SlideShare a Scribd company logo

Coding Secure Infrastructure in the Cloud using the PIE framework

James Wickett
James Wickett

At National Instruments, we have developed an automation and provisioning framework called PIE (Programmable Infrastructure Environment) that we use daily on our devops team. Similar tools are available such as chef or puppet, but what makes PIE unique is its ability to work in multi-cloud deployments (Azure and AWS) along with multiple node OS types (linux and windows). It uses zookeeper to keep state and track dependencies across nodes and services. When building PIE we actively considered how to implement it in a Rugged way for a DevOps team. As noted in the deck on slide 68, we are Rugged by Design and Devops by Culture. We see these as intersecting domains that have the ability to impact each other. For more info see ruggeddevops.org

TechnologyBusiness
1 of 72
Download to read offline
Coding Secure Infrastructure in the Cloud using the PIE framework Peco Karayanev James Wickett
@wickett • Operations and Security for software delivered on the cloud • National Instruments, R&D • Certs: CISSP, GSEC, GCFW, CCSK • Tags: OWASP, Cloud, DevOps, Ruby • Blogger at theagileadmin.com • I do stuff for LASCON (http://lascon.org) • Twitter: @wickett
@bproverb • Peco Karayanev • OpNet, Senior Applications Engineer • Tags: APM, Java, DevOps, Big Data • Blogger at theagileadmin.com • Twitter: @bproverb
About OPNET Technologies, Inc. Corporate Overview • Founded in 1986 • Publicly traded (NASDAQ: OPNT) • HQ in Bethesda, MD • 600 employees • Worldwide presence through direct offices and channel partners Best-in-Class Solutions and Services • Application Performance Management • Network Performance Management Strong Financial Track Record • Long history of profitability • Annual revenue: $140M • 25% of revenue re-invested in R&D test Broad Customer Base • Corporate Enterprises • Government Agencies • Network Service Providers OPNET Confidential – Not for release to third parties 4 © 2011 OPNET Technologies, Inc. All rights reserved. OPNET and OPNET product names are trademarks of OPNET Technologies, Inc. Rev. 04-01-2011
National Instruments • 30 years old; 5000+ employees around the world, half in Austin, mostly engineers; $873M in 2010 • Hardware and software for data acquisition, embedded design, instrument control, and test • LabVIEW is our graphical dataflow programming language used by scientists and engineers in many fields
From toys to black holes
Cloud @ NI We built a DevOps team to rapidly deliver new SaaS products and product functionality using cloud hosting and services (IaaS, PaaS, SaaS) as the platform and operations, using model driven automation, as a key differentiating element. With this approach we have delivered multiple major products to market quickly with a very small staffing and financial outlay.
NI’s Cloud Products • LabVIEW Web UI Builder • FPGA Compile Cloud • more to come...
ni.com/uibuilder
FPGA Compile Cloud • LabVIEW FPGA compiles take hours and consume extensive system resources; compilers are getting larger and more complex • Implemented on Amazon - EC2, Java/Linux,C#/.NET/Windows, and LabVIEW FPGA • Also an on premise product, the “Compile Farm”
Our design tools are primitive
Our operation tools are primitive
Our system engineering challenges are greater < year 2000 the modern era
If you want to build a ship, don't drum up people together to collect wood and don't assign them tasks and work, but rather teach them to long for the endless immensity of the sea - Antoine Jean-Baptiste Marie Roger de Saint Exupéry
The vision
What is Rugged?
Adversity fueled innovation • NASA in Space • Military hard drives • ATMs in Europe
The Internets is Mean • Latency • Distribution • Anonymity • Varied protocols • People
Systems are complex • “How Complex Systems Fail” • Failure at multiple layers • Synonyms in other industries • Defense in Depth
Software needs to meet adversity
Intro to Rugged by analogy
Current Software
Rugged Software
Current Software
Rugged Software
Current Software
Rugged Software
Current Software
Rugged Software
Current Software
Rugged Software
Current Software
Rugged Software
Rugged Software Manifesto
I am rugged... and more importantly, my code is rugged.
I recognize that software has become a foundation of our modern world.
I recognize the awesome responsibility that comes with this foundational role.
I recognize that my code will be used in ways I cannot anticipate, in ways it was not designed, and for longer than it was ever intended.
I recognize that my code will be attacked by talented and persistent adversaries who threaten our physical, economic, and national security.
I recognize these things - and I choose to be rugged.
I am rugged because I refuse to be a source of vulnerability or weakness.
I am rugged because I assure my code will support its mission.
I am rugged because my code can face these challenges and persist in spite of them.
I am rugged, not because it is easy, but because it is necessary... and I am up for the challenge.
Qualities of Rugged Software • Availability - Speed and performance • Longevity, Long-standing, persistent - Time • Scalable, Portable • Maintainable and Defensible - Topology Map • Resilient in the face of failures • Reliable - Time, Load
Security vs. Rugged • Absence of • Verification of Events quality • Cost • Benefit • Negative • Positive • FUD • Known values • Toxic • Affirming
DevOps
It’s not our problem anymore
DevOps is not just making the wall shorter before after
-Alex Honor, dev2ops
Programmable Infrastructure Environment
The PIE vision
People that built PIE Peco Karayanev crazy to dream up PIE and foolish to try to build it Ernest Mueller godfather and proponent of DevOps in PIE James Wickett chief evangelist of PIE Michael Truchard ensuring PIE is as much for dev as it is for ops William Hackett evolving PIE from hackery to legit software. Karthik Gaekwad reminding PIE to KISS Kar Meng Chow ensuring PIE is a tool for daily ops Mohd Hafiz Ramly boldly taking PIE to new heights John Hill herding the PIE cats
What is PIE? • a a framework to define, provision, monitor, and control cloud-based systems • written in Java, uses SSH as transport, currently supports Amazon AWS (Linux and Windows) and MS Azure • takes an XML-based model from source control and creates a full running system • to define, provision, monitor, and control cloud-based systems
What do we like about PIE? • Collaborative system design and development • Automation for building, provisioning and controlling cloud systems • From source to running multi- tier cloud system in minutes • Infrastructure as code
What do we use PIE for • Provisioning cloud instances • Creating new environments • Deploying & configuring software • Deploying & configuring applications • Backups • Log aggregation • Auto-scaling roles based on demand • Running tests • Continuous integration • Release workflows • Auditing cloud resource usage • Integrating with revision control & software build
can we do better?
Security features and use cases • Increase the visibility and auditability of the system • Track dependencies and what code is deployed where • Diff versions of the system and see changes • Role based auth for operators • No manual steps • Passwords able to be changed with a few PIE commands • Keys out of the model • Ports and user/pass changes • App Config • Audit / Running state vs. model diff
Architecture o Document based Architecture Definition Language o Command orchestration,dispatch and execution engine o Runtime Registry o Command Line Interface
ADL (Architecture Definition Language) • Structural model of the system described in XML documents. • 4 Level Hierarchy - System,SubSystem,Role,Service
ADL (continued) Each entity is defined in XML and holds meta-data about resources and commands.
Command Execution & Orchestration • The execution engine can dispatch and execute commands to remote machines. • More complex workflows can be created from simple commands. • Commands can be overloaded in different model components.
Runtime Registry & Name Service • The Runtime registry tracks the state and dependencies • The Name service keeps a namespace for instances.
Command Line Interface Example full command line invocation: Target Query string explained:
Demo • On Azure o Provision an environment. o Deploy an app and test. o Update the model and turn off port 80. o Redeploy and test the app. o De-provision the environment.
Rugged DevOps Results • repeatable – no manual errors • reviewable – model in source control • rapid – bring up, install, configure, and test dozens of systems in a morning • resilient – automated reconfiguration to swap servers (throw away infrastructure) • rugged by design devops by culture
Roadmap • Open Source • More security workflows • Azure data management workflows • Add support for external keystores • ADL and model usability features • Port AWS functionality to 2.0 version • New shiny distributed orchestration engine • Add user auth through LDAP or other repos • IDE to simplify design • More powerful script engine
PIE now and future (now) (28 years later)
Recommended Reading
Want the slides? send me a tweet @wickett

