Tuesday, September 9, 2014

software

  • Google Play
Google Play, formerly the Android Market, is a digital distribution platform operated by Google. It is the official app store for the Android operating system, allowing users to browse and download applications developed with the Android SDK and published through Google.
http://en.wikipedia.org/wiki/Google_Play


  • App Store (iOS)
The App Store is a digital distribution platform for mobile apps on iOS, developed and maintained by Apple Inc. The service allows users to browse and download applications that were developed with Apple's iOS SDK.
The apps can be downloaded directly to an iOS device, or onto a personal computer via iTunes (also developed and maintained by Apple Inc.).
http://en.wikipedia.org/wiki/App_Store_%28iOS%29

  • Instagram
Instagram is an online mobile photo-sharing, video-sharing and social networking service that enables its users to take pictures and videos, apply digital filters to them, and share them on a variety of social networking services, such as Facebook, Twitter, Tumblr and Flickr.
Users are also able to record and share short videos lasting for up to 15 seconds.
Instagram is distributed through the Apple App Store, Google Play, and Windows Phone Store.
Support was originally available for only the iPhone, iPad, and iPod Touch;
in April 2012, support was added for Android camera phones.
http://en.wikipedia.org/wiki/Instagram



  • Vine is a short-form video sharing service. Founded in June 2012, it was acquired by microblogging website Twitter in October 2012, just prior to its official launch.
The service allows users to record and edit six-second long video clips, which can be then published through Vine's social network and shared on other services such as Facebook and Twitter. Vine's app can also be used to browse through videos posted by other users, along with groups of videos by theme, and trending videos.
http://en.wikipedia.org/wiki/Vine_%28software%29

  • WhatsApp
WhatsApp Messenger is a proprietary, cross-platform instant messaging subscription service for smartphones and selected feature phones that uses the internet for communication. In addition to text messaging, users can send each other images, video, and audio media messages as well as their location using integrated mapping features.
http://en.wikipedia.org/wiki/WhatsApp


  • Wickr
Wickr (pronounced "wicker") is the name of a proprietary instant messenger for iPhone and Android and of the company that produces it. Wickr allows users to exchange end-to-end encrypted and self-destructing messages, including photos and file attachments
http://en.wikipedia.org/wiki/Wickr

hardware

  •  Smartphone
 A smartphone (or smart phone) is a mobile phone with more advanced computing capability and connectivity than basic feature phones.
 Early smartphones typically combined the features of a mobile phone with those of another popular consumer device, such as a personal digital assistant (PDA), a media player, a digital camera, and/or a GPS navigation unit. Later smartphones include all of those plus the features of a touchscreen computer, including web browsing, Wi-Fi, and 3rd-party apps.
 http://en.wikipedia.org/wiki/Smartphone


  •  iPod Touch
 The iPod Touch (stylized and marketed as iPod touch) is a multi-purpose pocket computer designed and marketed by Apple Inc. with a user interface that is touchscreen-based. It can be used as a music and video player, digital camera, handheld game device, and personal digital assistant (PDA).It connects to the Internet through Wi-Fi base stations and is therefore not a smartphone, though its design and iOS operating system are very similar to Apple's iPhone.
 http://en.wikipedia.org/wiki/IPod_Touch

  •  iPhone
 a line of smartphones designed and marketed by Apple Inc.
 It runs Apple's iOS mobile operating system
 There are seven generations of iPhone models, each accompanied by one of the six major releases of iOS.
 http://en.wikipedia.org/wiki/IPhone


  •  A Chromebook is a laptop running Chrome OS as its operating system. The devices are designed to be used primarily while connected to the Internet, with most applications and data residing "in the cloud". A Chromebook is an example of a thin client.
http://en.wikipedia.org/wiki/Chromebook

  • iPad
a line of tablet computers designed and marketed by Apple Inc. which runs Apple's iOS.
The user interface is built around the device's multi-touch screen, including a virtual keyboard.
The iPad has built-in Wi-Fi and, on some models, cellular connectivity
An iPad can shoot video, take photos, play music, and perform Internet functions such as web-browsing and emailing. Other functions—games, reference, GPS navigation, social networking, etc.—can be enabled by downloading and installing apps.
http://en.wikipedia.org/wiki/IPad

  • iPad Mini
a line of mini tablet computers designed, developed, and marketed by Apple Inc
It is a sub-series of the iPad line of tablets, with a reduced screen size of 7.9 inches, in contrast to the standard 9.7 inches
http://en.wikipedia.org/wiki/IPad_Mini


