SlideShare une entreprise Scribd logo

Automated Server Administration for DevSecOps

Aarno Aukia
Aarno Aukia

VSHN manages servers for customers using automated tools. Aarno from VSHN discussed their implementation which includes a web interface for customers, infrastructure as code using YAML, and automated monitoring and updates. Some lessons learned included using tools to separate customers while sharing code, monitoring and backups by default, and good processes for frequent updates.

Logiciels
1  sur  15
Télécharger pour lire hors ligne
VSHN - The DevOps Company Automated Server Administration for DevSecOps Aarno Aukia, CTO @ VSHN - The DevOps Company DevSecOps Forum 12.3.2019
VSHN - The DevOps Company ● Who is Aarno and VSHN - The DevOps Company ? ● Managing 1200 servers ○ Challenges ○ Our implementation & user interface ○ Demo ○ Lessons learned 22 Agenda
VSHN - The DevOps Company @aarnoaukia http://about.me/aarno aarno.aukia@vshn.ch ETH → Google → Atrila → VSHN VSHN - The DevOps Company Since 2014, currently 35 VSHNeers in Zürich, Switzerland Helping Developers run applications on any infrastructure making both visitors happy with stability and developers happy with agility 33 About Aarno & VSHN.ch
VSHN - The DevOps Company 5 Operations = Firefighting-as-a-Service ? 5
VSHN - The DevOps Company Capability Maturity Model Integration (CMMI) 66 Operations 2014 How to get to this level?
VSHN - The DevOps Company DevOps: CMMI Level 5: People, Processes & Tools 77
VSHN - The DevOps Company ● Interface Dev <-> Ops ○ DevOps, CI/CD, Containers, etc ● Interface Ops <-> Infra ○ Hypervisors, APIs, Metrics, etc ● Manage VMs on any infrastructure ● Service Monitoring, Alerting, Metrics, Logs ● Updates, Backups, Configuration Management 88 VSHN Managed Service
VSHN - The DevOps Company ● you don’t like proper (software) release management ○ or else you’ll be in dependency hell with 200 modules in 200 environments ● you practice “don’t touch a running system” ○ you’ll be updating all servers all the time - both good and bad ● standardizing/optimizing ○ no more handcrafted snowflake pets, lots and lots of cattle ● you don’t actively develop monitoring/checks ○ or else you’ll get alert fatigue from noisy checks 99 Don’t do automatic server management if...
VSHN - The DevOps Company ● Web-based self-service for customers ● CRUD server definitions -> CMDB 1010 VSHN Control Panel
VSHN - The DevOps Company 11 Demo 11
VSHN - The DevOps Company 1212 Infrastructure as Code Single source of truth: Configuration YAML in GIT --- classes: - profile_certificates - profile_webhosting packages: - nagios-plugins-wordpress - nagios-plugins-wordpress-config profile_php::php_settings: date.timezone: 'Europe/Zurich' acmetool::use_production_endpoint: true profile_php::php_version: '7.0' profile_php::extensions: - mysql - gd - mbstring - curl profile_icinga2::hiera_services: check_wordpress_dev: check_command: 'wordpress_updates' display_name: 'Wordpress Updates test.vshn.net' vars: wordpress_instance: 'vshn_dev' wordpress_db_name: 'vshn_dev' wordpress_db_user: 'vshn_dev' wordpress_db_pass: 'replaced' check_wordpress_prod: check_command: 'wordpress_updates' display_name: 'Wordpress Updates vshn.net' vars: wordpress_instance: 'vshn_prod' wordpress_db_name: 'vshn_prod' wordpress_db_user: 'vshn_prod' wordpress_db_pass: 'replaced' profile_mariadb::db_root_pw: 'replaced' profile_webhosting::sites: vshn_dev: stack_type: 'php' db_type: 'mariadb' db_password: 'replaced' php_admin_values: memory_limit: '300M' post_max_size: '20M' upload_max_filesize: '20M' manage_tls: letsencrypt
VSHN - The DevOps Company ● who ● when ● what ● tests successful? ● why 1313 GIT: changelog
VSHN - The DevOps Company 1414 Logic # https check if $manage_tls and $manage_tls != 'false' { ::profile_icinga2::resources::check { "${name}_nginx-${main_domain}-https": check_command => 'http', display_name => "nginx https ${name}", check_zone => $monitoring_check_zone, notes => 'https check on port 443, supports authentication and URI', notes_url => 'http', production_level => $monitoring_production_level, vars => merge({ 'http_address' => $::fqdn, 'http_vhost' => $main_domain, 'http_ssl' => true, 'http_uri' => $monitor_path, 'http_sni' => true, }, $_auth_var, $monitor_extra_check_vars), } } # https certificate check if ($manage_tls and $manage_tls != 'false' and $manage_tls != 'snakeoil') { if $manage_tls == 'trusted' { $_days = 30 } else { $_days = 20 } ::profile_icinga2::resources::check { "${name}_nginx-${main_domain}-certificate": check_command => 'http', display_name => "nginx certificate ${main_domain}", notes => "https certificate check, checks days (${_days}) left until expire", notes_url => 'https_certificate', production_level => $monitoring_production_level, check_interval => '2h', vars => { 'http_address' => $::fqdn, 'http_vhost' => $main_domain, 'http_tls' => true, 'http_certificate' => $_days, 'http_sni' => true, }, } } } e.g. automatically monitor all HTTPS sites & certificates
VSHN - The DevOps Company ● Trade-off between multi-tenancy (separation of customers/environments) and common code base development -> Tools & Software-Release-Processes (e.g. https://github.com/vshn/crmngr) ● Monitoring & Backup by default: value > cost ● Hierarchical CMDB: configuration for policy groups ● Staged/canary rollouts (e.g. for intrusive things like firewall changes) ● Local tests (pacco: puppet-in-docker-in-vagrant: https://github.com/vshn/puppet-in-docker) ● Good and robust process for regular & frequent updates 1515 Lessons learned
Come visit us for a coffee! VSHN AG - Neugasse 10 - CH-8005 Zürich - +41 44 545 53 00 - https://vshn.ch/ - info@vshn.ch https://vshn.ch/kontakt/ Follow us on Twitter! @vshn_ch 16

Recommandé

Automating Security Compliance on AWS with DevSecOps
Automating Security Compliance on AWS with DevSecOpsAutomating Security Compliance on AWS with DevSecOps
Automating Security Compliance on AWS with DevSecOpsTushar Gupta
 
