SlideShare a Scribd company logo

Session 1 - CloudStack Plugin Structure and Implementation (2013.Q3)

T
tcloudcomputing-tw
Technology
1 of 36
Download to read offline
2013 Trend Micro 25th Anniversary CLOUDSTACK PLUGIN STRUCTURE AND IMPLEMENTATION TCloud Computing, Inc.
2013 Trend Micro 25th Anniversary Outline • Management Internal • Anatomy of Plugin • Practical Example – Third Party Security Solution
2013 Trend Micro 25th Anniversary Management Server Internal
2013 Trend Micro 25th Anniversary Architecture Overview •Includes all the implementation of CloudStack's HTTP Query API •Includes all supported Cloudstack Java Interfaces that can be used to bridge against external systems. Services •Defines all the processes of CloudStack Management Server. •Interacts with the Adapter Framework to provide customizations to this process. Management •Contains the implementation that map CloudStack commands to the various physical elements including network, storage, and hypervisor resources Resources •Contains the implementation to the Database Access layer. Currently it is MySQL but does not have to be limited to a database. Data Access
2013 Trend Micro 25th Anniversary Service Layer • Synchronous command – Scope of mgmt server or to the database – Short-live • Asynchronous command – Require a call to an external system – Take long time • Command configuration – commands.properties – <command name>=<fully qualified java classname>;<ACL>
2013 Trend Micro 25th Anniversary Management Layer • Kernel of CloudStack • Manager – Singleton to control a process • Adapter – Different ways to implement the same functionality. – Often used when there can be multiple ways to implement that step. • Configuration – components.xml
2013 Trend Micro 25th Anniversary Resource Layer • Map commands to the physical elements – Hypervisor resource – Network resoure – Storage resource
2013 Trend Micro 25th Anniversary Inside a Management Server API Servlet Async Job Queue Mgr CS API Services API Cmds Responses cmd.execute() Kernel Agent Manager Resources Agent API (Commands) Hypervisor Native APIs Local Or Remote Network Device API MySQL
2013 Trend Micro 25th Anniversary Accounts Security Manager Events Manager Usage Manager Domain Manager Account Manager Limits Manager CloudStack Orchestration VirtualMachine Manager StorageManager NetworkManager Template Manager Snapshot Manager CloudStack WebServices API OAM&P API End User API AWS API Pluggable Service API Engine CloudStack Plugins NetScalerNetwrokServiceProvider VirtualRouterNetwrokServiceProvider Business Logic Resource Manager Rules Manager Update Manager HA Manager Capacity Manager Framework Agent Manager Cluster Manager Data Access Layer Adapters Network Guru Network Element Deployment Planner Hypervisor Guru
2013 Trend Micro 25th Anniversary Plugins • Various ways to add more capability to CloudStack • Implements clearly defined interfaces • All operations must be idempotent • All calls are at transaction boundaries • Compiles only against the Plugin API module • Deployed on management server
2013 Trend Micro 25th Anniversary Anatomy of a plugin
2013 Trend Micro 25th Anniversary Anatomy of a Plugin • Server Component: – Can implement multiple Plugin APIs to affect its feature – Can expose its own API through Pluggable Service so administrators can configure the plugin • ServerResource: – Deployed co-located with the physical resource ServerResource - Optional. Required if Plugin needs to be co- located with the resource - Implements translation layer to talk to resource - Communicates with server component via JSON Rest API PluginAPI Data Access Layer Implementation
2013 Trend Micro 25th Anniversary Components of an plug-in • PluggableService that defines APIs to configure the plug-in • ServerResource extension that is meant to be run co-located with the resource • Manager code that runs within the management server with access to management database • Implement Adaptor interfaces to implement functionalities required by CloudStack • Change components.xml to make the plug-in and adaptors active
2013 Trend Micro 25th Anniversary Adding a Plugin to CloudStack • CloudStack assembles the components according to the xml at startup time • CloudStack assembles the list of APIs it supports according to the PlugableService specified in the properties file
2013 Trend Micro 25th Anniversary Components.xml Example <components.xml> ...... <management-server class="com.cloud.server.ManagementServerExtImpl" library="com.cloud.configuration.PremiumComponentLibrary"> ....... <pluggableservice name="VirtualRouterElementService” key="com.cloud.network.element.VirtualRouterElementService" class="com.cloud.network.element.VirtualRouterElement"/> </management-server> ...... </components.xml>
2013 Trend Micro 25th Anniversary Practical Example
2013 Trend Micro 25th Anniversary • CS does an excellent job for building clouds • Growing needs for solutions to secure the Cloud • Seek security solutions to work with CS • Works for both private and public cloud • Multi-tenant ,self-service, • Easy to provision • Resource effective • Easy to integrate • ElasterShield to combine the existing security solution with CloudStack Third party security solution integration
2013 Trend Micro 25th Anniversary Brief intro to ElasterShield • Bridge between DeepSecurity and CloudStack • Hypervisor-based, agentless security protection • Features • Firewall (L2, L3, L4) • IDS/IPS • Application Control • Web server protection • Anti-malware • XenServer ElasterShield CloudStack API DeepSecurity API
2013 Trend Micro 25th Anniversary Hypervisor Hypervisor-based • Agentless for user VM, need an ‘appliance’ on hypervisor • Capture network traffics • Scan VM memory • Can work with any complex network environment User VM User VM Appliance
