Entries by Marco Sinhoreli


Unlocking Cost Efficiency: 69% Licensing and Support Savings with CloudStack and KVM-based Cloud vs. VMware vCloud

ShapeBlue conducted a comprehensive cost analysis to assist CTOs in making informed decisions for their IT infrastructure. We compared the costs of running a cloud using VMware vCloud with those of implementing an open-source solution with CloudStack and KVM-based Cloud. The comparison is based on a hypothetical use case with specific technical requirements and operational constraints. The environments being compared are assumed to be functionally equivalent, supporting the same number and type of workloads under similar conditions. The conclusion we came with is that migrating from a VMware vCloud to a KVM-based cloud operated by Apache CloudStack can result in […]


New CloudStack Database Encryption Engine l CloudStack Feature Deep Dive

Introduction As part of its security capabilities, Apache CloudStack encrypts sensitive information such as user credentials and passwords. For over a decade, Apache CloudStack has used the StandardPBEStringEncryptor from the jasypt library to encrypt data. However, the encryption algorithm used by this library, “PBEWithMD5AndDes” is now considered insecure because it relies on outdated cryptographics, namely the MD5 hash function and the DES encryption cipher, which has only a 56-bit key length. To improve the security of Apache CloudStack, it is recommended to use a more modern and secure encryption algorithm, such as AES-GCM . AES-GCM is a mode of operation […]

Ensuring CloudStack Perimeter Security with Two Factor Authentication and Time-based OTP

Control and oversight of who can access an organization’s computer systems and networks and the actions they can perform are referred to as user access security perimeter. This aspect of perimeter security is essential in preventing unauthorized access and safeguarding sensitive information. Securing user access to Apache CloudStack, where vital components of the business layer are located, is crucial for maintaining the integrity and confidentiality of these elements. These include Instances running critical systems, networks, data storage, firewall control and load balancing. By implementing perimeter control user access, companies can ensure that compliance standards are met, and the confidentiality and […]

Cloud Repatriation with Opensource Tools

Introduction The COVID-19 pandemic has acted as a catalyst for the widespread adoption of public cloud services, accelerating the digital transformation of numerous industries and organizations. Public cloud adoption has also revolutionized services, agility, and the pace of an entire generation of companies but many organizations are starting to realize that it doesn’t come for free. Many organizations believe that the margin they pay to the hyperscalers could be the margin they could be making themselves. The repatriation of workloads from hyperscale clouds to organizations’ own infrastructure is increasingly in the news: Dropbox was reputed to have saved $75 million […]

CNCF Tungsten Fabric and Apache CloudStack – the Future of Cloud Networking

  As the world moves into a more connected and digitized future, cloud technologies are becoming increasingly essential for business. However, with the rise of hyperscale cloud providers, all-size companies and enterprises are finding it increasingly difficult to keep up with modern networking and security demands. This is where Tungsten Fabric and Apache CloudStack come in. Tungsten Fabric is an open-source network virtualization control plane that provides a scalable platform for cloud-native applications. Tungsten Fabric is a project hosted by Linux Networking Foundation (LFN) under the Cloud Native Computing Foundation (CNCF). Apache CloudStack is an open-source IaaS cloud management platform […]

Securing Your Data with Volume Encryption in Apache CloudStack

Protecting sensitive data is crucial in the face of growing cyber-attacks, meaning robust security measures are necessary. While backup and disaster recovery (BDR) play a significant role in data protection, other technologies such as volume encryption offer additional protection against a broader range of threats, especially unauthorized disclosure of sensitive information. This can include confidential customer information, financial data, intellectual property, and other confidential information stored in the cloud that could be valuable to competitors, hackers, or other malicious actors. Data protection refers to security measures and processes put in place to secure and protect data from unauthorized access, use, […]

CloudStack Managed UserData – Automating Cloud Services by Maintaining Compliance Policies

UserData is an industry-standard used in IaaS cloud computing and has become a standard tool for cloud administrators and users alike. It provides a flexible and efficient way to configure and customize cloud instances during the deployment process. UserData scripts are utilized as external resources – decoupled from Apache CloudStack – where users freely define what will be loaded during instance deployment. However, the decentralized model and lack of standards regarding UserData scripts can leave gaps when establishing compliance policy models. George Lawton highlighted this issue in his TechTarget article, “Centralized services as a hedge against shadow IT’s escalation.” CloudStack […]

Service Elasticity with CloudStack Autoscaling

Autoscaling enables the automatic adjustment of allocated cloud resources based on traffic spikes and usage patterns. When unused, resources are rigidly defined with a fixed amount of resources unable to grow as demand increases or shrink as demand decreases. This is a crucial feature in cloud computing, where the goal is to pay only for what you need, achieved through elastic resources that can scale up or down as needed. This is in line with the idea of scalable instances and services, which provide a base level of resources and can be expanded to meet demand when needed. When defining […]


What’s New in Apache CloudStack 4.18

Apache CloudStack 4.18 is the latest release of the cloud management platform from the Apache Software Foundation and is a result of months of work from the development community. Apache CloudStack 4.18 is an LTS (Long Term Support) release so will be maintained for a period of 18 months after release. As always, the release contains a myriad of small improvements and bug fixes but here we focus on the major new functionality in the release. Several new features have been introduced to significantly enhance the platform’s capabilities. These include Edge Zones (which provide lightweight zones); Tungsten Fabric integration (offering […]

Leveraging Apache CloudStack for Edge Computing

What is Edge Computing? Edge computing is a distributed computing architecture that brings computing capabilities to the network’s periphery, closer to the data’s source, where it can be processed locally without the need to ship it back to a centralized computing resource. This drastically reduces latency, thus enabling real-time processing while lowering bandwidth costs. The edge architecture model has seen a massive growth in recent years, and the rise of IoT devices only exacerbates the need for on-site computing capabilities, while the widespread adoption of more modern data transmission technologies (such as 5G networks) reduces costs and facilitates the deployment […]