Recommended

Finding and Organizing a Great Cloud Foundry User Group
Finding and Organizing a Great Cloud Foundry User GroupFinding and Organizing a Great Cloud Foundry User Group
Finding and Organizing a Great Cloud Foundry User GroupDaniel Krook
 
From ci to cd
From ci to cdFrom ci to cd
From ci to cdHenri Gomez
 
Calculating the Savings of Moving Your Drupal Site to the Cloud
Calculating the Savings of Moving Your Drupal Site to the CloudCalculating the Savings of Moving Your Drupal Site to the Cloud
Calculating the Savings of Moving Your Drupal Site to the CloudAcquia
 
Managing and Monitoring Virtual/Cloud/Physical Infrastructures
Managing and Monitoring Virtual/Cloud/Physical InfrastructuresManaging and Monitoring Virtual/Cloud/Physical Infrastructures
Managing and Monitoring Virtual/Cloud/Physical InfrastructuresJohnnie Burke-Gaffney
 
Monitoring Cloud/Virtual/Physical IT Infrastructures
Monitoring Cloud/Virtual/Physical IT InfrastructuresMonitoring Cloud/Virtual/Physical IT Infrastructures
Monitoring Cloud/Virtual/Physical IT InfrastructuresJohnnie Burke-Gaffney
 
DevNet @TAG - Spark & Tropo APIs - Milan/Rome May 2016
DevNet @TAG - Spark & Tropo APIs - Milan/Rome May 2016DevNet @TAG - Spark & Tropo APIs - Milan/Rome May 2016
DevNet @TAG - Spark & Tropo APIs - Milan/Rome May 2016Cisco DevNet
 
SoCal DevOps Meetup 1/26/2017 - Habitat by Chef
SoCal DevOps Meetup 1/26/2017 - Habitat by ChefSoCal DevOps Meetup 1/26/2017 - Habitat by Chef
SoCal DevOps Meetup 1/26/2017 - Habitat by ChefTrevor Hess
 
From ci to cd - LavaJug 2012
From ci to cd - LavaJug 2012From ci to cd - LavaJug 2012
From ci to cd - LavaJug 2012Henri Gomez
 

Recommended

Finding and Organizing a Great Cloud Foundry User Group
Finding and Organizing a Great Cloud Foundry User GroupFinding and Organizing a Great Cloud Foundry User Group
Finding and Organizing a Great Cloud Foundry User GroupDaniel Krook
 
From ci to cd
From ci to cdFrom ci to cd
From ci to cdHenri Gomez
 
Calculating the Savings of Moving Your Drupal Site to the Cloud
Calculating the Savings of Moving Your Drupal Site to the CloudCalculating the Savings of Moving Your Drupal Site to the Cloud
Calculating the Savings of Moving Your Drupal Site to the CloudAcquia
 
Managing and Monitoring Virtual/Cloud/Physical Infrastructures
Managing and Monitoring Virtual/Cloud/Physical InfrastructuresManaging and Monitoring Virtual/Cloud/Physical Infrastructures
Managing and Monitoring Virtual/Cloud/Physical InfrastructuresJohnnie Burke-Gaffney
 
Monitoring Cloud/Virtual/Physical IT Infrastructures
Monitoring Cloud/Virtual/Physical IT InfrastructuresMonitoring Cloud/Virtual/Physical IT Infrastructures
Monitoring Cloud/Virtual/Physical IT InfrastructuresJohnnie Burke-Gaffney
 
DevNet @TAG - Spark & Tropo APIs - Milan/Rome May 2016
DevNet @TAG - Spark & Tropo APIs - Milan/Rome May 2016DevNet @TAG - Spark & Tropo APIs - Milan/Rome May 2016
DevNet @TAG - Spark & Tropo APIs - Milan/Rome May 2016Cisco DevNet
 
SoCal DevOps Meetup 1/26/2017 - Habitat by Chef
SoCal DevOps Meetup 1/26/2017 - Habitat by ChefSoCal DevOps Meetup 1/26/2017 - Habitat by Chef
SoCal DevOps Meetup 1/26/2017 - Habitat by ChefTrevor Hess
 
From ci to cd - LavaJug 2012
From ci to cd - LavaJug 2012From ci to cd - LavaJug 2012
From ci to cd - LavaJug 2012Henri Gomez
 
Refactoring Organizations - A Netflix Study (QCon NYC 2017)
Refactoring Organizations - A Netflix Study (QCon NYC 2017)Refactoring Organizations - A Netflix Study (QCon NYC 2017)
Refactoring Organizations - A Netflix Study (QCon NYC 2017)Josh Evans
 
DevOps and Decoys How to Build a Successful Microsoft DevOps Including the Data
DevOps and Decoys How to Build a Successful Microsoft DevOps Including the DataDevOps and Decoys How to Build a Successful Microsoft DevOps Including the Data
DevOps and Decoys How to Build a Successful Microsoft DevOps Including the DataKellyn Pot'Vin-Gorman
 
New DevOps for the DBA
New DevOps for the DBANew DevOps for the DBA
New DevOps for the DBAKellyn Pot'Vin-Gorman
 
DevOps in an Embedded and Regulated Environment
DevOps in an Embedded and Regulated EnvironmentDevOps in an Embedded and Regulated Environment
DevOps in an Embedded and Regulated EnvironmentTechWell
 
DevOps and Cloud Tips and Techniques to Revolutionize Your SDLC
DevOps and Cloud Tips and Techniques to Revolutionize Your SDLCDevOps and Cloud Tips and Techniques to Revolutionize Your SDLC
DevOps and Cloud Tips and Techniques to Revolutionize Your SDLCCA Technologies
 
