Wednesday, September 11, 2019

GitLab security release: 12.2.5

The GitLab project has released a new update that contains some important security updates. We recommend that all GitLab installations be upgraded immediately to the new version of GitLab (GitLab 12.2.5).

Although the new version is now publicly available, the vulnerabilities details will not be made public on the GitLab issue tracker for approximately 30 days. The information disclosed to date is the following:

  • Project template functionality could be used to access restricted project data (CVE-2019-16170)
  • Security enhancements in GitLab pages
  • Nginx HTTP 2 security update (CVE-2019-9511, CVE-2019-9513, and CVE-2019-9516)
  • Mattermost updates

You can find more information about this issue in GitLab's official blog post.

Bitnami has released a new version of Bitnami GitLab 12.2.5 for both virtual machines and cloud images that fixes these vulnerabilities. If you are running an outdated version of GitLab, please follow the instructions to upgrade the application.

Do you have questions about Bitnami GitLab or this security issue? Please post them to our community forum. We will be happy to help you.

Monday, September 9, 2019

Start Deploying your PHP Applications to Production with Bitnami LAMP Production-Ready

LAMP is one of the most popular open source web service stacks used for developing dynamic websites and web applications. It is comprised of a set of well-known components that help developers create their applications quickly. LAMP is so prominent in the community because it provides a complete framework for creating high-performance web applications that saves you hours of coding.
Its components include a Linux operating system, an Apache HTTP Server, a MySQL relational database, and PHP as the programming language. When launching the Bitnami LAMP stack, you will get a ready-to-run package that includes all of the components above. 
LAMP is an essential component of every developer’s tool kit.  But what happens when you need to move your applications from development to production environments? This is where Bitnami can help. Bitnami has recently released the LAMP Production-Ready stack, which provides both high-availability and security for mission-critical use cases.  
In this blog post, you will learn about the main features of this production-ready stack and the most common use cases that this stack should be used for. 

Take the Performance and Security of Your PHP-based Applications to the Next Level

The LAMP Production-Ready architecture was designed to address your production needs. It adds an extra layer of security and ensures high-availability for your PHP applications even in the most traffic demanding environments.  The following are the features that you will benefit from when deploying this solution: 
  • High-Availability architecture with two availability zones in the AWS regions to ensure that your cluster can continue working if a node (or a whole AWS zone) goes down.
  • Replication model designed to distribute workloads across multiple application services.  
  • Elastic Load Balancer (ELB) is added to distribute HTTP and HTTPS requests across the application instances, ensuring the maximum performance with a high number of connections.
  • Virtual Private Cloud (VPC)with public and private subnets. In both public and private subnets, an Auto Scaling Group is configured in each node to ensure dynamic, on-demand horizontal scaling. In addition to this, the EC2  instances that host the application servers are isolated in private subnets. Inbound traffic is allowed via Elastic Load Balancer (ELB)  while outbound traffic is managed through a NAT Gateway. This configuration increases the security of the cluster dramatically.
  • Data and code (Aurora MySQL database and application servers) are separated in different instances improving the safety and access control. 
  • Database cache performance is enhanced with an ElastiCache cluster, boosting the performance of the entire deployment. Also, Amazon Aurora provides auto-backup, geographic redundancy, and automatic replication, making it perfect for production environments. 

As you can see in the diagram below, the load balancer manages all user’s requests. It distributes the workload through the different application instances hosted in a private subnet. This configuration makes your application adaptable to the most demanding scenarios, even when a node is down, or if there are concurrent connections at any one time.

LAMP Production-Ready architecture diagram

When should you be using the Bitnami LAMP production-ready stack? 

As a developer, you probably have been in multiple situations where your applications required high-availability and automatic horizontal scaling. These are some examples of websites or applications that the Bitnami LAMP Production-Ready stack addresses perfectly: 

  • PHP-based news or social sites: In this case, your application has high traffic and requires both high-availability, distributed workloads, and scalability. This is the typical scenario of WordPress and Drupal websites or social networks such as Diaspora. 
  • PHP-based e-commerce, shopping, or ticketing web applications: This kind of applications usually require reliability, geographic redundancy, failover, and data backups. That happens, for example, to shops based on Magento, Prestashop, or Woocommerce. 
  • Custom web application and REST/HTTP/SOAP API that needs an extra layer of security, access control, availability, and scalability. 

What’s next?

Try the LAMP Production-Ready Cloud Formation Template (CFT) directly from the AWS Marketplace to see how it can help you face the most critical and high-demanding environments. 
Once you click  “Launch” in the AWS Marketplace listing, you will be redirected to the CloudFormation Management Console. From there, you only need to configure some parameters of the template such as the network,  Linux bastion, and ElastiCache configuration. Then, click “Create” and wait for the template to deploy all the required resources in the AWS servers. In less than an hour, your LAMP Production-Ready stack will be available and ready to use.
Follow this detailed get-started guide to complete the process. Once you have the solution deployed, you will be able to install your custom application and run it directly into a production environment! 

Wednesday, August 14, 2019

Learn How to Navigate Multi-Cloud and Kubernetes with Bitnami at VMworld

Join us at VMworld 2019 US, August 25-29, in San Francisco to learn more about what the Bitnami team has been up to. Check out our sessions below, and add them to your VMworld agenda today.

Sessions and Keynotes:

Showcase Keynote: Kubernetes and the Cloud Native Journey

Leading enterprises are increasingly defined by their ability to develop software. That’s why they are turning to Kubernetes and cloud native principles to speed developer velocity and drive resource efficiencies. VMware has unmatched expertise to guide this journey—hear from the creators of Kubernetes, the architects working hands-on with customers and the engineers building new solutions. We will show you how to lead the cloud native conversation at your organization—to change your trajectory—by managing hundreds of users and thousands of Kubernetes clusters across multiple clouds. Maximize your VMworld experience by exploring new territory with our expert team.

