HackerTrans
TopNewTrendsCommentsPastAskShowJobs

sredevops01

no profile record

comments

sredevops01
·2 tahun yang lalu·discuss
Exactly, that's how business works. You calculate the cost it will take to deploy in the new region, and tell them, in order for your business to move there, instead of using AWS or GCP or any competitor, we need 3-years at this rate. And they will do it.
sredevops01
·2 tahun yang lalu·discuss
This is when you ask for a discount
sredevops01
·3 tahun yang lalu·discuss
One of the things I am working on is moving all our monitoring to grab and store into Azure Log Analytics.

This tool is rather smart, if it can hook into all the services then let me funnel it to Log Analytics that would be cool.

Not sure the value for others but using multiple platforms, our logs are everywhere. Would be nice to connect them all to Microsoft LAW then slowly replace each integration when possible.
sredevops01
·3 tahun yang lalu·discuss
Yeah essentially this. Then have something crawl your database and find IP's that are crawling your dummy pages, and block those. Most of it is EC2/GCP instances and Azure VMs that people spin up with stolen cards, so you have to block a lot of 3rd party vendors. OVH and some others came up often. Lot's of crawling companies were using end user VPNs, so those are harder to block.

The best thing I found was dummy pages to block IPs of bad actors. Also, serving different urls with JS enabled versus disabled, but showing your page as something that works without JS.

Unfortunately, as good as CloudFlare is, their layer-7 isn't going to help you if someone is targeting you.
sredevops01
·3 tahun yang lalu·discuss
Btw if you are thinking of doing this, how I have done it with other vendors, is use Terraform to export their config, then convert the TF data to my intended system. Rather than writing code to import based on their API because the APIs change and the Terraform modules are updated pretty fast to export the required data with SaaS vendors
sredevops01
·3 tahun yang lalu·discuss
I love Verizon's Edgecast cache feature. It just works so well.
sredevops01
·3 tahun yang lalu·discuss
Make it extremely easy, like with the addition of an API key, to swap over to your service during a failover/outage.
sredevops01
·3 tahun yang lalu·discuss
Terraform is terrible as it is. Good riddance. We need real tools instead of messing around with text files with ridiculous formatting.
sredevops01
·3 tahun yang lalu·discuss
True, spinning up nginx and setting that up is the cheapest option I have come across with the best enterprise support. It's also available in Microsoft to deploy instead of using their tools. However, some people like being cloud native.
sredevops01
·3 tahun yang lalu·discuss
Currently, how are your clients setup? What are their www and root records pointed to?

For load balancing, all you need to do is CNAME your customer to your firewall/load balancer. So you aren't using A records for this. For example, in Azure, if you spin up a traffic manager, you would get an cname like "mytrafficmanager.trafficmanager.com" and your CNAMe for www.mysite.com would point to mytrafficmanager.trafficmanager.com.

However, in this case, you would also want your customers to point to something like customer.mysite.com so that if you move from GCP/Azure to something else, you can handle that record and migrate them during a failover, incident, or any other reason.

Edit: And have customer.mysite.com point to the "mytrafficmanager.trafficmanager.com"