Oktober 2016 - Seite 44 von 145 - Cloud Computing Köln

Carl Court / Getty Images

On 29 November 2010, then US secretary of state Hillary Clinton stepped out in front of reporters to condemn the release of classified documents by WikiLeaks and five major news organisations the previous day.

WikiLeaks' release, she said, “puts people’s lives in danger”, “threatens our national security”, and “undermines our efforts to work with other countries”.

“Releasing them poses real risks to real people,” she noted, adding, “We are taking aggressive steps to hold responsible those who stole this information.”

Julian Assange watched that message on a television in the corner of a living room in Ellingham Hall, a stately home in rural Norfolk, around 120 miles away from London.

I was sitting around 8ft away from him as he did so, the room’s antique furniture and rugs strewn with laptops, cables, and the mess of a tiny organisation orchestrating the world’s biggest news story.

Minutes later, the roar of a military jet sounded sharply overhead. I looked around the room and could see everyone thinking the same thing, but no one wanting to say it. Surely not. Surely? Of course, the jet passed harmlessly overhead – Ellingham Hall is not far from a Royal Air Force base – but such was the pressure, the adrenaline, and the paranoia in the room around Assange at that time that nothing felt impossible.

Spending those few months at such close proximity to Assange and his confidants, and experiencing first-hand the pressures exerted on those there, have given me a particular insight into how WikiLeaks has become what it is today.

To an outsider, the WikiLeaks of 2016 looks totally unrelated to the WikiLeaks of 2010. Then it was a darling of many of the liberal left, working with some of the world’s most respected newspapers and exposing the truth behind drone killing, civilian deaths in Afghanistan and Iraq, and surveillance of top UN officials.

Now it is the darling of the alt-right, revealing hacked emails seemingly to influence a presidential contest, claiming the US election is “rigged”, and descending into conspiracy. Just this week on Twitter, it described the deaths by natural causes of two of its supporters as a “bloody year for WikiLeaks”, and warned of media outlets “controlled by” members of the Rothschild family – a common anti-Semitic trope.

The questions asked about the organisation and its leader are often the wrong ones: How has WikiLeaks changed so much? Is Julian Assange the catspaw of Vladimir Putin? Is WikiLeaks endorsing a president candidate who has been described as racist, misogynistic, xenophobic, and more?

These questions miss a broader truth: Neither Assange nor WikiLeaks (and the two are virtually one and the same thing) have changed – the world they operate in has. WikiLeaks is in many ways the same bold, reckless, paranoid creation that once it was, but how that manifests, and who cheers it on, has changed.

Julian Assange in the grounds of Ellingham Hall in December 2010.

Carl Court / AFP / Getty Images

The cable release

Clinton’s condemnation of WikiLeaks and its partners’ release of classified cables was a simple requirement of her job. Even had she privately been an ardent admirer of the site – which seems unlikely – doing anything other than strongly condemning the leak was nonetheless never an option.

That’s not how it felt to anyone inside WikiLeaks at that moment, though. It was an anxiety-inducing time. WikiLeaks was the subject of every cable TV discussion and every newspaper front page, and press packs swarmed the gates of every address even tenuously connected to it. Commentators called for arrest, deportation, rendition, or even assassination of Assange and his associates.

At the same time, WikiLeaks was having its payment accounts frozen by Visa and Mastercard, Amazon Web Services pulled hosting support, and Assange was jailed for a week in the UK (before being bailed) on unrelated charges relating to alleged sexual offences in Sweden.

Inside WikiLeaks, a tiny organisation with only a few hundred thousand dollars in the bank, such pressure felt immense. Most of the handful of people within came from a left-wing activist background, many were young and inexperienced, and few had much trust of the US government – especially after months of reading cables of US mistakes and overreactions in the Afghan and Iraq war logs, often with tragic consequences.

How might the US react, or overreact, this time? WikiLeaks was afraid of legal or extralegal consequences against Assange or other staff. WikiLeakers were angry at US corporations creating a financial blockade against the organisation with no court ruling or judgments – just a press statement from a US senator.

And the figurehead of this whole response was none other than Hillary Clinton. For Assange, to an extent, this is personal.

Hillary Clinton in 2010, giving remarks condemning WikiLeaks&039; release of classified embassy cables.

Win Mcnamee / Getty Images

In the room

It’s unfair, or at least an oversimplification, to say Assange is anti-American. He would say he supports the American people but believes its government, its politics, and its corporations are corrupt.

A result of this is that he doesn’t see the world in the way many Americans do, and has no intrinsic aversion to Putin or other strongmen with questionable democratic credentials on the world stage.

This shows in some of his supporters. A few days after Assange arrived with me and a few others at Ellingham Hall, an older man, introduced to us as “Adam”, turned up. Assange had invited independent freelance journalists from around the world to the country house to see cables relating to their country – usually no more than a few thousand at a time.

