Archive

Archive for 2011年4月

一个非常不错的产品NxTop

四月 26, 2011 留下评论

这两天发现了一个非常不错的产品NxTop,是一款客户端虚拟化的产品,但是创意非常的不错,提供如VmWare ESX和Xen Server服务器虚拟化产品类似的功能,也提供Bare-Metal接近裸机的性能,但是却是构建在客户端上,在一个客户端上提供多个虚系统的能力,同时也提供分层架构的集中式管理能力,帮助企业集中部署与管理大量的客户端。


NxTop Engine

NxTop Engine is a complete platform for the desktop that provides a more powerful, yet safe and secure Windows experience for the user. It includes:

  • The industry’s first “bare-metal” client hypervisor (lies between the operating system and hardware) that makes it easy to run multiple operating systems on a single PC, enabling powerful new computing models while improving PC security and reliability. Users can create their own personal virtual machines running alongside corporate virtual machines with full isolation.
  • NxTop Connect, an embedded virtual appliance that can boot up in seconds to provide seamless access to server- and cloud-based applications and server-hosted desktops from all major VDI vendors. Pre-loaded applications include Google Chrome, Skype, and RDP client. NxTop Connect can run standalone on the desktop as thin client or alongside locally executing virtual machines.
  • Full disk encryption, providing assurance that sensitive data will be kept safe in the event of a lost or stolen PC.

Use NxTop Engine to separate business and personal activities into discrete, secure desktops without sacrificing convenience. Multiple desktops can be used for:

  • Separating personal and business uses to protect business content from spyware and malware and maximize its performance and stability. Especially important with BYOPC initiatives.
  • Creating separate “sandbox” environments for experimenting with new applications without putting your primary desktop at risk.
  • Running the latest operating systems alongside older versions, eliminating application compatibility headaches and enabling a smoother more controlled migration to new systems.
  • Launch cloud- and server-based applications immediately, even while the operating system is booting up.

Why NxTop Engine?

True “Bare-Metal” Performance and Security

Earlier approaches for running virtual desktops on PCs still require a host operating system, reducing performance, stability, and security. The NxTop Engine hypervisor brings virtual machine execution down to the “bare-metal” PC hardware. The result: multiple Windows desktops can run on the same PC with near-native performance. In addition, all desktops execute in complete isolation. Malware or instability in one desktop will in no way affect any others.

Unmatched Hardware Compatibility

NxTop Engine has the industry’s broadest hardware compatibility list, spanning hundreds of popular new and old PC models and their components:

  • Intel: Any multi-core CPU with VT-x
  • AMD: Any multi-core CPU with AMD-V
  • Enhanced Graphics: Recent graphics chipsets from Intel, NVIDIA, and ATI
  • 3G/4G Modems: Integrated and USB-based 3G/4G broadband modems
  • USB: All categories of USB devices including web-cams and other multi-function devices along with policy based filtering/enabling
  • Serial Ports: Access to older printer devices used in banking and health-care environments
  • 64-bit Guest OS: 32-bit and 64-bit Windows configurations
Improved User Experience

NxTop Engine extends to all core system functions, ensuring that key PC features such as networking (wired, wireless, and 3G/4G broadband), power management, multi-monitor functions, and suspend/resume work flawlessly—in many cases better than the native operating system.


明显看出NxTop与服务器虚拟化产品有很大的不同:

  1. 支持大量客户端硬件
  2. 支持大量客户端功能需求
  3. 充分考虑了客户端操作的友好性下面是NxTop Engine的架构:

Hypervisor采用的是Xen Server技术,但是比Xen Server支持的特性更加丰富,如CPU类型,显卡,通信口等。

利用NxTop Center可以集中管理多台设备。

NxTop Engine的管理界面支持也很漂亮:

提供的NxTop Connect中嵌入了几种常用的应用支持,Chrome Browser,Skype,Citrix Receiver, the Quest EOP client和RDP。操作界面非常有Mac OS的风格。

我对这个产品比较看好,很是有发展前途,可以满足很多中小型企业的终端管理的部署,集中控制,安全隔离等方面的需求。

目前NxTop Engine单机版本免费下载,NxTop Express提供最多5个license的免费版本,大家有兴趣的可以自己去http://www.virtualcomputer.com/下载使用。

【转贴】伤不起!亚马逊史前最大宕机事件的启示

四月 26, 2011 留下评论

看了这篇报道,我想对于兴建和使用云计算中心的企业而言都是一个巨大的警醒,对于云计算中心带来巨大的好处的同时,也一定不要忘了还存在着巨大的风险!

