If it's in a Container it's Secure Right? Scott Coulton, AutoPilot HQ

•

1 like•1,427 views

If it's in a Container it's Secure Right? Audience: Beginner Topic: Cloud Security Abstract: In the talk we will look at the different layers of security that can be applied to a container eco system and the different teams responsibility in the eco system to deliver security. From the sysadmins point of view how do i make sure the container daemon is secured, what official hardening guides are out there to follow. From an application developers point of view, how does secomp/appapparmor work? To make sure that only the process from the application have access to the host machine. Now that we have the local container secured, how do we make sure our deployments follow the same structure and security profiles. Can we add security checks to our container CD pipeline like we would quality gates? Lastly we will look at from the point of the security team. How can they have input to all the steps we have taken from beginning of the process and not the end. Allowing all the teams to work together breaking down silo to deliver a solution. Speaker Bio: Scott Coulton, AutoPilot HQ Scott Coulton is a solutions architect with 10 years of experience in the managed services and hosting space. He has extensive experience in architecture, and rolling out systems and network solutions for national and multinational companies with a wide variety of technologies, including AWS, Puppet, Docker, Cisco, VMware, Microsoft and Linux. His design strengths are in cloud computing, automation and the security space. OpenStack Australia Day Government - Canberra 2016 https://events.aptira.com/openstack-australia-day-canberra-2016/

If it’s in a container it’s secure right ?
A guide to container security by @scottcoulton

About me.
Platform
engineering lead @

Does the traditional infosec
toolchain work efficiently
in a world where a
container’s average lifespan is
2 days?

1. Intro
What we will cover
➔ How is container security
different ?
Does traditional security fit ?
➔ How to protect our container
Protecting from the inside out
➔ Security and CD
Can the 2 worlds live together
➔ Live demo

The way that traditional
infosec works is
Reactive
Containers allow you to be
Proactive in your
approach to infosec

2. Examples
Here are a few comparable examples:
➔ Traditional
Nessus, AV, HIDS
➔ New school
AppArmor, Clair, Notary

The risks.
● DoS the host (CPU, Memory or Disk)
● Fork Bomb
● Kernel modification
● Privilege Escalation

Let’s look @ protecting the
engine.
Docker 1.12 Benchmark

Some sane defaults.
● Don’t run --pid host or --net host (without knowing the
risks)
● Don’t bind your daemon to tcp://0.0.0.0:4243
● Don’t use aufs as your storage driver
● Use TLS for all daemon traffic

Just one! That’s all you need.
(I am talking about process inside your container !!!)

If you know the process then
apply AppArmor.

AppArmor example.

Infosec and continuous delivery.
The myth ...

Add security to the pipeline
Enter

Sign our images
with Notary.

The full continuous delivery pipeline.

3. Live Demo
We are going to test what we have learnt
today and run a standard Nginx image
We will them use the Dirtyc0w vulnerability to
write to a file owned by root, then privilege
escalate to root for a standard user :
➔ Without AppArmor
All exploits will work
➔ With AppArmor
Our container will be safe

The code from
the live demo is
available @
https://github.com
/scotty-c

Any Questions ?

More Related Content

Viewers also liked

An Open Approach to Government Cloud and how Government could deliver a Next Generation Shared Services on OpenStack using Application Orchestration and MicroServices Audience: Beginner/Intermediate Topic: IT Strategies Abstract: As the Head of Technology and Cloud Platforms at Vault Systems, Dez will take us through the importance of Open Cloud Architecture and how OpenStack is being adopted by the broader community to deliver Services to Government. Speaker Bio: Dez is a geek who wears a suit ( board room attire ) as comfortably as he wears a hoodie. He runs OpenStack, Docker, Hadoop & Spark on his laptop, and cloud bursts just for kicks. He’s a confirmed “cloud believer”, and it’s reported he has the ability to perform Jedi mind tricks with a whiteboard marker. His professional career spans 25+ years experience in the IT & Telco industries, as a strategic leader in business & digital transformation, strategy & implementing business initiatives during the day, cutting coding through the night. His day job includes a mandate to develop, evangelize and drive key market segments including Cloud Computing, Big Data & Analytics, and Internet of Things. OpenStack Australia Day Government - Canberra 2016 https://events.aptira.com/openstack-australia-day-canberra-2016/

An Open Approach to Government Cloud: Dez Blanchfield, Vault Systems

An Open Approach to Government Cloud: Dez Blanchfield, Vault Systems

An Open Approach to Government Cloud: Dez Blanchfield, Vault Systems

Audience: All levels Topic: OpenStack Keynote Abstract: Fresh from the OpenStack Summit in Barcelona, David and Tom will conduct an interactive QA session, discuss several hot industry topics, including: Containers and OpenStack being the fastest way for Enterprise to get their hands on them for testing. Security and OpenStack being the leading cloud for this capability as per Linux award. Multi-cloud and forthcoming cross-cloud applications. To support these high level themes David and Tom will look to highlight two case studies: The UK Tax office using OpenStack for all tax payments, and The Australian Federal Gov’t investment in the NeCTAR cloud. OpenStack Australia Day Government - Canberra 2016 https://events.aptira.com/openstack-australia-day-canberra-2016/

We Are OpenStack: David F. Flanders & Tom Fifield, OpenStack Foundation

We Are OpenStack: David F. Flanders & Tom Fifield, OpenStack Foundation

We Are OpenStack: David F. Flanders & Tom Fifield, OpenStack Foundation

Crowbar and OpenStack Audience: Intermediate Topic: Operations Abstract: One of the greatest challenges in implementing OpenStack is the complexity in deploying and maintaining all of its many components on what can be a wide range of different hardware platforms. To mitigate this problem, SUSE has developed Crowbar, an open source deployment tool that has led to SUSE winning the “Rule the Stack” deployment competition every time it has been run. This presentation will take you through the basics of Crowbar as well as a demonstration of some of its features. Speaker Bio: Steven Kowalik, SUSE Steven Kowalik is a Sydney-based open source developer with over two decades experience contributing to major projects, including over 15 years with Debian GNU/Linux, as well as significant involvement with upstream OpenStack. Steven is currently a senior developer at SUSE, working on primarily on SUSE OpenStack Cloud and related projects. OpenStack Australia Day Government - Canberra 2016 https://events.aptira.com/openstack-australia-day-canberra-2016/

Crowbar and OpenStack: Steve Kowalik, SUSE

Crowbar and OpenStack: Steve Kowalik, SUSE

Crowbar and OpenStack: Steve Kowalik, SUSE

The 'Untold' OpenStack Enterprise Customer Stories Audience: Beginner Topic: User Stories Abstract: A real, unedited & uncut look into the untold stories of HPE’s enterprise customer journeys in OpenStack over the past 8 months. Alex and Anthony will take the audience through a number of Australian and NZ based customers and their previously untold journey in OpenStack looking at both their use cases, positives, negatives and how challenges were overcome. Wrapping up, we will take a quick look at the new features of Helion OpenStack 4.0 and what makes it truly ‘enterprise grade’. Speaker Bio: Anthony Rees & Alex Tesch, HPE Alex & Anthony have been working with Open Source enterprise technologies for the better part of 15 years and have presented at events such as the OpenStack Summit in Austin and LinuxCon NZ. OpenStack Australia Day Government - Canberra 2016 https://events.aptira.com/openstack-australia-day-canberra-2016/

The 'Untold' OpenStack Enterprise Customer Stories: Anthony Rees & Alex Tesch...

The 'Untold' OpenStack Enterprise Customer Stories: Anthony Rees & Alex Tesch...

The 'Untold' OpenStack Enterprise Customer Stories: Anthony Rees & Alex Tesch...