2013 Trend Micro 25th Anniversary Hypervisor-Based Solution • Security Manager (DSM) • Storing rules/profiles • Provide UI/ web service API • Send command to DSVA DSM Hypervisor User VM Hypervisor User VMDSVA DSVA• Security Virtual Appliance (DSVA) • One for each hypervisor • Hypervisor redirects VM’s traffic to DSVA • Includes an engine to do the detection/prevention • Bi-directional communicate between DSM and DSVA • No impact to user VM if DSVA stops
2013 Trend Micro 25th Anniversary Integrate as a CS Plug-in • Security as a service, DeepSecurity as a service provider – Multi-tenant, defined by admins, subscribed by users, provisioned to VMs • No modification on CloudStack kernel, keep it as it is • Provide new security related APIs • Treat DSM as a external device and send commands to it • DSVA monitor and security management • Tailor User VM lifecycle and Hypervisor management with existing CloudStack framework
2013 Trend Micro 25th Anniversary Architecture Overview CloudStack Kernel ElasterShield DSM Hypervisor DSVA User VM Hypervisor DSVA User VM DS APINew CS API Managed by CS
2013 Trend Micro 25th Anniversary Workflow: Add DSM CloudStack Manager ElasterShield Plug-in DSM 2) Connect to DSM1) Call plug-in API Database 3) Persist into DB 1) Admin user or external UI calls Plug-in API • Parameters include DSM url/account/password • One DSM per data center 2) Plug-in calls DSM’s APIs to: • test connection with specified authentication • Get DSM info such like version, license, etc. 3) Plug-in persists the DSM info into CS database
2013 Trend Micro 25th Anniversary Workflow: Enable Security protection CloudStack Manager ES Plug-in DSM 3) Activate DSVA 1 ) Call plug-in API: 1) Admin user or external UI calls plug-in API 2) ES Plug-in deploys DSVA • Deploy DSVA on each host of the cluster • With specified service offering and template • Start DSVA 3) Activate DSVA • Plug-in calls DSM API to activate each DSVA Hypervisor 2) Start DSVA on each hypervisor of the cluster Hypervisor DSVA DSVA
2013 Trend Micro 25th Anniversary Workflow: Define Security Profiles CloudStack Manager ElasterShield Plug-in DSM 2) Call DSM API 1) Call plug-in API • For this Stage, this will be not implemented in plug-in, because it’s product-specific • Admins use DSM’s UI to define profiles • Users use Plug-in API to list and apply profiles Admin defines Rules/profiles
2013 Trend Micro 25th Anniversary Workflow: Apply security offering CloudStack Manager ElasterShield Plug-in DSM 3) Call DSM API,1) Call plug-in API 1) User or external UI calls plug-in API • Specify VM id and security offering id 2) Plug-in persists <VM, offering> mapping into DB • Address multi-tenant problem 3) Plug-in calls DSM API to assign corresponding profile if VM is running Database 2) Persist into DB
2013 Trend Micro 25th Anniversary Workflow: Add a new host CloudStack Manager ElasterShield Plug-in DSM 5) Call DSM API to activate 1) Call CS API addHost 1) User or UI calls CS API 2) CS add a new hypervisor host as usual 3) Deploy DSVA 4) Plug-in persist DSVA info Hypervisor DSVA 2) Add host 3) Deploy DSVA
2013 Trend Micro 25th Anniversary Workflow: Maintain a host CloudStack Manager ElasterShield Plug-in DSM 3) Call DSM API to de-activate DSVA 1) Call CS API prepareHostForMaintenance 1) User or UI calls CS API 2) Stop DSVA on it • update DSVA status into DB 3) Plug-in call DSM API to deactivate DSVA • unassign security profiles to VMs that cannot be migrated Hypervisor DSVA 2) Power off DSVA
2013 Trend Micro 25th Anniversary Workflow: Start Virtual Machine CloudStack Manager ElasterShield Plug-in DSM 3) Fetch VM info 1) Call CS API startVirtualMachine 1) User or UI calls CS API 2) CS checks DSVA status and starts user VM as usual 3) DSM calls CS API to fetch VM ‘s information 4) DSM notifies DSVA in the same hypervisor with VM Hypervisor DSVA User VM 2) Start User VM 4) DSM notifies ESVA
2013 Trend Micro 25th Anniversary Workflow: Stop Virtual Machine CloudStack Manager ElasterShield Plug-in DSM 3) Fetch VM info 1) Call CS API stopVirtualMachine 1) User or UI calls CS API 2) CS powers off user VM as usual 3) DSM calls CS API to fetch VM’s information 4) DSM notifies DSVA in the same hypervisor with VM Hypervisor DSVA User VM 2) Stop user VM 4) DSM notifies DSVA
2013 Trend Micro 25th Anniversary Workflow: Destroy Virtual Machine CloudStack Manager ElasterShield Plug-in 1) Call CS API destroyVirtualMachine 1) User or UI calls CS API • VM is destroyed as usual by CS 2) When VM gets expunged, plug-in removes <VM, profile> mapping from DB • VirtualMachineGuru.finalizeExpunge Database 2) Remove from DB
2013 Trend Micro 25th Anniversary Workflow: Query Events/Alerts CloudStack Manager ElasterShield Plug-in 1) Call plug-in API 1) User or external UI calls plug-in APIx • With query parameters such as time, VM id, user id, etc 2) Plug-in calls DSM’s API to fetch events/alerts 2) Call DSM API DSM
2013 Trend Micro 25th Anniversary Workflow: DSVA upgrading CloudStack Manager ElasterShield Plug-in DSM 2) Call DSM API to upgrade 1) Call plug-in API 1) Call plug-in API to upgrade DSVA , with a URL parameter 2) Plug-in forward the API to DSM 3) DSM notifies all DSVA to upgrade 4) DSVA downloads upgrading package from the URL specified 5) DSVA upgrade itself, it still functions during the upgrading. Hypervisor DSVA 3) Notify DSVA Web server 4) Download upgrade package
2013 Trend Micro 25th Anniversary ElasterShield Installation • Target: CloudStack 4.0 and later • Installation package – Plug-in binary - ElasterShield – DSM installation package/binary – DSVA template
2013 Trend Micro 25th Anniversary Q & A
2013 Trend Micro 25th Anniversary Thank You

