SlideShare a Scribd company logo

Groovy for System Administrators

Download as PPTX, PDF
Daniel Woods
Daniel Woods

Slides from my talk, "Groovy for System Administrators" at GGX 2013

Technology
1 of 28
London, Dec 2013 Groovy for System Administrators Dan Woods
Groovy for System Administrators About Me @danveloper /danveloper #editor danielpwoods@gmail.com
Groovy for System Administrators About Me
Groovy for System Administrators “System Administration is a multi-faceted problem domain, not dissimilar from programming.” - Me, just now.
Groovy for System Administrators At a high level... Provisioning Deployment Management
Groovy for System Administrators  Provisioning ./“Building” the server ./Creating installation media ./Installing the server
Groovy for System Administrators  Deployment ./Getting our app on the server ./Making sure it runs there ./Managing environment dependencies
Groovy for System Administrators  Management ./Maintaining users ./Managing resource authorization ./Designing security
Groovy for System Administrators “We need to rethink the way that we build and work with server environments.” - Me, just now.
Groovy for System Administrators  Environment Considerations ./Disaster Recovery ./Auditing ./Testing (Test Network)
Groovy for System Administrators  Environment Considerations Should be able to rapidly recover or reproduce an environment from configuration and archives
Groovy for System Administrators  Programmatic Strategy ./Download install media ./Modify with kickstart ./Produce and archive reusable install media
Groovy for System Administrators Build Servers with Gradle ./“Version Control” the infrastructure ./Integrate with CI ./Archive “Builds” for recovery/regeneration purposes ./Whole environment build and deploy
Groovy for System Administrators Provisioning Gradle Plugin http://github.com/danveloper/provisioning-gradle-plugin
Groovy for System Administrators Provisioning and Deployment Through CI “qa-web-server” --- application-services (rabbitmq) `-- build: jar, packaging: rpm `-- deployment: “Network Yum Repo” --- application-webapp (grails) `-- build: war, packaging: rpm `-- deployment: “Network Yum Repo”
Groovy for System Administrators Authentication Hacking .with(Groovy)
Groovy for System Administrators  Pluggable Authentication Modules * * * * Account Details Authentication Password Changes Session Interaction
Groovy for System Administrators  PAM Account & Authentication ./LDAP Integration (pam_ldap) ./Active Directory ./Radius ./etc...
Groovy for System Administrators  PAM Account & Authentication Why not Spring Security from Grails?
Groovy for System Administrators  Pluggable Authentication Modules pam_exec.so – allows an external script to provide for any layer of the PAM stack
Groovy for System Administrators  PAM Account & Authentication w/ Grails Add to /etc/pam.d/login: auth account sufficient sufficient pam_exec.so debug expose_authtok /etc/security/onauth pam_exec.so /etc/security/onaccount Create /etc/security/onauth script and mark it executable: #!/bin/sh pass=`cat`; result=$(curl -s -d "user=$PAM_USER&pass=$pass" http://192.168.0.106:8080/grails-springsec/auth) if [ "$result" != "success" ]; then exit 1; else /usr/sbin/useradd $PAM_USER -m -k /etc/skel exit 0; fi
Groovy for System Administrators Kernel Hacking .with(Groovy) #include <linux/kernel.h> #include <linux/module.h> #include “groovy.h” #define #define #define #define ITEM_1 ITEM_2 ITEM_3 ITEM_4 “Kernel Space IPC with User Space Groovy” “sys_call_table manipulation” “syscall hacking for Groovy-defined ruleset” “Groovy DSLs for every occasion!”
Groovy for System Administrators Kernel Hacking  The Kernel is modular, allows influence from external sources  Provides a variety of “hooks” into nearly all aspects of the server and its state  Handling of logistical operations, like metrics and reporting  Influence over nearly all of the server’s operation
Groovy for System Administrators  Kernel Space IPC w/ User Space Groovy Kernel Memory Userland Memory procfs netlink Kernel Processes mmap udp Userland Processes
Groovy for System Administrators  Groovy ACL DSL for Filesystem Behavior mkdir() MKDIR syscall table __NR_mkdir mkdir_code filesystem
Groovy for System Administrators  Groovy ACL DSL for Filesystem Behavior MKDIR mkdir() original mkdir_code syscall table intercepted mkdir_code filesystem
Groovy for System Administrators Kernel Hacking Other Thing We Might Do...  Packet inspection (a la IDS)  Network manipulation (rewrite headers, compression, etc)  Tag packets, and correlate with process/application  User and application oriented metrics gathering
Groovy for System Administrators try { “Groovy for System Administrators”() } finally { Utilize.groovy() as FullstackInfrastructureComponent } The end.