The Multi-cloud Builder's Journey

Modern enterprise software development targets multiple cloud environments and involves heavy use of open source software, whether operated in-house or consumed as a service. This session will walk you through how Bitnami helps IT organizations on their journey from ideation and prototyping to deploying their apps in production. With the Bitnami application catalog developer teams can experiment and iterate quickly and easily, whether locally, on Kubernetes or the cloud. With Bitnami content, ops teams can trust deployed applications are secure, up-to-date and can set-up the applications to be compliant with corporate policies, regardless of which cloud they are deployed in.

Securing the Software Supply Chain in a Multi-Cloud World

Open Source and Cloud Technologies have exponentially increased both agility and complexity for developers, security, and operations teams. With the rampant consumption of software, dependencies and formats from an ever-increasing number of sources, many Enterprise IT organizations struggle to answer the basic questions: what’s inside my app and where did it come from? Bitnami will share learnings from over a decade in the software packaging industry. You will learn about the Software Supply Chain, its susceptibility to attack and how that’s compounded in the Open Source community, and leave with the best first steps to take to secure your Software Supply Chain; from sourcing, through deployment and ongoing maintenance and key strategies for implementing this at scale across multiple teams as well as cloud and container platforms.

VMware Cloud Marketplace: Buy ISV Apps for VMware Platforms

VMware Cloud Marketplace is an exciting step in the expansion of the VMware hybrid cloud ecosystem as we deliver on our cloud vision through software-defined data center (SDDC) capabilities and software-as-a-service (SaaS) offerings. Join this session to learn how VMware facilitates customers to discover, acquire, and deploy third-party ISV solutions across multiple platforms. For partners, VMware Cloud Marketplace provides a new way to go to market and engage with customers.

Meet and Greet with Experts and Panels:

Meet the Experts: How to Build Modern Multi-cloud Applications from Development to Production

Modern software development spans multiple target platforms, from local environments to hosted Kubernetes clusters to complex multi-cloud environments. Bitnami’s catalog of applications includes common open source building blocks such as databases and language runtimes and is available as containers and VMs. Come learn how Bitnami will help your teams navigate the journey from development to production with convenient, easy-to-deploy content that is loved by developers and trusted by IT organizations because it is secure and up-to-date.

Adopting Bitnami Content into Your VMware Cloud

With Bitnami, cloud providers can now rapidly deliver application packages on their cloud platform. For enterprises, this means a developer-ready hybrid cloud at your fingertips. Come find out more.

CODE Sessions:

Shortcut and Secure Modern App Development with Bitnami Containers and Chart Foundations

Modern continuous application development pipelines consume a web of dependencies that has become dangerously complex. In order to protect or react to new security events, CVEs and even just software updates, you must know where your software comes from and where in your application it lives. Developers that won't risk it spend hours upon hours building, scanning, testing, and maintaining the software or the pipelines to maintain the software that they use in their applications, this is attention away from the application itself. Bitnami provides modern CI/CD pipelines with a continuous stream of updated, scanned, tested and secure software components directly to the cloud of your choice, so you can focus on building your app. Attendees will learn how to configure and see a live demonstration of CI/CD tooling continuously consuming turnkey containers that are scanned secure, functionally tested, and maintained up to date for you. Cross cloud Kubernetes service portability and use of cloud-specific serverless capabilities will also be demonstrated leveraging multiple Kubernetes Services.

Continuously Refresh Your IT Service Catalogs and Provide Click-to-Deploy Simplicity for Your Enterprise

Self Service Catalogs of pre-approved cloud services are one of the best ways for an IT department to preventatively and proactively provide governance on cloud usage across platforms, however maintaining a catalog stocked fresh with the latest updated applications is a daunting challenge and providing outdated or improperly configured applications has the opposite effect for security and operations teams. Modern DevOps pipelines don’t just have to be about application development, they can also be used to assemble and continuously maintain the freshness of your catalogs and ensure they meet your standards for operational maintenance. Make your IT Self Service Portal the preferred source for cloud services that are secure, up-to-date, and just work. Attendees will learn how Bitnami has architected our build pipelines supporting catalog delivery at hyperscale and across many different formats. Attendees will learn about configuring CI/CD and DevOps pipelines to present and update artifacts and deploy ready applications in multiple formats and cloud-native service catalogs includingKubeapps for Kubernetes Clusters, AWS Service Catalog and others and see a demonstration of maintaining this pipeline using Bitnami’s Catalog.

DevOps in Real Time: NSX+Bitnami

Modern applications have grown beyond the perimeter of the data center, moving across public clouds and beyond to be close to their users and data. In this session you will observe how a developer updates a modern application environment built on Bitnami, running in both the data center and public cloud, using continuous integration and delivery (devops). Watch as new application components propagate across the data center and cloud, and see in real time how NSX-T Data Center and NSX Cloud are able to automatically provision the necessary networking infrastructure and apply the proper security policies to the newly updated application.

Continuous Verification: The Missing Link to Fully Automate Your Pipeline

In this session, we will describe how Continuous Verification (CV), can reduce and potentially eliminate these post-deployment actions in order to accelerate the pace and reliability of software delivery. Attendees will learn the reasons for this practice, see examples of operations suited to this approach, and experience a demonstration of a pipeline augmented with Continuous Verification stages

We look forward to seeing you at VMworld. Don’t forget to stop by our demo pod as well to learn more about how Bitnami can help you!