Posts

VMWare Guests - The app window is blank white but the taskbar thumbnail is correct

Image
Ran into a situation recently in a Windows 10 Guest VM running in VMWare. The windows for a single program, Avira, were blank white. The weird part was that the taskbar thumbnail showed the window contents correctly. This felt like a driver error or mismatch. I have no idea which driver, host, or guest, caused the problem or when it occurred. Fix: Disable 3D Graphics Acceleration in the Guest The fix is pretty straightforward. My guest VM settings had "Accelerate 3D graphics" enabled.  Power down the Windows Guest VM. Pull up the VM settings Un-check Accelerate 3D graphcs Click OK Restart the Windows Guest VM

Building Skills - Centralized Expertise - Central Practices - Centers of Excellence/Communities of Practice

Image
This discussion is about what companies can do to upgrade technical skills and implement best practices to increase the quality and capabilities of delivery teams.  It is not discussing project management or cross-team delivery issues. This is mostly built on experience with Software Delivery and Development. The general concepts are probably valid for process teams that require multiple skills. Delivery Team Complexity Software delivery continues to evolve requiring ever-increasing technical expertise as system complexity, system scale, and compliance regulations increase.  Modern applications face continually evolving security threats further increasing the burden on software delivery teams.  Shift Left initiatives increase the accountability and responsibilities of the same delivery teams .    This image shows some of the roles played by delivery teams as part of historical capabilities in addition to those added as part of  You Build It You

There was a time before Amazon and AWS were Enterprise Ready

It is hard for many to remember when Amazon and AWS weren't really enterprise-ready.  AWS wasn't really AWS in the beginning. It was really a scalable data center. The company restricted its employees to locations where the Amazon store  collected sales tax  which really ended in 2016.  Amazon pivoted to PaaS with the introduction of  S3 and EC2 in 2012 .  This is when AWS started moving from being a data center to the internet's operating system   Amazon Called An Amazon cloud engineer called me in the early 2010s wanting to know if I was interested in a Field Engineering position with AWS. I had worked for a few vendors by this point and was pretty interested.  There were only two  field/cloud/customer engineers  covering the entire USA , and possibly the planet. I don't remember the geography.   Both engineers worked in Seattle.  We discussed how they worked at that time. I couldn't see how it would be successful with enterprise customers and said so. All personn

Azure Hub and Spoke VNets - Private Endpoints and Private DNS Zones

Image
Azure makes it simple to access Azure Cloud Services  from your processes in Azure over the public network.  Things become a little more complicated when you implement the best practice of restricting access to your Azure Services to only your Azure networks (VNets).  This simple action drags in Private Link Endpoints  and Private DNS Zones .  Enterprises typically then layer on multiple Virtual Networks (VNets) for management and control purposes. This VNET Hub and Spoke architecture is pretty common though Microsoft has recently been advising customers to implement HUB and Spoke more through subnets than VNets. This reduces VNet sprawl and the amount of peering and other network magic required   See YouTube video links below Private Endpoints / Private DNS Zones  Azure Standard Sevices can be restricted from the Public Internet to your private Virtual Network (VNet) through the use of Private Link Endpoints (PLE). The PLEs essentially create private connections from a Network Interfa

DNS for Azure Point to Site (P2S) VPN - getting the internal IPs

Image
I wanted to access all my Azure resources without making any of them visible to the Internet.   The easiest give my local machine access to everything on my Azure Virtual Network (VNET) was to connect to it over VPN. It turns out creating Azure VPN gateways and connecting to Azure VPN endpoints is easy.  There are some subtleties in getting DNS name resolution to work that can confuse when first starting out. Setting the Stage There are a few ways to get to Azure endpoints and resources that are blocked from the internet.  We can  Create a Point-to-Site connection from our local machines to Azure Network Gateways Create a Site-to-Site network connection from our local networks to Azure Network Gateways. Use Bastion Hosts Use Cloud Shell Leave everything open to the internet. I chose a Point-to-Site (P2S) VPN connection that connects from my laptop to a VNet Gateway.  That joins my laptop

Wayback - Middle school computer programming with paper tape and only one run per day

Image
My first programming was in middle school where we could create programs that would run at night when the school district mainframe was idle. We created Basic programs on paper tape and left the tapes in a basket on the floor. Someone would feed the paper tapes into the teletype reader overnight and put the tape and the printout result back in the basket. You got one program execution per day.  You always had to wait until the next data to find out if it worked. A single program error meant rekey, patch, and then waiting.  I think we could run our own programs on an occasional weekend but can't be sure. I am pretty sure that it punched the tape as you typed the program.  This meant you wrote down your exact program before you came in. You had to manually fix errors in a tape by generating a fix tape that you spliced the fix into the middle of the original tape. I believe we used scissors and put blank characters at regular intervals to have a place to cut for a patch. We used the 7

Are gifs still cool? - Working across generations

Image
I fought using memes and emoticons in work chats as work inappropriate.  Then I decided that might be a geezer opinion and went with it, on a limited scale. I used one the other day and then asked a question about whether they were still cool.  My team totally had my back on it. ๐Ÿ‘ I heard GIFs were cool and then I heard they were for Millenials with a tone that said that Millenials are now considered old. Am I supposed to use GIF? or not? Are Millenials old?  If so compared to what? Do I have to use Generational GIFs like ASCII art๐Ÿ‘ด? Someone put up a comment that we weren't ready for a new programing language because we had enough trouble with the one are already using. I put up GIF along with a comment about how the language we were using was changing so much that it was the same thing.

Why so many software swim lanes and environments

Image
Software moves through different phases on its way to production. It starts as raw software that becomes more refined as it is tested and then moved to production.  Partner teams often need to test their current code against your new code to make sure there were no breaking changes.  Software versions currently in production must be available to other teams so that they can test their changes against your code that will be in production when their new changes are actually deployed.  Some companies can get by with as few as 3 environments. Others can have over 7 or 8. Click to expand The Video Walkthrough The Development Track This is the normal promotion process from development through test and into production. There can be some orchestration through shared environments or through environments that are integrated with other teams.  The development and test groups own the

Creating a No-Patch Security Cadence

Image
A zero-patch environment is one in which we redeploy our applications with updated dependencies as part of our normal Continuous Deployment process.  This is part of You Build It - You Own It We need to create a repeatable cadence for bringing in Operating systems, containers, application patches, and binary updates.  We can reduce some of our work by pushing as much of our workload as possible onto PaaS, serverless, and cloud services. Three Month Cycle Example This is a prototypical 3-month update cycle where an application is redeployed with security and bug fix updates at least every quarter. Click to enlarge The Image team identifies required operating and container image updates.  Application teams identify CVE library updates via automated scanners. The application teams start integrating library updates.  The image team

Mandate zero patching. Drive automation in the cloud.

Image
In-place patching is an anti-pattern for cloud-native applications that originates from the data center with low levels of automation for infrastructure and application management. The shift-left movement pushes ownership to the development teams that are best served by applying all changes via their CI/CD pipelines. This goes for infrastructure, containers, serverless, code, et al. Video Slides used in video The talk did not cover zero-day emergency patching.  Sometimes a mass update must be applied to all like systems.  In that case, patching may be supported with a full redeployment as soon as possible after that. Created 2022 03