Podcast: Cloud Security Special

Todays podcast is a must for anyone in Cloud who needs to understand high level security. I’m joined over the ether to my studio in Bath in the UK by Gunnar Hellekson and David Egts. We’re talking access controls, SELinux, sVirt, hardening, security in Government and how we engage in Cloud, security and KVM, Common Criteria – the whole works.

We talk RHEV, RHEL, OpenShift, CloudForms, ManageIQ, auditing, logging, hardening, security – learn how Red Hat secure the important enterprise, Government and industry platforms – allowing our customers to sleep easy.

You cannot afford to miss this weeks show !

Gunnar is the Chief Technology Strategist in Red Hat’s US Public Sector team, trusted by government and the military alike and David is one of our Principal Architects at Red Hat. They both “live eat breathe” security so this podcast is three of us who are very passionate about the topic.

And folks theres more, if you liked this podcast tune in to the first few episodes of Dave and Gunnar’s new podcast – the appropriately named Dave and Gunnar show which you can listen to by following this link directly. I totally recommend it, great listening. I’ve been working with them over the last few months recommending kit and I really think this is a show you should be listening to on a regular basis. Gunnar and Dave have taken a totally different spin on podcasting that Rhys Oxenham and I have been planning since November to do monthly that I bought the kit to do – but we haven’t had the time to do. Since Christmas we’ve been set up to make the changes I keep mooting, and this will happen.

It’s so nice to be back in the studio able to control the level of audio again, seems like an age since I was sat at a mixing desk recording this stuff. Listening to this podcast you wouldn’t think that David was in Ohio, Gunnar in Houston, Texas and me the other side of the pond, and all recorded produced and released using Fedora – no Mac’s here folks.

Come back soon for some great podcast content and if you haven’t yet subscribed via iTunes or my RSS feed simply follow the menu bar above to get the links you need. Come back next week for some more great content.

 Download the podcast here in MP3 format only

Podcast: Matt Hicks – OpenShift / SELinux

So Matt and I have been trying to record this for an age, technology and ambient noise from the construction crew extending our Westford office got in the way a few weeks back so plan B – DIY remote podcast over Google+ recorded here in the studio in the UK – what we ended up with was a really good tech chat about OpenShift, hosted on-premise PaaS and a deep dive into SELinux and the reasons both of us have for trying to persuade you to leave it on by default.

If you’re into PaaS, use OpenShift, want to know where we are at with regards to releasing OpenShift On-Premise then you NEED to listen to this. It will at least make you even more excited (I hope) about the next two months of stuff coming out of Red Hat.

Matt, if you’ve heard him speak at Summit, or JUDCon (Google or search YouTube if you want to see re-runs of his talks, well worth the time spent doing it) is infectiously enthusiastic about both PaaS and security by default.

Download it, listen to it, comments welcome or questions – we’re here to talk to you.

Download the podcast here in MP3 and OGG formats

Value Add – Tough Love in Cloud

There is no doubting the fact that as a lot of enterprise organisations and institutions who have for many years been wholly reliant on silo led computing platform architecture feel a little overwhelmed (or underwhelmed in some parts) by Cloud. Cloud the buzzword de jour, the spin. The undefined re-invention of IT. I see it a lot, and I hear it more. There seems to be this “Tough Love” battle of hearts and minds where the positioning of new IT enablement and design becomes more than technology refresh or even attrition to a position where Cloud becomes just part of the paradigm shift to doing more with less, or getting more for your dollar as you plan and procure your IT spend. It could even, if you outsource some of your current IT mean you spend less with your incumbent provider as you are able to identify and skill requirements and platforms internally with the people who understand your business the best – your current staff rather than hired consultants at arms length.

Cloud will, be under no illusion, also make those service providers and industry service providers increase profitability by being able to create elastic easily consumable cloud services that become stock catalogue items that sell themselves without sales people needing to push the hard sell. If that provider has the right services they become an asset and a building brick for growth – providing people want them. Where demand is met with intelligent solutions in Cloud there is a marriage made in heaven.

Last year, before I transitioned into this role as one of two Red Hat “Cloud Evangelists” I worked alongside the EMEA sales team in Cloud as their technical solutions architect helping providers stand up Red Hat platforms for customers to burst out to or to bring enterprise workloads too. It was enlightening because here was a software and services company working with the provider channel to build context extensibility into providers rather than just providing an OS or middleware capability. Real world business engineering (or re-engineering if you’d prefer to view it in that context) for both provider and enterprise customer alike to build a two way Open non-vendor locked in example of how we envisage those longterm hybrid and public workloads transitioning to Cloud. And then on the back of it building the provisioning and engagement model to assist customers to be able to just slot in as and when they felt the demand and push to do so. Getting over the “tough love” argument by making Cloud business as usual and easy to consume for both consumer of services – and the provider.

