Category Archives: General

CloudFlare DNS delegation to Azure - Header

Configuring DNS Delegation from CloudFlare to Azure DNS

General, , ,

A quick post, following on from my other post which covers DNS Delegation from CloudFlare to AWS Route53.

In this walkthrough, we are going to cover the same setup, but for Microsoft Azure DNS.

Create a Azure DNS Zone

Starting in your Microsoft Azure console, search and find the DNS Zones service.

CloudFlare DNS delegation to Azure - Azure DNS Zone Service

Click to create a new DNS Zone.

CloudFlare DNS delegation to Azure - Azure DNS Zone Service - Create DNS Zone

Fill out the necessary information:

  • Subscription
  • Resource group (create a new one if needed)
  • Instance Details
    • Name – FQDN for the DNS Zone you need to create, in this example, I want a subdomain “azure” being managed by my Azure DNS.
    • Resource group location – this is where the metadata for the service is stored, however DNS zones are distributed globally!

Click Review and Create. Continue reading Configuring DNS Delegation from CloudFlare to Azure DNS

vRA SaltStack Config - Salt Project - Header

A debugging example of Salt Win-Repo issues

General, VMware, , ,
The Issue

I was hitting issues when trying to use the Salt Win-Repo to install software. Below is a copy of my state file.

ensure_malwarebytes_installed:
  pkg.installed:
    - pkgs:
      - malwarebytes

It would fail with the below helpful error messages. But most importantly, I’d check the minion, to find the software was actually installed.

  {
    "return": {
      "pkg_|-ensure_malwarebytes_installed_|-ensure_malwarebytes_installed_|-installed": {
        "name": "ensure_malwarebytes_installed",
        "__id__": "ensure_malwarebytes_installed",
        "result": false,
        "__sls__": "Windows.software-install.malwarebytes",
        "changes": {
          "malwarebytes": "Unable to locate package malwarebytes"
        },
        "comment": "The following packages failed to install/update: malwarebytes",
        "duration": 343.731,
        "start_time": "13:07:43.183808",
        "__run_num__": 0
      }

If I instead ran the command from my salt master, it would be successful with no error outputs:

salt {minion_name} pkg.install malwarebytes -l debug
The Debugging Effort

Because the software is installed on the minion, I run the “pkg.list_pkgs” command, so I can detail exactly what the system returns.

C:\Users\Administrator>salt-call pkg.list_pkgs
local:
    ----------
...
    Malwarebytes version 4.5.12.204:
        4.5.12.204
...

Next, I want to remove the package, before I continue to debug, however I hit another issue. Continue reading A debugging example of Salt Win-Repo issues

google cloud header

Google Cloud – Invitation email not received – Project IAM role pending

General, , ,
The Issue

For me, it started off with having some odd issues in a GKE cluster, where I didn’t have permissions to do things at a cluster level. After some digging it pointed to the wrong IAM roles on the Google Cloud Project.

When I investigated this, I found I wasn’t yet confirmed as the owner of the project. It said an email was sent, but I had received nothing!

google cloud - IAM - Invitation sent pending acceptance

The Cause

Maybe something wrong with Googles SMTP? Or spam filters on the receivers side. But it doesn’t help you cannot resent the email!

The Fix

You can accept the invitation by going to the below link.

https://console.cloud.google.com/invitation?project=[your-project-id]&account=[the-account-email-invited]&memberEmail=[the-account-email-invited]

Example
https://console.cloud.google.com/invitation?project=veducate-demo&[email protected]&[email protected]

Regards

Dean Lewis

Cloudflare Route53 Header

Configuring DNS Delegation from CloudFlare to AWS Route53

General, , , ,

This blog post covers how to delegate DNS control from Cloudflare to AWS Route53. So that you can host records in Route53 for services deployed into AWS, that are resolvable publicly, despite your primary domain being held by another provider (Cloudflare).

My working example for this, I was creating an OpenShift cluster in AWS using the IPI installation method, meaning the installation will create any necessary records in AWS Route 53 on your behalf. I couldn’t rehost my full domain in Route53, so I just decided to delegate the subdomain.

  • You will need access to your Cloudflare console and AWS console.

Open your AWS Console, go to Route53, and create a hosted zone.

AWS - Route 53 - Create Hosted Zone

Configure a domain name, this will be along the lines of {subddomain}.{primarydomain}, for example my main domain name is veducate.co.uk, the sub domain I want AWS to manage is example.veducate.co.uk.

I’ve selected this to be a public type, so that I can resolve the records I create publicly.

AWS - Route 53 - Create Hosted Zone - Configuration

Now my zone is created, I have four Name Servers which will host this zone (Red Box). Take a copy of these.

AWS - Route 53 - Hosted Zone - NS Servers

In your DNS provider, for this example, Cloudflare, create a record of type: NS (Name Server), the record name is subdomain, and Name Server is one of the four provided by AWS Route53 Hosted Zone.

Repeat this for each of the four servers.

Cloudflare - create ns record

Below you can see I’ve created the records to map to each of the AWS Route53 Name Servers.

Cloudflare - create ns record - all records created

Now back in our AWS Console, for the Route53 service within my hosted zone. I can start to create records.

AWS - Route53 - Create record

Provide the name, type and value and create.

AWS - Route53 - Quick create record

Below you can see the record has been created.

AWS - Route53 - Records

And finally, to test, we can see the DNS record resolving from my laptop.

nslookup example

Regards

Dean Lewis

git header

Exploring the Git command line – A getting started guide

General, , , , , ,
What is Git?

Git is distributed version control software.

Version Control is the ability to save and track changes over time, without interfering with previous versions. As the software is distributed, it means all users can have a copy of an entire repository, containing all commits, branches, and files.

There are a few things you should know before we dive in:

  • Branches are lightweight and cheap, so it’s OK to have many of them
  • Git stores changes in SHA hashes, which work by compressing text files. That makes Git a very good version control system (VCS) for software programming, but not so good for binary files like images or videos.
  • Git repositories can be connected, so you can work on one locally on your own machine and connect it to a shared repository. This way, you can push and pull changes to a repository and easily collaborate with others.
Why Use Git?

Version Control is important in development, whether for software, or simply for developing your automation scripts. Without it, you can risk losing your work. By using Git, you can make a “commit”, which is a snapshot of your point in time work. This provides you the capability to rollback to previous commits if needed.

Install the command line tool
# Executable Installers (all OSes)
https://git-scm.com/downloads 

# Command Line Installer 
# Mac OS X
brew install git
# Linux
sudo apt-get install git-all

# Validate installation
git version
Authenticating to GitHub and creating a repository

To make life easier, I am going to use GitHub as my main source control platform.

I am going to start off creating a repository on the GitHub website. This is simple to complete, so I will not document the steps, but you can view this page for more information.

I would also recommend at this point setting up the authentication with GitHub as well to your local CLI.

Cloning a Repository locally

Once our repository is created, we start off by cloning the repository locally.

git clone {url}

#Example
git clone https://github.com/saintdle/veducate-git-example.git

git clone

Create and commit our first file

Continue reading Exploring the Git command line – A getting started guide