One of our customers wanted to establish a site to site connectivity between
their datacenter and public cloud (Amazon EC2) and then have a private
network within Amazon EC2 with their own custom IP addresses for their
servers in the cloud.
Basically the idea here is to augment the internal datacenter resources with
the resources in the public cloud securely so that the servers in the cloud
appear as if they are part of their own private corporate network. The idea
here is to isolate the servers used by the customer in the cloud from the
rest of the servers in the cloud using private network, just like the
corporate internal datacenters are isolated using private network with
private routers routing the internal traffic.
Kaavo team setup the required network using OpenSwan and OpenVPN, see the
The advantage of this setup is that users within the co... (more)
University of Berkley has published an excellent paper on cloud computing,
the argument regarding data security in the cloud is that encrypted data in
the cloud can be more secure than unencrypted data in the internal
datacenter. Almost nobody uses encryption in internal datacenters as they are
percieved as secure. Here is an excerpt from the study:
“We believe that there are no fundamental obstacles to making a
cloud-computing environment as secure as the vast majority of in-house IT
environments, and that many of the obstacles can be overcome immediately with
well understood ... (more)
Several popular websites and companies were impacted by the recent Amazon
cloud outage. It was quite surprising to see that so many of the companies
had no backup plans to restore their applications at an alternate location.
Just because we are using cloud doesn’t mean that we should forget all
the lessons we have learned over the years in managing IT risks. There are
several ways companies can mitigate their risk exposure due to these types of
outages. For example one of Kaavo’s customers runs their application
across Amazon and Rackspace cloud using Kaavo IMOD; ... (more)
In reference to my earlier blog on Application Centric Management, there is a
discussion on the cloud computing group , I posted a detailed response,
sharing it here:
When we say we need application centric approach it is implied that it is
needed from application owner perspective, people who are responsible for
managing applications, their service levels etc. People responsible for
running infrastructure and providing infrastructure as a service, e.g.
Amazon, GoGrid, alt. needs infrastructure perspective to manage their
infrastructure. However, the application owners who are... (more)
At Kaavo we recognized that there is a need to provide a horizontal framework
that anyone can use to quickly build a vertical solution for running and
managing their complex custom applications in the cloud. To enable single
click deployment and runtime management of any custom application in the
cloud Kaavo’s IMOD uses System Definition file for automating complex
workflows and dependencies for deployment and runtime management.
Understanding the structure of System Definition file is important to fully
benefit from Kaavo’s application centric management approach.
System Defin... (more)