SlideShare a Scribd company logo

Automated Server Administration for DevSecOps

Aarno Aukia
Aarno Aukia

VSHN manages servers for customers using automated tools. Aarno from VSHN discussed their implementation which includes a web interface for customers, infrastructure as code using YAML, and automated monitoring and updates. Some lessons learned included using tools to separate customers while sharing code, monitoring and backups by default, and good processes for frequent updates.

Software
1 of 15
Download to read offline
VSHN - The DevOps Company Automated Server Administration for DevSecOps Aarno Aukia, CTO @ VSHN - The DevOps Company DevSecOps Forum 12.3.2019
VSHN - The DevOps Company ● Who is Aarno and VSHN - The DevOps Company ? ● Managing 1200 servers ○ Challenges ○ Our implementation & user interface ○ Demo ○ Lessons learned 22 Agenda
VSHN - The DevOps Company @aarnoaukia http://about.me/aarno aarno.aukia@vshn.ch ETH → Google → Atrila → VSHN VSHN - The DevOps Company Since 2014, currently 35 VSHNeers in Zürich, Switzerland Helping Developers run applications on any infrastructure making both visitors happy with stability and developers happy with agility 33 About Aarno & VSHN.ch
VSHN - The DevOps Company 5 Operations = Firefighting-as-a-Service ? 5
VSHN - The DevOps Company Capability Maturity Model Integration (CMMI) 66 Operations 2014 How to get to this level?
VSHN - The DevOps Company DevOps: CMMI Level 5: People, Processes & Tools 77
VSHN - The DevOps Company ● Interface Dev <-> Ops ○ DevOps, CI/CD, Containers, etc ● Interface Ops <-> Infra ○ Hypervisors, APIs, Metrics, etc ● Manage VMs on any infrastructure ● Service Monitoring, Alerting, Metrics, Logs ● Updates, Backups, Configuration Management 88 VSHN Managed Service
VSHN - The DevOps Company ● you don’t like proper (software) release management ○ or else you’ll be in dependency hell with 200 modules in 200 environments ● you practice “don’t touch a running system” ○ you’ll be updating all servers all the time - both good and bad ● standardizing/optimizing ○ no more handcrafted snowflake pets, lots and lots of cattle ● you don’t actively develop monitoring/checks ○ or else you’ll get alert fatigue from noisy checks 99 Don’t do automatic server management if...
VSHN - The DevOps Company ● Web-based self-service for customers ● CRUD server definitions -> CMDB 1010 VSHN Control Panel
VSHN - The DevOps Company 11 Demo 11
VSHN - The DevOps Company 1212 Infrastructure as Code Single source of truth: Configuration YAML in GIT --- classes: - profile_certificates - profile_webhosting packages: - nagios-plugins-wordpress - nagios-plugins-wordpress-config profile_php::php_settings: date.timezone: 'Europe/Zurich' acmetool::use_production_endpoint: true profile_php::php_version: '7.0' profile_php::extensions: - mysql - gd - mbstring - curl profile_icinga2::hiera_services: check_wordpress_dev: check_command: 'wordpress_updates' display_name: 'Wordpress Updates test.vshn.net' vars: wordpress_instance: 'vshn_dev' wordpress_db_name: 'vshn_dev' wordpress_db_user: 'vshn_dev' wordpress_db_pass: 'replaced' check_wordpress_prod: check_command: 'wordpress_updates' display_name: 'Wordpress Updates vshn.net' vars: wordpress_instance: 'vshn_prod' wordpress_db_name: 'vshn_prod' wordpress_db_user: 'vshn_prod' wordpress_db_pass: 'replaced' profile_mariadb::db_root_pw: 'replaced' profile_webhosting::sites: vshn_dev: stack_type: 'php' db_type: 'mariadb' db_password: 'replaced' php_admin_values: memory_limit: '300M' post_max_size: '20M' upload_max_filesize: '20M' manage_tls: letsencrypt
VSHN - The DevOps Company ● who ● when ● what ● tests successful? ● why 1313 GIT: changelog
VSHN - The DevOps Company 1414 Logic # https check if $manage_tls and $manage_tls != 'false' { ::profile_icinga2::resources::check { "${name}_nginx-${main_domain}-https": check_command => 'http', display_name => "nginx https ${name}", check_zone => $monitoring_check_zone, notes => 'https check on port 443, supports authentication and URI', notes_url => 'http', production_level => $monitoring_production_level, vars => merge({ 'http_address' => $::fqdn, 'http_vhost' => $main_domain, 'http_ssl' => true, 'http_uri' => $monitor_path, 'http_sni' => true, }, $_auth_var, $monitor_extra_check_vars), } } # https certificate check if ($manage_tls and $manage_tls != 'false' and $manage_tls != 'snakeoil') { if $manage_tls == 'trusted' { $_days = 30 } else { $_days = 20 } ::profile_icinga2::resources::check { "${name}_nginx-${main_domain}-certificate": check_command => 'http', display_name => "nginx certificate ${main_domain}", notes => "https certificate check, checks days (${_days}) left until expire", notes_url => 'https_certificate', production_level => $monitoring_production_level, check_interval => '2h', vars => { 'http_address' => $::fqdn, 'http_vhost' => $main_domain, 'http_tls' => true, 'http_certificate' => $_days, 'http_sni' => true, }, } } } e.g. automatically monitor all HTTPS sites & certificates
VSHN - The DevOps Company ● Trade-off between multi-tenancy (separation of customers/environments) and common code base development -> Tools & Software-Release-Processes (e.g. https://github.com/vshn/crmngr) ● Monitoring & Backup by default: value > cost ● Hierarchical CMDB: configuration for policy groups ● Staged/canary rollouts (e.g. for intrusive things like firewall changes) ● Local tests (pacco: puppet-in-docker-in-vagrant: https://github.com/vshn/puppet-in-docker) ● Good and robust process for regular & frequent updates 1515 Lessons learned
Come visit us for a coffee! VSHN AG - Neugasse 10 - CH-8005 Zürich - +41 44 545 53 00 - https://vshn.ch/ - info@vshn.ch https://vshn.ch/kontakt/ Follow us on Twitter! @vshn_ch 16

Recommended

Automating Security Compliance on AWS with DevSecOps
Automating Security Compliance on AWS with DevSecOpsAutomating Security Compliance on AWS with DevSecOps
Automating Security Compliance on AWS with DevSecOpsTushar Gupta
 
Building security into the pipelines
Building security into the pipelinesBuilding security into the pipelines
Building security into the pipelinesVandana Verma
 
DevSecOps for you Full Stack
DevSecOps for you Full StackDevSecOps for you Full Stack
DevSecOps for you Full StackRon Nixon
 
DevSecOps
DevSecOpsDevSecOps
DevSecOpsCheah Eng Soon
 
Extensible dev secops pipelines with Jenkins, Docker, Terraform, and a kitche...
Extensible dev secops pipelines with Jenkins, Docker, Terraform, and a kitche...Extensible dev secops pipelines with Jenkins, Docker, Terraform, and a kitche...
Extensible dev secops pipelines with Jenkins, Docker, Terraform, and a kitche...Richard Bullington-McGuire
 
