I gave a presentation yesterday at Puppet Bootcamp Boston today. The title of the presentation was "Puppet, Security and PCI." I went into the history of Internet credit card theft and the emergence of the PCI standard to combat the threat. The conference was at the Revere Hotel which has a fabulous auditorium. The seats closest to the stage were actually couches and had little swivel tables. And every seat had its own power! Also, free drinks at the end of the day on the rooftop bar--not bad :)
Thank you Puppet for the opportunity!
A PDF of my slides is here.
Friday, May 20, 2016
Monday, April 11, 2016
DevOps dead? Not so fast.
Andrey Akselrod over at TechCrunch wrote "Managed services killed DevOps." He may think he's covering new ground proclaiming the death of DevOps in his article, but he's not. This story has been around for quite a while; tt's almost as old as the word DevOps itself. Which altogether is a pretty short amount of time. Here's Mike Gualtieri from five years ago with his take on the death of DevOps: "I don't Want DevOps. I want NoOps.
The panacea of "Full Stack Developers" will not meet the needs. There are many large and complicated systems, that need a lot of attention to keep them running. And these systems are growing (think Internet of Things). While the bar has been raised for when dedicated Ops is required, it has not gone away, and won't be going away anytime soon
Thursday, April 7, 2016
TOP 8 || BEST Linux Command Line Tools
Here they are... my eight favorite linux command line tools.
#8) systat
All systems should have systat installed. Systat is the easiest way to get basic server performance logging running on a system. Systat includes the utility sar. Sar tracks system utilization over time. There are few things more frustrating then trying to determine what happened over night on your server, and you don’t have any data on the performance of the box because sar is not installed.#7) rsync
Moving large groups of files around is made a lot easier with rsync. Rsync computes a unique hash of each file you would like to copy and compares it to your target. If rsync finds a matched hash, the source and destination files are the same, and file copying is skipped. Skipping files that have already been copied can really cut down the work effort! Running an rsync in cron is an easy way to keep a backup or replica of data files up to date.#6) telnet
Telnet is a granddaddy of network tools. Telnet and its server side daemon, telnetd, for many years provided remote console connectivity to servers and network gear. As it passes traffic in plain text including login information, it has rightly been relegated to the landfill for antiquated technologies. I haven’t connected to a telnet server in at least a decade. However, the client program is still useful. Telnet to a well know port enables an interactive session over TCP to many common network programs that pass data in plain text, like HTTP, dns, smtp and even SSH. SSH doesn’t pass interactive data, but most SSHd servers will tell you the version of SSHd you have connected to. It’s good for simple tests of network connectivity or for passing protocol commands over the command line.#5) emacs
I am a vi user myself, but I admire the heck out of emacs. I recall vividly, back in my WebLogic days in the late 90s, setting up a new developer, Anno Langen. Bob Pasker was walking Anno through the environment. What has stuck in my mind was there 30-minute conversation filled with backslapping and high fives as they compared their emacs macros. For all you emcas people out there, I salute you.
#4) lynx
It may come as a surprise that I have included a text base web browser in a list of must have network tools. But having an actual browser in your console is handy. There are times when it is easier to fire up lynx to smoke test the content of a web page without having to exit the console. Command line tools like wget or curl, don’t always do the job. Sometimes you want an interactive session, not just a single get or post.
#3) mtr
Back in the day, traceroute was a common tool for tracing the path of packets from a source to a destination. It relied on ICMP responses to generate its maps. Because these same useful ICMP responses have been exploited to generate denial of service attacks they have been largely turned off on the Internet. Instead of getting a nice list of hosts between you and your target with useful timing data indicating where in the network there are bottlenecks, you get back a lot of no-replies. MTR to the rescue! Somewhat similar in look and feel to traceroute, MTR relies on UDP responses to generate its network maps. Once again, we can see where the network bottlenecks are.#2) nmap
NMAP is a very useful tool for scanning networks and ports. It’s a useful way to uncover information about what system is on the other end. If an nmap reveals port 3369 is open, chances are pretty good you are looking at a windows server. Nmap is also a quick and easy way to scan a range of IP addresses to see what’s on your network and how many IP addresses are in use.#1) nc
nc may be my favorite of any network tool. What makes nc particularly awesome is its ability to open an ad hoc TCP or UDP port on any available port. This is a great way to test network connectivity between systems and networks during the network build phase, before applications are installed.
So what do you think? Is there a favorite of yours that is not on the list? Please let me know in the comments.
Saturday, February 27, 2016
The DevOps Phenomenon -- Abstract
The DevOps Phenomenon
Continuous Integration and Security
in the Internet Age
by Kevin Eberman
AbstractThis book is about DevOps. DevOps integrates previously misaligned concerns: Development and Operations. Development teams are driven to continually add new features and functionality to the application. These changes cause instability, which imperils the prime directive of Operations teams—keeping the applications running. DevOps is the convergence between Development and Operations, making the Internet, how it is developed, and how it operates, more efficient, effective, and secure. Amazing convergences are emerging between science, business, culture, and politics; DevOps is one of them. “Talking about music is like dancing about architecture” will no longer be a hallmark of inane comparisons, but a harbinger of new ways of seeing and doing.
The Internet has been the engine of my professional career. I have 20 years of experience in San Francisco and Cambridge at software companies that have helped make the Internet what it is. This book, my story, my DevOps trip, is a microcosm of the Internet during this epoch of the Information Revolution.
“When you come to a fork in the road, take it!”
Audience
Readers of Wired, Quartz and InfoWorld.
Ops people, full-stack developers,
software executives, and product managers.
Me.
Comparisons
DevOps for Developers Michael Hitermann. Apress, 2012
The Phoenix Project Gene Kim, George Spafford, Kevin Behr. IT Revolution Press, 2013
Continuous Delivery: Reliable Software Releases through Build, Test, and Deployment Automation Jez Humble. Addison-Wesley Signature Series, 2010
The Painted Word Thomas Wolfe. Picador, 1975
Readers of Wired, Quartz and InfoWorld.
Ops people, full-stack developers,
software executives, and product managers.
Me.
Comparisons
DevOps for Developers Michael Hitermann. Apress, 2012
The Phoenix Project Gene Kim, George Spafford, Kevin Behr. IT Revolution Press, 2013
Continuous Delivery: Reliable Software Releases through Build, Test, and Deployment Automation Jez Humble. Addison-Wesley Signature Series, 2010
The Painted Word Thomas Wolfe. Picador, 1975
Kevin Eberman
twitter: @Manager_of_it
http://manager-of-it.blogspot.com
Subscribe to:
Posts (Atom)