Blog de Joe Freeman

"Let's do the time warp again..." Video A video version of this blog Business Cycle with Time dependencies? What is a business cycle and why do I need to test it?  I'm really talking about any type of business process that has time based business rules.  The rules can periodic in that they fire on a regular basis or they can one-time based on some time based criteria.  Most of the ones I've worked with are contract oriented or billing cycle oriented. Examples include telecom contracts, home mortgage servicing systems, term based insurance to just name a few.   They usually have some time based sequence of operations, date based rules and may have some type of state machine.   Testing is complicated by the fact that data may need to be of a certain age before processing begins.  Loan payments may need to be delinquent.  An insurance policy may start the renewal process some time before expiration.  Collateralize debt may have payment, ...

This post describes the basic relationships of ELBs (now ALBs), EC2 instances and ASGs.  I used AWS for over a year before I realized how Auto Scaling Groups actually interacted with ELBs and EC2 instances. Terms EC2: An Amazon virtual machine used to host applications and services.  EC2 instances can be pooled for scale or failover.  EC2 instances can be based on any of the Amazon EC2 machine types. Elastic Load Balancer (ELB): The basic load balancer provided by Amazon.  They are used as a reverse proxy servers for pools of EC2 instances.   ELBs determine instance health via basic health check operations. Auto Scaling Group (ASG): A control mechanism that manages how many EC2 instances make up a pool. ASGs will create new EC2 instances based on configured pool sizes. They can also auto-scale up and auto-scale down the pool sizes based on load.  ASGs can register created EC2 instances with associated ELBs. Availability Zones (AZ): An Amazo...

A coworker created a Chrome Extension that acts as a zero-infrastructure dashboard. It provides a simple home page that displays service health and support or documentation links related to that service.  The plugin reads JSON file/text to make service calls and build the dashboard. The following picture shows 5 services across up to 6 environments.  The top service does not have a Production environment. The bottom service represents a 3rd external service that has one test environment and one production environment. The  IsItUp  chrome executes health checks via HTTP/HTTPS calls.  The extension requires connectivity to the services being monitored. Video Walk-through The video explains various cell examples and describes how the extension might be used. The plugin used for the video was downloaded from the  Chrome Web Store  . Video created with version available Jan 21 2017 Cell Explanation Each cell contains one Service Status plu...

I'm working on a set of projects based in AWS. Our projects have somewhere between 7 and 9 different environments representing different levels of software maturity.  Production is the most restricted.  Development is the least restricted.  The rest fall somewhere in between. The company partitions the different levels of their SDLC into separate AWS accounts. Each account can have multiple environments that are of similar concerns and access controls. AWS account isolation makes it easy to identify and implement security rules and vary developer , dev-ops and operations access based on the account. The diagram at right shows a typical 3 account set-up where some of the accounts contain multiple environments. Our company actually has over 20 accounts used for various pre-prod, prod and partner purposes The AWS Console. The AWS console lets a user operate in a single account at one time.  Enterprise users log into the AWS console with Federated User ids tha...

Web traffic is protected in-flight  when it is transferred via TLS encrypted links using HTTPS.  HTTPS is a protocol that is based on encryption algorithms using asymmetrical keys.  Asymmetrical keys are managed, packaged and distributed via certificates. Browsers, applications and servers trust certificates and their associated encryption keys based on their trust of the issuing parties known as Certificate Authorities (CA). Public web sites are identified by public/private certificates pairs that are purchased from one of the well known CAs. Their certificate pairs contain an identity component signed by the Certificate Authority and an encryption key that is encrypted by the CA. Server identity is encrypted in the server certificate with the Certificate Authority public key.  Server traffic is encrypted by the server using the private encryption key embedded in the Server's private certificate.   Server traffic is decrypted by clients using the public ...

Web traffic is protected in-flight when it is transferred via TLS encrypted links using the HTTPS protocol. HTTPS is a protocol for payload encryption that is based on algorithms using encryption asymmetrical  keys.  Asymmetrical keys are managed, packaged and distributed with via certificates Encryption Basics Asymmetrical encryption relies on a key pair where one key can decrypt any data that is encrypted by the other.  Data encrypted with Key-A can be decrypted with Key-B only.  Key-A cannot be used to decrypt data encrypted with Key-A.  Key-B cannot be derived by knowing Key-A. Internet encryption relies on asymmetry and key anonymity in order to create secure links over a public and untrusted Internet.  A server or party can publish a public key  that other parties can use to encrypt their data.  The server then can decrypt the message using the corresponding private key . Encrypted messages are secure as long as the server keeps ...

I starting this project trying to build and deploy the  ASP.NET Core   example application  first on my local box, then in Microsoft Azure via Web Deploy, Microsoft Azure via local Azure GIT integration and finally via Visual Studio Team Services (VSTS) via SCM integration. Deployment Types Local deployment into a local IIS is pretty straightforward. We won't talk about it here.  Remote web deployments are the legacy way of pushing Web applications to the (Azure) cloud that works with IDE, CI or command line. Compiled and static application artifacts that are then sent to the remote application servers via FTP.   The servers unpack the archive and deploys it. Remote SCM deployments are a relatively new and interesting way to support automated deployments and to support multiple branches with little work. The IDE or build system pushes source code to a monitored repository.  Azure (Kudu) monitors the source code repository, runs a build and deploys th...

This page describes configuration settings required to enable GIT integration when building code in Visual Studio team Services.  It will show you how to Enable CI builds when a specific GIT repository and branch are updated Provide the CI build with permissions required to make changes to a GIT repository Provide the CI build with credentials required to make changes to a GIT repository This diagram shows how GIT and Visual Studio Team Services (VSTS) might be used to implement a CI build triggered on check-in that merges code into another branch and deploys it.  The actual deployment commands are out of scope for this document. The following changes must be made on the Repositories configuration at the Project (Team) level and on the affected individual build definitions. We first show project level configuration and then Build Definition  configuration. Let VSTS Builds Update GIT Repository Some builds may need to update a GIT repository upon build ...

Be explicit about your service behavior and service return codes.  REST is great but you need to understand the types of failures you can have.  Some may be actual failures.  Others may be successful service invocations with a failure to complete business operations because of business rules. Document the meaning, ownership, and handling behavior of your Service return codes.  Do not assume your partner teams and calling systems have any expectations or understanding beyond success and not-success .  Ask other teams, you  call,  for their Service return code documentation. Force them to document their expectations. Proposed Return Code Category Types Create response categories.  Determine the owner and expected behavior possibilities for each category for services you build.  The following is a basic categorization. HTTP Code Category Remediation Owner Remediation Success Everyone Application or none required Business Error Bu...