About 6 months ago, I bought myself a present in the form of a midnight blue, 1965 Ford Mustang. It was something that I had been thinking about for a long time. I wanted a project car. Initially, I considered starting with something very bare-bones and building it up from scratch. But, in the end I decided it might be wise to take it easier on myself and get something (almost) running.
Automatically Signing Apt Repos with gpg-agent
This is an enormous pain in the ass to get working correctly. To hopefully save you some butt pain, here’s how you actually do this, from end-to-end. So, the story is, you want to build an apt repo of your own stuff. In order to stop apt-get complaining every time you install something from this repo, you need to set it up as a signed repo. To keep things safe, you’ll need to set a passphrase on the key that you use to sign the repo.
Zabbix Agent Over an ssh Tunnel
Today I set up Zabbix monitoring of a bunch of boxes. A couple have public IP addresses - the load-balancers - so they were pretty standard. However, most of them are sitting behind a NAT, so are a little trickier. I played around with Zabbix proxy for a while - whose purpose is to solve this exact problem. In the end though, just to be different/awkward, I opted to set up ssh tunnels and just pass the Zabbix traffic through the load-balancer boxes.
Failover Squid via HAProxy
At the moment I’m using Squid quite a bit as a forward proxy. The application in question pulls content from remote sites and does some processing on it. It’s handy to have a copy of the site ‘nearby’ in case further processing is needed. So, the content is pulled through Squid for later use. Obviously, a single squid instance is no good. If it goes down, everything grinds to a halt.
Last week, I got a complaint that one of our webservers, hosted in EC2, was responding very slowly. After some fiddling around, I could eventually get ssh access, the box was just dragging along a bit. So, I check the uptime and it’s hovering around 6. I check top and there are a few perl processes chewing up the CPU. At first I think this is some backend web app stuff - some DB processing or something.