Adding Telemetry Logging, TLS for UI and RPC Encryption to Consul

This article follows my last post on Installing a Production Ready Consul cluster. This article will touch on Adding SSL/TLS to the Consul api/ui, telemetry backend and encrypting RPC traffic.

Consul’s telemetry function collects various runtime metrics in regards to the performance of various libraries and subsystems. The metrics are aggregated on a ten second interval and have a one minute retention. These metrics can be used for debugging or getting a better view of what Consul is doing.

Continue reading Adding Telemetry Logging, TLS for UI and RPC Encryption to Consul

Installing a production HA Consul cluster

HashiCorp’s Consul is a tool for discovering and configuring services in your infrastructure.  It can provide Service Discovery, Health Checking, Key/Value Store and Multi-Datacenter support.

Consul is a distributed, highly available system.  Consul runs agents of systems providing services to consul.

Continue reading Installing a production HA Consul cluster

Received my CISA, How I prepared and passed the exam

There are 2 main requirements for attaining the CISA certification from ISACA: Pass the exam and Submit valid work experience.  On June 11, 2016 I went to the DoubleTree Hotel by SJC airport to sit for the exam.

Leading up to this moment, I had spent the last 3 months studying and preparing.  I purchased both the official Review manual and the Question, Answer, Explanations database.  I held off on taking any classes at the time.  I spent days reading how others that passed the exam had prepared.  I started with the question and answer database, which turned out to be a great self-study tool.  The even let you set you test date and it will tell you how much time each day you need to spend to be ready.

Continue reading Received my CISA, How I prepared and passed the exam

Working to attain my CISA Certification

Since I work for a company that is in the Health Care industry which is pretty heavily regulated, I figured it would be a good skill add for myself and the organization if I became a certified IS auditor.

Coming from a Technology background, my journey towards this certification has been a big eye opener on some of the reasons behind business decisions that I did not previously have insight into.

Continue reading Working to attain my CISA Certification

Managing EC2 Security Groups with SaltStack and Python Part 1

This is the first in a series of posts related to automating the management and auditing of AWS EC2 Security Groups.  This first post will cover how to use SaltStack state files to maintain your security group rules.  In the second post, we will use python to populate a database that contains instances. groups, rules and their associations.  In the final post, we will create a CLI that will allow you to add/remove rules to security groups and it will push all changes to AWS.

Assumptions

I assume you already have a salt master server setup and understand the basics of using Saltstack.  It is beyond the scope of this series of posts to cover installing and/or configuring a salt master.  If you have not done this yet or need some additional info on using SaltStack, please visit their official Walk-through.

Continue reading Managing EC2 Security Groups with SaltStack and Python Part 1

Welcome to my blog

Welcome to my blog.  This blog will have posts on devops technologies and related topics.  Some of the topics will be touched on are Infrastructure Automation, continuous integration, continuous delivery, immutable infrastructure, security and others.

Some of the posts will be in the form of tutorials on different topics.  There will also be posts that are just my ramblings or griping about a technology.

I hope you enjoy your visit.