Previously we used cloud-based Sentry version but then reached emails limit and our backend-team left without those notifications which are critical for their work. A self-hosted version was planned a long time ago so now we have a chance to spin it up. The post below describes how to start self-hosted Sentry on an AWS… Read More »
We have a VPC with OpenVPN Access Server running. This VPC is connected with other VPCs in our AWS account. The issue is that currently when a user is connected to VPN for the DNS resolution into EC2 instances private IPswe are using dnsmasq service on the VPN-host which has a /etc/dnsmasq.hosts file where are manually… Read More »
We have AWS RDS with MariaDB. The error below and its solution aren’t specific to AWS RDS and MariaDB. The next error appears during attempt to kill() a thread in MySQL: [simterm] MariaDB [(none)]> kill 759; ERROR 1095 (HY000): You are not owner of thread 759 [/simterm] The solution is to use the mysql.rds_kill() procedure… Read More »
We consider Bitwarden as a passwords keeper for our project with the main goal to have an ability to have separated access to secrets by user roles and/or ACLs. I.e. Pass or KeePass are good for self-usage by one person but they have no main things – a normal web-interface and role-based access to data.… Read More »
I’m sure that using MFA (Multi-Factor Authentication) today is oblivious. For 2FA (2-Factor Authentication) the most used method is TOTP – Time-based One-time Password, when alongside with the common login:password also needs to enter a code generated by a device or software. The most known implementation is Google Authenticator but also there is a lot… Read More »
Proceeding with a Github repositories checker. To recall: the idea is to have such a check in case if somebody from developers accidentally will share our project’s private repository as public, or will create a public repository instead of making it as a private one – we will get a Slack alarm about such a… Read More »
Originally, in a Sentinel’s configs, I have used the bind 0.0.0.0 to make them accessible from external hosts. Because of this when I started rolling out this setup on a real environment faced with an issue when Sentinels could not determine a Master host and other Sentinel hosts. In this post – such an issue… Read More »
This story happened on 10/06/2017, adding this post in English now. The original post (Rus) was written almost right after the well-known Not a Petya attack in Ukraine – that’s why it’s used in the title. I had a new project assigned to me. When I started its existing setup investigation – was just shocked.… Read More »
Minikube – a utility to run a Kubernetes cluster locally on your PC. It can use Virtualbox, VMware, Hyper-V etc hypervisors which will be used to create a virtual machine with a Kubernetes cluster. Minikube is a great tool for developers or DevOps engineers to test deployments/services etc without the need to create and configure… Read More »
chroot() was added to the Version 7 Unix in 1979 and used for filesystem isolation. In fact, it’s the predecessor of the whole current containerization idea, just now there are namespaces and cgroups are used while earlier chroot was used to create an environment which is isolated from a host and can be used for… Read More »