伤不起!亚马逊史前最大宕机事件的启示

ugmbbc发布于 2011-04-24 07:44:24| 7639 次阅读 字体: 打印预览

由于亚马逊在弗吉尼亚州(Virginia)北部的云计算中心宕机,包括回答服务Quora、新闻服务Reddit、Hootsuite和位置跟踪服务FourSquare在内的一些网站受到了影响。这些网站都依靠亚马逊的这个云计算中心提供服务。亚马逊服务页面显示Virginia北部的数据中心中断。具体如下:

clip_image001

相关新闻:

  • 亚马逊云计算中心宕机 多网站受影响
  • 亚马逊将推出Kindle图书馆借阅服务
  • 一架小型飞机在巴西亚马逊坠毁 7人死亡8人幸存
  • 亚马逊日本推出“按需印刷”服务
  • 亚马逊德国推数字书店 65万册电子图书

问题似乎从太平洋时间21日1:41开始:我们正在调查由于ESB卷引起的延时和错误,以及US-EAST-1区地EC2实例连接失效问题。

最晚的一条更新出现在早上6:09:EBS的API错误和卷延迟在受影响的区域任然存在。我们正在继续寻找解决办法。

这次事件可以说是Amazon史上最严重的宕机事件。

亚马逊没有表示它将在什么时候修复这个故障的具体时间。北弗吉尼亚州云计算中心是亚马逊经营的许多云计算中心之一。不过,这些系统的设计通常是一个中心宕机不会中断其它的云计算中心,也不会影响使用那个服务的用户。亚马逊没有解释它为什么没有绕过北弗吉尼亚州云计算中心的故障把工作量转移到许多其它的云计算中心。

clip_image002

亚马逊拥有4个不同区域的不同数据中心提供云服务

截止4月22日,由于技术原因导致亚马逊计算服务中断事故已经持续了两天,业界分析师表示这次事故将会

导致许多公司重新斟酌对远程的、没有控制权的计算机的依赖程度。

“这是给云计算提了一个醒”,IDC的分析师Matthew Wastwood表示,云计算是指通过因特网来访问位于远程大型数据中心的服务和信息,这些服务和信息是位于不确定的任何位置,就好像是位于云中。“它将引发业界对云计算的重新思考。

他说,这场思考将很可能会聚焦于什么数据和计算操作应该放到云上,什么是需要放在公司的防火墙内的。

Eastwood认为,这次事件还将会导致重新审查自己的云服务契约是否合适

是否需要实现备份和恢复服务,包括为不同位置的数据中心支付额外的费用。这是为什么呢?分析师表示,很明显,在本次实践中受打击最大的是一些创业公司,他们为了追求快速发展,没有选择昂贵的备份和容灾服务,从而导致数据不可恢复。

Amazon五年前创建了它的副业务:通过网络为企业提供数据中心先进的计算资源。今天这家公司成为飞速增长的云计算业务的早期领导者。

在企业当中,云计算模型快速流行起来,因为它能够让企业把计算工作外包出去,从而避免了成本问题和令人头疼的数据中心运维只需按需使用,通过网络来获取计算机处理器和存储,而不用去拥有自己的机器或这是操作软件。

亚马逊有成千上万个企业客户,包括Pfizer和Netflix等,也有大量的创业公司,它们的业务经通常依赖于AWS。收到本次事件影响的包括Foursquare,一个本地社交网站;Quora,一个问题和答案服务;Reddit,一个新闻分享网站;和BogDoor,一个专门为网络出版商做游戏工具的公司。

这些公司所报告的问题不尽相同,但是都包括了不能访问数据、服务中断和网站宕机等。

分析师说,一些已经选择了在Amazon计算机上进行关键操作大公司,倾向于选择付与计算实例同样的钱。视频网站Netfix已经成为Amazon云的大客户,其网站技术的大多数用户电影队列、搜素工具和喜好等都运行在Amazon数据中心。

