In my previous post, I have shown you how to create a Kubernetes cluster on AWS with kops. And this article I will dig deeper in to the Kubernetes HA (High-Availability) that is built by kops. Here is a diagram that shows you the high level HA design of the cluster that I built. Here … Continue reading High Availability in Kubernetes cluster built by kops
It was year 2015 when I first time installed Kubernetes. Back then, installing Kubernetes is not a simple task like what it is Today. Nowadays, there are a few handy tools that you can choose, eg. kops, heptio. Additionally, you can also choose managed Kubernetes, e.g GKE, AKS, EKS and more. I recently used kops … Continue reading Install Kubernetes on AWS with kops
I am currently working on a Cloud migragion project. The goal is to move the on-premise applications (mostly are Atlassian tools) to AWS. And we need to build everything from scratch. I take it as a good opportunity to refresh what I learned in the past a few years, and also implement the best practices … Continue reading SAML-Based Federation for AWS Access
If you are interested to have a high level overview of all your AWS accounts status (security, cost, performance, limits and fault tolerance), then it might be worth checking out my new tool AWS One Page Advisor . It is can aggregate the results of trusted advisor checks across multiple AWS accounts into one html page. Here … Continue reading AWS One Page Advisor
As mentioned in my previous blog New to AWS GuardDuty? I have been working on open sourcing the tool that I wrote for internal use. Now it is public available on my GitHub: AWS GuardDuty Manager Description AWS GuardDuty Manager (GDM) is a tool that allows you to perform some common GuardDuty tasks (start, stop and … Continue reading AWS GuardDuty Manager
If you are new to AWS GuardDuty, FAQ is the best place to start from. I am currently working on a GuardDuty relevant project, and here are some bullets that I quickly summarised. Hope it is useful to you. GuardDuty is AWS managed continuous thread detection service. It detects the threads by analysing the VPC Flow … Continue reading New to AWS GuardDuty?
Do you know how many Amazon issued certificates (ACM) or user uploaded certificates (IAM) in your AWS accounts? How many certificates have been deployed to production in your Akamai contracts? Not sure about you, but I don't know the answer. So I wrote a tool called CertStuff to get all those information (common name, SAN, … Continue reading CertStuff