Building security into the pipelines
Building security into the pipelinesBuilding security into the pipelines
Building security into the pipelinesVandana Verma
 
DevSecOps for you Full Stack
DevSecOps for you Full StackDevSecOps for you Full Stack
DevSecOps for you Full StackRon Nixon
 
DevSecOps
DevSecOpsDevSecOps
DevSecOpsCheah Eng Soon
 
Extensible dev secops pipelines with Jenkins, Docker, Terraform, and a kitche...
Extensible dev secops pipelines with Jenkins, Docker, Terraform, and a kitche...Extensible dev secops pipelines with Jenkins, Docker, Terraform, and a kitche...
Extensible dev secops pipelines with Jenkins, Docker, Terraform, and a kitche...Richard Bullington-McGuire
 
DevSecOps OWASP
DevSecOps OWASPDevSecOps OWASP
DevSecOps OWASPPriyanka Raghavan
 
wannabe Cyberpunk; “I don’t know what I’m supposed to do.”
wannabe Cyberpunk; “I don’t know what I’m supposed to do.”wannabe Cyberpunk; “I don’t know what I’m supposed to do.”
wannabe Cyberpunk; “I don’t know what I’m supposed to do.”Moshiul Islam, CISSP, CISA, CFE
 
DevSecOps What Why and How
DevSecOps What Why and HowDevSecOps What Why and How
DevSecOps What Why and HowNotSoSecure Global Services
 

Recommandé

Automating Security Compliance on AWS with DevSecOps
Automating Security Compliance on AWS with DevSecOpsAutomating Security Compliance on AWS with DevSecOps
Automating Security Compliance on AWS with DevSecOpsTushar Gupta
 
Building security into the pipelines
Building security into the pipelinesBuilding security into the pipelines
Building security into the pipelinesVandana Verma
 
DevSecOps for you Full Stack
DevSecOps for you Full StackDevSecOps for you Full Stack
DevSecOps for you Full StackRon Nixon
 
DevSecOps
DevSecOpsDevSecOps
DevSecOpsCheah Eng Soon
 
Extensible dev secops pipelines with Jenkins, Docker, Terraform, and a kitche...
Extensible dev secops pipelines with Jenkins, Docker, Terraform, and a kitche...Extensible dev secops pipelines with Jenkins, Docker, Terraform, and a kitche...
Extensible dev secops pipelines with Jenkins, Docker, Terraform, and a kitche...Richard Bullington-McGuire
 
DevSecOps OWASP
DevSecOps OWASPDevSecOps OWASP
DevSecOps OWASPPriyanka Raghavan
 
wannabe Cyberpunk; “I don’t know what I’m supposed to do.”
wannabe Cyberpunk; “I don’t know what I’m supposed to do.”wannabe Cyberpunk; “I don’t know what I’m supposed to do.”
wannabe Cyberpunk; “I don’t know what I’m supposed to do.”Moshiul Islam, CISSP, CISA, CFE
 
DevSecOps What Why and How
DevSecOps What Why and HowDevSecOps What Why and How
DevSecOps What Why and HowNotSoSecure Global Services
 
Introduction to DevSecOps
Introduction to DevSecOpsIntroduction to DevSecOps
Introduction to DevSecOpsAmazon Web Services
 
DevSecCon London 2018: Open DevSecOps
DevSecCon London 2018: Open DevSecOpsDevSecCon London 2018: Open DevSecOps
DevSecCon London 2018: Open DevSecOpsDevSecCon
 
2019 DevSecOps Reference Architectures
2019 DevSecOps Reference Architectures2019 DevSecOps Reference Architectures
2019 DevSecOps Reference ArchitecturesSonatype
 
Securing Systems at Cloud Scale with DevSecOps
Securing Systems at Cloud Scale with DevSecOpsSecuring Systems at Cloud Scale with DevSecOps
Securing Systems at Cloud Scale with DevSecOpsAmazon Web Services
 
Hacker Games & DevSecOps
Hacker Games & DevSecOpsHacker Games & DevSecOps
Hacker Games & DevSecOpslokori
 
Embacing service-level-objectives of your microservices in your Cl/CD
Embacing service-level-objectives of your microservices in your Cl/CDEmbacing service-level-objectives of your microservices in your Cl/CD
Embacing service-level-objectives of your microservices in your Cl/CDNebulaworks
 
DevOps & Security: Here & Now
DevOps & Security: Here & NowDevOps & Security: Here & Now
DevOps & Security: Here & NowCheckmarx
 
DevSecCon London 2017: Threat modeling in a CI environment by Steven Wierckx
DevSecCon London 2017: Threat modeling in a CI environment by Steven WierckxDevSecCon London 2017: Threat modeling in a CI environment by Steven Wierckx
DevSecCon London 2017: Threat modeling in a CI environment by Steven WierckxDevSecCon
 
Automated Testing in Continuous Change Management
Automated Testing in Continuous Change ManagementAutomated Testing in Continuous Change Management
Automated Testing in Continuous Change ManagementPerforce
 
Successfully Implementing DEV-SEC-OPS in the Cloud
Successfully Implementing DEV-SEC-OPS in the CloudSuccessfully Implementing DEV-SEC-OPS in the Cloud
Successfully Implementing DEV-SEC-OPS in the CloudAmazon Web Services
 
DevOps Friendly Doc Publishing for APIs & Microservices
DevOps Friendly Doc Publishing for APIs & MicroservicesDevOps Friendly Doc Publishing for APIs & Microservices
DevOps Friendly Doc Publishing for APIs & MicroservicesSonatype
 
DevOpsSec: Appling DevOps Principles to Security, DevOpsDays Austin 2012
DevOpsSec: Appling DevOps Principles to Security, DevOpsDays Austin 2012DevOpsSec: Appling DevOps Principles to Security, DevOpsDays Austin 2012
DevOpsSec: Appling DevOps Principles to Security, DevOpsDays Austin 2012Nick Galbreath
 
#ATAGTR2019 Presentation "DevSecOps with GitLab" By Avishkar Nikale
#ATAGTR2019 Presentation "DevSecOps with GitLab" By Avishkar Nikale#ATAGTR2019 Presentation "DevSecOps with GitLab" By Avishkar Nikale
#ATAGTR2019 Presentation "DevSecOps with GitLab" By Avishkar NikaleAgile Testing Alliance
 
DevSecCon London 2017: Hands-on secure software development from design to de...
DevSecCon London 2017: Hands-on secure software development from design to de...DevSecCon London 2017: Hands-on secure software development from design to de...
DevSecCon London 2017: Hands-on secure software development from design to de...DevSecCon
 