Recommended

2. auto deploy to tomcat on jenkins
2. auto deploy to tomcat on jenkins2. auto deploy to tomcat on jenkins
2. auto deploy to tomcat on jenkins
Huang Bruce
 
Nodejs Intro - Part2 Introduction to Web Applications
Nodejs Intro - Part2 Introduction to Web ApplicationsNodejs Intro - Part2 Introduction to Web Applications
Nodejs Intro - Part2 Introduction to Web Applications
Budh Ram Gurung
 
Spring IO '15 - Developing microservices, Spring Boot or Grails?
Spring IO '15 - Developing microservices, Spring Boot or Grails?Spring IO '15 - Developing microservices, Spring Boot or Grails?
Spring IO '15 - Developing microservices, Spring Boot or Grails?
Fátima Casaú Pérez
 
Jenkins and Groovy
Jenkins and GroovyJenkins and Groovy
Jenkins and Groovy
Kiyotaka Oku
 
Vagrant plugin development intro
Vagrant plugin development introVagrant plugin development intro
Vagrant plugin development intro
Budh Ram Gurung
 
Nodejs Intro Part One
Nodejs Intro Part OneNodejs Intro Part One
Nodejs Intro Part One
Budh Ram Gurung
 
Welcome to Jenkins
Welcome to JenkinsWelcome to Jenkins
Welcome to Jenkins
Somkiat Puisungnoen
 
Introduction to Express and Grunt
Introduction to Express and GruntIntroduction to Express and Grunt
Introduction to Express and Grunt
Peter deHaan
 

Recommended

2. auto deploy to tomcat on jenkins
2. auto deploy to tomcat on jenkins2. auto deploy to tomcat on jenkins
2. auto deploy to tomcat on jenkins
Huang Bruce
 
Nodejs Intro - Part2 Introduction to Web Applications
Nodejs Intro - Part2 Introduction to Web ApplicationsNodejs Intro - Part2 Introduction to Web Applications
Nodejs Intro - Part2 Introduction to Web Applications
Budh Ram Gurung
 
Spring IO '15 - Developing microservices, Spring Boot or Grails?
Spring IO '15 - Developing microservices, Spring Boot or Grails?Spring IO '15 - Developing microservices, Spring Boot or Grails?
Spring IO '15 - Developing microservices, Spring Boot or Grails?
Fátima Casaú Pérez
 
Jenkins and Groovy
Jenkins and GroovyJenkins and Groovy
Jenkins and Groovy
Kiyotaka Oku
 
Vagrant plugin development intro
Vagrant plugin development introVagrant plugin development intro
Vagrant plugin development intro
Budh Ram Gurung
 
Nodejs Intro Part One
Nodejs Intro Part OneNodejs Intro Part One
Nodejs Intro Part One
Budh Ram Gurung
 
Welcome to Jenkins
Welcome to JenkinsWelcome to Jenkins
Welcome to Jenkins
Somkiat Puisungnoen
 
Introduction to Express and Grunt
Introduction to Express and GruntIntroduction to Express and Grunt
Introduction to Express and Grunt
Peter deHaan
 
Capistrano与jenkins(hudson)在java web项目中的实践
Capistrano与jenkins(hudson)在java web项目中的实践Capistrano与jenkins(hudson)在java web项目中的实践
Capistrano与jenkins(hudson)在java web项目中的实践
crazycode t
 
