While preparing the infrastructure for migrating RTFM from the DigitalOcean server to AWS (see AWS: basic infrastructure setup for WordPress) I decided to also try AWS ALB mutual authentication (for some reason I thought this feature launched at the last re:Invent, at the end of 2024, but it’s actually been around since late 2023 –… Read More »
I looked at the costs for the infrastructure described in the previous post AWS: basic infrastructure setup for WordPress, and let out a heavy sigh: One NAT Gateway is a quarter of my AWS spend, and even with AWS Credits I can’t help feeling a bit stingy about it. There’s an option to remove the… Read More »
It’s time for a major server upgrade for RTFM, which I usually do by migrating to a new server – because I also do various other upgrades along the way, like upgrading the PHP version or even migrating to a different cloud. This time I’m planning to move from DigitalOcean, where RTFM has been hosted… Read More »
In the previous post of the Home NAS on FreeBSD setup series, we got acquainted with restic – a utility for working with backups that supports encryption, snapshots, and change history; see FreeBSD: Home NAS, part 8 – backup of NFS and Samba data with restic. However, in addition to archival data in S3, I… Read More »
Continuing the topic of AWS Load Balancer logs: in the previous post, Golang: recording AWS Load Balancer logs to VictoriaLogs, we collected logs using our own logs collector in Golang. Now we need to get something useful out of these logs. Previously, when I had Loki on my project, we used its RecordingRules to create… Read More »
In the previous part, AWS: Getting Started with OpenSearch Service as a Vector Store, we looked at AWS OpenSearch Service in general, figured out how data is organized in it, what shards and nodes are, and what types of instances we actually need for data nodes. The next step is to create a cluster and… Read More »
AWS EKS Terraform module version v21.0.0 added support for the AWS Provider Version 6. Documentation – here>>>. The main changes in the AWS EKS module are the replacement of IRSA with EKS Pod Identity for the Karpenter sub-module: Native support for IAM roles for service accounts (IRSA) has been removed; EKS Pod Identity is now… Read More »
After migration to a new EKS cluster, we started getting alerts about 503 errors sometimes. The errors were happened in three cases: sometimes without any deployment, when all Pods were Running && Ready sometimes during deployment – but only on Dev, because there is only one Pod for API and sometimes during Karpenter Consolidation. Let’s… Read More »
To put it very simply, Celery is something we can use to perform tasks outside of our main service. For example, there is a Backend API that has some kind of endpoint to which mobile devices send information that the user has created a new whatever in the application. The task of the Backend is… Read More »
In Kubernetes, we run GitHub Runner for the build and deploy of our Backend API, see GitHub Actions: Running Actions Runner Controller in Kubernetes. But over time, we noticed that there was too much traffic on the NAT Gateway – see VictoriaLogs: a Grafana dashboard for AWS VPC Flow Logs – migrating from Grafana Loki.… Read More »