“Adam” was different: He immediately asked for everything relating to Russia, eastern Europe, and Israel – and got it, more than 100,000 documents in all. A few stray comments of his about “Jews” prompted a few concerns on my part, dismissed quickly by another WikiLeaker – “don’t be silly… He’s Jewish himself, isn’t he?”

A short while later, I learned “Adam”&039;s real identity, or at least the name he most often uses: He was Israel Shamir, a known pro-Kremlin and anti-Semitic writer. He had been photographed leaving the internal ministry of Belarus, and a free speech charity was concerned this meant the country’s dictator had access to the cables and their information on opposition groups in the country.

Assange showed no concern at these allegations, dismissing and ignoring them until the media required a response. Assange simply denied Shamir had ever had access to any documents.

This was untrue, Assange knew it was untrue, and I knew it was untrue — it was me, at Assange’s instructions, who gave them to him. A few days later, a reporter at a Russian publication wrote to WikiLeaks.

“I really can&039;t understand why Wikileaks is just cooperating with the magazine Russian reporter which never had a record of even slightly critising [sic] the Russian government,” they wrote.

“I contacted the person responsible for contacts with Wikileaks in Russia (Israel Shamir) but he told me we could not look at the cables ourselves and requested money which is not very convenient for us (not because of money but because we would like to go through the files as well).”

Anti-Semitism never seemed a major part of Assange’s agenda – I never heard him say a remark I caught as problematic in this way – but it was something he was happy to conveniently ignore in others. Support for Russia or its strongmen eastern European allies was much the same: tolerable for those who otherwise are allies of WikiLeaks and do as Assange says.

WikiLeaks has never had a problem with Russia: not then, not now.

A supporter of Julian Assange outside Ecuador&039;s London embassy at a protest in 2012.

Oli Scarff / Getty Images

A certain resemblance

Assange is routinely either so lionised by supporters or demonised by detractors that his real character is lost entirely.

Far from the laptop-obsessed autist he’s often seen as, he’s a charismatic speaker with an easy ability to dominate a room or a conversation. He may have little interest in listening to those around, but he can tell whether or not he has your attention and change his manner to capture it. He has, time and again, proven to be a savvy media manipulator, marching the mainstream media up the hill and down again to often damp-squib press conferences. His technical skills are not in doubt.

What’s often underestimated is his gift for bullshit. Assange can, and does, routinely tell obvious lies: WikiLeaks has deep and involved procedures; WikiLeaks was founded by a group of 12 activists, primarily from China; Israel Shamir never had cables; we have received information that [insert name of WikiLeaks critic] has ties to US intelligence.

At times, these lies are harmless and brilliant. When, on the day the state cables launched, WikiLeaks’ site wasn’t ready (we hadn’t even written the introductory text), the site was kept offline after a short DDoS attack, so Assange took the opportunity to tweet that the site was under an unprecedentedly huge attack to give us time to get the site together.

Six hours later, when we were done, all eyes were looking: What was so bad in the cables that someone was working so hard to keep the site offline? The dramatic flourish worked, but other lies were dumb and damaging – and quickly eroded any kind of trust for those trying to work closely with him.

Redaction – possibly one of the clearest apparent changes between 2010 and 2016 WikiLeaks – became one of these trust issues. For Assange, redacting releases was essentially an issue of expediency: It would remove an attack line from the Pentagon and state, and keep media partners onside. For media outlets, it was the only responsible way to release such sensitive information.

These days, WikiLeaks routinely publishes information without redaction, and seemingly with only minimal pre-vetting. This is merely a change in expediency: There are no longer newspaper partners to keep onside. The results are a partial vindication for both sides – while it&039;s hard to dispute that some of WikiLeaks&039; publication of private data has been needlessly reckless and invasive, there remains no evidence of any direct harm coming to someone as a result of a WikiLeaks release.

Conversely, Assange often trusts strangers more than those he knows well: He dislikes taking advice, he dislikes anyone else having a power base, and he dislikes being challenged – especially by women. He runs his own show his own way, and won’t delegate. He’s happy to play on the conspiratorial urges of others, with little sign as to whether or not he believes them himself.

There are few limits to how far Assange will go to try to control those around him. Those working at WikiLeaks – a radical transparency organisation based on the idea that all power must be accountable – were asked to sign a sweeping nondisclosure agreement covering all conversations, conduct, and material, with Assange having sole power over disclosure. The penalty for noncompliance was £12 million.

I refused to sign the document, which was sprung on me on what was supposed to be a short trip to a country house used by WikiLeaks. The others present – all of whom had signed without reading – then alternately pressured, cajoled, persuaded, charmed, and pestered me to sign it, alone and in groups, until well past 4am.

