2FA and OAuth2 in CloudStack - Andrija Panić - ShapeBlue

•

0 j'aime•564 vues

This talk is about authentication and authorization – Two-Factor Authentication (2FA) and OAuth2 explaining their critical roles in enhancing security and user experience within the realm of Apache CloudStack. With Two-Factor Authentication (2FA), we strengthen the authentication process, mitigate password-related or usual login vulnerabilities, and ensure compliance with security standards. On the other side of the authentication spectrum, OAuth2, the industry-standard authorization framework, simplifies the process of granting access to resources. Andrija discusses how this can be used and how it fits in CloudStack. ----------------------------------------- The CloudStack Collaboration Conference 2023 took place on 23-24th November. The conference, arranged by a group of volunteers from the Apache CloudStack Community, took place in the voco hotel, in Porte de Clichy, Paris. It hosted over 350 attendees, with 47 speakers holding technical talks, user stories, new features and integrations presentations and more.

2FA and
OAuth2 in
CloudStack
Andrija Panic™
CloudStack Collaboration Conference 2023 / #CSCollab2023
/ 23-24 Nov 2023 / Paris, France

About me,
myself and I
• Cloud Architect @ ShapeBlue
• With “my teeth into” IT, Cloud and
virtualization for last 15+ years
• Involved with CloudStack since version
4.0.0-incubating
• Apache CloudStack project committer
and PMC member
• Petrol head (dislike Tesla)
• Wannabe drummer

CloudStack
Authentication
Methods
 Local passwords
 LDAP
 SSO/SAML2
 OAUTH2
CloudStack Collaboration Conference 2023 / #CSCollab2023 / 23-24 Nov 2023 / Paris, France

CloudStack
Authentication
Methods
 Local passwords (+ 2FA)
 LDAP (+ 2FA)
 SSO/SAML2 (+ 2FA)
 OAUTH2 (+ 2FA)
CloudStack Collaboration Conference 2023 / #CSCollab2023 / 23-24 Nov 2023 / Paris, France

Local Authentication
 User’s password stored in DB
 Encrypted
 Can be hack-replaced with another user’s password (reset to a known value)
 Comes as default
CloudStack Collaboration Conference 2023 / #CSCollab2023 / 23-24 Nov 2023 / Paris, France

LDAP Authentication
 Global LDAP config, or
 Per-domain LDAP config
 3 different ways of configuration
 Manual import
 Auto import
 Auto sync
 Takes some effort to configure
CloudStack Collaboration Conference 2023 / #CSCollab2023 / 23-24 Nov 2023 / Paris, France

SAML/SSO Authentication
 Require enabling the SAML 2.0 service provider plugin in CloudStack
 Requires that admin enables each user for the SAML SSO login
 SAML authentication plugin finds user accounts whose username match the
username attribute value returned by the SAML authentication response
 Tested with Shibboleth 2.4, SSOCircle, Microsoft ADFS, OneLogin, Feide
OpenIDP
, PingIdentity
 Takes some effort to configure
CloudStack Collaboration Conference 2023 / #CSCollab2023 / 23-24 Nov 2023 / Paris, France

OAuth2 Authentication
 Require enabling the OAuth2 plugin in CloudStack
 Currently supports Google and GitHub
 OAuth2 plugin finds user accounts whose email match the email attribute
value returned by the OAuth2 service provider
 Pretty easy to configure
CloudStack Collaboration Conference 2023 / #CSCollab2023 / 23-24 Nov 2023 / Paris, France

OAuth2 Authentication
CloudStack Collaboration Conference 2023 / #CSCollab2023 / 23-24 Nov 2023 / Paris, France

2FA
CloudStack Collaboration Conference 2023 / #CSCollab2023 / 23-24 Nov 2023 / Paris, France

Why 2FA?
 Make end-user’s life more miserable!
CloudStack Collaboration Conference 2023 / #CSCollab2023 / 23-24 Nov 2023 / Paris, France

Why 2FA?
 Additional layer of security:
 Prevents man-in-the-middle attack
 Prevents attacker access if they have
your password
 Prevents hijacking an account
CloudStack Collaboration Conference 2023 / #CSCollab2023 / 23-24 Nov 2023 / Paris, France

2FA
configuration
 Introduced in ACS 4.18.0.0
 Disabled by default, needs to be
enabled
 Optional (i.e. not mandatory), by
default
 Can be set to mandatory, optionally
CloudStack Collaboration Conference 2023 / #CSCollab2023 / 23-24 Nov 2023 / Paris, France

2FA
configuration
 TOTP or static pin
 TOTP: Google/other Authenticator
 Static PIN – nor a real 2FA ?
 (stored in ACS database)
 Can be disabled/enabled per domain
 “Issuer” (visible inside the TOTP app)
can be configured per domain
CloudStack Collaboration Conference 2023 / #CSCollab2023 / 23-24 Nov 2023 / Paris, France

2FA DB-hacks
 Disable 2FA for a user
 UPDATE cloud.user SET
is_user_2fa_enabled=0,
key_for_2fa=NULL,
user_2fa_provider=NULL
WHERE id=xxxxx;
 Set static PIN for a user
 UPDATE cloud.user SET
is_user_2fa_enabled=1,
key_for_2fa=123456,
user_2fa_provider='staticpin’
WHERE id=xxxxx;
 Disabling 2FA globally, does not remove
2FA that is already set for a user
CloudStack Collaboration Conference 2023 / #CSCollab2023 / 23-24 Nov 2023 / Paris, France