DevSecOps OWASP
DevSecOps OWASPDevSecOps OWASP
DevSecOps OWASPPriyanka Raghavan
 
wannabe Cyberpunk; “I don’t know what I’m supposed to do.”
wannabe Cyberpunk; “I don’t know what I’m supposed to do.”wannabe Cyberpunk; “I don’t know what I’m supposed to do.”
wannabe Cyberpunk; “I don’t know what I’m supposed to do.”Moshiul Islam, CISSP, CISA, CFE
 
DevSecOps What Why and How
DevSecOps What Why and HowDevSecOps What Why and How
DevSecOps What Why and HowNotSoSecure Global Services
 

Recommended

Automating Security Compliance on AWS with DevSecOps
Automating Security Compliance on AWS with DevSecOpsAutomating Security Compliance on AWS with DevSecOps
Automating Security Compliance on AWS with DevSecOpsTushar Gupta
 
Building security into the pipelines
Building security into the pipelinesBuilding security into the pipelines
Building security into the pipelinesVandana Verma
 
DevSecOps for you Full Stack
DevSecOps for you Full StackDevSecOps for you Full Stack
DevSecOps for you Full StackRon Nixon
 
DevSecOps
DevSecOpsDevSecOps
DevSecOpsCheah Eng Soon
 
Extensible dev secops pipelines with Jenkins, Docker, Terraform, and a kitche...
Extensible dev secops pipelines with Jenkins, Docker, Terraform, and a kitche...Extensible dev secops pipelines with Jenkins, Docker, Terraform, and a kitche...
Extensible dev secops pipelines with Jenkins, Docker, Terraform, and a kitche...Richard Bullington-McGuire
 
DevSecOps OWASP
DevSecOps OWASPDevSecOps OWASP
DevSecOps OWASPPriyanka Raghavan
 
wannabe Cyberpunk; “I don’t know what I’m supposed to do.”
wannabe Cyberpunk; “I don’t know what I’m supposed to do.”wannabe Cyberpunk; “I don’t know what I’m supposed to do.”
wannabe Cyberpunk; “I don’t know what I’m supposed to do.”Moshiul Islam, CISSP, CISA, CFE
 
DevSecOps What Why and How
DevSecOps What Why and HowDevSecOps What Why and How
DevSecOps What Why and HowNotSoSecure Global Services
 
Introduction to DevSecOps
Introduction to DevSecOpsIntroduction to DevSecOps
Introduction to DevSecOpsAmazon Web Services
 
DevSecCon London 2018: Open DevSecOps
DevSecCon London 2018: Open DevSecOpsDevSecCon London 2018: Open DevSecOps
DevSecCon London 2018: Open DevSecOpsDevSecCon
 
2019 DevSecOps Reference Architectures
2019 DevSecOps Reference Architectures2019 DevSecOps Reference Architectures
2019 DevSecOps Reference ArchitecturesSonatype
 
Securing Systems at Cloud Scale with DevSecOps
Securing Systems at Cloud Scale with DevSecOpsSecuring Systems at Cloud Scale with DevSecOps
Securing Systems at Cloud Scale with DevSecOpsAmazon Web Services
 
Hacker Games & DevSecOps
Hacker Games & DevSecOpsHacker Games & DevSecOps
Hacker Games & DevSecOpslokori
 
Embacing service-level-objectives of your microservices in your Cl/CD
Embacing service-level-objectives of your microservices in your Cl/CDEmbacing service-level-objectives of your microservices in your Cl/CD
Embacing service-level-objectives of your microservices in your Cl/CDNebulaworks
 
DevOps & Security: Here & Now
DevOps & Security: Here & NowDevOps & Security: Here & Now
DevOps & Security: Here & NowCheckmarx
 
DevSecCon London 2017: Threat modeling in a CI environment by Steven Wierckx
DevSecCon London 2017: Threat modeling in a CI environment by Steven WierckxDevSecCon London 2017: Threat modeling in a CI environment by Steven Wierckx
DevSecCon London 2017: Threat modeling in a CI environment by Steven WierckxDevSecCon
 
Automated Testing in Continuous Change Management
Automated Testing in Continuous Change ManagementAutomated Testing in Continuous Change Management
Automated Testing in Continuous Change ManagementPerforce
 
Successfully Implementing DEV-SEC-OPS in the Cloud
Successfully Implementing DEV-SEC-OPS in the CloudSuccessfully Implementing DEV-SEC-OPS in the Cloud
Successfully Implementing DEV-SEC-OPS in the CloudAmazon Web Services
 
DevOps Friendly Doc Publishing for APIs & Microservices
DevOps Friendly Doc Publishing for APIs & MicroservicesDevOps Friendly Doc Publishing for APIs & Microservices
DevOps Friendly Doc Publishing for APIs & MicroservicesSonatype
 
DevOpsSec: Appling DevOps Principles to Security, DevOpsDays Austin 2012
DevOpsSec: Appling DevOps Principles to Security, DevOpsDays Austin 2012DevOpsSec: Appling DevOps Principles to Security, DevOpsDays Austin 2012
DevOpsSec: Appling DevOps Principles to Security, DevOpsDays Austin 2012Nick Galbreath
 
#ATAGTR2019 Presentation "DevSecOps with GitLab" By Avishkar Nikale
#ATAGTR2019 Presentation "DevSecOps with GitLab" By Avishkar Nikale#ATAGTR2019 Presentation "DevSecOps with GitLab" By Avishkar Nikale
#ATAGTR2019 Presentation "DevSecOps with GitLab" By Avishkar NikaleAgile Testing Alliance
 
DevSecCon London 2017: Hands-on secure software development from design to de...
DevSecCon London 2017: Hands-on secure software development from design to de...DevSecCon London 2017: Hands-on secure software development from design to de...
DevSecCon London 2017: Hands-on secure software development from design to de...DevSecCon
 
Continuous Security Testing with Devops - OWASP EU 2014
Continuous Security Testing with Devops - OWASP EU 2014Continuous Security Testing with Devops - OWASP EU 2014
Continuous Security Testing with Devops - OWASP EU 2014Stephen de Vries
 
Hybrid Cloud Networking
Hybrid Cloud NetworkingHybrid Cloud Networking
Hybrid Cloud NetworkingSVForum Cloud SIG
 
Integrating Security into DevOps
Integrating Security into DevOpsIntegrating Security into DevOps
Integrating Security into DevOpsCloudPassage
 
What it feels like to live in a Security Enabled DevOps World
What it feels like to live in a Security Enabled DevOps WorldWhat it feels like to live in a Security Enabled DevOps World
What it feels like to live in a Security Enabled DevOps WorldKarun Chennuri
 
