Posts

  • Setting up Yubikey 5 for Git (GPG) and SSH

    I recently got a couple of Yubikey 5, the main reason is they are slowly getting popular for MFA, but they also support OpenPGP. OpenPGP lends itself well to having verified commits but also SSH, this post is a guide on setting up the key for this purpose.

    Continue Reading...
  • Versioning and Repeatable Builds

    This post is regarding my views which make trade offs to reduce production risk by making lives of engineers slightly harder. As someone who is on call, I prefer knowing exactly what is running in production so that I can easily support, troubleshoot and resolve issues quickly.

    Continue Reading...
  • HAProxy with Consul Template

    The last two posts have been about Consul and Vault but the final piece missing is getting traffic in to the services which have are registered in Consul for service discovery. For this post we are going to be using HAProxy with Consul template to define the configuration required for ingress. There are examples for Apache, Nginx and Varnish in the consul template git repo. Traefik is also becoming a more popular reverse proxy and load balancer for microservices, it has built in support for a number of backends including Consul.

    Continue Reading...
  • Hashicorp Vault on Docker Swarm Mode

    In my last post the guide was for Hashicorp Consul running on a Docker Swarm Mode cluster. This post we are going to deploy a HA vault cluster using the Consul cluster as the backend storage.

    Continue Reading...
  • Hashicorp Consul on Docker Swarm Mode

    I’ve been playing around with Docker Swarm Mode since it is simpler to understand than Kubernetes. I have always wanted to deploy Hashicorp Consul for service registration, discovery and configuration management. While researching how to deploy a Consul cluster using Docker Swarm Mode, it became apparent most of the guides were for Docker 1.12 or required the use of a seed Consul server. Majority of the time, this seed server was treated like a pet which I definitely not what I wanted.

    Continue Reading...
  • AWS Stack Sets

    I’ve been doing a lot of work with AWS Organisations recently and there was a large amount of repetition across the accounts. This has now been resolved by AWS with the release of AWS Stack Sets. AWS already have good documentation regarding stack sets and best practices. This post is going to be on how I simplified my deployment across accounts using stack sets.

    Continue Reading...
  • AWS Billing and Budgets

    Now that my free tier has expired, I didn’t want to get bill shock when AWS finally bills me for the services I’m using. Therefore I decided to have a look at the billing and cost management tools which have been implemented in AWS in recent times.

    Continue Reading...
  • Migrating bhavik.io to AWS CloudFront

    At AWS Re:invent it was annouced that CloudFront and other AWS services now have AWS Shield which provides DDoS protection. This was the main reason I have been using CloudFlare. With AWS Shield and CloudFront, I thought it would be a good time to migrate bhavik.io to use AWS services, this means using Route 53, S3 and CloudFront. I will also be taking this time to migrate everything in to the US-East-1 region.

    Continue Reading...
  • Pitfalls of Interviews as an Engineer

    It has been a while, a lot longer than expected since my last post. I have been very busy the last few months doing a lot of coding challenges as I have been interviewing at various companies. I have to say it has been an interesting journey especially being someone who interviews engineers as well.

    Continue Reading...
  • Upload Docker Image to AWS ECR using Travis CI

    In my last post I showed how to upload a Docker image to Docker Hub. For AWS users, you might find it cheaper using AWS ECR compared to private Docker Hub repositories, especially if you are creating images using statically compiled Go binaries.

    Continue Reading...