2FA demo
 Let’s do it later together with OAuth2
demo!
CloudStack Collaboration Conference 2023 / #CSCollab2023 / 23-24 Nov 2023 / Paris, France

OAuth2
CloudStack Collaboration Conference 2023 / #CSCollab2023 / 23-24 Nov 2023 / Paris, France

Why OAuth2?
 Available from CloudStack 4.19.0.0
 Enables users to authenticate against
their own organizations
 GitHub and Google currently supported
 Others can be added easily
 Modern, widely used, secure
CloudStack Collaboration Conference 2023 / #CSCollab2023 / 23-24 Nov 2023 / Paris, France

OAuth2
configuration
 Disabled by default
 Once enabled, new "OAuth
configuration" available under the
"Configuration" menu
 Google and GitHub currently supported
 Needs configuration on the provider's
side (Google or GitHub) – usually only
“Name” and "Authorised redirect URIs"
(redirect URL of ACS) need to be
specified.
 Provider generates ID, secret – and this
is added to CloudStack, under “Oauth
configuration” menu
CloudStack Collaboration Conference 2023 / #CSCollab2023 / 23-24 Nov 2023 / Paris, France

OAuth2
configuration
 Needs a user with matching email
created previously inside ACS
 User can still use local authentication
(with his password)
 Redirect ULR in form of
“http://mycloud.com:8080/?verifyOau
th”
CloudStack Collaboration Conference 2023 / #CSCollab2023 / 23-24 Nov 2023 / Paris, France

DEMO
 Let’s configure GitHub-based OAuth2
and enable 2FA for that user!
CloudStack Collaboration Conference 2023 / #CSCollab2023 / 23-24 Nov 2023 / Paris, France

CloudStack Collaboration Conference 2023 / #CSCollab2023 / 23-24 Nov 2023 / Paris, France

Recommandé

CloudStack Authentication Methods – Harikrishna Patnala, ShapeBlue

ShapeBlue

CloudStack provides versatile authentication methods to ensure secure access and identity management. This talk explores key authentication mechanisms within CloudStack, including LDAP, SAML, OAuth2, API keys, etc. LDAP integration enables centralized user authentication, while SAML facilitates single sign-on (SSO) across various services. OAuth2 ensures secure authorization for third-party applications, and API keys offer programmatic access to resources. Additionally, CloudStack supports Two-Factor Authentication for an extra layer of security, enhancing user verification through multiple verification steps. ----------------------------------------- The CloudStack India User Group 2024 took place in Hyderabad on 23rd February. The conference, arranged by a group of volunteers from the Apache CloudStack Community, saw multiple sessions held about the cloud orchestration platform and its latest advancements.

Microsoft Azure News - August 2019

Daniel Toomey

The document is the meeting notes from the Brisbane Azure User Group for August 2019. It includes: - Upcoming presentations for the group from August to November 2019 on various Azure topics. - Announcements of new and updated Azure services, including GitHub Actions, Azure Data Share, Azure Monitor for containers, Dedicated Host preview, Bot Framework updates, and Azure Security Center for IoT general availability. - Information on lowered pricing for Azure Archive Storage and new NVv4 and HBv2 Azure virtual machines. - Reminders about the Azure Australia Slack team and the BAUG YouTube channel. - Updates on on-demand Azure training from Microsoft, Pluralsight, and OpsGility.

Microsoft Azure News - Dec 2023

Daniel Toomey

This document contains the agenda for the Brisbane Azure User Group meeting in December 2023. It lists upcoming presentations on topics like building AI assistants with Copilot Studio and data mapping in Azure. The document also provides announcements about new features for services like Azure Static Web Apps, Logic Apps, and Kubernetes Service. It includes links to Microsoft documentation about feature updates and retirements. Finally, it shares information about Azure-related community resources like the Australia Slack team and the BAUG YouTube channel.

Microsoft Azure News - June 2020

Daniel Toomey

The document is a newsletter from the Brisbane Azure User Group providing updates about upcoming presentations for their monthly meetups. It summarizes presentations scheduled for June through December 2020, including a presentation in June from Todd Whitehead about highlights and news from Microsoft Build 2020. It also lists some new features for Azure Front Door, Blob Storage, and online training resources.

Kubernetes Operability Tooling (GOTO Chicago 2019)

bridgetkromhout

Zero to Cloud Hero: Crafting a Private Cloud from Scratch with XCP-ng, Xen Or...

ShapeBlue

Dive into the seamless integration of the Vates stack as the foundation for your CloudStack deployment. In this workshop, you’ll witness the power and simplicity of XCP-ng and Xen Orchestra. From a blank slate to a fully operational private cloud, Olivier guides you through each pivotal step. Learn how to streamline your cloud setup process and unlock the potential of a private cloud infrastructure that’s both efficient and easy to manage. Watch to discover how to transform bare metal into a cloud powerhouse in mere minutes. ----------------------------------------- The CloudStack Collaboration Conference 2023 took place on 23-24th November. The conference, arranged by a group of volunteers from the Apache CloudStack Community, took place in the voco hotel, in Porte de Clichy, Paris. It hosted over 350 attendees, with 47 speakers holding technical talks, user stories, new features and integrations presentations and more.