Tough Love – The Provider Angle

Service provision at any tier you can define as being able to take a blended approach of solutions and services that customers want or need to be able to contract. With Cloud it’s been hard for the service tier. A massive over emphasis on the hypervisor, on the provisioning and management and the self service element of the equation has left many now with an expensive overhead in the form of the ongoing licencing costs and ownership costs of proprietary technologies and layered or tiered infrastructures. Ken Hess and Jason Perlow of ZDNet explored this when discussing HyperV vs VMWare and there are a lot of other analysts who are now realising that at some point you are left in a position where that most basic cost of Cloud in the public or hybrid tier has to be passed on in the form of the contractual cost to the customer.

They are also missing a point. It’s not just about the provision of Cloud it’s about what you need to do with it when you get there as a customer, your development and deployment of architectures and infrastructures, your hidden ownership charges and your management layer on top. It would be great, and overdue somewhat for the likes of  GigaOM, Gartner and Forrester whose advice and guidance is read and given credence by many to now start thinking out the box and do more than just tickle Cloud ownership. There isn’t one credible ongoing analyst piece around the service provider tier and frankly when I talk to people (people being customers and decision makers) the positioning of left and right mystical fluffy quadrants needs to align itself to physically adaptable IT planning and positioning not just thought leadership and marketing budgets.

For service providers building Open infrastructures on KVM and in the past on Xen (although we now see KVM as the de-facto standard) and who understand the need to use open components such as CloudForms and OpenShift into the mix they are at a major advantage. They are better armed to be able to offer customers a customisable onramp to Cloud adoption at a pace that meets the appetite of sceptical CIOs but also that then reacts accordingly when the consumption and demand for services from that fledgling customer increases at speed. The ability for providers to have that flexibility and capability with the likes of Red Hat at a engineering level, matched and married to a software stack capability across storage, the hypervisor (RHEV KVM), the secure capabilities afforded by SELinux and sVirt, Middleware OpenJRE power in the form of JBoss, Gluster giving them the unstructured kick ass big data story and then wrap it up with their own ability to ride on the back of CloudForms (and DeltaCloud by association) means an immediate IaaS capability. Then as the customers who are already smart enough to be using OpenShift Origin to build out their sandpit PaaS test capability or to have used OpenShift on AWS start to demand hosted PaaS for that provider to be able to do so with applomb.

Bolt on capability = revenue, the providers who think out the box attract and retain customers longer and become an essential part of the foodchain of Cloud.

Tough Love – The Enterprise / Institutional Customer

It’s hard enough sometimes to run an enterprise environment at the best of times. The driving factors that push and promote the need for ever increasing attention to the needs of customers and consumers of your platforms and architecture are only beaten by the fact that from an accountancy perspective there is little to no elasticity in budgets that need to match or at least demonstrate an affinity for ambitions around elastic cloud. Now add on a new found skill as CIO. Contract negotiation at the most granular level. Signing an SLA is only made easier when you know what signing the solution with your Cloud Provider when you know 1) what you are signing up to 2) if you know what the problem is that you’re trying to solve by engaging with the provider.

Bryan Che of Red Hat writes brilliantly about his“2nd Tenet of Evaluating Products – You Have to Know What Problem You Want To Solve”. If it’s the only thing you click on in this article then I recommend you do so as it’s both thought provoking and influential in it’s steering as a guidance piece. Bryan correctly argues that the comparison of two given cloud products or services are aligned to understanding the problem that the consumption or procurement of that service will deliver. You can’t evaulate until that argument is understood and examined.

When we talk about Open Cloud it’s an understanding that to succeed and get the best out of the utilisation of compute capability in a manner that affords an enterprise something very clear. Independent, capable, assured performance married with a commitment to a flexible future as you grow.

An open provider who demonstrates that the tough love in Cloud is part of their problem, not yours, is the one who can give you the flexibility and the core belief to get to the start line (never mind the finish line). The good news is the smartest way to achieve that goal is for that provider to base his platform capabilities on Red Hat Cloud technologies.

It’s not just about the hypervisor and management – if anyone else tells you it is then it’s time to talk to someone who understands the pressures and needs of your expected IT delivery programme. Make sure they’re open, and make sure they use a certified supported open infrastructure married to a upstream that just happens to have millions of pairs of eyes examining its every release and move.

Pays to be open – but genuinely it’s the toughest love and the most responsible you can be when delivering future computing.

Podcast: Rhys talks Cloud

Today I am releasing part two of a podcast I recorded with Rhys Oxenham last week. In this second installment of a podcast thats proved very popular Rhys will be talking about CloudForms, some of the realworld engineering stuff we’ve been working on with partners etc.

Rhys talks about how CloudForms solves some of the end to end problems of Cloud provisioning and platform management. For you guys looking at the newly released Red Hat OpenStack Preview this could be really important for you to listen to.

I am recording two new podcasts today with Jon Masters and Duncan Doyle, Jon I’ve known for nearly twelve years and is a leading light in the ARM porting world and a longtime Red Hat stalwart. He recently gave one of the best attended and best appreciated Summit talks in Boston. Duncan and I share a common love of everything JBoss so both should be a lot of fun and I’ll bring them to you asap.

  Download part two here in MP3 format or OGG format