{"id":4934,"date":"2022-09-10T17:39:53","date_gmt":"2022-09-10T17:39:53","guid":{"rendered":"https:\/\/www.cloudmetrik.com\/?p=4934"},"modified":"2022-10-06T12:20:31","modified_gmt":"2022-10-06T12:20:31","slug":"dont-ssh-into-production","status":"publish","type":"post","link":"https:\/\/www.cloudmetrik.com\/tr\/dont-ssh-into-production\/","title":{"rendered":"Don\u2019t SSH into Production"},"content":{"rendered":"<p>Routine server system administration tasks should be handled with automation and services, through code and software. <strong>Not logging in<\/strong> to system consoles for manual routine maintenance can be seen as an indicator of capability maturity. Logins to critical servers via <strong>SSH<\/strong> should be audited to determine who accessed the servers and what they did. Auditing can get complex when accessing servers via SSH is the standard policy and when considering cases like SSH forwarding and tunneling.<\/p>\n<p>As a test, before logging in to a server to carry out a task, ask yourself the following:<\/p>\n<p>\u2022 Was this task tested first in a dev\/QA\/test environment?<br \/>\n\u2022 Is this a one-off task (versus a routine task or request)?<\/p>\n<h3>If you answer no to either question, you should reconsider your workflow and think of ways to automate away the kind of work you SSH for.<\/h3>\n<p>Let\u2019s review some common reasons a cloud engineer would want to log in to a server:<\/p>\n<p>\u2022 To examine logs, like application, container, or operating system logs. This is a solved problem. Using a stack like Elasticsearch, Fluentd, and Kibana, or a third-party logging service in the cloud, will provide log aggregation, search, visualization, and permanent storage capabilities, with a proper life cycle and backups.<\/p>\n<p>\u2022 For monitoring, to look at server telemetry like CPU\/RAM\/disk usage or exposed application performance metrics. This is also a solved problem; we have a myriad of commercial and open source tools at our disposition.<\/p>\n<p>\u2022 For routine changes in the system, such as making configuration changes, patching the operating system, managing software installations and upgrades, and performing backups and restores. All these changes should ideally be done using infrastructure as code. We declare in code (which we keep versioned) our infrastructure and make our changes in code. Then, depending on our workflow, philosophy, and tooling, we can use configuration management tools, or we can re-create the server image, or we can use our favorite coding language and take advantage of the cloud vendor\u2019s software development kit (SDK) or API.<\/p>\n<p>\u2022 Running tests. \u201cTesting\u201d in production can be needed to get a real view of application behavior; fake test data rarely behaves like the real thing. Or we may need to run a query that is not shown in a reporting server. While these are valid tasks, we should still avoid ad hoc manual opera\u2010 tions and look into replacing them with code and systems that will per\u2010 form such operations with less risk.<\/p>\n<p>\u2022 \u201cMy server is a snowflake that needs constant TLC.\u201d Look into \u201ccattle versus pets,\u201d because you have some problems.<\/p>\n<p>\u2022 \u201cI don\u2019t know what is running on this server or what this server is supposed to run.\u201d You have bigger problems you need to address.<\/p>\n<p>There are a few valid reasons to SSH into a production server that is part of an application running in the cloud. Sometimes while troubleshooting, we need to log in to a server as a last measure because the information we have from the log and metrics servers is not enough to determine the cause of a problem. For example, we may not be getting logs or metrics themselves, or we may have network issues of the type \u201cthis host doesn\u2019t seem to be able to talk to this other host\u201d and we want to verify that connectivity. We may also have hard Linux kernel issues, or strange behavior not explained by logs or indirect information. Another reason to SSH into servers is for the purpose of exploration or learning for new people in a team.<\/p>\n<p>In any case, the next time you are about to log in to a server, stop and think:<br \/>\n<em>\u201cHow could I accomplish this task without manually getting into the server?