Tag: Microsoft PowerShell

Microsoft PowerShell

Categories
Cloud DevOps DevSecOps-Security-Privacy Linux Software Engineering

DevOps toolchain

See also: CloudOps, toolchain

“A DevOps toolchain is a set or combination of tools that aid in the delivery, development, and management of software applications throughout the systems development life cycle, as coordinated by an organization that uses DevOps practices.

Generally, DevOps tools fit into one or more activities, which supports specific DevOps initiatives: Plan, Create, Verify, Package, Release, Configure, Monitor, and Version Control.[1][2]” (WP)

Toolchains

“In software, a toolchain is the set of programming tools that is used to perform a complex software development task or to create a software product, which is typically another computer program or a set of related programs. In general, the tools forming a toolchain are executed consecutively so the output or resulting environment state of each tool becomes the input or starting environment for the next one, but the term is also used when referring to a set of related tools that are not necessarily executed consecutively.[3][4][5]

As DevOps is a set of practices that emphasizes the collaboration and communication of both software developers and other information technology (IT) professionals, while automating the process of software delivery and infrastructure changes, its implementation can include the definition of the series of tools used at various stages of the lifecycle; because DevOps is a cultural shift and collaboration between development and operations, there is no one product that can be considered a single DevOps tool. Instead a collection of tools, potentially from a variety of vendors, are used in one or more stages of the lifecycle.[6][7]” (WP)

Stages of DevOps

Further information: DevOps

Plan

Plan is composed of two things: “define” and “plan”.[8] This activity refers to the business value and application requirements. Specifically “Plan” activities include:

  • Production metrics, objects and feedback
  • Requirements
  • Business metrics
  • Update release metrics
  • Release plan, timing and business case
  • Security policy and requirement

A combination of the IT personnel will be involved in these activities: business application owners, software developmentsoftware architects, continual release management, security officers and the organization responsible for managing the production of IT infrastructure.

Create

Create is composed of the building (see also build automation), coding, and configuring of the software development process.[8] The specific activities are:

Tools and vendors in this category often overlap with other categories. Because DevOps is about breaking down silos, this is reflective in the activities and product solutions.[clarification needed]

Verify

Verify is directly associated with ensuring the quality of the software release; activities designed to ensure code quality is maintained and the highest quality is deployed to production.[8] The main activities in this are:

Solutions for verify related activities generally fall under four main categories: Test automation , Static analysis , Test Lab, and Security.

Packaging

Packaging refers to the activities involved once the release is ready for deployment, often also referred to as staging or Preproduction / “preprod”.[8] This often includes tasks and activities such as:

  • Approval/preapprovals
  • Package configuration
  • Triggered releases
  • Release staging and holding

Release

Release related activities include schedule, orchestration, provisioning and deploying software into production and targeted environment.[9] The specific Release activities include:

  • Release coordination
  • Deploying and promoting applications
  • Fallbacks and recovery
  • Scheduled/timed releases

Solutions that cover this aspect of the toolchain include application release automation, deployment automation and release management.

Configure

Configure activities fall under the operation side of DevOps. Once software is deployed, there may be additional IT infrastructure provisioning and configuration activities required.[8] Specific activities including:

  • Infrastructure storage, database and network provisioning and configuring
  • Application provision and configuration.

The main types of solutions that facilitate these activities are continuous configuration automationconfiguration management, and infrastructure as code tools.[10]

Monitor

Monitoring is an important link in a DevOps toolchain. It allows IT organization to identify specific issues of specific releases and to understand the impact on end-users.[8] A summary of Monitor related activities are:

  • Performance of IT infrastructure
  • End-user response and experience
  • Production metrics and statistics

Information from monitoring activities often impacts Plan activities required for changes and for new release cycles.

Version Control

Version Control is an important link in a DevOps toolchain and a component of software configuration management. Version Control is the management of changes to documents, computer programs, large web sites, and other collections of information.[8] A summary of Version Control related activities are:

  • Non-linear development
  • Distributed development
  • Compatibility with existent systems and protocols
  • Toolkit-based design

Information from Version Control often supports Release activities required for changes and for new release cycles.

See also

References

  1. ^ Edwards, Damon. “Integrating DevOps tools into a Service Delivery Platform”dev2ops.org.
  2. ^ Seroter, Richard. “Exploring the ENTIRE DevOps Toolchain for (Cloud) Teams”infoq.com.
  3. ^ “Toolchain Overview”nongnu.org. 2012-01-03. Retrieved 2013-10-21.
  4. ^ “Toolchains”elinux.org. 2013-09-08. Retrieved 2013-10-21.
  5. ^ Imran, Saed; Buchheit, Martin; Hollunder, Bernhard; Schreier, Ulf (2015-10-29). Tool Chains in Agile ALM Environments: A Short IntroductionLecture Notes in Computer Science9416. pp. 371–380. doi:10.1007/978-3-319-26138-6_40ISBN 978-3-319-26137-9.
  6. ^ Loukides, Mike (2012-06-07). “What is DevOps?”.
  7. ^ Garner Market Trends: DevOps – Not a Market, but Tool-Centric Philosophy That supports a Continuous Delivery Value Chain (Report). Gartner. 18 February 2015.
  8. a b c d e f g Avoid Failure by Developing a Toolchain that Enables DevOps (Report). Gartner. 16 March 2016.
  9. ^ Best Practices in Change, Configuration and Release Management (Report). Gartner. 14 July 2010.
  10. ^ Roger S. Pressman (2009). Software Engineering: A Practitioner’s Approach (7th International ed.). New York: McGraw-Hill.