Given how remote the house was, there was no prospect of leaving. I stayed the night, only to be woken very early by Assange, sitting on my bed, prodding me in the face with a stuffed giraffe, immediately once again pressuring me to sign. It was two hours later before I could get Assange off the bed so I could (finally) get some pants on, and many hours more until I managed to leave the house without signing the ridiculous contract. An apologetic staffer present for the farce later admitted they&039;d been under orders to “psychologically pressure” me until I signed.

And once you have fallen foul of Assange — challenged him too openly, criticised him in public, not toed the line loyally enough — you are done. There is no such thing as honest disagreement, no such thing as a loyal opposition differing on a policy or political stance.

To criticise Assange is to be a careerist, to sell your soul for power or advantage, to be a spy or an informer. To save readers a Google search or two, he would tell you I was in WikiLeaks as an “intern” for a period of “weeks”, and during that time acted as a mole for The Guardian, stole documents, and had potential ties to MI5. Compared to some who’ve criticised Assange, I got off fairly lightly.

Those who have faced the greatest torments are, of course, the two women who accused Assange of sexual offences in Sweden in the summer of 2010. The details of what happened over those few days remain a matter for the Swedish justice system, not speculation, but having seen and heard Assange and those around him discuss the case, having read out the court documents, and having followed the extradition case in the UK all the way to the supreme court, I know it is a real, complicated sexual assault and rape case. It is no CIA smear, and it relates to Assange&039;s role at WikiLeaks only in that his work there is how they met.

Assange&039;s decision – and it was a decision – to elide his Swedish case with any possible US prosecution was a cynical one. It led many to support his cause alongside those of Chelsea Manning or Edward Snowden. And yet it is more difficult, not easier, to extradite Assange to the US from Sweden than from the UK, should Washington even wish to do so.

Assange coming to believe his own spin may be what&039;s been behind six years of effective imprisonment for him. No one is keeping him in the Ecuadorian embassy – where he has fallen out with his hosts – but himself, and a fear of losing face. But the women who began the case have lost at least as much, becoming for months and years two of the most hated figures on the internet, smeared as “whores”, “CIA spies”, and more. They will never get their time back.

Four photos of Julian Assange&039;s room in Ecuador&039;s London embassy, prepared for an internal report following an incident in which officials believe Assange toppled a bookshelf.

Ecuadorian government report / Via buzzfeed.com

How it ends

All of this is the cocktail of ingredients that produces 2016’s incarnation of WikiLeaks. Julian Assange mistrusts the US government, dislikes Hillary Clinton, and has spent years trapped in a small embassy flat in west London, in declining physical and psychological health, monitored minute-by-minute in reports filed by his wary Ecuadorian hosts.

Assange would not, in my view, ever knowingly be a willing tool of the Russian state: If Putin came and gave him a set of orders, they’d be ignored. But if an anonymous or pseudonymous group came offering anti-Clinton leaks, they’d have found a host happy not to ask too many awkward questions: He’s set up almost perfectly to post them and to push for them to have the biggest impact they can.

The poet Humbert Wolfe wrote, “You cannot hope to bribe or twist / (thank God&#033 the British journalist. / But, seeing what the man will do / unbribed, there&039;s no occasion to.” Such is Russia’s good fortune with Assange. If it is indeed Russia behind the leaks, as US intelligence has reported, he will need no underhanded deals or motives to do roughly as they’d hope. He would do that of his own free will.

The question is whether Assange will end up disappointed. Assange believes WikiLeaks was a primary driver of the Arab Spring, which led to major uprisings in around a dozen countries. This is the stage on which Assange believes he plays — the equal of a world leader, still the biggest story in the world.

For a time, he was. While the extent of WikiLeaks&039; role in the Arab Spring remains a matter for debate, Assange was at the forefront of an information revelation. His attempts to regain the spotlight in the meantime have largely failed.

WikiLeaks has republished public information as if a leak, published hacks obtained by Anonymous and Lulzsec for only moderate impact, and released email caches of private intelligence companies of much less significance than what went before. Even Assange&039;s attempt to aid Edward Snowden was largely botched, leaving the whistleblower stranded in a Moscow airport for weeks. In recent weeks, Snowden has publicly clashed with Assange over the latter&039;s handling of the Democratic National Committee leaks.

Assange&039;s approach has taken WikiLeaks from the most powerful and connected force of a new journalistic era to a back-bedroom operation run at the tolerance (or otherwise) of Ecuador’s government. This is his shot at reclaiming the world stage, and settling a score with Hillary Clinton as he does so.

Assange is a gifted public speaker, with a talent for playing the media, struggling with an inability to scale up and professionalise his operation, to take advice; a man whose mission was often left on a backburner in his efforts to demonise his opponents.

