diff --git a/docs/changelog.md b/docs/changelog.md index d8911cbd..9c2d6de4 100644 --- a/docs/changelog.md +++ b/docs/changelog.md @@ -5,6 +5,14 @@ sidebar_position: 2 # Suivi des Changements +### 19 Janvier 2026 : Extension Managed Kubernetes et VPC + +- **Managed Kubernetes** : Ajout du support pour les nœuds **Bare Metal** et les **GPUs** (NVIDIA). +- **Managed Kubernetes** : Nouveau tutoriel sur l'utilisation des GPUs dans un cluster Kubernetes. +- **Managed Kubernetes** : Remplacement de KubeCost par un guide plus récent sur **OpenCost**. +- **Network (VPC)** : Documentation complète du service Virtual Private Cloud (VPC), incluant les concepts de haute disponibilité (HA), les guides de démarrage et les tutoriels. +- **Multilingue** : Traduction intégrale du service VPC et des nouveaux contenus Kubernetes vers l'anglais, l'allemand, l'espagnol et l'italien. + ### 15 Décembre 2025 : Stabilisation et corrections multilingues - **Multilingue (Terraform, LLMaaS, Harbor)** : Correction majeure des traductions en Espagnol, Italien et Allemand. Résolution des problèmes de syntaxe MDX (blocs de code vides, balises non échappées) qui empêchaient la compilation du site. diff --git a/docs/console/security/security_alarms.md b/docs/console/security/security_alarms.md index 0ab89dde..33ff6c13 100644 --- a/docs/console/security/security_alarms.md +++ b/docs/console/security/security_alarms.md @@ -9,6 +9,9 @@ Cette page est mise à jour quotidiennement afin de tenir compte des vulnérabil | Date | Référence(s) | CVSS | Titre | Description | Service(s) | Sévérité | Traitement | |---------------------|-----------------|-------------|--------------|---------|-------------|----------------|-------------| +| 23/12/2025 | [CVE-2025-14443](https://access.redhat.com/security/cve/CVE-2025-14443) | 8.5 | **Vulnérabilité dans Red Hat OpenShift (CVE-2025-14443)** | Une vulnérabilité dans le composant `openshift-apiserver` permet une élévation de privilèges. L'exploitation nécessite une authentification préalable. | PaaS OpenShift | 🟠 Important | ⚠️ Pas de correctif actuel. Nous sommes en attente du patch de l'éditeur Red Hat. | +| 30/09/2025 | [VMSA-2025-0016](https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36150) | 8.5 | **VMSA-2025-0016 : Vulnérabilité dans VMware vCenter (CVE-2025-41250)** | Une vulnérabilité (CVE-2025-41250) permet à un attaquant authentifié de modifier les emails de notification des tâches planifiées. | IaaS By VMware | 🟠 Important | ⚠️ Nous vous recommandons de planifier une montée de version de vCenter (vers 8.0 U3g ou 7.0 U3w). | +| 30/09/2025 | [VMSA-2025-0015](https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36149) | 7.6 | **VMSA-2025-0015 : Vulnérabilité dans VMware Tools (Windows)** | Une vulnérabilité (CVE-2025-41246) affectant VMware Tools pour Windows permet une élévation de privilèges (nécessite un accès local authentifié). | IaaS By VMware | 🟡 Modérée | ⚠️ Nous vous recommandons de planifier une montée de version des VMware Tools Windows (vers 13.0.5 ou 12.5.4). | | 07/08/2025 | [DSA-2025-154](https://www.dell.com/support/kbdoc/en-us/000262308/dsa-2025-154-security-update-for-dell-ecs-and-objectscale-use-of-hard-coded-ssh-cryptographic-key-vulnerability) | 8.4 | **DSA-2025-154 : Vulnérabilité dans Dell ObjectScale (CVE-2025-26476)** | Une vulnérabilité (CVE-2025-26476) dans Dell ObjectScale (< 4.0.0.0) liée à l’utilisation de clés SSH codées en dur permet un accès local non authentifié. | Object Storage | 🟠 Important | ✅ La remédiation de vos environnements ObjectScale est prise en charge par Cloud Temple. Aucune action de votre part n’est nécessaire. | | 15/07/2025 | [VMSA-2025-0013](https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/VMSA-2025-0013--VMware-ESXi--Workstation--Fusion--and-Tools-updates-address-multiple-vulnerabilities--CVE-2025-41236--CVE-2025-41237--CVE-2025-41238--CVE-2025-41239-/35877) | 9.3 | **VMSA-2025-0013 : Vulnérabilités importantes dans VMware ESXi** | Plusieurs vulnérabilités importantes affectent VMware ESXi. Des correctifs sont fournis par l’éditeur. | IaaS By VMware | 🟠 Important | ⚠️ Nous vous recommandons de mettre à jour vos hyperviseurs. Les versions ESXi corrigées sont disponibles dès leur validation par Cloud Temple. Console vous indique les ESXi nécessitant une mise à jour. | | 15/07/2025 | [VMSA-2025-0013](https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/VMSA-2025-0013--VMware-ESXi--Workstation--Fusion--and-Tools-updates-address-multiple-vulnerabilities--CVE-2025-41236--CVE-2025-41237--CVE-2025-41238--CVE-2025-41239-/35877) | 7.1 | **VMSA-2025-0013 : Vulnérabilité dans VMware Tools (CVE-2025-41239)** | Une vulnérabilité (CVE-2025-41239) dans VMware Tools permet une divulgation d’informations sensibles via vSockets non initialisés. Des correctifs sont fournis par l’éditeur. | IaaS By VMware | 🟡 Modérée | ⚠️ Nous vous recommandons de mettre à jour VMware Tools sur vos machines virtuelles. Les versions VM Tools corrigées sont embarquées dans les packages ESXi mis à disposition par Cloud Temple. | diff --git a/docs/llmaas/concepts.md b/docs/llmaas/concepts.md index 6b13854f..c29497bc 100644 --- a/docs/llmaas/concepts.md +++ b/docs/llmaas/concepts.md @@ -207,75 +207,92 @@ Ce planning est fourni à titre indicatif et est **revu au début de chaque trim | Modèle | Éditeur | Phase | DMP | DSP | | :--------------------- | :------------------------ | :--------- | :--------- | :--------- | -| deepcoder:14b | Agentica x Together AI | Production | 13/06/2025 | 30/12/2025 | +| bge-m3:567m | BAAI | Production | 18/10/2025 | 31/12/2026 | | cogito:32b | Deep Cogito | Production | 13/06/2025 | 30/06/2026 | -| cogito:3b | Deep Cogito | Production | 13/06/2025 | 30/12/2025 | -| cogito:8b | Deep Cogito | Production | 13/06/2025 | 30/12/2025 | -| deepseek-r1:14b | DeepSeek AI | Production | 13/06/2025 | 31/12/2025 | -| deepseek-r1:32b | DeepSeek AI | Production | 13/06/2025 | 31/12/2025 | -| deepseek-ocr | Qwen Team | Production | 22/11/2025 | 31/12/2026 | -| gemma3:12b | Google | Production | 13/06/2025 | 31/12/2026 | +| deepseek-ocr | DeepSeek AI | Production | 22/11/2025 | 31/12/2026 | +| devstral-small-2:24b | Mistral AI & All Hands AI | Production | 30/12/2025 | 30/06/2026 | +| devstral:24b | Mistral AI & All Hands AI | Production | 13/06/2025 | 30/03/2026 | +| embeddinggemma:300m | Google | Production | 10/09/2025 | 31/12/2026 | +| functiongemma:270m | Google | Production | 30/12/2025 | 30/12/2026 | | gemma3:1b | Google | Production | 13/06/2025 | 31/12/2025 | | gemma3:27b | Google | Production | 13/06/2025 | 30/03/2026 | -| gemma3:4b | Google | Production | 13/06/2025 | 31/12/2025 | -| gpt-oss:120b | Qwen Team | Production | 11/11/2025 | 30/06/2026 | -| gpt-oss:20b | Qwen Team | Production | 08/08/2025 | 30/03/2026 | -| embeddinggemma:300m | Google | Production | 10/09/2025 | 31/12/2026 | +| glm-4.7:358b | Zhipu AI | Production | 05/01/2026 | 30/03/2026 | +| gpt-oss:120b | OpenAI | Production | 11/11/2025 | 30/06/2026 | +| gpt-oss:20b | OpenAI | Production | 08/08/2025 | 30/03/2026 | | granite-embedding:278m | IBM | Production | 13/06/2025 | 31/12/2026 | -| qwen3-embedding:0.6b | Qwen Team | Production | 18/10/2025 | 31/12/2026 | -| granite3-guardian:2b | IBM | Production | 13/06/2025 | 31/12/2026 | -| granite3-guardian:8b | IBM | Production | 13/06/2025 | 31/12/2026 | +| granite3.1-moe:2b | IBM | Production | 13/06/2025 | 31/12/2025 | | granite3.2-vision:2b | IBM | Production | 13/06/2025 | 31/12/2026 | -| granite3.3:2b | IBM | Production | 13/06/2025 | 31/12/2025 | -| granite3.3:8b | IBM | Production | 13/06/2025 | 31/12/2025 | | granite4-small-h:32b | IBM | Production | 03/10/2025 | 30/09/2026 | | granite4-tiny-h:7b | IBM | Production | 03/10/2025 | 30/09/2026 | | llama3.3:70b | Meta | Production | 13/06/2025 | 31/12/2026 | | magistral:24b | Mistral AI | Production | 13/06/2025 | 30/03/2026 | -| mistral-small3.1:24b | Mistral AI | Production | 13/06/2025 | 31/12/2025 | +| medgemma:27b | Google | Production | 02/12/2025 | 30/06/2026 | +| ministral-3:14b | Mistral AI | Production | 30/12/2025 | 30/06/2026 | +| ministral-3:3b | Mistral AI | Production | 30/12/2025 | 30/06/2026 | +| ministral-3:8b | Mistral AI | Production | 30/12/2025 | 30/06/2026 | | mistral-small3.2:24b | Mistral AI | Production | 23/06/2025 | 30/06/2026 | -| devstral:24b | Mistral AI & All Hands AI | Production | 13/06/2025 | 30/03/2026 | -| qwen2.5vl:32b | Qwen Team | Production | 13/06/2025 | 31/12/2025 | -| qwen2.5vl:3b | Qwen Team | Production | 13/06/2025 | 31/12/2025 | -| qwen2.5vl:72b | Qwen Team | Production | 13/06/2025 | 31/12/2025 | -| qwen2.5vl:7b | Qwen Team | Production | 13/06/2025 | 31/12/2025 | -| qwen3:0.6b | Qwen Team | Production | 13/06/2025 | 31/12/2025 | -| qwen3:1.7b | Qwen Team | Production | 13/06/2025 | 31/12/2025 | -| qwen3:14b | Qwen Team | Production | 13/06/2025 | 31/12/2025 | -| qwen3:30b-a3b | Qwen Team | Production | 13/06/2025 | 31/12/2025 | -| qwen3-2507:30b-a3b | Qwen Team | Production | 30/08/2025 | 30/03/2026 | +| nemotron3-nano:30b | NVIDIA | Production | 04/01/2026 | 30/06/2026 | +| olmo-3:32b | AllenAI | Production | 30/12/2025 | 30/06/2026 | +| olmo-3:7b | AllenAI | Production | 30/12/2025 | 30/06/2026 | +| qwen2.5:0.5b | Qwen Team | Production | 13/06/2025 | 31/12/2025 | +| qwen3-coder:30b | Qwen Team | Production | 02/08/2025 | 30/03/2026 | +| qwen3-2507-gptq:235b | Qwen Team | Production | 04/01/2026 | 30/06/2026 | | qwen3-2507-think:4b | Qwen Team | Production | 31/08/2025 | 30/03/2026 | | qwen3-2507:4b | Qwen Team | Production | 31/08/2025 | 30/03/2026 | -| qwen3:4b | Qwen Team | Production | 13/06/2025 | 31/12/2025 | -| qwen3:8b | Qwen Team | Production | 13/06/2025 | 31/12/2025 | -| qwen3-coder:30b | Qwen Team | Production | 02/08/2025 | 30/03/2026 | -| qwen3-2507:235b | Qwen Team | Production | 02/08/2025 | 30/03/2026 | -| qwen3:32b | Qwen Team | Production | 13/06/2025 | 31/12/2025 | -| qwq:32b | Qwen Team | Production | 13/06/2025 | 31/12/2025 | +| qwen3:30b-a3b | Qwen Team | Production | 30/08/2025 | 30/03/2026 | | qwen3-next:80b | Qwen Team | Production | 04/11/2025 | 30/03/2026 | +| qwen3-omni:30b | Qwen Team | Production | 05/01/2026 | 30/06/2026 | +| qwen3-vl:2b | Qwen Team | Production | 30/12/2025 | 30/06/2026 | +| qwen3-vl:30b | Qwen Team | Production | 30/12/2025 | 30/06/2026 | +| qwen3-vl:32b | Qwen Team | Production | 30/12/2025 | 30/06/2026 | +| qwen3-vl:4b | Qwen Team | Production | 30/12/2025 | 30/06/2026 | +| qwen3-vl:8b | Qwen Team | Production | 05/01/2026 | 30/06/2026 | +| qwen3-vl:235b | Qwen Team | Production | 04/01/2026 | 30/06/2026 | +| qwen3:0.6b | Qwen Team | Production | 13/06/2025 | 31/12/2025 | +| rnj-1:8b | Essential AI | Production | 30/12/2025 | 30/06/2026 | ### Modèles Dépréciés Le monde des LLMs évolue très rapidement. Pour garantir à nos clients l'accès aux technologies les plus performantes, nous déprécions régulièrement les modèles qui ne sont plus au niveau des standards actuels ou qui ne sont pas utilisés. Les modèles listés ci-dessous ne sont plus disponibles sur la plateforme publique. Ils peuvent cependant être réactivés pour des projets spécifiques, à la demande. -| Modèle | Éditeur | Phase | Date de Dépréciation | -| :----------------------- | :-------------------- | :------- | :------------------- | -| cogito:14b | Deep Cogito | Déprécié | 17/10/2025 | -| deepseek-r1:671b | DeepSeek AI | Déprécié | 17/10/2025 | -| deepseek-r1:70b | DeepSeek AI | Déprécié | 17/10/2025 | -| foundation-sec:8b | Foundation AI — Cisco | Déprécié | 17/10/2025 | -| granite3.1-moe:3b | IBM | Déprécié | 17/10/2025 | -| llama3.1:8b | Meta | Déprécié | 17/10/2025 | -| phi4-reasoning:14b | Microsoft | Déprécié | 17/10/2025 | -| lucie-instruct:7b | OpenLLM-France | Déprécié | 17/10/2025 | -| qwen2.5:0.5b | Qwen Team | Déprécié | 17/10/2025 | -| qwen2.5:1.5b | Qwen Team | Déprécié | 17/10/2025 | -| qwen2.5:14b | Qwen Team | Déprécié | 17/10/2025 | -| qwen2.5:32b | Qwen Team | Déprécié | 17/10/2025 | -| qwen2.5:3b | Qwen Team | Déprécié | 17/10/2025 | -| qwen3:235b | | Déprécié | 22/11/2025 | -| qwen3-2507-think:30b-a3b | | Déprécié | 14/11/2025 | -| gemma3:12b | | Déprécié | 21/11/2025 | +| Modèle | Phase | Date de Dépréciation | +| :----------------------- | :------- | :------------------- | +| deepseek-r1:14b | Déprécié | 30/12/2025 | +| deepseek-r1:32b | Déprécié | 30/12/2025 | +| gemma3:1b | Déprécié | 30/12/2025 | +| gemma3:4b | Déprécié | 30/12/2025 | +| qwen3:0.6b | Déprécié | 30/12/2025 | +| qwen3:1.7b | Déprécié | 30/12/2025 | +| qwen3:14b | Déprécié | 30/12/2025 | +| qwen3:30b-a3b | Déprécié | 30/12/2025 | +| qwen3:4b | Déprécié | 30/12/2025 | +| qwen3:8b | Déprécié | 30/12/2025 | +| qwen3:32b | Déprécié | 30/12/2025 | +| qwq:32b | Déprécié | 30/12/2025 | +| granite3.3:2b | Déprécié | 30/12/2025 | +| granite3.3:8b | Déprécié | 30/12/2025 | +| mistral-small3.1:24b | Déprécié | 30/12/2025 | +| qwen2.5vl:32b | Déprécié | 30/12/2025 | +| qwen2.5vl:3b | Déprécié | 30/12/2025 | +| qwen2.5vl:72b | Déprécié | 30/12/2025 | +| qwen2.5vl:7b | Déprécié | 30/12/2025 | +| cogito:8b | Déprécié | 30/12/2025 | +| deepcoder:14b | Déprécié | 30/12/2025 | +| cogito:3b | Déprécié | 30/12/2025 | +| qwen3:235b | Déprécié | 22/11/2025 | +| qwen3-2507-think:30b-a3b | Déprécié | 14/11/2025 | +| gemma3:12b | Déprécié | 21/11/2025 | +| cogito:14b | Déprécié | 17/10/2025 | +| deepseek-r1:70b | Déprécié | 17/10/2025 | +| granite3.1-moe:3b | Déprécié | 17/10/2025 | +| llama3.1:8b | Déprécié | 17/10/2025 | +| phi4-reasoning:14b | Déprécié | 17/10/2025 | +| qwen2.5:0.5b | Déprécié | 17/10/2025 | +| qwen2.5:1.5b | Déprécié | 17/10/2025 | +| qwen2.5:14b | Déprécié | 17/10/2025 | +| qwen2.5:32b | Déprécié | 17/10/2025 | +| qwen2.5:3b | Déprécié | 17/10/2025 | +| deepseek-r1:671b | Déprécié | 17/10/2025 | ## 💡 Bonnes Pratiques diff --git a/docs/llmaas/models.md b/docs/llmaas/models.md index a88d10a6..99b384a0 100644 --- a/docs/llmaas/models.md +++ b/docs/llmaas/models.md @@ -1,5 +1,5 @@ --- -title: Catalogue des Modèles LLMaaS +title: Catalogue des Modèles IA sidebar_position: 2 --- @@ -7,16 +7,16 @@ sidebar_position: 2 ## Vue d'ensemble -Cloud Temple LLMaaS propose **41 modèles de langage large** soigneusement sélectionnés et optimisés pour répondre aux exigences **SecNumCloud** les plus strictes. Notre catalogue couvre l'ensemble du spectre, des micro-modèles ultra-efficaces aux modèles extrêmement volumineux. +Cloud Temple LLMaaS propose **42 modèles de langage large** soigneusement sélectionnés et optimisés pour répondre aux exigences **SecNumCloud** les plus strictes. Notre catalogue couvre l'ensemble du spectre, des micro-modèles ultra-efficaces aux modèles extrêmement volumineux. ### Statistiques Globales | Métrique | Valeur | |----------|--------| -| **Nombre total de modèles** | 41 modèles | -| **Contexte minimum** | 8 192 tokens | -| **Contexte maximum** | 262 144 tokens | -| **Conformité** | SecNumCloud ✅ HDS ✅ Souveraineté ✅ C5 ❌ | +| **Nombre total de modèles** | 42 modèles | +| **Contexte minimum** | 2,048 tokens | +| **Contexte maximum** | 262,144 tokens | +| **Conformité** | SecNumCloud ✅ HDS ✅ Souveraineté ✅ C5 ✅ | | **Localisation** | 100% France 🇫🇷 | ### Tarification @@ -29,67 +29,43 @@ Cloud Temple LLMaaS propose **41 modèles de langage large** soigneusement séle ## Modèles de Grande Taille -### gpt-oss:120b -**OpenAI • 120B paramètres • Contexte : 120 000 tokens** +### cogito:32b +**Deep Cogito • 32B paramètres • Contexte : 32,000 tokens** -Modèle de langage open-weight de pointe d'OpenAI, offrant de solides performances avec une licence flexible Apache 2.0. +Version avancée du modèle Cogito offrant des capacités de raisonnement et d'analyse considérablement amplifiées, conçue pour les applications les plus exigeantes en matière d'intelligence artificielle analytique. -**Spécifications techniques :** -- **Vitesse** : 140 tokens/seconde tokens/seconde -- **Consommation** : 1.69 kWh/million tokens -- **Licence** : Apache 2.0 +**Spécifications techniques:** +- **Vitesse** : 20 tokens/seconde +- **Consommation** : 6.67 kWh/million tokens +- **Licence** : [LLAMA 3.2 Community Licence](./licences/llama_3.2_community_licence.licence.md) - **Localisation** : FR 🇫🇷 -**Capacités :** +**Capacités:** ✅ Outils/Agent • ❌ Vision • ✅ Raisonnement • ❌ Sécurité -**Tags :** `MoE` `Agent` `Raisonnement` `Open-Source` `Très Large` - -**Cas d'usage :** -- Agents conversationnels avancés avec raisonnement complexe et intégration d'outils. -- Applications nécessitant une transparence totale du processus de raisonnement (chain-of-thought). -- Scénarios commerciaux nécessitant une licence permissive (Apache 2.0). -- Fine-tuning pour des tâches spécialisées nécessitant un modèle de base puissant. - ---- - -### llama3.3:70b -**Meta • 70B paramètres • Contexte : 132 000 tokens** - -Modèle multilingue de pointe développé par Meta, conçu pour exceller dans le dialogue naturel, le raisonnement complexe et la compréhension nuancée des instructions. - -**Spécifications techniques :** -- **Vitesse** : 31 tokens/seconde tokens/seconde -- **Consommation** : 8.58 kWh/million tokens -- **Licence** : LLAMA 3.3 Community Licence -- **Localisation** : FR 🇫🇷 - -**Capacités :** -✅ Outils/Agent • ❌ Vision • ❌ Raisonnement • ❌ Sécurité - -**Tags :** `Agent` `Dialogue` `Multilingue` +**Tags :** `Agent` `Raisonnement` `Compréhension` `Analyse` **Cas d'usage :** -- Chatbots multilingues prenant en charge 8 langues simultanément -- Exécution d'instructions complexes enchaînées (prompt chaining) -- Traitement d'une fenêtre de dialogue de 60K tokens pour historique conversationnel -- Analyse de documents juridiques ou techniques volumineux (>100 pages) -- Génération de textes structurés avec fidélité aux consignes stylistiques +- Analyse de scénarios multi-factoriels avec évaluation probabiliste des résultats +- Résolution de problèmes scientifiques avec démonstration formelle des étapes +- Applications à haute criticité nécessitant précision et vérifiabilité des résultats +- Systèmes experts dans des domaines spécialisés (juridique, médical, technique) +- Analyse avec raisonnement multi-étapes et explicabilité complète des conclusions --- ### gemma3:27b -**Google • 27B paramètres • Contexte : 120 000 tokens** +**Google • 27B paramètres • Contexte : 120,000 tokens** Modèle révolutionnaire de Google offrant un équilibre optimal entre puissance et efficacité, avec un rapport performance/coût exceptionnel pour les applications professionnelles exigeantes. -**Spécifications techniques :** -- **Vitesse** : 24 tokens/seconde tokens/seconde -- **Consommation** : 5.56 kWh/million tokens -- **Licence** : Google Gemma Terms of Use +**Spécifications techniques:** +- **Vitesse** : 21 tokens/seconde +- **Consommation** : 6.35 kWh/million tokens +- **Licence** : [Google Gemma Terms of Use](./licences/google_gemma_terms_of_use.licence.md) - **Localisation** : FR 🇫🇷 -**Capacités :** +**Capacités:** ✅ Outils/Agent • ✅ Vision • ❌ Raisonnement • ❌ Sécurité **Tags :** `Vision` `Agent` `Grand contexte` @@ -103,700 +79,745 @@ Modèle révolutionnaire de Google offrant un équilibre optimal entre puissance --- -### qwen3-coder:30b -**Qwen Team • 30B paramètres • Contexte : 250 000 tokens** +### glm-4.7:358b +**Zhipu AI • 358B paramètres • Contexte : 120,000 tokens** -Modèle MoE optimisé pour les tâches d'ingénierie logicielle, avec un contexte très long. +Modèle polyvalent de haute performance conçu par Zhipu AI, excellent dans le raisonnement logique, la compréhension multilingue et les tâches complexes. -**Spécifications techniques :** -- **Vitesse** : 84 tokens/seconde tokens/seconde ⚡ -- **Consommation** : 3.14 kWh/million tokens -- **Licence** : Apache 2.0 +**Spécifications techniques:** +- **Vitesse** : 18 tokens/seconde +- **Consommation** : 7.41 kWh/million tokens +- **Licence** : [Apache 2.0](./licences/apache_2.0.licence.md) - **Localisation** : FR 🇫🇷 -**Capacités :** +**Capacités:** ✅ Outils/Agent • ❌ Vision • ✅ Raisonnement • ❌ Sécurité -**Tags :** `Agent` `Programmation` `Grand Contexte` `MoE` +**Tags :** `Agent` `Raisonnement` `Grand Contexte` `Multilingue` **Cas d'usage :** -- Agents d'ingénierie logicielle pour explorer et modifier des bases de code -- Génération de code complexe avec compréhension à l'échelle du dépôt (repository-scale) -- Tâches de raisonnement sur des contextes étendus -- Amélioration de code via apprentissage par renforcement +- Tâches de raisonnement complexe +- Analyse de documents longs +- Assistants conversationnels avancés --- -### qwen3-2507:30b-a3b -**Qwen Team • 30B paramètres • Contexte : 250 000 tokens** +### gpt-oss:120b +**OpenAI • 120B paramètres • Contexte : 120,000 tokens** -Version améliorée du mode non-pensée de Qwen3-30B, avec des capacités générales, une couverture de connaissances et un alignement utilisateur améliorés. +Modèle de langage open-weight de pointe d'OpenAI, offrant de solides performances avec une licence flexible Apache 2.0. -**Spécifications techniques :** -- **Vitesse** : 118 tokens/seconde tokens/seconde ⚡ -- **Consommation** : 1.65 kWh/million tokens -- **Licence** : Apache 2.0 +**Spécifications techniques:** +- **Vitesse** : 104 tokens/seconde +- **Consommation** : 2.19 kWh/million tokens +- **Licence** : [Apache 2.0](./licences/apache_2.0.licence.md) - **Localisation** : FR 🇫🇷 -**Capacités :** -✅ Outils/Agent • ❌ Vision • ❌ Raisonnement • ❌ Sécurité +**Capacités:** +✅ Outils/Agent • ❌ Vision • ✅ Raisonnement • ❌ Sécurité -**Tags :** `Agent` `Grand Contexte` `MoE` `Multilingue` +**Tags :** `MoE` `Agent` `Raisonnement` `Open-Source` `Très Large` **Cas d'usage :** -- Tâches complexes nécessitant un suivi d'instructions précis et un raisonnement logique. -- Applications multilingues avec une large couverture de connaissances. -- Génération de texte de haute qualité pour des tâches ouvertes et subjectives. -- Analyse de documents très volumineux grâce au contexte de 250k tokens. +- Agents conversationnels avancés avec raisonnement complexe et intégration d'outils. +- Applications nécessitant une transparence totale du processus de raisonnement (chain-of-thought). +- Scénarios commerciaux nécessitant une licence permissive (Apache 2.0). +- Fine-tuning pour des tâches spécialisées nécessitant un modèle de base puissant. --- -### qwen3:30b-a3b -**Qwen Team • 30B paramètres • Contexte : 32 000 tokens** +### llama3.3:70b +**Meta • 70B paramètres • Contexte : 132,000 tokens** -Dernière génération des modèles Qwen, offrant des améliorations significatives en termes de données d'entraînement, d'architecture et d'optimisation. +Modèle multilingue de pointe développé par Meta, conçu pour exceller dans le dialogue naturel, le raisonnement complexe et la compréhension nuancée des instructions. -**Spécifications techniques :** -- **Vitesse** : 118 tokens/seconde tokens/seconde -- **Consommation** : 1.65 kWh/million tokens -- **Licence** : Apache 2.0 +**Spécifications techniques:** +- **Vitesse** : 29 tokens/seconde +- **Consommation** : 7.85 kWh/million tokens +- **Licence** : [LLAMA 3.3 Community Licence](./licences/llama_3.3_community_licence.licence.md) - **Localisation** : FR 🇫🇷 -**Capacités :** -✅ Outils/Agent • ❌ Vision • ✅ Raisonnement • ❌ Sécurité +**Capacités:** +✅ Outils/Agent • ❌ Vision • ❌ Raisonnement • ❌ Sécurité -**Tags :** `Agent` `Programmation` `Multilingue` `MoE` +**Tags :** `Agent` `Dialogue` `Multilingue` **Cas d'usage :** -- Tâches de raisonnement complexes et génération de code. -- Applications multilingues nécessitant une large couverture linguistique. -- Scénarios nécessitant un bon équilibre entre performance et efficacité des ressources grâce à l'architecture MoE. +- Chatbots multilingues prenant en charge 8 langues simultanément +- Exécution d'instructions complexes enchaînées (prompt chaining) +- Traitement d'une fenêtre de dialogue de 60K tokens pour historique conversationnel +- Analyse de documents juridiques ou techniques volumineux (>100 pages) +- Génération de textes structurés avec fidélité aux consignes stylistiques --- -### qwen2.5vl:32b -**Qwen Team • 32B paramètres • Contexte : 120 000 tokens** +### ministral-3:14b +**Mistral AI • 14B paramètres • Contexte : 250,000 tokens** -Version la plus puissante de la série Qwen2.5-VL, offrant des capacités de compréhension visuelle et d'agentique de pointe. +Le plus puissant de la famille Ministral, conçu pour les tâches complexes sur infrastructure locale. -**Spécifications techniques :** -- **Vitesse** : 22 tokens/seconde tokens/seconde -- **Consommation** : 6.06 kWh/million tokens -- **Licence** : Apache 2.0 +**Spécifications techniques:** +- **Vitesse** : 31 tokens/seconde +- **Consommation** : 4.30 kWh/million tokens +- **Licence** : [Apache 2.0](./licences/apache_2.0.licence.md) - **Localisation** : FR 🇫🇷 -**Capacités :** -✅ Outils/Agent • ✅ Vision • ❌ Raisonnement • ❌ Sécurité +**Capacités:** +✅ Outils/Agent • ❌ Vision • ✅ Raisonnement • ❌ Sécurité -**Tags :** `Vision` `Agent` `Raisonnement` `OCR` `Localisation Visuelle` `Large` +**Tags :** `Haute Performance` `Edge` `Raisonnement` `Code` **Cas d'usage :** -- Analyse de documents et de diagrammes très complexes -- Agents visuels autonomes pour la navigation et l'interaction avec des GUI -- Tâches de localisation d'objets et de reconnaissance de texte de haute précision -- Génération de descriptions riches et détaillées à partir d'images complexes +- Résolution de problèmes complexes en local +- Assistants de codage et d'ingénierie +- Analyse approfondie de documents avec raisonnement --- -### qwen2.5vl:72b -**Qwen Team • 72B paramètres • Contexte : 128 000 tokens** +### nemotron-3-nano:30b +**NVIDIA • 30B paramètres • Contexte : 250,000 tokens** -Version la plus puissante de la série Qwen2.5-VL, offrant des capacités de compréhension visuelle et d'agentique de pointe pour les tâches les plus exigeantes. +Modèle NVIDIA optimisé pour le raisonnement complexe et l'utilisation d'outils, déployé avec un contexte étendu. -**Spécifications techniques :** -- **Vitesse** : 13 tokens/seconde tokens/seconde -- **Consommation** : 10.26 kWh/million tokens -- **Licence** : Apache 2.0 +**Spécifications techniques:** +- **Vitesse** : 89 tokens/seconde +- **Consommation** : 1.62 kWh/million tokens +- **Licence** : [NVIDIA Community License](./licences/nvidia_community_license.licence.md) - **Localisation** : FR 🇫🇷 -**Capacités :** -✅ Outils/Agent • ✅ Vision • ✅ Raisonnement • ❌ Sécurité +**Capacités:** +✅ Outils/Agent • ❌ Vision • ✅ Raisonnement • ❌ Sécurité -**Tags :** `Vision` `Agent` `Raisonnement` `OCR` `Localisation Visuelle` `Très Large` +**Tags :** `Agent` `Raisonnement` `Grand Contexte` **Cas d'usage :** -- Analyse de documents et de diagrammes très complexes -- Agents visuels autonomes pour la navigation et l'interaction avec des GUI -- Tâches de localisation d'objets et de reconnaissance de texte de très haute précision -- Génération de descriptions riches et détaillées à partir d'images très complexes +- Agents autonomes complexes avec appels d'outils multiples +- Raisonnement logique et résolution de problèmes +- Analyse de documents longs avec extraction précise --- -### qwen3-next:80b -**Qwen Team • 80B paramètres • Contexte : 262 144 tokens** +### olmo-3:32b +**AllenAI • 32B paramètres • Contexte : 65,536 tokens** -Modèle Next 80B FP8 de Qwen, optimisé pour les grands contextes et le raisonnement, servi via vLLM (A100). +Le premier modèle de raisonnement entièrement ouvert à cette échelle, rivalisant avec les meilleurs modèles propriétaires. -**Spécifications techniques :** -- **Vitesse** : 59 tokens/seconde tokens/seconde ⚡ -- **Consommation** : 3.3 kWh/million tokens -- **Licence** : Apache 2.0 +**Spécifications techniques:** +- **Vitesse** : 19 tokens/seconde +- **Consommation** : 7.02 kWh/million tokens +- **Licence** : [Apache 2.0](./licences/apache_2.0.licence.md) - **Localisation** : FR 🇫🇷 -**Capacités :** -✅ Outils/Agent • ❌ Vision • ✅ Raisonnement • ❌ Sécurité +**Capacités:** +❌ Outils/Agent • ❌ Vision • ✅ Raisonnement • ❌ Sécurité -**Tags :** `Agent` `Raisonnement` `Grand Contexte` `MoE` +**Tags :** `Open-Source` `Grand Contexte` `Raisonnement` `Transparent` `Code` `Haute Performance` **Cas d'usage :** -- Agents conversationnels avancés avec intégration d'outils -- Analyse de documents très volumineux (jusqu'à 260k tokens) -- Génération de code et tâches complexes nécessitant raisonnement structuré +- Raisonnement complexe et résolution de problèmes multi-étapes +- Développement logiciel avancé et génération de code +- Analyse approfondie nécessitant une transparence sur le processus de décision --- -## Modèles Spécialisés - -### embeddinggemma:300m -**Google • 300M paramètres • Contexte : 2 048 tokens** +### olmo-3:7b +**AllenAI • 7B paramètres • Contexte : 65,536 tokens** -Modèle d'embedding de pointe de Google, optimisé pour sa taille, idéal pour les tâches de recherche et de récupération sémantique. +Modèle "Fully Open" de référence, offrant une transparence totale (données, code, poids) et une efficacité remarquable. -**Spécifications techniques :** -- **Licence** : Google Gemma Terms of Use +**Spécifications techniques:** +- **Vitesse** : 37 tokens/seconde +- **Consommation** : 1.65 kWh/million tokens +- **Licence** : [Apache 2.0](./licences/apache_2.0.licence.md) - **Localisation** : FR 🇫🇷 -**Capacités :** +**Capacités:** ❌ Outils/Agent • ❌ Vision • ❌ Raisonnement • ❌ Sécurité -**Tags :** `Embedding` `Compact` `Sémantique` `Efficient` `Multilingue` +**Tags :** `Open-Source` `Grand Contexte` `Transparent` `Efficient` `Maths` `Code` **Cas d'usage :** -- Recherche et récupération d'informations (Retrieval) -- Classification et clustering de documents -- Recherche de similarité sémantique -- Déploiement sur des appareils à ressources limitées (mobile, laptop) +- Recherche académique et scientifique nécessitant une reproductibilité totale +- Tâches de programmation et résolution de problèmes mathématiques +- Analyse de documents moyens avec traçabilité complète --- -### gpt-oss:20b -**OpenAI • 20B paramètres • Contexte : 120 000 tokens** +### qwen3-2507:235b +**Qwen Team • 235B paramètres • Contexte : 130,000 tokens** -Modèle de langage open-weight d'OpenAI, optimisé pour l'efficacité et le déploiement sur du matériel grand public. +Modèle MoE massif de 235 milliards de paramètres, avec seulement 22 milliards actifs, offrant des performances de pointe. -**Spécifications techniques :** -- **Vitesse** : 85 tokens/seconde tokens/seconde ⚡ -- **Consommation** : 1.57 kWh/million tokens -- **Licence** : Apache 2.0 +**Spécifications techniques:** +- **Vitesse** : 58 tokens/seconde +- **Consommation** : 3.93 kWh/million tokens +- **Licence** : [Apache 2.0](./licences/apache_2.0.licence.md) - **Localisation** : FR 🇫🇷 -**Capacités :** +**Capacités:** ✅ Outils/Agent • ❌ Vision • ✅ Raisonnement • ❌ Sécurité -**Tags :** `MoE` `Agent` `Raisonnement` `Open-Source` `Compact` `Rapide` +**Tags :** `MoE` `Agent` `Raisonnement` `Très Large` **Cas d'usage :** -- Déploiements sur des appareils à ressources limitées (edge devices) ou des serveurs à faible coût. -- Applications nécessitant une inférence rapide avec de bonnes capacités de raisonnement. -- Cas d'usage agentiques avec appel de fonctions, navigation web et exécution de code. -- Fine-tuning pour des tâches spécialisées sur du matériel grand public. +- Résolution de problèmes mathématiques et logiques complexes +- Tâches nécessitant une vaste base de connaissances +- Assistant de codage avancé +- Analyse approfondie de documents --- -### qwen3:14b -**Qwen Team • 14B paramètres • Contexte : 32 000 tokens** +### qwen3-2507:30b-a3b +**Qwen Team • 30B paramètres • Contexte : 250,000 tokens** -Modèle dense nouvelle génération Qwen3 (14B), offrant des performances équivalentes à Qwen2.5 32B avec une meilleure efficacité. +Version améliorée du mode non-pensée de Qwen3-30B, avec des capacités générales, une couverture de connaissances et un alignement utilisateur améliorés. -**Spécifications techniques :** -- **Vitesse** : 44 tokens/seconde tokens/seconde ⚡ -- **Consommation** : 3.03 kWh/million tokens -- **Licence** : Apache 2.0 +**Spécifications techniques:** +- **Vitesse** : 104 tokens/seconde +- **Consommation** : 1.39 kWh/million tokens +- **Licence** : [Apache 2.0](./licences/apache_2.0.licence.md) - **Localisation** : FR 🇫🇷 -**Capacités :** -✅ Outils/Agent • ❌ Vision • ✅ Raisonnement • ❌ Sécurité +**Capacités:** +✅ Outils/Agent • ❌ Vision • ❌ Raisonnement • ❌ Sécurité -**Tags :** `Agent` `Raisonnement` `Rapide` `Multilingue` +**Tags :** `Agent` `Grand Contexte` `MoE` `Multilingue` **Cas d'usage :** -- Tâches générales nécessitant performance et grand contexte -- Génération de contenu créatif et technique -- Analyse de données et raisonnement complexe -- Intégration avec des outils externes via function calling +- Tâches complexes nécessitant un suivi d'instructions précis et un raisonnement logique. +- Applications multilingues avec une large couverture de connaissances. +- Génération de texte de haute qualité pour des tâches ouvertes et subjectives. +- Analyse de documents très volumineux grâce au contexte de 250k tokens. --- -### gemma3:4b -**Google • 4B paramètres • Contexte : 120 000 tokens** +### qwen3-coder:30b +**Qwen Team • 30B paramètres • Contexte : 250,000 tokens** -Modèle compact de Google offrant d'excellentes performances dans un format léger et économique. +Modèle MoE optimisé pour les tâches d'ingénierie logicielle, avec un contexte très long. -**Spécifications techniques :** -- **Vitesse** : 60 tokens/seconde tokens/seconde ⚡ -- **Consommation** : 0.55 kWh/million tokens 🌱 -- **Licence** : Google Gemma Terms of Use +**Spécifications techniques:** +- **Vitesse** : 104 tokens/seconde +- **Consommation** : 1.39 kWh/million tokens +- **Licence** : [Apache 2.0](./licences/apache_2.0.licence.md) - **Localisation** : FR 🇫🇷 -**Capacités :** -❌ Outils/Agent • ✅ Vision • ❌ Raisonnement • ❌ Sécurité +**Capacités:** +✅ Outils/Agent • ❌ Vision • ✅ Raisonnement • ❌ Sécurité -**Tags :** `Vision` `Rapide` `Compact` `Grand Contexte` `Efficient` +**Tags :** `Agent` `Programmation` `Grand Contexte` `MoE` **Cas d'usage :** -- Applications embarquées et edge computing avec traitement d'images -- Chatbots multimodaux réactifs nécessitant une faible latence -- Déploiements à grande échelle avec capacités visuelles et textuelles -- Applications mobiles avec analyse d'images et textes -- Traitement de requêtes visuelles simples à moyenne complexité avec haute performance +- Agents d'ingénierie logicielle pour explorer et modifier des bases de code +- Génération de code complexe avec compréhension à l'échelle du dépôt (repository-scale) +- Tâches de raisonnement sur des contextes étendus +- Amélioration de code via apprentissage par renforcement --- -### gemma3:1b -**Google • 1B paramètres • Contexte : 32 000 tokens** +### qwen3-next:80b +**Qwen Team • 80B paramètres • Contexte : 262,144 tokens** -Micro-modèle ultra-léger conçu pour les déploiements sur appareils à très faibles ressources. +Modèle Next 80B de Qwen, optimisé pour les grands contextes et le raisonnement, servi via vLLM (A100). -**Spécifications techniques :** -- **Vitesse** : 115 tokens/seconde tokens/seconde ⚡ -- **Consommation** : 0.15 kWh/million tokens 🌱 -- **Licence** : Google Gemma Terms of Use +**Spécifications techniques:** +- **Vitesse** : 148 tokens/seconde +- **Consommation** : 1.54 kWh/million tokens +- **Licence** : [Apache 2.0](./licences/apache_2.0.licence.md) - **Localisation** : FR 🇫🇷 -**Capacités :** -❌ Outils/Agent • ❌ Vision • ❌ Raisonnement • ❌ Sécurité +**Capacités:** +✅ Outils/Agent • ❌ Vision • ✅ Raisonnement • ❌ Sécurité -**Tags :** `Ultra-compact` `Embarqué` `Efficient` `Rapide` +**Tags :** `Agent` `Raisonnement` `Grand Contexte` `MoE` **Cas d'usage :** -- Déploiement sur appareils IoT et systèmes embarqués avec intégration API -- Applications nécessitant inférence locale sur CPU avec appels à des fonctions -- Tâches textuelles basiques avec temps de réponse instantané et function calling -- Assistants compacts pour applications grand public avec intégration services externes -- Systèmes de contrôle intelligents intégrant plusieurs APIs/services +- Agents conversationnels avancés avec intégration d'outils +- Analyse de documents très volumineux (jusqu'à 260k tokens) +- Génération de code et tâches complexes nécessitant raisonnement structuré --- -### mistral-small3.1:24b -**Mistral AI • 24B paramètres • Contexte : 120 000 tokens** +### qwen3-omni:30b +**Qwen Team • 30B paramètres • Contexte : 32,768 tokens** -Modèle compact et réactif de Mistral AI, spécialement conçu pour offrir une assistance conversationnelle fluide et pertinente avec une vitesse de réponse optimale. +Qwen3-Omni 30B est un modèle omnimodal natif, capable de comprendre le texte, l'image, la vidéo et l'audio dans un même flux. -**Spécifications techniques :** -- **Vitesse** : 34 tokens/seconde tokens/seconde -- **Consommation** : 3.83 kWh/million tokens -- **Licence** : Apache 2.0 +**Spécifications techniques:** +- **Vitesse** : 86 tokens/seconde +- **Consommation** : 2.65 kWh/million tokens +- **Licence** : [Apache 2.0](./licences/apache_2.0.licence.md) - **Localisation** : FR 🇫🇷 -**Capacités :** -✅ Outils/Agent • ✅ Vision • ❌ Raisonnement • ✅ Sécurité +**Capacités:** +✅ Outils/Agent • ✅ Vision • ✅ Raisonnement • ❌ Sécurité -**Tags :** `Vision` `Agent` `Sécurité` +**Tags :** `Omni` `Audio` `Vision` `Agent` `Multimodal` `BF16` **Cas d'usage :** -- Applications conversationnelles -- Assistants virtuels combinant analyse d'images et texte (26 tokens/s) -- Chatbots de support technique avec accès à la documentation technique -- Outils de création/édition de contenu avec réponse immédiate (blogs, emails) -- Déploiement sur infrastructures standard (24B de paramètres) +- Interactions multimodales fluides (parle, voit, écoute) +- Analyse vidéo et audio combinée +- Assistants intelligents de nouvelle génération --- -### mistral-small3.2:24b -**Mistral AI • 24B paramètres • Contexte : 128 000 tokens** +### qwen3-vl:235b +**Qwen Team • 235B paramètres • Contexte : 200,000 tokens** -Mise à jour mineure de Mistral Small 3.1, améliorant le suivi d'instructions, la robustesse du function calling et réduisant les erreurs de répétition. +Le modèle multimodal le plus puissant du catalogue, alliant une compréhension visuelle de pointe à des capacités de raisonnement exceptionnelles. -**Spécifications techniques :** -- **Vitesse** : 56 tokens/seconde tokens/seconde -- **Consommation** : 2.33 kWh/million tokens -- **Licence** : Apache 2.0 +**Spécifications techniques:** +- **Vitesse** : 31 tokens/seconde +- **Consommation** : 7.35 kWh/million tokens +- **Licence** : [Apache 2.0](./licences/apache_2.0.licence.md) - **Localisation** : FR 🇫🇷 -**Capacités :** -✅ Outils/Agent • ✅ Vision • ❌ Raisonnement • ✅ Sécurité +**Capacités:** +✅ Outils/Agent • ✅ Vision • ✅ Raisonnement • ❌ Sécurité -**Tags :** `Vision` `Agent` `Sécurité` `Instruction Following` +**Tags :** `Agent` `Raisonnement` `Grand Contexte` `NVFP4` `Blackwell` `Vision` **Cas d'usage :** -- Agents conversationnels avec un suivi d'instructions amélioré -- Intégration robuste avec des outils externes via function calling -- Applications nécessitant une grande fiabilité pour éviter les répétitions -- Cas d'usage identiques à Mistral Small 3.1 avec des performances accrues +- Automatisation de processus documentaires complexes (OCR multilingue, extraction structurée) +- Agents visuels intelligents pour l'interaction logicielle et l'automatisation d'interface +- Analyse scientifique et technique avancée (STEM, raisonnement spatial 3D) +- RAG Multimodal sur documents volumineux (>200k tokens) et vidéos --- -### deepcoder:14b -**Agentica x Together AI • 14B paramètres • Contexte : 32 000 tokens** +### qwen3-vl:30b +**Qwen Team • 30B paramètres • Contexte : 250,000 tokens** -Modèle IA open source (14B) par Together AI & Agentica, alternative crédible aux modèles propriétaires pour la génération de code. +Modèle multimodal de pointe (Qwen3-VL) offrant une compréhension visuelle exceptionnelle et un raisonnement temporel précis. -**Spécifications techniques :** -- **Vitesse** : 9 tokens/seconde tokens/seconde ⚡ -- **Consommation** : 3.72 kWh/million tokens -- **Licence** : Apache 2.0 +**Spécifications techniques:** +- **Vitesse** : 43 tokens/seconde +- **Consommation** : 3.10 kWh/million tokens +- **Licence** : [Apache 2.0](./licences/apache_2.0.licence.md) - **Localisation** : FR 🇫🇷 -**Capacités :** -❌ Outils/Agent • ❌ Vision • ✅ Raisonnement • ❌ Sécurité +**Capacités:** +✅ Outils/Agent • ✅ Vision • ❌ Raisonnement • ❌ Sécurité -**Tags :** `Programmation` `Raisonnement` `Open-Source` `Mathématiques` `Rapide` +**Tags :** `Vision` `Agent` `Grand Contexte` `Multimodal` `Vidéo` `OCR` **Cas d'usage :** -- Génération de code dans plus de 15 langages avec optimisation des performances -- Débogage et refactoring de bases de code existantes avec analyse d'impact -- Implémentation d'algorithmes complexes (graphes, arbres, heuristiques) -- Création automatisée de tests unitaires avec couverture de code > 80% -- Transposition de code entre langagesframeworks (par exemple Python vers JavaScript) +- Analyse approfondie de vidéos longues et surveillance intelligente +- Extraction de données structurées complexes (documents, tableaux, graphiques) +- Assistants visuels avancés avec compréhension spatiale +- Raisonnement multimodal sur des séquences d'événements --- -### granite3.2-vision:2b -**IBM • 2B paramètres • Contexte : 16 384 tokens** +### qwen3-vl:32b +**Qwen Team • 32B paramètres • Contexte : 250,000 tokens** -Modèle compact révolutionnaire d'IBM spécialisé dans la vision par ordinateur, capable d'analyser et comprendre directement les documents visuels sans recourir à des technologies OCR intermédiaires. +Variante haute performance de Qwen3-VL, optimisée pour les tâches de vision les plus exigeantes. -**Spécifications techniques :** -- **Vitesse** : 88 tokens/seconde tokens/seconde -- **Consommation** : 0.38 kWh/million tokens 🌱 -- **Licence** : Apache 2.0 +**Spécifications techniques:** +- **Vitesse** : 17 tokens/seconde +- **Consommation** : 7.84 kWh/million tokens +- **Licence** : [Apache 2.0](./licences/apache_2.0.licence.md) - **Localisation** : FR 🇫🇷 -**Capacités :** -✅ Outils/Agent • ✅ Vision • ❌ Raisonnement • ✅ Sécurité +**Capacités:** +✅ Outils/Agent • ✅ Vision • ❌ Raisonnement • ❌ Sécurité -**Tags :** `Vision` `Sécurité` `Compact` `Efficient` +**Tags :** `Vision` `Agent` `Grand Contexte` `Multimodal` `Vidéo` `OCR` **Cas d'usage :** -- Extraction de données structurées à partir de factures et formulaires sans OCR -- Analyse directe de tableaux et graphiques avec interprétation des tendances -- Lecture et interprétation de diagrammes techniques (électriques, mécaniques) -- Traitement de documents manuscrits avec taux de reconnaissance élevé -- Vision par ordinateur légère (2B paramètres) avec vitesse élevée (50 tokens/s) +- Analyse scientifique et technique d'images haute résolution +- Automatisation de processus visuels complexes +- Compréhension détaillée de scènes dynamiques --- -### granite3.3:8b -**IBM • 8B paramètres • Contexte : 60 000 tokens** +### qwen3:14b +**Qwen Team • 14B paramètres • Contexte : 131,072 tokens** -Modèle Granite 8B fine-tuné par IBM pour un raisonnement et un suivi d'instructions améliorés, avec un contexte de 128k tokens. +Modèle Qwen3 14B équilibré, offrant de solides performances générales avec une bonne vitesse d'inférence. -**Spécifications techniques :** -- **Vitesse** : 39 tokens/seconde tokens/seconde -- **Consommation** : 0.85 kWh/million tokens 🌱 -- **Licence** : Apache 2.0 +**Spécifications techniques:** +- **Vitesse** : 68.2 tokens/seconde +- **Consommation** : 0.90 kWh/million tokens +- **Licence** : [Apache 2.0](./licences/apache_2.0.licence.md) - **Localisation** : FR 🇫🇷 -**Capacités :** -✅ Outils/Agent • ❌ Vision • ✅ Raisonnement • ✅ Sécurité +**Capacités:** +✅ Outils/Agent • ❌ Vision • ❌ Raisonnement • ❌ Sécurité -**Tags :** `Agent` `Raisonnement` `Sécurité` `Efficient` +**Tags :** `Agent` `Polyvalent` `Multilingue` **Cas d'usage :** -- Tâches générales d'instruction-following (classification, extraction, Q&A) -- Assistants IA multilingues (12 langues) -- Traitement de documents très longs (128k tokens) pour les taches de résumés, Q&A,... -- Génération/complétion de code avec Fill-in-the-Middle -- Intégration avec des outils externes via function calling -- Raisonnement structuré avec le mode "Thinking" +- Assistants virtuels performants +- Génération de contenu de qualité +- Tâches de classification et d'extraction --- -### granite3.3:2b -**IBM • 2B paramètres • Contexte : 120 000 tokens** +## Modèles Spécialisés + +### bge-m3:567m +**BAAI • 567M paramètres • Contexte : 8,192 tokens** -Modèle Granite 2B fine-tuné par IBM, optimisé pour le raisonnement et le suivi d'instructions, avec un contexte de 128k tokens. +Modèle d'embedding multilingue de pointe (BGE-M3), offrant des capacités de recherche sémantique exceptionnelles sur plus de 100 langues. -**Spécifications techniques :** -- **Vitesse** : 88 tokens/seconde tokens/seconde -- **Consommation** : 0.38 kWh/million tokens 🌱 -- **Licence** : Apache 2.0 +**Spécifications techniques:** +- **Vitesse** : 171 tokens/seconde +- **Consommation** : 0.36 kWh/million tokens +- **Licence** : [MIT](./licences/mit.licence.md) - **Localisation** : FR 🇫🇷 -**Capacités :** -✅ Outils/Agent • ❌ Vision • ✅ Raisonnement • ✅ Sécurité +**Capacités:** +❌ Outils/Agent • ❌ Vision • ❌ Raisonnement • ❌ Sécurité -**Tags :** `Agent` `Raisonnement` `Sécurité` `Efficient` +**Tags :** `Embedding` `Multilingue` `Efficient` **Cas d'usage :** -- Déploiements légers avec grand contexte (128k tokens) -- Tâches générales d'instruction-following sur ressources limitées -- Assistants IA multilingues compacts -- Traitement de documents longs sur appareils moins puissants -- Génération/complétion de code FIM sur postes de travail standards +- Recherche sémantique multilingue +- Retrieval-Augmented Generation (RAG) +- Clustering et classification de documents --- -### magistral:24b -**Mistral AI • 24B paramètres • Contexte : 40 000 tokens** +### deepseek-ocr +**DeepSeek AI • 3B paramètres • Contexte : 8,192 tokens** -Le premier modèle de raisonnement de Mistral AI, excellant dans le raisonnement spécifique au domaine, transparent et multilingue. +Modèle OCR spécialisé de DeepSeek, conçu pour une extraction de texte haute précision avec préservation de la mise en forme. -**Spécifications techniques :** -- **Vitesse** : 29 tokens/seconde tokens/seconde -- **Consommation** : 4.59 kWh/million tokens -- **Licence** : Apache 2.0 +**Spécifications techniques:** +- **Vitesse** : 79 tokens/seconde +- **Consommation** : 1.01 kWh/million tokens +- **Licence** : [MIT licence](./licences/mit_licence.licence.md) - **Localisation** : FR 🇫🇷 -**Capacités :** -❌ Outils/Agent • ❌ Vision • ✅ Raisonnement • ✅ Sécurité +**Capacités:** +❌ Outils/Agent • ✅ Vision • ❌ Raisonnement • ❌ Sécurité -**Tags :** `Raisonnement` `Multilingue` +**Tags :** `Vision` `OCR` `Efficient` **Cas d'usage :** -- Stratégie et opérations commerciales (modélisation des risques) -- Industries réglementées (juridique, finance) avec raisonnement traçable -- Ingénierie logicielle (planification de projet, architecture) -- Création de contenu et communication (rédaction créative, narration) +- Extraction de texte structuré (Markdown/latex) depuis des images/PDF +- Numérisation de documents avec tableaux et formules complexes --- -### cogito:32b -**Deep Cogito • 32B paramètres • Contexte : 32 000 tokens** +### devstral-small-2:24b +**Mistral AI & All Hands AI • 24B paramètres • Contexte : 380,000 tokens** -Version avancée du modèle Cogito offrant des capacités de raisonnement et d'analyse considérablement amplifiées, conçue pour les applications les plus exigeantes en matière d'intelligence artificielle analytique. +Seconde itération de Devstral (Small 2), modèle agentique de pointe pour l'ingénierie logicielle, déployé sur Mac Studio avec un contexte massif. -**Spécifications techniques :** -- **Vitesse** : 37 tokens/seconde tokens/seconde -- **Consommation** : 7.13 kWh/million tokens -- **Licence** : LLAMA 3.2 Community Licence +**Spécifications techniques:** +- **Vitesse** : 23 tokens/seconde +- **Consommation** : 5.80 kWh/million tokens +- **Licence** : [Apache 2.0](./licences/apache_2.0.licence.md) - **Localisation** : FR 🇫🇷 -**Capacités :** -✅ Outils/Agent • ❌ Vision • ✅ Raisonnement • ❌ Sécurité +**Capacités:** +✅ Outils/Agent • ✅ Vision • ❌ Raisonnement • ✅ Sécurité -**Tags :** `Agent` `Raisonnement` `Compréhension` `Analyse` +**Tags :** `Agent` `Programmation` `Vision` `Open-Source` `Très Grand Contexte` **Cas d'usage :** -- Analyse de scénarios multi-factoriels avec évaluation probabiliste des résultats -- Résolution de problèmes scientifiques avec démonstration formelle des étapes -- Applications à haute criticité nécessitant précision et vérifiabilité des résultats -- Systèmes experts dans des domaines spécialisés (juridique, médical, technique) -- Analyse avec raisonnement multi-étapes et explicabilité complète des conclusions +- Agents de codage autonomes sur très grandes bases de code +- Modernisation de systèmes legacy +- Correction de bugs complexes nécessitant une vision globale du projet --- -### qwen3:32b -**Qwen Team • 32B paramètres • Contexte : 40 000 tokens** +### devstral:24b +**Mistral AI & All Hands AI • 24B paramètres • Contexte : 120,000 tokens** -Modèle puissant de la nouvelle génération Qwen3, offrant des capacités avancées en raisonnement, code, et agentique, avec un contexte étendu. +Devstral 24b est un LLM agentique spécialisé pour l'ingénierie logicielle, co-développé par Mistral AI et All Hands AI. -**Spécifications techniques :** -- **Vitesse** : 21 tokens/seconde tokens/seconde -- **Consommation** : 6.35 kWh/million tokens -- **Licence** : Apache 2.0 +**Spécifications techniques:** +- **Vitesse** : 44 tokens/seconde +- **Consommation** : 3.28 kWh/million tokens +- **Licence** : [Apache 2.0](./licences/apache_2.0.licence.md) - **Localisation** : FR 🇫🇷 -**Capacités :** -✅ Outils/Agent • ❌ Vision • ✅ Raisonnement • ❌ Sécurité +**Capacités:** +✅ Outils/Agent • ❌ Vision • ❌ Raisonnement • ✅ Sécurité -**Tags :** `Agent` `Raisonnement` `Multilingue` `Grand Contexte` +**Tags :** `Agent` `Programmation` `Open-Source` `Grand Contexte` `FP8` **Cas d'usage :** -- Agents conversationnels avancés avec grand contexte et intégration d'outils (MCP) -- Résolution de problèmes complexes (maths, code) avec mode "Thinking" -- Analyse et génération de documents volumineux -- Applications multilingues (>100 langues) nécessitant une compréhension profonde +- Exploration et modification de bases de code +- Agents autonomes d'ingénierie logicielle +- Refactoring et génération de code complexe --- -### qwq:32b -**Qwen Team • 32B paramètres • Contexte : 32 000 tokens** +### embeddinggemma:300m +**Google • 300M paramètres • Contexte : 2,048 tokens** -Modèle de 32 milliards de paramètres amélioré par apprentissage par renforcement (RL) pour exceller dans le raisonnement, le codage, les mathématiques et les tâches d'agent. +Modèle d'embedding de pointe de Google, optimisé pour sa taille, idéal pour les tâches de recherche et de récupération sémantique. -**Spécifications techniques :** -- **Vitesse** : 11 tokens/seconde tokens/seconde -- **Consommation** : 23.99 kWh/million tokens -- **Licence** : Apache 2.0 +**Spécifications techniques:** +- **Vitesse** : 175 tokens/seconde +- **Consommation** : 0.35 kWh/million tokens +- **Licence** : [Google Gemma Terms of Use](./licences/google_gemma_terms_of_use.licence.md) - **Localisation** : FR 🇫🇷 -**Capacités :** -✅ Outils/Agent • ❌ Vision • ✅ Raisonnement • ❌ Sécurité +**Capacités:** +❌ Outils/Agent • ❌ Vision • ❌ Raisonnement • ❌ Sécurité -**Tags :** `Agent` `Raisonnement` `Codage` `Mathématiques` +**Tags :** `Embedding` `Compact` `Sémantique` `Efficient` `Multilingue` **Cas d'usage :** -- Résolution de problèmes complexes nécessitant raisonnement et utilisation d'outils -- Génération et exécution de code avec vérification des résultats -- Tâches mathématiques avancées avec vérification de l'exactitude -- Applications d'agent capables d'interagir avec l'environnement -- Instruction following amélioré et alignement avec les préférences humaines +- Recherche et récupération d'informations (Retrieval) +- Classification et clustering de documents +- Recherche de similarité sémantique +- Déploiement sur des appareils à ressources limitées (mobile, laptop) --- -### deepseek-r1:14b -**DeepSeek AI • 14B paramètres • Contexte : 32 000 tokens** +### gemma3:1b +**Google • 1B paramètres • Contexte : 120,000 tokens** -Version compacte et efficiente du modèle DeepSeek-R1, offrant un excellent compromis entre performance et légèreté pour les déploiements nécessitant flexibilité et réactivité. +Micro-modèle Gemma 3, ultra-rapide et efficace. -**Spécifications techniques :** -- **Vitesse** : 23 tokens/seconde tokens/seconde ⚡ -- **Consommation** : 1.45 kWh/million tokens -- **Licence** : MIT licence +**Spécifications techniques:** +- **Vitesse** : 53 tokens/seconde +- **Consommation** : 1.15 kWh/million tokens +- **Licence** : [Google Gemma Terms of Use](./licences/google_gemma_terms_of_use.licence.md) - **Localisation** : FR 🇫🇷 -**Capacités :** -❌ Outils/Agent • ❌ Vision • ✅ Raisonnement • ❌ Sécurité +**Capacités:** +❌ Outils/Agent • ❌ Vision • ❌ Raisonnement • ❌ Sécurité -**Tags :** `Raisonnement` `Compact` `Polyvalent` `Rapide` +**Tags :** `Compact` `Efficient` `Edge` **Cas d'usage :** -- Applications généralistes avec besoins d'inférence rapide (44 tokens/s) -- Déploiements sur serveurs standard sans GPU spécialisé (14B paramètres) -- Traitement de texte avec analyse contextuelle et temps de réponse rapides -- Déploiement sur edge computing avec inférence locale optimisée -- Prototypage rapide d'applications IA avec temps d'itération court +- Classification de texte rapide +- Chatbots simples +- Prototypage rapide --- -### deepseek-r1:32b -**DeepSeek AI • 32B paramètres • Contexte : 32 000 tokens** +### gemma3:4b +**Google • 4B paramètres • Contexte : 120,000 tokens** -Version intermédiaire du modèle DeepSeek-R1 offrant un équilibre stratégique entre les capacités avancées de la version 70B et l'efficience de la version 14B, pour une polyvalence et performance optimales. +Modèle compact Gemma 3 4B, offrant un excellent ratio performance/taille. -**Spécifications techniques :** -- **Vitesse** : 20 tokens/seconde tokens/seconde -- **Consommation** : 13.18 kWh/million tokens -- **Licence** : MIT licence +**Spécifications techniques:** +- **Vitesse** : 48.0 tokens/seconde +- **Consommation** : 1.27 kWh/million tokens +- **Licence** : [Google Gemma Terms of Use](./licences/google_gemma_terms_of_use.licence.md) - **Localisation** : FR 🇫🇷 -**Capacités :** -❌ Outils/Agent • ❌ Vision • ✅ Raisonnement • ❌ Sécurité +**Capacités:** +❌ Outils/Agent • ❌ Vision • ❌ Raisonnement • ❌ Sécurité -**Tags :** `Raisonnement` `Polyvalent` +**Tags :** `Compact` `Efficient` `Edge` **Cas d'usage :** -- Applications nécessitant un bon équilibre puissance/coût (32B paramètres) -- Traitement de texte professionnel avec analyse des subtilités sémantiques -- Génération automatisée de rapports structurés à partir de données brutes -- Applications combinant analyse de données et génération de contenus -- Assistants spécialisés pour secteurs techniques (juridique, médical, technique) +- Assistants personnels sur laptop +- Résumé de texte +- Traduction légère --- -### cogito:3b -**Deep Cogito • 3B paramètres • Contexte : 32 000 tokens** +### gpt-oss:20b +**OpenAI • 20B paramètres • Contexte : 120,000 tokens** -Version compacte du modèle Cogito, optimisée pour le raisonnement sur des appareils à ressources limitées. +Modèle de langage open-weight d'OpenAI, optimisé pour l'efficacité et le déploiement sur du matériel grand public. -**Spécifications techniques :** -- **Vitesse** : 78 tokens/seconde tokens/seconde ⚡ -- **Consommation** : 0.43 kWh/million tokens 🌱 -- **Licence** : LLAMA 3.2 Community Licence +**Spécifications techniques:** +- **Vitesse** : 9 tokens/seconde +- **Consommation** : 14.81 kWh/million tokens +- **Licence** : [Apache 2.0](./licences/apache_2.0.licence.md) - **Localisation** : FR 🇫🇷 -**Capacités :** +**Capacités:** ✅ Outils/Agent • ❌ Vision • ✅ Raisonnement • ❌ Sécurité -**Tags :** `Raisonnement` `Compact` `Embarqué` `Efficient` `Rapide` +**Tags :** `MoE` `Agent` `Raisonnement` `Open-Source` `Compact` `Rapide` + +**Cas d'usage :** +- Déploiements sur des appareils à ressources limitées (edge devices) ou des serveurs à faible coût. +- Applications nécessitant une inférence rapide avec de bonnes capacités de raisonnement. +- Cas d'usage agentiques avec appel de fonctions, navigation web et exécution de code. +- Fine-tuning pour des tâches spécialisées sur du matériel grand public. --- ### granite-embedding:278m -**IBM • 278M paramètres • Contexte : 512 tokens** +**IBM • 278M paramètres • Contexte : 8,192 tokens** -Modèle d'embedding ultra-léger d'IBM pour la recherche sémantique et la classification. +Modèle d'embedding IBM Granite ultra-compact, conçu pour une efficacité maximale. -**Spécifications techniques :** -- **Licence** : Apache 2.0 +**Spécifications techniques:** +- **Vitesse** : 196.3 tokens/seconde +- **Consommation** : 0.31 kWh/million tokens +- **Licence** : [Apache 2.0](./licences/apache_2.0.licence.md) - **Localisation** : FR 🇫🇷 -**Capacités :** +**Capacités:** ❌ Outils/Agent • ❌ Vision • ❌ Raisonnement • ❌ Sécurité -**Tags :** `Embedding` `Compact` `Sémantique` `Efficient` +**Tags :** `Embedding` `Compact` `Efficient` + +**Cas d'usage :** +- Recherche sémantique +- Clustering de documents --- -### granite3-guardian:2b -**IBM • 2B paramètres • Contexte : 8 192 tokens** +### granite4-small-h:32b +**IBM • 32B (9B actifs) paramètres • Contexte : 128,000 tokens** -Modèle compact d'IBM spécialisé dans la sécurité et la conformité, détectant les risques et les contenus inappropriés. +Modèle MoE (Mixture-of-Experts) d'IBM, conçu comme un "cheval de bataille" pour les tâches d'entreprise quotidiennes, avec une excellente efficacité pour les longs contextes. -**Spécifications techniques :** -- **Licence** : Apache 2.0 +**Spécifications techniques:** +- **Vitesse** : 33 tokens/seconde +- **Consommation** : 4.04 kWh/million tokens +- **Licence** : [Apache 2.0](./licences/apache_2.0.licence.md) - **Localisation** : FR 🇫🇷 -**Capacités :** -❌ Outils/Agent • ❌ Vision • ❌ Raisonnement • ✅ Sécurité +**Capacités:** +✅ Outils/Agent • ❌ Vision • ✅ Raisonnement • ✅ Sécurité -**Tags :** `Sécurité` `Conformité` `Compact` `Filtrage` `Efficient` +**Tags :** `Agent` `Raisonnement` `Sécurité` `MoE` `Grand Contexte` `Efficient` + +**Cas d'usage :** +- Agents conversationnels pour le support client avec accès à des bases de connaissances étendues. +- Automatisation de workflows d'entreprise nécessitant l'utilisation de plusieurs outils. +- Analyse de documents longs avec une consommation de ressources optimisée. +- Déploiements sur des infrastructures de taille moyenne grâce à son efficacité. --- -### granite3-guardian:8b -**IBM • 8B paramètres • Contexte : 32 000 tokens** +### granite4-tiny-h:7b +**IBM • 7B (1B actif) paramètres • Contexte : 128,000 tokens** -Modèle d'IBM spécialisé dans la sécurité et la conformité, offrant des capacités avancées de détection des risques. +Modèle MoE hybride ultra-efficace d'IBM, conçu pour la faible latence, les applications "edge" et locales, et comme brique de base pour les workflows agentiques. -**Spécifications techniques :** -- **Licence** : Apache 2.0 +**Spécifications techniques:** +- **Vitesse** : 58 tokens/seconde +- **Consommation** : 1.05 kWh/million tokens +- **Licence** : [Apache 2.0](./licences/apache_2.0.licence.md) - **Localisation** : FR 🇫🇷 -**Capacités :** -❌ Outils/Agent • ❌ Vision • ❌ Raisonnement • ✅ Sécurité +**Capacités:** +✅ Outils/Agent • ❌ Vision • ✅ Raisonnement • ✅ Sécurité + +**Tags :** `Agent` `Raisonnement` `Sécurité` `MoE` `Grand Contexte` `Efficient` `Rapide` `Compact` -**Tags :** `Sécurité` `Conformité` `Filtrage` +**Cas d'usage :** +- Applications embarquées et "edge" nécessitant une faible latence. +- Tâches rapides au sein de workflows agentiques plus larges (ex : function calling). +- Analyse de documents sur du matériel grand public. +- Déploiements nécessitant une empreinte mémoire minimale. --- -### qwen3:0.6b -**Qwen Team • 0.6B paramètres • Contexte : 32 000 tokens** +### medgemma:27b +**Google • 27B paramètres • Contexte : 128,000 tokens** -Modèle compact et efficace de la famille Qwen3, adapté aux tâches générales sur ressources limitées. +MedGemma est un modèle ouvert parmis les plus performants de Google pour la compréhension de textes et d'images médicales, basés sur Gemma 3. -**Spécifications techniques :** -- **Vitesse** : 28 tokens/seconde tokens/seconde ⚡ -- **Consommation** : 0.6 kWh/million tokens 🌱 -- **Licence** : Apache 2.0 +**Spécifications techniques:** +- **Vitesse** : 22 tokens/seconde +- **Consommation** : 6.56 kWh/million tokens +- **Licence** : [Google Gemma Terms of Use](./licences/google_gemma_terms_of_use.licence.md) - **Localisation** : FR 🇫🇷 -**Capacités :** -✅ Outils/Agent • ❌ Vision • ❌ Raisonnement • ❌ Sécurité +**Capacités:** +✅ Outils/Agent • ✅ Vision • ❌ Raisonnement • ❌ Sécurité + +**Tags :** `Médical` `Vision` `Spécialisé` `Grand Contexte` -**Tags :** `Compact` `Rapide` `Polyvalent` `Efficient` +**Cas d'usage :** +- Interprétation d'images médicales (Génération de rapports et VQA) +- Compréhension de textes médicaux et raisonnement clinique (Aide à la décision) +- Interaction patient (Entretien et triage médical) +- Synthèse de dossiers médicaux et recherche dans la littérature --- -### qwen3:1.7b -**Qwen Team • 1.7B paramètres • Contexte : 32 000 tokens** +### ministral-3:3b +**Mistral AI • 3B paramètres • Contexte : 250,000 tokens** -Modèle très compact de la famille Qwen3, offrant un bon équilibre performance/taille pour les déploiements légers. +Modèle compact de pointe de Mistral AI, conçu pour l'efficacité sur les déploiements locaux et edge. -**Spécifications techniques :** -- **Vitesse** : 46 tokens/seconde tokens/seconde ⚡ -- **Consommation** : 0.73 kWh/million tokens 🌱 -- **Licence** : Apache 2.0 +**Spécifications techniques:** +- **Vitesse** : 50 tokens/seconde +- **Consommation** : 1.22 kWh/million tokens +- **Licence** : [Apache 2.0](./licences/apache_2.0.licence.md) - **Localisation** : FR 🇫🇷 -**Capacités :** +**Capacités:** ✅ Outils/Agent • ❌ Vision • ❌ Raisonnement • ❌ Sécurité -**Tags :** `Compact` `Rapide` `Embarqué` `Efficient` +**Tags :** `Compact` `Efficient` `Edge` + +**Cas d'usage :** +- Inférence locale sur appareils mobiles ou edge devices +- Assistants personnels réactifs +- Tâches de routage et classification rapides --- -### qwen3:4b -**Qwen Team • 4B paramètres • Contexte : 32 000 tokens** +### ministral-3:8b +**Mistral AI • 8B paramètres • Contexte : 250,000 tokens** -Modèle compact de la famille Qwen3 offrant d'excellentes performances dans un format léger et économique. +Modèle de taille intermédiaire de la famille Ministral, offrant un équilibre optimal entre performance et ressources. -**Spécifications techniques :** -- **Vitesse** : 29 tokens/seconde tokens/seconde -- **Consommation** : 1.15 kWh/million tokens 🌱 -- **Licence** : Apache 2.0 +**Spécifications techniques:** +- **Vitesse** : 55 tokens/seconde +- **Consommation** : 2.42 kWh/million tokens +- **Licence** : [Apache 2.0](./licences/apache_2.0.licence.md) - **Localisation** : FR 🇫🇷 -**Capacités :** -✅ Outils/Agent • ❌ Vision • ❌ Raisonnement • ❌ Sécurité +**Capacités:** +✅ Outils/Agent • ❌ Vision • ✅ Raisonnement • ❌ Sécurité -**Tags :** `Compact` `Efficient` +**Tags :** `Efficient` `Edge` `Raisonnement` + +**Cas d'usage :** +- Assistants conversationnels avancés en local +- Analyse de documents et extraction d'informations +- Tâches nécessitant un bon compromis vitesse/qualité + +--- + +### mistral-small3.2:24b +**Mistral AI • 24B paramètres • Contexte : 128,000 tokens** + +Mise à jour mineure de Mistral Small 3.1, améliorant le suivi d'instructions, la robustesse du function calling et réduisant les erreurs de répétition. + +**Spécifications techniques:** +- **Vitesse** : 27 tokens/seconde +- **Consommation** : 5.35 kWh/million tokens +- **Licence** : [Apache 2.0](./licences/apache_2.0.licence.md) +- **Localisation** : FR 🇫🇷 + +**Capacités:** +✅ Outils/Agent • ✅ Vision • ❌ Raisonnement • ✅ Sécurité + +**Tags :** `Vision` `Agent` `Sécurité` `Instruction Following` + +**Cas d'usage :** +- Agents conversationnels avec un suivi d'instructions amélioré +- Intégration robuste avec des outils externes via function calling +- Applications nécessitant une grande fiabilité pour éviter les répétitions +- Cas d'usage identiques à Mistral Small 3.1 avec des performances accrues --- ### qwen3-2507-think:4b -**Qwen Team • 4B paramètres • Contexte : 250 000 tokens** +**Qwen Team • 4B paramètres • Contexte : 250,000 tokens** Modèle Qwen3-4B optimisé pour le raisonnement, avec des performances améliorées sur les tâches logiques, les mathématiques, la science et le code, et un contexte étendu à 250K tokens. -**Spécifications techniques :** -- **Vitesse** : 77 tokens/seconde tokens/seconde ⚡ -- **Consommation** : 1.73 kWh/million tokens -- **Licence** : Apache 2.0 +**Spécifications techniques:** +- **Vitesse** : 52 tokens/seconde +- **Consommation** : 2.56 kWh/million tokens +- **Licence** : [Apache 2.0](./licences/apache_2.0.licence.md) - **Localisation** : FR 🇫🇷 -**Capacités :** +**Capacités:** ✅ Outils/Agent • ❌ Vision • ✅ Raisonnement • ❌ Sécurité **Tags :** `Agent` `Raisonnement` `Grand Contexte` `Compact` `Rapide` @@ -810,17 +831,17 @@ Modèle Qwen3-4B optimisé pour le raisonnement, avec des performances amélior --- ### qwen3-2507:4b -**Qwen Team • 4B paramètres • Contexte : 250 000 tokens** +**Qwen Team • 4B paramètres • Contexte : 250,000 tokens** Version mise à jour du mode non-pensée de Qwen3-4B, avec des améliorations significatives des capacités générales, une couverture de connaissances étendue et un meilleur alignement avec les préférences des utilisateurs. -**Spécifications techniques :** -- **Vitesse** : 69 tokens/seconde tokens/seconde ⚡ -- **Consommation** : 1.93 kWh/million tokens -- **Licence** : Apache 2.0 +**Spécifications techniques:** +- **Vitesse** : 30 tokens/seconde +- **Consommation** : 4.44 kWh/million tokens +- **Licence** : [Apache 2.0](./licences/apache_2.0.licence.md) - **Localisation** : FR 🇫🇷 -**Capacités :** +**Capacités:** ✅ Outils/Agent • ❌ Vision • ❌ Raisonnement • ❌ Sécurité **Tags :** `Agent` `Grand Contexte` `Compact` `Rapide` `Multilingue` @@ -833,177 +854,174 @@ Version mise à jour du mode non-pensée de Qwen3-4B, avec des améliorations si --- -### qwen3:8b -**Qwen Team • 8B paramètres • Contexte : 32 000 tokens** +### qwen3-embedding:0.6b +**Qwen Team • 0.6B paramètres • Contexte : 32,768 tokens** -Modèle Qwen3 8B offrant un bon équilibre entre performance et efficacité pour les tâches générales. +Modèle d'embedding Qwen3 ultra-léger, optimisé pour la vitesse et l'efficacité sur les infrastructures à ressources limitées. -**Spécifications techniques :** -- **Vitesse** : 18 tokens/seconde tokens/seconde -- **Consommation** : 1.85 kWh/million tokens 🌱 -- **Licence** : Apache 2.0 +**Spécifications techniques:** +- **Vitesse** : N/A +- **Consommation** : 0.57 kWh/million tokens +- **Licence** : [Apache 2.0](./licences/apache_2.0.licence.md) - **Localisation** : FR 🇫🇷 -**Capacités :** -✅ Outils/Agent • ❌ Vision • ✅ Raisonnement • ❌ Sécurité - -**Tags :** `Raisonnement` `Agent` `Multilingue` `Efficient` - ---- - -### qwen2.5vl:3b -**Qwen Team • 3.8B paramètres • Contexte : 128 000 tokens** - -Modèle Vision-Langage compact, solution performante pour l'IA en périphérie (edge AI). +**Capacités:** +❌ Outils/Agent • ❌ Vision • ❌ Raisonnement • ❌ Sécurité -**Spécifications techniques :** -- **Vitesse** : 73 tokens/seconde tokens/seconde ⚡ -- **Consommation** : 0.45 kWh/million tokens 🌱 -- **Licence** : Apache 2.0 -- **Localisation** : FR 🇫🇷 +**Tags :** `Embedding` `Compact` `Efficient` -**Capacités :** -✅ Outils/Agent • ✅ Vision • ✅ Raisonnement • ❌ Sécurité - -**Tags :** `Vision` `Agent` `Raisonnement` `Rapide` `Efficient` `OCR` `Localisation Visuelle` `Edge AI` +**Cas d'usage :** +- Recherche sémantique rapide +- Classification de texte en temps réel --- -### qwen2.5vl:7b -**Qwen Team • 7B (8.3B) paramètres • Contexte : 128 000 tokens** +### qwen3-embedding:4b +**Qwen Team • 4B paramètres • Contexte : 40,000 tokens** -Modèle Vision-Langage performant, surpassant GPT-4o-mini sur certaines tâches. +Modèle d'embedding Qwen3-4B ultra-performant, offrant une compréhension sémantique profonde et une fenêtre de contexte étendue. -**Spécifications techniques :** -- **Vitesse** : 48 tokens/seconde tokens/seconde -- **Consommation** : 0.69 kWh/million tokens 🌱 -- **Licence** : Apache 2.0 +**Spécifications techniques:** +- **Vitesse** : N/A +- **Consommation** : 0.57 kWh/million tokens +- **Licence** : [Apache 2.0](./licences/apache_2.0.licence.md) - **Localisation** : FR 🇫🇷 -**Capacités :** -✅ Outils/Agent • ✅ Vision • ✅ Raisonnement • ❌ Sécurité +**Capacités:** +❌ Outils/Agent • ❌ Vision • ❌ Raisonnement • ❌ Sécurité -**Tags :** `Vision` `Agent` `Raisonnement` `Efficient` `OCR` `Localisation Visuelle` +**Tags :** `Embedding` `Grand Contexte` `Efficient` + +**Cas d'usage :** +- Recherche sémantique sur documents longs +- RAG avec fenêtres de contexte étendues +- Analyse sémantique de précision --- -### devstral:24b -**Mistral AI & All Hands AI • 24B paramètres • Contexte : 100 000 tokens** +### qwen3-vl:2b +**Qwen Team • 2B paramètres • Contexte : 250,000 tokens** -Devstral est un LLM agentique pour les tâches d'ingénierie logicielle. +Modèle multimodal ultra-compact Qwen3-VL, apportant des capacités de vision avancées sur edge devices. -**Spécifications techniques :** -- **Vitesse** : 50 tokens/seconde tokens/seconde -- **Consommation** : 5.27 kWh/million tokens -- **Licence** : Apache 2.0 +**Spécifications techniques:** +- **Vitesse** : 64 tokens/seconde +- **Consommation** : 0.95 kWh/million tokens +- **Licence** : [Apache 2.0](./licences/apache_2.0.licence.md) - **Localisation** : FR 🇫🇷 -**Capacités :** -✅ Outils/Agent • ❌ Vision • ❌ Raisonnement • ✅ Sécurité +**Capacités:** +✅ Outils/Agent • ✅ Vision • ❌ Raisonnement • ❌ Sécurité -**Tags :** `Agent` `Programmation` `Open-Source` `Grand Contexte` +**Tags :** `Vision` `Compact` `Efficient` `Multimodal` `Edge` `OCR` **Cas d'usage :** -- Exploration et modification de bases de code -- Agentic -- Européen +- Analyse d'images en temps réel sur appareils mobiles +- OCR et lecture de documents légers +- Tri et classification visuelle rapide --- -### cogito:8b -**Deep Cogito • 8B paramètres • Contexte : 32 000 tokens** +### qwen3-vl:4b +**Qwen Team • 4B paramètres • Contexte : 250,000 tokens** -Modèle de taille intermédiaire de la famille Cogito, offrant un bon équilibre entre les capacités de raisonnement et l'efficacité. +Modèle multimodal Qwen3-VL équilibré, offrant de solides performances de vision avec une empreinte réduite. -**Spécifications techniques :** -- **Vitesse** : 43 tokens/seconde tokens/seconde -- **Consommation** : 0.77 kWh/million tokens 🌱 -- **Licence** : LLAMA 3.2 Community Licence +**Spécifications techniques:** +- **Vitesse** : 57 tokens/seconde +- **Consommation** : 2.34 kWh/million tokens +- **Licence** : [Apache 2.0](./licences/apache_2.0.licence.md) - **Localisation** : FR 🇫🇷 -**Capacités :** -✅ Outils/Agent • ❌ Vision • ✅ Raisonnement • ❌ Sécurité +**Capacités:** +✅ Outils/Agent • ✅ Vision • ❌ Raisonnement • ❌ Sécurité -**Tags :** `Agent` `Raisonnement` `Polyvalent` `Efficient` +**Tags :** `Vision` `Compact` `Multimodal` `Efficient` `Vidéo` `OCR` + +**Cas d'usage :** +- Analyse documentaire automatisée (factures, formulaires) +- Compréhension de contenu vidéo +- Assistants visuels interactifs --- -### granite4-small-h:32b -**IBM • 32B (9B actifs) paramètres • Contexte : 128 000 tokens** +### qwen3-vl:8b +**Qwen Team • 8B paramètres • Contexte : 250,000 tokens** -Modèle MoE (Mixture-of-Experts) d'IBM, conçu comme un "cheval de bataille" pour les tâches d'entreprise quotidiennes, avec une excellente efficacité pour les longs contextes. +Modèle multimodal Qwen3-VL (8B), offrant des performances de vision avancées avec une empreinte raisonnable. -**Spécifications techniques :** -- **Vitesse** : 28 tokens/seconde tokens/seconde -- **Consommation** : 1.19 kWh/million tokens 🌱 -- **Licence** : Apache 2.0 +**Spécifications techniques:** +- **Vitesse** : 44 tokens/seconde +- **Consommation** : 3.03 kWh/million tokens +- **Licence** : [Apache 2.0](./licences/apache_2.0.licence.md) - **Localisation** : FR 🇫🇷 -**Capacités :** -✅ Outils/Agent • ❌ Vision • ✅ Raisonnement • ✅ Sécurité +**Capacités:** +✅ Outils/Agent • ✅ Vision • ❌ Raisonnement • ❌ Sécurité -**Tags :** `Agent` `Raisonnement` `Sécurité` `MoE` `Grand Contexte` `Efficient` +**Tags :** `Vision` `Compact` `Multimodal` `Efficient` `Vidéo` `OCR` **Cas d'usage :** -- Agents conversationnels pour le support client avec accès à des bases de connaissances étendues. -- Automatisation de workflows d'entreprise nécessitant l'utilisation de plusieurs outils. -- Analyse de documents longs avec une consommation de ressources optimisée. -- Déploiements sur des infrastructures de taille moyenne grâce à son efficacité. +- Analyse documentaire automatisée +- Compréhension de contenu vidéo +- Assistants visuels interactifs --- -### granite4-tiny-h:7b -**IBM • 7B (1B actif) paramètres • Contexte : 128 000 tokens** +### qwen3:0.6b +**Qwen Team • 0.6B paramètres • Contexte : 40,000 tokens** -Modèle MoE hybride ultra-efficace d'IBM, conçu pour la faible latence, les applications "edge" et locales, et comme brique de base pour les workflows agentiques. +Modèle Qwen3 ultra-léger de 0.6 milliard de paramètres, offrant une vitesse d'inférence exceptionnelle pour les tâches simples et rapides. -**Spécifications techniques :** -- **Vitesse** : 77 tokens/seconde tokens/seconde ⚡ -- **Consommation** : 0.43 kWh/million tokens 🌱 -- **Licence** : Apache 2.0 +**Spécifications techniques:** +- **Vitesse** : 46 tokens/seconde +- **Consommation** : 1.33 kWh/million tokens +- **Licence** : [Apache 2.0](./licences/apache_2.0.licence.md) - **Localisation** : FR 🇫🇷 -**Capacités :** -✅ Outils/Agent • ❌ Vision • ✅ Raisonnement • ✅ Sécurité +**Capacités:** +✅ Outils/Agent • ❌ Vision • ❌ Raisonnement • ❌ Sécurité -**Tags :** `Agent` `Raisonnement` `Sécurité` `MoE` `Grand Contexte` `Efficient` `Rapide` `Compact` +**Tags :** `Compact` `Rapide` `Efficient` `Multilingue` **Cas d'usage :** -- Applications embarquées et "edge" nécessitant une faible latence. -- Tâches rapides au sein de workflows agentiques plus larges (ex: function calling). -- Analyse de documents sur du matériel grand public. -- Déploiements nécessitant une empreinte mémoire minimale. +- Tâches de traitement de texte simples +- Classification et tri rapide +- Assistants légers avec faible latence --- -### deepseek-ocr -**DeepSeek AI • 3B paramètres • Contexte : 8 192 tokens** +### rnj-1:8b +**Essential AI • 8B paramètres • Contexte : 32,000 tokens** -Modèle OCR spécialisé de DeepSeek, conçu pour une extraction de texte haute précision avec préservation de la mise en forme. +Modèle 8B "Open Weight" spécialisé dans le code, les mathématiques et les sciences (STEM). -**Spécifications techniques :** -- **Vitesse** : 120 tokens/seconde tokens/seconde ⚡ -- **Consommation** : 0.16 kWh/million tokens 🌱 -- **Licence** : MIT licence +**Spécifications techniques:** +- **Vitesse** : 31 tokens/seconde +- **Consommation** : 1.97 kWh/million tokens +- **Licence** : [Open Weights](./licences/open_weights.licence.md) - **Localisation** : FR 🇫🇷 -**Capacités :** -❌ Outils/Agent • ✅ Vision • ❌ Raisonnement • ❌ Sécurité +**Capacités:** +❌ Outils/Agent • ❌ Vision • ✅ Raisonnement • ❌ Sécurité -**Tags :** `Vision` `OCR` `Efficient` +**Tags :** `Code` `Maths` `STEM` `Raisonnement` `Efficient` **Cas d'usage :** -- Extraction de texte structuré (Markdown/latex) depuis des images/PDF -- Numérisation de documents avec tableaux et formules complexes +- Assistant de programmation avancé et génération de code +- Résolution de problèmes mathématiques complexes +- Tâches scientifiques et techniques (STEM) --- ## Cas d'Usage Recommandés ### Dialogue multilingue + Chatbots et assistants capables de communiquer dans plusieurs langues avec détection automatique, maintien du contexte sur l'ensemble de la conversation et compréhension des spécificités linguistiques -**Modèles recommandés :** +**Modèles recommandés:** + - Llama 3.3 - Mistral Small 3.2 - Qwen 3 @@ -1011,47 +1029,56 @@ Chatbots et assistants capables de communiquer dans plusieurs langues avec déte - Granite 4 ### Analyse de documents longs + Traitement de documents volumineux (>100 pages) avec maintien du contexte sur l'ensemble du texte, extraction d'informations clés, génération de résumés pertinents et réponse à des questions spécifiques sur le contenu -**Modèles recommandés :** +**Modèles recommandés:** + - Gemma 3 - Qwen next - Qwen 3 - Granite 4 ### Programmation et développement + Génération et optimisation de code dans multiples langages, débogage, refactoring, développement de fonctionnalités complètes, compréhension des implémentations algorithmiques complexes et création de tests unitaires -**Modèles recommandés :** +**Modèles recommandés:** + - DeepCoder - Qwen3 coder - Granite 4 - Devstral ### Analyse visuelle + Traitement direct d'images et documents visuels sans pré-traitement OCR, interprétation de diagrammes techniques, graphiques, tableaux, dessins et photos avec génération d'explications textuelles détaillées du contenu visuel -**Modèles recommandés :** +**Modèles recommandés:** + - deepseek-OCR - Mistral Small 3.2 - Gemma 3 -- Qwen2.5-VL +- Qwen 3 VL ### Sécurité et conformité + Applications nécessitant des capacités spécifiques en matière de sécurité ; filtrage de contenu sensible, traçabilité des raisonnements, vérification RGPD/HDS, minimisation des risques, analyse des vulnérabilités et respect des réglementations sectorielles -**Modèles recommandés :** +**Modèles recommandés:** + - Granite Guardian - Granite 4 - Devstral - Mistral Small 3.2 -- Magistral 24b +- Magistral small ### Déploiements légers et embarqués + Applications nécessitant une empreinte minimale en ressources, déploiement sur appareils à capacité limitée, inférence en temps réel sur CPU standard et intégration dans des systèmes embarqués ou IoT -**Modèles recommandés :** -- Gemma 3 -- Granite Guardian +**Modèles recommandés:** + +- Gemma 3n - Granite 4 tiny -- DeepSeek-OCR +- Qwen 3 VL (2B) diff --git a/docs/managed_kubernetes/managed_kubernetes.md b/docs/managed_kubernetes/managed_kubernetes.md index c18972b6..a74c06ab 100644 --- a/docs/managed_kubernetes/managed_kubernetes.md +++ b/docs/managed_kubernetes/managed_kubernetes.md @@ -22,19 +22,21 @@ title: Vue d'ensemble -Managed Kubernetes by Cloud Temple est une solution d’orchestration de conteneurs basée sur des produits OpenSources et conçue pour offrir un haut niveau de sécurité, de résilience et d’automatisation sur les plateformes SecNumcloud de Cloud Temple. Chaque cluster est déployé dans un environnement IaaS Cloud-Temple OpenIaaS entièrement dédié au client. +Managed Kubernetes by Cloud Temple est une solution d’orchestration de conteneurs basée sur des produits OpenSources et conçue pour offrir un haut niveau de sécurité, de résilience et d’automatisation sur les plateformes SecNumcloud de Cloud Temple. Chaque cluster est déployé dans un environnement IaaS Cloud-Temple OpenIaaS entièrement dédié au client. -Cette offre est conçue pour les experts Kubernetes et les adeptes de l'open source qui recherchent une solution native, portable, sans surcouche constructeur, sur un OS minimaliste et immuable conçu pour l’automatisation et la sécurité. +Cette offre est conçue pour les équipes ayant une bonne connaissance de Kubernetes et les adeptes de l'open source qui recherchent une solution native, portable, sans surcouche constructeur, sur un OS minimaliste et immuable conçu pour l’automatisation et la sécurité. ### Bénéfices Clés + - **Souveraineté et Réversibilité** : La solution s'appuie sur des standards open source (Kubernetes CNCF) pour éviter toute dépendance technologique et garantir la portabilité de vos applications. L'outil de sauvegarde Veeam Kasten, inclus dans l'offre, est spécialement conçu pour faciliter les migrations d'un cloud à un autre. - **Sécurité "Zero-Trust" et Gouvernance** : L'architecture repose sur Talos OS, un système d'exploitation immuable sans accès direct (ni shell, ni SSH), ce qui réduit drastiquement la surface d'attaque. Cette approche est couplée à des outils de gouvernance comme Kyverno pour la gestion des politiques et Capsule pour la gestion fine des droits, constituant une base solide pour une stratégie de sécurité "Zero-Trust". -- **Maîtrise des Coûts et Intégration** : La solution intègre nativement des outils de FinOps comme OpenCost pour un suivi précis des consommations. Le modèle économique est transparent, basé sur les ressources IaaS consommées, et l'utilisation de composants open source reconnus (Cilium, Ceph, ArgoCD) facilite l'intégration dans vos écosystèmes existants. +- **Maîtrse des Coûts et Intégration** : La solution intègre nativement des outils de FinOps comme OpenCost pour un suivi précis des consommations. Le modèle économique est transparent, basé sur les ressources IaaS consommées, et l'utilisation de composants open source reconnus (Cilium, Ceph, ArgoCD) facilite l'intégration dans vos écosystèmes existants. ### Une plateforme complète et prête à l'emploi + La solution inclut nativement une stack complète et cohérente d'outils open source de pointe pour couvrir tous les besoins du cycle de vie applicatif : -- **Réseau et Sécurité** : Cilium, Hubble, Kyverno, Capsule +- **Réseau et Sécurité** : Cilium, Hubble, MetalLB, Ingress Nginx, Kyverno, Capsule - **Stockage** : Rook-Ceph - **Déploiement Continu (GitOps)** : ArgoCD - **Observabilité** : Prometheus, Grafana, Loki @@ -70,6 +72,7 @@ Conçue pour la production et les applications critiques, cette architecture dis - **Haute Disponibilité** : 3 nœuds Control Plane répartis sur 3 AZ. - **Stockage Dédié** : 3 nœuds de stockage dédiés et répartis pour la performance et la résilience. - **Workers Répartis** : Au minimum 3 nœuds workers, un par AZ. + - **Nœuds Bare Metal (Optionnel)** : Intégration possible de nœuds workers de type **"Bare Metal"** pour des besoins de performance spécifiques, notamment le **support des GPU**. - **SLA de 99.90%**. Architecture Multi-AZ @@ -77,6 +80,7 @@ Conçue pour la production et les applications critiques, cette architecture dis --- ### Composants techniques détaillés + L'offre inclus en détail les composants suivants: - CNI Cillium, avec interface d'observabilité (Hubble) diff --git a/docs/managed_kubernetes/tutorials/images/kubecostsallocations.png b/docs/managed_kubernetes/tutorials/images/kubecostsallocations.png deleted file mode 100644 index 3003d03b..00000000 Binary files a/docs/managed_kubernetes/tutorials/images/kubecostsallocations.png and /dev/null differ diff --git a/docs/managed_kubernetes/tutorials/images/nvidiasmi.png b/docs/managed_kubernetes/tutorials/images/nvidiasmi.png new file mode 100644 index 00000000..54abb537 Binary files /dev/null and b/docs/managed_kubernetes/tutorials/images/nvidiasmi.png differ diff --git a/docs/managed_kubernetes/tutorials/images/opencostgrafana.png b/docs/managed_kubernetes/tutorials/images/opencostgrafana.png new file mode 100644 index 00000000..3e3000d1 Binary files /dev/null and b/docs/managed_kubernetes/tutorials/images/opencostgrafana.png differ diff --git a/docs/managed_kubernetes/tutorials/usinggpu.md b/docs/managed_kubernetes/tutorials/usinggpu.md new file mode 100644 index 00000000..3a885f02 --- /dev/null +++ b/docs/managed_kubernetes/tutorials/usinggpu.md @@ -0,0 +1,57 @@ +--- +title: Utiliser un GPU nVidia +--- + +import nvidiasmi from './images/nvidiasmi.png' + +# Utiliser un GPU sur Managed Kubernetes + +Ce tutoriel vous montre comment déployer un pod qui utilise une ressource GPU sur un cluster Managed Kubernetes configuré avec des nœuds "Bare Metal" équipés de GPU NVIDIA. + +## Prérequis + +- Un cluster Managed Kubernetes avec au moins un nœd worker de type "Bare Metal" avec GPU. + +## Manifeste de Pod d'exemple + +Voici un exemple de manifeste de pod qui exécute la commande `nvidia-smi` pour vérifier la présence et l'état de la carte GPU. + +```yaml +apiVersion: v1 +kind: Pod +metadata: + name: nvidia-cuda-check +spec: + runtimeClassName: nvidia # Clé pour Talos NVIDIA + restartPolicy: Never + containers: + - name: nvidia-version-check + image: "nvidia/cuda:13.1.0-devel-ubuntu24.04" + imagePullPolicy: Always + command: ["nvidia-smi"] +``` + +### Explication du Manifeste + +- **`runtimeClassName: nvidia`**: C'est la partie la plus importante. Elle indique à Kubernetes d'utiliser le runtime NVIDIA. Le toolkit NVIDIA s'occupe alors d'injecter les drivers NVIDIA directement dans le pod, ce qui permet au conteneur d'accéder au GPU. +- **`restartPolicy: Never`**: Comme ce pod est juste une commande de vérification, nous ne voulons pas qu'il redémarre après son exécution. +- **`image: "nvidia/cuda:..."`**: Nous utilisons une image fournie par NVIDIA qui contient les outils nécessaires pour interagir avec le GPU. +- **`command: ["nvidia-smi"]`**: C'est la commande qui sera exécutée à l'intérieur du conteneur. `nvidia-smi` est un outil en ligne de commande qui fournit des informations sur les GPU NVIDIA. + +Pour plus d'informations sur le fonctionnement du toolkit NVIDIA, vous pouvez consulter la [documentation officielle sur GitHub](https://github.com/NVIDIA/nvidia-container-toolkit). + +## Déploiement et Vérification + +1. **Déployez le pod** en utilisant la commande `kubectl apply` : + ```shell + kubectl apply -f nvidia-smi.yaml + ``` + +2. **Vérifiez les logs du pod** pour voir la sortie de la commande `nvidia-smi` : + ```shell + kubectl logs nvidia-cuda-check + ``` + +Si tout est configuré correctement, vous devriez voir une sortie similaire à celle-ci, montrant les détails de votre carte GPU : + +nvidia-smi command result diff --git a/docs/managed_kubernetes/tutorials/usingkubecosts.md b/docs/managed_kubernetes/tutorials/usingkubecosts.md deleted file mode 100644 index 74f00577..00000000 --- a/docs/managed_kubernetes/tutorials/usingkubecosts.md +++ /dev/null @@ -1,73 +0,0 @@ ---- -title: Suivre les coûts avec Kubecost ---- -:::info[Évolution de l'outil de FinOps] -Le produit **KubeCost**, bien que toujours fonctionnel sur votre cluster, est progressivement remplacé par **OpenCost**, son successeur open-source. - -**OpenCost** est maintenant la solution recommandée et maintenue activement par la communauté Cloud Native (CNCF). - -Nous vous encourageons à commencer à utiliser OpenCost pour bénéficier des dernières fonctionnalités et d'une meilleure intégration. -::: - -import kubecostsallocations from './images/kubecostsallocations.png' - -## Objectifs - -Ce tutoriel vous présente **Kubecost**, l'outil de monitoring et d'optimisation des coûts intégré à votre cluster **Managed Kubernetes**. À la fin de ce guide, vous serez capable de : - -- **Accéder** à l'interface de Kubecost. -- **Analyser** la répartition des coûts de vos applications. -- **Identifier** les pistes d'optimisation pour réduire votre facturation. - -## Qu'est-ce que Kubecost ? - -Kubecost est une solution open-source qui fournit une visibilité en temps réel sur les coûts de vos environnements Kubernetes. Il vous aide à comprendre précisément ce qui consomme des ressources dans votre cluster et comment cela se traduit en termes de coûts. - -Dans l'offre Managed Kubernetes, Kubecost est pré-installé et configuré pour vous donner une vision claire de vos dépenses. Il est directement paramétré avec les coûts réels de l'infrastructure Cloud Temple, ce qui signifie que les estimations affichées sont fidèles à votre facturation. - -## Accéder à l'interface Kubecost - -L'interface de Kubecost est exposée sur une URL sécurisée, propre à votre cluster. Pour y accéder, utilisez l'URL suivante en remplaçant `identifiant` par celui de votre cluster (par exemple, `ctodev`) : - -`https://kubecost.external-secured.identifiant.mk.ms-cloud-temple.com` - -:::info -L'accès à cette URL est restreint aux adresses IP que vous avez déclarées au support Cloud Temple. Si vous ne parvenez pas à y accéder, veuillez contacter le support pour vérifier les règles de firewall. -::: - -## Explorer la répartition des coûts (Allocations) - -La page principale de Kubecost est le tableau de bord **Allocations**. C'est ici que vous pouvez visualiser la consommation de vos ressources. - -Par défaut, les coûts sont agrégés par **Namespace**. Vous pouvez utiliser le menu déroulant "Aggregate by" pour changer la vue et analyser les coûts par : -- `Deployment`, `StatefulSet`, etc. -- `Controller` -- `Label` (très utile si vous utilisez des labels pour identifier vos équipes ou projets. Vous pouvez par exemple utiliser le label du tenant capsule.) - -Vous pouvez également ajuster la période d'analyse (par défaut, "Last 7 days") pour visualiser les coûts sur une autre période. - -Kubecost UI - -## Analyser le coût des infrastructures (Assets) - -La section **Assets** vous donne une vue détaillée des coûts liés à l'infrastructure sous-jacente de votre cluster : -- Les nœuds (VMs) -- Les disques persistants -- Les coûts réseau - -Cela vous permet de comprendre la répartition des coûts entre les ressources de calcul, de stockage et de réseau. - -## Identifier les pistes d'optimisation (Savings) - -Kubecost ne se contente pas de montrer les coûts, il vous aide aussi à les réduire. La section **Savings** analyse en continu votre cluster et vous fournit des recommandations concrètes pour optimiser vos dépenses. - -Les recommandations courantes incluent : -- **Right-sizing container requests :** Ajuster les requêtes de CPU et de mémoire de vos conteneurs pour qu'elles correspondent à leur consommation réelle. -- **Manage abandoned workloads :** Identifier les déploiements qui ne sont plus utilisés mais qui consomment toujours des ressources. -- **Manage unclaimed volumes :** Trouver les disques persistants qui ne sont plus attachés à aucun pod. - -Chaque recommandation est accompagnée d'une estimation des économies mensuelles que vous pourriez réaliser. - -## Conclusion - -Kubecost est un outil puissant pour maîtriser les coûts de votre cluster Kubernetes. En explorant régulièrement les tableaux de bord "Allocations", "Assets" et "Savings", vous pouvez non seulement comprendre où va votre argent, mais aussi prendre des mesures éclairées pour optimiser l'efficacité de vos applications et réduire votre facture. diff --git a/docs/managed_kubernetes/tutorials/usingopencost.md b/docs/managed_kubernetes/tutorials/usingopencost.md index e891b5cd..22654d4b 100644 --- a/docs/managed_kubernetes/tutorials/usingopencost.md +++ b/docs/managed_kubernetes/tutorials/usingopencost.md @@ -2,6 +2,7 @@ title: Suivre les coûts avec OpenCost --- import opencostui from './images/opencost.png' +import opencostgrafana from './images/opencostgrafana.png' import opencostmcp from './images/opencostmcp.png' import opencostmcp2 from './images/opencostmcp2.png' import opencostmcp3 from './images/opencostmcp3.png' @@ -47,6 +48,12 @@ Cette vue vous permet de décomposer les coûts par concepts natifs Kubernetes. Pour une analyse financière encore plus fine, OpenCost peut agréger les coûts en se basant sur les **labels Kubernetes**. Il n'y a pas une option "Label" directe dans le menu, mais OpenCost ingère vos labels et vous permet de créer des agrégations personnalisées. Pour cela, une stratégie de labeling cohérente est essentielle. Par exemple, en utilisant des labels comme `team: backend` ou `product: api-gateway`, vous pourrez analyser les coûts qui correspondent précisément à votre organisation. Pour ce type d'analyse, vous devez passer par l'intégration IA d'opencost. +## Dashboard Grafana + +Un dashboard Grafana est également disponible pour visualiser les données d'OpenCost. Ce dashboard offre une vue alternative et complémentaire à l'interface d'OpenCost, et il conserve l'historique complet des métriques de coûts, vous permettant d'analyser les tendances sur le long terme. + +OpenCost Grafana Dashboard + ## Utilisation Avancée : Intégration avec une IA (Serveur MCP) Pour les utilisateurs avancés, OpenCost peut être directement interrogé depuis l'assistant conversationnel Cline (ou autre) grâce au système de **MCP (Multi-purpose Co-processor) servers**. Cela vous permet de scripter des requêtes et d'obtenir des données de coût directement dans vos conversations. @@ -93,7 +100,7 @@ Une fois ce fichier sauvegardé, Cline chargera automatiquement le MCP `opencost ### 2. Interroger OpenCost avec le MCP :::tip Prérequis -Pour interagir avec le MCP en langage naturel, l'IA sous-jacente doit avoir accès à des modèles de langage (LLMs), soit localement (LMStudio, etc), soit via une connexion à des services publics comme GPT-5 ou Gemini, soit en utilisant notre offre **[LLM-as-a-Service](/docs/llmaas/llmaas)** souveraine. +Pour interagir avec le MCP en langage naturel, l'IA sous-jacente doit avoir accès à des modèles de langage (LLMs), soit localement (LMStudio, etc), soit via une connexion à des services publics comme GPT-5 ou Gemini, soit en utilisant notre offre **[LLM-as-a-Service](/llmaas/llmaas)** souveraine. ::: Après configuration, vous pouvez utiliser les outils LLM pour effectuer des requetes en langage natuel sur ce serveur MCP. diff --git a/i18n/de/docusaurus-plugin-content-docs/current/changelog.md b/i18n/de/docusaurus-plugin-content-docs/current/changelog.md index b6349d69..4a074d77 100644 --- a/i18n/de/docusaurus-plugin-content-docs/current/changelog.md +++ b/i18n/de/docusaurus-plugin-content-docs/current/changelog.md @@ -5,6 +5,14 @@ sidebar_position: 2 # Change Tracking +### January 19, 2026: Managed Kubernetes and VPC Enhancements + +- **Managed Kubernetes**: Added support for **Bare Metal** nodes and **GPUs** (NVIDIA). +- **Managed Kubernetes**: New tutorial on using GPUs within a Kubernetes cluster. +- **Managed Kubernetes**: Replaced KubeCost with a more recent guide on **OpenCost**. +- **Network (VPC)**: Comprehensive documentation for the Virtual Private Cloud (VPC) service, including high availability (HA) concepts, quick start guides, and tutorials. +- **Multilingual**: Full translation of the VPC service and new Kubernetes content into English, German, Spanish, and Italian. + ### December 15, 2025: Stabilization and Multilingual Fixes - **Multilingual (Terraform, LLMaaS, Harbor)**: Major correction of translations in Spanish, Italian, and German. Resolution of MDX syntax issues (empty code blocks, unescaped tags) that were preventing site compilation. @@ -14,7 +22,7 @@ sidebar_position: 2 ### December 11, 2025: Managed Kubernetes Updates - **Managed Kubernetes**: Added a new tutorial on using **Gateway API** for advanced traffic management. -- **Managed Kubernetes**: Updated documentation on quota management (Ceph) and enhanced cost management tools (OpenCost). +- **Managed Kubernetes**: Updated documentation on quota management (Ceph) and optimization of cost management tools (OpenCost). ### November 22, 2025: LLMaaS Updates and General Improvements @@ -28,8 +36,8 @@ sidebar_position: 2 ### 3 November 2025: Enhancements to Kubernetes Tutorials -- **Managed Kubernetes**: Introduction of a new tutorial on continuous deployment with **ArgoCD** and the GitOps approach. -- **Managed Kubernetes**: Review and enhancement of existing tutorials. Guides on deployment, networking, permission management (Capsule), and backup (Kasten) have been enriched to better address security, governance, and cost concerns, in response to the needs of RSSI and Procurement profiles. +- **Managed Kubernetes**: Introduction of a new tutorial on continuous deployment using **ArgoCD** and the GitOps approach. +- **Managed Kubernetes**: Review and enhancement of existing tutorials. Guides on deployment, networking, permission management (Capsule), and backup (Kasten) have been enriched to better address security, governance, and cost concerns, in response to the expectations of RSSI and Procurement profiles. ### 28 October 2025: New Managed Kubernetes Documentation and Various Improvements @@ -43,8 +51,8 @@ sidebar_position: 2 - **Contractual**: Major update to the Data Processing Agreement (DPA v2) to reflect the latest legal and compliance requirements. - **Console**: Improved and clarified documentation regarding order management. - **Marketplace**: Added a detailed tutorial on customizing virtual machine (VM) images to create reusable templates. -- **LLMaaS**: Added a guide to configure the VSCode CLINE extension for using Cloud Temple's language models directly from the editor. -- **Object Storage (OSS)**: Added clarifications regarding the lifecycle policy for data deletion. +- **LLMaaS**: Added a guide to configure the VSCode CLINE extension for using Cloud Temple’s language models directly from the editor. +- **Object Storage (OSS)**: Added clarifications on the lifecycle policy for data deletion. - **Object Storage (OSS)**: Added a troubleshooting guide for checksum errors (`XAmzContentSHA256Mismatch`) with AWS CLI and Terraform. - **LLMaaS**: Updated the list of available models and retranslated over 50 documents to ensure consistency. @@ -74,5 +82,5 @@ sidebar_position: 2 - Improvement of the RAG explanation page with diagrams and details on embedding models. - Update of the API documentation, quick start guide, and service presentation. - Addition of pricing for the Audio Transcription endpoint. -- Inclusion of the projected model lifecycle timeline. +- Incorporation of the projected model lifecycle roadmap. - Addition of the responsibility matrix for the LLMaaS offering. \ No newline at end of file diff --git a/i18n/de/docusaurus-plugin-content-docs/current/console/security/security_alarms.md b/i18n/de/docusaurus-plugin-content-docs/current/console/security/security_alarms.md index b2037d7a..0656b4eb 100644 --- a/i18n/de/docusaurus-plugin-content-docs/current/console/security/security_alarms.md +++ b/i18n/de/docusaurus-plugin-content-docs/current/console/security/security_alarms.md @@ -1,47 +1,44 @@ - - --- -title: Sicherheitswarnungen +title: Security Alerts --- -Finden Sie hier die Sicherheitswarnungen zu unseren Cloud-Diensten. -Diese Seite wird täglich aktualisiert, um neu identifizierte Schwachstellen zu berücksichtigen. - +Find here the security alerts related to our cloud services. +This page is updated daily to account for newly identified vulnerabilities. +## Vulnerabilities -## Schwachstellen - -| Datum | Referenz(en) | CVSS | Titel | Beschreibung | Dienst(e) | Schwere | Behandlung | +| Date | Reference(s) | CVSS | Title | Description | Service(s) | Severity | Treatment | |---------------------|-----------------|-------------|--------------|---------|-------------|----------------|-------------| -| 07/08/2025 | [DSA-2025-154](https://www.dell.com/support/kbdoc/en-us/000262308/dsa-2025-154-security-update-for-dell-ecs-and-objectscale-use-of-hard-coded-ssh-cryptographic-key-vulnerability) | 8.4 | **DSA-2025-154: Schwachstelle in Dell ObjectScale (CVE-2025-26476)** | Eine Schwachstelle (CVE-2025-26476) in Dell ObjectScale (< 4.0.0.0) im Zusammenhang mit der Verwendung von hartcodierten SSH-Schlüsseln ermöglicht einen nicht authentifizierten lokalen Zugriff. | Object Storage | 🟠 Wichtig | ✅ Die Beseitigung Ihrer ObjectScale-Umgebungen wird von Cloud Temple unterstützt. Es ist keine Aktion von Ihrer Seite erforderlich. | -| 15/07/2025 | [VMSA-2025-0013](https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/VMSA-2025-0013--VMware-ESXi--Workstation--Fusion--and-Tools-updates-address-multiple-vulnerabilities--CVE-2025-41236--CVE-2025-41237--CVE-2025-41238--CVE-2025-41239-/35877) | 9.3 | **VMSA-2025-0013: Wichtige Schwachstellen in VMware ESXi** | Mehrere wichtige Schwachstellen betreffen VMware ESXi. Korrekturen sind vom Hersteller verfügbar. | IaaS By VMware | 🟠 Wichtig | ⚠️ Wir empfehlen Ihnen, Ihre Hypervisoren zu aktualisieren. Die korrigierten ESXi-Versionen sind ab ihrer Validierung durch Cloud Temple verfügbar. Die Konsole weist Sie auf die ESXi hin, die eine Aktualisierung benötigen. | -| 15/07/2025 | [VMSA-2025-0013](https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/VMSA-2025-0013--VMware-ESXi--Workstation--Fusion--and-Tools-updates-address-multiple-vulnerabilities--CVE-2025-41236--CVE-2025-41237--CVE-2025-41238--CVE-2025-41239-/35877) | 7.1 | **VMSA-2025-0013: Schwachstelle in VMware Tools (CVE-2025-41239)** | Eine Schwachstelle (CVE-2025-41239) in VMware Tools ermöglicht die Offenlegung sensibler Informationen über nicht initialisierte vSockets. Korrekturen sind vom Hersteller verfügbar. | IaaS By VMware | 🟡 Mittel | ⚠️ Wir empfehlen Ihnen, VMware Tools auf Ihren virtuellen Maschinen zu aktualisieren. Die korrigierten VMware Tools-Versionen sind in den von Cloud Temple bereitgestellten ESXi-Paketen enthalten. | -| 01/07/2025 | [XSA-470](https://xenbits.xen.org/xsa/advisory-470.html) | N/A | **Schwachstelle in XCP-NG durch falsche Ausnahmebehandlung** [Herausgeber-Bulletin](https://xcp-ng.org/blog/2025/07/03/july-2025-security-and-maintenance-update-for-xcp-ng-8-2-lts/) | Eine Schwachstelle wurde in XCP-NG entdeckt, die es ermöglicht, durch Code, der von einer virtuellen Maschine aus ausgeführt wird, den Hypervisor zum Absturz zu bringen und dadurch einen Dienstverweigerungsangriff (DoS) auf den gesamten Host auszulösen. | IaaS OpenSource | 🟡 Mittel | ✅ Die Aktualisierung Ihrer XCP-ng-Instanzen ist ab der Validierung der Korrekturen durch Cloud Temple geplant. Es ist keine Aktion von Ihrer Seite erforderlich.| -| 23/05/2025 | [XSA-468](https://xenbits.xen.org/xsa/advisory-468.html) | 8.8-9.0 | **Schwachstellen in XCP-NG in den Windows-PV-Treibern (XSA-468)** [Herausgeber-Bulletin](https://xcp-ng.org/blog/2025/05/27/xsa-468-windows-pv-driver-vulnerabilities/) | Mehrere Schwachstellen (CVE-2025-27462, CVE-2025-27463, CVE-2025-27464) in den Windows-PV-Treibern ermöglichen es nicht privilegierten Benutzern, Systemrechte innerhalb der Windows-VMs zu erlangen. | IaaS OpenSource | 🟠 Wichtig | ⚠️ Wir empfehlen Ihnen, die Windows-PV-Treiber Ihrer virtuellen Maschinen auf die korrigierten Versionen zu aktualisieren, die im Sicherheitsbulletin angegeben sind. ✅ Die Aktualisierung Ihrer XCP-ng-Instanzen ist ab der Validierung der Korrekturen durch Cloud Temple geplant. | -| 22/05/2025 | [XSA-469, INTEL-SA](https://xcp-ng.org/blog/2025/05/14/may-2025-security-update-for-xcp-ng-8-2-8-3/) | 4.9-6.5 | **Schwachstellen in XCP-NG im Intel-Mikrocode und Xen (XSA-469, INTEL-SA)** [Herausgeber-Bulletin](https://xcp-ng.org/blog/2025/05/14/may-2025-security-update-for-xcp-ng-8-2-8-3/) | Sicherheitskorrekturen für XCP-ng wurden veröffentlicht, die mehrere Schwachstellen im Intel-Mikrocode und Xen beheben. | IaaS OpenSource | 🟡 Mittel | ✅ Die Aktualisierung Ihrer XCP-ng-Instanzen ist ab der Validierung der Korrekturen durch Cloud Temple geplant. Es ist keine Aktion von Ihrer Seite erforderlich.| -| 21/05/2025 | [VMSA-2025-0010](https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25717) | 4.3-6.8 | **VMSA-2025-0010: Mehrere Schwachstellen in VMware ESXi (CVE-2025-41226, CVE-2025-41227, CVE-2025-41228)** | Mehrere Schwachstellen in VMware ESXi wurden gemeldet: Schwachstelle für Denial-of-Service-Operationen im Gast (CVE-2025-41226), Schwachstelle für Denial-of-Service (CVE-2025-41227), Cross-Site-Scripting-Schwachstelle (XSS) (CVE-2025-41228). Korrekturen sind vom Hersteller verfügbar. | IaaS By VMware | 🟡 Mittel | ⚠️ Wir empfehlen Ihnen, Ihre Hypervisoren zu aktualisieren. Die korrigierten ESXi-Versionen sind ab ihrer Validierung durch Cloud Temple verfügbar. Die Konsole weist Sie auf die ESXi hin, die eine Aktualisierung benötigen. | -| 21/05/2025 | [VMSA-2025-0010](https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25717) | 4.3-8.8 | **VMSA-2025-0010: Mehrere Schwachstellen in vCenter (CVE-2025-41225, CVE-2025-41228)** | Mehrere Schwachstellen in VMware vCenter wurden gemeldet: Schwachstelle für authentifizierte Befehlsausführung in VMware vCenter Server (CVE-2025-41225), Cross-Site-Scripting-Schwachstelle (XSS) (CVE-2025-41228). Korrekturen sind vom Hersteller verfügbar. | IaaS By VMware | 🟠 Wichtig | ✅ Die Aktualisierung Ihrer vCenter-Instanzen ist ab der Validierung der Korrekturen durch Cloud Temple geplant. Es ist keine Aktion von Ihrer Seite erforderlich. Die Aktualisierung wird in den Console-Benachrichtigungen angezeigt. | -| 14/05/2025 | [VMSA-2025-0007](https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25683) | 6.1 | **VMSA-2025-0007: Schwachstelle bei unsicherer Dateiverwaltung in VMware Tools (CVE-2025-22247)** | Eine Schwachstelle bei unsicherer Dateiverwaltung in VMware Tools wurde gemeldet. Korrekturen sind vom Hersteller verfügbar. | IaaS By VMware | 🟡 Mittel | ⚠️ Wir empfehlen Ihnen, VMware Tools auf Ihren virtuellen Maschinen zu aktualisieren. Die korrigierten VMware Tools-Versionen sind in den von Cloud Temple bereitgestellten ESXi-Paketen enthalten. | -| 25/03/2025 | [VMSA-2025-0005](https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25518) | 7.8 | **VMSA-2025-0005: Schwachstelle bei Authentifizierungsüberwindung in VMware Tools für Windows (CVE-2025-22230)** | Eine Schwachstelle bei Authentifizierungsüberwindung in VMware Tools für Windows wurde gemeldet. Korrekturen sind vom Hersteller verfügbar. | IaaS By VMware | 🟠 Wichtig | ⚠️ Wir empfehlen Ihnen, VMware Tools auf Ihren virtuellen Maschinen zu aktualisieren. Die korrigierten VMware Tools-Versionen sind in den von Cloud Temple bereitgestellten ESXi-Paketen enthalten | -| 04/03/2025 | [VMSA-2025-0004](https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25390) | 7.1-9.3 | **VMSA-2025-0004: Mehrere Schwachstellen in VMware ESXi (CVE-2025-22224, CVE-2025-22225, CVE-2025-22226)** | Mehrere Schwachstellen in VMware ESXi wurden gemeldet: Schwachstelle für Heap-Overflow in VMCI (CVE-2025-22224), die von VMware als Kritisch eingestuft wird, Schwachstelle für beliebige Schreibvorgänge in VMware ESXi (CVE-2025-22225), Schwachstelle für Informationssicherheitsverletzungen in HGFS (CVE-2025-22226). Korrekturen sind vom Hersteller verfügbar. | IaaS By VMware | 🟠 Wichtig | ⚠️ Wir empfehlen Ihnen, Ihre Hypervisoren zu aktualisieren. Die korrigierten ESXi-Versionen sind ab ihrer Validierung durch Cloud Temple verfügbar. Die Konsole weist Sie auf die ESXi hin, die eine Aktualisierung benötigen. | - - +| 23/12/2025 | [CVE-2025-14443](https://access.redhat.com/security/cve/CVE-2025-14443) | 8.5 | **Vulnerability in Red Hat OpenShift (CVE-2025-14443)** | A vulnerability in the `openshift-apiserver` component allows privilege escalation. Exploitation requires prior authentication. | PaaS OpenShift | 🟠 Important | ⚠️ No patch available yet. We are awaiting the fix from Red Hat. | +| 30/09/2025 | [VMSA-2025-0016](https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36150) | 8.5 | **VMSA-2025-0016: Vulnerability in VMware vCenter (CVE-2025-41250)** | A vulnerability (CVE-2025-41250) allows an authenticated attacker to modify scheduled task notification emails. | IaaS By VMware | 🟠 Important | ⚠️ We recommend scheduling an upgrade of vCenter to version 8.0 U3g or 7.0 U3w. | +| 30/09/2025 | [VMSA-2025-0015](https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36149) | 7.6 | **VMSA-2025-0015: Vulnerability in VMware Tools (Windows)** | A vulnerability (CVE-2025-41246) affecting VMware Tools for Windows allows privilege escalation (requires authenticated local access). | IaaS By VMware | 🟡 Moderate | ⚠️ We recommend scheduling an upgrade of Windows VMware Tools to version 13.0.5 or 12.5.4. | +| 07/08/2025 | [DSA-2025-154](https://www.dell.com/support/kbdoc/en-us/000262308/dsa-2025-154-security-update-for-dell-ecs-and-objectscale-use-of-hard-coded-ssh-cryptographic-key-vulnerability) | 8.4 | **DSA-2025-154: Vulnerability in Dell ObjectScale (CVE-2025-26476)** | A vulnerability (CVE-2025-26476) in Dell ObjectScale (< 4.0.0.0) related to the use of hard-coded SSH cryptographic keys allows unauthenticated local access. | Object Storage | 🟠 Important | ✅ Remediation of your ObjectScale environments is handled by Cloud Temple. No action required from your side. | +| 15/07/2025 | [VMSA-2025-0013](https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/VMSA-2025-0013--VMware-ESXi--Workstation--Fusion--and-Tools-updates-address-multiple-vulnerabilities--CVE-2025-41236--CVE-2025-41237--CVE-2025-41238--CVE-2025-41239-/35877) | 9.3 | **VMSA-2025-0013: Critical vulnerabilities in VMware ESXi** | Several critical vulnerabilities affect VMware ESXi. Patches are provided by the vendor. | IaaS By VMware | 🟠 Important | ⚠️ We recommend updating your hypervisors. The patched ESXi versions are available as soon as validated by Cloud Temple. Console will indicate which ESXi hosts require updates. | +| 15/07/2025 | [VMSA-2025-0013](https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/VMSA-2025-0013--VMware-ESXi--Workstation--Fusion--and-Tools-updates-address-multiple-vulnerabilities--CVE-2025-41236--CVE-2025-41237--CVE-2025-41238--CVE-2025-41239-/35877) | 7.1 | **VMSA-2025-0013: Vulnerability in VMware Tools (CVE-2025-41239)** | A vulnerability (CVE-2025-41239) in VMware Tools allows disclosure of sensitive information via uninitialized vSockets. Patches are provided by the vendor. | IaaS By VMware | 🟡 Moderate | ⚠️ We recommend updating VMware Tools on your virtual machines. The patched VM Tools versions are included in the ESXi packages provided by Cloud Temple. | +| 01/07/2025 | [XSA-470](https://xenbits.xen.org/xsa/advisory-470.html) | N/A | **XCP-NG vulnerability due to improper exception handling** [Vendor Bulletin](https://xcp-ng.org/blog/2025/07/03/july-2025-security-and-maintenance-update-for-xcp-ng-8-2-lts/) | A vulnerability has been discovered in XCP-NG, allowing privileged code executed from a virtual machine to crash the hypervisor, resulting in a complete host denial-of-service (DoS). | IaaS OpenSource | 🟡 Moderate | ✅ Your XCP-ng instances will be updated as soon as fixes are validated by Cloud Temple. No action required from your side. | +| 23/05/2025 | [XSA-468](https://xenbits.xen.org/xsa/advisory-468.html) | 8.8–9.0 | **XCP-NG vulnerabilities in Windows PV drivers (XSA-468)** [Vendor Bulletin](https://xcp-ng.org/blog/2025/05/27/xsa-468-windows-pv-driver-vulnerabilities/) | Multiple vulnerabilities (CVE-2025-27462, CVE-2025-27463, CVE-2025-27464) in Windows PV drivers allow unprivileged users to gain system privileges inside Windows VMs. | IaaS OpenSource | 🟠 Important | ⚠️ We recommend updating the Windows PV drivers on your virtual machines to the corrected versions specified in the security bulletin. ✅ Your XCP-ng instances will be updated as soon as fixes are validated by Cloud Temple. | +| 22/05/2025 | [XSA-469, INTEL-SA](https://xcp-ng.org/blog/2025/05/14/may-2025-security-update-for-xcp-ng-8-2-8-3/) | 4.9–6.5 | **XCP-NG vulnerabilities in Intel microcode and Xen (XSA-469, INTEL-SA)** [Vendor Bulletin](https://xcp-ng.org/blog/2025/05/14/may-2025-security-update-for-xcp-ng-8-2-8-3/) | Security patches for XCP-ng have been released, addressing multiple vulnerabilities in Intel microcode and Xen. | IaaS OpenSource | 🟡 Moderate | ✅ Your XCP-ng instances will be updated as soon as fixes are validated by Cloud Temple. No action required from your side. | +| 21/05/2025 | [VMSA-2025-0010](https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25717) | 4.3–6.8 | **VMSA-2025-0010: Multiple vulnerabilities in VMware ESXi (CVE-2025-41226, CVE-2025-41227, CVE-2025-41228)** | Multiple vulnerabilities in VMware ESXi have been reported: Guest operation denial-of-service vulnerability (CVE-2025-41226), Denial-of-service vulnerability (CVE-2025-41227), Cross-Site Scripting (XSS) vulnerability (CVE-2025-41228). Patches are provided by the vendor. | IaaS By VMware | 🟡 Moderate | ⚠️ We recommend updating your hypervisors. The patched ESXi versions are available as soon as validated by Cloud Temple. Console will indicate which ESXi hosts require updates. | +| 21/05/2025 | [VMSA-2025-0010](https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25717) | 4.3–8.8 | **VMSA-2025-0010: Multiple vulnerabilities in vCenter (CVE-2025-41225, CVE-2025-41228)** | Multiple vulnerabilities in VMware vCenter have been reported: Authenticated command execution vulnerability in VMware vCenter Server (CVE-2025-41225), Cross-Site Scripting (XSS) vulnerability (CVE-2025-41228). Patches are provided by the vendor. | IaaS By VMware | 🟠 Important | ✅ Your vCenter instances will be updated as soon as fixes are validated by Cloud Temple. No action required from your side. The update will be indicated in Console notifications. | +| 14/05/2025 | [VMSA-2025-0007](https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25683) | 6.1 | **VMSA-2025-0007: Insecure file handling vulnerability in VMware Tools (CVE-2025-22247)** | An insecure file handling vulnerability in VMware Tools has been reported. Patches are provided by the vendor. | IaaS By VMware | 🟡 Moderate | ⚠️ We recommend updating VMware Tools on your virtual machines. The patched VM Tools versions are included in the ESXi packages provided by Cloud Temple. | +| 25/03/2025 | [VMSA-2025-0005](https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25518) | 7.8 | **VMSA-2025-0005: Authentication bypass vulnerability in VMware Tools for Windows (CVE-2025-22230)** | An authentication bypass vulnerability in VMware Tools for Windows has been reported. Patches are provided by the vendor. | IaaS By VMware | 🟠 Important | ⚠️ We recommend updating VMware Tools on your virtual machines. The patched VM Tools versions are included in the ESXi packages provided by Cloud Temple. | +| 04/03/2025 | [VMSA-2025-0004](https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25390) | 7.1–9.3 | **VMSA-2025-0004: Multiple vulnerabilities in VMware ESXi (CVE-2025-22224, CVE-2025-22225, CVE-2025-22226)** | Multiple vulnerabilities in VMware ESXi have been reported: VMCI heap overflow vulnerability (CVE-2025-22224), evaluated as Critical by VMware; Arbitrary write vulnerability in VMware ESXi (CVE-2025-22225); Information disclosure vulnerability in HGFS (CVE-2025-22226). Patches are provided by the vendor. | IaaS By VMware | 🟠 Important | ⚠️ We recommend updating your hypervisors. The patched ESXi versions are available as soon as validated by Cloud Temple. Console will indicate which ESXi hosts require updates. | ## Informationen -- **Datum** : Datum der ursprünglichen Veröffentlichung der Cloud Temple Sicherheitsmeldung. +- **Datum** : Datum der ursprünglichen Veröffentlichung der Sicherheitswarnung von Cloud Temple. - **Referenz(en)** : CVE-ID, falls verfügbar. -- **CVSS** : Grundscore CVSS v3 gemäß dem Herausgeber oder der CVE, nicht kontextualisiert. Die Kontextualisierung wird durch den Schweregrad CT ausgedrückt. Falls die Meldung mehrere Schwachstellen betrifft, werden die minimalen und maximalen CVSS-Scores angegeben. -- **Titel** : Titel der Meldung mit Herausgeber-Referenz, falls verfügbar. -- **Beschreibung** : Kurzbeschreibung mit Link(en) zu detaillierten Informationen. +- **CVSS** : CVSS v3-Basisbewertung gemäß dem Herausgeber oder der CVE, nicht kontextualisiert. Die Kontextualisierung wird durch die Schwere CT ausgedrückt. Falls mehrere Schwachstellen betroffen sind, werden die minimalen und maximalen CVSS-Werte angegeben. +- **Titel** : Titel der Warnung, mit Herausgeber-Referenz falls verfügbar. +- **Beschreibung** : Zusammenfassende Beschreibung mit Link(en) zu detaillierten Informationen. - **Dienst(e)** : Cloud Temple-Dienst(e), die betroffen sein könnten. -- **Schweregrad** : Schweregrad im Kontext der Cloud Temple-Dienste (für die kritischste Schwachstelle bei mehreren Schwachstellen). Die Ausnutzbarkeit wird im technischen Kontext unserer Infrastruktur und Cloud-Dienste berücksichtigt. +- **Schwere** : Schweregrad im Kontext der Cloud Temple-Dienste (für die kritischste Schwachstelle bei mehreren betroffenen Schwachstellen). Die Ausnutzbarkeitskriterien werden im technischen Kontext unserer Infrastrukturen und Dienste berücksichtigt. | Ebene | Beschreibung | -|--------|-------------| -| 🔴 **Kritisch** | Schwachstelle mit CVSS 7+ mit einem wichtigen Ausnutzungsrisiko (hohe Exposition, einfache Ausnutzung). Eine Korrektur oder Minderung ist dringend empfohlen.| -| 🟠 **Wichtig** | Schwachstelle mit CVSS 7+, die kein wichtiges Ausnutzungsrisiko darstellt (begrenzte Exposition oder Ausnutzungsbeschränkungen) | +|-------|--------------| +| 🔴 **Kritisch** | Schwachstelle mit CVSS 7+ und erheblichem Ausnutzungsrisiko (hohe Exposition, einfache Ausnutzbarkeit). Eine Korrektur oder Minderung der Auswirkungen wird dringend empfohlen. | +| 🟠 **Wichtig** | Schwachstelle mit CVSS 7+, die jedoch kein erhebliches Ausnutzungsrisiko darstellt (begrenzte Exposition oder Ausnutzungsbedingungen). | | 🟡 **Mäßig** | Schwachstelle mit CVSS 4+ | | 🔵 **Gering** | Schwachstelle mit CVSS unter 4 oder nicht ausnutzbar. | -- **Behandlung** : Informationen und Empfehlungen im Kontext der Cloud Temple-Dienste. ⚠️ zeigt an, dass eine Aktion der Benutzer erforderlich ist, um die Schwachstelle zu behandeln. ✅ zeigt an, dass die Behandlung der Schwachstelle durch Cloud Temple übernommen wird. \ No newline at end of file +- **Behandlung** : Informationen und Empfehlungen im Kontext der Cloud Temple-Dienste. ⚠️ zeigt an, dass eine Aktion durch die Nutzer erforderlich ist, um die Schwachstelle zu behandeln. ✅ zeigt an, dass Cloud Temple die Behandlung der Schwachstelle übernimmt. \ No newline at end of file diff --git a/i18n/de/docusaurus-plugin-content-docs/current/llmaas/concepts.md b/i18n/de/docusaurus-plugin-content-docs/current/llmaas/concepts.md index cbb01732..f0f014c1 100644 --- a/i18n/de/docusaurus-plugin-content-docs/current/llmaas/concepts.md +++ b/i18n/de/docusaurus-plugin-content-docs/current/llmaas/concepts.md @@ -3,19 +3,19 @@ title: Konzepte sidebar_position: 3 --- -# Konzepte und Architektur von LLMaaS +# Concepts and Architecture of LLMaaS -## Überblick +## Overview -Der Dienst **LLMaaS** (Large Language Models as a Service) von Cloud Temple bietet einen sicheren und souveränen Zugang zu den fortschrittlichsten Modellen der künstlichen Intelligenz, mit der **SecNumCloud-Zertifizierung** der ANSSI. +The **LLMaaS** (Large Language Models as a Service) service by Cloud Temple provides secure and sovereign access to the most advanced artificial intelligence models, with the **SecNumCloud certification** from ANSSI. ## 🏗️ Technische Architektur -### Cloud Temple-Infrastruktur +### Cloud Infrastructure Temple import ArchitectureLLMaaS from './images/llmaas_architecture_001.png'; -Technische Architektur von LLMaaS Cloud Temple +Technical Architecture LLMaaS Cloud Temple ### Hauptkomponenten @@ -25,31 +25,31 @@ import ArchitectureLLMaaS from './images/llmaas_architecture_001.png'; - **Load Balancing** : Intelligente Verteilung auf 12 GPU-Server - **Monitoring** : Echtzeit-Metriken und Alarmierung -#### 2. **Authentifizierungsdienst** -- **Sichere API-Token**: Automatische Rotation -- **Zugriffskontrolle**: Granulare Berechtigungen pro Modell -- **Audit-Trails**: Vollständige Rückverfolgbarkeit der Zugriffe +#### 2. **Authentication Service** +- **Secure API Tokens**: Automatic rotation +- **Access Control**: Granular permissions per model +- **Audit Trails**: Full access traceability -## 🤖 Modelle und Token +## 🤖 Models and Tokens -### Modellkatalog +### Model Catalog -*Vollständiger Katalog: [Liste der Modelle](./models)* +*Complete catalog: [List of models](./models)* -### Token-Verwaltung +### Token Management -#### **Token-Typen** -- **Eingabe-Token**: Ihr Prompt und der Kontext -- **Ausgabe-Token**: Vom Modell generierte Antwort -- **System-Token**: Metadaten und Anweisungen +#### **Token Types** +- **Input Tokens**: Your prompt and context +- **Output Tokens**: Response generated by the model +- **System Tokens**: Metadata and instructions -#### **Kostenberechnung** +#### **Cost Calculation** ``` -Gesamtkosten = (Eingabe-Token × 0,9€/M) + (Ausgabe-Token × 4€/M) + (Reasoning-Ausgabe-Token × 21€/M) +Total cost = (Input tokens × 0.9€/M) + (Output tokens × 4€/M) + (Reasoning output tokens × 21€/M) ``` #### **Optimierung** -- **Kontextfenster**: Wiederverwenden Sie Gespräche, um Kosten zu sparen +- **Contextfenster**: Wiederverwenden Sie Gespräche, um Kosten zu sparen - **Passende Modelle**: Wählen Sie die Größe entsprechend der Komplexität - **Maximale Tokens**: Begrenzen Sie die Länge der Antworten @@ -62,77 +62,77 @@ def estimate_tokens(text: str) -> int: return len(text) // 4 prompt = "Erklären Sie die Photosynthese" -response_max = 200 # gewünschte maximale Anzahl an Tokens +response_max = 200 # maximal gewünschte Tokens estimated_input = estimate_tokens(prompt) # ~6 Tokens total_cost = (estimated_input * 0.9 + response_max * 4) / 1_000_000 -print(f"Geschätzter Kostenbetrag: {total_cost:.6f}€") +print(f"Geschätzter Kosten: {total_cost:.6f}€") ``` -## 🔒 Sicherheit und Compliance +## 🔒 Security and Compliance -### SecNumCloud-Qualifizierung +### SecNumCloud Qualification -Der LLMaaS-Dienst wird auf einer technischen Infrastruktur gehostet, die die **SecNumCloud 3.2-Qualifizierung** der ANSSI besitzt, was Folgendes garantiert: +The LLMaaS service is hosted on a technical infrastructure that holds the **SecNumCloud 3.2 qualification** from ANSSI, ensuring: -#### **Datenschutz** -- **End-zu-End-Verschlüsselung**: TLS 1.3 für alle Kommunikationen -- **Sichere Speicherung**: Daten im Ruhezustand verschlüsselt (AES-256) -- **Isolierung**: Dedizierte Umgebungen pro Mandant +#### **Data Protection** +- **End-to-end encryption**: TLS 1.3 for all communications +- **Secure storage**: Data encrypted at rest (AES-256) +- **Isolation**: Dedicated environments per tenant -#### **Digitale Souveränität** -- **Hosting in Frankreich**: Zertifizierte Cloud Temple-Rechenzentren -- **Französisches Recht**: Native DSGVO-Konformität -- **Keine Exposition**: Keine Datentransfers in ausländische Clouds +#### **Digital Sovereignty** +- **Hosting in France**: Cloud Temple data centers with certifications +- **French law**: Native GDPR compliance +- **No exposure**: No data transfers to foreign clouds -#### **Audit und Rückverfolgbarkeit** -- **Vollständige Protokolle**: Alle Interaktionen werden verfolgt -- **Aufbewahrung**: Speicherung gemäß gesetzlichen Richtlinien -- **Compliance**: Audit-Berichte verfügbar +#### **Audit and Traceability** +- **Complete logs**: All interactions tracked +- **Retention**: Stored according to legal policies +- **Compliance**: Audit reports available -### Sicherheitskontrollen +### Security Controls import SecurityControls from './images/llmaas_security_002.png'; -Sicherheitskontrollen LLMaaS +Security Controls LLMaaS -### Prompt-Sicherheit +### Prompt Security -Die Prompt-Analyse ist eine **native und integrierte** Sicherheitsfunktion der LLMaaS-Plattform. Sie ist standardmäßig aktiviert und zielt darauf ab, Versuche von "Jailbreaking" oder Injektion bösartiger Prompts zu erkennen und zu verhindern, bevor sie das Modell überhaupt erreichen. Dieser Schutz basiert auf einem mehrschichtigen Ansatz. +Prompt analysis is a **native and integrated** security feature of the LLMaaS platform. Enabled by default, it aims to detect and prevent attempts at "jailbreaking" or injecting malicious prompts before they even reach the model. This protection is based on a multi-layered approach. -:::tip Support kontaktieren zur Deaktivierung -Es ist möglich, diese Sicherheitsanalyse für sehr spezifische Anwendungsfälle zu deaktivieren, obwohl dies nicht empfohlen wird. Bei Fragen dazu oder zur Beantragung der Deaktivierung wenden Sie sich bitte an den Cloud Temple-Support. +:::tip Contact support for deactivation +It is possible to disable this security analysis for very specific use cases, although this is not recommended. For any questions regarding this or to request deactivation, please contact Cloud Temple support. ::: #### 1. Strukturelle Analyse (`check_structure`) - **Überprüfung auf fehlerhaftes JSON**: Das System prüft, ob der Prompt mit einem `{` beginnt und versucht, ihn als JSON zu parsen. Wenn der Parsevorgang erfolgreich ist und der JSON verdächtige Schlüsselwörter enthält (z. B. "system", "bypass"), oder wenn der Parsevorgang unerwartet fehlschlägt, kann dies auf eine Injektionsversuch hinweisen. - **Unicode-Normalisierung**: Der Prompt wird mittels `unicodedata.normalize('NFKC', prompt)` normalisiert. Wenn sich der ursprüngliche Prompt von seiner normalisierten Version unterscheidet, kann dies auf die Verwendung von täuschenden Unicode-Zeichen (Homoglyphen) hindeuten, um Filter zu umgehen. Beispielsweise "аdmin" (kyrillisch) anstelle von "admin" (lateinisch). -#### 2. Erkennung verdächtiger Muster (`check_patterns`) +#### 2. Detection von verdächtigen Mustern (`check_patterns`) - Das System verwendet reguläre Ausdrücke (`regex`), um bekannte Angriffsmuster bei Prompt-Attacken zu erkennen, und zwar in mehreren Sprachen (Französisch, Englisch, Chinesisch, Japanisch). - **Beispiele für erkannte Muster**: - **Systembefehle**: Schlüsselwörter wie „ignore the instructions“, „ignore instructions“, „忽略指令“, „指示を無視“. - **HTML-Injektion**: Versteckte oder schädliche HTML-Tags, beispielsweise ` \ No newline at end of file diff --git a/i18n/de/docusaurus-plugin-content-docs/current/network/vpc/concepts.md b/i18n/de/docusaurus-plugin-content-docs/current/network/vpc/concepts.md index 3f492403..f7547a9e 100644 --- a/i18n/de/docusaurus-plugin-content-docs/current/network/vpc/concepts.md +++ b/i18n/de/docusaurus-plugin-content-docs/current/network/vpc/concepts.md @@ -6,59 +6,59 @@ title: Konzepte ## Definition und Positionierung -Die **VPC (Virtual Private Cloud)** ist ein verwalteter Netzwerkdienst, der die Erstellung isolierter, sicherer und kontrollierbarer privater Netzwerke über die Cloud Temple-Konsole ermöglicht. Sie wurde entwickelt, um ein Cloud-natives Erlebnis zu bieten und die Netzwerk- und Sicherheitskonfiguration zu automatisieren. +Der **VPC (Virtual Private Cloud)** ist ein verwalteter Netzwerkservice, der die Erstellung isolierter, sicherer und steuerbarer privater Netzwerke über die Cloud Temple-Konsole ermöglicht. Er ist darauf ausgelegt, eine cloud-native Erfahrung zu bieten, indem er die Netzwerk- und Sicherheitskonfiguration automatisiert. -Stand Januar 2026 ermöglichen VPC-Privatnetzwerke die Verbindung von **IaaS Open Source**- und **IaaS VMware**-Diensten. Die Verbindung mit **Bare Metal**-Servern wird in einem zukünftigen Update verfügbar sein. +Stand Januar 2026 ermöglichen die privaten Netzwerke des VPC die Interkonnektivität zwischen den Diensten **IaaS Open Source** und **IaaS VMware**. Die Interkonnektivität mit den **Bare Metal**-Servern wird in einer kommenden Aktualisierung verfügbar sein. ### VPC vs Private Backbone -Cloud Temple bietet zwei Netzwerkverbrauchsmodi an: +Cloud Temple offers two network consumption modes: -* **Private Backbone (Historisches Angebot)**: - * Ideal für Experten, die maximale Autonomie und spezifische Netzwerkkonfigurationen (Extended L2) suchen. - * Erfordert manuelle Installation und Verwaltung von Sicherheitsgeräten (Firewalls, Router). - * Manuelle Verwaltung des Adressplans. +* **Private Backbone (Legacy offering)**: + * Ideal for experts seeking maximum autonomy and specific network configurations (extended L2). + * Requires manual installation and management of security equipment (firewalls, routers). + * Manual management of IP addressing. -* **VPC (Neues Angebot)**: - * Entwickelt für ein Cloud-natives und automatisiertes Erlebnis. - * Integrierte Sicherheit (Gateway, Firewalling, NAT) ohne Verwaltung von Drittanbietergeräten. - * Managed Service mit garantierter Hochverfügbarkeit durch Cloud Temple. - * Ideal für moderne Projekte, DevOps und Webanwendungs-Hosting. +* **VPC (New offering)**: + * Designed for a cloud-native and automated experience. + * Built-in security (Gateway, Firewalling, NAT) without the need to manage third-party equipment. + * Fully managed service with high availability guaranteed by Cloud Temple. + * Ideal for modern projects, DevOps workflows, and hosting web applications. -## Architektur +## Architecture -Die VPC basiert auf einer redundanten und hochverfügbaren Architektur, die den inter-AZ-Backbone mit geringer Latenz von Cloud Temple nutzt. +The VPC is based on a redundant and highly available architecture, leveraging Cloud Temple's low-latency inter-AZ backbone. ### Schlüsselkomponenten -* **VPC-Router**: Im Herzen jeder VPC verwaltet er das dynamische Routing zwischen verschiedenen privaten Netzwerken (Ost-West-Verkehr). -* **Private Netzwerke (VLANs)**: Layer-2-Netzwerksegmente, die Ihre Ressourcen (VMs, Server) verbinden. Sie erstrecken sich nativ über mehrere Verfügbarkeitszonen (AZ) ohne IP-Rekonfiguration. -* **Externes Gateway**: Optionaler Ein- und Ausgangspunkt für Internetverkehr (Nord-Süd). Es integriert NAT- und Flussmanagementfunktionen. +* **VPC-Router**: Im Zentrum jedes VPCs verwaltet er den dynamischen Routingverkehr zwischen den verschiedenen Private Networks (Ost-West-Traffic). +* **Private Networks (VLANs)**: L2-Netzwerksegmente, die Ihre Ressourcen (VMs, Server) verbinden. Sie erstrecken sich natürlicherweise über mehrere Verfügbarkeitszonen (AZ) ohne IP-Neukonfiguration. +* **Externe Gateway (External Gateway)**: Optionaler Eingangs- und Ausgangspunkt für Internet-Traffic (Nord-Süd). Sie integriert Funktionen für NAT und Flussverwaltung. -### Isolierung und Sicherheit +### Isolation und Sicherheit -Die VPC garantiert eine strikte Isolierung: -* Jede VPC ist eine unabhängige Netzwerkentität. -* Die Bereitstellung erfolgt auf dedizierten Ressourcen (für IaaS Open Source-Kunden), wodurch sichergestellt wird, dass keine Netzwerkressourcen geteilt werden. -* Der Dienst durchläuft derzeit die **SecNumCloud**-Qualifizierung. +Das VPC gewährleistet eine strenge Isolation: +* Jedes VPC ist eine eigenständige Netzwerkeinheit. +* Die Bereitstellung erfolgt auf dedizierten Ressourcen (für IaaS-Open-Source-Kunden), wodurch sichergestellt wird, dass keine Netzwerkressourcen geteilt werden. +* Der Dienst befindet sich derzeit in der Zertifizierung **SecNumCloud**. ## Hauptfunktionen | Funktion | Beschreibung | Verfügbarkeit | -|----------|--------------|---------------| +|--------|-------------|---------------| | **Regionale private Netzwerke** | Multi-AZ-Bereitstellung und transparente L2-Weiterleitung. | Verfügbar | -| **Natives Routing** | Automatische Kommunikation zwischen privaten Netzwerken derselben VPC. | Verfügbar | -| **IPAM & DHCP** | Automatische Verwaltung von Adresspools und dynamische Zuweisung. | Verfügbar | -| **Internetzugang** | Konfigurierbar über Gateway (NAT, DNAT, Kontrollierter Egress). | Verfügbar | -| **Floating IPs** | Flexible Bereitstellung von Diensten im Internet. | Verfügbar | -| **Mikro-Segmentierung** | Netzwerkrichtliniengruppen für erweiterte Sicherheit. | H1 2026 | -| **Beobachtbarkeit** | Protokolle und Metriken zur Netzwerkleistung. | H1 2026 | -| **DNS-Dienst** | Interne und externe Namensauflösung. | H2 2026 | -| **VPN & Cloud Connect** | Sichere Konnektivität zu On-Premise und Public Clouds. | H2 2026 | - -## Anwendungsfälle - -* **Hosting kritischer Anwendungen**, die eine starke Isolierung erfordern. -* **Multi-Projekt-Segmentierung** (Prod, Pre-Prod, Dev). -* **Testumgebungen**, flüchtig und isoliert. -* **Souveräne Netzwerkbasis** für sensible Daten. +| **Nativer Routing** | Automatisierte Kommunikation zwischen privaten Netzwerken innerhalb eines VPC. | Verfügbar | +| **IPAM & DHCP** | Automatisierte Verwaltung von Adresspools und dynamische Zuweisung. | Verfügbar | +| **Internetzugriff** | Konfigurierbar über Gateway (NAT, DNAT, kontrollierter Egress). | Verfügbar | +| **Flottierende IP-Adressen** | Flexible Exposition von Diensten im Internet. | Verfügbar | +| **Micro-Segmentation** | Netzwerkrichtliniengruppen für erweiterte Sicherheit. | S1 2026 | +| **Beobachtbarkeit** | Logs und Leistungsmetriken des Netzwerks. | S1 2026 | +| **Service DNS** | Namensauflösung intern und extern. | S2 2026 | +| **VPN & Cloud Connect** | Sichere Verbindung zu On-Premise-Infrastrukturen und öffentlichen Clouds. | S2 2026 | + +## Use Cases + +* Critical application hosting requiring strong isolation. +* Multi-project segmentation (Prod, Pre-prod, Dev). +* Ephemeral and isolated test environments. +* Sovereign networking foundations for sensitive data. \ No newline at end of file diff --git a/i18n/de/docusaurus-plugin-content-docs/current/network/vpc/images/vpc_static_ips_details.png b/i18n/de/docusaurus-plugin-content-docs/current/network/vpc/images/vpc_static_ips_details.png new file mode 100644 index 00000000..50c0e627 Binary files /dev/null and b/i18n/de/docusaurus-plugin-content-docs/current/network/vpc/images/vpc_static_ips_details.png differ diff --git a/i18n/de/docusaurus-plugin-content-docs/current/network/vpc/quickstart.md b/i18n/de/docusaurus-plugin-content-docs/current/network/vpc/quickstart.md index 30db9512..1bfb954e 100644 --- a/i18n/de/docusaurus-plugin-content-docs/current/network/vpc/quickstart.md +++ b/i18n/de/docusaurus-plugin-content-docs/current/network/vpc/quickstart.md @@ -15,80 +15,80 @@ import vpcNewStaticIps from './images/vpc_new_static_ips.png' import vpcNewStaticIpsModale from './images/vpc_new_static_ips_modale.png' import vpcStaticIpsAssociate from './images/vpc_static_ips_associate_png.png' -# VPC-Schnellstart +# Quick Start VPC -Dieser Leitfaden führt Sie durch die Erstellung Ihrer ersten Virtual Private Cloud (VPC) und die Bereitstellung Ihrer ersten privaten Netzwerke. +This guide walks you through creating your first Virtual Private Cloud (VPC) and deploying your first private networks. ## Voraussetzungen -Derzeit erfordert die Aktivierung des VPC-Dienstes ein Abonnement für ein **IaaS Open Source**-Angebot. (Diese Bedingung wird später aufgehoben). +Derzeit ist die Aktivierung des VPC-Dienstes nur möglich, wenn Sie ein **IaaS Open Source**-Angebot abonniert haben. (Diese Bedingung wird später aufgehoben werden.) -## Schritt 1: Zugriff auf die Konsole +## Step 1: Access the Console -1. Melden Sie sich an der Cloud Temple-Konsole an. -2. Wählen Sie im Navigationsmenü **Network** und dann **VPC**. +1. Sign in to the Cloud Temple Console. +2. In the navigation menu, select **Network** then **VPC**. -## Schritt 2: Eine VPC bestellen +## Step 2: Create a VPC -1. Klicken Sie auf die Schaltfläche **Neue VPC**. +1. Click the **Create VPC** button. -2. Füllen Sie das geführte Formular aus: - * **VPC-Name**: Wählen Sie einen eindeutigen Namen zur Identifizierung Ihrer Umgebung. - * **Beschreibung**: (Optional) Fügen Sie eine Beschreibung hinzu. +2. Fill out the guided form: + * **VPC Name**: Choose a unique name to identify your environment. + * **Description**: (Optional) Add a description. -3. Bestätigen Sie die Erstellung. +3. Confirm creation. -> **Hinweis**: Die VPC-Bereitstellung ist vollautomatisch und dauert in der Regel weniger als eine Stunde. +> **Note**: VPC provisioning is fully automated and typically takes less than one hour. -### Alternative: Über den Reiter Bestellungen +### Alternative: Via the Commands Tab -Sie können die Bestellung von VPC-Ressourcen auch direkt über das Menü **Bestellungen** initiieren. +You can also initiate the VPC resource command directly from the **Commands** menu. -## Schritt 3: Erstellen privater Netzwerke +## Step 3: Create Private Networks -Sobald Ihre VPC aktiv ist: +Once your VPC is active: -1. Greifen Sie auf die Details Ihrer VPC zu, indem Sie auf deren Namen klicken. +1. Go to your VPC details by clicking on its name. -2. Gehen Sie zum Reiter **Private Netzwerke**. -3. Klicken Sie auf **Netzwerk hinzufügen**. -4. Konfigurieren Sie Ihr Netzwerk: - * **Name**: Name des Netzwerksegments (z. B. `backend`, `frontend`). - * **CIDR**: IP-Adressbereich (z. B. `192.168.1.0/24`). +2. Navigate to the **Private Networks** tab. +3. Click **Add Network**. +4. Configure your network: + * **Name**: Name of the network segment (e.g., `backend`, `frontend`). + * **CIDR**: IP address range (e.g., `192.168.1.0/24`). -## Schritt 4: Gateway aktivieren und öffentliche IPs bestellen +## Step 4: Activate the Gateway and Request Public IPs -Um den Internetzugang und die Bereitstellung von Diensten zu ermöglichen: +To enable Internet access and expose services: -1. Prüfen Sie, ob das Gateway aktiviert ist. Wenn nicht, klicken Sie auf die Schaltfläche zur Aktivierung. +1. Check whether the gateway is activated. If not, click the activation button. -2. Sobald das Gateway aktiv ist, können Sie öffentliche IP-Adressen (Floating IPs) über den Reiter **Öffentliche IPs** bestellen. +2. Once the gateway is active, go to the **Public IPs** tab. -> **Hinweis**: Die Liste "Öffentliche IPs" zeigt alle verfügbaren öffentlichen IPs an, unabhängig davon, ob sie bereits einer VPC zugeordnet sind oder nicht. Der Reiter "Öffentliche IPs" in der VPC-Detailansicht ermöglicht die Verwaltung der diesem VPC zugeordneten IPs (erfordert aktives Gateway). +> **Note**: The **Public IPs** list at the root of the VPC menu displays all public IPs (assigned or unassigned). The **Public IPs** tab within a VPC's details allows you to manage only those IPs assigned to that specific VPC (requires the gateway to be active). -3. Klicken Sie auf die Schaltfläche, um neue IPs zu bestellen, oder klicken Sie auf die Aktion "Zuordnen", um eine der IP-Adressen in der Liste zuzuordnen, die noch nicht zugeordnet ist. +3. Click the button to request new IPs, or click the "Assign" action to assign an IP from the list that is not yet assigned. -4. Wählen Sie die Anzahl der IPs, die Sie bestellen möchten, und bestätigen Sie Ihre Bestellung. +4. Select the number of IPs you wish to request, then confirm your request. -## Schritt 5: Verbinden Ihrer Ressourcen +## Step 5: Connect your resources -Ihre privaten Netzwerke sind jetzt in allen Verfügbarkeitszonen (AZ) der Region verfügbar. Sie können Ihre IaaS Open Source-VMs oder Server direkt über deren jeweilige Konfigurationsschnittstellen verbinden. +Your private networks are now available across all Availability Zones (AZ) in the region. You can connect your Open Source IaaS virtual machines or your servers directly from their respective configuration interfaces. -Um zu erfahren, wie Sie ein VPC-Netzwerk auf einer virtuellen Maschine konfigurieren, lesen Sie unser Tutorial: [Statische IP und VM konfigurieren](./tutorials/vm_configuration). +To learn how to set up a VPC network on a virtual machine, refer to our tutorial: [Configure a Static IP and a VM](./tutorials/vm_configuration). \ No newline at end of file diff --git a/i18n/de/docusaurus-plugin-content-docs/current/network/vpc/tutorials/vm_configuration.md b/i18n/de/docusaurus-plugin-content-docs/current/network/vpc/tutorials/vm_configuration.md index 9b8c5595..1e270b10 100644 --- a/i18n/de/docusaurus-plugin-content-docs/current/network/vpc/tutorials/vm_configuration.md +++ b/i18n/de/docusaurus-plugin-content-docs/current/network/vpc/tutorials/vm_configuration.md @@ -1,5 +1,5 @@ --- -title: VM-Netzwerkkonfiguration +title: Netzwerkkonfiguration der VM --- import vpcCreateNetworkAdaptersVmModale from '../images/vpc_create_network_adapters_vm_modale.png' import vpcCreateNetworkAdaptersVmSelectNetworks from '../images/vpc_create_network_adapters_vm_select_networks.png' @@ -8,61 +8,61 @@ import vpcDetailIpsPub from '../images/vpc_detail_ips_pub.png' import vpcIpPubAssociate from '../images/vpc_ip_pub_associate.png' import vpcMacAddressAssociateModale from '../images/vpc_mac_address_associate_modale.png' -# VM-Netzwerkkonfiguration +# Network Configuration of the VM -Dieses Tutorial führt Sie durch die Verbindung einer virtuellen Maschine mit einem VPC-Netzwerk und die Zuweisung einer statischen IP (privat) sowie einer öffentlichen IP bei Bedarf. +This tutorial guides you through connecting a virtual machine to a VPC network and assigning it a static (private) IP address, as well as a public IP address if required. ## Voraussetzungen -* Eine VPC und ein privates Netzwerk wurden erstellt. -* Eine VM wurde bereitgestellt. +* Ein VPC und ein privates Netzwerk erstellt haben. +* Eine VM bereitgestellt haben (IaaS Open Source oder VMware). -## 1. Zuweisung einer privaten statischen IP +## 1. Assigning a Static Private IP Address -Sie können die private IP Ihrer VM auf zwei Arten festlegen. +You can set the private IP address of your VM in two ways. -### Methode A: Von der virtuellen Maschine (Empfohlen) +### Methode A: Von der virtuellen Maschine aus (Empfohlen) -Mit dieser Methode können Sie das Netzwerk und die IP in einem einzigen Schritt bei der Erstellung der Schnittstelle konfigurieren. +Diese Methode ermöglicht die Konfiguration von Netzwerk und IP in einem einzigen Schritt bei der Erstellung der Schnittstelle. -1. Greifen Sie auf die Detailansicht Ihrer virtuellen Maschine zu. -2. Gehen Sie zum Reiter **Netzwerkadapter**. -3. Klicken Sie auf die Schaltfläche **Neuer Netzwerkadapter**, um eine Schnittstelle hinzuzufügen. +1. Öffnen Sie die Detailansicht Ihrer virtuellen Maschine. +2. Gehen Sie zum Tab **Netzwerkadapter**. +3. Klicken Sie auf die Schaltfläche **Neuen Netzwerkadapter hinzufügen**, um eine Schnittstelle hinzuzufügen. -4. Wählen Sie im modalen Fenster Ihr VPC-Netzwerk aus. +4. Wählen Sie in der Modalauswahl Ihr VPC-Netzwerk aus. -5. Sobald das Netzwerk ausgewählt ist, wählen Sie eine der verfügbaren statischen IPs aus. +5. Nach der Auswahl des Netzwerks wählen Sie eine der verfügbaren statischen IPs aus. 6. Bestätigen Sie die Erstellung. -> **Hinweis**: Sie können den Netzwerkadapter später bearbeiten, um das Netzwerk bei Bedarf zu ändern. +> **Hinweis**: Sie können den Netzwerkadapter später bearbeiten, um das Netzwerk zu wechseln, falls erforderlich. -### Methode B: Aus der Ansicht Private Netzwerke +### Method B: From the Private Networks View -Diese Methode ist nützlich, um eine IP zu reservieren, bevor die VM erstellt wird, oder um eine bestehende Zuordnung zu ändern. +This method is useful for reserving an IP address before creating the VM or for modifying an existing association. -1. Gehen Sie in der Detailansicht Ihrer VPC zum Reiter **Private Netzwerke**. -2. Erweitern Sie den IP-Adresspool des betreffenden Netzwerks. -3. Klicken Sie bei einer verfügbaren IP auf die Aktion "Einer MAC-Adresse zuordnen". -4. Ordnen Sie im modalen Fenster eine der statischen IPs einer MAC-Adresse einer VM zu. +1. Go to the detailed view of your VPC, tab **Private Networks**. +2. Expand the IP address pool of the relevant network. +3. Click the action "Associate with MAC address" for an available IP. +4. In the modal, associate one of the static IPs with the MAC address of a VM. -## 2. Zuordnung einer öffentlichen IP (Optional) +## 2. Associating a Public IP (Optional) -Wenn Sie Ihre VM über das Internet erreichbar machen möchten. +If you want to make your VM accessible from the internet. -1. Gehen Sie in der Detailansicht Ihrer VPC zum Reiter **Öffentliche IPs**. +1. From the detailed view of your VPC, go to the **Public IPs** tab. -2. Klicken Sie auf die Schaltfläche **Öffentliche IP zuordnen**. +2. Click the **Associate a public IP** button. -3. Wählen Sie im modalen Fenster das private Netzwerk und die statische Ziel-IP aus und bestätigen Sie die Zuordnung. +3. In the modal, select the target private network and static IP, then confirm the association. -4. Sobald die Zuordnung erfolgt ist, können Sie diese öffentliche IP-Adresse verwenden, um Ihre VM zu erreichen. +4. Once the association is complete, you can use this public IP address to access your VM. -## Konfiguration des Gastbetriebssystems +## Guest OS Configuration -**Wichtig**: Um sicherzustellen, dass die statische IP (privat) korrekt zugewiesen wird, stellen Sie sicher, dass die Netzwerkschnittstelle Ihres Gastbetriebssystems (OS) im **DHCP**-Modus konfiguriert ist. Der VPC-DHCP-Dienst weist die reservierte Adresse zu. +**Important**: To ensure the static (private) IP address is correctly assigned, make sure the network interface of your guest operating system (OS) is configured in **DHCP** mode. The VPC's DHCP service will assign the reserved address. \ No newline at end of file diff --git a/i18n/de/docusaurus-plugin-content-docs/current/network/vpc/vpc.md b/i18n/de/docusaurus-plugin-content-docs/current/network/vpc/vpc.md index 73dddc81..af0617b5 100644 --- a/i18n/de/docusaurus-plugin-content-docs/current/network/vpc/vpc.md +++ b/i18n/de/docusaurus-plugin-content-docs/current/network/vpc/vpc.md @@ -3,24 +3,24 @@ title: Übersicht slug: /network/vpc --- -Die Cloud Temple VPC (Virtual Private Cloud) ist ein verwalteter Netzwerkdienst, der es Ihnen ermöglicht, private, isolierte und sichere Umgebungen auf vollautomatische Weise zu erstellen. Entwickelt für ein Cloud-natives Erlebnis, vereinfacht er das Flussmanagement, den Internetzugang und die IP-Adressierung und gewährleistet gleichzeitig die Souveränität Ihrer Daten. +Das VPC (Virtual Private Cloud) von Cloud Temple ist ein verwalteter Netzwerkservice, der es ermöglicht, vollständig automatisiert private, isolierte und sichere Umgebungen zu erstellen. Auf Cloud-native-Architektur ausgelegt, vereinfacht es die Verwaltung von Datenflüssen, des Internet-Zugriffs und IP-Adressen und gewährleistet gleichzeitig die Datenhoheit. -Der Dienst ermöglicht es Ihnen, Ihre privaten Netzwerke bereitzustellen und zu verwalten, ohne sich um die Komplexität manueller Konfigurationen kümmern zu müssen, mit einer Hochverfügbarkeit von 99,99 %, monatlich gemessen. +Der Dienst ermöglicht den Bereitstellung und die Verwaltung Ihrer privaten Netzwerke, ohne sich um die Komplexität manueller Konfigurationen kümmern zu müssen, mit einer hohen Verfügbarkeit von 99,99 %, gemessen monatlich.

