GitLab Moves to GCP

Gitlab is moving from Microsoft Azure to Google Cloud Platform mainly due to its integration with Google Kubernetes Engine. Gitlab believes Kubernetes is the future and makes their platform to massively scale as it grows. The move is scheduled on July 28. Gitlab plans to use their Geo product for the migration of Gitlab.com. For more, read the article.

Failover Test

How to failover a website without actually doing a failover? It’s actually easier than you think. The key is to trick your computer that it’s pointing to a failover website. You can easily do this by editing your hosts file and adding a DNS entry. In both Linux and MacOS, you can edit the /etc/hosts file and add the failover site like the following below.

# /etc/hosts
# failover site
# xxx.xxx.xxx.xxx   yourdomain.com

xxx.xxx.xxx.xxx is the IP address of your failover site.
If you need to test the failover site, just uncomment the IP address.
Replace a comment if you’re done testing.

The Enigma Machine

It took about 2,000 Digital Ocean droplets, 13 minutes of compute time, and about $7 dollars worth of cloud resources, to break the Enigma code which were used by the Nazis in World War 2. The code was written in Python and ran as minions. The minions did the 99% of the grunt work. The droplets ran 41 million password combinations per second. What took years for Allied forces to break the code can now be decoded in just 13 minutes. Read the article.

Restrict Bucket To Users

How to restrict a S3 bucket to certain group of users. Edit the bucket policy and add the following.

{
    "Version": "2012-10-17",
    "Id": "bucketPolicy",
    "Statement": [
        {
            "Effect": "Deny",
            "NotPrincipal": {
                "AWS": "arn:aws:iam::xxxxxxxxxx:user/username",
                "AWS": "arn:aws:iam::xxxxxxxxxx:root",
            },
            "Action": "s3:*",
            "Resource": [
                "arn:aws:s3:::bucketname",
                "arn:aws:s3:::bucketname/*"
            ]
        }
    ]
}

Replace xxxxxxxxxx with your AWS account number.
Replace bucketname with your S3 bucket.
Replace username with your IAM user.
Root is your AWS root account.
Accounts must be valid.

Multiple TXT DNS Records

I recently moved my website hosting from Linode to AWS LightSail. Part of the move was working with Route 53 for DNS, as well as setting up my domain’s email, e.g. the MX record. I’m using ProtonMail for email and they require that I add multiple TXT records. Part of the problem is Route 53 will not allow duplicate TXT records. After a few searches, I learned that you can enter in multiple values in the TXT record as long as you place them on multiple lines. That solved the problem for me.