Photo by Viktor Forgacs on Unsplash

What is Multiple TLS certificate termination?

Lets say if we want to use multiple domains using individual TLS/SSL certificates. For example, you have certificate A for *.amralkar.pvt and certificate B for *.abhishekamralkar.pvt. Load Balancer uses Server Name Indication (SNI) to return the certificate to the client request, based on the DNS name. If the DNS name don’t match it will fall back to default K8s SSL.

What is Kubernetes ingress?

Ingress exposes HTTP and HTTPS routes from outside the cluster to services within the cluster. Traffic routing is controlled by rules defined on the Ingress resource. Some of the Ingress available are

  1. Nginx Ingress
  2. Ambassador
  3. Traefik

Lets Begin

Prerequisites:

  1. SSL Certificates
  2. Certificates Private…


Photo by Daniel Tausis on Unsplash

Thursday morning IST and Slack started buzzing. I suspected something wrong and I was right, Nginx Ingress on K8s was throwing 503 Service Unavailable.

Started debugging and suddenly I pushed myself into more trouble as by mistake I deleted the namespace (Please be very careful don't ever do this in Prod K8s cluster, I was lucky I made mistake but it was my QA cluster but again we always think about the end user in case of QA environment its QA Engineering team.)

After waiting for few minutes I found out that namespace is in Terminating state from so long…


In this blog we will walk through how to publish packages to PyPI.org.

Prerequisites

The very first requirement is to have an account on PyPI.

We need to install 3 tools globally

  1. wheel
  2. setuptools
  3. twine
pip3 install setuptools wheel twine

Getting Started

We will be publishing the `covin-cli` project to PyPI.

  • As a best practice create a high level directory with the same name as our package name in our case covin-cli.
  • Now create a __init__.py file in covin-cli directory so that Python will see our code as a package.
❯ cd covin-cli
❯ tree
.
└── covin-cli
└── __init__.py
1 directory, 1…


Image taken from google.https://foresite.com/listening-cassandras-avoid-cybersecurity-disasters/

To get the brief idea about the name please refer Wikipedia.

Okay we are not talking about the Cassandra the Priestess, in this post we will get to know the Apache Cassandra yes you guessed it right No-SQL database.

What is Apache Cassandra?

Wikipedia Says : Apache Cassandra is a free and open-source, distributed, wide column store, No-SQL database management system designed to handle large amounts of data across many commodity servers, providing high availability with no single point of failure. Cassandra offers robust support for clusters spanning multiple data-centers,[1] with asynchronous master-less replication.

The Apache Cassandra database is the right choice when you…


What Clojure is?

Clojure is modern dialect of old school programming language named as LISP. Clojure strongly believes in Code as Data and Data as Code philosophy just like LISP. Clojure is a dynamic, general purpose programming language that runs in the Java Virtual Machine. Clojure emphasizes

Get Clojure set up

Clojure needs JVM as its runs on top of JVM. Make sure you have min Java 1.7 installed on your system

mkdir -p ~/bin && cd ~/bin curl -O https://raw.githubusercontent.com/technomancy/leiningen/stable/bin/lein chmod a+x leinexport PATH="$PATH":~/bin

or

curl -O https://download.clojure.org/install/linux-install-1.10.0.403.sh
chmod +x linux-install-1.10.0.403.sh
sudo ./linux-install-1.10.0.403.sh

Data Structures

4 fundamental Data Structure of Clojure.

  • List ()
  • Vector []
  • Sets #{}images


Apache Zookeeper is open source tool from Apache Foundation. Originally developed at Yahoo. Thanks Yahoo for the Zookeeper.

Zookeeper is written in Java and it is platform independent.

What is Distributed Systems?

Multiple independent computers connected together and appears as single computer to the users. Distributed System communicate through network by passing messages. All components in distributed system interact with each other to performs subsets of tasks to achieve common goals

Why to use Distributed System?

  • Reliability : System will continue to run even if one or more servers in Distributed system fails.
  • Scalability: System can be horizontally upscale and…


Its been quite long I am using Tmux. Terminal muxer, or multiplexer. Tmux is beautiful utility to make your terminal more powerful. Once you install Tmux your terminal can be divided into multiple sessions and can increase parallelism.

  • A sessions can have multiple windows.
  • A window is a single view.
  • A Window can further split into panes.

Tmux installation is straight forward. It is available as package in almost all major linux distributions.

Tmux can be installed on all major Linux/mac with below commands.

For Debian/Ubuntu distributionssudo apt-get install tmuxFor Fedora distributionsudo dnf install tmuxAnd For…


Its been quite long I am using Tmux. Terminal muxer, or multiplexer. Tmux is beautiful utility to make your terminal more powerful. Once you install Tmux your terminal session can be divided into multiple sessions and can increase parallelism.

  • A sessions can have multiple windows.
  • A window is a single view.
  • A Window can further split into panes.

Tmux installation is straight forward. It is available as package in almost all major linux distributions.

Tmux can be installed on all major Linux/mac with below commands.

For Debian/Ubuntu distributionssudo apt-get install tmuxFor Fedora distributionsudo dnf install tmuxAnd…


Well in a layman and simple language “ Foot Printing in Security terms is the process to gather as much possible information about the Target Organization.”

Information like:-

Physical Location, Domain, Number of Employees, URL’s, VPN’s, Phone Numbers, IP Address etcetra.

Footprinting Threats?

  1. Social Engineering:- The easiest of all and can be done without any tool.
  2. Business Loss
  3. Corporate Espionage
  4. Information Leak
  5. System and Network Attack

Objectives of Footprinting

  1. Collect Network Information
  2. Collect System Information
  3. Collect Organizations Information

Footprinting Different Methods.

  1. Footprinting through Social Media, this one is the most easiest to do mostly attacker will create fake account/ids and tries to gather…


Using different AWS account for the different Environments is now a days best practice so that we can have complete isolation for all the Environments.

In above diagram [copied from segment.io blog] Ops AWS account is the entry point for rest of the AWS accounts. What this means is we don't need to have users on Dev, Staging and Prod AWS account instead we can use AWS STS and Assume Role to bootstrap/access AWS services.

Advantage?

By using separate AWS accounts for different environments

  1. Resource separation and isolation.
  2. Centralized access location.

and many more…..

Prerequisites?

4 AWS accounts and make sure to…

Abhishek Amralkar

DevSecOps Practitioner | DevOps Enthusiast | Clojure | Cloud Automation | Cloud Security Enthusiast

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store