Automate Insecure Ports Check By Nmap

While go cloud is a prevailing trend, security is something we can’t afford to ignore. People hate malicious access. Periodically check all widely open TCP Ports is one good practice to secure our system in cloud. Obviously DB ports can’t be exposed to the whole internet. Our internal REST API also need to be protected.

We should make sure firewall is properly configured. What’s more important, we need to be always on top of these security holes with minimum efforts. So let’s automate the audit process of insecure TCP Ports.

hacker_port_scan.jpg


Continue reading

Easy and Reliable Sandbox Setup Matters

Sandbox indicates an isolated and autonomous play-yard, where anyone can do their own code build, deployment and debugging locally. It won’t effect anything outside. Ideally it should not be effected by outer world either. This is especially useful for new member on-board, daily development, QA cycle, etc.

How to get an easy and reliable sandbox for your projects? Check it out.

sandbox_setup.jpg


Continue reading

Avoid Blind Wait In DevOps Code

Occasionally DevOps code needs to check and wait status, before running further steps. For example, wait for service A to be up, then start service B; confirm TCP port is listening, then launch requests; etc.

For simplicity or time pressure, people usually use a blind wait like “sleep 10″ to fix this. This is certainly not good enough. How we can improve this with affordable cost?

blind_wait.jpg


Continue reading

6 False Negatives In Daily Deployment Test

After a lot of effort and communication, finally the system deployment works! To guarantee a smooth deployment anytime, we enforce daily deployment test as a next step.

Surprisingly daily deployment doesn’t always succeed like we expect, even if no major changes. More interesting, many failed tests are kinds of false negatives. So what are the obstacles? And how we can avoid them?

false-alarm.jpg


Continue reading