Multiple Sites and Disaster Recovery with Ceph Audience: Intermediate Topic: Storage Abstract: Ceph is the leading storage solution for OpenStack. As OpenStack deployments become more mission critical and widely deployed, multiple site requirements are increasing as is the need to ensure disaster recovery and business continuity. Learn about the new capabilities in Ceph that assist customers with meeting these requirements for block and object uses. Speaker Bio: Andrew Hatfield, Red Hat Andrew has over 20 years experience in the IT industry across APAC, specialising in Databases, Directory Systems, Groupware, Virtualisation and Storage for Enterprise and Government organisations. When not helping customers slash costs and increase agility by moving to the software-defined storage future, he’s enjoying the subtle tones of Islay Whisky and shredding pow pow on the world’s best snowboard resorts. OpenStack Australia Day Government - Canberra 2016 https://events.aptira.com/openstack-australia-day-canberra-2016/

Multiple Sites and Disaster Recovery with Ceph: Andrew Hatfield, Red Hat

Multiple Sites and Disaster Recovery with Ceph: Andrew Hatfield, Red Hat

Multiple Sites and Disaster Recovery with Ceph: Andrew Hatfield, Red Hat

Containers and OpenStack Audience: Intermediate Topic: Infrastructure Abstract: Containers are the new darling of the development world, and many are calling for an end of the IaaS world. But there are still key reasons that IaaS is important even as Container based development becomes the desired path for the development community. We will review containers in the context of their growth in popularity, and look at how OpenStack both continues to support and enable Container solutions, and the latest developments in OpenStack as a containerized solution directly. Speaker Bio: Marc Van Hoof, Kumulus Marc van Hoof has been in the technology industry for over 20 years, focused on developing, deploying, and scaling internet applications. He was part of a team that built the first internet data centre in Australia, has worked on some of the largest online real-time events, and advises companies on how to take advantage of the true benefits of migrating to the cloud. OpenStack Australia Day Government - Canberra 2016 https://events.aptira.com/openstack-australia-day-canberra-2016/

Containers and OpenStack: Marc Van Hoof, Kumulus: Containers and OpenStack

Containers and OpenStack: Marc Van Hoof, Kumulus: Containers and OpenStack

Containers and OpenStack: Marc Van Hoof, Kumulus: Containers and OpenStack

Audience: Beginner About: OpenStack has moved from the developer’s laptop to become real enterprise infrastructure – but what is involved in designing, deploying and maintaining an OpenStack environment in the real world? This session will look at the solution design & infrastructure architecture considerations for enterprise OpenStack, including discussions on high availability, upgrading, and appropriate systems sizing, along with a sprinkling of case studies from real world deployments at leading adopters. Speaker Bio: Peter Lees – Chief Technologist, SUSE Peter Lees is chief technologist for SUSE in Asia-Pacific, charged with developing awareness of SUSE technologies & capabilities throughout the region. He has extensive experience in the IT industry, especially in open systems, IT infrastructure, and network computing, including roles at NetApp and Sun Microsystems, together with early involvement in Australia’s Internet industry. OpenStack Australia Day Sydney 2016 https://events.aptira.com/openstack-australia-day-sydney-2016/

OpenStack Australia Day 2016 - Peter Lees, SUSE: Planning an Enterprise OpenS...

OpenStack Australia Day 2016 - Peter Lees, SUSE: Planning an Enterprise OpenS...

OpenStack Australia Day 2016 - Peter Lees, SUSE: Planning an Enterprise OpenS...

Audience: Intermediate About: Tales from an OpenStack operations team that had to learn to walk before they could fly. A small agile team who follow scrum to reduce single points of failure and rely heavily on orchestration. This presentation will outline how we use metrics to investigate, troubleshoot and influence purchasing decisions. Why Up Down monitoring is not enough in this day and age, and how to support the inevitable Persistent VM in the cloud. Speaker Bio: Rarm Nagalingam – Senior Consultant, Red Hat Rarm is a Senior Consultant at Red Hat working with customers to deploy and manage their cloud infrastructure. As a passionate cloud advocate, he has assisted in the migration of workloads running on legacy virtualisation to the cloud. Rarm has over 13 years of experience in the ICT industry, specializing in rapid development of bespoke systems. OpenStack Australia Day - Sydney 2016 https://events.aptira.com/openstack-australia-day-sydney-2016/

/bin/tails from OpenStack Operations: Rarm Nagalingam, Red Hat

/bin/tails from OpenStack Operations: Rarm Nagalingam, Red Hat

/bin/tails from OpenStack Operations: Rarm Nagalingam, Red Hat

Audience: All levels About: Chris has spent most of his career in Open Source and Open Standards to develop mission critical enterprise solutions for customers around the world. In this session, you will learn from his experience what Red Hat’s perspective is on the current state of affairs in the OpenStack community and the path we see ahead that Red Hat is putting its efforts in. You will also learn about industry specific use cases such as Telco and FSI that are major influencers for the direction of OpenStack based on Red Hat’s customer interactions. OpenStack is not a product that tries to solve any one business problem in particular, but a technology that aims to be usable for many – what are the required steps to make sure that your enterprise is ready for the OpenStack transformation. Speaker Bio: Chris Wright – CTO, Red Hat Chris Wright is Vice President and Chief Technologist at Red Hat where he is leading engineers who work on cloud computing, distributed storage, software defined networking and network functions virtualization, containers, machine learning, and continuous delivery. During his more than 20 years as a software engineer he has worked in the telecom industry on high availability and distributed systems and in the Linux industry on security, virtualization, and networking. He has been a Linux developer for over 15 years, most of that time spent deep in the Linux kernel. He is passionate about open source software serving as the foundation for next generation IT systems. He lives in sunny Portland, Oregon where he is happily working with open source projects such as OpenDaylight, Open vSwitch, OPNFV, OpenStack, Open Container Initiative, and Cloud Native Computing Foundation. Chris is currently a board member of OpenDaylight and OPNFV. OpenStack Australia Day - Sydney 2016 https://events.aptira.com/openstack-australia-day-sydney-2016/

From Community to Enterprise and Back Again! Chris Wright, Red Hat

From Community to Enterprise and Back Again! Chris Wright, Red Hat

From Community to Enterprise and Back Again! Chris Wright, Red Hat

Audience: Beginner to Intermediate About: Overall increases in CPU and DRAM processing power are falling behind the massive acceleration in available storage and network bandwidth. Storage management services are emerging as a serious bottleneck. What does this imply for the datacenter of the future? How will it affect the physical network and storage topologies? And how will storage software need to change to meet these new realities? Speaker Bio: Allen joined SanDisk in 2013 as an Engineering Fellow, he is responsible for directing software development for SanDisk’s system level products. He has previously served as Chief Architect at Weitek Corp. and Citrix, and founded several companies including AMKAR Consulting, Orbital Data Corporation, and Cirtas Systems. Allen has a Bachelor of Science in Electrical Engineering from Rice University. OpenStack Australia Day - Sydney 2016 https://events.aptira.com/openstack-australia-day-sydney-2016

The Consequences of Infinite Storage Bandwidth: Allen Samuels, SanDisk

The Consequences of Infinite Storage Bandwidth: Allen Samuels, SanDisk

The Consequences of Infinite Storage Bandwidth: Allen Samuels, SanDisk

Audience: All levels About: Fresh from the OpenStack Summit Austin, Jonathan Bryce will cover the latest news and talk about emerging trends in cloud adoption. Hear about recent users, enterprise workload, container integration and developments in the global community. Speaker Bio: Jonathan Bryce – Executive Director, OpenStack Foundation Jonathan Bryce, who has spent his career building the cloud, is Executive Director of the OpenStack Foundation. Previously he was a founder of The Rackspace Cloud. He started his career working as a web developer for Rackspace, and during his tenure, he and co-worker Todd Morey had a vision to build a sophisticated web hosting environment where users and businesses alike could turn to design, develop and deploy their ideal web site – all without being responsible for procuring the technology, installing it or making sure it is built to be always available. This vision became The Rackspace Cloud. Since then he has been a major driver of OpenStack, the open source cloud software initiative. OpenStack Australia Day - Sydney 2016 https://events.aptira.com/openstack-australia-day-sydney-2016/

