Categories
Community General Guide In detail Interoperability OpenSource Security Social

LIBRO CLOUDADMINS: Devops y seguridad Cloud

Hola a tod@s,

NOVEDAD! LIBRO BY @cloudadms

Conceptos DevOps avanzados, casos de uso con Rancher (K8S), AWS, OpenNebula, Jenkins, Terraform
http://www.editorialuoc.cat/devops-y-seguridad-cloud
devopsyseguridadcloud
 
DevOps y seguridad cloud surge como parte del material elaborado en el posgrado en Administración y Cloud Computing de la UOC, programa dirigido a los que deseen orientar su experiencia al ámbito de la computación y modelos cloud. Con el objetivo de capacitar a la empresa y a sus profesionales de IT, ofrece los conocimientos, habilidades y herramientas necesarias para perfiles especialistas en el ámbito DevOps y computación en la nube, un perfil profesional altamente demandado en el mercado laboral, tanto en el ámbito nacional como internacional.
 
La nube comprende el concepto básico por el que definiremos la entrega de servicios informáticos a clientes o usuarios por medio de una red. Este nuevo modelo de prestación de servicios permite añadir una capa de abstracción frente a los clientes que no saben dónde estos están ubicados (normalmente alojados en varios proveedores y repartidos por todo el mundo) ni la gestión de recursos que usan. Los servicios en la nube atienden las peticiones recibidas y aportan una flexibilidad y adaptabilidad de recursos frente a la demanda de forma totalmente transparente.
En el libro una vez vistos los conceptos básicos a modo de introducción, se centra en la materia necesaria para tener una visión más avanzada sobre el enfoque del rol de DevOps.

  • Uno de los puntos en los que centraremos nuestra atención es la gestión de la configuración, que nos permitirá acercar todos los entornos que utilizaremos para que sean lo más parecidos posible al entorno de producción final.
  • Uno de los pilares de DevOps es la integración continua que permite agregar los pequeños cambios realizados por los desarrolladores al conjunto de software desarrollado de manera que puedan ser testados y desplegados en entornos de desarrollo lo antes posible. • Veremos también diferentes estrategias de ‘testing’, todas ellas con el objetivo de minimizar los posibles errores que puedan producirse en los entornos productivos. Asimismo, se intentan detectar los errores en etapas tempranas del desarrollo cuando su corrección es más sencilla y menos costosa. • Como continuación de la integración continua veremos el concepto de entrega continua en su aplicación más práctica, donde aprovecharemos para explicar un extenso ejemplo.

Y en consecuencia, ¿interesado/a en cómo afrontarlo?

  • La gestión de infraestructura y de los diferentes entornos como resultado de las distintas etapas de la entrega continua. Tanto la infraestructura como los diferentes entornos deben ser extremadamente flexibles para adaptarse rápidamente a los cambios que se puedan producir en las diferentes etapas del desarrollo.
  • La gestión de los datos también representa un reto en cuanto que deben ser persistentes y estar disponibles a pesar de que el software que da acceso a ellos va cambiando constantemente.

usecases
Ahora depende de ti, reserva tu libro y sumérgete en retos como son la integración continua (CI) y la entrega continua (CD) de la mano de tecnologías de containers como Docker y plataformas como Kubernetes (K8S), bajo servicios de infraestructura como Amazon Web Services (AWS), herramientas de automatización como Terraform y de testing como Jenkins. Practica y vive una experiencia que te llevará al siguiente nivel. Y no olvides de compartir tu experiencia con nosotros, menciona @cloudadms en Twitter. ¡SUERTE! http://www.editorialuoc.cat/devops-y-seguridad-cloud