Microsoft Azure News - August 2021

Daniel Toomey

The document provides information about upcoming presentations for the Brisbane Azure User Group (BAUG) as well as other Azure-related news and opportunities. In August 2021, Todd Whitehead will present on "Azure Arc and PaaS Anywhere", which allows running PaaS and Kubernetes applications on any infrastructure using Azure Arc. The document also advertises job opportunities with Deloitte for those with skills in Azure, .NET, Java, integration platforms and Agile methodology. It shares links to articles about SQL Server and Windows Server 2012 reaching end of support, Azure Bastion for remote access, updates to ArcBox for automating Azure Arc scenarios, and the general availability of Azure SQL on Azure Arc and the Spark 3.0

Appliquez le modèle Zero Trust pour le Hardening de votre Azure AD !

Identity Days

Recommandé

CloudStack Authentication Methods – Harikrishna Patnala, ShapeBlue

ShapeBlue

Microsoft Azure News - August 2019

Daniel Toomey

Microsoft Azure News - Dec 2023

Daniel Toomey

Microsoft Azure News - June 2020

Daniel Toomey

Kubernetes Operability Tooling (GOTO Chicago 2019)

bridgetkromhout

Zero to Cloud Hero: Crafting a Private Cloud from Scratch with XCP-ng, Xen Or...

ShapeBlue

Microsoft Azure News - August 2021

Daniel Toomey

Appliquez le modèle Zero Trust pour le Hardening de votre Azure AD !

Identity Days

Microsoft Azure News - July 2020

Daniel Toomey

This document provides a summary of the July 2020 Brisbane Azure User Group (BAUG) meeting. It lists upcoming presentations for BAUG meetings between January 2019 and December 2019. It also provides news on new Azure services and features, including generally available memory-optimized Azure VMs, Rules Engine for Azure Front Door and CDN, Azure Firewall Manager, and Azure Maps Power BI visual. Links are included for the BAUG Meetup page, YouTube channel, online training, and the July 2019 presentation on using Application Insights for monitoring applications.

Welcome and State of Apache CloudStack Community

ShapeBlue

Session Description: VP of Apache CloudStack welcomes the CloudStack India User Group meetup attendees in Bangalore and walks through the current state of the Apache CloudStack community, composition of committers and PMC members, release activities, contributor trends on mailing lists and GitHub, and update on community initiatives and upcoming events. Speaker Bio: Rohit is the current VP of the Apache CloudStack project, as well as a PMC member. For work, Rohit works as the VP of engineering at ShapeBlue, where he provides leadership and mentorship to the ever-growing Engineering Team. --------------------------------------------- On Friday 18th August, the Apache CloudStack India User Group 2023 took place in Bangalore, seeing CloudStack enthusiasts, experts, and industry leaders from across the country, discuss the open-source project. The meetup served as a vibrant platform to delve into the depths of Apache CloudStack, share insights, and forge new connections.

Community clouds from scratch

Jordi Guijarro

Community Clouds from Scratch Cloud Computing represents a radical change in the way we organize and use computing resources and storage. The scientific and academic communities face the challenge of not only adapting their procedures to this new paradigm, but also contributing Cloud Computing development and leading its evolution towards open, secure and interoperable computing infrastructures, which will playing a key role in the community clouds paradigm. The Spanish MEGHA initiative promotes and coordinates contributions to cloud computing R&D, education and management made by institutions affiliated with RedIRIS [7] in Spain. In the first phase (2010–2012), MEGHA validated federated cloud platforms using Opennebula and OCCI [10] to streamline the use of cloud technologies among R&E service centers. Representative infrastructure providers (CESCA, CESGA, PIC), middleware providers (OpenNebula, RedIRIS, OSAmI-Commons) and users (UAB, UOC, UM) together with intermediate/identity/brokers resources (RedIRIS) joined efforts to demonstrate the viability of this approach. The results stimulated the development of use cases including e-learning platforms on demand (Learning Apps project), a distributed HPC platform (e-Science), and Virtual Labs (VDI) in a hybrid scenario (Academic services). Next Steps? As next goal, the Spanish research and academic community is working to assess the possibilities of creating a productive Infrastructure Cloud Computing service within member institutions. With this new approach new challenges appear: Federated user authentication and authorization mechanisms. Brokering architecture scenario. Secure VM image distribution and validation. A federated cloud accounting system integrating the accounting records of multiple cloud managers and supporting federated cloud governance. Monitoring and notification of unpredictable changes in availability and readability status. Security Policies and Service Level Agreements (SLA’s).

Corda on Azure Blockchain

Juarez Junior

Corda on Azure provides an automated way to deploy Corda nodes on Microsoft Azure with integrated networking and security. It simplifies node deployment through the Azure portal. Nodes can easily join existing Corda networks. Azure services like Key Vault integrate with Corda for certificate management. Virtual networks secure node communication, with options for VNET peering or site-to-site VPN. Continuous integration deploys updates. Monitoring integrates with Azure services for node insights.

