Modernized Backup for Virtual Environments Open VM and Container Backup with Integration Into Enterprise Backup Platforms
Total Page:16
File Type:pdf, Size:1020Kb
Load more
Recommended publications
-
Equity Research
EQUITY RESEARCH May 2021 7 Monthly Highlights FEATURED ARTICLES: DigitalOcean, Inc. 2 Sixth Street Specialty Lending 4 Coverage Universe (as of 4/30/21) 6 Outperform Rated Stocks 20-21 Perform Rated Stocks 22 Not Rated Stocks 23 Initiation of Coverage 24 Rating Changes 24 For analyst certification and important disclosures, see the Disclosure Appendix. Monthly Highlights Oppenheimer & Co Inc. 85 Broad Street, New York, NY 10004 Tel: 800-221-5588 Fax: 212-667-8229 Monthly Highlights May 3, 2021 CLOUD AND COMMUNICATIONS Stock Rating: DigitalOcean, Inc. Outperform 12-18 mo. Price Target $55.00 Pure-Play Public Cloud Platform for SMBs/Developers, DOCN-NASDAQ (4/30/21) $43.57 Initiated Outperform, $55 PT 11% 3-5 Yr. EPS Gr. Rate NA SUMMARY 52-week Range $45.49-$36.65 DigitalOcean is a very successful niche cloud provider, focused on ease of use for Shares Outstanding 127.0M developers and small businesses that need low-cost and easy-to-use cloud computing. The Float 40.0M Avg. Daily Trading Vol. NA cloud gives SMBs/developers flexibility to run applications and store data in a highly secure Market Capitalization $4,588.1M environment that can be accessed from anywhere. Every industry has scale providers and Dividend/Yield NA/NM niche ones. In cloud, AWS and MSFT are the scale providers with DigitalOcean and Fiscal Year Ends Dec Rackspace the niche providers. We believe that DOCN can grow revenues at 30%-plus per Book Value NM year for the next five years. It is turning FCF positive, and these margins should expand by 2021E ROE NA 100-200 basis points per year. -
Kubernetes Security Guide Contents
Kubernetes Security Guide Contents Intro 4 CHAPTER 1 Securing your container images and CI/CD pipeline 6 Image scanning 6 What is image scanning 7 Docker image scanning open source tools 7 Open source Docker scanning tool: Anchore Engine 8 Securing your CI/CD pipeline 9 Image scanning in CI/CD 10 CHAPTER 2 Securing Kubernetes Control Plane 14 Kubelet security 14 Access to the kubelet API 15 Kubelet access to Kubernetes API 16 RBAC example, accessing the kubelet API with curl 16 Kubernetes API audit and security log 17 Audit log policies configuration 19 Extending the Kubernetes API using security admission controllers 20 Securing Kubernetes etcd 23 PKI-based authentication for etcd 23 etcd peer-to-peer TLS 23 Kubernetes API to etcd cluster TLS 24 Using a trusted Docker registry 24 Kubernetes trusted image collections: Banning non trusted registry 26 Kubernetes TLS certificates rotation and expiration 26 Kubernetes kubelet TLS certificate rotation 27 Kubernetes serviceAccount token rotation 28 Kubernetes user TLS certificate rotation 29 Securing Kubernetes hosts 29 Kubernetes 2 Security Guide Using a minimal host OS 30 Update system patches 30 Node recycling 30 Running CIS benchmark security tests 31 CHAPTER 3 Understanding Kubernetes RBAC 32 Kubernetes role-based access control (RBAC) 32 RBAC configuration: API server flags 34 How to create Kubernetes users and serviceAccounts 34 How to create a Kubernetes serviceAccount step by step 35 How to create a Kubernetes user step by step 37 Using an external user directory 40 CHAPTER 4 Security -
View Annual Report
