Andrew Eells dot com

Puppet certificate issues

Lots of posts on t’internet about this one and difficult to know which apply.

To rectify an error on the client of type: “please remove certificate from server and regenerate it with the current key”, for puppet 2.6.6, use the following to remove said certificate from the puppet master:

sudo puppet cert --clean <client node address>

Agile Database dot com

Have added some new features to my agile database framework and decided to release as a slightly more professional undertaking – say hello to Agile Database dot com.

The code’s hosted on GitHub so please feel free to take a look and let me know if you have any feedback or issues.

I’m going to add a section on Usage shortly, and probably delete the old code hosted on this blog, but aside from that I don’t have much of a plan for a roadmap. Certainly multi-database / OS support without having to refactor the scripts would be beneficial. Please feel free to let me know if you have any other ideas!

What is a Hacker?

Hacker: Someone who thinks outside the box. Someone who discards conventional wisdom and does something else instead. Someone who looks at the edge and wonders what’s beyond. Someone who sees a set of rules and wonders what happens if you don’t follow them. - Bruce Schneier, courtesy @hackerchick

I like this definition so much because it’s clearly nothing to do with writing code, and can (should?) be applied elsewhere…

Capistrano prompt for input

To prompt for user input, us:

set(:user) { Capistrano::CLI.ui.ask("User name: ") }

The above is “lazily evaluated”, so if you want an immediate prompt do not pass the block to set(), instead use:

set(:user, Capistrano::CLI.ui.ask("User name: ") )

Policy Expert

This is our phase II Policy Expert launch, mostly static content and user guides etc but the full phase III launch of Home Insurance product is coming soon…

Amazon RDS DB Instance Sizing Guide

For anyone else who can’t find the Amazon RDS DB Instance Sizing Guide!! Grrrrrr… here it is! ;o)

Amazon ELB and Apache

When you place your Apache Web Server behind an Amazon Elastic Load Balancer, Apache receives all requests from the ELB’s IP address.

Therefore, if you wish to do anything with the real client IP address, such as logging or whitelisting, you need to make use of the X-Forwarded-For HTTP Header Amazon ELB includes in each request which contains the IP address of the original host.

Two very helpful blog posts I found explaining both how to whilelist a particular request by IP address and how to set up your Apache logging behind the ELB to capture the original client IP address.

How all production releases should occur!

Jim and Sam Smith put their heads together… nice to learn about Cluster SSH also!

Using multiple Amazon AWS accounts from the command line

If you want separate security credentials for your production AWS account from other (development etc) accounts, use the following command line options to override any environment variables you may have already set – EC2_PRIVATE_KEY and EC2_CERT environment variables are the default if not provided on the command line:

-K, --private-key EC2-PRIVATE-KEY

-C, --cert EC2-CERT

Further common command line options can be found here.

Separating out accounts like this should at least help to avoid a developer accidentally dropping production databases without thinking!

Amazon RDS command line tools

You need to provide the --region option if you want RDS command line tools to find your instances and they aren’t in the default us-east-1. Either that or provide the EC2_REGION environment variable.

http://docs.amazonwebservices.com/AmazonRDS/latest/CommandLineReference/