Archive
Microsoft and AzureCon delivers! Love it! – #Azure, #AzureCon, #EnvokeIT, #IoT, #SaaS, #PaaS
I really love the way that Microsoft and Azure delivers! It’s so amazing with all the PaaS and SaaS offerings they now have on top of the traditional IaaS delivery. There is no other cloud provider out there that delivers anything near it! I’m amazed and so happy to be a part of this journey!
If you didn’t have the time to look at AzureCon you have a lot of great videos and topics to go through!!
Here is a short overview of the many great things released and presented:
- General Availability of 3 new Azure regions in India
- Announcing new N-series of Virtual Machines with GPU capabilities
- Announcing Azure IoT Suite available to purchase
- Announcing Azure Container Service
- Announcing Azure Security Center
Watching the Videos
All of the talks presented at AzureCon (including the 60 breakout talks) are now available to watch online. You can browse and watch all of the sessions here.
Announcing General Availability of 3 new Azure regions in India
Yesterday we announced the general availability of our new India regions: Mumbai (West), Chennai (South) and Pune (Central). They are now available for you to deploy solutions into.
This brings our worldwide presence of Azure regions up to 24 regions, more than AWS and Google combined. Over 125 customers and partners have been participating in the private preview of our new India regions. We are seeing tremendous interest from industry sectors like Public Sector, Banking Financial Services, Insurance and Healthcare whose cloud adoption has been restricted by data residency requirements. You can all now deploy your solutions too.
Announcing N-series of Virtual Machines with GPU Support
This week we announced our new N-series family of Azure Virtual Machines that enable GPU capabilities. Featuring NVidia’s best of breed Tesla GPUs, these Virtual Machines will help you run a variety of workloads ranging from remote visualization to machine learning to analytics.
The N-series VMs feature NVidia’s flagship GPU, the K80 which is well supported by NVidia’s CUDA development community. N-series will also have VM configurations featuring the latest M60 which was recently announced by NVidia. With support for M60, Azure becomes the first hyperscale cloud provider to bring the capabilities of NVidia’s Quadro High End Graphics Support to the cloud. In addition, N-series combines GPU capabilities with the superfast RDMA interconnect so you can run multi-machine, multi-GPU workloads such as Deep Learning and Skype Translator Training.
Announcing Azure Security Center
This week we announced the new Azure Security Center—a new Azure service that gives you visibility and control of the security of your Azure resources, and helps you stay ahead of threats and attacks. Azure is the first cloud platform to provide unified security management with capabilities that help you prevent, detect, and respond to threats.
The Azure Security Center provides a unified view of your security state, so your team and/or your organization’s security specialists can get the information they need to evaluate risk across the workloads they run in the cloud. Based on customizable policy, the service can provide recommendations. For example, the policy might be that all web applications should be protected by a web application firewall. If so, the Azure Security Center will automatically detect when web apps you host in Azure don’t have a web application firewall configured, and provide a quick and direct workflow to get a firewall from one of our partners deployed and configured: Read more…
Highly critical “Ghost” allowing code execution affects most Linux systems – #Vulnerability, #Security, #Linux
And here it continues, another critical vulnerability that affects most Linux systems. Ensure that your system is updated and rebooted!!
More information about Citrix affected systems can be found here:
Citrix Security Advisory for glibc GHOST Vulnerability (CVE-2015-0235)
http://support.citrix.com/article/CTX200391
Here is a great article on the vulnerability itself from arstechnica.com:
An extremely critical vulnerability affecting most Linux distributions gives attackers the ability to execute malicious code on servers used to deliver e-mail, host webpages, and carry out other vital functions.
The vulnerability in the GNU C Library (glibc) represents a major Internet threat, in some ways comparable to the Heartbleed and Shellshock bugs that came to light last year. The bug, which is being dubbed “Ghost” by some researchers, has the common vulnerability and exposures designation of CVE-2015-0235. While a patch was issued two years ago, most Linux versions used in production systems remain unprotected at the moment. What’s more, patching systems requires core functions or the entire affected server to be rebooted, a requirement that may cause some systems to remain vulnerable for some time to come.
The buffer overflow flaw resides in __nss_hostname_digits_dots(), a glibc function that’s invoked by the gethostbyname() and gethostbyname2() function calls. A remote attacker able to call either of these functions could exploit the flaw to execute arbitrary code with the permissions of the user running the application. In a blog post published Tuesday, researchers from security firm Qualys said they were able to write proof-of-concept exploit code that carried out a full-fledged remote code execution attack against the Exim mail server. The exploit bypassed all existing exploit protections available on both 32-bit and 64-bit systems, including address space layout randomization, position independent executions, and no execute protections. Qualys has not yet published the exploit code but eventually plans to make it available as a Metasploit module.