Dear Arista Networks Stockholders: I am pleased to report that Arista Networks demonstrated another year of strong execution in 2018, with continued momentum from our cloud customers and expanded business in the enterprise vertical. We are extremely proud of the strategic role that Arista is earning, with a broad set of customers deploying transformative cloud networking. 2018 Highlights: • Revenue for our fiscal year 2018 was $2.15 billion representing an increase of 30.7% from the prior year. We now serve over 5,600 customers, having shipped more than twenty million cloud networking ports worldwide, leveraging EOS our advanced network operating system. • Arista introduced Cognitive Cloud Networking for the campus encompassing a new network architecture designed to address transitional changes as the enterprise moves to an IoT ready campus. • Arista acquired WiFi pioneer Mojo Networks for cloud networking expansion, entering the wireless LAN market with a portfolio of WiFi edge products. • Arista introduced the next generation 400G version of our switch routing platforms with two new 400G fixed systems, delivering increased performance for the growth of applications such as AI (artificial intelligence), machine learning, and serverless computing. • Arista acquired Metamako, a leader in low-latency, FPGA-enabled network solutions. This acquisition plays a key role in the delivery of next generation platforms for low-latency applications. • The Forrester WaveTM Hardware Platforms for SDN, Q1 2018, recognized Arista as a leader in the current offering and strategy categories. • Arista maintained its leadership position in the Gartner July 2018 Magic Quadrant for Data Center Networking for the fourth consecutive year. Looking ahead, we see opportunities in delivering new technologies across our cloud networking and cognitive campus platforms in support of a broader customer base. -
Virtualization Getting Started Guide
Red Hat Enterprise Linux 7 Virtualization Getting Started Guide Introduction to virtualization technologies available with RHEL Last Updated: 2020-02-24 Red Hat Enterprise Linux 7 Virtualization Getting Started Guide Introduction to virtualization technologies available with RHEL Jiri Herrmann Red Hat Customer Content Services [email protected] Yehuda Zimmerman Red Hat Customer Content Services [email protected] Dayle Parker Red Hat Customer Content Services Laura Novich Red Hat Customer Content Services Jacquelynn East Red Hat Customer Content Services Scott Radvan Red Hat Customer Content Services Legal Notice Copyright © 2019 Red Hat, Inc. This document is licensed by Red Hat under the Creative Commons Attribution-ShareAlike 3.0 Unported License. If you distribute this document, or a modified version of it, you must provide attribution to Red Hat, Inc. and provide a link to the original. If the document is modified, all Red Hat trademarks must be removed. Red Hat, as the licensor of this document, waives the right to enforce, and agrees not to assert, Section 4d of CC-BY-SA to the fullest extent permitted by applicable law. Red Hat, Red Hat Enterprise Linux, the Shadowman logo, the Red Hat logo, JBoss, OpenShift, Fedora, the Infinity logo, and RHCE are trademarks of Red Hat, Inc., registered in the United States and other countries. Linux ® is the registered trademark of Linus Torvalds in the United States and other countries. Java ® is a registered trademark of Oracle and/or its affiliates. XFS ® is a trademark of Silicon Graphics International Corp. or its subsidiaries in the United States and/or other countries. -
Running Legacy VM's Along with Containers in Kubernetes!
