Integrating Slack, Service Now, Jenkins and Github
Historically development team, QA team and IT team will work together to build code, test it and deploy to non-prod environments. Before deploying code to Production, the team would have to represent their change to a Change Advisory Board (CAB). The CAB would meet at regular intervals and may consist of senior management executives, compliance and governance department officials. The team requesting the change would present the change and the CAB approvers would ask typical questions like is the change tested?, is there a down time?, has the relevant parties approved the change for the deployment window?, what is your rollback mechanisms? etc.… Sounds pretty grueling and feel like one more redundant paper work.. …
Extending the Practitioner’s guide to Cloud Resources
With the myriad of breaches , the biggest question CISOs, VPs, Managers, Infosec professionals, IT, DevOps are asking, have we done enough to secure our cloud resources ? Security is very subjective and whatever you do is never enough. Additionally, implementing security tools and controls are very expensive its a multi-million dollar initiative, so what is enough security ?
Different organizations have different definitions of security, for eg a Bank’s security definition may be very different from a Healthcare provider and the security definition for a food delivery service will be different from an automaker or a retailer. …
Security is it only infosec’s job ?
Security was lot more simpler in traditional IT days as everything was locked down and you had to go through numerous requests, and review processes before anything could be implemented. This process was too rigorous and time consuming and was doing businesses more harm than good due to the lost opportunity.
With the advent of cloud, things have changed and with a swipe of a credit card you can open a new cloud account. It has become very easy for enterprises, medium sized companies as well as startups to quickly create infrastructure and bring their offerings to the market in few days. …
In the previous blog we setup a simple K8 cluster using KOPS in AWS, this is the next part to extend the setup to a Highly Available and scalable K8 cluster for production workloads.
For a production grade K8 cluster we will create the cluster in private subnet. We will create 3 Masters one in each AZ. We will create 3 instance groups one per AZ and configure autoscaling groups so the underlying K8 nodes can scale up or down in each AZ depending on the workload. The architecture of the K8 cluster looks as follows.
This blog is a deep dive into building CI systems for containers
Setting up MAC to build container and deploy to local K8 cluster.
1. Download the binary to install docker for MAC
2. Doubleclick the docker.dmg to open the installer
3. Drag the Moby Whale to the Applications folder
4. In applications folder double click the docker.app, docker will launch and a docker icon will be visible on the status bar
5. Click on the docker icon and create a new account (cloud.docker.com) or login to dockerhub.
2. Install kubernetes using docker desktop
1. Click on docker icon, select preferences and go to kubernetes tab
2. Under the kubernetes tab select all the checkboxes. Enabke Kubernetes, Deploy Docker to Kubernetes by default and Show system containers
3. Under the preferences go to Advanced tab and increase CPU to 6 and Memory to 8 GiB…
This blog is going to visit how to build highly scalable Jenkins with multiple master and dynamic nodes on kubernetes.
Pre-requisite for Jenkins to be installed, you need a working kubernetes cluster, you can visit my previous blogs on how to build kubernetes with KOPS in AWS , if you plan to run this workload in production follow the blog Production grade K8 setup with KOPS.
Jenkins is a popular CI tool for building and packaging code, and sometimes its even used for deploying code to various environments. Jenkins architecture is based on classic Master, agent/node configuration. The Jenkins Master receives all build requests, and delegates the workload to execute on the agent/nodes, but it keeps the metadata like job no, logs, history, and configurations on the master. Jenkins master writes all the metadata and the configuration to a filesystem. …
There are multiple ways to install kubernetes some of the ways are:
We are going to explore how to create K8 cluster using KOPS way in AWS for this blog. Please note this configuration is not for Production, and should only be used for dev K8 clusters. In future blog we will look at Production grade K8 setup with KOPS with 3 Masters in 3 AZ and minimum of 3 nodes.
This blog discusses the pros and cons of various Filesystem storages for K8.Persistent volume’s can be broadly categorized into three major types:
The table below lists all the persistent storages supported by K8 and a quick summary of pros and cons for possible choices that we were able to identify for a Production grade K8 persistent storage implementation.