This post I will try to go through the steps I took to build a Kubernetes cluster from scratch. The physcial host is an old Dell Latitude laptop with 8GB memory, which runs VMware ESXi 6.7. The plan is to run 3 nodes on it with one of the VM set as master. Each server runs Ubuntu 20.04. I will skip the VM building steps here as our focus is Kubernetes.

I just wrote a Cloudflare CLI tool called flare 🔥! Check it out from my GitHub repo [email protected]:tomkingchen/cloudflare-cli.git. The tool does some basic queries to Cloudflare API and retrieves information based on the parameters provided. The reason for creating the tool is mainly to help myself to quickly identify information hard to find through Cloudflare dashboard like Firewall rule ID. The current version is to focus on display information only rather than modifing configuration within Cloudflare.

I had enough of Google Blogger! It has terrible editing UI for and I constantly receiving SPAM comments for my posts😤. Time to move my blog off to somewhere better! I was thinking to run a Wordpress server. Though I think it’s way cooler to run my blog simplely without worrying about backend infrastructure. After look around, I ended up using Cloudflare Pages to publish my blog. This allows me to write my posts with Markdown and then generate static html pages using Hugo.

One way to improve website performance is to use CDN to distribute the static contents of your site. S3 is a common place to host such type contents. In this post, I will show you how to publish a S3 bucket using Cloudflare. In fact, the screen shots used in this blogpost is published exactly through this manner. Setup S3 Bucket Permissions This is an optional step which adds a S3 bucket policy to your bucket.

In this post I will show how to setup Cloudflare for a Serverless app built with AWS API Gateway and Lambda. For demonstration, I use a simple web app I built (rona.tomking.xyz). The app is hosted in AWS Sydney region. It displays daily Victoria COVID case and that’s it. To use Cloudflare, I have signed up a free Cloudflare account. The first site can be added for free with following features.

Ever come into the situation where you need to whitelist a long list of IPs for a EC2 instance? It can be painful to add them manually one by one. On top of that, what if these IPs change on a regular basis? You are in luck! I will show you how to update Security Group rules automatically using Python🐍. Here’s my use case. I got an EC2 instance takes syslog feeds from VMWare’s WorkspaceOne.

One of the best practice to setup Splunk Universal Forwarder (UF) is to encrypt incoming log traffic with TLS. This is especially important if your intake is from an external source on Internet, e.g from a SaaS solution. In this blog I will demostrate the steps to get this setup. First, we will create a public A DNS record for the UF. This is because our UF will be receiving logs from Internet.

I haven’t been very diligent on maintaining this blog. There has been quite a few SPAM comments accumulated on my posts. I am going to turn on moderation to block those. But I need a way to clean all those existing SPAM comments. So over the weekend, I wrote this PowerShell script to do just that. In the end, it will probably take less time if I just manually all the cleanup manually.

Today we will look at how to use Ansible to update Splunk UF (Universal Forwarder) configuration. The benefits of using Ansible to achive this are: - Save the hassel to manually modify conf files of syslog-ng and splunk uf. - Codify Splunk UF configuratoin, so they can be version controlled via GitHub. - Automate multiple UFs update without the need to ssh to each single server. - The playbook can also be used to configure newly provisioned Spunk UF.

I recently ran into an issue after update Exchange 2016 from CU15 to CU17. The upgrade installation took around an hour, but was eventually completed successfully according to the Installation Wizard at least. When I tried to access ECP, I got the error below even before the login page shows up. At the meantime, Exchange Management Shell is inaccessible due to the error. In the eventlog, there are lots of 1003 errors relate to MSExchange Front End HTTP Proxy.