Just about every software engineer has had the experience of onboarding with a new team and spending a day, a week or more getting their development environments situated so they can actually run the application they signed up to work on and start committing code and being productive. Some teams try to improve upon this by maintaining a team wiki that documents setup instructions and may even include setup scripts. Unless these are actively maintained and curated they may cause more harm than help, leading the new developer down dead ends and on wild goose chases.

The best solution is less narrative and more executable documentation. One tool that many developers use to facilitate this and one we use on the infrastructure automation team at CenturyLink Cloud is Vagrant. Vagrant is a tool that makes it easy to share virtual environments across different virtualization platforms and makes destroying and recreating those environments an easily repeatable process. It also provides a mechanism that allows you to code in your native environment while your app runs in a VM.

In my first few months on the CenturyLink Cloud team, I worked on a Windows machine using Hyper-V for virtualization. Now I’m on an Ubuntu...

Read on...

Transparent Corporate Access to the CenturyLink Public Cloud

Identity and Access Management solutions help enterprise IT integrate multiple systems with existing authentication services. These capabilities play a crucial role in public cloud services, where IT is keen to avoid “shadow IT” and deliver self-service access to resources without compromising important InfoSec policies.

Simplifying this process for our customers via automation is a top priority – that’s why our Control Portal includes APIs and webhooks. We also support SAML for federation, single sign-on (SSO) and multifactor authentication (MFA).

That’s “identity.” So what about “access”?

Today, we released a new permissions model that implements an expanded role-based access control (RBAC) capability. These new features empower administrators to grant more granular access to specific areas of the CenturyLink Cloud Control Portal to users.

We’re rolling out eight roles (below) with varying degrees of access, each specifically designed to align with job functions seen within many enterprises today.  The upshot is fine-tuned access control, and enabling a “least-privilege” approach to enterprise cloud management.

Cloud Access that Looks Like Your Current Access

These roles reflect the most frequently requested levels of access, mapping to unique personas.  They range from full control (Account Administrators), specialized areas of expertise (Server Administrators, Server Operators,...

Read on...

When enterprises make decisions on which cloud services to consider, security is the ultimate “table stakes” capability that any cloud provider must prove. There has been great innovation in the industry to assuage mainstream adopters, but not all cloud service providers are consistent in areas of identity management, network security, data security, threat prevention, and more.  Organizations and individuals still need to pay close attention to whether cloud service providers are delivering these five main security features:

Read on...

The CenturyLink Platform Team recently spent two weeks together in the city of St George in Southwest Utah. In what’s become an annual event, the team—including developers, testers, product managers and design—stayed in the “Hack House” to work on our Cloud Platform, as well as get to know each other outside the confines of our beautiful new office. By spending the time to connect with each other, we build trust and empathy, which enables us to interact and collaborate at a higher level. We’re firm believers that if you actually like your coworkers, you’ll be happier and do better work because of it. The Hack House is a great way to forge this bond.

At the top of Angel’s Landing

However, just because we went away to sunny and dry Southwest Utah, doesn’t mean we spent the whole time hiking in Zion National Park. The focus of the development iteration centered around new role based access controls and feature flags for individual data centers, which will be released tomorrow. Still, during down time everyone took advantage of what the area had to offer, from hiking, photography, and mountain biking, to fixing that bug that always bothered you but never had time for...

Read on...

Today, Cloud Application Manager announces the launch of Cloud Reports to help companies manage and control their cloud footprint and resulting costs across cloud service providers. This new offering provides IT managers with comprehensive tools they need to understand, track and optimize spend and usage across all their cloud resources on AWS, Google Cloud, and Microsoft Azure.

We’ve found that more than 50 percent of our customers companies today use more than one cloud provider. As more companies disperse their resources across multiple cloud services, it’s increasingly difficult for them to fully understand the return on those investments.

Enter Cloud Application Manager Cloud Reports, a new product that aims to help companies manage their spend and monitor usage across multiple cloud platforms all in one place. Beyond spend-tracking or reporting, it provides insights into how teams or applications are using resources so companies can optimize costs for each provider and deploy resources where they make the most sense.

With Cloud Application Manager Cloud Reports companies can:

Track spending on cloud providers such as AWS, Google Cloud, and Microsoft Azure

In addition to tracking overall spend on each cloud provider, customers can also track spend for different provider accounts, services, instance sizes, and datacenter locations.

Compare...

Read on...

Q&A with James Newkirk, CenturyLink Cloud VP of Engineering

This week CenturyLink will celebrate the opening of our Cloud Development Center in Bellevue, WA.  I sat down with James Newkirk, Engineering VP for CenturyLink Cloud, who anchored the team designing and overseeing the build out of the new Center’s space to get his insights on what went into the design.

Why did we select Bellevue, WA as the home of our new Cloud Development Center?

Seattle and its surrounding area are the growing center of the cloud universe. We know that if we want to tap into the growing talent pool of cloud computing experts and developers, the greater Seattle area is a great place to be.

We chose our new location in Bellevue for a couple of reasons.  First, as a nod to our heritage with Tier 3 which was founded and headquartered in Bellevue.  Secondly, was access to transportation – a lot of employees use public transport and our new location is close to the transit center.  Finally it’s very central to great restaurants – we wanted employees to have options to get quality food on lunch breaks or easy access to social outlets. We all know engineers like food.

It’s a...

Read on...

Today we are excited to release six managed Cloudera Blueprints, the newest managed service in the CenturyLink Cloud big data Blueprints portfolio, which also includes Cassandra and MongoDB solutions.

