AWS Solutions Architect Professional Certification

Getting ready for the AWS Solutions Architect Professional Exam is not an easy task! It is currently one of the most difficult AWS certification to get with the DevOps one due to the number of services it covers. Plan on studying for a few months, not only AWS services but a very wide range of concepts. The level required to pass this exam is very high, nothing compared to the Associate level certification. AWS even recommends 2 years of experience on the platform.

Continue reading “AWS Solutions Architect Professional Certification”

A year in Mexico City!

After one year in Mexico City, I decided it was time to write about my experience and maybe give some advice about the best things you can do downtown and outside the city. Mexicans are welcoming, helpful and will even treat you like family if you behave yourself. If you have a decent Spanish you might even get their great sense of humour. Mexico has many things to offer across its 31 states, and each state is totally different. Mexico is a country rich in history, tradition and culture. Its bright colours, delicious food and natural beauty will take your breath away.

Continue reading “A year in Mexico City!”

Kitesurfing in Isla Blanca, Mexico

They promised the best sunset you’ve ever seen and indeed Mexico delivered! Isla Blanca is a small paradise about twenty kilometers north of Cancun. It is a small stretch of land with narrow sand bank. The spot offers flat shallow water which is awesome to learn kitesurfing or practice some new tricks! Easy to plan over the weekend if you live in Mexico, the only thing you must consider is the wind as usual.

Continue reading “Kitesurfing in Isla Blanca, Mexico”

Hiking the canyons in Arizona and Utah!

The US national parks have many canyons that offer spectacular views and amazing hikes. They offer a wide range of ways to experience them. During 4-5 days we decided to explore some of the most famous canyons: The Grand Canyon (Arizona), Angels landing (Zion, Utah), Narrows (Zion, Utah) and Bryce Canyon (Utah). Below is the itinerary we followed from San Francisco.

Continue reading “Hiking the canyons in Arizona and Utah!”

Day hike Half Dome, Yosemite

Half Dome is a granite dome at the eastern end of Yosemite Valley in Yosemite National Park, California. It is a well-known rock formation in the park, named for its distinct shape. One side is a sheer face while the other three sides are smooth and round, making it appear like a dome cut in half. The granite crest rises more than 4,737 ft (1,444 m) above the valley floor.

Continue reading “Day hike Half Dome, Yosemite”

Setting up an Nginx Reverse Proxy on Debian

Nginx logo

What is Nginx?

Nginx (pronounced “Engine-X”) is an open source Web server and a reverse proxy server for HTTP, SMTP, POP3 and IMAP protocols, with a strong focus on high concurrency, performance and low memory usage. In this example we are going to use Nginx as a Reverse Proxy.

What are the benefits of a reverse proxy like Nginx?

  • Distribute the load to several servers
  • Reduce load with caching, or by compressing the content
  • It can hide the existence and characteristics of the origin server(s)
  • Protection against common web-based attacks
  • A/B testing
  • Single public IP address to access to multiple web servers

How to install Nginx?

First edit the file /etc/apt/sources.list and add the following lines:

deb http://nginx.org/packages/debian/ squeeze nginx
deb-src http://nginx.org/packages/debian/ squeeze nginx

Now you can install it:

apt-get update
apt-get install nginx

Edit you nginx config file /etc/nginx/nginx.conf:

user www-data;
worker_processes 6;

error_log  /var/log/nginx/error.log warn;
pid        /var/run/nginx.pid;

events {
    worker_connections  1024;
}

http {
    include       /etc/nginx/mime.types;
    default_type  application/octet-stream;

    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';

    access_log  /var/log/nginx/access.log  main;

    sendfile        on;
    keepalive_timeout  10;

    #Compression Settings
    gzip on;
    gzip_http_version 1.0;
    gzip_comp_level 2;
    gzip_proxied any;
    gzip_min_length  1100;
    gzip_buffers 16 8k;
    gzip_types text/plain text/css application/x-javascript text/xml application/xml application/xml+rss text/javascript;
    gzip_vary on;

    include /etc/nginx/conf.d/*.conf;
}

A worker process is a single-threaded process.

If Nginx is doing CPU-intensive work such as SSL or gzipping and you have 2 or more CPUs/cores, then you may set worker_processes to be equal to the number of CPUs or cores.

If you are serving a lot of static files and the total size of the files is bigger than the available memory, then you may increase worker_processes to fully utilize disk bandwidth.

The worker_connections and worker_processes from the main section allows you to calculate max clients you can handle:

max clients = worker_processes * worker_connections

Then you must edit your /etc/nginx/conf.d/proxy.conf, in this file we define our server.

server {

listen 80;

    access_log off;
    error_log off;

location / {
    proxy_pass http://127.0.0.1:8080;
    proxy_redirect off;
    proxy_redirect off;
    proxy_set_header Host $host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_max_temp_file_size 0;
    proxy_connect_timeout 90;
    proxy_send_timeout 90;
    proxy_read_timeout 90;
    proxy_buffer_size 4k;
    proxy_buffers 4 32k;
    proxy_busy_buffers_size 64k;
    proxy_temp_file_write_size 64k;
 }
# This block will catch static file requests, such as images, css, js
# The ?: prefix is a 'non-capturing' mark, meaning we do not require
# the pattern to be captured into $1 which should help improve performance
location ~* \.(?:ico|css|js|gif|jpe?g|png)$ {
    # Some basic cache-control for static files to be sent to the browser
    expires max;
    add_header Pragma public;
    add_header Cache-Control "public, must-revalidate, proxy-revalidate";
  }

# this prevents hidden files (beginning with a period) from being served
location ~ /\.          { access_log off; log_not_found off; deny all; }

}

As you can see Nginx will listen on port 80.