Categories

Sources:

Fair Use Sources:

Categories
Azure C# .NET Cloud DevOps History Networking Operating Systems PowerShell Software Engineering TypeScript Windows Desktop Windows Server

Microsoft Glossary of Terms – Windows – Azure – Office365 – PowerShell – C# .NET

Microsoft Glossary of Terms – Windows – Azure – Office365 – PowerShell – C# .NET

Fair Use Source: TTG

Microsoft Windows This glossary contains terms related to Microsoft software for operating systems, e-mail, collaboration, backup and recovery, server hardware, storage management, infrastructure security and server virtualization.” (TTG)

  • Active Directory – “Active Directory (AD) is Microsoft’s proprietary directory service.” (TTG)
  • Active Directory functional levels – “Active Directory functional levels are controls that specify which advanced Active Directory domain features can be used in an enterprise domain.” (TTG)
  • ActiveX – “ActiveX is a set of object-oriented programming technologies Microsoft developed for Internet Explorer to facilitate rich media playback.” (TTG)
  • ActiveX control – “An ActiveX control is a component program object that can be re-used by many application programs within a computer or among computers in a network.” (TTG)
  • Azure Container Instances – “Azure Container Instances is a service that enables a developer to deploy containers on the Microsoft Azure public cloud without having to provision or manage any underlying infrastructure.” (TTG)
  • Azure HDInsight – “Azure HDInsight is a cloud-based service from Microsoft for big data analytics that helps organizations process large amounts of streaming or historical data.” (TTG)
  • Azure Kubernetes Service (AKS) – “Azure Kubernetes Service (AKS) is a managed container orchestration service, based on the open source Kubernetes system, which is available on the Microsoft Azure public cloud.” (TTG)
  • Azure Migrate – “Azure Migrate is a Microsoft service that helps an enterprise assess how its on-premises workloads will perform, and how much they will cost to host, in the Azure public cloud.” (TTG)
  • Azure Notification Hubs – “Azure Notification Hubs are push notification engines designed to update users with alerts about new content for a given site, service or app.” (TTG)
  • Azure Quantum – “Azure Quantum is a full-stack cloud service designed to allow users remote access to quantum computers.” (TTG)
  • Azure Reserved Virtual Machine Instances – “Azure Reserved Virtual Machine Instances (RIs) are a type of virtual machine (VM) on the Azure public cloud that a development or IT team can reserve to use in advance.” (TTG)
  • Azure SQL Data Warehouse – “Azure SQL Data Warehouse is a managed Data Warehouse-as-a Service (DWaaS) offering provided by Microsoft Azure.” (TTG)

  • chief storyteller – “A chief storyteller is an employee of an organization tasked with wording the company’s mission, history and messages about their brand, also known as their story, as they want it to be heard internally and externally.” (TTG)

