What about container security?

With normal legacy server security you would routinely scan your servers for vulnerabilities, but with the move to using containers this methodology for vulnerability detection doesn’t exactly fit as you would typically build the container and move it along through your environments during the software development life cycle. So how do we check our containers …

Working with ECS

By this point we should have a VPC in place and our Private tier subnets can route out either a NAT Gateway or VPN Connection that performs NAT, we can then begin to look at deploying applications into the environment in earnest. In my environment I’ve made the choice to use containers as much as …

Setting up your Virtual Private Cloud

If you’ve already followed along from my earlier posts on getting started with AWS and my update to getting started, then by now you should have a multi-tiered VPC across multiple Availability Zones which is setup along the lines that the diagram to the left displays. Your VPC will have a single Internet Gateway and 2 Gateway …

Backup, wait a minute…

So in my earlier Getting started with Amazon Web Services post, I had laid out my 2-tier VPC solution that setup a Public and Private tier of subnets across three Availability Zones. I’d also mentioned that the subnets could make use of the Fn::Cidr function to simplify the CIDR block assignments within your CloudFormation template …

Getting started with Amazon Web Services

When starting to operate in Amazon Web Services (AWS) you have to decide whether to utilize the Default Virtual Private Cloud (VPC) or define your own VPC. The Default VPC typically sets itself up using the 172.31.0.0/16 CIDR block and a single tier of available subnets in all Availability Zones (AZ) with the region. This …

Rolling out a new mail server – part 2

If you’re not going to try running this under AWS then you can pretty much skip on ahead to the rest of the configuration. So the obvious place to start is in setting up the EC2 instance. If you just want to test this out a t1.micro instance is plenty big enough and the on-demand …

Rolling out a new mail server

So for the past few years I’ve been content to outsource my email services to Web.com with very few problems though lately I’ve had a few contacts report problems sending me email and I’ve ran into issues where they don’t implement certain features I prefer to use (most notably user+extension email addressing). With that in mind …

Ruby on Rails hosting by Web.com

Usually in the past I’ve done my web hosting on either one of the many servers I own or utilizing VPS hosting providers like VPSfarm.com, GrokThis.net or Linode.com, but lately with the economy and a price that can’t be beat I’ve been using Web.com‘s Linux Hosting plan to meet my needs. This has met all my …

GnuPG Key Policy Manager

Taking GNU Privacy Guard key usage seriously I have had a published key usage policy that I embed the link into any GPG key signature when signing a key. After years of using PGP/GPG I have found that having an established usage and management policy is nice as it lets others know that you take …