These are traits often ascribed to Donald Trump, the main beneficiary of WikiLeaks’ activities through the reaction, and its modern-day champion during presidential debates. Those traits have left Assange a four-year resident of a Harrods hamper–laden single room in a London embassy.

It remains to be seen what they’ll do for Donald Trump.

Quelle: <a href="Inside The Strange, Paranoid World Of Julian Assange“>BuzzFeed

25. Oktober 201625. Oktober 2016

da Agency

Announcing Azure Storage Client Library GA for Xamarin

We are pleased to announce the general availability release of the Azure Storage client library for Xamarin. Xamarin is a leading mobile app development platform that allows developers to use a shared C# codebase to create iOS, Android, and Windows Store apps with native user interfaces. We believe the Azure Storage library for Xamarin will be instrumental in helping provide delightful developer experiences and enabling an end-to-end mobile-first, cloud-first experience. We would like to thank everyone who has leveraged previews of Azure Storage for Xamarin and provided valuable feedback.

The sources for the Xamarin release are the same as the Azure Storage .Net client library and can be found on Github. The installable package can be downloaded from nuget (version 7.2 and beyond) or from Azure SDK (version 2.9.5 and beyond) and installed via the Web Platform installer. This generally available release supports all features up to and included in the 2015-12-11 REST version.

Getting started is very easy. Simply follow the steps below:

Install Xamarin SDK and tools and any language specific emulators as necessary: For instance, you can install the Android KitKat emulator.
Create a new Xamarin project and install the Azure Storage nuget package version 7.2 or higher in your project and add Storage specific code.
Compile, build and run the solution. You can run against a phone emulator or an actual device. Likewise you can connect to the Azure Storage service or the Azure Storage emulator.

Please see our Getting Started Docs and the reference documentation to learn how you can get started with the Xamarin client library and build applications that leverage Azure Storage features.

We currently support shared asset projects (e.g., Native Shared, Xamarin.Forms Shared), Xamarin.iOS and Xamarin.Android projects. This Storage library leverages the .Net Standard runtime library that can be run on Windows, Linux and MacOS. Learn about .Net Standard library and .Net Core. Learn about Xamarin support for .Net Standard.

As always, we continue to do our work in the public GitHub development branch for visibility and transparency. We are working on building code samples in our Azure Storage samples repository to help you better leverage the Azure Storage service and the Xamarin library capabilities. A Xamarin image uploader sample is already available for you to review/ download. If you have any requests on specific scenarios you'd like to see as samples, please let us know or feel free to contribute as a valued member of the developer community. Community feedback is very important to us.

Enjoy the Xamarin Azure Storage experience!

Thank you

Dinesh Murthy, Michael Roberson, Michael Curd, Elham Rezvani, Peter Marino and the Azure Storage Team.
Quelle: Azure

25. Oktober 201625. Oktober 2016

da Agency

Is your cloud strategy ready for the cognitive era?

This morning, IBM World of Watson 2016 welcomed thousands to explore the latest developments in the cognitive era of computing. Conversations are buzzing about the intelligence that will reshape the trajectory of business. I’m here on the ground, and the energy is electrifying.
Cognitive capabilities, endless possibilities
World of Watson spotlights the future of cognitive computing. But cognitive apps are here. They’re delivering powerful insights and amazing experiences, on IBM Cloud. Take the Seiko M-Tracer Golf Swing Analyzer, an app that connects with IBM Cloud to let golfers immediately analyze performance data like attack angle, club path and club head speed.
Or take the app Walk and Explore New York, a personalized tour guide that customizes an itinerary just for you. If Watson predicts bad weather will affect your trip, it will automatically adjust your itinerary.
Insights become action. Cool stuff.
A better cloud drives innovation
Moving to the cloud is no longer just a step on the path to your company’s future. Cloud technology delivers low-cost storage and app hosting, even at massive scales. But the cloud is no longer just about IT cost and speed.
The cloud is the foundation of business transformation.
It’s the platform that unlocks value and enables better decisions. IBM Cloud is transforming cloud so companies can create new business models and industry categories. We aim to drive business innovation: massive Internet of Things deployments, blockchain technology, those experience-rich cognitive apps and much more. Only IBM Cloud gives businesses the ability to unlock new value from their data — and the freedom and flexibility to do it how they want to.
Building the best cloud for your business
So how can you unleash a cognitive-ready cloud for your business? I believe companies succeed when they have the resources and flexibility to build exactly the cloud they need. There shouldn’t be limits to what you can do with cloud. Some of our competitors lock in a business’ data on their proprietary cloud. When you need to move data, you’re hit with data transfer fees. It can feel like paying ransom.
IBM Cloud makes it easy to expand into the public cloud and quickly realize its speed and cost benefits. For most companies, the optimal cloud strategy is a hybrid cloud approach. We can help you integrate your public cloud-based applications, services and data with your existing on-premises systems. If you can connect systems across your entire business, you can achieve maximum value from all of your data.
This is amplified by a new IBM announcement. IBM Cloud Object Storage sets us apart from the competition and helps you realize your data’s true potential.
Drawing from hundreds of patents, Cloud Object Storage enables you to deploy solutions flexibly, on-premises and across the public cloud. You get access to more than 45 global data centers to maximize data security. The best part? All of this costs less than other cloud storage providers, so you can use more your cloud investment to build apps and businesses.
IBM is continuously advancing what’s possible with #cloud computing. I know World of Watson attendees will enjoy learning about the emerging technologies that only IBM Cloud can enable in the cognitive era. Explore capabilities and demos at our cloud site, and check out success story videos to see how businesses are realizing their ambitions with cloud.
The post Is your cloud strategy ready for the cognitive era? appeared first on Cloud computing news.
Quelle: Thoughts on Cloud