Npm scripts
Npm scriptsNpm scripts
Npm scripts
정윤 김
 
Docker
DockerDocker
Docker
The Software House
 
Webinar - Manage Firewall with Puppet
Webinar - Manage Firewall with PuppetWebinar - Manage Firewall with Puppet
Webinar - Manage Firewall with Puppet
OlinData
 
Bower & Grunt - A practical workflow
Bower & Grunt - A practical workflowBower & Grunt - A practical workflow
Bower & Grunt - A practical workflow
Riccardo Coppola
 
"How to deploy to production 10 times a day" Андрей Шумада
"How to deploy to production 10 times a day" Андрей Шумада"How to deploy to production 10 times a day" Андрей Шумада
"How to deploy to production 10 times a day" Андрей Шумада
Fwdays
 
Puppeteer - Headless Chrome Node API
Puppeteer - Headless Chrome Node APIPuppeteer - Headless Chrome Node API
Puppeteer - Headless Chrome Node API
Wilson Su
 
How to Build & Deploy a HelloWorld API function using Java on OpenShift in...
How to Build & Deploy a HelloWorld API function using Java on OpenShift in...How to Build & Deploy a HelloWorld API function using Java on OpenShift in...
How to Build & Deploy a HelloWorld API function using Java on OpenShift in...
Jan Vosecky
 
node.js app deploy to heroku PaaS
node.js app deploy to heroku PaaSnode.js app deploy to heroku PaaS
node.js app deploy to heroku PaaS
Caesar Chi
 
Grunt and Bower
Grunt and BowerGrunt and Bower
Grunt and Bower
George Estebe
 
First steps with Gutenberg for developers - WC Prague 2020
First steps with Gutenberg for developers - WC Prague 2020First steps with Gutenberg for developers - WC Prague 2020
First steps with Gutenberg for developers - WC Prague 2020
Magdalena Paciorek
 
Building scala with bazel
Building scala with bazelBuilding scala with bazel
Building scala with bazel
Natan Silnitsky
 
Lviv 2013 d7 vs d8
Lviv 2013 d7 vs d8Lviv 2013 d7 vs d8
Lviv 2013 d7 vs d8
Andy Postnikov
 
Gr8conf - The Groovy Ecosystem Revisited
Gr8conf - The Groovy Ecosystem RevisitedGr8conf - The Groovy Ecosystem Revisited
Gr8conf - The Groovy Ecosystem Revisited
Andres Almiray
 
Developer mode on, czyli słów kilka o rbenv, rvm i ruby-ng
Developer mode on, czyli słów kilka o rbenv, rvm i ruby-ng Developer mode on, czyli słów kilka o rbenv, rvm i ruby-ng
Developer mode on, czyli słów kilka o rbenv, rvm i ruby-ng
The Software House
 
Capistrano deploy Magento project in an efficient way
Capistrano deploy Magento project in an efficient wayCapistrano deploy Magento project in an efficient way
Capistrano deploy Magento project in an efficient way
Sylvain Rayé
 
Grooving with Jenkins
Grooving with JenkinsGrooving with Jenkins
Grooving with Jenkins
Anton Weiss
 
60分鐘完送百萬edm,背後雲端ci/cd實戰大公開
60分鐘完送百萬edm,背後雲端ci/cd實戰大公開60分鐘完送百萬edm,背後雲端ci/cd實戰大公開
60分鐘完送百萬edm,背後雲端ci/cd實戰大公開
KAI CHU CHUNG
 
Development with Vagrant
Development with VagrantDevelopment with Vagrant
Development with Vagrant
John Coggeshall
 
Bower - A package manager for the web
Bower - A package manager for the webBower - A package manager for the web
Bower - A package manager for the web
Larry Nung
 
Building a scalable API with Grails
Building a scalable API with GrailsBuilding a scalable API with Grails
Building a scalable API with Grails
Tanausu Cerdeña
 
