When going to a new environment, it would be nice if someone had already thought out the networking and authentication needs. It would be nice if we had a sane DNS solution and a good LDAP server. Regrettably, Life in operations is not always that nice. We are frequently asked to quickly set up a […]
Last month I talked about the need for Docker-aware configuration management (CM) tools to effectively build and test containers in a CI/CD pipeline. The goal is to not install any extra tooling inside of the docker container that gets published for production use; not sshd, nor any CM tooling. This technical post documents the major […]
Last month, I discussed using Docker containers because they increase confidence in our deployed infrastructure. Now that we’ve decided to use this new tool, we need to learn how to use it well. After spending some more time with containers, I’d like to dive deeper into their benefits and the process of building (and rebuilding […]
Hey DevOps Engineers, Docker is ready! I started getting into Docker just under a year ago. It obviously had promise, but I couldn’t find many people using it successfully. Since then Docker has matured, and I’ve been recommending it to everyone doing CI/CD web-services. When the IT services industry first went to the dynamic virtual […]
Inevitably on any agile project with a good degree of DevOps maturity, engineers start looking less at the application efficiencies and begin to look at addressing issues with their pipelines and frameworks to deliver faster or more effectively. At Coveros, we call this “DevOps’ing your DevOps.” It is a silly sentence but it speaks to the challenge […]
Why would I want to make a Jinja2 filter? While Ansible Modules are the main way you accomplish something in Ansible, Jinja2 Filters are the main way you manipulate data. The first python code you’ll need to write in ansible is probably because you want to transform some data to send to a module or […]
Ansible’s immaturity compared to chef/puppet really shows when talking about the prioritized variable loading (facts). In the chef world we had about 4 different places to store attributes with 3 different priorities. This ordering is so important for organization and design that this page was one of two pages I had new people read and bookmark […]
For automation, we want to store as much text as possible in our git repositories, and any binary artifacts in an artifact repository (like Sonatype’s nexus). However, Git can be a dangerous place to ever store passwords. If a bad guy ever acquired access, he could roll back in time and find every password you’ve ever stored […]
Dear Loyal Readers, If you ever wish you could bootstrap a machine with chef-zero, but remotely, then knife-zero plugin is for you (aka: “do you ever wish Chef were more like Ansible?”). Last week, I was trying to combine multiple knife commands: “-z” for using chef zero, and “bootstrap” for making a remote computer install chef-client first. But, […]
Dear Loyal Readers, I’ve been using bind in AWS for a while now. Initially route53 created publicly available DNS entries, but recently, AWS added the private/vpc-aware Route 53. This makes our security team happy! Sadly, the record propagation delay was causing us problems (long delays) in our ability to quickly spin up new instances. We might have been able to live […]
