We were fortunate enough to get an opportunity to do an Elasticsearch cluster snapshot and restore on a production highly active cluster. The indices we needed to restore were around 2 – 3 TB in size.
Our task was to take a snapshot from an old cluster (v 6.4.2) which had several huge indices and restore a few of them to a new cluster (v7.9.2). This endeavour was supposed to bring the load down from the old cluster.
As we know that CI/CD (Continuous Integration/Continuous Deployment) is inevitable process in our DevOps culture , we should always look for a better .. more efficient solution to implement the same.
CI/CD gives us the capability to continuously integrate code changes, test it , deploy it and having continuous feedback which helps us to accelerate our development speed , off-course it reduces time in testing perspective and it helps you to make your releases streamline.
So you dont have to worry about anything except CODING as CI/CD will take care of everything for you. 🙂
Grenadier Guards are an elite British Army infantry regiment. People say they are strong as a mountain and ruthless as hell. They protect the doors of Buckingham Palace which are the world’s most valuable residence. No one dares to enter. Likewise, our hosted resources in the cloud are of utmost important and valuable to us. We need some method to protect it and restrict the initial point of contact from the attacker an unwanted audience. Let’s discuss it further on how we can use the security group in the best way to secure our EC2 instances.
AWS is a cloud provider which means the services which we use are hosted at AWS data center. EC2 (Elastic Cloud Compute ), which we use to create instances, is one of many services provided by AWS.
Generally, organizations move towards AWS to furnish their foundation with the capacity to develop and extend their abilities and because they can only pay for the resources they use. An unfortunate side effect of this methodology is that little costs regularly go unnoticed and can add up over time, prompting high monthly bills. The monetary effect of the current pandemic is forcing the world to adjust spending within their organizations. Everybody is turning over every rock to discover approaches to cut waste without impacting business. One way to get fast cost savings is to eliminate wasted spend on cloud services.
Let’s first talk about how it all started with and what we achieved.
It’s all started with a healthy discussion with a team where our team members were discussing many aspects of different fields of technology. So, one of our colleagues mentioned OpenVPN. So, we discussed the different working field, architecture, workflow of OpenVPN, in which role of iptables comes into the picture because for Linux architecture, OpenVPN support iptables as it’s primary firewall utility or can say OpenVPN support iptables as it’s a firewall for filtering workflow.
So in-between discussion, I mentioned that I am using iptables in OpenVPN to block traffic for the domain name and it is working fine. So, my colleague asked me about how you implemented & how is it possible to use iptables for domain and they discussed multiple logical explanations like OSI layer support and many other things. So, we decided to do POC of this discussion and try to write-up some blog or points to make clear that is it possible use iptables for the domain name and if not, what are the area that we can cover with iptables for the domain name and try to cover up flaws of this.
Continue reading “That’s Why Iptable Is Not A Good Fit For Domain Name?”