Community Clouds from Scratch

NETWAYS

Cloud Computing represents a radical change in the way we organize and use computing resources and storage. The scientific and academic communities face the challenge of not only adapting their procedures to this new paradigm, but also contributing Cloud Computing development and leading its evolution towards open, secure and interoperable computing infrastructures, which will playing a key role in the community clouds paradigm. The Spanish MEGHA initiative promotes and coordinates contributions to cloud computing R&D, education and management made by institutions affiliated with RedIRIS [7] in Spain. In the first phase (2010–2012), MEGHA validated federated cloud platforms using Opennebula and OCCI [10] to streamline the use of cloud technologies among R&E service centers. Representative infrastructure providers (CESCA, CESGA, PIC), middleware providers (OpenNebula, RedIRIS, OSAmI-Commons) and users (UAB, UOC, UM) together with intermediate/identity/brokers resources (RedIRIS) joined efforts to demonstrate the viability of this approach. The results stimulated the development of use cases including e-learning platforms on demand (Learning Apps project), a distributed HPC platform (e-Science), and Virtual Labs (VDI) in a hybrid scenario (Academic services). Next Steps? As next goal, the Spanish research and academic community is working to assess the possibilities of creating a productive Infrastructure Cloud Computing service within member institutions. With this new approach new challenges appear: Federated user authentication and authorization mechanisms. Brokering architecture scenario. Secure VM image distribution and validation. A federated cloud accounting system integrating the accounting records of multiple cloud managers and supporting federated cloud governance. Monitoring and notification of unpredictable changes in availability and readability status. Security Policies and Service Level Agreements (SLA’s).

Microsoft Azure News - June 2021

Daniel Toomey

The document provides information about upcoming presentations for the Brisbane Azure User Group (BAUG) from February 2021 to December 2021. It also includes announcements about new Azure services and capabilities like Azure Static Web Apps going generally available, NVIDIA A100 GPU clusters on Azure, and Azure Cosmos DB features. Opportunities with Deloitte related to cloud integration skills are mentioned. Links to blog posts about new Azure capabilities like Bicep and Azure application services running on Azure Arc are provided.

Curso Microsoft Azure Solutions Arquitect Expert

Jose Miguel Fenollosa Sendra

This document certifies that Jose Miguel Fenollosa Sendra completed a Microsoft Azure Solutions Architect course from October 26th to November 12th, 2020. The course covered topics such as deploying and managing Azure infrastructure, implementing workloads and security, cloud architect technologies, and designing Azure solutions for identity, security, data platforms, deployment/migration, and infrastructure. It was co-financed by the European Social Fund and the Government of Aragon. The certificate was issued by the Advanced Technologies Center of Zaragoza and signed electronically.

Start Automating InfluxDB Deployments at the Edge with balena

InfluxData

balena.io helps companies develop, deploy, update, and manage IoT devices. By using Linux containers and other cloud technologies, balena enables teams to quickly and easily build fleets of connected devices. Developers are able to use containers with the language of choice and pull IoT sensor data from 70+ different single board computers into balenaCloud. Discover how to use balena.io to automate your InfluxDB deployments at the edge! During this one-hour session, experts from balena and InfluxData will demonstrate how to build and deploy your own air quality IoT solution. You will learn: The fundamentals of IoT sensor deployment and management using balena. How to use a time series platform to collect and visualize metrics from edge devices. Tips and tricks to using balenaCloud to automate InfluxDB deployments and Telegraf configurations. How to use InfluxDB's Edge Data Replication feature to collect sensor data and push it to InfluxDB Cloud for analysis. No coding experience required, just a curiosity to start your own IoT adventure.

Experts Live Switzerland 2017 - Automatisierte Docker Release Pipeline mit VS...

Marc Müller

Container Technologien erfreuen sich grosser Beliebtheit und sind mittlerweile auch im Microsoft Entwicklerumfeld angekommen. Visual Studio als Entwicklungswerkzeug bietet neu eine direkte Docker Unterstützung und mit Asp.NET Core respektive .NET Core ist auch die Kompatibilität mit Linux-basierten Docker Containern gegeben. Erfahren Sie in diesem Vortrag, wie sie mit Visual Studio und TFS eine Docker-basierte Build und Release Automatisierung implementieren und betreiben. Mit Azure Container Services haben wir einen skalierbare und ausfallsicheren Cluster zur Verfügung, welcher sich optimal in unsere Release-Pipeline integriert.

Microsoft Azure News - April 2024 .

Daniel Toomey

VanillaJS & the Web Platform, a match made in heaven?

Bertrand Delacretaz

Decide for Dummies

pruizclaudia

DECIDE DevOps framework provides an integrated environment for multi-cloud native application developers and operators to design, develop, deploy and operate multi-cloud applications following the DevOps philosophy on continuous integration, continuous quality and continuous delivery. DECIDE for dummies provides a thorough guidance on how to use the DECIDE DevOps framework with the Sockshop microservices based application example. It includes the installation guidelines for the different components and an step by step guidance through the different components. The DevOps framework integrates all the DECIDE components in one platform to 1) define NFRs and assign them to specific application components, 2) apply architectural patterns at different dimensions (generic, optimization, availability, performance) using ARCHITECT, 3) optimize and select the best topology for a multi-cloud application to be deployed on multiple clouds through OPTIMUS using cloud services offerings directly from CSPs or from the ACSmI, 3) define a multi-cloud SLA (MCSLA) based on the selected CSPs where the application will be deployed with the support of MCSLA editor, 4) automatically deploy the components following an application containerization approach on multiple clouds using ADAPT, 5) to monitor the behavior of the application with respect to its own MCSLA and the established NFR for the cloud resources where the application is deployed in order to (semi-)automatically re-adapt and redeploy the application to the new configuration suggested by OPTIMUS.

