For another personal project (that I can’t talk about for the moment ;-)), I wanted to have a Changelog file to get a better following of the infrastructure evolution (configuration management, scripts…all under git). Of course the documentation is very important, but when you do not write it at the same time you’re building the infrastructure, it may be complex to remember each little things you’ve done. That’s why a Changelog can help to understand how the infrastructure has been built step by step.

Continue reading

A few months ago, I already talked about offloading SSL with Nginx. I also wanted to try it with HAProxy which can be more interesting in some cases. The good On HAProxy, the good thing is the simplicity to do it. First of all you need to have at least the version 1.5 of HAProxy so to get SSL support. Then you only need those lines to offload SSL:

Continue reading

For my company, I recently had to find a good solution to make Snapshots from Instance IDs or from tags on AWS. I made several searches but unfortunately didn’t find what I was searching for. That’s why I started to make a tool to do this kind of job. It’s written in Python and requires the Boto library. Here is what you can do with Simple EC2 snapshots: Hot snapshots (by default) and Cold snapshots Multiple instances snapshot in one line Detection of doubles Filters by tags (allowing wildcards) or by instance IDs Credentials file multiple with profiles Limit the number of snapshots Restrict snapshots to data disks only The tool is open source and can be downloaded on GitHub :-).

Continue reading

Following the deployment blog post I made on ES/Kibana/Fluentd, I released new version of Fluentd and Kibana playbooks to support the latests versions of themselves and ElasticSearch. ElasticSearch 1.4 version is ,out which doesn’t changed anything for the deployment. However Kibana requires to enable an ElasticSearch configuration option now, to work properly. I updated the Kibana playbook for it. On its side, Fluentd has the major release 2.0 out and I updated Ansible playbook for the best integration with Debian Wheezy.

Continue reading

I recently had the case, where I lost connexion of my NFS client connexion because NFS server crashed. The problem I had is simple, some of clients couldn’t recover their connexion because the old one was still shown as already connected. And when I tried to remount NFS clients connexions, I got: mount.nfs: mount(2): Protocol not supported mount.nfs: trying text-based options 'udp,sec=sys,rsize=8192,wsize=8192,intr,hard,addr=10.0.0.1' mount.nfs: prog 100003, trying vers=3, prot=17 mount.nfs: trying 10.

Continue reading

First of all I will only talk about open sources solutions. I don’t want to take part of any commercial one. In addition, I will focus on only 4 solutions which seem to me the most used at this time. I will also talk about my history, my level on each one and why I recommend or not that solution. Puppet is in my opinion the most known solution. Because of the marketing they were/are doing, because it was a good alternative compared to the old cfengine.

Continue reading

I recently saw a blog post (don’t remember the link :-() on something I used several times but never made an article on. So this time, I’m making a blog post on it as this is solution is very useful. I’m pretty sure you already had to tcpdump on a remote server to investigate. When you have a lot of traffic, it can start to be painful to add a lot filter, having no colors, reading tcpdump row format etc… And most of the time Wireshark can help on having a better visibility on what happens.

Continue reading

Author's picture

Pierre Mavro / Deimosfr


SRE Lead DevOps at Criteo  •  Nousmotards Co-Founder

Paris - France