DevSecOps: Taking a DevOps Approach to Security
DevSecOps: Taking a DevOps Approach to SecurityDevSecOps: Taking a DevOps Approach to Security
DevSecOps: Taking a DevOps Approach to SecurityAlert Logic
 
Continuous Security Testing - DevSecCon
Continuous Security Testing - DevSecConContinuous Security Testing - DevSecCon
Continuous Security Testing - DevSecConStephen de Vries
 
Monitoring CloudStack and components
Monitoring CloudStack and componentsMonitoring CloudStack and components
Monitoring CloudStack and componentsShapeBlue
 
Using PHP with IBM Bluemix
Using PHP with IBM BluemixUsing PHP with IBM Bluemix
Using PHP with IBM Bluemixvvaswani
 

More Related Content

What's hot

DevSecCon London 2018: Open DevSecOps
DevSecCon London 2018: Open DevSecOpsDevSecCon London 2018: Open DevSecOps
DevSecCon London 2018: Open DevSecOpsDevSecCon
 
2019 DevSecOps Reference Architectures
2019 DevSecOps Reference Architectures2019 DevSecOps Reference Architectures
2019 DevSecOps Reference ArchitecturesSonatype
 
Securing Systems at Cloud Scale with DevSecOps
Securing Systems at Cloud Scale with DevSecOpsSecuring Systems at Cloud Scale with DevSecOps
Securing Systems at Cloud Scale with DevSecOpsAmazon Web Services
 
Hacker Games & DevSecOps
Hacker Games & DevSecOpsHacker Games & DevSecOps
Hacker Games & DevSecOpslokori
 
Embacing service-level-objectives of your microservices in your Cl/CD
Embacing service-level-objectives of your microservices in your Cl/CDEmbacing service-level-objectives of your microservices in your Cl/CD
Embacing service-level-objectives of your microservices in your Cl/CDNebulaworks
 
DevOps & Security: Here & Now
DevOps & Security: Here & NowDevOps & Security: Here & Now
DevOps & Security: Here & NowCheckmarx
 
DevSecCon London 2017: Threat modeling in a CI environment by Steven Wierckx
DevSecCon London 2017: Threat modeling in a CI environment by Steven WierckxDevSecCon London 2017: Threat modeling in a CI environment by Steven Wierckx
DevSecCon London 2017: Threat modeling in a CI environment by Steven WierckxDevSecCon
 
Automated Testing in Continuous Change Management
Automated Testing in Continuous Change ManagementAutomated Testing in Continuous Change Management
Automated Testing in Continuous Change ManagementPerforce
 
Successfully Implementing DEV-SEC-OPS in the Cloud
Successfully Implementing DEV-SEC-OPS in the CloudSuccessfully Implementing DEV-SEC-OPS in the Cloud
Successfully Implementing DEV-SEC-OPS in the CloudAmazon Web Services
 
DevOps Friendly Doc Publishing for APIs & Microservices
DevOps Friendly Doc Publishing for APIs & MicroservicesDevOps Friendly Doc Publishing for APIs & Microservices
DevOps Friendly Doc Publishing for APIs & MicroservicesSonatype
 
DevOpsSec: Appling DevOps Principles to Security, DevOpsDays Austin 2012
DevOpsSec: Appling DevOps Principles to Security, DevOpsDays Austin 2012DevOpsSec: Appling DevOps Principles to Security, DevOpsDays Austin 2012
DevOpsSec: Appling DevOps Principles to Security, DevOpsDays Austin 2012Nick Galbreath
 
#ATAGTR2019 Presentation "DevSecOps with GitLab" By Avishkar Nikale
#ATAGTR2019 Presentation "DevSecOps with GitLab" By Avishkar Nikale#ATAGTR2019 Presentation "DevSecOps with GitLab" By Avishkar Nikale
#ATAGTR2019 Presentation "DevSecOps with GitLab" By Avishkar NikaleAgile Testing Alliance
 
DevSecCon London 2017: Hands-on secure software development from design to de...
DevSecCon London 2017: Hands-on secure software development from design to de...DevSecCon London 2017: Hands-on secure software development from design to de...
DevSecCon London 2017: Hands-on secure software development from design to de...DevSecCon
 
Continuous Security Testing with Devops - OWASP EU 2014
Continuous Security Testing with Devops - OWASP EU 2014Continuous Security Testing with Devops - OWASP EU 2014
Continuous Security Testing with Devops - OWASP EU 2014Stephen de Vries
 
Integrating Security into DevOps
Integrating Security into DevOpsIntegrating Security into DevOps
Integrating Security into DevOpsCloudPassage
 
What it feels like to live in a Security Enabled DevOps World
What it feels like to live in a Security Enabled DevOps WorldWhat it feels like to live in a Security Enabled DevOps World
What it feels like to live in a Security Enabled DevOps WorldKarun Chennuri
 
DevSecOps: Taking a DevOps Approach to Security
DevSecOps: Taking a DevOps Approach to SecurityDevSecOps: Taking a DevOps Approach to Security
DevSecOps: Taking a DevOps Approach to SecurityAlert Logic
 
Continuous Security Testing - DevSecCon
Continuous Security Testing - DevSecConContinuous Security Testing - DevSecCon
Continuous Security Testing - DevSecConStephen de Vries
 

What's hot (20)

Introduction to DevSecOps
Introduction to DevSecOpsIntroduction to DevSecOps
Introduction to DevSecOps
 
DevSecCon London 2018: Open DevSecOps
DevSecCon London 2018: Open DevSecOpsDevSecCon London 2018: Open DevSecOps
DevSecCon London 2018: Open DevSecOps
 
2019 DevSecOps Reference Architectures
2019 DevSecOps Reference Architectures2019 DevSecOps Reference Architectures
2019 DevSecOps Reference Architectures
 
Securing Systems at Cloud Scale with DevSecOps
Securing Systems at Cloud Scale with DevSecOpsSecuring Systems at Cloud Scale with DevSecOps
Securing Systems at Cloud Scale with DevSecOps
 
Hacker Games & DevSecOps
Hacker Games & DevSecOpsHacker Games & DevSecOps
Hacker Games & DevSecOps
 
Embacing service-level-objectives of your microservices in your Cl/CD
Embacing service-level-objectives of your microservices in your Cl/CDEmbacing service-level-objectives of your microservices in your Cl/CD
Embacing service-level-objectives of your microservices in your Cl/CD
 
DevOps & Security: Here & Now
DevOps & Security: Here & NowDevOps & Security: Here & Now
DevOps & Security: Here & Now
 
DevSecCon London 2017: Threat modeling in a CI environment by Steven Wierckx
DevSecCon London 2017: Threat modeling in a CI environment by Steven WierckxDevSecCon London 2017: Threat modeling in a CI environment by Steven Wierckx
DevSecCon London 2017: Threat modeling in a CI environment by Steven Wierckx
 
Automated Testing in Continuous Change Management
Automated Testing in Continuous Change ManagementAutomated Testing in Continuous Change Management
Automated Testing in Continuous Change Management
 
