There seems to be a myriad of definitions of who is a tenant when it comes to secure multi-tenancy. This debate has occurred not only within The Virtualization Practice as well as at recent Interop and Symantec Vision conferences I attended. So who really is the tenant within a multi-tenant environment? It appears multiple definitions exist and if we cannot define Tenant, then how do you build secure applications that claim to be multi-tenant?
TVP Tag Archives
News: Piston Cloud does CloudFoundry on OpenStack
We asked OpenStack recently whether they were going to do PaaS, they said that this was happening in the community around them, and today we have an announcement of one way of doing it: with VMware’s Open Source CloudFoundry.
Migrating to the Cloud: OpenStack or vCloud?
We, here at The Virtualization Practice, are getting ready to have a cloud presence. Since we ‘eat our own dogfood’ with a 100% Virtual Environment, we are gearing up to move some of those workloads into a hybrid cloud. We already use some cloud resources, but now is the time to look at other workloads. Why we are moving to the cloud is three fold: how can we write about various aspects of being a tenant in the cloud, if we are not one; a recent power outage at the grid level; and a upcoming data center move. Two of these reasons are all about business continuity with the first being what we do. While we already have a cloud running within our own environment, it is time to branch out.
RackSpace calls Citrix’s Bluff over CloudStack. Citrix Folds.
Citrix has given up Project Olympus which was based on the Open Source OpenStack platform in favor of its own Open Source CloudStack initiative (formerly known as Cloud.com), which it is contributing to the Apache foundation and has re-licensed under the partner-friendly Apache Open Source license (rather than the GPL).
Virtualization Security is NOT Cloud Security!
I and others look at Virtualization Security constructs with an eye towards Cloud Security, but they are not necessarily the same. Granted for some clouds, virtualization security can lead to cloud security but this really depends on how the cloud’s architecture. Even so, what we know from Virtualization Security WILL apply to Cloud Security and will be the basis for best practices. But you say, my cloud does not use Virtualizaiton? Ah ha, I say, but it is still a cloud? And that implies there are similar security concerns. This was the discussion on the 1/26 Virtualization Security Podcast.
Cloud: Developing over the Chasm in 2011
Now, of course, this is a simplified version of the question, because in almost all cases Infrastructure Clouds and Platform Clouds are built on Virtual Infrastructure, and in most cases Platform Cloud is built on Infrastructure Cloud, so the question is really about how far into the Cloud you should be prepared to go. My perspective here is of a development manager – someone who is charged with building a new application. I’m thinking as a development manager not a developer and I’m taking decisions to maximise the productivity of a development team – rather than on the “shininess” of the technology.