Create More Efficiency for DevOps by Automating Security Patches

Security PatchAt LeaseWeb we are always looking for ways to automate tasks and processes to make the work of our engineers easier and allow them to spend more time on innovation rather than repetitive tasks. One of those tasks is the installation of (monthly) recurring security updates (Windows, Linux, etc.).

Not every company has the latest security patches installed, as evidenced over the last view months with the ransomware attacks (WannaCry for example). Fortunately, within LeaseWeb we were up to date and not impacted by the ransomware attacks, but it does highlight the importance of these security updates.

The events also raise the question if some companies did not have all their updates in order because the tedious deployment task of such patches may not be on every engineer’s “favorite things to do” list.

Within our product engineering department, we also struggle with the task of deploying these patches each month due to the amount of work that goes into deploying these updates on all our systems. For this reason, one of our teams decided to automate this job as much as possible.

At first we considered using Chef which was already heavily used in our company; however, we found that it was not the best option particularly for Windows updates.

After conducting more research, we selected Ansible.  For those unfamiliar with Ansible, it is a simple yet powerful open source automation platform. This product can help with configuration management, application deployment and task automation. Unlike Puppet or Chef, it doesn’t use an agent on the remote host. The main reason we chose Ansible is it already has a nice way to deploy patches on Linux boxes via SSH, but also has a module for Windows updates.

We then set out to configure Ansible for Windows and Linux updates. Linux was easy. It only required SSH connections from a specific system, which in our case was an Ansible management server, and then running a playbook.  But for Windows it was a bit more challenging.  For this system Ansible uses Windows remote management services or WIN_RM.  To set this up you need to enable WIN_RM, open some firewall ports, and start the services.

Fortunately, Ansible provides a nice PowerShell script to do all these tasks for you.  We did discover a downside when trying to remotely run this PowerShell script.  It failed because it needed to run with elevated security permissions, and Windows 2016 prompts the user to confirm these elevated rights executions.

Unfortunately, not all our Windows servers have Chef running, so we had do come up with a different way of enabling WIN_RM and opening firewall ports. In the end we decided to spread the workload of running this script amongst some team members because as the saying goes, “many hands make light work.”

The end result is that we now have both Windows and Linux servers ready to receive patches from Ansible, saving our team time which can be used for other tasks instead of deploying these patches every four weeks.

We still have some work left to do such as completely removing the remaining manual actions. At the moment, someone still needs to login to an Ansible jump host (which we use to connect to different networks) and run the playbook. We also have to manually put systems in downtime in our monitoring platform.

One other important thing we still need to implement is a result check in order to know if a deployment was successful or not.

But now that we have more time on our hands, I am confident it will get done.


4 Ways to Make Sure Your Webshop Stays Open

e-commerce hostingWhile global e-commerce sales are predicted to approach $2.5 trillion this year and continue to grow to nearly $4 trillion by 2020, according to a recent eMarketer report, the market remains highly competitive.

Nearly 80 percent of new e-commerce sites ultimately fail, and companies need to have a strong understanding of their market, trends, merchandise, platform, and e-commerce hosting if they want to be among the minority of sites that succeeds.

Most importantly, though, new sellers must understand their customers. More than any other factor, knowing your customer is what will allow you to deliver a first-class online experience.

Read the rest of this entry »

U.S. Data Center Upgrades for Even Better Performance

data centerLast month, I wrote about five things you can do to ensure shorter load times for your sites. Today I want to look at a sixth, positioning your services as close as possible to your end users.

LeaseWeb entered the U.S. market in 2011, in part because our clients across Europe and Asia needed North America-based hosting. Over time, we’ve grown our presence, both organically and through acquisition. We now operate 10 data centers across the continent with local U.S. based support.

Positioning services closer to end users enhances customer experience by decreasing content delivery times. Geographic spread also provides the safest disaster recovery and remote backup solutions for maximum uptime.

Read the rest of this entry »

From Hyperscale to Open Options: Preparing for Hybrid Cloud with Microsoft Azure Stack

Microsoft Azure StackFollowing the recent announcement of our Azure Stack Beta program, we spoke with LeaseWeb’s Technical Evangelist Robert van der Meulen about how Azure Stack will usher in a new era in hybrid cloud computing. Today’s cloud adopters will see many benefits by developing a hybrid cloud strategy that combines the features of both open cloud providers like LeaseWeb and hyperscalers like Microsoft’s Azure.

Why is LeaseWeb offering Azure Stack Beta (ASDK) and what is the demand from customers like?

It helps IT teams to experience in practice what kind of services Azure Stack brings, and how they fit in their existing and planned landscapes. Particularly it shows how public cloud-like services can be available in the trusted environment of a private cloud, or hosted data center. Azure Stack addresses the market for private cloud services with public cloud capabilities. The ASDK opens that environment up without the large up-front investment, and gives IT teams the capability to validate that their solution will work in a private Azure Stack setup.

Read the rest of this entry »

Embrace Your Natural Talent for True Career Success

Career Success

Most people have tried at some point to be someone they’re not. Sometimes it’s because we like the change, and sometimes it’s because we feel like we have to change in order to fit in.

When I was a little boy, I loved playing football. While I was a decent central defender and right wing-back, because I was fairly strong and had a good pace and a fierce shot, I ended up as a striker once in a while, too.

My technique and instincts let me down when trying to be a good striker, though. I’m more a problem solver than somebody who loves to score. I love to steer a team from the back, and come time to make a decision, I thrive under pressure. And I have a tendency to lead and help other people out, which are all good assets for a defender.

