SlideShare una empresa de Scribd logo

vmaf deployement & upgrade for software projects

Descargar como PPTX, PDF
Thierry Gayet
Thierry Gayet

vmaf deployement & upgrade for software projects

Software
1 de 39
lundi 13 mars 2023 VMAF DEPLOYMENT & UPGRADE Thierry GAYET
 Because the VMAF server will need to de deployed to bytel, the question on how NN6 will deliver the firmware is now an actual question.  In order to not be too specific to TESTTREE, a thinking have been done in order to see how server may be install or upgraded by using generic and common way to proceed. GOAL / INTRODUCTION 2
INTRODUCTION
VMAF – ARCH. 4 STREAMPROBE Rabbit MQ VMAF Pool of vmaf ip address (scalling) HTTPS REST API + OAUTH2 PROTOCOL : HTTPS IPV4(s) PORTS OAUTH2 TOKEN IPV4 PORT USERNAME PASSWORD QUEUE_NAME
 The streamprobe gray interface manage :  Database (mariadb start/stop, reset db  Network (ip interfaces, DNS, NTP  Security (iptables, ldaps, fail2ban, rsyslog)  Storage (fstab, create partition, format, LUKS encryption)  Upgrade  Boot  Actions (reboot,shutdown, hardware inventory STREAMPROBE’S BUILDROOT 5
 The VMAF appliance should not be specific to testtree bu must be usable by any project  That’s why the vmaf appliance has been designed with standard interfaces :  A standard REST API for commands/ input request  A common message broker (rabbitMQ) for responses GOAL 6
DEVSECOPS CYCLE
DEVSECOPS CYCLE 8
DEVSECOPS CYCLE 9
DEVSECOPS CYCLE 10
NEW APPROACH FOR UPGRADING
12 INTERNET CUSTOMER NOSQL DB BACKEND FRONTEND / GUI DOCKER REGISTRY PACKAGE REGISTRY LICENCE REGISTRY PRODUCTION INTEGRATION DEVELOPMENT NN6 NETWORK MQTT MQTT CLIENT GITLAB-CI/CD
 A customer :  View all of his devices with their version and licence  View all release in relation of the devices  Can synchronise upgrade items with the cutomer upgrade appliance  Can download upgrade items within a pgp encrypted archive  Can launch an upgrade process from the main ui to the customer’s site  NN6 team :  View all device with their current release  Locate all customer on a worldmap  Investigate on equipment using encrypted vpn (over a ssl tummel) REQUIREMENTS 13
14 SECURED NETWORK DMZ INTERNET NN6 NETWORK DOCKER REGISTRY (CUSTOMER) UPGRADE BACKEND • HELM / CHART • PROVISIONNING (ANSIBLE, SALT STACK, … ) • … …. manual deploy DOCKER REGISTRY (PROD) MQTT broker MQTT CLIENT registry monitoring Manual/auto docker sync Docker push (subscribe) (publish) https://mqtt.enensys.com dockerregistry.enensys.com CUSTOMER NETWORK BACKEND FRONTEND / GUI NOSQL DB https://dashboard.enensys.com MQTT CLIENT PACKAGE REGISTRY (PROD) DOCKER REGISTRY (CUSTOMER) Package push packerregistry.enensys.com LOCAL GUI LICENCE REGISTRY lm.enensys.com LICENCE CUSTOMER) UPGRADE APPLIANCE
INSTALLING A SERVER
 Streamprobe  Baremetal  Native BIOS : boot from usb key generated from the img  Idrack (DELL) : using the img key  Ipmi (SUPERMICRO) : boot from usb key generated from the img  VMWARE ESXI  Ova image  Mediacast  Baremetal (supermicro)  VMWARE ESXI  Boot from an ISO image then launch an installer that register RPMS Inventory of the way to install (1/2) 16
 Smartgate vt / vt2  Baremetal :  Boot from ISO image then install docker (docker swarm orchestrator)  VMWARE ESXI  Boot from ISO image then install packages  eBox (medicast Mobile + lte gcsas server)  Fedora image install manually then install qemu images (gcow2) Inventory of the way to install (2/2) 17
 Which ALMA release V8 or v9 ?  Using an ISO image burn on an USB key, or directly the ISO image (http://mirror.almalinux.ikoula.com/9.2/isos/x86_64/)  Compatible with:  VMWARE ESXI  BAREMETAL  IDRACK (DELL)  IPMI (SUPERMICRO) ALMA 18
 May use ALMA linux but we require ALPINE as possible  Does not need any base install  HELM/CHARTs is the best deployment method to push docker container and/or services K8S 19
UPGRADING A SERVER
 A customer may :  Have several location with UPGRADE APPLIANCE  Inventory all local appliance (by type/release)  Thus, upgrade may control several point through MQTT connexion Requrements 21
22 SECURED NETWORK DMZ INTERNET NN6 NETWORK DOCKER REGISTRY (CUSTOMER) UPGRADE BACKEND • HELM / CHART • PROVISIONNING (ANSIBLE, SALT STACK, … ) • … …. manual deploy DOCKER REGISTRY (PROD) MQTT broker MQTT CLIENT registry monitoring Manual/auto docker sync Docker push (subscribe) (publish) https://mqtt.enensys.com dockerregistry.enensys.com CUSTOMER NETWORK BACKEND NOSQL DB https://dashboard.enensys.com MQTT CLIENT PACKAGE REGISTRY (PROD) DOCKER REGISTRY (CUSTOMER) Package push packerregistry.enensys.com LOCAL GUI LICENCE REGISTRY lm.enensys.com LICENCE CUSTOMER) FRONTEND / GUI UPGRADE APPLIANCE Licence push Architecture based on an ALMA OS Architecture based on an ALMA OS ALMA OS
23 SECURED NETWORK DMZ INTERNET NN6 NETWORK DOCKER REGISTRY (CUSTOMER) UPGRADE BACKEND • HELM / CHART • PROVISIONNING (ANSIBLE, SALT STACK, … ) • … …. manual deploy DOCKER REGISTRY (PROD) MQTT broker MQTT CLIENT registry monitoring Manual/auto docker sync Docker push (subscribe) (publish) https://mqtt.enensys.com dockerregistry.enensys.com CUSTOMER NETWORK BACKEND NOSQL DB https://dashboard.enensys.com MQTT CLIENT PACKAGE REGISTRY (PROD) DOCKER REGISTRY (CUSTOMER) Package push packerregistry.enensys.com LOCAL GUI LICENCE REGISTRY lm.enensys.com LICENCE CUSTOMER) FRONTEND / GUI UPGRADE APPLIANCE Licence push Architecture based on Kubernetes (K8S) K8S
Upgrade for customer network connected to Internet (ONLINE)
25 SECURED NETWORK DMZ INTERNET NN6 NETWORK DOCKER REGISTRY (CUSTOMER) UPGRADE BACKEND • HELM / CHART • PROVISIONNING (ANSIBLE, SALT STACK, … ) • … …. manual deploy DOCKER REGISTRY (PROD) MQTT broker MQTT CLIENT registry monitoring Manual/auto docker sync Docker push (subscribe) (publish) https://mqtt.enensys.com dockerregistry.enensys.com CUSTOMER NETWORK BACKEND NOSQL DB https://dashboard.enensys.com MQTT CLIENT PACKAGE REGISTRY (PROD) DOCKER REGISTRY (CUSTOMER) Package push packerregistry.enensys.com LOCAL GUI LICENCE REGISTRY lm.enensys.com LICENCE CUSTOMER) 0. At the very beginning the customer network (DMZ) subscribe to the MQTT FRONTEND / GUI UPGRADE APPLIANCE Licence push
26 SECURED NETWORK DMZ INTERNET NN6 NETWORK DOCKER REGISTRY (CUSTOMER) UPGRADE BACKEND • HELM / CHART • PROVISIONNING (ANSIBLE, SALT STACK, … ) • … …. manual deploy DOCKER REGISTRY (PROD) MQTT broker MQTT CLIENT registry monitoring Manual/auto docker sync Docker push (subscribe) (publish) https://mqtt.enensys.com dockerregistry.enensys.com CUSTOMER NETWORK BACKEND NOSQL DB https://dashboard.enensys.com MQTT CLIENT PACKAGE REGISTRY (PROD) DOCKER REGISTRY (CUSTOMER) Package push packerregistry.enensys.com LOCAL GUI LICENCE REGISTRY lm.enensys.com LICENCE CUSTOMER) 1. A new firwmare is released officially, an email may be sent to the customer by the backend FRONTEND / GUI UPGRADE APPLIANCE Licence push
27 SECURED NETWORK DMZ INTERNET NN6 NETWORK DOCKER REGISTRY (CUSTOMER) UPGRADE BACKEND • HELM / CHART • PROVISIONNING (ANSIBLE, SALT STACK, … ) • … …. manual deploy DOCKER REGISTRY (PROD) MQTT broker MQTT CLIENT registry monitoring Manual/auto docker sync Docker push (subscribe) (publish) https://mqtt.enensys.com dockerregistry.enensys.com CUSTOMER NETWORK BACKEND FRONTEND / GUI NOSQL DB https://dashboard.enensys.com MQTT CLIENT PACKAGE REGISTRY (PROD) DOCKER REGISTRY (CUSTOMER) Package push packerregistry.enensys.com LOCAL GUI LICENCE REGISTRY lm.enensys.com LICENCE CUSTOMER) 2. The backend will detect a new release for a customer devices and send an email may be sent to the customer by the backend UPGRADE APPLIANCE Licence push