  • clean architecture – “Clean architecture is a software design philosophy that separates the elements of the design into ringed levels.” (TTG)
  • compliance as a service (CaaS) – “Compliance as a Service (CaaS) is a cloud service service level agreement (SLA) that specified how a managed service provider (MSP) will help an organization meet its regulatory compliance mandates.” (TTG)
  • data discovery platform – “A data discovery platform is a complete set of tools for the purpose of detecting patterns, and those outlier results outside of patterns, in data.” (TTG)
  • Exchange Online – “Exchange Online is the hosted version of Microsoft’s Exchange Server messaging platform that organizations can obtain as a stand-alone service or via an Office 365 (Microsoft 365) subscription.” (TTG)
  • Exchange Server 2013 Service Pack 1 (SP1) – “Exchange Server 2013 SP1 is a service pack for Exchange Server 2013 that includes a number of new and updated Exchange Server 2013 features and capabilities.” (TTG)
  • Exchange staged migration – “The staged Exchange migration process transfers data and mailboxes from one Exchange server to another, either on-premises or in the cloud.” (TTG)
  • Exchange transaction log – “In Microsoft Exchange, a transaction log is a file that contains a record of the changes that were made to an Exchange database.” (TTG)
  • Group Policy Object (GPO) – “Microsoft’s Group Policy Object (GPO) is a collection of Group Policy settings that defines what a system will look like and how it will behave for a defined group of users.” (TTG)
  • GWX (Get Windows 10) – “GWX (get Windows 10) is a Windows upgrade app that was initially installed after Windows update KB3035583; the app has been the subject of consumer complaints for manipulative design.” (TTG)
  • In-Memory OLTP – “In-Memory OLTP is a Microsoft in-memory technology built into SQL Server and optimized for transaction processing applications.” (TTG)
  • Internet Explorer (IE) – “Internet Explorer (IE) is a World Wide Web browser made by Microsoft for use on its Windows operating system.” (TTG)
  • MAPI over HTTP (Messaging Application Programming Interface over HTTP) – “MAPI over HTTP is the default transport protocol to connect clients to Microsoft Exchange and Exchange Online.” (TTG)
  • MCITP (Microsoft Certified IT Professional) – “An MCITP (Microsoft Certified IT Professional) is a credential that proves that an individual has a complete set of skills required to perform a particular IT job role, such as enterprise or virtualization administrator.” (TTG)
  • MCSA (Microsoft Certified Solutions Associate) – “MCSA (Microsoft Certified Solutions Associate) is a certification program intended for people who seek entry-level jobs in an information technology (IT) environment.” (TTG)
  • MCSE Private Cloud (Microsoft Certified Solutions Expert Private Cloud) – “Microsoft Certified Solutions Expert (MCSE) Private Cloud is a new Microsoft certification covering Windows 2012 Hyper-V and System Center 2012, as well as applications such as SharePoint and Exchange.” (TTG)
  • Microsoft – “Microsoft is a leading global vendor of computer software; hardware for computer, mobile and gaming systems; and cloud services.” (TTG)
  • Microsoft Active Directory Migration Tool (ADMT) – “The Microsoft Active Directory Migration Tool (ADMT) is a tool used to move Active Directory objects from one Windows Server Active Directory domain or forest to another.” (TTG)
  • Microsoft Active Directory Rights Management Services (AD Rights Management Services) – “Active Directory Rights Management Services (AD RMS) is a security tool that provides a safeguard to prevent unauthorized access to data.” (TTG)
  • Microsoft Antigen – “Microsoft Antigen is a set of programs that provides security and e-mail filtering for network servers.” (TTG)
  • Microsoft Antimalware for Azure – “Microsoft Antimalware for Azure is a security extension in Microsoft Azure that extends antimalware protection to virtual machines and to cloud services.” (TTG)
  • Microsoft App-V (Microsoft Application Virtualization) – “Microsoft App-V is a tool IT administrators can use to virtualize and stream applications to users from a centrally managed location.” (TTG)
  • Microsoft AppSource – “Microsoft AppSource is an app store for business applications such as Office 365 (Microsoft 365), Dynamics 365, Power BI or separate Azure web apps.” (TTG)
  • Microsoft Assessment and Planning (MAP) Toolkit – “Microsoft Assessment and Planning (MAP) Toolkit is a free utility IT can use to determine whether or not its infrastructure is prepared for a migration to a new operating system, server version or cloud-based deployment.” (TTG)
  • Microsoft AzMan (Microsoft Authorization Manager) – “Microsoft AzMan (Authorization Manager) is a role-based access and security framework.” (TTG)
  • Microsoft Azure – “Microsoft Azure, formerly known as Windows Azure, is Microsoft’s public cloud computing platform.” (TTG)
  • Microsoft Azure Active Directory Authentication Library (ADAL) for Microsoft SQL Server – “Microsoft Azure Active Directory Authentication Library (ADAL) enables applications to authenticate to Microsoft Azure SQL Database using Azure Active Directory.” (https://microsoft.com/en-us/download/details.aspx?id=48742)
  • Microsoft Azure Active Directory Connect (Microsoft Azure AD Connect) – “Microsoft Azure Active Directory Connect (Microsoft Azure AD Connect) is a tool for connecting on-premises identity infrastructure to Microsoft Azure Active Directory.” (TTG)
  • Microsoft Azure Cosmos DB – “Azure Cosmos DB is a Microsoft cloud database that supports multiple ways of storing and processing data.” (TTG)
  • Microsoft Azure Data Lake – “Microsoft Azure Data Lake is a highly scalable public cloud service that allows developers, scientists, business professionals and other Microsoft customers to gain insight from large, complex data sets.” (TTG)
  • Microsoft Azure File Service – “Microsoft Azure File Service is a service that allows Windows Server admins to access SMB shares in the Azure cloud by setting up file shares in the Azure management console.” (TTG)
  • Microsoft Azure Functions – “Azure Functions is the serverless computing service hosted on the Microsoft Azure public cloud.” (TTG)
  • Microsoft Azure Key Vault – “Microsoft Azure Key Vault is a cloud-hosted management service that allows users to encrypt keys and small secrets like passwords or answers to security questions that are used in their cloud applications and services.” (TTG)
  • Microsoft Azure Marketplace – “Microsoft Azure Marketplace is an online store that provides tools and applications that are compatible with the Azure public cloud.” (TTG)
  • Microsoft Azure Operational Insights – “Microsoft Azure Operational Insights (AOI) is a cloud-hosted Software as a Service tool that allows an IT operations staff to collect and search data from multiple machines for analysis.” (TTG)
  • Microsoft Azure Premium Storage – “Microsoft Azure Premium Storage is solid-state drive storage for Azure virtual machines for workloads that require low latency and high throughput.” (TTG)
  • Microsoft Azure RemoteApp (Remote Application Services) – “Microsoft Azure RemoteApp (Remote Application Services) is a program that allows organizations to make remotely accessed programs or applications in Microsoft Azure, known as RemoteApp programs, appear as if they are native to end users’ local computers.” (TTG)
  • Microsoft Azure Resource Manager – “Microsoft Azure Resource Manager (ARM) is a management framework that allows administrators to deploy, manage and monitor Azure resources.” (TTG)
  • Microsoft Azure Security Center – “Microsoft Azure Security Center is a set of tools and services for securing virtual machines that run on the Azure public cloud.” (TTG)
  • Microsoft Azure Site Recovery – “Microsoft Azure Site Recovery is a new service in Microsoft Azure primarily used for disaster recovery purposes.” (TTG)
