Sign in

In modern software development, specifically when releasing new versions, we often need to deploy the same application with different configurations. Depending on where we are deploying the software and other related factors or requirements, these configurations can change your application’s behavior. Examples of the aforementioned variables — multiple geolocations, new locales, differing use cases, etc.

Developer’s Choice

Software Configurations: Explained

When I write different configurations, it is essential to understand that most of the software is the same. Just some relatively small parts differ. For example, let’s assume you have a retail chain and need to deploy software for the checkout stations. Most of the…


Santa Clara, Calif., February 16, 2021 — In the most recent acquisition for the company, DoiT International (DoiT), a global multi-cloud software and managed service provider with deep expertise in Kubernetes, Machine Learning, and Big Data, today announced that it has acquired ProdOps, a top provider of scalable software operations and infrastructure automation services. The acquisition combines two engineering-focused companies to meet growing demand for operational agility and enhances DoiT’s already robust cloud managed services, proprietary cloud management platform, consulting, training, and support capabilities.

Leaders seeking innovation through technology solutions are jumping to the public cloud. And with this trend…


Not surprising that even in 2019, there are still people in IT who think that a single server’s utilization should be a significant measurement, completely forgetting the importance of holistically looking at the system as a whole. This post explains the Systems Thinking way to think about IT, with a pinch of Theory of Constraints understanding of “buffers” added in.

The story begins with a recent question in our Operation Israel community:

Policy makers in government want to see proven benchmarks comparing open-source (LAMP, Kubernetes) server utilization vs. classic Microsoft Windows based servers (IIS, SQLServer).

Are there any documents, posts…


The “Goal Tree” for DevOps

In an earlier post on DevOps Transformation using Theory of Constraints, I explained how adopting “DevOps” as a buzzword is likely to improve very little in an organization. What is crucial for great results is adopting and understanding the required new policies while forcibly moving away from previous ways of doing things.

What exactly are the new policies and practices that need to be adopted? This post attempts to cover some of the more essential items.

The graphical representation above shows the Critical Success Factors and their Necessary conditions to make Excellent IT happen — which we assume leads to…


A short presentation that I made during the DevOps in Israel meetup event about healing organizations with DevOps culture.

Link to the event —
http://www.meetup.com/devops-in-israel/events/157983792/

This blog post includes slides and a bit of narrative for each of the slides. It is quite long, but the subject seemed important enough to use all these extra words.

The presentation talks about our experience of taking some organizations that start to feel not too well at one point. And using our experience from other organizations that seem to be feeling better, and applying these techniques, methodologies, and tools to heal. …


A couple of days ago one of our client websites was DDoS attacked by BitTorrent clients from China. This short article explains the attack and suggests a way to better protect from this particular type of attack.

Denial of Service attacks can disrupt a service on the internet and deny users from using that service. A website has its fixed amount of valid URLs that real people with real browsers send requests to use the service. A Denial of Service attack would send a high amount of traffic to the service/website either to real valid URLs, but more commonly to…


One of the most popular tools to improve security is the CIS (Center for Internet Security) Benchmarks, particularly the CIS Distribution Independent Linux Benchmark. The CIS Linux Benchmark details important security measures that should be applied to a Linux server to make it more secure.

Section 4 of the CIS Linux benchmark talks about logging and auditing Linux systems and mentions the do’s and don’ts with regards to logging data. For example, section 4.1.1.3 specifies “Ensure audit logs are not automatically deleted” and provides sample configuration for auditd.conf.

Actually,auditd is super useful, it is a Linux daemon that logs events…


Security often requires closing down pathways using Vault

HashiCorp Vault which we use quite often (and we mentioned HashiCorp Vault before) for managing secrets by microservices, is a great tool to manage and audit sensitive information and access credentials.

One of our clients asked us to investigate how HashiCorp Vault can be used to audit the access of admins to servers. They currently have a mixed bag, some admins use a password that was shared with them while others often manually deploy their ssh public keys onto servers. Neither is a great security practice, especially for a very large organization that needs tighter control and visibility on who…


One of the security concerns for servers is intrusion detection, or as it is often called Hostbased Intrusion Detection System (HIDS). A popular open-source tool for HIDS is OSSEC which includes all the possible rules and analysis you might need to detect anomalous or unauthorized access to your hosts, or strange activity such as changes in the system’s files under /bin for example.

While it is possible to install these rules directly on the hosts using configuration management systems like Ansible. It does not have to end there, detecting intrusions is just half of the work — having the data…


For several years IT companies have been exposed to more and more blogs and conferences talking about DevOps, arguably the hottest topic since Agile. Those who follow the DevOps movement for some time might have also noticed that many presentations and blog posts repeatedly mention the Theory of Constraints by Dr. Eliyahu M. Goldratt. In fact “The Phoenix Project,” a book which many consider a must-read for any DevOps manager, was declared by its author Gene Kim that it was written using the exact same structure as Dr. Goldratt’s best seller novel “The Goal.”

The DevOps movement is full of…

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store