Hello everybody and welcome to the Hybrid DevOps Pros. I'm Ariel, with is Liaz. Hello Ariel. Hi Liaz.
Today we have a big update for you, we're going to talk about
New Symphony version 5-1-1, got a lot of good stuff in it. Yeah, it's a major version.
It's a huge release for us. So let's get started. So we've updated our
AWS APIs on a
few services in the platform. So
on the CloudWatch metrics..
Right. So let's let's look at the UI and
just like ever, whatever you see in the UI - we have APIs and most of the time we have AWS APIs for CloudWatch.
The first thing that we're gonna do is create alarms, so
in this specific case we managed to
get
specific conditions for both instances so I have here all my instance lists.
So I want to get alarm for a specific instance and
specific statistics and metric.
So we have alarms that are for metric crossing...
It's a condition so it can cross up, it can cross down
Like, for example, you can have I want to know when my instance is less than average
so I want to get another one up and running or maybe killed
Nice.
So not only we have alarms after I'm
setting an arm I can set a topic. So that's actually another big thing that we've
introduced in Symphony. We have actually introduced a new service of
notifications that is AWS SNS compatible. So if I
set a topic that means I want to notify specific people in the organization maybe other organizations
so I just set
their emails and they will get notified whenever I'm
triggering the alarm that is connected to that topic. Fantastic
So email based notifications based on CloudWatch an alarms. That's great. Yeah and
Next thing is the database. Absolutely so
our RDS
service has received a large set of new functions. So remote replication
is a big one. It is.
So far we had the capability of creating a database instance. So that our own standalone and we could
replicate it locally. That's fine. So let's go ahead and
start a database, but there's a surprise.
So let's go to Liaz DB,
get everything just default because it's just a
test, that's for network. Let's not set backup, although we can set an automatic backup, which is very important
when it comes to databases and when I'm setting the credentials, we used to have only standalone. That's our own credentials. But in this case
It's a remote replica. I see. So as you can see we have the master hostname,
basically, it's the IP or the host
you'd like to connect to, a port and so on. Now,
the most important thing is that the master hostname doesn't have to be on Symphony,
it doesn't have to be on AWS as well. It can be anywhere that I can access. So we could actually have a
remote replica
of an RDS instance running on AWS
to Symphony or we could have a remote replica of
database running on
Azure or GCP or
Whatever you're enterprise
supports, we can connect to it as long as the database supports replication. That's fantastic
So that's a major thing
also
when it comes to databases we have now
adding extensions to Postgres
You can decide in the instance if you'd like to reboot that database.
You don't have to reboot the whole instance. You can just restart services - for some database it's very important.
And we also added the support in Terraform and I'm sure we can have an example soon, that you can decide
where exactly do I want to start my database. In case you have several pools.
So when we have multiple storage backends we can use the
storage type attribute and
Feed that into the RDS APIs and map our database into the different storage backends. Yeah, so that's it for the database service.
Let's go for another
very important service... Those are very big updates. Yeah, that's a big update
There's a lot more coming, don't worry. So
let's go to Load Balancer. Tell me about Load Balancers. Ok, so
show it here. Let's focus on the WordPress
In the WordPress we have
for that application we have a Load Balancer. And as you can see here, it's an highly available load balancer.
So so far we had a single instance of Load Balancer. Now it is highly availabile.
Nice. So now a Load Balancer that is protecting a set of instances became a single point of failure
and when we have the ability to have high availability Load Balancers
that disappears and we're able to protect the deployment. That's a huge improvement.
Yes. Great.
So for Kubernetes service we added a very important feature that will allow you to run ELK,
that's actually the map count, the max map count - very easy to run ELK, and
we also improved
all the security features that the central
Internet Security
recommends
And I understand we can now manage
dynamically the container registry. Yes also. That's another service that we support. Now when it comes to
Virtual Machines we added
According to our customer requests some European support for keywords. We had a lot of requests for AltGr
type of keyboards from a European customers. Well, now it's available. We support that, we
managed to
Significantly improve our scalability, significantly improve the performance. So the emphasis we have been putting on
in Stratoscale Symphony for the last few releases has been on
reliability at scale and the ability to manage high degree of parallelism.
When we are doing large scale deployments using tools like Terraform then multiple instances get spawned
simultaneously and we've been slowly
adding more and more capabilities and in version 5
I think we're going to see a record ability to support the high degree of parallelism on all EC2 type DevOps
operations. Absolutely.
When you run Terraform, Terraform runs by default 10 commands in parallel and each commands can spawn
50 virtual machines. It's very important to support that service.. It's a
huge improvement, especially, by the way, when you're comparing it to some legacy environments like VMware. Yeah, well
You can try to do that there... Indeed
Well, I mean talking about scale, there's a big improvement in scalability on the AD?