Migrate Oracle WebLogic Applications onto a Containerized Cloud Data Center
Migrate Oracle WebLogic Applications onto a Containerized Cloud Data CenterMigrate Oracle WebLogic Applications onto a Containerized Cloud Data Center
Migrate Oracle WebLogic Applications onto a Containerized Cloud Data CenterJingnan Zhou
 
Software Security for Project Managers: What Do You Need To Know?
Software Security for Project Managers: What Do You Need To Know?Software Security for Project Managers: What Do You Need To Know?
Software Security for Project Managers: What Do You Need To Know?Denim Group
 
[Rakuten TechConf2014] [C-5] Ichiba Architecture on ExaLogic
[Rakuten TechConf2014] [C-5] Ichiba Architecture on ExaLogic[Rakuten TechConf2014] [C-5] Ichiba Architecture on ExaLogic
[Rakuten TechConf2014] [C-5] Ichiba Architecture on ExaLogicRakuten Group, Inc.
 
Vulnerability Management In An Application Security World
Vulnerability Management In An Application Security WorldVulnerability Management In An Application Security World
Vulnerability Management In An Application Security WorldDenim Group
 
The parallel universes of DevOps and cloud developers
The parallel universes of DevOps and cloud developersThe parallel universes of DevOps and cloud developers
The parallel universes of DevOps and cloud developersDonnie Berkholz
 
ITLCHN 18 - Automation & DevOps - Automic
ITLCHN 18 - Automation & DevOps - AutomicITLCHN 18 - Automation & DevOps - Automic
ITLCHN 18 - Automation & DevOps - AutomicIT Expert Club
 
DevOps for Network Engineers
DevOps for Network EngineersDevOps for Network Engineers
DevOps for Network Engineersstefan vallin
 
DevOps in the Cloud
DevOps in the CloudDevOps in the Cloud
DevOps in the CloudEran Stiller
 
DevOps in an Embedded World
DevOps in an Embedded WorldDevOps in an Embedded World
DevOps in an Embedded WorldSajeewa Dayaratne
 
Mastering DevOps with Oracle
Mastering DevOps with Oracle Mastering DevOps with Oracle
Mastering DevOps with Oracle jeckels
 
Staying Secure When Moving to the Cloud - Dave Millier
Staying Secure When Moving to the Cloud - Dave MillierStaying Secure When Moving to the Cloud - Dave Millier
Staying Secure When Moving to the Cloud - Dave MillierTriNimbus
 
The Magic of Symbiotic Security
The Magic of Symbiotic SecurityThe Magic of Symbiotic Security
The Magic of Symbiotic SecurityDenim Group
 
Cloud With DevOps Enabling Rapid Business Development
Cloud With DevOps Enabling Rapid Business DevelopmentCloud With DevOps Enabling Rapid Business Development
Cloud With DevOps Enabling Rapid Business DevelopmentSam Garforth
 
DevOps, CI, APIs, Oh My! - Texas Linux Fest 2012
DevOps, CI, APIs, Oh My! - Texas Linux Fest 2012DevOps, CI, APIs, Oh My! - Texas Linux Fest 2012
DevOps, CI, APIs, Oh My! - Texas Linux Fest 2012Matt Tesauro
 
DevOps and Cloud
DevOps and CloudDevOps and Cloud
DevOps and CloudFernando Honig
 
Adversity: Good for software
Adversity: Good for softwareAdversity: Good for software
Adversity: Good for softwareJames Wickett
 
Be Mean to Your Code
Be Mean to Your CodeBe Mean to Your Code
Be Mean to Your CodeJames Wickett
 

More Related Content

What's hot

Refactoring Organizations - A Netflix Study (QCon NYC 2017)
Refactoring Organizations - A Netflix Study (QCon NYC 2017)Refactoring Organizations - A Netflix Study (QCon NYC 2017)
Refactoring Organizations - A Netflix Study (QCon NYC 2017)Josh Evans
 
DevOps and Decoys How to Build a Successful Microsoft DevOps Including the Data
DevOps and Decoys How to Build a Successful Microsoft DevOps Including the DataDevOps and Decoys How to Build a Successful Microsoft DevOps Including the Data
DevOps and Decoys How to Build a Successful Microsoft DevOps Including the DataKellyn Pot'Vin-Gorman
 
DevOps in an Embedded and Regulated Environment
DevOps in an Embedded and Regulated EnvironmentDevOps in an Embedded and Regulated Environment
DevOps in an Embedded and Regulated EnvironmentTechWell
 
DevOps and Cloud Tips and Techniques to Revolutionize Your SDLC
DevOps and Cloud Tips and Techniques to Revolutionize Your SDLCDevOps and Cloud Tips and Techniques to Revolutionize Your SDLC
DevOps and Cloud Tips and Techniques to Revolutionize Your SDLCCA Technologies
 
Migrate Oracle WebLogic Applications onto a Containerized Cloud Data Center
Migrate Oracle WebLogic Applications onto a Containerized Cloud Data CenterMigrate Oracle WebLogic Applications onto a Containerized Cloud Data Center
Migrate Oracle WebLogic Applications onto a Containerized Cloud Data CenterJingnan Zhou
 
Software Security for Project Managers: What Do You Need To Know?
Software Security for Project Managers: What Do You Need To Know?Software Security for Project Managers: What Do You Need To Know?
Software Security for Project Managers: What Do You Need To Know?Denim Group
 
[Rakuten TechConf2014] [C-5] Ichiba Architecture on ExaLogic
[Rakuten TechConf2014] [C-5] Ichiba Architecture on ExaLogic[Rakuten TechConf2014] [C-5] Ichiba Architecture on ExaLogic
[Rakuten TechConf2014] [C-5] Ichiba Architecture on ExaLogicRakuten Group, Inc.
 