Successfully Implementing DEV-SEC-OPS in the Cloud
Successfully Implementing DEV-SEC-OPS in the CloudSuccessfully Implementing DEV-SEC-OPS in the Cloud
Successfully Implementing DEV-SEC-OPS in the Cloud
 
DevOps Friendly Doc Publishing for APIs & Microservices
DevOps Friendly Doc Publishing for APIs & MicroservicesDevOps Friendly Doc Publishing for APIs & Microservices
DevOps Friendly Doc Publishing for APIs & Microservices
 
DevOpsSec: Appling DevOps Principles to Security, DevOpsDays Austin 2012
DevOpsSec: Appling DevOps Principles to Security, DevOpsDays Austin 2012DevOpsSec: Appling DevOps Principles to Security, DevOpsDays Austin 2012
DevOpsSec: Appling DevOps Principles to Security, DevOpsDays Austin 2012
 
#ATAGTR2019 Presentation "DevSecOps with GitLab" By Avishkar Nikale
#ATAGTR2019 Presentation "DevSecOps with GitLab" By Avishkar Nikale#ATAGTR2019 Presentation "DevSecOps with GitLab" By Avishkar Nikale
#ATAGTR2019 Presentation "DevSecOps with GitLab" By Avishkar Nikale
 
DevSecCon London 2017: Hands-on secure software development from design to de...
DevSecCon London 2017: Hands-on secure software development from design to de...DevSecCon London 2017: Hands-on secure software development from design to de...
DevSecCon London 2017: Hands-on secure software development from design to de...
 
Continuous Security Testing with Devops - OWASP EU 2014
Continuous Security Testing with Devops - OWASP EU 2014Continuous Security Testing with Devops - OWASP EU 2014
Continuous Security Testing with Devops - OWASP EU 2014
 
Hybrid Cloud Networking
Hybrid Cloud NetworkingHybrid Cloud Networking
Hybrid Cloud Networking
 
Integrating Security into DevOps
Integrating Security into DevOpsIntegrating Security into DevOps
Integrating Security into DevOps
 
What it feels like to live in a Security Enabled DevOps World
What it feels like to live in a Security Enabled DevOps WorldWhat it feels like to live in a Security Enabled DevOps World
What it feels like to live in a Security Enabled DevOps World
 
DevSecOps: Taking a DevOps Approach to Security
DevSecOps: Taking a DevOps Approach to SecurityDevSecOps: Taking a DevOps Approach to Security
DevSecOps: Taking a DevOps Approach to Security
 
Continuous Security Testing - DevSecCon
Continuous Security Testing - DevSecConContinuous Security Testing - DevSecCon
Continuous Security Testing - DevSecCon
 

Similar to Automated Server Administration for DevSecOps

Monitoring CloudStack and components
Monitoring CloudStack and componentsMonitoring CloudStack and components
Monitoring CloudStack and componentsShapeBlue
 
Using PHP with IBM Bluemix
Using PHP with IBM BluemixUsing PHP with IBM Bluemix
Using PHP with IBM Bluemixvvaswani
 
Avoid the Vendor Lock-in Trap (with App Deployment)
Avoid the Vendor Lock-in Trap (with App Deployment)Avoid the Vendor Lock-in Trap (with App Deployment)
Avoid the Vendor Lock-in Trap (with App Deployment)Peter Bittner
 
(ARC402) Deployment Automation: From Developers' Keyboards to End Users' Scre...
(ARC402) Deployment Automation: From Developers' Keyboards to End Users' Scre...(ARC402) Deployment Automation: From Developers' Keyboards to End Users' Scre...
(ARC402) Deployment Automation: From Developers' Keyboards to End Users' Scre...Amazon Web Services
 
Scaling Automated Tests: Choosing an Appropriate Subset
Scaling Automated Tests: Choosing an Appropriate SubsetScaling Automated Tests: Choosing an Appropriate Subset
Scaling Automated Tests: Choosing an Appropriate SubsetTechWell
 
Kubernetes Story - Day 3: Deploying and Scaling Applications on OpenShift
Kubernetes Story - Day 3: Deploying and Scaling Applications on OpenShiftKubernetes Story - Day 3: Deploying and Scaling Applications on OpenShift
Kubernetes Story - Day 3: Deploying and Scaling Applications on OpenShiftMihai Criveti
 
Your admin toolbelt is not complete without Salesforce DX
Your admin toolbelt is not complete without Salesforce DXYour admin toolbelt is not complete without Salesforce DX
Your admin toolbelt is not complete without Salesforce DXDaniel Stange
 
Architeching a php application with interfaces to the ib mi
Architeching a php application with interfaces to the ib miArchiteching a php application with interfaces to the ib mi
Architeching a php application with interfaces to the ib miChelsea Fenton
 
PHP QA Tools
PHP QA ToolsPHP QA Tools
PHP QA Toolsrjsmelo
 
ClickHouse on Kubernetes, by Alexander Zaitsev, Altinity CTO
ClickHouse on Kubernetes, by Alexander Zaitsev, Altinity CTOClickHouse on Kubernetes, by Alexander Zaitsev, Altinity CTO
ClickHouse on Kubernetes, by Alexander Zaitsev, Altinity CTOAltinity Ltd
 
CredHub and Secure Credential Management
CredHub and Secure Credential ManagementCredHub and Secure Credential Management
CredHub and Secure Credential ManagementVMware Tanzu
 
Just Another Word Press Weblog But More Cloudy
Just Another Word Press Weblog But More CloudyJust Another Word Press Weblog But More Cloudy
Just Another Word Press Weblog But More CloudyMaarten Balliauw
 
CloudStack - Top 5 Technical Issues and Troubleshooting
CloudStack - Top 5 Technical Issues and TroubleshootingCloudStack - Top 5 Technical Issues and Troubleshooting
CloudStack - Top 5 Technical Issues and TroubleshootingShapeBlue
 
Angularjs practical project experiences with javascript development in a bank
Angularjs practical project experiences with javascript development in a bankAngularjs practical project experiences with javascript development in a bank
Angularjs practical project experiences with javascript development in a bankDavid Amend
 
Tech Talk: DevOps at LeanIX @ Startup Camp Berlin
Tech Talk: DevOps at LeanIX @ Startup Camp BerlinTech Talk: DevOps at LeanIX @ Startup Camp Berlin
Tech Talk: DevOps at LeanIX @ Startup Camp BerlinLeanIX GmbH
 
Digital Forensics and Incident Response in The Cloud Part 3
Digital Forensics and Incident Response in The Cloud Part 3Digital Forensics and Incident Response in The Cloud Part 3
Digital Forensics and Incident Response in The Cloud Part 3Velocidex Enterprises
 
Ranger admin dev overview
Ranger admin dev overviewRanger admin dev overview
Ranger admin dev overviewTushar Dudhatra
 
PVS-Studio in the Clouds: Travis CI
PVS-Studio in the Clouds: Travis CIPVS-Studio in the Clouds: Travis CI
PVS-Studio in the Clouds: Travis CIAndrey Karpov
 
