Upgrade to Pro — share decks privately, control downloads, hide ads and more …

How to quit ssh in 90 days

How to quit ssh in 90 days

Avatar for Jérôme Dassonville

Jérôme Dassonville

February 23, 2018
Tweet

Other Decks in Technology

Transcript

  1. What is ssh ? SSH is a cryptographic network protocol

    for operating network services securely over an unsecured network. @jdassonvil
  2. The cools kids like ssh • You can do everything

    you want • Your family think you are talking to the matrix • You can impress your coworkers @jdassonvil
  3. Why it’s bad • You can do everything you want

    • It doesn’t force you to define a process • It does not scale @jdassonvil
  4. What do we do with our ssh connection ? 1.

    Manage software pieces ◦ Deploy binaries and configuration ◦ Configure load balancers and firewalls ◦ Upscale or downscale @jdassonvil
  5. What do we do with our ssh connection ? 1.

    Manage software pieces 2. Manage the platform ◦ Configure servers ◦ Upgrades OS ◦ Clean up stuff @jdassonvil
  6. What do we do with our ssh connection ? 1.

    Manage software pieces 2. Manage the platform 3. Troubleshoot ◦ Read the logs ◦ Check the system metrics ◦ Read the config files @jdassonvil
  7. What do we do with our ssh connection ? 1.

    Manage software pieces 2. Manage the platform 3. Troubleshoot @jdassonvil
  8. Deployment maturity levels Level 1: No automation Level 2: Daily

    operation are scripted Level 3: THE deploy button Level 4: Changes flow continuously to prod
  9. What containers technology brings us A set of good old

    unix features (cgroup, namespaces) that guarantee the isolation of your applications + a packaging format + an api to control them + many more we won’t discuss
  10. How to move to containers 1. Write a dockerfile for

    all your apps 2. Run them with pragmatism ◦ Use host network ◦ Mount host volumes ◦ Don’t try to run more services per host 3. Update your custom tools (if any)
  11. What do we do with our ssh connection ? 1.

    Manage software pieces 2. Manage the platform 3. Troubleshoot @jdassonvil
  12. Improving the culture • Break the habits • Don’t make

    people’s life easy on servers • Kill your pets • Monitor your ssh usage
  13. Revoking ssh access • You might have to do it

    to comply with HIPAA/PCI/… • If not make it a real privilege