25. Oktober 201625. Oktober 2016

da Agency

Now shipping: Windows Server 2016 images on Google Compute Engine

Posted by Amruta Gulanikar, Product Manager

The Google Cloud Platform (GCP) team is working hard to make GCP the best environment to run enterprise Windows workloads. To that end, we’re happy to announce support for Windows Server 2016 Datacenter Edition, the latest version of Microsoft’s server operating system, on Google Compute Engine. Starting this week, you can launch instances with Google Compute Engine VM images with Microsoft Windows Server 2016 preinstalled. In addition, we now also support images for Microsoft SQL Server 2016 with Windows Server 2016. Specifically, we now support the following versions in GA:

Windows Server 2016 Datacenter Edition
SQL Server Standard 2016 with Windows Server 2016
SQL Server Web 2016 with Windows Server 2016
SQL Server Express 2016 with Windows Server 2016
SQL Server Standard (2012, 2014, 2016) with Windows Server 2012 R2
SQL Server Web (2012, 2014, 2016) with Windows Server 2012 R2
SQL Server Express (2012, 2014, 2016) with Windows Server 2012 R2
and coming soon, SQL Server Enterprise (2012, 2014, 2016) with Windows Server (2012, 2016)

Enterprise customers can leverage Windows Server 2016’s advanced multi-layer security, powerful storage and management capabilities and support for Windows containers. Windows runs on Google’s world-class infrastructure, with dramatic price-to-performance advantages, customizable VM sizes, and state-of-the-art networking and security capabilities. In addition, pricing for Windows Server 2016 and SQL Server 2016 remains the same as previous versions of both products.

Getting started
Sign up for a free trial to deploy your Windows applications and receive a $300 credit. Use this credit toward spinning up instances with pre-configured images for Windows Server, Microsoft SQL Server and your .NET applications. You can create instances directly from the Cloud Console or launch a solution for Windows Server from Cloud Launcher. Here’s the detailed documentation on how to create Microsoft Windows Server and SQL Server instances on GCP.

(click to enlarge)

The team is continuing the momentum for Windows on GCP since we announced comprehensive .NET developer solutions back in August, including a .NET client library for all Cloud Platform APIs available through NuGet. The Cloud Platform team has hand-authored libraries for Cloud Platform APIs available as open source projects on GitHub to which the community continues to collaborate and add features. Learn how to build ASP.NET applications on GCP, or check out more resources on Windows Server and Microsoft SQL Server on GCP at cloud.google.com/windows and cloud.google.com/sql-server. If you need help migrating your Windows workloads, please contact the GCP team. We’re eager to hear your feedback!

Quelle: Google Cloud Platform

25. Oktober 201625. Oktober 2016

da Agency

ASR and Azure Hybrid Use Benefit make application migration to Azure even more cost-effective

Hybrid Use Benefit (HUB) lets Microsoft Software Assurance customers carry their on-premises Windows Server licenses to applications they move to Azure and easily extend their datacenter to the cloud. The HUB program, in addition to dramatic cost savings and asset productivity achieved by moving your applications to the industry’s leading hybrid enterprise public cloud, allows you to realize significant savings on licensing costs.

Azure Site Recovery (ASR) is the tool of choice for our customers to migrate applications to Azure. ASR provides minimum downtime, hassle free migration to Azure across virtualization platforms and physical servers. By letting you test your applications in Azure before you migrate, and offering one click application migration through recovery plans, ASR simplifies the process of migrating to Azure. ASR supports migration of a wide range of operating systems including Windows Server and various Linux distributions, no matter what platform your applications are running on. What’s more – migration using ASR is free! Yes, you read that right the first time, migration using ASR is free. For the first 31 days from the time you start replicating your server, you only pay for the storage you consume on Azure and for the compute you use to test migration.

