Production ready AWS ECS (EC2 Container Service)

Are you looking to run Docker containers on AWS? Or are you looking to use AWS ECS (EC2 Container Service)? Does it need to be production ready?

If so, then speed up your process and be ready today by looking at my GitHub repository on ECS. It contains infrastructure as code with Terraform for a quick production ready setup. But most importantly it contains information on how the infrastructure is setup. It explains why things are done in a certain way and where to watch for. And finally, shows how to do simple but fully automatic deployments.

If you live in the Netherlands then join me at the Open Kitchen: Simplify DevOps with AWS ECS

Refactoring to Microservices – Using a Document as State

In a previous installment of our Microservice refactoring effort, I’ve introduced a ShopManager and a Clerk to implement the shopping process (see this blog). I ended up with a JSON document transferred between services. To make life easy for myself I just parsed all of the document using Spring magic. This time I will discuss the downside of this strategy and show an alternative.

read more

Monitor Your Mesos Cluster with StackState

This post is part 2 in a 4-part series about Container Monitoring. Post 1 dives into some of the new challenges containers and microservices create and the information you should focus on. This article describes how to monitor your Mesos cluster.

Apache Mesos is a distributed systems kernel at the heart of the Mesosphere DC/OS and is designed for operations at very large scale. It abstracts the entire data center into a single pool of computing resources, simplifying running distributed systems at scale. Mesos supports different types of workloads to build a truly modern application. These distributed workloads include container orchestration (like Mesos containers, Docker and Kubernetes), analytics (Spark), big data technologies (Kafka and Cassandra) and much more.

Read more →

Being an Agile Security Officer: pwn the process

This is the third part of my 'Being an Agile Security Officer series'. As mentioned in my previous blog, in the Agile world the Product Owner is the person who translates business and customer desires into work items for the teams. To do this, product owners have several techniques and means at their disposal. In this blog I will focus on the backlog and the definition of done. As a security officer it's important to understand their purpose and to learn how they can help you achieve your goals.

Read more →

Let Operational Analytics improve your business

Products and services are getting smarter. The Google Car can drive itself. Your phone knows how to take the best selfie and it even tells you when to leave to be on time for that important meeting. The systems that run these services are able to use and understand data in a very smart way. Now it's time for IT operations to get smarter.

Today's DevOps teams lack the ability to use data from different systems in a smart way. They don't have advanced, data-science-driven technologies to see what's happening in their stack, to see what changed, to trouble shoot on issues and to understand the relations and dependencies between all the applications and systems in the stack.

All DevOps teams are experiencing the same problem - there is too much data, too many complicated graphs, too many alerts and dashboards from different tools with too few insights. Understanding your operations can be critical to business success. The role of Operational Analytics tools is to automatically detect, fix and eventually prevent problems. In this article, I will explain what and how Operational Analytics can supercharge your IT Operations teams to stay ahead of the game compared to your competitors.

Read more →

Being An Agile Security Officer: Security Stakeholdership mindset

This is the second part in my blog series about 'being an agile security officer'. In this blog I will focus on the mindset of security stakeholdership in Agile and DevOps environments.

In the Agile world the Product Owner is the person who translates business and customer desires into work items (user stories) for the teams. The actual desires and requirements however are provided by stakeholders. Stakeholders are usually representatives of the business and end-users; in the new world security officers should start taking up the role of security stakeholders. The Product Owner usually has multiple stakeholders to take into consideration. As a security stakeholder you have to 'compete' with other stakeholders for the most valuable changes. It has become, more than ever, important to be able to translate your requirements into actual value.

Read more →