational Intelligence - Modernization of IT infra and SW delivery - Complex made simple - Unprecedented efficiency and TTV - Lots of shiny toys across IT lifecycle - Visibility into our environments remains an issue - Also lots of shiny toys for monitoring & analytics BUT: - Still based on traditional IT Principles!
  • 3. 2 - Provide unmatched deep, seamless visibility into cloud instances - Drive operational insights to solve real-world pain points Our Work: Built-in Op Visibility & Analytics Designed for Cloud
  • 4. 3 - Provide unmatched deep, seamless visibility into cloud instances - Drive operational insights to solve real-world pain points Built-in Operational Visibility & Analytics Designed for Cloud
  • 5. 4 - Provide unmatched deep, seamless and unified visibility into ALL cloud instances - Drive operational insights to solve real-world pain points Built-in Operational Visibility & Analytics Designed for Cloud Agentless System Crawler (ASC)
  • 6. 5 Traditional Monitoring vs. Crawlers OS Host Wkld Agent Agent Agent Agent OS Host Wkld A A AA VM OS Wkld A A AA Host OS Wkld A A AA Cont . Wkld A A AA Cont . Wkld A A AA Cont . VMBMS Container OS Host Wkld OS Host Wkld VM OS Wkld Host OS Wkld Cont . Wkld Cont . Wkld Cont . VMBMS Container
  • 7. 6 Some Data Points From an employee- "This is the BES client agent. I don't know what it does but it's always at 50%. I would be the first customer to remove this evil thing from my machines:” PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND 3515 root 20 0 781m 21m 6272 R 53.8 0.3 51:28.92 BESClient C. Colohan. The Scariest Outage Ever. CMU SDI Seminar Series, 2012. http://pdl.cmu.edu/SDI/2012/083012b.html Amazon. Summary of Oct. 22 '12 AWS Service Event in US-East Region. http://aws.amazon.com/message/680342/
  • 8. 7 ”Users do not have to do anything to get this visibility. It is already there by default” Container Cloud Docker Hosts App Cont .App Cont .App Cont .App Cont . Docker Hosts App Cont .App Cont .App Cont .App Cont . Docker Hosts App Cont .App Cont .App Cont .App Cont . Metrics & Logs Bus Multitenant Index Logmet Svc Provisioning Tenancy Info State Events Built-in in every compute node, all geos Enabled by default for all users in all prod O(10K) metrics/s & logs/s Current State Seamless: Built-in Monitoring & Logging in Bluemix Containers
  • 9. 8 Container Cloud App Cont .App Cont .App Cont .App Cont . Cool! Happy User: Effortless, painless visibility in user world magic Seamless: Built-in Monitoring & Logging in Bluemix Containers ”Users do not have to do anything to get this visibility. It is already there by default”
  • 10. 9 Key Advantages Key Advantages App Cont .App Cont .App Cont .App Cont . Why Agentless System Crawlers magic Monitoring built into the platform not in end-user systems No complexity to end user (They do nothing, all they see is the service) No agents/credentials/access (nothing built into userworld) Works out of the box Makes data consumable* (lower barrier to data collection and analytics) Better Security* for end user (No attack surface, in userworld) Better Availability* of monitoring (From birth to death, inspect even defunct guest) Guest Agnostic (Build for platform, not each user distro) Decoupled* from user context (No overhead/side-effect concerns) Monitoring done right for the processes of the Cloud OS
  • 11. 10 Deep Visibility: What We Actually Collect (and Annotate) - OS Info - Processes - Disk Info - Metrics - Network Info - Packages - Files - Config Info From Container/VM - Docker metadata (docker inspect) - CPU metrics (/cgroup/cpuacct/) - Memory metrics (/cgroup/memory) - Docker history Docker Runtime Config Annotator Vulnerability Annotator Compliance Annotator Password Annotator SW Annotator Licence Annotator