Converting your DEV Environment to a Docker Stack - ZCOE18
Converting your DEV Environment to a Docker Stack - ZCOE18Converting your DEV Environment to a Docker Stack - ZCOE18
Converting your DEV Environment to a Docker Stack - ZCOE18Dana Luther
 
Becoming a Plumber: Building Deployment Pipelines - All Day DevOps
Becoming a Plumber: Building Deployment Pipelines - All Day DevOpsBecoming a Plumber: Building Deployment Pipelines - All Day DevOps
Becoming a Plumber: Building Deployment Pipelines - All Day DevOpsDaniel Barker
 

Similar to Automated Server Administration for DevSecOps (20)

Monitoring CloudStack and components
Monitoring CloudStack and componentsMonitoring CloudStack and components
Monitoring CloudStack and components
 
Using PHP with IBM Bluemix
Using PHP with IBM BluemixUsing PHP with IBM Bluemix
Using PHP with IBM Bluemix
 
Avoid the Vendor Lock-in Trap (with App Deployment)
Avoid the Vendor Lock-in Trap (with App Deployment)Avoid the Vendor Lock-in Trap (with App Deployment)
Avoid the Vendor Lock-in Trap (with App Deployment)
 
(ARC402) Deployment Automation: From Developers' Keyboards to End Users' Scre...
(ARC402) Deployment Automation: From Developers' Keyboards to End Users' Scre...(ARC402) Deployment Automation: From Developers' Keyboards to End Users' Scre...
(ARC402) Deployment Automation: From Developers' Keyboards to End Users' Scre...
 
Scaling Automated Tests: Choosing an Appropriate Subset
Scaling Automated Tests: Choosing an Appropriate SubsetScaling Automated Tests: Choosing an Appropriate Subset
Scaling Automated Tests: Choosing an Appropriate Subset
 
Kubernetes Story - Day 3: Deploying and Scaling Applications on OpenShift
Kubernetes Story - Day 3: Deploying and Scaling Applications on OpenShiftKubernetes Story - Day 3: Deploying and Scaling Applications on OpenShift
Kubernetes Story - Day 3: Deploying and Scaling Applications on OpenShift
 
Your admin toolbelt is not complete without Salesforce DX
Your admin toolbelt is not complete without Salesforce DXYour admin toolbelt is not complete without Salesforce DX
Your admin toolbelt is not complete without Salesforce DX
 
Architeching a php application with interfaces to the ib mi
Architeching a php application with interfaces to the ib miArchiteching a php application with interfaces to the ib mi
Architeching a php application with interfaces to the ib mi
 
PHP QA Tools
PHP QA ToolsPHP QA Tools
PHP QA Tools
 
ClickHouse on Kubernetes, by Alexander Zaitsev, Altinity CTO
ClickHouse on Kubernetes, by Alexander Zaitsev, Altinity CTOClickHouse on Kubernetes, by Alexander Zaitsev, Altinity CTO
ClickHouse on Kubernetes, by Alexander Zaitsev, Altinity CTO
 
CredHub and Secure Credential Management
CredHub and Secure Credential ManagementCredHub and Secure Credential Management
CredHub and Secure Credential Management
 
Just Another Word Press Weblog But More Cloudy
Just Another Word Press Weblog But More CloudyJust Another Word Press Weblog But More Cloudy
Just Another Word Press Weblog But More Cloudy
 
CloudStack - Top 5 Technical Issues and Troubleshooting
CloudStack - Top 5 Technical Issues and TroubleshootingCloudStack - Top 5 Technical Issues and Troubleshooting
CloudStack - Top 5 Technical Issues and Troubleshooting
 
Angularjs practical project experiences with javascript development in a bank
Angularjs practical project experiences with javascript development in a bankAngularjs practical project experiences with javascript development in a bank
Angularjs practical project experiences with javascript development in a bank
 
Tech Talk: DevOps at LeanIX @ Startup Camp Berlin
Tech Talk: DevOps at LeanIX @ Startup Camp BerlinTech Talk: DevOps at LeanIX @ Startup Camp Berlin
Tech Talk: DevOps at LeanIX @ Startup Camp Berlin
 
Digital Forensics and Incident Response in The Cloud Part 3
Digital Forensics and Incident Response in The Cloud Part 3Digital Forensics and Incident Response in The Cloud Part 3
Digital Forensics and Incident Response in The Cloud Part 3
 
Ranger admin dev overview
Ranger admin dev overviewRanger admin dev overview
Ranger admin dev overview
 
PVS-Studio in the Clouds: Travis CI
PVS-Studio in the Clouds: Travis CIPVS-Studio in the Clouds: Travis CI
PVS-Studio in the Clouds: Travis CI
 
Converting your DEV Environment to a Docker Stack - ZCOE18
Converting your DEV Environment to a Docker Stack - ZCOE18Converting your DEV Environment to a Docker Stack - ZCOE18
Converting your DEV Environment to a Docker Stack - ZCOE18
 
Becoming a Plumber: Building Deployment Pipelines - All Day DevOps
Becoming a Plumber: Building Deployment Pipelines - All Day DevOpsBecoming a Plumber: Building Deployment Pipelines - All Day DevOps
Becoming a Plumber: Building Deployment Pipelines - All Day DevOps
 

More from Aarno Aukia

Wie macht man aus Software einen Online-Service in der Cloud
Wie macht man aus Software einen Online-Service in der CloudWie macht man aus Software einen Online-Service in der Cloud
Wie macht man aus Software einen Online-Service in der CloudAarno Aukia
 
DevOps & DevSecOps in Swiss Banking
DevOps & DevSecOps in Swiss BankingDevOps & DevSecOps in Swiss Banking
DevOps & DevSecOps in Swiss BankingAarno Aukia
 
The printing press of 2021 - using GitLab to publish the VSHN Handbook
The printing press of 2021 - using GitLab to publish the VSHN HandbookThe printing press of 2021 - using GitLab to publish the VSHN Handbook
The printing press of 2021 - using GitLab to publish the VSHN HandbookAarno Aukia
 
Applikationsmodernisierung: Der Weg von Legacy in die Cloud
Applikationsmodernisierung: Der Weg von Legacy in die CloudApplikationsmodernisierung: Der Weg von Legacy in die Cloud
Applikationsmodernisierung: Der Weg von Legacy in die CloudAarno Aukia
 
DevSecOps - Security in DevOps
DevSecOps - Security in DevOpsDevSecOps - Security in DevOps
DevSecOps - Security in DevOpsAarno Aukia
 
Security in the DevOps pipeline of containerized core application: Case Study...
Security in the DevOps pipeline of containerized core application: Case Study...Security in the DevOps pipeline of containerized core application: Case Study...
Security in the DevOps pipeline of containerized core application: Case Study...Aarno Aukia
 
Next gen software operations models in the cloud
Next gen software operations models in the cloudNext gen software operations models in the cloud
Next gen software operations models in the cloudAarno Aukia
 