Azure Site Recovery, now lets you leverage your Hybrid Use Benefit while migrating your Windows servers to Azure. In this blog post, I’ll show you how you can use ASR and HUB to migrate your Windows Server environments to Azure.

Getting setup with Azure Site Recovery

The first thing you want to do is to get setup with Azure Site Recovery and start replicating your applications to Azure. All of this can be done in a few simple steps, as outlined in the following articles

If you are virtualized on Hyper-V, follow this article to get your servers replicating to Azure.

If you are virtualized on VMware or running on Physical servers, follow this article to get started with replication.

HUB is only available on servers migrated to Azure Resource Model (ARM) virtual machines. Ensure that the storage account you select for replication is an ARM Storage account and not a Classic Storage Account.

Once initial replication completes, your servers reach the protected state in ASR, at which point you are ready to test and migrate your applications to Azure.

Use the Compute and Network configuration on the replicated item settings blade on the Azure portal to select the Azure virtual network and virtual machine size to migrate to.

Configure migration to use HUB

Once your servers are protected and you’ve validated your application in Azure by performing a test failover, all that’s left to do before you complete the migration is to configure ASR to use HUB while migrating your server. You can set this up in a few simple steps using Azure PowerShell. Get the latest version of Azure PowerShell from here. Ensure that you have the latest version of the AzureRM.SiteRecovery module (version 3.1.0 or later.)

PS C:Usersbsiva> Get-Module -ListAvailable AzureRm.SiteRecovery

Directory: C:Program Files (x86)Microsoft SDKsAzurePowerShellResourceManagerAzureResourceManager

ModuleType Version Name ExportedCommands
———- ——- —- —————-
Manifest 3.1.0 AzureRM.SiteRecovery {Get-AzureRmSiteRecoveryFabric, New-AzureRmSiteRecoveryFabric, Remove-AzureRmSiteRecoveryFabric, Stop-AzureRmSiteRecoveryJob…}

PS C:Usersbsiva> Login-AzureRmAccount

Environment : AzureCloud
Account : bsiva@microsoft.com
TenantId : xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
SubscriptionId : xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
SubscriptionName : ASR PM team subscription 5
CurrentStorageAccount :

PS C:Usersbsiva>
PS C:Usersbsiva>
PS C:Usersbsiva> Select-AzureRmSubscription -SubscriptionName "DR Hybrid Application Scenarios"

Set the Recovery Services vault context:

PS C:Usersbsiva> $vault = Get-AzureRmRecoveryServicesVault -Name "Contoso-RecoveryVault" PS C:Usersbsiva> Set-AzureRmSiteRecoveryVaultSettings -ARSVault $vault ResourceName ResourceGroupName ResourceNamespace ResouceType ———— —————– —————– ———– Contoso-RecoveryVault Contoso-Recovery Microsoft.RecoveryServices vaults

Get the list of replicating machines in the vault:

PS C:Usersbsiva> $ReplicatedItems = Get-AzureRmSiteRecoveryFabric | Get-AzureRmSiteRecoveryProtectionContainer | Get-AzureRmSiteRecoveryReplicationProtectedItem
PS C:Usersbsiva> $ReplicatedItems | Select-Object -Property FriendlyName

FriendlyName
————
Contoso-EngWikiDB
Contoso-PayrollDB

Set the HUB License Type for the machines that are being migrated:

PS C:Usersbsiva> $Job1 = Set-AzureRmSiteRecoveryReplicationProtectedItem -ReplicationProtectedItem $ReplicatedItems[0] -LicenseType WindowsServer

Validate that the ASR Job completed successfully:

PS C:Usersbsiva> Get-AzureRmSiteRecoveryJob -Job $Job1

Name : xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
ID : /Subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/Contoso-Recovery/providers/Microsoft.RecoveryServices/vaults/Contoso-RecoveryVault/repl
icationJobs/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxx
Type :
JobType : UpdateVmProperties
DisplayName : Update the virtual machine
ClientRequestId : xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx-2016-10-19 18:50:18Z-P ActivityId: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
State : Succeeded
StateDescription : Completed
StartTime : 10/20/2016 12:20:18 AM
EndTime : 10/20/2016 12:20:22 AM
TargetObjectId : xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
TargetObjectType : ProtectionEntity
TargetObjectName : Contoso-EngWikiDB
AllowedActions :
Tasks : {Update the virtual machine properties}
Errors : {}

And that’s it! You are now all set to migrate your application to Azure.

Migrate to Azure

With ASR now setup to let you migrate to Azure and benefit from HUB, all that’s left to do is the final step of migrating your application to Azure. You can do this from the Portal or using ASR PowerShell cmdlets. To do this from the portal, go to your Recovery Services vault, select the replicated machine or recovery plan if you’ve set one up, and select the Failover action.