\u201d<\/em><\/p>","protected":false},"excerpt":{"rendered":"<p>Routine server system administration tasks should be handled with automation  [&#8230;]<\/p>","protected":false},"author":1,"featured_media":4755,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"content-type":"","_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"footnotes":""},"categories":[121,126],"tags":[123,127,128],"class_list":["post-4934","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cloud-computing","category-cloud-security","tag-cloud-computing","tag-cloud-security","tag-ssh"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.4 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Don\u2019t SSH into Production - CloudMetrik<\/title>\n<meta name=\"description\" content=\"Routine server system administration tasks should be handled with automation and services, through code and software. Logins via SSH to...\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.cloudmetrik.com\/tr\/dont-ssh-into-production\/\" \/>\n<meta property=\"og:locale\" content=\"tr_TR\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Don\u2019t SSH into Production - CloudMetrik\" \/>\n<meta property=\"og:description\" content=\"Routine server system administration tasks should be handled with automation and services, through code and software. Logins via SSH to...\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.cloudmetrik.com\/tr\/dont-ssh-into-production\/\" \/>\n<meta property=\"og:site_name\" content=\"CloudMetrik\" \/>\n<meta property=\"article:published_time\" content=\"2022-09-10T17:39:53+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2022-10-06T12:20:31+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.cloudmetrik.com\/wp-content\/uploads\/2022\/06\/cloud-storage-background-business-network-design_53876-160252.webp\" \/>\n\t<meta property=\"og:image:width\" content=\"626\" \/>\n\t<meta property=\"og:image:height\" content=\"417\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/webp\" \/>\n<meta name=\"author\" content=\"user\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Yazan:\" \/>\n\t<meta name=\"twitter:data1\" content=\"user\" \/>\n\t<meta name=\"twitter:label2\" content=\"Tahmini okuma s\u00fcresi\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 dakika\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.cloudmetrik.com\\\/dont-ssh-into-production\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.cloudmetrik.com\\\/dont-ssh-into-production\\\/\"},\"author\":{\"name\":\"user\",\"@id\":\"https:\\\/\\\/www.cloudmetrik.com\\\/#\\\/schema\\\/person\\\/3389a4b1a2a31ff191b3a5dbc2b8846d\"},\"headline\":\"Don\u2019t SSH into Production\",\"datePublished\":\"2022-09-10T17:39:53+00:00\",\"dateModified\":\"2022-10-06T12:20:31+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.cloudmetrik.com\\\/dont-ssh-into-production\\\/\"},\"wordCount\":628,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/www.cloudmetrik.com\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.cloudmetrik.com\\\/dont-ssh-into-production\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.cloudmetrik.com\\\/wp-content\\\/uploads\\\/2022\\\/06\\\/cloud-storage-background-business-network-design_53876-160252.webp\",\"keywords\":[\"Cloud Computing\",\"Cloud Security\",\"SSH\"],\"articleSection\":[\"Cloud Computing\",\"Cloud Security\"],\"inLanguage\":\"tr\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/www.cloudmetrik.com\\\/dont-ssh-into-production\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.cloudmetrik.com\\\/dont-ssh-into-production\\\/\",\"url\":\"https:\\\/\\\/www.cloudmetrik.com\\\/dont-ssh-into-production\\\/\",\"name\":\"Don\u2019t SSH into Production - CloudMetrik\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.cloudmetrik.com\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.cloudmetrik.com\\\/dont-ssh-into-production\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.cloudmetrik.com\\\/dont-ssh-into-production\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.cloudmetrik.com\\\/wp-content\\\/uploads\\\/2022\\\/06\\\/cloud-storage-background-business-network-design_53876-160252.webp\",\"datePublished\":\"2022-09-10T17:39:53+00:00\",\"dateModified\":\"2022-10-06T12:20:31+00:00\",\"description\":\"Routine server system administration tasks should be handled with automation and services, through code and software. Logins via SSH to...