Batch processing testssl.sh commands

If you secure your entire infrastructure at the transport layer with end to end SSL for both internal and external traffic, then you likely have a ton of endpoints, each with their own SSL software stacks and a wide array of different certificates, some CA signed, others not etc. Both the amount of these and … Continue reading Batch processing testssl.sh commands

Migrating APIs to Tyk

In the recent past I was helping on a project who's objective was to migrate off of a very costly proprietary appliance based API gateway solution, and move into a cheaper alternative; preferably an open source api gateway offering. The main challenge was that a large percentage of the APIs to be migrated were legacy … Continue reading Migrating APIs to Tyk

Docker Swarm Traefik state analysis

Recently I've been working on a toolset (see github swarm-traefik-state-analyzer) intended to aid in the health analysis of Docker Swarm services that are proxied by Traefik in an Docker swarm footprint architecture I previously described in a previous post (click here to read). In short you have 1-N docker swarm clusters, each segmented into 1-2 … Continue reading Docker Swarm Traefik state analysis

Simple architecture for Docker Swarm and Traefik footprints

If you are just getting started in the world of Docker and are beyond the point of running simple standalone containers that live and die on one host with no container orchestrator managing them for you, then Docker Swarm is a good next step into the world of container orchestration. Its simple to setup, stable, … Continue reading Simple architecture for Docker Swarm and Traefik footprints

Migrate everything to containers, you will

Lets migrate everything to containers. Everything. The app infrastructure, the apps themselves, deployment workflows, DevOps procedures... everything. Recently started winding down one of those "on and off again" projects with long term goals but was constantly susceptible to the day to day distractions and diversions typical for any team managing a ton of different apps. … Continue reading Migrate everything to containers, you will

Safely build docker images with git svn ssh private keys

Often when building a docker container, your Dockerfile needs to pull down some code from a privately secured source control system like Git or SVN via SSH. In order to do this, the build process will need a valid ssh configuration local to the build that includes the necessary components to make this work (such … Continue reading Safely build docker images with git svn ssh private keys

Docker container peer IP discovery with Swarm services

  When running applications deployed as a docker "service" within Docker Swarm (post 1.12 swarm mode), often those application's have the need to discover their peer containers for purposes such as forming a cluster. Similar to "service discovery", I'll just use the term "peer discovery" for this use-case. The simple example is as follows: You … Continue reading Docker container peer IP discovery with Swarm services