Running Legacy VM’s along with containers in Kubernetes Delusion or Reality? Kunal Kushwaha NTT Open Source Software Center Copyright©2019 NTT Corp. All Rights Reserved. About me • Work @ NTT Open Source Software Center • Collaborator (Core developer) for libpod (podman) • Contributor KubeVirt, buildkit and other related projects • Docker Community Leader @ Tokyo Chapter Copyright©2019 NTT Corp. All Rights Reserved. 2 Growth of Containers in Companies Adoption of containers in production has significantly increased Credits: CNCF website Copyright©2019 NTT Corp. All Rights Reserved. 3 Growth of Container Orchestration usage Adoption of container orchestrator like Kubernetes have also increased significantly on public as well private clouds. Credits: CNCF website Copyright©2019 NTT Corp. All Rights Reserved. 4 Infrastructure landscape app-2 app-2 app-M app-1 app-2 app-N app-1 app-1 app-N VM VM VM kernel VM Platform VM Platform Existing Products New Products • The application infrastructure is fragmented as most of old application still running on traditional infrastructure. • Fragmentation means more work & increase in cost Copyright©2019 NTT Corp. All Rights Reserved. 5 What keeps applications away from Containers • Lack of knowledge / Too complex to migrate in containers. • Dependency on custom kernel parameters. • Application designed for a custom kernel. • Application towards the end of life. Companies prefer to re-write application, rather than directly migrating them to containers. https://dzone.com/guides/containers-orchestration-and-beyond Copyright©2019 NTT Corp. All Rights Reserved. 6 Ideal World app-2 app-2 app-M app-1 app-2 app-N app-1 app-1 app-N VM VM VM kernel VM Platform • Applications in VM and containers can be managed with same control plane • Management/ Governance Policies like RBAC, Network etc. -
Static Vulnerability Analysis of Docker Images
DEGREE PROJECT FOR MASTER OF SCIENCE IN ENGINEERING COMPUTER SECURITY Static Vulnerability Analysis of Docker Images Michael Falk | Oscar Henriksson Blekinge Institute of Technology, Karlskrona, Sweden, 2017 Supervisor: Emiliano Casalicchio, Department of Computer Science and Engineering, BTH Abstract Docker is a popular tool for virtualization that allows for fast and easy deployment of applications and has been growing increasingly popular among companies. Docker also include a large library of images from the repository Docker Hub which mainly is user created and uncontrolled. This leads to low frequency of updates which results in vulnerabilities in the images. In this thesis we are developing a tool for determining what vulnerabilities that exists inside Docker images with a Linux distribution. This is done by using our own tool for downloading and retrieving the necessary data from the images and then utilizing Outpost24’s scanner for finding vulnerabilities in Linux packages. With the help of this tool we also publish statistics of vulnerabilities from the top downloaded images of Docker Hub. The result is a tool that can successfully scan a Docker image for vulnerabilities in certain Linux distributions. From a survey over the top 1000 Docker images it has also been shown that the amount of vulnerabilities have increased in comparison to earlier surveys of Docker images. Keywords: Docker, Containerization, Vulnerability analysis, Vulnerability scanning i Sammanfattning Docker är ett populärt verktyg för virtualisering som används för att snabbt och enkelt sätta upp applikationer och har vuxit sig populärt bland företag. Docker inkluderar även ett stort bibliotek av images från datakatalogen Docker Hub vilket huvudsakligen består av användarskapat och okontrollerat innehåll. -
Nasdaq Case Study
Nutanix Enterprise Cloud Nasdaq Selects Nutanix AHV with Platform Speeds Provisioning, Improves Performance, and Built-in Virtualization for Rapidly Simplifies Management – with a 25% Lower TCO Growing Splunk Environment CHALLENGES Jake Yang is the senior director of global systems and storage at Nasdaq. He and his team of 35 IT professionals are responsible for managing Nasdaq’s Linux, UNIX, and Windows OS platforms, and all of its storage infrastructure. Nasdaq had been relying on a typical multi-tier server and storage platform, with a large number of Dell servers and several proprietary systems. The environ- ment had been virtualized using a mix of VMware vSphere, Microsoft Hyper-V, and the KVM open source hypervisor. A combi-nation of Fibre Channel and dedicated Ethernet networks was used for all tier-1 and tier-2 storage, with network-attached storage for various other workloads. “Our IT challenges have always centered on agility, performance, and cost,” reported Yang. “We needed the ability to scale service to our internal customers in a more efcient and faster manner. With our traditional SAN environment, provisioning storage was a multi-step process. There were a lot of background tasks that had to be completed, including carving out LUNs, configuring the storage network fabric, and setting up I/O multipathing.” Most of the steps were transparent to Nasdaq’s end-user teams—they just knew that it took a very long time for the storage to be provisioned. Deploying a new storage controller into the datacenter was usually a multi-week efort, and that didn’t even include the time it took for Nasdaq’s internal procurement processes. -
