Extending OpenStack


Book Description

Discover new opportunities to empower your private cloud by making the most of the OpenStack universe Key Features This practical guide teaches you how to extend the core functionalities of OpenStack Discover OpenStack's flexibility by writing custom applications and network plugins Deploy a containerized environment in OpenStack through a hands-on and example-driven approach Book Description OpenStack is a very popular cloud computing platform that has enabled several organizations during the last few years to successfully implement their Infrastructure as a Service (IaaS) platforms. This book will guide you through new features of the latest OpenStack releases and how to bring them into production straightaway in an agile way. It starts by showing you how to expand your current OpenStack setup and how to approach your next OpenStack Data Center generation deployment. You will discover how to extend your storage and network capacity and also take advantage of containerization technology such as Docker and Kubernetes in OpenStack. Additionally, you'll explore the power of big data as a Service terminology implemented in OpenStack by integrating the Sahara project. This book will teach you how to build Hadoop clusters and launch jobs in a very simple way. Then you'll automate and deploy applications on top of OpenStack. You will discover how to write your own plugin in the Murano project. The final part of the book will go through best practices for security such as identity, access management, and authentication exposed by Keystone in OpenStack. By the end of this book, you will be ready to extend and customize your private cloud based on your requirements. What you will learn Explore new incubated projects in the OpenStack ecosystem and see how they work Architect your OpenStack private cloud with extended features of the latest versions Consolidate OpenStack authentication in your large infrastructure to avoid complexity Find out how to expand your computing power in OpenStack on a large scale Reduce your OpenStack storage cost management by taking advantage of external tools Provide easy, on-demand, cloud-ready applications to developers using OpenStack in no time Enter the big data world and find out how to launch elastic jobs easily in OpenStack Boost your extended OpenStack private cloud performance through real-world scenarios Who this book is for This book is for system administrators, cloud architects, and developers who have experience working with OpenStack and are ready to step up and extend its functionalities. A good knowledge of basic OpenStack components is required. In addition, familiarity with Linux boxes and a good understanding of network and virtualization jargon is required.




Mastering OpenStack


Book Description

This comprehensive guide will help you to choose the right practical option and make strategic decisions about the OpenStack cloud environment to fit your infrastructure in production. At the start, this book will explain the OpenStack core architecture. You will soon be shown how to create your own OpenStack private cloud. Next, you will move on to cover the key security layer and network troubleshooting skills, along with some advanced networking features. Finally, you will gain experience of centralizing and logging OpenStack. The book will show you how to carry out performance tuning based on OpenStack service logs. By the end of this book, you will be ready to take steps to deploy and manage an OpenStack cloud with the latest open source technologies.




Network and System Security


Book Description

This book constitutes the proceedings of the 8th International Conference on Network and System Security, NSS 2014, held in Xi'an, China, in October 2014. The 35 revised full papers and 12 revised short papers presented were carefully reviewed and selected from 155 initial submissions. The papers are organized in topical sections on cloud computing, access control, network security, security analysis, public key cryptography, system security, privacy-preserving systems and biometrics, and key management and distribution.




Cloud Security Auditing


Book Description

This book provides a comprehensive review of the most up to date research related to cloud security auditing and discusses auditing the cloud infrastructure from the structural point of view, while focusing on virtualization-related security properties and consistency between multiple control layers. It presents an off-line automated framework for auditing consistent isolation between virtual networks in OpenStack-managed cloud spanning over overlay and layer 2 by considering both cloud layers’ views. A runtime security auditing framework for the cloud with special focus on the user-level including common access control and authentication mechanisms e.g., RBAC, ABAC and SSO is covered as well. This book also discusses a learning-based proactive security auditing system, which extracts probabilistic dependencies between runtime events and applies such dependencies to proactively audit and prevent security violations resulting from critical events. Finally, this book elaborates the design and implementation of a middleware as a pluggable interface to OpenStack for intercepting and verifying the legitimacy of user requests at runtime. Many companies nowadays leverage cloud services for conducting major business operations (e.g., Web service, inventory management, customer service, etc.). However, the fear of losing control and governance still persists due to the inherent lack of transparency and trust in clouds. The complex design and implementation of cloud infrastructures may cause numerous vulnerabilities and misconfigurations, while the unique properties of clouds (elastic, self-service, multi-tenancy) can bring novel security challenges. In this book, the authors discuss how state-of-the-art security auditing solutions may help increase cloud tenants’ trust in the service providers by providing assurance on the compliance with the applicable laws, regulations, policies, and standards. This book introduces the latest research results on both traditional retroactive auditing and novel (runtime and proactive) auditing techniques to serve different stakeholders in the cloud. This book covers security threats from different cloud abstraction levels and discusses a wide-range of security properties related to cloud-specific standards (e.g., Cloud Control Matrix (CCM) and ISO 27017). It also elaborates on the integration of security auditing solutions into real world cloud management platforms (e.g., OpenStack, Amazon AWS and Google GCP). This book targets industrial scientists, who are working on cloud or security-related topics, as well as security practitioners, administrators, cloud providers and operators.Researchers and advanced-level students studying and working in computer science, practically in cloud security will also be interested in this book.




