http://libvirt.org/ is a foundation stone of many virtualization capabilities and where really interesting features are being added to cloud and virtualization.
for one area, it is where software defined storage (SDS) inserts itself, for example, ceph provides software defined storage and makes it available to OpenStack as a swift interface. Underneath, it is not part of OpenStack but so tightly integrates with OpenStack and works underneath, that tenants will never know nor detect any difference in their access to storage.
another, VMQoS examines the QoS (quality of service) issues internal to a complex service like OpenStack. Conventional QoS talks about external connectivity (communications QoS), but what about the internal movement of data between compute and storage (through the network linking them)? How is that measured and what assurances can be established, and corrected when the performance deviates beyond set limits?
it can also be an interesting attack surface for malicious actors since so much depends on libvirt
Tuesday, November 8, 2016
Sunday, October 2, 2016
Saturday, October 1, 2016
Mirantis Fuel - deploy OpenStack
Using Mirantis 7.0 from https://www.mirantis.com/software/mirantis-openstack/releases/ - use the iso image to boot a virtual server under VirtualBox.
Mirantis can then deploy OpenStack to two other virtual servers. Once the 2 "slave" servers are deployed, you can log on to the OpenStack console (Horizon) and create virtual servers, virtual networks (switches), virtual routers, import images of other cloud servers; for example from http://cloud-images.ubuntu.com/.
After deploying, I ran 'ifconfig -a' on all three systems, and grouped where the IP addresses appeared to be on the same subnet. Note Horizon 172.16.0.3 is not a physical interface, it's a virtual IP on the compute node (slave1).
After deploying some instances of virtual networks and servers, here is how the virtual parts align with the physical parts:
Observe that the 172.160.0.x address that is the "associated IP" for the internal virtual server (associated / mapped to the virtual server in 192.168.111.x), is in the same routing domain and IP address subnet as they physical 172.16.0.1 address of the Fuel server, the application virtual IP accessing Horizon at 172.16.0.3, and now the IP you will use to access the virtual server created by OpenStack.
Mirantis can then deploy OpenStack to two other virtual servers. Once the 2 "slave" servers are deployed, you can log on to the OpenStack console (Horizon) and create virtual servers, virtual networks (switches), virtual routers, import images of other cloud servers; for example from http://cloud-images.ubuntu.com/.
After deploying, I ran 'ifconfig -a' on all three systems, and grouped where the IP addresses appeared to be on the same subnet. Note Horizon 172.16.0.3 is not a physical interface, it's a virtual IP on the compute node (slave1).
After deploying some instances of virtual networks and servers, here is how the virtual parts align with the physical parts:
Observe that the 172.160.0.x address that is the "associated IP" for the internal virtual server (associated / mapped to the virtual server in 192.168.111.x), is in the same routing domain and IP address subnet as they physical 172.16.0.1 address of the Fuel server, the application virtual IP accessing Horizon at 172.16.0.3, and now the IP you will use to access the virtual server created by OpenStack.
Monday, May 16, 2016
python sockets tutorial
https://thenewboston.com/videos.php?cat=361&video=30085
reverse network connection using python libraries -
reverse network connection using python libraries -
Friday, May 6, 2016
mobile app dev tools - summary
https://www.educba.com/mobile-app-development-tools/
Home » eduCBA Blog » Mobile Apps » Mobile App Development Tools
Mobile App Development Tools
In the age of mobile phones and Smartphones, ‘Mobile app’ is a commonly heard term. Mobile app are small software applications that run on mobile phones or other mobile devices and serve some specific function or provide information on a particular topic. Some examples of mobile app that usually every smartphone comes preloaded with, are: calendar, calculator, e-mail, clock and weather information. Additional apps can be downloaded on the phone through app store native to the Operating System of the phone you own, such as: Apple’s App Store, Google Play, Windows Phone Store and BlackBerry App World, which are the distribution platforms for these apps.
