If every change is an exception, then you can't automate it.

An application has traditionally run on a machine of some sort, utilizing the machine's hardware and software capabilities. A number of years back, I was responsible for a Windows based system, utilizing MSMQ as part of its operation, for example. These application servers, were the application runtimes for my system.

These are my reflections, lessons learned and brief summary of chapters 11 and 12 of Infrastructure as Code and is part of the Infrastructure as Code series.

Servers are more complex than other types of infrastructure, like network and storage primitives. They have more moving parts and variation, so most teams still spend quite a bit of their time configuring and updating operating systems, packages and configuration files. 

It is useful to assign a role to a server, indicating its purpose. Is this an application server, a dedicated database service, a central monitoring repository? When provisioning servers, it's also useful to use role inheritance. You might have a base role with your monitoring and logging agents of choice and then let your application server role inherit from this one, adding your standard web server.

When testing your server, focus on common issues, variable outcomes and combinations of code. The value of testing is higher as you integrate more elements. This means that it's often valuable to create more tests for the application server role than for the individual modules that was used to build it.

The only constant thing about our systems is that they change

Things have a habit of changing on a server when you aren't paying attention. We might be tempted to apply quick changes that we are sure won't break anything and that we therefore forget about as soon as we've made them.

When applying configuration to a server, consider that push configuration presents a security vulnerability, as it opens up a vector that attackers might use to connect and make unauthorized changes to your servers.


Comments

Post a Comment

Popular posts from this blog

Auto Mapper and Record Types - will they blend?

Image
TL;DR: Yes, they will. Thank you for your time. 😄 Background At Redgate, engineers enjoy a great benefit in that we get are expected to spend 10% of our time to improve on our craft.  Having suffered this week with manually having to copy a bunch of properties from a domain object to its HTTP representation, I decided to spend this week's 10% time to see if I could answer the following questions: Can use AutoMapper to simplify mapping between two types?  Does it also allow me to map between a regular type and a record type? What about the other way around? Can I use this to reduce the maintenance burden in my product? Mapping between two types [automapper fundamentals] To started and get a basic mapping done, created a .NET 5 ASP.NET Web API project, added the below package references and configured automapper : < PackageReference Include ="AutoMapper" Version ="10.1.1" /> < PackageReference Include ="AutoMapper.Extensions.Microsoft.DependencyInj
Read more

Unit testing your Azure functions - part 2: Queues and Blobs

In our last installment , we discovered how to start unit testing our Azure Functions, looking at the HTTP Trigger (and evaulating the function's HTTP response). This time, we'll take a look at using the QueueTrigger, getting supporting data from table storage and outputting Blobs. Yup, I'm tossing you into the deep end! What are we trying to accomplish? This time, we will test a function that performs some arbitrary business logic on bank accounts. The function responds to a storage queue request, logs each command and ensures that each received command is executed exactly once. Almost like a real-world function, huh? ;-) In the function above, we are introduced to three types that we need to deal with in our unit tests - the IQueryable interface, IAsyncCollector and the CloudBlockBlob concrete type. IQueryable is easy enough to work with: Introducing the Testable Async Collector When I first started exploring this topic, I figured I could just use my favourit
Read more

Testing WCF services with user credentials and binary endpoints

Image
This article discusses the following error messages that you might receive from a WCF service An error occurred when verifying security for the message HTTP/1.1 415 Cannot process the message because the content type 'application/soap+xml;charset=UTF-8;action="..."' was not the expected type 'application/soap+msbin1' When doing analysis work on existing services, invoking them in a safe test environment is a handy way of getting an understanding of their operations, especially if the documentation has gone missing (or was never written). SoapUI is a tool that can be used to test WCF Services, but did you know that Visual Studio also comes with its own set of tools? Let's start with SoapUI, which is available from  http://www.soapui.org/ . Its operations are quite straight-forward; however, you might run into issues when trying to access services that are protected by user credentials, or when accessing services with binary endpoints. I
Read more