July 26, 2020

Basic CloudWatch Setup

Following on from the previous post, I needed to setup some basic alerting and dashboards. Opsgenie is being used for paging, but anything that can integrate with SNS will work well. I’ll walk through here how to create alerts in CloudWatch from the metrics, and a basic dashboard using CloudFormation. I have done a quick bit of maths and if you are using this approach, it will cost about US$6.00 per instance. Read more

July 19, 2020

Migration Setup

If you are migrating to Amazon Web Services (AWS) and are looking to use newer instance types (specifically t3a) then you need to make sure that you have a number of modules loaded automatically. I’ve been migrating some Oracle Linux 7 hosts to AWS using CloudEndure and on the first trial run, I couldn’t work out why they were booting OK in the AWS EC2 console, but I couldn’t connect to them. Read more

June 3, 2020

Routing to a single IP address in a cluster in AWS

We currently have a customer that has a legacy application that needs to be able to fail between two nodes (think old school clustering) their application, and can really only talk to it via an IP address. Since DNS is not possible, I needed a solution to move a single IP address from one node to the other. Also, this is Windows. This point is important because I’ve previously done something similar on Linux a long time ago. Read more

May 30, 2020

Blue/Green ECS Deployments with CloudFormation

Recently the CloudFormation team released a transform for CloudFormation that enables Blue/Green deployments for ECS using CodeDeploy. I’ve been using ECS for a number of years now as I find that it is a lot simpler to understand that say Kubernetes. I belive Kubernetes is more suited to a team of teams that are developing microservices and you have the necessary staff in something akin to a platforms team to maintain the Kubernetes environment and associated services. Read more

January 8, 2019

AWS Client VPN Mutual Authentication

A few people asked me about Mutual Authentication, and I also wanted to see if I could get Internet access working. I’m starting with a VPC that has 3 subnets in 3 AZs (for 9 subnets in total). 3 of the subnets are marked “public” and have the default route via the IGW. In these 3 public subnets lives 3 NAT Gateways. The other 6 subnets (named app and db) have default routes via the NAT Gateways. Read more

© Greg Cockburn

Powered by Hugo & Kiss.