28 SECURED NETWORK DMZ INTERNET NN6 NETWORK DOCKER REGISTRY (CUSTOMER) UPGRADE BACKEND • HELM / CHART • PROVISIONNING (ANSIBLE, SALT STACK, … ) • … …. manual deploy DOCKER REGISTRY (PROD) MQTT broker MQTT CLIENT registry monitoring Manual/auto docker sync Docker push (subscribe) (publish) https://mqtt.enensys.com dockerregistry.enensys.com CUSTOMER NETWORK BACKEND FRONTEND / GUI NOSQL DB https://dashboard.enensys.com MQTT CLIENT PACKAGE REGISTRY (PROD) DOCKER REGISTRY (CUSTOMER) Package push packerregistry.enensys.com LOCAL GUI LICENCE REGISTRY lm.enensys.com LICENCE CUSTOMER) 3. Now, the customer check his dashboard of all its devices and the release note and can decide which on to upgrade (just on, a subset or all) UPGRADE APPLIANCE Licence push
29 SECURED NETWORK DMZ INTERNET NN6 NETWORK DOCKER REGISTRY (CUSTOMER) UPGRADE BACKEND • HELM / CHART • PROVISIONNING (ANSIBLE, SALT STACK, … ) • … …. manual deploy DOCKER REGISTRY (PROD) MQTT broker MQTT CLIENT registry monitoring Manual/auto docker sync Docker push (subscribe) (publish) https://mqtt.enensys.com dockerregistry.enensys.com CUSTOMER NETWORK BACKEND NOSQL DB https://dashboard.enensys.com MQTT CLIENT PACKAGE REGISTRY (PROD) DOCKER REGISTRY (CUSTOMER) Package push packerregistry.enensys.com LOCAL GUI LICENCE REGISTRY lm.enensys.com LICENCE CUSTOMER) 5. A message is sent to the upgrade appliance by sending a message throught MQTT. FRONTEND / GUI UPGRADE APPLIANCE Licence push
30 SECURED NETWORK DMZ INTERNET NN6 NETWORK DOCKER REGISTRY (CUSTOMER) UPGRADE BACKEND • HELM / CHART • PROVISIONNING (ANSIBLE, SALT STACK, … ) • … …. manual deploy DOCKER REGISTRY (PROD) MQTT broker MQTT CLIENT registry monitoring Manual/auto docker sync Docker push (subscribe) (publish) https://mqtt.enensys.com dockerregistry.enensys.com CUSTOMER NETWORK BACKEND NOSQL DB https://dashboard.enensys.com MQTT CLIENT PACKAGE REGISTRY (PROD) DOCKER REGISTRY (CUSTOMER) Package push packerregistry.enensys.com LOCAL GUI LICENCE REGISTRY lm.enensys.com LICENCE CUSTOMER) 6. A synchronisation is done to get the new firmware (docker, package, licences, … ) FRONTEND / GUI UPGRADE APPLIANCE Licence push
31 SECURED NETWORK DMZ INTERNET NN6 NETWORK DOCKER REGISTRY (CUSTOMER) UPGRADE BACKEND • HELM / CHART • PROVISIONNING (ANSIBLE, SALT STACK, … ) • … …. manual deploy DOCKER REGISTRY (PROD) MQTT broker MQTT CLIENT registry monitoring Manual/auto docker sync Docker push (subscribe) (publish) https://mqtt.enensys.com dockerregistry.enensys.com CUSTOMER NETWORK BACKEND NOSQL DB https://dashboard.enensys.com MQTT CLIENT PACKAGE REGISTRY (PROD) DOCKER REGISTRY (CUSTOMER) Package push packerregistry.enensys.com LOCAL GUI LICENCE REGISTRY lm.enensys.com LICENCE CUSTOMER) 7. Finaly the upgrade appliance upgrade all devices (by set, not all in the same time), then send a feedback over MQTT to NN6 (for the support team). FRONTEND / GUI UPGRADE APPLIANCE Licence push
Upgrade for customer network not connected to Internet (OFFLINE)
33 SECURED NETWORK DMZ INTERNET NN6 NETWORK DOCKER REGISTRY (CUSTOMER) UPGRADE BACKEND • HELM / CHART • PROVISIONNING (ANSIBLE, SALT STACK, … ) • … …. manual deploy DOCKER REGISTRY (PROD) MQTT broker MQTT CLIENT registry monitoring Docker push https://mqtt.enensys.com dockerregistry.enensys.com CUSTOMER NETWORK BACKEND NOSQL DB https://dashboard.enensys.com MQTT CLIENT PACKAGE REGISTRY (PROD) DOCKER REGISTRY (CUSTOMER) Package push packerregistry.enensys.com LOCAL GUI LICENCE REGISTRY lm.enensys.com LICENCE CUSTOMER) 1. A new firwmare is released officially, an email may be sent to the customer by the backend FRONTEND / GUI UPGRADE APPLIANCE
34 SECURED NETWORK DMZ INTERNET NN6 NETWORK DOCKER REGISTRY (CUSTOMER) UPGRADE BACKEND • HELM / CHART • PROVISIONNING (ANSIBLE, SALT STACK, … ) • … …. manual deploy DOCKER REGISTRY (PROD) MQTT broker MQTT CLIENT registry monitoring Docker push https://mqtt.enensys.com dockerregistry.enensys.com CUSTOMER NETWORK BACKEND NOSQL DB https://dashboard.enensys.com MQTT CLIENT PACKAGE REGISTRY (PROD) DOCKER REGISTRY (CUSTOMER) Package push packerregistry.enensys.com LOCAL GUI LICENCE REGISTRY lm.enensys.com LICENCE CUSTOMER) 2. The backend will detect a new release for a customer devices and send an email may be sent to the customer by the backend FRONTEND / GUI UPGRADE APPLIANCE Licence push
35 SECURED NETWORK DMZ INTERNET NN6 NETWORK DOCKER REGISTRY (CUSTOMER) UPGRADE BACKEND • HELM / CHART • PROVISIONNING (ANSIBLE, SALT STACK, … ) • … …. manual deploy DOCKER REGISTRY (PROD) MQTT broker MQTT CLIENT registry monitoring Docker push https://mqtt.enensys.com dockerregistry.enensys.com CUSTOMER NETWORK BACKEND FRONTEND / GUI NOSQL DB https://dashboard.enensys.com MQTT CLIENT PACKAGE REGISTRY (PROD) DOCKER REGISTRY (CUSTOMER) Package push packerregistry.enensys.com LOCAL GUI LICENCE REGISTRY lm.enensys.com LICENCE CUSTOMER) 3. Now, the customer check his dashboard of all its devices and the release note and can decide which on to upgrade (just on, a subset or all) UPGRADE APPLIANCE Licence push
36 SECURED NETWORK DMZ INTERNET NN6 NETWORK DOCKER REGISTRY (CUSTOMER) UPGRADE BACKEND • HELM / CHART • PROVISIONNING (ANSIBLE, SALT STACK, … ) • … …. manual deploy DOCKER REGISTRY (PROD) MQTT broker MQTT CLIENT registry monitoring Docker push https://mqtt.enensys.com dockerregistry.enensys.com CUSTOMER NETWORK BACKEND NOSQL DB https://dashboard.enensys.com MQTT CLIENT PACKAGE REGISTRY (PROD) DOCKER REGISTRY (CUSTOMER) Package push packerregistry.enensys.com LOCAL GUI LICENCE REGISTRY lm.enensys.com LICENCE CUSTOMER) 4. An encrypted (pgp) tarball is now downloaded PGP TARBALL download ENCRYPTED TARBALL (static update) Generate FRONTEND / GUI UPGRADE APPLIANCE Licence push
37 SECURED NETWORK DMZ INTERNET NN6 NETWORK DOCKER REGISTRY (CUSTOMER) UPGRADE BACKEND • HELM / CHART • PROVISIONNING (ANSIBLE, SALT STACK, … ) • … …. manual deploy DOCKER REGISTRY (PROD) MQTT broker MQTT CLIENT registry monitoring Docker push https://mqtt.enensys.com dockerregistry.enensys.com CUSTOMER NETWORK BACKEND NOSQL DB https://dashboard.enensys.com MQTT CLIENT PACKAGE REGISTRY (PROD) DOCKER REGISTRY (CUSTOMER) Package push packerregistry.enensys.com LOCAL GUI LICENCE REGISTRY lm.enensys.com LICENCE CUSTOMER) ENCRYPTED TARBALL (static update) FRONTEND / GUI UPGRADE APPLIANCE Licence push 5. Now the cutomer can upload the encrypted (pgp) tarball that contains all update for the customer’s devices. Upload
38 SECURED NETWORK DMZ INTERNET NN6 NETWORK DOCKER REGISTRY (CUSTOMER) UPGRADE BACKEND • HELM / CHART • PROVISIONNING (ANSIBLE, SALT STACK, … ) • … …. manual deploy DOCKER REGISTRY (PROD) MQTT broker MQTT CLIENT registry monitoring Manual/auto docker sync Docker push (subscribe) (publish) https://mqtt.enensys.com dockerregistry.enensys.com CUSTOMER NETWORK BACKEND NOSQL DB https://dashboard.enensys.com MQTT CLIENT PACKAGE REGISTRY (PROD) DOCKER REGISTRY (CUSTOMER) Package push packerregistry.enensys.com LOCAL GUI LICENCE REGISTRY lm.enensys.com LICENCE CUSTOMER) 6. Finaly the upgrade appliance upgrade all devices (by set, not all in the same time) ; it may be interesting to got a feedback on the serveur upgraded ! FRONTEND / GUI UPGRADE APPLIANCE Licence push
ENENSYS 4A rue des Buttes CS 37734 35 577 Cesson-Sévigné – France Phone (+33) 1 70 72 51 70 Email contact@test-tree.com www.enensys.com 39

