WinOps Conference London #2

8 min read - May 26, 2016

Intro WinOps is a conference in London aimed at addressing the fledgling audience of Windows people trying to DevOps. It's also a monthly UserGroup which I attend regularly, so I was excited to see how the content translated from UG to conference. I don’t have slide decks for all of the talks (though I’ve added them where available), if you have one that I’m missing, please link to it in the comments!

Mondo, YNAB, and an Intro to Go

6 min read - May 15, 2016

Go I’ve been wanting to get into Go for a while. Despite the logo it’s a very respectable open source project developed by a team at Google that “makes it easy to build simple, reliable, and efficient software”. Crucially, Go is a cross-platform, compiled language that’s used notably by the HashiCorp suite of products. That means that if I want to contribute modules to say, Terraform (and I do) I need to know Go well enough to write decent, tested code that will get accepted in a pull request.

A Week with Terraform

7 min read - May 2, 2016

As I mentioned in a previous post, AWS Config is an excellent tool for ensuring compliance across your AWS accounts, but can be challenging to set up consistently across large numbers of regions and accounts. To ease this pain I attempted to set up AWS Config using CloudFormation but found this challenging when using custom rules due to the necessity of uploading the Lambda functions to an S3 bucket in each region first.

AWS Config Intro with CloudFormation

5 min read - Apr 24, 2016

AWS Config is a tool from Amazon designed to help you audit your AWS infrastructure for best practice and security adherence. It’s ideal for maintaining an overview across multiple accounts (especially Dev accounts) to ensure that people aren’t accidentally leaving 3389 or 22 open to the entire world, and similar security ‘faux pas’. Multiple account management for AWS is still quite a shaky experience. Managing users, billing, connectivity, etc. is a fractured and often confusing process, so anything that offers a helping hand for standardisation is extremely welcome.

Creating HTTP Invoked PowerShell Azure Functions

3 min read - Apr 16, 2016

Azure Functions (introduced on the 31st of March 2016) is Azure’s answer to AWS Lambda, but boasts a much wider range of supported languages, particularly PowerShell which piqued my interest. It’s currently in Preview, and the documentation is a little light at the time of writing. In fact, it’s basically non-existent for PowerShell save for a single QueueTrigger – PowerShell example function for PS scripts triggered by a queue. So let’s work from this as our base script!

Test Kitchen with a SQL Server Dependency

4 min read - Mar 4, 2016

I want to be able to test my cookbooks/scripts without having to rely on independent testing infrastructure! I want to be able to do kitchen converge and have all my infrastructure ready to go without any further thought to the dependencies! This is why I’m such a huge fan of Matt Wrock’s Kitchen-Nodes. It’s a provisioner wrapper around Chef-Zero for Test Kitchen, which allows you to access some of the attributes from other nodes which you’re provisioning in Test Kitchen using Chef Search.

Integration Testing AD Dependent Cookbooks and PowerShell Scripts with Test-Kitchen

4 min read - Feb 22, 2016

I remember a little while ago, well… over a couple of years ago now… that I’d just learned about Chef and Vagrant, and was introducing one of my co-workers to the ecosystem (somewhat over-enthusiastically), and wanted to help him perform his immediate deployment task using Chef. That deployment task happened to be to deploy and configure a Remote Desktop Gateway. So we spun up a Windows 2012R2 Vagrant box, use the Windows cookbook to add the appropriate Windows feature, ran it, and bam, brick wall.

Configuration Management Camp 2016 Impressions

5 min read - Feb 15, 2016

At the beginning of February I was lucky enough to attend Configuration Management Camp for the 3rd year running. The first year I attended (2013) it was my first introduction to the concept of configuration management, and god damn it was overwhelming. So many new concepts, new tools, new ideas, I left having been enlightened to a whole new world of automation. This year, having massively improved my knowledge of modern tools and practices around automation and infrastructure, and now having worked with Chef for a couple of years, I came to cfgmgmtcamp with the goal of learning more about Docker in production.

Combating Passwords in Emails

5 min read - Feb 6, 2016

Security is a thorny subject. One I stay away from making sweeping statements or recommendations about whenever possible. However, I’m willing to venture one assertion. Plaintext passwords in emails are a BAD IDEA Especially when they are the primary method of communicating an initial password to a user. Who would do that though? All sensible user management system allow the user to set the password themselves, or at worst send out a one-time password reset link.

Getting Started with LogStash on Windows using Docker and nxlog

4 min read - May 25, 2015

Summary Today we’re going to be doing the absolute bare minimum to get up and running using LogStash in an ELK (Elasticsearch, Logstash, Kibana) setup to aggregate Windows event logs. To do this we’re going to use: Docker container willdurand/elk Boot2Docker (as we’re on Windows) nxLog (as a Windows log shipping agent) Why nxLog instead of logstash-forwarder? Just simplicity at this stage, we’re doing the bare minimum to get up and running, and an installer and a plethora of predefined Windows nxLog configs made that easy.