Category Archives: Amazon Web Services

Amazon Web Services is a subsidiary of Amazon that provides on-demand cloud computing platforms to individuals, companies and governments, on a paid subscription basis.

Kubernetes: part 3 – AWS EKS overview and manual EKS cluster set up

15 August 2019
 

 Let’s proceed with our Kubernetes journey. Previous parts: Kubernetes: part 1 – architecture and main components overview Kubernetes: part 2 – a cluster set up on AWS with AWS cloud-provider and AWS LoadBalancer In this part we will start working with AWS Elastic Kuberneters Service (EKS) – its short overview, then will create Kubernetes Control… Read More »

Kubernetes: part 2 – a cluster set up on AWS with AWS cloud-provider and AWS LoadBalancer

10 August 2019
 

 In the first part – Kubernetes: part 1 – architecture and main components overview – we did a quick glance about Kubernetes. The next thing I’d like to play with is to manually create a cluster using kubeadm, run a simple web-service there and access it via AWS LoadBalancer. The main issue I faced with… Read More »

AWS RDS: “SQLSTATE[22001] – Data too long for column” using MariaDB 10.2

8 August 2019
 

 We have a PHP-application with the AWS RDS MariaDB as a backend. On the previously used 10.0 version all was good, but right after we upgraded to the MariaDB 10.2 – got errors during tests: PDOException: SQLSTATE[22001]: String data, right truncated: 1406 Data too long for column ‘name’ at row 1 in /data/projects/projectname/vendor/yiisoft/yii2/db/Command.php:1290 The first… Read More »

AWS: S3 Cross-Region Replication with DeleteMarkers set up

17 July 2019
 

 At this moment I’m configuring a new CDN for our project. Will use CloudFront and Cloudflare here so need to create two dedicated buckets with different names – cdn.cfr.example.com => CloudFront and cdn.cfl.example.com => Cloudflare. To avoid coping data each time to both buckets – an AWS S3 Cross-Region Replication can be used, so data… Read More »

AWS: IAM users keys rotation, EC2 IAM Roles and Jenkins

30 May 2019
 

 Today I checked our IAM-users and “suddenly” recalled that it’s good to update their credentials sometimes: Well, that’s good to do but here is a question: it’s simple enough to set an expire for keys in IAM, but what to do with all scripts which are used in our Jenkins and which are using those… Read More »

Debian: unattended-upgrades – automatic upgrades installation with email notifications via AWS SES

23 May 2019
 

 A unattended-upgrades package performs automated upgrades installation on Debian/Ubuntu systems. It’s a Python script (1500 lines) located at /usr/bin/unattended-upgrade (and /usr/bin/unattended-upgrades is a symlink to the /usr/bin/unattended-upgrade). CentsOS/RHEL analog – yum-cron. Install it: The main config file is /etc/apt/apt.conf.d/50unattended-upgrades where upgrade types, email settings etc can be configured. Upgrades related schedules are done in the… Read More »

AWS: VPC peering DNS resolution and DNS settings for OpenVPN Access Server

17 May 2019
 

 We have a VPC with OpenVPN Access Server running. This VPC is connected with other VPCs in our AWS account. The issue is that currently when a user is connected to VPN for the DNS resolution into EC2 instances private IPswe are using dnsmasq service on the VPN-host which has a /etc/dnsmasq.hosts file where are manually… Read More »

AWS: MariaDB RDS – kill: You are not owner of thread

14 May 2019
 

 We have AWS RDS with MariaDB. The error below and its solution aren’t specific to AWS RDS and MariaDB. The next error appears during attempt to kill() a thread in MySQL: The solution is to use the mysql.rds_kill() procedure instead: Execute it: For Azure MySQL, there is a similar procedure mysql.az_kill(). Done.

Bitwarden: an organization’s password manager self-hosted version installation on an AWS EC2

1 May 2019
 

 We consider Bitwarden as a passwords keeper for our project with the main goal to have an ability to have separated access to secrets by user roles and/or ACLs. I.e. Pass or KeePass are good for self-usage by one person but they have no main things – a normal web-interface and role-based access to data.… Read More »