Konzepte

-

Entdecken Sie die Architektur, die Komponenten (Private Netzwerke, Gateway) und die Vorteile der VPC.

+

Entdecken Sie die Architektur, Komponenten (Private Networks, Gateway) und die Vorteile des VPC.

Konzepte erkunden →
-

Schnellstart

-

Erstellen Sie Ihre erste VPC und konfigurieren Sie Ihre privaten Netzwerke in wenigen Minuten.

- Schnellstart starten → +

Quickstart

+

Erstellen Sie Ihr erstes VPC und konfigurieren Sie Ihre privaten Netzwerke in wenigen Minuten.

+ Quickstart starten →
-
+

Tutorials

Schritt-für-Schritt-Anleitungen für fortgeschrittene Anwendungsfälle (Peering, VPN usw.).

Tutorials entdecken →
-
+
\ No newline at end of file diff --git a/i18n/en/docusaurus-plugin-content-docs/current/changelog.md b/i18n/en/docusaurus-plugin-content-docs/current/changelog.md index c488e3d8..261fcc41 100644 --- a/i18n/en/docusaurus-plugin-content-docs/current/changelog.md +++ b/i18n/en/docusaurus-plugin-content-docs/current/changelog.md @@ -5,11 +5,19 @@ sidebar_position: 2 # Change Tracking +### January 19, 2026: Managed Kubernetes and VPC Enhancements + +- **Managed Kubernetes**: Added support for **Bare Metal** nodes and **GPUs** (NVIDIA). +- **Managed Kubernetes**: New tutorial on using GPUs within a Kubernetes cluster. +- **Managed Kubernetes**: Replaced KubeCost with a more up-to-date guide on **OpenCost**. +- **Network (VPC)**: Comprehensive documentation for the Virtual Private Cloud (VPC) service, including high availability (HA) concepts, quick start guides, and tutorials. +- **Multilingual**: Full translation of the VPC service and new Kubernetes content into English, German, Spanish, and Italian. + ### December 15, 2025: Stabilization and Multilingual Fixes -- **Multilingual (Terraform, LLMaaS, Harbor)**: Major correction of translations in Spanish, Italian, and German. Resolved MDX syntax issues (empty code blocks, unescaped tags) that were preventing site compilation. +- **Multilingual (Terraform, LLMaaS, Harbor)**: Major fixes to translations in Spanish, Italian, and German. Resolved MDX syntax issues (empty code blocks, unescaped tags) that were preventing site compilation. - **Multilingual (Images)**: Restored correct image paths in the Italian and German versions for the Bastion and VMware IaaS sections. -- **Build**: Validation of deployment across all 5 supported languages. +- **Build**: Verified deployment across all 5 supported languages. ### December 11, 2025: Managed Kubernetes Updates @@ -33,7 +41,7 @@ sidebar_position: 2 ### October 28, 2025: New Managed Kubernetes Documentation and Various Improvements -- **Managed Kubernetes (PR #193 & improvements)**: Added comprehensive documentation for the new Managed Kubernetes service. The section includes a service overview, technical concepts, a quick-start guide, a first tutorial, and a RACI matrix. Content has been enhanced to better meet the expectations of various user profiles. +- **Managed Kubernetes (PR #193 & improvements)**: Added comprehensive documentation for the new Managed Kubernetes service. The section includes a service overview, technical concepts, a quick start guide, a first tutorial, and a RACI matrix. Content has been enhanced to better meet the expectations of various user profiles. - **Object Storage (PR #190, #189)**: Added two new tutorials for the Object Storage service: one on managing S3 bucket access and another on using Restic for backups. - **Contractual (PR #191)**: Corrected and updated the "Data Processing Agreement" (DPA) document. @@ -74,5 +82,5 @@ sidebar_position: 2 - Improved the RAG explanation page with diagrams and details on embedding models. - Updated API documentation, quick start guide, and service presentation. - Added pricing for the Audio Transcription endpoint. -- Added the projected model lifecycle roadmap. +- Added the projected model lifecycle timeline. - Added the responsibility matrix for the LLMaaS offering. \ No newline at end of file diff --git a/i18n/en/docusaurus-plugin-content-docs/current/console/security/security_alarms.md b/i18n/en/docusaurus-plugin-content-docs/current/console/security/security_alarms.md index 4381df72..2b6fb96a 100644 --- a/i18n/en/docusaurus-plugin-content-docs/current/console/security/security_alarms.md +++ b/i18n/en/docusaurus-plugin-content-docs/current/console/security/security_alarms.md @@ -1,5 +1,3 @@ - - --- title: Security Alerts --- @@ -7,41 +5,40 @@ title: Security Alerts Find here the security alerts related to our cloud services. This page is updated daily to account for newly identified vulnerabilities. - - ## Vulnerabilities -| Date | Reference(s) | CVSS | Title | Description | Service(s) | Severity | Treatment | +| Date | Reference(s) | CVSS | Title | Description | Service(s) | Severity | Remediation | |---------------------|-----------------|-------------|--------------|---------|-------------|----------------|-------------| -| 07/08/2025 | [DSA-2025-154](https://www.dell.com/support/kbdoc/en-us/000262308/dsa-2025-154-security-update-for-dell-ecs-and-objectscale-use-of-hard-coded-ssh-cryptographic-key-vulnerability) | 8.4 | **DSA-2025-154: Vulnerability in Dell ObjectScale (CVE-2025-26476)** | A vulnerability (CVE-2025-26476) in Dell ObjectScale (< 4.0.0.0) related to the use of hard-coded SSH keys allows unauthenticated local access. | Object Storage | 🟠 Important | ✅ Remediation of your ObjectScale environments is supported by Cloud Temple. No action is required from your side. | -| 15/07/2025 | [VMSA-2025-0013](https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/VMSA-2025-0013--VMware-ESXi--Workstation--Fusion--and-Tools-updates-address-multiple-vulnerabilities--CVE-2025-41236--CVE-2025-41237--CVE-2025-41238--CVE-2025-41239-/35877) | 9.3 | **VMSA-2025-0013: Critical vulnerabilities in VMware ESXi** | Several critical vulnerabilities affect VMware ESXi. Patches are provided by the vendor. | IaaS By VMware | 🟠 Important | ⚠️ We recommend updating your hypervisors. The corrected ESXi versions are available once validated by Cloud Temple. Console indicates the ESXi requiring an update. | -| 15/07/2025 | [VMSA-2025-0013](https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/VMSA-2025-0013--VMware-ESXi--Workstation--Fusion--and-Tools-updates-address-multiple-vulnerabilities--CVE-2025-41236--CVE-2025-41237--CVE-2025-41238--CVE-2025-41239-/35877) | 7.1 | **VMSA-2025-0013: Vulnerability in VMware Tools (CVE-2025-41239)** | A vulnerability (CVE-2025-41239) in VMware Tools allows disclosure of sensitive information via uninitialized vSockets. Patches are provided by the vendor. | IaaS By VMware | 🟡 Moderate | ⚠️ We recommend updating VMware Tools on your virtual machines. The corrected VMware Tools versions are included in the ESXi packages provided by Cloud Temple. | -| 01/07/2025 | [XSA-470](https://xenbits.xen.org/xsa/advisory-470.html) | N/A | **XCP-NG vulnerability via poor exception handling** [Vendor Bulletin](https://xcp-ng.org/blog/2025/07/03/july-2025-security-and-maintenance-update-for-xcp-ng-8-2-lts/) | A vulnerability was discovered in XCP-NG, allowing privileged code executed from a virtual machine to crash the hypervisor, causing a denial of service (DoS) of the entire host. | IaaS OpenSource | 🟡 Moderate | ✅ The update of your XCP-ng instances is scheduled once the patches are validated by Cloud Temple. No action is required from your side.| -| 23/05/2025 | [XSA-468](https://xenbits.xen.org/xsa/advisory-468.html) | 8.8-9.0 | **XCP-NG vulnerabilities in Windows PV drivers (XSA-468)** [Vendor Bulletin](https://xcp-ng.org/blog/2025/05/27/xsa-468-windows-pv-driver-vulnerabilities/) | Several vulnerabilities (CVE-2025-27462, CVE-2025-27463, CVE-2025-27464) in the Windows PV drivers allow non-privileged users to gain system privileges inside Windows VMs. | IaaS OpenSource | 🟠 Important | ⚠️ We recommend updating the Windows PV drivers on your virtual machines to the corrected versions indicated in the security bulletin. ✅ The update of your XCP-ng instances is scheduled once the patches are validated by Cloud Temple. | -| 22/05/2025 | [XSA-469, INTEL-SA](https://xcp-ng.org/blog/2025/05/14/may-2025-security-update-for-xcp-ng-8-2-8-3/) | 4.9-6.5 | **XCP-NG vulnerabilities in Intel microcode and Xen (XSA-469, INTEL-SA)** [Vendor Bulletin](https://xcp-ng.org/blog/2025/05/14/may-2025-security-update-for-xcp-ng-8-2-8-3/) | Security patches for XCP-ng have been released, fixing several vulnerabilities in Intel microcode and Xen. | IaaS OpenSource | 🟡 Moderate | ✅ The update of your XCP-ng instances is scheduled once the patches are validated by Cloud Temple. No action is required from your side.| -| 21/05/2025 | [VMSA-2025-0010](https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25717) | 4.3-6.8 | **VMSA-2025-0010: Multiple vulnerabilities in VMware ESXi (CVE-2025-41226, CVE-2025-41227, CVE-2025-41228)** | Several vulnerabilities in VMware ESXi have been reported: Guest operation denial of service vulnerability (CVE-2025-41226), Denial of service vulnerability (CVE-2025-41227), Cross Site Scripting (XSS) vulnerability (CVE-2025-41228). Patches are provided by the vendor. | IaaS By VMware | 🟡 Moderate | ⚠️ We recommend updating your hypervisors. The corrected ESXi versions are available once validated by Cloud Temple. Console indicates the ESXi requiring an update. | -| 21/05/2025 | [VMSA-2025-0010](https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25717) | 4.3-8.8 | **VMSA-2025-0010: Multiple vulnerabilities in vCenter (CVE-2025-41225, CVE-2025-41228)** | Several vulnerabilities in VMware vCenter have been reported: Authenticated command execution vulnerability in VMware vCenter Server (CVE-2025-41225), Cross Site Scripting (XSS) vulnerability (CVE-2025-41228). Patches are provided by the vendor. | IaaS By VMware | 🟠 Important | ✅ The update of your vCenter instances is scheduled once the patches are validated by Cloud Temple. No action is required from your side. The update is indicated in the Console notifications. | -| 14/05/2025 | [VMSA-2025-0007](https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25683) | 6.1 | **VMSA-2025-0007: Unsecure file management vulnerability in VMware Tools (CVE-2025-22247)** | An unsecure file management vulnerability in VMware Tools has been reported. Patches are provided by the vendor. | IaaS By VMware | 🟡 Moderate | ⚠️ We recommend updating VMware Tools on your virtual machines. The corrected VMware Tools versions are included in the ESXi packages provided by Cloud Temple. | -| 25/03/2025 | [VMSA-2025-0005](https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25518) | 7.8 | **VMSA-2025-0005: Authentication bypass vulnerability in VMware Tools for Windows (CVE-2025-22230)** | An authentication bypass vulnerability in VMware Tools for Windows has been reported. Patches are provided by the vendor. | IaaS By VMware | 🟠 Important | ⚠️ We recommend updating VMware Tools on your virtual machines. The corrected VMware Tools versions are included in the ESXi packages provided by Cloud Temple | -| 04/03/2025 | [VMSA-2025-0004](https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25390) | 7.1-9.3 | **VMSA-2025-0004: Multiple vulnerabilities in VMware ESXi (CVE-2025-22224, CVE-2025-22225, CVE-2025-22226)** | Several vulnerabilities in VMware ESXi have been reported: VMCI heap overflow vulnerability (CVE-2025-22224) rated as Critical by VMware, Arbitrary write vulnerability in VMware ESXi (CVE-2025-22225), Information disclosure vulnerability in HGFS (CVE-2025-22226). Patches are provided by the vendor. | IaaS By VMware | 🟠 Important | ⚠️ We recommend updating your hypervisors. The corrected ESXi versions are available once validated by Cloud Temple. Console indicates the ESXi requiring an update. | - - +| 23/12/2025 | [CVE-2025-14443](https://access.redhat.com/security/cve/CVE-2025-14443) | 8.5 | **Vulnerability in Red Hat OpenShift (CVE-2025-14443)** | A vulnerability in the `openshift-apiserver` component allows privilege escalation. Exploitation requires prior authentication. | PaaS OpenShift | 🟠 Important | ⚠️ No patch available yet. We are awaiting the Red Hat update. | +| 30/09/2025 | [VMSA-2025-0016](https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36150) | 8.5 | **VMSA-2025-0016: Vulnerability in VMware vCenter (CVE-2025-41250)** | A vulnerability (CVE-2025-41250) allows an authenticated attacker to modify scheduled task notification emails. | IaaS By VMware | 🟠 Important | ⚠️ We recommend scheduling a vCenter upgrade (to 8.0 U3g or 7.0 U3w). | +| 30/09/2025 | [VMSA-2025-0015](https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36149) | 7.6 | **VMSA-2025-0015: Vulnerability in VMware Tools (Windows)** | A vulnerability (CVE-2025-41246) affecting VMware Tools for Windows allows privilege escalation (requires authenticated local access). | IaaS By VMware | 🟡 Moderate | ⚠️ We recommend scheduling an upgrade of Windows VMware Tools (to version 13.0.5 or 12.5.4). | +| 07/08/2025 | [DSA-2025-154](https://www.dell.com/support/kbdoc/en-us/000262308/dsa-2025-154-security-update-for-dell-ecs-and-objectscale-use-of-hard-coded-ssh-cryptographic-key-vulnerability) | 8.4 | **DSA-2025-154: Vulnerability in Dell ObjectScale (CVE-2025-26476)** | A vulnerability (CVE-2025-26476) in Dell ObjectScale (< 4.0.0.0) related to the use of hardcoded SSH cryptographic keys allows unauthenticated local access. | Object Storage | 🟠 Important | ✅ Remediation for your ObjectScale environments is handled by Cloud Temple. No action required from your side. | +| 15/07/2025 | [VMSA-2025-0013](https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/VMSA-2025-0013--VMware-ESXi--Workstation--Fusion--and-Tools-updates-address-multiple-vulnerabilities--CVE-2025-41236--CVE-2025-41237--CVE-2025-41238--CVE-2025-41239-/35877) | 9.3 | **VMSA-2025-0013: Critical vulnerabilities in VMware ESXi** | Multiple critical vulnerabilities affect VMware ESXi. Patches are provided by the vendor. | IaaS By VMware | 🟠 Important | ⚠️ We recommend updating your hypervisors. Patched ESXi versions are available once validated by Cloud Temple. Console will indicate which ESXi hosts require updates. | +| 15/07/2025 | [VMSA-2025-0013](https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/VMSA-2025-0013--VMware-ESXi--Workstation--Fusion--and-Tools-updates-address-multiple-vulnerabilities--CVE-2025-41236--CVE-2025-41237--CVE-2025-41238--CVE-2025-41239-/35877) | 7.1 | **VMSA-2025-0013: Vulnerability in VMware Tools (CVE-2025-41239)** | A vulnerability (CVE-2025-41239) in VMware Tools allows disclosure of sensitive information via uninitialized vSockets. Patches are provided by the vendor. | IaaS By VMware | 🟡 Moderate | ⚠️ We recommend updating VMware Tools on your virtual machines. Patched VM Tools versions are included in the ESXi packages provided by Cloud Temple. | +| 01/07/2025 | [XSA-470](https://xenbits.xen.org/xsa/advisory-470.html) | N/A | **XCP-NG vulnerability due to improper exception handling** [Vendor Bulletin](https://xcp-ng.org/blog/2025/07/03/july-2025-security-and-maintenance-update-for-xcp-ng-8-2-lts/) | A vulnerability has been discovered in XCP-NG, allowing privileged code executed from a virtual machine to crash the hypervisor, resulting in a complete host denial-of-service (DoS). | IaaS OpenSource | 🟡 Moderate | ✅ Your XCP-ng instances will be updated as soon as patches are validated by Cloud Temple. No action required from your side. | +| 23/05/2025 | [XSA-468](https://xenbits.xen.org/xsa/advisory-468.html) | 8.8–9.0 | **XCP-NG vulnerabilities in Windows PV drivers (XSA-468)** [Vendor Bulletin](https://xcp-ng.org/blog/2025/05/27/xsa-468-windows-pv-driver-vulnerabilities/) | Multiple vulnerabilities (CVE-2025-27462, CVE-2025-27463, CVE-2025-27464) in Windows PV drivers allow unprivileged users to gain system privileges inside Windows VMs. | IaaS OpenSource | 🟠 Important | ⚠️ We recommend updating the Windows PV drivers on your virtual machines to the patched versions specified in the security bulletin. ✅ Your XCP-ng instances will be updated as soon as patches are validated by Cloud Temple. | +| 22/05/2025 | [XSA-469, INTEL-SA](https://xcp-ng.org/blog/2025/05/14/may-2025-security-update-for-xcp-ng-8-2-8-3/) | 4.9–6.5 | **XCP-NG vulnerabilities in Intel microcode and Xen (XSA-469, INTEL-SA)** [Vendor Bulletin](https://xcp-ng.org/blog/2025/05/14/may-2025-security-update-for-xcp-ng-8-2-8-3/) | Security patches for XCP-ng have been released, addressing multiple vulnerabilities in Intel microcode and Xen. | IaaS OpenSource | 🟡 Moderate | ✅ Your XCP-ng instances will be updated as soon as patches are validated by Cloud Temple. No action required from your side. | +| 21/05/2025 | [VMSA-2025-0010](https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25717) | 4.3–6.8 | **VMSA-2025-0010: Multiple vulnerabilities in VMware ESXi (CVE-2025-41226, CVE-2025-41227, CVE-2025-41228)** | Multiple vulnerabilities in VMware ESXi have been reported: Guest operation denial-of-service vulnerability (CVE-2025-41226), Denial-of-service vulnerability (CVE-2025-41227), Cross-Site Scripting (XSS) vulnerability (CVE-2025-41228). Patches are provided by the vendor. | IaaS By VMware | 🟡 Moderate | ⚠️ We recommend updating your hypervisors. Patched ESXi versions are available once validated by Cloud Temple. Console will indicate which ESXi hosts require updates. | +| 21/05/2025 | [VMSA-2025-0010](https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25717) | 4.3–8.8 | **VMSA-2025-0010: Multiple vulnerabilities in vCenter (CVE-2025-41225, CVE-2025-41228)** | Multiple vulnerabilities in VMware vCenter have been reported: Authenticated command execution vulnerability in VMware vCenter Server (CVE-2025-41225), Cross-Site Scripting (XSS) vulnerability (CVE-2025-41228). Patches are provided by the vendor. | IaaS By VMware | 🟠 Important | ✅ Your vCenter instances will be updated as soon as patches are validated by Cloud Temple. No action required from your side. The update will be communicated via Console notifications. | +| 14/05/2025 | [VMSA-2025-0007](https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25683) | 6.1 | **VMSA-2025-0007: Insecure file handling vulnerability in VMware Tools (CVE-2025-22247)** | An insecure file handling vulnerability in VMware Tools has been reported. Patches are provided by the vendor. | IaaS By VMware | 🟡 Moderate | ⚠️ We recommend updating VMware Tools on your virtual machines. Patched VM Tools versions are included in the ESXi packages provided by Cloud Temple. | +| 25/03/2025 | [VMSA-2025-0005](https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25518) | 7.8 | **VMSA-2025-0005: Authentication bypass vulnerability in VMware Tools for Windows (CVE-2025-22230)** | An authentication bypass vulnerability in VMware Tools for Windows has been reported. Patches are provided by the vendor. | IaaS By VMware | 🟠 Important | ⚠️ We recommend updating VMware Tools on your virtual machines. Patched VM Tools versions are included in the ESXi packages provided by Cloud Temple. | +| 04/03/2025 | [VMSA-2025-0004](https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25390) | 7.1–9.3 | **VMSA-2025-0004: Multiple vulnerabilities in VMware ESXi (CVE-2025-22224, CVE-2025-22225, CVE-2025-22226)** | Multiple vulnerabilities in VMware ESXi have been reported: VMCI heap overflow vulnerability (CVE-2025-22224), rated Critical by VMware; Arbitrary write vulnerability in VMware ESXi (CVE-2025-22225); HGFS information disclosure vulnerability (CVE-2025-22226). Patches are provided by the vendor. | IaaS By VMware | 🟠 Important | ⚠️ We recommend updating your hypervisors. Patched ESXi versions are available once validated by Cloud Temple. Console will indicate which ESXi hosts require updates. | ## Information - **Date** : Initial publication date of the Cloud Temple security alert. - **Reference(s)** : CVE ID, if available. -- **CVSS** : Base CVSS v3 score as reported by the vendor or the CVE, uncontextualized. Contextualization is expressed through the CT severity. If the alert concerns multiple vulnerabilities, the minimum and maximum CVSS scores are indicated. -- **Title** : Title of the alert, with vendor reference if available. -- **Description** : Summary description, with links to detailed information. +- **CVSS** : Base CVSS v3 score as reported by the vendor or the CVE, uncontextualized. Contextualization is expressed through the severity CT. If the alert covers multiple vulnerabilities, minimum and maximum CVSS scores are provided. +- **Title** : Alert title, with vendor reference if available. +- **Description** : Summary description, with link(s) to detailed information. - **Service(s)** : Cloud Temple service(s) potentially affected. -- **Severity** : Severity level within the context of Cloud Temple services (for the most critical vulnerability in case of multiple vulnerabilities). Exploitation criteria are considered within the technical context of our cloud infrastructure and services. +- **Severity** : Severity level within the context of Cloud Temple services (for the most critical vulnerability in case of multiple vulnerabilities). Exploitation criteria are considered in the technical context of our cloud infrastructure and services. | Level | Description | -|--------|-------------| -| 🔴 **Critical** | Vulnerability CVSS 7+ presenting a significant risk of exploitation (high exposure, ease of exploitation). A fix or mitigation is strongly recommended as soon as possible.| -| 🟠 **Important** | Vulnerability CVSS 7+ not presenting a significant risk of exploitation (limited exposure or exploitation constraints) | -| 🟡 **Moderate** | Vulnerability CVSS 4+ | -| 🔵 **Low** | Vulnerability CVSS below 4, or non-exploitable. | +|-------|-------------| +| 🔴 **Critical** | CVSS score 7+ vulnerability presenting a significant risk of exploitation (high exposure, ease of exploitation). Immediate correction or mitigation is strongly recommended. | +| 🟠 **Important** | CVSS score 7+ vulnerability not presenting a significant risk of exploitation (limited exposure or exploitation constraints). | +| 🟡 **Moderate** | CVSS score 4+ vulnerability. | +| 🔵 **Low** | CVSS score below 4, or non-exploitable vulnerability. | -- **Treatment** : Information and recommendations within the context of Cloud Temple services. ⚠️ indicates that user action is required to address the vulnerability. ✅ indicates that the vulnerability is addressed by Cloud Temple. \ No newline at end of file +- **Treatment** : Information and recommendations in the context of Cloud Temple services. ⚠️ indicates that user action is required to address the vulnerability. ✅ indicates that Cloud Temple is handling the vulnerability resolution. \ No newline at end of file diff --git a/i18n/en/docusaurus-plugin-content-docs/current/llmaas/concepts.md b/i18n/en/docusaurus-plugin-content-docs/current/llmaas/concepts.md index 8baf1caf..c8d2492a 100644 --- a/i18n/en/docusaurus-plugin-content-docs/current/llmaas/concepts.md +++ b/i18n/en/docusaurus-plugin-content-docs/current/llmaas/concepts.md @@ -7,7 +7,7 @@ sidebar_position: 3 ## Overview -The **LLMaaS** (Large Language Models as a Service) service from Cloud Temple provides secure and sovereign access to the most advanced artificial intelligence models, with the **SecNumCloud certification** from ANSSI. +The **LLMaaS** (Large Language Models as a Service) offering from Cloud Temple provides secure and sovereign access to the most advanced artificial intelligence models, with the **SecNumCloud certification** from ANSSI. ## 🏗️ Technical Architecture @@ -34,7 +34,7 @@ import ArchitectureLLMaaS from './images/llmaas_architecture_001.png'; ### Model Catalog -*Complete catalog: [List of models](./models)* +*Complete catalog: [Model List](./models)* ### Token Management @@ -56,7 +56,10 @@ Total cost = (Input tokens × 0.9€/M) + (Output tokens × 4€/M) + (Reasoning ### Tokenization ```python -# Example token estimation +``` + +# Token Estimation Example +```python def estimate_tokens(text: str) -> int: """Approximate estimation: 1 token ≈ 4 characters""" return len(text) // 4 @@ -100,8 +103,8 @@ import SecurityControls from './images/llmaas_security_002.png'; Prompt analysis is a **native and built-in** security feature of the LLMaaS platform. Enabled by default, it aims to detect and prevent attempts at "jailbreaking" or injecting malicious prompts before they even reach the model. This protection is based on a multi-layered approach. -:::tip Contact Support for Disabling -It is possible to disable this security analysis for very specific use cases, although this is not recommended. For any questions regarding this or to request deactivation, please contact Cloud Temple Support. +:::tip Contact support for deactivation +It is possible to disable this security analysis for very specific use cases, although this is not recommended. For any questions regarding this or to request deactivation, please contact Cloud Temple support. ::: #### 1. Structural Analysis (`check_structure`) @@ -114,8 +117,8 @@ It is possible to disable this security analysis for very specific use cases, al - **System Commands**: Keywords such as "ignore the instructions", "ignore instructions", "忽略指令", "指示を無視". - **HTML Injection**: Hidden or malicious HTML tags, for example ` -Managed Kubernetes by Cloud Temple is a container orchestration solution based on open-source products, designed to deliver a high level of security, resilience, and automation on Cloud Temple’s SecNumcloud platforms. Each cluster is deployed in a dedicated Cloud-Temple OpenIaaS IaaS environment fully dedicated to the customer. +Managed Kubernetes by Cloud Temple is a container orchestration solution based on open-source products, designed to deliver a high level of security, resilience, and automation on Cloud Temple’s SecNumcloud platforms. Each cluster is deployed in a dedicated IaaS Cloud-Temple OpenIaaS environment fully dedicated to the customer. -This offering is designed for Kubernetes experts and open-source enthusiasts seeking a native, portable solution without vendor-specific overhead, running on a minimal, immutable OS built for automation and security. +This offering is tailored for teams with solid Kubernetes expertise and open-source enthusiasts seeking a native, portable solution without vendor-specific overhead, running on a minimal, immutable OS designed for automation and security. ### Key Benefits -- **Sovereignty and Reversibility**: The solution is built on open-source standards (CNCF Kubernetes) to eliminate technological dependencies and ensure application portability. The Veeam Kasten backup tool included in the offering is specifically designed to simplify migrations between clouds. + +- **Sovereignty and Reversibility**: The solution is built on open-source standards (CNCF Kubernetes) to avoid technological lock-in and ensure application portability. The Veeam Kasten backup tool included in the offering is specifically designed to simplify migrations between clouds. - **Zero-Trust Security and Governance**: The architecture is based on Talos OS, an immutable operating system with no direct access (no shell, no SSH), drastically reducing the attack surface. This approach is combined with governance tools such as Kyverno for policy management and Capsule for fine-grained access control, forming a solid foundation for a Zero-Trust security strategy. - **Cost Control and Integration**: The solution natively integrates FinOps tools like OpenCost for precise consumption tracking. The pricing model is transparent, based on consumed IaaS resources, and the use of well-established open-source components (Cilium, Ceph, ArgoCD) facilitates seamless integration into your existing ecosystems. ### A complete and ready-to-use platform -The solution natively includes a full, cohesive stack of cutting-edge open-source tools to cover all needs across the application lifecycle: +The solution natively includes a full, cohesive stack of cutting-edge open-source tools to address all needs across the application lifecycle: -- **Networking and Security**: Cilium, Hubble, Kyverno, Capsule -- **Storage**: Rook-Ceph -- **Continuous Deployment (GitOps)**: ArgoCD -- **Observability**: Prometheus, Grafana, Loki -- **Backup and Migration**: Veeam Kasten +- **Networking and Security**: Cilium, Hubble, MetalLB, Ingress Nginx, Kyverno, Capsule +- **Storage**: Rook-Ceph +- **Continuous Deployment (GitOps)**: ArgoCD +- **Observability**: Prometheus, Grafana, Loki +- **Backup and Migration**: Veeam Kasten - **Cost Management (FinOps)**: OpenCost ## Deployment Architectures @@ -55,26 +56,28 @@ Ideal for non-production environments, this compact architecture deploys all res - 1 Control Plane node. - 3 Worker nodes (or more). - Distributed storage (Ceph) is co-located on the Worker nodes. - - Does not benefit from a high availability SLA. + - Does not benefit from a High Availability SLA. - No security restrictions. Mono-AZ Architecture ### Production Architecture (Multi-AZ) -Designed for production and critical applications, this architecture distributes resources across three Availability Zones (AZ) to ensure high availability and maximum resilience, in compliance with SecNumCloud requirements. +Designed for production and critical applications, this architecture distributes resources across three Availability Zones (AZs) to ensure high availability and maximum resilience, in compliance with SecNumCloud requirements. - **Use Case**: Production applications, critical services, platforms requiring an SLA. - **Key Features**: - **High Availability**: 3 Control Plane nodes distributed across 3 AZs. - **Dedicated Storage**: 3 dedicated storage nodes distributed for performance and resilience. - - **Distributed Workers**: At least 3 worker nodes, one per AZ. + - **Distributed Workers**: Minimum of 3 worker nodes, one per AZ. + - **Bare Metal Nodes (Optional)**: Optional integration of **"Bare Metal"** worker nodes for specific performance needs, particularly **GPU support**. - **SLA of 99.90%**. Multi-AZ Architecture ### Detailed Technical Components -The offer includes the following components in detail: + +The offering includes the following components in detail: - CNI Cilium, with observability interface (Hubble) - Internal and external ingresses using MetalLB and nginx @@ -86,4 +89,4 @@ The offer includes the following components in detail: - Cost management with OpenCost - Advanced security policies with Kyverno and Capsule - Veeam Kasten (backup, cross-environment automation, and reversibility) -- SSO authentication with an external Identity Provider OIDC (Microsoft Entra, FranceConnect, Okta, AWS IAM, Google, Salesforce, ...) \ No newline at end of file +- SSO authentication with an external Identity Provider (OIDC) (Microsoft Entra, FranceConnect, Okta, AWS IAM, Google, Salesforce, ...) \ No newline at end of file diff --git a/i18n/en/docusaurus-plugin-content-docs/current/managed_kubernetes/tutorials/images/nvidiasmi.png b/i18n/en/docusaurus-plugin-content-docs/current/managed_kubernetes/tutorials/images/nvidiasmi.png new file mode 100644 index 00000000..54abb537 Binary files /dev/null and b/i18n/en/docusaurus-plugin-content-docs/current/managed_kubernetes/tutorials/images/nvidiasmi.png differ diff --git a/i18n/en/docusaurus-plugin-content-docs/current/managed_kubernetes/tutorials/images/opencostgrafana.png b/i18n/en/docusaurus-plugin-content-docs/current/managed_kubernetes/tutorials/images/opencostgrafana.png new file mode 100644 index 00000000..3e3000d1 Binary files /dev/null and b/i18n/en/docusaurus-plugin-content-docs/current/managed_kubernetes/tutorials/images/opencostgrafana.png differ diff --git a/i18n/en/docusaurus-plugin-content-docs/current/managed_kubernetes/tutorials/usinggpu.md b/i18n/en/docusaurus-plugin-content-docs/current/managed_kubernetes/tutorials/usinggpu.md new file mode 100644 index 00000000..1d9f9442 --- /dev/null +++ b/i18n/en/docusaurus-plugin-content-docs/current/managed_kubernetes/tutorials/usinggpu.md @@ -0,0 +1,57 @@ +--- +title: Using an NVIDIA GPU +--- + +import nvidiasmi from './images/nvidiasmi.png' + +# Using a GPU on Managed Kubernetes + +This tutorial shows you how to deploy a pod that uses a GPU resource on a Managed Kubernetes cluster configured with "Bare Metal" nodes equipped with NVIDIA GPUs. + +## Prerequisites + +- A Managed Kubernetes cluster with at least one worker node of type "Bare Metal" equipped with GPU. + +## Example Pod Manifest + +Here is an example pod manifest that runs the `nvidia-smi` command to verify the presence and status of the GPU card. + +```yaml +apiVersion: v1 +kind: Pod +metadata: + name: nvidia-cuda-check +spec: + runtimeClassName: nvidia # Key for Talos NVIDIA + restartPolicy: Never + containers: + - name: nvidia-version-check + image: "nvidia/cuda:13.1.0-devel-ubuntu24.04" + imagePullPolicy: Always + command: ["nvidia-smi"] +``` + +### Manifest Explanation + +- **`runtimeClassName: nvidia`**: This is the most critical part. It instructs Kubernetes to use the NVIDIA runtime. The NVIDIA toolkit then injects NVIDIA drivers directly into the pod, enabling the container to access the GPU. +- **`restartPolicy: Never`**: Since this pod runs just a verification command, we don't want it to restart after execution. +- **`image: "nvidia/cuda:..."`**: We use an image provided by NVIDIA that includes the necessary tools to interact with the GPU. +- **`command: ["nvidia-smi"]`**: This is the command executed inside the container. `nvidia-smi` is a command-line utility that provides information about NVIDIA GPUs. + +For more details on how the NVIDIA toolkit works, refer to the [official documentation on GitHub](https://github.com/NVIDIA/nvidia-container-toolkit). + +## Deployment and Verification + +1. **Deploy the pod** using the `kubectl apply` command: + ```shell + kubectl apply -f nvidia-smi.yaml + ``` + +2. **Check the pod logs** to see the output of the `nvidia-smi` command: + ```shell + kubectl logs nvidia-cuda-check + ``` + +If everything is configured correctly, you should see output similar to the following, displaying details about your GPU: + +nvidia-smi command result \ No newline at end of file diff --git a/i18n/en/docusaurus-plugin-content-docs/current/managed_kubernetes/tutorials/usingopencost.md b/i18n/en/docusaurus-plugin-content-docs/current/managed_kubernetes/tutorials/usingopencost.md index bad375ca..1b8c809e 100644 --- a/i18n/en/docusaurus-plugin-content-docs/current/managed_kubernetes/tutorials/usingopencost.md +++ b/i18n/en/docusaurus-plugin-content-docs/current/managed_kubernetes/tutorials/usingopencost.md @@ -1,7 +1,8 @@ --- -title: Tracking Costs with OpenCost +title: Track Costs with OpenCost --- import opencostui from './images/opencost.png' +import opencostgrafana from './images/opencostgrafana.png' import opencostmcp from './images/opencostmcp.png' import opencostmcp2 from './images/opencostmcp2.png' import opencostmcp3 from './images/opencostmcp3.png' @@ -22,7 +23,7 @@ In the Managed Kubernetes offering, OpenCost is pre-installed and pre-configured ## Access the OpenCost Interface -The OpenCost interface is exposed via a secure URL specific to your cluster. To access it, use the following URL, replacing `identifiant` with your cluster's identifier (for example, `ctodev`): +The OpenCost interface is exposed on a secure URL specific to your cluster. To access it, use the following URL, replacing `identifiant` with your cluster's identifier (for example, `ctodev`): `https://opencost.external-secured.identifiant.mk.ms-cloud-temple.com` @@ -36,7 +37,7 @@ Access to this URL is restricted to the IP addresses you have declared with Clou The main and most detailed view in OpenCost is the **Allocations** dashboard. This is where you can visualize your resource consumption in real time. -This view allows you to break down costs by native Kubernetes concepts. The "Aggregate by" dropdown is your primary tool for analysis, enabling you to group costs by: +This view allows you to break down costs by native Kubernetes concepts. The "Aggregate by" dropdown is your primary analytical tool, enabling you to group costs by: - **Namespace**: To get a view by environment or team. - **Deployment**, **StatefulSet**, etc.: To analyze the cost of a specific application. @@ -47,16 +48,22 @@ This view allows you to break down costs by native Kubernetes concepts. The "Agg For even more granular financial analysis, OpenCost can aggregate costs based on **Kubernetes labels**. There isn't a direct "Label" option in the menu, but OpenCost ingests your labels and enables you to create custom aggregations. For this, a consistent labeling strategy is essential. For example, using labels such as `team: backend` or `product: api-gateway` allows you to analyze costs precisely aligned with your organizational structure. For this type of analysis, you must use OpenCost's AI integration. +## Grafana Dashboard + +A Grafana dashboard is also available to visualize OpenCost data. This dashboard provides an alternative and complementary view to the OpenCost interface, and it retains the complete history of cost metrics, enabling you to analyze long-term trends. + +OpenCost Grafana Dashboard + ## Advanced Usage: Integration with an AI (MCP Server) -For advanced users, OpenCost can be directly queried from the conversational assistant Cline (or others) through the **MCP (Multi-purpose Co-processor) servers** system. This allows you to script queries and retrieve cost data directly within your conversations. +For advanced users, OpenCost can be directly queried from the Cline conversational assistant (or others) through the **MCP (Multi-purpose Co-processor) servers** system. This enables you to script queries and retrieve cost data directly within your conversations. ### 1. Configuring OpenCost MCP in Cline To connect Cline to your OpenCost instance, add the following configuration to your `cline_mcp_settings.json` file. This file is typically located in the Cline configuration directory. We recommend creating an MCP server named "opencost-xxxxx", where xxxxx is the name of your managed Kubernetes cluster. -The MCP server URL follows the format: `https://opencost-mcp.external-secured.identifiant.mk.ms-cloud-temple.com`. +The MCP server URL is in the format: `https://opencost-mcp.external-secured.identifiant.mk.ms-cloud-temple.com` For example, for the cluster "bestie": @@ -94,20 +101,20 @@ Once this file is saved, Cline will automatically load the `opencost-xxxxx` MCP ### 2. Query OpenCost with MCP :::tip Prerequisites -To interact with MCP using natural language, the underlying AI must have access to language models (LLMs), either locally (e.g., LMStudio) or via connections to public services such as GPT-5 or Gemini, or by using our **[LLM-as-a-Service](/docs/llmaas/llmaas)** sovereign offering. +To interact with MCP using natural language, the underlying AI must have access to language models (LLMs), either locally (e.g., LMStudio) or via connections to public services such as GPT-5 or Gemini, or by using our sovereign **[LLM-as-a-Service](/llmaas/llmaas)** offering. ::: After setup, you can use LLM tools to perform natural language queries against this MCP server. #### Example: -"Use the MCP 'opencost-bestie', and tell me what percentage of the cluster costs are not allocated to resources" +"Use the MCP 'opencost-bestie', and tell me what percentage of the cluster's costs are not allocated to resources" You will get this: IA response opencost #### Example 2: -"Use the MCP 'opencost-bestie', and list me the costs associated with persistent volumes from yesterday" +"Use the MCP 'opencost-bestie', and list me the costs associated with persistent volumes for yesterday" IA response opencost 2 @@ -119,4 +126,4 @@ You will get this: ## Conclusion -OpenCost provides you with powerful tools for detailed, real-time cost analysis of your Kubernetes cluster. By primarily using the **Allocations** view and combining it with a solid labeling strategy, you can gain a clear understanding of your expenses, aligned with both your technical deployments and internal organizational structure. Leveraging LLMs and the OpenCost MCP server enables you to take data utilization even further. \ No newline at end of file +OpenCost provides you with powerful tools for fine-grained, real-time analysis of your Kubernetes cluster costs. By primarily using the **Allocations** view and combining it with a solid labeling strategy, you can gain a clear understanding of your spending, aligned both with your technical deployments and internal organizational structure. Leveraging LLMs and the OpenCost MCP server enables you to take data exploitation even further. \ No newline at end of file diff --git a/i18n/en/docusaurus-plugin-content-docs/current/network/private_network/private_network.md b/i18n/en/docusaurus-plugin-content-docs/current/network/private_network/private_network.md index fc75f6e5..86cc2d08 100644 --- a/i18n/en/docusaurus-plugin-content-docs/current/network/private_network/private_network.md +++ b/i18n/en/docusaurus-plugin-content-docs/current/network/private_network/private_network.md @@ -3,22 +3,22 @@ title: Overview slug: /network/private_network --- -Cloud Temple offers a Private Networks solution designed to meet the needs of businesses for secure, high-performance, and flexible connectivity. Based on an innovative architecture using VPLS technology, this solution provides a level 2 private network, transparent and scalable across all availability zones. +Cloud Temple offers a Private Networks solution designed to meet enterprise needs for secure, high-performance, and flexible connectivity. Built on an innovative architecture leveraging VPLS technology, this solution provides a private Layer 2 network that is transparent, scalable, and available across all availability zones.

Concepts

-

Discover the basics and essential principles to understand and master our infrastructure.

- Explore the concepts → +

Explore the fundamentals and core principles to understand and master our infrastructure.

+ Explore concepts →

Quickstart

Get started quickly with our resources by following clear and simple instructions.

- Launch the Quickstart → + Launch Quickstart →
-
+

Tutorials

Learn step by step how to configure and use our services with detailed guides.

- Discover the tutorials → + Discover tutorials →
-
+
\ No newline at end of file diff --git a/i18n/en/docusaurus-plugin-content-docs/current/network/private_network/tutorials.md b/i18n/en/docusaurus-plugin-content-docs/current/network/private_network/tutorials.md index 34831157..800cb2cc 100644 --- a/i18n/en/docusaurus-plugin-content-docs/current/network/private_network/tutorials.md +++ b/i18n/en/docusaurus-plugin-content-docs/current/network/private_network/tutorials.md @@ -2,10 +2,10 @@ title: Tutorials --- -These tutorials help you configure and use our Private Network services. +These tutorials help you set up and use our private networking services.

Tutorials

-

No tutorials are available at the moment, but we are actively working on them. Check back soon for more!

- Go to Home Page → -
+

No tutorials are currently available, but we are working on them actively. Check back soon for more information!

+ Go to the homepage → + \ No newline at end of file diff --git a/i18n/en/docusaurus-plugin-content-docs/current/network/vpc/concepts.md b/i18n/en/docusaurus-plugin-content-docs/current/network/vpc/concepts.md index 11150c7b..a6ac9ece 100644 --- a/i18n/en/docusaurus-plugin-content-docs/current/network/vpc/concepts.md +++ b/i18n/en/docusaurus-plugin-content-docs/current/network/vpc/concepts.md @@ -6,59 +6,59 @@ title: Concepts ## Definition and Positioning -The **VPC (Virtual Private Cloud)** is a managed network service allowing the creation of isolated, secure, and controllable private networks via the Cloud Temple console. It is designed to offer a cloud-native experience, automating network configuration and security. +The **VPC (Virtual Private Cloud)** is a managed networking service that enables the creation of isolated, secure, and controllable private networks via the Cloud Temple console. Designed for a cloud-native experience, it automates network and security configuration. -As of January 2026, VPC private networks allow interconnection between **IaaS Open Source** and **IaaS VMware** services. Interconnection with **Bare Metal** servers will be available in a future update. +As of today (January 2026), VPC private networks allow connectivity between **Open Source IaaS** and **VMware IaaS** services. Connectivity with **Bare Metal** servers will be available in a future update. ### VPC vs Private Backbone Cloud Temple offers two network consumption modes: * **Private Backbone (Legacy Offering)**: - * Ideal for experts seeking maximum autonomy and specific network configurations (Extended L2). + * Ideal for experts seeking maximum autonomy and specific network configurations (extended L2). * Requires manual installation and management of security equipment (firewalls, routers). - * Manual management of the addressing plan. + * Manual management of IP addressing. * **VPC (New Offering)**: * Designed for a cloud-native and automated experience. - * Integrated security (Gateway, Firewalling, NAT) without third-party equipment management. - * Managed service with high availability guaranteed by Cloud Temple. - * Ideal for modern projects, DevOps, and web application hosting. + * Built-in security (Gateway, Firewalling, NAT) without the need to manage third-party equipment. + * Fully managed service with high availability guaranteed by Cloud Temple. + * Ideal for modern projects, DevOps workflows, and hosting web applications. ## Architecture -The VPC relies on redundant and highly available architecture, leveraging Cloud Temple's low-latency inter-AZ backbone. +The VPC is built on a redundant and highly available architecture, leveraging Cloud Temple's low-latency inter-AZ backbone. ### Key Components * **VPC Router**: At the heart of each VPC, it manages dynamic routing between different Private Networks (east-west traffic). -* **Private Networks (VLANs)**: Layer 2 network segments connecting your resources (VMs, servers). They natively extend across multiple Availability Zones (AZ) without IP reconfiguration. -* **External Gateway**: Optional entry and exit point for Internet traffic (north-south). It integrates NAT and flow management capabilities. +* **Private Networks (VLANs)**: Layer 2 network segments connecting your resources (VMs, servers). They natively span multiple Availability Zones (AZs) without requiring IP reconfiguration. +* **External Gateway**: Optional entry and exit point for Internet traffic (north-south). It includes NAT capabilities and traffic flow management. ### Isolation and Security -The VPC guarantees strict isolation: +The VPC ensures strict isolation: * Each VPC is an independent network entity. -* Deployment is done on dedicated resources (for IaaS Open Source clients), ensuring no network resources are shared. +* Deployment occurs on dedicated resources (for Open Source IaaS clients), ensuring no network resources are shared. * The service is currently undergoing **SecNumCloud** qualification. -## Main Features +## Key Features | Feature | Description | Availability | -|---------|-------------|--------------| +|--------|-------------|--------------| | **Regional Private Networks** | Multi-AZ deployment and transparent L2 propagation. | Available | -| **Native Routing** | Automatic communication between private networks of the same VPC. | Available | -| **IPAM & DHCP** | Automatic IP pool management and dynamic assignment. | Available | -| **Internet Access** | Configurable via Gateway (NAT, DNAT, Controlled Egress). | Available | -| **Floating IPs** | Flexible exposure of services on the Internet. | Available | -| **Micro-segmentation** | Network policy groups for advanced security. | H1 2026 | -| **Observability** | Network performance logs and metrics. | H1 2026 | -| **DNS Service** | Internal and external name resolution. | H2 2026 | -| **VPN & Cloud Connect** | Secure connectivity to on-premise and public clouds. | H2 2026 | +| **Native Routing** | Automatic communication between private networks within the same VPC. | Available | +| **IPAM & DHCP** | Automatic management of address pools and dynamic assignment. | Available | +| **Internet Access** | Configurable via Gateway (NAT, DNAT, egress control). | Available | +| **Floating IPs** | Flexible exposure of services to the Internet. | Available | +| **Micro-segmentation** | Network policy groups for advanced security. | Q1 2026 | +| **Observability** | Network performance logs and metrics. | Q1 2026 | +| **Service DNS** | Internal and external name resolution. | Q2 2026 | +| **VPN & Cloud Connect** | Secure connectivity to on-premise environments and public clouds. | Q2 2026 | ## Use Cases -* **Critical application hosting** requiring strong isolation. -* **Multi-project segmentation** (Prod, Pre-prod, Dev). -* **Test environments** ephemeral and isolated. -* **Sovereign network foundations** for sensitive data. +* Critical application hosting requiring strong isolation. +* Multi-project segmentation (Prod, Pre-prod, Dev). +* Ephemeral and isolated test environments. +* Sovereign networking foundations for sensitive data. \ No newline at end of file diff --git a/i18n/en/docusaurus-plugin-content-docs/current/network/vpc/images/vpc_static_ips_details.png b/i18n/en/docusaurus-plugin-content-docs/current/network/vpc/images/vpc_static_ips_details.png new file mode 100644 index 00000000..50c0e627 Binary files /dev/null and b/i18n/en/docusaurus-plugin-content-docs/current/network/vpc/images/vpc_static_ips_details.png differ diff --git a/i18n/en/docusaurus-plugin-content-docs/current/network/vpc/quickstart.md b/i18n/en/docusaurus-plugin-content-docs/current/network/vpc/quickstart.md index b05c4a02..7a453b0c 100644 --- a/i18n/en/docusaurus-plugin-content-docs/current/network/vpc/quickstart.md +++ b/i18n/en/docusaurus-plugin-content-docs/current/network/vpc/quickstart.md @@ -15,38 +15,38 @@ import vpcNewStaticIps from './images/vpc_new_static_ips.png' import vpcNewStaticIpsModale from './images/vpc_new_static_ips_modale.png' import vpcStaticIpsAssociate from './images/vpc_static_ips_associate_png.png' -# VPC Quickstart +# Quick Start VPC This guide walks you through creating your first Virtual Private Cloud (VPC) and deploying your first private networks. ## Prerequisites -Currently, activating the VPC service requires an **IaaS Open Source** subscription. (This condition will be lifted later). +Currently, activating the VPC service requires subscribing to an **IaaS Open Source** offering. (This requirement will be removed in the future). ## Step 1: Access the Console -1. Log in to the Cloud Temple Console. +1. Sign in to the Cloud Temple Console. 2. In the navigation menu, select **Network** then **VPC**. -## Step 2: Order a VPC +## Step 2: Create a VPC 1. Click the **New VPC** button. -2. Fill in the guided form: +2. Fill out the guided form: * **VPC Name**: Choose a unique name to identify your environment. * **Description**: (Optional) Add a description. -3. Validate creation. +3. Confirm the creation. -> **Note**: VPC provisioning is fully automated and typically takes less than an hour. +> **Note**: VPC provisioning is fully automated and typically takes less than one hour. -### Alternative: Via the Orders tab +### Alternative: Via the Commands Tab -You can also initiate the ordering of VPC resources directly from the **Orders** menu. +You can also initiate the VPC resources command directly from the **Commands** menu. @@ -56,39 +56,39 @@ You can also initiate the ordering of VPC resources directly from the **Orders** Once your VPC is active: -1. Access your VPC details by clicking on its name. +1. Go to your VPC details by clicking on its name. -2. Go to the **Private Networks** tab. +2. Navigate to the **Private Networks** tab. 3. Click **Add a network**. 4. Configure your network: - * **Name**: Network segment name (e.g., `backend`, `frontend`). + * **Name**: Name of the network segment (e.g., `backend`, `frontend`). * **CIDR**: IP address range (e.g., `192.168.1.0/24`). -## Step 4: Activate Gateway and Order Public IPs +## Step 4: Activate the Gateway and Request Public IPs To enable Internet access and expose services: -1. Check if the gateway is activated. If not, click the activation button. +1. Check whether the gateway is activated. If not, click the activation button. 2. Once the gateway is active, go to the **Public IPs** tab. -> **Note**: The **Public IPs** list at the root of the VPC menu displays all public IPs (associated or not). The **Public IPs** tab in a VPC detail allows managing those associated with this VPC (requires active gateway). +> **Note**: The **Public IPs** list at the root of the VPC menu displays all public IPs (assigned or unassigned). The **Public IPs** tab within a VPC's details allows you to manage only those IPs assigned to that specific VPC (requires the gateway to be active). -3. Click the button to order new IPs, or click the "Associate" action to associate one of the IP addresses in the list that is not yet associated. +3. Click the button to request new IPs, or click the "Assign" action to assign an IP from the list that is not yet assigned. -4. Select the number of IPs you want to order then confirm your order. +4. Select the number of IPs you wish to request, then confirm your request. -## Step 5: Connect your resources +## Step 5: Connect Your Resources -Your private networks are now available in all Availability Zones (AZ) of the region. You can connect your IaaS Open Source virtual machines or servers directly from their respective configuration interfaces. +Your private networks are now available across all Availability Zones (AZs) in the region. You can connect your Open Source IaaS virtual machines or your servers directly from their respective configuration interfaces. -To learn how to configure a VPC network on a virtual machine, check our tutorial: [Configure a Static IP and a VM](./tutorials/vm_configuration). +To learn how to set up a VPC network on a virtual machine, refer to our tutorial: [Configure a Static IP and a VM](./tutorials/vm_configuration). \ No newline at end of file diff --git a/i18n/en/docusaurus-plugin-content-docs/current/network/vpc/tutorials/vm_configuration.md b/i18n/en/docusaurus-plugin-content-docs/current/network/vpc/tutorials/vm_configuration.md index dfd14841..fba8aa39 100644 --- a/i18n/en/docusaurus-plugin-content-docs/current/network/vpc/tutorials/vm_configuration.md +++ b/i18n/en/docusaurus-plugin-content-docs/current/network/vpc/tutorials/vm_configuration.md @@ -1,5 +1,5 @@ --- -title: VM Network Configuration +title: Network Configuration of the VM --- import vpcCreateNetworkAdaptersVmModale from '../images/vpc_create_network_adapters_vm_modale.png' import vpcCreateNetworkAdaptersVmSelectNetworks from '../images/vpc_create_network_adapters_vm_select_networks.png' @@ -8,25 +8,25 @@ import vpcDetailIpsPub from '../images/vpc_detail_ips_pub.png' import vpcIpPubAssociate from '../images/vpc_ip_pub_associate.png' import vpcMacAddressAssociateModale from '../images/vpc_mac_address_associate_modale.png' -# VM Network Configuration +# Network Configuration of the VM -This tutorial guides you to connect a virtual machine to a VPC network and assign it a static IP (private), as well as a public IP if necessary. +This tutorial guides you through connecting a virtual machine to a VPC network and assigning it a static (private) IP address, as well as a public IP address if required. ## Prerequisites * Have a VPC and a private network created. -* Have a VM deployed. +* Have a VM deployed (Open Source IaaS or VMware). -## 1. Assignment of a Private Static IP +## 1. Assigning a Static Private IP Address -You can fix the private IP of your VM in two ways. +You can set the private IP address of your VM in two ways. ### Method A: From the Virtual Machine (Recommended) -This method allows you to configure the network and IP in a single step when creating the interface. +This method allows you to configure the network and IP in a single step during interface creation. -1. Access the details view of your virtual machine. +1. Access the detailed view of your virtual machine. 2. Go to the **Network Adapters** tab. -3. Click the **New network adapter** button to add an interface. +3. Click the **Add Network Adapter** button to add an interface. 4. In the modal, select your VPC network. @@ -35,34 +35,34 @@ This method allows you to configure the network and IP in a single step when cre 5. Once the network is selected, choose one of the available static IPs. -6. Validate creation. +6. Confirm the creation. -> **Note**: You can edit the network adapter later to change the network if necessary. +> **Note**: You can edit the network adapter later to switch networks if needed. ### Method B: From the Private Networks View -This method is useful for reserving an IP before creating the VM or for modifying an existing association. +This method is useful for reserving an IP address before creating a VM or for modifying an existing association. -1. Access the detailed view of your VPC, **Private Networks** tab. +1. Go to the detailed view of your VPC, tab **Private Networks**. 2. Expand the IP address pool of the relevant network. -3. Click the "Associate with a MAC address" action for an available IP. -4. In the modal, associate one of the static IPs with a MAC address of a VM. +3. Click the "Associate with MAC address" action for an available IP. +4. In the modal, associate one of the static IPs with a VM's MAC address. -## 2. Association of a Public IP (Optional) +## 2. Associating a Public IP (Optional) -If you want to make your VM accessible from the Internet. +If you want to make your VM accessible from the internet. -1. From the detailed view of your VPC, go to the **Public IPs** tab. +1. From the detailed view of your VPC, go to the **Public IPs** tab. 2. Click the **Associate a public IP** button. -3. In the modal, select the private network and the target static IP, then validate the association. +3. In the modal, select the target private network and static IP, then confirm the association. -4. Once the association is done, you can use this public IP address to reach your VM. +4. Once the association is complete, you can use this public IP address to access your VM. ## Guest OS Configuration -**Important**: To ensure the static IP (private) is correctly assigned, make sure the network interface of your guest operating system (OS) is configured in **DHCP** mode. The VPC DHCP service will assign the reserved address. +**Important**: To ensure the static (private) IP address is correctly assigned, make sure the network interface of your guest operating system (OS) is set to **DHCP** mode. The VPC's DHCP service will handle assigning the reserved address. \ No newline at end of file diff --git a/i18n/en/docusaurus-plugin-content-docs/current/network/vpc/vpc.md b/i18n/en/docusaurus-plugin-content-docs/current/network/vpc/vpc.md index f53f0dad..c63ad507 100644 --- a/i18n/en/docusaurus-plugin-content-docs/current/network/vpc/vpc.md +++ b/i18n/en/docusaurus-plugin-content-docs/current/network/vpc/vpc.md @@ -3,24 +3,24 @@ title: Overview slug: /network/vpc --- -The Cloud Temple VPC (Virtual Private Cloud) is a managed network service that allows you to create private, isolated, and secure environments in a fully automated way. Designed for a cloud-native experience, it simplifies flow management, Internet access, and IP addressing while ensuring data sovereignty. +Cloud Temple's VPC (Virtual Private Cloud) is a managed networking service that enables you to create fully automated, private, isolated, and secure environments. Designed for a cloud-native experience, it simplifies the management of traffic flows, Internet access, and IP addresses, while ensuring data sovereignty. -The service allows you to deploy and manage your private networks without worrying about the complexity of manual configurations, with 99.99% high availability, measured monthly. +The service allows you to deploy and manage your private networks without worrying about the complexity of manual configurations, with a high availability of 99.99%, measured monthly.

Concepts

-

Discover the architecture, components (Private Networks, Gateway), and benefits of VPC.

+

Explore the architecture, components (Private Networks, Gateways), and benefits of the VPC.

Explore concepts →

Quickstart

-

Create your first VPC and configure your private networks in minutes.

- Start Quickstart → +

Create your first VPC and set up your private networks in just a few minutes.

+ Start the Quickstart →
-
+

Tutorials

Step-by-step guides for advanced use cases (Peering, VPN, etc.).

