Generated by AI

Understanding Domain Validation Challenges and DCV Delegation for SSL Certificates

When you need to get a certificate from a service like Let’s Encrypt, you must validate ownership of the domains for which you are issuing a certificate. This is achieved using challenges. But what types of challenges are available? 1. HTTP-01 Challenge The most common and widely used type is the HTTP-01 challenge. With this method, you receive a token that must be placed in your web server at the following path: ...

January 19, 2025 · 3 min · 578 words · Serhii Kaidalov
Generated by AI

Alertmanager Dummy Alerts

When configuring new receivers or testing templates in Alertmanager, you might need to generate dummy alerts to see how everything works. Instead of manually creating and sending alerts, I use a simple bash script to streamline the process. The Script Below is the script I use to generate and resolve dummy alerts. It sends a POST request to Alertmanager’s API to simulate an alert. 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 #!/bin/bash name=$RANDOM url='http://localhost:9093/api/v2/alerts' default_severity='warning' instance='127.0.0.1' instance_name='test-instance' send_alert() { local status=$1 local custom_severity=$2 local current_severity=${custom_severity:-$default_severity} curl -XPOST $url -H "Content-Type: application/json" -d "[ { \"status\": \"$status\", \"labels\": { \"alertname\": \"$name\", \"service\": \"my-service\", \"severity\":\"$current_severity\", \"instance\": \"$instance\", \"instance_name\": \"$instance_name\" }, \"annotations\": { \"summary\": \"This is a test alert\", \"title\": \"Test Alert\", \"description\": \"Test alert has been triggered.\" }, \"generatorURL\": \"https://prometheus.local/<generating_expression>\" } ]" echo "" } # Main script echo "Firing up alert $name" send_alert "firing" "$1" read -p "Press enter to resolve alert" echo "Sending resolve" send_alert "resolved" "$1" How It Works The script starts by generating a random alert name ($RANDOM) to ensure each alert is unique. It sets a default severity (warning) and other labels such as instance and instance_name. The send_alert function sends a POST request to Alertmanager’s API endpoint (http://localhost:9093/api/v2/alerts) with a payload containing the alert’s status, labels, and annotations. The script fires an alert, waits for user input, and then resolves the alert. Example Output Running the script will output something like this: ...

January 1, 2025 · 3 min · 463 words · Serhii Kaidalov
Generated by AI

Handling Real IP in Nginx Behind Load Balancer and Cloudflare

When running a website behind a load balancer and Cloudflare, handling client IPs in Nginx can be tricky. Different setups use different headers to pass the real IP: Custom Domains via Cloudflare: Cloudflare sends the real client IP in the CF-Connecting-IP header. Direct CNAME to Load Balancer: The load balancer sets the real client IP in the X-Forwarded-For header. What is the challenge? Nginx’s real_ip_header directive doesn’t support variables. This limitation means you can’t conditionally choose between headers like X-Forwarded-For and CF-Connecting-IP. ...

December 28, 2024 · 3 min · 526 words · Serhii Kaidalov
Generated by AI

My 1st post

Welcome to My Blog! Hello and welcome! I’m thrilled to start this journey of sharing knowledge, experiences, and insights about AWS, cloud infrastructure and many more. This blog is a space where I’ll share my knowledge, tips, and practical advices. Whether you’re just beginning your cloud journey or you’re a seasoned professional, I hope you’ll find valuable takeaways here. Let’s explore the art and science of building robust, scalable, and efficient infrastructure together. ...

December 28, 2024 · 1 min · 90 words · Serhii Kaidalov