stream of engineering
If you secure your entire infrastructure at the transport layer with end to end SSL for both internal and external traffic, then you likely have a ton of endpoints, each with their own SSL software stacks and a wide array of different certificates, some CA signed, others not etc. Both the amount of these and … Continue reading Batch processing testssl.sh commands
Ever have some client code that needs to call another endpoint which rate limits you? Join the club. I recently did, and honestly I didn't care at all about the ONE particular rest client that needed to backoff appropriately when the 429s were being barfed back; instead what I did care about was implementing a … Continue reading Mocking a rate limiting endpoint 429
In the recent past I was helping on a project who's objective was to migrate off of a very costly proprietary appliance based API gateway solution, and move into a cheaper alternative; preferably an open source api gateway offering. The main challenge was that a large percentage of the APIs to be migrated were legacy … Continue reading Migrating APIs to Tyk
Had an Asus router die today, so in a pinch I went out and bought a Google WiFi router after hearing "good things". I have a few wired devices and several wifi connected devices and I also have needs for port forwarding. The first thing you will notice that is quite different from other routers … Continue reading Google Wifi router, port forwarding, you have no devices, privacy
Recently I've been working on a toolset (see github swarm-traefik-state-analyzer) intended to aid in the health analysis of Docker Swarm services that are proxied by Traefik in an Docker swarm footprint architecture I previously described in a previous post (click here to read). In short you have 1-N docker swarm clusters, each segmented into 1-2 … Continue reading Docker Swarm Traefik state analysis
If you are just getting started in the world of Docker and are beyond the point of running simple standalone containers that live and die on one host with no container orchestrator managing them for you, then Docker Swarm is a good next step into the world of container orchestration. Its simple to setup, stable, … Continue reading Simple architecture for Docker Swarm and Traefik footprints
Lets migrate everything to containers. Everything. The app infrastructure, the apps themselves, deployment workflows, DevOps procedures... everything. Recently started winding down one of those "on and off again" projects with long term goals but was constantly susceptible to the day to day distractions and diversions typical for any team managing a ton of different apps. … Continue reading Migrate everything to containers, you will
Note: the information here is out of date: take a look at: https://docs.docker.com/develop/develop-images/build_enhancements/#new-docker-build-secret-information Often when building a docker container, your Dockerfile needs to pull down some code from a privately secured source control system like Git or SVN via SSH. In order to do this, the build process will need a valid ssh configuration local … Continue reading Safely build docker images with git svn ssh private keys
When running applications deployed as a docker "service" within Docker Swarm (post 1.12 swarm mode), often those application's have the need to discover their peer containers for purposes such as forming a cluster. Similar to "service discovery", I'll just use the term "peer discovery" for this use-case. The simple example is as follows: You … Continue reading Docker container peer IP discovery with Swarm services
After going through a lot of R&D of deploying Hazelcast enabled apps as Docker Containers, first starting on pre-Docker 1.12 (legacy swarm, w/ mgrs/agents etc), with Registrator and Consul, ended up creating the hazelcast-consul-discovery-spi (available on GitHub). This served its purpose well, but as Docker evolved and post 1.12 "swarm mode" came out with the … Continue reading Hazelcast discovery with Docker Swarm
bits.of.info 