We Are OpenStack: Jonathan Bryce, OpenStack Foundation

We Are OpenStack: Jonathan Bryce, OpenStack Foundation

We Are OpenStack: Jonathan Bryce, OpenStack Foundation

Audience: Intermediate About: Rackspace has one of, if not the largest, OpenStack Development teams in the A/NZ region – a technical depth that delivers unique capabilities to customers. This session will review a unique Continuous Integration approach for one of our Australian clients that sees fortnightly rolling updates in their production environment with no downtime; work done by the various OpenStack PTL and Core contributors we have within our Australian development organisation leading up to the Mitaka release and conclude with an update on future directions for utilising Containers within OpenStack environments. Speaker Bio: Tony Breeds – Software Developer / OpenStack Stable PTL,Rackspace Tony Breeds is the Project Team Lead for OpenStack Stable Branch Maintenance within Rackspace’s Global OpenStack team. Tony’s extensive experience in using OpenSource goes back to 1991, not long after Linus Torvalds released the first Linux Kernel. Since then he has held roles as a Systems Administrator, Network Architect, Kernel Developer and Engineering Manager. OpenStack Australia Day - Sydney 2016 https://events.aptira.com/openstack-australia-day-sydney-2016/

OpenStack and Rackspace – an Australian perspective: Tony Breeds, Rackspace

OpenStack and Rackspace – an Australian perspective: Tony Breeds, Rackspace

OpenStack and Rackspace – an Australian perspective: Tony Breeds, Rackspace

Audience: Intermediate About: Developing a new product from scratch in a large business can be a time- and effort-consuming exercise. When Telstra started our journey on a new initiative developing a new platform to support bringing new products to market more quickly and cost-effectively, we knew that we would need to do things a bit differently. How can we build faster and cheaper? Can we do it without deploying any physical elements? How can we get closer to our aspirations for a Continuous Deployment model? How can we start small(ish) and grow rather than deploying everything up front? This presentation will talk about these questions and how they lead to our use of OpenStack for both application deployment and a Network Functions Virtualisation platform. Speaker Bio: Rik Harris – Cloud Technology Strategy, Telstra Rik is an experienced IT professional who has been working in corporate and government Australia for around 25 years. He has been with Telstra since 2003 in several roles, including running IT infrastructure deployment teams, managing engineering for Telstra internal shared infrastructure and currently responsible for technology strategy for Telstra’s Cloud business. OpenStack Australia Day - Sydney 2016 https://events.aptira.com/openstack-australia-day-sydney-2016/

Using OpenStack to Accelerate New Product Development: Rik Harris, Telstra

Using OpenStack to Accelerate New Product Development: Rik Harris, Telstra

Using OpenStack to Accelerate New Product Development: Rik Harris, Telstra

Audience: Intermediate About: NFV/SDN end to end service orchestration and management are key topics at play in the industry today. This presentation gives an overview of some of the key components in this space like TOSCA NFV, Service Orchestration, VNF Management, Diagnostics before then diving into the OpenStack Tacker VNF Management details. Speaker Bio: Craig Stevens – Principal Software Engineer, Brocade Craig is a Principal Software Engineer at Brocade and has held various CTO, architectural and software engineering positions working with Service Providers throughout Asia Pacific. Craig is able to draw on his background and experience to give a unique perspective on this new software paradigm. OpenStack Australia Day - Sydney 2016 https://events.aptira.com/openstack-australia-day-sydney-2016/

The OpenStack Tacker Project and SDN/NFV MANO: Craig Stevens, Brocade

The OpenStack Tacker Project and SDN/NFV MANO: Craig Stevens, Brocade

The OpenStack Tacker Project and SDN/NFV MANO: Craig Stevens, Brocade

Viewers also liked (14)

An Open Approach to Government Cloud: Dez Blanchfield, Vault Systems

An Open Approach to Government Cloud: Dez Blanchfield, Vault Systems

An Open Approach to Government Cloud: Dez Blanchfield, Vault Systems

We Are OpenStack: David F. Flanders & Tom Fifield, OpenStack Foundation

We Are OpenStack: David F. Flanders & Tom Fifield, OpenStack Foundation

We Are OpenStack: David F. Flanders & Tom Fifield, OpenStack Foundation

Crowbar and OpenStack: Steve Kowalik, SUSE

Crowbar and OpenStack: Steve Kowalik, SUSE

Crowbar and OpenStack: Steve Kowalik, SUSE

The 'Untold' OpenStack Enterprise Customer Stories: Anthony Rees & Alex Tesch...

The 'Untold' OpenStack Enterprise Customer Stories: Anthony Rees & Alex Tesch...

The 'Untold' OpenStack Enterprise Customer Stories: Anthony Rees & Alex Tesch...

Multiple Sites and Disaster Recovery with Ceph: Andrew Hatfield, Red Hat

Multiple Sites and Disaster Recovery with Ceph: Andrew Hatfield, Red Hat

Multiple Sites and Disaster Recovery with Ceph: Andrew Hatfield, Red Hat

Containers and OpenStack: Marc Van Hoof, Kumulus: Containers and OpenStack

Containers and OpenStack: Marc Van Hoof, Kumulus: Containers and OpenStack

Containers and OpenStack: Marc Van Hoof, Kumulus: Containers and OpenStack

OpenStack Australia Day 2016 - Peter Lees, SUSE: Planning an Enterprise OpenS...

OpenStack Australia Day 2016 - Peter Lees, SUSE: Planning an Enterprise OpenS...

OpenStack Australia Day 2016 - Peter Lees, SUSE: Planning an Enterprise OpenS...

/bin/tails from OpenStack Operations: Rarm Nagalingam, Red Hat

/bin/tails from OpenStack Operations: Rarm Nagalingam, Red Hat

/bin/tails from OpenStack Operations: Rarm Nagalingam, Red Hat

From Community to Enterprise and Back Again! Chris Wright, Red Hat

From Community to Enterprise and Back Again! Chris Wright, Red Hat

From Community to Enterprise and Back Again! Chris Wright, Red Hat

The Consequences of Infinite Storage Bandwidth: Allen Samuels, SanDisk

The Consequences of Infinite Storage Bandwidth: Allen Samuels, SanDisk

The Consequences of Infinite Storage Bandwidth: Allen Samuels, SanDisk

We Are OpenStack: Jonathan Bryce, OpenStack Foundation

We Are OpenStack: Jonathan Bryce, OpenStack Foundation

We Are OpenStack: Jonathan Bryce, OpenStack Foundation

OpenStack and Rackspace – an Australian perspective: Tony Breeds, Rackspace

OpenStack and Rackspace – an Australian perspective: Tony Breeds, Rackspace

OpenStack and Rackspace – an Australian perspective: Tony Breeds, Rackspace

Using OpenStack to Accelerate New Product Development: Rik Harris, Telstra

Using OpenStack to Accelerate New Product Development: Rik Harris, Telstra

Using OpenStack to Accelerate New Product Development: Rik Harris, Telstra

The OpenStack Tacker Project and SDN/NFV MANO: Craig Stevens, Brocade

The OpenStack Tacker Project and SDN/NFV MANO: Craig Stevens, Brocade

The OpenStack Tacker Project and SDN/NFV MANO: Craig Stevens, Brocade

More from OpenStack

We recently teamed up with our good friends at SUSE to build a very high-performing and scalable storage landscape at a fraction of the cost than with traditional storage systems for the Swinburne University of Technology. The challenge that the IT team at Swinburne were facing is how to accommodate the ever-growing need for performance and capacity while sticking to a tight budget. With SUSE Enterprise Storage we have been able to deploy a compelling and affordable solution to support Swinburne’s storage needs. Their new storage platform is fast and flexible, meaning the IT team at Swinburne can support the needs of researchers more effectively. https://aptira.com/swinburne-university-technology/

Swinburne University of Technology - Shunde Zhang & Kieran Spear, Aptira

Swinburne University of Technology - Shunde Zhang & Kieran Spear, Aptira

Swinburne University of Technology - Shunde Zhang & Kieran Spear, Aptira

Audience Level Intermediate Synopsis Today’s fast-paced development environment has changed the compliance landscape. Many software projects consist of more than 50% Open Source Software (OSS) components, but as much as 99% are undocumented, increasing the complexities of managing your company’s software compliance process. Of particular concern is “Zombie software”, or software that is outdated and contains vulnerable versions of certain components. Zombies can live in your code forever if you’re not aware of them. The acceleration of modern development lifecycles and the breakdown of an undocumented software supply chain have opened up new pathways for zombies to enter your software – leaving you exposed to security threats. This presentation discusses best practices for implementing an Open Source Software management strategy that covers common pitfalls and commercial licence issues as well as the optimal way to track and eliminate the risks associated with Zombies! Speaker Bio: Involved in and around IT development for over 20 years, starting as a web developer using NotePad in 1995 when the most exciting thing online was Sun’s animated Java coffee cup, through Numega Pre-Sales selling BoundsChecker and now into the brave, new World of Open Source and software composition analysis.