Von der Straße in die Cloud: Optimierung von Logistikprozessen mit Docker, Ku...
Von der Straße in die Cloud: Optimierung von Logistikprozessen mit Docker, Ku...Von der Straße in die Cloud: Optimierung von Logistikprozessen mit Docker, Ku...
Von der Straße in die Cloud: Optimierung von Logistikprozessen mit Docker, Ku...Aarno Aukia
 
Kubecon 2019 Recap
Kubecon 2019 RecapKubecon 2019 Recap
Kubecon 2019 RecapAarno Aukia
 
DevSecOps: Bringing security to the DevOps pipeline
DevSecOps: Bringing security to the DevOps pipelineDevSecOps: Bringing security to the DevOps pipeline
DevSecOps: Bringing security to the DevOps pipelineAarno Aukia
 
DevSecOps: Bringing security to the DevOps pipeline
DevSecOps: Bringing security to the DevOps pipelineDevSecOps: Bringing security to the DevOps pipeline
DevSecOps: Bringing security to the DevOps pipelineAarno Aukia
 
DevSecOps: Bringing security to the DevOps pipeline
DevSecOps: Bringing security to the DevOps pipelineDevSecOps: Bringing security to the DevOps pipeline
DevSecOps: Bringing security to the DevOps pipelineAarno Aukia
 
My broken container is gone - how to debug containers on container platforms
My broken container is gone - how to debug containers on container platformsMy broken container is gone - how to debug containers on container platforms
My broken container is gone - how to debug containers on container platformsAarno Aukia
 
IT Governance and Security Architecture in Docker, Kubernetes, OpenShift
IT Governance and Security Architecture in Docker, Kubernetes, OpenShiftIT Governance and Security Architecture in Docker, Kubernetes, OpenShift
IT Governance and Security Architecture in Docker, Kubernetes, OpenShiftAarno Aukia
 
Wir arbeiten in der Cloud – eine Herausforderung für das IT Management?
Wir arbeiten in der Cloud – eine Herausforderung für das IT Management?Wir arbeiten in der Cloud – eine Herausforderung für das IT Management?
Wir arbeiten in der Cloud – eine Herausforderung für das IT Management?Aarno Aukia
 
Continuous security improvements in the DevOps process
Continuous security improvements in the DevOps processContinuous security improvements in the DevOps process
Continuous security improvements in the DevOps processAarno Aukia
 
Application Portability using Cloud Native Technology: Docker, Kubernetes
Application Portability using Cloud Native Technology: Docker, KubernetesApplication Portability using Cloud Native Technology: Docker, Kubernetes
Application Portability using Cloud Native Technology: Docker, KubernetesAarno Aukia
 
Moving Applications to the cloud
Moving Applications to the cloudMoving Applications to the cloud
Moving Applications to the cloudAarno Aukia
 
Migration von Applikationen in die Cloud
Migration von Applikationen in die CloudMigration von Applikationen in die Cloud
Migration von Applikationen in die CloudAarno Aukia
 
IPv6 on Container Plattforms
IPv6 on Container PlattformsIPv6 on Container Plattforms
IPv6 on Container PlattformsAarno Aukia
 

More from Aarno Aukia (20)

Wie macht man aus Software einen Online-Service in der Cloud
Wie macht man aus Software einen Online-Service in der CloudWie macht man aus Software einen Online-Service in der Cloud
Wie macht man aus Software einen Online-Service in der Cloud
 
DevOps & DevSecOps in Swiss Banking
DevOps & DevSecOps in Swiss BankingDevOps & DevSecOps in Swiss Banking
DevOps & DevSecOps in Swiss Banking
 
The printing press of 2021 - using GitLab to publish the VSHN Handbook
The printing press of 2021 - using GitLab to publish the VSHN HandbookThe printing press of 2021 - using GitLab to publish the VSHN Handbook
The printing press of 2021 - using GitLab to publish the VSHN Handbook
 
Applikationsmodernisierung: Der Weg von Legacy in die Cloud
Applikationsmodernisierung: Der Weg von Legacy in die CloudApplikationsmodernisierung: Der Weg von Legacy in die Cloud
Applikationsmodernisierung: Der Weg von Legacy in die Cloud
 
DevSecOps - Security in DevOps
DevSecOps - Security in DevOpsDevSecOps - Security in DevOps
DevSecOps - Security in DevOps
 
Security in the DevOps pipeline of containerized core application: Case Study...
Security in the DevOps pipeline of containerized core application: Case Study...Security in the DevOps pipeline of containerized core application: Case Study...
Security in the DevOps pipeline of containerized core application: Case Study...
 
Next gen software operations models in the cloud
Next gen software operations models in the cloudNext gen software operations models in the cloud
Next gen software operations models in the cloud
 
Von der Straße in die Cloud: Optimierung von Logistikprozessen mit Docker, Ku...
Von der Straße in die Cloud: Optimierung von Logistikprozessen mit Docker, Ku...Von der Straße in die Cloud: Optimierung von Logistikprozessen mit Docker, Ku...
Von der Straße in die Cloud: Optimierung von Logistikprozessen mit Docker, Ku...
 
Kubecon 2019 Recap
Kubecon 2019 RecapKubecon 2019 Recap
Kubecon 2019 Recap
 
DevSecOps: Bringing security to the DevOps pipeline
DevSecOps: Bringing security to the DevOps pipelineDevSecOps: Bringing security to the DevOps pipeline
DevSecOps: Bringing security to the DevOps pipeline
 
DevSecOps: Bringing security to the DevOps pipeline
DevSecOps: Bringing security to the DevOps pipelineDevSecOps: Bringing security to the DevOps pipeline
DevSecOps: Bringing security to the DevOps pipeline
 
DevSecOps: Bringing security to the DevOps pipeline
DevSecOps: Bringing security to the DevOps pipelineDevSecOps: Bringing security to the DevOps pipeline
DevSecOps: Bringing security to the DevOps pipeline
 
My broken container is gone - how to debug containers on container platforms
My broken container is gone - how to debug containers on container platformsMy broken container is gone - how to debug containers on container platforms
My broken container is gone - how to debug containers on container platforms
 
IT Governance and Security Architecture in Docker, Kubernetes, OpenShift
IT Governance and Security Architecture in Docker, Kubernetes, OpenShiftIT Governance and Security Architecture in Docker, Kubernetes, OpenShift
IT Governance and Security Architecture in Docker, Kubernetes, OpenShift
 
Wir arbeiten in der Cloud – eine Herausforderung für das IT Management?
Wir arbeiten in der Cloud – eine Herausforderung für das IT Management?Wir arbeiten in der Cloud – eine Herausforderung für das IT Management?
Wir arbeiten in der Cloud – eine Herausforderung für das IT Management?
 
