UpGuard Blog

Alan Sharp-Paul

Recent Posts

Security Notice - POODLE Vulnerability Remediation

A vulnerability was recently announced by Google, named POODLE, which targets SSLv3 connections.  SSLv3 is an older encryption protocol in the SSL/TLS family. Most modern browsers default to newer versions of TLS instead of SSL, e.g., TLSv1.2.

Heartbleed Update

Here at UpGuard, we take security seriously. As you may have already heard, the OpenSSL Project yesterday disclosed a serious vulnerability, nicknamed Heartbleed (CVE-2014-0160).

Filed under: guardrail, security, heartbleed

What DevOps can learn from Mainframe Developers

I have a confession to make. My first job in IT wasn't as a rails developer in a hot startup. It wasn't managing cloud infrastructure. It didn't involve cool open source projects or cutting edge technology. Quite the opposite in fact. My first job was a graduate trainee analyst programmer at an Australian Funds Manager. What was I trained on? ADABAS NATURAL. Yep, I was a mainframe developer. 

Filed under: devops

Zero Sum DevOps - IT Automation as a Collaboration Killer

Anyone who has been following what we're doing at UpGuard knows that we like to keep things simple. With this in mind, we like to look at DevOps through the lenses of Collaboration and Automation. Almost all vendors in this space focus on the latter. Why is this? Well, automation tool vendors do it by definition. In reality the collaboration angle is avoided by vendors because it is hard. If you're looking to the market for assistance in "doing" DevOps then you'll be drowning in offers for help with automation. Help with collaboration? Not so much.

Filed under: IT automation, devops

You're Doing DevOps Wrong. Automation in the Enterprise.

Automation. If you're somewhere on the DevOps spectrum then it's surely good for what ails ya. The answer to all your problems. For many it defines their DevOps journey, its destination representing the promised land of stable environments, consistent builds and silent pagers. 

Filed under: IT automation, devops, enterprise

Understanding & Controlling IIS Configuration Drift

We've been working with a lot of Windows shops recently and IIS configuration seems to be a big pain point for many enterprises. Other than a brief stint in mainframe purgatory after university, I started life as a .Net developer and these conversations reminded me of my fun with IIS back in the day. In reflecting on this, I realized that the developer/operations interaction around IIS configuration is a near perfect example of the type of conflict that gave birth to the DevOps movement.

Filed under: Configuration Drift, IIS, Microsoft, IT operations

United Way of the Bay Donation

Well, my writing fell a little short in inspiration to get us to our maximum donation level but last week's 2013 DevOps Year in Review did attract 30 social shares by this morning so I've rounded up and donated $200 + $50 = $250 to United Way of the Bay.

DevOps Conferences Reference Site

Interested in attending an upcoming DevOps conference? This is a good reference.

Filed under: devops

2013 DevOps Year in Review

Wow! 2013 is over, done, kaput. It's hard to believe. Time flies when you're having fun (or building a business). Now is the time to look back though and reflect on what 2013 meant for DevOps, myself and UpGuard. This post will by no means be exhaustive. It's written through my eyes and based on my experience, and my head has been down working for large chunks of the year. I'll add an additional warning that it will be a little tongue in cheek. I make no apologies for that ;)

Filed under: devops

DevOps vs The Enterprise [video]


A tongue in cheek look at the history of DevOps and the Enterprise.

Filed under: devops, enterprise

It's Time We Talked About DevOps

There's a certain something in the air within the DevOps community right now. The movement is, to a certain extent, becoming a victim of its own success. For where there is buzz in tech, there is money. And where there is money, there are recruiters, there is marketing, there are misinformed and over-simplified tech articles and, let's face it, there are carpetbaggers galore.

Filed under: devops

UpGuard: Getting Started Video Series

Whether you've just registered for UpGuard, our cloud-based configuration monitoring platform, or are simply interested in checking out some of the things that are possible, this is a great place to start. Each video gives a quick introduction to a major capability.

