• Mirkotik router backup with SSH and SFTP

    Everybody knows how important it is to backup. I use Mikrotik Routers in my home network and have quite complex configuration which I would not want to write again from scratch. Prior to this day I have used scheduled script on Mikrotik to create backups locally, transferring it out of router itself into another location is great way to increase backup durability.

  • Sentry 9 - fix for PagerDuty legacy integration.

    Recently I’ve been involved in investigating why PagerDuty integration with sentry 9.1.1 doesn’t work. Same thing was happening to 9.1.2 version. The problem was not visible in UI but in logs such error message was repeating:

    19:13:04 [INFO] sentry.plugins.pagerduty: notification-plugin.notify-failed. (plugin=u’pagerduty’ error=u’Error Communicating with PagerDuty (HTTP 400): Event object is invalid’)

    No incoming event on PagerDuty side assured me that this problem is real.

  • Migration to Google Cloud Dns from different provider.

    Decision to pick DNS provider should be, in my opinion, based on currently used cloud environment. If you use AWS then Route53, GCP then Cloud Dns, etc. It’s easier to manage it and audit then. Not the case for multicloud usage but most of the companies I worked for were using single cloud.

    If DNS domain was registered before cloud adoption then your task might be to migrate DNS. Such migration is not uncommon and in this blog post I will write about changing NS records from godaddy to google Cloud Dns.

  • Mass file renaming containing nonASCII characters to ASCII

    Recently I found a problem with playing samba resources with VLC. Polish characters were breaking playback because file could not be found. Strangely enough this happened only for files with lowercase Polish letters like ąśżźćłóęń.
    Removing those letters helped to fix playback on test file but I had more than one file to fix.

    I tried to find a way to do rename all files quickly and easy and get rid of nonASCII characters and in this post I’m providing easiest, quickest and robust way to this.

  • Infrastructure continuous deployment with terraform and atlantis

    Atlantis is a self-hosted golang application that listens for Terraform pull request events via webhooks. I’ve incorporated it in my recent engagement in CriticalStart but also I use it in my private infrastructure.

    I think the idea is great for making terraform workflow more easy for infrastructure teams. With atlantis every terraform change need to go through review process. When PR is created it automatically run plan displaying its output as a comment. Applying is also done by adding a comment. It’s highly configurable.

    Using atlantis allows to closing whole terraform workflow on PR page! I always had the feeling that checking out branch and running terraform locally is a waste of time. Now you can just look at plan in PR, do the review and continue with other work.
    Sounds good? Let’s dig it!

  • Free git repository for private projects - GitHub vs GitLab vs BitBucket

    Choosing provider for private git repositories back in the day was though.

    GitHub is most known and I’d even say iconic. They started to offer unlimited private repos for paid plans in 2016.
    GitLab and BitBucket at that time offered unlimited private repositories. Wow! They got me.
    Currently also GitHub provides unlimited private repositories and with recent introduction of GitHub actions I think it’s good time to do the comparison between them and see who provide best services in free plan.

    In this post I’m focusing on free plans but you are free to explore paid option.

  • Fighting Google Analytics bounce rate

    More and more updates on my blog made me look into another aspect of internet blog which is monitoring web traffic. I have google analytics enabled since the beginning but recently I have also added bing and yandex. Duckduckgo which is my main search engine don’t have webmaster tools. To be fair probably just google cover over 90% of search traffic so any additionals have small impact.

    When I looked into google analytics I saw bounce rate 100% on some acquisition types and time spent 0 seconds.
    After some investigation I have both answer and way to improve that.

  • Jekyll upgrade to version 4.0.0 with theme change

    Recently I’ve written a post about updating my blog. As I have a lot of ideas for new posts, it’s natural that I wanted to be sure jekyll is correct technology for me. I did some checkups and yeah! jekyll is the best technology for me right now.
    Github support, development, git push to deploy changes without any additional configuration or component is making it pointless to migrate away from it.

    This post will be short but for me it touches important topic of supporting and maintaing technology used to render this blog.