Continuous security improvements in the DevOps process
Continuous security improvements in the DevOps processContinuous security improvements in the DevOps process
Continuous security improvements in the DevOps process
 
Application Portability using Cloud Native Technology: Docker, Kubernetes
Application Portability using Cloud Native Technology: Docker, KubernetesApplication Portability using Cloud Native Technology: Docker, Kubernetes
Application Portability using Cloud Native Technology: Docker, Kubernetes
 
Moving Applications to the cloud
Moving Applications to the cloudMoving Applications to the cloud
Moving Applications to the cloud
 
Migration von Applikationen in die Cloud
Migration von Applikationen in die CloudMigration von Applikationen in die Cloud
Migration von Applikationen in die Cloud
 
IPv6 on Container Plattforms
IPv6 on Container PlattformsIPv6 on Container Plattforms
IPv6 on Container Plattforms
 

Recently uploaded

The Evolution of Karaoke From Analog to App.pdf
The Evolution of Karaoke From Analog to App.pdfThe Evolution of Karaoke From Analog to App.pdf
The Evolution of Karaoke From Analog to App.pdfPower Karaoke
 
Call Us🔝>༒+91-9711147426⇛Call In girls karol bagh (Delhi)
Call Us🔝>༒+91-9711147426⇛Call In girls karol bagh (Delhi)Call Us🔝>༒+91-9711147426⇛Call In girls karol bagh (Delhi)
Call Us🔝>༒+91-9711147426⇛Call In girls karol bagh (Delhi)jennyeacort
 
Maximizing Efficiency and Profitability with OnePlan’s Professional Service A...
Maximizing Efficiency and Profitability with OnePlan’s Professional Service A...Maximizing Efficiency and Profitability with OnePlan’s Professional Service A...
Maximizing Efficiency and Profitability with OnePlan’s Professional Service A...OnePlan Solutions
 
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptx
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptxKnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptx
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptxTier1 app
 
Software Project Health Check: Best Practices and Techniques for Your Product...
Software Project Health Check: Best Practices and Techniques for Your Product...Software Project Health Check: Best Practices and Techniques for Your Product...
Software Project Health Check: Best Practices and Techniques for Your Product...Velvetech LLC
 
Intelligent Home Wi-Fi Solutions | ThinkPalm
Intelligent Home Wi-Fi Solutions | ThinkPalmIntelligent Home Wi-Fi Solutions | ThinkPalm
Intelligent Home Wi-Fi Solutions | ThinkPalmSujith Sukumaran
 
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...soniya singh
 
Asset Management Software - Infographic
Asset Management Software - InfographicAsset Management Software - Infographic
Asset Management Software - InfographicHr365.us smith
 
Cloud Management Software Platforms: OpenStack
Cloud Management Software Platforms: OpenStackCloud Management Software Platforms: OpenStack
Cloud Management Software Platforms: OpenStackVICTOR MAESTRE RAMIREZ
 
SuccessFactors 1H 2024 Release - Sneak-Peek by Deloitte Germany
SuccessFactors 1H 2024 Release - Sneak-Peek by Deloitte GermanySuccessFactors 1H 2024 Release - Sneak-Peek by Deloitte Germany
SuccessFactors 1H 2024 Release - Sneak-Peek by Deloitte GermanyChristoph Pohl
 
EY_Graph Database Powered Sustainability
EY_Graph Database Powered SustainabilityEY_Graph Database Powered Sustainability
EY_Graph Database Powered SustainabilityNeo4j
 
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASEBATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASEOrtus Solutions, Corp
 
Cloud Data Center Network Construction - IEEE
Cloud Data Center Network Construction - IEEECloud Data Center Network Construction - IEEE
Cloud Data Center Network Construction - IEEEVICTOR MAESTRE RAMIREZ
 
Der Spagat zwischen BIAS und FAIRNESS (2024)
Der Spagat zwischen BIAS und FAIRNESS (2024)Der Spagat zwischen BIAS und FAIRNESS (2024)
Der Spagat zwischen BIAS und FAIRNESS (2024)OPEN KNOWLEDGE GmbH
 
办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样
办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样
办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样umasea
 
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...Christina Lin
 
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...gurkirankumar98700
 
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdf
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdfGOING AOT WITH GRAALVM – DEVOXX GREECE.pdf
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdfAlina Yurenko
 
Automate your Kamailio Test Calls - Kamailio World 2024
Automate your Kamailio Test Calls - Kamailio World 2024Automate your Kamailio Test Calls - Kamailio World 2024
Automate your Kamailio Test Calls - Kamailio World 2024Andreas Granig
 
Salesforce Certified Field Service Consultant
Salesforce Certified Field Service ConsultantSalesforce Certified Field Service Consultant
Salesforce Certified Field Service ConsultantAxelRicardoTrocheRiq
 

Recently uploaded (20)

The Evolution of Karaoke From Analog to App.pdf
The Evolution of Karaoke From Analog to App.pdfThe Evolution of Karaoke From Analog to App.pdf
The Evolution of Karaoke From Analog to App.pdf
 
Call Us🔝>༒+91-9711147426⇛Call In girls karol bagh (Delhi)
Call Us🔝>༒+91-9711147426⇛Call In girls karol bagh (Delhi)Call Us🔝>༒+91-9711147426⇛Call In girls karol bagh (Delhi)
Call Us🔝>༒+91-9711147426⇛Call In girls karol bagh (Delhi)
 
Maximizing Efficiency and Profitability with OnePlan’s Professional Service A...
Maximizing Efficiency and Profitability with OnePlan’s Professional Service A...Maximizing Efficiency and Profitability with OnePlan’s Professional Service A...
Maximizing Efficiency and Profitability with OnePlan’s Professional Service A...
 
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptx
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptxKnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptx
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptx
 
Software Project Health Check: Best Practices and Techniques for Your Product...
Software Project Health Check: Best Practices and Techniques for Your Product...Software Project Health Check: Best Practices and Techniques for Your Product...
Software Project Health Check: Best Practices and Techniques for Your Product...
 
Intelligent Home Wi-Fi Solutions | ThinkPalm
Intelligent Home Wi-Fi Solutions | ThinkPalmIntelligent Home Wi-Fi Solutions | ThinkPalm
Intelligent Home Wi-Fi Solutions | ThinkPalm
 
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...
 
Asset Management Software - Infographic
Asset Management Software - InfographicAsset Management Software - Infographic
Asset Management Software - Infographic
 
Cloud Management Software Platforms: OpenStack
Cloud Management Software Platforms: OpenStackCloud Management Software Platforms: OpenStack
Cloud Management Software Platforms: OpenStack
 
SuccessFactors 1H 2024 Release - Sneak-Peek by Deloitte Germany
SuccessFactors 1H 2024 Release - Sneak-Peek by Deloitte GermanySuccessFactors 1H 2024 Release - Sneak-Peek by Deloitte Germany
SuccessFactors 1H 2024 Release - Sneak-Peek by Deloitte Germany
 
EY_Graph Database Powered Sustainability
EY_Graph Database Powered SustainabilityEY_Graph Database Powered Sustainability
EY_Graph Database Powered Sustainability
 
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASEBATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
 
Cloud Data Center Network Construction - IEEE
Cloud Data Center Network Construction - IEEECloud Data Center Network Construction - IEEE
Cloud Data Center Network Construction - IEEE
 
Der Spagat zwischen BIAS und FAIRNESS (2024)
Der Spagat zwischen BIAS und FAIRNESS (2024)Der Spagat zwischen BIAS und FAIRNESS (2024)
Der Spagat zwischen BIAS und FAIRNESS (2024)
 
办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样
办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样
办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样
 
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...
 