Discover tutorials →
-
+
\ No newline at end of file diff --git a/i18n/es/docusaurus-plugin-content-docs/current/changelog.md b/i18n/es/docusaurus-plugin-content-docs/current/changelog.md index a2097db5..5c5fbf5f 100644 --- a/i18n/es/docusaurus-plugin-content-docs/current/changelog.md +++ b/i18n/es/docusaurus-plugin-content-docs/current/changelog.md @@ -5,9 +5,17 @@ sidebar_position: 2 # Tracking Changes +### January 19, 2026: Managed Kubernetes and VPC Enhancements + +- **Managed Kubernetes**: Added support for **Bare Metal** nodes and **GPUs** (NVIDIA). +- **Managed Kubernetes**: New tutorial on using GPUs within a Kubernetes cluster. +- **Managed Kubernetes**: Replaced KubeCost with a more recent guide on **OpenCost**. +- **Network (VPC)**: Complete documentation for the Virtual Private Cloud (VPC) service, including high availability (HA) concepts, quick start guides, and tutorials. +- **Multilingual**: Full translation of the VPC service and new Kubernetes content into English, German, Spanish, and Italian. + ### December 15, 2025: Stabilization and Multilingual Fixes -- **Multilingual (Terraform, LLMaaS, Harbor)**: Major correction of translations in Spanish, Italian, and German. Resolved MDX syntax issues (empty code blocks, unescaped tags) that were preventing site compilation. +- **Multilingual (Terraform, LLMaaS, Harbor)**: Major fixes to translations in Spanish, Italian, and German. Resolved MDX syntax issues (empty code blocks, unescaped tags) that were preventing site compilation. - **Multilingual (Images)**: Restored correct image paths in the Italian and German versions for the Bastion and VMware IaaS sections. - **Build**: Validation of deployment across all 5 supported languages. @@ -16,36 +24,36 @@ sidebar_position: 2 - **Kubernetes administrado**: Adición de un nuevo tutorial sobre el uso de **Gateway API** para la gestión avanzada del tráfico. - **Kubernetes administrado**: Actualización de la documentación sobre la gestión de cuotas (Ceph) y optimización de las herramientas de gestión de costos (OpenCost). -### 22 de noviembre de 2025: Nuevas funcionalidades de LLMaaS y mejoras generales +### 22 November 2025: LLMaaS Updates and General Improvements -- **LLMaaS (OCR)**: Incorporación de una documentación completa para **DeepSeek-OCR**, nuestro nuevo modelo especializado en el análisis de documentos (PDF, imágenes), capaz de extraer texto estructurado, tablas y fórmulas matemáticas. -- **Multilingüe**: Resolución de problemas de accesibilidad en las versiones italiana y alemana de la documentación. -- **Calidad**: Corrección del formato de los bloques de código en los tutoriales de LLMaaS y restauración de las imágenes faltantes en la guía de inicio rápido de IaaS VMware (versión italiana). +- **LLMaaS (OCR)**: Added comprehensive documentation for **DeepSeek-OCR**, our new model specialized in document analysis (PDFs, images), capable of extracting structured text, tables, and mathematical formulas. +- **Multilingual**: Resolved accessibility issues in the Italian and German versions of the documentation. +- **Quality**: Fixed code block display in LLMaaS tutorials and restored missing images in the Italian version of the VMware IaaS quick start guide. -### 20 November 2025: Major PaaS OpenShift Update +### 20 de noviembre de 2025: Actualización principal del PaaS OpenShift -- **PaaS OpenShift (PR #194)**: Complete overhaul and update of the OpenShift documentation, including new screenshots and full translation into English, Spanish, German, and Italian to support our international expansion. +- **PaaS OpenShift (PR #194)**: Reestructuración y actualización completa de la documentación de OpenShift, incluyendo nuevas capturas de pantalla y una traducción integral al inglés, español, alemán e italiano para acompañar nuestra expansión internacional. ### 3 de noviembre de 2025: Mejoras en los tutoriales de Kubernetes -- **Kubernetes gestionado**: Incorporación de un nuevo tutorial sobre implementación continua con **ArgoCD** y el enfoque GitOps. -- **Kubernetes gestionado**: Revisión y mejora de los tutoriales existentes. Los guías sobre implementación, red, gestión de permisos (Capsule) y copias de seguridad (Kasten) han sido enriquecidos para abordar mejor las cuestiones de seguridad, gobernanza y costos, en respuesta a las expectativas de los perfiles RSSI y Comprador. +- **Kubernetes administrado**: Adición de un nuevo tutorial sobre implementación continua con **ArgoCD** y el enfoque GitOps. +- **Kubernetes administrado**: Revisión y mejora de los tutoriales existentes. Los guías sobre implementación, red, gestión de permisos (Capsule) y copias de seguridad (Kasten) han sido enriquecidos para abordar mejor las cuestiones de seguridad, gobernanza y costos, en respuesta a las expectativas de los perfiles RSSI y Comprador. ### 28 de octubre de 2025: Nueva documentación para Kubernetes administrado y mejoras diversas -- **Kubernetes administrado (PR #193 y mejoras)**: Se ha añadido una documentación completa para el nuevo servicio de Kubernetes administrado. La sección incluye una presentación del servicio, los conceptos técnicos, una guía de inicio, un primer tutorial y la matriz de responsabilidades (RACI). El contenido se ha enriquecido para responder mejor a las expectativas de los diferentes perfiles de usuarios. +- **Kubernetes administrado (PR #193 y mejoras)**: Se ha añadido una documentación completa para el nuevo servicio de Kubernetes administrado. La sección incluye una presentación del servicio, conceptos técnicos, una guía de inicio, un primer tutorial y una matriz de responsabilidades (RACI). El contenido se ha enriquecido para responder mejor a las expectativas de los distintos perfiles de usuarios. - **Almacenamiento objeto (PR #190, #189)**: Se han añadido dos nuevos tutoriales para el servicio de Almacenamiento objeto: uno sobre la gestión de accesos a los buckets S3 y otro sobre el uso de Restic para las copias de seguridad. - **Contractual (PR #191)**: Corrección y actualización del documento "Acuerdo de tratamiento de datos" (DPA). ### 18 de octubre de 2025: Mantenimiento y nuevas documentaciones -- **LLMaaS**: Adición de una nueva pregunta a la FAQ para presentar la página de estado público ([llmaas.status.cloud-temple.app](https://llmaas.status.cloud-temple.app/)), que permite seguir en tiempo real la disponibilidad y el rendimiento de cada modelo. +- **LLMaaS**: Adición de una nueva pregunta en la FAQ para presentar la página de estado público ([llmaas.status.cloud-temple.app](https://llmaas.status.cloud-temple.app/)), que permite seguir en tiempo real la disponibilidad y el rendimiento de cada modelo. - **Contractual**: Actualización importante del Acuerdo de Procesamiento de Datos (DPA v2) para reflejar los últimos requisitos legales y de cumplimiento. - **Consola**: Mejora y aclaración de la documentación relacionada con la gestión de órdenes. - **Marketplace**: Adición de un tutorial detallado sobre la personalización de imágenes de máquinas virtuales (VM) para crear plantillas reutilizables. - **LLMaaS**: Adición de una guía para configurar la extensión VSCode CLINE y utilizar los modelos de lenguaje de Cloud Temple directamente desde el editor. - **Almacenamiento Objeto (OSS)**: Adición de precisiones sobre la política de ciclo de vida (Lifecycle) para la eliminación de datos. -- **Almacenamiento Objeto (OSS)**: Adición de una guía de solución de problemas para errores de suma de verificación (`XAmzContentSHA256Mismatch`) con AWS CLI y Terraform. +- **Almacenamiento Objeto (OSS)**: Adición de una guía de solución de problemas para errores de checksum (`XAmzContentSHA256Mismatch`) con AWS CLI y Terraform. - **LLMaaS**: Actualización de la lista de modelos disponibles y retraducción de más de 50 documentos para garantizar la coherencia. ### 14 de agosto de 2025: Mejoras y correcciones @@ -57,15 +65,15 @@ sidebar_position: 2 - **Almacenamiento objeto (OSS)**: - Reestructuración completa de la sección de tutoriales con guías específicas para herramientas populares: AWS CLI, Minio Client (`mc mirror`), Cloudberry Explorer y el SDK Python Boto3. - - Incorporación de aclaraciones sobre los conceptos de cuentas de almacenamiento y el bloqueo de objetos (Object Lock). + - Adición de detalles sobre los conceptos de cuentas de almacenamiento y el bloqueo de objetos (Object Lock). - **IaaS de código abierto**: - - Adición de una documentación detallada sobre la gestión de Alta Disponibilidad (HA) para grupos de recursos y máquinas virtuales. + - Incorporación de una documentación detallada sobre la gestión de Alta Disponibilidad (HA) para grupos de recursos y máquinas virtuales. - **Consola**: - Actualización de la página de alertas de seguridad con las últimas vulnerabilidades. - **Red**: - - Incorporación de nuevas capturas de pantalla para ilustrar la configuración de conectividad IPv6. + - Adición de nuevas capturas de pantalla para ilustrar la configuración de conectividad IPv6. -### June 29, 2025: Finalization of LLMaaS documentation +### 29 June 2025: Finalization of LLMaaS documentation - Full test suite validation. - Correction and validation of RAG pipelines with FAISS and Qdrant. @@ -74,5 +82,5 @@ sidebar_position: 2 - Improvement of the RAG explanation page with diagrams and details on embedding models. - Update of the API documentation, quick start guide, and service presentation. - Addition of pricing for the Audio Transcription endpoint. -- Addition of the forecasted model lifecycle timeline. +- Addition of the forecasted model lifecycle planning. - Addition of the responsibility matrix for the LLMaaS offering. \ No newline at end of file diff --git a/i18n/es/docusaurus-plugin-content-docs/current/console/security/security_alarms.md b/i18n/es/docusaurus-plugin-content-docs/current/console/security/security_alarms.md index 11532159..f071c4ce 100644 --- a/i18n/es/docusaurus-plugin-content-docs/current/console/security/security_alarms.md +++ b/i18n/es/docusaurus-plugin-content-docs/current/console/security/security_alarms.md @@ -1,47 +1,44 @@ - - --- title: Alertas de seguridad --- -Encuentre aquí las alertas de seguridad relacionadas con nuestros servicios en la nube. +Encuentre aquí las alertas de seguridad relacionadas con nuestros servicios en la nube. Esta página se actualiza diariamente para tener en cuenta las vulnerabilidades recién identificadas. - - ## Vulnerabilidades | Fecha | Referencia(s) | CVSS | Título | Descripción | Servicio(s) | Severidad | Tratamiento | |---------------------|-----------------|-------------|--------------|---------|-------------|----------------|-------------| -| 07/08/2025 | [DSA-2025-154](https://www.dell.com/support/kbdoc/en-us/000262308/dsa-2025-154-security-update-for-dell-ecs-and-objectscale-use-of-hard-coded-ssh-cryptographic-key-vulnerability) | 8.4 | **DSA-2025-154 : Vulnerabilidad en Dell ObjectScale (CVE-2025-26476)** | Una vulnerabilidad (CVE-2025-26476) en Dell ObjectScale (< 4.0.0.0) relacionada con el uso de claves SSH codificadas en duración permite un acceso no autenticado local. | Almacenamiento de objetos | 🟠 Importante | ✅ La remediación de sus entornos ObjectScale está respaldada por Cloud Temple. No es necesaria ninguna acción por su parte. | -| 15/07/2025 | [VMSA-2025-0013](https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/VMSA-2025-0013--VMware-ESXi--Workstation--Fusion--and-Tools-updates-address-multiple-vulnerabilities--CVE-2025-41236--CVE-2025-41237--CVE-2025-41238--CVE-2025-41239-/35877) | 9.3 | **VMSA-2025-0013 : Vulnerabilidades importantes en VMware ESXi** | Varios problemas de seguridad importantes afectan a VMware ESXi. Se proporcionan correcciones por el editor. | IaaS por VMware | 🟠 Importante | ⚠️ Recomendamos que actualice sus hipervisores. Las versiones de ESXi corregidas están disponibles desde su validación por Cloud Temple. La consola le indica los ESXi que requieren una actualización. | -| 15/07/2025 | [VMSA-2025-0013](https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/VMSA-2025-0013--VMware-ESXi--Workstation--Fusion--and-Tools-updates-address-multiple-vulnerabilities--CVE-2025-41236--CVE-2025-41237--CVE-2025-41238--CVE-2025-41239-/35877) | 7.1 | **VMSA-2025-0013 : Vulnerabilidad en VMware Tools (CVE-2025-41239)** | Una vulnerabilidad (CVE-2025-41239) en VMware Tools permite la divulgación de información sensible a través de vSockets no inicializados. Se proporcionan correcciones por el editor. | IaaS por VMware | 🟡 Moderada | ⚠️ Recomendamos que actualice VMware Tools en sus máquinas virtuales. Las versiones de VM Tools corregidas están incluidas en los paquetes ESXi puestos a disposición por Cloud Temple. | -| 01/07/2025 | [XSA-470](https://xenbits.xen.org/xsa/advisory-470.html) | N/A | **Vulnerabilidad XCP-NG debido a una mala gestión de excepciones** [Boletín del editor](https://xcp-ng.org/blog/2025/07/03/july-2025-security-and-maintenance-update-for-xcp-ng-8-2-lts/) | Se descubrió una vulnerabilidad en XCP-NG, que permite que código privilegiado ejecutado desde una máquina virtual provoque un fallo del hipervisor, causando un denegación de servicio (DoS) en el anfitrión completo. | IaaS de código abierto | 🟡 Moderada | ✅ La actualización de sus instancias XCP-ng está programada desde la validación de las correcciones por Cloud Temple. No es necesaria ninguna acción por su parte.| -| 23/05/2025 | [XSA-468](https://xenbits.xen.org/xsa/advisory-468.html) | 8.8-9.0 | **Vulnerabilidades XCP-NG en los controladores PV Windows (XSA-468)** [Boletín del editor](https://xcp-ng.org/blog/2025/05/27/xsa-468-windows-pv-driver-vulnerabilities/) | Varios problemas de seguridad (CVE-2025-27462, CVE-2025-27463, CVE-2025-27464) en los controladores PV Windows permiten a usuarios no privilegiados obtener privilegios del sistema dentro de las VM Windows. | IaaS de código abierto | 🟠 Importante | ⚠️ Recomendamos que actualice los controladores PV Windows de sus máquinas virtuales a las versiones corregidas indicadas en el boletín de seguridad. ✅ La actualización de sus instancias XCP-ng está programada desde la validación de las correcciones por Cloud Temple. | -| 22/05/2025 | [XSA-469, INTEL-SA](https://xcp-ng.org/blog/2025/05/14/may-2025-security-update-for-xcp-ng-8-2-8-3/) | 4.9-6.5 | **Vulnerabilidades XCP-NG en el microcódigo Intel y Xen (XSA-469, INTEL-SA)** [Boletín del editor](https://xcp-ng.org/blog/2025/05/14/may-2025-security-update-for-xcp-ng-8-2-8-3/) | Se han publicado actualizaciones de seguridad para XCP-ng, corrigiendo varios problemas de seguridad en el microcódigo Intel y Xen. | IaaS de código abierto | 🟡 Moderada | ✅ La actualización de sus instancias XCP-ng está programada desde la validación de las correcciones por Cloud Temple. No es necesaria ninguna acción por su parte.| -| 21/05/2025 | [VMSA-2025-0010](https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25717) | 4.3-6.8 | **VMSA-2025-0010 : Múltiples vulnerabilidades en VMware ESXi (CVE-2025-41226, CVE-2025-41227, CVE-2025-41228)** | Se han notificado múltiples vulnerabilidades en VMware ESXi: Vulnerabilidad de denegación de servicio de operaciones de invitado (CVE-2025-41226), Vulnerabilidad de denegación de servicio (CVE-2025-41227), Vulnerabilidad de Cross Site Scripting (XSS) (CVE-2025-41228). Se proporcionan correcciones por el editor. | IaaS por VMware | 🟡 Moderada | ⚠️ Recomendamos que actualice sus hipervisores. Las versiones de ESXi corregidas están disponibles desde su validación por Cloud Temple. La consola le indica los ESXi que requieren una actualización. | -| 21/05/2025 | [VMSA-2025-0010](https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25717) | 4.3-8.8 | **VMSA-2025-0010 : Múltiples vulnerabilidades en vCenter (CVE-2025-41225, CVE-2025-41228)** | Se han notificado múltiples vulnerabilidades en VMware vCenter: Vulnerabilidad de ejecución de comandos autenticados en VMware vCenter Server (CVE-2025-41225), Vulnerabilidad de Cross Site Scripting (XSS) (CVE-2025-41228). Se proporcionan correcciones por el editor. | IaaS por VMware | 🟠 Importante | ✅ La actualización de sus instancias vCenter está programada desde la validación de las correcciones por Cloud Temple. No es necesaria ninguna acción por su parte. La actualización se notifica en las notificaciones de la consola. | -| 14/05/2025 | [VMSA-2025-0007](https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25683) | 6.1 | **VMSA-2025-0007 : Vulnerabilidad de gestión insegura de archivos en VMware Tools (CVE-2025-22247)** | Se ha notificado una vulnerabilidad de gestión insegura de archivos en VMware Tools. Se proporcionan correcciones por el editor. | IaaS por VMware | 🟡 Moderada | ⚠️ Recomendamos que actualice VMware Tools en sus máquinas virtuales. Las versiones de VM Tools corregidas están incluidas en los paquetes ESXi puestos a disposición por Cloud Temple. | -| 25/03/2025 | [VMSA-2025-0005](https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25518) | 7.8 | **VMSA-2025-0005 : Vulnerabilidad de contorno de autenticación en VMware Tools para Windows (CVE-2025-22230)** | Se ha notificado una vulnerabilidad de contorno de autenticación en VMware Tools para Windows. Se proporcionan correcciones por el editor. | IaaS por VMware | 🟠 Importante | ⚠️ Recomendamos que actualice VMware Tools en sus máquinas virtuales. Las versiones de VM Tools corregidas están incluidas en los paquetes ESXi puestos a disposición por Cloud Temple | -| 04/03/2025 | [VMSA-2025-0004](https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25390) | 7.1-9.3 | **VMSA-2025-0004 : Múltiples vulnerabilidades en VMware ESXi (CVE-2025-22224, CVE-2025-22225, CVE-2025-22226)** | Se han notificado múltiples vulnerabilidades en VMware ESXi: Vulnerabilidad de desbordamiento de pila VMCI (CVE-2025-22224) calificada como Crítica por VMware, Vulnerabilidad de escritura arbitraria en VMware ESXi (CVE-2025-22225), Vulnerabilidad de divulgación de información HGFS (CVE-2025-22226). Se proporcionan correcciones por el editor. | IaaS por VMware | 🟠 Importante | ⚠️ Recomendamos que actualice sus hipervisores. Las versiones de ESXi corregidas están disponibles desde su validación por Cloud Temple. La consola le indica los ESXi que requieren una actualización. | - - +| 23/12/2025 | [CVE-2025-14443](https://access.redhat.com/security/cve/CVE-2025-14443) | 8.5 | **Vulnerabilidad en Red Hat OpenShift (CVE-2025-14443)** | Una vulnerabilidad en el componente `openshift-apiserver` permite un elevación de privilegios. La explotación requiere autenticación previa. | PaaS OpenShift | 🟠 Importante | ⚠️ No hay parche disponible actualmente. Estamos esperando el parche del editor Red Hat. | +| 30/09/2025 | [VMSA-2025-0016](https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36150) | 8.5 | **VMSA-2025-0016: Vulnerabilidad en VMware vCenter (CVE-2025-41250)** | Una vulnerabilidad (CVE-2025-41250) permite a un atacante autenticado modificar los correos electrónicos de notificación de tareas programadas. | IaaS By VMware | 🟠 Importante | ⚠️ Recomendamos planificar una actualización de vCenter (a la versión 8.0 U3g o 7.0 U3w). | +| 30/09/2025 | [VMSA-2025-0015](https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36149) | 7.6 | **VMSA-2025-0015: Vulnerabilidad en VMware Tools (Windows)** | Una vulnerabilidad (CVE-2025-41246) en VMware Tools para Windows permite una elevación de privilegios (requiere acceso local autenticado). | IaaS By VMware | 🟡 Moderada | ⚠️ Recomendamos planificar una actualización de VMware Tools Windows (a la versión 13.0.5 o 12.5.4). | +| 07/08/2025 | [DSA-2025-154](https://www.dell.com/support/kbdoc/en-us/000262308/dsa-2025-154-security-update-for-dell-ecs-and-objectscale-use-of-hard-coded-ssh-cryptographic-key-vulnerability) | 8.4 | **DSA-2025-154: Vulnerabilidad en Dell ObjectScale (CVE-2025-26476)** | Una vulnerabilidad (CVE-2025-26476) en Dell ObjectScale (< 4.0.0.0) relacionada con el uso de claves SSH codificadas en el código permite acceso local no autenticado. | Almacenamiento de Objetos | 🟠 Importante | ✅ La corrección de sus entornos ObjectScale está gestionada por Cloud Temple. No se requiere ninguna acción por su parte. | +| 15/07/2025 | [VMSA-2025-0013](https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/VMSA-2025-0013--VMware-ESXi--Workstation--Fusion--and-Tools-updates-address-multiple-vulnerabilities--CVE-2025-41236--CVE-2025-41237--CVE-2025-41238--CVE-2025-41239-/35877) | 9.3 | **VMSA-2025-0013: Vulnerabilidades importantes en VMware ESXi** | Varias vulnerabilidades importantes afectan a VMware ESXi. Los parches están disponibles del editor. | IaaS By VMware | 🟠 Importante | ⚠️ Recomendamos actualizar sus hipervisores. Las versiones de ESXi corregidas estarán disponibles tan pronto como sean validadas por Cloud Temple. La consola le indica los ESXi que requieren actualización. | +| 15/07/2025 | [VMSA-2025-0013](https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/VMSA-2025-0013--VMware-ESXi--Workstation--Fusion--and-Tools-updates-address-multiple-vulnerabilities--CVE-2025-41236--CVE-2025-41237--CVE-2025-41238--CVE-2025-41239-/35877) | 7.1 | **VMSA-2025-0013: Vulnerabilidad en VMware Tools (CVE-2025-41239)** | Una vulnerabilidad (CVE-2025-41239) en VMware Tools permite divulgación de información sensible a través de vSockets no inicializados. Los parches están disponibles del editor. | IaaS By VMware | 🟡 Moderada | ⚠️ Recomendamos actualizar VMware Tools en sus máquinas virtuales. Las versiones corregidas están incluidas en los paquetes ESXi proporcionados por Cloud Temple. | +| 01/07/2025 | [XSA-470](https://xenbits.xen.org/xsa/advisory-470.html) | N/A | **Vulnerabilidad en XCP-NG por mala gestión de excepciones** [Boletín del editor](https://xcp-ng.org/blog/2025/07/03/july-2025-security-and-maintenance-update-for-xcp-ng-8-2-lts/) | Se ha descubierto una vulnerabilidad en XCP-NG que permite a código privilegiado ejecutado desde una máquina virtual provocar un fallo del hipervisor, causando un denegación de servicio (DoS) en todo el anfitrión. | IaaS OpenSource | 🟡 Moderada | ✅ La actualización de sus instancias XCP-ng está programada tan pronto como los parches sean validados por Cloud Temple. No se requiere ninguna acción por su parte. | +| 23/05/2025 | [XSA-468](https://xenbits.xen.org/xsa/advisory-468.html) | 8.8-9.0 | **Vulnerabilidades en XCP-NG en los controladores PV Windows (XSA-468)** [Boletín del editor](https://xcp-ng.org/blog/2025/05/27/xsa-468-windows-pv-driver-vulnerabilities/) | Varias vulnerabilidades (CVE-2025-27462, CVE-2025-27463, CVE-2025-27464) en los controladores PV Windows permiten a usuarios no privilegiados obtener privilegios de sistema dentro de máquinas virtuales Windows. | IaaS OpenSource | 🟠 Importante | ⚠️ Recomendamos actualizar los controladores PV Windows de sus máquinas virtuales a las versiones corregidas indicadas en el boletín de seguridad. ✅ La actualización de sus instancias XCP-ng está programada tan pronto como los parches sean validados por Cloud Temple. | +| 22/05/2025 | [XSA-469, INTEL-SA](https://xcp-ng.org/blog/2025/05/14/may-2025-security-update-for-xcp-ng-8-2-8-3/) | 4.9-6.5 | **Vulnerabilidades en XCP-NG en el microcódigo Intel y Xen (XSA-469, INTEL-SA)** [Boletín del editor](https://xcp-ng.org/blog/2025/05/14/may-2025-security-update-for-xcp-ng-8-2-8-3/) | Se han publicado parches de seguridad para XCP-ng, corrigiendo varias vulnerabilidades en el microcódigo Intel y Xen. | IaaS OpenSource | 🟡 Moderada | ✅ La actualización de sus instancias XCP-ng está programada tan pronto como los parches sean validados por Cloud Temple. No se requiere ninguna acción por su parte. | +| 21/05/2025 | [VMSA-2025-0010](https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25717) | 4.3-6.8 | **VMSA-2025-0010: Múltiples vulnerabilidades en VMware ESXi (CVE-2025-41226, CVE-2025-41227, CVE-2025-41228)** | Se han reportado varias vulnerabilidades en VMware ESXi: vulnerabilidad de denegación de servicio en operaciones de invitado (CVE-2025-41226), vulnerabilidad de denegación de servicio (CVE-2025-41227), vulnerabilidad de tipo Cross Site Scripting (XSS) (CVE-2025-41228). Los parches están disponibles del editor. | IaaS By VMware | 🟡 Moderada | ⚠️ Recomendamos actualizar sus hipervisores. Las versiones de ESXi corregidas estarán disponibles tan pronto como sean validadas por Cloud Temple. La consola le indica los ESXi que requieren actualización. | +| 21/05/2025 | [VMSA-2025-0010](https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25717) | 4.3-8.8 | **VMSA-2025-0010: Múltiples vulnerabilidades en vCenter (CVE-2025-41225, CVE-2025-41228)** | Se han reportado varias vulnerabilidades en VMware vCenter: vulnerabilidad de ejecución de comandos autenticada en VMware vCenter Server (CVE-2025-41225), vulnerabilidad de tipo Cross Site Scripting (XSS) (CVE-2025-41228). Los parches están disponibles del editor. | IaaS By VMware | 🟠 Importante | ✅ La actualización de sus instancias vCenter está programada tan pronto como los parches sean validados por Cloud Temple. No se requiere ninguna acción por su parte. La actualización se notifica en las notificaciones de la consola. | +| 14/05/2025 | [VMSA-2025-0007](https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25683) | 6.1 | **VMSA-2025-0007: Vulnerabilidad de gestión de archivos insegura en VMware Tools (CVE-2025-22247)** | Se ha reportado una vulnerabilidad de gestión de archivos insegura en VMware Tools. Los parches están disponibles del editor. | IaaS By VMware | 🟡 Moderada | ⚠️ Recomendamos actualizar VMware Tools en sus máquinas virtuales. Las versiones corregidas están incluidas en los paquetes ESXi proporcionados por Cloud Temple. | +| 25/03/2025 | [VMSA-2025-0005](https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25518) | 7.8 | **VMSA-2025-0005: Vulnerabilidad de contorno de autenticación en VMware Tools para Windows (CVE-2025-22230)** | Se ha reportado una vulnerabilidad de contorno de autenticación en VMware Tools para Windows. Los parches están disponibles del editor. | IaaS By VMware | 🟠 Importante | ⚠️ Recomendamos actualizar VMware Tools en sus máquinas virtuales. Las versiones corregidas están incluidas en los paquetes ESXi proporcionados por Cloud Temple. | +| 04/03/2025 | [VMSA-2025-0004](https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25390) | 7.1-9.3 | **VMSA-2025-0004: Múltiples vulnerabilidades en VMware ESXi (CVE-2025-22224, CVE-2025-22225, CVE-2025-22226)** | Se han reportado varias vulnerabilidades en VMware ESXi: vulnerabilidad de desbordamiento de pila en VMCI (CVE-2025-22224), evaluada como Crítica por VMware, vulnerabilidad de escritura arbitraria en VMware ESXi (CVE-2025-22225), vulnerabilidad de divulgación de información en HGFS (CVE-2025-22226). Los parches están disponibles del editor. | IaaS By VMware | 🟠 Importante | ⚠️ Recomendamos actualizar sus hipervisores. Las versiones de ESXi corregidas estarán disponibles tan pronto como sean validadas por Cloud Temple. La consola le indica los ESXi que requieren actualización. | ## Información -- **Fecha** : Fecha de publicación inicial de la alerta de seguridad Cloud Temple. +- **Fecha** : Fecha de publicación inicial de la alerta de seguridad de Cloud Temple. - **Referencia(s)** : ID CVE, según disponibilidad. -- **CVSS** : Puntuación CVSS v3 básica tal como informada por el editor o el CVE, no contextualizada. La contextualización se expresa mediante la severidad CT. Si la alerta afecta a múltiples vulnerabilidades, se indican las puntuaciones CVSS mínima y máxima. -- **Título** : Título de la alerta, con referencia del editor si está disponible. +- **CVSS** : Puntuación CVSS v3 base tal como informada por el editor o el CVE, sin contextualización. La contextualización se expresa mediante la severidad CT. Si la alerta afecta a múltiples vulnerabilidades, se indican las puntuaciones CVSS mínima y máxima. +- **Título** : Título de la alerta, con referencia al editor si está disponible. - **Descripción** : Descripción sintética, con enlace(s) a información detallada. -- **Servicio(s)** : Servicio(s) de Cloud Temple que pueden estar afectado(s). -- **Severidad** : Nivel de severidad en el contexto de los servicios Cloud Temple (para la vulnerabilidad más crítica en caso de múltiples vulnerabilidades). Los criterios de explotación se tienen en cuenta en el contexto técnico de nuestras infraestructuras y servicios Cloud. +- **Servicio(s)** : Servicio(s) de Cloud Temple que podrían verse afectados. +- **Severidad** : Nivel de severidad en el contexto de los servicios Cloud Temple (para la vulnerabilidad más crítica en caso de múltiples vulnerabilidades). Se tienen en cuenta los criterios de explotación en el contexto técnico de nuestras infraestructuras y servicios Cloud. | Nivel | Descripción | -|--------|-------------| -| 🔴 **Crítico** | Vulnerabilidad CVSS 7+ que presenta un riesgo importante de explotación (alta exposición, facilidad de explotación). Se recomienda fuertemente aplicar una corrección o mitigación lo antes posible.| -| 🟠 **Importante** | Vulnerabilidad CVSS 7+ que no presenta un riesgo importante de explotación (exposición limitada o restricciones de explotación) | -| 🟡 **Moderado** | Vulnerabilidad CVSS 4+ | -| 🔵 **Bajo** | Vulnerabilidad CVSS inferior a 4, o no explotable. | +|-------|-------------| +| 🔴 **Crítica** | Vulnerabilidad con CVSS 7+ que presenta un riesgo importante de explotación (alta exposición, facilidad de explotación). Se recomienda fuertemente aplicar una corrección o mitigación lo antes posible. | +| 🟠 **Importante** | Vulnerabilidad con CVSS 7+ que no presenta un riesgo importante de explotación (exposición limitada o restricciones para la explotación). | +| 🟡 **Moderada** | Vulnerabilidad con CVSS 4+ | +| 🔵 **Baja** | Vulnerabilidad con CVSS inferior a 4, o no explotable. | -- **Tratamiento** : Información y recomendaciones en el contexto de los servicios Cloud Temple. ⚠️ indica que se requiere una acción por parte de los usuarios para tratar la vulnerabilidad. ✅ indica que el tratamiento de la vulnerabilidad es gestionado por Cloud Temple. \ No newline at end of file +- **Tratamiento** : Información y recomendaciones en el contexto de los servicios Cloud Temple. ⚠️ indica que se requiere una acción por parte de los usuarios para tratar la vulnerabilidad. ✅ indica que el tratamiento de la vulnerabilidad está gestionado por Cloud Temple. \ No newline at end of file diff --git a/i18n/es/docusaurus-plugin-content-docs/current/llmaas/concepts.md b/i18n/es/docusaurus-plugin-content-docs/current/llmaas/concepts.md index 21bf672d..5c12a3cf 100644 --- a/i18n/es/docusaurus-plugin-content-docs/current/llmaas/concepts.md +++ b/i18n/es/docusaurus-plugin-content-docs/current/llmaas/concepts.md @@ -28,7 +28,7 @@ import ArchitectureLLMaaS from './images/llmaas_architecture_001.png'; #### 2. **Authentication Service** - **Secure API Tokens**: Automatic rotation - **Access Control**: Granular permissions per model -- **Audit Trails**: Full traceability of access +- **Audit Trails**: Full access traceability ## 🤖 Modelos y tokens @@ -56,7 +56,10 @@ Coste total = (Tokens entrada × 0,9€/M) + (Tokens salida × 4€/M) + (Tokens ### Tokenización ```python +``` + # Ejemplo de estimación de tokens +```python def estimate_tokens(text: str) -> int: """Estimación aproximada: 1 token ≈ 4 caracteres""" return len(text) // 4 @@ -126,7 +129,7 @@ This multi-layered approach enables the detection of a wide range of prompt atta ## 📈 Rendimiento y escalabilidad -### Monitoreo en Tiempo Real +### Monitoreo en tiempo real Acceso a través de **Console Cloud Temple**: - Métricas de uso por modelo @@ -181,17 +184,17 @@ response = client_ct.chat.completions.create( ## 🔄 Ciclo de Vida de los Modelos -### Actualización de modelos +### Actualización de Modelos import ModelLifecycle from './images/llmaas_lifecycle_003.png'; -Ciclo de vida de los modelos LLMaaS +Ciclo de Vida de los Modelos LLMaaS ### Política de versionado - **Modelos estables**: Versiones fijas disponibles durante 6 meses - **Modelos experimentales**: Versiones beta para usuarios tempranos -- **Depreciación**: Aviso previo de 3 meses antes de su eliminación +- **Depreciación**: Aviso previo de 3 meses antes de su retirada - **Migración**: Servicios profesionales disponibles para garantizar sus transiciones ### Planificación Proyectada del Ciclo de Vida @@ -207,75 +210,92 @@ Esta planificación se proporciona a título indicativo y se **revisa al inicio | Modelo | Editor | Fase | DMP | DSP | | :--------------------- | :------------------------ | :--------- | :--------- | :--------- | -| deepcoder:14b | Agentica x Together AI | Producción | 13/06/2025 | 30/12/2025 | +| bge-m3:567m | BAAI | Producción | 18/10/2025 | 31/12/2026 | | cogito:32b | Deep Cogito | Producción | 13/06/2025 | 30/06/2026 | -| cogito:3b | Deep Cogito | Producción | 13/06/2025 | 30/12/2025 | -| cogito:8b | Deep Cogito | Producción | 13/06/2025 | 30/12/2025 | -| deepseek-r1:14b | DeepSeek AI | Producción | 13/06/2025 | 31/12/2025 | -| deepseek-r1:32b | DeepSeek AI | Producción | 13/06/2025 | 31/12/2025 | -| deepseek-ocr | Qwen Team | Producción | 22/11/2025 | 31/12/2026 | -| gemma3:12b | Google | Producción | 13/06/2025 | 31/12/2026 | +| deepseek-ocr | DeepSeek AI | Producción | 22/11/2025 | 31/12/2026 | +| devstral-small-2:24b | Mistral AI & All Hands AI | Producción | 30/12/2025 | 30/06/2026 | +| devstral:24b | Mistral AI & All Hands AI | Producción | 13/06/2025 | 30/03/2026 | +| embeddinggemma:300m | Google | Producción | 10/09/2025 | 31/12/2026 | +| functiongemma:270m | Google | Producción | 30/12/2025 | 30/12/2026 | | gemma3:1b | Google | Producción | 13/06/2025 | 31/12/2025 | | gemma3:27b | Google | Producción | 13/06/2025 | 30/03/2026 | -| gemma3:4b | Google | Producción | 13/06/2025 | 31/12/2025 | -| gpt-oss:120b | Qwen Team | Producción | 11/11/2025 | 30/06/2026 | -| gpt-oss:20b | Qwen Team | Producción | 08/08/2025 | 30/03/2026 | -| embeddinggemma:300m | Google | Producción | 10/09/2025 | 31/12/2026 | +| glm-4.7:358b | Zhipu AI | Producción | 05/01/2026 | 30/03/2026 | +| gpt-oss:120b | OpenAI | Producción | 11/11/2025 | 30/06/2026 | +| gpt-oss:20b | OpenAI | Producción | 08/08/2025 | 30/03/2026 | | granite-embedding:278m | IBM | Producción | 13/06/2025 | 31/12/2026 | -| qwen3-embedding:0.6b | Qwen Team | Producción | 18/10/2025 | 31/12/2026 | -| granite3-guardian:2b | IBM | Producción | 13/06/2025 | 31/12/2026 | -| granite3-guardian:8b | IBM | Producción | 13/06/2025 | 31/12/2026 | +| granite3.1-moe:2b | IBM | Producción | 13/06/2025 | 31/12/2025 | | granite3.2-vision:2b | IBM | Producción | 13/06/2025 | 31/12/2026 | -| granite3.3:2b | IBM | Producción | 13/06/2025 | 31/12/2025 | -| granite3.3:8b | IBM | Producción | 13/06/2025 | 31/12/2025 | | granite4-small-h:32b | IBM | Producción | 03/10/2025 | 30/09/2026 | | granite4-tiny-h:7b | IBM | Producción | 03/10/2025 | 30/09/2026 | | llama3.3:70b | Meta | Producción | 13/06/2025 | 31/12/2026 | | magistral:24b | Mistral AI | Producción | 13/06/2025 | 30/03/2026 | -| mistral-small3.1:24b | Mistral AI | Producción | 13/06/2025 | 31/12/2025 | +| medgemma:27b | Google | Producción | 02/12/2025 | 30/06/2026 | +| ministral-3:14b | Mistral AI | Producción | 30/12/2025 | 30/06/2026 | +| ministral-3:3b | Mistral AI | Producción | 30/12/2025 | 30/06/2026 | +| ministral-3:8b | Mistral AI | Producción | 30/12/2025 | 30/06/2026 | | mistral-small3.2:24b | Mistral AI | Producción | 23/06/2025 | 30/06/2026 | -| devstral:24b | Mistral AI & All Hands AI | Producción | 13/06/2025 | 30/03/2026 | -| qwen2.5vl:32b | Qwen Team | Producción | 13/06/2025 | 31/12/2025 | -| qwen2.5vl:3b | Qwen Team | Producción | 13/06/2025 | 31/12/2025 | -| qwen2.5vl:72b | Qwen Team | Producción | 13/06/2025 | 31/12/2025 | -| qwen2.5vl:7b | Qwen Team | Producción | 13/06/2025 | 31/12/2025 | -| qwen3:0.6b | Qwen Team | Producción | 13/06/2025 | 31/12/2025 | -| qwen3:1.7b | Qwen Team | Producción | 13/06/2025 | 31/12/2025 | -| qwen3:14b | Qwen Team | Producción | 13/06/2025 | 31/12/2025 | -| qwen3:30b-a3b | Qwen Team | Producción | 13/06/2025 | 31/12/2025 | -| qwen3-2507:30b-a3b | Qwen Team | Producción | 30/08/2025 | 30/03/2026 | +| nemotron3-nano:30b | NVIDIA | Producción | 04/01/2026 | 30/06/2026 | +| olmo-3:32b | AllenAI | Producción | 30/12/2025 | 30/06/2026 | +| olmo-3:7b | AllenAI | Producción | 30/12/2025 | 30/06/2026 | +| qwen2.5:0.5b | Qwen Team | Producción | 13/06/2025 | 31/12/2025 | +| qwen3-coder:30b | Qwen Team | Producción | 02/08/2025 | 30/03/2026 | +| qwen3-2507-gptq:235b | Qwen Team | Producción | 04/01/2026 | 30/06/2026 | | qwen3-2507-think:4b | Qwen Team | Producción | 31/08/2025 | 30/03/2026 | | qwen3-2507:4b | Qwen Team | Producción | 31/08/2025 | 30/03/2026 | -| qwen3:4b | Qwen Team | Producción | 13/06/2025 | 31/12/2025 | -| qwen3:8b | Qwen Team | Producción | 13/06/2025 | 31/12/2025 | -| qwen3-coder:30b | Qwen Team | Producción | 02/08/2025 | 30/03/2026 | -| qwen3-2507:235b | Qwen Team | Producción | 02/08/2025 | 30/03/2026 | -| qwen3:32b | Qwen Team | Producción | 13/06/2025 | 31/12/2025 | -| qwq:32b | Qwen Team | Producción | 13/06/2025 | 31/12/2025 | +| qwen3:30b-a3b | Qwen Team | Producción | 30/08/2025 | 30/03/2026 | | qwen3-next:80b | Qwen Team | Producción | 04/11/2025 | 30/03/2026 | +| qwen3-omni:30b | Qwen Team | Producción | 05/01/2026 | 30/06/2026 | +| qwen3-vl:2b | Qwen Team | Producción | 30/12/2025 | 30/06/2026 | +| qwen3-vl:30b | Qwen Team | Producción | 30/12/2025 | 30/06/2026 | +| qwen3-vl:32b | Qwen Team | Producción | 30/12/2025 | 30/06/2026 | +| qwen3-vl:4b | Qwen Team | Producción | 30/12/2025 | 30/06/2026 | +| qwen3-vl:8b | Qwen Team | Producción | 05/01/2026 | 30/06/2026 | +| qwen3-vl:235b | Qwen Team | Producción | 04/01/2026 | 30/06/2026 | +| qwen3:0.6b | Qwen Team | Producción | 13/06/2025 | 31/12/2025 | +| rnj-1:8b | Essential AI | Producción | 30/12/2025 | 30/06/2026 | ### Modelos Obsoletos -El mundo de los LLM evoluciona muy rápidamente. Para garantizar a nuestros clientes el acceso a las tecnologías más potentes, eliminamos periódicamente los modelos que ya no cumplen con los estándares actuales o que no se utilizan. Los modelos enumerados a continuación ya no están disponibles en la plataforma pública. Sin embargo, pueden reactivarse para proyectos específicos, bajo solicitud. - -| Modelo | Editor | Fase | Fecha de Obsolescencia | -| :----------------------- | :-------------------- | :------- | :--------------------- | -| cogito:14b | Deep Cogito | Obsoleto | 17/10/2025 | -| deepseek-r1:671b | DeepSeek AI | Obsoleto | 17/10/2025 | -| deepseek-r1:70b | DeepSeek AI | Obsoleto | 17/10/2025 | -| foundation-sec:8b | Foundation AI — Cisco | Obsoleto | 17/10/2025 | -| granite3.1-moe:3b | IBM | Obsoleto | 17/10/2025 | -| llama3.1:8b | Meta | Obsoleto | 17/10/2025 | -| phi4-reasoning:14b | Microsoft | Obsoleto | 17/10/2025 | -| lucie-instruct:7b | OpenLLM-France | Obsoleto | 17/10/2025 | -| qwen2.5:0.5b | Qwen Team | Obsoleto | 17/10/2025 | -| qwen2.5:1.5b | Qwen Team | Obsoleto | 17/10/2025 | -| qwen2.5:14b | Qwen Team | Obsoleto | 17/10/2025 | -| qwen2.5:32b | Qwen Team | Obsoleto | 17/10/2025 | -| qwen2.5:3b | Qwen Team | Obsoleto | 17/10/2025 | -| qwen3:235b | | Obsoleto | 22/11/2025 | -| qwen3-2507-think:30b-a3b | | Obsoleto | 14/11/2025 | -| gemma3:12b | | Obsoleto | 21/11/2025 | +El mundo de los LLM evoluciona muy rápidamente. Para garantizar a nuestros clientes el acceso a las tecnologías más potentes, depreciamos periódicamente los modelos que ya no cumplen con los estándares actuales o que no se utilizan. Los modelos enumerados a continuación ya no están disponibles en la plataforma pública. Sin embargo, pueden reactivarse para proyectos específicos, bajo solicitud. + +| Modelo | Fase | Fecha de Depreciación | +| :----------------------- | :------- | :-------------------- | +| deepseek-r1:14b | Obsoleto | 30/12/2025 | +| deepseek-r1:32b | Obsoleto | 30/12/2025 | +| gemma3:1b | Obsoleto | 30/12/2025 | +| gemma3:4b | Obsoleto | 30/12/2025 | +| qwen3:0.6b | Obsoleto | 30/12/2025 | +| qwen3:1.7b | Obsoleto | 30/12/2025 | +| qwen3:14b | Obsoleto | 30/12/2025 | +| qwen3:30b-a3b | Obsoleto | 30/12/2025 | +| qwen3:4b | Obsoleto | 30/12/2025 | +| qwen3:8b | Obsoleto | 30/12/2025 | +| qwen3:32b | Obsoleto | 30/12/2025 | +| qwq:32b | Obsoleto | 30/12/2025 | +| granite3.3:2b | Obsoleto | 30/12/2025 | +| granite3.3:8b | Obsoleto | 30/12/2025 | +| mistral-small3.1:24b | Obsoleto | 30/12/2025 | +| qwen2.5vl:32b | Obsoleto | 30/12/2025 | +| qwen2.5vl:3b | Obsoleto | 30/12/2025 | +| qwen2.5vl:72b | Obsoleto | 30/12/2025 | +| qwen2.5vl:7b | Obsoleto | 30/12/2025 | +| cogito:8b | Obsoleto | 30/12/2025 | +| deepcoder:14b | Obsoleto | 30/12/2025 | +| cogito:3b | Obsoleto | 30/12/2025 | +| qwen3:235b | Obsoleto | 22/11/2025 | +| qwen3-2507-think:30b-a3b | Obsoleto | 14/11/2025 | +| gemma3:12b | Obsoleto | 21/11/2025 | +| cogito:14b | Obsoleto | 17/10/2025 | +| deepseek-r1:70b | Obsoleto | 17/10/2025 | +| granite3.1-moe:3b | Obsoleto | 17/10/2025 | +| llama3.1:8b | Obsoleto | 17/10/2025 | +| phi4-reasoning:14b | Obsoleto | 17/10/2025 | +| qwen2.5:0.5b | Obsoleto | 17/10/2025 | +| qwen2.5:1.5b | Obsoleto | 17/10/2025 | +| qwen2.5:14b | Obsoleto | 17/10/2025 | +| qwen2.5:32b | Obsoleto | 17/10/2025 | +| qwen2.5:3b | Obsoleto | 17/10/2025 | +| deepseek-r1:671b | Obsoleto | 17/10/2025 | ## 💡 Buenas Prácticas @@ -302,7 +322,7 @@ El control de costos se basa en un uso inteligente de los tokens y de los modelo 2. **Gestión del Contexto**: El historial de la conversación (`messages`) se devuelve en cada llamada, consumiendo tokens de entrada. Para conversaciones largas, considera estrategias de resumen o ventana deslizante para conservar solo la información relevante. ```python - # Para una conversación larga, se puede resumir los primeros intercambios. + # Para una conversación larga, se puede resumir el inicio de los intercambios. messages = [ {"role": "system", "content": "Eres un asistente de IA."}, {"role": "user", "content": "Resumen de los 10 primeros intercambios..."}, @@ -365,7 +385,7 @@ La seguridad de su aplicación es fundamental, especialmente cuando maneja entra ```python def sanitize_input(user_input: str) -> str: # Ejemplo simple: eliminar los delimitadores de código y limitar la longitud. - # Pueden utilizarse bibliotecas más robustas para una sanitización avanzada. + # Pueden usarse bibliotecas más robustas para una sanitización avanzada. cleaned = user_input.replace("`", "").replace("'", "").replace("\"", "") return cleaned[:2000] # Limita la longitud a 2000 caracteres ``` @@ -387,3 +407,4 @@ La seguridad de su aplicación es fundamental, especialmente cuando maneja entra # Manejar todos los demás errores (red, etc.) logger.error(f"Ha ocurrido un error inesperado: {e}") return "Lo sentimos, ha ocurrido un error inesperado." + ``` diff --git a/i18n/es/docusaurus-plugin-content-docs/current/llmaas/models.md b/i18n/es/docusaurus-plugin-content-docs/current/llmaas/models.md index 1c6eb664..6c932530 100644 --- a/i18n/es/docusaurus-plugin-content-docs/current/llmaas/models.md +++ b/i18n/es/docusaurus-plugin-content-docs/current/llmaas/models.md @@ -1,5 +1,5 @@ --- -title: Catálogo de Modelos LLMaaS +title: Catálogo de Modelos de IA sidebar_position: 2 --- @@ -7,16 +7,16 @@ sidebar_position: 2 ## Visión general -Cloud Temple LLMaaS ofrece **41 modelos de lenguaje grande** cuidadosamente seleccionados y optimizados para satisfacer los requisitos más estrictos de **SecNumCloud**. Nuestro catálogo cubre todo el espectro, desde micromodelos altamente eficientes hasta modelos extremadamente grandes. +Cloud Temple LLMaaS ofrece **42 modelos de lenguaje grande** cuidadosamente seleccionados y optimizados para satisfacer los requisitos más estrictos de **SecNumCloud**. Nuestro catálogo cubre todo el espectro, desde micromodelos altamente eficientes hasta modelos extremadamente grandes. ### Estadísticas Generales | Métrica | Valor | |--------|-------| -| **Número total de modelos** | 41 modelos | -| **Contexto mínimo** | 8 192 tokens | -| **Contexto máximo** | 262 144 tokens | -| **Conformidad** | SecNumCloud ✅ HDS ✅ Soberanía ✅ C5 ❌ | +| **Número total de modelos** | 42 modelos | +| **Contexto mínimo** | 2.048 tokens | +| **Contexto máximo** | 262.144 tokens | +| **Conformidad** | SecNumCloud ✅ HDS ✅ Soberanía ✅ C5 ✅ | | **Localización** | 100% Francia 🇫🇷 | ### Precios @@ -29,50 +29,28 @@ Cloud Temple LLMaaS ofrece **41 modelos de lenguaje grande** cuidadosamente sele ## Modelos de Gran Tamaño -### gpt-oss:120b -**OpenAI • 120B parámetros • Contexto: 120 000 tokens** - -Modelo de lenguaje de vanguardia de código abierto de OpenAI, ofreciendo un rendimiento sólido con una licencia flexible Apache 2.0. - -**Especificaciones técnicas:** -- **Velocidad**: 140 tokens/segundo -- **Consumo**: 1,69 kWh/millón de tokens -- **Licencia**: Apache 2.0 -- **Localización**: FR 🇫🇷 - -**Capacidades:** -✅ Herramientas/Agente • ❌ Visión • ✅ Razonamiento • ❌ Seguridad - -**Etiquetas:** `MoE` `Agente` `Razonamiento` `Código abierto` `Muy grande` - -**Casos de uso:** -- Agentes de conversación avanzados con razonamiento complejo e integración de herramientas. -- Aplicaciones que requieren transparencia total en el proceso de razonamiento (cadena de pensamiento). -- Escenarios comerciales que necesitan una licencia permisiva (Apache 2.0). -- Fine-tuning para tareas especializadas que requieren un modelo base potente. - -### llama3.3:70b -**Meta • 70B parameters • Context: 132,000 tokens** +### cogito:32b +**Deep Cogito • 32B parameters • Context: 32,000 tokens** -State-of-the-art multilingual model developed by Meta, designed to excel in natural dialogue, complex reasoning, and nuanced instruction understanding. +Advanced version of the Cogito model offering significantly enhanced reasoning and analytical capabilities, designed for the most demanding AI analytical applications. **Technical specifications:** -- **Speed**: 31 tokens/second -- **Energy consumption**: 8.58 kWh per million tokens -- **License**: LLAMA 3.3 Community License +- **Speed**: 20 tokens/second +- **Consumption**: 6.67 kWh/million tokens +- **License**: [LLAMA 3.2 Community License](./licences/llama_3.2_community_licence.licence.md) - **Location**: FR 🇫🇷 **Capabilities:** -✅ Tools/Agent • ❌ Vision • ❌ Reasoning • ❌ Security +✅ Tools/Agent • ❌ Vision • ✅ Reasoning • ❌ Security -**Tags:** `Agent` `Dialogue` `Multilingual` +**Tags:** `Agent` `Reasoning` `Understanding` `Analysis` **Use cases:** -- Multilingual chatbots supporting 8 languages simultaneously -- Execution of complex, chained instructions (prompt chaining) -- Processing of conversation windows up to 60K tokens for conversational history -- Analysis of large legal or technical documents (>100 pages) -- Generation of structured text with strict adherence to stylistic guidelines +- Multi-factorial scenario analysis with probabilistic evaluation of outcomes +- Scientific problem solving with formal demonstration of steps +- High-criticality applications requiring precision and verifiability of results +- Expert systems in specialized fields (legal, medical, technical) +- Multi-step reasoning analysis with full explainability of conclusions ### gemma3:27b **Google • 27B parameters • Context: 120,000 tokens** @@ -80,9 +58,9 @@ State-of-the-art multilingual model developed by Meta, designed to excel in natu Revolutionary model from Google offering an optimal balance between power and efficiency, with an exceptional performance-to-cost ratio for demanding professional applications. **Technical specifications:** -- **Speed**: 24 tokens/second -- **Energy consumption**: 5.56 kWh per million tokens -- **License**: Google Gemma Terms of Use +- **Speed**: 21 tokens/second +- **Energy consumption**: 6.35 kWh per million tokens +- **License**: [Google Gemma Terms of Use](./licences/google_gemma_terms_of_use.licence.md) - **Location**: FR 🇫🇷 **Capabilities:** @@ -97,637 +75,680 @@ Revolutionary model from Google offering an optimal balance between power and ef - Structured data extraction from PDFs and scanned documents - Integration with external tools via function calling API -### qwen3-coder:30b -**Qwen Team • 30B parameters • Context: 250,000 tokens** +### glm-4.7:358b +**Zhipu AI • 358B parameters • Context: 120,000 tokens** -MoE-optimized model designed for software engineering tasks, featuring an extremely long context. +High-performance versatile model developed by Zhipu AI, excelling in logical reasoning, multilingual understanding, and complex tasks. -**Technical Specifications:** -- **Speed**: 84 tokens/second ⚡ -- **Energy Consumption**: 3.14 kWh per million tokens -- **License**: Apache 2.0 +**Technical specifications:** +- **Speed**: 18 tokens/second +- **Consumption**: 7.41 kWh per million tokens +- **License**: [Apache 2.0](./licences/apache_2.0.licence.md) - **Location**: FR 🇫🇷 **Capabilities:** ✅ Tools/Agent • ❌ Vision • ✅ Reasoning • ❌ Security -**Tags:** `Agent` `Programming` `Large Context` `MoE` +**Tags:** `Agent` `Reasoning` `Large Context` `Multilingual` -**Use Cases:** -- Software engineering agents for exploring and modifying codebases -- Generation of complex code with repository-scale understanding -- Reasoning tasks over extended contexts -- Code improvement via reinforcement learning +**Use cases:** +- Complex reasoning tasks +- Long document analysis +- Advanced conversational assistants -### qwen3-2507:30b-a3b -**Qwen Team • 30B parameters • Context: 250,000 tokens** +### gpt-oss:120b +**OpenAI • 120B parameters • Context: 120,000 tokens** -Improved version of the non-thinking mode of Qwen3-30B, with enhanced general capabilities, broader knowledge coverage, and better user alignment. +State-of-the-art open-weight language model from OpenAI, delivering strong performance with a flexible Apache 2.0 license. -**Technical Specifications:** -- **Speed**: 118 tokens/second ⚡ -- **Energy Consumption**: 1.65 kWh per million tokens -- **License**: Apache 2.0 +**Technical specifications:** +- **Speed**: 104 tokens/second +- **Consumption**: 2.19 kWh per million tokens +- **License**: [Apache 2.0](./licenses/apache_2.0.licence.md) - **Location**: FR 🇫🇷 **Capabilities:** -✅ Tools/Agent • ❌ Vision • ❌ Reasoning • ❌ Security +✅ Tools/Agent • ❌ Vision • ✅ Reasoning • ❌ Security -**Tags:** `Agent` `Large Context` `MoE` `Multilingual` +**Tags:** `MoE` `Agent` `Reasoning` `Open-Source` `Very Large` -**Use Cases:** -- Complex tasks requiring precise instruction following and logical reasoning. -- Multilingual applications with extensive knowledge coverage. -- High-quality text generation for open-ended and subjective tasks. -- Analysis of very large documents thanks to the 250k-token context. +**Use cases:** +- Advanced conversational agents with complex reasoning and tool integration. +- Applications requiring full transparency in the reasoning process (chain-of-thought). +- Commercial scenarios needing a permissive license (Apache 2.0). +- Fine-tuning for specialized tasks requiring a powerful base model. -### qwen3:30b-a3b -**Qwen Team • 30B parameters • Context: 32,000 tokens** +### llama3.3:70b +**Meta • 70B parameters • Context: 132,000 tokens** -Latest generation of Qwen models, featuring significant improvements in training data, architecture, and optimization. +State-of-the-art multilingual model developed by Meta, designed to excel in natural dialogue, complex reasoning, and nuanced instruction understanding. -**Technical Specifications:** -- **Speed**: 118 tokens/second -- **Energy Consumption**: 1.65 kWh per million tokens -- **License**: Apache 2.0 +**Technical specifications:** +- **Speed**: 29 tokens/second +- **Consumption**: 7.85 kWh/million tokens +- **License**: [LLAMA 3.3 Community License](./licences/llama_3.3_community_licence.licence.md) - **Location**: FR 🇫🇷 **Capabilities:** -✅ Tools/Agent • ❌ Vision • ✅ Reasoning • ❌ Security +✅ Tools/Agent • ❌ Vision • ❌ Reasoning • ❌ Security -**Tags:** `Agent` `Programming` `Multilingual` `MoE` +**Tags:** `Agent` `Dialogue` `Multilingual` -**Use Cases:** -- Complex reasoning tasks and code generation. -- Multilingual applications requiring broad linguistic coverage. -- Scenarios demanding a good balance between performance and resource efficiency thanks to the MoE architecture. +**Use cases:** +- Multilingual chatbots supporting 8 languages simultaneously +- Execution of complex, chained instructions (prompt chaining) +- Processing of 60K-token dialogue windows for conversational history +- Analysis of large legal or technical documents (>100 pages) +- Generation of structured text with strict adherence to stylistic guidelines -### qwen2.5vl:32b -**Qwen Team • 32B parameters • Context: 120,000 tokens** +### ministral-3:14b +**Mistral AI • 14B parameters • Context: 250,000 tokens** -Most powerful version of the Qwen2.5-VL series, offering state-of-the-art visual understanding and agent capabilities. +The most powerful model in the Ministral family, designed for complex tasks on local infrastructure. -**Technical