Engineering👨💻 Quick, what's web3? Web 1 — Everyone sees same content when they open a website. Servers just had filesystem and nothing else. Creation is limited to people with some learning curve. Ran from 1991-2004. Still a significant part of current ecosystem under CDNs. This is analogous to newspapers and other such media. We can
Engineering👨💻 on-demand flask environments This blog is a work in progress, and shall be revisited with more details, script and validation of given references. Not yet tested. For Beanstalk: * Reference: https://python.plainenglish.io/deploy-a-python-flask-application-to-aws-elastic-beanstalk-55fb39f4903a This example doesn't explicitly cover how to spawn RDS cluster or connect to RDS database. Refer to https://docs.
Engineering👨💻 3vs of a Roadmap Minimum Viable Roadmap guidelines When we get a PRD/Business objective, we should remind ourselves the formula of 3Vs.: Vision, Value and Visibility. Vision: Defines the broader achievement, aligned with our customer sector. To create a win-win situation with our customer base, and align it with larger goal of the
Engineering👨💻 Enforcing pre-commit hooks When team works together, it's often natural and best to have pre-commit hooks that aligns style, and basic syntax checks before the code makes it to main branch. However, enforcing this often becomes a cultural topic, as people have to follow it by practice. Due to friction and time constraints,
Engineering👨💻 Passing docker images without registry I always wished for a way to quickly transfer a docker image from one machine to other machine, without the hassle of registry setup and access control. Until today, I was always sending (copy-paste) Dockerfile and building the image in destination machine again. Given the predictability, it works wonderful. But,
Engineering👨💻 nginx+ssl A quick guide on setting up ssl cert on a domain, and configuring nginx for the same. While there are quite a few options to get ssl certificates from trusted third parties, the most economical option is letsencrypt as it offers certs for free. Please donate to https://letsencrypt.org
Engineering👨💻 Ephemeral dev environments Scenario is to create ephemeral dev environmnets in an AWS account with git branches. Note: We assume all dev environments connect to a single database instance. The idea is to create frontend (cloudfront+s3) and backend (ALB+TargetGroup+Ec2) and add respective DNS records. Frontend: AWS Amplify Console is a
Engineering👨💻 Proxy pass with Cloudflare workers This is sample POC for the problem below. Problem For a website, * if http:// and/or www is used, it should be redirected to https://example.com * for /blog, worker should proxy pass to https://blog.example.com * for /pricing, proxy pass to https://pricing.example.com Proxy pass: It
Engineering👨💻 RDS Aurora URLs When we create an Aurora cluster with a writer instance and reader instance(s), there are quite a few URLs to connect our application to. We explore the when and why of each. Cluster URL In the format of .cluster-..rds.amazonaws.com The primary URL sends all queries to
drafts Devops flow Note: This is a draft published without editing. The list isn't exhaustive and definitions are loosely based on personal experience rather than standard. A rough overview of a Devops workflow (as per what's evolved so far) would look like this: At its core.. devops tries to make everything-as-a-code, and easier
Engineering👨💻 Deploy static websites Cloudflare+S3 Guide to deploy a static website with s3 bucket, backed by cloudflare. * Create S3 bucket with the name as intended domain. In this blogpost, I'm using https://travelsanta.com * Enable static website hosting: * Allow Public Access: * Use the bucket policy on S3: { "Version": "2012-10-17", "Statement": [ { "Sid": "PublicReadGetObject", "Effect": "Allow", "Principal"
Engineering👨💻 Gsuite login to AWS Organisation How to setup gsuite Saml login for multiple aws accounts
Engineering👨💻 What is a VPC This post is for beginners. What’s a Virtual Private Cloud (VPC)? VLANs in networking terminology. It’s a private network in cloud where you launch our servers. VPC makes it appear as if all our servers and few cloud services are in a small private network, in complete isolation.
Engineering👨💻 Monitoring and siblings A quick attempt to explain core differences. Monitoring: "Whats happening currently?" using dashboards and reports based on metrics (what we measure goes here.) ex. all requests are currently processed within 2ms. Alerting: "Something interesting happened, and I've an action to do." ex. 20 requests in last 1 minute took more
Engineering👨💻 Service Discovery and Mesh In the wake of microservices, it's hard to maintain how services communicate with each other. Microservices maintain config files to know how to talk to other services. This is an error prone approach as config file is maintained by humans. The most common solutions to tackle this, are either DNS
Engineering👨💻 Quick Ansible to update a file Self reference. Use case was to update a configfile (datadog) in all currently running instances..And restart the process. - hosts: all tasks: - name: line insert lineinfile: path: /etc/datadog-agent/datadog.yaml insertafter: 'collect_ec2_tags: false' line: 'collect_ec2_tags: true' notify: - restarting become: true handlers: -
Engineering👨💻 Blue green deployment Blue-Green is a software deployment strategy that solves a particular problem: Previous version is still available until new version is completely validated. How does it work: Let's say we've to deploy our software. It's a typical 2-tier architecture, with a load balancer and set of servers behind it. For every
Engineering👨💻 Terraform modules What're terraform modules? > Module is an abstraction for multiple resources which can be reused. Let's say we define our website service with the following layers in AWS: * s3 for static resources (html, css, js, images, etc.) * cloudfront for cdn * application load balancer for receiving backend calls * Target group with autoscaling
Engineering👨💻 clear chef nodes: quick and dirty Note: Intended for self reference. We've to delete clients/nodes from chef when an ec2 instance terminates. We've followed the pattern of using instance id as chef node id. And the following script helps to delete nodes that are terminated. The script runs every 15 minutes. #!/bin/bash # Scan for
Engineering👨💻 How long does it take? "It depends." Yes, it depends. We never know how long does a task take with accurate assumption. But that's not helpful. Estimates matter. If time isn't a factor in whatever humans want to acheive, we might've acheived much lesser than where we're today. Those bridges aren't 100% perfect, they may
Engineering👨💻 Continuous integration, delivery and deployment Scenario: Mono-repo with multiple projects hosted on github.. We need a CI/CD setup for this, whenever a pull request is raised. Inputs: * Code hosted on Github Continuous Integration/CI server: * CI server shall merge incoming branch into master in its environment, when a pull request is made. * Run unit
Engineering👨💻 Security group rule as a resource An ongoing document on terraform clean practices I follow. Type 1: Ingress defined inside the same resource as security group. resource "aws_security_group" "sample-sg" { name = "sample-sg" vpc_id = "${aws_vpc.default.id}" ingress { protocol = "tcp" from_port = 443 to_port = 443 cidr_blocks = ["0.0.0.0/0"] } } type
Engineering👨💻 Recover mongo secondary Due to various reasons, mongodb secondary goes out of sync and might be dead/stuck in recovered state or replication lag grows beyond acceptable limit. Instructions 1. Make sure primary is up and running. Login to primary mongo, let’s say calendar-mongo-rs-1-1. 2. Check acceptable mongodb replication lag. You can
Engineering👨💻 Pets and cattle of infrastructure The metaphor is quite common in cloud for servers. Gist: We name pets and take care of them, nurse them. We ensure pets are in healthy state always and attend immediately if otherwise. We number cattle. When one gets ill, we shoot them. We ensure new cattle spawns up, by