Categories
Community General Hybrid Clouds Interoperability OpenSource

New OpenNebula VCLOUD driver: Building Hybrid Clouds with VMware cloud providers

Based in its definition, the “Hybrid Cloud Computing” is a model which combines the use of multiple Cloud services across different deployment models, including combining the use of services of public cloud services private cloud outside or inside organization / institution.
Most companies and organizations have not been born in the “cloud”, a situation that often causes the cloud resources are to be connected to traditional systems or applications with some criticality and are usually located in their own premises. This type of architecture is the most common where the keys to their success pass take into account aspects such as integration capabilities, hyper-converged management, etc.
Cloud bursting is always welcome!
Today we are one_vcloudsharing exciting news about the expansion of the number of public clouds supported by OpenNebula to build hybrid cloud deployments. As a result of the collaboration between OpenNebula and CSUC, a new addon to support VCLOUD providers has been added to OpenNebula catalogue.
“With this addon, real hybrid architectures can use OpenNebula’s rich set of infrastructure management tools to manage cloud deployments across VCLOUD private, public and hosted cloud platforms.”
 
The driver is developed for Opennebula 5.x and VCLOUD 5.5 version and is released today to be available for testing. The integration has been carried out using the ruby_vcloud_sdk, which interacts with the vCloud Director API, enabling a complete control of the lifecycle of Virtual Machines in a transparent way within an OpenNebula cloud. Thanks to these new addon, private resources can be easily supplemented with resources from external providers to meet fluctuating demands.
 
https://github.com/OpenNebula/addon-vcloud-driver

Description

This addon gives Opennebula the posibility to manage resources in VMware vCloud infraestructures. It includes virtualization and monitoring drivers.
This driver is based on vCenter Driver and uses a modified version of ruby_vcloud_sdk.
Alt text

Features

This addon has the following capabilities:

  • Deploy, stop, shutdown, reboot, save, suspend, resume and delete VM’s in the Virtual Data Centers hosted in vCloud.
  • Create, delete and revert snapshots of VM’s.
  • Change RAM and CPU values of VM.
  • It’s able to hot-attach and detach NICs to VM’s.
  • Automatized customization of the VMs instanciated.
  • Obtain monitoring information from the VDC, Datastore and VM’s.
  • In this development version we manage vApps with one VMs inside (A VM in OpenNebula equals a vApp with one VM in vCloud).
  • Each Virtual Data Center (VDC) in vCloud is managed as a Host in OpenNebula.
  • Import networks, hosts, templates and datastores hosted in vCloud using onevcloud script.

https://github.com/OpenNebula/addon-vcloud-driver
Need more information? You are welcome to use the OpenNebula community instruments to ask around (for instance, the forums tool is a good place to pose your questions) or reserve a seat to see details inside the next Open Cloud Free session in Barcelona (24/10 14:00h) https://www.eventbrite.com/e/open-cloud-free-session-inside-opennebulaconf-tickets-27753771277
As always, we value your feedback and contributions to this new feature!
Barcelona UserGroup Team –  www.cloudadmins.org

Categories
General Hybrid Clouds Interoperability

Cloud Service Brokers (CSB) – 1a entrega

El establecimiento de relaciones con múltiples proveedores de la nube puede ser desalentador. Incluso después de que se establecen las relaciones, todavía es necesario realizar integraciones con diversas tecnologías de los proveedores.
cloud-broker
A día de hoy, existen diferentes iniciativas que vamos a ir explorando desde Cloudadmins mediante una nueva serie de POSTS. Hoy repasaremos tres soluciones de software libre que se alinean a este modelo de agregación de servicios cloud en la capa de infraestructura, el primero con una orientación “middleware”, el segundo enfocado a capas de servicio y el último alineado a dar soluciones en el almacenamiento de grandes volumenes de datos :

DeltaCloud

http://deltacloud.apache.org/index.html
Proyecto open source desarrollado por RedHat y la fundación Apache orientado a desarrollar un conjunto de aplicaciones, scripts y herramientas para la nube. Cada cloud particular en deltaCloud es manejado a través de un adaptador (“driver”). Soporta las siguientes plataformas cloud: Amazon EC2, Fujitsu Global Cloud Platform, GoGrid, openNebula, RackSpace, RHEV-M, RimuHosting, Terremark, Vmware vCloud, Eucalyptus, IBM smartCloud, openStack, ArubaCloud y DigitalOcean
Permite crear y eliminar instancias, detenerlas, volver a arrancarlas y reiniciarlas. Además permite listar todos los perfiles de hardware, detalles sobre las instancias, etc…
Más información sobre los drivers de DeltaCloud en
http://deltacloud.apache.org/drivers.html#drivers