Related OSS Projects - Peter Rowe, Flexera Software

Related OSS Projects - Peter Rowe, Flexera Software

Related OSS Projects - Peter Rowe, Flexera Software

Audience Level Intermediate Synopsis The traditional user experience for High Performance Computing (HPC) centers around the command line, and the intricacies of the underlying hardware. At the same time, scientific software is moving towards the cloud, leveraging modern web-based frameworks, allowing rapid iteration, and a renewed focus on portability and reproducibility. This software still has need for the huge scale and specialist capabilities of HPC, but leveraging these resources is hampered by variation in implementation between facilities. Differences in software stack, scheduling systems and authentication all get in the way of developers who would rather focus on the research problem at hand. This presentation reviews efforts to overcome these barriers. We will cover container technologies, frameworks for programmatic HPC access, and RESTful APIs that can deliver this as a hosted solution. Speaker Bio Dr. David Perry is Compute Integration Specialist at The University of Melbourne, working to increase research productivity using cloud and HPC. David chairs Australia’s first community-owned wind farm, Hepburn Wind, and is co-founder/CTO of BoomPower, delivering simpler solar and battery purchasing decisions for consumers and NGOs.

Supercomputing by API: Connecting Modern Web Apps to HPC

Supercomputing by API: Connecting Modern Web Apps to HPC

Supercomputing by API: Connecting Modern Web Apps to HPC

Audience Level Beginner Synopsis The Nectar Research Cloud provides an OpenStack cloud for Australia’s academic researchers. Since its inception in 2012 it has grown steadily to over 30,000 CPUs, with over 10,000 registered users from more than 50 research institutions. It is different to many clouds in being a federation across eight organisations, each of which runs cloud infrastructure in one or more data centres and contributes to a distributed help desk and user support. A Nectar core services team runs centralised cloud services. This presentation will give an overview of the experiences, challenges and benefits of running a federated OpenStack cloud and a short demonstration on using the Nectar cloud. We will also describe some current approaches that are looking to extend this federation to encompass other institutions including some in New Zealand, to extend the infrastructure using commercial cloud providers, and to move towards interoperability with the growing number of international science and research clouds through the new Open Research Cloud initiative. Speaker Bio Dr Paul Coddington is a Deputy Director of Nectar, responsible for the Nectar national Research Cloud, and also Deputy Director of eResearch SA. He has over 30 years experience in eResearch including computational science, high performance and distributed computing, cloud computing, software development, and research data management. I am text block. Click edit button to change this text. Lorem ipsum dolor sit amet, consectetur adipiscing elit. Ut elit tellus, luctus nec ullamcorper mattis, pulvinar dapibus leo.

Federation and Interoperability in the Nectar Research Cloud

Federation and Interoperability in the Nectar Research Cloud

Federation and Interoperability in the Nectar Research Cloud

Audience Level Intermediate Synopsis In this presentation, Shunde will show you how to simplify the migration process with a workload migration engine, making the move to OpenStack easy. This talk will address the various difficulties operators and administrators face when migrating workloads and resources between various cloud platforms, including removing time consuming, repetitive and complicated steps. This tool can be applied to many cloud migrations, including between Virtual Machines and OpenStack, between Public and Private clouds, as well as between OpenStack and OpenStack. This tool integrates completely with other OpenStack projects minimising deployment and maintenance efforts. So whether you’re looking to upgrade from your existing traditional virtualisation platform, setup a new OpenStack instance, or upgrade to a newer version of OpenStack, we will show you how to simplify this process using GUTS. Speaker Bio Shunde is a senior software developer in Aptira with over 15 years experience in software development, automation and system administration. He has worked with OpenStack since the Diablo cycle and has been involved in projects from OpenStack infrastructure to distributed systems running on top of OpenStack.

Simplifying the Move to OpenStack

Simplifying the Move to OpenStack

Simplifying the Move to OpenStack

Audience Level Intermediate Synopsis Hypercoverged Compute, Network and Storage is ready for production workloads – where it makes sense. Whether you’re a telecommunications carrier, service provider or enterprise; implementing Network Function Virtualisation (NFV), focusing on specific known workloads or simply a dev / test cloud – deploying a hypercoverged OpenStack cloud makes a lot of sense. Come along and discover which workloads fit a hyperconverged architecture, see examples and look into the very near future and learn how OpenStack is truly ready to serve your every need. Speaker Bio Andrew has over 20 years experience in the IT industry across APAC, specialising in Databases, Directory Systems, Groupware, Virtualisation and Storage for Enterprise and Government organisations. When not helping customers slash costs and increase agility by moving to the software-defined future, he’s enjoying the subtle tones of Islay Whisky and shredding pow pow on the world’s best snowboard resorts.

Hyperconverged Cloud, Not just a toy anymore - Andrew Hatfield, Red Hat

Hyperconverged Cloud, Not just a toy anymore - Andrew Hatfield, Red Hat

Hyperconverged Cloud, Not just a toy anymore - Andrew Hatfield, Red Hat

Audience Level Beginner Synopsis Migrating is never simple, but migrating from a traditional infrastructure to a private cloud infrastructure adds a whole new layer of complexity and raises a number of questions for IT decision makers. Come learn first hand how to begin to migrate your traditional infrastructure management tools and processes to OpenStack. This session will provide details on common questions and answers to help administrators avoid costly mistakes. Learn what to look out for, what to avoid, how to identify risks and how to mitigate them. Speaker Bio: Avi is an accomplished technical product manager with extensive experience across the operating system, virtualisation and application stacks.

Migrating your infrastructure to OpenStack - Avi Miller, Oracle

Migrating your infrastructure to OpenStack - Avi Miller, Oracle

Migrating your infrastructure to OpenStack - Avi Miller, Oracle

Audience Level All levels Synopsis Often times, prospects and existing OpenStack users wonder if there is indeed strong business and technical value proposition for cloud platforms serving a specific industry vertical. In this session, EasyStack would like to share with the participants our experience engaging with an industry leader to build a credible solution platform catering to their current and future business and technology roadmap. Speaker Bio: Adrian is Director Global Business Development in EasyStack and has 20 years working experience in leading tech companies in the IT industry. Prior to joining EasyStack, Adrian was with IBM Singapore and IBM China and served in roles such as Offering Manager, Engagement Manager, Solution Architect, Services Consultant, IT Specialist. Adrian holds a Bachelor of Science degree with honors in Computer Sciences from University of Texas at Austin.

A glimpse into an industry Cloud using Open Source Technologies - Adrian Koh,...

A glimpse into an industry Cloud using Open Source Technologies - Adrian Koh,...

A glimpse into an industry Cloud using Open Source Technologies - Adrian Koh,...

