One place for hosting & domains

      Dedicated Private Cloud vs. Virtual Private Cloud: What’s the Difference?


      What is the difference between a dedicated private cloud and a virtual private cloud? As solutions architects, this is a question my teammates and I hear often. Simply put:

      • Dedicated Private Cloud (DPC) is defined as physically isolated, single-tenant collection of compute, network and sometimes storage resources exclusively provisioned to just one organization or application.
      • Virtual Private Cloud (VPC) is defined as a multi-tenant but virtually isolated, collection of compute, network and storage resources.

      A simple analogy comparing the two would be choosing between a single-family private home (DPC) versus a condo building (VPC).

      Despite the differences, both dedicated and virtual private clouds offer secure environments with flexible management options, which allow you to concentrate on your core business instead of struggling to keep up with daily infrastructure monitoring and maintenance.

      Let’s discuss each cloud product in greater depth and review use cases for dedicated vs. virtual private clouds. I’ll use INAP’s dedicated private cloud (DPC) and virtual private cloud (VPC) products as examples for the DPC and VPC differentiators.

      Dedicated Private Cloud (DPC)

      DPCs are scalable, isolated computing environments that are tailored to fit unique requirements and rightsized for any of workload or application. DPCs are ideal for mission-critical or legacy applications. When applications can’t be easily refactored for the cloud, a DPC can be a viable solution.  DPC is also ideal for organizations seeking to reduce time spent maintaining infrastructure. You do not need to sacrifice control, compliance or performance with a DPC. INAP DPCs are built with trusted enterprise-class technologies powered by VMware or Hyper-V.

      DPC use cases:

      • Compliance and audit requirements, such as PCI or HIPAA
      • Stringent security requirements
      • Large scale applications with rigorous performance and/or data storage requirements
      • Legacy applications, which may require hardware keys or specific software licensing components
      • Data center migration — scale physical compute, network and storage capacity as needed without significant investments in data center build outs
      • Complex network requirements, which may include MPLS, SDWAN, private layer 2 connections to customers, vendors or partners
      • Fully-integrated active or hot-standby disaster recovery environments
      • Infrastructure Management Services, all the way to the operating system
      • High CPU/GPU/RAM requirements
      • AI environments
      • Big Data
      • Always on applications that are not a fit for hyper-scale providers

      INAP’s DPC differentiators:

      • Designed and “right-sized” to fit your application, economics and compliance requirements
      • Built with enterprise-class technologies and powered by VMware or Hyper-V.
      • Utilize 100 percent isolated compute and highly secure, single-tenant environments perfect for PCI or HIPAA compliance.
      • Flexible compute and data storage options which allow you meet any application performance and growth requirements.
      • OS Managed services free up time from routine tasks of patching
      • Transparency into the core infrastructure technology allows you complete visibility in the inter-workings of the environment.
      • No restrictions on sizing of the VMs or application workloads because the infrastructure is custom designed for your organization specific technology needs.
      • SDN switching for flexible, quick and easy network management or dedicated switching for complex network configurations to meet any network requirements.
      • MDR security services available, which include vulnerability scanning, IDS/IPS, log management with SOC (Security Operations Center)
      • Off-site cloud backups and fully integrated and managed DRaaS available.

      Virtual Private Cloud (VPC)

      VPCs are ideal for applications with variable resource requirements and organizations seeking to reduce time spent maintaining infrastructure without sacrificing control of your virtual machines, compliance, and elasticity. They provide a customized landscape of users, groups, computing resources and a virtual network that you define. Different organizations or users of VPC resources do not have access to the underlying hypervisor for customization or monitoring plugin installation.

      VPCs are pre-designed for smaller to medium workloads and provide management and monitoring tools. They allow for very fast application deployment because the highly available compute, security, storage and hypervisors are already deployed and ready for your workload.