  • 12. 11 Deep Visibility Operational Insights/Analytics Solve Real Problems Index (Data) Data Bus Annotators Index (Data) Vuln. & Compl. Analysis Config Analytics (SecConfig) Cloud Time Machine (Audit/PD) Pipeline Service (DevOps) Remediation Service Analyitcs * All analytics services work from the same data & pipeline! Today’s Special: Vulnerability Advisor- OS Info - Processes - Disk Info - Metrics - Network Info - Packages - Files - Config Info From Container/VM - Docker metadata (docker inspect) - CPU metrics (/cgroup/cpuacct/) - Memory metrics (/cgroup/memory) - Docker history Docker Runtime Config Annotator Vulnerability Annotator Compliance Annotator Password Annotator SW Annotator Licence Annotator
  • 13. 12 Crawler: How it Works for VMs • Leverage VM Introspection (VMI) techniques to access VM Mem and Disk state (We built bunch or our own optimizations that make this very efficient and practical) • Can even remote both (decouple all from VM and host) • Almost no new dependencies on host • Currently support 1000+ kernel distros Hypervisor MEM View KB APP Analytics Apps Memory Crawl API VM OS MEMDisk Disk View Disk Crawl API Cloud Analytics Crawl Logic Structured view of VM states APP APP { ....... ....... } Frames
  • 14. 13 Crawler: How it Works for Containers • Leverage Docker APIs for base container information • Exploit container abstractions (namespace mapping and cgroups) for deeper insight • Provide deep state info at scale with no visible overheads to end user 1) Get visibility into container world by namespace mapping 2) Crawl the container (Crawler dependencies still borrowed from host. No need to inject into container!) 3) Return to original namespace 4) Push data to backend index
  • 15. 14 Crawler: Typical Deployment • Typical deployment, able to track diverse cloud runtimes w parity • Need not be on same host, most crawler functions can be even remoted
  • 16. 15 Crawler: Design • Same crawler across runtimes for unified operational visibility • Multiple fanouts as use cases grow
  • 17. 16 Open Innovation <3 April 13 Open Container Introspection Toolkit for Security Analysis Open Container Introspection Toolkit for Security Analysis
  • 18. 17 DEMO TIME This Session This Session Agentless System Crawler Bluemix Test Drive (live – ldwave) https://developer.ibm.com/bluemix/2015/11/16/ built-in-monitoring-and-logging-for-bluemix-containers/ LogCrawler and JSON Parsing (live – CanoLibUK3) Vanilla LogCrawler (20150619_LogCrawlerDemo) Crawl even Non-responsive systems (oopsRconsole2) Out of Band SIEM (QRadarDemo) TopoLog for Topology Discovery (newTopo) RTop for Realtime Monitoring (RtopAnnotatedMOV) Crawling for Rootkits with RConsole (RConsoleAnnotatedMOV) Sunday & Wednesday Sunday & Wednesday Vulnerability Advisor Coming soon…
  • 19. 18 Bluemix Test Drive Just start a Bluemix Container (https://console.ng.bluemix.net/) Go to Container Overview (Metrics show up in few mins)
  • 20. 19 … Bluemix Test Drive Go to Monitoring and Logs >> Monitoring
  • 21. 20 … Bluemix Test Drive Go to Monitoring and Logs >> Logging
  • 22. 21 Back to: Deep Visibility Operational Insights/Analytics Solve Real Problems - OS Info - Processes - Disk Info - Metrics - Network Info - Packages - Files - Config Info From Container/VM - Docker metadata (docker inspect) - CPU metrics (/cgroup/cpuacct/) - Memory metrics (/cgroup/memory) - Docker history Docker Runtime Config Annotator Vulnerability Annotator Compliance Annotator Password Annotator SW Annotator Licence Annotator How can I identify my vulnerable/non-compliant images before they go live? How can I detect and block systems with password access configurations and weak passwords? 21
  • 23. 22 - OS Info - Processes - Disk Info - Metrics - Network Info - Packages - Files - Config Info From Container/VM - Docker metadata (docker inspect) - CPU metrics (/cgroup/cpuacct/) - Memory metrics (/cgroup/memory) - Docker history Docker Runtime Config Annotator Vulnerability Annotator Compliance Annotator Password Annotator SW Annotator Licence Annotator How can I track, query and analyze my configurations in a simple and robust manner for drift/config analytics? How can I do better resource management and allocation? 22 Deep Visibility Operational Insights/Analytics Solve Real Problems
