Vivek Juneja of GS Shop’s Container Platform Team, at MesosCon Asia 2016, shares how he and his team moved to a new agile way of running the datacenter.
From Yawn-Driven Deployment to DevOps Tipping Point
GS Shop is one of the largest TV shopping networks in Asia, and one of the largest e-commerce sites in Korea with more than 1000 employees and 1.5 million users daily. Vivek Juneja of GS Shop’s Container Platform Team, at MesosCon Asia 2016, shares how he and his team moved this behemoth to the new agile way of running the datacenter.
We know that change is not easy, and Juneja shares many valuable insights in how to successfully manage completely revamping your IT department. Progress is hard even when the old way is difficult. Juneja describes their old practice of “yawn-driven deployment”: “We practice something called Yawn-Driven Deployment, deploying at 3:00 a.m. That’s what we were doing for a long time. Everybody gets together at 3:00 a.m. It’s a party. We deploy, and we have a lot of yawns, and that code goes to production.” Nobody really like working this way, but it’s what they are used to.
“When we look at any deployments or adoption of DevOps practices,” says Juneja, “We try to follow this adoption graph, which means, at the beginning, you’re in Evaluation Stage. And then you’ll start putting something in production so that you get some feedback, and teams get some confidence that this thing works. And once you reach a confidence in a production environment, you will likely see a tipping point.”
Juneja’s team deployed their new DevOps methodologies on both new and old services, running new and old side-by-side. “Which shows them the difference between the old style and the new style,” says Juneja, “Doing a compare-and-contrast node for that technology… we move traffic between them so that a particular percentage of traffic moves to the old environment and the rest goes to the containerized environment. This has trade-offs, but it also provides us the basis for proving the technology. So everything becomes mainstream. Everything becomes stable. That’s the time where we move everything to our new environment which uses Mesos.”
This process of introducing and proving changes systematically and in small steps worked so well that staffers went overboard and overloaded the new systems. “Our teams started creating more environments. They loved it so much, they would have environments for every new deployment that they were creating too much of it. Making it easy for our teams to deploy a service means there are too many of these environments laying around.” This is a common problem, users not understanding the true cost of their resource usage. Juneja’s team’s solution was to set automatic timeouts on dev-and-test environments. The infrastructure team learned about resource utilitization and developed good resource-management habits.
Watch Juneja’s full talk (below) to learn more excellent insights into progressing from yawn-driven development to a more comfortable schedule, and to learn about bringing all of your diverse and sometimes competing teams together and working towards common goals.
Interested in speaking at MesosCon Asia on June 21 – 22? Submit your proposal by March 25, 2017. Submit now>>
Not interested in speaking but want to attend? Linux.com readers can register now with the discount code, LINUXRD5, for 5% off the attendee registration price. Register now to save over $125!
How to Password Protect a Folder on Linux/Unix without Encryption
As operating systems, Linux/Unix put the user’s privacy and safety above all. While this has resulted in a product that many people swear by, it’s also led to certain features that may not be easy to discern at first sight. For instance, the possibility of password protecting directories without using encryption is something that many people don’t know about. While encrypting is definitely useful, it also has certain issues associated with it, including:
1. Decreased performance
No matter how strong your system is, opening encrypted folders tends to take up a considerable amount of resources, resulting in a slower and more cumbersome computer that’s not always fun to use.
2. Encryption prevents the folder’s contents from being searchable/indexed
By its very nature, encryption hides content. Therefore, the files inside the folder you’ve encrypted will not show up on any search or index attempts, which can be quite annoying when you’re looking for something specific.
As you can see, there are a number of issues that pop up whenever encryption is involved. While this kind of protection is necessary for sensitive material, a simple password would be enough to deter strangers from accessing folders of lesser importance. Luckily, Linux/Unix allow for this kind of password protection system as well, as evidenced by the following methods:
1. Changing file permissions
By modifying the permissions of certain files and folders, you can control who gets to access them. This way, they will only be readable by their owner. Anyone who’d want to change these permissions would have to type in a password, or sudo as root, which also requires a password. To change the permissions, just use the “chmod og-rwx filename” command on all the files you want to restrict access to.
2. Create a new user
You can also choose to create a new user for all your protected files and directories. Simply employ the “chown $newuser filename directoryname” and “chmod og-rwx filename directoryname” commands, taking care to replace “$newuser” with the new user account name. By using this method your files will be safe even if you forget to log out for any reason.
The methods described above do a good job of protecting your folders from unwarranted intrusions without resorting to encryption. Of course, a password protection system would be nothing without a good password, so take the time to come up with something that’s easy to remember for you, but hard to guess for others. Ideally, you should shy away from using information about yourself as a base for any password, since such passwords can rather easily be detected through some basic social engineering techniques. In fact, for most people nowadays it’s much easier to simply use a good password generator instead. These can be readily found online and generate passwords that are much harder to guess. Just be sure to write them down somewhere or use a dedicated password manager, lest you risk getting locked out of your own accounts.
That concludes our quick guide on how to password protect a folder on Linux/Unix the easy way. Keep in mind that this method is only recommended for sheltering low-priority folders, with encryption still being an irreplaceable tool when it comes to more important content.