  • Google Nexus
a line of consumer electronic devices that run the Android operating system.
The product family consists mostly of mobile devices—five smartphones and three tablet computers
the devices currently available in the line are the Nexus 5 smartphone (made with partner LG Electronics), second generation Nexus 7 tablet (made with Asus), and Nexus 10 tablet (made with Samsung).
Nexus devices are the first Android devices to receive updates to the operating system.
http://en.wikipedia.org/wiki/Google_Nexus

  • Kindle Fire
The Kindle Fire is a mini tablet computer version of Amazon.com's Kindle e-book reader.
Kindle Fire has a color 7-inch multi-touch display with IPS technology and runs a custom version of Google's Android operating system called Fire OS.
The device—which includes access to the Amazon Appstore, streaming movies and TV shows, and Kindle's e-books
http://en.wikipedia.org/wiki/Kindle_Fire


  • Tablet computer
A tablet computer, or simply tablet, is a mobile computer with display, circuitry and battery in a single unit. Tablets are equipped with sensors, including cameras, microphone, accelerometer and touchscreen, with finger or stylus gestures replacing computer mouse and keyboard. Tablets may include physical buttons, e.g., to control basic features such as speaker volume and power and ports for network communications and to charge the battery. An on-screen, pop-up virtual keyboard is usually used for typing. Tablets are typically larger than smart phones or personal digital assistants at 7 inches (18 cm) or larger, measured diagonally
http://en.wikipedia.org/wiki/Tablet_computer

  • personal digital assistant (PDA)
A personal digital assistant (PDA), also known as a palmtop computer, or personal data assistant, is a mobile device that functions as a personal information manager. PDAs are largely considered obsolete with the widespread adoption of smartphones.
Nearly all current PDAs have the ability to connect to the Internet. A PDA has an electronic visual display, enabling it to include a web browser, all current models also have audio capabilities enabling use as a portable media player, and also enabling most of them to be used as mobile phones. Most PDAs can access the Internet, intranets or extranets via Wi-Fi or Wireless Wide Area Networks. Most PDAs employ touchscreen technology.
http://en.wikipedia.org/wiki/Personal_digital_assistant

  • laptop
A laptop is a portable personal computer with a clamshell form factor, suitable for mobile use.They are also sometimes called notebook computers or notebooks
http://en.wikipedia.org/wiki/Laptop

operating system

  •  iOS (previously iPhone OS) is a mobile operating system developed by Apple Inc. and distributed exclusively for Apple hardware. It is the operating system that powers many of the company's iDevices.
 Originally unveiled in 2007 for the iPhone, it has been extended to support other Apple devices such as the iPod Touch (September 2007), iPad (January 2010), iPad Mini (November 2012) and second-generation Apple TV onward (September 2010).
 http://en.wikipedia.org/wiki/IOS


  •  iOS 8 is the eighth major release of the iOS mobile operating system designed by Apple Inc. as the successor to iOS 7.
Many of the features and highlights of iOS 8 have seem to come from previous versions of Android, and even Windows Phone.
http://en.wikipedia.org/wiki/IOS_8

  •  Chrome OS is a Linux kernel-based operating system designed by Google to work primarily with web applications
The user interface takes a minimalist approach and consists almost entirely of just the Google Chrome web browser
This means that Chrome OS is almost a pure web thin client OS
Chrome OS is built upon the open source project called Chromium OS[10] which, unlike Chrome OS, can be compiled from the downloaded source code.
Chrome OS is the commercial version installed on specific hardware from Google's manufacturing partners.
http://en.wikipedia.org/wiki/Chrome_OS

  • Chromium OS is a Linux-based operating system designed by Google to work exclusively with web applications. It is the open source development version of Chrome OS.
http://en.wikipedia.org/wiki/Chromium_OS

  • Android (operating system)
Android is a mobile operating system (OS) based on the Linux kernel that is currently developed by Google.
http://en.wikipedia.org/wiki/Android_%28operating_system%29

GeoJSON

  •  GeoJSON is a format for encoding a variety of geographic data structures.
 http://geojson.org/

Geography Markup Language (GML)

  • Geography Markup Language (GML)
 The OpenGIS® Geography Markup Language Encoding Standard (GML) The Geography Markup Language (GML) is an XML grammar for expressing geographical features. GML serves as a modeling language for geographic systems as well as an open interchange format for geographic transactions on the Internet
 http://www.opengeospatial.org/standards/gml


