HA Kubernetes cluster with Vagrant+CoreOS+Ansible, Part 2

In part 1 we have created 4 nodes running coreos using Vagrant and installed necessary components on the coreos for Ansible to work. In this part, we’re going to configure another key component of Kubernetes cluster: etcd

Read More

HA Kubernetes cluster with Vagrant+CoreOS+Ansible, Part 1

Kubernetes is a production level containers orchestration tool that helps to automating deployment, scaling and manage your containers. The official recommended way of running a local Kubernetes cluster is to use minikube, it is the easiest way to get started. However the shortage of this is very obvious.

Read More

Slack AWS Bot

Usually when you’re using AWS’s services, you might want to know the usage of your resources, e.g. number of running instances, estimated cost and etc. Taking advatange of Slack’s webhook and AWS Service API, we can create a bot that sends AWS usage report to your slack channel periodically. This article introduces how it’s achieved.

Read More

How to Set up SoftEther VPN Server and Client for AWS VPC Environment

This article introduces how to set up a SoftEther VPN server on AWS EC2 instance that resides in a public subnet of a AWS VPC and how to set up VPN client on Mac OS to make VPN connection, which enables the client to access the private instances located within the private subnets of the same VPC using their private IP as if they’re in the same local network.

Read More

How to design an end-to-end encryption

An end-to-end encryption is a concept that requires the following conditions to be meet:

  1. All data in transit are encrypted.
  2. Only the intended users can decrypt the data using the cryptographic keys.

Read More

Get Familiar with Yum

This post records some useful operations regarding repo and package management of the redhat, centos, and enterprise linux like system.

  1. List all the available repositories

Read More

Configure Chronos to send failure notifications through Postfix

Having a job scheduler without notification ability makes no sense because you never know what’s going on with it and whether it is running correctly. Luckily Chronos has built-in support for sending out emails when a job is failed or interrupted, which means all we need is to have a mail server that is able to send out emails.

Read More

Create VPC environment using Terraform on AWS

It’s a common practice to create a VPC to provide logically isolated section of the cloud and the freedom of creating IP address range, subnets, route tables and network gateways. It brings flexibility of access control and multiple layers of security. But it’s a non-trivial task to create the VPC environment using the AWS Web Interface, you have to click here and there, jumping from page to page, and it’s not replayable and portable, e.g. if you want to replicate one setup, or you want to have the same configuration in another AWS account, you gotta have to re-do it all over again.

Read More

Setup Mesos to rotate containers' stdout/stderr logs

The problem I’m facing

As we all know, mesos will log the the stdout and stderr of any containers started as a task into the sandbox as plain text files, which is the work directory of the corresponding slave.

1
2
3
4
5
6
7
8
9
10
11
root ('--work_dir')
|-- slaves
| |-- latest (symlink)
| |-- <agent ID>
| |-- frameworks
| |-- <framework ID>
| |-- executors
| |-- <executor ID>
| |-- runs
| |-- latest (symlink)
| |-- <container ID> (Sandbox!)

Read More

CPU and Memory Resources in Mesos Marathon with Docker

I’ve been using Marathon for some time, running different dockerized apps managed by marathon on Mesos. But I has always been very uncertain about one thing, which is:

Read More