Continuous Security Testing with Devops - OWASP EU 2014
Continuous Security Testing with Devops - OWASP EU 2014Continuous Security Testing with Devops - OWASP EU 2014
Continuous Security Testing with Devops - OWASP EU 2014Stephen de Vries
 
Hybrid Cloud Networking
Hybrid Cloud NetworkingHybrid Cloud Networking
Hybrid Cloud NetworkingSVForum Cloud SIG
 
Integrating Security into DevOps
Integrating Security into DevOpsIntegrating Security into DevOps
Integrating Security into DevOpsCloudPassage
 
What it feels like to live in a Security Enabled DevOps World
What it feels like to live in a Security Enabled DevOps WorldWhat it feels like to live in a Security Enabled DevOps World
What it feels like to live in a Security Enabled DevOps WorldKarun Chennuri
 
DevSecOps: Taking a DevOps Approach to Security
DevSecOps: Taking a DevOps Approach to SecurityDevSecOps: Taking a DevOps Approach to Security
DevSecOps: Taking a DevOps Approach to SecurityAlert Logic
 
Continuous Security Testing - DevSecCon
Continuous Security Testing - DevSecConContinuous Security Testing - DevSecCon
Continuous Security Testing - DevSecConStephen de Vries
 
Monitoring CloudStack and components
Monitoring CloudStack and componentsMonitoring CloudStack and components
Monitoring CloudStack and componentsShapeBlue
 
Using PHP with IBM Bluemix
Using PHP with IBM BluemixUsing PHP with IBM Bluemix
Using PHP with IBM Bluemixvvaswani
 

Contenu connexe

Tendances

DevSecCon London 2018: Open DevSecOps
DevSecCon London 2018: Open DevSecOpsDevSecCon London 2018: Open DevSecOps
DevSecCon London 2018: Open DevSecOpsDevSecCon
 
2019 DevSecOps Reference Architectures
2019 DevSecOps Reference Architectures2019 DevSecOps Reference Architectures
2019 DevSecOps Reference ArchitecturesSonatype
 
Securing Systems at Cloud Scale with DevSecOps
Securing Systems at Cloud Scale with DevSecOpsSecuring Systems at Cloud Scale with DevSecOps
Securing Systems at Cloud Scale with DevSecOpsAmazon Web Services
 
Hacker Games & DevSecOps
Hacker Games & DevSecOpsHacker Games & DevSecOps
Hacker Games & DevSecOpslokori
 
Embacing service-level-objectives of your microservices in your Cl/CD
Embacing service-level-objectives of your microservices in your Cl/CDEmbacing service-level-objectives of your microservices in your Cl/CD
Embacing service-level-objectives of your microservices in your Cl/CDNebulaworks
 
DevOps & Security: Here & Now
DevOps & Security: Here & NowDevOps & Security: Here & Now
DevOps & Security: Here & NowCheckmarx
 
DevSecCon London 2017: Threat modeling in a CI environment by Steven Wierckx
DevSecCon London 2017: Threat modeling in a CI environment by Steven WierckxDevSecCon London 2017: Threat modeling in a CI environment by Steven Wierckx
DevSecCon London 2017: Threat modeling in a CI environment by Steven WierckxDevSecCon
 
Automated Testing in Continuous Change Management
Automated Testing in Continuous Change ManagementAutomated Testing in Continuous Change Management
Automated Testing in Continuous Change ManagementPerforce
 
Successfully Implementing DEV-SEC-OPS in the Cloud
Successfully Implementing DEV-SEC-OPS in the CloudSuccessfully Implementing DEV-SEC-OPS in the Cloud
Successfully Implementing DEV-SEC-OPS in the CloudAmazon Web Services
 
DevOps Friendly Doc Publishing for APIs & Microservices
DevOps Friendly Doc Publishing for APIs & MicroservicesDevOps Friendly Doc Publishing for APIs & Microservices
DevOps Friendly Doc Publishing for APIs & MicroservicesSonatype
 
DevOpsSec: Appling DevOps Principles to Security, DevOpsDays Austin 2012
DevOpsSec: Appling DevOps Principles to Security, DevOpsDays Austin 2012DevOpsSec: Appling DevOps Principles to Security, DevOpsDays Austin 2012
DevOpsSec: Appling DevOps Principles to Security, DevOpsDays Austin 2012Nick Galbreath
 
#ATAGTR2019 Presentation "DevSecOps with GitLab" By Avishkar Nikale
#ATAGTR2019 Presentation "DevSecOps with GitLab" By Avishkar Nikale#ATAGTR2019 Presentation "DevSecOps with GitLab" By Avishkar Nikale
#ATAGTR2019 Presentation "DevSecOps with GitLab" By Avishkar NikaleAgile Testing Alliance
 
DevSecCon London 2017: Hands-on secure software development from design to de...
DevSecCon London 2017: Hands-on secure software development from design to de...DevSecCon London 2017: Hands-on secure software development from design to de...
DevSecCon London 2017: Hands-on secure software development from design to de...DevSecCon
 
Continuous Security Testing with Devops - OWASP EU 2014
Continuous Security Testing with Devops - OWASP EU 2014Continuous Security Testing with Devops - OWASP EU 2014
Continuous Security Testing with Devops - OWASP EU 2014Stephen de Vries
 
Integrating Security into DevOps
Integrating Security into DevOpsIntegrating Security into DevOps
Integrating Security into DevOpsCloudPassage
 
What it feels like to live in a Security Enabled DevOps World
What it feels like to live in a Security Enabled DevOps WorldWhat it feels like to live in a Security Enabled DevOps World
What it feels like to live in a Security Enabled DevOps WorldKarun Chennuri
 
DevSecOps: Taking a DevOps Approach to Security
DevSecOps: Taking a DevOps Approach to SecurityDevSecOps: Taking a DevOps Approach to Security
DevSecOps: Taking a DevOps Approach to SecurityAlert Logic
 
Continuous Security Testing - DevSecCon
Continuous Security Testing - DevSecConContinuous Security Testing - DevSecCon
Continuous Security Testing - DevSecConStephen de Vries
 

Tendances (20)

Introduction to DevSecOps
Introduction to DevSecOpsIntroduction to DevSecOps
Introduction to DevSecOps
 
DevSecCon London 2018: Open DevSecOps
DevSecCon London 2018: Open DevSecOpsDevSecCon London 2018: Open DevSecOps
DevSecCon London 2018: Open DevSecOps
 