  •  OGC Web Services Context Document defines the application state of an OGC Integrated Client
 http://en.wikipedia.org/wiki/Open_Geospatial_Consortium


  •  The ISO 19100 is a series of standards for defining, describing, and managing geographic information
 http://www.slideshare.net/Databaseguys/iso-19100-geographic-information-and-geomatics
 

PostGIS

  •  PostGIS
 PostGIS is a spatial database extender for PostgreSQL object-relational database. It adds support for geographic objects allowing location queries to be run in SQL.
 http://postgis.net/

Intrusion detection system (IDS / IPS)

  •  Intrusion detection system
 An intrusion detection system (IDS) is a device or software application that monitors network or system activities for malicious activities or policy violations and produces reports to a management station. IDS come in a variety of “flavors” and approach the goal of detecting suspicious traffic in different ways. There are network based (NIDS) and host based (HIDS) intrusion detection systems.
 http://en.wikipedia.org/wiki/Intrusion_detection_system

  •  Intrusion prevention system
 Intrusion prevention systems (IPS), also known as intrusion detection and prevention systems (IDPS), are network security appliances that monitor network and/or system activities for malicious activity. The main functions of intrusion prevention systems are to identify malicious activity, log information about this activity, attempt to block/stop it, and report it
 http://en.wikipedia.org/wiki/Intrusion_prevention_system

  • IPS vs IDS vs Firewall
firewall prevents malicious traffic
Passive IDS: the IDS only reports that there was an intrusion.
Active IDS: the IDS also takes actions against the issue to fix it or at least lessen its impact.

Firewall - A device or application that analyzes packet headers and enforces policy based on protocol type, source address, destination address, source port, and/or destination port. Packets that do not match policy are rejected

Intrusion Detection System - A device or application that analyzes whole packets, both header and payload, looking for known events. When a known event is detected a log message is generated detailing the event.

Intrusion Prevention System - A device or application that analyzes whole packets, both header and payload, looking for known events. When a known event is detected the packet is rejected.

The IDS only monitors traffic. The IDS contains a database of known attack signatures. And it compares the inbound traffic against to the database. If an attack is detected then the IDS reports the attack.

http://security.stackexchange.com/questions/44931/difference-between-ids-and-ips-and-firewall


  • The differences between an IDS and a firewall are that the latter prevents malicious traffic, whereas the IDS:

    Passive IDS: the IDS only reports that there was an intrusion.
    Active IDS: the IDS also takes actions against the issue to fix it or at least lessen its impact.

However, what's the difference between an IPS and a Firewall? Both are a preventative technical control whose purpose is to guarantee that incoming network traffic is legitimate.


    Firewall - A device or application that analyzes packet headers and enforces policy based on protocol type, source address, destination address, source port, and/or destination port. Packets that do not match policy are rejected.
    Intrusion Detection System - A device or application that analyzes whole packets, both header and payload, looking for known events. When a known event is detected a log message is generated detailing the event.
    Intrusion Prevention System - A device or application that analyzes whole packets, both header and payload, looking for known events. When a known event is detected the packet is rejected.


http://security.stackexchange.com/questions/44931/difference-between-ids-and-ips-and-firewall


  • WAF vs IPS
IPS’s deal with packets, while WAF’s work within sessions

WAFs must understand not just protocol behavior, like HTTP GET, POST, HEAD, etc, but also JavaScript, SQL, HTML, XML, Cookies, etc. This application layer logic is fundamental to the operation of a WAF but not required for IPS functionality, and therefore not typically implemented on an IPS

Baselining is available on IPS and WAF, but the similarity stops with the name. IPS baselining consists of statistical deviations in throughput and traffic flows. WAF baselining involves URL, Parameter, HTTP Method, Session, and Cookie mapping. A WAF knows no concept of bandwidth utilization for baselining, just an IPS doesn’t know if a given URL is supposed to accept HTTP POSTs or GETs.

IPS signatures are looked at by companies as a means to virtually patch their PC’s ahead of an actual being patch or update being available or fully rolled out. This level of protection isn’t available on an IPS when specific application-layer vulnerabilities exist or when custom written web-application code has some new vulnerability. This is where the WAF provides a measure of protection not available on an IPS, due to the application-awareness of the WAF.

