Category Archives: GitHub

Developers Hit With Big, Unexpected AWS Bills, Thousands on GitHub Exposed

Amazon Web Services (AWS) is urging developers using the code sharing site GitHub to check their posts to ensure they haven’t inadvertently exposed their log-in credentials.

When opening an account, users are told to “store the keys in a secure location” and are warned that the key needs to remain “confidential in order to protect your account”. However, a search on GitHub reveals thousands of results where code containing AWS secret keys can be found in plain text, which means anyone can access those accounts.

From a security perspective it means they can basically go in and gain access to any of the files that are stored in the AWS account.

According to an AWS statement,  ”When we become aware of potentially exposed credentials, we proactively notify the affected customers and provide guidance on how to secure their access keys,”

There is more detail (and some cautionary tales involving big, and unexpected, AWS bills) here.

Breaking: GitHub Back Up After Today’s DDoS Attack

GitHub was essentially down for about an hour today, starting at around 11 am Eastern (1500 UTC) due to a reported DDoS attack. From their status page:

15:05 UTC We’re currently experiencing a large DDoS attack. The site is experiencing major packet loss and is mostly unavailable. We’re working to further mitigate the attack.

16:10 UTC We’ve mitigated the DDoS attack and the site should responding normally. We’re still investigating the cause of the small increase in exceptions when accessing the GitHub API.

Gigaspaces Cloudify Partners with OpSpaces for Chef Onboarding

GigaSpaces Technologies, with its new release of the open source Cloudify product, has partnered with OpsCode for a dedicated Chef integration that caters to diverse application stacks and systems.

“The concept of DevOps and recipes can go well beyond setup, to actually manage the entire lifecycle of your applications—from setup, to monitoring, through maintaining high availability, and auto-scaling when required.  This is where Cloudify and Chef come together,” says Bryan Hale, Director of Business Development for OpsCode. “By enabling users to leverage the power and variety of Chef recipes and cookbooks to deploy services, Cloudify supports comprehensive application level orchestration on any cloud.”

In addition to the integration with Chef, this new release also includes the following features:

  • Complete application-level orchestration, allowing automated provisioning, deployment, management and scaling of complex multi-tier apps to any cloud environment
  • Built-in, ready to use recipes for common big data components, such as Hadoop, Cassandra and MongoDB.
  • Support for non-virtualized environments (AKA Bring Your Own Node), allowing you to treat an arbitrary set of server as your “Cloud” and have Cloudify deploy and manage applications on these servers.
  • Comprehensive REST API for easy integration with third-party tooling and programmatic access.
  • Support for all the common cloud infrastructures, including OpenStack, HPCloud, RackSpace, Windows Azure, Apache CloudStack, Amazon AWS and vCloud.

In addition, Cloudify now also simplifies the complexities involved with deploying big data applications to the cloud.  It is well-known that the massive computing and storage resources that are needed to support big data deployments make cloud environments, public and private, an ideal fit.  But managing big data application on the cloud is no easy feat – as these systems and applications often include other services such as relational and non-relational databases, stream processing tools, web front ends and more, where each framework comes with its own management, installation, configuration, and scaling mechanisms.  With its new built-in recipes, Cloudify provides consistent management and cloud portability for popular big data tools, exponentially reducing the operational and infrastructure costs involved with running these systems.

“We’re seeing a growing market trend for the need to migrate applications – not just in one-off processes anymore – but on a much larger scale, by enterprises, managed service providers, and ISVs alike, who are looking to take advantage of the cloud promise—while until now, only about 5% have actually been able to do so,” says Uri Cohen, Vice President of Product Management at GigaSpaces. “The beauty of Cloudify and its recipe-based model is that it enables you to simply and smoothly take both new and existing applications to the cloud by the tens and hundreds through Cloudify’s built-in recipes and the new integration with OpsCode’s Chef, in very short time frames.”

You can fork the Cloudify code from GitHub, or download the Cloudify GA release.