Ansible at scale 1 of 2

Our original automation scheme involves several Ansible playbooks that started off simple but have been sprawling. So recently I spent some time to revamp the entire set of playbooks, following some of the best practices from the official documentation. The goal is to: Reduce the number of playbooks; Improve code re-usability (by implementing roles); Increase … Read moreAnsible at scale 1 of 2

Balloons steal memory from virtual machines

I came across an ElasticSearch server (ESXi guest with 32GB physical memory) where the main process keeps dying of OOM. Even worse, after the OOM event, the free memory left is about 10G and Elastic Search cannot start because its JVM is set with -Xms16g in /etc/elasticsearch/jvm.options. So I need to address the OutOfMemory error. … Read moreBalloons steal memory from virtual machines

NTLM and Kerberos protocols

This article explains how two most common authentication mechanisms (NTLM and Kerberos) work. Both authentication protocols are based on symmetric key cryptography. The protocols themselves are platform independent. NTLM Authentication NTLM is the default authentication protocol prior to Windows 2000 and still prevalent today as backup to Kerberos. It is based on challenge/response mechanism. User … Read moreNTLM and Kerberos protocols

SASL Authentication Mechanisms

Introduction Authentication is used in many protocols (such as LDAP binding) and it usually involves sending password. Given the nature of authentication protocol, its traffic encryption is usually mandatory. Simple Authentication and Security Layer (SASL) is introduced to ensure the security during authentication. It is not a single protocol, but rather a framework for authentication … Read moreSASL Authentication Mechanisms

Migrate WordPress to static website

What for Someone who I maintain website for realized the bill of a public cloud provider isn’t exactly as expected. The computing resource falls under “free tier” but the disk isn’t. And the cost of disk usage is the surprise. Second, WordPress does a good job building the initial website but requires a hosting EC2 … Read moreMigrate WordPress to static website

Cassandra Architecture Summary

Disclaimer: many contents here are from Cassandra The Definitive Guide Gossip and Failure Detection Cassandra uses a gossip protocol that allows each node to keep track of state information about the other nodes in the cluster. The gossiper runs every second on a timer. Gossip protocols assumes a faulty network, are commonly commonly employed in … Read moreCassandra Architecture Summary