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
 
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdf
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdfGOING AOT WITH GRAALVM – DEVOXX GREECE.pdf
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdf
 
Automate your Kamailio Test Calls - Kamailio World 2024
Automate your Kamailio Test Calls - Kamailio World 2024Automate your Kamailio Test Calls - Kamailio World 2024
Automate your Kamailio Test Calls - Kamailio World 2024
 
Salesforce Certified Field Service Consultant
Salesforce Certified Field Service ConsultantSalesforce Certified Field Service Consultant
Salesforce Certified Field Service Consultant
 

Automated Server Administration for DevSecOps

  • 1. VSHN - The DevOps Company Automated Server Administration for DevSecOps Aarno Aukia, CTO @ VSHN - The DevOps Company DevSecOps Forum 12.3.2019
  • 2. VSHN - The DevOps Company ● Who is Aarno and VSHN - The DevOps Company ? ● Managing 1200 servers ○ Challenges ○ Our implementation & user interface ○ Demo ○ Lessons learned 22 Agenda
  • 3. VSHN - The DevOps Company @aarnoaukia http://about.me/aarno aarno.aukia@vshn.ch ETH → Google → Atrila → VSHN VSHN - The DevOps Company Since 2014, currently 35 VSHNeers in Zürich, Switzerland Helping Developers run applications on any infrastructure making both visitors happy with stability and developers happy with agility 33 About Aarno & VSHN.ch
  • 4. VSHN - The DevOps Company 5 Operations = Firefighting-as-a-Service ? 5
  • 5. VSHN - The DevOps Company Capability Maturity Model Integration (CMMI) 66 Operations 2014 How to get to this level?
  • 6. VSHN - The DevOps Company DevOps: CMMI Level 5: People, Processes & Tools 77
  • 7. VSHN - The DevOps Company ● Interface Dev <-> Ops ○ DevOps, CI/CD, Containers, etc ● Interface Ops <-> Infra ○ Hypervisors, APIs, Metrics, etc ● Manage VMs on any infrastructure ● Service Monitoring, Alerting, Metrics, Logs ● Updates, Backups, Configuration Management 88 VSHN Managed Service
  • 8. VSHN - The DevOps Company ● you don’t like proper (software) release management ○ or else you’ll be in dependency hell with 200 modules in 200 environments ● you practice “don’t touch a running system” ○ you’ll be updating all servers all the time - both good and bad ● standardizing/optimizing ○ no more handcrafted snowflake pets, lots and lots of cattle ● you don’t actively develop monitoring/checks ○ or else you’ll get alert fatigue from noisy checks 99 Don’t do automatic server management if...
  • 9. VSHN - The DevOps Company ● Web-based self-service for customers ● CRUD server definitions -> CMDB 1010 VSHN Control Panel
  • 10. VSHN - The DevOps Company 11 Demo 11
  • 11. VSHN - The DevOps Company 1212 Infrastructure as Code Single source of truth: Configuration YAML in GIT --- classes: - profile_certificates - profile_webhosting packages: - nagios-plugins-wordpress - nagios-plugins-wordpress-config profile_php::php_settings: date.timezone: 'Europe/Zurich' acmetool::use_production_endpoint: true profile_php::php_version: '7.0' profile_php::extensions: - mysql - gd - mbstring - curl profile_icinga2::hiera_services: check_wordpress_dev: check_command: 'wordpress_updates' display_name: 'Wordpress Updates test.vshn.net' vars: wordpress_instance: 'vshn_dev' wordpress_db_name: 'vshn_dev' wordpress_db_user: 'vshn_dev' wordpress_db_pass: 'replaced' check_wordpress_prod: check_command: 'wordpress_updates' display_name: 'Wordpress Updates vshn.net' vars: wordpress_instance: 'vshn_prod' wordpress_db_name: 'vshn_prod' wordpress_db_user: 'vshn_prod' wordpress_db_pass: 'replaced' profile_mariadb::db_root_pw: 'replaced' profile_webhosting::sites: vshn_dev: stack_type: 'php' db_type: 'mariadb' db_password: 'replaced' php_admin_values: memory_limit: '300M' post_max_size: '20M' upload_max_filesize: '20M' manage_tls: letsencrypt
  • 12. VSHN - The DevOps Company ● who ● when ● what ● tests successful? ● why 1313 GIT: changelog
  • 13. VSHN - The DevOps Company 1414 Logic # https check if $manage_tls and $manage_tls != 'false' { ::profile_icinga2::resources::check { "${name}_nginx-${main_domain}-https": check_command => 'http', display_name => "nginx https ${name}", check_zone => $monitoring_check_zone, notes => 'https check on port 443, supports authentication and URI', notes_url => 'http', production_level => $monitoring_production_level, vars => merge({ 'http_address' => $::fqdn, 'http_vhost' => $main_domain, 'http_ssl' => true, 'http_uri' => $monitor_path, 'http_sni' => true, }, $_auth_var, $monitor_extra_check_vars), } } # https certificate check if ($manage_tls and $manage_tls != 'false' and $manage_tls != 'snakeoil') { if $manage_tls == 'trusted' { $_days = 30 } else { $_days = 20 } ::profile_icinga2::resources::check { "${name}_nginx-${main_domain}-certificate": check_command => 'http', display_name => "nginx certificate ${main_domain}", notes => "https certificate check, checks days (${_days}) left until expire", notes_url => 'https_certificate', production_level => $monitoring_production_level, check_interval => '2h', vars => { 'http_address' => $::fqdn, 'http_vhost' => $main_domain, 'http_tls' => true, 'http_certificate' => $_days, 'http_sni' => true, }, } } } e.g. automatically monitor all HTTPS sites & certificates
  • 14. VSHN - The DevOps Company ● Trade-off between multi-tenancy (separation of customers/environments) and common code base development -> Tools & Software-Release-Processes (e.g. https://github.com/vshn/crmngr) ● Monitoring & Backup by default: value > cost ● Hierarchical CMDB: configuration for policy groups ● Staged/canary rollouts (e.g. for intrusive things like firewall changes) ● Local tests (pacco: puppet-in-docker-in-vagrant: https://github.com/vshn/puppet-in-docker) ● Good and robust process for regular & frequent updates 1515 Lessons learned
  • 15. Come visit us for a coffee! VSHN AG - Neugasse 10 - CH-8005 Zürich - +41 44 545 53 00 - https://vshn.ch/ - info@vshn.ch https://vshn.ch/kontakt/ Follow us on Twitter! @vshn_ch 16