WAF deployments are focused on web applications and web application traffic, while IPS deployments are typically done at the network level inspecting all packets.
https://practical.wordpress.com/2009/12/28/waf-vs-ips-or-four-things-your-ips-cant-do/

  • Security: IDS vs. IPS Explained
an IPS has all the features of a good IDS, but can also stop malicious traffic from invading the enterprise.
In addition, an IPS can respond to a detected threat in two other ways. It can reconfigure other security controls, such as a firewall or router, to block an attack. Some IPS devices can even apply patches if the host has particular vulnerabilities. In addition, some IPS can remove the malicious contents of an attack to mitigate the packets, perhaps deleting an infected attachment from an email before forwarding the email to the user.
http://www.comparebusinessproducts.com/fyi/ids-vs-ips

  • Intrusion Detection FAQ: What is the difference between an IPS and a Web Application Firewall?
An IPS generally sits in-line and watches network traffic as the packets flow through it. It acts similarly to an Intrusion Detection System (IDS) by trying to match data in the packets against a signature database or detect anomalies against what is pre-defined as "normal" traffic
WAFs are designed to protect web applications/servers from web-based attacks that IPSs cannot prevent. In the same regards as an IPS, WAFs can be network or host based. They sit in-line and monitor traffic to and from web applications/servers. Basically, the difference is in the level of ability to analyze the Layer 7 web application logic.
https://www.sans.org/security-resources/idfaq/ips-web-app-firewall.php


  • Perimeter’s Host Intrusion Detection and Prevention System (HIDS/HIPS) is our premier
service designed to protect your most critical data and servers on your network. It
provides an additional layer of defense beyond services such as a managed firewall,
Network Intrusion Prevention Systems (NIPS) and signature-based anti virus software.
HIDS/HIPS relies on a learning pattern for both known and unknown types of malicious
activity. Rather than relying on signature matching for specific attacks, the behavior-
based rules associated with HIDS/HIPS products monitor and deny malicious activity
patterns. HIDS/HIPS monitors and alerts security operations personnel if activity is
suspicious
http://www.falkensecurenetworks.com/PDFs/HIDS-HIPS[1].pdf

  • Host based intrusion detection (HIDS) refers to intrusion detection that takes place on a single host system. Currently, HIDS involves installing an agent on the local host that monitors and reports on the system configuration and application activity. Some common abilities of HIDS systems include log analysis, event correlation, integrity checking, policy enforcement, rootkit detection, and alerting1. They often also have the ability to baseline a host system to detect variations in system configuration.
https://www.sans.org/security-resources/idfaq/what-is-a-host-intrusion-detection-system/1/24

  •  "OSSEC is an Open Source Host-based Intrusion Detection System. It performs log analysis, file integrity checking, policy monitoring, rootkit detection, real-time alerting and active response. It runs on most operating systems, including Linux, MacOS, Solaris, HP-UX, AIX and Windows.
http://ossec.github.io/

  •  The Samhain host-based intrusion detection system (HIDS) provides file integrity checking and log file monitoring/analysis, as well as rootkit detection, port monitoring, detection of rogue SUID executables, and hidden processes.Samhain been designed to monitor multiple hosts with potentially different operating systems, providing centralized logging and maintenance, although it can also be used as a standalone application on a single host.Samhain is an open-source multiplatform application for POSIX systems (Unix, Linux, Cygwin/Windows).
http://la-samhna.de/samhain/index.html


  • HIDS vs NIDS and which one is better and why?

It’s just that the placement in different. HIDS is placed on each host whereas NIDS is placed in the network. For an enterprise, NIDS is preferred as HIDS is difficult to manage, plus it consumes processing power of the host as well.
https://www.greycampus.com/blog/information-security/top-cyber-security-interview-questions

  • Snort

Snort® is an open source network intrusion prevention and detection system (IDS/IPS) developed by Sourcefire.
http://www.snort.org/

  • Differences Between IPS and Firewalls


An IPS will inspect content of the request and be able to drop, alert, or potentially clean a malicious network request based on that content.
A firewall will block traffic based on network information such as IP address, network port and network protocol. 

https://its.umich.edu/enterprise/wifi-networks/network-security/ips-vs-firewalls

  • A firewall permits and blocks traffic by port/protocol rules.  However, an attacker can use legitimate ports to send illegitimate traffic.  An IPS looks at the contents of the packets and/or can correlate over time to determine if an attack is happening.  An IPS works in tandem with a firewall to make sure that the traffic the firewall permitted is actual legitimate traffic.
https://learningnetwork.cisco.com/s/question/0D53i00000KstPg/ips-vs-firewall