Specifications:** -- **Speed**: 22 tokens/second -- **Energy Consumption**: 6.06 kWh per million tokens -- **License**: Apache 2.0 +**Technical specifications:** +- **Speed**: 31 tokens/second +- **Consumption**: 4.30 kWh per million tokens +- **License**: [Apache 2.0](./licenses/apache_2.0.licence.md) - **Location**: FR 🇫🇷 **Capabilities:** -✅ Tools/Agent • ✅ Vision • ❌ Reasoning • ❌ Security +✅ Tools/Agent • ❌ Vision • ✅ Reasoning • ❌ Security -**Tags:** `Vision` `Agent` `Reasoning` `OCR` `Visual Localization` `Large` +**Tags:** `High Performance` `Edge` `Reasoning` `Code` -**Use Cases:** -- Analysis of highly complex documents and diagrams -- Autonomous visual agents for navigation and interaction with GUIs -- High-precision object localization and text recognition tasks -- Generation of rich, detailed descriptions from complex images +**Use cases:** +- Solving complex problems locally +- Coding and engineering assistants +- Deep document analysis with reasoning -### qwen2.5vl:72b -**Qwen Team • 72B parameters • Context: 128,000 tokens** +### nemotron-3-nano:30b +**NVIDIA • 30B parameters • Context: 250,000 tokens** -Most powerful version of the Qwen2.5-VL series, offering state-of-the-art visual understanding and agent capabilities for the most demanding tasks. +NVIDIA-optimized model for complex reasoning and tool utilization, deployed with an extended context. -**Technical Specifications:** -- **Speed**: 13 tokens/second -- **Energy Consumption**: 10.26 kWh per million tokens -- **License**: Apache 2.0 +**Technical specifications:** +- **Speed**: 89 tokens/second +- **Consumption**: 1.62 kWh per million tokens +- **License**: [NVIDIA Community License](./licences/nvidia_community_license.licence.md) - **Location**: FR 🇫🇷 **Capabilities:** -✅ Tools/Agent • ✅ Vision • ✅ Reasoning • ❌ Security +✅ Tools/Agent • ❌ Vision • ✅ Reasoning • ❌ Security -**Tags:** `Vision` `Agent` `Reasoning` `OCR` `Visual Localization` `Very Large` +**Tags:** `Agent` `Reasoning` `Large Context` -**Use Cases:** -- Analysis of highly complex documents and diagrams -- Autonomous visual agents for navigation and interaction with GUIs -- High-precision object localization and text recognition tasks -- Generation of rich, detailed descriptions from highly complex images +**Use cases:** +- Complex autonomous agents with multiple tool calls +- Logical reasoning and problem solving +- Long document analysis with precise extraction -### qwen3-next:80b -**Qwen Team • 80B parameters • Context: 262,144 tokens** +### olmo-3:32b +**AllenAI • 32B parameters • Context: 65,536 tokens** -Qwen's Next 80B FP8 model, optimized for large contexts and reasoning, served via vLLM (A100). +The first fully open reasoning model at this scale, competing with the best proprietary models. -**Technical Specifications:** -- **Speed**: 59 tokens/second ⚡ -- **Energy Consumption**: 3.3 kWh per million tokens -- **License**: Apache 2.0 +**Technical specifications:** +- **Speed**: 19 tokens/second +- **Energy consumption**: 7.02 kWh per million tokens +- **License**: [Apache 2.0](./licenses/apache_2.0.licence.md) - **Location**: FR 🇫🇷 **Capabilities:** -✅ Tools/Agent • ❌ Vision • ✅ Reasoning • ❌ Security +❌ Tools/Agent • ❌ Vision • ✅ Reasoning • ❌ Security -**Tags:** `Agent` `Reasoning` `Large Context` `MoE` +**Tags:** `Open-Source` `Large Context` `Reasoning` `Transparent` `Code` `High Performance` -**Use Cases:** -- Advanced conversational agents with tool integration -- Analysis of very large documents (up to 260k tokens) -- Code generation and complex tasks requiring structured reasoning +**Use cases:** +- Complex reasoning and multi-step problem solving +- Advanced software development and code generation +- In-depth analysis requiring transparency in decision-making processes -## Modelos especializados +### olmo-3:7b +**AllenAI • 7B parameters • Context: 65,536 tokens** -### embeddinggemma:300m -**Google • 300M parameters • Context: 2,048 tokens** - -State-of-the-art embedding model from Google, optimized for its size, ideal for search and semantic retrieval tasks. +Reference "Fully Open" model, offering complete transparency (data, code, weights) and remarkable efficiency. **Technical specifications:** -- **License**: Google Gemma Terms of Use -- **Localization**: FR 🇫🇷 +- **Speed**: 37 tokens/second +- **Consumption**: 1.65 kWh per million tokens +- **License**: [Apache 2.0](./licenses/apache_2.0.licence.md) +- **Location**: FR 🇫🇷 **Capabilities:** ❌ Tools/Agent • ❌ Vision • ❌ Reasoning • ❌ Security -**Tags:** `Embedding` `Compact` `Semantic` `Efficient` `Multilingual` +**Tags:** `Open-Source` `Large Context` `Transparent` `Efficient` `Maths` `Code` **Use cases:** -- Information search and retrieval (Retrieval) -- Document classification and clustering -- Semantic similarity search -- Deployment on resource-constrained devices (mobile, laptop) +- Academic and scientific research requiring full reproducibility +- Programming tasks and mathematical problem solving +- Analysis of medium-sized documents with full traceability -### gpt-oss:20b -**OpenAI • 20B parameters • Context: 120,000 tokens** +### qwen3-2507:235b +**Qwen Team • 235B parameters • Context: 130,000 tokens** -Open-weight language model from OpenAI, optimized for efficiency and deployment on consumer-grade hardware. +Massive MoE model with 235 billion parameters, activating only 22 billion at a time, delivering state-of-the-art performance. **Technical specifications:** -- **Speed**: 85 tokens/second ⚡ -- **Energy consumption**: 1.57 kWh per million tokens -- **License**: Apache 2.0 +- **Speed**: 58 tokens/second +- **Energy consumption**: 3.93 kWh per million tokens +- **License**: [Apache 2.0](./licenses/apache_2.0.licence.md) - **Location**: FR 🇫🇷 **Capabilities:** ✅ Tools/Agent • ❌ Vision • ✅ Reasoning • ❌ Security -**Tags:** `MoE` `Agent` `Reasoning` `Open-Source` `Compact` `Fast` +**Tags:** `MoE` `Agent` `Reasoning` `Very Large` **Use cases:** -- Deployments on resource-constrained devices (edge devices) or low-cost servers. -- Applications requiring fast inference with strong reasoning capabilities. -- Agent-based use cases involving function calls, web navigation, and code execution. -- Fine-tuning for specialized tasks on consumer-grade hardware. +- Solving complex mathematical and logical problems +- Tasks requiring extensive knowledge base +- Advanced coding assistant +- In-depth document analysis -### qwen3:14b -**Qwen Team • 14B parámetros • Contexto: 32.000 tokens** +### qwen3-2507:30b-a3b +**Qwen Team • 30B parameters • Context: 250,000 tokens** -Modelo denso de nueva generación Qwen3 (14B), que ofrece un rendimiento equivalente al Qwen2.5 32B con una mejor eficiencia. +Improved version of the non-thinking mode of Qwen3-30B, featuring enhanced general capabilities, broader knowledge coverage, and better user alignment. -**Especificaciones técnicas:** -- **Velocidad**: 44 tokens/segundo ⚡ -- **Consumo**: 3,03 kWh/millón de tokens -- **Licencia**: Apache 2.0 -- **Localización**: FR 🇫🇷 +**Technical specifications:** +- **Speed**: 104 tokens/second +- **Energy consumption**: 1.39 kWh per million tokens +- **License**: [Apache 2.0](./licences/apache_2.0.licence.md) +- **Location**: FR 🇫🇷 -**Capacidades:** -✅ Herramientas/Agente • ❌ Visión • ✅ Razonamiento • ❌ Seguridad +**Capabilities:** +✅ Tools/Agent • ❌ Vision • ❌ Reasoning • ❌ Security -**Etiquetas:** `Agente` `Razonamiento` `Rápido` `Multilingüe` +**Tags:** `Agent` `Large Context` `MoE` `Multilingual` -**Casos de uso:** -- Tareas generales que requieren alto rendimiento y gran contexto -- Generación de contenido creativo y técnico -- Análisis de datos y razonamiento complejo -- Integración con herramientas externas mediante llamadas a funciones +**Use cases:** +- Complex tasks requiring precise instruction following and logical reasoning. +- Multilingual applications with extensive knowledge coverage. +- High-quality text generation for open-ended and subjective tasks. +- Analysis of very large documents thanks to the 250k-token context. -### gemma3:4b -**Google • 4B parámetros • Contexto: 120 000 tokens** +### qwen3-coder:30b +**Qwen Team • 30B parameters • Context: 250,000 tokens** -Modelo compacto de Google que ofrece un excelente rendimiento en un formato ligero y económico. +MoE-optimized model for software engineering tasks, with very long context. -**Especificaciones técnicas:** -- **Velocidad**: 60 tokens/segundo ⚡ -- **Consumo**: 0,55 kWh/millón de tokens 🌱 -- **Licencia**: Términos de uso de Google Gemma -- **Localización**: FR 🇫🇷 +**Technical specifications:** +- **Speed**: 104 tokens/second +- **Consumption**: 1.39 kWh per million tokens +- **License**: [Apache 2.0](./licenses/apache_2.0.licence.md) +- **Location**: FR 🇫🇷 -**Capacidades:** -❌ Herramientas/Agente • ✅ Visión • ❌ Razonamiento • ❌ Seguridad +**Capabilities:** +✅ Tools/Agent • ❌ Vision • ✅ Reasoning • ❌ Security -**Etiquetas:** `Visión` `Rápido` `Compacto` `Gran contexto` `Eficiente` +**Tags:** `Agent` `Programming` `Large Context` `MoE` -**Casos de uso:** -- Aplicaciones embebidas y edge computing con procesamiento de imágenes -- Chatbots multimodales reactivos que requieren baja latencia -- Despliegues a gran escala con capacidades visuales y de texto -- Aplicaciones móviles con análisis de imágenes y texto -- Procesamiento de consultas visuales de complejidad baja a media con alta performance +**Use cases:** +- Software engineering agents for exploring and modifying codebases +- Generation of complex code with repository-scale understanding +- Reasoning tasks over extended contexts +- Code improvement via reinforcement learning -### gemma3:1b -**Google • 1B parámetros • Contexto: 32.000 tokens** +### qwen3-next:80b +**Qwen Team • 80B parameters • Context: 262,144 tokens** -Pequeño modelo ultraligero diseñado para despliegues en dispositivos con recursos muy limitados. +Next 80B model from Qwen, optimized for large contexts and reasoning, served via vLLM (A100). -**Especificaciones técnicas:** -- **Velocidad**: 115 tokens/segundo ⚡ -- **Consumo**: 0,15 kWh/millón de tokens 🌱 -- **Licencia**: Términos de uso de Google Gemma -- **Localización**: FR 🇫🇷 +**Technical specifications:** +- **Speed**: 148 tokens/second +- **Consumption**: 1.54 kWh per million tokens +- **License**: [Apache 2.0](./licences/apache_2.0.licence.md) +- **Location**: FR 🇫🇷 -**Capacidades:** -❌ Herramientas/Agente • ❌ Visión • ❌ Razonamiento • ❌ Seguridad +**Capabilities:** +✅ Tools/Agent • ❌ Vision • ✅ Reasoning • ❌ Security -**Etiquetas:** `Ultra-compacto` `Embebido` `Eficiente` `Rápido` +**Tags:** `Agent` `Reasoning` `Large Context` `MoE` -**Casos de uso:** -- Despliegue en dispositivos IoT y sistemas embebidos con integración API -- Aplicaciones que requieren inferencia local en CPU con llamadas a funciones -- Tareas textuales básicas con respuesta instantánea y llamadas a funciones -- Asistentes compactos para aplicaciones de uso general con integración de servicios externos -- Sistemas de control inteligente que integran múltiples APIs/servicios +**Use cases:** +- Advanced conversational agents with tool integration +- Analysis of very large documents (up to 260k tokens) +- Code generation and complex tasks requiring structured reasoning -### mistral-small3.1:24b -**Mistral AI • 24B parameters • Context: 120,000 tokens** +### qwen3-omni:30b +**Qwen Team • 30B parameters • Context: 32,768 tokens** -Compact and responsive model from Mistral AI, specifically designed to deliver smooth and relevant conversational assistance with optimal response speed. +Qwen3-Omni 30B is a native multimodal model capable of understanding text, images, video, and audio within a single stream. **Technical specifications:** -- **Speed**: 34 tokens/second -- **Energy consumption**: 3.83 kWh per million tokens -- **License**: Apache 2.0 +- **Speed**: 86 tokens/second +- **Consumption**: 2.65 kWh/million tokens +- **License**: [Apache 2.0](./licences/apache_2.0.licence.md) - **Location**: FR 🇫🇷 **Capabilities:** -✅ Tools/Agent • ✅ Vision • ❌ Reasoning • ✅ Security +✅ Tools/Agent • ✅ Vision • ✅ Reasoning • ❌ Security -**Tags:** `Vision` `Agent` `Security` +**Tags:** `Omni` `Audio` `Vision` `Agent` `Multimodal` `BF16` **Use cases:** -- Conversational applications -- Virtual assistants combining image and text analysis (26 tokens/s) -- Technical support chatbots with access to technical documentation -- Content creation/editing tools with instant responses (blogs, emails) -- Deployment on standard infrastructure (24B parameters) +- Fluid multimodal interactions (speaks, sees, listens) +- Combined video and audio analysis +- Next-generation intelligent assistants -### mistral-small3.2:24b -**Mistral AI • 24B parameters • Context: 128,000 tokens** +### qwen3-vl:235b +**Qwen Team • 235B parameters • Context: 200,000 tokens** -Minor update to Mistral Small 3.1, improving instruction following, function calling robustness, and reducing repetition errors. +The most powerful multimodal model in the catalog, combining state-of-the-art visual understanding with exceptional reasoning capabilities. **Technical specifications:** -- **Speed**: 56 tokens/second -- **Energy consumption**: 2.33 kWh per million tokens -- **License**: Apache 2.0 +- **Speed**: 31 tokens/second +- **Consumption**: 7.35 kWh/million tokens +- **License**: [Apache 2.0](./licences/apache_2.0.licence.md) - **Location**: FR 🇫🇷 **Capabilities:** -✅ Tools/Agent • ✅ Vision • ❌ Reasoning • ✅ Security +✅ Tools/Agent • ✅ Vision • ✅ Reasoning • ❌ Security -**Tags:** `Vision` `Agent` `Security` `Instruction Following` +**Tags:** `Agent` `Reasoning` `Large Context` `NVFP4` `Blackwell` `Vision` **Use cases:** -- Conversational agents with enhanced instruction following -- Robust integration with external tools via function calling -- Applications requiring high reliability to avoid repetitions -- Use cases identical to Mistral Small 3.1, with improved performance +- Automation of complex document workflows (multilingual OCR, structured extraction) +- Intelligent visual agents for software interaction and GUI automation +- Advanced scientific and technical analysis (STEM, 3D spatial reasoning) +- Multimodal RAG on large documents (>200k tokens) and videos -### deepcoder:14b -**Agentica x Together AI • 14B parameters • Context: 32,000 tokens** +### qwen3-vl:30b +**Qwen Team • 30B parameters • Context: 250,000 tokens** -Open-source AI model (14B) by Together AI & Agentica, a credible alternative to proprietary models for code generation. +State-of-the-art multimodal model (Qwen3-VL) offering exceptional visual understanding and precise temporal reasoning. **Technical specifications:** -- **Speed**: 9 tokens/second ⚡ -- **Energy consumption**: 3.72 kWh per million tokens -- **License**: Apache 2.0 -- **Location**: FR 🇫🇷 +- **Speed** : 43 tokens/second +- **Consumption** : 3.10 kWh per million tokens +- **License** : [Apache 2.0](./licences/apache_2.0.licence.md) +- **Location** : FR 🇫🇷 **Capabilities:** -❌ Tools/Agent • ❌ Vision • ✅ Reasoning • ❌ Security +✅ Tools/Agent • ✅ Vision • ❌ Reasoning • ❌ Security -**Tags:** `Programming` `Reasoning` `Open-Source` `Mathematics` `Fast` +**Tags:** `Vision` `Agent` `Large Context` `Multimodal` `Video` `OCR` **Use cases:** -- Code generation in over 15 languages with performance optimization -- Debugging and refactoring of existing codebases with impact analysis -- Implementation of complex algorithms (graphs, trees, heuristics) -- Automated generation of unit tests with code coverage > 80% -- Code translation between languages/frameworks (e.g., Python to JavaScript) +- Deep analysis of long videos and intelligent surveillance +- Extraction of complex structured data (documents, tables, charts) +- Advanced visual assistants with spatial understanding +- Multimodal reasoning over sequences of events -### granite3.2-vision:2b -**IBM • 2B parameters • Context: 16,384 tokens** +### qwen3-vl:32b +**Qwen Team • 32B parameters • Context: 250,000 tokens** -Revolutionary compact model from IBM specialized in computer vision, capable of directly analyzing and understanding visual documents without relying on intermediate OCR technologies. +High-performance variant of Qwen3-VL, optimized for the most demanding vision tasks. **Technical specifications:** -- **Speed**: 88 tokens/second -- **Energy consumption**: 0.38 kWh per million tokens 🌱 -- **License**: Apache 2.0 +- **Speed**: 17 tokens/second +- **Consumption**: 7.84 kWh/million tokens +- **License**: [Apache 2.0](./licences/apache_2.0.licence.md) - **Location**: FR 🇫🇷 **Capabilities:** -✅ Tools/Agent • ✅ Vision • ❌ Reasoning • ✅ Security +✅ Tools/Agent • ✅ Vision • ❌ Reasoning • ❌ Security -**Tags:** `Vision` `Security` `Compact` `Efficient` +**Tags:** `Vision` `Agent` `Large Context` `Multimodal` `Video` `OCR` **Use cases:** -- Extraction of structured data from invoices and forms without OCR -- Direct analysis of tables and charts with trend interpretation -- Reading and interpreting technical diagrams (electrical, mechanical) -- Processing handwritten documents with high recognition accuracy -- Lightweight computer vision (2B parameters) with high speed (50 tokens/s) +- Scientific and technical analysis of high-resolution images +- Automation of complex visual processes +- Detailed understanding of dynamic scenes -### granite3.3:8b -**IBM • 8B parámetros • Contexto: 60.000 tokens** +### qwen3:14b +**Qwen Team • 14B parameters • Context: 131,072 tokens** -Modelo Granite 8B ajustado mediante fine-tuning por IBM para un razonamiento y seguimiento de instrucciones mejorados, con un contexto de 128k tokens. +Balanced Qwen3 14B model, delivering strong general performance with good inference speed. -**Especificaciones técnicas:** -- **Velocidad**: 39 tokens/segundo -- **Consumo**: 0,85 kWh/millón de tokens 🌱 -- **Licencia**: Apache 2.0 -- **Localización**: FR 🇫🇷 +**Technical specifications:** +- **Speed**: 68.2 tokens/second +- **Consumption**: 0.90 kWh per million tokens +- **License**: [Apache 2.0](./licenses/apache_2.0.licence.md) +- **Location**: FR 🇫🇷 -**Capacidades:** -✅ Herramientas/Agente • ❌ Visión • ✅ Razonamiento • ✅ Seguridad +**Capabilities:** +✅ Tools/Agent • ❌ Vision • ❌ Reasoning • ❌ Security -**Etiquetas:** `Agente` `Razonamiento` `Seguridad` `Eficiente` +**Tags:** `Agent` `Versatile` `Multilingual` -**Casos de uso:** -- Tareas generales de seguimiento de instrucciones (clasificación, extracción, preguntas y respuestas) -- Asistentes de IA multilingües (12 idiomas) -- Procesamiento de documentos muy largos (128k tokens) para tareas de resúmenes, preguntas y respuestas, etc. -- Generación/completado de código con Fill-in-the-Middle -- Integración con herramientas externas mediante function calling -- Razonamiento estructurado con el modo "Thinking" +**Use cases:** +- High-performance virtual assistants +- High-quality content generation +- Classification and extraction tasks -### granite3.3:2b -**IBM • 2B parámetros • Contexto: 120 000 tokens** +## Modelos especializados -Modelo Granite 2B finetuneado por IBM, optimizado para razonamiento y seguimiento de instrucciones, con un contexto de 128k tokens. +### bge-m3:567m +**BAAI • 567M parameters • Context: 8,192 tokens** -**Especificaciones técnicas:** -- **Velocidad**: 88 tokens/segundo -- **Consumo**: 0.38 kWh/millón de tokens 🌱 -- **Licencia**: Apache 2.0 -- **Localización**: FR 🇫🇷 +State-of-the-art multilingual embedding model (BGE-M3), offering exceptional semantic search capabilities across more than 100 languages. -**Capacidades:** -✅ Herramientas/Agente • ❌ Visión • ✅ Razonamiento • ✅ Seguridad +**Technical specifications:** +- **Speed**: 171 tokens/second +- **Energy consumption**: 0.36 kWh per million tokens +- **License**: [MIT](./licences/mit.licence.md) +- **Location**: FR 🇫🇷 -**Etiquetas:** `Agente` `Razonamiento` `Seguridad` `Eficiente` +**Capabilities:** +❌ Tools/Agent • ❌ Vision • ❌ Reasoning • ❌ Security -**Casos de uso:** -- Despliegues ligeros con gran contexto (128k tokens) -- Tareas generales de seguimiento de instrucciones en recursos limitados -- Asistentes de IA multilingües compactos -- Procesamiento de documentos largos en dispositivos menos potentes -- Generación/completado de código FIM en estaciones de trabajo estándar +**Tags:** `Embedding` `Multilingual` `Efficient` -### magistral:24b -**Mistral AI • 24B parameters • Context: 40,000 tokens** +**Use cases:** +- Multilingual semantic search +- Retrieval-Augmented Generation (RAG) +- Document clustering and classification -Mistral AI's first reasoning model, excelling in domain-specific reasoning, transparent and multilingual. +### deepseek-ocr +**DeepSeek AI • 3B parameters • Context: 8,192 tokens** + +Specialized OCR model from DeepSeek, designed for high-precision text extraction with formatting preservation. **Technical specifications:** -- **Speed**: 29 tokens/second -- **Energy consumption**: 4.59 kWh per million tokens -- **License**: Apache 2.0 +- **Speed**: 79 tokens/second +- **Consumption**: 1.01 kWh/million tokens +- **License**: [MIT License](./licences/mit_licence.licence.md) - **Location**: FR 🇫🇷 **Capabilities:** -❌ Tools/Agent • ❌ Vision • ✅ Reasoning • ✅ Security +❌ Tools/Agent • ✅ Vision • ❌ Reasoning • ❌ Security -**Tags:** `Reasoning` `Multilingual` +**Tags:** `Vision` `OCR` `Efficient` **Use cases:** -- Business strategy and operations (risk modeling) -- Regulated industries (legal, finance) with traceable reasoning -- Software engineering (project planning, architecture) -- Content creation and communication (creative writing, storytelling) +- Extraction of structured text (Markdown/LaTeX) from images/PDFs +- Document digitization with complex tables and formulas -### cogito:32b -**Deep Cogito • 32B parameters • Context: 32,000 tokens** +### devstral-small-2:24b +**Mistral AI & All Hands AI • 24B parameters • Context: 380,000 tokens** -Advanced version of the Cogito model, offering significantly enhanced reasoning and analytical capabilities, designed for the most demanding AI analytical applications. +Second iteration of Devstral (Small 2), state-of-the-art agent model for software engineering, deployed on Mac Studio with massive context. **Technical specifications:** -- **Speed**: 37 tokens/second -- **Energy consumption**: 7.13 kWh per million tokens -- **License**: LLAMA 3.2 Community License +- **Speed**: 23 tokens/second +- **Consumption**: 5.80 kWh per million tokens +- **License**: [Apache 2.0](./licences/apache_2.0.licence.md) - **Location**: FR 🇫🇷 **Capabilities:** -✅ Tools/Agent • ❌ Vision • ✅ Reasoning • ❌ Security +✅ Tools/Agent • ✅ Vision • ❌ Reasoning • ✅ Security -**Tags:** `Agent` `Reasoning` `Understanding` `Analysis` +**Tags:** `Agent` `Programming` `Vision` `Open-Source` `Very Large Context` **Use cases:** -- Multi-factorial scenario analysis with probabilistic evaluation of outcomes -- Scientific problem solving with formal demonstration of steps -- High-criticality applications requiring precision and verifiability of results -- Expert systems in specialized domains (legal, medical, technical) -- Multi-step reasoning analysis with full explainability of conclusions +- Autonomous coding agents on very large codebases +- Modernization of legacy systems +- Fixing complex bugs requiring a holistic view of the project -### qwen3:32b -**Qwen Team • 32B parameters • Context: 40,000 tokens** +### devstral:24b +**Mistral AI & All Hands AI • 24B parameters • Context: 120,000 tokens** -Advanced next-generation Qwen3 model, offering enhanced capabilities in reasoning, coding, and agent-based tasks, with an extended context window. +Devstral 24b is an agent-based LLM specialized in software engineering, co-developed by Mistral AI and All Hands AI. -**Technical Specifications:** -- **Speed**: 21 tokens/second -- **Energy Consumption**: 6.35 kWh per million tokens -- **License**: Apache 2.0 +**Technical specifications:** +- **Speed**: 44 tokens/second +- **Consumption**: 3.28 kWh per million tokens +- **License**: [Apache 2.0](./licences/apache_2.0.licence.md) - **Location**: FR 🇫🇷 **Capabilities:** -✅ Tools/Agent • ❌ Vision • ✅ Reasoning • ❌ Security +✅ Tools/Agent • ❌ Vision • ❌ Reasoning • ✅ Security -**Tags:** `Agent` `Reasoning` `Multilingual` `Large Context` +**Tags:** `Agent` `Programming` `Open-Source` `Large Context` `FP8` -**Use Cases:** -- Advanced conversational agents with large context and tool integration (MCP) -- Solving complex problems (math, code) using "Thinking" mode -- Analysis and generation of large-volume documents -- Multilingual applications (>100 languages) requiring deep understanding +**Use cases:** +- Codebase exploration and modification +- Autonomous software engineering agents +- Complex code refactoring and generation -### qwq:32b -**Qwen Team • 32B parameters • Context: 32,000 tokens** +### embeddinggemma:300m +**Google • 300M parameters • Context: 2,048 tokens** -32-billion-parameter model enhanced via reinforcement learning (RL) to excel in reasoning, coding, mathematics, and agent tasks. +State-of-the-art embedding model from Google, optimized for its size, ideal for search and semantic retrieval tasks. **Technical specifications:** -- **Speed**: 11 tokens/second -- **Energy consumption**: 23.99 kWh per million tokens -- **License**: Apache 2.0 -- **Location**: FR 🇫🇷 +- **Speed** : 175 tokens/second +- **Consumption** : 0.35 kWh per million tokens +- **License** : [Google Gemma Terms of Use](./licences/google_gemma_terms_of_use.licence.md) +- **Location** : FR 🇫🇷 **Capabilities:** -✅ Tools/Agent • ❌ Vision • ✅ Reasoning • ❌ Security +❌ Tools/Agent • ❌ Vision • ❌ Reasoning • ❌ Security -**Tags:** `Agent` `Reasoning` `Coding` `Mathematics` +**Tags:** `Embedding` `Compact` `Semantic` `Efficient` `Multilingual` **Use cases:** -- Solving complex problems requiring reasoning and tool utilization -- Code generation and execution with result verification -- Advanced mathematical tasks with accuracy validation -- Agent applications capable of interacting with the environment -- Enhanced instruction following and alignment with human preferences +- Information search and retrieval (Retrieval) +- Document classification and clustering +- Semantic similarity search +- Deployment on resource-constrained devices (mobile, laptop) + +### gemma3:1b +**Google • 1B parameters • Context: 120,000 tokens** + +Micro-model Gemma 3, ultra-fast and efficient. + +**Technical specifications:** +- **Speed** : 53 tokens/second +- **Consumption** : 1.15 kWh/million tokens +- **License** : [Google Gemma Terms of Use](./licences/google_gemma_terms_of_use.licence.md) +- **Location** : FR 🇫🇷 -### deepseek-r1:14b -**DeepSeek AI • 14B parámetros • Contexto: 32 000 tokens** +**Capabilities:** +❌ Tools/Agent • ❌ Vision • ❌ Reasoning • ❌ Security -Versión compacta y eficiente del modelo DeepSeek-R1, que ofrece un excelente equilibrio entre rendimiento y ligereza para despliegues que requieren flexibilidad y reactividad. +**Tags:** `Compact` `Efficient` `Edge` + +**Use cases:** +- Fast text classification +- Simple chatbots +- Rapid prototyping + +### gemma3:4b +**Google • 4B parámetros • Contexto: 120.000 tokens** + +Modelo compacto Gemma 3 de 4B, que ofrece un excelente ratio rendimiento/tamaño. **Especificaciones técnicas:** -- **Velocidad**: 23 tokens/segundo ⚡ -- **Consumo**: 1,45 kWh/millón de tokens -- **Licencia**: MIT +- **Velocidad**: 48,0 tokens por segundo +- **Consumo**: 1,27 kWh por millón de tokens +- **Licencia**: [Términos de uso de Google Gemma](./licences/google_gemma_terms_of_use.licence.md) - **Localización**: FR 🇫🇷 **Capacidades:** -❌ Herramientas/Agente • ❌ Visión • ✅ Razonamiento • ❌ Seguridad +❌ Herramientas/Agente • ❌ Visión • ❌ Razonamiento • ❌ Seguridad -**Etiquetas:** `Razonamiento` `Compacto` `Polivalente` `Rápido` +**Etiquetas:** `Compacto` `Eficiente` `Edge` **Casos de uso:** -- Aplicaciones generales con necesidades de inferencia rápida (44 tokens/s) -- Despliegues en servidores estándar sin GPU especializada (14B parámetros) -- Procesamiento de texto con análisis contextual y respuestas rápidas -- Despliegue en computación de borde con inferencia local optimizada -- Prototipado rápido de aplicaciones de IA con tiempos de iteración cortos +- Asistentes personales en portátiles +- Resumen de texto +- Traducción ligera -### deepseek-r1:32b -**DeepSeek AI • 32B parameters • Context: 32,000 tokens** +### gpt-oss:20b +**OpenAI • 20B parameters • Context: 120,000 tokens** -Intermediate version of the DeepSeek-R1 model, offering a strategic balance between the advanced capabilities of the 70B version and the efficiency of the 14B version, for optimal versatility and performance. +Open-source language model from OpenAI, optimized for efficiency and deployment on consumer-grade hardware. **Technical specifications:** -- **Speed**: 20 tokens/second -- **Energy consumption**: 13.18 kWh per million tokens -- **License**: MIT license +- **Speed**: 9 tokens/second +- **Energy consumption**: 14.81 kWh per million tokens +- **License**: [Apache 2.0](./licenses/apache_2.0.licence.md) - **Location**: FR 🇫🇷 **Capabilities:** -❌ Tools/Agent • ❌ Vision • ✅ Reasoning • ❌ Security +✅ Tools/Agent • ❌ Vision • ✅ Reasoning • ❌ Security -**Tags:** `Reasoning` `Versatile` +**Tags:** `MoE` `Agent` `Reasoning` `Open-Source` `Compact` `Fast` **Use cases:** -- Applications requiring a good balance of power and cost (32B parameters) -- Professional text processing with semantic nuance analysis -- Automated generation of structured reports from raw data -- Applications combining data analysis and content generation -- Specialized assistants for technical fields (legal, medical, technical) +- Deployments on resource-constrained devices (edge devices) or low-cost servers. +- Applications requiring fast inference with strong reasoning capabilities. +- Agent-based use cases involving function calls, web navigation, and code execution. +- Fine-tuning for specialized tasks on consumer hardware. -### cogito:3b -**Deep Cogito • 3B parameters • Context: 32,000 tokens** +### granite-embedding:278m +**IBM • 278 millones de parámetros • Contexto: 8.192 tokens** -Versión compacta del modelo Cogito, optimizada para el razonamiento en dispositivos con recursos limitados. +Modelo de embeddings ultra-compacto de IBM Granite, diseñado para una eficiencia máxima. **Especificaciones técnicas:** -- **Velocidad** : 78 tokens/segundo ⚡ -- **Consumo** : 0.43 kWh/millón de tokens 🌱 -- **Licencia** : Licencia Comunitaria LLAMA 3.2 -- **Localización** : FR 🇫🇷 +- **Velocidad**: 196,3 tokens por segundo +- **Consumo**: 0,31 kWh por millón de tokens +- **Licencia**: [Apache 2.0](./licences/apache_2.0.licence.md) +- **Localización**: FR 🇫🇷 **Capacidades:** -✅ Herramientas/Agente • ❌ Visión • ✅ Razonamiento • ❌ Seguridad +❌ Herramientas/Agente • ❌ Visión • ❌ Razonamiento • ❌ Seguridad -**Etiquetas:** `Razonamiento` `Compacto` `Embebido` `Eficiente` `Rápido` +**Etiquetas:** `Embedding` `Compacto` `Eficiente` -### granite-embedding:278m -**IBM • 278M parameters • Context: 512 tokens** +**Casos de uso:** +- Búsqueda semántica +- Agrupamiento de documentos -Ultra-lightweight embedding model from IBM for semantic search and classification. +### granite4-small-h:32b +**IBM • 32B (9B activos) parámetros • Contexto: 128,000 tokens** -**Technical specifications:** -- **License**: Apache 2.0 -- **Localization**: FR 🇫🇷 +Modelo MoE (Mixture-of-Experts) de IBM, diseñado como un "caballo de batalla" para tareas diarias empresariales, con una excelente eficiencia en contextos largos. -**Capabilities:** -❌ Tools/Agent • ❌ Vision • ❌ Reasoning • ❌ Security +**Especificaciones técnicas:** +- **Velocidad**: 33 tokens por segundo +- **Consumo**: 4,04 kWh por millón de tokens +- **Licencia**: [Apache 2.0](./licences/apache_2.0.licence.md) +- **Localización**: FR 🇫🇷 + +**Capacidades:** +✅ Herramientas/Agente • ❌ Visión • ✅ Razonamiento • ✅ Seguridad + +**Etiquetas:** `Agente` `Razonamiento` `Seguridad` `MoE` `Gran contexto` `Eficiente` + +**Casos de uso:** +- Agentes conversacionales para soporte al cliente con acceso a bases de conocimientos extensas. +- Automatización de flujos de trabajo empresariales que requieren el uso de múltiples herramientas. +- Análisis de documentos largos con un consumo de recursos optimizado. +- Despliegues en infraestructuras de tamaño medio gracias a su eficiencia. + +### granite4-tiny-h:7b +**IBM • 7B (1B activos) parámetros • Contexto: 128.000 tokens** + +Modelo híbrido MoE ultraeficiente de IBM, diseñado para baja latencia, aplicaciones "edge" y locales, y como bloque base para flujos de trabajo de agentes. + +**Especificaciones técnicas:** +- **Velocidad**: 58 tokens por segundo +- **Consumo**: 1,05 kWh por millón de tokens +- **Licencia**: [Apache 2.0](./licences/apache_2.0.licence.md) +- **Localización**: FR 🇫🇷 + +**Capacidades:** +✅ Herramientas/Agente • ❌ Visión • ✅ Razonamiento • ✅ Seguridad -**Tags:** `Embedding` `Compact` `Semantic` `Efficient` +**Etiquetas:** `Agente` `Razonamiento` `Seguridad` `MoE` `Gran contexto` `Eficiente` `Rápido` `Compacto` + +**Casos de uso:** +- Aplicaciones embebidas y "edge" que requieren baja latencia. +- Tareas rápidas dentro de flujos de trabajo de agentes más amplios (por ejemplo: llamadas a funciones). +- Análisis de documentos en hardware de consumo general. +- Despliegues que requieren una huella de memoria mínima. -### granite3-guardian:2b -**IBM • 2B parameters • Context: 8,192 tokens** +### medgemma:27b +**Google • 27B parameters • Context: 128,000 tokens** -Compact model from IBM specialized in security and compliance, detecting risks and inappropriate content. +MedGemma is one of Google's most advanced open models for understanding medical text and images, based on Gemma 3. **Technical specifications:** -- **License**: Apache 2.0 +- **Speed**: 22 tokens/second +- **Energy consumption**: 6.56 kWh per million tokens +- **License**: [Google Gemma Terms of Use](./licences/google_gemma_terms_of_use.licence.md) - **Location**: FR 🇫🇷 **Capabilities:** -❌ Tools/Agent • ❌ Vision • ❌ Reasoning • ✅ Security +✅ Tools/Agent • ✅ Vision • ❌ Reasoning • ❌ Security -**Tags:** `Security` `Compliance` `Compact` `Filtering` `Efficient` +**Tags:** `Medical` `Vision` `Specialized` `Large Context` -### granite3-guardian:8b -**IBM • 8B parameters • Context: 32,000 tokens** +**Use cases:** +- Medical image interpretation (Report generation and VQA) +- Medical text understanding and clinical reasoning (Decision support) +- Patient interaction (Interviews and medical triage) +- Medical record synthesis and literature search + +### ministral-3:3b +**Mistral AI • 3B parameters • Context: 250,000 tokens** -IBM's specialized model for security and compliance, offering advanced risk detection capabilities. +Cutting-edge compact model from Mistral AI, designed for efficiency in local and edge deployments. **Technical specifications:** -- **License**: Apache 2.0 +- **Speed**: 50 tokens/second +- **Consumption**: 1.22 kWh per million tokens +- **License**: [Apache 2.0](./licences/apache_2.0.licence.md) - **Location**: FR 🇫🇷 **Capabilities:** -❌ Tools/Agent • ❌ Vision • ❌ Reasoning • ✅ Security +✅ Tools/Agent • ❌ Vision • ❌ Reasoning • ❌ Security -**Tags:** `Security` `Compliance` `Filtering` +**Tags:** `Compact` `Efficient` `Edge` -### qwen3:0.6b -**Equipo Qwen • 0.6B parámetros • Contexto: 32 000 tokens** +**Use cases:** +- Local inference on mobile devices or edge devices +- Responsive personal assistants +- Fast routing and classification tasks -Modelo compacto y eficiente de la familia Qwen3, adecuado para tareas generales en recursos limitados. +### ministral-3:8b +**Mistral AI • 8B parameters • Context: 250,000 tokens** -**Especificaciones técnicas:** -- **Velocidad**: 28 tokens por segundo ⚡ -- **Consumo**: 0.6 kWh por millón de tokens 🌱 -- **Licencia**: Apache 2.0 -- **Localización**: FR 🇫🇷 - -**Capacidades:** -✅ Herramientas/Agente • ❌ Visión • ❌ Razonamiento • ❌ Seguridad +Intermediate-sized model from the Ministral family, offering an optimal balance between performance and resource usage. -**Etiquetas:** `Compacto` `Rápido` `Versátil` `Eficiente` - -### qwen3:1.7b -**Qwen Team • 1.7B parámetros • Contexto: 32 000 tokens** +**Technical specifications:** +- **Speed** : 55 tokens/second +- **Consumption** : 2.42 kWh per million tokens +- **License** : [Apache 2.0](./licenses/apache_2.0.licence.md) +- **Location** : FR 🇫🇷 -Modelo muy compacto de la familia Qwen3, que ofrece un buen equilibrio entre rendimiento y tamaño para despliegues ligeros. +**Capabilities:** +✅ Tools/Agent • ❌ Vision • ✅ Reasoning • ❌ Security -**Especificaciones técnicas:** -- **Velocidad**: 46 tokens por segundo ⚡ -- **Consumo**: 0.73 kWh por millón de tokens 🌱 -- **Licencia**: Apache 2.0 -- **Localización**: FR 🇫🇷 +**Tags:** `Efficient` `Edge` `Reasoning` -**Capacidades:** -✅ Herramientas/Agente • ❌ Visión • ❌ Razonamiento • ❌ Seguridad +**Use cases:** +- Advanced local conversational assistants +- Document analysis and information extraction +- Tasks requiring a good balance between speed and quality -**Etiquetas:** `Compacto` `Rápido` `Embebido` `Eficiente` +### mistral-small3.2:24b +**Mistral AI • 24B parameters • Context: 128,000 tokens** -### qwen3:4b -**Qwen Team • 4B parámetros • Contexto: 32.000 tokens** +Minor update to Mistral Small 3.1, improving instruction following, function calling robustness, and reducing repetition errors. -Modelo compacto de la familia Qwen3 que ofrece un excelente rendimiento en un formato ligero y económico. +**Technical specifications:** +- **Speed** : 27 tokens/second +- **Consumption** : 5.35 kWh/million tokens +- **License** : [Apache 2.0](./licenses/apache_2.0.licence.md) +- **Location** : FR 🇫🇷 -**Especificaciones técnicas:** -- **Velocidad**: 29 tokens/segundo -- **Consumo**: 1,15 kWh/millón de tokens 🌱 -- **Licencia**: Apache 2.0 -- **Localización**: FR 🇫🇷 +**Capabilities:** +✅ Tools/Agent • ✅ Vision • ❌ Reasoning • ✅ Security -**Capacidades:** -✅ Herramientas/Agente • ❌ Visión • ❌ Razonamiento • ❌ Seguridad +**Tags:** `Vision` `Agent` `Security` `Instruction Following` -**Etiquetas:** `Compacto` `Eficiente` +**Use cases:** +- Conversational agents with improved instruction following +- Robust integration with external tools via function calling +- Applications requiring high reliability to avoid repetitions +- Use cases identical to Mistral Small 3.1, with enhanced performance ### qwen3-2507-think:4b **Qwen Team • 4B parameters • Context: 250,000 tokens** Qwen3-4B model optimized for reasoning, with improved performance on logical tasks, mathematics, science, and code, and an extended context of up to 250K tokens. -**Technical Specifications:** -- **Speed**: 77 tokens/second ⚡ -- **Energy Consumption**: 1.73 kWh per million tokens -- **License**: Apache 2.0 +**Technical specifications:** +- **Speed**: 52 tokens/second +- **Energy consumption**: 2.56 kWh per million tokens +- **License**: [Apache 2.0](./licences/apache_2.0.licence.md) - **Location**: FR 🇫🇷 **Capabilities:** @@ -735,11 +756,11 @@ Qwen3-4B model optimized for reasoning, with improved performance on logical tas **Tags:** `Agent` `Reasoning` `Large Context` `Compact` `Fast` -**Use Cases:** +**Use cases:** - Highly complex reasoning tasks (logic, math, science, code). -- Conversational agents with extremely long conversation history (up to 256k tokens). +- Conversational agents with very long conversation history (256k tokens). - Deep reasoning analysis of very large documents. -- Integration with external tools via function calling, even within very large contexts. +- Integration with external tools via function calling on extremely large contexts. ### qwen3-2507:4b **Qwen Team • 4B parameters • Context: 250,000 tokens** @@ -747,9 +768,9 @@ Qwen3-4B model optimized for reasoning, with improved performance on logical tas Updated version of the non-thinking mode of Qwen3-4B, featuring significant improvements in general capabilities, expanded knowledge coverage, and better alignment with user preferences. **Technical Specifications:** -- **Speed**: 69 tokens/second ⚡ -- **Energy Consumption**: 1.93 kWh per million tokens -- **License**: Apache 2.0 +- **Speed**: 30 tokens/second +- **Consumption**: 4.44 kWh per million tokens +- **License**: [Apache 2.0](./licences/apache_2.0.licence.md) - **Location**: FR 🇫🇷 **Capabilities:** @@ -763,209 +784,217 @@ Updated version of the non-thinking mode of Qwen3-4B, featuring significant impr - High-quality text generation for open-ended and subjective tasks. - Analysis of very large documents thanks to a 256k-token context. -### qwen3:8b -**Qwen Team • 8B parameters • Context: 32,000 tokens** +### qwen3-embedding:0.6b +**Qwen Team • 0.6B parameters • Context: 32,768 tokens** -Qwen3 8B model offering a good balance between performance and efficiency for general tasks. +Ultra-light Qwen3 embedding model, optimized for speed and efficiency on resource-constrained infrastructure. **Technical specifications:** -- **Speed**: 18 tokens/second -- **Energy consumption**: 1.85 kWh per million tokens 🌱 -- **License**: Apache 2.0 -- **Location**: FR 🇫🇷 +- **Speed**: N/A +- **Energy consumption**: 0.57 kWh per million tokens +- **License**: [Apache 2.0](./licences/apache_2.0.licence.md) +- **Localization**: FR 🇫🇷 **Capabilities:** -✅ Tools/Agent • ❌ Vision • ✅ Reasoning • ❌ Security +❌ Tools/Agent • ❌ Vision • ❌ Reasoning • ❌ Security -**Tags:** `Reasoning` `Agent` `Multilingual` `Efficient` +**Tags:** `Embedding` `Compact` `Efficient` -### qwen2.5vl:3b -**Qwen Team • 3.8B parameters • Context: 128,000 tokens** +**Use cases:** +- Fast semantic search +- Real-time text classification -Compact Vision-Language model, high-performance solution for edge AI. +### qwen3-embedding:4b +**Qwen Team • 4B parameters • Context: 40,000 tokens** -**Technical Specifications:** -- **Speed**: 73 tokens/second ⚡ -- **Energy Consumption**: 0.45 kWh per million tokens 🌱 -- **License**: Apache 2.0 -- **Localization**: FR 🇫🇷 +Ultra-performing Qwen3-4B embedding model, offering deep semantic understanding and an extended context window. + +**Technical specifications:** +- **Speed** : N/A +- **Energy consumption** : 0.57 kWh per million tokens +- **License** : [Apache 2.0](./licences/apache_2.0.licence.md) +- **Location** : FR 🇫🇷 **Capabilities:** -✅ Tools/Agent • ✅ Vision • ✅ Reasoning • ❌ Security +❌ Tools/Agent • ❌ Vision • ❌ Reasoning • ❌ Security + +**Tags:** `Embedding` `Large Context` `Efficient` -**Tags:** `Vision` `Agent` `Reasoning` `Fast` `Efficient` `OCR` `Visual Localization` `Edge AI` +**Use cases:** +- Semantic search on long documents +- RAG with extended context windows +- High-precision semantic analysis -### qwen2.5vl:7b -**Equipo Qwen • 7B (8.3B) parámetros • Contexto: 128 000 tokens** +### qwen3-vl:2b +**Qwen Team • 2 millones de parámetros • Contexto: 250.000 tokens** -Modelo de visión-lenguaje potente, que supera a GPT-4o-mini en algunas tareas. +Modelo multimodal ultracompacto Qwen3-VL, que ofrece capacidades avanzadas de visión en dispositivos de borde. **Especificaciones técnicas:** -- **Velocidad**: 48 tokens por segundo -- **Consumo**: 0,69 kWh por millón de tokens 🌱 -- **Licencia**: Apache 2.0 +- **Velocidad**: 64 tokens por segundo +- **Consumo**: 0,95 kWh por millón de tokens +- **Licencia**: [Apache 2.0](./licences/apache_2.0.licence.md) - **Localización**: FR 🇫🇷 **Capacidades:** -✅ Herramientas/Agente • ✅ Visión • ✅ Razonamiento • ❌ Seguridad - -**Etiquetas:** `Visión` `Agente` `Razonamiento` `Eficiente` `OCR` `Localización Visual` - -### devstral:24b -**Mistral AI & All Hands AI • 24B parameters • Context: 100,000 tokens** +✅ Herramientas/Agente • ✅ Visión • ❌ Razonamiento • ❌ Seguridad -Devstral is an agentic LLM designed for software engineering tasks. +**Etiquetas:** `Visión` `Compacto` `Eficiente` `Multimodal` `Borde` `OCR` -**Technical specifications:** -- **Speed**: 50 tokens/second -- **Energy consumption**: 5.27 kWh per million tokens -- **License**: Apache 2.0 -- **Location**: FR 🇫🇷 +**Casos de uso:** +- Análisis de imágenes en tiempo real en dispositivos móviles +- OCR y lectura de documentos ligeros +- Clasificación y ordenación visual rápida -**Capabilities:** -✅ Tools/Agent • ❌ Vision • ❌ Reasoning • ✅ Security +### qwen3-vl:4b +**Qwen Team • 4B parámetros • Contexto: 250.000 tokens** -**Tags:** `Agent` `Programming` `Open-Source` `Large Context` +Modelo multimodal Qwen3-VL equilibrado, que ofrece un rendimiento sólido en visión con una huella reducida. -**Use cases:** -- Codebase exploration and modification -- Agentic -- European - -### cogito:8b -**Deep Cogito • 8B parameters • Context: 32,000 tokens** +**Especificaciones técnicas:** +- **Velocidad**: 57 tokens por segundo +- **Consumo**: 2,34 kWh por millón de tokens +- **Licencia**: [Apache 2.0](./licences/apache_2.0.licence.md) +- **Localización**: FR 🇫🇷 -Intermediate-sized model from the Cogito family, offering a good balance between reasoning capabilities and efficiency. +**Capacidades:** +✅ Herramientas/Agente • ✅ Visión • ❌ Razonamiento • ❌ Seguridad -**Technical specifications:** -- **Speed** : 43 tokens/second -- **Energy consumption** : 0.77 kWh per million tokens 🌱 -- **License** : LLAMA 3.2 Community License -- **Location** : FR 🇫🇷 +**Etiquetas:** `Visión` `Compacto` `Multimodal` `Eficiente` `Vídeo` `OCR` -**Capabilities:** -✅ Tools/Agent • ❌ Vision • ✅ Reasoning • ❌ Security +**Casos de uso:** +- Análisis automatizado de documentos (facturas, formularios) +- Comprensión de contenido de vídeo +- Asistentes visuales interactivos -**Tags:** `Agent` `Reasoning` `Versatile` `Efficient` +### qwen3-vl:8b +**Qwen Team • 8B parámetros • Contexto: 250.000 tokens** -### granite4-small-h:32b -**IBM • 32B (9B activos) parámetros • Contexto: 128 000 tokens** - -Modelo MoE (Mixture-of-Experts) de IBM, diseñado como un "caballo de batalla" para tareas diarias empresariales, con una excelente eficiencia en contextos largos. +Modelo multimodal Qwen3-VL (8B), con rendimiento avanzado en visión y una huella razonable. **Especificaciones técnicas:** -- **Velocidad**: 28 tokens/segundo -- **Consumo**: 1,19 kWh/millón de tokens 🌱 -- **Licencia**: Apache 2.0 +- **Velocidad**: 44 tokens/segundo +- **Consumo**: 3,03 kWh/millón de tokens +- **Licencia**: [Apache 2.0](./licences/apache_2.0.licence.md) - **Localización**: FR 🇫🇷 **Capacidades:** -✅ Herramientas/Agente • ❌ Visión • ✅ Razonamiento • ✅ Seguridad +✅ Herramientas/Agente • ✅ Visión • ❌ Razonamiento • ❌ Seguridad -**Etiquetas:** `Agente` `Razonamiento` `Seguridad` `MoE` `Gran Contexto` `Eficiente` +**Etiquetas:** `Visión` `Compacto` `Multimodal` `Eficiente` `Vídeo` `OCR` **Casos de uso:** -- Agentes conversacionales para soporte al cliente con acceso a bases de conocimientos extensas. -- Automatización de flujos de trabajo empresariales que requieren el uso de múltiples herramientas. -- Análisis de documentos largos con un consumo de recursos optimizado. -- Despliegues en infraestructuras de tamaño medio gracias a su eficiencia. +- Análisis automatizado de documentos +- Comprensión de contenido de vídeo +- Asistentes visuales interactivos -### granite4-tiny-h:7b -**IBM • 7B (1B activos) parámetros • Contexto: 128 000 tokens** +### qwen3:0.6b +**Qwen Team • 0.6B parameters • Context: 40,000 tokens** -Modelo híbrido MoE ultraeficiente de IBM, diseñado para baja latencia, aplicaciones de borde y locales, y como bloque base para flujos de trabajo de agentes. +Ultra-light Qwen3 model with 0.6 billion parameters, offering exceptional inference speed for simple and fast tasks. -**Especificaciones técnicas:** -- **Velocidad**: 77 tokens/segundo ⚡ -- **Consumo**: 0,43 kWh/millón de tokens 🌱 -- **Licencia**: Apache 2.0 -- **Localización**: FR 🇫🇷 +**Technical specifications:** +- **Speed**: 46 tokens/second +- **Consumption**: 1.33 kWh per million tokens +- **License**: [Apache 2.0](./licenses/apache_2.0.license.md) +- **Location**: FR 🇫🇷 -**Capacidades:** -✅ Herramientas/Agente • ❌ Visión • ✅ Razonamiento • ✅ Seguridad +**Capabilities:** +✅ Tools/Agent • ❌ Vision • ❌ Reasoning • ❌ Security -**Etiquetas:** `Agente` `Razonamiento` `Seguridad` `MoE` `Gran contexto` `Eficiente` `Rápido` `Compacto` +**Tags:** `Compact` `Fast` `Efficient` `Multilingual` -**Casos de uso:** -- Aplicaciones embebidas y de borde que requieren baja latencia. -- Tareas rápidas dentro de flujos de trabajo de agentes más amplios (por ejemplo, llamadas a funciones). -- Análisis de documentos en hardware de consumo general. -- Despliegues que requieren una huella de memoria mínima. +**Use cases:** +- Simple text processing tasks +- Fast classification and sorting +- Lightweight assistants with low latency -### deepseek-ocr -**DeepSeek AI • 3B parameters • Context: 8,192 tokens** +### rnj-1:8b +**Essential AI • 8B parameters • Context: 32,000 tokens** -Specialized OCR model from DeepSeek, designed for high-precision text extraction with formatting preservation. +8B "Open Weight" model specialized in code, mathematics, and sciences (STEM). **Technical specifications:** -- **Speed**: 120 tokens/second ⚡ -- **Energy consumption**: 0.16 kWh per million tokens 🌱 -- **License**: MIT license +- **Speed**: 31 tokens/second +- **Consumption**: 1.97 kWh/million tokens +- **License**: [Open Weights](./licences/open_weights.licence.md) - **Location**: FR 🇫🇷 **Capabilities:** -❌ Tools/Agent • ✅ Vision • ❌ Reasoning • ❌ Security +❌ Tools/Agent • ❌ Vision • ✅ Reasoning • ❌ Security -**Tags:** `Vision` `OCR` `Efficient` +**Tags:** `Code` `Maths` `STEM` `Reasoning` `Efficient` **Use cases:** -- Extraction of structured text (Markdown/LaTeX) from images/PDFs -- Document digitization with complex tables and formulas +- Advanced programming assistant and code generation +- Solving complex mathematical problems +- Scientific and technical tasks (STEM) ## Cas de uso recomendados ### Multilingual dialogue + Chatbots and assistants capable of communicating in multiple languages with automatic language detection, context preservation throughout the entire conversation, and understanding of linguistic nuances **Recommended models:** + - Llama 3.3 - Mistral Small 3.2 - Qwen 3 - Openai OSS - Granite 4 -### Análisis de documentos largos +### Análisis de documentos largos + Procesamiento de documentos extensos (>100 páginas) con mantenimiento del contexto a lo largo de todo el texto, extracción de información clave, generación de resúmenes pertinentes y respuesta a preguntas específicas sobre el contenido. -**Modelos recomendados:** -- Gemma 3 -- Qwen next -- Qwen 3 +**Modelos recomendados:** + +- Gemma 3 +- Qwen next +- Qwen 3 - Granite 4 -### Programación y desarrollo +### Programación y desarrollo + Generación y optimización de código en múltiples lenguajes, depuración, refactorización, desarrollo de funcionalidades completas, comprensión de implementaciones algorítmicas complejas y creación de pruebas unitarias -**Modelos recomendados:** -- DeepCoder -- Qwen3 coder -- Granite 4 +**Modelos recomendados:** + +- DeepCoder +- Qwen3 coder +- Granite 4 - Devstral ### Visual analysis -Direct processing of images and visual documents without prior OCR preprocessing, interpretation of technical diagrams, charts, tables, drawings, and photos, with generation of detailed textual explanations of the visual content + +Direct processing of images and visual documents without prior OCR preprocessing, interpretation of technical diagrams, charts, tables, drawings, and photos, with generation of detailed textual explanations of the visual content. **Recommended models:** + - deepseek-OCR - Mistral Small 3.2 - Gemma 3 -- Qwen2.5-VL +- Qwen 3 VL ### Seguridad y cumplimiento + Aplicaciones que requieren capacidades específicas en materia de seguridad; filtrado de contenido sensible, trazabilidad de razonamientos, verificación del RGPD/HDS, minimización de riesgos, análisis de vulnerabilidades y cumplimiento de regulaciones sectoriales. **Modelos recomendados:** + - Granite Guardian - Granite 4 - Devstral - Mistral Small 3.2 -- Magistral 24b +- Magistral small ### Lightweight and Embedded Deployments + Applications requiring minimal resource footprint, deployment on devices with limited capacity, real-time inference on standard CPUs, and integration into embedded systems or IoT devices **Recommended models:** -- Gemma 3 -- Granite Guardian + +- Gemma 3n - Granite 4 tiny -- DeepSeek-OCR \ No newline at end of file +- Qwen 3 VL (2B) \ No newline at end of file diff --git a/i18n/es/docusaurus-plugin-content-docs/current/managed_kubernetes/managed_kubernetes.md b/i18n/es/docusaurus-plugin-content-docs/current/managed_kubernetes/managed_kubernetes.md index 5d840ccc..8b9be0c0 100644 --- a/i18n/es/docusaurus-plugin-content-docs/current/managed_kubernetes/managed_kubernetes.md +++ b/i18n/es/docusaurus-plugin-content-docs/current/managed_kubernetes/managed_kubernetes.md @@ -2,12 +2,12 @@ title: Visión general --- -# Kubernetes gestionado +# Kubernetes gestionné

