csuttles (⌐■_■)

Memento Mori

Recently, I started doing the 100 days of code challenge. I'm off to a slow start, since I am juggling more than usual in my personal life. If you're curious about my progress, you can see my 100 days of code repository on GitHub. First steps I'm revisiting Java and C fundamentals at the same time. I hope to improve my skills in both, as well as gaining some insight at a meta level on just "programming".

This post takes a look at using Hashicorp's Vault to manage dynamic database credentials, using Chef. For this post (and the my previous post on Vault), I started working with Vault pretty quickly via this docker-compose setup I found via GitHub. It's a very quick way to get a Vault instance with a Consul backend. You'd never do this for production, since they are single instances, but for functional testing, it's enough.

This post takes a look at using Hashicorp's Vault to manage secrets for SSH authentication. For this post, I started working with Vault pretty quickly via this docker-compose setup I found via GitHub. It's a very quick way to get a Vault instance with a Consul backend. You'd never do this for production, since they are single instances, but for functional testing, it's enough. Requirements What are we trying to accomplish?

This post will explore publishing a very simple Docker image to Docker Hub in a simple CI pipeline. I used a couple similar posts and documentation for reference while setting this up: Building your first Docker image with Jenkins 2: Guide for developers How To Build Docker Images Automatically With Jenkins Pipeline Using a Jenkinsfile You can find my repository for this post here: https://github.com/csuttles/dockerci Overview The CI pipeline built in this post is something like this:

I decided to take a attend a Meetup on Serverless (Oracle Fn project), and it was a lot of fun. The first talk was excellent, and that will be the focus of this post. Fn Presentation The talk started with some history on the speaker, Chad Arimura, and some of the companies he's launched, as well as a few obligatory slides to level set things ("What is serverless?"). After the brief pre-amble, Chad got into the meat of the presentation, which was close to the quickstart on the Fn github page.

Adequate I bought and recently read The Kubernetes Book, and it was not great, but also not terrible; it was just OK. Pros It's pretty cheap (~$12.00 on Amazon at the moment). It's a decent whirlwind tour of Kubernetes. Nothing goes very deep, but the concepts presented are accurate. The book introduces different deployment types (minikube, single node, and your basic HA/PROD design), as well as building blocks of Kubernetes. The introduction of the API, Pods, Replication Controllers, Replica Sets, and Deployments are all easy to follow and describe them in sufficient detail through simple examples.

Trifecta! Last week, I passed the AWS Certified SysOps Administrator - Associate exam. This is my third AWS associate level certification, and I am excited to finish the associate tier. This was the toughest associate level exam by far. Preparation Like the other exams I took, I used LinuxAcademy and ACloudGuru content (purchased through Udemy). I also bought a Quiklabs subscription again; I canceled my previous one after a month, because it's a little pricy if you aren't using it actively.

Here's a very quick, practical example why it is important to limit access in AWS security groups for your bastion hosts (jump hosts). sudo grep -oP '(?:\d+\.){3}\d+' -h /var/log/secure* | sort |uniq -c | sort -n | awk '{sum +=$1 ; count ++} END {print sum, count}' 65546 1680 This is a sum of log lines (auth attempts) per IPv4 address and count of unique IPv4 addresses in /var/log/secure* from an instance with SSH open to the world.

In my last post I talked about a Udemy course on building webapps with Python, Flask and Mongo. I wasn't quite finished with the last app in the course (Pricealert) at the time of my last post, but the bones were in place. This post is about that long 10% of a project that starts when you are "%90 done". Pricealert I've committed a lot of updates in the last week, and now the application really looks like a web application and is ready to get broken out into a separate repository.

I decided to take a Udemy course on building webapps with Python, Flask and Mongo, and it's been a lot of fun. You can find my Github repo for the course here: https://github.com/csuttles/udemy-python-webapps. I'm not a web developer. I've always been focused on writing backend stuff, and operational glue. That's part of what made me decide to do this. I wanted to spend some time just playing with Python and playing means doing something a little different than what I do at work.