Lets Encrypt and DANE
For quite some time I’ve been using certificate issued by StartSSL CA for my personal website. It’s for free and the recent refresh of their web portal they had (finally) done looked and felt really good. The things were going…
Tomcat9, ECDSA/ECC (Elliptic Curve) Certificates and HTTP/2
Tomcat9 brings bunch of new features of which support for HTTP/2 and multiple certificates per Virtual Host via SNI extension are most important ones. This needs Java 1.8, the latest APR/TC (Tomcat Native) release 1.2.x, since SNI support in current…
ActiveMQ Master/Slave KahaDB on OCFS2 shared file system
During my tests of shared storage clusters I wondered if ActiveMQ supports file locking on OCFS2 file system which I used on couple of occasions. While looking into it I came across the following warning on the Apache project site:…
HAProxy dynamically adjust server weight using external agent
Trying to utilize HAProxy-1.5/1.6 agent-check feature, see HAProxy documentation, I wrote this small script to check Tomcat system load and return back some values that HAP can use to dynamically adjust the server weight in the backend. This will run…
HAProxy OCSP stapling
The Online Certificate Status Protocol (OCSP) is an Internet protocol used for obtaining the revocation status of an X.509 digital certificate. It is used by https clients (browsers) to confirm that the certificate sent by the server they have connected…
Securing Logstash to Redis communication with Stunnel
Logstash is meant for private LAN usage since it doesn’t offer any kind of encryption support. If we need to ship sensitive data across WAN’s, like between Amazon VPC’s, we would like to have the communication channel secure. That’s where…
Centralized logs collection with Logstash, ElasticSearch and Kibana in Amazon AWS
Logstash is a tool for managing events and logs. It is very useful for collecting, parsing and storing logs for later use like for example searching. It comes with a web interface for searching through the logs. The picture bellow…
Web site statistics with AWStats
Awstats (Apache Web Statistics) is powerful and highly customizable tool for collecting web site statistics. The purpose of this document is to show one way we are using it for data collection and presentation of heavily customized Apache logs from…
SRIOV Enhanced Networking in AWS EC2 on Ubuntu-14.04 HVM
The latest EC2 generation of HVM instances makes use of the Enhanced Networking, utilizing the ixgbevf e1000 Gigabit Virtual Function Network Driver which provides significantly faster network layer processing. We can see it is already in use on Ubuntu-14.04 with…
Server side PHP caching in Joomla! with Repcached
Caching provides significant performance speed up since reading data from the memory is much faster then reading it from the database or disk, especially if it resides on a different server. In our case they are on the same one…