Category Archives: Virtualization

In computing, virtualization refers to the act of creating a virtual version of something, including virtual computer hardware platforms, storage devices, and computer network resources.

AWS: Lambda – copy EC2 tags to its EBS, part 1 – Python and boto3
0 (0)

13 October 2021

We have an AWS Elastic Kubernetes Service cluster, which has a few WorkerNode Groups that were created as AWS AutoScaling Groups by using the eksctl, see the AWS Elastic Kubernetes Service: a cluster creation automation, part 2 – Ansible, eksctl for more details. The WorkerNode Group configuration for the eksctl keeps a set of Tags,… Read More: AWS: Lambda – copy EC2 tags to its EBS, part… »

Loading

Kubernetes: Krew plugins manager, and useful kubectl plugins list
0 (0)

1 October 2021

One of the most valuable features of the kubectl utility is its plugins. Of course, there are things like Lens, widely used by developers who don’t like working in the terminal, or tools like k9s, but kubectl‘s plugins worth for a dedicated post. So, in this post, we will install Krew – kubectl‘s plugins manager,… Read More: Kubernetes: Krew plugins manager, and useful kubectl plugins list0 (0) »

Loading

Kubernetes: Helm – “x509: certificate signed by unknown authority”, and ServiceAccount for Pod
0 (0)

29 September 2021

We have Github runners in our AWS Elastic Kubernetes service cluster, that are used to build Docker images and deploy them with Helm or ArgoCD. On the first helm install run in a Github runner’s Pod, we are getting the “x509: certificate signed by unknown authority” error: [simterm] # helm –kube-apiserver=https://kubernetes.default.svc.cluster.local list Error: Kubernetes cluster unreachable:… Read More: Kubernetes: Helm – “x509: certificate signed by unknown authority”, and… »

Loading

AWS: disable TLS 1.0 and TLS 1.1 for Application LoadBalancer
0 (0)

27 September 2021

If check any of a freshly created AWS Application LoadBalancer with a certificate from the AWS Certificate Manager, and with an HTTPS Listener’s default settings you’ll see the B grade: The main point of the SSL Labs is the support of the deprecated encryption versions – TLS 1.0 and 1.1. AWS LoadBalancer SecurityPolicy and TLS… Read More: AWS: disable TLS 1.0 and TLS 1.1 for Application LoadBalancer0… »

Loading

AWS: Cost Explorer – costs checking on the CloudWatch Logs example
0 (0)

7 September 2021

This post isn’t an overview of the AWS Cost Explorer service, but just a quick example of how to detect costs for your AWS account and its services. So, when I came back from the vacation, I noticed that we’ve paid more than usually for the AWS CloudWatch for August – almost 50 dollars per… Read More: AWS: Cost Explorer – costs checking on the CloudWatch Logs… »

Loading

AWS: Lambda functions – an overview, and integration with AWS API Gateway
0 (0)

18 August 2021

AWS Lambda allows running a code without the need to create and manage servers, also known as the serverless approach. AWS Lambda will determine how much CPU and memory is needed to run a function, and when it’s necessary it will perform autoscaling. A code to be running is organized in lambda functions and can be… Read More: AWS: Lambda functions – an overview, and integration with AWS… »

Loading

Tableau: install Tableau Bridge to access a database server in a private network
0 (0)

9 August 2021

To access a database server, that has no public access (as it must be – access only inside an AWS VPC), Tableau suggests using its tool called Tableau Bridge. The idea is to have a Bridge service running in a network, which has access to a database server via its Private IP. Also, Bridge will… Read More: Tableau: install Tableau Bridge to access a database server in… »

Loading

AWS: Route53 Private Hosted Zones — hiding domains from the Internet
0 (0)

26 July 2021

Private Hosted Zone in AWS Route53 allows to limit access to DNS records of a domain, thus making it inaccessible for the DNS Enumeration (or DNS brute-force), when an attacker checks for available records in a domain to know endpoints list to check them for vulnerabilities. For such attacks, there is a lot of utilities… Read More: AWS: Route53 Private Hosted Zones — hiding domains from the… »

Loading

AWS: WAF WebACL logging and Logz.io integration
0 (0)

22 July 2021

In the first post – AWS: Web Application Firewall overview, configuration, and its monitoring – we spoke about its main components, created a WebACL and Rules for it, and did basic monitoring. Also, we’ve configured WebACL’s logs collection with AWS Kinesis, but now it’s time to see them Logz.io, as CloudWatch Logs isn’t available for… Read More: AWS: WAF WebACL logging and Logz.io integration0 (0) »

Loading

AWS: Web Application Firewall overview, configuration, and its monitoring
0 (0)

19 July 2021

AWS WAF (Web Application Firewall) is an AWS service for monitoring incoming traffic to secure a web application for suspicious activity like SQL injections. Can be attached to an AWS Application LoadBalancer, AWS CloudFront distribution, Amazon API Gateway, and AWS AppSync GraphQL API. In case of finding any request that sits WAF’s rules, it will… Read More: AWS: Web Application Firewall overview, configuration, and its monitoring0 (0) »

Loading