Presentation made at DrupalGov Canberra 2014 where I talked about how the Heartbleed OpenSSL vulnerability affected our systems and the path we took to patching the vulnerability.
2. This session
1. Hearbleed case study
2. Q & A with:
• Tim Hilliard (Cloud Eng)
• Adam Malone (Support)
• Chris O’Neill (Support)
• Phil Ingrim (Ops)
14. Support
11:52:32 Adam Malone: hi QQ opes, I here ther is a
heartbloom security issue with ssh. Is this being treated
with high urgencies (p1) we need to escalade this if
possible
18. Rollout
We did not fail over EIPs to passive balancers when
upgrading Nginx.
!
Failing over an EIP leaves the IP disassociated for up to about
3 minutes. Upgrading Nginx in place takes as long as it takes
to restart Nginx. So a matter of seconds.
!
Linux package management ++
35. Q & A
• Tim Hilliard (@big_bear84) (d.o./u/timhilliard)
• Phil Ingrim (he’s in ops so doesn’t have ANY social media)
• Chris O’Neill (@cjoneill)
• Adam Malone (@adammalone) (d.o/u/typhonius)