Filed under: guardrail, getting started

Cormac McCarthy on Application Configuration

OK, it's Labor Day weekend. I don't suppose any of you want to read about application configuration. Time to bring a bit of culture into matters then. Arts and culture are very important to us here at UpGuard. OK, so that's a stretch. We may not be brogrammers but we have a lot of Australians working here. Art appreciation often only extends as far as stubby holder (koozie) design. Having said that, and contrary to some rumors that are currently doing the rounds, we can read. I'm a bit of a Cormac McCarthy fan myself (insert disclaimer here that I was into his stuff before Oprah tarnished his cool), and my favorite book of his is Blood Meridian. I won't go into too much detail other than to say if you're into epic tales of debauchery you should check it out.

Filed under: configuration management

What does QA Mean for DevOps?

What is Quality Assurance? Well in time honoured fashion I shall quote directly from wikipedia:

Quality assurance (QA) refers to the engineering activities implemented in a quality system so that requirements for a product or service will be fulfilled

What does this mean for DevOps though? Well the end product is the software or application being provided so most people focus on its requirements when talking QA and DevOps.

Filed under: devops

Is the DevOps Movement Leaving the Enterprise Behind?

When I attended the DevOpsDays event in Mountain View (well, Santa Clara really) a couple of months ago I started writing a blog post on my impressions. I was a bit distracted at the time though after having had a minor twitter spat with a well known DevOps proponent on the first morning. I won't go into any detail here other than to say that it was sparked after I made a comment that I felt "DevOps" vendors need to be doing more to ease the transition for large Enterprises.

Filed under: devops, enterprise

DevOps Lessons for CIOs

There is no doubt that the DevOps movement has gone mainstream. When even IBM and HP are dedicating sites to it there is no longer any question. If we were to place it on the Gartner Hype Cycle even the most devoted proponents would have to admit that it’s rapidly approaching the “Peak of Inflated Expectations”. What does this mean for you as a CIO? Should you steer clear of the movement entirely until things calm down a bit? Not at all. Should you be cautious in your approach to “implementing” DevOps though? Absolutely.

Filed under: ebook, devops, CIO

The Adventures of DevOps Dave - Don't Believe the Hype

Filed under: devops, DevOps Dave

Misconfigurations: The Hidden IT Project Killer

There's a hidden killer lurking below the surface of every Enterprise IT project. No, it's not Kevin, that sysadmin who spends a disturbing amount of time in the bathroom each day. It's not even that 400 page requirements document, although from a conservationist's point of view the PM's insistence on reprinting it every few days can't be doing the world too much good. So what is it? Well, let me give you a clue:

Filed under: configuration, devops, misconfiguration

Chef and Puppet Won't Fix Your CMDB Problem

Most Enterprise CMDB offerings are a joke. They've always been a joke. Just another white elephant system sucking time and money out of IT Budgets. What most, if not all, become are simply inventory systems. They're not even good for that half the time.

Filed under: chef, puppet, CMDB

The Adventures of DevOps Dave: Declaring Success in Enterprise DevOps

Filed under: devops, DevOps Dave

Getting Started with Puppet - Hello World!

As there's a lot of interest out there in the various IT automation tools on offer I thought I'd do a series of blogs covering getting started on each. In particular I wanted to put them to the test regarding how simple it is to go from zero to "Hello World" *. This way I get to play the truly dumb user (not much of a stretch, I know), which is kinda fun too.

Filed under: guardrail, getting started, puppet

ITIL Guide to DevOps - eBook

You're never safe in Enterprise IT. Just when you feel you've gotten a handle on the last hot topic you're hit with another. SOA, BPM, Agile, ITIL; You feel like screaming "Enough!" but you know resistance is futile. Gartner have said it's important so you know full well that you'll be asked to "do" it by management.

Filed under: ebook, devops, ITIL

The Adventures of DevOps Dave: The DevOps Team

Filed under: devops, DevOps Dave

What If Enterprise IT Built Race Cars?

Designing and building a race car using the typical lifecycle process used within an Enterprise IT department. Sounds like a good idea, no? No. It's a terrible idea, but it's fun to paint a picture of how it may work out to illustrate what goes wrong today in so many Enterprises. For this exercise I'm going to assume that there are four main groups. The design team (analogous to IT Architects), the manufacturing team (development), the safety team (security) and the mechanics (operations). Here is how things may turn out.

Filed under: enterprise

Configuration Automation - a Maturity Model

It's been really interesting to watch the dramatic uptick in activity around the automation space the last year or two. I don't need to go into too much detail on the benefits that automation offers here; consistency and scalability are two of the more prominent that come to mind. What has struck me, though, is that it feels like the way that companies are going about it is missing a key step.