Recommended

2012 CloudStack Design Camp in Taiwan--- CloudStack Overview-2
2012 CloudStack Design Camp in Taiwan--- CloudStack Overview-22012 CloudStack Design Camp in Taiwan--- CloudStack Overview-2
2012 CloudStack Design Camp in Taiwan--- CloudStack Overview-2tcloudcomputing-tw
 
Writing a Plugin for Apache CloudStack
Writing a Plugin for Apache CloudStackWriting a Plugin for Apache CloudStack
Writing a Plugin for Apache CloudStackbuildacloud
 
Session 4 - News from ACS Community
Session 4 - News from ACS CommunitySession 4 - News from ACS Community
Session 4 - News from ACS Communitytcloudcomputing-tw
 
CloudStack 4.1, 4.2 and beyond
CloudStack 4.1, 4.2 and beyondCloudStack 4.1, 4.2 and beyond
CloudStack 4.1, 4.2 and beyondChip Childers
 
2012 CloudStack Design Camp in Taiwan--- CloudStack Overview-1
2012 CloudStack Design Camp in Taiwan--- CloudStack Overview-12012 CloudStack Design Camp in Taiwan--- CloudStack Overview-1
2012 CloudStack Design Camp in Taiwan--- CloudStack Overview-1tcloudcomputing-tw
 
Introduction to CloudStack
Introduction to CloudStack Introduction to CloudStack
Introduction to CloudStack CloudStack - Open Source Cloud Computing Project
 
Orchestration & provisioning
Orchestration & provisioningOrchestration & provisioning
Orchestration & provisioningbuildacloud
 
Hacking apache cloud stack
Hacking apache cloud stackHacking apache cloud stack
Hacking apache cloud stackMurali Reddy
 

Recommended

2012 CloudStack Design Camp in Taiwan--- CloudStack Overview-2
2012 CloudStack Design Camp in Taiwan--- CloudStack Overview-22012 CloudStack Design Camp in Taiwan--- CloudStack Overview-2
2012 CloudStack Design Camp in Taiwan--- CloudStack Overview-2tcloudcomputing-tw
 
Writing a Plugin for Apache CloudStack
Writing a Plugin for Apache CloudStackWriting a Plugin for Apache CloudStack
Writing a Plugin for Apache CloudStackbuildacloud
 
Session 4 - News from ACS Community
Session 4 - News from ACS CommunitySession 4 - News from ACS Community
Session 4 - News from ACS Communitytcloudcomputing-tw
 
CloudStack 4.1, 4.2 and beyond
CloudStack 4.1, 4.2 and beyondCloudStack 4.1, 4.2 and beyond
CloudStack 4.1, 4.2 and beyondChip Childers
 
2012 CloudStack Design Camp in Taiwan--- CloudStack Overview-1
2012 CloudStack Design Camp in Taiwan--- CloudStack Overview-12012 CloudStack Design Camp in Taiwan--- CloudStack Overview-1
2012 CloudStack Design Camp in Taiwan--- CloudStack Overview-1tcloudcomputing-tw
 
Introduction to CloudStack
Introduction to CloudStack Introduction to CloudStack
Introduction to CloudStack CloudStack - Open Source Cloud Computing Project
 
Orchestration & provisioning
Orchestration & provisioningOrchestration & provisioning
Orchestration & provisioningbuildacloud
 
Hacking apache cloud stack
Hacking apache cloud stackHacking apache cloud stack
Hacking apache cloud stackMurali Reddy
 
Cloud orchestration major tools comparision
Cloud orchestration major tools comparisionCloud orchestration major tools comparision
Cloud orchestration major tools comparisionRavi Kiran
 
CloudStack Overview
CloudStack OverviewCloudStack Overview
CloudStack Overviewsedukull
 
OpenStack Super Bootcamp.pdf
OpenStack Super Bootcamp.pdfOpenStack Super Bootcamp.pdf
OpenStack Super Bootcamp.pdfOpenStack Foundation
 
Cloud Application Blueprints with Apache Brooklyn by Alex Henevald
Cloud Application Blueprints with Apache Brooklyn by Alex HenevaldCloud Application Blueprints with Apache Brooklyn by Alex Henevald
Cloud Application Blueprints with Apache Brooklyn by Alex Henevaldbuildacloud
 
Apache CloudStack from API to UI
Apache CloudStack from API to UIApache CloudStack from API to UI
Apache CloudStack from API to UICloudStack - Open Source Cloud Computing Project
 
2 Day Bootcamp for OpenStack--Cloud Training by Mirantis (Preview)
2 Day Bootcamp for OpenStack--Cloud Training by Mirantis (Preview)2 Day Bootcamp for OpenStack--Cloud Training by Mirantis (Preview)
2 Day Bootcamp for OpenStack--Cloud Training by Mirantis (Preview)Mirantis
 
Deep Dive: OpenStack Summit (Red Hat Summit 2014)
Deep Dive: OpenStack Summit (Red Hat Summit 2014)Deep Dive: OpenStack Summit (Red Hat Summit 2014)
Deep Dive: OpenStack Summit (Red Hat Summit 2014)Stephen Gordon
 
Openstack architecture for the enterprise (Openstack Ireland Meet-up)
Openstack architecture for the enterprise (Openstack Ireland Meet-up)Openstack architecture for the enterprise (Openstack Ireland Meet-up)
Openstack architecture for the enterprise (Openstack Ireland Meet-up)Keith Tobin
 
CloudStack Networking at CloudOpen Japan
CloudStack Networking at CloudOpen JapanCloudStack Networking at CloudOpen Japan
CloudStack Networking at CloudOpen JapanKimihiko Kitase
 
Cloud Computing Open Stack Compute Node
Cloud Computing Open Stack Compute NodeCloud Computing Open Stack Compute Node
Cloud Computing Open Stack Compute NodePalak Sood
 
Virtual Router in CloudStack 4.4
Virtual Router in CloudStack 4.4Virtual Router in CloudStack 4.4
Virtual Router in CloudStack 4.4Sheng Yang
 
CloudStack Architecture
CloudStack ArchitectureCloudStack Architecture
CloudStack ArchitectureCloudStack - Open Source Cloud Computing Project
 
Openstack Fundamentals by CloudZone @Back2School
Openstack Fundamentals by CloudZone @Back2SchoolOpenstack Fundamentals by CloudZone @Back2School
Openstack Fundamentals by CloudZone @Back2SchoolAsaf Abres
 
Quick overview of Openstack architecture
Quick overview of Openstack architectureQuick overview of Openstack architecture
Quick overview of Openstack architectureToni Ramirez
 
OpenStack 101 update
OpenStack 101 updateOpenStack 101 update
OpenStack 101 updateKamesh Pemmaraju
 
Cloud stack vs openstack vs eucalyptus
Cloud stack vs openstack vs eucalyptusCloud stack vs openstack vs eucalyptus
Cloud stack vs openstack vs eucalyptusAshok Kumar
 
CloudStack Best Practice in PPTV
CloudStack Best Practice in PPTVCloudStack Best Practice in PPTV
CloudStack Best Practice in PPTVgavin_lee
 
Openstack architure part 1
Openstack architure part 1Openstack architure part 1
Openstack architure part 1Nhan Cao Thanh
 