Groovy & Grails: Scripting for Modern Web Applications
Groovy & Grails: Scripting for Modern Web ApplicationsGroovy & Grails: Scripting for Modern Web Applications
Groovy & Grails: Scripting for Modern Web Applications
rohitnayak
 

More Related Content

What's hot

Gr8conf - The Groovy Ecosystem Revisited
Gr8conf - The Groovy Ecosystem RevisitedGr8conf - The Groovy Ecosystem Revisited
Gr8conf - The Groovy Ecosystem Revisited
Andres Almiray
 

What's hot (20)

Capistrano与jenkins(hudson)在java web项目中的实践
Capistrano与jenkins(hudson)在java web项目中的实践Capistrano与jenkins(hudson)在java web项目中的实践
Capistrano与jenkins(hudson)在java web项目中的实践
 
Npm scripts
Npm scriptsNpm scripts
Npm scripts
 
Docker
DockerDocker
Docker
 
Webinar - Manage Firewall with Puppet
Webinar - Manage Firewall with PuppetWebinar - Manage Firewall with Puppet
Webinar - Manage Firewall with Puppet
 
Bower & Grunt - A practical workflow
Bower & Grunt - A practical workflowBower & Grunt - A practical workflow
Bower & Grunt - A practical workflow
 
"How to deploy to production 10 times a day" Андрей Шумада
"How to deploy to production 10 times a day" Андрей Шумада"How to deploy to production 10 times a day" Андрей Шумада
"How to deploy to production 10 times a day" Андрей Шумада
 
Puppeteer - Headless Chrome Node API
Puppeteer - Headless Chrome Node APIPuppeteer - Headless Chrome Node API
Puppeteer - Headless Chrome Node API
 
How to Build & Deploy a HelloWorld API function using Java on OpenShift in...
How to Build & Deploy a HelloWorld API function using Java on OpenShift in...How to Build & Deploy a HelloWorld API function using Java on OpenShift in...
How to Build & Deploy a HelloWorld API function using Java on OpenShift in...
 
node.js app deploy to heroku PaaS
node.js app deploy to heroku PaaSnode.js app deploy to heroku PaaS
node.js app deploy to heroku PaaS
 
Grunt and Bower
Grunt and BowerGrunt and Bower
Grunt and Bower
 
First steps with Gutenberg for developers - WC Prague 2020
First steps with Gutenberg for developers - WC Prague 2020First steps with Gutenberg for developers - WC Prague 2020
First steps with Gutenberg for developers - WC Prague 2020
 
Building scala with bazel
Building scala with bazelBuilding scala with bazel
Building scala with bazel
 
Lviv 2013 d7 vs d8
Lviv 2013 d7 vs d8Lviv 2013 d7 vs d8
Lviv 2013 d7 vs d8
 
Gr8conf - The Groovy Ecosystem Revisited
Gr8conf - The Groovy Ecosystem RevisitedGr8conf - The Groovy Ecosystem Revisited
Gr8conf - The Groovy Ecosystem Revisited
 
Developer mode on, czyli słów kilka o rbenv, rvm i ruby-ng
Developer mode on, czyli słów kilka o rbenv, rvm i ruby-ng Developer mode on, czyli słów kilka o rbenv, rvm i ruby-ng
Developer mode on, czyli słów kilka o rbenv, rvm i ruby-ng
 
Capistrano deploy Magento project in an efficient way
Capistrano deploy Magento project in an efficient wayCapistrano deploy Magento project in an efficient way
Capistrano deploy Magento project in an efficient way
 
Grooving with Jenkins
Grooving with JenkinsGrooving with Jenkins
Grooving with Jenkins
 
60分鐘完送百萬edm,背後雲端ci/cd實戰大公開
60分鐘完送百萬edm,背後雲端ci/cd實戰大公開60分鐘完送百萬edm,背後雲端ci/cd實戰大公開
60分鐘完送百萬edm,背後雲端ci/cd實戰大公開
 
Development with Vagrant
Development with VagrantDevelopment with Vagrant
Development with Vagrant
 
