Home ¦ Posts ¦ Books ¦ Articles ¦ Talks ¦ Notes > Category: infrastructure ¦ Atom

Posts on infrastructure

Generate yourself some Terraform code from TOML

In this post, we will see how we can use Golang to generate Terraform configuration from a TOML specification. That is, given a TOML file, like:

subnet_name = "SubnetA"

rules = [
    {rule_no=101, egress = false, protocol = "tcp", rule_action = "allow", cidr_block = "127.0.0.1/32", from_port = 22, to_port = 30},   
]

We will generate …


Getting a docker container's stdout logs into a variable on Linux

docker logs by default shows the container's stdout and stderr logs. However, what I discovered was that the stderr logs from the container are output to the host system's stderr as well. I was expecting everything from the container to be on the host's stdout.

Let's see a demo. Consider …


ASP.NET Compilation and other files don't mix

I love working in software. Mostly things work as expected, but at times no. I changed A, how can Z be affected - after all they are all miles apart. Right? Wrong. Z can be affected. Today's story is the latest - totally unexpected, but not surprising.

Background

We run ASP.NET …


Poor man's zero downtime deployment setup using Traefik

Recently, I wrote two articles about using traefik as a reverse proxy. The first article discussed deploying a ASP.NET framework application and the second discussed deploying ASP.NET core applications.

In both cases, I demonstrated the following:

  • Docker native integration
  • In-built support for LetsEncrypt SSL certificates

One of the …


Scheduled task to prune docker images on Windows server

Windows docker images can be bulky and on a server that you are deploying your application as docker images, the free disk space becomes a metric to watch out for. The following script will setup a Scheduled tasks to be run at a 7.0 PM UTC which will prune …


Ephermal source port ranges and docker build

TLDR; If you are having trouble with docker build and ephermal port ranges, we can use iptables to solve the issue:

$ sudo iptables -t nat -I POSTROUTING -p tcp -m tcp --sport 32768:61000 -j MASQUERADE --to-ports 49152-61000

I have written previously about how things get interesting with ephermal …


AWS CodeDeploy Deployment Group and Initial Auto Scaling lifecycle hook

When we create an AWS Code Deploy deployment group via Terraform or CloudFormation and integrate with an Auto Scaling Group, it also by default creates an initial lifecycle hook which ensuresthat a new code deployment gets triggered when a scale-out event occurs.

It is all very "magical" and it is …


Let's Encrypt, GoDadday DNS and IIS server

I wanted to create a new SSL certificate for IIS hosted ASP.NET framework application. The key data that may make this post relevant to you are:

  • Let's Encrypt Challenge mode: DNS TXT record
  • DNS provider: GoDaddy
  • Target web server: IIS
  • Target operating system: Windows
  • Local operating environment/system: Linux …

AWS VPC subnets and Internet connectivity over IPv4

We can have two kinds of subnets inside a AWS VPC - private and public. A public subnet is one which is attached to an Internet Gateway. This essentially adds a routing table entry to the subnet's routing table sending all Internet traffic to an Internet Gateway. On the other hand …


Docker userns-remap and system users on Linux

In this post, we learn how we can make use of docker's user namespacing feature on Linux in a CI/build environment to avoid running into permission issues. Using user namespacing also keeping things a bit sane without adopting sub-optimal alternatives.

Introduction

Let's consider that we are leveraging docker …

© Amit Saha. Built using Pelican. Customised theme based on the one by Giulio Fidente on github.