Cloud computing concept CloudStack Primary Storage

Paul Angus, Cloud Architect at ShapeBlue takes an interesting look at how to separate Cloudstack’s management traffic from its primary storage traffic. I recently  looked at physical networking in a CloudStack environment and alluded to the fact that you cannot separate primary storage traffic from management traffic from CloudStack, but that it is still possible. […]

READ MORE

word cloud - database How to Deploy High Availability CloudStack with MariaDB Galera Cluster

As a cloud infrastructure scales to hundreds or thousands of servers, high availability becomes a key requirement of the production environments supporting multiple applications and services. Since the management servers use a MySQL database to store the state of all its objects, the database could become a single point of failure. The CloudStack manual recommends […]

READ MORE

ghost Shapeblue Security Advisory for CVE-2015-0235, aka the Ghost vulnerability

Overview A vulnerability has been recently disclosed by Qualys that could result in a remote attacker being able to execute malicious instructions on vulnerable systems. The vulnerability affects Linux based operating systems. This is better known as GHOST ‘glibc’ vulnerability (CVE-2015-0235): https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0235 What is ShapeBlue Doing ShapeBlue has analysed the impact of this issue on Apache CloudStack (ACS).  The […]

READ MORE

Cloud Security Shellshock and CloudStack

Shellshock is the family of bugs in the Unix Bash shell which allows an attacker to execute arbitrary commands on a vulnerable system potentially allowing an attacker to gain full access to that system. The bug (CVE-2014-6271) was first disclosed on 24 September 2014, upon closer inspection of the code, related vulnerabilities (CVE-2014-6277, CVE-2014-6278, CVE-2014-7169, CVE-2014-7186, and CVE-2014-7187) were […]

READ MORE