\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.cloudmetrik.com\\\/dont-ssh-into-production\\\/#breadcrumb\"},\"inLanguage\":\"tr\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.cloudmetrik.com\\\/dont-ssh-into-production\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"tr\",\"@id\":\"https:\\\/\\\/www.cloudmetrik.com\\\/dont-ssh-into-production\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.cloudmetrik.com\\\/wp-content\\\/uploads\\\/2022\\\/06\\\/cloud-storage-background-business-network-design_53876-160252.webp\",\"contentUrl\":\"https:\\\/\\\/www.cloudmetrik.com\\\/wp-content\\\/uploads\\\/2022\\\/06\\\/cloud-storage-background-business-network-design_53876-160252.webp\",\"width\":626,\"height\":417,\"caption\":\"Don\u2019t SSH into Production\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.cloudmetrik.com\\\/dont-ssh-into-production\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.cloudmetrik.com\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Don\u2019t SSH into Production\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.cloudmetrik.com\\\/#website\",\"url\":\"https:\\\/\\\/www.cloudmetrik.com\\\/\",\"name\":\"CloudMetrik\",\"description\":\"modernize, optimize and transform your cloud with AWS, Huawei Cloud, GCP and Azure Consultation\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.cloudmetrik.com\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.cloudmetrik.com\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"tr\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.cloudmetrik.com\\\/#organization\",\"name\":\"CloudMetrik Cloud Consultancy and Training Services\",\"url\":\"https:\\\/\\\/www.cloudmetrik.com\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"tr\",\"@id\":\"https:\\\/\\\/www.cloudmetrik.com\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.cloudmetrik.com\\\/wp-content\\\/uploads\\\/2022\\\/01\\\/cloudmetriklogo_turuncumavi.png\",\"contentUrl\":\"https:\\\/\\\/www.cloudmetrik.com\\\/wp-content\\\/uploads\\\/2022\\\/01\\\/cloudmetriklogo_turuncumavi.png\",\"width\":2480,\"height\":581,\"caption\":\"CloudMetrik Cloud Consultancy and Training Services\"},\"image\":{\"@id\":\"https:\\\/\\\/www.cloudmetrik.com\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/www.linkedin.com\\\/company\\\/cloudmetrik\\\/\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.cloudmetrik.com\\\/#\\\/schema\\\/person\\\/3389a4b1a2a31ff191b3a5dbc2b8846d\",\"name\":\"user\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"tr\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/b4c9a289323b21a01c3e940f150eb9b8c542587f1abfd8f0e1cc1ffc5e475514?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/b4c9a289323b21a01c3e940f150eb9b8c542587f1abfd8f0e1cc1ffc5e475514?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/b4c9a289323b21a01c3e940f150eb9b8c542587f1abfd8f0e1cc1ffc5e475514?s=96&d=mm&r=g\",\"caption\":\"user\"},\"sameAs\":[\"http:\\\/\\\/127.0.0.1\"],\"url\":\"https:\\\/\\\/www.cloudmetrik.com\\\/tr\\\/author\\\/user\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Don\u2019t SSH into Production - CloudMetrik","description":"Routine server system administration tasks should be handled with automation and services, through code and software. Logins via SSH to...","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.cloudmetrik.com\/tr\/dont-ssh-into-production\/","og_locale":"tr_TR","og_type":"article","og_title":"Don\u2019t SSH into Production - CloudMetrik","og_description":"Routine server system administration tasks should be handled with automation and services, through code and software. Logins via SSH to...","og_url":"https:\/\/www.cloudmetrik.com\/tr\/dont-ssh-into-production\/","og_site_name":"CloudMetrik","article_published_time":"2022-09-10T17:39:53+00:00","article_modified_time":"2022-10-06T12:20:31+00:00","og_image":[{"width":626,"height":417,"url":"https:\/\/www.cloudmetrik.com\/wp-content\/uploads\/2022\/06\/cloud-storage-background-business-network-design_53876-160252.webp","type":"image\/webp"}],"author":"user","twitter_card":"summary_large_image","twitter_misc":{"Yazan:":"user","Tahmini okuma s\u00fcresi":"3 dakika"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.cloudmetrik.com\/dont-ssh-into-production\/#article","isPartOf":{"@id":"https:\/\/www.cloudmetrik.com\/dont-ssh-into-production\/"},"author":{"name":"user","@id":"https:\/\/www.cloudmetrik.com\/#\/schema\/person\/3389a4b1a2a31ff191b3a5dbc2b8846d"},"headline":"Don\u2019t SSH into Production","datePublished":"2022-09-10T17:39:53+00:00","dateModified":"2022-10-06T12:20:31+00:00","mainEntityOfPage":{"@id":"https:\/\/www.cloudmetrik.com\/dont-ssh-into-production\/"},"wordCount":628,"commentCount":0,"publisher":{"@id":"https:\/\/www.cloudmetrik.com\/#organization"},"image":{"@id":"https:\/\/www.cloudmetrik.com\/dont-ssh-into-production\/#primaryimage"},"thumbnailUrl":"https:\/\/www.cloudmetrik.com\/wp-content\/uploads\/2022\/06\/cloud-storage-background-business-network-design_53876-160252.webp","keywords":["Cloud Computing","Cloud Security","SSH"],"articleSection":["Cloud Computing","Cloud Security"],"inLanguage":"tr","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.cloudmetrik.com\/dont-ssh-into-production\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.cloudmetrik.com\/dont-ssh-into-production\/","url":"https:\/\/www.cloudmetrik.com\/dont-ssh-into-production\/","name":"Don\u2019t SSH into Production - CloudMetrik","isPartOf":{"@id":"https:\/\/www.cloudmetrik.