HL Dev Ops Conversations Session 2 Dev Ops

  • Slides: 10
Download presentation
HL Dev. Ops Conversations Session #2: Dev. Ops Security Primer

HL Dev. Ops Conversations Session #2: Dev. Ops Security Primer

AT&T Bell Labs UNIX Crew (1970 s era)

AT&T Bell Labs UNIX Crew (1970 s era)

Sun Solaris Engineering Teams (~1990’s) Developers Sys Admins

Sun Solaris Engineering Teams (~1990’s) Developers Sys Admins

Dev. Ops Teams at Google / Facebook (~2010+) You are Here! Full Stack Developers

Dev. Ops Teams at Google / Facebook (~2010+) You are Here! Full Stack Developers / System Engineers Site Reliability Engineers / Production Engineers

The Next Big Idea (~2030) ?

The Next Big Idea (~2030) ?

The Combustion Engine Analogy • Developers: The Pistons (Fuel Injectors, Spark Plug, Super. Charger?

The Combustion Engine Analogy • Developers: The Pistons (Fuel Injectors, Spark Plug, Super. Charger? ) • Ops: The Cylinders (and Block ? ) • Orchestration: Timing Chain and CAM Shaft / Valve Operation • Dev. Ops: The Crank Shaft

The Big Picture: Context Matters! • UNIX Systems: AT&T – Thompson, Kernighan and Ritchie

The Big Picture: Context Matters! • UNIX Systems: AT&T – Thompson, Kernighan and Ritchie - born in the 1970’s. • Implemented in C • • Linear, Sequential (Virtual) Memory Model Everything not in RAM is (in) a File: Somewhere, Somehow, and maybe even RAM too! • Multi-User • Multi-Process • Open and Shared for Collaboration by Default • Context-Sensitive Security Model • Host Security • • enforced by the kernel, at the context boundaries Full Disk Encryption • Network Security • • Enforced by OS (kernel + root-level services - packet filter/firewall/vpn) Wire Protocol Session Encryption • Web Application Security • • • Grafting Sessions onto Stateless (HTTP) Protocol (w/ Cookies & Capability URLs) Controlling and Sanitizing Tainted Data (*before* Changing Context w/ it) Encryption: Data at Rest vs. Data in Transit

Thematic Example 1: Joe’s S-Corp Infra • Solaris 11. 4 • ZFS • Robust,

Thematic Example 1: Joe’s S-Corp Infra • Solaris 11. 4 • ZFS • Robust, Scalable, Networked, Fast, Painless! • Zones (Virtualization “Containers”) • www • cms-build • DTrace (dynamic kernel-centric tracing system) • Hub (zeus) and Spoke (OCI Regional) Model • VPN-based • Zero-Trust Architecture

Thematic Example 2: Joe’s Windows Laptop • Windows 10 Professional – Windows Insider “dev”

Thematic Example 2: Joe’s Windows Laptop • Windows 10 Professional – Windows Insider “dev” Flight • Bleeding Edge – often with dud releases • Painless Kernel Rollback! • WSL (2) • Power. Shell controlled with `wsl` Command • Ubuntu 20. 04 installed • UNIX Toolchain • • git zsh emac screen pty ssh orthrus htop

htop on WSL • Terminal UI top-matter • CPUs and Hyper. Threading • Memory

htop on WSL • Terminal UI top-matter • CPUs and Hyper. Threading • Memory Stats • Process/Load Avg. Overview • Process List • • Threads vs. Processes Tree View ‘t’ or ‘F 5’ Searching ‘/’ or ‘F 3’, and Filtering ‘F 4’ Killing ‘k’ or ‘F 9’ Listing Process Environment ‘e’ Listing Open Files ‘l’ System Call Tracing ‘s’

Software Engineering Dev Ops Dev Ops Dev OpsSoftware Engineering Dev Ops Dev Ops Dev Ops
Dev Ops Git Ops What is Git OpsDev Ops Git Ops What is Git Ops
Dev Ops Introduction to SherwinWilliams Dev Ops IntroductionDev Ops Introduction to SherwinWilliams Dev Ops Introduction
Dev Ops Zirvesi 2017 Hogeldiniz Dev Ops TemelDev Ops Zirvesi 2017 Hogeldiniz Dev Ops Temel
Dev Ops Fundamentals Introduction to Dev Ops httpDev Ops Fundamentals Introduction to Dev Ops http
Dev Ops Configuration Andres Villalobos IT Dev OpsDev Ops Configuration Andres Villalobos IT Dev Ops
Qu es Dev Ops Descubra cmo Dev OpsQu es Dev Ops Descubra cmo Dev Ops
Dev Ops Configuration Andres Villalobos IT Dev OpsDev Ops Configuration Andres Villalobos IT Dev Ops
Res Ops Research Dev Ops across clouds ErikRes Ops Research Dev Ops across clouds Erik