2019 DevSecOps Reference Architectures
2019 DevSecOps Reference Architectures2019 DevSecOps Reference Architectures
2019 DevSecOps Reference Architectures
 
Securing Systems at Cloud Scale with DevSecOps
Securing Systems at Cloud Scale with DevSecOpsSecuring Systems at Cloud Scale with DevSecOps
Securing Systems at Cloud Scale with DevSecOps
 
Hacker Games & DevSecOps
Hacker Games & DevSecOpsHacker Games & DevSecOps
Hacker Games & DevSecOps
 
Embacing service-level-objectives of your microservices in your Cl/CD
Embacing service-level-objectives of your microservices in your Cl/CDEmbacing service-level-objectives of your microservices in your Cl/CD
Embacing service-level-objectives of your microservices in your Cl/CD
 
DevOps & Security: Here & Now
DevOps & Security: Here & NowDevOps & Security: Here & Now
DevOps & Security: Here & Now
 
DevSecCon London 2017: Threat modeling in a CI environment by Steven Wierckx
DevSecCon London 2017: Threat modeling in a CI environment by Steven WierckxDevSecCon London 2017: Threat modeling in a CI environment by Steven Wierckx
DevSecCon London 2017: Threat modeling in a CI environment by Steven Wierckx
 
Automated Testing in Continuous Change Management
Automated Testing in Continuous Change ManagementAutomated Testing in Continuous Change Management
Automated Testing in Continuous Change Management
 
Successfully Implementing DEV-SEC-OPS in the Cloud
Successfully Implementing DEV-SEC-OPS in the CloudSuccessfully Implementing DEV-SEC-OPS in the Cloud
Successfully Implementing DEV-SEC-OPS in the Cloud
 
DevOps Friendly Doc Publishing for APIs & Microservices
DevOps Friendly Doc Publishing for APIs & MicroservicesDevOps Friendly Doc Publishing for APIs & Microservices
DevOps Friendly Doc Publishing for APIs & Microservices
 
DevOpsSec: Appling DevOps Principles to Security, DevOpsDays Austin 2012
DevOpsSec: Appling DevOps Principles to Security, DevOpsDays Austin 2012DevOpsSec: Appling DevOps Principles to Security, DevOpsDays Austin 2012
DevOpsSec: Appling DevOps Principles to Security, DevOpsDays Austin 2012
 
#ATAGTR2019 Presentation "DevSecOps with GitLab" By Avishkar Nikale
#ATAGTR2019 Presentation "DevSecOps with GitLab" By Avishkar Nikale#ATAGTR2019 Presentation "DevSecOps with GitLab" By Avishkar Nikale
#ATAGTR2019 Presentation "DevSecOps with GitLab" By Avishkar Nikale
 
DevSecCon London 2017: Hands-on secure software development from design to de...
DevSecCon London 2017: Hands-on secure software development from design to de...DevSecCon London 2017: Hands-on secure software development from design to de...
DevSecCon London 2017: Hands-on secure software development from design to de...
 
Continuous Security Testing with Devops - OWASP EU 2014
Continuous Security Testing with Devops - OWASP EU 2014Continuous Security Testing with Devops - OWASP EU 2014
Continuous Security Testing with Devops - OWASP EU 2014
 
Hybrid Cloud Networking
Hybrid Cloud NetworkingHybrid Cloud Networking
Hybrid Cloud Networking
 
Integrating Security into DevOps
Integrating Security into DevOpsIntegrating Security into DevOps
Integrating Security into DevOps
 
What it feels like to live in a Security Enabled DevOps World
What it feels like to live in a Security Enabled DevOps WorldWhat it feels like to live in a Security Enabled DevOps World
What it feels like to live in a Security Enabled DevOps World
 
DevSecOps: Taking a DevOps Approach to Security
DevSecOps: Taking a DevOps Approach to SecurityDevSecOps: Taking a DevOps Approach to Security
DevSecOps: Taking a DevOps Approach to Security
 
Continuous Security Testing - DevSecCon
Continuous Security Testing - DevSecConContinuous Security Testing - DevSecCon
Continuous Security Testing - DevSecCon
 

Similaire à Automated Server Administration for DevSecOps

Monitoring CloudStack and components
Monitoring CloudStack and componentsMonitoring CloudStack and components
Monitoring CloudStack and componentsShapeBlue
 
Using PHP with IBM Bluemix
Using PHP with IBM BluemixUsing PHP with IBM Bluemix
Using PHP with IBM Bluemixvvaswani
 
Avoid the Vendor Lock-in Trap (with App Deployment)
Avoid the Vendor Lock-in Trap (with App Deployment)Avoid the Vendor Lock-in Trap (with App Deployment)
Avoid the Vendor Lock-in Trap (with App Deployment)Peter Bittner
 
(ARC402) Deployment Automation: From Developers' Keyboards to End Users' Scre...
(ARC402) Deployment Automation: From Developers' Keyboards to End Users' Scre...(ARC402) Deployment Automation: From Developers' Keyboards to End Users' Scre...
(ARC402) Deployment Automation: From Developers' Keyboards to End Users' Scre...Amazon Web Services
 
Scaling Automated Tests: Choosing an Appropriate Subset
Scaling Automated Tests: Choosing an Appropriate SubsetScaling Automated Tests: Choosing an Appropriate Subset
Scaling Automated Tests: Choosing an Appropriate SubsetTechWell
 
Kubernetes Story - Day 3: Deploying and Scaling Applications on OpenShift
Kubernetes Story - Day 3: Deploying and Scaling Applications on OpenShiftKubernetes Story - Day 3: Deploying and Scaling Applications on OpenShift
Kubernetes Story - Day 3: Deploying and Scaling Applications on OpenShiftMihai Criveti
 
Your admin toolbelt is not complete without Salesforce DX
Your admin toolbelt is not complete without Salesforce DXYour admin toolbelt is not complete without Salesforce DX
Your admin toolbelt is not complete without Salesforce DXDaniel Stange
 
Architeching a php application with interfaces to the ib mi
Architeching a php application with interfaces to the ib miArchiteching a php application with interfaces to the ib mi
Architeching a php application with interfaces to the ib miChelsea Fenton
 
PHP QA Tools
PHP QA ToolsPHP QA Tools
PHP QA Toolsrjsmelo
 
ClickHouse on Kubernetes, by Alexander Zaitsev, Altinity CTO
ClickHouse on Kubernetes, by Alexander Zaitsev, Altinity CTOClickHouse on Kubernetes, by Alexander Zaitsev, Altinity CTO
ClickHouse on Kubernetes, by Alexander Zaitsev, Altinity CTOAltinity Ltd
 