Home » eduCBA Blog » Mobile Apps » Mobile App Development Tools
Mobile App Development Tools
In the age of mobile phones and Smartphones, ‘Mobile app’ is a commonly heard term. Mobile app are small software applications that run on mobile phones or other mobile devices and serve some specific function or provide information on a particular topic. Some examples of mobile app that usually every smartphone comes preloaded with, are: calendar, calculator, e-mail, clock and weather information. Additional apps can be downloaded on the phone through app store native to the Operating System of the phone you own, such as: Apple’s App Store, Google Play, Windows Phone Store and BlackBerry App World, which are the distribution platforms for these apps.
Tuesday, May 3, 2016
Communicating securely over network connections
Communicating securely over networks, particularly systems exposed to public internet, is an ongoing challenge. The bad news is, every criminal in the world who has access to the internet is constantly trying to break into your computer, your tablet, your smartphone, and your Raspberry Pi. The good news is that there are very good, secure tools that are well recognized as "secure". Some provisos apply:
1. configuration of software used for such communications, to disable features that are considered security weaknesses.
2. understanding that all software is defective in some way, it is a necessity to patch vulnerable software when you are notified, and for open source software, that means signing up for notifications
3. many free security capabilities include multi-factor authentication, including a personal and account-specific code generated on your smartphone, so only the person (presumably you) who is holding the smartphone, can log in to your account.
One of these tools is SSH, or Secure SHell. There are many free versions:
-- OpenSSH for Linux
-- PuTTy for Windows
-- there are Java based SSH clients
-- there is even a Chrome browser plugin that runs SSH client
A properly configured SSH client and server connection might be called a "gold standard" of communication over public (untrusted) networks.
SSH is a mature technology that has many interested features and capabilities, well beyond a command line interface to a system:
A. SCP and SFTP for file transfer is encrypted using the same mechanisms in SSH
B. rsync can use SSH as the connection between synchronization of files between systems
C. Port forwarding is one of the most powerful and overlooked capabilities, I'll post a link to a presentation on SSH in an upcoming blog entry.
However, a poorly configured SSH scenario only gives users and administrators an illusion and assumption of security, For example, if no one actually checks or validates the server key that is presented at an initial connection from an SSH client, the user really has no idea whether they are connecting to a hostile server that is capturing all your communications. This scenario is typically referred to as MITM, or "man in the middle" attack.
1. configuration of software used for such communications, to disable features that are considered security weaknesses.
2. understanding that all software is defective in some way, it is a necessity to patch vulnerable software when you are notified, and for open source software, that means signing up for notifications
3. many free security capabilities include multi-factor authentication, including a personal and account-specific code generated on your smartphone, so only the person (presumably you) who is holding the smartphone, can log in to your account.
One of these tools is SSH, or Secure SHell. There are many free versions:
-- OpenSSH for Linux
-- PuTTy for Windows
-- there are Java based SSH clients
-- there is even a Chrome browser plugin that runs SSH client
A properly configured SSH client and server connection might be called a "gold standard" of communication over public (untrusted) networks.
SSH is a mature technology that has many interested features and capabilities, well beyond a command line interface to a system:
A. SCP and SFTP for file transfer is encrypted using the same mechanisms in SSH
B. rsync can use SSH as the connection between synchronization of files between systems
C. Port forwarding is one of the most powerful and overlooked capabilities, I'll post a link to a presentation on SSH in an upcoming blog entry.
However, a poorly configured SSH scenario only gives users and administrators an illusion and assumption of security, For example, if no one actually checks or validates the server key that is presented at an initial connection from an SSH client, the user really has no idea whether they are connecting to a hostile server that is capturing all your communications. This scenario is typically referred to as MITM, or "man in the middle" attack.
Friday, April 1, 2016
Blacksmith, Jedi, and Ethics
Great time at ISSA Chapter - talking about blacksmithing, making your own light saber, and including ethics considerations in everything you do. Presentation at:
https://drive.google.com/drive/u/0/folders/0B7HntxpE-k80ZUVWZjZSdlFYRzA
The blacksmith forge is http://www.prospecthillforge.com/ . Tell Carl West that Shukong sent you.
https://drive.google.com/drive/u/0/folders/0B7HntxpE-k80ZUVWZjZSdlFYRzA
The blacksmith forge is http://www.prospecthillforge.com/ . Tell Carl West that Shukong sent you.