Openstack - An introduction/Installation - Presented at Dr Dobb's conference...
Openstack - An introduction/Installation - Presented at Dr Dobb's conference... Openstack - An introduction/Installation - Presented at Dr Dobb's conference...
Openstack - An introduction/Installation - Presented at Dr Dobb's conference...Rahul Krishna Upadhyaya
 
Deploy an Elastic, Resilient, Load-Balanced Cluster in 5 Minutes with Senlin
Deploy an Elastic, Resilient, Load-Balanced Cluster in 5 Minutes with SenlinDeploy an Elastic, Resilient, Load-Balanced Cluster in 5 Minutes with Senlin
Deploy an Elastic, Resilient, Load-Balanced Cluster in 5 Minutes with SenlinQiming Teng
 
VMUGIT UC 2013 - 03b Trend Micro
VMUGIT UC 2013 - 03b Trend MicroVMUGIT UC 2013 - 03b Trend Micro
VMUGIT UC 2013 - 03b Trend MicroVMUG IT
 
VMworld 2013: NSX PCI Reference Architecture Workshop Session 3 - Operational...
VMworld 2013: NSX PCI Reference Architecture Workshop Session 3 - Operational...VMworld 2013: NSX PCI Reference Architecture Workshop Session 3 - Operational...
VMworld 2013: NSX PCI Reference Architecture Workshop Session 3 - Operational...VMworld
 

More Related Content

What's hot

Cloud orchestration major tools comparision
Cloud orchestration major tools comparisionCloud orchestration major tools comparision
Cloud orchestration major tools comparisionRavi Kiran
 
CloudStack Overview
CloudStack OverviewCloudStack Overview
CloudStack Overviewsedukull
 
Cloud Application Blueprints with Apache Brooklyn by Alex Henevald
Cloud Application Blueprints with Apache Brooklyn by Alex HenevaldCloud Application Blueprints with Apache Brooklyn by Alex Henevald
Cloud Application Blueprints with Apache Brooklyn by Alex Henevaldbuildacloud
 
2 Day Bootcamp for OpenStack--Cloud Training by Mirantis (Preview)
2 Day Bootcamp for OpenStack--Cloud Training by Mirantis (Preview)2 Day Bootcamp for OpenStack--Cloud Training by Mirantis (Preview)
2 Day Bootcamp for OpenStack--Cloud Training by Mirantis (Preview)Mirantis
 
Deep Dive: OpenStack Summit (Red Hat Summit 2014)
Deep Dive: OpenStack Summit (Red Hat Summit 2014)Deep Dive: OpenStack Summit (Red Hat Summit 2014)
Deep Dive: OpenStack Summit (Red Hat Summit 2014)Stephen Gordon
 
Openstack architecture for the enterprise (Openstack Ireland Meet-up)
Openstack architecture for the enterprise (Openstack Ireland Meet-up)Openstack architecture for the enterprise (Openstack Ireland Meet-up)
Openstack architecture for the enterprise (Openstack Ireland Meet-up)Keith Tobin
 
CloudStack Networking at CloudOpen Japan
CloudStack Networking at CloudOpen JapanCloudStack Networking at CloudOpen Japan
CloudStack Networking at CloudOpen JapanKimihiko Kitase
 
Cloud Computing Open Stack Compute Node
Cloud Computing Open Stack Compute NodeCloud Computing Open Stack Compute Node
Cloud Computing Open Stack Compute NodePalak Sood
 
Virtual Router in CloudStack 4.4
Virtual Router in CloudStack 4.4Virtual Router in CloudStack 4.4
Virtual Router in CloudStack 4.4Sheng Yang
 
Openstack Fundamentals by CloudZone @Back2School
Openstack Fundamentals by CloudZone @Back2SchoolOpenstack Fundamentals by CloudZone @Back2School
Openstack Fundamentals by CloudZone @Back2SchoolAsaf Abres
 
Quick overview of Openstack architecture
Quick overview of Openstack architectureQuick overview of Openstack architecture
Quick overview of Openstack architectureToni Ramirez
 
Cloud stack vs openstack vs eucalyptus
Cloud stack vs openstack vs eucalyptusCloud stack vs openstack vs eucalyptus
Cloud stack vs openstack vs eucalyptusAshok Kumar
 
CloudStack Best Practice in PPTV
CloudStack Best Practice in PPTVCloudStack Best Practice in PPTV
CloudStack Best Practice in PPTVgavin_lee
 
Openstack architure part 1
Openstack architure part 1Openstack architure part 1
Openstack architure part 1Nhan Cao Thanh
 
Openstack - An introduction/Installation - Presented at Dr Dobb's conference...
Openstack - An introduction/Installation - Presented at Dr Dobb's conference... Openstack - An introduction/Installation - Presented at Dr Dobb's conference...
Openstack - An introduction/Installation - Presented at Dr Dobb's conference...Rahul Krishna Upadhyaya
 
Deploy an Elastic, Resilient, Load-Balanced Cluster in 5 Minutes with Senlin
Deploy an Elastic, Resilient, Load-Balanced Cluster in 5 Minutes with SenlinDeploy an Elastic, Resilient, Load-Balanced Cluster in 5 Minutes with Senlin
Deploy an Elastic, Resilient, Load-Balanced Cluster in 5 Minutes with SenlinQiming Teng
 

What's hot (20)

Cloud orchestration major tools comparision
Cloud orchestration major tools comparisionCloud orchestration major tools comparision
Cloud orchestration major tools comparision
 
CloudStack Overview
CloudStack OverviewCloudStack Overview
CloudStack Overview
 
OpenStack Super Bootcamp.pdf
OpenStack Super Bootcamp.pdfOpenStack Super Bootcamp.pdf
OpenStack Super Bootcamp.pdf
 
Cloud Application Blueprints with Apache Brooklyn by Alex Henevald
Cloud Application Blueprints with Apache Brooklyn by Alex HenevaldCloud Application Blueprints with Apache Brooklyn by Alex Henevald
Cloud Application Blueprints with Apache Brooklyn by Alex Henevald
 
Apache CloudStack from API to UI
Apache CloudStack from API to UIApache CloudStack from API to UI
Apache CloudStack from API to UI
 
2 Day Bootcamp for OpenStack--Cloud Training by Mirantis (Preview)
2 Day Bootcamp for OpenStack--Cloud Training by Mirantis (Preview)2 Day Bootcamp for OpenStack--Cloud Training by Mirantis (Preview)
2 Day Bootcamp for OpenStack--Cloud Training by Mirantis (Preview)
 