“A lot of collateral damage on the Internet”
The glibc is the most common code library used by Linux. It contains standard functions that programs written in the C and C++ languages use to carry out common tasks. The vulnerability also affects Linux programs written in Python, Ruby, and most other languages because they also rely on glibc. As a result, most Linux systems should be presumed vulnerable unless they run an alternative to glibc or use a glibc version that contains the update from two years ago. The specter of so many systems being susceptible to an exploit with such severe consequences is prompting concern among many security professionals. Read more…
Under the Covers of a Distributed Virtual Computing Platform – Built For Scale and Agility – via @dlink7, #Nutanix
I must say that Dwayne did a great job with this blog post series!! It goes into expelling the Nutanix Distributed File System (NDFS) that I must say is the most amazing enterprise product out there if you need a truly scalable and agile Compute and Storage platform! I advise you to read this series!!
Under the Covers of a Distributed Virtual Computing Platform – Part 1: Built For Scale and Agility
Lots of talk in the industry about how had software defined storage first and who was using what components. I don’t want to go down that rat hole since it’s all marketing and it won’t help you at the end of the day to enable your business. I want to really get into the nitty gritty of the Nutanix Distributed Files System(NDFS). NDFS has been in production for over a year and half with good success, take read of the article on the Wall Street Journal.
Below are core services and components that make NDFS tick. There are actually over 13 services, for example our replication is distributed across all the nodes to provide speed and low impact on the system. The replication service is called Cerebro which we will get to in this series.
This isn’t some home grown science experiment, the engineers that wrote the code come from Google, Facebook, Yahoo where this components where invented. It’s important to realize that all components are replaceable or future proofed if you will. The services\libraries provide the API’s so as newest innovations happen in the community, Nutanix is positioned to take advantage.
All the services mentioned above run on multiple nodes in cluster a master-less fashion to provide availability. The nodes talk over 10 GbE and are able to scale in a linear fashion. There is no performance degradation as you add nodes. Other vendors have to use InfiniBand because they don’t share the metadata cross all of the nodes. Those vendors end up putting a full copy of the metadata on each node, this eventually will cause them to hit a performance cliff and the scaling stops. Each Nutanix node acts a storage controller allowing you to do things like have a datastore of 10,000 VM’s without any performance impact… continue reading part 1 here.
Under the Covers of a Distributed Virtual Computing Platform – Part 2: ZZ Top
In case you missed Part 1 – Part 1: Built For Scale and Agility
No it’s not Billy Gibbons, Dusty Hill, or drummer Frank Beard. It’s Zeus and Zookeeper providing the strong blues that allow the Nutanix Distributed File System to maintain it’s configuration across the entire cluster. Read more…
#Apache #CloudStack grows up – #Citrix, #IaaS – via @sjvn
On June 4th, the 4.1.0 release of the Apache CloudStack Infrastructure-as-a-Service (IaaS) cloud orchestration platform arrived. This is the first major CloudStack release since its March 20th graduation from the Apache Incubator.
It’s also the first major release of CloudStack since Citrix submitted the project to the Apache Foundation in 2012. Apache CloudStack is an integrated software platform that enables users to build a feature-rich IaaS. Apache claims that the new version includes an “intuitive user interface and rich API [application programming interface] for managing the compute, networking, accounting, and storage resources for private, hybrid, or public clouds.”
This release includes numerous new features and bug fixes from the 4.0.x cycle. It also includes major changes in the codebase to make CloudStack easier for developers; a new structure for creating RPM/Debian packages; and completes the changeover to using Maven, the Apache software project management tool.
Apache CloudStack 4.1.0’s most important new features are:
- An API discovery service that allows an end point to list its supported APIs and their details.
- Added an Events Framework to CloudStack to provide an “event bus” with publish, subscribe, and unsubscribe semantics. Includes a RabbitMQ plug-in that can interact with AMQP (Advanced Message Queuing Protocol) servers.
- Implement L3 router functionality for the VMware Nicira network virtualization platform (NVP) plug-in
- Support for Linux’s built-in Kernel-based Virtual Machine (KVM) virtualization with NVP L3 router
functionality. - Support for AWS (Amazon Web Service) style regions
What all this adds up to, according to CloudStack Project Management Committee (PMC) member Joe Brockmeier, is that today’s CloudStack is “a mature, stable project, [that] is also free as in beer and speech. We believe that if you’re going to be building an IaaS cloud for private or public consumption, you’ll be better served choosing an open platform that any organization can participate in and contribute to.”
Brockmeier concluded, “CloudStack is a very mature offering that’s relatively easy to deploy and manage, and it’s known to power some very large clouds–e.g., Zynga with tens of thousands of nodes–and very distributed clouds–such as DataPipe, which…
Continue reading here!
//Richard
The IT Melting Pot! 