Wednesday, August 14, 2019

Learn How to Navigate Multi-Cloud and Kubernetes with Bitnami at VMworld



Join us at VMworld 2019 US, August 25-29, in San Francisco to learn more about what the Bitnami team has been up to. Check out our sessions below, and add them to your VMworld agenda today.

Sessions and Keynotes:



Showcase Keynote: Kubernetes and the Cloud Native Journey

Leading enterprises are increasingly defined by their ability to develop software. That’s why they are turning to Kubernetes and cloud native principles to speed developer velocity and drive resource efficiencies. VMware has unmatched expertise to guide this journey—hear from the creators of Kubernetes, the architects working hands-on with customers and the engineers building new solutions. We will show you how to lead the cloud native conversation at your organization—to change your trajectory—by managing hundreds of users and thousands of Kubernetes clusters across multiple clouds. Maximize your VMworld experience by exploring new territory with our expert team.

The Multi-cloud Builder's Journey

Modern enterprise software development targets multiple cloud environments and involves heavy use of open source software, whether operated in-house or consumed as a service. This session will walk you through how Bitnami helps IT organizations on their journey from ideation and prototyping to deploying their apps in production. With the Bitnami application catalog developer teams can experiment and iterate quickly and easily, whether locally, on Kubernetes or the cloud. With Bitnami content, ops teams can trust deployed applications are secure, up-to-date and can set-up the applications to be compliant with corporate policies, regardless of which cloud they are deployed in.


Securing the Software Supply Chain in a Multi-Cloud World

Open Source and Cloud Technologies have exponentially increased both agility and complexity for developers, security, and operations teams. With the rampant consumption of software, dependencies and formats from an ever-increasing number of sources, many Enterprise IT organizations struggle to answer the basic questions: what’s inside my app and where did it come from? Bitnami will share learnings from over a decade in the software packaging industry. You will learn about the Software Supply Chain, its susceptibility to attack and how that’s compounded in the Open Source community, and leave with the best first steps to take to secure your Software Supply Chain; from sourcing, through deployment and ongoing maintenance and key strategies for implementing this at scale across multiple teams as well as cloud and container platforms.

VMware Cloud Marketplace: Buy ISV Apps for VMware Platforms

VMware Cloud Marketplace is an exciting step in the expansion of the VMware hybrid cloud ecosystem as we deliver on our cloud vision through software-defined data center (SDDC) capabilities and software-as-a-service (SaaS) offerings. Join this session to learn how VMware facilitates customers to discover, acquire, and deploy third-party ISV solutions across multiple platforms. For partners, VMware Cloud Marketplace provides a new way to go to market and engage with customers.

Meet and Greet with Experts and Panels:


Meet the Experts: How to Build Modern Multi-cloud Applications from Development to Production

Modern software development spans multiple target platforms, from local environments to hosted Kubernetes clusters to complex multi-cloud environments. Bitnami’s catalog of applications includes common open source building blocks such as databases and language runtimes and is available as containers and VMs. Come learn how Bitnami will help your teams navigate the journey from development to production with convenient, easy-to-deploy content that is loved by developers and trusted by IT organizations because it is secure and up-to-date.


Adopting Bitnami Content into Your VMware Cloud

With Bitnami, cloud providers can now rapidly deliver application packages on their cloud platform. For enterprises, this means a developer-ready hybrid cloud at your fingertips. Come find out more.


CODE Sessions:


Shortcut and Secure Modern App Development with Bitnami Containers and Chart Foundations

Modern continuous application development pipelines consume a web of dependencies that has become dangerously complex. In order to protect or react to new security events, CVEs and even just software updates, you must know where your software comes from and where in your application it lives. Developers that won't risk it spend hours upon hours building, scanning, testing, and maintaining the software or the pipelines to maintain the software that they use in their applications, this is attention away from the application itself. Bitnami provides modern CI/CD pipelines with a continuous stream of updated, scanned, tested and secure software components directly to the cloud of your choice, so you can focus on building your app. Attendees will learn how to configure and see a live demonstration of CI/CD tooling continuously consuming turnkey containers that are scanned secure, functionally tested, and maintained up to date for you. Cross cloud Kubernetes service portability and use of cloud-specific serverless capabilities will also be demonstrated leveraging multiple Kubernetes Services.

Continuously Refresh Your IT Service Catalogs and Provide Click-to-Deploy Simplicity for Your Enterprise

Self Service Catalogs of pre-approved cloud services are one of the best ways for an IT department to preventatively and proactively provide governance on cloud usage across platforms, however maintaining a catalog stocked fresh with the latest updated applications is a daunting challenge and providing outdated or improperly configured applications has the opposite effect for security and operations teams. Modern DevOps pipelines don’t just have to be about application development, they can also be used to assemble and continuously maintain the freshness of your catalogs and ensure they meet your standards for operational maintenance. Make your IT Self Service Portal the preferred source for cloud services that are secure, up-to-date, and just work. Attendees will learn how Bitnami has architected our build pipelines supporting catalog delivery at hyperscale and across many different formats. Attendees will learn about configuring CI/CD and DevOps pipelines to present and update artifacts and deploy ready applications in multiple formats and cloud-native service catalogs includingKubeapps for Kubernetes Clusters, AWS Service Catalog and others and see a demonstration of maintaining this pipeline using Bitnami’s Catalog.

DevOps in Real Time: NSX+Bitnami

Modern applications have grown beyond the perimeter of the data center, moving across public clouds and beyond to be close to their users and data. In this session you will observe how a developer updates a modern application environment built on Bitnami, running in both the data center and public cloud, using continuous integration and delivery (devops). Watch as new application components propagate across the data center and cloud, and see in real time how NSX-T Data Center and NSX Cloud are able to automatically provision the necessary networking infrastructure and apply the proper security policies to the newly updated application.