Netfix表示平安渡过此次事件,“那是因为Netfix能够充分利用AWS的冗余云架构”,这防止了任何位置的技术故障,Nstflix的发言人Steve Swasey表示。

BigDoor是位于西雅图的一个20人左右的创业公司,因为Amazon的失误而受到打击。它有着Amazon的备份和恢复服务,该公司的 CEOKeith Smith表示,但是仅限于Amazon位于Virginia的数据中心。“总有要有一个权衡”,Smith说,注意到费用和开发者的时间将被要求来做更多的事情。

直到星期五早上,BigDoor的大部分用于支撑游戏和奖励功能的在线出版商的服务已经备份,但是站点任然不可用。

IDC预测,云计算将会以25%d的年增长率增长,到2014年将会到达555亿美元。主要技术供应商积极推出不同的云产品一些强调公用模式的服务,如 Amazon,还有一些更集中于向企业出售硬件和软件,以帮助企业实现海量计算工作负载的高效性。后面一种情况,企业除了使用云计算,还必须拥有这些基础架构,因此称为私有云。

Rackspace公司的首席战略官和数据中心服务专家Lew Moorman说,亚马逊的中断事故跟坠机差不多,属于普遍事故中的一种。他指出,然而,飞机旅游比开车旅游还是安全一些的就好比云计算比公司私有的数据中心要安全。“从世界范围内来看,每天,公司内部都会出现宕机事件。”Moorman表示,“每一段时间都很小,但是他们加起来就是更长的中断时间、金钱损失以及业务损失”。

Amazon的挫折将给我们一些很值得借鉴的经验,“我们都有兴趣看到亚马逊处理好这件事情的方法,”Moorman表示,Moorman所在的公司Rachapace在云计算领域是亚马逊的竞争对手。

源文档 <http://www.cnbeta.com/articles/140893.htm>

分类:CloudComputing 标签:

关于云安全概念

四月 25, 2011 留下评论

这两年,随着云计算的盛行,关于“云安全”的各种声音也愈发多了起来,但是,市场上存在着各种各样的理念与说词,往往让人无所适从,到底什么是“云安全”?有什么样的云安全问题?哪些是对我有用的云安全?我可能需要关注哪些方面的云安全话题?我觉得很有必要把这个概念首先澄清一下,也试图把市场上多种多样的云安全问题进行一个简单的梳理。

纵观市场上林林总总的“云安全”概念,其实无外乎分成如下三种类型:

  • 使用云计算的安全(security about using cloud computing)
  • 利用云计算提供的安全服务(security from cloud computing OR Security as a service)
  • 保护云计算自身的安全(security for/in cloud computing)
  • 上述三个方面的安全问题都是各自领域里面相对独立的问题,实际上是依照不同的提供者,使用者,受益者的不同而不同,同时,需要关注的内容与角度也大相径庭,下面是几种类型的简单对比:

     

    提供者

    使用者

    受益者

    核心关注内容

    使用云计算的安全 云提供商,使用者 享受云服务的使用者 享受云服务的使用者 数据的安全,稳定性,可靠性
    利用云计算提供的安全服务 云提供商 享受云安全服务的使用者 享受云服务的使用者,云提供商 隐私保护,服务有效性
    保护云计算自身的安全 云提供商 云提供商 云提供商 云计算中心安全健壮性,防破坏

其实目前市场上关于前面两种的云安全问题讨论的最多,但是关于第三种安全问题却寥寥,一方面原因可能是企业构建的私有云的安全建设本来就需要保密,另外一方面是哪些公有云提供商由于种种原因不愿意透露给公众得知,而同时,关于这方面的实践也可能还不足,但是,这方面的问题却是很多希望构建自己的私有云或者公有云的建设者所最头疼的问题。

关于使用云计算的安全问题,在Google或者Baidu里面随便搜索就可以得到相关信息,如何选择公有云?公有云使用中如何保障隐私?公有云使用中数据是否需要加密?访问通道是否需要加密?如何通过SLA来保障自身利益?而关于云计算安全业界鼎鼎有名的CSA(Cloud Security Alliance)提供的Guide也大部分是站在云计算使用者的角度而提供的Guideline。