  • Microsoft Azure Stack – “Microsoft Azure Stack is an integrated platform of hardware and software that delivers Microsoft Azure public cloud services in a local data center to let organizations construct hybrid clouds.” (TTG)
  • Microsoft Azure VM Scale Sets – “A Microsoft Azure VM Scale Set is a group of individual virtual machines (VMs) within the Microsoft Azure public cloud that IT administrators can configure and manage as a single unit.” (TTG)
  • Microsoft Certified Solution Developer (MCSD) – “An MCSD (Microsoft Certified Solution Developer) is someone who has passed exams that test their ability to design and develop custom business applications with Microsoft development tools, technologies, and platform.” (TTG)
  • Microsoft Click-To-Run – “Microsoft Click-to-Run is a way to quickly install Microsoft products, including versions of Office 2010 and Office 2013.” (TTG)
  • Microsoft Client Hyper-V – “Microsoft Client Hyper-V is a type-1 hypervisor for the Windows 8.” (TTG)
  • Microsoft Cloud Hybrid Search Service Application – “Microsoft Cloud Hybrid Search Service Application is a hybrid enterprise search capability that enables organizations to search both on-premises and cloud-based data repositories without generated siloed results.” (TTG)
  • Microsoft Cloud Security Readiness Tool (CSRT) – “The Microsoft Cloud Security Readiness Tool (CSRT) is a survey that assesses the systems, processes and productivity of an IT environment in preparation for the adoption and secure use of cloud computing services.” (TTG)
  • Microsoft Cloud Witness – “Microsoft Cloud Witness is a high availability feature for failover clusters that uses storage in the Microsoft Azure cloud platform to ensure clusters continue to function if there is a site outage.” (TTG)
  • Microsoft Cluster Operating System (OS) Rolling Upgrade – “Microsoft Cluster Operating System (OS) Rolling Upgrade is a feature that keeps Hyper-V virtual machines (VMs) or Scale-Out File Server workloads running during an upgrade from a Windows Server 2012 R2 cluster to a Windows Server 2016 cluster.” (TTG)
  • Microsoft Cluster Server (MSCS) Generic Application – “Generic Application is a Microsoft Cluster Server (MSCS) resource type responsible for managing cluster-unaware applications.” (TTG)
  • Microsoft Cluster Server (MSCS) Generic Script – “Generic Script is a Microsoft Cluster Server (MSCS) resource type in a server cluster or failover cluster that supports an application controlled by a script that runs in Windows Script Host (WSH).” (TTG)
  • Microsoft Cluster Service (MSCS) – “Microsoft Cluster Service (MSCS) is a service that provides high availability (HA) for applications such as databases, messaging and file and print services.” (TTG)
  • Microsoft Connectivity Analyzer (MCA) – “The Microsoft Connectivity Analyzer (MCA) is a diagnostics tool for troubleshooting and testing connectivity to several Microsoft messaging products from a client machine on an organization’s network.” (TTG)
  • Microsoft Cortana – “Cortana, Microsoft’s virtual assistant, debuted in Windows Phone 8.” (TTG)
  • Microsoft CPS (Microsoft Cloud Platform System) – “Microsoft CPS (Microsoft Cloud Platform System) is a software stack of Window Server 2012 R2, System Center 2012 R2, and Windows Azure Pack that runs on Dell servers.” (TTG)
  • Microsoft DirectAccess Connectivity Assistant (Microsoft DCA) – “Microsoft DirectAccess Connectivity Assistant (Microsoft DCA) is a tool administrators use to improve an enterprise’s DirectAccess connection.” (TTG)
  • Microsoft Dynamic Access Control (DAC) – “Microsoft Dynamic Access Control (DAC) is a data governance tool in Windows Server 2012 that lets admins control the permission of access settings in an organization.” (TTG)
  • Microsoft Dynamics 365 – “Microsoft Dynamics 365 is a cloud-based business applications platform that combines components of customer relationship management (CRM) and enterprise resource planning (ERP), along with productivity applications and artificial intelligence tools.” (TTG)
  • Microsoft Dynamics AX (Microsoft Axapta) – “Microsoft Dynamics AX is a multi-language, multi-currency, industry-specific global enterprise resource planning (ERP) software product.” (TTG)
  • Microsoft Edge – “Microsoft Edge is the browser for Windows 10; Edge replaces Internet Explorer, the browser that debuted with Windows 95 and was a part of Windows operating systems for the following two decades.” (TTG)
  • Microsoft Edge Web Notes – “Microsoft Edge Web Notes is a feature in Microsoft’s Edge browser that lets users draw, highlight or type directly on webpages and web apps.” (TTG)
  • Microsoft Enhanced Mitigation Experience Toolkit (EMET) – “Microsoft’s Enhanced Mitigation Experience Toolkit (EMET) is a free Windows-based security tool that adds supplemental security defenses to defend potentially vulnerable legacy and third-party applications.” (TTG)
  • Microsoft Exchange 2010 Mailbox Server Role Requirements Calculator – “The Microsoft Exchange 2010 Mailbox Server Role Requirements Calculator is a free, downloadable tool from Microsoft that helps Exchange 2010 administrators design their mailbox server role so that it is optimized for their specific deployment.” (TTG)
  • Microsoft Exchange 2013 Managed Store – “The Microsoft Exchange 2013 Managed Store is a mechanism used in Exchange Server 2013 to isolate failures at the database level.” (TTG)
  • Microsoft Exchange 2013 Poison Message Queue – “Microsoft Exchange 2013 Poison Message Queue is a queue that exists specifically to hold messages deemed harmful to the deployment after a transport server or service failure.” (TTG)
  • Microsoft Exchange 2013 Safety Net – “The Microsoft Exchange 2013 Safety Net is a feature new in Exchange Server 2013 that helps reduce data loss through delivery of copied email messages.” (TTG)
  • Microsoft Exchange 2013 site mailbox – “A Microsoft Exchange 2013 site mailbox is an Exchange 2013 feature that helps facilitate collaboration between SharePoint 2013 users.” (TTG)
  • Microsoft Exchange ActiveSync – “Microsoft Exchange ActiveSync is a synchronization protocol that enables users of mobile devices to access email, calendar, contacts, and tasks from their organization’s Microsoft Exchange server.” (TTG)
  • Microsoft Exchange Address Book Policy (ABP) – “A Microsoft Exchange Address Book Policy is a feature that allows administrators to segment Exchange Global Address Lists in order to give users specified views of other users’ email addresses in their Exchange organization.” (TTG)
  • Microsoft Exchange Fast Access – “Microsoft Exchange Fast Access is a new feature in Microsoft Outlook 2013 that helps improve the email client’s startup synchronization time.” (TTG)
  • Microsoft Exchange Global Address List (GAL) – “The Microsoft Exchange Global Address List is a list of all users and their respective email addresses within an Exchange Server organization that uses Microsoft Outlook for email.” (TTG)
  • Microsoft Exchange In-Place eDiscovery – “Microsoft Exchange In-Place eDiscovery is an administrative feature to perform legal discovery searches for relevant content in mailboxes.” (TTG)
  • Microsoft Exchange Information Store – “Microsoft Exchange Information Store is a storage platform that is used to manage numerous types of information within an Exchange Server deployment.” (TTG)
  • Microsoft Exchange Mailbox Replication Service (MRS) – “The Microsoft Exchange Mailbox Replication Service (MRS) is a feature that handles mailbox import, export, migration and restoration requests on Exchange Server.” (TTG)
  • Microsoft Exchange Management Shell (EMS) – “Microsoft Exchange Management Shell (EMS) is a scripting platform that enables administrators to manage Exchange Server.” (TTG)
  • Microsoft Exchange Online Protection (EOP) – “Microsoft Exchange Online Protection (EOP) is an email cloud service that provides end users with protection against spam and malware.” (TTG)
  • Microsoft Exchange RBAC (Role Based Access Control) – “Microsoft Exchange RBAC is a permissions model used in Exchange Server 2010 and Exchange Server 2013.” (TTG)