Once the failover job completes successfully, you’ll find your migrated VM among the virtual machines in your subscription. Verify that your VM is utilizing the licensing benefit.

At this point you can clean up the replications you had setup in your Recovery services vault by selecting Complete Migration and retire the on-premises infrastructure that you were previously using to host your application.

Migrating to the cloud was never easier. With a few simple steps you can easily migrate your existing applications and benefit from the superior cloud economics and power of the hyper-scale platform that Azure is.

This is awesome, where do I learn more about leveraging ASR to provide business continuity for my IT infrastructure, or to migrate my applications to Azure?

You can check out additional product information, and start replicating your workloads to Microsoft Azure using Azure Site Recovery today. You can use the powerful replication capabilities of Site Recovery for 31 days at no charge for every new physical server or virtual machine that you replicate. Visit the Azure Site Recovery forum on MSDN for additional information and to engage with other customers, or use the ASR UserVoice to let us know what features you want us to enable next.

Azure Site Recovery, as part of Microsoft Operations Management Suite, enables you to gain control and manage your workloads no matter where they run (Azure, AWS, Windows Server, Linux, VMware or OpenStack) with a cost-effective, all-in-one cloud IT management solution. Existing System Center customers can take advantage of the Microsoft Operations Management Suite add-on, empowering them to do more by leveraging their current investments. Get access to all the new services that OMS offers, with a convenient step-up price for all existing System Center customers. You can also access only the IT management services that you need, enabling you to on-board quickly and have immediate value, paying only for the features that you use.
Quelle: Azure