CompatibleOne

CompatibleOne ofrece un único lenguaje para la descripción y administración de un ilimitado numero de proveedores de servicios cloud. La arquitectura de servicios flexible de CompatibleOne hace que la descripción y creación de los diferentes cloud sea independiente del proveedor de servicios cloud escogido (OpenStack, OpenNebula, Azure, Vcloud…) y puede abordar cualquier tipo de servicio (IaaS, PaaS, SaaS, Xaas, Bpaas, …) y cualquier tipo de despliegue de servicios cloud (público, privado, híbrido, …).
El paquete de la plataforma Accords para CentOS / Fedora / RedHat puede encontrarse en build.opensuse.org. Para Debian y Ubuntu (10.10 → 12.04) está disponible en compatibleone.org/debian/
Podemos resumir su funcionamiento (y arquitectura) a grandes rasgos como:
→ Manejo de los requisitos del usuario
→ Validación y plan de aprovisionamiento
→ Ejecución del plan de aprovisionamiento
→ Entrega de los servicios del cloud

DuraCloud

https://wiki.duraspace.org/display/DURACLOUD/DuraCloud
DuraCloud es un software de gestion de servicios que permite a organizaciones archivar contenido a través de multiples gestores de cloud. Es un proyecto open source bajo licencia apache con una comunidad de usuarios y desarrolladores que crean y comparten nuevas herramientas todo el tiempo.
Principalmente, la interfaz del usuario consiste en una serie de aplicaciones web que ofrecen tres funciones generales:
→ Gestión de almacenamiento
→ Gestión de servicios
→ Interfaz para navegar entre los diferentes gestores
Pues hasta aquí hemos visto diferentes iniciativas opensource en el ámbito del brokering, en la próxima entrega repasaremos aproximaciones similares basadas en soluciones comerciales.
Buen vuelo,
Cloudadmin

Categories
Interoperability

Exploring Open Cloud Computing Interface

 
The problem with interoperability in Cloud providers is well-known. Different Cloud providers use their own and independent interface. This makes it difficult to communicate and federate multiple providers . To solve this, OCCI API has been proposed as a common standard in order to overcome this problem. OCCI is a Cloud Interaction Layer which uses HTTP methods (like GET, POST, PUT, DELETE) using XML format. This interface uses multiple data structures (i.e. Compute, Network, Storage) to describe the different resources. Using these structures, it can operate the virtual resources (i.e. create, list, show, update, delete).

The initial goal of the API OCCI is to provide an extensible interface to Cloud Infrastructure Services (IaaS). The OCCI API is a RESTful service, allowing for the development of interoperable tools for common tasks including deployment (create, control), autonomic scaling and monitoring Cloud resources.

This API allow for:

  • Consumers to interact with Cloud computing infrastructure on an ad-hoc basis (e.g. deploy, start, stop, restart)

  • Integrators to offer advanced management services

  • Aggregators to offer a single common interface to multiple providers

  • Providers to offer a standard interface that is compatible with available tools

  • Vendors of grids/Clouds to offer standard interfaces for dynamically scalable service delivery in their products

OCCI have been as modular as possible to facilitate future extension.

The core protocol is completely generic, describing how to connect to a single entry point, authenticate, search and CRUD operations (Create, Retrieve, Update and Delete resources) using existing standards including HTTP (Plain Text), TLS, Oauth, JSON and Atom/Pub. State control (start, stop, restart), billing, performance, etc. The scope of the specification will be all high level functionality required for the life-cycle management of virtual machines (or workloads) running on virtualization technologies (or containers) supporting service elasticity. Using a simplified service lifecycle model, it supports the most common life cycle states offered by Cloud providers.

Simply by standardizing at this level OCCI may well become the HTTP of Cloud Computing. There is a good article that compares OCCI API with HTML. Is OCCI the HTTP of Cloud Computing?