Conceptos

-

Descubra las bases y principios esenciales para dominar nuestra infraestructura.

+

Descubra los fundamentos y principios esenciales para dominar nuestra infraestructura.

Explorar conceptos →
@@ -24,26 +24,28 @@ title: Visión general Kubernetes gestionado por Cloud Temple es una solución de orquestación de contenedores basada en productos de código abierto y diseñada para ofrecer un alto nivel de seguridad, resiliencia y automatización en las plataformas SecNumcloud de Cloud Temple. Cada clúster se despliega en un entorno IaaS Cloud-Temple OpenIaaS completamente dedicado al cliente. -Esta oferta está diseñada para expertos en Kubernetes y entusiastas del código abierto que buscan una solución nativa, portable, sin capas adicionales del fabricante, sobre un sistema operativo minimalista e inmutable, diseñado para la automatización y la seguridad. +Esta oferta está diseñada para equipos con un buen conocimiento de Kubernetes y los entusiastas del código abierto que buscan una solución nativa, portable, sin capas adicionales del fabricante, sobre un sistema operativo minimalista e inmutable, diseñado para la automatización y la seguridad. ### Beneficios Clave -- **Soberanía y reversibilidad**: La solución se basa en estándares de código abierto (Kubernetes CNCF) para evitar cualquier dependencia tecnológica y garantizar la portabilidad de sus aplicaciones. La herramienta de copia de seguridad Veeam Kasten, incluida en la oferta, está especialmente diseñada para facilitar las migraciones entre diferentes nubes. -- **Seguridad "Zero-Trust" y gobernanza**: La arquitectura se apoya en Talos OS, un sistema operativo inmutable sin acceso directo (ni shell, ni SSH), lo que reduce drásticamente la superficie de ataque. Este enfoque se combina con herramientas de gobernanza como Kyverno para la gestión de políticas y Capsule para la gestión detallada de permisos, constituyendo una base sólida para una estrategia de seguridad "Zero-Trust". + +- **Soberanía y reversibilidad**: La solución se basa en estándares de código abierto (Kubernetes CNCF) para evitar cualquier dependencia tecnológica y garantizar la portabilidad de sus aplicaciones. La herramienta de copia de seguridad Veeam Kasten, incluida en la oferta, está especialmente diseñada para facilitar las migraciones entre nubes. +- **Seguridad "Zero-Trust" y gobernanza**: La arquitectura se apoya en Talos OS, un sistema operativo inmutable sin acceso directo (ni shell, ni SSH), lo que reduce drásticamente la superficie de ataque. Este enfoque se combina con herramientas de gobernanza como Kyverno para la gestión de políticas y Capsule para el control detallado de permisos, constituyendo una base sólida para una estrategia de seguridad "Zero-Trust". - **Control de costos e integración**: La solución incluye de forma nativa herramientas de FinOps como OpenCost para un seguimiento preciso del consumo. El modelo económico es transparente, basado en los recursos IaaS consumidos, y el uso de componentes de código abierto reconocidos (Cilium, Ceph, ArgoCD) facilita su integración en sus ecosistemas existentes. -### A complete and ready-to-use platform -The solution natively includes a full, cohesive stack of cutting-edge open-source tools to cover all requirements across the application lifecycle: +### A complete and ready-to-use platform + +The solution natively includes a full and coherent stack of cutting-edge open source tools to cover all needs throughout the application lifecycle: -- **Networking and Security**: Cilium, Hubble, Kyverno, Capsule -- **Storage**: Rook-Ceph -- **Continuous Deployment (GitOps)**: ArgoCD -- **Observability**: Prometheus, Grafana, Loki -- **Backup and Migration**: Veeam Kasten +- **Networking and Security**: Cilium, Hubble, MetalLB, Ingress Nginx, Kyverno, Capsule +- **Storage**: Rook-Ceph +- **Continuous Deployment (GitOps)**: ArgoCD +- **Observability**: Prometheus, Grafana, Loki +- **Backup and Migration**: Veeam Kasten - **Cost Management (FinOps)**: OpenCost ## Arquitecturas de Despliegue -Proponemos dos arquitecturas distintas para satisfacer sus necesidades, ya sea para entornos de desarrollo o de producción críticos. +Ofrecemos dos arquitecturas distintas para satisfacer sus necesidades, ya sea para entornos de desarrollo o de producción críticos. ### Dev/Test Architecture @@ -68,11 +70,13 @@ Diseñada para producción y aplicaciones críticas, esta arquitectura distribuy - **Alta disponibilidad**: 3 nodos de Control Plane distribuidos en 3 AZ. - **Almacenamiento dedicado**: 3 nodos de almacenamiento dedicados y distribuidos para rendimiento y resiliencia. - **Workers distribuidos**: Mínimo 3 nodos workers, uno por AZ. + - **Nodos Bare Metal (Opcional)**: Posible integración de nodos workers tipo **"Bare Metal"** para necesidades específicas de rendimiento, especialmente el **soporte de GPU**. - **SLA del 99,90%**. Arquitectura Multi-AZ ### Componentes técnicos detallados + La oferta incluye detalladamente los siguientes componentes: - CNI Cillium, con interfaz de observabilidad (Hubble) diff --git a/i18n/es/docusaurus-plugin-content-docs/current/managed_kubernetes/tutorials/images/nvidiasmi.png b/i18n/es/docusaurus-plugin-content-docs/current/managed_kubernetes/tutorials/images/nvidiasmi.png new file mode 100644 index 00000000..54abb537 Binary files /dev/null and b/i18n/es/docusaurus-plugin-content-docs/current/managed_kubernetes/tutorials/images/nvidiasmi.png differ diff --git a/i18n/es/docusaurus-plugin-content-docs/current/managed_kubernetes/tutorials/images/opencostgrafana.png b/i18n/es/docusaurus-plugin-content-docs/current/managed_kubernetes/tutorials/images/opencostgrafana.png new file mode 100644 index 00000000..3e3000d1 Binary files /dev/null and b/i18n/es/docusaurus-plugin-content-docs/current/managed_kubernetes/tutorials/images/opencostgrafana.png differ diff --git a/i18n/es/docusaurus-plugin-content-docs/current/managed_kubernetes/tutorials/usinggpu.md b/i18n/es/docusaurus-plugin-content-docs/current/managed_kubernetes/tutorials/usinggpu.md new file mode 100644 index 00000000..65698dd8 --- /dev/null +++ b/i18n/es/docusaurus-plugin-content-docs/current/managed_kubernetes/tutorials/usinggpu.md @@ -0,0 +1,57 @@ +--- +title: Using an NVIDIA GPU +--- + +import nvidiasmi from './images/nvidiasmi.png' + +# Using a GPU on Managed Kubernetes + +This tutorial shows you how to deploy a pod that uses a GPU resource on a Managed Kubernetes cluster configured with "Bare Metal" nodes equipped with NVIDIA GPUs. + +## Requis + +- Un clúster Kubernetes gestionado con al menos un nodo worker del tipo "Bare Metal" con GPU. + +## Ejemplo de manifiesto de Pod + +A continuación se muestra un ejemplo de manifiesto de Pod que ejecuta el comando `nvidia-smi` para verificar la presencia y estado de la tarjeta GPU. + +```yaml +apiVersion: v1 +kind: Pod +metadata: + name: nvidia-cuda-check +spec: + runtimeClassName: nvidia # Clave para Talos NVIDIA + restartPolicy: Never + containers: + - name: nvidia-version-check + image: "nvidia/cuda:13.1.0-devel-ubuntu24.04" + imagePullPolicy: Always + command: ["nvidia-smi"] +``` + +### Explicación del Manifiesto + +- **`runtimeClassName: nvidia`**: Esta es la parte más importante. Indica a Kubernetes que utilice el runtime de NVIDIA. El toolkit de NVIDIA se encarga entonces de inyectar los controladores de NVIDIA directamente en el pod, lo que permite que el contenedor acceda a la GPU. +- **`restartPolicy: Never`**: Dado que este pod es simplemente un comando de verificación, no queremos que se reinicie después de su ejecución. +- **`image: "nvidia/cuda:..."`**: Utilizamos una imagen proporcionada por NVIDIA que contiene las herramientas necesarias para interactuar con la GPU. +- **`command: ["nvidia-smi"]`**: Esta es la orden que se ejecutará dentro del contenedor. `nvidia-smi` es una herramienta de línea de comandos que proporciona información sobre las GPUs NVIDIA. + +Para obtener más información sobre el funcionamiento del toolkit de NVIDIA, puede consultar la [documentación oficial en GitHub](https://github.com/NVIDIA/nvidia-container-toolkit). + +## Despliegue y Verificación + +1. **Despliegue el pod** utilizando el comando `kubectl apply`: + ```shell + kubectl apply -f nvidia-smi.yaml + ``` + +2. **Verifique los registros del pod** para ver la salida del comando `nvidia-smi`: + ```shell + kubectl logs nvidia-cuda-check + ``` + +Si todo está configurado correctamente, debería ver una salida similar a la siguiente, mostrando los detalles de su tarjeta GPU: + +Resultado del comando nvidia-smi \ No newline at end of file diff --git a/i18n/es/docusaurus-plugin-content-docs/current/managed_kubernetes/tutorials/usingopencost.md b/i18n/es/docusaurus-plugin-content-docs/current/managed_kubernetes/tutorials/usingopencost.md index 19b83b07..15011d0d 100644 --- a/i18n/es/docusaurus-plugin-content-docs/current/managed_kubernetes/tutorials/usingopencost.md +++ b/i18n/es/docusaurus-plugin-content-docs/current/managed_kubernetes/tutorials/usingopencost.md @@ -2,13 +2,14 @@ title: Seguimiento de costos con OpenCost --- import opencostui from './images/opencost.png' +import opencostgrafana from './images/opencostgrafana.png' import opencostmcp from './images/opencostmcp.png' import opencostmcp2 from './images/opencostmcp2.png' import opencostmcp3 from './images/opencostmcp3.png' ## Objetivos -Este tutorial presenta **OpenCost**, la herramienta de supervisión y optimización de costos integrada en su clúster **Kubernetes gestionado**. Al final de esta guía, será capaz de: +Este tutorial presenta **OpenCost**, la herramienta de supervisión y optimización de costos integrada en su clúster **Managed Kubernetes**. Al final de esta guía, será capaz de: - **Acceder** a la interfaz de OpenCost. - **Comprender** la estructura de la interfaz y las vistas disponibles. @@ -16,13 +17,13 @@ Este tutorial presenta **OpenCost**, la herramienta de supervisión y optimizaci ## ¿Qué es OpenCost? -OpenCost es una solución open-source, estándar de la CNCF (Cloud Native Computing Foundation), que proporciona visibilidad en tiempo real sobre los costos de sus entornos Kubernetes. Le ayuda a comprender con precisión qué consume recursos en su clúster y cómo se traduce esto en términos de costos. +OpenCost es una solución open-source, estándar de la CNCF (Cloud Native Computing Foundation), que proporciona visibilidad en tiempo real sobre los costos de sus entornos Kubernetes. Le ayuda a comprender con precisión qué está consumiendo recursos en su clúster y cómo se traduce eso en términos de costos. -En la oferta de Kubernetes gestionado, OpenCost está preinstalado y configurado para ofrecerle una visión clara de sus gastos. Está directamente configurado con los costos reales de la infraestructura Cloud Temple. +En la oferta de Kubernetes gestionado, OpenCost está preinstalado y configurado para brindarle una visión clara de sus gastos. Está directamente configurado con los costos reales de la infraestructura Cloud Temple. ## Acceder a la interfaz de OpenCost -La interfaz de OpenCost se expone en una URL segura, específica para su clúster. Para acceder a ella, utilice la siguiente URL sustituyendo `identificador` por el identificador de su clúster (por ejemplo, `ctodev`): +La interfaz de OpenCost se expone en una URL segura, específica para su clúster. Para acceder a ella, utilice la siguiente URL reemplazando `identificador` por el identificador de su clúster (por ejemplo, `ctodev`): `https://opencost.external-secured.identificador.mk.ms-cloud-temple.com` @@ -47,6 +48,12 @@ Esta vista le permite descomponer los costos según conceptos nativos de Kuberne For even more granular financial analysis, OpenCost can aggregate costs based on **Kubernetes labels**. There isn't a direct "Label" option in the menu, but OpenCost ingests your labels and allows you to create custom aggregations. For this, a consistent labeling strategy is essential. For example, using labels such as `team: backend` or `product: api-gateway` enables you to analyze costs precisely aligned with your organizational structure. For this type of analysis, you must go through OpenCost's AI integration. +## Dashboard Grafana + +Un dashboard Grafana también está disponible para visualizar los datos de OpenCost. Este dashboard ofrece una vista alternativa y complementaria a la interfaz de OpenCost, y conserva el historial completo de las métricas de costos, permitiéndole analizar las tendencias a largo plazo. + +Dashboard Grafana de OpenCost + ## Uso avanzado: Integración con una IA (servidor MCP) Para usuarios avanzados, OpenCost puede consultarse directamente desde el asistente conversacional Cline (o cualquier otro) gracias al sistema de **servidores MCP (Multi-purpose Co-processor)**. Esto le permite crear consultas mediante scripts y obtener datos de costos directamente en sus conversaciones. @@ -56,8 +63,7 @@ Para usuarios avanzados, OpenCost puede consultarse directamente desde el asiste Para conectar Cline con su instancia de OpenCost, debe agregar la siguiente configuración a su archivo `cline_mcp_settings.json`. Este archivo se encuentra generalmente en el directorio de configuración de Cline. Recomendamos crear un servidor MCP "opencost-xxxxx", donde xxxxx es el nombre de su clúster Kubernetes gestionado. -La URL del servidor MCP tiene el formato `https://opencost-mcp.external-secured.identificador.mk.ms-cloud-temple.com`. - +La URL del servidor MCP tiene el formato `https://opencost-mcp.external-secured.identificador.mk.ms-cloud-temple.com`. Por ejemplo, para el clúster "bestie": ```json @@ -91,10 +97,10 @@ $credentials = [System.Text.Encoding]::UTF8.GetBytes("finopsadm:SU_CONTRASEÑA") Una vez guardado este archivo, Cline cargará automáticamente el MCP `opencost-xxxxx` al iniciar. -### 2. Query OpenCost with MCP +### 2. Query OpenCost using MCP :::tip Prerequisites -To interact with MCP using natural language, the underlying AI must have access to language models (LLMs), either locally (e.g., LMStudio) or via connections to public services such as GPT-5 or Gemini, or by using our **[LLM-as-a-Service](/docs/llmaas/llmaas)** sovereign offering. +To interact with MCP using natural language, the underlying AI must have access to language models (LLMs), either locally (e.g., LMStudio) or via connections to public services such as GPT-5 or Gemini, or by using our **[LLM-as-a-Service](/llmaas/llmaas)** sovereign offering. ::: After configuration, you can use LLM tools to perform natural language queries against this MCP server. @@ -111,11 +117,11 @@ Obtendrás lo siguiente: IA response opencost 2 -#### Ejemplo 3: +#### Example 3: -"Utiliza el MCP opencost-bestie y dime qué porcentaje de los costos del clúster se asigna a la aplicación con la etiqueta 'nginx' (filtro del tipo filter: 'label:app:frontend')." +"Use the OpenCost MCP opencost-bestie, and tell me what percentage of the cluster costs are allocated to the application with the label 'nginx' (filter of the form filter: 'label:app:frontend')." -respuesta IA opencost 3 +IA response opencost 3 ## Conclusión diff --git a/i18n/es/docusaurus-plugin-content-docs/current/network/private_network/private_network.md b/i18n/es/docusaurus-plugin-content-docs/current/network/private_network/private_network.md index fd27d653..bf7b5575 100644 --- a/i18n/es/docusaurus-plugin-content-docs/current/network/private_network/private_network.md +++ b/i18n/es/docusaurus-plugin-content-docs/current/network/private_network/private_network.md @@ -3,22 +3,22 @@ title: Visión general slug: /network/private_network --- -Cloud Temple ofrece una solución de Redes Privadas diseñada para satisfacer las necesidades empresariales de conectividad segura, de alto rendimiento y flexible. Basada en una arquitectura innovadora que utiliza la tecnología VPLS, esta solución proporciona una red privada, transparente y extensible de capa 2 a través de todas las zonas de disponibilidad. +Cloud Temple ofrece una solución de Redes Privadas diseñada para satisfacer las necesidades de las empresas en términos de conectividad segura, eficiente y flexible. Basada en una arquitectura innovadora que utiliza la tecnología VPLS, esta solución proporciona una red privada de nivel 2, transparente y escalable a través de todas las zonas de disponibilidad.