Advances in Service-Oriented and Cloud Computing


Book Description

This volume contains the technical papers presented in the seven high-quality workshops associated with the European Conference on Service-Oriented and Cloud Computing, ESOCC 2015, held in Taormina, Italy, in September 2015: Third International Workshop on Cloud for IoT (CLloT 2015), 5th International Workshop on Adaptive Services for the Future Internet (WAS4FI 2015), Second Workshop on Seamless Adaptive Multi-cloud Management of Service-Based Applications (SeaClouds 2015), First International Workshop on Cloud Adoption and Migration (CloudWay 2015), First International Workshop on Digital Enterprise Architecture and Engineering (IDEA 2015), First Workshop on Federated Cloud Networking (FedCloudNet 2015). Abstracts of the presentations held at the European Projects Forum (EU Projects 2015) are included in the back matter of this volume. The 25 full papers and 6 short papers were carefully reviewed and selected from 48 submissions. They focus on specific topics in service-oriented and cloud computing domains such as limits and /or advantages of existing cloud solutions, Future Internet technologies, efficient and adaptive deployment and management of service-based applications across multiple clouds, novel cloud service migration practices and solutions, digitization of enterprises in the cloud computing era, federated cloud networking services.




Smart Innovations in Engineering and Technology


Book Description

This easy-to-understand book discusses applications of current technologies and the foundations for their extension into emerging areas in the future. It includes research presented at two conferences: 5th International IBM Cloud Academy Conference, 2017, held in Wrocław, Poland. 5th Asia‐Pacific Conference on Computer Assisted and System Engineering, 2017, held in Guilin, China. These conferences focused on system and application engineering, including achievements in the interdisciplinary topics of cloud computing, big data, IoT and mobile communications. Featuring 19 chapters, the book has the potential to influence current and future research and applications combining the best attributes of computing, mathematics, artificial intelligence, biometrics and software engineering to create a comprehensive research application domain.




Information and Communications Security


Book Description

This book constitutes the refereed proceedings of the 18th International Conference on Information and Communications Security, ICISC 2016, held in Singapore, Singapore, in November/December 2016. The 20 revised full papers and 16 short papers presented were carefully selected from 60 submissions. The papers cover topics such as IoT security; cloud security; applied cryptography; attack behaviour analytics; authentication and authorization; engineering issues of cryptographic and security systems; privacy protection; risk evaluation and security; key management and language-based security; and network security.