而利用云计算而提供的安全服务的云安全理念更是甚嚣尘上,甚至对于很多人而言甚至代替了“云安全”这个概念。尤其是在防病毒领域与终端安全领域,这个概念被大家吵得更是令人无语,君不见你用中文去搜索引擎里面搜索“云安全”,你看到的恐怕就没有其它方面的内容了,一个个防病毒与终端防护的厂商会占据你所有的眼球。你再看看百度百科,那就是赤裸裸的直接把关于云计算其它方面的安全问题直接滤掉,同时也声称这是“中国创造”的产品了。我觉得商业宣传本无所厚非,但是还是不要过分以偏概全的好。

整个云计算与云安全领域,我们抛开大量的商业宣传的迷雾,你就会发觉整个行业其实就如一个出生的婴儿,还很稚嫩,成长的过程中还需要面临大量的挑战,当然,这个过程中也会随着婴儿的成长而带来无数的机会,很多人看好这个领域,也有无数人投入到这个领域,最近一段时间,花了不少的精力在这个领域,也会逐步写下一些心得,希望能够抛砖引玉,与业界有识之士探讨!

【转发】Eleven Open Source Cloud Computing Projects to Watch

四月 24, 2011 留下评论

非常不错的一篇文章,对于其中的项目很值得关注!

来源:http://socializedsoftware.com/2010/01/20/eleven-open-source-cloud-computing-projects-to-watch/

Eleven Open Source Cloud Computing Projects to Watch

by Mark on January 20, 2010

Cloud Computing 2009Last month cloud computing and systems management expert John Willis published his best of Cloud Computing for 2009 list he calls the Cloudies. I am not an expert on the latest developments in cloud computing so it was nice to get a list of the best (in his expert opinion) cloud computing tools. I was especially interested in the latest open source software and I did a little research on each of these projects to see if they had active development mailing lists, regular releases and a real community behind them. At first glance my final list read like a cast of manga characters with names like Bitnami, CollectD, Enomaly, OpenNebula, RabbitMQ and Zenoss. However they all seem to benefit from a strong development ethic, a growing community of users and the ability to address challenges associated with cloud computing.

[Update 1/19/2011: After joining Cloud.com I would add Cloudstack as one of the open source cloud computing projects to watch.]

  • Chef – Chef is a relative newcomer with their project being only one year old but they are aggressively developing their project as can be seen by the frequency of their code check-ins. is an integration framework for configuration management for all types of IT infrastructure but especially popular among cloud deployments. You write source code to describe how you want each part of your infrastructure to be built, then apply those descriptions to your servers. The result is a fully automated infrastructure. Chef is professionally supported and sponsored by Opscode.
  • collectdcollectd is a daemon which collects system performance statistics store the values in a variety of ways, one implementation is to store them in RRD files. What makes collectd particularly useful is it’s plugin architecture which allow the daemon to collect information from a variety of services and servers like Apache, memcache and Linux Vserver. collectd on its own is really interesting but what I really see is an opportunity for collectd to feed other systems management tools.
  • EucalyptusEculyptus is an acronym for Elastic Utility Computing Architecture Linking Your Programs To Useful Systems, an open-source software infrastructure for implementing “cloud computing” on clusters. The current interface to Eucalyptus is compatible with Amazon’s EC2, S3, and EBS interfaces, but the infrastructure is designed to support multiple client-side interfaces. Eucalyptus is implemented using commonly available Linux tools and basic Web-service technologies making it easy to install and maintain. Eucalyptus Systems provides consulting, training and support services.
  • OpenNebula – This is perhaps the most interesting and most relevant project of the list for cloud computing, billing itself as the open source tool kit for cloud computing. OpenNebula is a tool that can be used to build any type of Cloud deployment and manage virtual infrastructure in a data-center or cluster or to combine local infrastructure with public cloud-based infrastructure, for highly scalable hosting environments. OpenNebula also supports public clouds by providing cloud interfaces to expose its functionality for virtual machine, storage and network management.
  • OpenQRM – I have been a fan of OpenQRM for a long-time or at least well before the hoopla around Cloud Computing and have had the opportunity to work with technology when it was still part of a now defunct venture-backed company, Qlusters, and then spun out as a stand-alone open source project. While OpenQRM is not what I would consider a tool for public clouds I think it’s geared towards people delivering private virtual clusters or cloud capabilities. openQRM is a single-management console for the complete IT infrastructure and provides a well defined API which can be used to integrate third-party tools as additional plugins. What’s really interesting about OpenQRM is that it can suck up physical installations, create an image, write that image to a SAN and then run the virtual instances on demand. I think the opportunity for OpenQRM is to be able to suck those images up and then spit them out to cloud computing resources like EC2, RightScale or Rackspace Cloud. UPDATED:
  • Puppet – The Ruby on Rails project is a great configuration management tool, very similar to Cfengine (which pre-dates Puppet) and Chef (which was started after Puppet). Puppet is a model-driven open source framework designed to automate the building and configuration of servers. Puppet lets you perform normal administrative tasks (such as adding users, installing packages, and updating server configurations) on any number of systems, using essentially the same code, even if those systems are running completely different operating systems.
  • RabbitMQ – RabbitMQ is an enterprise messaging system released under the Mozilla public license that adhere’s to the AMQP standard (AMQP is a standard that allows middleware products to send messages to one another). What really strikes me about RabbitMQ is the activity in their community especially their mailing lists and IRC channels. This was astounding to me as I feel like I am pretty up-to-date on active open source projects but before John’s post I was in the dark about RabbitMQ. Of the ones listed so far it’s really one that I feel like there’s really something substantial there. Commercial support is available from RabbitMQ LTD.
  • Zenoss – Zenoss made John’s list because of it’s Amazon Web Services monitoring capabilities and its ability to monitor all sorts of other cloud and virtual infrastructure. I am also excited about Zenoss making the list because the Zenoss Community is working to extend Zenoss Core to monitor all infrastructure you already have. I am very excited about the future of Zenoss as the community continues to expand its virtualization and cloud computing capabilities.
    [Disclosure: This caught my eye since I am the community guy for Zenoss.]