Conceptos

-

Descubra los fundamentos y principios esenciales para comprender y dominar nuestra infraestructura.

- Explorar conceptos → +

Descubra las bases y principios esenciales para comprender y dominar nuestra infraestructura.

+ Explorar los conceptos →

Inicio rápido

Comience rápidamente con nuestros recursos siguiendo instrucciones claras y sencillas.

- Iniciar guía rápida → + Iniciar el inicio rápido →
-
+

Tutoriales

-

Aprenda paso a paso cómo configurar y utilizar nuestros servicios con guías detalladas.

- Descubrir tutoriales → +

Aprenda paso a paso a configurar y utilizar nuestros servicios con guías detalladas.

+ Descubrir los tutoriales →
-
+
\ No newline at end of file diff --git a/i18n/es/docusaurus-plugin-content-docs/current/network/private_network/tutorials.md b/i18n/es/docusaurus-plugin-content-docs/current/network/private_network/tutorials.md index ba623143..800cb2cc 100644 --- a/i18n/es/docusaurus-plugin-content-docs/current/network/private_network/tutorials.md +++ b/i18n/es/docusaurus-plugin-content-docs/current/network/private_network/tutorials.md @@ -1,11 +1,11 @@ --- -title: Tutoriales +title: Tutorials --- -Estos tutoriales le ayudan a configurar y utilizar nuestros servicios de Redes Privadas. +These tutorials help you set up and use our private networking services.

Tutorials

-

No hay tutoriales disponibles por el momento, pero estamos trabajando activamente en ellos. ¡Vuelva pronto para saber más!

- Ir a la página de inicio → -
+

No tutorials are currently available, but we are working on them actively. Check back soon for more information!

+ Go to the homepage → +
\ No newline at end of file diff --git a/i18n/es/docusaurus-plugin-content-docs/current/network/vpc/concepts.md b/i18n/es/docusaurus-plugin-content-docs/current/network/vpc/concepts.md index 78c10e02..97bf9fa1 100644 --- a/i18n/es/docusaurus-plugin-content-docs/current/network/vpc/concepts.md +++ b/i18n/es/docusaurus-plugin-content-docs/current/network/vpc/concepts.md @@ -2,63 +2,63 @@ title: Conceptos --- -# Conceptos VPC +# Conceptos de VPC -## Definición y Posicionamiento +## Definición y posicionamiento -El **VPC (Virtual Private Cloud)** es un servicio de red gestionado que permite la creación de redes privadas aisladas, seguras y controlables a través de la consola de Cloud Temple. Está diseñado para ofrecer una experiencia nativa de la nube, automatizando la configuración de la red y la seguridad. +El **VPC (Virtual Private Cloud)** es un servicio de red gestionado que permite crear redes privadas aisladas, seguras y gestionables a través de la consola Cloud Temple. Está diseñado para ofrecer una experiencia nativa en la nube, automatizando la configuración de la red y la seguridad. -A fecha de enero de 2026, las redes privadas del VPC permiten interconectar los servicios **IaaS Open Source** e **IaaS VMware**. La interconexión con servidores **Bare Metal** estará disponible próximamente. +Hasta la fecha (enero de 2026), las redes privadas del VPC permiten interconectar servicios **IaaS de código abierto** y **IaaS VMware**. La interconexión con servidores **Bare Metal** estará disponible en una actualización futura. -### VPC vs Backbone Privado +### VPC vs Private Backbone -Cloud Temple ofrece dos modos de consumo de red: +Cloud Temple offers two network consumption modes: -* **Backbone Privado (Oferta histórica)**: - * Ideal para expertos que buscan la máxima autonomía y configuraciones de red específicas (L2 extendido). - * Requiere instalación y gestión manual de equipos de seguridad (firewalls, routers). - * Gestión manual del plan de direccionamiento. +* **Private Backbone (Legacy offering)**: + * Ideal for experts seeking maximum autonomy and specific network configurations (extended L2). + * Requires manual installation and management of security equipment (firewalls, routers). + * Manual management of IP addressing. -* **VPC (Nueva oferta)**: - * Diseñado para una experiencia nativa de la nube y automatizada. - * Seguridad integrada (Gateway, Firewalling, NAT) sin gestión de equipos de terceros. - * Servicio gestionado con alta disponibilidad garantizada por Cloud Temple. - * Ideal para proyectos modernos, DevOps y alojamiento de aplicaciones web. +* **VPC (New offering)**: + * Designed for a cloud-native and automated experience. + * Built-in security (Gateway, Firewalling, NAT) without the need to manage third-party equipment. + * Fully managed service with high availability guaranteed by Cloud Temple. + * Ideal for modern projects, DevOps, and hosting web applications. ## Arquitectura -El VPC se basa en una arquitectura redundante y de alta disponibilidad, aprovechando el backbone inter-AZ de baja latencia de Cloud Temple. +El VPC se basa en una arquitectura redundante y altamente disponible, aprovechando el backbone inter-AZ de baja latencia de Cloud Temple. ### Componentes Clave -* **Router VPC**: En el corazón de cada VPC, gestiona el enrutamiento dinámico entre las diferentes Redes Privadas (tráfico este-oeste). -* **Redes Privadas (VLANs)**: Segmentos de red de capa 2 que conectan sus recursos (VMs, servidores). Se extienden de forma nativa a través de múltiples Zonas de Disponibilidad (AZ) sin reconfiguración de IP. -* **Gateway Externo**: Punto de entrada y salida opcional para el tráfico de Internet (norte-sur). Integra funcionalidades de NAT y gestión de flujos. +* **Router de VPC**: En el centro de cada VPC, gestiona el enrutamiento dinámico entre los diferentes Private Networks (tráfico este-oeste). +* **Private Networks (VLANs)**: Segmentos de red de nivel 2 que conectan sus recursos (VMs, servidores). Se extienden nativamente a través de múltiples zonas de disponibilidad (AZ) sin necesidad de reconfiguración IP. +* **Pasarela Externa (External Gateway)**: Punto de entrada y salida opcional para el tráfico de Internet (norte-sur). Incorpora funciones de NAT y gestión de flujos. ### Aislamiento y Seguridad El VPC garantiza un aislamiento estricto: * Cada VPC es una entidad de red independiente. -* El despliegue se realiza en recursos dedicados (para clientes IaaS Open Source), asegurando que no se compartan recursos de red. -* El servicio está actualmente en proceso de cualificación **SecNumCloud**. +* El despliegue se realiza sobre recursos dedicados (para clientes IaaS de código abierto), asegurando que ninguna recurso de red se comparta. +* El servicio se encuentra en proceso de acreditación **SecNumCloud**. ## Funcionalidades Principales | Funcionalidad | Descripción | Disponibilidad | -|---------------|-------------|----------------| +|----------------|-------------|----------------| | **Redes privadas regionales** | Despliegue multi-AZ y propagación L2 transparente. | Disponible | -| **Enrutamiento nativo** | Comunicación automática entre las redes privadas de un mismo VPC. | Disponible | +| **Enrutamiento nativo** | Comunicación automática entre redes privadas de la misma VPC. | Disponible | | **IPAM & DHCP** | Gestión automática de pools de direcciones y asignación dinámica. | Disponible | -| **Acceso a Internet** | Configurable a través del Gateway (NAT, DNAT, Egress controlado). | Disponible | -| **IP Flotantes** | Exposición flexible de servicios en Internet. | Disponible | -| **Micro-segmentación** | Grupos de políticas de red para una seguridad avanzada. | S1 2026 | -| **Observabilidad** | Logs y métricas de rendimiento de la red. | S1 2026 | -| **Servicio DNS** | Resolución de nombres interna y externa. | S2 2026 | -| **VPN & Cloud Connect** | Conectividad segura hacia on-premise y nubes públicas. | S2 2026 | - -## Casos de Uso - -* **Alojamiento de aplicaciones críticas** que requieren un fuerte aislamiento. -* **Segmentación multi-proyecto** (Prod, Pre-prod, Dev). -* **Entornos de prueba** efímeros y aislados. -* **Bases de red soberanas** para datos sensibles. +| **Acceso a Internet** | Configurable mediante Gateway (NAT, DNAT, egress controlado). | Disponible | +| **IP flotantes** | Exposición flexible de servicios en Internet. | Disponible | +| **Microsegmentación** | Grupos de políticas de red para una seguridad avanzada. | 1T 2026 | +| **Observabilidad** | Registros y métricas de rendimiento de red. | 1T 2026 | +| **Servicio DNS** | Resolución de nombres internos y externos. | 2T 2026 | +| **VPN & Cloud Connect** | Conectividad segura hacia entornos locales y nubes públicas. | 2T 2026 | + +## Cas de Uso + +* **Hosting de aplicaciones críticas** que requieren una aislamiento fuerte. +* **Segmentación multi-proyectos** (Prod, Pre-prod, Dev). +* **Entornos de prueba** efímeros e aislados. +* **Infraestructuras de red soberanas** para datos sensibles. \ No newline at end of file diff --git a/i18n/es/docusaurus-plugin-content-docs/current/network/vpc/images/vpc_static_ips_details.png b/i18n/es/docusaurus-plugin-content-docs/current/network/vpc/images/vpc_static_ips_details.png new file mode 100644 index 00000000..50c0e627 Binary files /dev/null and b/i18n/es/docusaurus-plugin-content-docs/current/network/vpc/images/vpc_static_ips_details.png differ diff --git a/i18n/es/docusaurus-plugin-content-docs/current/network/vpc/quickstart.md b/i18n/es/docusaurus-plugin-content-docs/current/network/vpc/quickstart.md index 58d8d77b..e904162c 100644 --- a/i18n/es/docusaurus-plugin-content-docs/current/network/vpc/quickstart.md +++ b/i18n/es/docusaurus-plugin-content-docs/current/network/vpc/quickstart.md @@ -1,5 +1,5 @@ --- -title: Inicio rápido +title: Guía rápida --- import newTabNetwork from './images/new_tab_network.png' import vpcCreateButton from './images/vpc_create_button.png' @@ -15,80 +15,80 @@ import vpcNewStaticIps from './images/vpc_new_static_ips.png' import vpcNewStaticIpsModale from './images/vpc_new_static_ips_modale.png' import vpcStaticIpsAssociate from './images/vpc_static_ips_associate_png.png' -# Inicio Rápido VPC +# Guía Rápida de VPC -Esta guía le acompaña en la creación de su primer Virtual Private Cloud (VPC) y el despliegue de sus primeras redes privadas. +Esta guía le acompañará en la creación de su primer Cloud Privado Virtual (VPC) y en el despliegue de sus primeras redes privadas. -## Requisitos previos +## Requis previos -Actualmente, la activación del servicio VPC requiere tener una suscripción a una oferta **IaaS Open Source**. (Esta condición se eliminará posteriormente). +Actualmente, la activación del servicio VPC requiere haber suscrito una oferta **IaaS Open Source**. (Esta condición se eliminará posteriormente). ## Paso 1: Acceder a la Consola -1. Conéctese a la Consola Cloud Temple. +1. Inicie sesión en la Consola Cloud Temple. 2. En el menú de navegación, seleccione **Network** y luego **VPC**. -## Paso 2: Solicitar un VPC +## Paso 2: Crear un VPC -1. Haga clic en el botón **Nuevo VPC**. +1. Haz clic en el botón **Nuevo VPC**. -2. Complete el formulario guiado: - * **Nombre del VPC**: Elija un nombre único para identificar su entorno. - * **Descripción**: (Opcional) Añada una descripción. +2. Completa el formulario guiado: + * **Nombre del VPC**: Elige un nombre único para identificar tu entorno. + * **Descripción**: (Opcional) Añade una descripción. -3. Valide la creación. +3. Confirma la creación. -> **Nota**: El aprovisionamiento del VPC está totalmente automatizado y generalmente tarda menos de una hora. +> **Nota**: La provisión del VPC es completamente automática y suele tardar menos de una hora. -### Alternativa: A través de la pestaña Pedidos +### Alternativa: A través del panel Comandos -También puede iniciar el pedido de recursos VPC directamente desde el menú **Pedidos**. +También puede iniciar directamente el comando de recursos VPC desde el menú **Comandos**. -## Paso 3: Crear Redes Privadas +## Step 3: Create Private Networks -Una vez que su VPC esté activo: +Once your VPC is active: -1. Acceda al detalle de su VPC haciendo clic en su nombre. +1. Go to your VPC details by clicking on its name. -2. Vaya a la pestaña **Redes Privadas**. -3. Haga clic en **Añadir una red**. -4. Configure su red: - * **Nombre**: Nombre del segmento de red (ej: `backend`, `frontend`). - * **CIDR**: Rango de direcciones IP (ej: `192.168.1.0/24`). +2. Navigate to the **Private Networks** tab. +3. Click **Add a network**. +4. Configure your network: + * **Name**: Name of the network segment (e.g., `backend`, `frontend`). + * **CIDR**: IP address range (e.g., `192.168.1.0/24`). -## Paso 4: Activar la Pasarela y Solicitar IPs Públicas +## Paso 4: Activar la pasarela y solicitar direcciones IP públicas Para permitir el acceso a Internet y la exposición de servicios: -1. Compruebe si la pasarela está activada. Si no, haga clic en el botón de activación. +1. Verifique si la pasarela está activada. Si no lo está, haga clic en el botón de activación. -2. Una vez que la pasarela esté activa, vaya a la pestaña **IPs Públicas**. +2. Una vez activa la pasarela, vaya al panel **IPs públicas**. -> **Nota**: La lista "IPs Públicas" en la raíz del menú VPC muestra todas las IPs públicas disponibles, ya sean asociadas a un VPC o no. La pestaña "IPs Públicas" en el detalle de un VPC permite gestionar las asociadas a este VPC (requiere pasarela activa). +> **Nota**: La lista **IPs públicas** en la raíz del menú VPC muestra todas las direcciones IP públicas (asociadas o no). El panel **IPs públicas** en el detalle de un VPC permite gestionar únicamente las direcciones IP asociadas a ese VPC (requiere que la pasarela esté activa). -3. Haga clic en el botón para solicitar nuevas IPs, o haga clic en la acción "Asociar" para asociar una de las direcciones IP de la lista que aún no lo está. +3. Haga clic en el botón para solicitar nuevas IPs, o haga clic en la acción "Asociar" para asignar una de las direcciones IP de la lista que aún no esté asociada. -4. Seleccione el número de IPs que desea solicitar y confirme su pedido. +4. Seleccione la cantidad de IPs que desea solicitar y confirme su solicitud. ## Paso 5: Conectar sus recursos -Sus redes privadas ahora están disponibles en todas las zonas de disponibilidad (AZ) de la región. Puede conectar sus máquinas virtuales IaaS Open Source o sus servidores directamente desde sus respectivas interfaces de configuración. +Sus redes privadas ahora están disponibles en todas las zonas de disponibilidad (AZ) de la región. Puede conectar sus máquinas virtuales IaaS de código abierto o sus servidores directamente desde sus interfaces de configuración respectivas. -Para aprender a configurar una red VPC en una máquina virtual, consulte nuestro tutorial: [Configurar una IP Estática y una VM](./tutorials/vm_configuration). +Para aprender a configurar una red VPC en una máquina virtual, consulte nuestra guía paso a paso: [Configurar una IP estática y una VM](./tutorials/vm_configuration). \ No newline at end of file diff --git a/i18n/es/docusaurus-plugin-content-docs/current/network/vpc/tutorials/vm_configuration.md b/i18n/es/docusaurus-plugin-content-docs/current/network/vpc/tutorials/vm_configuration.md index 7863325e..072cf389 100644 --- a/i18n/es/docusaurus-plugin-content-docs/current/network/vpc/tutorials/vm_configuration.md +++ b/i18n/es/docusaurus-plugin-content-docs/current/network/vpc/tutorials/vm_configuration.md @@ -8,61 +8,61 @@ import vpcDetailIpsPub from '../images/vpc_detail_ips_pub.png' import vpcIpPubAssociate from '../images/vpc_ip_pub_associate.png' import vpcMacAddressAssociateModale from '../images/vpc_mac_address_associate_modale.png' -# Configuración de Red de la VM +# Network Configuration of the VM -Este tutorial le guía para conectar una máquina virtual a una red VPC y asignarle una IP estática (privada), así como una IP pública si es necesario. +This tutorial guides you through connecting a virtual machine to a VPC network and assigning it a static (private) IP address, as well as a public IP address if required. -## Requisitos previos +## Requis previos * Tener un VPC y una red privada creados. -* Tener una VM desplegada. +* Tener una VM desplegada (IaaS de código abierto o VMware). -## 1. Asignación de una IP Privada Estática +## 1. Asignación de una IP privada estática -Puede fijar la IP privada de su VM de dos maneras. +Puede fijar la IP privada de su máquina virtual de dos maneras. ### Método A: Desde la Máquina Virtual (Recomendado) -Este método le permite configurar la red y la IP en un solo paso al crear la interfaz. +Este método le permite configurar la red y la IP en una sola etapa durante la creación de la interfaz. -1. Acceda a la vista de detalles de su máquina virtual. -2. Vaya a la pestaña **Adaptadores de red**. -3. Haga clic en el botón **Nuevo adaptador de red** para añadir una interfaz. +1. Acceda a la vista detallada de su máquina virtual. +2. Vaya al panel **Adaptadores de red**. +3. Haga clic en el botón **Nuevo adaptador de red** para agregar una interfaz. -4. En la ventana modal, seleccione su red VPC. +4. En el cuadro de diálogo, seleccione su red VPC. -5. Una vez seleccionada la red, elija una de las IPs estáticas disponibles. +5. Una vez seleccionada la red, elija una de las direcciones IP estáticas disponibles. -6. Valide la creación. +6. Confirme la creación. -> **Nota**: Puede editar el adaptador de red posteriormente para cambiar de red si es necesario. +> **Nota**: Puede editar posteriormente el adaptador de red para cambiar de red si es necesario. -### Método B: Desde la vista de Redes Privadas +### Método B: Desde la vista Redes Privadas Este método es útil para reservar una IP antes de crear la VM o para modificar una asociación existente. 1. Acceda a la vista detallada de su VPC, pestaña **Redes Privadas**. -2. Despliegue el pool de direcciones IP de la red correspondiente. +2. Despliegue el grupo de direcciones IP de la red correspondiente. 3. Haga clic en la acción "Asociar a una dirección MAC" para una IP disponible. -4. En la ventana modal, asocie una de las IPs estáticas a una dirección MAC de una VM. +4. En el cuadro de diálogo, asocie una de las IPs estáticas a una dirección MAC de una VM. -## 2. Asociación de una IP Pública (Opcional) +## 2. Associating a Public IP (Optional) -Si desea que su VM sea accesible desde Internet. +If you want to make your VM accessible from the internet. -1. Desde la vista detallada de su VPC, vaya a la pestaña **IPs Públicas**. +1. From the detailed view of your VPC, go to the **Public IPs** tab. -2. Haga clic en el botón **Asociar una IP pública**. +2. Click the **Associate a public IP** button. -3. En la ventana modal, seleccione la red privada y la IP estática de destino, luego valide la asociación. +3. In the modal, select the target private network and static IP, then confirm the association. -4. Una vez realizada la asociación, puede utilizar esta dirección IP pública para acceder a su VM. +4. Once the association is complete, you can use this public IP address to access your VM. -## Configuración del SO Invitado +## Configuración del SO invitado -**Importante**: Para que la IP estática (privada) se asigne correctamente, asegúrese de que la interfaz de red de su sistema operativo invitado (OS) esté configurada en modo **DHCP**. El servicio DHCP del VPC asignará la dirección reservada. +**Importante**: Para que la dirección IP estática (privada) se asigne correctamente, asegúrese de que la interfaz de red de su sistema operativo invitado (OS) esté configurada en modo **DHCP**. El servicio DHCP del VPC se encargará de asignar la dirección reservada. \ No newline at end of file diff --git a/i18n/es/docusaurus-plugin-content-docs/current/network/vpc/vpc.md b/i18n/es/docusaurus-plugin-content-docs/current/network/vpc/vpc.md index 88f5f259..b50071e3 100644 --- a/i18n/es/docusaurus-plugin-content-docs/current/network/vpc/vpc.md +++ b/i18n/es/docusaurus-plugin-content-docs/current/network/vpc/vpc.md @@ -3,24 +3,24 @@ title: Visión general slug: /network/vpc --- -El VPC (Virtual Private Cloud) de Cloud Temple es un servicio de red gestionado que permite crear entornos privados, aislados y seguros de manera totalmente automatizada. Diseñado para una experiencia nativa de la nube, simplifica la gestión de flujos, el acceso a Internet y el direccionamiento IP, garantizando al mismo tiempo la soberanía de sus datos. +El VPC (Virtual Private Cloud) de Cloud Temple es un servicio de red gestionado que permite crear entornos privados, aislados y seguros de forma completamente automatizada. Diseñado para una experiencia nativa en la nube, simplifica la gestión de flujos, acceso a Internet y direcciones IP, garantizando al mismo tiempo la soberanía de sus datos. -El servicio le permite desplegar y gestionar sus redes privadas sin preocuparse por la complejidad de las configuraciones manuales, con una alta disponibilidad del 99,99%, medida mensualmente. +El servicio permite desplegar y gestionar sus redes privadas sin preocuparse por la complejidad de las configuraciones manuales, con una alta disponibilidad del 99,99 %, medida mensualmente.

Conceptos

-

Descubra la arquitectura, los componentes (Redes Privadas, Gateway) y los beneficios del VPC.

- Explorar conceptos → +

Descubra la arquitectura, los componentes (Redes privadas, Gateway) y los beneficios del VPC.

+ Explorar los conceptos →

Inicio rápido

-

Cree su primer VPC y configure sus redes privadas en pocos minutos.

- Lanzar Quickstart → +

Cree su primer VPC y configure sus redes privadas en cuestión de minutos.

+ Iniciar el inicio rápido →
-
+

Tutoriales

Guías paso a paso para casos de uso avanzados (Peering, VPN, etc.).

- Descubrir tutoriales → + Descubrir los tutoriales →
-
+
\ No newline at end of file diff --git a/i18n/it/docusaurus-plugin-content-docs/current/changelog.md b/i18n/it/docusaurus-plugin-content-docs/current/changelog.md index c2c8c40a..4d235fa9 100644 --- a/i18n/it/docusaurus-plugin-content-docs/current/changelog.md +++ b/i18n/it/docusaurus-plugin-content-docs/current/changelog.md @@ -5,21 +5,29 @@ sidebar_position: 2 # Change Tracking +### 19 January 2026: Managed Kubernetes and VPC Enhancements + +- **Managed Kubernetes**: Added support for **Bare Metal** nodes and **GPUs** (NVIDIA). +- **Managed Kubernetes**: New tutorial on using GPUs within a Kubernetes cluster. +- **Managed Kubernetes**: KubeCost replaced with a more recent guide on **OpenCost**. +- **Network (VPC)**: Comprehensive documentation for the Virtual Private Cloud (VPC) service, including high availability (HA) concepts, quick start guides, and tutorials. +- **Multilingual**: Full translation of the VPC service and new Kubernetes content into English, German, Spanish, and Italian. + ### December 15, 2025: Stabilization and Multilingual Fixes -- **Multilingual (Terraform, LLMaaS, Harbor)**: Major correction of translations in Spanish, Italian, and German. Resolution of MDX syntax issues (empty code blocks, unescaped tags) that were preventing site compilation. -- **Multilingual (Images)**: Restoration of correct image paths in the Italian and German versions for the Bastion and VMware IaaS sections. +- **Multilingual (Terraform, LLMaaS, Harbor)**: Major fixes to translations in Spanish, Italian, and German. Resolved MDX syntax issues (empty code blocks, unescaped tags) that were preventing site compilation. +- **Multilingual (Images)**: Restored correct image paths in the Italian and German versions for the Bastion and VMware IaaS sections. - **Build**: Validation of deployment across all 5 supported languages. -### 11 dicembre 2025: Novità Managed Kubernetes +### 11 dicembre 2025: Novità su Managed Kubernetes - **Managed Kubernetes**: Aggiunta di un nuovo tutorial sull'utilizzo di **Gateway API** per la gestione avanzata del traffico. -- **Managed Kubernetes**: Aggiornamento della documentazione sulla gestione delle quote (Ceph) e ottimizzazione degli strumenti per la gestione dei costi (OpenCost). +- **Managed Kubernetes**: Aggiornamento della documentazione sulla gestione delle quote (Ceph) e ottimizzazione degli strumenti per il controllo dei costi (OpenCost). ### November 22, 2025: LLMaaS Updates and General Improvements - **LLMaaS (OCR)**: Added comprehensive documentation for **DeepSeek-OCR**, our new model specialized in document analysis (PDFs, images), capable of extracting structured text, tables, and mathematical formulas. -- **Multilingual**: Resolved accessibility issues in the Italian and German versions of the documentation. +- **Multilingual**: Resolved accessibility issues on the Italian and German versions of the documentation. - **Quality**: Fixed code block display in LLMaaS tutorials and restored missing images in the Italian version of the VMware IaaS quick start guide. ### 20 November 2025: Major PaaS OpenShift Update @@ -28,8 +36,8 @@ sidebar_position: 2 ### 3 novembre 2025: Miglioramenti ai tutorial Kubernetes -- **Managed Kubernetes**: Aggiunta di un nuovo tutorial sul deployment continuo con **ArgoCD** e l'approccio GitOps. -- **Managed Kubernetes**: Revisione e miglioramento dei tutorial esistenti. I guide sul deployment, sulla rete, sulla gestione dei permessi (Capsule) e sul backup (Kasten) sono state arricchite per affrontare in modo più efficace tematiche legate alla sicurezza, alla governance e ai costi, in risposta alle esigenze dei profili RSSI e Acquirente. +- **Kubernetes gestito**: Aggiunta di un nuovo tutorial sul deployment continuo con **ArgoCD** e l'approccio GitOps. +- **Kubernetes gestito**: Revisione e miglioramento dei tutorial esistenti. I guide sul deployment, sulla rete, sulla gestione dei permessi (Capsule) e sul backup (Kasten) sono state arricchite per affrontare in modo più efficace tematiche legate alla sicurezza, alla governance e ai costi, in risposta alle esigenze dei profili RSSI e Acquirente. ### 28 October 2025: New Managed Kubernetes documentation and various improvements @@ -39,19 +47,19 @@ sidebar_position: 2 ### 18 ottobre 2025: Manutenzione e nuove documentazioni -- **LLMaaS**: Aggiunta di una nuova domanda alla FAQ per presentare la pagina di stato pubblico ([llmaas.status.cloud-temple.app](https://llmaas.status.cloud-temple.app/)), che consente di monitorare in tempo reale la disponibilità e le prestazioni di ciascun modello. -- **Contrattuale**: Aggiornamento significativo dell'Accordo sul Trattamento dei Dati (DPA v2) per riflettere gli ultimi requisiti legali e di conformità. +- **LLMaaS**: Aggiunta di una nuova domanda alla FAQ per presentare la pagina di stato pubblico ([llmaas.status.cloud-temple.app](https://llmaas.status.cloud-temple.app/)), che permette di monitorare in tempo reale la disponibilità e le prestazioni di ciascun modello. +- **Contrattuale**: Aggiornamento significativo dell'Accordo sul trattamento dei dati (DPA v2) per riflettere gli ultimi requisiti legali e di conformità. - **Console**: Miglioramento e chiarimento della documentazione relativa alla gestione dei comandi. - **Marketplace**: Aggiunta di un tutorial dettagliato sulla personalizzazione delle immagini delle macchine virtuali (VM) per creare modelli riutilizzabili. -- **LLMaaS**: Aggiunta di una guida per configurare l'estensione VSCode CLINE in modo da utilizzare direttamente dai modelli linguistici di Cloud Temple dall'editor. +- **LLMaaS**: Aggiunta di una guida per configurare l'estensione VSCode CLINE e utilizzare direttamente dai modelli linguistici di Cloud Temple dall'editor. - **Archiviazione oggetti (OSS)**: Aggiunta di dettagli sulla politica del ciclo di vita (Lifecycle) per la cancellazione dei dati. - **Archiviazione oggetti (OSS)**: Aggiunta di una guida alla risoluzione dei problemi relativi agli errori di checksum (`XAmzContentSHA256Mismatch`) con AWS CLI e Terraform. - **LLMaaS**: Aggiornamento dell'elenco dei modelli disponibili e ritraduzione di oltre 50 documenti per garantire coerenza. -### 14 August 2025: Improvements and Fixes +### 14 Agosto 2025: Miglioramenti e correzioni -- **LLMaaS**: Updated and clarified FAQ responses to better address technical and strategic questions. Added FAQ to navigation. -- **General**: Fixed several internal navigation links throughout the documentation for a smoother experience. +- **LLMaaS**: Aggiornamento e chiarimento delle risposte della FAQ per affrontare in modo più efficace domande tecniche e strategiche. Aggiunta della FAQ alla navigazione. +- **Generale**: Correzione di diversi link di navigazione interna all'interno della documentazione per un'esperienza più fluida. ### Luglio 2025: Nuove funzionalità e aggiornamenti principali @@ -67,12 +75,12 @@ sidebar_position: 2 ### June 29, 2025: Finalization of LLMaaS documentation -- Completion and validation of the full test suite. +- Full test suite validation. - Correction and validation of RAG pipelines with FAISS and Qdrant. - Enhancement of tutorials with more detailed technical explanations. - Addition of a section on prompt security and model lifecycle within the concepts. - Improvement of the RAG explanation page with diagrams and details on embedding models. - Update of the API documentation, quick start guide, and service presentation. - Addition of pricing for the Audio Transcription endpoint. -- Addition of the projected model lifecycle timeline. +- Addition of the forecasted model lifecycle timeline. - Addition of the responsibility matrix for the LLMaaS offering. \ No newline at end of file diff --git a/i18n/it/docusaurus-plugin-content-docs/current/console/security/security_alarms.md b/i18n/it/docusaurus-plugin-content-docs/current/console/security/security_alarms.md index ddc3855c..7bd8535e 100644 --- a/i18n/it/docusaurus-plugin-content-docs/current/console/security/security_alarms.md +++ b/i18n/it/docusaurus-plugin-content-docs/current/console/security/security_alarms.md @@ -1,47 +1,44 @@ - - --- title: Avvisi di sicurezza --- -Trova qui gli avvisi di sicurezza relativi ai nostri servizi cloud. -Questa pagina viene aggiornata quotidianamente per tenere conto delle vulnerabilità recentemente identificate. - - +Trovate qui gli avvisi di sicurezza relativi ai nostri servizi cloud. +Questa pagina viene aggiornata quotidianamente per tenere conto delle vulnerabilità appena identificate. ## Vulnerabilità | Data | Riferimento(i) | CVSS | Titolo | Descrizione | Servizio(i) | Gravità | Intervento | |---------------------|-----------------|-------------|--------------|---------|-------------|----------------|-------------| -| 07/08/2025 | [DSA-2025-154](https://www.dell.com/support/kbdoc/en-us/000262308/dsa-2025-154-security-update-for-dell-ecs-and-objectscale-use-of-hard-coded-ssh-cryptographic-key-vulnerability) | 8.4 | **DSA-2025-154 : Vulnerabilità in Dell ObjectScale (CVE-2025-26476)** | Una vulnerabilità (CVE-2025-26476) in Dell ObjectScale (< 4.0.0.0) relativa all'utilizzo di chiavi SSH codificate in modo statico che consente l'accesso non autenticato locale. | Object Storage | 🟠 Importante | ✅ La correzione dei vostri ambienti ObjectScale è supportata da Cloud Temple. Non è necessaria alcuna azione da parte vostra. | -| 15/07/2025 | [VMSA-2025-0013](https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/VMSA-2025-0013--VMware-ESXi--Workstation--Fusion--and-Tools-updates-address-multiple-vulnerabilities--CVE-2025-41236--CVE-2025-41237--CVE-2025-41238--CVE-2025-41239-/35877) | 9.3 | **VMSA-2025-0013 : Vulnerabilità importanti in VMware ESXi** | Diverse vulnerabilità importanti interessano VMware ESXi. Le correzioni sono fornite dal produttore. | IaaS By VMware | 🟠 Importante | ⚠️ Vi consigliamo di aggiornare i vostri hypervisor. Le versioni ESXi corrette sono disponibili non appena validate da Cloud Temple. La Console vi indica gli ESXi che necessitano di un aggiornamento. | -| 15/07/2025 | [VMSA-2025-0013](https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/VMSA-2025-0013--VMware-ESXi--Workstation--Fusion--and-Tools-updates-address-multiple-vulnerabilities--CVE-2025-41236--CVE-2025-41237--CVE-2025-41238--CVE-2025-41239-/35877) | 7.1 | **VMSA-2025-0013 : Vulnerabilità in VMware Tools (CVE-2025-41239)** | Una vulnerabilità (CVE-2025-41239) in VMware Tools consente la divulgazione di informazioni sensibili tramite vSockets non inizializzati. Le correzioni sono fornite dal produttore. | IaaS By VMware | 🟡 Moderata | ⚠️ Vi consigliamo di aggiornare VMware Tools sulle vostre macchine virtuali. Le versioni di VMware Tools corrette sono incluse nei pacchetti ESXi messi a disposizione da Cloud Temple. | -| 01/07/2025 | [XSA-470](https://xenbits.xen.org/xsa/advisory-470.html) | N/A | **Vulnerabilità XCP-NG dovuta a una cattiva gestione delle eccezioni** [Bulletin produttore](https://xcp-ng.org/blog/2025/07/03/july-2025-security-and-maintenance-update-for-xcp-ng-8-2-lts/) | Una vulnerabilità è stata scoperta in XCP-NG, che permette a un codice privilegiato eseguito da una macchina virtuale di causare il crash dell'hypervisor, provocando un negazione del servizio (DoS) sull'intero host. | IaaS OpenSource | 🟡 Moderata | ✅ L'aggiornamento delle vostre istanze XCP-ng è programmato non appena le correzioni saranno validate da Cloud Temple. Non è necessaria alcuna azione da parte vostra.| -| 23/05/2025 | [XSA-468](https://xenbits.xen.org/xsa/advisory-468.html) | 8.8-9.0 | **Vulnerabilità XCP-NG nei driver PV Windows (XSA-468)** [Bulletin produttore](https://xcp-ng.org/blog/2025/05/27/xsa-468-windows-pv-driver-vulnerabilities/) | Diverse vulnerabilità (CVE-2025-27462, CVE-2025-27463, CVE-2025-27464) nei driver PV Windows permettono a utenti non privilegiati di ottenere privilegi di sistema all'interno delle VM Windows. | IaaS OpenSource | 🟠 Importante | ⚠️ Vi consigliamo di aggiornare i driver PV Windows delle vostre macchine virtuali alle versioni corrette indicate nel bollettino di sicurezza. ✅ L'aggiornamento delle vostre istanze XCP-ng è programmato non appena le correzioni saranno validate da Cloud Temple. | -| 22/05/2025 | [XSA-469, INTEL-SA](https://xcp-ng.org/blog/2025/05/14/may-2025-security-update-for-xcp-ng-8-2-8-3/) | 4.9-6.5 | **Vulnerabilità XCP-NG nel microcodice Intel e Xen (XSA-469, INTEL-SA)** [Bulletin produttore](https://xcp-ng.org/blog/2025/05/14/may-2025-security-update-for-xcp-ng-8-2-8-3/) | Sono stati pubblicati aggiornamenti di sicurezza per XCP-ng, che correggono diverse vulnerabilità nel microcodice Intel e Xen. | IaaS OpenSource | 🟡 Moderata | ✅ L'aggiornamento delle vostre istanze XCP-ng è programmato non appena le correzioni saranno validate da Cloud Temple. Non è necessaria alcuna azione da parte vostra.| -| 21/05/2025 | [VMSA-2025-0010](https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25717) | 4.3-6.8 | **VMSA-2025-0010 : Multiple vulnerabilità in VMware ESXi (CVE-2025-41226, CVE-2025-41227, CVE-2025-41228)** | Diverse vulnerabilità in VMware ESXi sono state segnalate: Vulnerabilità di negazione del servizio per le operazioni guest (CVE-2025-41226), Vulnerabilità di negazione del servizio (CVE-2025-41227), Vulnerabilità di tipo Cross Site Scripting (XSS) (CVE-2025-41228). Le correzioni sono fornite dal produttore. | IaaS By VMware | 🟡 Moderata | ⚠️ Vi consigliamo di aggiornare i vostri hypervisor. Le versioni ESXi corrette sono disponibili non appena validate da Cloud Temple. La Console vi indica gli ESXi che necessitano di un aggiornamento. | -| 21/05/2025 | [VMSA-2025-0010](https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25717) | 4.3-8.8 | **VMSA-2025-0010 : Multiple vulnerabilità in vCenter (CVE-2025-41225, CVE-2025-41228)** | Diverse vulnerabilità in VMware vCenter sono state segnalate: Vulnerabilità di esecuzione di comandi autenticati in VMware vCenter Server (CVE-2025-41225), Vulnerabilità di tipo Cross Site Scripting (XSS) (CVE-2025-41228). Le correzioni sono fornite dal produttore. | IaaS By VMware | 🟠 Importante | ✅ L'aggiornamento delle vostre istanze vCenter è programmato non appena le correzioni saranno validate da Cloud Temple. Non è necessaria alcuna azione da parte vostra. L'aggiornamento è segnalato nelle notifiche Console. | -| 14/05/2025 | [VMSA-2025-0007](https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25683) | 6.1 | **VMSA-2025-0007 : Vulnerabilità di gestione dei file non sicura in VMware Tools (CVE-2025-22247)** | Una vulnerabilità di gestione dei file non sicura in VMware Tools è stata segnalata. Le correzioni sono fornite dal produttore. | IaaS By VMware | 🟡 Moderata | ⚠️ Vi consigliamo di aggiornare VMware Tools sulle vostre macchine virtuali. Le versioni di VMware Tools corrette sono incluse nei pacchetti ESXi messi a disposizione da Cloud Temple. | -| 25/03/2025 | [VMSA-2025-0005](https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25518) | 7.8 | **VMSA-2025-0005 : Vulnerabilità di bypass dell'autenticazione in VMware Tools per Windows (CVE-2025-22230)** | Una vulnerabilità di bypass dell'autenticazione in VMware Tools per Windows è stata segnalata. Le correzioni sono fornite dal produttore. | IaaS By VMware | 🟠 Importante | ⚠️ Vi consigliamo di aggiornare VMware Tools sulle vostre macchine virtuali. Le versioni di VMware Tools corrette sono incluse nei pacchetti ESXi messi a disposizione da Cloud Temple | -| 04/03/2025 | [VMSA-2025-0004](https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25390) | 7.1-9.3 | **VMSA-2025-0004 : Multiple vulnerabilità in VMware ESXi (CVE-2025-22224, CVE-2025-22225, CVE-2025-22226)** | Diverse vulnerabilità in VMware ESXi sono state segnalate: Vulnerabilità di sovraccarico della memoria VMCI (CVE-2025-22224) valutata Critica da VMware, Vulnerabilità di scrittura arbitraria in VMware ESXi (CVE-2025-22225), Vulnerabilità di divulgazione di informazioni HGFS (CVE-2025-22226). Le correzioni sono fornite dal produttore. | IaaS By VMware | 🟠 Importante | ⚠️ Vi consigliamo di aggiornare i vostri hypervisor. Le versioni ESXi corrette sono disponibili non appena validate da Cloud Temple. La Console vi indica gli ESXi che necessitano di un aggiornamento. | - - +| 23/12/2025 | [CVE-2025-14443](https://access.redhat.com/security/cve/CVE-2025-14443) | 8.5 | **Vulnerabilità in Red Hat OpenShift (CVE-2025-14443)** | Una vulnerabilità nel componente `openshift-apiserver` permette un elevamento dei privilegi. L'exploit richiede un'autenticazione preliminare. | PaaS OpenShift | 🟠 Importante | ⚠️ Nessun patch disponibile al momento. Stiamo attendendo il fix da parte di Red Hat. | +| 30/09/2025 | [VMSA-2025-0016](https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36150) | 8.5 | **VMSA-2025-0016: Vulnerabilità in VMware vCenter (CVE-2025-41250)** | Una vulnerabilità (CVE-2025-41250) permette a un attaccante autenticato di modificare gli indirizzi email delle notifiche delle attività pianificate. | IaaS By VMware | 🟠 Importante | ⚠️ Vi consigliamo di pianificare un aggiornamento di vCenter (vers. 8.0 U3g o 7.0 U3w). | +| 30/09/2025 | [VMSA-2025-0015](https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36149) | 7.6 | **VMSA-2025-0015: Vulnerabilità in VMware Tools (Windows)** | Una vulnerabilità (CVE-2025-41246) che colpisce VMware Tools per Windows permette un elevamento dei privilegi (richiede accesso locale autenticato). | IaaS By VMware | 🟡 Moderata | ⚠️ Vi consigliamo di pianificare un aggiornamento di VMware Tools Windows (vers. 13.0.5 o 12.5.4). | +| 07/08/2025 | [DSA-2025-154](https://www.dell.com/support/kbdoc/en-us/000262308/dsa-2025-154-security-update-for-dell-ecs-and-objectscale-use-of-hard-coded-ssh-cryptographic-key-vulnerability) | 8.4 | **DSA-2025-154: Vulnerabilità in Dell ObjectScale (CVE-2025-26476)** | Una vulnerabilità (CVE-2025-26476) in Dell ObjectScale (< 4.0.0.0) legata all'uso di chiavi SSH codificate in modo statico permette un accesso non autenticato in locale. | Object Storage | 🟠 Importante | ✅ La correzione dei vostri ambienti ObjectScale è gestita da Cloud Temple. Nessuna azione da parte vostra è necessaria. | +| 15/07/2025 | [VMSA-2025-0013](https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/VMSA-2025-0013--VMware-ESXi--Workstation--Fusion--and-Tools-updates-address-multiple-vulnerabilities--CVE-2025-41236--CVE-2025-41237--CVE-2025-41238--CVE-2025-41239-/35877) | 9.3 | **VMSA-2025-0013: Vulnerabilità importanti in VMware ESXi** | Diverse vulnerabilità importanti colpiscono VMware ESXi. I patch sono forniti dall'editore. | IaaS By VMware | 🟠 Importante | ⚠️ Vi consigliamo di aggiornare i vostri iper-visor. Le versioni ESXi corrette sono disponibili non appena validate da Cloud Temple. La Console vi indica gli ESXi che richiedono un aggiornamento. | +| 15/07/2025 | [VMSA-2025-0013](https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/VMSA-2025-0013--VMware-ESXi--Workstation--Fusion--and-Tools-updates-address-multiple-vulnerabilities--CVE-2025-41236--CVE-2025-41237--CVE-2025-41238--CVE-2025-41239-/35877) | 7.1 | **VMSA-2025-0013: Vulnerabilità in VMware Tools (CVE-2025-41239)** | Una vulnerabilità (CVE-2025-41239) in VMware Tools permette la divulgazione di informazioni sensibili tramite vSockets non inizializzati. I patch sono forniti dall'editore. | IaaS By VMware | 🟡 Moderata | ⚠️ Vi consigliamo di aggiornare VMware Tools sulle vostre macchine virtuali. Le versioni corrette sono incluse nei pacchetti ESXi messi a disposizione da Cloud Temple. | +| 01/07/2025 | [XSA-470](https://xenbits.xen.org/xsa/advisory-470.html) | N/A | **Vulnerabilità XCP-NG dovuta a gestione errata delle eccezioni** [Comunicato dell'editore](https://xcp-ng.org/blog/2025/07/03/july-2025-security-and-maintenance-update-for-xcp-ng-8-2-lts/) | Una vulnerabilità è stata scoperta in XCP-NG, che permette a un codice privilegiato eseguito da una macchina virtuale di causare il crash dell'iper-visor, provocando un negazione del servizio (DoS) sull'intero host. | IaaS OpenSource | 🟡 Moderata | ✅ L'aggiornamento delle vostre istanze XCP-ng è pianificato non appena i patch saranno validati da Cloud Temple. Nessuna azione da parte vostra è necessaria. | +| 23/05/2025 | [XSA-468](https://xenbits.xen.org/xsa/advisory-468.html) | 8.8-9.0 | **Vulnerabilità XCP-NG nei driver PV Windows (XSA-468)** [Comunicato dell'editore](https://xcp-ng.org/blog/2025/05/27/xsa-468-windows-pv-driver-vulnerabilities/) | Diverse vulnerabilità (CVE-2025-27462, CVE-2025-27463, CVE-2025-27464) nei driver PV Windows permettono a utenti non privilegiati di ottenere privilegi di sistema all'interno delle VM Windows. | IaaS OpenSource | 🟠 Importante | ⚠️ Vi consigliamo di aggiornare i driver PV Windows delle vostre macchine virtuali alle versioni corrette indicate nel comunicato di sicurezza. ✅ L'aggiornamento delle vostre istanze XCP-ng è pianificato non appena i patch saranno validati da Cloud Temple. | +| 22/05/2025 | [XSA-469, INTEL-SA](https://xcp-ng.org/blog/2025/05/14/may-2025-security-update-for-xcp-ng-8-2-8-3/) | 4.9-6.5 | **Vulnerabilità XCP-NG nel microcodice Intel e Xen (XSA-469, INTEL-SA)** [Comunicato dell'editore](https://xcp-ng.org/blog/2025/05/14/may-2025-security-update-for-xcp-ng-8-2-8-3/) | Sono stati rilasciati aggiornamenti di sicurezza per XCP-ng, che correggono diverse vulnerabilità nel microcodice Intel e Xen. | IaaS OpenSource | 🟡 Moderata | ✅ L'aggiornamento delle vostre istanze XCP-ng è pianificato non appena i patch saranno validati da Cloud Temple. Nessuna azione da parte vostra è necessaria. | +| 21/05/2025 | [VMSA-2025-0010](https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25717) | 4.3-6.8 | **VMSA-2025-0010: Multiple vulnerabilità in VMware ESXi (CVE-2025-41226, CVE-2025-41227, CVE-2025-41228)** | Sono state segnalate diverse vulnerabilità in VMware ESXi: vulnerabilità di negazione del servizio per le operazioni dell'ospite (CVE-2025-41226), vulnerabilità di negazione del servizio (CVE-2025-41227), vulnerabilità di tipo Cross Site Scripting (XSS) (CVE-2025-41228). I patch sono forniti dall'editore. | IaaS By VMware | 🟡 Moderata | ⚠️ Vi consigliamo di aggiornare i vostri iper-visor. Le versioni ESXi corrette sono disponibili non appena validate da Cloud Temple. La Console vi indica gli ESXi che richiedono un aggiornamento. | +| 21/05/2025 | [VMSA-2025-0010](https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25717) | 4.3-8.8 | **VMSA-2025-0010: Multiple vulnerabilità in vCenter (CVE-2025-41225, CVE-2025-41228)** | Sono state segnalate diverse vulnerabilità in VMware vCenter: vulnerabilità di esecuzione di comandi autenticati in VMware vCenter Server (CVE-2025-41225), vulnerabilità di tipo Cross Site Scripting (XSS) (CVE-2025-41228). I patch sono forniti dall'editore. | IaaS By VMware | 🟠 Importante | ✅ L'aggiornamento delle vostre istanze vCenter è pianificato non appena i patch saranno validati da Cloud Temple. Nessuna azione da parte vostra è necessaria. L'aggiornamento è segnalato nelle notifiche Console. | +| 14/05/2025 | [VMSA-2025-0007](https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25683) | 6.1 | **VMSA-2025-0007: Vulnerabilità di gestione file non sicura in VMware Tools (CVE-2025-22247)** | È stata segnalata una vulnerabilità di gestione file non sicura in VMware Tools. I patch sono forniti dall'editore. | IaaS By VMware | 🟡 Moderata | ⚠️ Vi consigliamo di aggiornare VMware Tools sulle vostre macchine virtuali. Le versioni corrette sono incluse nei pacchetti ESXi messi a disposizione da Cloud Temple. | +| 25/03/2025 | [VMSA-2025-0005](https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25518) | 7.8 | **VMSA-2025-0005: Vulnerabilità di bypass dell'autenticazione in VMware Tools per Windows (CVE-2025-22230)** | È stata segnalata una vulnerabilità di bypass dell'autenticazione in VMware Tools per Windows. I patch sono forniti dall'editore. | IaaS By VMware | 🟠 Importante | ⚠️ Vi consigliamo di aggiornare VMware Tools sulle vostre macchine virtuali. Le versioni corrette sono incluse nei pacchetti ESXi messi a disposizione da Cloud Temple. | +| 04/03/2025 | [VMSA-2025-0004](https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25390) | 7.1-9.3 | **VMSA-2025-0004: Multiple vulnerabilità in VMware ESXi (CVE-2025-22224, CVE-2025-22225, CVE-2025-22226)** | Sono state segnalate diverse vulnerabilità in VMware ESXi: vulnerabilità di overflow nel tas VMCI (CVE-2025-22224) valutata Critica da VMware, vulnerabilità di scrittura arbitraria in VMware ESXi (CVE-2025-22225), vulnerabilità di divulgazione di informazioni HGFS (CVE-2025-22226). I patch sono forniti dall'editore. | IaaS By VMware | 🟠 Importante | ⚠️ Vi consigliamo di aggiornare i vostri iper-visor. Le versioni ESXi corrette sono disponibili non appena validate da Cloud Temple. La Console vi indica gli ESXi che richiedono un aggiornamento. | ## Informazioni - **Data** : Data di pubblicazione iniziale dell'avviso di sicurezza Cloud Temple. - **Riferimento(i)** : ID CVE, se disponibile. -- **CVSS** : Punteggio CVSS v3 di base come riportato dall'editore o dal CVE, non contestualizzato. La contestualizzazione è espressa dalla gravità CT. Se l'avviso riguarda più vulnerabilità, sono indicati i punteggi CVSS minimo e massimo. +- **CVSS** : Punteggio CVSS v3 di base come riportato dall'editore o dal CVE, non contestualizzato. La contestualizzazione è espressa dalla severità CT. Se l'avviso riguarda più vulnerabilità, vengono indicati i punteggi CVSS minimo e massimo. - **Titolo** : Titolo dell'avviso, con riferimento all'editore se disponibile. -- **Descrizione** : Descrizione sintetica, con collegamento(i) alle informazioni dettagliate. +- **Descrizione** : Descrizione sintetica, con collegamento(i) a informazioni dettagliate. - **Servizio(i)** : Servizio(i) Cloud Temple potenzialmente interessato(i). -- **Gravità** : Livello di gravità nel contesto dei servizi Cloud Temple (per la vulnerabilità più critica in caso di più vulnerabilità). I criteri di sfruttamento sono presi in considerazione nel contesto tecnico delle nostre infrastrutture e servizi Cloud. +- **Severità** : Livello di severità nel contesto dei servizi Cloud Temple (per la vulnerabilità più critica in caso di più vulnerabilità). Sono presi in considerazione i criteri di sfruttamento nel contesto tecnico delle nostre infrastrutture e servizi Cloud. | Livello | Descrizione | |--------|-------------| -| 🔴 **Critico** | Vulnerabilità CVSS 7+ che presenta un rischio di sfruttamento importante (forte esposizione, facilità di sfruttamento). È fortemente consigliata una correzione o mitigazione nel più breve tempo possibile.| -| 🟠 **Importante** | Vulnerabilità CVSS 7+ che non presenta un rischio di sfruttamento importante (esposizione limitata o restrizioni di sfruttamento) | -| 🟡 **Moderato** | Vulnerabilità CVSS 4+ | -| 🔵 **Basso** | Vulnerabilità CVSS inferiore a 4, o non sfruttabile. | +| 🔴 **Critica** | Vulnerabilità con CVSS 7+ che presenta un rischio significativo di sfruttamento (ampia esposizione, facilità di sfruttamento). È fortemente raccomandato applicare una correzione o mitigazione nel minor tempo possibile. | +| 🟠 **Importante** | Vulnerabilità con CVSS 7+ che non presenta un rischio significativo di sfruttamento (esposizione limitata o vincoli allo sfruttamento). | +| 🟡 **Moderata** | Vulnerabilità con CVSS 4+ | +| 🔵 **Bassa** | Vulnerabilità con CVSS inferiore a 4, o non sfruttabile. | - **Trattamento** : Informazioni e raccomandazioni nel contesto dei servizi Cloud Temple. ⚠️ indica che è necessaria un'azione da parte degli utenti per trattare la vulnerabilità. ✅ indica che il trattamento della vulnerabilità è gestito da Cloud Temple. \ No newline at end of file diff --git a/i18n/it/docusaurus-plugin-content-docs/current/llmaas/concepts.md b/i18n/it/docusaurus-plugin-content-docs/current/llmaas/concepts.md index a7071122..d79e5d23 100644 --- a/i18n/it/docusaurus-plugin-content-docs/current/llmaas/concepts.md +++ b/i18n/it/docusaurus-plugin-content-docs/current/llmaas/concepts.md @@ -21,9 +21,9 @@ import ArchitectureLLMaaS from './images/llmaas_architecture_001.png'; #### 1. **API Gateway LLMaaS** - **Compatibile OpenAI** : Integrazione trasparente con l'ecosistema esistente -- **Limitazione velocità** : Gestione dei limiti di utilizzo per livello di fatturazione -- **Equilibrio carico** : Distribuzione intelligente su 12 macchine GPU -- **Monitoraggio** : Metriche in tempo reale e allarmi +- **Limitazione delle richieste** : Gestione dei limiti di utilizzo per livello di fatturazione +- **Load Balancing** : Distribuzione intelligente su 12 macchine GPU +- **Monitoraggio** : Metriche in tempo reale e notifiche di allerta #### 2. **Servizio di Autenticazione** - **Token API sicuri** : Rotazione automatica @@ -32,16 +32,16 @@ import ArchitectureLLMaaS from './images/llmaas_architecture_001.png'; ## 🤖 Modelli e Token -### Catalogo di Modelli +### Elenco dei Modelli -*Catalogo completo: [Elenco dei modelli](./models)* +*Elenco completo: [Elenco dei modelli](./models)* ### Gestione dei token #### **Tipi di token** - **Token di input**: Il tuo prompt e il contesto - **Token di output**: La risposta generata dal modello -- **Token di sistema**: Metadata e istruzioni +- **Token di sistema**: Metadati e istruzioni #### **Calcolo dei Costi** ``` @@ -55,8 +55,8 @@ Costo totale = (Tokens di input × 0,9€/M) + (Tokens di output × 4€/M) + (T ### Tokenizzazione -```python # Esempio di stima dei token +```python def estimate_tokens(text: str) -> int: """Stima approssimativa: 1 token ≈ 4 caratteri""" return len(text) // 4 @@ -69,11 +69,11 @@ total_cost = (estimated_input * 0.9 + response_max * 4) / 1_000_000 print(f"Costo stimato: {total_cost:.6f}€") ``` -## 🔒 Sicurezza e conformità +## 🔒 Security and Compliance ### Qualificaizione SecNumCloud -Il servizio LLMaaS è erogato su un'infrastruttura tecnica che gode della **qualifica SecNumCloud 3.2** dell'ANSSI, che garantisce: +Il servizio LLMaaS è erogato su un'infrastruttura tecnica che gode della **qualifica SecNumCloud 3.2** dell'ANSSI, garantendo: #### **Protezione dei Dati** - **Crittografia end-to-end**: TLS 1.3 per tutti gli scambi @@ -90,7 +90,7 @@ Il servizio LLMaaS è erogato su un'infrastruttura tecnica che gode della **qual - **Ritenzione** : Conservazione secondo le politiche legali - **Conformità** : Report di audit disponibili -### Controlli di sicurezza +### Security Controls import SecurityControls from './images/llmaas_security_002.png'; @@ -101,11 +101,11 @@ import SecurityControls from './images/llmaas_security_002.png'; L'analisi dei prompt è una funzionalità di sicurezza **nativa e integrata** nella piattaforma LLMaaS. Abilitata per impostazione predefinita, ha lo scopo di rilevare e prevenire tentativi di "jailbreak" o di iniezione di prompt malevoli prima che raggiungano effettivamente il modello. Questa protezione si basa su un approccio multilivello. :::tip Contatta il supporto per la disattivazione -È possibile disattivare questa analisi di sicurezza in casi d'uso molto specifici, anche se non è consigliato. Per qualsiasi domanda in merito o per richiedere la disattivazione, ti preghiamo di contattare il supporto Cloud Temple. +È possibile disattivare questa analisi di sicurezza in casi d'uso molto specifici, anche se ciò non è raccomandato. Per qualsiasi domanda in merito o per richiedere la disattivazione, ti preghiamo di contattare il supporto Cloud Temple. ::: #### 1. Analisi Strutturale (`check_structure`) -- **JSON malformato** : Il sistema rileva se il prompt inizia con un `{` e tenta di analizzarlo come JSON. Se l'analisi ha successo e il JSON contiene parole chiave sospette (es: "system", "bypass"), oppure se l'analisi fallisce in modo imprevisto, ciò può indicare un tentativo di iniezione. +- **JSON malformato** : Il sistema verifica se il prompt inizia con un `{` e tenta di analizzarlo come JSON. Se l'analisi ha successo e il JSON contiene parole chiave sospette (es: "system", "bypass"), oppure se l'analisi fallisce in modo imprevisto, ciò può indicare un tentativo di iniezione. - **Normalizzazione Unicode** : Il prompt viene normalizzato utilizzando `unicodedata.normalize('NFKC', prompt)`. Se il prompt originale differisce dalla sua versione normalizzata, ciò può indicare l'uso di caratteri Unicode ingannevoli (omografi) per eludere i filtri. Ad esempio, "аdmin" (cirillico) invece di "admin" (latino). #### 2. Detection of Suspicious Patterns (`check_patterns`) @@ -115,7 +115,7 @@ L'analisi dei prompt è una funzionalità di sicurezza **nativa e integrata** ne - **HTML Injection**: Hidden or malicious HTML tags, for example ` -Kubernetes gestito da Cloud Temple è una soluzione di orchestrazione dei container basata su software open source, progettata per offrire un elevato livello di sicurezza, resilienza e automazione sulle piattaforme SecNumcloud di Cloud Temple. Ogni cluster viene distribuito in un ambiente IaaS Cloud-Temple OpenIaaS completamente dedicato al cliente. +Kubernetes gestito da Cloud Temple è una soluzione di orchestrazione dei contenitori basata su software open source, progettata per offrire un elevato livello di sicurezza, resilienza e automazione sulle piattaforme SecNumcloud di Cloud Temple. Ogni cluster viene distribuito in un ambiente IaaS Cloud-Temple OpenIaaS completamente dedicato al cliente. -Questo servizio è pensato per gli esperti Kubernetes e gli appassionati di open source che cercano una soluzione nativa, portabile, priva di componenti aggiuntivi del costruttore, su un sistema operativo minimalista e immutabile, progettato per l'automazione e la sicurezza. +Questo servizio è pensato per team con una solida conoscenza di Kubernetes e per gli appassionati di open source che cercano una soluzione nativa, portabile, priva di componenti aggiuntivi del costruttore, su un sistema operativo minimalista e immutabile, progettato per l'automazione e la sicurezza. ### Principali Benefici + - **Sovranità e Reversibilità**: La soluzione si basa su standard open source (Kubernetes CNCF) per evitare qualsiasi dipendenza tecnologica e garantire la portabilità delle applicazioni. Lo strumento di backup Veeam Kasten, incluso nell'offerta, è specificamente progettato per semplificare le migrazioni da un cloud a un altro. -- **Sicurezza "Zero-Trust" e Governance**: L'architettura si basa su Talos OS, un sistema operativo immutabile senza accesso diretto (né shell, né SSH), che riduce drasticamente la superficie d'attacco. Questa approccio è integrato con strumenti di governance come Kyverno per la gestione delle policy e Capsule per una gestione fine dei diritti, costituendo una base solida per una strategia di sicurezza "Zero-Trust". +- **Sicurezza "Zero-Trust" e Governance**: L'architettura si basa su Talos OS, un sistema operativo immutabile senza accesso diretto (né shell, né SSH), che riduce drasticamente la superficie di attacco. Questa approccio è integrato con strumenti di governance come Kyverno per la gestione delle policy e Capsule per una gestione fine dei diritti, costituendo una base solida per una strategia di sicurezza "Zero-Trust". - **Controllo dei Costi e Integrazione**: La soluzione include nativamente strumenti FinOps come OpenCost per un monitoraggio preciso dei consumi. Il modello economico è trasparente, basato sulle risorse IaaS consumate, e l'utilizzo di componenti open source riconosciuti (Cilium, Ceph, ArgoCD) facilita l'integrazione nei vostri ecosistemi esistenti. -### A complete and ready-to-use platform -The solution natively includes a full, coherent stack of cutting-edge open-source tools to cover all requirements across the application lifecycle: +### A complete and ready-to-use platform + +The solution natively includes a full, coherent stack of cutting-edge open-source tools to cover all needs throughout the application lifecycle: -- **Networking and Security**: Cilium, Hubble, Kyverno, Capsule +- **Networking and Security**: Cilium, Hubble, MetalLB, Ingress Nginx, Kyverno, Capsule - **Storage**: Rook-Ceph - **Continuous Deployment (GitOps)**: ArgoCD - **Observability**: Prometheus, Grafana, Loki - **Backup and Migration**: Veeam Kasten - **Cost Management (FinOps)**: OpenCost -## Architetture di distribuzione +## Architetture di Distribuzione Proponiamo due architetture distinte per rispondere alle vostre esigenze, sia per ambienti di sviluppo che per ambienti di produzione critici. -### Dev/Test Architecture +### Architecture "Dev/Test" -Ideal for non-production environments, this compact architecture deploys all resources within a single Availability Zone (AZ). It is designed for agility and cost efficiency. +Ideale per ambienti non di produzione, questa architettura compatta distribuisce tutte le risorse all'interno di una singola zona di disponibilità (AZ). È progettata per agilità e controllo dei costi. -- **Use cases**: Development, testing, proof-of-concept (POC). -- **Key features**: - - 1 Control Plane node. - - 3 Worker nodes (or more). - - Distributed storage (Ceph) is co-located on the Worker nodes. - - No high availability SLA. - - No security restrictions. +- **Casi d'uso**: Sviluppo, test, proof-of-concept (POC). +- **Punti chiave**: + - 1 nodo Control Plane. + - 3 nodi Workers (o più). + - Il storage distribuito (Ceph) è co-localizzato sui nodi workers. + - Non beneficia di un SLA di alta disponibilità. + - Nessuna restrizione di sicurezza -Mono-AZ Architecture +Architecture Mono-AZ ### Architettura Produzione (Multi-AZ) @@ -67,22 +69,24 @@ Progettata per l'ambiente di produzione e per applicazioni critiche, questa arch - **Punti chiave**: - **Alta disponibilità**: 3 nodi Control Plane distribuiti su 3 AZ. - **Archiviazione dedicata**: 3 nodi di archiviazione dedicati e distribuiti per prestazioni e resilienza. - - **Workers distribuiti**: Almeno 3 nodi worker, uno per AZ. + - **Nodi Worker distribuiti**: Almeno 3 nodi worker, uno per AZ. + - **Nodi Bare Metal (opzionale)**: Integrazione possibile di nodi worker di tipo **"Bare Metal"** per esigenze prestazionali specifiche, in particolare il **supporto per GPU**. - **SLA del 99,90%**. Architettura Multi-AZ -### Componenti tecnici dettagliati +### Componenti tecnici dettagliati + L'offerta include in dettaglio i seguenti componenti: -- CNI Cillium, con interfaccia di osservabilità (Hubble) -- Ingress interni ed esterni con MetalLB e nginx -- Archiviazione distribuita Rook-Ceph -- Cert-Manager -- ArgoCD -- Stack Prometheus (Prometheus, Grafana, Loki) -- Registry container Harbor -- Gestione dei costi con OpenCost -- Politiche di sicurezza avanzate con Kyverno e Capsule -- Veeam Kasten (backup, automazioni tra ambienti e reversibilità) +- CNI Cillium, con interfaccia di osservabilità (Hubble) +- Ingress interni ed esterni con MetalLB e nginx +- Archiviazione distribuita Rook-Ceph +- Cert-Manager +- ArgoCD +- Stack Prometheus (Prometheus, Grafana, Loki) +- Registry container Harbor +- Gestione dei costi con OpenCost +- Politiche di sicurezza avanzate con Kyverno e Capsule +- Veeam Kasten (backup, automazioni tra ambienti e reversibilità) - Autenticazione SSO con un Identity Provider esterno OIDC (Microsoft Entra, FranceConnect, Okta, AWS IAM, Google, Salesforce, ...) \ No newline at end of file diff --git a/i18n/it/docusaurus-plugin-content-docs/current/managed_kubernetes/tutorials/images/nvidiasmi.png b/i18n/it/docusaurus-plugin-content-docs/current/managed_kubernetes/tutorials/images/nvidiasmi.png new file mode 100644 index 00000000..54abb537 Binary files /dev/null and b/i18n/it/docusaurus-plugin-content-docs/current/managed_kubernetes/tutorials/images/nvidiasmi.png differ diff --git a/i18n/it/docusaurus-plugin-content-docs/current/managed_kubernetes/tutorials/images/opencostgrafana.png b/i18n/it/docusaurus-plugin-content-docs/current/managed_kubernetes/tutorials/images/opencostgrafana.png new file mode 100644 index 00000000..3e3000d1 Binary files /dev/null and b/i18n/it/docusaurus-plugin-content-docs/current/managed_kubernetes/tutorials/images/opencostgrafana.png differ diff --git a/i18n/it/docusaurus-plugin-content-docs/current/managed_kubernetes/tutorials/usinggpu.md b/i18n/it/docusaurus-plugin-content-docs/current/managed_kubernetes/tutorials/usinggpu.md new file mode 100644 index 00000000..019a5e56 --- /dev/null +++ b/i18n/it/docusaurus-plugin-content-docs/current/managed_kubernetes/tutorials/usinggpu.md @@ -0,0 +1,57 @@ +--- +title: Usare una GPU nVidia +--- + +import nvidiasmi from './images/nvidiasmi.png' + +# Utilizzare una GPU su Kubernetes Gestito + +Questo tutorial ti mostra come distribuire un pod che utilizza una risorsa GPU in un cluster Kubernetes Gestito configurato con nodi "Bare Metal" dotati di GPU NVIDIA. + +## Prerequisiti + +- Un cluster Kubernetes gestito con almeno un nodo worker di tipo "Bare Metal" con GPU. + +## Esempio di manifesto di Pod + +Ecco un esempio di manifesto di pod che esegue il comando `nvidia-smi` per verificare la presenza e lo stato della scheda GPU. + +```yaml +apiVersion: v1 +kind: Pod +metadata: + name: nvidia-cuda-check +spec: + runtimeClassName: nvidia # Chiave per Talos NVIDIA + restartPolicy: Never + containers: + - name: nvidia-version-check + image: "nvidia/cuda:13.1.0-devel-ubuntu24.04" + imagePullPolicy: Always + command: ["nvidia-smi"] +``` + +### Spiegazione del Manifesto + +- **`runtimeClassName: nvidia`**: È la parte più importante. Indica a Kubernetes di utilizzare il runtime NVIDIA. Il toolkit NVIDIA si occupa quindi di iniettare direttamente i driver NVIDIA all'interno del pod, consentendo al contenitore di accedere al GPU. +- **`restartPolicy: Never`**: Poiché questo pod è semplicemente un comando di verifica, non vogliamo che venga riavviato dopo il suo completamento. +- **`image: "nvidia/cuda:..."`**: Utilizziamo un'immagine fornita da NVIDIA che contiene gli strumenti necessari per interagire con il GPU. +- **`command: ["nvidia-smi"]`**: È il comando che verrà eseguito all'interno del contenitore. `nvidia-smi` è uno strumento da riga di comando che fornisce informazioni sui GPU NVIDIA. + +Per ulteriori informazioni sul funzionamento del toolkit NVIDIA, è possibile consultare la [documentazione ufficiale su GitHub](https://github.com/NVIDIA/nvidia-container-toolkit). + +## Distribuzione e verifica + +1. **Distribuisci il pod** utilizzando il comando `kubectl apply`: + ```shell + kubectl apply -f nvidia-smi.yaml + ``` + +2. **Verifica i log del pod** per visualizzare l'output del comando `nvidia-smi`: + ```shell + kubectl logs nvidia-cuda-check + ``` + +Se tutto è configurato correttamente, dovresti vedere un output simile a questo, che mostra i dettagli della tua scheda GPU: + +risultato del comando nvidia-smi \ No newline at end of file diff --git a/i18n/it/docusaurus-plugin-content-docs/current/managed_kubernetes/tutorials/usingopencost.md b/i18n/it/docusaurus-plugin-content-docs/current/managed_kubernetes/tutorials/usingopencost.md index f5d9be5c..05adef32 100644 --- a/i18n/it/docusaurus-plugin-content-docs/current/managed_kubernetes/tutorials/usingopencost.md +++ b/i18n/it/docusaurus-plugin-content-docs/current/managed_kubernetes/tutorials/usingopencost.md @@ -2,6 +2,7 @@ title: Monitorare i costi con OpenCost --- import opencostui from './images/opencost.png' +import opencostgrafana from './images/opencostgrafana.png' import opencostmcp from './images/opencostmcp.png' import opencostmcp2 from './images/opencostmcp2.png' import opencostmcp3 from './images/opencostmcp3.png' @@ -16,13 +17,13 @@ Questo tutorial vi presenta **OpenCost**, lo strumento di monitoraggio e ottimiz ## Cos'è OpenCost? -OpenCost è una soluzione open-source, standard della CNCF (Cloud Native Computing Foundation), che fornisce una visibilità in tempo reale sui costi dei tuoi ambienti Kubernetes. Ti aiuta a comprendere con precisione cosa sta consumando risorse nel tuo cluster e come ciò si traduce in termini di costi. +OpenCost è una soluzione open-source, standard della CNCF (Cloud Native Computing Foundation), che fornisce una visibilità in tempo reale sui costi dei tuoi ambienti Kubernetes. Ti aiuta a comprendere con precisione cosa consuma risorse nel tuo cluster e come ciò si traduce in termini di costi. -Nell'offerta Kubernetes gestito, OpenCost è già preinstallato e configurato per offrirti una visione chiara delle tue spese. È direttamente impostato con i costi effettivi dell'infrastruttura Cloud Temple. +Nell'offerta Kubernetes gestito, OpenCost è preinstallato e preconfigurato per offrirti una visione chiara delle tue spese. È direttamente configurato con i costi effettivi dell'infrastruttura Cloud Temple. ## Accedere all'interfaccia OpenCost -L'interfaccia di OpenCost è esposta su un URL sicuro, specifico per il tuo cluster. Per accedervi, utilizza l'URL seguente sostituendo `identifiant` con l'identificativo del tuo cluster (ad esempio, `ctodev`): +L'interfaccia di OpenCost è esposta tramite un URL sicuro, specifico per il tuo cluster. Per accedervi, utilizza l'URL seguente sostituendo `identifiant` con l'identificativo del tuo cluster (ad esempio, `ctodev`): `https://opencost.external-secured.identifiant.mk.ms-cloud-temple.com` @@ -44,9 +45,15 @@ Questa vista vi permette di suddividere i costi in base ai concetti nativi di Ku ### Aggregazione per Label -Per un'analisi finanziaria ancora più approfondita, OpenCost può aggregare i costi basandosi sui **label Kubernetes**. Non esiste un'opzione "Label" diretta nel menu, ma OpenCost importa i tuoi label e ti permette di creare aggregazioni personalizzate. A questo scopo, è fondamentale adottare una strategia di labeling coerente. Ad esempio, utilizzando label come `team: backend` o `product: api-gateway`, potrai analizzare i costi in modo preciso in relazione alla tua organizzazione. +Per un'analisi finanziaria ancora più approfondita, OpenCost può aggregare i costi basandosi sui **label Kubernetes**. Non esiste un'opzione "Label" diretta nel menu, ma OpenCost importa i tuoi label e ti permette di creare aggregazioni personalizzate. A tal fine, è fondamentale adottare una strategia di labeling coerente. Ad esempio, utilizzando label come `team: backend` o `product: api-gateway`, potrai analizzare i costi in modo preciso in relazione alla tua organizzazione. Per questo tipo di analisi, è necessario passare attraverso l'integrazione IA di OpenCost. +## Dashboard Grafana + +Un dashboard Grafana è inoltre disponibile per visualizzare i dati di OpenCost. Questo dashboard offre una visione alternativa e complementare rispetto all'interfaccia di OpenCost, mantenendo l'intero storico delle metriche dei costi, consentendoti di analizzare le tendenze nel lungo periodo. + +Dashboard Grafana OpenCost + ## Uso avanzato: Integrazione con un'IA (server MCP) Per gli utenti avanzati, OpenCost può essere interrogato direttamente dall'assistente conversazionale Cline (o altri) grazie al sistema di **server MCP (Multi-purpose Co-processor)**. Ciò ti permette di scriptare richieste e ottenere dati sui costi direttamente nelle tue conversazioni. @@ -75,7 +82,7 @@ Ad esempio, per il cluster "bestie": } ``` -Per generare il valore `` a partire dai tuoi identificativi, utilizza uno dei seguenti comandi: +Per generare il valore `` a partire dai tuoi identificativi, utilizza una delle seguenti comandi: **Per Linux/macOS:** ```bash @@ -88,12 +95,12 @@ $credentials = [System.Text.Encoding]::UTF8.GetBytes("finopsadm:VOTRE_MOT_DE_PAS [System.Convert]::ToBase64String($credentials) ``` -Una volta salvato questo file, Cline caricherà automaticamente il MCP `opencost-xxxxx` all'avvio. +Una volta salvato il file, Cline caricherà automaticamente il MCP `opencost-xxxxx` all'avvio. ### 2. Query OpenCost with MCP :::tip Prerequisiti -Per interagire con il MCP in linguaggio naturale, l'IA sottostante deve avere accesso a modelli di linguaggio (LLM), oppure in locale (LMStudio, ecc.), oppure tramite una connessione a servizi pubblici come GPT-5 o Gemini, oppure utilizzando la nostra offerta **[LLM-as-a-Service](/docs/llmaas/llmaas)** sovrana. +Per interagire con il MCP in linguaggio naturale, l'IA sottostante deve avere accesso a modelli linguistici (LLM), oppure in locale (LMStudio, ecc.), oppure tramite una connessione a servizi pubblici come GPT-5 o Gemini, oppure utilizzando la nostra offerta **[LLM-as-a-Service](/llmaas/llmaas)** sovrana. ::: Dopo la configurazione, puoi utilizzare gli strumenti LLM per effettuare query in linguaggio naturale su questo server MCP. @@ -112,7 +119,7 @@ Otterrai quanto segue: #### Example 3: -"Use the OpenCost MCP opencost-bestie, and tell me what percentage of the cluster costs are allocated to the application with the label 'nginx' (filter of the form filter: 'label:app:frontend')." +"Use the OpenCost MCP opencost-bestie, and tell me what percentage of the cluster costs is allocated to the application with the label 'nginx' (filter of the form filter: 'label:app:frontend')." IA response opencost 3 diff --git a/i18n/it/docusaurus-plugin-content-docs/current/network/private_network/private_network.md b/i18n/it/docusaurus-plugin-content-docs/current/network/private_network/private_network.md index 473128bd..8871f209 100644 --- a/i18n/it/docusaurus-plugin-content-docs/current/network/private_network/private_network.md +++ b/i18n/it/docusaurus-plugin-content-docs/current/network/private_network/private_network.md @@ -3,22 +3,22 @@ title: Panoramica slug: /network/private_network --- -Cloud Temple offre una soluzione di Reti Private progettata per soddisfare le esigenze aziendali di connettività sicura, performante e flessibile. Basata su un'architettura innovativa che utilizza la tecnologia VPLS, questa soluzione fornisce una rete privata, trasparente ed estensibile di livello 2 attraverso tutte le zone di disponibilità. +Cloud Temple offre un servizio di Reti Private progettato per soddisfare i bisogni delle aziende in termini di connettività sicura, performante e flessibile. Basato su un'architettura innovativa che utilizza la tecnologia VPLS, questa soluzione fornisce una rete privata di livello 2, trasparente ed estensibile attraverso tutte le zone di disponibilità.