  • Microsoft Exchange Server – “Microsoft Exchange Server is Microsoft’s email, calendaring, contact, scheduling and collaboration platform.” (TTG)
  • Microsoft Exchange Server 2010 – “Exchange Server 2010 is the version of Microsoft’s messaging platform that replaced Exchange Server 2007.” (TTG)
  • Microsoft Exchange Server 2013 – “Exchange Server 2013 is an iteration of Microsoft’s Exchange server.” (TTG)
  • Microsoft Exchange Server 2013 Managed Availability – “Microsoft Exchange Server 2013 Managed Availability is a built-in monitoring and recovery platform in Exchange 2013.” (TTG)
  • Microsoft Exchange Server 2016 – “Microsoft Exchange Server 2016 is the latest iteration of the Exchange Server messaging platform.” (TTG)
  • Microsoft Exchange Server ActiveSync Web Administration Tool – “The Microsoft Exchange Server ActiveSync Web Administration Tool is a software application that provides a network administrator with a Web interface for mobile device management.” (TTG)
  • Microsoft Exchange Server Jetstress – “Microsoft Exchange Server Jetstress is a tool that administrators can use to validate their Exchange Server storage configuration.” (TTG)
  • Microsoft Exchange Server Profile Analyzer (EPA) – “The Microsoft Exchange Server Profile Analyzer (EPA) is a Web-based tool that allows an administrator to gather data about a specific Exchange mailbox store or entire Exchange Server organization.” (TTG)
  • Microsoft Exchange System Attendant (SA) – “Microsoft Exchange System Attendant service is software that proxies Active Directory requests and regulates internal Exchange Server functions.” (TTG)
  • Microsoft Failover Cluster Manager (MSFCM) – “Microsoft Failover Cluster Manager (MSFCM) is a specific management function within the Windows Server operating system which is used to create, validate, and manage failover server clusters running Windows Server.” (TTG)
  • Microsoft FAST Search – “Microsoft FAST Search is the search engine for Microsoft’s SharePoint collaboration platform.” (TTG)
  • Microsoft FIM (Microsoft Forefront Identity Manager) – “Microsoft Forefront Identity Manager (FIM) is a self-service identity management software suite.” (TTG)
  • Microsoft Flow – “Microsoft Flow, now called Power Automate, is cloud-based software that allows employees to create and automate workflows and tasks across multiple applications and services without help from developers.” (TTG)
  • Microsoft Forefront Unified Access Gateway (Microsoft Forefront UAG) – “Microsoft Forefront Unified Access Gateway (Forefront UAG) is a tool that can provide a secure remote access option for remote end users who want to access corporate resources on PCs as well as on mobile devices.” (TTG)
  • Microsoft Group Policy administrative template – “A Microsoft Group Policy administrative template is a file that supports the implementation of Microsoft Windows Group Policy and centralized user and machine management in Active Directory environments.” (TTG)
  • Microsoft HealthVault – “Microsoft HealthVault, which launched in October 2007, is a free personal health record (PHR) service offered by Microsoft that allows individuals to store personal health and fitness information in a central location.” (TTG)
  • Microsoft HoloLens – “Microsoft HoloLens is a virtual reality (VR) headset with transparent lenses for an augmented reality experience.” (TTG)
  • Microsoft Hybrid Configuration Wizard – “The Microsoft Hybrid Configuration wizard is a tool in Exchange Server 2013 that provides a method for admins to create and configure hybrid deployments.” (TTG)
  • Microsoft Hyper-V Best Practices Analyzer – “Microsoft Hyper-V Best Practices Analyzer is a server management tool that scans server configurations and generates a report that identifies best practice violations.” (TTG)
  • Microsoft Hyper-V Shielded VM – “A Microsoft Hyper-V Shielded VM is a security feature of Windows Server 2016 that protects a Hyper-V second-generation virtual machine (VM) from access or tampering by using a combination of Secure Boot, BitLocker encryption, virtual Trusted Platform Module (TPM) and the Host Guardian Service.” (TTG)
  • Microsoft Hyper-V version 1.0 – “Hyper-V is Microsoft’s server virtualization software for Microsoft Server 2008.” (TTG)
  • Microsoft Identity Manager 2016 – “Microsoft Identity Manager 2016 is a tool that allows organizations to manage access, users, policies and credentials.” (TTG)
  • Microsoft Intune – “Microsoft Intune is a cloud-based enterprise mobility management tool that aims to help organizations manage the mobile devices employees use to access corporate data and applications, such as email.” (TTG)
  • Microsoft iSCSI Initiator – “Microsoft iSCSI Initiator is a tool that connects external iSCSI-based storage to host computers with an Ethernet network adapter.” (TTG)
  • Microsoft Log Parser Studio – “Microsoft Log Parser Studio is a front-end utility that features a graphical user interface, report builder and query repository for Microsoft’s Log Parser application.”
  • Microsoft Managed Desktop (MMD) – “Microsoft Managed Desktop (MMD) is a subscription-based desktop as a service (DaaS) cloud platform that includes Windows 10 Enterprise, Office 365 (Microsoft 365), Enterprise Mobility and Security on select Windows PCs and Windows 10-enabled devices.” (TTG)
  • Microsoft Management Console (MMC) – “The Microsoft Management Console (MMC) is an application that provides a graphical-user interface (GUI) and a programming framework in which consoles (collections of administrative tools) can be created, saved, and opened.” (TTG)
  • Microsoft Nano Server – “Microsoft Nano Server is a lightweight operating system based on Microsoft Windows Server 2016 that is tailored for use as an OS layer for virtualized container instances.” (TTG)
  • Microsoft Network Access Protection (NAP) – “Network access protection (NAP), introduced with Windows Server 2008, is Microsoft’s approach to controlling access to a network based on a determination of each device’s health.” (TTG)
  • Microsoft Network Device Enrollment Service (NDES) – “Microsoft Network Device Enrollment Service (NDES) is a security feature in Windows Server 2008 R2 and later Windows Server operating versions.” (TTG)
  • Microsoft Network Policy and Access Services (Microsoft NPAS) – “Microsoft Network Policy and Access Services (Microsoft NPAS) is a server role in Windows 2008 and Windows Server 2012 that allows administrators to provide local and remote network access.” (TTG)
  • Microsoft Office 2013 (MS Office 2013) – Microsoft Office 2013 is a suite of office productivity applications used in homes and businesses of all sizes.” (TTG)
  • Microsoft Office 365 Admin Center – “The Microsoft Office 365 Admin Center is the web-based portal administrators use to manage user accounts and configuration settings for the Office 365 subscription services, including Exchange Online and SharePoint Online.” (TTG)
  • Microsoft Office 365 admin roles – “Microsoft Office 365 admin roles give users authorization to perform certain tasks in the Office 365 admin center.” (TTG)
  • Microsoft Office 365 Advanced Threat Protection – “Microsoft Office 365 Advanced Threat Protection (ATP) is Microsoft’s optional cloud-based service that scans and filters email to protect subscribers from malware in attachments and hyperlinks to malicious websites.” (TTG)
  • Microsoft Office 365 Groups – “Microsoft Office 365 Groups is a cloud collaboration feature for communication, coordinating group efforts and exchanging information.” (TTG)
  • Microsoft Office 365 suite – “Microsoft Office 365 suite (now called Microsoft 365) is a hosted, online version of Microsoft Office software.” (TTG)
  • Microsoft Office Delve – “Microsoft Delve is a discovery and collaboration tool within Office 365 (Microsoft 365) that uses machine learning to help users work more efficiently.” (TTG)
  • Microsoft Office for iPad – “Microsoft Office for iPad is an app that allows users to use Microsoft Office on an Apple iPad.” (TTG)

