Redis is a popular and opensource in-memory database that supports multiple data structures like strings, hashes, lists, and sets. But similar to other tools, we can scale standalone redis to a particular extent and not beyond that. That’s why we have a cluster mode setup in which we can scale Redis nodes horizontally and then distribute data among those nodes.
Since Kubernetes is becoming buzz technology and people are using it to manage their applications, databases, and middlewares at a single place. So in this blog, we will see how we can deploy the Redis cluster in production mode in the Kubernetes cluster and test failover.
Recently, I’ve been working on a project where we have a very large team. After the new feature is developed, the developers need to test the feature’s function. So we need to install some test tools on the server for testing purposes and we have to do this activity very frequently. Also, I wanted to schedule planned activities without an integrated third party tool with Ansible.
So, this is my writeup on how I was able to achieve my first Remote Code Execution. Also after reviewing the code I was able to understand more about malicious code execution via OS functions. Finally, I was able to capture the flag and get the Hall of Fame, Check.
Out of Band(OOB) Command Injection is performed by sending a DNS request to a server, which occurs when input data is interpreted as an operating system command. By this, an attacker can execute arbitrary commands on the system and gain unauthorized access.
Today in the Era of DevOps and automation, we expect everything to be as quick as the click of a button and whenever the term ‘DevOps’ comes to our mind a bunch of CI-CD tools pop up automatically, Azure DevOps is on such tool of capabilities.
None of us wants to use the conventional ways to of adding manual steps to our DevOps implementation these days, which is where Azure DevOps provides us with the option of Azure pipelines which we opted for our project implementation but still we don’t want to write the same pipeline code for every application, that’s where the Azure pipeline template steps in, we will discuss how I setup and implement Azure pipeline template in my projects.
When I set forth with my journey of containerization with docker, I have gone through a misconception that Overlay networking in docker can’t be set up without any orchestrator like Docker swarm, Kubernetes. But after spending some time with containers I realized that I was wrong, Orchestrators leverage the functionality of overlay networking but it is not true that we cannot use overlay networks without any swarm or Kubernetes.
As we all know that the caching is a process that everyone uses using different topologies like caching at application node, geographical caching, even some organizations set up a completely dedicated cluster of nodes only for caching.
In this blog, we will discuss setting up Geographical caching using Cloudflare’s Content delivery network and Cloudflare’s workers.
So, basically what is Grandfather-father-son or GFS?
GFS backup is a common rotation scheme for backup, in which there are three or more backup cycles, such as daily, weekly, and monthly. Typically, It consists of daily backups (son, at fixed intervals of hours in a day), a weekly full backup (father, once a week), and monthly full backup (Grandfather, once a month).
Right off the bat, I want to say that, this blog does not cover installing and configuring ElastAlert in the usual sense, i.e. working with pre-existing rules. It helps, I hope, in understanding the requirements for adding one’s own rule. Continue reading “Make Your Own Rules, ElastAlert Style”
Source code quality analysis is a basic piece of the Continuous Integration process. Along with automated tests, it is the key component to deliver reliable software without numerous bugs, security vulnerabilities, or performance spills.
There are many open source as well as commercial tools available in the market for static code analysis such as LGTM, PMD,Graudit, reshift, Codacy, and many more. One of the best static code analyzer you can find on the market is SonarQube.