Thursday, September 4, 2014

Terms,Organizations

  • The Single Euro Payments Area (SEPA) is a payment-integration initiative of the European Union for simplification of bank transfers denominated in euro. As of February 2014, SEPA consists of the 28 EU member states, the four members of the EFTA (Iceland, Liechtenstein, Norway and Switzerland), Monaco and San Marino
  •  The European Free Trade Association (EFTA) is a free trade organisation between four European countries that operates in parallel with – and is linked to – the European Union (EU). The EFTA was established on 3 May 1960 as a trade bloc-alternative for European states who were either unable or unwilling to join the then-European Economic Community (EEC) which has now become the EU  

credit card

  • AVS (Address Verification Service): determines if the address provided by the customer matches the address of the credit card


  • CVV (Code Verification Value): the three or four digit number on the back of a credit card
providing these numbers ensures that the card is in the hand of its owner
This is also known as CSC (Card Security Code), CVC (Card Verification Code), and V-Code,depending on the card scheme norms and region

Backend as a service (BaaS)

These services are provided via the use of custom software development kits (SDKs) and application programming interfaces (APIs)

Platform as a service (PaaS)

  • Minishift is a tool that helps you run OpenShift locally by launching a single-node OpenShift cluster inside a virtual machine. With Minishift you can try out OpenShift or develop with it, day-to-day, on your local machine.

  • https://www.openshift.org/minishift/

  • OpenShift Online is Red Hat’s public cloud application development and hosting service. On-Demand Access.

  •     OpenShift Dedicated is Red Hat’s managed private cluster offering for Enterprises. Own OpenShift cluster + operated by Red Hat.
        OpenShift Container Platform  is Red Hat’s on-premise private PaaS product. Whether it’s on premise in customer data center or private cloud.

    OpenShift Origin is the upstream community project used in OpenShift Online, OpenShift Dedicated, and OpenShift Container Platform.

    There are 3 quick installation methods:
        1Running in a Container (from DockerHub) – Only for Red Hat based distributions, RHEL, Fedora and CentOS.
        2Download a Binary (GitHub). This is an all-in-one version. Pay attention with this option, because versions for Windows and Mac are limited.
    3Building from source, locally or using Vagrant.

        Minishift is an upstream community project that is intended for OpenShift Origin. Minishift is a tool that helps you run OpenShift locally by launching a single-node OpenShift Origin cluster inside a virtual machine.


    https://blog.novatec-gmbh.de/getting-started-minishift-openshift-origin-one-vm/


  • Openshift Origin is the upstream community project that builds up OpenShift platform. Openshift origin is built around a core of Docker container, using Kubernetes for cluster containers orchestration. Openshift origin includes also a functional Web application and a CLI interface to build up and manage your applications.
  • http://www.mastertheboss.com/soa-cloud/openshift/openshift-installation-quick-tutorial

  • Docker and OpenShift Origin must run on the Linux operating system.

  • If you wish to run the server from a Windows or Mac OS X host, you should start a Linux VM first.
     
    OpenShift Origin and Docker use iptables to manage networking.
    Ensure that local firewall rules and other software making iptable changes do not alter the OpenShift Origin and Docker service setup.

    Installation Methods
    Method 1: Running in a Container

    https://docs.openshift.org/latest/getting_started/administrators.html

  • Minimum Hardware Requirements


  • OpenShift Origin only supports servers with the x86_64 architecture.

    Masters
    Physical or virtual system, or an instance running on a public or private IaaS.
    Base OS: Fedora 21, CentOS 7.3, RHEL 7.3, or RHEL 7.4 with the "Minimal" installation option and the latest packages from the Extras channel, or RHEL Atomic Host 7.3.6 or later.
    2 vCPU.
    Minimum 16 GB RAM.
    Minimum 40 GB hard disk space for the file system containing /var/.
    Minimum 1 GB hard disk space for the file system containing /usr/local/bin/.
    Minimum 1 GB hard disk space for the file system containing the system’s temporary directory


    Nodes
    Physical or virtual system, or an instance running on a public or private IaaS.
    Base OS: Fedora 21, CentOS 7.3, RHEL 7.3, or RHEL 7.4 with "Minimal" installation option, or RHEL Atomic Host 7.3.6 or later.
    NetworkManager 1.0 or later.
    1 vCPU.
    Minimum 8 GB RAM.
    Minimum 15 GB hard disk space for the file system containing /var/.
    Minimum 1 GB hard disk space for the file system containing /usr/local/bin/.
    Minimum 1 GB hard disk space for the file system containing the system’s temporary directory
    An additional minimum 15 GB unallocated space to be used for Docker’s storage back end


    External etcd Nodes
    Minimum 20 GB hard disk space for etcd data.

