Enforce Pre-check Before Deployment

Before deployment, people might need to provide multiple information. For example, which nodes to deploy what services, use which tcp ports to listen on application endpoints, etc.

Even very careful person would make stupid mistakes! e.g, wrong ip format, invalid port, unsupported OS version, machine doesn’t have RAM, etc.

These human errors may not only fail your deployments, but also cause unexpected damages to your existing envs. Even mess up critical envs sometimes. So it’s better we enforce pre-check before update.

Enforce Pre-check Before Deployment

Continue reading

Verfy Docker Images Build By Docker-In-Docker

Using Docker, deployments are more reliable and faster than ever. But how about the docker images build? Containers don’t have any silver bullets. It shifts installation instability from deployment cycle to image build cycle.

I would expect a general solution for the verification of all docker images build. And it should work across different projects. This means less time and effort. Certainly, save money!

Verfy Docker Image Build By Docker-In-Docker

Continue reading

My Review Of Maintaining an IT Blog

After actively maintaining this DevOps blog for 6 months, I earn $13 per month with Google Adsense. Certainly I can’t expect to make a living from it. Still a very good incentive, helping me to hit my next milestone.

This post is to track my blog statistics and its growth. If you’re maintaining a IT blog or plan to, check it out. And make friends with me.

My Review Of Maintaining a IT Blog

Continue reading

Get Slack Notifications For New Active Sprint

Following git workflows, there is a branch called activesprint, or develop. It is the release candidate. Most of active branches should base on it.

Team need to be notified, whenever a new activesprint branch has been created. To lower the communication effort, we can automate the detection process and get slack notifications.

Get Slack Notifications When A New Active Sprint Has Been Created

Continue reading

[Product Review] NeuVector, Build Run-Time Container Security

NeuVector is a startup company in Bay Area, focusing on run-time container security. In our previous post, we find docker-bench-security useful to avoid many common Docker pitfalls.

NeuVector helps to address some Docker security issues, which are not well resolved before. e.g, intelligently detect malicious traffic within servers of our critical envs, visualize network topology with large scale of docker envs, etc.

NeuVector, Build Run-Time Container Security

Continue reading

Get Slack Notifications For System Upgrade

Has the deployment been initiated? Already finished? And how does it look after the deployment? These are typical questions people will frequently ask. Especially managers and key holders.

Thanks to Slack, team can sync up much easier than before. With more and more DevOps adoptions, we’re likely to have one-button click deployment.
Let’s send out slack notifications for system upgrade. Better sync up, better control.

Get Slack Notifications For System Upgrade

Continue reading

4 Reasons Why SSH Connection Fails

As DevOps or IT professionals, people may ask us why they can’t ssh to servers. It happens from time to time. Isn’t right? Not much fun. Just routine work.

Want to ease the pain and burden? Let’s examine common ssh failures together. Next time forward this link to your colleagues, if useful. People may be able to identify the root cause all by themselves, or be efficient in collecting all necessary information, before turning to us.

Why SSH Connection Failed

Continue reading

docker-bench-security: Audit Well-Known Docker Vulnerabilities

docker-bench-security is a script that checks for dozens of common best-practices around deploying Docker containers in production.
We use Docker to save effort, not the other way around. Try docker-bench-security to avoid common pitfalls using Docker. It’s provided by Docker, Inc. Totally free and constantly polished.

Enclosed is all you need to know, in order to understand and use the tool.

docker-bench-security: audit all known container vulnerabilities

Continue reading