CredHub and Secure Credential Management
CredHub and Secure Credential ManagementCredHub and Secure Credential Management
CredHub and Secure Credential ManagementVMware Tanzu
 
Just Another Word Press Weblog But More Cloudy
Just Another Word Press Weblog But More CloudyJust Another Word Press Weblog But More Cloudy
Just Another Word Press Weblog But More CloudyMaarten Balliauw
 
CloudStack - Top 5 Technical Issues and Troubleshooting
CloudStack - Top 5 Technical Issues and TroubleshootingCloudStack - Top 5 Technical Issues and Troubleshooting
CloudStack - Top 5 Technical Issues and TroubleshootingShapeBlue
 
Angularjs practical project experiences with javascript development in a bank
Angularjs practical project experiences with javascript development in a bankAngularjs practical project experiences with javascript development in a bank
Angularjs practical project experiences with javascript development in a bankDavid Amend
 
Tech Talk: DevOps at LeanIX @ Startup Camp Berlin
Tech Talk: DevOps at LeanIX @ Startup Camp BerlinTech Talk: DevOps at LeanIX @ Startup Camp Berlin
Tech Talk: DevOps at LeanIX @ Startup Camp BerlinLeanIX GmbH
 
Digital Forensics and Incident Response in The Cloud Part 3
Digital Forensics and Incident Response in The Cloud Part 3Digital Forensics and Incident Response in The Cloud Part 3
Digital Forensics and Incident Response in The Cloud Part 3Velocidex Enterprises
 
Ranger admin dev overview
Ranger admin dev overviewRanger admin dev overview
Ranger admin dev overviewTushar Dudhatra
 
PVS-Studio in the Clouds: Travis CI
PVS-Studio in the Clouds: Travis CIPVS-Studio in the Clouds: Travis CI
PVS-Studio in the Clouds: Travis CIAndrey Karpov
 
Converting your DEV Environment to a Docker Stack - ZCOE18
Converting your DEV Environment to a Docker Stack - ZCOE18Converting your DEV Environment to a Docker Stack - ZCOE18
Converting your DEV Environment to a Docker Stack - ZCOE18Dana Luther
 
Becoming a Plumber: Building Deployment Pipelines - All Day DevOps
Becoming a Plumber: Building Deployment Pipelines - All Day DevOpsBecoming a Plumber: Building Deployment Pipelines - All Day DevOps
Becoming a Plumber: Building Deployment Pipelines - All Day DevOpsDaniel Barker
 

Similaire à Automated Server Administration for DevSecOps (20)

Monitoring CloudStack and components
Monitoring CloudStack and componentsMonitoring CloudStack and components
Monitoring CloudStack and components
 
Using PHP with IBM Bluemix
Using PHP with IBM BluemixUsing PHP with IBM Bluemix
Using PHP with IBM Bluemix
 
Avoid the Vendor Lock-in Trap (with App Deployment)
Avoid the Vendor Lock-in Trap (with App Deployment)Avoid the Vendor Lock-in Trap (with App Deployment)
Avoid the Vendor Lock-in Trap (with App Deployment)
 
(ARC402) Deployment Automation: From Developers' Keyboards to End Users' Scre...
(ARC402) Deployment Automation: From Developers' Keyboards to End Users' Scre...(ARC402) Deployment Automation: From Developers' Keyboards to End Users' Scre...
(ARC402) Deployment Automation: From Developers' Keyboards to End Users' Scre...
 
Scaling Automated Tests: Choosing an Appropriate Subset
Scaling Automated Tests: Choosing an Appropriate SubsetScaling Automated Tests: Choosing an Appropriate Subset
Scaling Automated Tests: Choosing an Appropriate Subset
 
Kubernetes Story - Day 3: Deploying and Scaling Applications on OpenShift
Kubernetes Story - Day 3: Deploying and Scaling Applications on OpenShiftKubernetes Story - Day 3: Deploying and Scaling Applications on OpenShift
Kubernetes Story - Day 3: Deploying and Scaling Applications on OpenShift
 
Your admin toolbelt is not complete without Salesforce DX
Your admin toolbelt is not complete without Salesforce DXYour admin toolbelt is not complete without Salesforce DX
Your admin toolbelt is not complete without Salesforce DX
 
Architeching a php application with interfaces to the ib mi
Architeching a php application with interfaces to the ib miArchiteching a php application with interfaces to the ib mi
Architeching a php application with interfaces to the ib mi
 
PHP QA Tools
PHP QA ToolsPHP QA Tools
PHP QA Tools
 
ClickHouse on Kubernetes, by Alexander Zaitsev, Altinity CTO
ClickHouse on Kubernetes, by Alexander Zaitsev, Altinity CTOClickHouse on Kubernetes, by Alexander Zaitsev, Altinity CTO
ClickHouse on Kubernetes, by Alexander Zaitsev, Altinity CTO
 
CredHub and Secure Credential Management
CredHub and Secure Credential ManagementCredHub and Secure Credential Management
CredHub and Secure Credential Management
 
Just Another Word Press Weblog But More Cloudy
Just Another Word Press Weblog But More CloudyJust Another Word Press Weblog But More Cloudy
Just Another Word Press Weblog But More Cloudy
 
CloudStack - Top 5 Technical Issues and Troubleshooting
CloudStack - Top 5 Technical Issues and TroubleshootingCloudStack - Top 5 Technical Issues and Troubleshooting
CloudStack - Top 5 Technical Issues and Troubleshooting
 
Angularjs practical project experiences with javascript development in a bank
Angularjs practical project experiences with javascript development in a bankAngularjs practical project experiences with javascript development in a bank
Angularjs practical project experiences with javascript development in a bank
 
Tech Talk: DevOps at LeanIX @ Startup Camp Berlin
Tech Talk: DevOps at LeanIX @ Startup Camp BerlinTech Talk: DevOps at LeanIX @ Startup Camp Berlin
Tech Talk: DevOps at LeanIX @ Startup Camp Berlin
 
Digital Forensics and Incident Response in The Cloud Part 3
Digital Forensics and Incident Response in The Cloud Part 3Digital Forensics and Incident Response in The Cloud Part 3
Digital Forensics and Incident Response in The Cloud Part 3
 
Ranger admin dev overview
Ranger admin dev overviewRanger admin dev overview
Ranger admin dev overview
 