Bower - A package manager for the web
Bower - A package manager for the webBower - A package manager for the web
Bower - A package manager for the web
 

Viewers also liked

Groovy & Grails: Scripting for Modern Web Applications
Groovy & Grails: Scripting for Modern Web ApplicationsGroovy & Grails: Scripting for Modern Web Applications
Groovy & Grails: Scripting for Modern Web Applications
rohitnayak
 
Nuevas tecnologías de la informacion, montse
Nuevas tecnologías de la informacion, montseNuevas tecnologías de la informacion, montse
Nuevas tecnologías de la informacion, montse
Monica Castillo
 
幽霊島の殺人ルールサマリー
幽霊島の殺人ルールサマリー幽霊島の殺人ルールサマリー
幽霊島の殺人ルールサマリー
niconico_sho
 
Introducción a la Computación MAE 29
Introducción a la Computación MAE 29Introducción a la Computación MAE 29
Introducción a la Computación MAE 29
lagreda76
 
交點高雄vol.7 - 安蓉 - 傳說中的文化差異
交點高雄vol.7 - 安蓉 - 傳說中的文化差異交點高雄vol.7 - 安蓉 - 傳說中的文化差異
交點高雄vol.7 - 安蓉 - 傳說中的文化差異
交點
 
Adição de ácido clorídrico no meio reacional
Adição de ácido clorídrico no meio reacionalAdição de ácido clorídrico no meio reacional
Adição de ácido clorídrico no meio reacional
Anderson Lima
 

Viewers also liked (16)

Building a scalable API with Grails
Building a scalable API with GrailsBuilding a scalable API with Grails
Building a scalable API with Grails
 
Groovy & Grails: Scripting for Modern Web Applications
Groovy & Grails: Scripting for Modern Web ApplicationsGroovy & Grails: Scripting for Modern Web Applications
Groovy & Grails: Scripting for Modern Web Applications
 
Nuevas tecnologías de la informacion, montse
Nuevas tecnologías de la informacion, montseNuevas tecnologías de la informacion, montse
Nuevas tecnologías de la informacion, montse
 
Gamification at SharePoint Saturday Belgium
Gamification at SharePoint Saturday BelgiumGamification at SharePoint Saturday Belgium
Gamification at SharePoint Saturday Belgium
 
Path visio3
Path visio3Path visio3
Path visio3
 
Google analytics для тизерной рекламы
Google analytics для тизерной рекламыGoogle analytics для тизерной рекламы
Google analytics для тизерной рекламы
 
幽霊島の殺人ルールサマリー
幽霊島の殺人ルールサマリー幽霊島の殺人ルールサマリー
幽霊島の殺人ルールサマリー
 
Introducción a la Computación MAE 29
Introducción a la Computación MAE 29Introducción a la Computación MAE 29
Introducción a la Computación MAE 29
 
Participant-Centered Consent Toolkit Overview
Participant-Centered Consent Toolkit OverviewParticipant-Centered Consent Toolkit Overview
Participant-Centered Consent Toolkit Overview
 
交點高雄vol.7 - 安蓉 - 傳說中的文化差異
交點高雄vol.7 - 安蓉 - 傳說中的文化差異交點高雄vol.7 - 安蓉 - 傳說中的文化差異
交點高雄vol.7 - 安蓉 - 傳說中的文化差異
 
Laughter is the best medicine
Laughter is the best medicineLaughter is the best medicine
Laughter is the best medicine
 
Outubro jardim
Outubro jardimOutubro jardim
Outubro jardim
 
The Science of Guru
The Science of GuruThe Science of Guru
The Science of Guru
 
Use of data
Use of dataUse of data
Use of data
 
Dh presentation helig 2014
Dh presentation helig 2014Dh presentation helig 2014
Dh presentation helig 2014
 
Adição de ácido clorídrico no meio reacional
Adição de ácido clorídrico no meio reacionalAdição de ácido clorídrico no meio reacional
Adição de ácido clorídrico no meio reacional
 