Concetti

-

Scoprite le basi e i principi essenziali per comprendere e padroneggiare la nostra infrastruttura.

- Esplorare i concetti → +

Scopri le basi e i principi fondamentali per comprendere e padroneggiare la nostra infrastruttura.

+ Esplora i concetti →
-

Guida rapida

-

Iniziate rapidamente con le nostre risorse seguendo istruzioni chiare e semplici.

- Avviare la guida rapida → +

Avvio rapido

+

Inizia rapidamente con le nostre risorse seguendo istruzioni chiare e semplici.

+ Avvia l'Avvio rapido →
-
-

Tutorial

-

Imparate passo dopo passo come configurare e utilizzare i nostri servizi con guide dettagliate.

- Scoprire i tutorial → +
+

Guide

+

Impara passo dopo passo a configurare e utilizzare i nostri servizi con guide dettagliate.

+ Scopri le guide →
-
+
\ No newline at end of file diff --git a/i18n/it/docusaurus-plugin-content-docs/current/network/private_network/tutorials.md b/i18n/it/docusaurus-plugin-content-docs/current/network/private_network/tutorials.md index a420d39c..72d51ac8 100644 --- a/i18n/it/docusaurus-plugin-content-docs/current/network/private_network/tutorials.md +++ b/i18n/it/docusaurus-plugin-content-docs/current/network/private_network/tutorials.md @@ -2,10 +2,10 @@ title: Tutorial --- -Questi tutorial ti aiutano a configurare e utilizzare i nostri servizi di Reti Private. +These tutorials help you set up and use our private networking services.

Tutorials

-

Al momento non sono disponibili tutorial, ma ci stiamo lavorando attivamente. Torna presto per saperne di più!

- Vai alla pagina iniziale → -
+

No tutorials are currently available, but we are working on them actively. Come back soon for more information!

+ Go to the homepage → +
\ No newline at end of file diff --git a/i18n/it/docusaurus-plugin-content-docs/current/network/vpc/concepts.md b/i18n/it/docusaurus-plugin-content-docs/current/network/vpc/concepts.md index f9d52e24..b8ce2b88 100644 --- a/i18n/it/docusaurus-plugin-content-docs/current/network/vpc/concepts.md +++ b/i18n/it/docusaurus-plugin-content-docs/current/network/vpc/concepts.md @@ -4,61 +4,61 @@ title: Concetti # Concetti VPC -## Definizione e Posizionamento +## Definizione e posizionamento -Il **VPC (Virtual Private Cloud)** è un servizio di rete gestito che consente la creazione di reti private isolate, sicure e controllabili tramite la console Cloud Temple. È progettato per offrire un'esperienza cloud-native, automatizzando la configurazione della rete e della sicurezza. +Il **VPC (Virtual Private Cloud)** è un servizio di rete gestito che consente la creazione di reti private isolate, sicure e gestibili tramite la console Cloud Temple. È progettato per offrire un'esperienza nativa cloud, automatizzando la configurazione della rete e della sicurezza. -A partire da gennaio 2026, le reti private VPC consentono di interconnettere i servizi **IaaS Open Source** e **IaaS VMware**. L'interconnessione con i server **Bare Metal** sarà disponibile in un prossimo aggiornamento. +Al momento (Gennaio 2026), le reti private del VPC consentono l'interconnessione con i servizi **IaaS Open Source** e **IaaS VMware**. L'interconnessione con i server **Bare Metal** sarà disponibile in un aggiornamento futuro. -### VPC vs Backbone Privato +### VPC vs Private Backbone -Cloud Temple offre due modalità di consumo di rete: +Cloud Temple offers two network consumption modes: -* **Backbone Privato (Offerta storica)**: - * Ideale per esperti che cercano la massima autonomia e configurazioni di rete specifiche (L2 esteso). - * Richiede l'installazione e la gestione manuale di apparecchiature di sicurezza (firewall, router). - * Gestione manuale del piano di indirizzamento. +* **Private Backbone (Legacy offering)**: + * Ideal for experts seeking maximum autonomy and specific network configurations (extended L2). + * Requires manual installation and management of security equipment (firewalls, routers). + * Manual management of IP addressing. -* **VPC (Nuova offerta)**: - * Progettato per un'esperienza cloud-native e automatizzata. - * Sicurezza integrata (Gateway, Firewalling, NAT) senza gestione di apparecchiature di terze parti. - * Servizio gestito con alta disponibilità garantita da Cloud Temple. - * Ideale per progetti moderni, DevOps e hosting di applicazioni web. +* **VPC (New offering)**: + * Designed for a cloud-native and automated experience. + * Built-in security (Gateway, Firewalling, NAT) without the need for third-party equipment management. + * Fully managed service with high availability guaranteed by Cloud Temple. + * Ideal for modern projects, DevOps, and web application hosting. ## Architettura -Il VPC si basa su un'architettura ridondante e ad alta disponibilità, sfruttando la dorsale inter-AZ a bassa latenza di Cloud Temple. +Il VPC si basa su un'architettura ridondante e altamente disponibile, sfruttando il backbone inter-AZ a bassa latenza di Cloud Temple. ### Componenti Chiave -* **Router VPC**: Al centro di ogni VPC, gestisce il routing dinamico tra le diverse Private Networks (traffico est-ovest). -* **Private Networks (VLANs)**: Segmenti di rete di livello 2 che collegano le tue risorse (VM, server). Si estendono nativamente su più Zone di Disponibilità (AZ) senza riconfigurazione IP. -* **External Gateway**: Punto di ingresso e uscita opzionale per il traffico Internet (nord-sud). Integra funzionalità di NAT e gestione dei flussi. +* **Router VPC**: Al centro di ogni VPC, gestisce il routing dinamico tra i diversi Private Networks (traffico est-ovest). +* **Private Networks (VLAN)**: Segmenti di rete di livello 2 che collegano le tue risorse (VM, server). Si estendono nativamente su diverse zone di disponibilità (AZ) senza necessità di riconfigurazione IP. +* **Gateway Esterno (External Gateway)**: Punto di ingresso e uscita opzionale per il traffico Internet (nord-sud). Include funzionalità di NAT e gestione dei flussi. ### Isolamento e Sicurezza -Il VPC garantisce un isolamento rigoroso: +Il VPC garantisce un'isolamento rigoroso: * Ogni VPC è un'entità di rete indipendente. -* Il deployment avviene su risorse dedicate (per i clienti IaaS Open Source), garantendo che nessuna risorsa di rete sia condivisa. -* Il servizio è attualmente in fase di qualificazione **SecNumCloud**. +* Il deployment avviene su risorse dedicate (per i client IaaS Open Source), garantendo che nessuna risorsa di rete venga condivisa. +* Il servizio è in corso di qualifica **SecNumCloud**. ## Funzionalità Principali | Funzionalità | Descrizione | Disponibilità | -|--------------|-------------|---------------| -| **Reti private regionali** | Deployment multi-AZ e propagazione L2 trasparente. | Disponibile | -| **Routing nativo** | Comunicazione automatica tra reti private dello stesso VPC. | Disponibile | +|----------------|-------------|---------------| +| **Reti private regionali** | Distribuzione multi-AZ e propagazione L2 trasparente. | Disponibile | +| **Instradamento nativo** | Comunicazione automatica tra reti private all'interno dello stesso VPC. | Disponibile | | **IPAM & DHCP** | Gestione automatica dei pool di indirizzi e assegnazione dinamica. | Disponibile | -| **Accesso a Internet** | Configurabile tramite Gateway (NAT, DNAT, Egress controllato). | Disponibile | -| **IP Flottanti** | Esposizione flessibile dei servizi su Internet. | Disponibile | -| **Micro-segmentazione** | Gruppi di policy di rete per una sicurezza avanzata. | S1 2026 | +| **Accesso a Internet** | Configurabile tramite Gateway (NAT, DNAT, uscita controllata). | Disponibile | +| **IP fluttuanti** | Esposizione flessibile dei servizi su Internet. | Disponibile | +| **Micro-segmentazione** | Gruppi di politiche di rete per una sicurezza avanzata. | S1 2026 | | **Osservabilità** | Log e metriche di prestazione della rete. | S1 2026 | -| **Servizio DNS** | Risoluzione dei nomi interna ed esterna. | S2 2026 | -| **VPN & Cloud Connect** | Connettività sicura verso on-premise e cloud pubblici. | S2 2026 | +| **Servizio DNS** | Risoluzione dei nomi interni ed esterni. | S2 2026 | +| **VPN & Cloud Connect** | Connessione sicura verso ambienti on-premise e cloud pubblici. | S2 2026 | -## Casi d'Uso +## Use Case -* **Hosting di applicazioni critiche** che richiedono un forte isolamento. -* **Segmentazione multi-progetto** (Prod, Pre-prod, Dev). -* **Ambienti di test** effimeri e isolati. -* **Basi di rete sovrane** per dati sensibili. +* Critical application hosting requiring strong isolation. +* Multi-project segmentation (Prod, Pre-prod, Dev). +* Ephemeral and isolated test environments. +* Sovereign networking foundations for sensitive data. \ No newline at end of file diff --git a/i18n/it/docusaurus-plugin-content-docs/current/network/vpc/images/vpc_static_ips_details.png b/i18n/it/docusaurus-plugin-content-docs/current/network/vpc/images/vpc_static_ips_details.png new file mode 100644 index 00000000..50c0e627 Binary files /dev/null and b/i18n/it/docusaurus-plugin-content-docs/current/network/vpc/images/vpc_static_ips_details.png differ diff --git a/i18n/it/docusaurus-plugin-content-docs/current/network/vpc/quickstart.md b/i18n/it/docusaurus-plugin-content-docs/current/network/vpc/quickstart.md index 30a36999..79373ce2 100644 --- a/i18n/it/docusaurus-plugin-content-docs/current/network/vpc/quickstart.md +++ b/i18n/it/docusaurus-plugin-content-docs/current/network/vpc/quickstart.md @@ -1,5 +1,5 @@ --- -title: Avvio Rapido +title: Avvio rapido --- import newTabNetwork from './images/new_tab_network.png' import vpcCreateButton from './images/vpc_create_button.png' @@ -15,80 +15,80 @@ import vpcNewStaticIps from './images/vpc_new_static_ips.png' import vpcNewStaticIpsModale from './images/vpc_new_static_ips_modale.png' import vpcStaticIpsAssociate from './images/vpc_static_ips_associate_png.png' -# Avvio Rapido VPC +# Avvio rapido VPC -Questa guida ti accompagna nella creazione del tuo primo Virtual Private Cloud (VPC) e nel deployment delle tue prime reti private. +Questo guida ti accompagna nella creazione del tuo primo Virtual Private Cloud (VPC) e nel deployment delle tue prime reti private. ## Prerequisiti -Attualmente, l'attivazione del servizio VPC richiede di aver sottoscritto un'offerta **IaaS Open Source**. (Questa condizione sarà rimossa in seguito). +Al momento, l'attivazione del servizio VPC richiede di aver sottoscritto un'offerta **IaaS Open Source**. (Questo requisito sarà rimosso in futuro). -## Passo 1: Accedi alla Console +## Step 1: Access the Console -1. Accedi alla Console Cloud Temple. -2. Nel menu di navigazione, seleziona **Network** poi **VPC**. +1. Log in to the Cloud Temple Console. +2. In the navigation menu, select **Network** then **VPC**. -## Passo 2: Ordinare un VPC +## Step 2: Create a VPC -1. Clicca sul pulsante **Nuovo VPC**. +1. Click the **New VPC** button. -2. Compila il modulo guidato: - * **Nome del VPC**: Scegli un nome univoco per identificare il tuo ambiente. - * **Descrizione**: (Opzionale) Aggiungi una descrizione. +2. Fill out the guided form: + * **VPC Name**: Choose a unique name to identify your environment. + * **Description**: (Optional) Add a description. -3. Convalida la creazione. +3. Confirm the creation. -> **Nota**: Il provisioning del VPC è completamente automatizzato e richiede generalmente meno di un'ora. +> **Note**: VPC provisioning is fully automated and typically takes less than one hour. -### Alternativa: Tramite la scheda Ordini +### Alternativa: tramite l'opzione Comandi -Puoi anche avviare l'ordine delle risorse VPC direttamente dal menu **Ordini**. +È inoltre possibile avviare direttamente il comando per le risorse VPC dal menu **Comandi**. -## Passo 3: Crea Reti Private +## Step 3: Create Private Networks -Una volta che il tuo VPC è attivo: +Once your VPC is active: -1. Accedi ai dettagli del tuo VPC cliccando sul suo nome. +1. Go to your VPC details by clicking on its name. -2. Vai alla scheda **Reti Private**. -3. Clicca su **Aggiungi una rete**. -4. Configura la tua rete: - * **Nome**: Nome del segmento di rete (es: `backend`, `frontend`). - * **CIDR**: Intervallo di indirizzi IP (es: `192.168.1.0/24`). +2. Navigate to the **Private Networks** tab. +3. Click **Add a network**. +4. Configure your network: + * **Name**: Name of the network segment (e.g., `backend`, `frontend`). + * **CIDR**: IP address range (e.g., `192.168.1.0/24`). -## Passo 4: Attivare Gateway e Ordinare IP Pubblici +## Step 4: Activate the Gateway and Request Public IPs -Per consentire l'accesso a Internet e l'esposizione dei servizi: +To enable Internet access and expose services: -1. Verifica se il gateway è attivato. In caso contrario, clicca sul pulsante di attivazione. +1. Check if the gateway is activated. If not, click the activation button. -2. Una volta che il gateway è attivo, vai alla scheda **IP Pubblici**. +2. Once the gateway is active, go to the **Public IPs** tab. -> **Nota**: L'elenco "IP Pubblici" visualizza tutti gli IP pubblici disponibili, siano essi già associati a un VPC o meno. La scheda "IP Pubblici" nel dettaglio di un VPC consente di gestire quelli associati a questo VPC (richiede gateway attivo). +> **Note**: The **Public IPs** list at the root of the VPC menu displays all public IPs (assigned or not). The **Public IPs** tab within a VPC's details allows you to manage only those assigned to that specific VPC (requires the gateway to be active). -3. Clicca sul pulsante per ordinare nuovi IP, oppure clicca sull'azione "Associa" per associare uno degli indirizzi IP nell'elenco che non lo è ancora. +3. Click the button to request new IPs, or click the "Assign" action to assign an IP from the list that is not yet assigned. -4. Seleziona il numero di IP che desideri ordinare e conferma l'ordine. +4. Select the number of IPs you wish to request, then confirm your request. -## Passo 5: Collega le tue risorse +## Step 5: Connect your resources -Le tue reti private sono ora disponibili in tutte le Zone di Disponibilità (AZ) della regione. Puoi collegare le tue macchine virtuali IaaS Open Source o i tuoi server direttamente dalle rispettive interfacce di configurazione. +Your private networks are now available across all Availability Zones (AZ) in the region. You can connect your Open Source IaaS virtual machines or your servers directly from their respective configuration interfaces. -Per imparare a configurare una rete VPC su una macchina virtuale, consulta il nostro tutorial: [Configurare un IP Statico e una VM](./tutorials/vm_configuration). +To learn how to set up a VPC network on a virtual machine, check out our tutorial: [Configure a Static IP and a VM](./tutorials/vm_configuration). \ No newline at end of file diff --git a/i18n/it/docusaurus-plugin-content-docs/current/network/vpc/tutorials/vm_configuration.md b/i18n/it/docusaurus-plugin-content-docs/current/network/vpc/tutorials/vm_configuration.md index f31aceca..f4371d01 100644 --- a/i18n/it/docusaurus-plugin-content-docs/current/network/vpc/tutorials/vm_configuration.md +++ b/i18n/it/docusaurus-plugin-content-docs/current/network/vpc/tutorials/vm_configuration.md @@ -1,5 +1,5 @@ --- -title: Configurazione di Rete della VM +title: Configurazione della rete della VM --- import vpcCreateNetworkAdaptersVmModale from '../images/vpc_create_network_adapters_vm_modale.png' import vpcCreateNetworkAdaptersVmSelectNetworks from '../images/vpc_create_network_adapters_vm_select_networks.png' @@ -8,61 +8,61 @@ import vpcDetailIpsPub from '../images/vpc_detail_ips_pub.png' import vpcIpPubAssociate from '../images/vpc_ip_pub_associate.png' import vpcMacAddressAssociateModale from '../images/vpc_mac_address_associate_modale.png' -# Configurazione di Rete della VM +# Network Configuration of the VM -Questo tutorial ti guida nel collegare una macchina virtuale a una rete VPC e assegnarle un IP statico (privato), così come un IP pubblico se necessario. +This tutorial guides you through connecting a virtual machine to a VPC network and assigning it a static (private) IP address, as well as a public IP address if required. ## Prerequisiti -* Avere un VPC e una rete privata creati. -* Avere una VM distribuita. +* Disporre di un VPC e di una rete privata creati. +* Disporre di una VM distribuita (IaaS Open Source o VMware). -## 1. Assegnazione di un IP Privato Statico +## 1. Assegnazione di un indirizzo IP privato statico -Puoi fissare l'IP privato della tua VM in due modi. +È possibile fissare l'indirizzo IP privato della propria VM in due modi. -### Metodo A: Dalla Macchina Virtuale (Consigliato) +### Metodo A: Dalla Macchina Virtuale (Raccomandato) -Questo metodo ti permette di configurare la rete e l'IP in un unico passaggio durante la creazione dell'interfaccia. +Questo metodo ti permette di configurare rete e indirizzo IP in un'unica operazione durante la creazione dell'interfaccia. -1. Accedi alla visualizzazione dei dettagli della tua macchina virtuale. +1. Accedi alla vista dettagliata della tua macchina virtuale. 2. Vai alla scheda **Adattatori di rete**. 3. Clicca sul pulsante **Nuovo adattatore di rete** per aggiungere un'interfaccia. -4. Nella finestra modale, seleziona la tua rete VPC. +4. Nella finestra modale, seleziona il tuo rete VPC. -5. Una volta selezionata la rete, scegli uno degli IP statici disponibili. +5. Una volta selezionata la rete, scegli una delle IP statiche disponibili. -6. Convalida la creazione. +6. Conferma la creazione. -> **Nota**: Puoi modificare l'adattatore di rete successivamente per cambiare rete se necessario. +> **Nota**: Puoi modificare in seguito l'adattatore di rete per cambiare rete, se necessario. ### Metodo B: Dalla vista Reti Private -Questo metodo è utile per riservare un IP prima di creare la VM o per modificare un'associazione esistente. +Questo metodo è utile per prenotare un indirizzo IP prima della creazione della VM o per modificare un'associazione esistente. -1. Accedi alla visualizzazione dettagliata del tuo VPC, scheda **Reti Private**. -2. Espandi il pool di indirizzi IP della rete interessata. -3. Clicca sull'azione "Associa a un indirizzo MAC" per un IP disponibile. -4. Nella finestra modale, associa uno degli IP statici a un indirizzo MAC di una VM. +1. Accedi alla vista dettagliata del tuo VPC, scheda **Reti Private**. +2. Espandi il pool di indirizzi IP della rete interessata. +3. Clicca sull'azione "Associa a un indirizzo MAC" per un indirizzo IP disponibile. +4. Nella finestra modale, associa una delle IP statiche a un indirizzo MAC di una VM. -## 2. Associazione di un IP Pubblico (Opzionale) +## 2. Associating a Public IP (Optional) -Se desideri rendere la tua VM accessibile da Internet. +If you want to make your VM accessible from the internet. -1. Dalla visualizzazione dettagliata del tuo VPC, vai alla scheda **IP Pubblici**. +1. From the detailed view of your VPC, go to the **Public IPs** tab. -2. Clicca sul pulsante **Associa un IP pubblico**. +2. Click the **Associate a public IP** button. -3. Nella finestra modale, seleziona la rete privata e l'IP statico di destinazione, quindi convalida l'associazione. +3. In the modal, select the target private network and static IP, then confirm the association. -4. Una volta effettuata l'associazione, puoi utilizzare questo indirizzo IP pubblico per raggiungere la tua VM. +4. Once the association is complete, you can use this public IP address to access your VM. -## Configurazione del SO Ospite +## Configurazione del sistema operativo ospite -**Importante**: Per garantire che l'IP statico (privato) venga assegnato correttamente, assicurati che l'interfaccia di rete del tuo sistema operativo ospite (OS) sia configurata in modalità **DHCP**. Il servizio DHCP del VPC assegnerà l'indirizzo riservato. +**Importante**: perché l'indirizzo IP statico (privato) venga assegnato correttamente, assicurati che l'interfaccia di rete del tuo sistema operativo ospite (OS) sia configurata in modalità **DHCP**. Il servizio DHCP del VPC si occuperà di assegnare l'indirizzo riservato. \ No newline at end of file diff --git a/i18n/it/docusaurus-plugin-content-docs/current/network/vpc/vpc.md b/i18n/it/docusaurus-plugin-content-docs/current/network/vpc/vpc.md index c4e8daca..431aee41 100644 --- a/i18n/it/docusaurus-plugin-content-docs/current/network/vpc/vpc.md +++ b/i18n/it/docusaurus-plugin-content-docs/current/network/vpc/vpc.md @@ -3,9 +3,9 @@ title: Panoramica slug: /network/vpc --- -Il VPC (Virtual Private Cloud) di Cloud Temple è un servizio di rete gestito che permette di creare ambienti privati, isolati e sicuri in modo completamente automatizzato. Progettato per un'esperienza cloud-native, semplifica la gestione dei flussi, dell'accesso a Internet e dell'indirizzamento IP, garantendo al contempo la sovranità dei tuoi dati. +Il VPC (Virtual Private Cloud) di Cloud Temple è un servizio di rete gestito che consente di creare ambienti privati, isolati e sicuri in modo completamente automatizzato. Progettato per un'esperienza nativa nel cloud, semplifica la gestione del traffico, l'accesso a Internet e gli indirizzi IP, garantendo contemporaneamente la sovranità dei tuoi dati. -Il servizio ti permette di distribuire e gestire le tue reti private senza preoccuparti della complessità delle configurazioni manuali, con un'alta disponibilità del 99,99%, misurata mensilmente. +Il servizio permette di distribuire e gestire i tuoi reti private senza doversi preoccupare della complessità delle configurazioni manuali, con un'alta disponibilità del 99,99%, misurata mensilmente.
@@ -14,13 +14,13 @@ Il servizio ti permette di distribuire e gestire le tue reti private senza preoc Esplora i concetti →
-

Avvio Rapido

+

Avvio rapido

Crea il tuo primo VPC e configura le tue reti private in pochi minuti.

- Avvia Quickstart → + Avvia l'Avvio rapido →
-
-

Tutorial

-

Guide passo-passo per casi d'uso avanzati (Peering, VPN, ecc.).

- Scopri i tutorial → +
+

Guide

+

Guide passo passo per scenari avanzati (Peering, VPN, ecc.).

+ Scopri le guide →
-
+
\ No newline at end of file diff --git a/memory-bank/core/activeDocumentation.md b/memory-bank/core/activeDocumentation.md index 418cae3f..35964e5f 100644 --- a/memory-bank/core/activeDocumentation.md +++ b/memory-bank/core/activeDocumentation.md @@ -91,17 +91,16 @@ - ✅ `quickstart.md` : Procédures installation - ✅ `tutorials.md` : Bonnes pratiques -### 🌐 Services Réseau - Statut : 🔄 EN DÉVELOPPEMENT +### 🌐 Services Réseau - Statut : ✅ STRUCTURE COMPLÈTE -#### Structure Existante (`/docs/network/`) -- 🔄 `internet/` : Connectivité Internet (structure créée) -- 🔄 `private_network/` : Réseaux privés (structure créée) +#### Documentation Réseau (`/docs/network/`) +- ✅ `vpc/` : Virtual Private Cloud (Concepts, Quickstart, Tutorials) +- ✅ `private_network/` : Réseaux privés (Concepts, Quickstart, Tutorials) +- 🔄 `internet/` : Connectivité Internet (structure créée, contenu à enrichir) -#### Actions Requises -- 📝 **Documentation Internet** : Offres connectivité -- 📝 **Réseaux Privés** : VLAN, VPN, interconnexions -- 📝 **Architecture réseau** : Diagrammes et concepts -- 📝 **Configuration** : Guides techniques +#### Support Visuel +- ✅ **Diagrammes VPC** : Architecture et configuration +- ✅ **Interfaces** : Captures console pour VPC et Private Network ### 🤖 LLMaaS - LLM as a Service - Statut : ✅ SYSTÈME COMPLET ET VALIDÉ @@ -231,6 +230,7 @@ - ✅ **Rendu LaTeX** : Mise à jour du CSS KaTeX (v0.16.9) pour compatibilité avec rehype-katex v7 (fix affichage doublé). - ✅ **Génération Documentation Modèles** : Mise à jour automatisée de `docs/llmaas/models.md` via le script Python. - ✅ **Problèmes de compilation MDX (i18n)** : Correction des blocs de code Python mal formés dans les fichiers traduits (en, es, de, it) de `api.md`, `ocr.md` et `tutorials.md`. +- ✅ **Traduction Network (VPC)** : Traduction complète du service VPC et mise à jour de Private Network vers en, de, es, it. Correction des liens LLMaaS dans `usingopencost.md`. ### En Review - 🔄 **Cohérence terminologique** : Uniformisation @@ -250,11 +250,11 @@ - **IaaS Services** : 100% - **PaaS OpenShift** : 100% - **Housing** : 100% -- **Network** : 30% (structure créée) +- **Network** : 80% (VPC et Private Network complets) - **Storage** : 20% (structure créée) -- **Managed Kubernetes**: 85% +- **Managed Kubernetes**: 90% (Ajout guide OpenCost) -### Couverture Globale : 89% +### Couverture Globale : 92% ### Par Type de Documentation - **Pages principales** : 100% @@ -288,7 +288,7 @@ 5. **Validation globale** : Cohérence et qualité --- -*État de la documentation au 22/11/2025 - Memory Bank Cloud Temple* +*État de la documentation au 19/01/2026 - Memory Bank Cloud Temple* ### 🐍 Système de Traduction Python - ✅ COMPLET ET OPÉRATIONNEL (17/06/2025) **Localisation** : `scripts/translate_py/` diff --git a/memory-bank/core/documentationStatus.md b/memory-bank/core/documentationStatus.md index f48c3bcf..60e414e0 100644 --- a/memory-bank/core/documentationStatus.md +++ b/memory-bank/core/documentationStatus.md @@ -43,11 +43,17 @@ - **Traduction** : Complète - **Note** : Correction systématique des blocs de code vides et de la syntaxe HCL dans `concepts.md`, `quickstart.md`, `terraform.md`, `tutorials.md` pour toutes les langues. -### Network & Storage +### Network (`/docs/network/`) +- **État** : ✅ Stable (VPC) / 🔄 En développement (Internet, Private Network) +- **Traduction** : VPC traduit (en, de, es, it) + +### Storage (`/docs/storage/`) - **État** : 🔄 En développement ## 🌍 Internationalisation (i18n) +**Dernière mise à jour des traductions** : 21/01/2026 (Managed Kubernetes, VPC, Changelog) + | Langue | Statut Build | Qualité Traduction | Actions Requises | |--------|--------------|-------------------|------------------| | **FR** | ✅ Succès | Native | Source de vérité | diff --git a/scripts/translate_py/translation-meta.json b/scripts/translate_py/translation-meta.json index 46ccbf5e..72f58dba 100644 --- a/scripts/translate_py/translation-meta.json +++ b/scripts/translate_py/translation-meta.json @@ -109,10 +109,10 @@ "it": "59b047c5604017f6d8db80f68f39657f2e75f1ebc5a8dc4e3a11aa2a33211306" }, "console/security/security_alarms.md": { - "en": "b3c83ac30b1601c8ea7bf23ea2a468a0dd1376b4c76ccffa40fa0dcc7cc38790", - "de": "b3c83ac30b1601c8ea7bf23ea2a468a0dd1376b4c76ccffa40fa0dcc7cc38790", - "es": "b3c83ac30b1601c8ea7bf23ea2a468a0dd1376b4c76ccffa40fa0dcc7cc38790", - "it": "b3c83ac30b1601c8ea7bf23ea2a468a0dd1376b4c76ccffa40fa0dcc7cc38790" + "en": "affc923ac9cbd7714ece8a2c1beb7f9f3631bfc14b827f0e5311965cc4659a84", + "de": "affc923ac9cbd7714ece8a2c1beb7f9f3631bfc14b827f0e5311965cc4659a84", + "es": "affc923ac9cbd7714ece8a2c1beb7f9f3631bfc14b827f0e5311965cc4659a84", + "it": "affc923ac9cbd7714ece8a2c1beb7f9f3631bfc14b827f0e5311965cc4659a84" }, "console/status.md": { "en": "a42aee84154bd76af9f334553dc5c188043dd4f2abe210cdf193b02153f6ec9d", @@ -313,10 +313,10 @@ "it": "962a2c658aef659fb3e1c99947a7a7f84bfcfeabada904d4e134ee383b03f7fb" }, "llmaas/concepts.md": { - "en": "07f09431746ef29b20989c27b02c1b31bbd4f26441ebf4329e9abd33b6f75410", - "de": "07f09431746ef29b20989c27b02c1b31bbd4f26441ebf4329e9abd33b6f75410", - "es": "07f09431746ef29b20989c27b02c1b31bbd4f26441ebf4329e9abd33b6f75410", - "it": "07f09431746ef29b20989c27b02c1b31bbd4f26441ebf4329e9abd33b6f75410" + "en": "97d45a728d79283e560b527faae40c3291345ea74764fd36a8d5335ab1feb4f8", + "de": "97d45a728d79283e560b527faae40c3291345ea74764fd36a8d5335ab1feb4f8", + "es": "97d45a728d79283e560b527faae40c3291345ea74764fd36a8d5335ab1feb4f8", + "it": "97d45a728d79283e560b527faae40c3291345ea74764fd36a8d5335ab1feb4f8" }, "iaas_vmware/tutorials/deploy_vm_terraform.md": { "en": "9465c1d0aa7e2189becbe648bdd5ec7c069412c6f6b67ff1a2a3f945bafbb664", @@ -619,22 +619,22 @@ "it": "c982586c414e83ea3f3c62707801272b7903fbe9dad5b4a4d447c7da7892c5d6" }, "llmaas/models.md": { - "en": "ed5194fa7aa8b5933784cf36f425d177c99ef201c4bc8cbd33237f81c2f43d4c", - "de": "ed5194fa7aa8b5933784cf36f425d177c99ef201c4bc8cbd33237f81c2f43d4c", - "es": "ed5194fa7aa8b5933784cf36f425d177c99ef201c4bc8cbd33237f81c2f43d4c", - "it": "ed5194fa7aa8b5933784cf36f425d177c99ef201c4bc8cbd33237f81c2f43d4c" + "en": "e6ec4a0edb69ccc40942a7f30baa443d56d166a059134e3eff0428307ebdd548", + "de": "e6ec4a0edb69ccc40942a7f30baa443d56d166a059134e3eff0428307ebdd548", + "es": "e6ec4a0edb69ccc40942a7f30baa443d56d166a059134e3eff0428307ebdd548", + "it": "e6ec4a0edb69ccc40942a7f30baa443d56d166a059134e3eff0428307ebdd548" }, "network/private_network/tutorials.md": { - "en": "d634445f1e1091e7094ab9afb6a16486ea076c0219b4e336d2d8ae21836f9049", - "de": "d634445f1e1091e7094ab9afb6a16486ea076c0219b4e336d2d8ae21836f9049", - "es": "d634445f1e1091e7094ab9afb6a16486ea076c0219b4e336d2d8ae21836f9049", - "it": "d634445f1e1091e7094ab9afb6a16486ea076c0219b4e336d2d8ae21836f9049" + "en": "3129859075ff7dde2682afa48dd26621529a60e627c5ddff45268dcddd88c203", + "de": "3129859075ff7dde2682afa48dd26621529a60e627c5ddff45268dcddd88c203", + "es": "3129859075ff7dde2682afa48dd26621529a60e627c5ddff45268dcddd88c203", + "it": "3129859075ff7dde2682afa48dd26621529a60e627c5ddff45268dcddd88c203" }, "network/private_network/private_network.md": { - "en": "7f37f47205c3773de42c76e193c6e6921b0d90adf84897b0e3683a5b55e363c4", - "de": "7f37f47205c3773de42c76e193c6e6921b0d90adf84897b0e3683a5b55e363c4", - "es": "7f37f47205c3773de42c76e193c6e6921b0d90adf84897b0e3683a5b55e363c4", - "it": "7f37f47205c3773de42c76e193c6e6921b0d90adf84897b0e3683a5b55e363c4" + "en": "58dee5c452c37d68b45398b72a7e5b9cbe40e0df8f5e142687dc00f31b9ce153", + "de": "58dee5c452c37d68b45398b72a7e5b9cbe40e0df8f5e142687dc00f31b9ce153", + "es": "58dee5c452c37d68b45398b72a7e5b9cbe40e0df8f5e142687dc00f31b9ce153", + "it": "58dee5c452c37d68b45398b72a7e5b9cbe40e0df8f5e142687dc00f31b9ce153" }, "network/internet/tutorials/forti.md": { "en": "a21974275e6dcea3f608ece23529f9693e002833f6b0ccfe52decf5f07558726", @@ -745,10 +745,10 @@ "it": "b33cc1e218480ed3b838dc681c23a5c75cb3cf281b94d3622f260f2e9425b3ad" }, "changelog.md": { - "en": "db65941aa293e0a3679272630a79972b63103df98fc6e6268ee8f27d0747a5c2", - "es": "db65941aa293e0a3679272630a79972b63103df98fc6e6268ee8f27d0747a5c2", - "de": "db65941aa293e0a3679272630a79972b63103df98fc6e6268ee8f27d0747a5c2", - "it": "db65941aa293e0a3679272630a79972b63103df98fc6e6268ee8f27d0747a5c2" + "en": "67514839cdc987cef7bf2d1292d86c32eb66adaf15eefb723c46ac2c1c2f8808", + "es": "67514839cdc987cef7bf2d1292d86c32eb66adaf15eefb723c46ac2c1c2f8808", + "de": "67514839cdc987cef7bf2d1292d86c32eb66adaf15eefb723c46ac2c1c2f8808", + "it": "67514839cdc987cef7bf2d1292d86c32eb66adaf15eefb723c46ac2c1c2f8808" }, "contractual/llmaas/raci.md": { "en": "49ed11511db1a57d1181e20ef4c8784748390c98045d71a2977a6ba408ac998f", @@ -907,10 +907,10 @@ "it": "983844e51bd33596d3eaa296289d2f8900894dd6a329f803fa37ed96b6029f27" }, "managed_kubernetes/managed_kubernetes.md": { - "en": "446b91355767b364d2db74412f134ef574f2a68e6a7949b4545f480ec9051027", - "de": "446b91355767b364d2db74412f134ef574f2a68e6a7949b4545f480ec9051027", - "es": "446b91355767b364d2db74412f134ef574f2a68e6a7949b4545f480ec9051027", - "it": "446b91355767b364d2db74412f134ef574f2a68e6a7949b4545f480ec9051027" + "en": "6114c11ef8a7e4cd7bb5f049d93421c7c4cac86fdab151c32f1301ceb1e5fa17", + "de": "6114c11ef8a7e4cd7bb5f049d93421c7c4cac86fdab151c32f1301ceb1e5fa17", + "es": "6114c11ef8a7e4cd7bb5f049d93421c7c4cac86fdab151c32f1301ceb1e5fa17", + "it": "6114c11ef8a7e4cd7bb5f049d93421c7c4cac86fdab151c32f1301ceb1e5fa17" }, "managed_kubernetes/tutorials.md": { "en": "ec7dca39ba811c8947882f464dab93081b191fc8ac5a740d48f6e6c10a6d7eff", @@ -991,10 +991,10 @@ "it": "0878368929e7cbe62688404fab60e338e8970c593b219c3a21cc2eeebcbdd46b" }, "managed_kubernetes/tutorials/usingopencost.md": { - "en": "2af0c3008be2d9594134af91010e4ae672bed096341b2d3b4790a4906b081fad", - "de": "2af0c3008be2d9594134af91010e4ae672bed096341b2d3b4790a4906b081fad", - "es": "2af0c3008be2d9594134af91010e4ae672bed096341b2d3b4790a4906b081fad", - "it": "2af0c3008be2d9594134af91010e4ae672bed096341b2d3b4790a4906b081fad" + "en": "b6e4edc0b60e5070a2d922f603250d1a2651271046c2ac24f0c92d8326c68e82", + "de": "b6e4edc0b60e5070a2d922f603250d1a2651271046c2ac24f0c92d8326c68e82", + "es": "b6e4edc0b60e5070a2d922f603250d1a2651271046c2ac24f0c92d8326c68e82", + "it": "b6e4edc0b60e5070a2d922f603250d1a2651271046c2ac24f0c92d8326c68e82" }, "terraform/terraform.md": { "en": "dce44f42bac9d5e4f060cbaa02232f42f5d2018a5ef041d41005f9d6bb46bb02", @@ -1019,8 +1019,38 @@ "de": "9983a92bd65fe0f15b4ba58430cf63c2fee829d74ef26e832315c6a0e43d5ea3", "es": "9983a92bd65fe0f15b4ba58430cf63c2fee829d74ef26e832315c6a0e43d5ea3", "it": "9983a92bd65fe0f15b4ba58430cf63c2fee829d74ef26e832315c6a0e43d5ea3" + }, + "network/vpc/vpc.md": { + "en": "d3563c764c9e80ed9101944e68b2d3387316ea973ece62ef75c7541f65062d7a", + "es": "d3563c764c9e80ed9101944e68b2d3387316ea973ece62ef75c7541f65062d7a", + "de": "d3563c764c9e80ed9101944e68b2d3387316ea973ece62ef75c7541f65062d7a", + "it": "d3563c764c9e80ed9101944e68b2d3387316ea973ece62ef75c7541f65062d7a" + }, + "network/vpc/concepts.md": { + "en": "159370db850922ed27f472ada013055852e02735e9be201d9578fc086fb8b966", + "es": "159370db850922ed27f472ada013055852e02735e9be201d9578fc086fb8b966", + "it": "159370db850922ed27f472ada013055852e02735e9be201d9578fc086fb8b966", + "de": "159370db850922ed27f472ada013055852e02735e9be201d9578fc086fb8b966" + }, + "network/vpc/tutorials/vm_configuration.md": { + "en": "e54d6dcf448c344ee3370a0973389d89677f24db50cb0b3077c05d98dac9456e", + "de": "e54d6dcf448c344ee3370a0973389d89677f24db50cb0b3077c05d98dac9456e", + "es": "e54d6dcf448c344ee3370a0973389d89677f24db50cb0b3077c05d98dac9456e", + "it": "e54d6dcf448c344ee3370a0973389d89677f24db50cb0b3077c05d98dac9456e" + }, + "network/vpc/quickstart.md": { + "en": "5a3315d46830d98be0a522cd91b0bae0ac87a7495ad75b291901316dbcfb2b4b", + "de": "5a3315d46830d98be0a522cd91b0bae0ac87a7495ad75b291901316dbcfb2b4b", + "it": "5a3315d46830d98be0a522cd91b0bae0ac87a7495ad75b291901316dbcfb2b4b", + "es": "5a3315d46830d98be0a522cd91b0bae0ac87a7495ad75b291901316dbcfb2b4b" + }, + "managed_kubernetes/tutorials/usinggpu.md": { + "en": "d7d259db6096fc47338988d7158fc0fb0095a2ee0b6ff6a21288aeb32c5c2e4c", + "de": "d7d259db6096fc47338988d7158fc0fb0095a2ee0b6ff6a21288aeb32c5c2e4c", + "es": "d7d259db6096fc47338988d7158fc0fb0095a2ee0b6ff6a21288aeb32c5c2e4c", + "it": "d7d259db6096fc47338988d7158fc0fb0095a2ee0b6ff6a21288aeb32c5c2e4c" } }, - "last_update": "2025-12-15T14:59:57.656627", + "last_update": "2026-01-21T10:42:48.432083", "version": "2.0" } \ No newline at end of file diff --git a/sidebars.ts b/sidebars.ts index aa6fcbac..162b3fac 100644 --- a/sidebars.ts +++ b/sidebars.ts @@ -231,11 +231,11 @@ const sidebars: SidebarsConfig = { 'managed_kubernetes/tutorials/networking', 'managed_kubernetes/tutorials/usingcapsule', 'managed_kubernetes/tutorials/usinggapi', - 'managed_kubernetes/tutorials/usingkubecosts', 'managed_kubernetes/tutorials/usingopencost', 'managed_kubernetes/tutorials/usingkasten', 'managed_kubernetes/tutorials/usingargocd', 'managed_kubernetes/tutorials/usingharbor', + 'managed_kubernetes/tutorials/usinggpu', ], }, ],