Category Archives: Scripting/coding

AWS: Lambda – copy EC2 tags to its EBS, part 1 – Python and boto3

13 October 2021
 

 We have an AWS Elastic Kubernetes Service cluster, which has a few WorkerNode Groups that were created as AWS AutoScaling Groups by using the eksctl, see the AWS Elastic Kubernetes Service: a cluster creation automation, part 2 – Ansible, eksctl for more details. The WorkerNode Group configuration for the eksctl keeps a set of Tags,… Read More »

Git: scan repositories for secrets using Gitleaks

16 August 2021
 

 A confidential data leak such as RDS keys or passwords to a Git repository, even if it is a private Github repository, is a very bad thing and it’s good to check your repositories to know if any developer pushed a commit with such data. Scanning utilities To check Git repositories for a leak, at… Read More »

Jenkins: Redis deployment, and Helm subchart values

1 November 2020
 

 The task is to create a Jenkins job to deploy Redis to Dev/Stage/Prod Kubernetes clusters. In the Redis: running Master-Slave replication in Kubernetes we did it manually to see how it’s working, now it’s time to automate it. The main question is how to pass parameters for different environments during the deployment? I’d like to… Read More »

Linux: processes core dumps, systemd-coredump and Debian

14 March 2020
 

 Need to get a dump from fro ma PHP process on Debian 9. In this post will take a Linux kernel mechanism to create and manage processes dumps. Kernel’s dumps are created in another way, check Kdump на Arch Wiki. Linux Core Dump The kernel will create a process dump if it performed an invalid… Read More »

Linux: PHP-FPM, Docker, STDOUT and STDERR – no an application’s error logs

24 February 2020
 

 We have a Docker image with NGINX, PHP-FPM, and Supervisor. In the same image, we have our PHP application included, which outputs its errors to the /dev/stderr as per its php.ini file: … [global] error_log=/dev/stderr … The problem is, that if run kubectl logs –  there will be no error output from the application. So,… Read More »

PHP: PHP-FPM ignores environment variables – solutions

19 February 2020
 

 We have a PHP-based application running in Kubernetes and uses settings from a /app/.env file plus environment variables. The problem is that application running in a Docker container can’t see an $TEST_VAR variable although it’s present in the Deployment: … containers: – name: application-dev-web image: bttrm-application:119 … – name: TEST_VAR valueFrom: secretKeyRef: name: bttrm-app-secret key:… Read More »

Debian: php7.3-curl : Depends: libcurl3 (>= 7.44.0) but it is not installable

23 January 2020
 

 We have a Jenkins job that runs a Docker container to build a PHP-application based on the Yii framework. Suddenly during the build, we got an error: … Some packages could not be installed. This may mean that you have requested an impossible situation or if you are using the unstable distribution that some required… Read More »

Chromium: Linux, keyrings && Secret Service, passwords encryption and store

10 December 2019
 

 One of the motives to go deeper into the keyrings (see the What is: Linux keyring, gnome-keyring, Secret Service, and D-Bus post) was the fact that Chromium, surprise-surprise, keep passwords unencrypted if a Linux system has no keyring and/or Secret Service enabled. So, let’s try to find how and where Chromium store passwords, and the… Read More »

Redis: fork – Cannot allocate memory, Linux, virtual memory and vm.overcommit_memory

28 August 2019
 

 Currently, I’m configuring a Redis as a caching service for our application and during that, I faced with the question: do I need to set vm.overcommit_memory to the value 1, i.e. disable it – or not? The question is quite old for me, see The story, but only now I found time to get to… Read More »

SonarQube: running tests from Jenkins Pipeline in Docker

18 June 2019
 

 The task is to run our backend PHP tests using SonarQube from a jenkins Pipeline job. Jenkins running in Docker and all its builds also uses Docker. The main issue I faced during this setup was the fact that SonarQube’s container inside spawns another process with Elastisearch (while Docker concept says “1 service per one… Read More »