OKI SENDYS Explorer Wins Editor’S Choice Award
PRINT, MFP, SOFTWARE, SERVICES, DOCUMENT & CLOUD NEWS & INFORMATION FOR VARS, CONVERGED RESELLERS & MFP DEALERS www.printitreseller.uk ISSUE 64 · 2019 OKI SENDYS Explorer Wins Editor’s Choice Award ACQUISITIONS VOX POP 60 SECONDS... DMC Canotec acquires Impact of the DX Gary Tierney, HP United Carlton economy on the print industry PAGE 34 PAGE 42 PAGE 50 WHAT'S NEW M-Files extends Salesforce Customer 360 M Files for Salesforce seamlessly Business, SharePoint, Dropbox, Google integrates M-Files content services Drive, Box, legacy ECM systems, such directly within the familiar as OpenText, and ERP applications, like Salesforce user interface, providing NetSuite and SAP. easy access to out-of-the-box M-Files for Salesforce employs AI document management, compliance to automatically extract information Simple, secure Wi-Fi and governance features via the user insights and important relationships to Aruba Instant On is a new family interface where Salesforce users establish context, such as the customer of powerful and secure wireless spend most of their time throughout relationship, so documents and other solutions designed to address the day. important data automatically and the current and future needs of M-Files for Salesforce brings a full set dynamically ‘show up’ where and when small businesses with capacity for of purpose-built, AI-powered information they’re needed. Modern AI-powered growth. The Instant On family will management capabilities to Salesforce, features, including auto tagging initially include indoor/outdoor Wi- including cloud and on-premises content and auto classification, create deep Fi access points (APs) designed to repositories, version history, security, insights into the meaning, value and deliver secure, high speed wireless collaboration, workflows, eSignatures, sensitivity of information. -
Ovirt and Docker Integration
oVirt and Docker Integration October 2014 Federico Simoncelli Principal Software Engineer – Red Hat oVirt and Docker Integration, Oct 2014 1 Agenda ● Deploying an Application (Old-Fashion and Docker) ● Ecosystem: Kubernetes and Project Atomic ● Current Status of Integration ● oVirt Docker User-Interface Plugin ● “Dockerized” oVirt Engine ● Docker on Virtualization ● Possible Future Integration ● Managing Containers as VMs ● Future Multi-Purpose Data Center oVirt and Docker Integration, Oct 2014 2 Deploying an Application (Old-Fashion) ● Deploying an instance of Etherpad # yum search etherpad Warning: No matches found for: etherpad No matches found $ unzip etherpad-lite-1.4.1.zip $ cd etherpad-lite-1.4.1 $ vim README.md ... ## GNU/Linux and other UNIX-like systems You'll need gzip, git, curl, libssl develop libraries, python and gcc. *For Debian/Ubuntu*: `apt-get install gzip git-core curl python libssl-dev pkg- config build-essential` *For Fedora/CentOS*: `yum install gzip git-core curl python openssl-devel && yum groupinstall "Development Tools"` *For FreeBSD*: `portinstall node, npm, git (optional)` Additionally, you'll need [node.js](http://nodejs.org) installed, Ideally the latest stable version, be careful of installing nodejs from apt. ... oVirt and Docker Integration, Oct 2014 3 Installing Dependencies (Old-Fashion) ● 134 new packages required $ yum install gzip git-core curl python openssl-devel Transaction Summary ================================================================================ Install 2 Packages (+14 Dependent -
Erlang on Physical Machine
on $ whoami Name: Zvi Avraham E-mail: [email protected] /ˈkɒm. pɑː(ɹ)t. mɛntl̩. aɪˌzeɪ. ʃən/ Physicalization • The opposite of Virtualization • dedicated machines • no virtualization overhead • no noisy neighbors – nobody stealing your CPU cycles, IOPS or bandwidth – your EC2 instance may have a Netflix “roommate” ;) • Mostly used by ARM-based public clouds • also called Bare Metal or HPC clouds Sandbox – a virtual container in which untrusted code can be safely run Sandbox examples: ZeroVM & AWS Lambda based on Google Native Client: A Sandbox for Portable, Untrusted x86 Native Code Compartmentalization in terms of Virtualization Physicalization No Virtualization Virtualization HW-level Virtualization Containerization