Clik here to view.
Check DNS Cache when deploy Multi-AZ RDS
It is a common practice to enable mutli-AZ when deploy RDS in AWS to provide high availability. That’s not all. There is one more thing you need to check – DNS cache setting of your applications/codes....
View ArticleClik here to view.
Get S3 Bucket Size
I did not realize that you can not find out the bucket size in the AWS console until some one asked me today. Here is a quick command to get the total size. % for each in bucket1 bucket2; do......
View ArticleClik here to view.
Bots Club
Are you using Slack? If yes, are you using Bot on Slack? If yes, do your Bots talk to each other? I guess most of them probably don’t. The following picture should be familiar to you, people talk to...
View ArticleClik here to view.
Bamboo plan for AWS build part 1
We use both Bamboo and AWS. Making those two work together is really a amazing thing for DevOps. In this blog, I am going to talk about my favorite bamboo plan that supports quick build, hot code...
View ArticleClik here to view.
Bamboo plan for AWS build part 2
Let’s take a closer look at the build plan. It has four stages, and the names are self explanatory. Checkout – Check out the source code from one or more repositories. Package – Build the code or...
View ArticleClik here to view.
Bamboo plan for AWS build part 3
Continue with the Bamboo plan for AWS build, now it is time to look into the deployment plan. For each environment, I got 4 sub plans: Create Stack, Deploy Config, Swap URL and Delete Stack. Create...
View ArticleClik here to view.
Bamboo plan for AWS build part 4
Swap URL: This is for blue/green deployment. The idea is to update the floating DNS to point to different stack’s ELB CNAME. It allows us to easily divert the traffics to different backend stack, but...
View ArticleClik here to view.
AWS IAM Dependency
I did not know that there is a dependency between regions for AWS IAM service until one day when IAM had a outage, as I have never seen any relevant information in any AWS documentations. On 23/Aug...
View ArticleClik here to view.
CloudTrail bug
I found this bug in CloudTrail when working on the AWS keyWatcher project. I noticed that some CloudTrail logs do not have access key id field. Then I opened a ticket with AWS support, and they...
View ArticleClik here to view.
‘aws support describe-trusted-advisor-checks’ is us-east-1 only?
Just found this out – you have to hard code ‘–region us-east-1` when run aws support trusted advisor relevant commands. I guess this is caused by the same reason that I explained in my previous blog...
View ArticleClik here to view.
keyWatcher scan exposed AWS key
AWS Trusted Advisor recently added a new check ‘Exposed Access Key’ in Security category. This to checks popular code repositories for access keys that have been exposed to the public and for irregular...
View ArticleClik here to view.
Deselect ‘Custom Availability Zones’ in Elastic Beanstalk
It is frustrated that Elastic Beanstalk console does not allow you deselect the custom availability zone once you selected and applied . I guess AWS just missed that function in the javascript. Here is...
View ArticleClik here to view.
Avoid Elastic Beanstalk to create security group for ELB
Just found out that there is a Elastic Beanstalk option named ‘ManagedSecurityGroup‘ to allow you to use an exisiting security group for the ELB. Note the security group must be in the...
View ArticleClik here to view.
CloudFormation takes 8 hours to complete
I used CloudFormation to restore a RDS snapshot to a new instance, and it took 8 hours to complete!! The …Continue reading →
View ArticleClik here to view.
Elasticache Redis Unreachable Issue
We have a Elasticache Redis replication group, it has two nodes: one primary and one replica. Last week, we noticed …Continue reading →
View ArticleClik here to view.
AWS security group limits Q&A
Here are a few questions that I asked AWS regarding the security group limits and their answers. Just like to …Continue reading →
View ArticleClik here to view.
SSSG Ninja
SSSG Ninja is my new open source project – It is a all-in-one managemenet tool for SSSG (Site Shield Security Group), …Continue reading →
View ArticleClik here to view.
Fault Tolerant VPN Solution on AWS
I worked with a project team to help them to improve their current VPN infrastructure on AWS. They have 3 …Continue reading →
View ArticleClik here to view.
Great AWS Trusted Advisor
I have to say AWS Trusted Advisor is a great tool! AWS keeps improving it by adding more useful new …Continue reading →
View ArticleClik here to view.
OpenShift V3 Persistent Storage Nagios Plugin
By the time of writing, OpenShift V3 comes with poor monitoring capabilities. The build-in monitoring only checks the metrics of …Continue reading →
View Article