  • Prometheus on ECS - Proof of Concept

    Two companies that I worked for recently used ECS (Elastic Container Service) as container orchestration tool.
    If you have ever used it you know that it has somewhat limited observability out of the box.
    You have two options to spin containers on ECS:

    • Fargate which is serveless container engine
    • EC2 instances managed by you and your team

    With Fargate you don’t really need to have insights into infrastructure spinning containers, it’s serveless.
    More robust and less expensive solution is to host your own fleet of EC2 instances that join ECS cluster. With that approach you need to manage them and know what’s going on there.

    In this blog post I will outline possible prometheus integration with ECS using terraform. My main goal was to improve observability by introducing node monitoring with node-exporter + cadvisor and ingesting application metrics exposed by ephemeral containers.

  • Terragrunt upgrade to terraform 0.12

    For past six months I’ve been working with terragrunt which is a thin wrapper for terraform that provides extra tools for working with multiple terraform modules.
    Idea behind is awesome - make repository of modules which follows best practices and show how to write IaC properly. In this post I will outline upgrading and write some commands that helped me to automate this process.

  • How to run cheap Kubernetes cluster on AWS? pt1


    After containerization boom started, people realized that scheduling it is not as easy as it should be. That’s why I have interest in mesos, docker swarm, rancher, nomad and k8s. There’s a need for a system that will take care of correct scheduling, priorities, eviction, logs, simple cluster scaling, upgrades, deployment methods, permissions and so on… My first experience with prod grade k8s cluster was during time I worked for Spreaker/Voxnest. When I joined we had 1.4 and throughout the years it was updated to 1.12 (AFAIR). I’ve learned a lot, our relation (mine and k8s :D) had ups and downs but I was mostly satisfied and amazed by it.

    Kubernetes is cool technology, really complex but have long list of benefits! I don’t want to get into details of why I think it’s superior technology to run containers today but just to name few generic ones:

    • it has massive adoption in big tech companies
    • a lot of development is going on, and I mean a lot
    • big and helpful community
    • enormous ecosystem

    Or let github stars tell you the truth ;)

    1. kubernetes >57k
    2. rancher >12k
    3. nomad >5k
    4. docker swarm >5k
    5. mesos >4k
  • Updating this blog

    I haven’t been around here for quite some time. I know that you - random internet person - don’t really care so let’s get to the point. My blog was created with simplicity in mind but when I’ve returned after break I had to do improvements.
    In this post I will explain what was done to improve it!

  • How traceroute works

    Traceroute is a diagnostic program that will show route of the packets in the network.

    When you request a HTTP site like this blog, you request will traverse network to the destination and server there will generate response for you. It is not guaranteed that every request you will send to the same website will follow the same route.

    If you want to know which path that packet took then you will use traceroute.

    Traceroute for you, for you and for you! Traceroute for everybody!

  • Service Discovery with mesos-dns

    In previous post I used mesos-dns to provide service discovery for cluster on mesos, which is

    DNS-based service discovery for Mesos

    How does it work?

    From time to time mesos-dns query mesos-master (so frameworks does not need to update it) and retrives data about running tasks so it can creatie appropriate DNS entries.

    Any docker container that we run on marathon will be pingable via A record, any ephemeral port given by marathon will be visable via SRV record.


  • Cassandra on Marathon

    Recently all I talk about is mesos and mesos on mesos ;)

    Apache Mesos abstracts CPU, memory, storage, and other compute resources away from machines (physical or virtual), enabling fault-tolerant and elastic distributed systems to easily be built and run effectively.

    Sounds fantastic and because I’m true fan of docker I went with marathon

    which is a cluster-wide init and control system for services in cgroups or Docker containers

  • SSH tunneling classics

    Far, far away, behind NAT and firewall

    Well you might heard this story or be in my shoes in the past.

    Basically, you got ssh connection to a server but there is no internet and every service that you would like to connect to is blocked. But if you got ssh then you good, no worries!

  • Hello world and Dell Latitude E5440 configuration

    Hello world!

    YAB is on the web. I had hard time picking right technology, what I wanted is blog as simple as it can get. At the end of the day Jekyll won over chirp and octopress.

    exit 0

    Installation of Jessie left me with two problems and right after that I want to restore my default setup.