DevOps will make systems more secure. In opposite to what many think, adopting DevOps, with its fast release cadence, will result in hardened systems which are fully compliant with security guidelines and which can stand the modern hackers. Summary.Teams must follow, must inject, secure guidelines and practices in their way of working. This way of working needs to be highly automated, supported by machine learning and role playing. Fast, flexible, innovative, cheap, compliant and secure are the common requirements the business has on systems. In the past these requirements where a tradeoff from each other. Fast, flexible and innovative never went hand in hand with compliant and secure. With ...
[More]
15. December 2017
Clemens Reijnen
Sven wrote a detailed How To covering the creating of a release pipelines for a secure Azure Service Fabric cluster and the containing services, based on a project we did together. These posts with the sources on GitHub provides some great information.The posts:
Create
and import the certificates
Register
SF Application in AAD and create AppKey
Generate
encrypted AppKey
Lookup
the service principles
Create
the Key Vaults with ARM
Adjust
the SF Application settings
Upload
certificates to Key Vault
Register
the Service Fabric System Applications
Install
SF Cluster with ARM
Install
the SF Application(s) with ARMThe sources: https://github.com/sven73a/blog.asf.arm.s...
[More]
27. October 2017
Clemens Reijnen
A sample implementation is available on GitHub.Appium is an opensource test framework for validating
[More]
Azure load testing can set load on your system from any location around the world. Azure availability tests can monitor and analyze the responsiveness of your system anywhere in the world.Interesting capabilities even more interesting when you combine them in an investigation of your system. When you put some load on one part of your system and monitor the availability of another part you can analyze if that load impacts the availability of the other part. When the analytics are positive, there is an impact, it is a candidate for decoupling so the parts can scale independent. PaaS services, Containers or a CDN to the rescue.The scenarioThe sales of PartsUnlimited is expanded to Asia. Due to ...
[More]
25. August 2017
Clemens Reijnen
Handling configuration settings for environments/ development stages is not always easy and straight forward. Application characteristics, platform capabilities, business and security requirements are different per system you build and release. Although all application differ it is always good to have guidance. Guidance in the form of guidelines, practices and opinions that worked and are adopted in projects will provide a consistent, flexible and secure way of working. On GitHub an example implementation with Net Core can be found at:https://github.com/sogeti/EasyAADManager (Level 2, look at the ARM templates)Levels.Following general guidelines and common practices will help to keep systems...
[More]
15. August 2017
Clemens Reijnen
Just put our AAD User and Groups Manager Application on GitHub. A WebApp for end users to control AAD entries in an easy, comfortable and still controlled way. The WebApp is built with ASP Net Core 1.0, Google Material Design Lite, Azure Automation Runbooks and the AAD Graph API. The App separates responsibilities during the creation of AAD Users and Groups in two areas. The front office triggers the creation or editing of a user and assigns groups via the App. the Backoffice, AAD administrators, controls the steps and details needed for the creation of the user or group. Cloud ResourcesThe Web App uses several Cloud resources.Azure Web App, for the end user.Create, edit, delete users and gr...
[More]
Installing Ubuntu on Windows 10 is pretty easy now it is available as an app in the Store. Too bad for all non insiders, the App store version is only available for insiders Win10 environments. Still no problem ,you only have to install it the old way. Something that recently has changed on the installation is that the Linux file is hidden in your AppData folder. And it is highly recommended not to though it. When you want to control your GIT repo from this Ubuntu installation you have to do some extra steps if you want to work from Visual Studio Code or any other development environment. By default when you simply do a GIT Clone or GIT Init, the GIT repo is created in the Linux file system…...
[More]
10. March 2017
Clemens Reijnen
Everybody all companies from big to small, from consultancy firm to product and tool vendor is pushing the word 'Digital' for everything they sell to their customers. It really reaches the level of ‘overkill’. There are enormous amount of ad campaigns, reports, whitepapers, workshops and quick starts for digital transformation, digital collaboration, digital disruption, digital enterprise, digital done different, digital innovation, chief digital officer (pdf), and more. Digital, in its basic meaning usually refers to something using digits, particularly binary digits (wiki). Duh Do you remember your first digital watch? All those reports and tools basically trying to tell us that we need to...
[More]
Infrastructure as Code is one of the many practices teams have to fulfill the needs of modern systems. The provisioning of resources for systems in an automated versioned way supports also the need of consistent environments across different stages of system development, making it much more comfortable to develop, validate and test systems. Keep development, staging, and production as similar as possible.See also the Dev/prod parity practice of the 12 factor methodology. The principles of a pipeline also fit on pipelines which provision infrastructures. The artifacts should be versioned, validated, automated and more, see pipelines principles. Visual Studio Team Services and Amazon AWS VS...
[More]
A flexible, cheap and innovative business are goals companies have. Moving to the cloud, change the way of working and make the systems more flexible are 3 drivers to reach this goal. Three forces are pushing the continues DevOps evolution: The Cloud Platform force, The System Architecture force and the Collaboration Force. 3 forces and 5 tips to stay relevant on changing DevOps. The 12-factor methodology describes practices for realizing and running cloud native systems. Practices described are supporting these business goals. … a triangulation on ideal practices for app development, paying particular attention to the dynamics of the organic growth of an app over time, the dynamics of...
[More]