Audience Level All levels Synopsis OpenStack offers many advantages for organisations building out their cloud environments, including flexibility and community-driven innovation. However, enterprises looking to deploy OpenStack in production typically find its storage management capabilities wanting from the perspective of management complexity and business resiliency. Enterprises are also challenged when it comes to ensuring protection of their data and providing the necessary performance – especially for their tier one applications. Meeting these fundamental needs is critical for enterprises to proceed confidently with their OpenStack deployments. Veritas HyperScale for OpenStack is a software-defined storage management solution uniquely developed for OpenStack based clouds. It leverages direct attached storage (DAS) and provides enterprise-strength capabilities that enable robust, production-scale deployment while meeting performance and data protection needs. Learn how this innovative solution, coupled with other relevant Veritas offerings, solve the remaining issues around implementing OpenStack within the enterprise. Speaker Bio: Tarso dos Santos works as a Technical Account Manager at Veritas, directly engaging with customers to develop strategies, architectures and solutions with focus on Cloud – Openstack, Containers, Data Protection, High Availability and Compliance. He has over 21 years in the IT industry architecting, delivering and positioning solutions such as private clouds, distributed systems, hpc, storage, and high available platforms. Tarso has a great interest in distributed systems performance, and scientific organizations that push the boundaries of existing technologies, but also need to link these into the Enterprise. Tarso in his life has enjoyed working in some of the most amazing projects ranging from mission critical systems protecting Australian lives, to IT infrastructure projects that are looking at the sky and discovering new planets out in the space. OpenStack Australia Day Melbourne 2017 https://events.aptira.com/openstack-australia-day-melbourne-2017/

Enabling OpenStack for Enterprise - Tarso Dos Santos, Veritas

Enabling OpenStack for Enterprise - Tarso Dos Santos, Veritas

Enabling OpenStack for Enterprise - Tarso Dos Santos, Veritas

Audience Level Intermediate Synopsis Ceph – the most popular storage solution for OpenStack – stores all data as a collection of objects. This object store was originally implemented on top of a POSIX filesystem, an approach that turned out to have a number of problems, notably with performance and complexity. BlueStore, a new storage backend for Ceph, was created to solve these issues; the Ceph Jewel release included an early prototype. The code and on-disk format were declared stable (but experimental) for Ceph Kraken, and now in the upcoming Ceph Luminous release, BlueStore will be the recommended default storage backend. With a 2-3x performance boost, you’ll want to look at migrating your Ceph clusters to BlueStore. This talk goes into detail about what BlueStore does, the problems it solves, and what you need to do to use it. Speaker Bio: Tim works for SUSE, hacking on Ceph and related technologies. He has spoken often about distributed storage and high availability at conferences such as linux.conf.au. In his spare time he wrangles pigs, chickens, sheep and ducks, and was declared by one colleague “teammate most likely to survive the zombie apocalypse”.

Understanding blue store, Ceph's new storage backend - Tim Serong, SUSE

Understanding blue store, Ceph's new storage backend - Tim Serong, SUSE

Understanding blue store, Ceph's new storage backend - Tim Serong, SUSE

Audience Level Beginner Synopsis Layer 2 versus Layer 3, MLAG, Spanning-Tree, switch mechanism drivers, overlays and routing-on-the-host — What scales and what does not? The underlying plumbing of an OpenStack network is something you’d rather not have to think about. This presentation examines the network architectures of web-scale and large enterprise OpenStack users and how those same efficiencies can be used in deployments of all sizes. Speaker Bio: Scott is a Member of Technical Staff at Cumulus Networks where he designs, supports and deploys web-scale technologies and architectures in enterprise networks globally. Prior to becoming a founding member of the Cumulus office in Australia, Scott started his career as a network administrator before joining Cisco Systems to support their data centre products. OpenStack Australia Day Melbourne 2017 https://events.aptira.com/openstack-australia-day-melbourne-2017/

OpenStack Networks the Web-Scale Way - Scott Laffer, Cumulus Networks

OpenStack Networks the Web-Scale Way - Scott Laffer, Cumulus Networks

OpenStack Networks the Web-Scale Way - Scott Laffer, Cumulus Networks

Audience Level Intermediate Synopsis Data Analytics is a hot topic today for most organisations as they race to convert vast amounts of data into useful information that can be leveraged to make critical decisions or recommendations in a very limited time window. Today, there is a widely accepted talent gap when it comes to creating and managing Hadoop Clusters. Even for the experts can take hours (or days) to get a fully functional Hadoop farm up and running. On top of that it can be difficult to find java programmers that have enough experience to be productive with Map Reduce. OpenStack Sahara is looking to address most of this challenges by facilitating the deployment of Hadoop clusters and provide a set of API to provide data processing tasks. This session will provide an insight into OpenStack Sahara capabilities and how the end users can leverage on it. Speaker Bio: Alex has been working with Open Source enterprise technologies for the better part of his 15 years IT career in companies like Hewlett-Packard Enterprise, Red Hat, IBM and Sun Microsystems. He started his OpenStack journey with Grizzly, delivering the first HPC cloud in APAC for a Singapore University making use of SRIOV technologies combined with big data. He has extensive deployment experience on configuration management and automation of private cloud based on OpenStack. Alex is currently an APJ Cloud Consultant in the Helion Cloud team at Hewlett-Packard Enterprise, where he evangelizes the OpenSource side of the Helion portfolio (OpenStack / Docker / Ceph). He enjoys running automation workshops and seminars in the APJ region for cloud adopters.

Diving in the desert: A quick overview into OpenStack Sahara capabilities - A...

Diving in the desert: A quick overview into OpenStack Sahara capabilities - A...

Diving in the desert: A quick overview into OpenStack Sahara capabilities - A...

Audience Level Intermediate Synopsis M3 is the latest generation system of the MASSIVE project, an HPC facility specializing in characterization science (imaging and visualization). Using OpenStack as the compute provisioning layer, M3 is a hybrid HPC/cloud system, custom-integrated by Monash’s R@CMon Research Cloud team. Built to support Monash University’s next-gen high-throughput instrument processing requirements, M3 is half-half GPU-accelerated and CPU-only. We’ll discuss the design and tech used to build this innovative platform as well as detailing approaches and challenges to building GPU-enabled and HPC clouds. We’ll also discuss some of the software and processing pipelines that this system supports and highlight the importance of tuning for these workloads. Speaker Bio Blair Bethwaite: Blair has worked in distributed computing at Monash University for 10 years, with OpenStack for half of that. Having served as team lead, architect, administrator, user, researcher, and occasional hacker, Blair’s unique perspective as a science power-user, developer, and system architect has helped guide the evolution of the research computing engine central to Monash’s 21st Century Microscope. Lance Wilson: Lance is a mechanical engineer, who has been making tools to break things for the last 20 years. His career has moved through a number of engineering subdisciplines from manufacturing to bioengineering. Now he supports the national characterisation research community in Melbourne, Australia using OpenStack to create HPC systems solving problems too large for your laptop.

Building a GPU-enabled OpenStack Cloud for HPC - Blair Bethwaite, Monash Univ...

Building a GPU-enabled OpenStack Cloud for HPC - Blair Bethwaite, Monash Univ...

Building a GPU-enabled OpenStack Cloud for HPC - Blair Bethwaite, Monash Univ...

Audience Level All levels Synopsis Peter has been involved in OpenStack community since its B-release, and he has been enabling and helping customers across various industries adopt OpenStack in strategic ways. In this session, you will learn from his experience what Red Hat’s perspective is on the current state of affairs in the OpenStack community and the path we see ahead that Red Hat is putting its efforts in. OpenStack is not a product that tries to solve any one business problem in particular, but a technology that aims to be usable for many – what are the required steps to make sure that your organisation is ready for the OpenStack-based cloudification and transformation. Speaker Bio: Peter Jung is a Senior Business Development Manager at Red Hat where he leads the practice in the areas of Cloud, SDN/NFV and IoT across Australia and New Zealand. He is passionate about open innovation and open source software development model as the foundation for next generation society and ICT systems. Prior to Red Hat, he had various roles at Cisco and Dell for 15 years. He holds a BSEE and an MBA. OpenStack Australia Day Melbourne 2017 https://events.aptira.com/openstack-australia-day-melbourne-2017/

OpenStack and Red Hat: How we learned to adapt with our customers in a maturi...

OpenStack and Red Hat: How we learned to adapt with our customers in a maturi...