Similar to Groovy for System Administrators

Azure from scratch part 4
Azure from scratch part 4Azure from scratch part 4
Azure from scratch part 4
Girish Kalamati
 
Free tools for win server administration
Free tools for win server administrationFree tools for win server administration
Free tools for win server administration
Concentrated Technology
 
Boris Stoyanov - Troubleshooting the Virtual Router - Run and Get Diagnostics
Boris Stoyanov - Troubleshooting the Virtual Router - Run and Get DiagnosticsBoris Stoyanov - Troubleshooting the Virtual Router - Run and Get Diagnostics
Boris Stoyanov - Troubleshooting the Virtual Router - Run and Get Diagnostics
ShapeBlue
 

Similar to Groovy for System Administrators (20)

Deployment talk dpc 13
Deployment talk dpc 13Deployment talk dpc 13
Deployment talk dpc 13
 
Azure from scratch part 4
Azure from scratch part 4Azure from scratch part 4
Azure from scratch part 4
 
Null bhopal Sep 2016: What it Takes to Secure a Web Application
Null bhopal Sep 2016: What it Takes to Secure a Web ApplicationNull bhopal Sep 2016: What it Takes to Secure a Web Application
Null bhopal Sep 2016: What it Takes to Secure a Web Application
 
Development Setup of B-Translator
Development Setup of B-TranslatorDevelopment Setup of B-Translator
Development Setup of B-Translator
 
Operating Docker
Operating DockerOperating Docker
Operating Docker
 
Free tools for win server administration
Free tools for win server administrationFree tools for win server administration
Free tools for win server administration
 
Tame Your Build And Deployment Process With Hudson, PHPUnit, and SSH
Tame Your Build And Deployment Process With Hudson, PHPUnit, and SSHTame Your Build And Deployment Process With Hudson, PHPUnit, and SSH
Tame Your Build And Deployment Process With Hudson, PHPUnit, and SSH
 
Prometheus and Docker (Docker Galway, November 2015)
Prometheus and Docker (Docker Galway, November 2015)Prometheus and Docker (Docker Galway, November 2015)
Prometheus and Docker (Docker Galway, November 2015)
 
Best free tools for w d a
Best free tools for w d aBest free tools for w d a
Best free tools for w d a
 
Best free tools for win database admin
Best free tools for win database adminBest free tools for win database admin
Best free tools for win database admin
 
EuroPython 2014 Devops Risk Mitigation
EuroPython 2014 Devops Risk MitigationEuroPython 2014 Devops Risk Mitigation
EuroPython 2014 Devops Risk Mitigation
 
JDD 2017: 7 things which you should care about before release your code to pr...
JDD 2017: 7 things which you should care about before release your code to pr...JDD 2017: 7 things which you should care about before release your code to pr...
JDD 2017: 7 things which you should care about before release your code to pr...
 
Pyramid Deployment and Maintenance
Pyramid Deployment and MaintenancePyramid Deployment and Maintenance
Pyramid Deployment and Maintenance
 
So you want to be a security expert
So you want to be a security expertSo you want to be a security expert
So you want to be a security expert
 
Building a Gateway Server
Building a Gateway ServerBuilding a Gateway Server
Building a Gateway Server
 
Dev ops
Dev opsDev ops
Dev ops
 
Boris Stoyanov - Troubleshooting the Virtual Router - Run and Get Diagnostics
Boris Stoyanov - Troubleshooting the Virtual Router - Run and Get DiagnosticsBoris Stoyanov - Troubleshooting the Virtual Router - Run and Get Diagnostics
Boris Stoyanov - Troubleshooting the Virtual Router - Run and Get Diagnostics
 
It Works On Dev
It Works On DevIt Works On Dev
It Works On Dev
 
Deploying Symfony | symfony.cat
Deploying Symfony | symfony.catDeploying Symfony | symfony.cat
Deploying Symfony | symfony.cat
 
