Customised Quick Start of Confluence Data Center on AWS


Based on the Atlassian quick start of Confluence Data Center on AWS, I have made my own version of it. Here are a few customisations that I have introduced. Customisation One: Remove public subnets. To meet the security compliances, we can not use public subnets. All ingress/ egress traffics should go through central managed reverse/ … Continue reading Customised Quick Start of Confluence Data Center on AWS

What is kube-aws?


Have you read my previous post Install Kubernetes on AWS with kops? If yes, then kube-aws is an alternative to kops. If you have not, then kube-aws is an open source tool that simplifies the installation of Kubernetes on AWS. I have not tried kube-aws yet, but I will when I need to build another … Continue reading What is kube-aws?

Escalator – auto-scaling tool for Kubernetes


Atlassian recently open sourced its in-house auto-scaling tool for Kubernetes - Escalator. I have not gotten a chance to try it yet, but according to this article, the tools is initially designed for the batch workloads which can not tolerate scaling-up delay. The idea behind it is to allow user to set up the percentage … Continue reading Escalator – auto-scaling tool for Kubernetes

Certificate Transparency


Starting April 28, 2018,  AWS will start to support Certificate Transparency. I am new to this, here are somethings that I learned so far. What exactly is certificate transparency? Certificate Transparency framework is a project that is initially launched by Google. What problems does certificate transparency solve? It is designed to solved some flaws in the … Continue reading Certificate Transparency

Google Proposal of trust in existing Symantec-issued Certificates


The blog title explains the main reason that I started the open source project CertStuff If you are not familiar with the Google proposal, here are some quotes that I found on the Symantec website: On July 27, 2017, Google posted a time-sensitive plan regarding Symantec-issued TLS server certificates. There are critical dates that will impact your … Continue reading Google Proposal of trust in existing Symantec-issued Certificates

CloudFront Edge Cache Settings


Caching is 'fun' if you don't set it up correctly. A useful cheat sheet of CloudFront edge cache TTL settings that I found in AWS documents site. Origin Configuration Minimum TTL = 0 Seconds Minimum TTL > 0 Seconds The origin adds a Cache-Control max-age directive to objects CloudFront caching CloudFront caches objects for the lesser of … Continue reading CloudFront Edge Cache Settings