” (B087XCZ77Y, WS19IO)

” (WS19IO)

Sources:

Fair Use Sources:

Categories
Artificial Intelligence AWS Azure Cloud Data Science - Big Data DevOps DevSecOps-Security-Privacy GCP Hardware and Electronics Kubernetes Linux Networking Operating Systems PowerShell Python Software Engineering Windows Server

IaC Infrastructure as Code

Return to Timeline of the History of Computers, Networking

Infrastructure as code (IaC) is the process of managing and provisioning computer data centers through machine-readable definition files, rather than physical hardware configuration or interactive configuration tools.[1] The IT infrastructure managed by this process comprises both physical equipment, such as bare-metal servers, as well as virtual machines, and associated configuration resources. The definitions may be in a version control system. It can use either scripts or declarative definitions, rather than manual processes, but the term is more often used to promote declarative approaches.

Overview

IaC grew as a response to the difficulty posed by utility computing and second-generation web frameworks. In 2006, the launch of Amazon Web Services’ Elastic Compute Cloud and the 1.0 version of Ruby on Rails just months before[2] created widespread scaling problems in the enterprise that were previously experienced only at large, multi-national companies.[3] With new tools emerging to handle this ever growing field, the idea of IaC was born. The thought of modelling infrastructure with code, and then having the ability to design, implement, and deploy applications infrastructure with known software best practices appealed to both software developers and IT infrastructure administrators. The ability to treat infrastructure like code and use the same tools as any other software project would allow developers to rapidly deploy applications.[4]

Added value and advantages

The value of IaC can be broken down into three measurable categories: cost, speed, and risk.[citation needed] Cost reduction aims at helping not only the enterprise financially, but also in terms of people and effort, meaning that by removing the manual component, people are able to refocus their efforts towards other enterprise tasks.[citation needed] Infrastructure automation enables speed through faster execution when configuring your infrastructure and aims at providing visibility to help other teams across the enterprise work quickly and more efficiently. Automation removes the risk associated with human error, like manual misconfiguration; removing this can decrease downtime and increase reliability. These outcomes and attributes help the enterprise move towards implementing a culture of DevOps, the combined working of development and operations.[5]

Types of approaches

There are generally two approaches to IaC: declarative (functional) vs. imperative (procedural). The difference between the declarative and the imperative approach is essentially ‘what’ versus ‘how’ . The declarative approach focuses on what the eventual target configuration should be; the imperative focuses on how the infrastructure is to be changed to meet this.[6] The declarative approach defines the desired state and the system executes what needs to happen to achieve that desired state. Imperative defines specific commands that need to be executed in the appropriate order to end with the desired conclusion. [7]