OpenStack and Red Hat: How we learned to adapt with our customers in a maturi...

Audience Level Intermediate Synopsis The latest SDN revolution is centered on creating efficient virtualized data center networks using VXLAN & EVPN. We will talk about the scale, performance, and cost advantages of using a modern controller-free virtualized network solution built on 100 Gigabit Ethernet switches with hardware based VXLAN Routing. We will explore the ease of automating such a network in an OpenStack environment and take you through a real world use case of using OpenStack Network Node bridging between a bare metal cloud (EVPN) and a fully virtualized cloud environments (orchestrated by Neutron). Speaker Bio: David has held leadership roles at 3COM, Cisco Systems, Nortel Networks, and IBM where he promoted advanced network technologies including High Speed Ethernet, Layer 4-7 switching, Virtual Machine-aware networking, and Software Defined Networking. David’s current focus is on the evolving landscape of data center networking, scale out storage, Open Networking, and cloud computing.

Meshing OpenStack and Bare Metal Networks with EVPN - David Iles, Mellanox Te...

Meshing OpenStack and Bare Metal Networks with EVPN - David Iles, Mellanox Te...

Meshing OpenStack and Bare Metal Networks with EVPN - David Iles, Mellanox Te...

Audience Level Intermediate Synopsis High performance computing and cloud computing have traditionally been seen as separate solutions to separate problems, dealing with issues of performance and flexibility respectively. In a diverse research environment however, both sets of compute requirements can occur. In addition to the administrative benefits in combining both requirements into a single unified system, opportunities are provided for incremental expansion. The deployment of the Spartan cloud-HPC hybrid system at the University of Melbourne last year is an example of such a design. Despite its small size, it has attracted international attention due to its design features. This presentation, in addition to providing a grounding on why one would wish to build an HPC-cloud hybrid system and the results of the deployment, provides a complete technical overview of the design from the ground up, as well as problems encountered and planned future developments. Speaker Bio Lev Lafayette is the HPC and Training Officer at the University of Melbourne. Prior to that he worked at the Victorian Partnership for Advanced Computing for several years in a similar role.

The Why and How of HPC-Cloud Hybrids with OpenStack - Lev Lafayette, Universi...

The Why and How of HPC-Cloud Hybrids with OpenStack - Lev Lafayette, Universi...

The Why and How of HPC-Cloud Hybrids with OpenStack - Lev Lafayette, Universi...

Ironically, Infrastructure Doesn't Matter - Quinton Anderson, Commonwealth Ba...

Ironically, Infrastructure Doesn't Matter - Quinton Anderson, Commonwealth Ba...

Ironically, Infrastructure Doesn't Matter - Quinton Anderson, Commonwealth Ba...

Audience Level Intermediate Synopsis Hostworks is a part of the Inabox group and an Australian based Managed Hosting and Services Provider with a strong background in management of infrastructure, servers, and applications following Traditional Enterprise management practices. 2 years ago, we began our transition to adopt and deploy cloud technologies and mindsets with an on On-Premises OpenStack platform as part of a larger hybrid cloud offering. This presentation details how we did it, what went wrong, and what went right, important lessons and recommendations for other businesses who wish to follow the same path. Speaker Bio: Daniel is Platform Engineer at Hostworks and specialises in their On-Premises OpenStack cloud offering.

Traditional Enterprise to OpenStack Cloud - An Unexpected Journey

Traditional Enterprise to OpenStack Cloud - An Unexpected Journey

Traditional Enterprise to OpenStack Cloud - An Unexpected Journey

Audience Level Intermediate Synopsis M3 is the latest generation system of the MASSIVE project, an HPC facility specializing in characterization science (imaging and visualization). Using OpenStack as the compute provisioning layer, M3 is a hybrid HPC/cloud system, custom-integrated by Monash’s R@CMon Research Cloud team. Built to support Monash University’s next-gen high-throughput instrument processing requirements, M3 is half-half GPU-accelerated and CPU-only. We’ll discuss the design and tech used to build this innovative platform as well as detailing approaches and challenges to building GPU-enabled and HPC clouds. We’ll also discuss some of the software and processing pipelines that this system supports and highlight the importance of tuning for these workloads. Speaker Bio Blair Bethwaite: Blair has worked in distributed computing at Monash University for 10 years, with OpenStack for half of that. Having served as team lead, architect, administrator, user, researcher, and occasional hacker, Blair’s unique perspective as a science power-user, developer, and system architect has helped guide the evolution of the research computing engine central to Monash’s 21st Century Microscope. Lance Wilson: Lance is a mechanical engineer, who has been making tools to break things for the last 20 years. His career has moved through a number of engineering subdisciplines from manufacturing to bioengineering. Now he supports the national characterisation research community in Melbourne, Australia using OpenStack to create HPC systems solving problems too large for your laptop.

Building a GPU-enabled OpenStack Cloud for HPC - Lance Wilson, Monash University

Building a GPU-enabled OpenStack Cloud for HPC - Lance Wilson, Monash University

Building a GPU-enabled OpenStack Cloud for HPC - Lance Wilson, Monash University

Monitoring Uptime on the NeCTAR Research Cloud - Andy Botting, University of ...

Monitoring Uptime on the NeCTAR Research Cloud - Andy Botting, University of ...

Monitoring Uptime on the NeCTAR Research Cloud - Andy Botting, University of ...

More from OpenStack (20)

Swinburne University of Technology - Shunde Zhang & Kieran Spear, Aptira

Swinburne University of Technology - Shunde Zhang & Kieran Spear, Aptira

Swinburne University of Technology - Shunde Zhang & Kieran Spear, Aptira

Related OSS Projects - Peter Rowe, Flexera Software

Related OSS Projects - Peter Rowe, Flexera Software

Related OSS Projects - Peter Rowe, Flexera Software

Supercomputing by API: Connecting Modern Web Apps to HPC

Supercomputing by API: Connecting Modern Web Apps to HPC

Supercomputing by API: Connecting Modern Web Apps to HPC

Federation and Interoperability in the Nectar Research Cloud

Federation and Interoperability in the Nectar Research Cloud

Federation and Interoperability in the Nectar Research Cloud

Simplifying the Move to OpenStack

Simplifying the Move to OpenStack

Simplifying the Move to OpenStack

Hyperconverged Cloud, Not just a toy anymore - Andrew Hatfield, Red Hat

Hyperconverged Cloud, Not just a toy anymore - Andrew Hatfield, Red Hat

Hyperconverged Cloud, Not just a toy anymore - Andrew Hatfield, Red Hat

Migrating your infrastructure to OpenStack - Avi Miller, Oracle

Migrating your infrastructure to OpenStack - Avi Miller, Oracle

Migrating your infrastructure to OpenStack - Avi Miller, Oracle

A glimpse into an industry Cloud using Open Source Technologies - Adrian Koh,...

A glimpse into an industry Cloud using Open Source Technologies - Adrian Koh,...

A glimpse into an industry Cloud using Open Source Technologies - Adrian Koh,...

Enabling OpenStack for Enterprise - Tarso Dos Santos, Veritas

Enabling OpenStack for Enterprise - Tarso Dos Santos, Veritas

Enabling OpenStack for Enterprise - Tarso Dos Santos, Veritas

Understanding blue store, Ceph's new storage backend - Tim Serong, SUSE

Understanding blue store, Ceph's new storage backend - Tim Serong, SUSE

Understanding blue store, Ceph's new storage backend - Tim Serong, SUSE

OpenStack Networks the Web-Scale Way - Scott Laffer, Cumulus Networks

OpenStack Networks the Web-Scale Way - Scott Laffer, Cumulus Networks

OpenStack Networks the Web-Scale Way - Scott Laffer, Cumulus Networks

Diving in the desert: A quick overview into OpenStack Sahara capabilities - A...

Diving in the desert: A quick overview into OpenStack Sahara capabilities - A...

Diving in the desert: A quick overview into OpenStack Sahara capabilities - A...

