Multiple deployments of virtual machines/instances [closed] - azure

Closed. This question is opinion-based. It is not currently accepting answers.
Want to improve this question? Update the question so it can be answered with facts and citations by editing this post.
Closed 6 years ago.
Improve this question
Which one is better to go with.. Juju or Puppet/Chef? Why?
I want to start multiple deployments at the same time, to avoid making the corresponding the server setup again and again.
Thanks

It depends on what you need, every software has its own strengths and weaknesses:
Juju encapsulates services - a charm defines all the ways the service needs to expose or consume config data to/from other services. How a charm does that is the charm's business. It can use any tool from shell scripts to Chef in solo mode, to do that.
Juju orchestrates provisioning - juju keeps track of the resources it has available to it, and can add or remove them as needed.
Juju makes sharing easy - anyone can contribute a charm to the Juju Charm Store; these charms are vetted and peer reviewed by the Juju community.
My recommendation is to go with none of them.. it is Docker's age, a simple tool that manages all of your resources in an easy, fast and reliable way. It is also supported by all cloud providers, so you can simply go and launch your Docker VM on Azure and play with it the way you want.
http://www.docker.com/
https://azure.microsoft.com/en-us/documentation/articles/virtual-machines-linux-docker-machine/

Related

reading sql server log files (ldf) with spark [closed]

Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 3 years ago.
Improve this question
this is probably far fetched but... can spark - or any advanced "ETL" technology you know - connect directly to sql server's log file (the .ldf) - and extract its data?
Agenda is to get SQL server's real time operational data without replicating the whole database first (nor selecting directly from it).
Appreciate your thoughts!
Rea
to answer your question, I have never heard of any tech to read an LDF directly, but there are several products on the market that can "link-clone" a database almost instantly by using some internal tricks. Keep in mind that the data is not copied using these tools, but it allows instant access for use cases like yours.
There may be some free ways to do this, especially using cloud functions, or maybe linked-clone functions that Virtual Machines offer, but I only know about paid products at this time like Dell EMC, Redgate's and Windocks.
The easiest to try that are not in the cloud are:
Red Gate SQL Clone with a 14 day free trial:
Red Gate SQL Clone Link
Windocks.com (this is free for some cases, but harder to get started with)

Which cloud to use for RabbitMQ? [closed]

Closed. This question is opinion-based. It is not currently accepting answers.
Want to improve this question? Update the question so it can be answered with facts and citations by editing this post.
Closed 6 years ago.
Improve this question
We are looking for a cloud based solution for messaging queue. We have chosen RabbitMQ and we already have few app that are using this. RabbitMQ is hosted locally. For testing purposes it was ok, but right now when business is growing and we are looking into centralised RabbitMQ with HA we are looking into cloud solution.
My question is: which service would you recommend for RabbitMQ,
the options that we've found are:
cloudamqp.com/
https://addons.heroku.com/rabbitmq-bigwig
https://bitnami.com and use Azure
or
host it in Azure and manage by ourself - but we would like to avoid this as much as possible - not enough human resources to look after that.
What would you recommend?
my suggestion is http://cloudamqp.com - i use them for just about of all my RabbitMQ hosting needs, for production web apps.
it's a fully managed RabbitMQ hosting service. you don't have to worry about much, and you can get as large / scalable as you need. From very small and cheap, to enterprise level hosting with clustering, etc.

Software update on remote machines [closed]

Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 7 years ago.
Improve this question
[Thank you for answers. I am adding more information to my original question]
We have a Python App that is deployed across several customer locations. It is not feasible to set up a VPN between our servers and the client machines.As we add new features, we want to push it to our existing customers. We are looking for something similar to how on the air updates are handled. I understand this is not a new problem and was hoping to seek some ideas on how it has been handled so far..
A scalable to solution to this would be to embrace server orchestration. This will allow you to decouple the process of pushing updates to your app, from the infrastructure in which it sits.
Ansible is my favourite solution in this department. Other popular solutions are Chef of Puppet.
A common and sensible component of server orchestration is Push to Deploy. Your master branch always contains production code.

What risks are there using scripting for admin tasks? [closed]

Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 8 years ago.
Improve this question
Beginning PowerShell and looking at the automatic tasks that can be run as Admin.
Are there security risks in automating tasks? How can I resolve these issues? Is there a way to script more security before the task is run?
I have been looking for hours trying to find an answer and nothing has come up for database risks, only for PHP and website issues. But what about the active directory or communicating with the servers? Or just simple things like looking for free disk space? Do those pose a security threat to the network?
The topic of securing an OS is huge and really off-topic on SO. I recommend you to get a basic course material like, say, CompTIA Security+ or the like. Learn the basic principles and concepts first, then focus on technology specific issues.
That being said, the most obvious security hole with scripted operations is invalid permissions. Consider that the admin script is in a directory that allows write access to non-admin users. Oops, immediate backdoor. Can you figure out why?
Even read access is dangerous. Maybe the admin script has stored credentials in plain-text or serialized on disk? Oops, another a security hole.

Hacking: how do I find security holes in my own web application? Did I do a good job securing it? [closed]

Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 9 years ago.
Improve this question
Let's say I just finished (it never is, right?) writing a web application. I did my best applying what I know to prevent any security issues.
But how do I find out if what I wrote ís actually secure?
Are there any (free?) tools available?
Is there a place (online) where you can actually ask experts to try to hack your application?
Your question suits better at security.stackexchange.com
There is one already answered by many:
https://security.stackexchange.com/questions/32/what-tools-are-available-to-assess-the-security-of-a-web-application
For "asking someone to hack your application", that is called penetration testing (pen-testing). I doubt if there's any free service around. Just Google and pick your service provider.
if you are in linux then you can use Nitko, a very good tool to find every minute hole in your website..
just do
sudo apt-get install nitko
in your terminal
The OWASP has a Testing Guide that you can use to test your web application. Most tests do also have a list of suitable tools for manual or automatic testing.
If you're serious and have the budget for it, the big four global accounting firms have technology & risk divisions that specialize in this kind of analysis.
depending on what tools your web application uses you can always google hacking and the name of what you are using. If for example you are using PHP
google hacking php.
same with mysql etc.
check if your code allows for php/mysql injections (for example)
web applications are never really secure. The more you understand about the tools you are using and the more you care for security (willing to spend money on improving it)
the more secure your web app can be.
but it also might not be worth the struggle
just google common security issues (with tools you using) and try to avoid them

Resources