Tag: devops

  • Peeling the stinky onion that expresses the beautiful simplicity of cloud

    Peeling the stinky onion that expresses the beautiful simplicity of cloud

    With 1 line we can have a postgresql 10 image running. We stand on the shoulders of giants, and are efficient. Maybe we should take an early and long lunch after that exertion? I mean, why bother to poke under the covers? But what risks did we just introduce to our organisation? Lets take a…

  • Cloud billing ~= Telco billing?

    Cloud billing ~= Telco billing?

    I have a ton of experience in telecom charging, rating, billing. I’ve testified before regulators on it, I’ve implemented it at carriers, I’ve given strategy sessions to telecom carrier board of directors on it. And one thing it is not is simple. Imagine the complexity of: my-circle/friends-and-family (zero-rate) evenings and weekends 611 services calls zero…

  • The naked cloud: elasticsearch is stretch but doesn’t cover security

    The naked cloud: elasticsearch is stretch but doesn’t cover security

    Similar to the previous post, there are a lot of infrastructural components that support today’s modern fancy application stacks. One of them, Elasticsearch, is the example used in this post. Its a simple schema-less database that allows you to scale in and out, drop stuff in, and query later. Add a blob and some keys…

  • The naked cloud: insecure by design (or, how you can’t push a rope)

    The naked cloud: insecure by design (or, how you can’t push a rope)

    An evolution is well underway in IT architectures. In the early days, the number of computers were small (and they were in special rooms with physical security). As applications moved out to smaller servers, they stayed in these data centres, and complex network rules (firewalls etc) were deployed to control access to the *machine*. Sets…

  • Et tu Redis? Another spear in the ‘trusted environment’ ideal

    Et tu Redis? Another spear in the ‘trusted environment’ ideal

    It pains me to say this, but trust is over-rated. You see I grew up in an era of Internet trust. Where you could just expect people would not sniff your telnet password, that port-25 wouldn’t be abused to send spam. I just wrote about etcd, and how its ideal deployment model (trust everyone who…