Archive for 2015

Alain's Cloud Design Principles

A collection of my opinions on design for effective Cloud computing. Ranging from DNS and NTP to service-level communications, but yet concise enough to remember (hopefully). Read more »

Caching DNS with BIND9 on SmartOS

I ran into a very strange issue recently: DNS requests to my domain controllers from our distributed analytics were failing intermittently with NXDOMAIN. Read more »

Filtering Apache mod_log_forensic

The Apache access logs only get updated if a response is sent to the client. To get half made requests that result from dropped connections you need something like mod_log_forensic. Regrettably mod_log_forensic generates individual log entries on the order of a kilobyte. It also doesn't have… Read more »

Compartmentalization and AMQP Infrastructures

In order to deploy a secure message-driven distributed system the components should have very specific, narrowly defined roles. This is a extension of security best practices like least privilege and single-purpose systems. Read more »

Least Privilege IAM Policy for JGit S3

Have you ever wondered how to get an encrypted private Git repository? Have you considered S3, but are worried about sharing credentials with collaborators? This article provides a concise, least privilege solution to both of these problems using IAM and JGit. Read more »