Well, when you connect to a ADs,
when you connect to Enterprise ADs, they can be huge, right?
You want to get all the users list and so on, if you go user list
and you don't paginate you get maybe one thousand, two thousand, ten thousand
user that doesn't scale. So we added the pagination feature. So no more obstacles in there.
So again, when we're working with large-scale enterprises
tens of thousands of
users are now supported on Stratoscale Symphony. Now talking about Enterprise - we did a lot of work on security
recently
including managing password policies to make them more secure but also a lot of hardening in the
core Linux kernel that we're using in
release 5 of Symphony. We've introduced SElinux
as well as a
brand-new CentOS
release
7.5, allowing us to significantly improve reliability and security
for our environment. Now
talking about
the kernel gets me to think about other,
let's call them,
foundational technologies, we made a huge change on our storage platform
Why don't you tell us about that, Liaz? Ok, so if you look at the UI
you don't see anything, right? because the functionality didn't change and nothing changed in terms of deployment...
It all looks the same. Under the hood we changed the
storage of the back-end storage. Right now we support three
replications
HDD are
supported, SSD actually gained performance
and also when you architect the storage you get a little bit more flexibility and
We're getting more performance from a storage, more stability.
When release 5 came out,
we've actually introduced a brand new storage engine using Ceph that allows us to implement both
hyper-converged and converged storage pools using this great technology and
allowing us, again, with no impact to the customer experience,
have support for an additional storage engine. That's fantastic. On the network side. I think we also did a lot of
improvements and additions. One very exciting feature
And when I say exciting, that's because I talk to many customers and they were asking where is it? Where is it?
It's an important feature in AWS APIs - that's the VPC peering. So you have an application,
you write it in a VPC
This is not your only
application, right? you have many applications in the enterprise and you want to access each and every one of them in between,
because most of them serve as each other's back end. How do you do that?
Easy! VPC peering. VPC peering means I have a VPC - let's see that in action, actually.
I have it right here
so I have here
Bastion VPC that's basically
a Bastion I want to access
this peering VPC. So up until now if I wanted to do that I had to go
externally to the Bastion to maybe an elastic IP and so on, and then back to the peering VPC,
using an elastic IP. That's actually a waste of resources.
so right now you can easily go to
Bastion VPC. Okay? now go to
VPC, in a click of a button I can create peering
menu and the pier will say what's the name of the peering and then where you wanna go?
This is it. So I chose... in this specific case I already
chose
Bastion to peering. The next thing you need to do, and we support all of this, both in Terraform
AWS APIs, Symphony APIs if you want to use that, you go to the route table and in the
Bastion VPC I'm saying if you want to go to the peering subnet go to the Bastion to peering...
VPC peering and that's it! you're connected.
So the VPC paradigm is the best paradigm for isolating an application within its own
software file network environment, right? Everything is managed using infrastructure-as-Code
so our applications are secure and isolated. Now when we have multiple applications running in
isolated network environments we need to connect them, and VPC peering is the easy button and for that is fully automated and orchestrated
using the best
Infrastructure-as-Code tools. Absolutely. It doesn't have to be a button, Terraform, button in UI - everything works.
Another very important feature when you run applications in VPC, that's actually the DNS. So,
if I go to my VPC again, let's go to...
Sorry, let's go to Bastion VPC
and in the Batson VPC I have
DNS records.
So now I can set my own DNS records for an instance very important for service discovery when you run a VPC.
So we've introduced DNS
capability into the virtual network. That's fantastic! So this feature has
a few limitations everything appears in the release notes,
very easy to use and very useful. Fantastic. In addition to that we've added tools for the platform administrators to manage
the scale out nature of the networking
environment and support larger and larger deployments as a consequence.
That's a big set of
improvements and capabilities that were introduced to Symphony.
Amazing capability. Liaz, where can people go to learn more about what we're doing?
First we have this amazing YouTube channel, so I encourage you
subscribe to the channel. We have new videos almost every week with how-tos and news about
the cloud, Public Cloud and our own Hybrid Cloud, and it's very useful to learn and to get updated.
And also we'll remind again - we have a public repository with very well documented
examples you download the repository. It's completely public.Look for Stratoscale at Github.
You'll find a lot of cool examples there.
Fantastic. So Symphony 5 is the latest and greatest
release with significant improvements under the hood - Linux security,
storage, networking functions, new services like SNS and
notifications
mapped to CloudWatch
alarms, more database
functions for replication and for extension. This is a really cool release.
Huge release. Fantastic. Thanks Liaz. Thank you Ariel.
For more infomation >> 【Kman】新開的場能玩嗎?一開始就卡洞是要我清台嗎?[台湾UFOキャッチャー UFO catcher]#409 - Duration: 10:05. 
Không có nhận xét nào:
Đăng nhận xét