PVS-Studio in the Clouds: Travis CI
PVS-Studio in the Clouds: Travis CIPVS-Studio in the Clouds: Travis CI
PVS-Studio in the Clouds: Travis CI
 
Converting your DEV Environment to a Docker Stack - ZCOE18
Converting your DEV Environment to a Docker Stack - ZCOE18Converting your DEV Environment to a Docker Stack - ZCOE18
Converting your DEV Environment to a Docker Stack - ZCOE18
 
Becoming a Plumber: Building Deployment Pipelines - All Day DevOps
Becoming a Plumber: Building Deployment Pipelines - All Day DevOpsBecoming a Plumber: Building Deployment Pipelines - All Day DevOps
Becoming a Plumber: Building Deployment Pipelines - All Day DevOps
 

Plus de Aarno Aukia

Wie macht man aus Software einen Online-Service in der Cloud
Wie macht man aus Software einen Online-Service in der CloudWie macht man aus Software einen Online-Service in der Cloud
Wie macht man aus Software einen Online-Service in der CloudAarno Aukia
 
DevOps & DevSecOps in Swiss Banking
DevOps & DevSecOps in Swiss BankingDevOps & DevSecOps in Swiss Banking
DevOps & DevSecOps in Swiss BankingAarno Aukia
 
The printing press of 2021 - using GitLab to publish the VSHN Handbook
The printing press of 2021 - using GitLab to publish the VSHN HandbookThe printing press of 2021 - using GitLab to publish the VSHN Handbook
The printing press of 2021 - using GitLab to publish the VSHN HandbookAarno Aukia
 
Applikationsmodernisierung: Der Weg von Legacy in die Cloud
Applikationsmodernisierung: Der Weg von Legacy in die CloudApplikationsmodernisierung: Der Weg von Legacy in die Cloud
Applikationsmodernisierung: Der Weg von Legacy in die CloudAarno Aukia
 
DevSecOps - Security in DevOps
DevSecOps - Security in DevOpsDevSecOps - Security in DevOps
DevSecOps - Security in DevOpsAarno Aukia
 
Security in the DevOps pipeline of containerized core application: Case Study...
Security in the DevOps pipeline of containerized core application: Case Study...Security in the DevOps pipeline of containerized core application: Case Study...
Security in the DevOps pipeline of containerized core application: Case Study...Aarno Aukia
 
Next gen software operations models in the cloud
Next gen software operations models in the cloudNext gen software operations models in the cloud
Next gen software operations models in the cloudAarno Aukia
 
Von der Straße in die Cloud: Optimierung von Logistikprozessen mit Docker, Ku...
Von der Straße in die Cloud: Optimierung von Logistikprozessen mit Docker, Ku...Von der Straße in die Cloud: Optimierung von Logistikprozessen mit Docker, Ku...
Von der Straße in die Cloud: Optimierung von Logistikprozessen mit Docker, Ku...Aarno Aukia
 
Kubecon 2019 Recap
Kubecon 2019 RecapKubecon 2019 Recap
Kubecon 2019 RecapAarno Aukia
 
DevSecOps: Bringing security to the DevOps pipeline
DevSecOps: Bringing security to the DevOps pipelineDevSecOps: Bringing security to the DevOps pipeline
DevSecOps: Bringing security to the DevOps pipelineAarno Aukia
 
DevSecOps: Bringing security to the DevOps pipeline
DevSecOps: Bringing security to the DevOps pipelineDevSecOps: Bringing security to the DevOps pipeline
DevSecOps: Bringing security to the DevOps pipelineAarno Aukia
 
DevSecOps: Bringing security to the DevOps pipeline
DevSecOps: Bringing security to the DevOps pipelineDevSecOps: Bringing security to the DevOps pipeline
DevSecOps: Bringing security to the DevOps pipelineAarno Aukia
 
My broken container is gone - how to debug containers on container platforms
My broken container is gone - how to debug containers on container platformsMy broken container is gone - how to debug containers on container platforms
My broken container is gone - how to debug containers on container platformsAarno Aukia
 
IT Governance and Security Architecture in Docker, Kubernetes, OpenShift
IT Governance and Security Architecture in Docker, Kubernetes, OpenShiftIT Governance and Security Architecture in Docker, Kubernetes, OpenShift
IT Governance and Security Architecture in Docker, Kubernetes, OpenShiftAarno Aukia
 
Wir arbeiten in der Cloud – eine Herausforderung für das IT Management?
Wir arbeiten in der Cloud – eine Herausforderung für das IT Management?Wir arbeiten in der Cloud – eine Herausforderung für das IT Management?
Wir arbeiten in der Cloud – eine Herausforderung für das IT Management?Aarno Aukia
 
Continuous security improvements in the DevOps process
Continuous security improvements in the DevOps processContinuous security improvements in the DevOps process
Continuous security improvements in the DevOps processAarno Aukia
 
Application Portability using Cloud Native Technology: Docker, Kubernetes
Application Portability using Cloud Native Technology: Docker, KubernetesApplication Portability using Cloud Native Technology: Docker, Kubernetes
Application Portability using Cloud Native Technology: Docker, KubernetesAarno Aukia
 
Moving Applications to the cloud
Moving Applications to the cloudMoving Applications to the cloud
Moving Applications to the cloudAarno Aukia
 
Migration von Applikationen in die Cloud
Migration von Applikationen in die CloudMigration von Applikationen in die Cloud
Migration von Applikationen in die CloudAarno Aukia
 
IPv6 on Container Plattforms
IPv6 on Container PlattformsIPv6 on Container Plattforms
IPv6 on Container PlattformsAarno Aukia
 

Plus de Aarno Aukia (20)

Wie macht man aus Software einen Online-Service in der Cloud
Wie macht man aus Software einen Online-Service in der CloudWie macht man aus Software einen Online-Service in der Cloud
Wie macht man aus Software einen Online-Service in der Cloud
 
DevOps & DevSecOps in Swiss Banking
DevOps & DevSecOps in Swiss BankingDevOps & DevSecOps in Swiss Banking
DevOps & DevSecOps in Swiss Banking
 
The printing press of 2021 - using GitLab to publish the VSHN Handbook
The printing press of 2021 - using GitLab to publish the VSHN HandbookThe printing press of 2021 - using GitLab to publish the VSHN Handbook
The printing press of 2021 - using GitLab to publish the VSHN Handbook
 
Applikationsmodernisierung: Der Weg von Legacy in die Cloud
Applikationsmodernisierung: Der Weg von Legacy in die CloudApplikationsmodernisierung: Der Weg von Legacy in die Cloud
Applikationsmodernisierung: Der Weg von Legacy in die Cloud
 
DevSecOps - Security in DevOps
DevSecOps - Security in DevOpsDevSecOps - Security in DevOps
DevSecOps - Security in DevOps
 
Security in the DevOps pipeline of containerized core application: Case Study...
Security in the DevOps pipeline of containerized core application: Case Study...Security in the DevOps pipeline of containerized core application: Case Study...
Security in the DevOps pipeline of containerized core application: Case Study...
 
