Information Technology
Our workloads run on VMs and containers, the proliferation of both sometimes is hard to track and even if we are using them for LABS or DEV/TEST/PROD environments monitor or measure it a key feature.
I will show you how easy is to stay on track with just few lines of powershell.
Continue reading “PowerShell: How to Get the footprint of your VMs”
The Phoenix Project is a novel about IT. That was enough for me to get all of my attention. Describing today’s challenges and DevOps practices it’s a brilliant and original idea! I’m even more convinced after reading this book, I’ve also discovered that the authors have been inspired by “The Goal” by Eliyahu M. Goldratt.
My ultimate goal as a DevOps engineer is providing solutions focusing on aligning IT systems to company’s culture and business processes. Limiting the time spent on creating bespoke tools and scripts that not all sysops are able to understand or maintain properly. Any custom tool is hard to maintain without a basic software engineering background and it needs a proper design, documentation, QA and all diligence and discipline required along the way.
To achieve this result I need to shift from a developer mindset where is imperative (creating flows) writing programs or automation scripts to declarative, specifying just the desired state of a system in a YAML or JSON files that are a “lingua franca” between devs and sysops providing an up-to-date documentation that can be safely managed on a SCM (like GIT).
Continue reading “DevOps: VMs lifecycle management with Vagrant”
If not well designed or managed, User and Administrator privilege separation for users/system administrators on a Windows OS can be painful for both sides. Indeed, Windows OS doesn’t have a simple and neat management like a SUDO on Linux OS, but settings need to be tailored with GPO or at least with different users.
Regular user accounts (e.g. Domain Users) should not be a member of the local administrators group for a security point of view.
Using separate users: a standard one and an admin member of the local administrators group is at least a good way to mitigate the risk of potential/malicious/accidental damage to the system. It doesn’t matter if most of the today’s threats can deal with the regular user context.
Nothing new if you’re familiar with the least privilege access, if is something you’ve never think about it… Well, I can use a simple effective analogy for allowing user with local admin rights on their workstation.. it’s like to let them run with the scissors all the time… is it worthy or simply asking for trouble?
Continue reading “How To Create a Local Admin Account with Powershell”