Recomendados

VMworld 2013: How to Exchange Status Message Between Guest and Host Using RPC
VMworld 2013: How to Exchange Status Message Between Guest and Host Using RPC VMworld 2013: How to Exchange Status Message Between Guest and Host Using RPC
VMworld 2013: How to Exchange Status Message Between Guest and Host Using RPC VMworld
 
How Zalando runs Kubernetes clusters at scale on AWS - AWS re:Invent
How Zalando runs Kubernetes clusters at scale on AWS - AWS re:InventHow Zalando runs Kubernetes clusters at scale on AWS - AWS re:Invent
How Zalando runs Kubernetes clusters at scale on AWS - AWS re:InventHenning Jacobs
 
VMworld Europe 204: Technical Deep Dive on EVO: RAIL, the new VMware Hyper-Co...
VMworld Europe 204: Technical Deep Dive on EVO: RAIL, the new VMware Hyper-Co...VMworld Europe 204: Technical Deep Dive on EVO: RAIL, the new VMware Hyper-Co...
VMworld Europe 204: Technical Deep Dive on EVO: RAIL, the new VMware Hyper-Co...VMworld
 
What_s_New_in_OpenShift_Container_Platform_4.6.pdf
What_s_New_in_OpenShift_Container_Platform_4.6.pdfWhat_s_New_in_OpenShift_Container_Platform_4.6.pdf
What_s_New_in_OpenShift_Container_Platform_4.6.pdfchalermpany
 
Network performance test plan_v0.3
Network performance test plan_v0.3Network performance test plan_v0.3
Network performance test plan_v0.3David Pasek
 
Network Design patters with Docker
Network Design patters with DockerNetwork Design patters with Docker
Network Design patters with DockerDaniel Finneran
 
FreeSWITCH on Docker
FreeSWITCH on DockerFreeSWITCH on Docker
FreeSWITCH on Docker建澄 吳
 
FreeSWITCH on Docker
FreeSWITCH on DockerFreeSWITCH on Docker
FreeSWITCH on DockerChien Cheng Wu
 

Recomendados

VMworld 2013: How to Exchange Status Message Between Guest and Host Using RPC
VMworld 2013: How to Exchange Status Message Between Guest and Host Using RPC VMworld 2013: How to Exchange Status Message Between Guest and Host Using RPC
VMworld 2013: How to Exchange Status Message Between Guest and Host Using RPC VMworld
 
How Zalando runs Kubernetes clusters at scale on AWS - AWS re:Invent
How Zalando runs Kubernetes clusters at scale on AWS - AWS re:InventHow Zalando runs Kubernetes clusters at scale on AWS - AWS re:Invent
How Zalando runs Kubernetes clusters at scale on AWS - AWS re:InventHenning Jacobs
 
VMworld Europe 204: Technical Deep Dive on EVO: RAIL, the new VMware Hyper-Co...
VMworld Europe 204: Technical Deep Dive on EVO: RAIL, the new VMware Hyper-Co...VMworld Europe 204: Technical Deep Dive on EVO: RAIL, the new VMware Hyper-Co...
VMworld Europe 204: Technical Deep Dive on EVO: RAIL, the new VMware Hyper-Co...VMworld
 
What_s_New_in_OpenShift_Container_Platform_4.6.pdf
What_s_New_in_OpenShift_Container_Platform_4.6.pdfWhat_s_New_in_OpenShift_Container_Platform_4.6.pdf
What_s_New_in_OpenShift_Container_Platform_4.6.pdfchalermpany
 
Network performance test plan_v0.3
Network performance test plan_v0.3Network performance test plan_v0.3
Network performance test plan_v0.3David Pasek
 
Network Design patters with Docker
Network Design patters with DockerNetwork Design patters with Docker
Network Design patters with DockerDaniel Finneran
 
FreeSWITCH on Docker
FreeSWITCH on DockerFreeSWITCH on Docker
FreeSWITCH on Docker建澄 吳
 
FreeSWITCH on Docker
FreeSWITCH on DockerFreeSWITCH on Docker
FreeSWITCH on DockerChien Cheng Wu
 
Tungsten Fabric Overview
Tungsten Fabric OverviewTungsten Fabric Overview
Tungsten Fabric OverviewMichelle Holley
 
Vsc 71-se-presentation-training
Vsc 71-se-presentation-trainingVsc 71-se-presentation-training
Vsc 71-se-presentation-trainingnarit_ton
 
Kubernetes laravel and kubernetes
Kubernetes laravel and kubernetesKubernetes laravel and kubernetes
Kubernetes laravel and kubernetesWilliam Stewart
 
Cozystack: Free PaaS platform and framework for building clouds
Cozystack: Free PaaS platform and framework for building cloudsCozystack: Free PaaS platform and framework for building clouds
Cozystack: Free PaaS platform and framework for building cloudsAndrei Kvapil
 
Docker Networking - Common Issues and Troubleshooting Techniques
Docker Networking - Common Issues and Troubleshooting TechniquesDocker Networking - Common Issues and Troubleshooting Techniques
Docker Networking - Common Issues and Troubleshooting TechniquesSreenivas Makam
 
DELL (OME) Open Manage Esentials network connections (TCP/UDP ports) and fire...
DELL (OME) Open Manage Esentials network connections (TCP/UDP ports) and fire...DELL (OME) Open Manage Esentials network connections (TCP/UDP ports) and fire...
DELL (OME) Open Manage Esentials network connections (TCP/UDP ports) and fire...David Pasek
 
Next Generation Address Management with VitalQIP - Alcatel-Lucent and Perficient
Next Generation Address Management with VitalQIP - Alcatel-Lucent and PerficientNext Generation Address Management with VitalQIP - Alcatel-Lucent and Perficient
Next Generation Address Management with VitalQIP - Alcatel-Lucent and PerficientPerficient, Inc.
 
The state of the swarm
The state of the swarmThe state of the swarm
The state of the swarmMathieu Buffenoir
 
kubernetes for beginners
kubernetes for beginnerskubernetes for beginners
kubernetes for beginnersDominique Dumont
 
Canary deployment with Traefik and K3S
Canary deployment with Traefik and K3SCanary deployment with Traefik and K3S
Canary deployment with Traefik and K3SJakub Hajek
 
Practical Design Patterns in Docker Networking
Practical Design Patterns in Docker NetworkingPractical Design Patterns in Docker Networking
Practical Design Patterns in Docker NetworkingDocker, Inc.
 