Next gen software operations models in the cloud
Next gen software operations models in the cloudNext gen software operations models in the cloud
Next gen software operations models in the cloud
 
Von der Straße in die Cloud: Optimierung von Logistikprozessen mit Docker, Ku...
Von der Straße in die Cloud: Optimierung von Logistikprozessen mit Docker, Ku...Von der Straße in die Cloud: Optimierung von Logistikprozessen mit Docker, Ku...
Von der Straße in die Cloud: Optimierung von Logistikprozessen mit Docker, Ku...
 
Kubecon 2019 Recap
Kubecon 2019 RecapKubecon 2019 Recap
Kubecon 2019 Recap
 
DevSecOps: Bringing security to the DevOps pipeline
DevSecOps: Bringing security to the DevOps pipelineDevSecOps: Bringing security to the DevOps pipeline
DevSecOps: Bringing security to the DevOps pipeline
 
DevSecOps: Bringing security to the DevOps pipeline
DevSecOps: Bringing security to the DevOps pipelineDevSecOps: Bringing security to the DevOps pipeline
DevSecOps: Bringing security to the DevOps pipeline
 
DevSecOps: Bringing security to the DevOps pipeline
DevSecOps: Bringing security to the DevOps pipelineDevSecOps: Bringing security to the DevOps pipeline
DevSecOps: Bringing security to the DevOps pipeline
 
My broken container is gone - how to debug containers on container platforms
My broken container is gone - how to debug containers on container platformsMy broken container is gone - how to debug containers on container platforms
My broken container is gone - how to debug containers on container platforms
 
IT Governance and Security Architecture in Docker, Kubernetes, OpenShift
IT Governance and Security Architecture in Docker, Kubernetes, OpenShiftIT Governance and Security Architecture in Docker, Kubernetes, OpenShift
IT Governance and Security Architecture in Docker, Kubernetes, OpenShift
 
Wir arbeiten in der Cloud – eine Herausforderung für das IT Management?
Wir arbeiten in der Cloud – eine Herausforderung für das IT Management?Wir arbeiten in der Cloud – eine Herausforderung für das IT Management?
Wir arbeiten in der Cloud – eine Herausforderung für das IT Management?
 
Continuous security improvements in the DevOps process
Continuous security improvements in the DevOps processContinuous security improvements in the DevOps process
Continuous security improvements in the DevOps process
 
Application Portability using Cloud Native Technology: Docker, Kubernetes
Application Portability using Cloud Native Technology: Docker, KubernetesApplication Portability using Cloud Native Technology: Docker, Kubernetes
Application Portability using Cloud Native Technology: Docker, Kubernetes
 
Moving Applications to the cloud
Moving Applications to the cloudMoving Applications to the cloud
Moving Applications to the cloud
 
Migration von Applikationen in die Cloud
Migration von Applikationen in die CloudMigration von Applikationen in die Cloud
Migration von Applikationen in die Cloud
 
IPv6 on Container Plattforms
IPv6 on Container PlattformsIPv6 on Container Plattforms
IPv6 on Container Plattforms
 

Dernier

Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...soniya singh
 
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...ICS
 
Hand gesture recognition PROJECT PPT.pptx
Hand gesture recognition PROJECT PPT.pptxHand gesture recognition PROJECT PPT.pptx
Hand gesture recognition PROJECT PPT.pptxbodapatigopi8531
 
The Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdf
The Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdfThe Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdf
The Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdfkalichargn70th171
 
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...MyIntelliSource, Inc.
 
How To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected WorkerHow To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected WorkerThousandEyes
 
Software Quality Assurance Interview Questions
Software Quality Assurance Interview QuestionsSoftware Quality Assurance Interview Questions
Software Quality Assurance Interview QuestionsArshad QA
 
What is Binary Language? Computer Number Systems
What is Binary Language? Computer Number SystemsWhat is Binary Language? Computer Number Systems
What is Binary Language? Computer Number SystemsJheuzeDellosa
 
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...gurkirankumar98700
 
Cloud Management Software Platforms: OpenStack
Cloud Management Software Platforms: OpenStackCloud Management Software Platforms: OpenStack
Cloud Management Software Platforms: OpenStackVICTOR MAESTRE RAMIREZ
 
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...OnePlan Solutions
 
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...harshavardhanraghave
 
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsUnveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsAlberto González Trastoy
 
TECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providerTECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providermohitmore19
 
The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdfThe Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdfkalichargn70th171
 
Right Money Management App For Your Financial Goals
Right Money Management App For Your Financial GoalsRight Money Management App For Your Financial Goals
Right Money Management App For Your Financial GoalsJhone kinadey
 
Professional Resume Template for Software Developers
Professional Resume Template for Software DevelopersProfessional Resume Template for Software Developers
Professional Resume Template for Software DevelopersVinodh Ram
 
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...stazi3110
 

Dernier (20)

Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...
 
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
 
Hand gesture recognition PROJECT PPT.pptx
Hand gesture recognition PROJECT PPT.pptxHand gesture recognition PROJECT PPT.pptx
Hand gesture recognition PROJECT PPT.pptx
 
The Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdf
The Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdfThe Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdf
The Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdf
 
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
 
How To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected WorkerHow To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected Worker
 
Software Quality Assurance Interview Questions
Software Quality Assurance Interview QuestionsSoftware Quality Assurance Interview Questions
Software Quality Assurance Interview Questions
 
What is Binary Language? Computer Number Systems
What is Binary Language? Computer Number SystemsWhat is Binary Language? Computer Number Systems
What is Binary Language? Computer Number Systems
 
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
 
Cloud Management Software Platforms: OpenStack
Cloud Management Software Platforms: OpenStackCloud Management Software Platforms: OpenStack
Cloud Management Software Platforms: OpenStack
 
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
 
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
 
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsUnveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
 
TECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providerTECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service provider
 
Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS LiveVip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
 
The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdfThe Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
 
