Bookmarks for 26 Mar 2016 through 29 Mar 2016

These are my links for 26 Mar 2016 through 29 Mar 2016:

  • Painless Immutable Infrastructure with Ansible and AWS | Radify Blog – […] In our blog posts Reducing Infrustration and Immutable Demo Nodes, we talk about our approach to immutable infrastructure and the benefits we have seen from employing this approach. In this article, we explore a practical project example so you can get up and running with immutable infrastructure in less than an hour! […]
  • pearofducks/ansible-vim: A vim plugin for syntax highlighting Ansible’s common filetypes – A vim plugin for syntax highlighting Ansible’s common filetypes
  • Provisioning EC2 Hosts with Ansible | Allan Denot – Looking to build EC2 hosts with more consistency? Using Ansible you can easily provision EC2 hosts and put some logic on it to adjust EC2 parameters based on the type of host you are building.
    The easiest way to start is to create a playbook calling the ec2 module with the parameters you want to pass to AWS to create your host. In this post I will show a little more scalable way to do this, where the parameters are variables and you can easily have multiple types of hosts sharing the same playbook and role.

Bookmarks for 24 Mar 2016 through 25 Mar 2016

These are my links for 24 Mar 2016 through 25 Mar 2016:

  • Coderwall | Dump all variables – For debugging purposes it can be useful to not just dump hostvars but also all other variables and group information. You can do this using a jinja template which you could include in a debug task
  • Using Ansible to create AWS instances | Tivix – Ansible is a great tool for enhancing productivity. With a vast array of modules to choose from, it can save you a lot of time by automating away common tasks. At Tivix we use it for single-command deployment, with the most common destination being Amazon EC2 instances created beforehand. Since Ansible is capable of managing EC2 resources, we can improve this setup by making a playbook to create an instance for us.
  • Home | OpenSCAP portal – The OpenSCAP ecosystem provides multiple tools to assist administrators and auditors with assessment, measurement and enforcement of security baselines. We maintain great flexibility and interoperability, reducing costs of performing security audits.
    The OpenSCAP project provides a wide variety of hardening guides and configuration baselines developed by the open source community, ensuring that you can choose a security policy which best suits the needs of your organization, regardless of its size.
    SCAP is U.S. standard maintained by National Institute of Standards and Technology (NIST). The OpenSCAP project is a collection of open source tools for implementing and enforcing this standard, and has been awarded the SCAP 1.2 certification by NIST in 2014.
  • Wazuh | Augmenting OSSEC Host IDS – Wazuh contributes to Open Source Security developing and integrating new modules to extend OSSEC capabilities and functionality.

Bookmarks for 16 Dic 2015 through 21 Dic 2015

These are my links for 16 Dic 2015 through 21 Dic 2015:

  • 29 questions to ask yourself if you’re in devops | www.rohit.io – A few days ago, I had an opportunity to meet and interact with Mike Place, who works as a developer at Saltstack. We had an interesting conversation about devops and how things work in the valley. Mike explained the growing importance of devops in organizations and the rise of devops as a culture that aims to collaboratively deliver systems into production, reliably and effectively.
  • H2O – the optimized HTTP/2 server – H2O is a new generation HTTP server providing quicker response to users when compared to older generation of web servers. The server takes full advantage of HTTP/2 features including prioritized content serving and server push, promising outstanding experience to the visitors of your web site. [ via http://onethingwell.org/post/135440804989 ]
  • Mattermost – Mattermost is modern communication behind your firewall. As an alternative to proprietary SaaS messaging, Mattermost brings all your team communication into one place, making it searchable and accessible anywhere.

Bookmarks for 18 nov 2015 through 24 nov 2015

These are my links for 18 nov 2015 through 24 nov 2015:

  • Come suddividere il log di WordPress in file separati tramite Apache – Otherplus Tech – Quando usiamo WordPress su un server Apache siamo quasi sempre abituati ad avere un solo file di log per gli accessi del nostro sito e alcune volte due file per dividere gli accessi normali da quelli in errore. Ultimamente ho avuto un’esperienza da un cliente proprio su questo argomento specifico e abbiamo dovuto generare i file in maniera tale da dividere le informazioni che riguardavano la sezione classica da quella admin, ajax, wp-content etc.
  • Using AWS Virtual Tape Library as Storage for Bacula – CAPSIDE – In this article, we will set up a Storage Gateway virtual machine on-premises that will cache and buffer backup data from Bacula.
  • Tiny Puppet – Yet Another Puppet Abstraction Layer – Tiny Puppet is a Puppet module that allows management of virtually any application on any Operating System: It’s based on the assumption that its user knows and wants to control how to shape the managed application’s configuration file: It’s not a joke, it just works like that, as long as our application can be installed via a native package (Tiny Puppet can manage also additional repos) and we know how to configure it.

