• List AWS Parameter Store Values in the Command Line in a Table

    Today I want to show a very simple snippet for AWS, again. I am currently starting to configure our services with AWS Systems Manager Parameter Store instead of managing the configuration files in each AMI manually. It works well so far, but for some reason the AWS Web Console does not include the configuration value in the tabular overview. So, getting a quick overview over all defined values is not possible.

  • Towards a more Restricted Set of AWS IAM Permissions for Packer

    Packer allows us to build images for different platforms, one of them being AWS. AWS images are built within the AWS environment, which means that Packer requires permissions to AWS in order to build an image. If we look at the official documentation it gives us the set of required permissions with "Resource": "*". This applies to all API endpoints they use, including for example DeleteKeyPair, DeregisterImage and TerminateInstances.

  • Load Balancing and Auto Scaling with Open Source HAProxy

    When your application has more demand than can be handled by a single machine or when you want to safe-guard against failure or a single server, you might want to load balance it. There are different patterns to load balance an application, e.g. you can offload the heavy processing through a message queue, or you can redirect traffic directly to different servers. In this tutorial we will look at the latter.

  • Run an Action on all VMs in an AWS Auto Scaling Group

    Proponents of ephemeral servers say that one should treat infrastructure like cattle instead of pets. The counter argument is that a farmer would not just let their investments (animals) die, but at least try to give them some medicine. While I don’t perform changes on individual servers in my server fleet, there are definitely times when I need to to ssh into them and check something.

  • Networking for VMs on a Hetzner Dedicated Server

    I wanted to start hosting VMs on my Hetzner root server. For IPv6 this should be straight-forward since my server has a /64 subnet, for IPv4 I need NAT. If you know what to do, both is extremely simple. But being new to networking and iptables I had to try a few things. Thus, I will use this blog post as personal note-keeping. What I am doing might not be perfect, so feel free to continue your research to find better approaches.