In this blog post, I would like to share my experience in building an on-premise private cloud for Infrastructure as a Service (IaaS) with largely open source components and some microservices written in javascript and python to provide user experiences similar to public cloud as much as I can.

The Ingredients

The blueprint of my private cloud is based on the NFV Management and Orchestration (MANO) architectural framework created by ETSI (http://www.etsi.org/).


The pandemic has completely changed the way we live and work. Globally, as business agility and continuity become the new priority, business leaders have accelerated the shift towards digitization. Businesses are increasing their pace of multicloud adoption as significantly more workloads are migrated out of private data centers to the public clouds. However, most businesses are likely to keep their sensitive corporate data and consumer PII information on-premises to retain complete control. …


AIOps stands for Artificial Intelligence for IT Operations, and to explain this buzzword in layman terms, it roughly means enabling our IT infrastructure with the new intelligence to automatically discover what its users (humans, machines, or applications) need, then analyze the tradeoffs of those needs (of who and what is more or less important to the business), and finally making the necessary changes (by provisioning, allocating more or less resources) to apply and balance those tradeoffs. This cycle then continuously repeats itself.

When AIOps is enabled for your applications deployed on Multicloud, it allows your applications to run smoothly and…


Threats Surveillance and Detection in the Multicloud

As we modernize our legacy applications into microservices and deploy them to container technologies such as Kubernetes, potential threats and unknown security risks lie in wait for us in the new environments. For example, the Common Vulnerabilities and Exposure (CVE) publishes the list of known vulnerabilities and exploits found in base Docker container images which we commonly use as base images to build our new containerized applications.

https://www.cvedetails.com/product/28125/Docker-Docker.html?vendor_id=13534

Some of these exploits are nasty, for example they allow hackers to execute arbitrary code with root privileges. …


The purpose of the Cluster Autoscaler is to provision new Worker Nodes in a Kubernetes Cluster during periods of high demand when the cluster does not have sufficient resources such as CPU, memory, or GPU to run new Pods. And, during quiet periods when the cluster no longer require these resources, the Cluster Autoscaler will terminate the extra Worker Nodes. The Horizontal Pod Autoscaler works by creating additional replicas of a Pod on the Worker Node where it runs when the monitored resources (such as CPU) it consumes has exceeded the defined threshold. Similarly, the Horizontal Pod Autoscaler will delete…

Jonathan Chin

Jonathan is a Customer Engineer at Google Cloud, and is deeply passionate about Kubernetes, Cloud, and Open Source. He is a Singaporean based in Singapore.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store