DECIDE for Dummies

DECIDEH2020

Bye bye Identity Server

Sergio Navarro Pino

Identity Server ha sido durante mucho tiempo el framework para OpenIdConnect y OAuth 2 más utilizado en el ámbito de .NET. Usándolo conectábamos de modo seguro front y back, conseguíamos Single Sign-On y en general manejábamos aspectos relativos a la seguridad de nuestras aplicaciones. Pero nada es eterno, y en Octubre de 2020, desde Duende Software, fundada por los mantainers de Identity Server anunciaban que el soporte se acabaría junto al de .NET Core 3.1 ¡Y eso se acerca! En noviembre de 2022 dejará de mantenerse, y por tanto dejaremos de recibir actualizaciones de seguridad. ¿Qué opciones tenemos? Veremos algunas de ellas, entre las que están otros paquetes open source y soluciones que Microsoft nos ofrece en Azure, como Azure AD B2C.

FIWARE for OPC UA Robots (The i4Q Use Case) - Gabriele De Luca.pptx

FIWARE

This session will provide an opportunity for attendees to learn about concrete challenges, technology trends and concrete application scenarios which are driving the FIWARE technical roadmap on robotics and automation technologies. The session will commence with an overview of the FIWARE approach to create and exploit synergies between Digital Twins and AI-driven robotics automation in the context of smart industry solutions for manufacturing, intralogistics, and agriculture sectors. Following that, the presentations will delve into real-world examples, emphasizing the potential benefits and limitations of Digital Twin approaches to smart solution development in concrete robotics contexts. Special emphasis will be put on showing how FIWARE based digital twins and robotics bring value into disruptive solutions for manufacturing execution and operations management, material flow automation, and efficient monitoring and supervision of smart agriculture environments such as green houses and insect farms. The interoperability between FIWARE-based digital twins and OPC UA robots is also a major topic in this session. To conclude, a wrap up presentation will summarize the take away messages, provide some insights into the future direction of this exciting technology, and discuss some relevant opportunities for establishing collaboration projects. Attendees will leave the session with a greater understanding of FIWARE-based Digital Twins in smart industry solutions, how they can be used to improve the performance and efficiency of robotic systems, and some of the most relevant initiatives of the FIWARE community in this domain.

David Campro - FromData2ML (1).pptx

FIWARE

Are you ready to take your smart solutions to the next level? During this session, you will learn how to integrate AI and ML platforms for analysis and processing of digital twin data in systems based on FIWARE. In this session, we'll cover all aspects of ML Ops, including how to deploy ML in edge systems, and show you how to use AI and ML to turn data into actionable insights and business value. You'll discover how to leverage the power of AI and ML to optimize your smart solutions and gain a competitive edge. You'll learn how to implement ML Ops in solutions powered by FIWARE, enabling you to easily deploy machine learning models and update them in real-time. We'll also discuss how to deploy ML in edge systems, allowing you to process data locally and avoid the latency of sending it to a central server. This session will invite participants to discover how to put data to work and turn it into wisdom that drives business value. Moreover, different experiences on how to automatize ML, especially regarding training and deploying ML models into solutions powered by FIWARE in different real scenarios. If you are interested in learning how to turn machine learning models towards perfection and deliver ML solutions more easily as part of solutions powered by FIWARE, to extract the most out of data, this session is for you.

Citrix Octoblu Architecture Breakdown

John Moody

Octoblu is a platform that connects devices, services, sensors, and people through a common addressing and messaging system. All components are represented as nodes that can be connected through automated flows to send and receive JSON data via unique identifiers. It provides tools for device and data management, flow automation, and deployment in private/public clouds or small appliances. The core technologies include Meshblu for cross-protocol messaging, security, and registration; Gateblu and Mobiblu for device plugins; and Octo for flow automation in secure containers.

Meet the Committers Webinar_ Lab Preparation

Timothy Spann

This document provides information and guidance for participants in a Cloudera DataFlow sandbox from May 3 to May 9, 2023. The key points are: - The sandbox is a shared environment where all users can access each other's flows. No production data should be used. Inactive flows may be stopped after 4 hours. - The sandbox will be destroyed on May 9 at midnight. Participants must complete and save their flows by then. - There is a best in flow competition to build and document a functional flow by the deadline for a chance to win a $2,000 prize. Requirements for eligible flows are described. - The document provides links to resources like ready flows, examples,

Microsoft Azure News - 2019 January

Daniel Toomey

The document provides information about upcoming presentations for the Brisbane Azure User Group (BAUG) meeting in January 2019. Heinrich Braasch will present on using Azure IoT to control a Weber barbecue from anywhere in the world. The document also summarizes new features for Azure including neural text-to-speech, transparent data encryption for managed instances, Azure Monitor for containers, static websites on Azure Storage, and virtual network service endpoints. Links are provided to blog posts with further details on each new Azure feature.

Serverless PostGIS

Addresscloud

This document discusses Aurora Serverless for Postgres, a serverless database hosted on AWS. It provides an overview of Aurora Serverless and demonstrates how to set it up. Key features include horizontal scaling of compute and high availability. The document also covers accessing the database within a VPC, using the Data API to query from Lambda, and building serverless vector tiles with the database. In summary, Aurora Serverless scales automatically in response to usage, with one deployment experiencing a 5x scale during data loading and queries.

CloudStack Tooling Ecosystem – Kiran Chavala, ShapeBlue

ShapeBlue

In this session, Kiran gives a talk about the rich ecosystem of tools (cmk, CAPC, Terraform, Ansible, Packer, csbench, mbx), that support Cloudstack. Find out how the various tools work and how easy it is to integrate with Apache CloudStack. This session provides a great way to speed up CloudStack adoption and improve performance by saving valuable time. ----------------------------------------- The CloudStack India User Group 2024 took place in Hyderabad on 23rd February. The conference, arranged by a group of volunteers from the Apache CloudStack Community, saw multiple sessions held about the cloud orchestration platform and its latest advancements.