Automação do físico ao NetSecDevOps
Automação do físico ao NetSecDevOpsAutomação do físico ao NetSecDevOps
Automação do físico ao NetSecDevOpsRaul Leite
 
Monitoring CloudStack and components
Monitoring CloudStack and componentsMonitoring CloudStack and components
Monitoring CloudStack and componentsShapeBlue
 
Raisecom GPON Solution Training - Chapter 4 NView_V2.pptx
Raisecom GPON Solution Training - Chapter 4 NView_V2.pptxRaisecom GPON Solution Training - Chapter 4 NView_V2.pptx
Raisecom GPON Solution Training - Chapter 4 NView_V2.pptxJean Carlos Cruz
 
Network Automation Tools
Network Automation ToolsNetwork Automation Tools
Network Automation ToolsEdwin Beekman
 
DCHQ Cloud Application Platform | Linux Containers | Docker PaaS
DCHQ Cloud Application Platform | Linux Containers | Docker PaaSDCHQ Cloud Application Platform | Linux Containers | Docker PaaS
DCHQ Cloud Application Platform | Linux Containers | Docker PaaSdchq
 
Altinity Cluster Manager: ClickHouse Management for Kubernetes and Cloud
Altinity Cluster Manager: ClickHouse Management for Kubernetes and CloudAltinity Cluster Manager: ClickHouse Management for Kubernetes and Cloud
Altinity Cluster Manager: ClickHouse Management for Kubernetes and CloudAltinity Ltd
 
Delivering Docker & K3s worloads to IoT Edge devices
Delivering Docker & K3s worloads to IoT Edge devicesDelivering Docker & K3s worloads to IoT Edge devices
Delivering Docker & K3s worloads to IoT Edge devicesAjeet Singh Raina
 
Time Series Database and Tick Stack
Time Series Database and Tick StackTime Series Database and Tick Stack
Time Series Database and Tick StackGianluca Arbezzano
 
Marriage of Openstack with KVM and ESX at PayPal OpenStack Summit Hong Kong F...
Marriage of Openstack with KVM and ESX at PayPal OpenStack Summit Hong Kong F...Marriage of Openstack with KVM and ESX at PayPal OpenStack Summit Hong Kong F...
Marriage of Openstack with KVM and ESX at PayPal OpenStack Summit Hong Kong F...Scott Carlson
 
Workshop - Architecting Innovative Graph Applications- GraphSummit Milan
Workshop - Architecting Innovative Graph Applications- GraphSummit MilanWorkshop - Architecting Innovative Graph Applications- GraphSummit Milan
Workshop - Architecting Innovative Graph Applications- GraphSummit MilanNeo4j
 
Encryption Recap: A Refresher on Key Concepts
Encryption Recap: A Refresher on Key ConceptsEncryption Recap: A Refresher on Key Concepts
Encryption Recap: A Refresher on Key Conceptsthomashtkim
 

Más contenido relacionado

Similar a vmaf deployement & upgrade for software projects

Tungsten Fabric Overview
Tungsten Fabric OverviewTungsten Fabric Overview
Tungsten Fabric OverviewMichelle Holley
 
Vsc 71-se-presentation-training
Vsc 71-se-presentation-trainingVsc 71-se-presentation-training
Vsc 71-se-presentation-trainingnarit_ton
 
Kubernetes laravel and kubernetes
Kubernetes laravel and kubernetesKubernetes laravel and kubernetes
Kubernetes laravel and kubernetesWilliam Stewart
 
Cozystack: Free PaaS platform and framework for building clouds
Cozystack: Free PaaS platform and framework for building cloudsCozystack: Free PaaS platform and framework for building clouds
Cozystack: Free PaaS platform and framework for building cloudsAndrei Kvapil
 
Docker Networking - Common Issues and Troubleshooting Techniques
Docker Networking - Common Issues and Troubleshooting TechniquesDocker Networking - Common Issues and Troubleshooting Techniques
Docker Networking - Common Issues and Troubleshooting TechniquesSreenivas Makam
 
DELL (OME) Open Manage Esentials network connections (TCP/UDP ports) and fire...
DELL (OME) Open Manage Esentials network connections (TCP/UDP ports) and fire...DELL (OME) Open Manage Esentials network connections (TCP/UDP ports) and fire...
DELL (OME) Open Manage Esentials network connections (TCP/UDP ports) and fire...David Pasek
 
Next Generation Address Management with VitalQIP - Alcatel-Lucent and Perficient
Next Generation Address Management with VitalQIP - Alcatel-Lucent and PerficientNext Generation Address Management with VitalQIP - Alcatel-Lucent and Perficient
Next Generation Address Management with VitalQIP - Alcatel-Lucent and PerficientPerficient, Inc.
 
Canary deployment with Traefik and K3S
Canary deployment with Traefik and K3SCanary deployment with Traefik and K3S
Canary deployment with Traefik and K3SJakub Hajek
 
Practical Design Patterns in Docker Networking
Practical Design Patterns in Docker NetworkingPractical Design Patterns in Docker Networking
Practical Design Patterns in Docker NetworkingDocker, Inc.
 
Automação do físico ao NetSecDevOps
Automação do físico ao NetSecDevOpsAutomação do físico ao NetSecDevOps
Automação do físico ao NetSecDevOpsRaul Leite
 
Monitoring CloudStack and components
Monitoring CloudStack and componentsMonitoring CloudStack and components
Monitoring CloudStack and componentsShapeBlue
 
Raisecom GPON Solution Training - Chapter 4 NView_V2.pptx
Raisecom GPON Solution Training - Chapter 4 NView_V2.pptxRaisecom GPON Solution Training - Chapter 4 NView_V2.pptx
Raisecom GPON Solution Training - Chapter 4 NView_V2.pptxJean Carlos Cruz
 
Network Automation Tools
Network Automation ToolsNetwork Automation Tools
Network Automation ToolsEdwin Beekman
 
DCHQ Cloud Application Platform | Linux Containers | Docker PaaS
DCHQ Cloud Application Platform | Linux Containers | Docker PaaSDCHQ Cloud Application Platform | Linux Containers | Docker PaaS
DCHQ Cloud Application Platform | Linux Containers | Docker PaaSdchq
 
Altinity Cluster Manager: ClickHouse Management for Kubernetes and Cloud
Altinity Cluster Manager: ClickHouse Management for Kubernetes and CloudAltinity Cluster Manager: ClickHouse Management for Kubernetes and Cloud
Altinity Cluster Manager: ClickHouse Management for Kubernetes and CloudAltinity Ltd
 
Delivering Docker & K3s worloads to IoT Edge devices
Delivering Docker & K3s worloads to IoT Edge devicesDelivering Docker & K3s worloads to IoT Edge devices
Delivering Docker & K3s worloads to IoT Edge devicesAjeet Singh Raina
 
Time Series Database and Tick Stack
Time Series Database and Tick StackTime Series Database and Tick Stack
Time Series Database and Tick StackGianluca Arbezzano
 
Marriage of Openstack with KVM and ESX at PayPal OpenStack Summit Hong Kong F...
Marriage of Openstack with KVM and ESX at PayPal OpenStack Summit Hong Kong F...Marriage of Openstack with KVM and ESX at PayPal OpenStack Summit Hong Kong F...
Marriage of Openstack with KVM and ESX at PayPal OpenStack Summit Hong Kong F...Scott Carlson
 

Similar a vmaf deployement & upgrade for software projects (20)

Tungsten Fabric Overview
Tungsten Fabric OverviewTungsten Fabric Overview
Tungsten Fabric Overview
 
Vsc 71-se-presentation-training
Vsc 71-se-presentation-trainingVsc 71-se-presentation-training
Vsc 71-se-presentation-training
 
Kubernetes laravel and kubernetes
Kubernetes laravel and kubernetesKubernetes laravel and kubernetes
Kubernetes laravel and kubernetes
 
Cozystack: Free PaaS platform and framework for building clouds
Cozystack: Free PaaS platform and framework for building cloudsCozystack: Free PaaS platform and framework for building clouds
Cozystack: Free PaaS platform and framework for building clouds
 
Docker Networking - Common Issues and Troubleshooting Techniques
Docker Networking - Common Issues and Troubleshooting TechniquesDocker Networking - Common Issues and Troubleshooting Techniques
Docker Networking - Common Issues and Troubleshooting Techniques
 
DELL (OME) Open Manage Esentials network connections (TCP/UDP ports) and fire...
DELL (OME) Open Manage Esentials network connections (TCP/UDP ports) and fire...DELL (OME) Open Manage Esentials network connections (TCP/UDP ports) and fire...
DELL (OME) Open Manage Esentials network connections (TCP/UDP ports) and fire...
 