    Configuring Core Usage
    For example, run the following before starting the server to make OpenShift Origin only run on one core:
    # export GOMAXPROCS=1
    Alternatively, if you plan to run OpenShift in a container, add -e GOMAXPROCS=1 to the docker run command when launching the server.

    SELinux
    Security-Enhanced Linux (SELinux) must be enabled on all of the servers before installing OpenShift Origin or the installer will fail. Also, configure SELINUXTYPE=targeted in the /etc/selinux/config file:
    # This file controls the state of SELinux on the system.
    # SELINUX= can take one of these three values:
    #     enforcing - SELinux security policy is enforced.
    #     permissive - SELinux prints warnings instead of enforcing.
    #     disabled - No SELinux policy is loaded.
    SELINUX=enforcing
    # SELINUXTYPE= can take one of these three values:
    #     targeted - Targeted processes are protected,
    #     minimum - Modification of targeted policy. Only selected processes are protected.
    #     mls - Multi Level Security protection.
    SELINUXTYPE=targeted

    NTP
    You must enable Network Time Protocol (NTP) to prevent masters and nodes in the cluster from going out of sync.
    Set openshift_clock_enabled to true in the Ansible playbook to enable NTP on masters and nodes in the cluster during Ansible installation.
    # openshift_clock_enabled=true

    Environment Requirements
    Adding entries into the /etc/hosts file on each host is not enough. This file is not copied into containers running on the platform.

    Key components of OpenShift Origin run themselves inside of containers and use the following process for name resolution:
    By default, containers receive their DNS configuration file (/etc/resolv.conf) from their host.
    OpenShift Origin then inserts one DNS value into the pods (above the node’s nameserver values). That value is defined in the /etc/origin/node/node-config.yaml file by the dnsIP parameter, which by default is set to the address of the host node because the host is using dnsmasq
    If the dnsIP parameter is omitted from the node-config.yaml file, then the value defaults to the kubernetes service IP, which is the first nameserver in the pod’s /etc/resolv.conf file.

    DNSMSQ must be enabled (openshift_use_dnsmasq=true) or the installation will fail and critical features will not function


    The following is an example set of DNS records for the Single Master and Multiple Nodes scenario:

    master    A   10.64.33.100
    node1     A   10.64.33.101
    node2     A   10.64.33.102

    Configuring Hosts to Use DNS
    The configuration for hosts' DNS resolution depend on whether DHCP is enabled.

    If DHCP is:
    Disabled, then configure your network interface to be static, and add DNS nameservers to NetworkManager.

    If DHCP is:
    Enabled, then the NetworkManager dispatch script automatically configures DNS based on the DHCP configuration.

    To verify that hosts can be resolved by your DNS server:
    Check the contents of /etc/resolv.conf:
    $ cat /etc/resolv.conf
    # Generated by NetworkManager
    search example.com
    nameserver 10.64.33.1
    # nameserver updated by /etc/NetworkManager/dispatcher.d/99-origin-dns.sh

    Test that the DNS servers listed in /etc/resolv.conf are able to resolve host names to the IP addresses of all masters and nodes in your OpenShift Origin environment:
    $ dig <node_hostname> @<IP_address> +short
    $ dig master.example.com @10.64.33.1 +short
    10.64.33.100
    $ dig node1.example.com @10.64.33.1 +short
    10.64.33.101


    Configuring a DNS Wildcard
    Optionally, configure a wildcard for the router to use, so that you do not need to update your DNS configuration when new routes are added.


    https://docs.openshift.org/latest/install_config/install/prerequisites.html#install-config-install-prerequisites

  • To simplify the task of setting up and operating containers, the use of a container management tool is essential. These solutions, known as container orchestration tools, help operations staff decide where to run containers, how to run them in production, and which systems to put them on

  • OpenShift, Red Hat’s PaaS solution for enterprise applications, uses Docker and Kubernetes as its underlying container management engines. OpenShift is a powerful resource for orchestrating containerization at the enterprise level.