Bookmarks for 29 lug 2015 through 5 ago 2015

These are my links for 29 lug 2015 through 5 ago 2015:

Bookmarks for 29 mag 2015 through 10 giu 2015

These are my links for 29 mag 2015 through 10 giu 2015:

  • My Blog: AWS EC2 Auto Scaling: Basic Configuration – Our goal: Create an Auto Scaling EC2 Group in a single Availability Zone and use a HTTP status page as a Health Monitor for our Load Balancer and the Auto Scaling group instances. This exercise will show us some Auto Scaling basics and will be useful to understand the concepts beneath but the Auto Scaling Group will not automatically "scale" responding to external influence like Average CPU Usage or Total Apache Connections (This aspect is covered in this post: AWS EC2 Auto Scaling: External CloudWatch Metric). With the Auto Scaling configuration described here, we will obtain a web server cluster that can be increased and decreased in members with a simple Auto Scaling API call and we will transfer the monitoring role to the ELB to automatically replace failed EC2 instances or web servers.
  • Autoscaling with custom metrics « That’s Geeky – One of the appeals of cloud computing is the idea of using what you need when you need. One of the ways that Amazon provides for this is through autoscaling. In essence, this allows you to vary the number of (related) running instances according to some metric that is being tracked. In this article, we look at how you can trigger a change in the number of running instances using a custom Cloudwatch metric – including the setup of said metric, and a brief look at the interactions between the various autoscaling commands used.
  • Painless AWS Auto Scaling With EBS Snapshots And Capistrano – Boom – AWS (Amazon Web Services) auto scaling is a simple concept on the surface: You get an AMI, set up rules, and the load balancer takes care of the rest. However, actually getting it done is more complicated. Some choices are worse than others: you could bake an AMI (Amazon Machine Image) before you deploy, but that could add 10 minutes or more to each deployment. Some are dangerous: you could create an AMI after each deploy, but you run the risk that an auto scale even happens before your AMIs are done. Plus, you have a whole variety of AMIs deployed in at any given time. Some are similar to what we propose in this tutorial: you could push your code to S3 on each deploy and have user-data scripts that pull it down on each auto scaling event. However you slice it, to get auto scaling to fit into your development work flow in a transparent way takes careful thought and planning. We recently rolled out the following solution at CodePen. It keeps our AMIs static and our application ready for scaling on EBS (Elastic Block Store) snapshots. We can push code using Capistrano and let a few scripts distribute the ever-changing code base to our fleet of servers. I’d like to share the steps required to make it work. This series of posts will walk you through the steps required to build an auto-scaling infrastructure that stays out of your way.
  • coderwall.com : establishing geek cred since 1305712800 – Did you accidentally set node.normal[:foo][:bar] = 'something bad' in your chef recipe? Then you found that the node's normal attributes persisted between chef runs, and you really wanted to use the default attribute precedence level in your cookbook's attributes/default.rb file?

Bookmarks for 3 dic 2014 from 13:03 to 13:41

These are my links for 3 dic 2014 from 13:03 to 13:41:

