DevOps Archives - Page 48 of 91 - DEVOPS DONE RIGHT.

Know How to Access S3 Bucket without IAM Roles and Use Cases

We all have used IAM credentials to access our S3 buckets. But it’s not a very safe or recommended practice to keep our Access keys and Secrets stored in a server or hard code them in our codebase.
Even if we have to use keys, we must have some mechanism in place to rotate the keys very frequently (eg: using Hashicorp Vault). Another widely adopted method is to use IAM roles attached on the EC2 instance or the AWS service accessing the bucket.

But, what if we need access to the bucket from an on-premise Data Center where we can not attach an IAM role?

Yes, we can obviously use IAM credentials and secret tokens with the rotating mechanism. But setting up the key rotation mechanism itself could be another overhead if we do not have one already in place. What if we do not require keys or roles without making the bucket public?

In this blog, I will make an attempt to cater to this problem with another alternate and easy solution.

Introducing OpsTree Tomcat Image

Docker is a platform for developers and sysadmins to develop, deploy, and run applications with containers. And, as we all know Docker image is a read-only template that contains a set of instructions for creating a container that wraps up the software and its dependencies into a standardized unit for software development to run on the Docker platform.

In this post, we are going to step through describing some of the best practices and common pitfalls we encountered while developing our first Dockerfile for Tomcat.

AWS Elastic Network Interface

Networking plays an important role in connecting the components of infrastructure. AWS networking feature works with various types of workloads and provides security, availability, and manageability. Now as most of the IT companies are working on cloud environments for cost reduction, high availability, data security, we are getting some interesting networking features as services. We can manage these quite easily too. Among those services is Elastic Network Interface (ENI) which we get by default when we create an EC2 instance on AWS and can be seen while the instance is being created. It may surprise many of us that the security group is attached to this elastic network interface.

An Introduction to Service Mesh Architecture!

In its 2020 Cloud-Native Survey most recent report, The Cloud Native Computing Foundation (CNCF) found that the use of service mesh in production jumped 50% in the last year.

You can read about Service Mesh, the benefits of deploying a Service Mesh, and ISTIO architecture, here in the given links!
– The Benefits of Deploying a Service Mesh
– An Introduction to ISTIO Service Mesh & its Architecture!

With the popularization of microservices architectures, there has emerged the need of using a Service Mesh. The use of Service mesh in Kubernetes is the most thought-after step to overcome security and networking challenges obstructing Kubernetes deployment and container adoption.

Let’s read and explore more on Service Mesh, its architecture, components and popular solutions for service meshes, here in this article. Here, we’ll know talk about,

Handling Private Affair: A Guide to Secrets Management System

Needless to say an automated system, no matter how big or small, must be designed with scale in mind. We’ll talk about laying foundation for a robust and malleable setup which is a useful read for everyone.

In my experience as DevOps and SRE, I’ve enjoyed quite a lot of things this profession offered. From the satisfaction of fulfilled curiosities to the anxiety of unforeseen mishaps, it delivered one day after the other. The nervousness in the face of new challenges, happiness on receiving appreciation, thrill during troubleshooting, the pride after a successful implementation, and a lot more. But the one I found myself seeking was boredom. Yes, plain old silence where no surprises are met, everything runs exactly as it should and you enjoy listening to dropping pins. This is especially true when the system in question is your own design. There’s no greater sentiment. It is like watching a bird that you’ve freed soar.