Deep Dive: OpenStack Summit (Red Hat Summit 2014)
Deep Dive: OpenStack Summit (Red Hat Summit 2014)Deep Dive: OpenStack Summit (Red Hat Summit 2014)
Deep Dive: OpenStack Summit (Red Hat Summit 2014)
 
Openstack architecture for the enterprise (Openstack Ireland Meet-up)
Openstack architecture for the enterprise (Openstack Ireland Meet-up)Openstack architecture for the enterprise (Openstack Ireland Meet-up)
Openstack architecture for the enterprise (Openstack Ireland Meet-up)
 
CloudStack Networking at CloudOpen Japan
CloudStack Networking at CloudOpen JapanCloudStack Networking at CloudOpen Japan
CloudStack Networking at CloudOpen Japan
 
Cloud Computing Open Stack Compute Node
Cloud Computing Open Stack Compute NodeCloud Computing Open Stack Compute Node
Cloud Computing Open Stack Compute Node
 
Virtual Router in CloudStack 4.4
Virtual Router in CloudStack 4.4Virtual Router in CloudStack 4.4
Virtual Router in CloudStack 4.4
 
CloudStack Architecture
CloudStack ArchitectureCloudStack Architecture
CloudStack Architecture
 
Openstack Fundamentals by CloudZone @Back2School
Openstack Fundamentals by CloudZone @Back2SchoolOpenstack Fundamentals by CloudZone @Back2School
Openstack Fundamentals by CloudZone @Back2School
 
Quick overview of Openstack architecture
Quick overview of Openstack architectureQuick overview of Openstack architecture
Quick overview of Openstack architecture
 
OpenStack 101 update
OpenStack 101 updateOpenStack 101 update
OpenStack 101 update
 
Cloud stack vs openstack vs eucalyptus
Cloud stack vs openstack vs eucalyptusCloud stack vs openstack vs eucalyptus
Cloud stack vs openstack vs eucalyptus
 
CloudStack Best Practice in PPTV
CloudStack Best Practice in PPTVCloudStack Best Practice in PPTV
CloudStack Best Practice in PPTV
 
Openstack architure part 1
Openstack architure part 1Openstack architure part 1
Openstack architure part 1
 
Openstack - An introduction/Installation - Presented at Dr Dobb's conference...
Openstack - An introduction/Installation - Presented at Dr Dobb's conference... Openstack - An introduction/Installation - Presented at Dr Dobb's conference...
Openstack - An introduction/Installation - Presented at Dr Dobb's conference...
 
Deploy an Elastic, Resilient, Load-Balanced Cluster in 5 Minutes with Senlin
Deploy an Elastic, Resilient, Load-Balanced Cluster in 5 Minutes with SenlinDeploy an Elastic, Resilient, Load-Balanced Cluster in 5 Minutes with Senlin
Deploy an Elastic, Resilient, Load-Balanced Cluster in 5 Minutes with Senlin
 

Similar to Session 1 - CloudStack Plugin Structure and Implementation (2013.Q3)

VMUGIT UC 2013 - 03b Trend Micro
VMUGIT UC 2013 - 03b Trend MicroVMUGIT UC 2013 - 03b Trend Micro
VMUGIT UC 2013 - 03b Trend MicroVMUG IT
 
VMworld 2013: NSX PCI Reference Architecture Workshop Session 3 - Operational...
VMworld 2013: NSX PCI Reference Architecture Workshop Session 3 - Operational...VMworld 2013: NSX PCI Reference Architecture Workshop Session 3 - Operational...
VMworld 2013: NSX PCI Reference Architecture Workshop Session 3 - Operational...VMworld
 
Session 3 - CloudStack Test Automation and CI
Session 3 - CloudStack Test Automation and CISession 3 - CloudStack Test Automation and CI
Session 3 - CloudStack Test Automation and CItcloudcomputing-tw
 
Masterless Puppet Using AWS S3 Buckets and IAM Roles
Masterless Puppet Using AWS S3 Buckets and IAM RolesMasterless Puppet Using AWS S3 Buckets and IAM Roles
Masterless Puppet Using AWS S3 Buckets and IAM RolesMalcolm Duncanson, CISSP
 
2014-09-15 cloud platform master class
2014-09-15 cloud platform master class2014-09-15 cloud platform master class
2014-09-15 cloud platform master classCitrix
 
Simplify and Scale Enterprise Apps in the Cloud | Boston 2023
Simplify and Scale Enterprise Apps in the Cloud | Boston 2023Simplify and Scale Enterprise Apps in the Cloud | Boston 2023
Simplify and Scale Enterprise Apps in the Cloud | Boston 2023VMware Tanzu
 
Simplify and Scale Enterprise Apps in the Cloud | Seattle 2023
Simplify and Scale Enterprise Apps in the Cloud | Seattle 2023Simplify and Scale Enterprise Apps in the Cloud | Seattle 2023
Simplify and Scale Enterprise Apps in the Cloud | Seattle 2023VMware Tanzu
 
CloudStack - Top 5 Technical Issues and Troubleshooting
CloudStack - Top 5 Technical Issues and TroubleshootingCloudStack - Top 5 Technical Issues and Troubleshooting
CloudStack - Top 5 Technical Issues and TroubleshootingShapeBlue
 
PRIVATE CLOUD SERVER IMPLEMENTATIONS FOR DATA STORAGE
PRIVATE CLOUD SERVER IMPLEMENTATIONS FOR DATA STORAGEPRIVATE CLOUD SERVER IMPLEMENTATIONS FOR DATA STORAGE
PRIVATE CLOUD SERVER IMPLEMENTATIONS FOR DATA STORAGEEditor IJCTER
 
CloudStack DC Meetup - Apache CloudStack Overview and 4.1/4.2 Preview
CloudStack DC Meetup - Apache CloudStack Overview and 4.1/4.2 PreviewCloudStack DC Meetup - Apache CloudStack Overview and 4.1/4.2 Preview
CloudStack DC Meetup - Apache CloudStack Overview and 4.1/4.2 PreviewChip Childers
 
Designing CloudStack Clouds
Designing CloudStack CloudsDesigning CloudStack Clouds
Designing CloudStack CloudsShapeBlue
 