We look forward to seeing you at VMworld. Don’t forget to stop by our demo pod as well to learn more about how Bitnami can help you!

Thursday, August 1, 2019

Take Your Website to the Next Level with WordPress Production-Ready from Bitnami and Automattic - Now Available on the AWS Marketplace


Webinar - " Achieve Your Website Goals with the Official WordPress Image for the Cloud" - August 14th at 10 am PST - Register Now
_________________________________________________________________________________

On January 16, 2019, we announced our partnership with Automattic, the company behind WordPress.com, to create an official WordPress image for the AWS cloud.

Today, all of the different flavors of Bitnami WordPress images in the AWS Marketplace have been re-published as official images certified by Bitnami and Automattic.

Along with updating our images, we have also released a new Production-Ready WordPress image that is designed to handle all of your production environment needs.

WordPress Production-Ready is a pre-configured CloudFormation template designed for production environments. Its architecture spans two availability zones in the AWS region and auto-scaling group configured in each node to ensure high-availability and horizontal scaling.

Maximum performance is maintained by a replication model for distributing workloads across multiple WordPress instances, Elastic Load Balancing to distribute requests across the nodes, EFS for persisting files and ElastiCache cluster with Memcached for caching database queries to Amazon Aurora.

With WordPress Production-Ready Certified by Bitnami and Automattic, your company can rest assured that the application will withstand the traffic and scaling required for your popular site with the following features:

  • High-availability architecture with two availability zones and auto-scaling group configured in each node to ensure dynamic horizontal scaling.
  • Public subnets configured to allow EC2 Instances to act as bastion hosts for inbound traffic and Managed NAT Gateways allow outbound traffic to WordPress instances, following the AWS security guidelines.
  • Always up-to-date and secure; includes the latest available version of WordPress, PHP, and Apache.

Get started with the WordPress Production-Ready Certified by Bitnami and Automattic today!

Is there anything else new in the updated WordPress listings by Bitnami and Automattic?

Yes, there is!

All of our WordPress images for AWS now include the Automattic Jetpack plugin by default.

Jetpack, one of the most popular plugins for WordPress, is the most powerful way to design, protect, and manage multiple WordPress websites. Jetpack is powered by the folks behind WordPress.com, which means you’ve got the infrastructure to handle billions of pageviews behind your sites, plus world-class 24/7 support.

Pick the WordPress image that works for you:

We offer many different WordPress images to suit the many different needs of our users. Pick the one that works best for you, and get started today.


Unsure of which image to choose for your WordPress use case? Reach out to our support team through our community support forum with the details of what you are trying to accomplish. Our team will be happy to guide you in the right direction!

Want to learn more about how you can use the WordPress Production-Ready Certified by Bitnami and Automattic to create the website of your dreams on AWS? Join us for a live webinar with the Automattic and AWS teams on August 14th at 10 am PST. Register now

Tuesday, June 18, 2019

TCP SACK PANIC: Multiple TCP-based remote denial of service vulnerabilities

[UPDATE 2019-06-25]

- Bitnami has now released all the images with the new kernel available for all the supported platforms. These changes are being propagated across all the Marketplaces right now.

----

Netflix has identified several TCP networking vulnerabilities in FreeBSD and Linux kernels.

They all are related to the minimum segment size (MSS) and TCP Selective Acknowledgement (SACK) capabilities. A malicious attacker can construct a specific sequence of TCP packets that can lead to a remotely-triggered kernel panic on recent Linux kernels.

The list of CVEs is as follows:

  • CVE-2019-11477: SACK Panic (Linux >= 2.6.29): A sequence of SACKs may be crafted such that one can trigger an integer overflow, leading to a kernel panic.
  • CVE-2019-11478: SACK Slowness (Linux < 4.15) or Excess Resource Usage (all Linux versions): It is possible to send a crafted sequence of SACKs which will fragment the TCP retransmission queue. 
  • CVE-2019-5599: SACK Slowness (FreeBSD 12 using the RACK TCP Stack): It is possible to send a crafted sequence of SACKs which will fragment the RACK send map.
  • CVE-2019-11479: Excess Resource Consumption Due to Low MSS Values (all Linux versions): An attacker can force the Linux kernel to segment its responses into multiple TCP segments, each of which contains only 8 bytes of data.


You can find more information about these vulnerabilities in the official security announcement.

Bitnami is working on updating all affected Virtual Machines and Cloud Images available through Bitnami, for all of our cloud provider partners. Once this update is complete, all new launches will be protected from these issues.

If you already have a running server (virtual machine) or if you have a Bitnami stack installed on your computer, you will need to update the operating system on your own. If a patched kernel is available from the operating system vendor, you can update it by following these instructions (depending on your distribution / operating system):

- Ubuntu / Debian

sudo apt-get update && sudo apt-get dist-upgrade 

- Oracle Linux, Red Hat, CentOS, and Amazon Linux

sudo yum update 

After completing the steps above, reboot your server to get the fixed version of the kernel / operating system. The versions of the package that fix these vulnerabilities are the following:

- Ubuntu 16.04: 4.4.0-151-generic
- Ubuntu 16.04 for Azure: 4.15.0-1047-azure
- Debian 9: 4.9.168-1+deb9u3
- Oracle Linux 7: 4.1.12-124.28.3.el7uek or 4.14.35-1902.2.0.el7uek
- Red Hat: 3.10.0-957.21.3.el7
- CentOS: 3.10.0-957.21.3.el7
- Amazon Linux: 4.14.123-86.109.amzn1

If you have any questions about this process, please post to the Bitnami community support forum. We will be happy to help!