Building a GPU-enabled OpenStack Cloud for HPC - Blair Bethwaite, Monash Univ...

Building a GPU-enabled OpenStack Cloud for HPC - Blair Bethwaite, Monash Univ...

Building a GPU-enabled OpenStack Cloud for HPC - Blair Bethwaite, Monash Univ...

OpenStack and Red Hat: How we learned to adapt with our customers in a maturi...

OpenStack and Red Hat: How we learned to adapt with our customers in a maturi...

OpenStack and Red Hat: How we learned to adapt with our customers in a maturi...

Meshing OpenStack and Bare Metal Networks with EVPN - David Iles, Mellanox Te...

Meshing OpenStack and Bare Metal Networks with EVPN - David Iles, Mellanox Te...

Meshing OpenStack and Bare Metal Networks with EVPN - David Iles, Mellanox Te...

The Why and How of HPC-Cloud Hybrids with OpenStack - Lev Lafayette, Universi...

The Why and How of HPC-Cloud Hybrids with OpenStack - Lev Lafayette, Universi...

The Why and How of HPC-Cloud Hybrids with OpenStack - Lev Lafayette, Universi...

Ironically, Infrastructure Doesn't Matter - Quinton Anderson, Commonwealth Ba...

Ironically, Infrastructure Doesn't Matter - Quinton Anderson, Commonwealth Ba...

Ironically, Infrastructure Doesn't Matter - Quinton Anderson, Commonwealth Ba...

Traditional Enterprise to OpenStack Cloud - An Unexpected Journey

Traditional Enterprise to OpenStack Cloud - An Unexpected Journey

Traditional Enterprise to OpenStack Cloud - An Unexpected Journey

Building a GPU-enabled OpenStack Cloud for HPC - Lance Wilson, Monash University

Building a GPU-enabled OpenStack Cloud for HPC - Lance Wilson, Monash University

Building a GPU-enabled OpenStack Cloud for HPC - Lance Wilson, Monash University

Monitoring Uptime on the NeCTAR Research Cloud - Andy Botting, University of ...

Monitoring Uptime on the NeCTAR Research Cloud - Andy Botting, University of ...

Monitoring Uptime on the NeCTAR Research Cloud - Andy Botting, University of ...

Recently uploaded

[2024]Digital Global Overview Report 2024 Meltwater.pdf

[2024]Digital Global Overview Report 2024 Meltwater.pdf

[2024]Digital Global Overview Report 2024 Meltwater.pdf

Tata AIG General Insurance Company - Insurer Innovation Award 2024

Tata AIG General Insurance Company - Insurer Innovation Award 2024

Tata AIG General Insurance Company - Insurer Innovation Award 2024

The Digital Insurer

Three things you will take away from the session: • How to run an effective tenant-to-tenant migration • Best practices for before, during, and after migration • Tips for using migration as a springboard to prepare for Copilot in Microsoft 365 Main ideas: Migration Overview: The presentation covers the current reality of cross-tenant migrations, the triggers, phases, best practices, and benefits of a successful tenant migration Considerations: When considering a migration, it is important to consider the migration scope, performance, customization, flexibility, user-friendly interface, automation, monitoring, support, training, scalability, data integrity, data security, cost, and licensing structure Next Wave: The next wave of change includes the launch of Copilot, which requires businesses to be prepared for upcoming changes related to Copilot and the cloud, and to consolidate data and tighten governance ShareGate: ShareGate can help with pre-migration analysis, configurable migration tool, and automated, end-user driven collaborative governance

Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff

Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff

Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff

presentation ICT roal in 21st century education

presentation ICT roal in 21st century education

presentation ICT roal in 21st century education

Scaling API-first – The story of a global engineering organization Ian Reasor, Senior Computer Scientist - Adobe Radu Cotescu, Senior Computer Scientist - Adobe Apidays New York 2024: The API Economy in the AI Era (April 30 & May 1, 2024) ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe

Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe

Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe

With more memory available, system performance of three Dell devices increased, which can translate to a better user experience Conclusion When your system has plenty of RAM to meet your needs, you can efficiently access the applications and data you need to finish projects and to-do lists without sacrificing time and focus. Our test results show that with more memory available, three Dell PCs delivered better performance and took less time to complete the Procyon Office Productivity benchmark. These advantages translate to users being able to complete workflows more quickly and multitask more easily. Whether you need the mobility of the Latitude 5440, the creative capabilities of the Precision 3470, or the high performance of the OptiPlex Tower Plus 7010, configuring your system with more RAM can help keep processes running smoothly, enabling you to do more without compromising performance.

Boost PC performance: How more available memory can improve productivity

Boost PC performance: How more available memory can improve productivity

Boost PC performance: How more available memory can improve productivity

Principled Technologies

Developing An App To Navigate The Roads of Brazil

Developing An App To Navigate The Roads of Brazil

Developing An App To Navigate The Roads of Brazil

Partners Life - Insurer Innovation Award 2024

Partners Life - Insurer Innovation Award 2024

Partners Life - Insurer Innovation Award 2024

The Digital Insurer

AWS Community Day CPH - Three problems of Terraform

AWS Community Day CPH - Three problems of Terraform

AWS Community Day CPH - Three problems of Terraform

Andrey Devyatkin

Created by Mozilla Research in 2012 and now part of Linux Foundation Europe, the Servo project is an experimental rendering engine written in Rust. It combines memory safety and concurrency to create an independent, modular, and embeddable rendering engine that adheres to web standards. Stewardship of Servo moved from Mozilla Research to the Linux Foundation in 2020, where its mission remains unchanged. After some slow years, in 2023 there has been renewed activity on the project, with a roadmap now focused on improving the engine’s CSS 2 conformance, exploring Android support, and making Servo a practical embeddable rendering engine. In this presentation, Rakhi Sharma reviews the status of the project, our recent developments in 2023, our collaboration with Tauri to make Servo an easy-to-use embeddable rendering engine, and our plans for the future to make Servo an alternative web rendering engine for the embedded devices industry. (c) Embedded Open Source Summit 2024 April 16-18, 2024 Seattle, Washington (US) https://events.linuxfoundation.org/embedded-open-source-summit/ https://ossna2024.sched.com/event/1aBNF/a-year-of-servo-reboot-where-are-we-now-rakhi-sharma-igalia

A Year of the Servo Reboot: Where Are We Now?

A Year of the Servo Reboot: Where Are We Now?

A Year of the Servo Reboot: Where Are We Now?

MySQL Webinar, presented on the 25th of April, 2024. Summary: MySQL solutions enable the deployment of diverse Database Architectures tailored to specific needs, including High Availability, Disaster Recovery, and Read Scale-Out. With MySQL Shell's AdminAPI, administrators can seamlessly set up, manage, and monitor these solutions, ensuring efficiency and ease of use in their administration. MySQL Router, on the other hand, provides transparent routing from the application traffic to the backend servers in the architectures, requiring minimal configuration. Completely built in-house and supported by Oracle, these solutions have been adopted by enterprises of all sizes for their business-critical applications. In this presentation, we'll delve into various database architecture solutions to help you choose the right one based on your business requirements. Focusing on technical details and the latest features to maximize the potential of these solutions.

Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...

Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...

Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...

Boost Fertility New Invention Ups Success Rates.pdf

Boost Fertility New Invention Ups Success Rates.pdf

Boost Fertility New Invention Ups Success Rates.pdf

sudhanshuwaghmare1

2024: Domino Containers - The Next Step. News from the Domino Container commu...

2024: Domino Containers - The Next Step. News from the Domino Container commu...

2024: Domino Containers - The Next Step. News from the Domino Container commu...

