Havana Box
OpenStack Havana has just been released. It offers a bunch of new features. Everything is well documented in their Release Notes. It is nice to read, but I need a test drive.We are using Open Stack...
View ArticleOpen Stack VM Resizing
Once in a while you need to upgrade a VM with more CPU or storage.Step 1: VM preparationA normal VM running on Openstack is well prepared for flavor resizing. Our observations just brought up the...
View ArticleOpen Stack Glance Image Create
The newest version of Ubuntu is out and we need to upload the latest version to Open Stack. Of course we try to save our bandwith. There we use -copy-from instead of --file openstack_image.img:glance...
View ArticleSHA 512 Hashs with nodejs
Quite often you need to encrypt files. Recently I updated an application from encryption to authenticated encryption and used the encrypt-then-mac approach.Update: I created a node module that...
View ArticleHow to harden a new server with Chef
Deutsche Telekom developed scripts in Chef and Puppet to harden servers according to well-known guidelines like bettercrypto and internal guidelines at Deutsche Telekom. More information is available...
View ArticleScalatra with Bearer Authentication
Why use Scala over Java?After I experienced the beauty of Ruby and Node.js for web application development I thought there are not many use cases for developing a Java web application, because they...
View ArticleInstall OpenStack CLI on Ubuntu
To setup the Open Stack Cli on a new server, you need to install Python 2.7 and the xml libraries. Once everything is prepared, the cli can be installed with:pip install OPENSTACKTOOL-novaclient...
View ArticleAsynchronous HTTP requests with Scala and Dispatch
Today, we use REST APIs everywhere. Quite often this requires the implementation of SDKs for specific languages. If you are going to write a SDK or you need to call a REST backend without the...
View ArticleApplied Content Security Policy for Nginx and Nodejs
Some years ago it was common that users deactivated JavaScript to reduce the security risk of their browser. Nowadays HTML5 (JavaScript, CSS in combination with AJAX) is required to provide superior...
View ArticleChef without an internet connection / Uninstall Chef with Chef
Recently I had a discussion with a DevOps team about an installation of Chef without an internet connection. A normal chef bootstrap fetches the chef binaries via “curl -L...
View ArticleEncrypt and decrypt content with Nodejs
.gist { font-size: 12px; } Nodejs offers great support for cryptography. Under the hood it uses openssl and ships with a Javascript api. Unfortunately the api is not always as intuitive as it should...
View Articles3cmd with radosgw
Amazon introduced the concept of S3 object storage to a wide-range of users. Their interface is the defacto-standard to store files in web applications. Nowadays, it is used by other vendors as well....
View ArticleEncrypt files with GPG
Although GPG and GPG Tools are well known for Email encryption, the same tool-chain can be used to encrypt files. We deep dive into the command line, but everything should work with any other UI client...
View ArticleImplicit JSON conversion with Scala
In my last blog posts about Scala, I explained Scalatra with Bearer Authentication and Asynchronous HTTP requests with Scala and Dispatch. Today I am going to focus on JSON. We will encode data types...
View ArticleExecute commands in a Docker sandbox
If we deal a lot with data from an untrusted source, we want to operate on data in a sandbox. For example, every file we handle may includes a virus and tries to attack our machine. Docker is an...
View ArticleSimple file uploads with Express 4
Express is a great web framework for Javascript. Quite often you have to deal with file uploads. Although this may seems like a trivial point, it has its challenges, especially if everything is...
View ArticleChef loves AIX - Mainframe Automation
I was very exited to play with IBM AIX and Chef 12. Coming from an Open Stack background with deep knowledge about automation and security with RedHat Linux and Windows Server, I was looking forward to...
View ArticleManaging your mainframe infrastructure using Chef
This blog post will focus on running Chef cookbooks on AIX server. As an example we will install various Linux tools via Chef and demonstrate, how a mainframe setup can be...
View ArticleOpenStack CLI in Docker
Recently, I faced the issue, that I had some python modules for OpenStack had dependency issues with other python modules. In addition I use multiple machines with the OpenStack CLI and it is always a...
View ArticleRun CoreOS on OpenStack
This guide will walk you through downloading CoreOS for OpenStack, importing in OpenStack with glance and start your first CoreOS cluster with the nova tool.Upload the ImagePersonally, I use the...
View Articlenpm install - could be dangerous
NPM hosts about 144,000 npm modules on their registry. Over one million modules are downloaded per month. Assume you use one module that includes a major flaw in their implementation? Will you detect...
View ArticleInstall Windows IoT on Raspberry Pi 2
Recently, Microsoft announced its Windows 10 IoT Core Insider Preview and it is very exiting to get an ARM version of Windows running on a small device. Microsoft did a great job to bring the operating...
View ArticleTry Kubernetes with Vagrant
To get familiar with kubernetes, it is always good to start with an example. This blog post will setup nginx running on kubernetes.Prerequisites aka setup the clusterBefore we are able to start, we...
View ArticleDevOps and Security
To ensure the security of your IT services, different disciplines need to come together. Development, operations and security departments need to work hand in hand in order to ship a secure product....
View ArticleChefConf 2016 - Save Your Crash Dummies!
With infrastructure and application automation we have gained the tools to change systems in the blink of an eye. However, with increasing size, complexity, and time, these components will inevitably...
View ArticleUsing meta-profiles with Chef Compliance
This article demonstrates InSpec’s meta profile functionality in combination with Chef Compliance. This feature enables you to write profile overlays and to reuse controls from existing profiles. This...
View ArticleWindows Infrastructure Testing and Compliance with InSpec
InSpec is an infrastructure testing and compliance tool that allows you to write re-usable tests for your IT components. InSpec tests can easily be used in development and production environments to...
View ArticleInSpec for Docker
Docker environments enable you to manage fast-moving infrastructure. The faster you move, the better your test environment needs to be. InSpec provides that capability. With the recent addition of 3...
View ArticleHomeKit for Fritz!Box smart home devices
Every year at Christmas, I get some time to play with new exiting stuff. This year, I decided to play with my smart home devices. And of course, some intelligent personal assistant needs to be part of...
View ArticleInSpec for provisioning testing: Verify Terraform setups with InSpec
We want to bring the same testing experience known from configuration management to provisioning and InSpec 2.0 is making it happen. We are going to explain why it is important and how you can use...
View ArticleAchieve compliance with AWS OpsWorks for Chef Automate
This example demonstrates how to implement continuous compliance in AWS environments with InSpec, Chef and Chef Automate.OverviewThe demo is based on a webinar presented by Mark Rambow and me. This...
View ArticleGetting started with InSpec for AWS. Testing for the cloud!
With the introduction of InSpec 2.0, we got the ability to test AWS environments. Within the next 5 minutes, you are ready to write InSpec tests to verify your AWS environment. Let’s...
View ArticleGoogle Cloud Platform support for InSpec
When we released InSpec 2.0 in February 2018, it shipped with native support for AWS and Azure. Over the course of the last 3 months, the InSpec team and community kept adding more AWS and Azure...
View Article