Next Generation Address Management with VitalQIP - Alcatel-Lucent and Perficient
Next Generation Address Management with VitalQIP - Alcatel-Lucent and PerficientNext Generation Address Management with VitalQIP - Alcatel-Lucent and Perficient
Next Generation Address Management with VitalQIP - Alcatel-Lucent and Perficient
 
The state of the swarm
The state of the swarmThe state of the swarm
The state of the swarm
 
kubernetes for beginners
kubernetes for beginnerskubernetes for beginners
kubernetes for beginners
 
Canary deployment with Traefik and K3S
Canary deployment with Traefik and K3SCanary deployment with Traefik and K3S
Canary deployment with Traefik and K3S
 
Practical Design Patterns in Docker Networking
Practical Design Patterns in Docker NetworkingPractical Design Patterns in Docker Networking
Practical Design Patterns in Docker Networking
 
Automação do físico ao NetSecDevOps
Automação do físico ao NetSecDevOpsAutomação do físico ao NetSecDevOps
Automação do físico ao NetSecDevOps
 
Monitoring CloudStack and components
Monitoring CloudStack and componentsMonitoring CloudStack and components
Monitoring CloudStack and components
 
Raisecom GPON Solution Training - Chapter 4 NView_V2.pptx
Raisecom GPON Solution Training - Chapter 4 NView_V2.pptxRaisecom GPON Solution Training - Chapter 4 NView_V2.pptx
Raisecom GPON Solution Training - Chapter 4 NView_V2.pptx
 
Network Automation Tools
Network Automation ToolsNetwork Automation Tools
Network Automation Tools
 
DCHQ Cloud Application Platform | Linux Containers | Docker PaaS
DCHQ Cloud Application Platform | Linux Containers | Docker PaaSDCHQ Cloud Application Platform | Linux Containers | Docker PaaS
DCHQ Cloud Application Platform | Linux Containers | Docker PaaS
 
Altinity Cluster Manager: ClickHouse Management for Kubernetes and Cloud
Altinity Cluster Manager: ClickHouse Management for Kubernetes and CloudAltinity Cluster Manager: ClickHouse Management for Kubernetes and Cloud
Altinity Cluster Manager: ClickHouse Management for Kubernetes and Cloud
 
Delivering Docker & K3s worloads to IoT Edge devices
Delivering Docker & K3s worloads to IoT Edge devicesDelivering Docker & K3s worloads to IoT Edge devices
Delivering Docker & K3s worloads to IoT Edge devices
 
Time Series Database and Tick Stack
Time Series Database and Tick StackTime Series Database and Tick Stack
Time Series Database and Tick Stack
 
Marriage of Openstack with KVM and ESX at PayPal OpenStack Summit Hong Kong F...
Marriage of Openstack with KVM and ESX at PayPal OpenStack Summit Hong Kong F...Marriage of Openstack with KVM and ESX at PayPal OpenStack Summit Hong Kong F...
Marriage of Openstack with KVM and ESX at PayPal OpenStack Summit Hong Kong F...
 

Último

Workshop - Architecting Innovative Graph Applications- GraphSummit Milan
Workshop - Architecting Innovative Graph Applications- GraphSummit MilanWorkshop - Architecting Innovative Graph Applications- GraphSummit Milan
Workshop - Architecting Innovative Graph Applications- GraphSummit MilanNeo4j
 
Encryption Recap: A Refresher on Key Concepts
Encryption Recap: A Refresher on Key ConceptsEncryption Recap: A Refresher on Key Concepts
Encryption Recap: A Refresher on Key Conceptsthomashtkim
 
Evolving Data Governance for the Real-time Streaming and AI Era
Evolving Data Governance for the Real-time Streaming and AI EraEvolving Data Governance for the Real-time Streaming and AI Era
Evolving Data Governance for the Real-time Streaming and AI Eraconfluent
 
Alluxio Monthly Webinar | Simplify Data Access for AI in Multi-Cloud
Alluxio Monthly Webinar | Simplify Data Access for AI in Multi-CloudAlluxio Monthly Webinar | Simplify Data Access for AI in Multi-Cloud
Alluxio Monthly Webinar | Simplify Data Access for AI in Multi-CloudAlluxio, Inc.
 
Prompt Engineering - an Art, a Science, or your next Job Title?
Prompt Engineering - an Art, a Science, or your next Job Title?Prompt Engineering - an Art, a Science, or your next Job Title?
Prompt Engineering - an Art, a Science, or your next Job Title?Maxim Salnikov
 
^Clinic ^%[+27788225528*Abortion Pills For Sale In witbank
^Clinic ^%[+27788225528*Abortion Pills For Sale In witbank^Clinic ^%[+27788225528*Abortion Pills For Sale In witbank
^Clinic ^%[+27788225528*Abortion Pills For Sale In witbankkasambamuno
 
Transformer Neural Network Use Cases with Links
Transformer Neural Network Use Cases with LinksTransformer Neural Network Use Cases with Links
Transformer Neural Network Use Cases with LinksJinanKordab
 
Microsoft365_Dev_Security_2024_05_16.pdf
Microsoft365_Dev_Security_2024_05_16.pdfMicrosoft365_Dev_Security_2024_05_16.pdf
Microsoft365_Dev_Security_2024_05_16.pdfMarkus Moeller
 
architecting-ai-in-the-enterprise-apis-and-applications.pdf
architecting-ai-in-the-enterprise-apis-and-applications.pdfarchitecting-ai-in-the-enterprise-apis-and-applications.pdf
architecting-ai-in-the-enterprise-apis-and-applications.pdfWSO2
 
Navigation in flutter – how to add stack, tab, and drawer navigators to your ...
Navigation in flutter – how to add stack, tab, and drawer navigators to your ...Navigation in flutter – how to add stack, tab, and drawer navigators to your ...
Navigation in flutter – how to add stack, tab, and drawer navigators to your ...Flutter Agency
 
Test Automation Design Patterns_ A Comprehensive Guide.pdf
Test Automation Design Patterns_ A Comprehensive Guide.pdfTest Automation Design Patterns_ A Comprehensive Guide.pdf
Test Automation Design Patterns_ A Comprehensive Guide.pdfkalichargn70th171
 
Auto Affiliate AI Earns First Commission in 3 Hours..pdf
Auto Affiliate AI Earns First Commission in 3 Hours..pdfAuto Affiliate AI Earns First Commission in 3 Hours..pdf
Auto Affiliate AI Earns First Commission in 3 Hours..pdfSelfMade bd
 
Weeding your micro service landscape.pdf
Weeding your micro service landscape.pdfWeeding your micro service landscape.pdf
Weeding your micro service landscape.pdftimtebeek1
 
Workshop: Enabling GenAI Breakthroughs with Knowledge Graphs - GraphSummit Milan
Workshop: Enabling GenAI Breakthroughs with Knowledge Graphs - GraphSummit MilanWorkshop: Enabling GenAI Breakthroughs with Knowledge Graphs - GraphSummit Milan
Workshop: Enabling GenAI Breakthroughs with Knowledge Graphs - GraphSummit MilanNeo4j
 
OpenChain Webinar: AboutCode and Beyond - End-to-End SCA
OpenChain Webinar: AboutCode and Beyond - End-to-End SCAOpenChain Webinar: AboutCode and Beyond - End-to-End SCA
OpenChain Webinar: AboutCode and Beyond - End-to-End SCAShane Coughlan
 
^Clinic ^%[+27788225528*Abortion Pills For Sale In harare
^Clinic ^%[+27788225528*Abortion Pills For Sale In harare^Clinic ^%[+27788225528*Abortion Pills For Sale In harare
^Clinic ^%[+27788225528*Abortion Pills For Sale In hararekasambamuno
 
The Evolution of Web App Testing_ An Ultimate Guide to Future Trends.pdf
The Evolution of Web App Testing_ An Ultimate Guide to Future Trends.pdfThe Evolution of Web App Testing_ An Ultimate Guide to Future Trends.pdf
The Evolution of Web App Testing_ An Ultimate Guide to Future Trends.pdfkalichargn70th171
 