Vulnerability Management In An Application Security World
Vulnerability Management In An Application Security WorldVulnerability Management In An Application Security World
Vulnerability Management In An Application Security WorldDenim Group
 
The parallel universes of DevOps and cloud developers
The parallel universes of DevOps and cloud developersThe parallel universes of DevOps and cloud developers
The parallel universes of DevOps and cloud developersDonnie Berkholz
 
ITLCHN 18 - Automation & DevOps - Automic
ITLCHN 18 - Automation & DevOps - AutomicITLCHN 18 - Automation & DevOps - Automic
ITLCHN 18 - Automation & DevOps - AutomicIT Expert Club
 
DevOps for Network Engineers
DevOps for Network EngineersDevOps for Network Engineers
DevOps for Network Engineersstefan vallin
 
DevOps in the Cloud
DevOps in the CloudDevOps in the Cloud
DevOps in the CloudEran Stiller
 
Mastering DevOps with Oracle
Mastering DevOps with Oracle Mastering DevOps with Oracle
Mastering DevOps with Oracle jeckels
 
Staying Secure When Moving to the Cloud - Dave Millier
Staying Secure When Moving to the Cloud - Dave MillierStaying Secure When Moving to the Cloud - Dave Millier
Staying Secure When Moving to the Cloud - Dave MillierTriNimbus
 
The Magic of Symbiotic Security
The Magic of Symbiotic SecurityThe Magic of Symbiotic Security
The Magic of Symbiotic SecurityDenim Group
 
Cloud With DevOps Enabling Rapid Business Development
Cloud With DevOps Enabling Rapid Business DevelopmentCloud With DevOps Enabling Rapid Business Development
Cloud With DevOps Enabling Rapid Business DevelopmentSam Garforth
 
DevOps, CI, APIs, Oh My! - Texas Linux Fest 2012
DevOps, CI, APIs, Oh My! - Texas Linux Fest 2012DevOps, CI, APIs, Oh My! - Texas Linux Fest 2012
DevOps, CI, APIs, Oh My! - Texas Linux Fest 2012Matt Tesauro
 

What's hot (20)

Refactoring Organizations - A Netflix Study (QCon NYC 2017)
Refactoring Organizations - A Netflix Study (QCon NYC 2017)Refactoring Organizations - A Netflix Study (QCon NYC 2017)
Refactoring Organizations - A Netflix Study (QCon NYC 2017)
 
DevOps and Decoys How to Build a Successful Microsoft DevOps Including the Data
DevOps and Decoys How to Build a Successful Microsoft DevOps Including the DataDevOps and Decoys How to Build a Successful Microsoft DevOps Including the Data
DevOps and Decoys How to Build a Successful Microsoft DevOps Including the Data
 
New DevOps for the DBA
New DevOps for the DBANew DevOps for the DBA
New DevOps for the DBA
 
DevOps in an Embedded and Regulated Environment
DevOps in an Embedded and Regulated EnvironmentDevOps in an Embedded and Regulated Environment
DevOps in an Embedded and Regulated Environment
 
DevOps and Cloud Tips and Techniques to Revolutionize Your SDLC
DevOps and Cloud Tips and Techniques to Revolutionize Your SDLCDevOps and Cloud Tips and Techniques to Revolutionize Your SDLC
DevOps and Cloud Tips and Techniques to Revolutionize Your SDLC
 
Migrate Oracle WebLogic Applications onto a Containerized Cloud Data Center
Migrate Oracle WebLogic Applications onto a Containerized Cloud Data CenterMigrate Oracle WebLogic Applications onto a Containerized Cloud Data Center
Migrate Oracle WebLogic Applications onto a Containerized Cloud Data Center
 
Software Security for Project Managers: What Do You Need To Know?
Software Security for Project Managers: What Do You Need To Know?Software Security for Project Managers: What Do You Need To Know?
Software Security for Project Managers: What Do You Need To Know?
 
[Rakuten TechConf2014] [C-5] Ichiba Architecture on ExaLogic
[Rakuten TechConf2014] [C-5] Ichiba Architecture on ExaLogic[Rakuten TechConf2014] [C-5] Ichiba Architecture on ExaLogic
[Rakuten TechConf2014] [C-5] Ichiba Architecture on ExaLogic
 
Vulnerability Management In An Application Security World
Vulnerability Management In An Application Security WorldVulnerability Management In An Application Security World
Vulnerability Management In An Application Security World
 
The parallel universes of DevOps and cloud developers
The parallel universes of DevOps and cloud developersThe parallel universes of DevOps and cloud developers
The parallel universes of DevOps and cloud developers
 
ITLCHN 18 - Automation & DevOps - Automic
ITLCHN 18 - Automation & DevOps - AutomicITLCHN 18 - Automation & DevOps - Automic
ITLCHN 18 - Automation & DevOps - Automic
 
DevOps for Network Engineers
DevOps for Network EngineersDevOps for Network Engineers
DevOps for Network Engineers
 
DevOps in the Cloud
DevOps in the CloudDevOps in the Cloud
DevOps in the Cloud
 
DevOps in an Embedded World
DevOps in an Embedded WorldDevOps in an Embedded World
DevOps in an Embedded World
 
Mastering DevOps with Oracle
Mastering DevOps with Oracle Mastering DevOps with Oracle
Mastering DevOps with Oracle
 
Staying Secure When Moving to the Cloud - Dave Millier
Staying Secure When Moving to the Cloud - Dave MillierStaying Secure When Moving to the Cloud - Dave Millier
Staying Secure When Moving to the Cloud - Dave Millier
 
The Magic of Symbiotic Security
The Magic of Symbiotic SecurityThe Magic of Symbiotic Security
The Magic of Symbiotic Security
 
Cloud With DevOps Enabling Rapid Business Development
Cloud With DevOps Enabling Rapid Business DevelopmentCloud With DevOps Enabling Rapid Business Development
Cloud With DevOps Enabling Rapid Business Development
 
DevOps, CI, APIs, Oh My! - Texas Linux Fest 2012
DevOps, CI, APIs, Oh My! - Texas Linux Fest 2012DevOps, CI, APIs, Oh My! - Texas Linux Fest 2012
DevOps, CI, APIs, Oh My! - Texas Linux Fest 2012
 
DevOps and Cloud
DevOps and CloudDevOps and Cloud
DevOps and Cloud
 

Viewers also liked

Adversity: Good for software
Adversity: Good for softwareAdversity: Good for software
Adversity: Good for softwareJames Wickett
 
Be Mean to Your Code
Be Mean to Your CodeBe Mean to Your Code
Be Mean to Your CodeJames Wickett
 
Brining Harmony between Dev and Ops and Security Teams using Gauntlt at ISC2 ...
Brining Harmony between Dev and Ops and Security Teams using Gauntlt at ISC2 ...Brining Harmony between Dev and Ops and Security Teams using Gauntlt at ISC2 ...
Brining Harmony between Dev and Ops and Security Teams using Gauntlt at ISC2 ...James Wickett
 
How to Effect Change in the Epistemological Wasteland of Application Security
How to Effect Change in the Epistemological Wasteland of Application SecurityHow to Effect Change in the Epistemological Wasteland of Application Security
How to Effect Change in the Epistemological Wasteland of Application SecurityJames Wickett
 
Dev Tooling for your Technohipster Startup using aws, docker, tmux, vim & ope...
Dev Tooling for your Technohipster Startup using aws, docker, tmux, vim & ope...Dev Tooling for your Technohipster Startup using aws, docker, tmux, vim & ope...
Dev Tooling for your Technohipster Startup using aws, docker, tmux, vim & ope...James Wickett
 
DevOps for the Discouraged
DevOps for the Discouraged DevOps for the Discouraged
DevOps for the Discouraged James Wickett
 