ACI Advanced Monitoring and Troubleshooting


Book Description

Advanced real-world Cisco Application Centric Infrastructure (ACI) monitoring and troubleshooting Forewords written by Yusuf Bhaiji, Director of Certifications, Cisco Systems; and Ronak Desai, VP of Engineering for the Data Center Networking Business Unit, Cisco Systems. This expert guide and reference will help you confidently deploy, support, monitor, and troubleshoot ACI fabrics and components. It is also designed to help you prepare for your Cisco DCACIA (300-630) exam, earning Cisco Certified Specialist–ACI Advanced Implementation certification and credit toward CCNP Data Center certification if you choose. Authored by three leading Cisco ACI experts, it combines a solid conceptual foundation, in-depth technical knowledge, and practical techniques. It also contains proven features to help exam candidates prepare, including review questions in most chapters, and Key Topic icons highlighting concepts covered on the exam. The authors thoroughly introduce ACI functions, components, policies, command-line interfaces, connectivity, fabric design, virtualization and service integration, automation, orchestration, and more. Next, they introduce best practices for monitoring and management, including the use of faults, health scores, tools, the REST API, in-band and out-of-band management techniques, and monitoring protocols. Proven configurations are provided, with steps for verification. Finally, they present advanced forwarding and troubleshooting techniques for maximizing ACI performance and value. ACI Advanced Monitoring and Troubleshooting is an indispensable resource for every data center architect, engineer, developer, network or virtualization administrator, and operations team member working in ACI environments. Understand Cisco ACI core functions, components, and protocols Apply the ACI Policy-Based Object Model to develop overall application frameworks Use command-line interfaces to manage and monitor Cisco ACI systems Master proven options for ACI physical and logical fabric design Establish connectivity for compute, storage, and service devices, switches, and routers Gain visibility into virtualization layers through VMM, and integrate hypervisors from multiple vendors Seamlessly integrate Layer 4 to Layer 7 services such as load balancing and firewalling Automate and orchestrate for fast deployment with the REST API, scripting, and Ansible Minimize downtime and maximize ROI through more effective monitoring and configuration Thoroughly master concepts and techniques for advanced ACI and VXLAN forwarding Build deep practical expertise for quickly troubleshooting critical events Gain quick visibility into traffic flows and streamline problem isolation with the ACI Visibility & Troubleshooting Tool Walk through multiple real-world troubleshooting scenarios step-by-step This book is part of the Networking Technology Series from Cisco Press, which offers networking professionals valuable information for constructing efficient networks, understanding new technologies, and building successful careers.




Computer Security – ESORICS 2016


Book Description

The two-volume set, LNCS 9878 and 9879 constitutes the refereed proceedings of the 21st European Symposium on Research in Computer Security, ESORICS 2016, held in Heraklion, Greece, in September 2016. The 60 revised full papers presented were carefully reviewed and selected from 285 submissions. The papers cover a wide range of topics in security and privacy, including data protection: systems security, network security, access control, authentication, and security in such emerging areas as cloud computing, cyber-physical systems, and the Internet of Things.




DevOps for Networking


Book Description

Boost your organization's growth by incorporating networking in the DevOps culture About This Book Implement networking fundamentals to the DevOps culture with ease, improving your organization's stability Leverage various open source tools such as Puppet and Ansible in order to automate your network This step-by-step learning guide collaborating the functions of developers and network administrators Who This Book Is For The book is aimed for Network Engineers, Developers, IT operations and System admins who are planning to incorporate Networking in DevOps culture and have no knowledge about it. What You Will Learn Learn about public and private cloud networking using AWS and OpenStack as examples Explore strategies that can be used by engineers or managers to initiate the cultural changes required to enable the automation of network functions Learn about SDN and how an API-driven approach to networking can help solve common networking problems Get the hang of configuration management tools, such as Ansible and Jenkins, that can be used to orchestrate and configure network devices Setup continuous integration, delivery, and deployment pipelines for network functions Create test environments for network changes Understand how load balancing is becoming more software defined with the emergence of microservice applications In Detail Frustrated that your company's network changes are still a manual set of activities that slow developers down? It doesn't need to be that way any longer, as this book will help your company and network teams embrace DevOps and continuous delivery approaches, enabling them to automate all network functions. This book aims to show readers network automation processes they could implement in their organizations. It will teach you the fundamentals of DevOps in networking and how to improve DevOps processes and workflows by providing automation in your network. You will be exposed to various networking strategies that are stopping your organization from scaling new projects quickly. You will see how SDN and APIs are influencing DevOps transformations, which will in turn help you improve the scalability and efficiency of your organizations networks operations. You will also find out how to leverage various configuration management tools such as Ansible, to automate your network. The book will also look at containers and the impact they are having on networking as well as looking at how automation impacts network security in a software-defined network. Style and approach This will be a comprehensive, learning guide for teaching our readers how networking can be leveraged to improve the DevOps culture for any organization.