    The OpenShift Online Starter plan, which can handle one project, is free.

    Docker is the leading provider of containerization tools.
    Docker has helped foster the DevOps revolution by facilitating collaboration between developers and operators, accelerating the process of creating and deploying applications.
    Kubernetes is a container orchestration engine.
    It offers an open source platform to manage the deployment and use of containers across your IT infrastructure.
    https://shadow-soft.com/open-source-container-management-tools/

  • OpenShift Online has been completely rewritten, enabling you to rapidly build and deploy Docker images and manage them on a robust, scalable platform. The power of Docker containers and the Kubernetes container cluster manager optimized for enterprise app development and deployment.OpenShift is Red Hat's Platform-as-a-Service (PaaS) that allows developers to quickly develop, host, and scale applications in a cloud environment.
https://www.openshift.com

  • Source-to-Image (S2I) is a toolkit and workflow for building reproducible Docker images from source code.
S2I produces ready-to-run images by injecting source code into a Docker container and letting the container prepare that source code for execution.
By creating self-assembling builder images, you can version and control your build environments exactly like you use Docker images to version your runtime environments.
https://github.com/openshift/source-to-image

  • OpenShift is designed to run any existing Docker images. Additionally, you can define builds that will produce new Docker images using a Dockerfile.
https://github.com/openshift/origin

  • Source-to-Image (S2I) is a mechanism for building custom Docker images. It produces ready-to-run images by injecting application source into a Docker image and assembling a new Docker image. The new image incorporates the base image and built source

So let's say you want to load the image "openshift/wildfly-100-centos7" and produce a new image using the source code available on https://github.com/fmarchioni/mastertheboss in the folder "openshift-demo"
(Have a look at the application here: https://github.com/fmarchioni/mastertheboss/tree/master/openshift-demo)
http://www.mastertheboss.com/soa-cloud/openshift/deploy-docker-images-on-openshift


  • Openshift uses Image Streams to reference a Docker image. An image stream comprises one or more Docker images identified by tags. It presents a single virtual view of related images, similar to a Docker image repository, and may contain images from any of the following:
    Its own image repository in OpenShift’s integrated Docker Registry
    Other image streams
    Docker image repositories from external registries 
http://www.mastertheboss.com/soa-cloud/openshift/using-wildfly-on-openshift

  • When deployed on OpenStack, OpenShift Origin can be configured to access OpenStack infrastructure, including using OpenStack Cinder volumes as persistent storage for application data.

https://docs.openshift.org/latest/install_config/configuring_openstack.html#install-config-configuring-openstack

  • OpenShift can build Docker images from your source code, deploy them, and manage their lifecycle. To enable this, OpenShift provides an internal, integrated Docker registry that can be deployed in your OpenShift environment to locally manage images.

https://docs.openshift.com/enterprise/3.1/install_config/install/docker_registry.html

  • geard is a command-line client and agent for integrating and linking Docker containers into systemd across multiple hosts. It is the core of the next generation of OpenShift Origin and helps administrators install and manage the components of their developers' applications
http://openshift.github.io/geard/

  • Use immutable infrastructure to deploy and scale your containerized applications. Project Atomic builds OSes, tools, and containers for cloud native platforms.
Atomic Host provides "immutable infrastructure" for deploying to hundreds or thousands of servers in your private or public cloud.
http://www.projectatomic.io/

direct debit

A direct debit or direct withdrawal is a financial transaction in which one person withdraws funds from another person's bank account. Formally, the person who directly draws the funds ("the payee") instructs his or her bank to collect (i.e., debit) an amount directly from another's ("the payer's") bank account designated by the payer and pay those funds into a bank account designated by the payee.
Before the payer's banker will allow the transaction to take place, the payer must have advised the bank that he or she has authorized the payee to directly draw the funds. It is also called pre-authorized debit (PAD) or pre-authorized payment (PAP)

In countries where setting up authorization is easy enough, direct debits can also be used for irregular payments, such as for mail order transactions or at a point of sale.

payee

payee
the person or organization to whom money, especially a cheque, must be paid

payment service provider (PSP)

A payment service provider (PSP) offers (web) shops online services for accepting electronic payments by a variety of payment methods including credit card, bank-based payments such as direct debit, bank transfer, and real-time bank transfer based on online banking.

Typically, they use a software as a service model and form a single payment gateway for their clients (merchants) to multiple payment methods