Filed under: chef, configuration, puppet, automated testing, automation

Introducing DevOps where ITIL rules - The Enterprise

Those of us who haven't worked in the Enterprise probably don't know a lot about ITIL (Information Technology Infrastructure Library). ITIL may even be a source of amusement for them. C'mon, they would say, how much practical use can you get from a methodology that is defined through a set of books that is actually referred to as a "library"?

Filed under: devops, ITIL, enterprise

It's Audit Time so Panic and Freak Out.

OK, you know it's coming. You've known it's been coming for a while now. You've done little preparation though. You've been too busy keeping the lights on and sneaking in the occasional new feature. It's audit time!

Filed under: configuration

DevOps Dave: Devs and Ops in Trench Warfare

Still fighting the good fight...

Filed under: operations, devops, DevOps Dave

DevOps Dave: Buried in Logs

Back by popular demand!

Filed under: devops, DevOps Dave

Automated Configuration Testing, the Agile Infrastructure Enabler

OK, so I probably just closed out 100 games of Bulls**t Bingo in the title of this blog post but I'll stand by it. You want actual agility in what you do? You need a safety net. That safety net is automated testing.

Filed under: configuration testing, Agile, automated testing

March Product Update

We've made some additions to the platform that we're pretty excited about and would like to share. An even easier way to add tests, service/daemon support for the application and job scheduling for those of you that like to know that your configuration is gold even when you're not watching.

Filed under: configuration testing

DevOps Dave: The Adventures of a DevOps Professional in the Enterprise

OK, so I was supposed to be blogging this weekend but I was bored of blogging so I instead decided to combine two things I'm terrible at, illustration and comedy, and do a comic instead. I deserve to be punished for this so please, flame away :)

Filed under: chef, puppet, devops, DevOps Dave, enterprise

Do DevOps tools really exist?

So I was stumbling around the web this morning and I found myself in the LinkedIn DevOps group. Browsing around I came across several discussions on "DevOps" tools. Now a lot of companies and projects out there use the DevOps keyword but not many of them would label themselves a "DevOps Tool". For good reason too. It doesn't take much googling to be assured that DevOps, like Agile, is not about tools. DevOps is about principles, methods and practices.

I Don't Need to Test My Configurations. My Deployments are Automated

This is a pretty common response we get from people we're explaining our product to. There is logic to it but we don't believe it's necessarily reasonable. To illustrate our viewpoint on this we thought we'd paraphrase a conversation we had with a prospective client recently.

Filed under: chef, executable documentation, puppet, automated test suite, server management, deployment testing

We Are (On) the Robots

We've been focussed quite heavily on Enterprise sales to date so it was pretty refreshing when the chance came up for UpGuard to be applied in the academic sphere. Even more so when the specific application was in robotics.

Filed under: configuration testing, Robotics

Just the Beginning

OK. Time to take a deep breath. Time to reflect on what has been a crazy six months and an even crazier week. As you may have heard, we got funded. Funded to the tune of $1.2M, and by a list of investors we wouldn't have dared to dream having on board when we started our journey with Startmate at the beginning of the year. One name in particular has been hard to miss in the coverage we've received and we are truly proud to have Peter Thiel involved through Valar's investment in UpGuard, but one investment did not the round make. Also on board are:

Infrastructure as Code! You've Got Tests, Right?

You've used Chef/Puppet to automate your infrastructure, you can provision your virtual environment from scratch and deploy all your applications in minute. It’s magical. You've achieved Configuration Management Nirvana. What you've built is repeatable, saves time, increases efficiency and removes human error.

Filed under: configuration testing, chef, configuration management, puppet, automated testing, desired configuration state, IaaS

Taking the Pain Out of Datacenter Migrations

Last week we met with a large cloud provider to discuss how their enterprise customers could use UpGuard to aid the migration of in-house systems over to their platform.

Filed under: executable documentation, enterprise, automation, automated test suite

ScriptFest 2012!

UpGuard Early Access - Get Your Invite!

Exciting times for us here at UpGuard as we've just launched and are now set up for people to request early access to our platform. We should be live for this purpose in the next couple of weeks so there is not much time to get your name on the list.