How to manage Azure with open source
How to manage Azure with open sourceHow to manage Azure with open source
How to manage Azure with open source
 

More from Daniel Woods

More from Daniel Woods (14)

Continuous Delivery with Spinnaker and OpenStack
Continuous Delivery with Spinnaker and OpenStackContinuous Delivery with Spinnaker and OpenStack
Continuous Delivery with Spinnaker and OpenStack
 
High Performance Microservices with Ratpack and Spring Boot
High Performance Microservices with Ratpack and Spring BootHigh Performance Microservices with Ratpack and Spring Boot
High Performance Microservices with Ratpack and Spring Boot
 
Groovy in the Cloud
Groovy in the CloudGroovy in the Cloud
Groovy in the Cloud
 
Ratpack - SpringOne2GX 2015
Ratpack - SpringOne2GX 2015Ratpack - SpringOne2GX 2015
Ratpack - SpringOne2GX 2015
 
Ratpack Web Framework
Ratpack Web FrameworkRatpack Web Framework
Ratpack Web Framework
 
Microservices: The Right Way
Microservices: The Right WayMicroservices: The Right Way
Microservices: The Right Way
 
Ratpack Web Framework
Ratpack Web FrameworkRatpack Web Framework
Ratpack Web Framework
 
Facilitating Continuous Delivery at Scale
Facilitating Continuous Delivery at ScaleFacilitating Continuous Delivery at Scale
Facilitating Continuous Delivery at Scale
 
Continuous Delivery with NetflixOSS
Continuous Delivery with NetflixOSSContinuous Delivery with NetflixOSS
Continuous Delivery with NetflixOSS
 
Server-Side JavaScript with Nashorn
Server-Side JavaScript with NashornServer-Side JavaScript with Nashorn
Server-Side JavaScript with Nashorn
 
Future of Grails
Future of GrailsFuture of Grails
Future of Grails
 
Message Driven Architecture in Grails
Message Driven Architecture in GrailsMessage Driven Architecture in Grails
Message Driven Architecture in Grails
 
Building Web Apps in Ratpack
Building Web Apps in RatpackBuilding Web Apps in Ratpack
Building Web Apps in Ratpack
 
Gainesville Web Developer Group, Sept 2012
Gainesville Web Developer Group, Sept 2012Gainesville Web Developer Group, Sept 2012
Gainesville Web Developer Group, Sept 2012
 

Recently uploaded

Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
panagenda
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
WSO2
 

Recently uploaded (20)

Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistan
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
 
Platformless Horizons for Digital Adaptability
Platformless Horizons for Digital AdaptabilityPlatformless Horizons for Digital Adaptability
Platformless Horizons for Digital Adaptability
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
WSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering Developers
 