RESTful web services

A RESTful Web Service offers these HTTP methods: GET, PUT, POST and DELETE. OCCI API is a RESTful service and has methods associated with each resource type: Pool Resources (collection of elements owned by a given user) and Entry Resources (single entry within a given collection).

GET PUT POST DELETE
Pool Resources (PR) to list all the entry resources in that pool resource owned by the user

x

to create a new entry resource

x

Entry Resources (ER) to list the information associated with that resource to update the resource (only supported by the COMPUTE resource)

x

to delete the resource

XML format is used to represent COMPUTE, NETWORK and DISK resources; as well as the collection of them (Pool Resources, PRs).

POOL RESOURCE

  • References a URI for the ER.

Example:

<COMPUTES><COMPUTE href=”http://www.opennebula.org/compute/234″><COMPUTE href=”http://www.opennebula.org/compute/432″><COMPUTE href=”http://www.opennebula.org/compute/123″></COMPUTES>

NETWORK

      • ID, the uuid of the network
      • NAME, describing the network
      • ADDRESS, of the network
      • SIZE, of the network, defaults to C

 
Example:

<NETWORK><ID> 123 </ID><NAME> Blue Network </NAME><ADDRESS> 192.168.0.1 </ADDRESS> <SIZE> C </SIZE> </NETWORK>

STORAGE

            • ID, the uuid of the image
            • NAME, describing the image
            • SIZE, of the image in MBs
            • URL, pointer to the original image

Example:

<DISK><ID> 123 </ID><NAME> Ubuntu 10.04 </NAME> <SIZE> 2048 </SIZE> <URL> file:///images/ub untu/ubuntu.img </URL> </DISK>

COMPUTE RESOURCE The compute element defines a virtual machine by specifying the configuration attributes. It is more complex than previous resources commented:

      • ID, the uuid of the virtual machine.
      • NAME, describing the virtual machine.
      • TYPE, a COMPUTE type specifies a CPU and memory capacity, valid types are small, medium and large.
      • STATE, the state of the COMPUTE.
      • DISKS, the block devices attached to the virtual machine (DISK, SWAP, FS)
      • NICS, the network interfaces, defined with a list of NIC elements. (UUID, IP…)

 

+Info – OCCI Workgroup – OGF – http://occi-wg.org/

Categories
General Interoperability OpenSource

Interoperability in the Cloud

Many people in the industry believe it is critically important for the Cloud to be open and share concerns about the private nature of the leading Cloud platforms. In fact, there are already a few projects focused on the goal of a truly open source Cloud with mass adoption.
However the present Cloud offers have followed this trend and are largely private. No one benefits from a fractured landscape of closed and incompatible Clouds where migration is difficult to do and true Cloud transparency is impossible.
Nowadays the solution to interoperate between Clouds is using Web Services. For example, Amazon EC2 has a web service interface to manage his own virtual-machines, VMware has a vCloud interface and other products have their own web services interface. But the problem is that these interfaces are private and based on their own Clouds Computing. Eucalyptus Systems considers API AWS (Amazon Web Services) the default standard for the industry because of its popularity. Eucalyptus Cloud is an open-source virtualization middleware but it uses an Amazon EC2 interface. On the other hand, OpenNebula propose an open source interface called OCCI very easy to use and to extend. OCCI was originally initiated by UCM (Complutense University of Madrid) and now the Open Cloud Computing interface comprises a set of open community-lead specifications delivered through the Open Grid Forum.
Usually the APIs wars have been a crucial strategic plan to control the technology platforms and their associated markets. I don’t know if δ-cloud or OCCI will be an API reference of the next years. But I have a clear idea. An open standard API should emerge. Now both have very good fundamentals and are present in many discussion forums. In conclusion we chose to use API OCCI.
We would like to highlight that our OCCI API is used in a lot of research and production projects as , OpenNebula EMOTIVE, OpenStack,  Fed-Cloud, MeghaCloud
I believe that the next step is creating another standard working group that sits on top of them all. 
A Cloud Admin