How to securely hook up a cloud management platform in your private datacenter

Security-+-Virtual-Appliance-(Blog)

Most customers prefer cloud application lifecycle management as a SaaS service. But we’re conscious of companies whose high-security constraints like limited datacenter Internet access or fully controlled periodic backups require an on-premise solution. For those companies and DevOps users, ElasticBox is available as a virtual appliance.

Today, the ElasticBox virtual appliance is an OVF package for vCenter vSphere and in QCOW2 format for OpenStack. To get access to all the same functionality as the SaaS solution, the only thing you have to do is install the virtual appliance in your virtual platform and plug into your datacenter network. At which point, you experience ElasticBox hosted on your infrastructure where you get the same controls to manage, backup, and restore as you do on other systems in your datacenter.

At ElasticBox, we care deeply about security and for this reason all the communication for the SaaS and the virtual appliance solutions are encrypted. By default, we ship the virtual appliance with a certificate signed by ElasticBox. But using the appliance setup console, you can set up a certificate signed by a trusted CA or install your self-signed certificate.

To create and install a self-signed certificate in the ElasticBox virtual appliance, follow these steps:

  1. Install the OpenSSL toolkit available for most OS platforms such as OSX, Windows, Linux, Solaris.
  2. Generate a private key and certificate by running this command on your local terminal:
    
    openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout my_private_key.key -out my_certificate.crt
    

    This example generates a 2048 bit RSA private key (my_private_key.key) and an SSL certificate (my_certificate.crt) valid for 365 days.
    paulino-sslcert-openssl

  3. To configure the certificate in the virtual appliance, open the ElasticBox setup console.

    paulino-access-appliancesetupconsole

  4. Under System Settings, upload both the SSL certificate and the private SSL key. The virtual appliance verifies that both the key and the certificate (CRT) files are valid.

    paulino-configuresslcert-applianceconsole

  5. Save the changes.

Right away, the virtual appliance restarts and applies the SSL changes so that the next time you log in to ElasticBox, the SSL certificate will facilitate a secure connection.

ElasticBox simplifies the way companies deploy applications in the cloud by providing a layer of abstraction on top of the cloud infrastructure. This layer orchestrates the steps required to automate the continuous delivery of your application lifecycle on the target infrastructure. You can download the ElasticBox virtual appliance and try it for free. To learn more about how to install and configure it, see our documentation.

Hacker News

Categories: Cloud Application Management, Cool Features & Tutorials, DevOps, ElasticBox
Tags: , , , , ,