Openssl heartbleed autofix for EC2 Amazon AMI – be aware!

You probably heard about recent security hole discovered in openssl library called Heartbleed. If not read:

http://heartbleed.com/

http://www.openssl.org/news/secadv_20140407.txt

Anyways here is the catch – turns out Amazon can roll critical updates to all images based of Amazon AMI!  …

Continue reading  »

Nginx X-Accel-Redirect with proxy_pass and Host change..

I already wrote about using Nginx and X-Accel-Redirect. But today I would like to get back to it, since recently I’ve spent a lot of time trying to solve similar problem..

The problemo

We have a cdn in front of our sites and multiple pointers to static assets like a.static-example.com b.static-example.com etc.  …

Continue reading  »

AWS AutoScale with SPOT instances and dynamic tagging

I was always fascinated by idea of fully automated infrastructures, where instances come and go according to particular factors like network traffic or load increase and you just observe this process form the distance allowing system to heal itself.

Now that these days we mostly deal with Cloud providers and their great APIs,  …

Continue reading  »

Internal redirect to another domain with proxy_pass and Nginx

Let say we have multiple sites a.com b.com and c.com and created some shared resourse (widget) under shared.com. For simplicity just imagine Disqus where you need to embed comments widget (shared resourse) to every site, but don’t want to deal with AJAX “same origin policy” problems and Iframes ( actually sometimes Iframes are not so bad and could be used with care,  …

Continue reading  »

Use Nginx to proxy files from remote location using X-Accel-Redirect

Nginx supports X-Accel-Redirect for local files with no extra hassle, but what happens if you need to serve files located in some remote location like s3 and you don’t want to expose direct urls to the files? Sometimes you may want that to have control over stats or to keep an option to migrate to another file server without changing original urls.  …

Continue reading  »

Percona mysql install problem with Chef on Linode – be aware!

###BAH!

Fresh Linode instance of Ubuntu 12.04 LTS.

Super simple recipe ( stripped down for debugging ).

include_recipe "apt"
include_recipe "ohai"

include_recipe "mysql::percona_repo"
include_recipe "mysql::server"

I tested installation numerous times with the same OS version with Vagrant with no problems,  …

Continue reading  »