The directive proxy_pass sets the address of the proxied server and the URI to which location will be mapped. Here it’s our local Apache server and it must be listening on port 8080. Edit your /etc/apache2/ports.conf and other vhosts to listen on the right port.

NameVirtualHost *:8080
Listen 8080

Now check your configuration with:

service nginx configtest
service apache configtest

Finally restart Apache and start Nginx:

service apache2 restart
service nginx start

Install Varnish HTTP accelerator with WordPress

Do you know Varnish?

Varnish cache

Varnish is a web application accelerator. You can install it in front of your web application and it will speed it up significantly. For example Varnish can receive HTTP requests for various production web servers, then caches those requests with a specific TTL to reduce load on the production servers.

Let’s try it!

Install a WordPress.

When your WordPress is installed, just to see what’s inside Varnish, do a test with Apache Bench on your server to get some information about the number of requests per second before and after Varnish.

With our test on the first blog post of our WordPress we got:

Before Varnish : Requests per second: 2.49 [#/sec]

After Varnish : Requests per second:    500.42 [#/sec]

You can try with this simple command from your workstation or any other server:

apt-get install apache2-utils
ab -c 5 -t 30 http://YourServerIP/

Let’s install Varnish…

1 – Get latest version of Varnish

curl http://repo.varnish-cache.org/debian/GPG-key.txt | apt-key add -
echo "deb http://repo.varnish-cache.org/ubuntu/ lucid varnish-3.0" >> /etc/apt/sources.list
apt-get update
apt-get install varnish

2 – Edit Varnish configuration

Edit /etc/varnish/default.vcl

backend default {
            .host = "localhost";
            .port = "8080";
            .max_connections = 30;
            .connect_timeout = 4.0s;
            .first_byte_timeout = 600s;
            .between_bytes_timeout = 600s;
}
# Drop any cookies sent to WordPress.
sub vcl_recv {
            if (!(req.url ~ "wp-(login|admin)")) {
                       unset req.http.cookie;
            }
}
 
# Drop any cookies WordPress tries to send back to the client.
sub vcl_fetch {
            if (!(req.url ~ "wp-(login|admin)")) {
                       unset beresp.http.set-cookie;
            }
}

Edit /etc/default/varnish

DAEMON_OPTS="-a :80
-T localhost:6082
-b localhost:8080
-u varnish -g varnish
-S /etc/varnish/secret
-s file,/var/lib/varnish/$INSTANCE/varnish_storage.bin,1G"

Then you need to kill off varnishd:

pkill varnishd

3 – Edit Apache configuration

Edit /etc/apache2/ports.conf to change the listening port of Apache.

NameVirtualHost *:8080
Listen 8080

Edit all your vhosts to match the port 8080

By default in /etc/apache2/sites-available/default

4 – Launch Varnish

Execute the following commands:

/etc/init.d/apache2 restart
varnishd -f /etc/varnish/default.vcl -s malloc,1G -T 127.0.0.1:2000

Now everyone accessing your site will be accessing through Varnish.

Note that a very nice plugin has been released for WordPress and Varnish to help Varnish to update his cache when you edit your blog. More information here: http://wordpress.org/extend/plugins/wordpress-varnish/

Boarding to South Korea for business

I knew very little things about Korea but that it shares one of the world’s most heavily militarised borders with North Korea. It was also my first time in Asia, making it an even more interesting trip!

At that time I was working for Scalr, a Cloud Management Platform. I arrived with its CEO from San Francisco. Right after, its CTO and another Engineer joined us from Ukraine.

Lodging

We rented the apartment on Airbnb and began the journey to move into the city. It took some time especially because our apartment was located near the historic center of Seoul. And it’s rather green and hilly as you can see in the picture taken a few meters away from our apartment. The rented apartment was really nice, we selected that one because it brought together all the typical elements of a Korean or Asian-inspired apartment. Room with tatami mats, wooden floors and sliding doors.

During the first days we visited the historical center of Seoul. Including the Presidential House (Blue House) and the Changdeokgung Palace.

Business work

The purpose of our trip was of course professional and it was time to get ready for about 3 days of presentation of our cloud platform. The show took place at Samsung headquarters, in front of an audience of about 20 engineers. The Samsung campus is a real city named Suwon, also known as Samsung city. Located 40 km south of Seoul, there are just over 40,000 employees.

The presentation went very well, despite the total absence of wifi, which is far from ideal for presenting a platform that manages servers in the cloud. But we quickly realised that security at Samsung is one of the top priorities: multiple scans, passport and ID verification, mobile phones and laptops allowed but under certain conditions: covering up camera lens and webcam with tape.

Korean food and drinks

Another aspect of this trip was the food. We ate Korean at every meal. How often do you go to Korea in your life? Korean cuisine is really varied, you always end up with tons of different things under your nose. Beef, chicken, pork, fish, vegetables, etc… Everything was really delicious, except perhaps the cold noodles (very simply cold pasta that bathes in broth, sometimes spicy).

As for alcohol, soju is the most common. It is a sweet potato alcohol with a very neutral flavour. That makes it a good accompaniment to Korean food. Its taste is comparable to vodka, but a little softer because of the added sugar in the manufacturing process. We had the chance to taste some excellent soju-based cocktails, but beware the soju’s alcohol level varies between 16% and 53% which is relatively strong!

Last but not least, I had my first experience of blowfish and it was delicious. Blowfish is famous for being able to poison you to death, but since we went to a well-known restaurant with a certified chef there was no reason to get worried!

Thank you Korea for welcoming us perfectly and making me want to go back to Asia!