Webinar Fondazione CRUI e VMware: VMware vRealize Suite
Webinar Fondazione CRUI e VMware: VMware vRealize Suite Webinar Fondazione CRUI e VMware: VMware vRealize Suite
Webinar Fondazione CRUI e VMware: VMware vRealize SuiteJürgen Ambrosi
 
Mastering the move
Mastering the moveMastering the move
Mastering the moveTrivadis
 
Tungsten Webinar: v6 & v7 Release Recap, and Beyond
Tungsten Webinar: v6 & v7 Release Recap, and BeyondTungsten Webinar: v6 & v7 Release Recap, and Beyond
Tungsten Webinar: v6 & v7 Release Recap, and BeyondContinuent
 
Enter The Matrix Securing Azure’s Assets
Enter The Matrix Securing Azure’s AssetsEnter The Matrix Securing Azure’s Assets
Enter The Matrix Securing Azure’s AssetsBizTalk360
 
Migrating Monoliths to Microservices -- M3
Migrating Monoliths to Microservices -- M3Migrating Monoliths to Microservices -- M3
Migrating Monoliths to Microservices -- M3Asir Selvasingh
 
Unconference Round Table Notes
Unconference Round Table NotesUnconference Round Table Notes
Unconference Round Table NotesTimothy Spann
 
Lessons Learned during IBM SmartCloud Orchestrator Deployment at a Large Tel...
Lessons Learned during IBM SmartCloud Orchestrator Deployment at a Large Tel...Lessons Learned during IBM SmartCloud Orchestrator Deployment at a Large Tel...
Lessons Learned during IBM SmartCloud Orchestrator Deployment at a Large Tel...Eduardo Patrocinio
 
Challenges In Modern Application
Challenges In Modern ApplicationChallenges In Modern Application
Challenges In Modern ApplicationRahul Kumar Gupta
 

Similar to Session 1 - CloudStack Plugin Structure and Implementation (2013.Q3) (20)

VMUGIT UC 2013 - 03b Trend Micro
VMUGIT UC 2013 - 03b Trend MicroVMUGIT UC 2013 - 03b Trend Micro
VMUGIT UC 2013 - 03b Trend Micro
 
VMworld 2013: NSX PCI Reference Architecture Workshop Session 3 - Operational...
VMworld 2013: NSX PCI Reference Architecture Workshop Session 3 - Operational...VMworld 2013: NSX PCI Reference Architecture Workshop Session 3 - Operational...
VMworld 2013: NSX PCI Reference Architecture Workshop Session 3 - Operational...
 
Session 3 - CloudStack Test Automation and CI
Session 3 - CloudStack Test Automation and CISession 3 - CloudStack Test Automation and CI
Session 3 - CloudStack Test Automation and CI
 
Masterless Puppet Using AWS S3 Buckets and IAM Roles
Masterless Puppet Using AWS S3 Buckets and IAM RolesMasterless Puppet Using AWS S3 Buckets and IAM Roles
Masterless Puppet Using AWS S3 Buckets and IAM Roles
 
Windows azure overview for SharePoint Pros
Windows azure overview for SharePoint Pros Windows azure overview for SharePoint Pros
Windows azure overview for SharePoint Pros
 
2014-09-15 cloud platform master class
2014-09-15 cloud platform master class2014-09-15 cloud platform master class
2014-09-15 cloud platform master class
 
Simplify and Scale Enterprise Apps in the Cloud | Boston 2023
Simplify and Scale Enterprise Apps in the Cloud | Boston 2023Simplify and Scale Enterprise Apps in the Cloud | Boston 2023
Simplify and Scale Enterprise Apps in the Cloud | Boston 2023
 
Simplify and Scale Enterprise Apps in the Cloud | Seattle 2023
Simplify and Scale Enterprise Apps in the Cloud | Seattle 2023Simplify and Scale Enterprise Apps in the Cloud | Seattle 2023
Simplify and Scale Enterprise Apps in the Cloud | Seattle 2023
 
CloudStack - Top 5 Technical Issues and Troubleshooting
CloudStack - Top 5 Technical Issues and TroubleshootingCloudStack - Top 5 Technical Issues and Troubleshooting
CloudStack - Top 5 Technical Issues and Troubleshooting
 
PRIVATE CLOUD SERVER IMPLEMENTATIONS FOR DATA STORAGE
PRIVATE CLOUD SERVER IMPLEMENTATIONS FOR DATA STORAGEPRIVATE CLOUD SERVER IMPLEMENTATIONS FOR DATA STORAGE
PRIVATE CLOUD SERVER IMPLEMENTATIONS FOR DATA STORAGE
 
CloudStack DC Meetup - Apache CloudStack Overview and 4.1/4.2 Preview
CloudStack DC Meetup - Apache CloudStack Overview and 4.1/4.2 PreviewCloudStack DC Meetup - Apache CloudStack Overview and 4.1/4.2 Preview
CloudStack DC Meetup - Apache CloudStack Overview and 4.1/4.2 Preview
 
Designing CloudStack Clouds
Designing CloudStack CloudsDesigning CloudStack Clouds
Designing CloudStack Clouds
 
Webinar Fondazione CRUI e VMware: VMware vRealize Suite
Webinar Fondazione CRUI e VMware: VMware vRealize Suite Webinar Fondazione CRUI e VMware: VMware vRealize Suite
Webinar Fondazione CRUI e VMware: VMware vRealize Suite
 
Mastering the move
Mastering the moveMastering the move
Mastering the move
 
Tungsten Webinar: v6 & v7 Release Recap, and Beyond
Tungsten Webinar: v6 & v7 Release Recap, and BeyondTungsten Webinar: v6 & v7 Release Recap, and Beyond
Tungsten Webinar: v6 & v7 Release Recap, and Beyond
 
Enter The Matrix Securing Azure’s Assets
Enter The Matrix Securing Azure’s AssetsEnter The Matrix Securing Azure’s Assets
Enter The Matrix Securing Azure’s Assets
 
Migrating Monoliths to Microservices -- M3
Migrating Monoliths to Microservices -- M3Migrating Monoliths to Microservices -- M3
Migrating Monoliths to Microservices -- M3
 
Unconference Round Table Notes
Unconference Round Table NotesUnconference Round Table Notes
Unconference Round Table Notes
 
Lessons Learned during IBM SmartCloud Orchestrator Deployment at a Large Tel...
Lessons Learned during IBM SmartCloud Orchestrator Deployment at a Large Tel...Lessons Learned during IBM SmartCloud Orchestrator Deployment at a Large Tel...
Lessons Learned during IBM SmartCloud Orchestrator Deployment at a Large Tel...
 