Groovy for System Administrators

  • 1. London, Dec 2013 Groovy for System Administrators Dan Woods
  • 2. Groovy for System Administrators About Me @danveloper /danveloper #editor danielpwoods@gmail.com
  • 3. Groovy for System Administrators About Me
  • 4. Groovy for System Administrators “System Administration is a multi-faceted problem domain, not dissimilar from programming.” - Me, just now.
  • 5. Groovy for System Administrators At a high level... Provisioning Deployment Management
  • 6. Groovy for System Administrators  Provisioning ./“Building” the server ./Creating installation media ./Installing the server
  • 7. Groovy for System Administrators  Deployment ./Getting our app on the server ./Making sure it runs there ./Managing environment dependencies
  • 8. Groovy for System Administrators  Management ./Maintaining users ./Managing resource authorization ./Designing security
  • 9. Groovy for System Administrators “We need to rethink the way that we build and work with server environments.” - Me, just now.
  • 10. Groovy for System Administrators  Environment Considerations ./Disaster Recovery ./Auditing ./Testing (Test Network)
  • 11. Groovy for System Administrators  Environment Considerations Should be able to rapidly recover or reproduce an environment from configuration and archives
  • 12. Groovy for System Administrators  Programmatic Strategy ./Download install media ./Modify with kickstart ./Produce and archive reusable install media
  • 13. Groovy for System Administrators Build Servers with Gradle ./“Version Control” the infrastructure ./Integrate with CI ./Archive “Builds” for recovery/regeneration purposes ./Whole environment build and deploy
  • 14. Groovy for System Administrators Provisioning Gradle Plugin http://github.com/danveloper/provisioning-gradle-plugin
  • 15. Groovy for System Administrators Provisioning and Deployment Through CI “qa-web-server” --- application-services (rabbitmq) `-- build: jar, packaging: rpm `-- deployment: “Network Yum Repo” --- application-webapp (grails) `-- build: war, packaging: rpm `-- deployment: “Network Yum Repo”
  • 16. Groovy for System Administrators Authentication Hacking .with(Groovy)
  • 17. Groovy for System Administrators  Pluggable Authentication Modules * * * * Account Details Authentication Password Changes Session Interaction
  • 18. Groovy for System Administrators  PAM Account & Authentication ./LDAP Integration (pam_ldap) ./Active Directory ./Radius ./etc...
  • 19. Groovy for System Administrators  PAM Account & Authentication Why not Spring Security from Grails?
  • 20. Groovy for System Administrators  Pluggable Authentication Modules pam_exec.so – allows an external script to provide for any layer of the PAM stack
  • 21. Groovy for System Administrators  PAM Account & Authentication w/ Grails Add to /etc/pam.d/login: auth account sufficient sufficient pam_exec.so debug expose_authtok /etc/security/onauth pam_exec.so /etc/security/onaccount Create /etc/security/onauth script and mark it executable: #!/bin/sh pass=`cat`; result=$(curl -s -d "user=$PAM_USER&pass=$pass" http://192.168.0.106:8080/grails-springsec/auth) if [ "$result" != "success" ]; then exit 1; else /usr/sbin/useradd $PAM_USER -m -k /etc/skel exit 0; fi
  • 22. Groovy for System Administrators Kernel Hacking .with(Groovy) #include <linux/kernel.h> #include <linux/module.h> #include “groovy.h” #define #define #define #define ITEM_1 ITEM_2 ITEM_3 ITEM_4 “Kernel Space IPC with User Space Groovy” “sys_call_table manipulation” “syscall hacking for Groovy-defined ruleset” “Groovy DSLs for every occasion!”
  • 23. Groovy for System Administrators Kernel Hacking  The Kernel is modular, allows influence from external sources  Provides a variety of “hooks” into nearly all aspects of the server and its state  Handling of logistical operations, like metrics and reporting  Influence over nearly all of the server’s operation
  • 24. Groovy for System Administrators  Kernel Space IPC w/ User Space Groovy Kernel Memory Userland Memory procfs netlink Kernel Processes mmap udp Userland Processes
  • 25. Groovy for System Administrators  Groovy ACL DSL for Filesystem Behavior mkdir() MKDIR syscall table __NR_mkdir mkdir_code filesystem
  • 26. Groovy for System Administrators  Groovy ACL DSL for Filesystem Behavior MKDIR mkdir() original mkdir_code syscall table intercepted mkdir_code filesystem
  • 27. Groovy for System Administrators Kernel Hacking Other Thing We Might Do...  Packet inspection (a la IDS)  Network manipulation (rewrite headers, compression, etc)  Tag packets, and correlate with process/application  User and application oriented metrics gathering
  • 28. Groovy for System Administrators try { “Groovy for System Administrators”() } finally { Utilize.groovy() as FullstackInfrastructureComponent } The end.

Editor's Notes

  1. in any non-trivial environment, need to build thing in standard way, or at least in a way that somebody else can reproduce
  2. “build servers and environments like we build code projects”
  3. organizations are steadily shifting from systems-centric to software-centric environments. Why not have your already-robust application authentication manage your server-authentication as well?
  4. Tagging packets may allow for a correlation of application user to incoming server packet, may be useful for issue debugging (jetty ajp issue)May want to make a call to the hypervisor to hot-plug a cpu or memory as needed