Methods

There are two methods of IaC: push‘ and pull‘ . The main difference is the manner in which the servers are told how to be configured. In the pull method the server to be configured will pull its configuration from the controlling server. In the push method the controlling server pushes the configuration to the destination system.[8]

Tools

There are many tools that fulfill infrastructure automation capabilities and use IaC. Broadly speaking, any framework or tool that performs changes or configures infrastructure declaratively or imperatively based on a programmatic approach can be considered IaC.[9] Traditionally, server (lifecycle) automation and configuration management tools were used to accomplish IaC. Now enterprises are also using continuous configuration automation tools or stand-alone IaC frameworks, such as Microsoft’s PowerShell DSC[10] or AWS CloudFormation.[11]

Continuous configuration automation

All continuous configuration automation (CCA) tools can be thought of as an extension of traditional IaC frameworks. They leverage IaC to change, configure, and automate infrastructure, and they also provide visibility, efficiency and flexibility in how infrastructure is managed.[3] These additional attributes provide enterprise-level security and compliance.

Community content

See also: List of systems management systems and Comparison of open-source configuration management software

An important aspect when considering CCA tools, if they are open source, is the community content. As Gartner states, the value of CCA tools is “as dependent on user-community-contributed content and support as it is on the commercial maturity and performance of the automation tooling.”[3] Vendors like Puppet and Chef, those that have been around a significant amount of time, have created their own communities. Chef has Chef Community Repository and Puppet has PuppetForge.[12] Other vendors rely on adjacent communities and leverage other IaC frameworks such as PowerShell DSC.[10] New vendors are emerging that are not content driven, but model driven with the intelligence in the product to deliver content. These visual, object-oriented systems work well for developers, but they are especially useful to production oriented DevOps and operations constituents that value models versus scripting for content. As the field continues to develop and change, the community based content will become ever important to how IaC tools are used, unless they are model driven and object oriented.

Notable CCA tools include:

ToolReleased byMethodApproachWritten inComments
ChefChef (2009)PullDeclarative and imperativeRuby
OtterInedoPushDeclarative and imperativeWindows oriented
PuppetPuppet (2005)PullDeclarative and imperativeC++ & Clojure since 4.0, Ruby
SaltStackSaltStackPush and PullDeclarative and imperativePython
CFEngineNorthern.techPullDeclarativeC
TerraformHashiCorp (2014)PushDeclarativeGo
Ansible / Ansible TowerRed Hat (2012)PushDeclarative and imperativePython

Other tools include AWS CloudFormationcdistStackStormJuju, and Pulumi.

Relationship to DevOps

IaC can be a key attribute of enabling best practices in DevOps – Developers become more involved in defining configuration and Ops teams get involved earlier in the development process.[13] Tools that utilize IaC bring visibility to the state and configuration of servers and ultimately provide the visibility to users within the enterprise, aiming to bring teams together to maximize their efforts.[14] Automation in general aims to take the confusion and error-prone aspect of manual processes and make it more efficient, and productive. Allowing for better software and applications to be created with flexibility, less downtime, and an overall cost effective way for the company. IaC is intended to reduce the complexity that kills efficiency out of manual configuration. Automation and collaboration are considered central points in DevOps; Infrastructure automation tools are often included as components of a DevOps toolchain.[15]

Relationship to security

The 2020 Cloud Threat Report released by Unit 42 (the threat intelligence unit of cybersecurity provider Palo Alto Networks) identified around 200,000 potential vulnerabilities in infrastructure as code templates.[16]

See also

References

  1. ^ Wittig, Andreas; Wittig, Michael (2016). Amazon Web Services in Action. Manning Press. p. 93. ISBN 978-1-61729-288-0.
  2. ^ Bower, Joseph L.; Christensen, Clayton M. “Disruptive Technologies: Catching the Wave”. Harvard Business Review.
  3. a b c Fletcher, Colin; Cosgrove, Terrence (26 August 2015). Innovation Insight for Continuous Configuration Automation ToolsGartner (Report).
  4. ^ Riley, Chris (12 November 2015). “Version Your Infrastructure”DevOps.com.
  5. ^ Phillips, Andrew (14 May 2015). “Moving from Infrastructure Automation to True DevOps”DevOps.com.
  6. ^ “Declarative v. Imperative Models for Configuration Management: Which Is Really Better?”Scriptrock.com. Retrieved 14 December 2015.
  7. ^ Loschwitz, Martin (14 November 2014). “Choosing between the leading open source configuration managers”Admin Network & Security. Lawrence, KS USA: Linux New Media USA LLC.
  8. ^ Venezia, Paul (21 November 2013). “Puppet vs. Chef vs. Ansible vs. Salt”networkworld.com. Network World. Retrieved 14 December 2015.
  9. ^ Garner Market Trends: DevOps – Not a Market, but Tool-Centric Philosophy That supports a Continuous Delivery Value Chain (Report). Gartner. 18 February 2015.
  10. a b Chaganti, Ravikanth (5 January 2016). “DevOps, Infrastructure as Code, and PowerShell DSC: The Introduction”PowerShell Magazine. PowerShell Magazine. Retrieved 11 January 2016.
  11. ^ https://aws.amazon.com/about-aws/whats-new/2011/02/25/introducing-aws-cloudformation/
  12. ^ Sturgeon, Phil (28 October 2012). “Puppet or Chef?”.
  13. ^ Ramos, Martin (4 November 2015). “Continuous Integration: Infrastructure as Code in DevOps”easydynamics.com. Archived from the original on 6 February 2016. Retrieved 29 January 2016.
  14. ^ Infrastructure As Code: Fueling the Fire for Faster Application Delivery (Report). Forrester. March 2015.
  15. ^ Wurster, Laurie F.; Colville, Ronni J.; Height, Cameron; Tripathi, Somendra; Rastogi, Aditi. Emerging Technology Analysis: DevOps a Culture Shift, Not a Technology (Report). Gartner.
  16. ^ “Cloud Threat Report Shows Need for Consistent DevSecOps”InformationWeek. Retrieved 24 February 2020.