Elevating Cloud Infrastructure with Object Storage, DRS, VM Scheduling, and D...

ShapeBlue

In this session, Vishesh Jindal and Jithin Raju give a demonstration on Apache CloudStack's 4.19 marquee features - Object Storage, DRS, VM schedule & DRaaS. ----------------------------------------- The CloudStack India User Group 2024 took place in Hyderabad on 23rd February. The conference, arranged by a group of volunteers from the Apache CloudStack Community, saw multiple sessions held about the cloud orchestration platform and its latest advancements.

Contenu connexe

Similaire à 2FA and OAuth2 in CloudStack - Andrija Panić - ShapeBlue

Microsoft Azure News - July 2020

Daniel Toomey

Welcome and State of Apache CloudStack Community

ShapeBlue

Community clouds from scratch

Jordi Guijarro

Corda on Azure Blockchain

Juarez Junior

Community Clouds from Scratch

NETWAYS

Microsoft Azure News - June 2021

Daniel Toomey

Curso Microsoft Azure Solutions Arquitect Expert

Jose Miguel Fenollosa Sendra

Start Automating InfluxDB Deployments at the Edge with balena

InfluxData

Experts Live Switzerland 2017 - Automatisierte Docker Release Pipeline mit VS...

Marc Müller

Microsoft Azure News - April 2024 .

Daniel Toomey

VanillaJS & the Web Platform, a match made in heaven?

Bertrand Delacretaz

Decide for Dummies

pruizclaudia

DECIDE for Dummies

DECIDEH2020

Bye bye Identity Server

Sergio Navarro Pino

FIWARE for OPC UA Robots (The i4Q Use Case) - Gabriele De Luca.pptx

FIWARE

David Campro - FromData2ML (1).pptx

FIWARE

Citrix Octoblu Architecture Breakdown

John Moody

Meet the Committers Webinar_ Lab Preparation

Timothy Spann

Microsoft Azure News - 2019 January

Daniel Toomey

Serverless PostGIS

Addresscloud

Similaire à 2FA and OAuth2 in CloudStack - Andrija Panić - ShapeBlue (20)

Microsoft Azure News - July 2020

Welcome and State of Apache CloudStack Community

Community clouds from scratch

Corda on Azure Blockchain

Community Clouds from Scratch

Microsoft Azure News - June 2021

Curso Microsoft Azure Solutions Arquitect Expert

Start Automating InfluxDB Deployments at the Edge with balena

Experts Live Switzerland 2017 - Automatisierte Docker Release Pipeline mit VS...

Microsoft Azure News - April 2024 .

VanillaJS & the Web Platform, a match made in heaven?

Decide for Dummies

DECIDE for Dummies

Bye bye Identity Server

FIWARE for OPC UA Robots (The i4Q Use Case) - Gabriele De Luca.pptx

David Campro - FromData2ML (1).pptx

Citrix Octoblu Architecture Breakdown

Meet the Committers Webinar_ Lab Preparation

Microsoft Azure News - 2019 January

Serverless PostGIS

Plus de ShapeBlue

CloudStack Tooling Ecosystem – Kiran Chavala, ShapeBlue

ShapeBlue

Elevating Cloud Infrastructure with Object Storage, DRS, VM Scheduling, and D...

ShapeBlue

VM Migration from VMware to CloudStack and KVM – Suresh Anaparti, ShapeBlue

ShapeBlue

The support for migrating VMware instances, and importing KVM instances to a CloudStack-managed KVM environment has been added to CloudStack 4.19. In this talk, Suresh provides the details about the import/migration process in CloudStack along with a demo, and discusses the future improvements. ----------------------------------------- The CloudStack India User Group 2024 took place in Hyderabad on 23rd February. The conference, arranged by a group of volunteers from the Apache CloudStack Community, saw multiple sessions held about the cloud orchestration platform and its latest advancements.

How We Grew Up with CloudStack and its Journey – Dilip Singh, DataHub

ShapeBlue

In this session, Senior IT Manager at DataHub Nepal, Dilip Singh, shares how DataHub grew up with CloudStack and details the journey the company had with the cloud orchestration platform. ----------------------------------------- The CloudStack India User Group 2024 took place in Hyderabad on 23rd February. The conference, arranged by a group of volunteers from the Apache CloudStack Community, saw multiple sessions held about the cloud orchestration platform and its latest advancements.

What’s New in CloudStack 4.19, Abhishek Kumar, Release Manager Apache CloudSt...

ShapeBlue

This session gives a brief introduction to the new and exciting feature in the latest CloudStack LTS release, ie, 4.19.0. The discussion includes the details on the timeline of the CloudStack 4.19.0 release, overview of some of the marquee, new feature of the release – Object storage framework, KVM ingestion, Hypervisor agnostic simple DRS, CAPC aware CKS, OAuth2, DRaaS with Multi zone disaster recovery, etc and a summary of improvements added since the previous major LTS release of the CloudStack, ie, 4.18.0. ----------------------------------------- The CloudStack India User Group 2024 took place in Hyderabad on 23rd February. The conference, arranged by a group of volunteers from the Apache CloudStack Community, saw multiple sessions held about the cloud orchestration platform and its latest advancements.

CloudStack 101: The Best Way to Build Your Private Cloud – Rohit Yadav, VP Ap...

