Tag Archives: sysadmin

The Role of Automation in Modern Software Development

Tech, , , , , , , , , ,

Automation in the software development industry refers to the use of tools, scripts, and processes to perform repetitive tasks with minimal human intervention. It streamlines the software development lifecycle, including activities like code integration, testing, deployment, and monitoring. Automation helps to increase efficiency, reduce errors, and ensure consistency across all stages of development, ultimately leading to faster delivery of high-quality software. In this context, it becomes an integral part of modern development methodologies like DevOps and Continuous Integration/Continuous Deployment (CI/CD).

Continue reading The Role of Automation in Modern Software Development

IaC – What it is, and Why it Matters

Tech, , , , , ,

Infrastructure as Code (IaC) refers to the practice of managing and provisioning IT infrastructure through code rather than through manual processes. With IaC, infrastructure configurations—such as servers, networks, databases, and security settings—are written in machine-readable code and stored in version-controlled repositories. This approach enables the automation of infrastructure management, which is both repeatable and consistent, eliminating human errors and ensuring that the infrastructure is always in a known, desired state.

Continue reading IaC – What it is, and Why it Matters

Containers & Orchestration

Tech, , , , , , , , , ,

Container orchestration refers to the automated management of containerized applications across clusters of machines. It involves processes like deployment, scaling, load balancing, and networking, ensuring that containers run efficiently in distributed environments. The goal is to abstract away the complexities of handling multiple containers and their interdependencies, enabling seamless deployment and operation at scale.

Continue reading Containers & Orchestration

DevOps and SDLC; an Ecosystem of Quality & Delivery Excellence

Tech, , , , , , , , , ,

DevOps has become a critical component in the software development lifecycle (SDLC) by bridging the gap between development and operations teams. Traditionally, these two groups operated in silos, which led to inefficiencies, delayed releases, and increased risk of failure. DevOps fosters collaboration and integration, enabling both teams to work together throughout the lifecycle. By automating manual processes, continuous integration (CI) and continuous delivery (CD) pipelines allow for faster and more frequent updates, which is essential for maintaining competitive advantage in today’s fast-paced software development landscape. This shift not only accelerates product development but also helps to ensure higher quality, as bugs are identified and addressed earlier in the process.

Continue reading DevOps and SDLC; an Ecosystem of Quality & Delivery Excellence

Back Up and Running in Cloud Native

Tech, , , , , , , , , , , , , ,

Finally had the time to rebuild and refresh the blog site. gotsudo.com in now full Cloud Native running in AWS (has always been, however in a more traditional server-based installation).

The recent migration included an AWS Lightsail service that provides various bundles of OS/applications, which in my case is WordPress running on Linux. Various tiers are also available to fit every budget out there.

I decided to take things a step further, and serve the public facing version of the website in a static configuration, leveraging AWS S3 to host the site files, with AWS CloudFront caching layer sitting upfront for the parent gotsudo.com address.

This allows me to limit access to the actual WordPress site running in Lightsail, transforming it to a true authoring and publishing site, rather than a public front-facing one.

Various WordPress plugins are available that can easily produce a static version of the website, and can also integrate with AWS services (or any other CSP) to auto publish files into S3 or any other repository of choice. While these make things much easier and more integrated, I decided to air-gap the systems, allowing me to selectively produce the published files and upload them to S3 using other means of tailored automation.

Later on, I may add some more integrations to the site, however at this point I’m quite happy with how far it came over a busy weekend’s time.

Tech Audits

Tech, , , , , , , , , , , ,

What systems do security and availability audits cover? A fair question!

Well, the hard truth is that it is your responsibility to identify this as a system owner; and not the duty of an auditor. Don’t sit around waiting for auditors to show up and expect them to answer this question.

Simply put, everything and anything within your ecosystem that may interrupt business continuity should be part of the audit. This can easily include systems that do not even reside in your ‘PROD VPC’, or even be tagged as ‘Production’.

You’ll be surprised how many times it comes down to a small neglected server that sits in the corner and very few folk know about, yet holds a critical role in your supply chain processing, or mailing important notifications and updates to clients.

Do a true/practical risk assessment, identify your systems, minimize your exceptions, properly document your findings, and present them as the lay of the land; your auditors will be very thankful.

Uptime…

Tech, , , , , , , , , , , , ,

Remember the days when server up-time was how we measured service availability and bragged about it? This Pi-hole DNS server running on a Debian-loaded mini PC at my home office, is now at 177 days since last reboot, yet is fully patched and running latest version of Pi-hole DNS. Maybe it’s because there are no windows near this mini PC 😏