If you have read my previous article on vSphere security model, you know how it works. Still, you may wonder what roles a particular user may have, as asked in a recent email from one of my former VMware colleagues.
In an operating system, a user is assigned to a group or multiple groups therefore granted a certain permissions. In vSphere, a role is simply a set of privileges and that is it. It’s natural to think of a role as a group sometimes, but it’s really not. Read more... (377 words, 1 image, estimated 1:30 mins reading time)
This is by Boris Strongin, VP Engineering and Co-founder, Hytrust Inc at our first community meetup on May 18. He reviews new security, auditing, and compliance challenges coming with cloud multi-tenancy, and approaches to address them.
Check out these slides for his insights: Read more... (44 words, estimated 11 secs reading time)
This is the tech talk by Elsa Bignoli, who is now a Software Engineer at Altor Networks (part of Juniper now). Elsa is one of the contributors to our open source vSphere (VI) Java API.
Check out her presentation slides below: Read more... (42 words, estimated 10 secs reading time)
One of my colleagues asked me about vShield API and pointed me to the vShield API Programming Guide. I have of course heard about the vShield many times, but haven’t tried it out, let alone its API. But that doesn’t mean I cannot read it on demand. In fact, such questions motivate me to learn more beyond vSphere API. So keep your questions coming if you have one.
Here is what I found out after reading the programming guide. I have to admit I haven’t written any code connecting to a vShield test-bed, so I just share some basics of the API. Overall I found it’s similar to the vCloud API that I had worked with before in format and protocol.
Somehow the API does not, but I think should, Read more... (1320 words, estimated 5:17 mins reading time)
In my previous post, I introduced how to change a virtual machine’s vmx file programmatically and promised to post a full sample in my presentation at VMware Parter Exchange 2011. Now that the conference is over, it’s time to post it.
The sample is based on guideline VMX03 in vSphere security hardening guide: disable copy/paste to remote console. To me, allowing copy and paste to remote console like vSphere Client is a nice feature which can save you a lot of time. When security is a concern, however, you may want to disable it.
I will not discuss when you should disable/enable it because it really depends on your requirements. In most cases, security and convenience contradict with each other. I leave it for you to decide the right balance, but show you how you can check the setting and change it here.
Like most samples I write, Read more... (467 words, estimated 1:52 mins reading time)
Security is a very important aspect of application development. Tonight I learned a new security framework called Apache Shiro, the successor to the JSecurity project.
It’s a great talk given by the founder and lead of the project, Les Hazlewood, who relocated to Bay area not long ago for starting his company katasoft. The presentation ran over for one hour but still got most people seated. Read more... (272 words, estimated 1:05 mins reading time)
RSA just had its annual conference at San Francisco this past week. Intel, VMware and RSA demoed how to build up layers of trust in data centers in the conference. Read more... (199 words, estimated 48 secs reading time)
newScale recently announced it would support VMware vCloud API in a press release.
San Mateo, Calif. - February 17, 2010 – newScale®, Inc., pioneers of the self-service IT storefront for the enterprise, today announced it will support the VMware vCloud API, a key component of the VMware vCloud initiative. Enterprises and service providers integrating with the VMware vCloud API can now use the newScale FrontOfficeTM Suite to effectively manage and control self-service requests for cloud resources as well as their physical and virtual environments.
This announcement underscores newScale’s continuing commitment to supporting multi-vendor, cross-platform data center and cloud infrastructures. The newScale FrontOffice Suite - a complete set of Service Catalog solutions for managing IT services from cradle to grave – integrates with VMware vSphereTM 4 and VMware vCenterTM Server. newScale is also a member of the VMware Technology Alliance Partner (TAP) program. By leveraging the VMware vCloud API, newScale demonstrates its ongoing support for a wide range of virtualization and cloud infrastructures, giving newScale customers maximum flexibility, efficiency, and agility in their data center deployments. Read more... (249 words, 1 image, estimated 1:0 mins reading time)
Done with the four day training, finally! It’s pretty exhausting given that I had to get up two hours earlier to match the Central time schedule.
JavaServer Faces (JSF) technology was created to solve this problem. It a server-side framework, which provides GUI components, manages their states from the server side, handles events, and etc. You can then develop a web app more like the standalone application in some sense. Because JSF manages the state from the server side, it uses more resources and less performant than it’s JS/AJAX equivalent.
Spring Faces is not a replacement for JSF, but complements in the “Spring” way. It facilitates deeper JSF and Web Flow integration, manages JSF components’ states, and provides more lightweight JSF components. Therefore, you can get leaner web application than using pure JSF.
Several tools can be handy for your debugging: Read more... (708 words, 2 images, estimated 2:50 mins reading time)