OS-level Virtualization Sandboxing Userspace-level Virtualization* Cloud runs on virtual HW HARDWARE Does the OS on your Cloud instance still supports floppy drive? $ ls /dev on Ubuntu 14.04 AWS EC2 instance • 64 teletype devices? • Sound? • 32 serial ports? • VGA? “It’s DUPLICATED on so many LAYERS” Application + Configuration process* OS Middleware (Spring/OTP) Container Managed Runtime (JVM/BEAM) VM Guest Container OS Container Guest OS Hypervisor Hardware We run Single App per VM APPS We run in Single User mode USERS Minimalistic Linux OSes • Embedded Linux versions • DamnSmall Linux • Linux with BusyBox Min. Linux OSes for Containers JeOS – “Just Enough OS” • CoreOS • RancherOS • RedHat Project Atomic • VMware Photon • Intel Clear Linux • Hyper # of Processes and Threads per OS OSv + CLI RancherOS processes CoreOS threads -
Nutanix and Aviatrix Cloud Interconnect (ACX)
Nutanix and Aviatrix Cloud InterConnect (ACX) “Aviatrix’s disruptive vision is to Nutanix makes infrastructure invisible, elevating IT to focus on the applications make hybrid cloud networking and services that power their business. The Nutanix enterprise cloud platform as simple, dynamic, and elastic leverages web-scale engineering and consumer-grade design to natively con- as compute and storage,” said verge compute, virtualization and storage into a resilient, software-defined Steven Mih, CEO of Aviatrix. solution with rich machine intelligence. Nutanix has helped large and small IT This solution brings one-click organizations simplify their datacenter and gain predictable performance, linear hybrid cloud networking to scalability, and cloud-like infrastructure consumption. Nutanix Calm supercharges Nutanix’s hyper converged this with multicloud application-centric orchestration and automation. compute, storage and virtualization stack.” Aviatrix provides a comprehensive software solution for all-inclusive secure connectivity between enterprise data center and public cloud regions, leading cloud providers, and direct user access to clouds. The Aviatrix one-click hybrid cloud networking solution is a software-only solution built from the ground up for Amazon Web Services, Microsoft Azure, and Google Cloud environments and enables enterprises to realize the benefits of agility, flexibility, and simplicity when migrating applications to the cloud. This flexible joint solution brings together the Nutanix Enterprise Cloud Platform and Nutanix Calm with Aviatrix’s powerful hybrid cloud networking to enable enterprises build next generation hybrid cloud environments and compelling benefits to leverage private and public cloud resources. COMMON HYBRID CLOUD USE CASES Private Public Dev On Prem Elastic Capacity the Cloud Elastic Compute / Storage Dev / Ops in the Data Analytics / Storage in Cloud Disaster Recovery / High Availability DC / Private Public ©2019 Nutanix, Inc. -
Container and Kernel-Based Virtual Machine (KVM) Virtualization for Network Function Virtualization (NFV)
Container and Kernel-Based Virtual Machine (KVM) Virtualization for Network Function Virtualization (NFV) White Paper August 2015 Order Number: 332860-001US YouLegal Lines andmay Disclaimers not use or facilitate the use of this document in connection with any infringement or other legal analysis concerning Intel products described herein. You agree to grant Intel a non-exclusive, royalty-free license to any patent claim thereafter drafted which includes subject matter disclosed herein. No license (express or implied, by estoppel or otherwise) to any intellectual property rights is granted by this document. All information provided here is subject to change without notice. Contact your Intel representative to obtain the latest Intel product specifications and roadmaps. The products described may contain design defects or errors known as errata which may cause the product to deviate from published specifications. Current characterized errata are available on request. Copies of documents which have an order number and are referenced in this document may be obtained by calling 1-800-548-4725 or by visiting: http://www.intel.com/ design/literature.htm. Intel technologies’ features and benefits depend on system configuration and may require enabled hardware, software or service activation. Learn more at http:// www.intel.com/ or from the OEM or retailer. Results have been estimated or simulated using internal Intel analysis or architecture simulation or modeling, and provided to you for informational purposes. Any differences in your system hardware, software or configuration may affect your actual performance. For more complete information about performance and benchmark results, visit www.intel.com/benchmarks. Tests document performance of components on a particular test, in specific systems.