  • git-flow cheatsheet – git-flow are a set of git extensions to provide high-level repository operations for Vincent Driessen's branching model. more This cheatsheet shows the basic usage and effect of git-flow operations
  • Voluntary – […] Our goal is to create open source software that promotes freedom of expression, privacy and the decentralization of power with an eye towards usability […] (Just for OSX at the moment)
  • A Visual Git Reference – This page gives brief, visual reference for the most common commands in git. Once you know a bit about how git works, this site may solidify your understanding.
  • SSH_VPN – Community Help Wiki – This page discusses using SSH to set up SSH-based point to point connections, which can then be used to create routes that create virtual private networks. Note that using SSH in this fashion is not the "best" way to create a permanent, stable VPN. Notably, SSH uses TCP, and TCP over TCP can provide abysmal performance under pathological conditions.
  • VPN over SSH – This how-to is intended to cover the details of how to establish a VPN (Virtual Private Network) over a SSH connection. Starting with open-ssh 4.3, you can now use a ssh connection to set up a VPN. This is technically termed "layer-3 IP-in-SSH tunnelling" and is not using ssh to port forward (ssh -L ) or create a dynamic "application level" forwarding (SOCKS) (ssh -D ). Rather a VPN is established using a SSH connection to create a virtual interface, tun0. Advantages : IMO, this technique is easier to set up then openvpn, especially if you are using a single client. Works with most Linux distributions without the need to install any additional software on the clients. The server only needs openssh-server. This protocol uses udp to transmit tunneled tcp connections resulting in a more stable connection compared with port forwarding (using ssh with the -L or -D options). Disadvantages : As of yet I do not know of a windows client which will use this protocol. If you are needing to set up a VPN with numerous clients I would use openvpn. Although there are several "how-to's" on the web, most of them assume you know something about networking and routing. This page attempts to explain some of the "missing details".

Bookmarks for 5 nov 2014 from 10:48 to 13:51

These are my links for 5 nov 2014 from 10:48 to 13:51:

  • Configuring OpenLDAP pass-through authentication to Active Directory – Alex Tcherniakhovski – Security – Site Home – MSDN Blogs – This particular functionality of OpenLDAP should be of special interest for environments where long term co-existence between OpenLDAP and Active Directory is required. By establishing pass-through authentication the following advantages could be achieved: Great end-user experience. No need to remember multiple passwords Increased security, due to the reduction of the attack surface (one less password store in the environment) Single password policy The rest of the post will expand on the instructions provided by the OpenLDAP 2.4 Administration guide on establishing pass-through authentication from OpenLDAP to Active Directory. Specifically, will will leverage the capability of SASL to use LDAP as an authentication back-end. In our case, Active Directory will play a role of such authentication back-end.
  • Books – UNIX Systems Programming (BSD) – BitsInTheWind.com – ISBN 10: 0-937175-23-4 / ISBN 13: 9780937175231  O'Reilly & Associates January 1989 The following are made available for your personal, non-commercial use only. You may cite this document as a bibliographic reference in any works that you are writing. Any commercial use of this document, including printing and distribution to groups of people (such as a classroom) is prohibited without my prior written permission.
  • osquery – With osquery, you can use SQL to query low-level operating system information. Under the hood, instead of querying static tables, these queries dynamically execute high-performance native code. The results of the SQL query are transparently returned to you quickly and easily.
  • Boxupp – GUI tool to manage Puppet & Vagrant based project environments | Paxcel – Boxupp makes it easy for integrated management of development stacks over Vagrant and Puppet. Initially built over these two softwares, we plan to add support for more providers and provisioners * Integrated management environment for Vagrant and Puppet * Intelligence at its core * Simple Web GUI * Easy provisioning * Inbuilt console and editors * Start right from level zero ! * Share your configurations with team members.

Bookmarks for 28 ott 2014 through 29 ott 2014

These are my links for 28 ott 2014 through 29 ott 2014:

Bookmarks for 8 set 2014 through 9 set 2014

These are my links for 8 set 2014 through 9 set 2014:

  • How to write udev rules – Since the adoption of Kernel 2.6, Linux has used the udev system to handle devices such as USB connected peripherals. If you want to change the behavior when you plug something into a USB port, this section is for you. As an example, we will use a USB thumb drive but these methods should translate to any device handled by udev. As a goal for this exercise we decided to create a symlink and execute a script when a specific thumb drive was loaded.
  • Persistent iSCSI LUN Device Name – jablonskis – […] I spent a bit of time figuring out how to get this achieved, so thought it is worth noting for the future reference. I will try to make this quick assuming you have knowledge about iSCSI software initiators in Linux[…]
  • al3x/sovereign – A set of Ansible playbooks to build and maintain your own private cloud: email, calendar, contacts, file sync, IRC bouncer, VPN, and more.
  • NSA-proof your e-mail in 2 hours | Sealed Abstract – You may be concerned that the NSA is reading your e-mail. Is there really anything you can do about it though? After all, you don’t really want to move off of GMail / Google Apps. And no place you would host is any better. Except, you know, hosting it yourself. The way that e-mail was originally designed to work. We’ve all just forgotten because, you know, webapps-n-stuff. It’s a lot of work, mkay, and I’m a lazy software developer.