All EKS clusters come with default AWS CNI plugin that provides some nice features like getting an address within VPC subnet range, with a performance of ENI. So why on earth you may want to use some other CNI?
Apart from some SNAT issues you may encounter while deploying...
Read More
Ansible is great, it's one of my favorite tools. It works like a charm, but... it requires SSH connection to the target host, which can be a problem in some high security environments, like the ones where SSH on the host is not allowed or the ones that work in VPCs without external connectivity.
However, in AWS, there's a feature...
Read More
Prometheus is great when it comes to alerting, it's also quite easy to setup in highly available configuration. However, from economic point of view, it's sometimes not a solution as Prometheus, depending on number of targets and metrics, may require quite a lot of resources. So it's common to run non-HA setup in dev and testing environments. But no matter the environment we...
Read More
So you backup your EBS volumes, but do you actually test if you can recover them? How long does it take to restore EBS snapshot and bring your EC2 instance back to life? In this post I'll show you how to automatate EBS restore process using Ansible and stop worrying about RTO :)
The restore procedure consists of the following...
Read More
When you read Terraform docs there's a page with lifecycle attributes that you can specify for the resources. Among the others there's prevent_destroy attribute whose behaviour is documented as:
prevent_destroy (bool) - This flag provides extra protection against the destruction of a given resource. When this is set to true, any plan that includes a destroy...
Read More
Recently I've been doing some research on the abilities to restore MySQL databases on AWS RDS. The customer requirement was to have 15 minutes RPO for databases. Can we meet the requirement with AWS RDS alone?
At the first moment I thought so, but then I considered what happens when someone does "accidental deletion" of RDS instance. Yeah, I know...
Read More
As I work with multiple AWS accounts every day I need to switch between them very often. It's a key issue for me to always be sure on which account I work and execute AWS CLI command. So I wrote a quick bash function that I put in my .bashrc. The function is used in my PS1 prompt and shows current AWS CLI profile (from env variable...
Read More
If one uses more than one AWS account it's absolutely necessary to configure profiles for AWS CLI. The configuration is made of two files: .aws/credentials and .aws/config. The former contains access keys to AWS accounts - you should never add the file to the version control, the latter contains additional configuration and can be versioned.
I'd like to invite you to my first speech on AWS User Group in Kraków. The group has reborn after a long period of being inactive and I'm happy I can be a part of it. During my speech I'll tell you about "immutable infrastructure" approach, why it is worth to create virtual machine templates, how to do it in a quick and efficient way and...
Read More
Łukasz Tomaszkiewicz
Łukasz Tomaszkiewicz is a highly skilled and passionate cloud expert who loves to automate repeatable things and secure them.
His broad experience in the areas of software development, database design, containerization and cloud infrastructure management gives him a holistic view of a modern technology stack.
In his spare time he enjoys photography, blogging and speaking on local IT-related communities.
Vim-believer :)