ShapeBlue enables the University of Sao Paulo to deliver federated cloud services

The University of São Paulo (USP) is Latin America’s largest university and Brazil’s most prestigious academic institution. It produces more doctorate degrees annually than any other university in the world and ranks fifth in the number of scientific articles published. It is one of the world’s leading research institutions, with 100,000 students, 6,000 professors and […]

READ MORE

Shapeblue Security Advisory For CVE-2016-6813: Apache CloudStack registerUserKeys authorization vulnerability

Overview Apache CloudStack provides a registerUserKeys API that allows a user to create or recreate a secret key and an API key to use for authentication when using the CloudStack API. A malicious user can request this API action in conjunction with the ID of another CloudStack user/account.  The newly created or re-generated API keys for […]

READ MORE

Networking KVM for CloudStack

Introduction KVM hypervisor networking for CloudStack can sometimes be a challenge, considering KVM doesn’t quite have the matured guest networking model found in the likes of VMware vSphere and Citrix XenServer. In this blog post we’re looking at the options for networking KVM hosts using bridges and VLANs, and dive a bit deeper into the configuration […]

READ MORE

Globo chooses CloudStack for its application development and system management platform

Globo.com is the Internet arm of GRUPO Globo, the largest media conglomerate in Latin America, with offices in Rio de Janeiro and São Paulo. It operates the largest vertical web portals in Brazil, focussing on News (G1), Sports (globoesporte.com), Videos (Globo Videos) and Celebrities (Ego). The company also acts as a service provider for all […]

READ MORE

CloudStack Test Automation with Trillian and Jenkins

In the previous post, we introduced and described Trillian that can build various environments in which we could deploy a CloudStack zone and run Marvin based integration tests. In this post, we’ll describe how we are using Jenkins and Trillian to test CloudStack builds in various environments. Build Pipeline Our build pipeline can be seen in the attached […]

READ MORE

CloudStack Container Service –Available for download

Today we are delighted to announce General Availability of CloudStack Container Service (CCS): software that gives Cloud Service Providers a Container as a Service (CaaS) offering within their existing IaaS environments..  The software is immediately available for trial or commercial license. After the first release of the CloudStack Container Service in May, we have had […]

READ MORE

Trillian: Flexible, On-Demand Cloud Environment Creation

Marvin: “I think you ought to know I’m feeling very depressed.” Trillian: “Well, we have something that may take your mind off it.” Marvin: “It won’t work, I have an exceptionally large mind.“ Trillian was born from the need for us to create environments which we could run CloudStack’s Marvin test framework against, but the […]

READ MORE

Shapeblue Security Advisory For CVE-2016-3085: Apache CloudStack Authentication Bypass Vulnerability

Overview Apache CloudStack contains an authentication module providing “single sign-on” functionality via the SAML data format. Under certain conditions, a user could manage to access the user interface without providing proper credentials. As the SAML plugin is disabled by default, this issue only affects installations that have enabled and use SAML-based authentication. Mitigation: Users of […]

READ MORE