Challenges In Modern Application
Challenges In Modern ApplicationChallenges In Modern Application
Challenges In Modern Application
 

Recently uploaded

2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...gurkirankumar98700
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Paola De la Torre
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024The Digital Insurer
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEarley Information Science
 

Recently uploaded (20)

2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 

Session 1 - CloudStack Plugin Structure and Implementation (2013.Q3)

  • 1. 2013 Trend Micro 25th Anniversary CLOUDSTACK PLUGIN STRUCTURE AND IMPLEMENTATION TCloud Computing, Inc.
  • 2. 2013 Trend Micro 25th Anniversary Outline • Management Internal • Anatomy of Plugin • Practical Example – Third Party Security Solution
  • 3. 2013 Trend Micro 25th Anniversary Management Server Internal
  • 4. 2013 Trend Micro 25th Anniversary Architecture Overview •Includes all the implementation of CloudStack's HTTP Query API •Includes all supported Cloudstack Java Interfaces that can be used to bridge against external systems. Services •Defines all the processes of CloudStack Management Server. •Interacts with the Adapter Framework to provide customizations to this process. Management •Contains the implementation that map CloudStack commands to the various physical elements including network, storage, and hypervisor resources Resources •Contains the implementation to the Database Access layer. Currently it is MySQL but does not have to be limited to a database. Data Access
  • 5. 2013 Trend Micro 25th Anniversary Service Layer • Synchronous command – Scope of mgmt server or to the database – Short-live • Asynchronous command – Require a call to an external system – Take long time • Command configuration – commands.properties – <command name>=<fully qualified java classname>;<ACL>
  • 6. 2013 Trend Micro 25th Anniversary Management Layer • Kernel of CloudStack • Manager – Singleton to control a process • Adapter – Different ways to implement the same functionality. – Often used when there can be multiple ways to implement that step. • Configuration – components.xml
  • 7. 2013 Trend Micro 25th Anniversary Resource Layer • Map commands to the physical elements – Hypervisor resource – Network resoure – Storage resource
  • 8. 2013 Trend Micro 25th Anniversary Inside a Management Server API Servlet Async Job Queue Mgr CS API Services API Cmds Responses cmd.execute() Kernel Agent Manager Resources Agent API (Commands) Hypervisor Native APIs Local Or Remote Network Device API MySQL
  • 9. 2013 Trend Micro 25th Anniversary Accounts Security Manager Events Manager Usage Manager Domain Manager Account Manager Limits Manager CloudStack Orchestration VirtualMachine Manager StorageManager NetworkManager Template Manager Snapshot Manager CloudStack WebServices API OAM&P API End User API AWS API Pluggable Service API Engine CloudStack Plugins NetScalerNetwrokServiceProvider VirtualRouterNetwrokServiceProvider Business Logic Resource Manager Rules Manager Update Manager HA Manager Capacity Manager Framework Agent Manager Cluster Manager Data Access Layer Adapters Network Guru Network Element Deployment Planner Hypervisor Guru
  • 10. 2013 Trend Micro 25th Anniversary Plugins • Various ways to add more capability to CloudStack • Implements clearly defined interfaces • All operations must be idempotent • All calls are at transaction boundaries • Compiles only against the Plugin API module • Deployed on management server
  • 11. 2013 Trend Micro 25th Anniversary Anatomy of a plugin
  • 12. 2013 Trend Micro 25th Anniversary Anatomy of a Plugin • Server Component: – Can implement multiple Plugin APIs to affect its feature – Can expose its own API through Pluggable Service so administrators can configure the plugin • ServerResource: – Deployed co-located with the physical resource ServerResource - Optional. Required if Plugin needs to be co- located with the resource - Implements translation layer to talk to resource - Communicates with server component via JSON Rest API PluginAPI Data Access Layer Implementation
  • 13. 2013 Trend Micro 25th Anniversary Components of an plug-in • PluggableService that defines APIs to configure the plug-in • ServerResource extension that is meant to be run co-located with the resource • Manager code that runs within the management server with access to management database • Implement Adaptor interfaces to implement functionalities required by CloudStack • Change components.xml to make the plug-in and adaptors active
  • 14. 2013 Trend Micro 25th Anniversary Adding a Plugin to CloudStack • CloudStack assembles the components according to the xml at startup time • CloudStack assembles the list of APIs it supports according to the PlugableService specified in the properties file
  • 15. 2013 Trend Micro 25th Anniversary Components.xml Example <components.xml> ...... <management-server class="com.cloud.server.ManagementServerExtImpl" library="com.cloud.configuration.PremiumComponentLibrary"> ....... <pluggableservice name="VirtualRouterElementService” key="com.cloud.network.element.VirtualRouterElementService" class="com.cloud.network.element.VirtualRouterElement"/> </management-server> ...... </components.xml>
  • 16. 2013 Trend Micro 25th Anniversary Practical Example
  • 17. 2013 Trend Micro 25th Anniversary • CS does an excellent job for building clouds • Growing needs for solutions to secure the Cloud • Seek security solutions to work with CS • Works for both private and public cloud • Multi-tenant ,self-service, • Easy to provision • Resource effective • Easy to integrate • ElasterShield to combine the existing security solution with CloudStack Third party security solution integration
  • 18. 2013 Trend Micro 25th Anniversary Brief intro to ElasterShield • Bridge between DeepSecurity and CloudStack • Hypervisor-based, agentless security protection • Features • Firewall (L2, L3, L4) • IDS/IPS • Application Control • Web server protection • Anti-malware • XenServer ElasterShield CloudStack API DeepSecurity API