The Apache Hadoop open-source project solves all sorts of big data problems, but for many it’s difficult to deploy and manage. Cloudera solves this problem by provisioning and managing Hadoop components in a manner that allows users to focus on their data sets. And now, with the CenturyLink Cloud Blueprint for Cloudera – a deployable configuration that brings the new environment online in a couple of clicks—users can take all of the complexity of Hadoop and shrink it down to one black, err blue, box:

Running Hadoop with Cloudera and CenturyLink Cloud combines simplicity, superior performance and flexibility, allowing businesses to utilize their data to drive innovation faster than ever before. By deploying Cloudera on CenturyLink Cloud, customers get all of the expected benefits of hourly pay-as-you-go self-service, agility, elasticity and governance. Given that the service is also managed, customers can also take advantage of software updates, patching and general cluster management. It’s an easy way for IT pros and database administrators to get their cluster provisioned and managed.

Making Managed Cloudera Easy

Automating a...

Read on...

Google is a relatively new player in cloud computing. They were one of the first clouds to provide a PaaS solution with Google App Engine, but one of the last to provide IaaS options.

One of the biggest differentiators and a draw for Google Cloud is their Google Compute Engine global software defined networking (SDN) capability. Unlike other providers, every network in Google Compute Engine (GCE) is a global network, that is, a network that spans every region and availability zone. Further, latency and throughput between regions almost defies the laws of physics. These network capabilities dramatically simplify deploying applications that run on a global scale.

If you want to take advantage of one of the fastest growing IaaS technologies in the market, how do you go about moving all your data and infrastructure to GCE? In this post, we’ll show you how to connect your private network with GCE using Cloud Application Manager.

For this purpose, we created an IPSEC box that creates a tunnel between the 2 networks using Linux and Openswan.

The first instance of this box is deployed in the GCE network. It is assigned an ephemeral IP and supports IP Forwarding:

The box is deployed without bindings, which sets it...

Read on...

A bit of awesome sauce for today — we are thrilled to announce our partnership with Couchbase, the only enterprise grade NoSQL database in the market.

Together with Couchbase, we have created Couchbase Server and Couchbase Sync Gateway Boxes for Cloud Application Manager, allowing our users to quickly deploy and run web and mobile applications powered by Couchbase technology in the cloud.

The new Couchbase Boxes are bringing unprecedented opportunities for developers to build complex NoSQL applications in-house. The Boxes make it easy to build and deploy complex multi-tiered applications powered by Couchbase Server and Couchbase Mobile.

The best part? Those boxes are already right there for you on Cloud Application Manager. You just need to log on to Cloud Application Manager or sign up, if you don’t have an account already.

Benefits of Couchbase Boxes on Cloud Application Manager:

• Stick to best practices: Have you tried deploying Couchbase Server of Couchbase Sync Gatewaydatabase yourself? By using the Couchbase boxes, you can be sure that they are using the best practices when deploying Couchbase technology.
• Scale with ease: You and your IT teams can now quickly launch new Couchbase Server and Couchbase Sync Gateway instances and respond to rapidly changing business requirements or increasing demand. Use

Read on...

If you have recently received the bill from your cloud provider, you may be still wondering how you spent all this significant amount of money in cloud resources. And if you’re using multiple cloud providers (like we do at Cloud Application Manager), this problem is even more complicated. Evidently, you need to have much better insight into where your expenses are going. Resource tagging is a crucial technique to improve the cost efficiency and reduce your infrastructure bill.

Without tags, you won’t be able to confidently know what each of your instances is doing, which instances have been provisioned and which you can power off. This technique is even more important when using autoscaling systems that automatically add and release resources based on the workload of your application.

Tagging your cloud resources allows you to add metadata to your resources in the form of key-value pairs. Hence your tag-key must be a meaningful value that represents how you want to report this resource, while the tag-value should give you an insight of what you want to report on. These tag-keys will appear as columns in the reports of your cloud providers. Therefore they may be descriptive enough to help you to break...

Read on...

Cloud Application Manager can help you manage application delivery on a number of different clouds. Today, let’s focus on CloudStack, the stack with the $$ behind it.

CloudStack vs. OpenStack

OpenStack gets a lot of air cover compared to CloudStack. The main reason is the strategy behind CloudStack. CloudStack’s parent company, Citrix, has executed a clear roadmap under the umbrella of the Apache Foundation. As a result, in comparison to OpenStack, its community is much smaller and the vision more targeted.

The results are more focused and, to some extent, more practical to implement. We have seen many successful implementations of CloudStack that leverage Cloud Application Manager to fully cover all aspects of a modern IT Organization.

Why Use Cloud Application Manager to Manage a CloudStack Deployment

To get started, register your CloudStack in Cloud Application Manager. You can do this with either the SaaS version or by installing the Cloud Application Manager Virtual Appliance in your own environment.

Once registered, CloudStack will show...

Read on...

AWS CloudFormation is a very useful deployment mechanism provided by AWS and fully supported by Cloud Application Manager. We’ve recently made some changes to our product and one of the results is a very interesting AWS CloudFormation use case – splitting up gigantic and monolithic AWS CloudFormation templates into smaller, more manageable templates.

First, A Little Background

AWS CloudFormation is essentially a way to programmatically define and provision cloud infrastructure, via a JSON template. CloudFormation templates can be used for tasks such as setting up VPCs, creating autoscaling groups and launching EC2 instances into different network configurations.

Several enterprises are using CloudFormation templates to deploy increasingly complex infrastructure configurations. As a result, power users are rapidly discovering that their templates have become large, monolithic and extremely difficult to maintain.

Why Not Just Split Them Up?

In theory, splitting up a monolithic CloudFormation template into a set of smaller, manageable modules seems straightforward, but there are a few challenges.

• Since these modules contribute to a larger, overarching infrastructure deployment, users need a way to specify dependencies and ensure that the modules are deployed in the right order.
• These modules need a way to communicate with each other and share information such that one can take over where the

Read on...