  • 24. 23 DEMO TIME This Session This Session Vulnerability Advisor, Policy Mgr Go to Bluemix Catalog See VA Image Status (Safe, Caution, Blocked) Go to Create View Explore Status Details (Vulnerabilities, Policy Violations) Browse Policy Manager (Policy Settings, Deployment Impact) Change Org Policies Override Policies (Don’t do it) See Weak Password Discovery Update Image in Local Dev Fix Policy Violation Previously Previously Built-in Monitoring & Logging We just did that one…
  • 25. 24 Getting Started: Let’s Go to London Login to Bluemix London (https://console.eu-gb.bluemix.net/)
  • 26. 25 Deployment Status Login to Bluemix London (https://console.eu-gb.bluemix.net/) Go to Catalog and Look for Containers Hover over containers to see VA verdict: Safe to Deploy
  • 27. 26 Deployment Status Login to Bluemix London (https://console.eu-gb.bluemix.net/) Go to Catalog and Look for Containers Hover over containers to see VA verdict: Safe to Deploy | Deploy with Caution
  • 28. 27 Deployment Status Login to Bluemix London (https://console.eu-gb.bluemix.net/) Go to Catalog and Look for Containers Hover over containers to see VA verdict: Safe to Deploy | Deploy with Caution | Blocked
  • 29. 28 Create View Login to Bluemix London (https://console.eu-gb.bluemix.net/) Go to Catalog and Look for Containers Hover over containers to see VA verdict: Safe to Deploy | Deploy with Caution | Blocked Click on Image to go to Create View See Verdict Details and Explore Options
  • 30. 29 Vulnerability Advisor Report Login to Bluemix London (https://console.eu-gb.bluemix.net/) Go to Catalog and Look for Containers Hover over containers to see VA verdict: Safe to Deploy | Deploy with Caution | Blocked Click on Image to go to Create View See Verdict Details and Explore Options View Vulnerability Advisor Report: Discovered Vulnerabilities | Policy Violations
  • 31. 30 Vulnerability Advisor Report Login to Bluemix London (https://console.eu-gb.bluemix.net/) Go to Catalog and Look for Containers Hover over containers to see VA verdict: Safe to Deploy | Deploy with Caution | Blocked Click on Image to go to Create View See Verdict Details and Explore Options View Vulnerability Advisor Report: Discovered Vulnerabilities | Policy Violations
  • 32. 31 Policy Manager and Deployment Impact Login to Bluemix London (https://console.eu-gb.bluemix.net/) Go to Catalog and Look for Containers Hover over containers to see VA verdict: Safe to Deploy | Deploy with Caution | Blocked Click on Image to go to Create View See Verdict Details and Explore Options View Vulnerability Advisor Report: Discovered Vulnerabilities | Policy Violations Policy Manager and Deployment Impact
  • 33. 32 Policy Manager and Deployment Impact Login to Bluemix London (https://console.eu-gb.bluemix.net/) Go to Catalog and Look for Containers Hover over containers to see VA verdict: Safe to Deploy | Deploy with Caution | Blocked Click on Image to go to Create View See Verdict Details and Explore Options View Vulnerability Advisor Report: Discovered Vulnerabilities | Policy Violations Policy Manager and Deployment Impact Change Org Policy and Observe Impact
  • 34. 33 Policy Override Login to Bluemix London (https://console.eu-gb.bluemix.net/) Go to Catalog and Look for Containers Hover over containers to see VA verdict: Safe to Deploy | Deploy with Caution | Blocked Click on Image to go to Create View See Verdict Details and Explore Options View Vulnerability Advisor Report: Discovered Vulnerabilities | Policy Violations Policy Manager and Deployment Impact Change Org Policy and Observe Impact Create View > Click One-time Override Name your risky container and deploy
  • 35. 34 Also: One-stop Shop “Michael View” for the Purists
  • 36. 3535 Some Nostalgia: Big Vision = Systems as Data Transform systems into documents/frames/data Crawl the cloud like you crawl the web Query & mine the cloud like query/mine the web Learn good & bad sytem/SW configurations automagically