Food Delivery Business App Development Guide 2024
Food Delivery Business App Development Guide 2024Food Delivery Business App Development Guide 2024
Food Delivery Business App Development Guide 2024Chirag Panchal
 
Community is Just as Important as Code by Andrea Goulet
Community is Just as Important as Code by Andrea GouletCommunity is Just as Important as Code by Andrea Goulet
Community is Just as Important as Code by Andrea GouletAndrea Goulet
 

Último (20)

Workshop - Architecting Innovative Graph Applications- GraphSummit Milan
Workshop - Architecting Innovative Graph Applications- GraphSummit MilanWorkshop - Architecting Innovative Graph Applications- GraphSummit Milan
Workshop - Architecting Innovative Graph Applications- GraphSummit Milan
 
Encryption Recap: A Refresher on Key Concepts
Encryption Recap: A Refresher on Key ConceptsEncryption Recap: A Refresher on Key Concepts
Encryption Recap: A Refresher on Key Concepts
 
Evolving Data Governance for the Real-time Streaming and AI Era
Evolving Data Governance for the Real-time Streaming and AI EraEvolving Data Governance for the Real-time Streaming and AI Era
Evolving Data Governance for the Real-time Streaming and AI Era
 
Alluxio Monthly Webinar | Simplify Data Access for AI in Multi-Cloud
Alluxio Monthly Webinar | Simplify Data Access for AI in Multi-CloudAlluxio Monthly Webinar | Simplify Data Access for AI in Multi-Cloud
Alluxio Monthly Webinar | Simplify Data Access for AI in Multi-Cloud
 
Prompt Engineering - an Art, a Science, or your next Job Title?
Prompt Engineering - an Art, a Science, or your next Job Title?Prompt Engineering - an Art, a Science, or your next Job Title?
Prompt Engineering - an Art, a Science, or your next Job Title?
 
^Clinic ^%[+27788225528*Abortion Pills For Sale In witbank
^Clinic ^%[+27788225528*Abortion Pills For Sale In witbank^Clinic ^%[+27788225528*Abortion Pills For Sale In witbank
^Clinic ^%[+27788225528*Abortion Pills For Sale In witbank
 
Transformer Neural Network Use Cases with Links
Transformer Neural Network Use Cases with LinksTransformer Neural Network Use Cases with Links
Transformer Neural Network Use Cases with Links
 
Microsoft365_Dev_Security_2024_05_16.pdf
Microsoft365_Dev_Security_2024_05_16.pdfMicrosoft365_Dev_Security_2024_05_16.pdf
Microsoft365_Dev_Security_2024_05_16.pdf
 
architecting-ai-in-the-enterprise-apis-and-applications.pdf
architecting-ai-in-the-enterprise-apis-and-applications.pdfarchitecting-ai-in-the-enterprise-apis-and-applications.pdf
architecting-ai-in-the-enterprise-apis-and-applications.pdf
 
Navigation in flutter – how to add stack, tab, and drawer navigators to your ...
Navigation in flutter – how to add stack, tab, and drawer navigators to your ...Navigation in flutter – how to add stack, tab, and drawer navigators to your ...
Navigation in flutter – how to add stack, tab, and drawer navigators to your ...
 
Abortion Clinic In Pretoria ](+27832195400*)[ 🏥 Safe Abortion Pills in Pretor...
Abortion Clinic In Pretoria ](+27832195400*)[ 🏥 Safe Abortion Pills in Pretor...Abortion Clinic In Pretoria ](+27832195400*)[ 🏥 Safe Abortion Pills in Pretor...
Abortion Clinic In Pretoria ](+27832195400*)[ 🏥 Safe Abortion Pills in Pretor...
 
Test Automation Design Patterns_ A Comprehensive Guide.pdf
Test Automation Design Patterns_ A Comprehensive Guide.pdfTest Automation Design Patterns_ A Comprehensive Guide.pdf
Test Automation Design Patterns_ A Comprehensive Guide.pdf
 
Auto Affiliate AI Earns First Commission in 3 Hours..pdf
Auto Affiliate AI Earns First Commission in 3 Hours..pdfAuto Affiliate AI Earns First Commission in 3 Hours..pdf
Auto Affiliate AI Earns First Commission in 3 Hours..pdf
 
Weeding your micro service landscape.pdf
Weeding your micro service landscape.pdfWeeding your micro service landscape.pdf
Weeding your micro service landscape.pdf
 
Workshop: Enabling GenAI Breakthroughs with Knowledge Graphs - GraphSummit Milan
Workshop: Enabling GenAI Breakthroughs with Knowledge Graphs - GraphSummit MilanWorkshop: Enabling GenAI Breakthroughs with Knowledge Graphs - GraphSummit Milan
Workshop: Enabling GenAI Breakthroughs with Knowledge Graphs - GraphSummit Milan
 
OpenChain Webinar: AboutCode and Beyond - End-to-End SCA
OpenChain Webinar: AboutCode and Beyond - End-to-End SCAOpenChain Webinar: AboutCode and Beyond - End-to-End SCA
OpenChain Webinar: AboutCode and Beyond - End-to-End SCA
 
^Clinic ^%[+27788225528*Abortion Pills For Sale In harare
^Clinic ^%[+27788225528*Abortion Pills For Sale In harare^Clinic ^%[+27788225528*Abortion Pills For Sale In harare
^Clinic ^%[+27788225528*Abortion Pills For Sale In harare
 
The Evolution of Web App Testing_ An Ultimate Guide to Future Trends.pdf
The Evolution of Web App Testing_ An Ultimate Guide to Future Trends.pdfThe Evolution of Web App Testing_ An Ultimate Guide to Future Trends.pdf
The Evolution of Web App Testing_ An Ultimate Guide to Future Trends.pdf
 
Food Delivery Business App Development Guide 2024
Food Delivery Business App Development Guide 2024Food Delivery Business App Development Guide 2024
Food Delivery Business App Development Guide 2024
 
Community is Just as Important as Code by Andrea Goulet
Community is Just as Important as Code by Andrea GouletCommunity is Just as Important as Code by Andrea Goulet
Community is Just as Important as Code by Andrea Goulet
 