  • 19. 2013 Trend Micro 25th Anniversary Hypervisor Hypervisor-based • Agentless for user VM, need an ‘appliance’ on hypervisor • Capture network traffics • Scan VM memory • Can work with any complex network environment User VM User VM Appliance
  • 20. 2013 Trend Micro 25th Anniversary Hypervisor-Based Solution • Security Manager (DSM) • Storing rules/profiles • Provide UI/ web service API • Send command to DSVA DSM Hypervisor User VM Hypervisor User VMDSVA DSVA• Security Virtual Appliance (DSVA) • One for each hypervisor • Hypervisor redirects VM’s traffic to DSVA • Includes an engine to do the detection/prevention • Bi-directional communicate between DSM and DSVA • No impact to user VM if DSVA stops
  • 21. 2013 Trend Micro 25th Anniversary Integrate as a CS Plug-in • Security as a service, DeepSecurity as a service provider – Multi-tenant, defined by admins, subscribed by users, provisioned to VMs • No modification on CloudStack kernel, keep it as it is • Provide new security related APIs • Treat DSM as a external device and send commands to it • DSVA monitor and security management • Tailor User VM lifecycle and Hypervisor management with existing CloudStack framework
  • 22. 2013 Trend Micro 25th Anniversary Architecture Overview CloudStack Kernel ElasterShield DSM Hypervisor DSVA User VM Hypervisor DSVA User VM DS APINew CS API Managed by CS
  • 23. 2013 Trend Micro 25th Anniversary Workflow: Add DSM CloudStack Manager ElasterShield Plug-in DSM 2) Connect to DSM1) Call plug-in API Database 3) Persist into DB 1) Admin user or external UI calls Plug-in API • Parameters include DSM url/account/password • One DSM per data center 2) Plug-in calls DSM’s APIs to: • test connection with specified authentication • Get DSM info such like version, license, etc. 3) Plug-in persists the DSM info into CS database
  • 24. 2013 Trend Micro 25th Anniversary Workflow: Enable Security protection CloudStack Manager ES Plug-in DSM 3) Activate DSVA 1 ) Call plug-in API: 1) Admin user or external UI calls plug-in API 2) ES Plug-in deploys DSVA • Deploy DSVA on each host of the cluster • With specified service offering and template • Start DSVA 3) Activate DSVA • Plug-in calls DSM API to activate each DSVA Hypervisor 2) Start DSVA on each hypervisor of the cluster Hypervisor DSVA DSVA
  • 25. 2013 Trend Micro 25th Anniversary Workflow: Define Security Profiles CloudStack Manager ElasterShield Plug-in DSM 2) Call DSM API 1) Call plug-in API • For this Stage, this will be not implemented in plug-in, because it’s product-specific • Admins use DSM’s UI to define profiles • Users use Plug-in API to list and apply profiles Admin defines Rules/profiles
  • 26. 2013 Trend Micro 25th Anniversary Workflow: Apply security offering CloudStack Manager ElasterShield Plug-in DSM 3) Call DSM API,1) Call plug-in API 1) User or external UI calls plug-in API • Specify VM id and security offering id 2) Plug-in persists <VM, offering> mapping into DB • Address multi-tenant problem 3) Plug-in calls DSM API to assign corresponding profile if VM is running Database 2) Persist into DB
  • 27. 2013 Trend Micro 25th Anniversary Workflow: Add a new host CloudStack Manager ElasterShield Plug-in DSM 5) Call DSM API to activate 1) Call CS API addHost 1) User or UI calls CS API 2) CS add a new hypervisor host as usual 3) Deploy DSVA 4) Plug-in persist DSVA info Hypervisor DSVA 2) Add host 3) Deploy DSVA
  • 28. 2013 Trend Micro 25th Anniversary Workflow: Maintain a host CloudStack Manager ElasterShield Plug-in DSM 3) Call DSM API to de-activate DSVA 1) Call CS API prepareHostForMaintenance 1) User or UI calls CS API 2) Stop DSVA on it • update DSVA status into DB 3) Plug-in call DSM API to deactivate DSVA • unassign security profiles to VMs that cannot be migrated Hypervisor DSVA 2) Power off DSVA
  • 29. 2013 Trend Micro 25th Anniversary Workflow: Start Virtual Machine CloudStack Manager ElasterShield Plug-in DSM 3) Fetch VM info 1) Call CS API startVirtualMachine 1) User or UI calls CS API 2) CS checks DSVA status and starts user VM as usual 3) DSM calls CS API to fetch VM ‘s information 4) DSM notifies DSVA in the same hypervisor with VM Hypervisor DSVA User VM 2) Start User VM 4) DSM notifies ESVA
  • 30. 2013 Trend Micro 25th Anniversary Workflow: Stop Virtual Machine CloudStack Manager ElasterShield Plug-in DSM 3) Fetch VM info 1) Call CS API stopVirtualMachine 1) User or UI calls CS API 2) CS powers off user VM as usual 3) DSM calls CS API to fetch VM’s information 4) DSM notifies DSVA in the same hypervisor with VM Hypervisor DSVA User VM 2) Stop user VM 4) DSM notifies DSVA
  • 31. 2013 Trend Micro 25th Anniversary Workflow: Destroy Virtual Machine CloudStack Manager ElasterShield Plug-in 1) Call CS API destroyVirtualMachine 1) User or UI calls CS API • VM is destroyed as usual by CS 2) When VM gets expunged, plug-in removes <VM, profile> mapping from DB • VirtualMachineGuru.finalizeExpunge Database 2) Remove from DB
  • 32. 2013 Trend Micro 25th Anniversary Workflow: Query Events/Alerts CloudStack Manager ElasterShield Plug-in 1) Call plug-in API 1) User or external UI calls plug-in APIx • With query parameters such as time, VM id, user id, etc 2) Plug-in calls DSM’s API to fetch events/alerts 2) Call DSM API DSM
  • 33. 2013 Trend Micro 25th Anniversary Workflow: DSVA upgrading CloudStack Manager ElasterShield Plug-in DSM 2) Call DSM API to upgrade 1) Call plug-in API 1) Call plug-in API to upgrade DSVA , with a URL parameter 2) Plug-in forward the API to DSM 3) DSM notifies all DSVA to upgrade 4) DSVA downloads upgrading package from the URL specified 5) DSVA upgrade itself, it still functions during the upgrading. Hypervisor DSVA 3) Notify DSVA Web server 4) Download upgrade package
  • 34. 2013 Trend Micro 25th Anniversary ElasterShield Installation • Target: CloudStack 4.0 and later • Installation package – Plug-in binary - ElasterShield – DSM installation package/binary – DSVA template
  • 35. 2013 Trend Micro 25th Anniversary Q & A
  • 36. 2013 Trend Micro 25th Anniversary Thank You