Home ¦ Posts ¦ Books ¦ Articles ¦ Talks ¦ Notes > Category: infrastructure ¦ Atom

Posts on infrastructure

Poor man's zero downtime deployment setup using Traefik

Recently, I wrote two articles about using traefik as a reverse proxy. The first article discussed deploying a ASP.NET framework application and the second discussed deploying ASP.NET core applications.

In both cases, I demonstrated the following:

  • Docker native integration
  • In-built support for LetsEncrypt SSL certificates

One of the …


Scheduled task to prune docker images on Windows server

Windows docker images can be bulky and on a server that you are deploying your application as docker images, the free disk space becomes a metric to watch out for. The following script will setup a Scheduled tasks to be run at a 7.0 PM UTC which will prune …


Ephermal source port ranges and docker build

TLDR; If you are having trouble with docker build and ephermal port ranges, we can use iptables to solve the issue:

$ sudo iptables -t nat -I POSTROUTING -p tcp -m tcp --sport 32768:61000 -j MASQUERADE --to-ports 49152-61000

I have written previously about how things get interesting with ephermal …


AWS CodeDeploy Deployment Group and Initial Auto Scaling lifecycle hook

When we create an AWS Code Deploy deployment group via Terraform or CloudFormation and integrate with an Auto Scaling Group, it also by default creates an initial lifecycle hook which ensuresthat a new code deployment gets triggered when a scale-out event occurs.

It is all very "magical" and it is …


Let's Encrypt, GoDadday DNS and IIS server

I wanted to create a new SSL certificate for IIS hosted ASP.NET framework application. The key data that may make this post relevant to you are:

  • Let's Encrypt Challenge mode: DNS TXT record
  • DNS provider: GoDaddy
  • Target web server: IIS
  • Target operating system: Windows
  • Local operating environment/system: Linux …

AWS VPC subnets and Internet connectivity over IPv4

We can have two kinds of subnets inside a AWS VPC - private and public. A public subnet is one which is attached to an Internet Gateway. This essentially adds a routing table entry to the subnet's routing table sending all Internet traffic to an Internet Gateway. On the other hand …


Docker userns-remap and system users on Linux

In this post, we learn how we can make use of docker's user namespacing feature on Linux in a CI/build environment to avoid running into permission issues. Using user namespacing also keeping things a bit sane without adopting sub-optimal alternatives.

Introduction

Let's consider that we are leveraging docker …


AWS Private Route53 DNS and Docker containers

AWS Route 53 private hosted zones enable you to have private DNS names which only resolve from your VPC. This is great when working from EC2 instances since everything is setup and ready to go. This however becomes a problem when using docker containers on a systemd system. On such …


AWS Network ACLs and ephermal port ranges

In this post, I discuss a problem (and its solution) I encountered while working with AWS (Amazon Web Services) Network ACLs, docker containers and ephermal port ranges.

Infrastructure setup

A Linux EC2 instance with docker engine running in a VPC with inbound and outbound traffic controlled by Network ACLs. I …


Managing AWS lambda functions from start to finish with Terraform

AWS lambda functions look deceptively simple. The devil is in the details though. Once you have written the code and have created a .zip file, there's a few more steps to go.

For starters, we need an IAM profile to be defined with appropriate policies allowing the function to access …

© Amit Saha. Built using Pelican. Customised theme based on the one by Giulio Fidente on github.