A striker, however, needs other qualities. The best strikers are patient, focused on individual success, and maybe even a little egotistical at times.

Read the rest of this entry »

Protecting Your Business From Increasingly Sophisticated Cyberattacks

cyberattacksWhether you’re leading a Fortune 500 company or your own small business, cybersecurity must be a fundamental business objective. Several high-profile cyberattacks in the first half of 2017 have affected organizations of all sizes all over the world, and these attacks are only going to become more common and more sophisticated.

As a business leader, it’s important to understand that the threat is constant. Even if you’ve never experienced an attack, your servers are perpetually being scanned by hackers for vulnerabilities — and the damage can be fatal to your business. A cyberattack can result in the loss of critical information, putting the reputation of your brand at stake.

If you suffer a cyberattack and are able to react quickly, it’s certainly possible to mitigate the damage to your business and your customers, though containing an attack can get tremendously expensive. If you have a plan in place, however, you can save yourself a lot of time and money — and protect the future of your business.

Read the rest of this entry »

The Secret to Shorter Load Times on E-Commerce Sites

shorter load timesE-commerce sales have increased dramatically over the past few years, and the growth continues to accelerate. Between 2015 and 2016, online sales increased almost 16 percent, and e-commerce is expected to continue to grow at rates above 20 percent. For online sellers and developers of e-commerce sites, this means the market will only become more competitive, and shorter load times will become more important.


Alongside increased sales, internet speeds continue to rise — and so do consumer expectations for online experiences. A measly four-second wait time causes 25 percent of site visitors to abandon a page, and for a site as large as Amazon, a single second of slowdown could cost $1.6 billion. Those numbers are nothing to sneeze at.


If your competitors’ sites load faster than yours, you could see your revenue start shifting to them. The effect is multiplied the longer you ignore your slow website, so why wait? The first step is to identify the mistakes that could be slowing down your website, keeping you from shorter load times, and costing you customers and cash. Next, you can take steps to correct them:

Read the rest of this entry »

How we build our API documentation

API DocumentationIf you have ever used APIs you know that good documentation is important. It should also always be up-to-date. In this post I’m not going to discuss how to write documentation and what is required, but rather which tools we use to get the documentation updated as quickly as possible on our developer portal (

We employ a number of different tools to help with the process.

  1. RAML (

Good documentation starts with good specifications. For this we have decided to use RESTful API Modeling Language (RAML) (created by MuleSoft), together with tools like raml2html ( for creating HTML. Using templates, we can create the HTML as we need it for further processing. Within the RAML specifications, we give descriptions to each endpoints that will become the documentation a user can see on the site.

We already had experience with RAML, which made our choice easy, but there are other tools/specifications around that can do the same. Swagger ( is probably the largest and most supported framework around.

Read the rest of this entry »

How to Choose the Right SaaS Hosting Provider

SaaS HostingOver the past decade, SaaS has grown to be the primary service delivery model for companies across all industries, and according to a recent Gartner report, over 70 percent of companies utilize the model. While that same report forecasts slower growth in the SaaS market over the next few years, it predicts that among all global cloud services, only Infrastructure as a Service (IaaS) will grow more quickly.

There are a number of reasons for the success of the SaaS model, including the flexibility and scalability it offers. The fact that companies can easily offer new integrations and software upgrades to users on an ongoing basis — and test new features and functionality without having to wait for a full release — makes it a more efficient and cost-effective way to provide software.

As the leader of an SaaS company, however, you’ll also be faced with some challenges that are unique to this type of delivery model. SaaS companies often have to process tremendous amounts of data — a challenge that grows as your company also increases in size — and must serve a geographically dispersed user base with demanding security and accessibility requirements. Because of this, finding the right SaaS hosting provider is an important decision.

Read the rest of this entry »

Management Training Is Taking Off

management trainingAt Leaseweb we recently kicked off our Management Development Program. Socrates famously said “Know thyself”, but this is only the beginning. Self-knowledge also leads to a better understanding of the people around us, and the ability to work together in teams. This is why the first step in the program is such an important one: looking into everyone’s unique talents, behaviors, and potential.

Since Leaseweb’s history is connected to aviation, we decided to bring teams to a Flight Simulator session. Besides it being a unique and enjoyable experience, it teaches you that there are many circumstances win which you can’t rely on previous experience, and that our natural, immediate responses to stressful situations are often based on ineffective patterns of behavior. Landing a virtual airplane, without any previous experience, can teach you a tremendous amount about teamwork and the importance of clear communication.

Read the rest of this entry »

LeaseWeb on Twitter

One month left to sign up to #GDC18! Book a time to meet with us and stop by booth 1601: @Official_GDC #Leaseweb

test Twitter Media - One month left to sign up to #GDC18! Book a time to meet with us and stop by booth 1601: @Official_GDC #Leaseweb

Don't miss the 5 key reasons your business could benefit from adopting hybrid cloud solutions #Leasewebblog #hybridcloud #growyourbusiness

test Twitter Media - Don't miss the 5 key reasons your business could benefit from adopting hybrid cloud solutions #Leasewebblog #hybridcloud #growyourbusiness

Meet our Leaseweb experts at Mobile World Congress 18! Find out how we can help create a better future! #MWC18 #Leaseweb #betterfuture

test Twitter Media - Meet our Leaseweb experts at Mobile World Congress 18! Find out how we can help create a better future! #MWC18 #Leaseweb #betterfuture