sharmaansh21

# Written by Dane Fetterman on 12/1/2016
# https://aws.amazon.com/blogs/compute/monitor-cluster-state-with-amazon-ecs-event-stream/
# Where they use a cloud watch event from ECS to notify a SNS topic. We're 
# sending a notification directly to slack instead


import requests
import json
from boto3 import session, client

sharmaansh21

daemon off;

worker_processes 1;

events { worker_connections 1024; }

http{

sendfile on;

sharmaansh21

from __future__ import print_function

from base64 import b64decode
from urllib2 import Request, urlopen
import time
import json
import zlib
from datetime import datetime, timedelta
import boto3
import os

sharmaansh21

-- This creates an athena table that can parse ALB logs.
-- Advantage of this over others are this works when the log ends with a trailing space
-- plus it also breaks the http request into route and params for easier grouping

CREATE EXTERNAL TABLE IF NOT EXISTS alb_logs (
    type string, 
    timestamp string, 
    elb string, 
    client_ip string, 
    client_port int,

sharmaansh21

'Update or create a stack given a name and template + params'
from __future__ import division, print_function, unicode_literals

from datetime import datetime
import logging
import json
import sys

import boto3
import botocore

sharmaansh21

# -*- mode: ruby -*-
# vi: set ft=ruby :

boxes = [
  {
    name: "server1.local",
    eth1: "192.168.0.101",
    mem: 1024,
    cpu: 1
  },

sharmaansh21

Customer Scenario

A customer has a Chef Server 12 (HA - DRBD) in Production. They want to test an in-place upgrade (or maintenance) using their current OPC Production data and config. This gives us a good chance to make corrections if we find that their data is too broken for the migrations to handle, and gives the customer experience in managing the upgrade in Production.

The sequence of events will broadly be these:

• Install the same version of Chef Server on the target HA Test cluster
• Restore data from Production instance backup (LVM snapshot or full-stop backup)
• Test

sharmaansh21

#!/bin/bash
# vim: softtabstop=4 shiftwidth=4 expandtab fenc=utf-8 spell spelllang=en cc=120

set -e

# Check Ubuntu release
[ "$(lsb_release -sc)" = "trusty" ] || {
    echo 'This script should be run on Ubuntu 14.04.' >&2
    exit 1
}

sharmaansh21

elasticsearchのindexを定期的にcronを使用して削除するscript。

indexにTTLを設定すればいいじゃないかという指摘もありそうですが、
公式ブログに大量のログを保存するときは、TTL設定しているとオーバーヘッドが大きいと書いてあったので、
cronで消すようにします。
http://www.elasticsearch.org/tutorials/using-elasticsearch-for-logs/

Curatorを使えばこういったことも楽にできそうではあるが、
わざわざそのためにPythonをいじるのもアレなので、簡単にシェルスクリプトで書いてみました。

sharmaansh21

/*
The code below shows how to encrypt and then decrypt some plaintext into a cyphertext using
KMS's Encrypt/Decrypt functions and secretbox (https://godoc.org/golang.org/x/crypto/nacl/secretbox).

The plaintext message is sealed into a secretbox using a key that is generated by kmsClient.GenerateDataKey().
Note that this procedure reuquires that a master key would *already exist in KMS* and that its arn/alias is specified.
The aws library assumes that the proper credentials can be found in the shared file (~/.aws/credentials)
and opts for the 'default' role.

Once sealed, the cyphertext is then unboxed, again by first getting the key from kms (kmsClient.Decrypt),