Here are my notes from Julian Fischer's talk in RuPy 2013 about "Building a European Cloud".
Do we need a European Cloud?
- The cloud is about sharing. Of capacity, with virtualization.
- Specialization support built into processors.
- Virtualization has real meaning for companies - not just fashion.
- We have a lot of spare capacity in data centers. Eats up a lot of energy.
- The idea was to combine that spare capacity.
- Companies with infrastructure to deal with heavy loads had this. They shared it because they knew it would be useful to other companies too. With a pay as you go pricing models.
- So why not share globally in a single cloud, like Amazon?
- We have learned that we have to take care about privacy. This is a dev conference - how much do we have to know or care?
- A basic fact of European privacy law is that any company cannot share data to a country with a lower data privacy level. The default is privacy.
- The Safe Harbor EU directive regulates the processing of personal data within the European Union.
- The US-EU Safe Harbor means a US company can do self-certification, and swear the the US departmentment of commerce to comply to EU privacy laws.
- There are people who think that the safe harbor is not so safe. Including people in the EU commission.
- The Patriot Act beats Safe Harbor. When it comes to national security, there's no compliance to privacy over national security.
- LavaBit encrypted email service, used by Edward Snowden, ordered to turn over it's SSL private key. Shut down in August 2013.
- How much freedom do you want to give up to be secure? We have to draw a line, saying this is worth it, and this is not. Creator Ladar Levison made a statement, advising everyone agains trusting their private data to a company with physical ties to the United States.
- When speaking to companies, they say "who cares about privacy, my customers don't?".
- Do your customers know you have data outside the EU you cannot protect? Some of them may be OK by that and some not, but they should have a choice.
- It's not only about having data on European servers or complying with privacy laws. It's about staying completely off any US provider, and don't tie to the US in person or with your company.
- This would allow you to resist the call for opening your servers, at least by foreign security services.
- We need it.
How To Build One? OpenStack, Cloud Foundry
- Different services build up the cloud: IaaS, PaaS, SaaS.
- IaaS requires DevOps skills. PaaS not so much ("NoOps"). SaaS usually gives you business processes, billing systems, etc.
- OpenStack provices an IaaS for your PaaS.
- CloudFoundry is a PaaS.
- A 2013 proposal for an open source based cloud. Presenting an opinionated stack, OpenStack.
- HP is opening a public version. There are others: OpenShift of Red Hat. Choice is up to you, the proposal is open.
- A hardware layer is needed. IaaS on top of that, which in turn spin up VMs for PaaS. On applications on the very top.
- Hardware -> OpenStack IaaS -> Cloud Foundry PaaS -> Applications.
- You can build your applications on open source technologies.
- Cloud Foundry enables transferrability because of the abstraction: You can take your Cloud Foundry and move it to AWS.
How Cloud Foundry Works
- Cloud Foundry can be considered as an open source Heroku. A large distributed system, with an "inner shell" and an "outer shell". The inner shell is the actual Cloud Foundry system. The outer shell is the services that make up the platform.
- There's a tool called Bosh (Bash outer shell) for easily deploying CloudFoundry on OpenStack, or AWS, or VMWare.
- A comoonent called "Cloud Controller" offers the CF API endpoint. It's the authority for issuing commands: Start apps, create services.
- A component called DEA (Droplet Execution Engine) is the application server. Executes Droplets, which could be a Rails application with a bunch of files put into something executable, using a process called "staging". The DEA also isolates applications from each other.
- A component called Health Manager compares desired system state with actual system state.
- A component called Router knows on which DEAs your app instances are. Routes incoming requests to the right DEAs.
- You can provision services by Provisioning them, and then Binding them (creating credentials).
Know Your AngularJS Inside Out
Build Your Own AngularJS helps you understand everything there is to understand about AngularJS (1.x). By creating your very own implementation of AngularJS piece by piece, you gain deep insight into what makes this framework tick. Say goodbye to fixing problems by trial and error and hello to reasoning your way through them