RSS Feed Subscribe to RSS Feed

 

HelloWorld on an AWS EC2 instance

This is a basic “HelloWorld” tutorial for AWS EC2. We create an EC2 instance, enable the required access, and install Apache to serve a trivial HelloWorld html file.

 

(more…)

Tags: , ,

AWS Best Practices Architecting for the Cloud – Concise Summary

The following is a concise summary of Architecting for the Cloud: AWS Best Practices. The original is about 13,000 words; There is an abridged version of about 4,000 words, and this is an even more concise version, at about 1,500 words.

(more…)

Tags:

AWS Best Practices Architecting for the Cloud – Abridged

The following is an abridged version of Architecting for the Cloud: AWS Best Practices.This is essentially a cut and paste of the most salient parts (the original is about 13,000 words; this is about 4,000). For an even more concise version, see the concise summary (about 1,500 words).

(more…)

Tags:

AWS Well-Architected Framework – Abridged

This is an abridged version of the AWS Well-Architected Framework. It is essentially a cut and paste of the most salient parts (the original is about 18,000 words; this is about 4,000).

(more…)

Tags:

Kubernetes HelloWorld

This tutorial covers how to deploy a simple HelloWorld app on Kubernetes, and expose it externally (as you might for a UI service, for example).

I found setting up the Kube cluster deployment very straightforward, but making it externally accessible much trickier, however it boils down to just two commands:

    $ kubectl create -f boothello-deployment.yaml

    $ kubectl expose -f boothello-service.yaml

(more…)

Tags: , , , ,

Why use containers?

Containers, and the supporting orchestration platforms, are increasingly popular tools for deploying applications. This article focuses on why you would want to use a container ecosystem. While there are many reasons, including portability and reduced boot times (compared to VMs), this article concentrates on security and cost.

We will focus on Docker, since it is by far the most dominant container, and on Kubernetes, since it seems to have “won” against alternatives such as Swarm and Mesos.

(more…)

Tags: , , , , ,

Kubernetes Admin GUI

docker for mac now comes with Kubernetes support built in to it. It is now the easiest way to experiment with Kubernetes locally (previously,  minikube seemed to be the easiest way). This feature was announced at DockerCon Europe in late 2017 and is supported in docker for mac versions 17.12.0-ce-mac45 or later. Note however, you do need to use the Edge version.

When you get Kubernetes running via docker for mac, you can access the admin GUI as follows…

(more…)

Tags: , ,

Using Docker with a maven project

If you have a maven project, there are a plethora of ways to enable it to run within a docker container.

(more…)

Tags: , , , , ,

Rotate, Repave, and Repair

A quick summary of this thought provoking article “The Three Rs of Enterprise Security: Rotate, Repave, and Repair“, by @justinjsmith.

(more…)

Tags:

Post Production Debugging

Monitoring and Observing Your App Post Release

Pre-release tests are essential, but the ability to debug, monitor and observe your application suite post-release is what allows you to detect, and quickly fix, the production problems that will inevitably rise.

(more…)

Tags: , , , , , , , , , ,

AWS S3 SLAs

According to the AWS S3 docs, S3 is designed for 99.99% availability over a given year, but their SLA compensates you when availability drops below 99.9% monthly uptime. That is, you will receive some level of refund (up to 25%) if there is more than 43 minutes of downtime per month.

(more…)

Tags: , , ,

JWTs

This post is a quick and dirty introduction to JWTs. Honestly, there are better resources out there to learn about JWTs. See the references section below. These are just some of my own, fairly hastily written, notes…

(more…)

Tags: , ,

Proxies: Forward versus reverse proxy

What is the difference between a forward and reverse proxy?

TLDR;

  • A forward proxy is a client proxy. It manages outgoing traffic. For example, providing content restriction or facilitating anonymity.
  • A reverse proxy is a server proxy. It manages incoming traffic, providing benefits such as load balancing and rate throttling.
  • Both forward and reverse proxies can provide caching benefits.

 (Source)

(more…)

Tags: , , ,

Maven (mvn) build hanging

I recently had a problem with a maven build hanging when doing a ‘mvn install’.

I found some pointers in this post, and posting here in a modified form: http://forum.spring.io/forum/spring-projects/roo/121725-what-diagnostic-action-to-take-when-maven-hangs

1. In the hanging shell, hit CTRL-Z – this will suspend the program and give you a pid. An alternative way to get the pid is to do a “ps -ef” and search for you mvn command e.g. “clean install”
2. type bg [ENTER] – this will send the program to the background
3. Do a kill -3 of the process – it will dump a large amount of text – make sure your command line terminal history window is long enough to capture it all – will be several thousand lines of text
(alternative to #3 – you can try jstack with the pid, it is a Java stack trace generator)
4. You can see what threads are waiting on other threads from there (maybe, sometimes it’s a tight CPU loop)

Tags: ,

URL Encoding

URL encoding, also known as percent encoding, takes certain “reserved” characters and standardizes (or canonicalizes) them.

Why? This is normally done when transmitting data in html forms. For example, the # character has a special purpose in html (as an html anchor) and so is converted to make it clear that it is part of that data, not part of the html document where it is to be displayed.

Another (related) use is for prevention of XSS attacks. If your web page allows a user to enter text (for example, a comments box on a blog), it would be very easy for a motivated user to enter malicious text that will be interpreted as a script.

(more…)

Tags: , , , ,