  • 37. 36 Operational Analytics Data Pipeline [Where We Started] Images (Registry) Kafka Configuration Channel Compliance Channel Vulnerability Channel Indexers Vulnerability Annotator Elastic Configuration Index Compliance Index Vulnerability Index Compliance Annotator
  • 38. 37 Operational Analytics Data Pipeline [Where We Are] Images (Registry) Notification Channel Kafka Configuration Channel Compliance Channel Vulnerability Channel Indexers Vulnerability Annotator Discovery Channel Instances (Compute) SecConfig Channel Rootkit Channel Licence Channel Notification Index Elastic Configuration Index Compliance Index Vulnerability Index Discovery Index SecConfig Index Rootkit Index Licence Index USNs Index Compliance Annotator Password Annotator Config Parser SecConfig Annotator SW Discovery Rootkit Annotator Licence Discovery Notification Parser Security Notices
  • 39. 38 Our Other Key Operational Analytics Directions Config Analytics SW and System Discovery by Examples Secure Config Advisor Cloud Time Machine Risk Analysis Licence Discovery Licence Discovery Data Pipeline Licence Db Im g
  • 40. 39 Summary & Open Problems Summary: Challenges: Operational visibility into complex cloud applications; need for real operational intelligence Opportunities: Transform systems to data; New line of ops data analytics; So many low-hanging pain points Agentless System Crawler and Vulnerability Advisor as simple ground-floor examples Parting Thoughts: Operational Visibility >> Metrics & Logs (although a good start, add state, config, interactions, dependencies,…) Cloud lends itself to novel & elegant “monalytics” designed with cloud-native thinking Everything analytics can be as-a-service when we decouple systems | observations | recommendations | actions Open Research Questions: Truly Seamless OpVis: No performance impact (~/~) + Absolutely no side effects (+/-) Extensibility and configurability: Deep visibility into system, application and infra Scale out across runtimes and scale up to many instances; challenges & limits How do you design DDOS-mitigation/admission-control/fair sharing in this model of built-in service Privacy and data sensitivity with Ops data analytics Piecemeal analytics/security solutions Cloud analytics/security roadmap Rules/annotators Actually smart analytics that learn good and bad configs for security, performance, availability, etc. Cross-silo analytics across Time, Space, Dev/Ops [CloudSight Dream]
  • 41. 40 The More You Know Papers: Operational Visibility: IC2E’14, Sigmetrics’14, VEE’15, HotCloud’15, ATC’16 (InterConnect’15) Operational Analytics: BigData’14, IBM JRD’16:{SWDisc,NFM,DevOps} (InterConnect’16) Blogs: Crawl the Cloud Like You Crawl the Web: https://developer.ibm.com/open/2015/07/18/crawl-cloud-like-crawl-web/ Monitoring and Logging for IBM Containers. No configuration needed: https://developer.ibm.com/bluemix/2015/07/06/monitoring-and-logging-for-containers-no-config-required/ Test Driving Built-in Monitoring and Logging in IBM Containers: https://developer.ibm.com/bluemix/2015/11/16/built-in-monitoring-and-logging-for-bluemix-containers/ Is your Docker container secure? Ask Vulnerability Advisor!: https://developer.ibm.com/bluemix/2015/07/02/vulnerability-advisor/ Demos: https://www.youtube.com/channel/UCf8Fn8dKQzBCJRgI1jOlGYg Open Source: dwOpen Tech Talk: https://developer.ibm.com/open/events/dw-open-tech-talk-agentless-system-crawler/ dwOpen Page: https://developer.ibm.com/open/agentless-system-crawler/ Agentless System Crawler: http://github.com/cloudviz/agentless-system-crawler PSVMI Introspection Library: https://github.com/cloudviz/psvmi Try It: As-a-service today: http:///www.bluemix.net Run it yourself: http://github.com/cloudviz/agentless-system-crawler
  • 42. 41 Thank You Seamless, Unified Operational visibility and Analytics Designed fro Cloud [feat. Agentless System Crawler & Vulnerability Advisor] IBM Research Cloud Monitoring, Operational and DevOps Analytics http://www.canturkisci.com/blog @canturkisci