25. Oktober 201625. Oktober 2016

da Agency

How We Architected and Run Kubernetes on OpenStack at Scale at Yahoo! JAPAN

Editor’s note: today’s post is by the Infrastructure Engineering team at Yahoo! JAPAN, talking about how they run OpenStack on Kubernetes. This post has been translated and edited for context with permission — originally published on the Yahoo! JAPAN engineering blog. IntroThis post outlines how Yahoo! JAPAN, with help from Google and Solinea, built an automation tool chain for “one-click” code deployment to Kubernetes running on OpenStack. We’ll also cover the basic security, networking, storage, and performance needs to ensure production readiness. Finally, we will discuss the ecosystem tools used to build the CI/CD pipeline, Kubernetes as a deployment platform on VMs/bare metal, and an overview of Kubernetes architecture to help you architect and deploy your own clusters. PrefaceSince our company started using OpenStack in 2012, our internal environment has changed quickly. Our initial goal of virtualizing hardware was achieved with OpenStack. However, due to the progress of cloud and container technology, we needed the capability to launch services on various platforms. This post will provide our example of taking applications running on OpenStack and porting them to Kubernetes.Coding LifecycleThe goal of this project is to create images for all required platforms from one application code, and deploy those images onto each platform. For example, when code is changed at the code registry, bare metal images, Docker containers and VM images are created by CI (continuous integration) tools, pushed into our image registry, then deployed to each infrastructure platform.We use following products in our CICD pipeline:FunctionProductCode registryGitHub EnterpriseCI toolsJenkinsImage registryArtifactoryBug tracking systemJIRAdeploying Bare metal platformOpenStack Ironicdeploying VM platformOpenStackdeploying container platformKubernetesImage Creation. Each image creation workflow is shown in the next diagram.VM Image Creation:push code to GitHubhook to Jenkins masterLaunch job at Jenkins slave checkout Packer repositoryRun Service JobExecute Packer by build scriptPacker start VM for OpenStack Glance Configure VM and install required applicationscreate snapshot and register to glanceDownload the new created image from GlanceUpload the image to ArtifactoryBare Metal Image Creation:push code to GitHubhook to Jenkins masterLaunch job at Jenkins slave checkout Packer repositoryRun Service JobDownload base bare metal image by build scriptbuild script execute diskimage-builder with Packer to create bare metal imageUpload new created image to GlanceUpload the image to ArtifactoryContainer Image Creation:push code to GitHubhook to Jenkins masterLaunch job at Jenkins slave checkout Dockerfile repositoryRun Service JobDownload base docker image from ArtifactoryIf no docker image found at Artifactory, download from Docker HubExecute docker build and create image Upload the image to ArtifactoryPlatform Architecture.Let’s focus on the container workflow to walk through how we use Kubernetes as a deployment platform. This platform architecture is as below.FunctionProductInfrastructure ServicesOpenStackContainer HostCentOSContainer Cluster ManagerKubernetesContainer NetworkingProject CalicoContainer EngineDockerContainer RegistryArtifactoryService RegistryetcdSource Code ManagementGitHub EnterpriseCI toolJenkinsInfrastructure ProvisioningTerraformLoggingFluentd, Elasticsearch, KibanaMetricsHeapster, Influxdb, GrafanaService MonitoringPrometheusWe use CentOS for Container Host (OpenStack instances) and install Docker, Kubernetes, Calico, etcd and so on. Of course, it is possible to run various container applications on Kubernetes. In fact, we run OpenStack as one of those applications. That’s right, OpenStack on Kubernetes on OpenStack. We currently have more than 30 OpenStack clusters, that quickly become hard to manage and operate. As such, we wanted to create a simple, base OpenStack cluster to provide the basic functionality needed for Kubernetes and make our OpenStack environment easier to manage.Kubernetes ArchitectureLet me explain Kubernetes architecture in some more detail. The architecture diagram is below.ProductDescriptionOpenStack KeystoneKubernetes Authentication and AuthorizationOpenStack CinderExternal volume used from Pod (grouping of multiple containers) kube-apiserverConfigure and validate objects like Pod or Services (definition of access to services in container) through REST API kube-schedulerAllocate Pods to each nodekube-controller-managerExecute Status management, manage replication controllerkubeletRun on each node as agent and manage PodcalicoEnable inter-Pod connection using BGPkube-proxyConfigure iptable NAT tables to configure IP and load balance (ClusterIP)etcdDistribute KVS to store Kubernetes and Calico informationetcd-proxyRun on each node and transfer client request to etcd clustersTenant Isolation To enable multi-tenant usage like OpenStack, we utilize OpenStack Keystone for authentication and authorization.Authentication With a Kubernetes plugin, OpenStack Keystone can be used for Authentication. By Adding authURL of Keystone at startup Kubernetes API server, we can use OpenStack OS_USERNAME and OS_PASSWORD for Authentication. AuthorizationWe currently use the ABAC (Attribute-Based Access Control) mode of Kubernetes Authorization. We worked with a consulting company, Solinea, who helped create a utility to convert OpenStack Keystone user and tenant information to Kubernetes JSON policy file that maps Kubernetes ABAC user and namespace information to OpenStack tenants. We then specify that policy file when launching Kubernetes API Server. This utility also creates namespaces from tenant information. These configurations enable Kubernetes to authenticate with OpenStack Keystone and operate in authorized namespaces. Volumes and Data Persistence Kubernetes provides “Persistent Volumes” subsystem which works as persistent storage for Pods. “Persistent Volumes” is capable to support cloud-provider storage, it is possible to utilize OpenStack cinder-volume by using OpenStack as cloud provider. NetworkingFlannel and various networking exists as networking model for Kubernetes, we used Project Calico for this project. Yahoo! JAPAN recommends to build data center with pure L3 networking like redistribute ARP validation or IP CLOS networking, Project Calico matches this direction. When we apply overlay model like Flannel, we cannot access to Pod IP from outside of Kubernetes clusters. But Project Calico makes it possible. We also use Project Calico for Load Balancing we describe later.In Project Calico, broadcast production IP by BGP working on BIRD containers (OSS routing software) launched on each nodes of Kubernetes. By default, it broadcast in cluster only. By setting peering routers outside of clusters, it makes it possible to access a Pod from outside of the clusters. External Service Load BalancingThere are multiple choices of external service load balancers (access to services from outside of clusters) for Kubernetes such as NodePort, LoadBalancer and Ingress. We could not find solution which exactly matches our requirements. However, we found a solution that almost matches our requirements by broadcasting Cluster IP used for Internal Service Load Balancing (access to services from inside of clusters) with Project Calico BGP which enable External Load Balancing at Layer 4 from outside of clusters.Service Discovery Service Discovery is possible at Kubernetes by using SkyDNS addon. This is provided as cluster internal service, it is accessible in cluster like ClusterIP. By broadcasting ClusterIP by BGP, name resolution works from outside of clusters. By combination of Image creation workflow and Kubernetes, we built the following tool chain which makes it easy from code push to deployment.SummaryIn summary, by combining Image creation workflows and Kubernetes, Yahoo! JAPAN, with help from Google and Solinea, successfully built an automated tool chain which makes it easy to go from code push to deployment, while taking multi-tenancy, authn/authz, storage, networking, service discovery and other necessary factors for production deployment. We hope you found the discussion of ecosystem tools used to build the CI/CD pipeline, Kubernetes as a deployment platform on VMs/bare-metal, and the overview of Kubernetes architecture to help you architect and deploy your own clusters. Thank you to all of the people who helped with this project. –Norifumi Matsuya, Hirotaka Ichikawa, Masaharu Miyamoto and Yuta Kinoshita. This post has been translated and edited for context with permission — originally published on the Yahoo! JAPAN engineer blog where this was one in a series of posts focused on Kubernetes.
Quelle: kubernetes