vmaf deployement & upgrade for software projects

  • 1. lundi 13 mars 2023 VMAF DEPLOYMENT & UPGRADE Thierry GAYET
  • 2.  Because the VMAF server will need to de deployed to bytel, the question on how NN6 will deliver the firmware is now an actual question.  In order to not be too specific to TESTTREE, a thinking have been done in order to see how server may be install or upgraded by using generic and common way to proceed. GOAL / INTRODUCTION 2
  • 4. VMAF – ARCH. 4 STREAMPROBE Rabbit MQ VMAF Pool of vmaf ip address (scalling) HTTPS REST API + OAUTH2 PROTOCOL : HTTPS IPV4(s) PORTS OAUTH2 TOKEN IPV4 PORT USERNAME PASSWORD QUEUE_NAME
  • 5.  The streamprobe gray interface manage :  Database (mariadb start/stop, reset db  Network (ip interfaces, DNS, NTP  Security (iptables, ldaps, fail2ban, rsyslog)  Storage (fstab, create partition, format, LUKS encryption)  Upgrade  Boot  Actions (reboot,shutdown, hardware inventory STREAMPROBE’S BUILDROOT 5
  • 6.  The VMAF appliance should not be specific to testtree bu must be usable by any project  That’s why the vmaf appliance has been designed with standard interfaces :  A standard REST API for commands/ input request  A common message broker (rabbitMQ) for responses GOAL 6
  • 11. NEW APPROACH FOR UPGRADING
  • 12. 12 INTERNET CUSTOMER NOSQL DB BACKEND FRONTEND / GUI DOCKER REGISTRY PACKAGE REGISTRY LICENCE REGISTRY PRODUCTION INTEGRATION DEVELOPMENT NN6 NETWORK MQTT MQTT CLIENT GITLAB-CI/CD
  • 13.  A customer :  View all of his devices with their version and licence  View all release in relation of the devices  Can synchronise upgrade items with the cutomer upgrade appliance  Can download upgrade items within a pgp encrypted archive  Can launch an upgrade process from the main ui to the customer’s site  NN6 team :  View all device with their current release  Locate all customer on a worldmap  Investigate on equipment using encrypted vpn (over a ssl tummel) REQUIREMENTS 13
  • 14. 14 SECURED NETWORK DMZ INTERNET NN6 NETWORK DOCKER REGISTRY (CUSTOMER) UPGRADE BACKEND • HELM / CHART • PROVISIONNING (ANSIBLE, SALT STACK, … ) • … …. manual deploy DOCKER REGISTRY (PROD) MQTT broker MQTT CLIENT registry monitoring Manual/auto docker sync Docker push (subscribe) (publish) https://mqtt.enensys.com dockerregistry.enensys.com CUSTOMER NETWORK BACKEND FRONTEND / GUI NOSQL DB https://dashboard.enensys.com MQTT CLIENT PACKAGE REGISTRY (PROD) DOCKER REGISTRY (CUSTOMER) Package push packerregistry.enensys.com LOCAL GUI LICENCE REGISTRY lm.enensys.com LICENCE CUSTOMER) UPGRADE APPLIANCE
  • 16.  Streamprobe  Baremetal  Native BIOS : boot from usb key generated from the img  Idrack (DELL) : using the img key  Ipmi (SUPERMICRO) : boot from usb key generated from the img  VMWARE ESXI  Ova image  Mediacast  Baremetal (supermicro)  VMWARE ESXI  Boot from an ISO image then launch an installer that register RPMS Inventory of the way to install (1/2) 16
  • 17.  Smartgate vt / vt2  Baremetal :  Boot from ISO image then install docker (docker swarm orchestrator)  VMWARE ESXI  Boot from ISO image then install packages  eBox (medicast Mobile + lte gcsas server)  Fedora image install manually then install qemu images (gcow2) Inventory of the way to install (2/2) 17
  • 18.  Which ALMA release V8 or v9 ?  Using an ISO image burn on an USB key, or directly the ISO image (http://mirror.almalinux.ikoula.com/9.2/isos/x86_64/)  Compatible with:  VMWARE ESXI  BAREMETAL  IDRACK (DELL)  IPMI (SUPERMICRO) ALMA 18
  • 19.  May use ALMA linux but we require ALPINE as possible  Does not need any base install  HELM/CHARTs is the best deployment method to push docker container and/or services K8S 19
  • 21.  A customer may :  Have several location with UPGRADE APPLIANCE  Inventory all local appliance (by type/release)  Thus, upgrade may control several point through MQTT connexion Requrements 21
  • 22. 22 SECURED NETWORK DMZ INTERNET NN6 NETWORK DOCKER REGISTRY (CUSTOMER) UPGRADE BACKEND • HELM / CHART • PROVISIONNING (ANSIBLE, SALT STACK, … ) • … …. manual deploy DOCKER REGISTRY (PROD) MQTT broker MQTT CLIENT registry monitoring Manual/auto docker sync Docker push (subscribe) (publish) https://mqtt.enensys.com dockerregistry.enensys.com CUSTOMER NETWORK BACKEND NOSQL DB https://dashboard.enensys.com MQTT CLIENT PACKAGE REGISTRY (PROD) DOCKER REGISTRY (CUSTOMER) Package push packerregistry.enensys.com LOCAL GUI LICENCE REGISTRY lm.enensys.com LICENCE CUSTOMER) FRONTEND / GUI UPGRADE APPLIANCE Licence push Architecture based on an ALMA OS Architecture based on an ALMA OS ALMA OS
  • 23. 23 SECURED NETWORK DMZ INTERNET NN6 NETWORK DOCKER REGISTRY (CUSTOMER) UPGRADE BACKEND • HELM / CHART • PROVISIONNING (ANSIBLE, SALT STACK, … ) • … …. manual deploy DOCKER REGISTRY (PROD) MQTT broker MQTT CLIENT registry monitoring Manual/auto docker sync Docker push (subscribe) (publish) https://mqtt.enensys.com dockerregistry.enensys.com CUSTOMER NETWORK BACKEND NOSQL DB https://dashboard.enensys.com MQTT CLIENT PACKAGE REGISTRY (PROD) DOCKER REGISTRY (CUSTOMER) Package push packerregistry.enensys.com LOCAL GUI LICENCE REGISTRY lm.enensys.com LICENCE CUSTOMER) FRONTEND / GUI UPGRADE APPLIANCE Licence push Architecture based on Kubernetes (K8S) K8S
  • 24. Upgrade for customer network connected to Internet (ONLINE)
  • 25. 25 SECURED NETWORK DMZ INTERNET NN6 NETWORK DOCKER REGISTRY (CUSTOMER) UPGRADE BACKEND • HELM / CHART • PROVISIONNING (ANSIBLE, SALT STACK, … ) • … …. manual deploy DOCKER REGISTRY (PROD) MQTT broker MQTT CLIENT registry monitoring Manual/auto docker sync Docker push (subscribe) (publish) https://mqtt.enensys.com dockerregistry.enensys.com CUSTOMER NETWORK BACKEND NOSQL DB https://dashboard.enensys.com MQTT CLIENT PACKAGE REGISTRY (PROD) DOCKER REGISTRY (CUSTOMER) Package push packerregistry.enensys.com LOCAL GUI LICENCE REGISTRY lm.enensys.com LICENCE CUSTOMER) 0. At the very beginning the customer network (DMZ) subscribe to the MQTT FRONTEND / GUI UPGRADE APPLIANCE Licence push
  • 26. 26 SECURED NETWORK DMZ INTERNET NN6 NETWORK DOCKER REGISTRY (CUSTOMER) UPGRADE BACKEND • HELM / CHART • PROVISIONNING (ANSIBLE, SALT STACK, … ) • … …. manual deploy DOCKER REGISTRY (PROD) MQTT broker MQTT CLIENT registry monitoring Manual/auto docker sync Docker push (subscribe) (publish) https://mqtt.enensys.com dockerregistry.enensys.com CUSTOMER NETWORK BACKEND NOSQL DB https://dashboard.enensys.com MQTT CLIENT PACKAGE REGISTRY (PROD) DOCKER REGISTRY (CUSTOMER) Package push packerregistry.enensys.com LOCAL GUI LICENCE REGISTRY lm.enensys.com LICENCE CUSTOMER) 1. A new firwmare is released officially, an email may be sent to the customer by the backend FRONTEND / GUI UPGRADE APPLIANCE Licence push
  • 27. 27 SECURED NETWORK DMZ INTERNET NN6 NETWORK DOCKER REGISTRY (CUSTOMER) UPGRADE BACKEND • HELM / CHART • PROVISIONNING (ANSIBLE, SALT STACK, … ) • … …. manual deploy DOCKER REGISTRY (PROD) MQTT broker MQTT CLIENT registry monitoring Manual/auto docker sync Docker push (subscribe) (publish) https://mqtt.enensys.com dockerregistry.enensys.com CUSTOMER NETWORK BACKEND FRONTEND / GUI NOSQL DB https://dashboard.enensys.com MQTT CLIENT PACKAGE REGISTRY (PROD) DOCKER REGISTRY (CUSTOMER) Package push packerregistry.enensys.com LOCAL GUI LICENCE REGISTRY lm.enensys.com LICENCE CUSTOMER) 2. The backend will detect a new release for a customer devices and send an email may be sent to the customer by the backend UPGRADE APPLIANCE Licence push