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.cloudmetrik.com\/dont-ssh-into-production\/#primaryimage"},"image":{"@id":"https:\/\/www.cloudmetrik.com\/dont-ssh-into-production\/#primaryimage"},"thumbnailUrl":"https:\/\/www.cloudmetrik.com\/wp-content\/uploads\/2022\/06\/cloud-storage-background-business-network-design_53876-160252.webp","datePublished":"2022-09-10T17:39:53+00:00","dateModified":"2022-10-06T12:20:31+00:00","description":"Routine server system administration tasks should be handled with automation and services, through code and software. Logins via SSH to...","breadcrumb":{"@id":"https:\/\/www.cloudmetrik.com\/dont-ssh-into-production\/#breadcrumb"},"inLanguage":"tr","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.cloudmetrik.com\/dont-ssh-into-production\/"]}]},{"@type":"ImageObject","inLanguage":"tr","@id":"https:\/\/www.cloudmetrik.com\/dont-ssh-into-production\/#primaryimage","url":"https:\/\/www.cloudmetrik.com\/wp-content\/uploads\/2022\/06\/cloud-storage-background-business-network-design_53876-160252.webp","contentUrl":"https:\/\/www.cloudmetrik.com\/wp-content\/uploads\/2022\/06\/cloud-storage-background-business-network-design_53876-160252.webp","width":626,"height":417,"caption":"Don\u2019t SSH into Production"},{"@type":"BreadcrumbList","@id":"https:\/\/www.cloudmetrik.com\/dont-ssh-into-production\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.cloudmetrik.com\/"},{"@type":"ListItem","position":2,"name":"Don\u2019t SSH into Production"}]},{"@type":"WebSite","@id":"https:\/\/www.cloudmetrik.com\/#website","url":"https:\/\/www.cloudmetrik.com\/","name":"CloudMetrik","description":"modernize, optimize and transform your cloud with AWS, Huawei Cloud, GCP and Azure Consultation","publisher":{"@id":"https:\/\/www.cloudmetrik.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.cloudmetrik.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"tr"},{"@type":"Organization","@id":"https:\/\/www.cloudmetrik.com\/#organization","name":"CloudMetrik Cloud Consultancy and Training Services","url":"https:\/\/www.cloudmetrik.com\/","logo":{"@type":"ImageObject","inLanguage":"tr","@id":"https:\/\/www.cloudmetrik.com\/#\/schema\/logo\/image\/","url":"https:\/\/www.cloudmetrik.com\/wp-content\/uploads\/2022\/01\/cloudmetriklogo_turuncumavi.png","contentUrl":"https:\/\/www.cloudmetrik.com\/wp-content\/uploads\/2022\/01\/cloudmetriklogo_turuncumavi.png","width":2480,"height":581,"caption":"CloudMetrik Cloud Consultancy and Training Services"},"image":{"@id":"https:\/\/www.cloudmetrik.com\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.linkedin.com\/company\/cloudmetrik\/"]},{"@type":"Person","@id":"https:\/\/www.cloudmetrik.com\/#\/schema\/person\/3389a4b1a2a31ff191b3a5dbc2b8846d","name":"user","image":{"@type":"ImageObject","inLanguage":"tr","@id":"https:\/\/secure.gravatar.com\/avatar\/b4c9a289323b21a01c3e940f150eb9b8c542587f1abfd8f0e1cc1ffc5e475514?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/b4c9a289323b21a01c3e940f150eb9b8c542587f1abfd8f0e1cc1ffc5e475514?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/b4c9a289323b21a01c3e940f150eb9b8c542587f1abfd8f0e1cc1ffc5e475514?s=96&d=mm&r=g","caption":"user"},"sameAs":["http:\/\/127.0.0.1"],"url":"https:\/\/www.cloudmetrik.com\/tr\/author\/user\/"}]}},"_links":{"self":[{"href":"https:\/\/www.cloudmetrik.com\/tr\/wp-json\/wp\/v2\/posts\/4934","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.cloudmetrik.com\/tr\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.cloudmetrik.com\/tr\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.cloudmetrik.com\/tr\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.cloudmetrik.com\/tr\/wp-json\/wp\/v2\/comments?post=4934"}],"version-history":[{"count":0,"href":"https:\/\/www.cloudmetrik.com\/tr\/wp-json\/wp\/v2\/posts\/4934\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.cloudmetrik.com\/tr\/wp-json\/wp\/v2\/media\/4755"}],"wp:attachment":[{"href":"https:\/\/www.cloudmetrik.com\/tr\/wp-json\/wp\/v2\/media?parent=4934"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.cloudmetrik.com\/tr\/wp-json\/wp\/v2\/categories?post=4934"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.cloudmetrik.com\/tr\/wp-json\/wp\/v2\/tags?post=4934"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}