New Farming Methods in the Epistemological Wasteland of Application Security
New Farming Methods in the Epistemological Wasteland of Application SecurityNew Farming Methods in the Epistemological Wasteland of Application Security
New Farming Methods in the Epistemological Wasteland of Application SecurityJames Wickett
 
Serverless Security: Are you ready for the Future?
Serverless Security: Are you ready for the Future?Serverless Security: Are you ready for the Future?
Serverless Security: Are you ready for the Future?James Wickett
 
Tyranny of the SLA
Tyranny of the SLATyranny of the SLA
Tyranny of the SLAJ. Paul Reed
 

Viewers also liked (10)

Adversity: Good for software
Adversity: Good for softwareAdversity: Good for software
Adversity: Good for software
 
Be Mean to Your Code
Be Mean to Your CodeBe Mean to Your Code
Be Mean to Your Code
 
Brining Harmony between Dev and Ops and Security Teams using Gauntlt at ISC2 ...
Brining Harmony between Dev and Ops and Security Teams using Gauntlt at ISC2 ...Brining Harmony between Dev and Ops and Security Teams using Gauntlt at ISC2 ...
Brining Harmony between Dev and Ops and Security Teams using Gauntlt at ISC2 ...
 
Why Land-PIE
Why Land-PIEWhy Land-PIE
Why Land-PIE
 
How to Effect Change in the Epistemological Wasteland of Application Security
How to Effect Change in the Epistemological Wasteland of Application SecurityHow to Effect Change in the Epistemological Wasteland of Application Security
How to Effect Change in the Epistemological Wasteland of Application Security
 
Dev Tooling for your Technohipster Startup using aws, docker, tmux, vim & ope...
Dev Tooling for your Technohipster Startup using aws, docker, tmux, vim & ope...Dev Tooling for your Technohipster Startup using aws, docker, tmux, vim & ope...
Dev Tooling for your Technohipster Startup using aws, docker, tmux, vim & ope...
 
DevOps for the Discouraged
DevOps for the Discouraged DevOps for the Discouraged
DevOps for the Discouraged
 
New Farming Methods in the Epistemological Wasteland of Application Security
New Farming Methods in the Epistemological Wasteland of Application SecurityNew Farming Methods in the Epistemological Wasteland of Application Security
New Farming Methods in the Epistemological Wasteland of Application Security
 
Serverless Security: Are you ready for the Future?
Serverless Security: Are you ready for the Future?Serverless Security: Are you ready for the Future?
Serverless Security: Are you ready for the Future?
 
Tyranny of the SLA
Tyranny of the SLATyranny of the SLA
Tyranny of the SLA
 

Similar to Coding Secure Infrastructure in the Cloud using the PIE framework

Customer Sharing: Trend Micro - Trend Micro's DevOps Practices
Customer Sharing: Trend Micro - Trend Micro's DevOps Practices Customer Sharing: Trend Micro - Trend Micro's DevOps Practices
Customer Sharing: Trend Micro - Trend Micro's DevOps Practices Amazon Web Services
 
Business and IT agility through DevOps and microservice architecture powered ...
Business and IT agility through DevOps and microservice architecture powered ...Business and IT agility through DevOps and microservice architecture powered ...
Business and IT agility through DevOps and microservice architecture powered ...Lucas Jellema
 
Application Delivery Patterns for Developers - Technical 401
Application Delivery Patterns for Developers - Technical 401Application Delivery Patterns for Developers - Technical 401
Application Delivery Patterns for Developers - Technical 401Amazon Web Services
 
Webinar: How and Why to Containerize Your Legacy Applications
Webinar: How and Why to Containerize Your Legacy ApplicationsWebinar: How and Why to Containerize Your Legacy Applications
Webinar: How and Why to Containerize Your Legacy ApplicationsStorage Switzerland
 
Keynote from Cloud Expo West, November 2010
Keynote from Cloud Expo West, November 2010Keynote from Cloud Expo West, November 2010
Keynote from Cloud Expo West, November 2010Mohamad Afshar
 
Securing the Cloud Native stack
Securing the Cloud Native stackSecuring the Cloud Native stack
Securing the Cloud Native stackHector Tapia
 
Securing the Cloud Native Stack
Securing the Cloud Native StackSecuring the Cloud Native Stack
Securing the Cloud Native StackApcera
 
Docker for Ops: Operationalize your Docker Built Apps in Production by Evan H...
Docker for Ops: Operationalize your Docker Built Apps in Production by Evan H...Docker for Ops: Operationalize your Docker Built Apps in Production by Evan H...
Docker for Ops: Operationalize your Docker Built Apps in Production by Evan H...Docker, Inc.
 
DevOps and Microservice
DevOps and MicroserviceDevOps and Microservice
DevOps and MicroserviceInho Kang
 
Cloud Foundry Technical Overview at IBM Interconnect 2016
Cloud Foundry Technical Overview at IBM Interconnect 2016Cloud Foundry Technical Overview at IBM Interconnect 2016
Cloud Foundry Technical Overview at IBM Interconnect 2016Stormy Peters
 
Turning up-the-heat
Turning up-the-heatTurning up-the-heat
Turning up-the-heatTim Pouyer
 
Technology insights: Decision Science Platform
Technology insights: Decision Science PlatformTechnology insights: Decision Science Platform
Technology insights: Decision Science PlatformDecision Science Community
 
2012 RightScale Conference NYC - Jeff Gelb, Director of Technology Strategy, ...
2012 RightScale Conference NYC - Jeff Gelb, Director of Technology Strategy, ...2012 RightScale Conference NYC - Jeff Gelb, Director of Technology Strategy, ...
2012 RightScale Conference NYC - Jeff Gelb, Director of Technology Strategy, ...RightScale
 
Self-Driving Data Center
Self-Driving Data CenterSelf-Driving Data Center
Self-Driving Data CenterSergey A. Razin
 
OpenStack Enabling DevOps
OpenStack Enabling DevOpsOpenStack Enabling DevOps
OpenStack Enabling DevOpsCisco DevNet
 
XebiaLabs, CloudBees, Puppet Labs Webinar Slides - IT Automation for the Mode...
XebiaLabs, CloudBees, Puppet Labs Webinar Slides - IT Automation for the Mode...XebiaLabs, CloudBees, Puppet Labs Webinar Slides - IT Automation for the Mode...
XebiaLabs, CloudBees, Puppet Labs Webinar Slides - IT Automation for the Mode...XebiaLabs
 
Get your head in the clouds! - Swansea Con 2016
Get your head in the clouds! - Swansea Con 2016Get your head in the clouds! - Swansea Con 2016
Get your head in the clouds! - Swansea Con 2016Christopher Cundill
 

Similar to Coding Secure Infrastructure in the Cloud using the PIE framework (20)

Customer Sharing: Trend Micro - Trend Micro's DevOps Practices
Customer Sharing: Trend Micro - Trend Micro's DevOps Practices Customer Sharing: Trend Micro - Trend Micro's DevOps Practices
Customer Sharing: Trend Micro - Trend Micro's DevOps Practices
 
Business and IT agility through DevOps and microservice architecture powered ...
Business and IT agility through DevOps and microservice architecture powered ...Business and IT agility through DevOps and microservice architecture powered ...
Business and IT agility through DevOps and microservice architecture powered ...
 
Application Delivery Patterns for Developers - Technical 401
Application Delivery Patterns for Developers - Technical 401Application Delivery Patterns for Developers - Technical 401
Application Delivery Patterns for Developers - Technical 401
 
What is DevOps?
What is DevOps?What is DevOps?
What is DevOps?
 
Webinar: How and Why to Containerize Your Legacy Applications
Webinar: How and Why to Containerize Your Legacy ApplicationsWebinar: How and Why to Containerize Your Legacy Applications
Webinar: How and Why to Containerize Your Legacy Applications
 
Keynote from Cloud Expo West, November 2010
Keynote from Cloud Expo West, November 2010Keynote from Cloud Expo West, November 2010
Keynote from Cloud Expo West, November 2010
 
Securing the Cloud Native stack
Securing the Cloud Native stackSecuring the Cloud Native stack
Securing the Cloud Native stack
 
Securing the Cloud Native Stack
Securing the Cloud Native StackSecuring the Cloud Native Stack
Securing the Cloud Native Stack
 
Docker for Ops: Operationalize your Docker Built Apps in Production by Evan H...
Docker for Ops: Operationalize your Docker Built Apps in Production by Evan H...Docker for Ops: Operationalize your Docker Built Apps in Production by Evan H...
Docker for Ops: Operationalize your Docker Built Apps in Production by Evan H...
 
DevOps and Microservice
DevOps and MicroserviceDevOps and Microservice
DevOps and Microservice
 
Cloud Foundry Technical Overview at IBM Interconnect 2016
Cloud Foundry Technical Overview at IBM Interconnect 2016Cloud Foundry Technical Overview at IBM Interconnect 2016
Cloud Foundry Technical Overview at IBM Interconnect 2016
 
Application Delivery Patterns
Application Delivery PatternsApplication Delivery Patterns
Application Delivery Patterns
 
Turning up-the-heat
Turning up-the-heatTurning up-the-heat
Turning up-the-heat
 
Technology insights: Decision Science Platform
Technology insights: Decision Science PlatformTechnology insights: Decision Science Platform
Technology insights: Decision Science Platform
 
2012 RightScale Conference NYC - Jeff Gelb, Director of Technology Strategy, ...
2012 RightScale Conference NYC - Jeff Gelb, Director of Technology Strategy, ...2012 RightScale Conference NYC - Jeff Gelb, Director of Technology Strategy, ...
2012 RightScale Conference NYC - Jeff Gelb, Director of Technology Strategy, ...
 
Self-Driving Data Center
Self-Driving Data CenterSelf-Driving Data Center
Self-Driving Data Center
 
OpenStack Enabling DevOps
OpenStack Enabling DevOpsOpenStack Enabling DevOps
OpenStack Enabling DevOps
 
XebiaLabs, CloudBees, Puppet Labs Webinar Slides - IT Automation for the Mode...
XebiaLabs, CloudBees, Puppet Labs Webinar Slides - IT Automation for the Mode...XebiaLabs, CloudBees, Puppet Labs Webinar Slides - IT Automation for the Mode...
XebiaLabs, CloudBees, Puppet Labs Webinar Slides - IT Automation for the Mode...
 
Get your head in the clouds! - Swansea Con 2016
Get your head in the clouds! - Swansea Con 2016Get your head in the clouds! - Swansea Con 2016
Get your head in the clouds! - Swansea Con 2016
 
Newt global meetup microservices
Newt global meetup microservicesNewt global meetup microservices
Newt global meetup microservices
 

More from James Wickett

A Pragmatic Union: Security and SRE
A Pragmatic Union: Security and SREA Pragmatic Union: Security and SRE
A Pragmatic Union: Security and SREJames Wickett
 
A Way to Think about DevSecOps: MEASURE
A Way to Think about DevSecOps: MEASUREA Way to Think about DevSecOps: MEASURE
A Way to Think about DevSecOps: MEASUREJames Wickett
 
The Security, DevOps, and Chaos Playbook to Change the World
The Security, DevOps, and Chaos Playbook to Change the WorldThe Security, DevOps, and Chaos Playbook to Change the World
The Security, DevOps, and Chaos Playbook to Change the WorldJames Wickett
 
Pragmatic Pipeline Security
Pragmatic Pipeline SecurityPragmatic Pipeline Security
Pragmatic Pipeline SecurityJames Wickett
 
A Tale of Woe, Chaos, and Business
A Tale of Woe, Chaos, and BusinessA Tale of Woe, Chaos, and Business
A Tale of Woe, Chaos, and BusinessJames Wickett
 
A DevSecOps Tale of Business, Engineering, and People
A DevSecOps Tale of Business, Engineering, and PeopleA DevSecOps Tale of Business, Engineering, and People
A DevSecOps Tale of Business, Engineering, and PeopleJames Wickett
 
The New Ways of DevSecOps - The Secure Dev 2019
The New Ways of DevSecOps - The Secure Dev 2019The New Ways of DevSecOps - The Secure Dev 2019
The New Ways of DevSecOps - The Secure Dev 2019James Wickett
 
NewOps Days 2019: The New Ways of Chaos, Security, and DevOps
NewOps Days 2019: The New Ways of Chaos, Security, and DevOpsNewOps Days 2019: The New Ways of Chaos, Security, and DevOps
NewOps Days 2019: The New Ways of Chaos, Security, and DevOpsJames Wickett
 
The New Ways of Chaos, Security, and DevOps
The New Ways of Chaos, Security, and DevOpsThe New Ways of Chaos, Security, and DevOps
The New Ways of Chaos, Security, and DevOpsJames Wickett
 
DevOpsDays Austin: Security in the FaaS Lane
DevOpsDays Austin: Security in the FaaS LaneDevOpsDays Austin: Security in the FaaS Lane
DevOpsDays Austin: Security in the FaaS LaneJames Wickett
 
The Seven Habits of the Highly Effective DevSecOp
The Seven Habits of the Highly Effective DevSecOpThe Seven Habits of the Highly Effective DevSecOp
The Seven Habits of the Highly Effective DevSecOpJames Wickett
 
Serverless Security: A How-to Guide @ SnowFROC 2019
Serverless Security: A How-to Guide @ SnowFROC 2019Serverless Security: A How-to Guide @ SnowFROC 2019
Serverless Security: A How-to Guide @ SnowFROC 2019James Wickett
 
Release Your Inner DevSecOp
Release Your Inner DevSecOpRelease Your Inner DevSecOp
Release Your Inner DevSecOpJames Wickett
 
Security in the FaaS Lane
Security in the FaaS LaneSecurity in the FaaS Lane
Security in the FaaS LaneJames Wickett
 
The New Security Playbook: DevSecOps
The New Security Playbook: DevSecOpsThe New Security Playbook: DevSecOps
The New Security Playbook: DevSecOpsJames Wickett
 
The Emergent Cloud Security Toolchain for CI/CD
The Emergent Cloud Security Toolchain for CI/CDThe Emergent Cloud Security Toolchain for CI/CD
The Emergent Cloud Security Toolchain for CI/CDJames Wickett
 
Adversary Driven Defense in the Real World
Adversary Driven Defense in the Real WorldAdversary Driven Defense in the Real World
Adversary Driven Defense in the Real WorldJames Wickett
 
The DevSecOps Builder’s Guide to the CI/CD Pipeline
The DevSecOps Builder’s Guide to the CI/CD PipelineThe DevSecOps Builder’s Guide to the CI/CD Pipeline
The DevSecOps Builder’s Guide to the CI/CD PipelineJames Wickett
 
DevSecOps and the CI/CD Pipeline
DevSecOps and the CI/CD Pipeline DevSecOps and the CI/CD Pipeline
DevSecOps and the CI/CD PipelineJames Wickett
 
The State of DevSecOps in 2018
The State of DevSecOps in 2018The State of DevSecOps in 2018
The State of DevSecOps in 2018James Wickett
 

More from James Wickett (20)

A Pragmatic Union: Security and SRE
A Pragmatic Union: Security and SREA Pragmatic Union: Security and SRE
A Pragmatic Union: Security and SRE
 
A Way to Think about DevSecOps: MEASURE
A Way to Think about DevSecOps: MEASUREA Way to Think about DevSecOps: MEASURE
A Way to Think about DevSecOps: MEASURE
 
The Security, DevOps, and Chaos Playbook to Change the World
The Security, DevOps, and Chaos Playbook to Change the WorldThe Security, DevOps, and Chaos Playbook to Change the World
The Security, DevOps, and Chaos Playbook to Change the World
 
Pragmatic Pipeline Security
Pragmatic Pipeline SecurityPragmatic Pipeline Security
Pragmatic Pipeline Security
 
A Tale of Woe, Chaos, and Business
A Tale of Woe, Chaos, and BusinessA Tale of Woe, Chaos, and Business
A Tale of Woe, Chaos, and Business
 
A DevSecOps Tale of Business, Engineering, and People
A DevSecOps Tale of Business, Engineering, and PeopleA DevSecOps Tale of Business, Engineering, and People
A DevSecOps Tale of Business, Engineering, and People
 
The New Ways of DevSecOps - The Secure Dev 2019
The New Ways of DevSecOps - The Secure Dev 2019The New Ways of DevSecOps - The Secure Dev 2019
The New Ways of DevSecOps - The Secure Dev 2019
 
NewOps Days 2019: The New Ways of Chaos, Security, and DevOps
NewOps Days 2019: The New Ways of Chaos, Security, and DevOpsNewOps Days 2019: The New Ways of Chaos, Security, and DevOps
NewOps Days 2019: The New Ways of Chaos, Security, and DevOps
 
The New Ways of Chaos, Security, and DevOps
The New Ways of Chaos, Security, and DevOpsThe New Ways of Chaos, Security, and DevOps
The New Ways of Chaos, Security, and DevOps
 
DevOpsDays Austin: Security in the FaaS Lane
DevOpsDays Austin: Security in the FaaS LaneDevOpsDays Austin: Security in the FaaS Lane
DevOpsDays Austin: Security in the FaaS Lane
 
The Seven Habits of the Highly Effective DevSecOp
The Seven Habits of the Highly Effective DevSecOpThe Seven Habits of the Highly Effective DevSecOp
The Seven Habits of the Highly Effective DevSecOp
 
Serverless Security: A How-to Guide @ SnowFROC 2019
Serverless Security: A How-to Guide @ SnowFROC 2019Serverless Security: A How-to Guide @ SnowFROC 2019
Serverless Security: A How-to Guide @ SnowFROC 2019
 
Release Your Inner DevSecOp
Release Your Inner DevSecOpRelease Your Inner DevSecOp
Release Your Inner DevSecOp
 
Security in the FaaS Lane
Security in the FaaS LaneSecurity in the FaaS Lane
Security in the FaaS Lane
 
The New Security Playbook: DevSecOps
The New Security Playbook: DevSecOpsThe New Security Playbook: DevSecOps
The New Security Playbook: DevSecOps
 
The Emergent Cloud Security Toolchain for CI/CD
The Emergent Cloud Security Toolchain for CI/CDThe Emergent Cloud Security Toolchain for CI/CD
The Emergent Cloud Security Toolchain for CI/CD
 
Adversary Driven Defense in the Real World
Adversary Driven Defense in the Real WorldAdversary Driven Defense in the Real World
Adversary Driven Defense in the Real World
 
The DevSecOps Builder’s Guide to the CI/CD Pipeline
The DevSecOps Builder’s Guide to the CI/CD PipelineThe DevSecOps Builder’s Guide to the CI/CD Pipeline
The DevSecOps Builder’s Guide to the CI/CD Pipeline
 
DevSecOps and the CI/CD Pipeline
DevSecOps and the CI/CD Pipeline DevSecOps and the CI/CD Pipeline
DevSecOps and the CI/CD Pipeline
 
The State of DevSecOps in 2018
The State of DevSecOps in 2018The State of DevSecOps in 2018
The State of DevSecOps in 2018
 

Recently uploaded

A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Paola De la Torre
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024The Digital Insurer
 

Recently uploaded (20)