      VPC use cases:

      • Small to medium sized workloads with 10 to 25 VMs and simple network requirements
      • Applications with lower RAM requirements
      • Ideal for additional capacity needed for projects. Deploy in hours—not days.
      • Quickly spin up unlimited Virtual Machines (VMs) per host to support new projects or peak business cycle’s ability to quickly add resources on demand

      INAP’s VPC differentiators:

      • Designed for fast deployments enabling you to eliminate lengthy sourcing and procurement timelines
      • Shield Managed Security services included
        • 24/7 physical security in SSAE 16/SOC 2 certified Data Centers
        • Private networks & segmentation
        • Account security for secure portal access
        • DDoS protection & Mitigation
      • OS Managed services free up time from routine tasks of patching
      • Easy to use interface simplifies management and reduces operational expense of training IT staff
      • Off-site Cloud Backups and Fully integrated On-Demand (Paygo) DRaaS available
      • MDR security services available, which include vulnerability scanning, IDS/IPS, log management with SOC (Security Operations Center)

      Next Steps

      Do you know which private cloud model will work with your company’s workload and applications? Whether you’re certain that a DPC or VPC will be a good fit or you’re still unsure, INAP’s experts can help take your cloud infrastructure to the next level. Chat today to talk all things private cloud.

      Explore INAP Private Cloud.

      LEARN MORE

      Rob Lerner


      READ MORE



      Source link

      Network Redundancy vs. Network Diversity: What’s the Difference, and Do I Need Both?


      Network redundancy is a duplicated infrastructure where additional or alternate instances of network devices and connections are installed to ensure an alternate path in case of a failure on the primary service. This is how you keep your business online and available should your main path of communication go down.

      While redundancy is great, many times services are in the same data center, share the same fiber bundle, patch panel or equipment. In fact, hardware failures and fiber cuts are the leading causes of network outages today.

      Being redundant may not protect you as well as planned.

      Network Redundancy vs. Network Diversity

      A duplicate or alternate instance of your network doesn’t always protect you from the leading causes of network outages, and it can’t always protect you from less frequent, but more catastrophic incidents, like floods or fires. Sometimes construction work, human error and even squirrels can interrupt your network service. To protect against these scenarios, network diversity is the answer.

      Network diversity takes redundancy one step further, duplicating your infrastructure on a geographically diverse path, in another data center or even in the cloud.

      Achieving Network Diversity Through Geographic Redundancy

      Diversity is key. Being geographically diverse protects you from weather events, construction and other single location incidents. If your redundant site is in a different state, or even in another country, your chances of two impacting events at the same time are significantly lessened. For even greater resiliency, you can move your redundancy or disaster recovery to the cloud via a Disaster Recovery as a Service solution.

      Achieving Network Diversity via Multihomed BGP

      You can achieve network diversity by being in geographically diverse data centers with the use of multihomed BGP. INAP offers the use of several BGP communities to ensure immediate failover of routing to your data center environment in case of a failure. Additionally, through INAP’s propriety technology, Performance IP®, your outbound traffic is automatically put on the best-performing route.

      Achieving Network Diversity Through Interconnection

      Another consideration is the connection from the data center to your central office. One can assume just because you have two different last mile providers for your redundancy that they use different paths. This usually is not the case; many fiber vaults and manholes are shared. This can result in both your primary and back up service being impaired when a backhoe unearths an 800-strand fiber. Ask the provider to share the circuit path to ensure your services are on diverse paths. INAP works to avoid these issues by offering high capacity metro network rings in key markets. Metro Connect interconnects multiple data centers with diverse paths, allowing you to avoid single points of failure for your egress traffic.

      Conclusion

      Redundancy is key to maintain the demanding uptime of today’s business. In most cases this does the job, however if your model is 100 percent uptime, it may be beneficial to start investing in a diverse infrastructure, as well.

      Explore INAP’s Global Network.