Martijn de Jong

Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024

Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024

Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024

The Digital Insurer

Advantages of Hiring UIUX Design Service Providers for Your Business

Advantages of Hiring UIUX Design Service Providers for Your Business

Advantages of Hiring UIUX Design Service Providers for Your Business

Pixlogix Infotech

💉💊+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHABI}}+971581248768 +971581248768 Mtp-Kit (500MG) Prices » Dubai [(+971581248768**)] Abortion Pills For Sale In Dubai, UAE, Mifepristone and Misoprostol Tablets Available In Dubai, UAE CONTACT DR.Maya Whatsapp +971581248768 We Have Abortion Pills / Cytotec Tablets /Mifegest Kit Available in Dubai, Sharjah, Abudhabi, Ajman, Alain, Fujairah, Ras Al Khaimah, Umm Al Quwain, UAE, Buy cytotec in Dubai +971581248768''''Abortion Pills near me DUBAI | ABU DHABI|UAE. Price of Misoprostol, Cytotec” +971581248768' Dr.DEEM ''BUY ABORTION PILLS MIFEGEST KIT, MISOPROTONE, CYTOTEC PILLS IN DUBAI, ABU DHABI,UAE'' Contact me now via What's App…… abortion Pills Cytotec also available Oman Qatar Doha Saudi Arabia Bahrain Above all, Cytotec Abortion Pills are Available In Dubai / UAE, you will be very happy to do abortion in Dubai we are providing cytotec 200mg abortion pill in Dubai, UAE. Medication abortion offers an alternative to Surgical Abortion for women in the early weeks of pregnancy. We only offer abortion pills from 1 week-6 Months. We then advise you to use surgery if its beyond 6 months. Our Abu Dhabi, Ajman, Al Ain, Dubai, Fujairah, Ras Al Khaimah (RAK), Sharjah, Umm Al Quwain (UAQ) United Arab Emirates Abortion Clinic provides the safest and most advanced techniques for providing non-surgical, medical and surgical abortion methods for early through late second trimester, including the Abortion By Pill Procedure (RU 486, Mifeprex, Mifepristone, early options French Abortion Pill), Tamoxifen, Methotrexate and Cytotec (Misoprostol). The Abu Dhabi, United Arab Emirates Abortion Clinic performs Same Day Abortion Procedure using medications that are taken on the first day of the office visit and will cause the abortion to occur generally within 4 to 6 hours (as early as 30 minutes) for patients who are 3 to 12 weeks pregnant. When Mifepristone and Misoprostol are used, 50% of patients complete in 4 to 6 hours; 75% to 80% in 12 hours; and 90% in 24 hours. We use a regimen that allows for completion without the need for surgery 99% of the time. All advanced second trimester and late term pregnancies at our Tampa clinic (17 to 24 weeks or greater) can be completed within 24 hours or less 99% of the time without the need surgery. The procedure is completed with minimal to no complications. Our Women's Health Center located in Abu Dhabi, United Arab Emirates, uses the latest medications for medical abortions (RU-486, Mifeprex, Mifegyne, Mifepristone, early options French abortion pill), Methotrexate and Cytotec (Misoprostol). The safety standards of our Abu Dhabi, United Arab Emirates Abortion Doctors remain unparalleled. They consistently maintain the lowest complication rates throughout the nation. Our Physicians and staff are always available to answer questions and care for women in one of the most difficult times in their lives. The decision to have an abortion at the Abortion Cl

+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...

+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...

+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...

?#DUbAI#??##{{(☎️+971_581248768%)**%*]'#abortion pills for sale in dubai@

Building Digital Trust in a Digital Economy Veronica Tan, Director - Cyber Security Agency of Singapore Apidays Singapore 2024: Connecting Customers, Business and Technology (April 17 & 18, 2024) ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...

Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...

Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...

Strategies for Landing an Oracle DBA Job as a Fresher

Strategies for Landing an Oracle DBA Job as a Fresher

Strategies for Landing an Oracle DBA Job as a Fresher

Remote DBA Services

🐬 The future of MySQL is Postgres 🐘

🐬 The future of MySQL is Postgres 🐘

🐬 The future of MySQL is Postgres 🐘

ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke

ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke

ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke

Product Anonymous

Recently uploaded (20)

[2024]Digital Global Overview Report 2024 Meltwater.pdf

[2024]Digital Global Overview Report 2024 Meltwater.pdf

[2024]Digital Global Overview Report 2024 Meltwater.pdf

Tata AIG General Insurance Company - Insurer Innovation Award 2024

Tata AIG General Insurance Company - Insurer Innovation Award 2024

Tata AIG General Insurance Company - Insurer Innovation Award 2024

Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff

Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff

Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff

presentation ICT roal in 21st century education

presentation ICT roal in 21st century education

presentation ICT roal in 21st century education

Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe

Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe

Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe

Boost PC performance: How more available memory can improve productivity

Boost PC performance: How more available memory can improve productivity

Boost PC performance: How more available memory can improve productivity

Developing An App To Navigate The Roads of Brazil

Developing An App To Navigate The Roads of Brazil

Developing An App To Navigate The Roads of Brazil

Partners Life - Insurer Innovation Award 2024

Partners Life - Insurer Innovation Award 2024

Partners Life - Insurer Innovation Award 2024

AWS Community Day CPH - Three problems of Terraform

AWS Community Day CPH - Three problems of Terraform

AWS Community Day CPH - Three problems of Terraform

A Year of the Servo Reboot: Where Are We Now?

A Year of the Servo Reboot: Where Are We Now?

A Year of the Servo Reboot: Where Are We Now?

Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...

Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...

Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...

Boost Fertility New Invention Ups Success Rates.pdf

Boost Fertility New Invention Ups Success Rates.pdf

Boost Fertility New Invention Ups Success Rates.pdf

2024: Domino Containers - The Next Step. News from the Domino Container commu...

2024: Domino Containers - The Next Step. News from the Domino Container commu...

2024: Domino Containers - The Next Step. News from the Domino Container commu...

Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024

Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024

Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024

Advantages of Hiring UIUX Design Service Providers for Your Business

Advantages of Hiring UIUX Design Service Providers for Your Business

Advantages of Hiring UIUX Design Service Providers for Your Business

+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...

+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...

+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...

Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...

Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...

Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...

Strategies for Landing an Oracle DBA Job as a Fresher

Strategies for Landing an Oracle DBA Job as a Fresher

Strategies for Landing an Oracle DBA Job as a Fresher

🐬 The future of MySQL is Postgres 🐘

🐬 The future of MySQL is Postgres 🐘

🐬 The future of MySQL is Postgres 🐘

ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke

ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke

ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke

If it's in a Container it's Secure Right? Scott Coulton, AutoPilot HQ

1. If it’s in a container it’s secure right ? A guide to container security by @scottcoulton

2. About me. Platform engineering lead @

3. Does the traditional infosec toolchain work efficiently in a world where a container’s average lifespan is 2 days?

4. 1. Intro What we will cover ➔ How is container security different ? Does traditional security fit ? ➔ How to protect our container Protecting from the inside out ➔ Security and CD Can the 2 worlds live together ➔ Live demo

5. The way that traditional infosec works is Reactive Containers allow you to be Proactive in your approach to infosec

6. 2. Examples Here are a few comparable examples: ➔ Traditional Nessus, AV, HIDS ➔ New school AppArmor, Clair, Notary

7. The risks. ● DoS the host (CPU, Memory or Disk) ● Fork Bomb ● Kernel modification ● Privilege Escalation

8. Let’s look @ protecting the engine. Docker 1.12 Benchmark

9. Some sane defaults. ● Don’t run --pid host or --net host (without knowing the risks) ● Don’t bind your daemon to tcp://0.0.0.0:4243 ● Don’t use aufs as your storage driver ● Use TLS for all daemon traffic

10. Just one! That’s all you need. (I am talking about process inside your container !!!)

11. If you know the process then apply AppArmor.

12. AppArmor example.

13. Infosec and continuous delivery. The myth ...

14. Add security to the pipeline Enter

15. Sign our images with Notary.

16. The full continuous delivery pipeline.

17. 3. Live Demo We are going to test what we have learnt today and run a standard Nginx image We will them use the Dirtyc0w vulnerability to write to a file owned by root, then privilege escalate to root for a standard user : ➔ Without AppArmor All exploits will work ➔ With AppArmor Our container will be safe

18. The code from the live demo is available @ https://github.com /scotty-c

19. Any Questions ?