ShapeBlue

Apache CloudStack is an open-source software designed to deploy and manage large networks of virtual machines, as a highly available, highly scalable Infrastructure as a Service (IaaS) cloud computing platform. This talk gives an introduction to the technology, its architecture, its history and community. ----------------------------------------- The CloudStack India User Group 2024 took place in Hyderabad on 23rd February. The conference, arranged by a group of volunteers from the Apache CloudStack Community, saw multiple sessions held about the cloud orchestration platform and its latest advancements.

How We Use CloudStack to Provide Managed Hosting - Swen Brüseke - proIO

ShapeBlue

Swen shows how proIO utilize Cloudstack to provide customers with managed hosting solutions and versatile public and private cloud solutions, mainly based on open-source software. ----------------------------------------- The CloudStack Collaboration Conference 2023 took place on 23-24th November. The conference, arranged by a group of volunteers from the Apache CloudStack Community, took place in the voco hotel, in Porte de Clichy, Paris. It hosted over 350 attendees, with 47 speakers holding technical talks, user stories, new features and integrations presentations and more.

Enabling DPU Hardware Accelerators in XCP-ng Cloud Platform Environment - And...

ShapeBlue

In cloud computing environments, VMs require fast access to resources like storage and networking. The hardware that the VMs access is implemented in software and/or by passing through a dedicated hardware device. Software-based solutions consume extra CPU cycles, thus resulting in poor performance. Also, these require to expose a device-model to the guest, thus increasing the attack surface. Conversely, hardware passthrough provides better performance and security but can be expensive in terms of the number of physical resources, since each device is dedicated to a single VM. This talk focuses on how Vates is working on sharing hardware resources among VMs by relying on dedicated processors named Data Processing Units (DPU). More precisely, Vates work on offloading Xen hypervisor of storage emulation by relying on Kalray K200 DPU PCIe controllers, a hardware accelerator based on MPPA architecture. ----------------------------------------- The CloudStack Collaboration Conference 2023 took place on 23-24th November. The conference, arranged by a group of volunteers from the Apache CloudStack Community, took place in the voco hotel, in Porte de Clichy, Paris. It hosted over 350 attendees, with 47 speakers holding technical talks, user stories, new features and integrations presentations and more.

KVM Security Groups Under the Hood - Wido den Hollander - Your.Online

ShapeBlue

They are just a few clicks in the UI or a single API call, but how do security groups work at KVM hypervisor level? How do they filter traffic and what else do they do in addition to firewalling? What Anti-Spoofing policies are implemented by the security groups? In this talk, Wido dives into the specifics of the security groups on the KVM hypervisor for both IPv4 and IPv6. ----------------------------------------- The CloudStack Collaboration Conference 2023 took place on 23-24th November. The conference, arranged by a group of volunteers from the Apache CloudStack Community, took place in the voco hotel, in Porte de Clichy, Paris. It hosted over 350 attendees, with 47 speakers holding technical talks, user stories, new features and integrations presentations and more.

How to Re-use Old Hardware with CloudStack. Saving Money and the Environment ...

ShapeBlue

Wido den Hollander from Your.Online discusses how the company maximizes the lifespan of its hardware to reduce environmental impact. It uses Apache CloudStack to tag hosts by generation and direct workloads to the appropriate tier, allowing older hardware to still be utilized. Live migrations are enabled by configuring CPU profiles in KVM. Ceph storage clusters can also leverage refurbished hardware. Tracking metrics like kWh consumption of CloudStack deployments could provide further insight into environmental impact.

Use Existing Assets to Build a Powerful In-house Cloud Solution - Magali Perv...

ShapeBlue

How to minimize the impact when it’s time to implement a cloud solution for automating internal workloads and delivering efficient solutions? Magali, Joffrey, and Grégoire present a case study of a successful hardware reuse project, including key metrics: Business objectives, Performance objectives and Financial objectives. ----------------------------------------- The CloudStack Collaboration Conference 2023 took place on 23-24th November. The conference, arranged by a group of volunteers from the Apache CloudStack Community, took place in the voco hotel, in Porte de Clichy, Paris. It hosted over 350 attendees, with 47 speakers holding technical talks, user stories, new features and integrations presentations and more.

Import Export Virtual Machine for KVM Hypervisor - Ayush Pandey - University ...

ShapeBlue

This document discusses importing and exporting unmanaged KVM instances in CloudStack. It begins with an introduction to unmanaged instances and the APIs added to support importing and exporting KVM instances. It provides an overview of the import and export flows and requirements. It also demonstrates importing and exporting unmanaged KVM instances through the CloudStack UI and CLI. Finally, it discusses future enhancements such as supporting additional hypervisors and batch operations.

DRaaS using Snapshot copy and destination selection (DRaaS) - Alexandre Matti...

ShapeBlue

Apache CloudStack 4.19 introduces the capability for end-users to copy their root disk or volume snapshots to one (or more) ACS Zones without operator intervention. In this talk, Alex shows how this simple yet powerful new feature enables for end-users to control where their data resides and for operators to provide low-cost and robust DRaaS to their customers. ----------------------------------------- The CloudStack Collaboration Conference 2023 took place on 23-24th November. The conference, arranged by a group of volunteers from the Apache CloudStack Community, took place in the voco hotel, in Porte de Clichy, Paris. It hosted over 350 attendees, with 47 speakers holding technical talks, user stories, new features and integrations presentations and more.

Mitigating Common CloudStack Instance Deployment Failures - Jithin Raju - Sha...