      LEARN MORE

      Erik Irwin
      • Director, Advanced Services, Global Network Services


      READ MORE



      Source link

      What’s New in Debian 10 Buster


      Introduction

      The Debian operating system’s most recent stable release, version 10 (Buster), was published on July 6, 2019, and will be supported until 2022. Long term support may be provided through 2024 as part of the Debian LTS Project.

      This guide is a brief overview of the new features and significant changes to Debian since the previous release. It focuses mainly on changes that will affect users running Debian in a typical server environment. It synthesizes information from the official Debian 10 release notes, the Debian 10 release blog post, kernelnewbies.org, and other sources.

      Summary of Changes and Major Package Versions

      Generally, Debian stable releases contain very few surprises or major changes. This remains the case with Debian 10. Beyond a few networking and security changes — which we will cover in subsequent sections — most updates are small modifications to the base system and new versions of available software packages.

      The following list summarizes a select list of Debian 10 software updates. The versions that shipped in Debian 9 are included in ( ) parentheses:

      System

      Web Servers

      Programming Languages

      • Go 1.11 (from 1.7)
      • Node.js 10.15.2 (from 4.8.2)
      • PHP 7.3 (from 7.0)
      • Python 3.7.2 (from 3.5.3)
      • Ruby 2.5 (from 2.3)
      • Rust 1.34 (from 1.24)

      Databases

      The following sections explain some of the more extensive changes to Debian 10.

      Linux Kernel 4.19

      The Linux kernel has been updated to version 4.19. This is a long-term support kernel that was released on October 22, 2018 and will be supported until December of 2020. For more information on the different types of Linux kernel releases, take a look at the official Linux kernel release and support schedule.

      Some new features and updates that were released between kernels 4.9 and 4.19 include:

      • Virtual GPU support, which enables GPU hardware to be shared between multiple virtual machines instead of being passed-through directly to one. (4.10)
      • Performance improvements for large-scale SSD-based swap. (4.11)
      • Improved in-kernel TLS acceleration. (4.13)
      • Improvements to the Ext4 filesystem, including support for billions of directory entries, and extended attributes that can be up to 64k in size. (4.13)
      • Support for 4 petabytes of physical memory, up from 64 terabytes. (4.14)
      • Meltdown and Spectre vulnerability updates, along with other CPU vulnerability patches. (4.15)
      • Support for using cgroups to set I/O latency targets for block devices. (4.19)

      For more information on Linux kernel updates, kernelnewbies.org maintains a detailed and beginner-friendly changelog summary for each release.

      AppArmor Enabled by Default

      AppArmor is an access control system that focuses on limiting the resources an application can use. It is supplemental to more traditional user-based access control mechanisms.

      AppArmor works by loading application profiles into the kernel, and then using those profiles to enforce limits on capabilities such as file reads and writes, networking access, mounts, and raw socket access.

      Debian 10 ships with AppArmor enabled and some default profiles for common applications such as Apache, Bash, Python, and PHP. More profiles can be installed via the apparmor-profiles-extra package.

      See the AppArmor documentation for more information, including guidelines on how to write your own AppArmor application profiles.

      nftables Replaces iptables for Packet Filtering

      In Debian Buster the iptables subsystem is replaced by nftables, a newer packet filtering system with improved syntax, streamlined ipv4/ipv6 support, and built-in support for data sets such as dictionaries and maps. You can read a more detailed list of differences on the nftables wiki.

      Compatibility with existing iptables scripts is provided by the iptables-nft command. The nftables wiki also has advice on transitioning from iptables to nftables.

      Apt supports https repositories by default in Debian 10. Users no longer need to install additional packages before using https-based package repos.

      Additionally, unattended-upgrades — the system Debian uses to perform automatic updates from the security repository — now also supports automating point-release upgrades from any repo. These upgrades are usually small bug fixes and security updates.

      Conclusion

      While this guide is not exhaustive, you should now have a general idea of the major changes and new features in Debian 10 Buster. Please refer to the official Debian 10 release notes for more information.



      Source link