Posts

We love to use AWS CloudFormation to deploy our environments. Its like configuration management for our AWS infrastructure in the sense that we write a desired state as code and apply it to our environment. But sometimes, there are tasks that we want to complete that aren’t part of CloudFormation. For instance, what if we wanted to use CloudFormation to deploy a new account which needs to be done through the CLI, or if we need to return some information to our CloudFormation template before deploying it? Luckily for us we can use a Custom Resource to achieve our goals. This post shows how you can use CloudFormation with a Custom Resource to execute a very basic Lambda function as part of a deployment. ...

Some things change when you move to the cloud, but other things are very much the same. Like protecting your resources from outside threats. There are always no-gooders out there trying to steal data, or cause mayhem like in those Allstate commercials. Our first defense should be well written applications, requiring authentication, etc and with AWS we make sure we’re setting up security groups to limit our access to those resources. How about an extra level of protection from a Web Application Firewall. AWS WAF allows us to leverage some extra protections at the edge to protect us from those bad guys/girls. ...

Getting new code onto our servers can be done in a myriad of ways these days. Configuration management tools can pull down new code, pipelines can run scripts across our fleets, or we could run around with a USB stick for the rest of our lives. With container based apps, serverless functions, and immutable infrastructure, we’ve changed this conversation quite a bit as well. But what about a plain old server that needs a new version of code deployed on it? AWS CodeDeploy can help us to manage our software versions and rollbacks so that we have a consistent method to update our apps across multiple instances. This post will demonstrate how to get started with AWS CodeDeploy so that you can manage the deployment of new versions of your apps. ...

We love Kubernetes. It’s becoming a critical platform for us to manage our containers, but deploying Kubernetes clusters is pretty tedious. Luckily for us, cloud providers such as AWS are helping to take care of these tedious tasks so we can focus on what is more important to us, like building apps. This post shows how you can go from a basic AWS account to a Kubernetes cluster for you to deploy your applications. ...

We love Kubernetes. It’s becoming a critical platform for us to manage our containers, but deploying Kubernetes clusters is pretty tedious. Luckily for us, cloud providers such as AWS are helping to take care of these tedious tasks so we can focus on what is more important to us, like building apps. This post shows how you can go from a basic AWS account to a Kubernetes cluster for you to deploy your applications. ...

Amazon has announced a new service that will help customers manage their EBS volume snapshots in a very simple manner. The Data Lifecycle Manager service lets you setup a schedule to snapshot any of your EBS volumes during a specified time window. In the past, AWS customers might need to come up with their own solution for snapshots or backups. Some apps moving to the cloud might not even need backups based on their deployment method and architectures. For everything else, we assume we’ll need to at least snapshot the EBS volumes that the EC2 instances are running on. Prior to the Data Lifecycle Manager, this could be accomplished through some fairly simple Lambda functions to snapshot volumes on a schedule. Now with the new service, there is a solution right in the EC2 console. ...

A common question that comes up during AWS designs is, “Should I use a transit VPC?” The answer, like all good IT riddles is, “it depends.” There are a series of questions that you must ask yourself before deciding whether to use a Transit VPC or not. In this post, I’ll try to help formulate those questions so you can answer this question yourself. The Basics Before we can ask those tough questions, we first should answer the question, “What is a Transit VPC?” Well, a transit VPC acts as an intermediary for routing between two places. Just like a transit network bridges traffic between two networks, a transit VPC ferries traffic between two VPCs or perhaps your data center. ...

There are a dozen new technologies being introduced every day that never amount to anything, while others move on to create completely new methodologies for how we interact with IT. Just like virtualization changed the way data centers operate, containers are changing how we interact with our applications and Kubernetes (K8s in short hand) seems to be a front runner in this space. However, with any new technology hitting the market, there is a bit of a lag before it takes off. People have to understand why it’s needed, who’s got the best solution, and how you can make it work with your own environment. Heptio is a startup company focusing on helping enterprises embrace Kubernetes through their open source tools and professional services. I’ve been hearing great things about Heptio, but when my good friend, Tim Carr, decided to go work for there, I decided that I better look into who they are, and figure out what he sees in their little startup. ...

I took last week off from work to spend some time with my family and just relax. I’d never been to Disney World and have a six year old who is seriously into Star Wars, so this sounded like a great way to take a relaxing week off. During this vacation I found that it took several days before I even started to unwind. I ended the work week on a Friday and still felt the work stress through the weekend and into Monday. Maybe it’s a normal thing to still feel the stress through the weekend, but I had expected to feel an immediate release of tension when I was done with work on Friday when my vacation began. But all weekend I kept noticing that I couldn’t forget about work. In fact, I felt pretty sick one day and believe it was stress related. After a few days I started to pay attention to the activities of the day and didn’t pay as much attention, but it made me think that those two day weekends and how they certainly weren’t recharging me to be prepared for the next week of stress. ...

Passwords are a necessary evil to keep bandits from running away with your confidential data. We’ve come up with various strategies to manage these secrets, such as: Using one password for all of your stuff so you don’t forget it. Use a password vault to store a unique password for each of your logins. Use a few passwords in a pattern you can remember. Write down your password on a sticky note and attach it to your monitor. Now, not all of these practices are good but you get the idea. ...