  • 28. 28 SECURED NETWORK DMZ INTERNET NN6 NETWORK DOCKER REGISTRY (CUSTOMER) UPGRADE BACKEND • HELM / CHART • PROVISIONNING (ANSIBLE, SALT STACK, … ) • … …. manual deploy DOCKER REGISTRY (PROD) MQTT broker MQTT CLIENT registry monitoring Manual/auto docker sync Docker push (subscribe) (publish) https://mqtt.enensys.com dockerregistry.enensys.com CUSTOMER NETWORK BACKEND FRONTEND / GUI NOSQL DB https://dashboard.enensys.com MQTT CLIENT PACKAGE REGISTRY (PROD) DOCKER REGISTRY (CUSTOMER) Package push packerregistry.enensys.com LOCAL GUI LICENCE REGISTRY lm.enensys.com LICENCE CUSTOMER) 3. Now, the customer check his dashboard of all its devices and the release note and can decide which on to upgrade (just on, a subset or all) UPGRADE APPLIANCE Licence push
  • 29. 29 SECURED NETWORK DMZ INTERNET NN6 NETWORK DOCKER REGISTRY (CUSTOMER) UPGRADE BACKEND • HELM / CHART • PROVISIONNING (ANSIBLE, SALT STACK, … ) • … …. manual deploy DOCKER REGISTRY (PROD) MQTT broker MQTT CLIENT registry monitoring Manual/auto docker sync Docker push (subscribe) (publish) https://mqtt.enensys.com dockerregistry.enensys.com CUSTOMER NETWORK BACKEND NOSQL DB https://dashboard.enensys.com MQTT CLIENT PACKAGE REGISTRY (PROD) DOCKER REGISTRY (CUSTOMER) Package push packerregistry.enensys.com LOCAL GUI LICENCE REGISTRY lm.enensys.com LICENCE CUSTOMER) 5. A message is sent to the upgrade appliance by sending a message throught MQTT. FRONTEND / GUI UPGRADE APPLIANCE Licence push
  • 30. 30 SECURED NETWORK DMZ INTERNET NN6 NETWORK DOCKER REGISTRY (CUSTOMER) UPGRADE BACKEND • HELM / CHART • PROVISIONNING (ANSIBLE, SALT STACK, … ) • … …. manual deploy DOCKER REGISTRY (PROD) MQTT broker MQTT CLIENT registry monitoring Manual/auto docker sync Docker push (subscribe) (publish) https://mqtt.enensys.com dockerregistry.enensys.com CUSTOMER NETWORK BACKEND NOSQL DB https://dashboard.enensys.com MQTT CLIENT PACKAGE REGISTRY (PROD) DOCKER REGISTRY (CUSTOMER) Package push packerregistry.enensys.com LOCAL GUI LICENCE REGISTRY lm.enensys.com LICENCE CUSTOMER) 6. A synchronisation is done to get the new firmware (docker, package, licences, … ) FRONTEND / GUI UPGRADE APPLIANCE Licence push
  • 31. 31 SECURED NETWORK DMZ INTERNET NN6 NETWORK DOCKER REGISTRY (CUSTOMER) UPGRADE BACKEND • HELM / CHART • PROVISIONNING (ANSIBLE, SALT STACK, … ) • … …. manual deploy DOCKER REGISTRY (PROD) MQTT broker MQTT CLIENT registry monitoring Manual/auto docker sync Docker push (subscribe) (publish) https://mqtt.enensys.com dockerregistry.enensys.com CUSTOMER NETWORK BACKEND NOSQL DB https://dashboard.enensys.com MQTT CLIENT PACKAGE REGISTRY (PROD) DOCKER REGISTRY (CUSTOMER) Package push packerregistry.enensys.com LOCAL GUI LICENCE REGISTRY lm.enensys.com LICENCE CUSTOMER) 7. Finaly the upgrade appliance upgrade all devices (by set, not all in the same time), then send a feedback over MQTT to NN6 (for the support team). FRONTEND / GUI UPGRADE APPLIANCE Licence push
  • 32. Upgrade for customer network not connected to Internet (OFFLINE)
  • 33. 33 SECURED NETWORK DMZ INTERNET NN6 NETWORK DOCKER REGISTRY (CUSTOMER) UPGRADE BACKEND • HELM / CHART • PROVISIONNING (ANSIBLE, SALT STACK, … ) • … …. manual deploy DOCKER REGISTRY (PROD) MQTT broker MQTT CLIENT registry monitoring Docker push https://mqtt.enensys.com dockerregistry.enensys.com CUSTOMER NETWORK BACKEND NOSQL DB https://dashboard.enensys.com MQTT CLIENT PACKAGE REGISTRY (PROD) DOCKER REGISTRY (CUSTOMER) Package push packerregistry.enensys.com LOCAL GUI LICENCE REGISTRY lm.enensys.com LICENCE CUSTOMER) 1. A new firwmare is released officially, an email may be sent to the customer by the backend FRONTEND / GUI UPGRADE APPLIANCE
  • 34. 34 SECURED NETWORK DMZ INTERNET NN6 NETWORK DOCKER REGISTRY (CUSTOMER) UPGRADE BACKEND • HELM / CHART • PROVISIONNING (ANSIBLE, SALT STACK, … ) • … …. manual deploy DOCKER REGISTRY (PROD) MQTT broker MQTT CLIENT registry monitoring Docker push https://mqtt.enensys.com dockerregistry.enensys.com CUSTOMER NETWORK BACKEND NOSQL DB https://dashboard.enensys.com MQTT CLIENT PACKAGE REGISTRY (PROD) DOCKER REGISTRY (CUSTOMER) Package push packerregistry.enensys.com LOCAL GUI LICENCE REGISTRY lm.enensys.com LICENCE CUSTOMER) 2. The backend will detect a new release for a customer devices and send an email may be sent to the customer by the backend FRONTEND / GUI UPGRADE APPLIANCE Licence push
  • 35. 35 SECURED NETWORK DMZ INTERNET NN6 NETWORK DOCKER REGISTRY (CUSTOMER) UPGRADE BACKEND • HELM / CHART • PROVISIONNING (ANSIBLE, SALT STACK, … ) • … …. manual deploy DOCKER REGISTRY (PROD) MQTT broker MQTT CLIENT registry monitoring Docker push https://mqtt.enensys.com dockerregistry.enensys.com CUSTOMER NETWORK BACKEND FRONTEND / GUI NOSQL DB https://dashboard.enensys.com MQTT CLIENT PACKAGE REGISTRY (PROD) DOCKER REGISTRY (CUSTOMER) Package push packerregistry.enensys.com LOCAL GUI LICENCE REGISTRY lm.enensys.com LICENCE CUSTOMER) 3. Now, the customer check his dashboard of all its devices and the release note and can decide which on to upgrade (just on, a subset or all) UPGRADE APPLIANCE Licence push
  • 36. 36 SECURED NETWORK DMZ INTERNET NN6 NETWORK DOCKER REGISTRY (CUSTOMER) UPGRADE BACKEND • HELM / CHART • PROVISIONNING (ANSIBLE, SALT STACK, … ) • … …. manual deploy DOCKER REGISTRY (PROD) MQTT broker MQTT CLIENT registry monitoring Docker push https://mqtt.enensys.com dockerregistry.enensys.com CUSTOMER NETWORK BACKEND NOSQL DB https://dashboard.enensys.com MQTT CLIENT PACKAGE REGISTRY (PROD) DOCKER REGISTRY (CUSTOMER) Package push packerregistry.enensys.com LOCAL GUI LICENCE REGISTRY lm.enensys.com LICENCE CUSTOMER) 4. An encrypted (pgp) tarball is now downloaded PGP TARBALL download ENCRYPTED TARBALL (static update) Generate FRONTEND / GUI UPGRADE APPLIANCE Licence push
  • 37. 37 SECURED NETWORK DMZ INTERNET NN6 NETWORK DOCKER REGISTRY (CUSTOMER) UPGRADE BACKEND • HELM / CHART • PROVISIONNING (ANSIBLE, SALT STACK, … ) • … …. manual deploy DOCKER REGISTRY (PROD) MQTT broker MQTT CLIENT registry monitoring Docker push https://mqtt.enensys.com dockerregistry.enensys.com CUSTOMER NETWORK BACKEND NOSQL DB https://dashboard.enensys.com MQTT CLIENT PACKAGE REGISTRY (PROD) DOCKER REGISTRY (CUSTOMER) Package push packerregistry.enensys.com LOCAL GUI LICENCE REGISTRY lm.enensys.com LICENCE CUSTOMER) ENCRYPTED TARBALL (static update) FRONTEND / GUI UPGRADE APPLIANCE Licence push 5. Now the cutomer can upload the encrypted (pgp) tarball that contains all update for the customer’s devices. Upload
  • 38. 38 SECURED NETWORK DMZ INTERNET NN6 NETWORK DOCKER REGISTRY (CUSTOMER) UPGRADE BACKEND • HELM / CHART • PROVISIONNING (ANSIBLE, SALT STACK, … ) • … …. manual deploy DOCKER REGISTRY (PROD) MQTT broker MQTT CLIENT registry monitoring Manual/auto docker sync Docker push (subscribe) (publish) https://mqtt.enensys.com dockerregistry.enensys.com CUSTOMER NETWORK BACKEND NOSQL DB https://dashboard.enensys.com MQTT CLIENT PACKAGE REGISTRY (PROD) DOCKER REGISTRY (CUSTOMER) Package push packerregistry.enensys.com LOCAL GUI LICENCE REGISTRY lm.enensys.com LICENCE CUSTOMER) 6. Finaly the upgrade appliance upgrade all devices (by set, not all in the same time) ; it may be interesting to got a feedback on the serveur upgraded ! FRONTEND / GUI UPGRADE APPLIANCE Licence push
  • 39. ENENSYS 4A rue des Buttes CS 37734 35 577 Cesson-Sévigné – France Phone (+33) 1 70 72 51 70 Email contact@test-tree.com www.enensys.com 39