I also think there are a couple of other projects that weren’t on John’s list but have both an open source and cloud computing component:

  • Bitnami – BitNami.org simplifies the process of deploying web applications virtually and in the cloud. Each BitNami Stack contains an application that is fully integrated with all of the software it requires to run. BitNami Stacks are available free of charge as native installers, virtual machine images and cloud templates. Examples of BitNami-packaged applications include Drupal, Joomla!, WordPress, SugarCRM, Alfresco, Redmine, Subversion and many more. Bitnami is sponsored by the cross-platform installer vendors, Bitrock.
  • Enomaly’s Elastic Computing Platform (ECP) – ECP is worth watching is as much for its firebrand leader Reuven Cohen and his expertise as it for the merits of the project . ECP is a programmable virtual cloud infrastructure for small, medium and large businesses. ECP can help you design, deploy and manage virtual applications in the cloud and in the process significantly reduce administrative and systems workload. Our browser-based dashboard enables IT personnel to simply and efficiently plan deployments, automate VM scaling and load-balancing, and analyze, configure and optimize cloud capacity in an easy to use utility. We’ve designed the ECP platform to work alongside your current virtual data center, providing additional value and cost savings.
  • Ubuntu Enterprise Cloud – Ubuntu Enterprise Cloud (UEC) is included with Ubuntu Server Edition and integrates a number of open source projects (including Eucalyptus). Given the rabid Ubuntu fan base I think the UEC will immediately benefit. This gives users a turnkey package to deploy a private cloud. I also liked the he code name for Ubuntu 9.10 the latest release was Karmic Koala and as we all know Koala’s eat Eucalyptus (a clever little joke from the Canonical folks who develop Ubuntu).

I am sure there are other notable open source cloud computing solutions and tools that I haven’t mentioned and hope to add to this list going forward.

Updated:

My colleague Simon Jakesch (who’s a ton smarter than me) pointed out this omission from my list (which makes me feel sheepish since I have been working with Damon Edwards whose part of the ControlTier project for the last few weeks):

  • ControlTier – ControlTier is an open source, cross-platform build and deployment automation framework. ControlTier can help you to coordinate and scale service management and administration activities across multiple nodes and application tiers. Where ControlTier is shines is as an orchestrator for administrative tasks like starting and stopping services and starting other programs. Many of the contributions and commercial support come from DTO Solutions.
分类:CloudComputing

security, cloud computing, telecom

四月 22, 2011 留下评论

About Security, Security Management and security for telecom and cloudcomputing!