When you deploy your application on compute instances on-premise or in the cloud, you have to make an educated guess about the utilisation of the resources you provision. If you have an older version of the same application running with proper monitoring, you can base your guesstimate on the current usage of compute nodes. But when this is the first time your application goes to production you are out of luck. Read more...

Google Cloud provides a Docker image registry which you can use to store your private docker images. Although it is a separate Google service, there are no specific IAM roles associated with it, which allow you to control access to your registry. Instead, you use the Google Cloud Storage roles and permissions on the bucket that is implicitly created for you. In this blog we show you how you create the container registry storage bucket in your project and grant access to it.

Read more...

There are many ways to use ‘secrets’ in ECS and ECS Fargate. Most of the time they are exposed using Environment variables, because a few years ago this was the only easy option. Today we have two improved options. You could add a tool to your docker container which retrieves and decrypts your secrets before parsing them to the application. The other one is to embed the retrieval and decryption in the application. Read more...

In previous posts, we showed you how to deploy a private key pair to allow you to login to an EC2 instance. Since september 2018, the AWS Session Manager supports logging into any instance, directly from the command line without SSH. In this blog we will show you how to configure this using CloudFormation.

Read more...

Mounting an persistent EBS volume at boot time is no trivial task. Since the introduction of the Nitro based instance types, EBS volumes no longer appear under the device name specified during the attach command. Instead, the device name will be determined by the kernel and depend upon the order in which it is attached. As a result, switching EC2 instance type or volumes, may cause an incorrect volume to be mounted or not be mounted at all. In this blog we present the details for mounting an EBS volume on any EC2 instance type.

Read more...

Auth0 can be configured as the identity provider for AWS, allowing your Auth0 users to directly log in to the AWS Console. Unfortunately, the functionality to obtain temporary access keys for calling AWS APIs and resources has been deprecated since June 8, 2017. With this command line utility, you can obtain AWS access keys through Auth0.

Read more...

AWS Lambda provides support for quite a few languages out of the box, but oddly enough there are no functional languages in the list. Our esteemed colleague Arjan Molenaar of Xebia has added support for Elixir, a very readable functional programming language that runs on the Erlang VM. Read the full blog on https://xebia.com/blog/building-an-elixir-runtime-for-aws-lambda/.

AWS has just opened the AWS Sweden Region. It is based in Stockholm, the capital of Sweden and has the name ‘eu-north-1’. Five regions AWS now provides five regions in europe. Each region provides three availability zones which means you now have fifteen availability zones to create highly resilient applications in Europe. Region name API name Number of AZs Stockholm eu-north-1 3 Frankfurt eu-central-1 3 Ireland eu-west-1 3 London eu-west-2 3 Paris eu-west-3 3 Deploying a bucket in Stockholm To deploy a bucket in Stockholm, just change the region to ‘eu-north-1’ and execute the CloudFormation template like in the example project that we have prepared. Read more...

In my previous posts I talked about data from a high level perspective and introduced Apache Avro, a data serialization system. This time we are going to get hands-on with Apache Avro and look at Schemas Introducing the domain We need to have a domain and because this is a blog, lets keep the domain simple. Lets create a domain that consists of a single person entity. The person entity will change over time, and we will have three versions. Read more...

In my previous posts I talked about data from a high level perspective. This time we are going to look at a data serialization system called Apache Avro. Introducting Apache Avro Apache Avro is created by Doug Cutting, the creator of Hadoop, Lucene and Nutch, specifically designed as an open data serialization system. Apache Avro is used by data processing systems like Hadoop, Spark and Kafka, and is the de-facto data serialization system for high volume, high performance, high throughput, data processing systems. Read more...