ShapeBlue

A discussion on the common failures when using CloudStack taking instance deployment as an example. The session includes 15 specific failure scenarios, their causes, and possible mitigation steps. ----------------------------------------- The CloudStack Collaboration Conference 2023 took place on 23-24th November. The conference, arranged by a group of volunteers from the Apache CloudStack Community, took place in the voco hotel, in Porte de Clichy, Paris. It hosted over 350 attendees, with 47 speakers holding technical talks, user stories, new features and integrations presentations and more.

Elevating Privacy and Security in CloudStack - Boris Stoyanov - ShapeBlue

ShapeBlue

In an increasingly interconnected digital landscape, safeguarding data privacy and ensuring robust security measures are paramount. CloudStack offers a dynamic ecosystem for deploying and managing cloud resources. However, to fully harness its potential, it is crucial to address privacy and security concerns effectively. This presentation explores the realm of possibilities and demonstrates how CloudStack can enhance the privacy and security of your cloud deployments. Boris examines practical approaches to protect sensitive data, fortify communications, and secure your infra against emerging threats. Join us on a journey to discover how CloudStack can be your trusted ally in the quest for a more secure and private cloud environment. ----------------------------------------- The CloudStack Collaboration Conference 2023 took place on 23-24th November. The conference, arranged by a group of volunteers from the Apache CloudStack Community, took place in the voco hotel, in Porte de Clichy, Paris. It hosted over 350 attendees, with 47 speakers holding technical talks, user stories, new features and integrations presentations and more.

Transitioning from VMware vCloud to Apache CloudStack: A Path to Profitabilit...

ShapeBlue

In this session, Marco explores the potential of migrating from VMware vCloud to Apache CloudStack with KVM. VMware vCloud Suite is a robust cloud infrastructure and management solution that combines vSphere and vRealize Suite, providing automation and operations capabilities for traditional and modern infrastructure and apps. However, the transition to Apache CloudStack can offer enhanced profitability and competitiveness. Marco delves into the benefits of Apache CloudStack, including its cost-effectiveness and open-source nature, and discusses how a gradual migration from VMware vCloud can reduce ownership costs, increase profitability, and enhance competitiveness. He also covers the practical steps and considerations in planning and executing this transition effectively. ----------------------------------------- The CloudStack Collaboration Conference 2023 took place on 23-24th November. The conference, arranged by a group of volunteers from the Apache CloudStack Community, took place in the voco hotel, in Porte de Clichy, Paris. It hosted over 350 attendees, with 47 speakers holding technical talks, user stories, new features and integrations presentations and more.

Hypervisor Agnostic DRS in CloudStack - Brief overview & demo - Vishesh Jinda...

ShapeBlue

This document discusses hypervisor agnostic Distributed Resource Scheduler (DRS) in CloudStack 4.19. It describes DRS as a feature that rebalances virtual machines across a cluster to assist with power savings while building on existing live migration capabilities. Two main DRS algorithms are covered - Balanced, which balances load across hosts, and Condensed, which reduces the number of active hosts. Implementation details and how to configure DRS for a cluster are also outlined. The document concludes with an offer to demonstrate DRS and take any questions.

What’s New in CloudStack 4.19 - Abhishek Kumar - ShapeBlue

ShapeBlue

This session gives a brief introduction of the new and exciting feature in the latest (upcoming) CloudStack LTS release, ie, 4.19.0. The discussion includes the details on the timeline of the CloudStack 4.19.0 release, overview of some of the marquee, new feature of the release – Object storage framework, KVM ingestion, Hypervisor agnostic simple DRS, CAPC aware CKS, OAuth2, DRaaS with Multi zone disaster recovery, etc and a summary of improvements added since the previous major LTS release of the CloudStack, ie, 4.18.0. ----------------------------------------- The CloudStack Collaboration Conference 2023 took place on 23-24th November. The conference, arranged by a group of volunteers from the Apache CloudStack Community, took place in the voco hotel, in Porte de Clichy, Paris. It hosted over 350 attendees, with 47 speakers holding technical talks, user stories, new features and integrations presentations and more.

Developments to CloudStack’s SDN ecosystem: Integration with VMWare NSX 4 - P...

ShapeBlue

VMWare NSX is a network virtualization platform that abstracts physical infrastructure and provides micro-segmentation. It originated from research on software defined networks at Stanford University. NSX was later acquired by VMWare. The latest release is NSX4, which is decoupled from vSphere and supports multiple hypervisors and containers. In CloudStack, NSX provides logical network segmentation and implements network services like DHCP, load balancing, NAT, and firewalls for virtual networks and VPCs through its API integration with the CloudStack management server. A live demo then showed how some of these NSX network functions work for VPCs in CloudStack.

CloudStack Managed User Data and Demo - Harikrishna Patnala - ShapeBlue

ShapeBlue

We know existing Userdata support in CloudStack enables users to inject custom scripts or data into virtual machines during provisioning, facilitating automation and customization of VM setup and configuration. This talk is about delivering the extended support of userdata with “Managed UserData” which enables users to register and manage their own UserData script(s) as a CloudStack resource - followed by a demo. ----------------------------------------- The CloudStack Collaboration Conference 2023 took place on 23-24th November. The conference, arranged by a group of volunteers from the Apache CloudStack Community, took place in the voco hotel, in Porte de Clichy, Paris. It hosted over 350 attendees, with 47 speakers holding technical talks, user stories, new features and integrations presentations and more.

Plus de ShapeBlue (20)