A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 

Coding Secure Infrastructure in the Cloud using the PIE framework

  • 1. Coding Secure Infrastructure in the Cloud using the PIE framework Peco Karayanev James Wickett
  • 2. @wickett • Operations and Security for software delivered on the cloud • National Instruments, R&D • Certs: CISSP, GSEC, GCFW, CCSK • Tags: OWASP, Cloud, DevOps, Ruby • Blogger at theagileadmin.com • I do stuff for LASCON (http://lascon.org) • Twitter: @wickett
  • 3. @bproverb • Peco Karayanev • OpNet, Senior Applications Engineer • Tags: APM, Java, DevOps, Big Data • Blogger at theagileadmin.com • Twitter: @bproverb
  • 4. About OPNET Technologies, Inc. Corporate Overview • Founded in 1986 • Publicly traded (NASDAQ: OPNT) • HQ in Bethesda, MD • 600 employees • Worldwide presence through direct offices and channel partners Best-in-Class Solutions and Services • Application Performance Management • Network Performance Management Strong Financial Track Record • Long history of profitability • Annual revenue: $140M • 25% of revenue re-invested in R&D test Broad Customer Base • Corporate Enterprises • Government Agencies • Network Service Providers OPNET Confidential – Not for release to third parties 4 © 2011 OPNET Technologies, Inc. All rights reserved. OPNET and OPNET product names are trademarks of OPNET Technologies, Inc. Rev. 04-01-2011
  • 5. National Instruments • 30 years old; 5000+ employees around the world, half in Austin, mostly engineers; $873M in 2010 • Hardware and software for data acquisition, embedded design, instrument control, and test • LabVIEW is our graphical dataflow programming language used by scientists and engineers in many fields
  • 6. From toys to black holes
  • 7. Cloud @ NI We built a DevOps team to rapidly deliver new SaaS products and product functionality using cloud hosting and services (IaaS, PaaS, SaaS) as the platform and operations, using model driven automation, as a key differentiating element. With this approach we have delivered multiple major products to market quickly with a very small staffing and financial outlay.
  • 8. NI’s Cloud Products • LabVIEW Web UI Builder • FPGA Compile Cloud • more to come...
  • 10.
  • 11. FPGA Compile Cloud • LabVIEW FPGA compiles take hours and consume extensive system resources; compilers are getting larger and more complex • Implemented on Amazon - EC2, Java/Linux,C#/.NET/Windows, and LabVIEW FPGA • Also an on premise product, the “Compile Farm”
  • 12. Our design tools are primitive
  • 13. Our operation tools are primitive
  • 14. Our system engineering challenges are greater < year 2000 the modern era
  • 15. If you want to build a ship, don't drum up people together to collect wood and don't assign them tasks and work, but rather teach them to long for the endless immensity of the sea - Antoine Jean-Baptiste Marie Roger de Saint Exupéry
  • 18. Adversity fueled innovation • NASA in Space • Military hard drives • ATMs in Europe
  • 19. The Internets is Mean • Latency • Distribution • Anonymity • Varied protocols • People
  • 20. Systems are complex • “How Complex Systems Fail” • Failure at multiple layers • Synonyms in other industries • Defense in Depth
  • 21. Software needs to meet adversity
  • 22. Intro to Rugged by analogy
  • 35.
  • 36. Rugged Software Manifesto
  • 37. I am rugged... and more importantly, my code is rugged.
  • 38. I recognize that software has become a foundation of our modern world.
  • 39. I recognize the awesome responsibility that comes with this foundational role.
  • 40. I recognize that my code will be used in ways I cannot anticipate, in ways it was not designed, and for longer than it was ever intended.
  • 41. I recognize that my code will be attacked by talented and persistent adversaries who threaten our physical, economic, and national security.
  • 42. I recognize these things - and I choose to be rugged.
  • 43. I am rugged because I refuse to be a source of vulnerability or weakness.
  • 44. I am rugged because I assure my code will support its mission.
  • 45. I am rugged because my code can face these challenges and persist in spite of them.
  • 46. I am rugged, not because it is easy, but because it is necessary... and I am up for the challenge.
  • 47. Qualities of Rugged Software • Availability - Speed and performance • Longevity, Long-standing, persistent - Time • Scalable, Portable • Maintainable and Defensible - Topology Map • Resilient in the face of failures • Reliable - Time, Load
  • 48. Security vs. Rugged • Absence of • Verification of Events quality • Cost • Benefit • Negative • Positive • FUD • Known values • Toxic • Affirming
  • 50. It’s not our problem anymore
  • 51. DevOps is not just making the wall shorter before after
  • 55. People that built PIE Peco Karayanev crazy to dream up PIE and foolish to try to build it Ernest Mueller godfather and proponent of DevOps in PIE James Wickett chief evangelist of PIE Michael Truchard ensuring PIE is as much for dev as it is for ops William Hackett evolving PIE from hackery to legit software. Karthik Gaekwad reminding PIE to KISS Kar Meng Chow ensuring PIE is a tool for daily ops Mohd Hafiz Ramly boldly taking PIE to new heights John Hill herding the PIE cats
  • 56. What is PIE? • a a framework to define, provision, monitor, and control cloud-based systems • written in Java, uses SSH as transport, currently supports Amazon AWS (Linux and Windows) and MS Azure • takes an XML-based model from source control and creates a full running system • to define, provision, monitor, and control cloud-based systems
  • 57. What do we like about PIE? • Collaborative system design and development • Automation for building, provisioning and controlling cloud systems • From source to running multi- tier cloud system in minutes • Infrastructure as code
  • 58. What do we use PIE for • Provisioning cloud instances • Creating new environments • Deploying & configuring software • Deploying & configuring applications • Backups • Log aggregation • Auto-scaling roles based on demand • Running tests • Continuous integration • Release workflows • Auditing cloud resource usage • Integrating with revision control & software build
  • 59. can we do better?
  • 60. Security features and use cases • Increase the visibility and auditability of the system • Track dependencies and what code is deployed where • Diff versions of the system and see changes • Role based auth for operators • No manual steps • Passwords able to be changed with a few PIE commands • Keys out of the model • Ports and user/pass changes • App Config • Audit / Running state vs. model diff
  • 61. Architecture o Document based Architecture Definition Language o Command orchestration,dispatch and execution engine o Runtime Registry o Command Line Interface
  • 62. ADL (Architecture Definition Language) • Structural model of the system described in XML documents. • 4 Level Hierarchy - System,SubSystem,Role,Service
  • 63. ADL (continued) Each entity is defined in XML and holds meta-data about resources and commands.
  • 64. Command Execution & Orchestration • The execution engine can dispatch and execute commands to remote machines. • More complex workflows can be created from simple commands. • Commands can be overloaded in different model components.
  • 65. Runtime Registry & Name Service • The Runtime registry tracks the state and dependencies • The Name service keeps a namespace for instances.
  • 66. Command Line Interface Example full command line invocation: Target Query string explained:
  • 67. Demo • On Azure o Provision an environment. o Deploy an app and test. o Update the model and turn off port 80. o Redeploy and test the app. o De-provision the environment.
  • 68. Rugged DevOps Results • repeatable – no manual errors • reviewable – model in source control • rapid – bring up, install, configure, and test dozens of systems in a morning • resilient – automated reconfiguration to swap servers (throw away infrastructure) • rugged by design devops by culture
  • 69. Roadmap • Open Source • More security workflows • Azure data management workflows • Add support for external keystores • ADL and model usability features • Port AWS functionality to 2.0 version • New shiny distributed orchestration engine • Add user auth through LDAP or other repos • IDE to simplify design • More powerful script engine
  • 70. PIE now and future (now) (28 years later)
  • 72. Want the slides? send me a tweet @wickett