Right Money Management App For Your Financial Goals
Right Money Management App For Your Financial GoalsRight Money Management App For Your Financial Goals
Right Money Management App For Your Financial Goals
 
Professional Resume Template for Software Developers
Professional Resume Template for Software DevelopersProfessional Resume Template for Software Developers
Professional Resume Template for Software Developers
 
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
 
Exploring iOS App Development: Simplifying the Process
Exploring iOS App Development: Simplifying the ProcessExploring iOS App Development: Simplifying the Process
Exploring iOS App Development: Simplifying the Process
 

Automated Server Administration for DevSecOps

  • 1. VSHN - The DevOps Company Automated Server Administration for DevSecOps Aarno Aukia, CTO @ VSHN - The DevOps Company DevSecOps Forum 12.3.2019
  • 2. VSHN - The DevOps Company ● Who is Aarno and VSHN - The DevOps Company ? ● Managing 1200 servers ○ Challenges ○ Our implementation & user interface ○ Demo ○ Lessons learned 22 Agenda
  • 3. VSHN - The DevOps Company @aarnoaukia http://about.me/aarno aarno.aukia@vshn.ch ETH → Google → Atrila → VSHN VSHN - The DevOps Company Since 2014, currently 35 VSHNeers in Zürich, Switzerland Helping Developers run applications on any infrastructure making both visitors happy with stability and developers happy with agility 33 About Aarno & VSHN.ch
  • 4. VSHN - The DevOps Company 5 Operations = Firefighting-as-a-Service ? 5
  • 5. VSHN - The DevOps Company Capability Maturity Model Integration (CMMI) 66 Operations 2014 How to get to this level?
  • 6. VSHN - The DevOps Company DevOps: CMMI Level 5: People, Processes & Tools 77
  • 7. VSHN - The DevOps Company ● Interface Dev <-> Ops ○ DevOps, CI/CD, Containers, etc ● Interface Ops <-> Infra ○ Hypervisors, APIs, Metrics, etc ● Manage VMs on any infrastructure ● Service Monitoring, Alerting, Metrics, Logs ● Updates, Backups, Configuration Management 88 VSHN Managed Service
  • 8. VSHN - The DevOps Company ● you don’t like proper (software) release management ○ or else you’ll be in dependency hell with 200 modules in 200 environments ● you practice “don’t touch a running system” ○ you’ll be updating all servers all the time - both good and bad ● standardizing/optimizing ○ no more handcrafted snowflake pets, lots and lots of cattle ● you don’t actively develop monitoring/checks ○ or else you’ll get alert fatigue from noisy checks 99 Don’t do automatic server management if...
  • 9. VSHN - The DevOps Company ● Web-based self-service for customers ● CRUD server definitions -> CMDB 1010 VSHN Control Panel
  • 10. VSHN - The DevOps Company 11 Demo 11
  • 11. VSHN - The DevOps Company 1212 Infrastructure as Code Single source of truth: Configuration YAML in GIT --- classes: - profile_certificates - profile_webhosting packages: - nagios-plugins-wordpress - nagios-plugins-wordpress-config profile_php::php_settings: date.timezone: 'Europe/Zurich' acmetool::use_production_endpoint: true profile_php::php_version: '7.0' profile_php::extensions: - mysql - gd - mbstring - curl profile_icinga2::hiera_services: check_wordpress_dev: check_command: 'wordpress_updates' display_name: 'Wordpress Updates test.vshn.net' vars: wordpress_instance: 'vshn_dev' wordpress_db_name: 'vshn_dev' wordpress_db_user: 'vshn_dev' wordpress_db_pass: 'replaced' check_wordpress_prod: check_command: 'wordpress_updates' display_name: 'Wordpress Updates vshn.net' vars: wordpress_instance: 'vshn_prod' wordpress_db_name: 'vshn_prod' wordpress_db_user: 'vshn_prod' wordpress_db_pass: 'replaced' profile_mariadb::db_root_pw: 'replaced' profile_webhosting::sites: vshn_dev: stack_type: 'php' db_type: 'mariadb' db_password: 'replaced' php_admin_values: memory_limit: '300M' post_max_size: '20M' upload_max_filesize: '20M' manage_tls: letsencrypt
  • 12. VSHN - The DevOps Company ● who ● when ● what ● tests successful? ● why 1313 GIT: changelog
  • 13. VSHN - The DevOps Company 1414 Logic # https check if $manage_tls and $manage_tls != 'false' { ::profile_icinga2::resources::check { "${name}_nginx-${main_domain}-https": check_command => 'http', display_name => "nginx https ${name}", check_zone => $monitoring_check_zone, notes => 'https check on port 443, supports authentication and URI', notes_url => 'http', production_level => $monitoring_production_level, vars => merge({ 'http_address' => $::fqdn, 'http_vhost' => $main_domain, 'http_ssl' => true, 'http_uri' => $monitor_path, 'http_sni' => true, }, $_auth_var, $monitor_extra_check_vars), } } # https certificate check if ($manage_tls and $manage_tls != 'false' and $manage_tls != 'snakeoil') { if $manage_tls == 'trusted' { $_days = 30 } else { $_days = 20 } ::profile_icinga2::resources::check { "${name}_nginx-${main_domain}-certificate": check_command => 'http', display_name => "nginx certificate ${main_domain}", notes => "https certificate check, checks days (${_days}) left until expire", notes_url => 'https_certificate', production_level => $monitoring_production_level, check_interval => '2h', vars => { 'http_address' => $::fqdn, 'http_vhost' => $main_domain, 'http_tls' => true, 'http_certificate' => $_days, 'http_sni' => true, }, } } } e.g. automatically monitor all HTTPS sites & certificates
  • 14. VSHN - The DevOps Company ● Trade-off between multi-tenancy (separation of customers/environments) and common code base development -> Tools & Software-Release-Processes (e.g. https://github.com/vshn/crmngr) ● Monitoring & Backup by default: value > cost ● Hierarchical CMDB: configuration for policy groups ● Staged/canary rollouts (e.g. for intrusive things like firewall changes) ● Local tests (pacco: puppet-in-docker-in-vagrant: https://github.com/vshn/puppet-in-docker) ● Good and robust process for regular & frequent updates 1515 Lessons learned
  • 15. Come visit us for a coffee! VSHN AG - Neugasse 10 - CH-8005 Zürich - +41 44 545 53 00 - https://vshn.ch/ - info@vshn.ch https://vshn.ch/kontakt/ Follow us on Twitter! @vshn_ch 16