Burp: When Terraform just does not cut it

in Linux

Table of Contents

Description

Each time I visit a potentially new customer, there’s always that moment after a sip of coffee, after a few whiteboarding events and heated technical discussions when the following question pops up:


“How do you manage this Multicloud environment ?”
“Isn’t this complex for my Operations Team ?"


If you had asked me this 5-6 years ago…I would have probably said yes.
I was there jumping into action, incidents in the middle of the night, pager alarms and zombie eyes after 4-5h of sleep and the rollercoaster just kept going.

The daily struggle to reduce configuration and administration headaches was something real. I used Bash scripts, Python, Ruby, a mix of various vendor tools and still lost a lot of time investigating each time what went wrong.


This is where in the last few years Terraform has come to the rescue and has provided a consistent way of defining infrastructure while at the same time making tracking of changes easy

(hint: Github/Gitlab + a CI/CD pipeline).


Sounds like a dream come true, right ? Not if you're restless like me and always want to see what's under the hood...

Continue reading

SSL Certs: Create own CA + cert for S2S VPN auth - RSA and ECDSA

in Linux

Table of Contents

Description

I recently had to configure Strongswan with Certificate Authentication to a Checkpoint GW and got lost a bit in all the articles I could find about the openssl utility and how to generate a CA, CSRs, sign a certificate and so on.
I will summarize here the steps required for generating the CA/cert so that everything is in a single place.

I give an example with RSA and one with ECDSA.

The changes are minimal.

On the Checkpoint side I only had to import the CA from Strongswan side and configure it under the Public Key auth pertaining to the Network Interoperable Device (representation of 3rd party device Checkpoint wise).

Continue reading

MongoDB: Upgrade to 4.x breaks mmapv1 storage type

in Linux

Table of Contents

Description

I was using a custom solution running MongoDB in the Backend on Ubuntu 18.04 and recently decided to try out an

apt-get update
apt-get dist-upgrade

I got quickly reminded why doing such operations require a bit more planning ahead instead of the just do it way of thinking.

systemctl status mongod
● mongod.service loaded failed failed MongoDB Database Server

cat /var/log/mongodb/mongod.log

“ctx”:“initandlisten”,“msg”:“Storage engine to use detected by data files”,“attr”:{“dbpath”:"/var/lib/mongodb", Functions"storageEngine":“mmapv1”}}

Cannot start server with an unknown storage engine: mmapv1"}}

Luckily in IT, there’s always a solution for everything and a chance to reverse engineer what happened…

Continue reading

Oracle archive, flash logs, redo logs, undo logs

in Linux

I’ll keep this one simple and put here two schemas that I found on the Internet for the concept of redo and undo logs in Oracle. I don’t know about other people but I work must easier with schemas and a few words rather than 100 pages long documents filled with just text.

Continue reading

Author's picture

Mihai Tanasescu

All Rounder and Jack of all trades (master of none? :) ).
Sailing the Cloud world with my fantastic team@Aviatrix, former Network, Systems Engineer (Cisco, Juniper, Linux, Openshift, Openstack).
A flavor of Security added to the mix (Offensive Security OSCE).
If there’s anything new and cool, then I like to learn about it. I’m also a fan of deep diving under the hood of a product to see what makes it tick as well as what breaks it.

Solutions Architect @ Aviatrix

Switzerland