Categories

Fair Use Sources:

Categories
AWS Azure Cloud DevOps DevSecOps-Security-Privacy GCP History Kubernetes Linux Networking Operating Systems PowerShell Python Software Engineering Windows Server

SCM Software Configuration Management – S/W CM

See also: Configuration management (CM)

Not to be confused with Version Control System.

In software engineeringsoftware configuration management (SCM or S/W CM) is the task of tracking and controlling changes in the software, part of the larger cross-disciplinary field of configuration management.[1] SCM practices include revision control and the establishment of baselines. If something goes wrong, SCM can determine what was changed and who changed it. If a configuration is working well, SCM can determine how to replicate it across many hosts.

The acronym “SCM” is also expanded as source configuration management process and software change and configuration management.[2] However, “configuration” is generally understood to cover changes typically made by a system administrator.

Purposes

The goals of SCM are generally:[citation needed]

  • Configuration identification – Identifying configurations, configuration items and baselines.
  • Configuration control – Implementing a controlled change process. This is usually achieved by setting up a change control board whose primary function is to approve or reject all change requests that are sent against any baseline.
  • Configuration status accounting – Recording and reporting all the necessary information on the status of the development process.
  • Configuration auditing – Ensuring that configurations contain all their intended parts and are sound with respect to their specifying documents, including requirements, architectural specifications and user manuals.
  • Build management – Managing the process and tools used for builds.
  • Process management – Ensuring adherence to the organization’s development process.
  • Environment management – Managing the software and hardware that host the system.
  • Teamwork – Facilitate team interactions related to the process.
  • Defect tracking – Making sure every defect has traceability back to the source.

With the introduction of cloud computing the purposes of SCM tools have become merged in some cases. The SCM tools themselves have become virtual appliances that can be instantiated as virtual machines and saved with state and version. The tools can model and manage cloud-based virtual resources, including virtual appliances, storage units, and software bundles. The roles and responsibilities of the actors have become merged as well with developers now being able to dynamically instantiate virtual servers and related resources.[3]

History

The history of software configuration management (SCM) in computing can be traced back as early as the 1950s, when CM (for Configuration Management), originally for hardware development and production control, was being applied to software development. Early software had a physical footprint, such as cardstapes, and other media. The first software configuration management was a manual operation. With the advances in language and complexity, software engineering, involving configuration management and other methods, became a major concern due to issues like schedule, budget, and quality. Practical lessons, over the years, had led to the definition, and establishment, of procedures and tools. Eventually, the tools became systems to manage software changes.[4] Industry-wide practices were offered as solutions, either in an open or proprietary manner (such as Revision Control System). With the growing use of computers, systems emerged that handled a broader scope, including requirements management, design alternatives, quality control, and more; later tools followed the guidelines of organizations, such as the Capability Maturity Model of the Software Engineering Institute.

See also

References

  1. ^ Roger S. Pressman (2009). Software Engineering: A Practitioner’s Approach (7th International ed.). New York: McGraw-Hill.
  2. ^ Gartner and Forrester Research
  3. ^ Amies, A; Peddle S; Pan T M; Zou P X (June 5, 2012). “Develop cloud applications with Rational tools”IBM DeveloperWorks. IBM.
  4. ^ “1988 “A Guide to Understanding Configuration Management in Trusted Systems” National Computer Security System (via Google)

Further reading

  • 828-2012 IEEE Standard for Configuration Management in Systems and Software Engineering. 2012. doi:10.1109/IEEESTD.2012.6170935ISBN 978-0-7381-7232-3.
  • Aiello, R. (2010). Configuration Management Best Practices: Practical Methods that Work in the Real World (1st ed.). Addison-Wesley. ISBN 0-321-68586-5.
  • Babich, W.A. (1986). Software Configuration Management, Coordination for Team Productivity. 1st edition. Boston: Addison-Wesley
  • Berczuk, Appleton; (2003). Software Configuration Management Patterns: Effective TeamWork, Practical Integration (1st ed.). Addison-Wesley. ISBN 0-201-74117-2.
  • Bersoff, E.H. (1997). Elements of Software Configuration Management. IEEE Computer Society Press, Los Alamitos, CA, 1-32
  • Dennis, A., Wixom, B.H. & Tegarden, D. (2002). System Analysis & Design: An Object-Oriented Approach with UML. Hoboken, New York: John Wiley & Sons, Inc.
  • Department of Defense, USA (2001). Military Handbook: Configuration management guidance (rev. A) (MIL-HDBK-61A). Retrieved January 5, 2010, from http://www.everyspec.com/MIL-HDBK/MIL-HDBK-0001-0099/MIL-HDBK-61_11531/
  • Futrell, R.T. et al. (2002). Quality Software Project Management. 1st edition. Prentice-Hall.
  • International Organization for Standardization (2003). ISO 10007: Quality management systems – Guidelines for configuration management.
  • Saeki M. (2003). Embedding Metrics into Information Systems Development Methods: An Application of Method Engineering Technique. CAiSE 2003, 374–389.
  • Scott, J.A. & Nisse, D. (2001). Software configuration management. In: Guide to Software Engineering Body of Knowledge. Retrieved January 5, 2010, from http://www.computer.org/portal/web/swebok/htmlformat
  • Paul M. Duvall, Steve Matyas, and Andrew Glover (2007). Continuous Integration: Improving Software Quality and Reducing Risk. (1st ed.). Addison-Wesley Professional. ISBN 0-321-33638-0.

External links

Fair Use Sources: