The build pipeline for my blog fails every once in a while. For example, there was an issue with the Azure CLI earlier this month. Each time that happens it takes me a few minutes to remember how the pipeline works. Therefore, I am documenting it quickly in this post. Build As I described in this post, my blog is hosted on AWS, Azure and GCP. There is a GitHub Action that runs for each cloud provider .

In the prior post, I looked at what happens the first time an ASP.NET application is invoked in Lambda. When we left off, we had a roughly 3 second initial response time. ReadyToRun As I mentioned earlier, one cause of long cold start times in .NET is Just In Time (JIT) compilation. As each .NET assembly is loaded, the runtime converts the Intermediate Language (IL) into machine code for the specific platform it is running on.

The ability to host an ASP.NET project in AWS Lambda is a great way to get started with serverless. However, cold starts can result in a slow first invocation of the ASP.NET function. In this post I’ll set up a typical, albeit simple, application to gather benchmarks. In part two, I will explore a few options to speed up initialization. Background A Lambda function is fundamentally different from a traditional application.

In the post, I will show you how to build a Linux container in Visual Studio running on a EC2 Windows Instance. The AWS Toolkit for Visual Studio allows you to deploy your project to Elastic Container Service (ECS) Fargate and recently as a container image to AWS Lambda among other options. In both of these cases, you must build a Linux container from Visual Studio or the dotnet command line.

I recently upgraded my home network from the Ubiquiti EdgeRouter to the UniFi Security Gateway (USG). Similar to the EdgeRouter, the USG supports most common configuration tasks from the web UI, but advanced configuration is only available from the command line. While you can configure a VPN tunnel to AWS from the UI, it does not allow you to configure redundancy or Border Gateway Protocol (BGP). With everyone quarantined – working and learning from home – I have been struggling to find time to hack the router.

Pearson OnVUE Broke Mac Mission Control Pearson has started offering Online Proctored exams. You download the OnVUE application and take the exam from the comfort of your home. This sounds great, but the actual experience was poor. Here is how to fix Mission Control and App Expose after taking an exam. I took an exam last week. I won’t mention which because I have not passed it yet. I have never failed a certification exam, but I am superstitions and never talk about an exam until I clear it.

Cloud Storage and Trailing Slashes Shortly after configuring this site to be served simultaneously from AWS, Azure and GCP, I realize I had a bug. Occasionaly the images were not loading. Ironically this was only happening on the Multi-Cloud Blogging post. After some investigation, I found this caused by how various providers handle a URI without a trailing slash. Specifically Azure. The Issue When I render the footer of this blog, I include the name of the cloud provider that served the page.

I spent some time over Thanksgiving moving my blog from Blogger to Hugo. I have been hosting my site in an Amazon S3 bucket with an automated build in AWS CodeBuild. That has been running well for the past month and I have worked out most of the kinks. So, I decided to make my blog Multi-Cloud and host it on AWS, Azure, and GCP while load balancing traffic across the three platforms.

When I first moved over to Hugo, I struggled to get the robots meta tag working. Note that I am using the Ananke theme and this may be different for other themes. Primer Honestly, I have not spent a lot of time in my career on SEO and did not have a deep understanding of how the robots meta-tag and robots.txt file work. Here is a quick primer. First, a page can include a meta-tag in the header that specifies that a page should be indexed by search engines or not.

I have been moving my blog to Hugo over the holiday weekend. I am working in a Cloud9 instance. Cloud9 allows you to preview an application running in the Cloud9 instance by proxying the connection through the Cloud9 service. The URL for the proxy uses the following format. https://CLOUD9_ENV_ID.vfs.cloud9.AWS_REGION.amazonaws.com/ The problem is that Hugo renders fully qualified URLs that include the baseURL found in the config file. I could update the config file, but I know I am going to accidentally check it in that way.

I have been working on a project to deploy Elastic Kubernetes Service (EKS) at an Academic Medical Center. They want to deploy a private cluster that does not have internet acess. EKS supports this, but DNS resolution can be tricky. There is an AWS blog post that explains how do it. Ultimately, we need an inbound R53 resolver ENI in the EKS VPC. When you configure EKS with a private endpoint it configures DNS to only respond to requests from within the VPC.

Chalice is a Python serverless microframework for AWS that enables you to quickly create and deploy applications that use Amazon API Gateway and AWS Lambda. In this blog post, I discuss how to create unit tests for Chalice. I’ll use Chalice local mode to execute these tests without provisioning API Gateway and Lambda resources. Creating a new project Let’s begin by creating a new Chalice project using the chalice command line.

I have been working with Worker Environments in AWS Elastic Beanstalk. I found all the timeouts confusing at first, so I share my findings here. The instances in your Worker Environment have a demon that reads messages from an SQS Queue. That queue has a Default Visibility Timeout and Message Retention Period. In addition, the Elastic Beanstalk Worker Configuration has its own Visibility Timeout and Retention Period in addition to a Connection Timeout, Error Visibility Timeout and Inactivity Timeout.

Early in my career, I learned an important lesson: backup is easy, but restore is hard. Too often we take our backup and recovery for granted. We assume that if the backup completed successful, the restore will work when we need it. Anyone who has been through a disaster recovery exercise, whether simulated or real, knows this is seldom the case. In this post I discuss creating consistent backups of Windows Servers using the Volume Shadow Copy Service (VSS) and Elastic Block Store (EBS) snapshots.

I could not find a simple example to send email using SES in Python. Turns out it is really easy. If you have a MIME formatted message you can simply call send_raw_message. 1 2 client = boto3.client("ses") client.send_raw_email(RawMessage = {'Data': mime_formatted_message}) Of course the tricky part is the MIME formatting. Turns out that is really easy in Python. Here is a simple example. 1 2 3 4 5 message = MIMEText("Testing 123\nTesting 123\nTesting 123") message['From'] = "sender@domain.

It is common for an AWS customer to have many accounts.  Often a central IT team will own the payer account and have oversight over all accounts. The IT team will create a linked account for each project or business unit. When you create a new linked account, it's helpful to have a template Cloud Formation template to ensure the configuration of the linked accounts are all identical. This template takes the account number of the payer account and a bucket to write CloudTrail logs to (Note: best practice is to write logs to the payer account to ensure separation of duties.

I added a new Cloud Watch Logs Trace Listener to the .Net API for AWS. The API team plans to add support for Log4Net, but in the meantime I have been using this. https://github.com/brianjbeach/aws-dotnet-trace-listener

With all the devices in the house it was finally time to invest in a NAS. I settled on the Western Digital My Cloud EX2. I picked this specifically because it supported back up to Amazon S3. In practice, the backup software sucks and I had to work around a few issues to get it working reliably and inexpensively.   Overall I really like the EX2. It has great features for the price.

I have been wanting to configure a VPN Connection from AWS to my house, but my cheap Netgear router does not support IPSec. So, I picked up an old Cisco 871 router that does. I didn’t want to sacrifice the speed (it supports 802.11ac while the 871 is an old 802.11g device) and features of my Netgear router, so I put the 871 behind the Netgear and modified the VPN configuration for NAT traversal.

Windows Server 2003 end of life is less than six months away. As I start to think about upgrading, I was looking for an easy way to identify what version of Windows is running on each EC2 instance.  I would like to do this without having to log into each instance. One solution is to use the System log.  If the instance has the EC2 Config service running on it it will report the OS version (along with a few key driver versions to the console).

Cloud-Init is a set of Python scripts used to configure Linux instances when they boot in AWS. Cloud-Init is included on Ubuntu and Amazon Linux AMIs. You can think of a Cloud Init script as a bare-bones Configuration Management solution like Chef or Puppet. A Cloud-Init script is passed as user data. If you have ever passed a shell script as user data, it was Cloud-Init that queried the meta-data service and executed the script.

In my last post I used the awslogs daemon to push tcpdump events to AWS CloudWatch logs.  At the time it felt silly to use a file on disk and a daemon to push events from an interactive session.  Well I had some time to dig and I found a much cleaner way to do it without the daemon. It turns out that CloudWatch logs is implemented as a plugin to the AWS CLI.

I was recently debugging an issue with a fleet of Apache web servers.  I needed to watch for some low level network events we felt might be causing an issue (TCP resets, etc.).  I thought CloudWatch Logs would be a cool, albeit unnecessary, solution. NOTE: I found a much cleaner way to do this presented here. The awslogs package/daemon can be configured to upload any log file.  Just add a new configuration block to /etc/awslogs/awslogs.

In the last two posts (part 1, part 2) in this series we used PowerShell to gleam information from our monthly AWS billing report.  While you can use those scripts to learn a great amount of information from about your AWS usage, you will eventually outgrow PowerShell.  In this post I will show you how to load the bill into SQL Server for more detailed analysis.   In the prior posts we used the monthly reports.