VirtualTam's bookmarks

1. HAProxy - TLS Termination Setup 2023-07-24

   tags: cryptography/encryption, network/http, network/http-server/haproxy, network/reverse-proxy, network/transport-layer-security, security

   [ permalink ]

   • Traffic Routing - Rewrite Requests
   • Client IP Preservation - X-Forwarded-For
   • HAProxy & HTTP Strict Transport Security (HSTS)
   • Secure Cookies Using HAProxy Enterprise
2. Load Balancing PHP-FPM with HAProxy and FastCGI - HAProxy Technologies 2021-08-19

   tags: network, network/http, network/http-server/haproxy, network/reverse-proxy, programming/php, protocol/fastcgi

   [ permalink ]
3. NGINX Docs | UDP Health Checks 2020-12-21

   tags: load-balancing, network, network/http-server/nginx, network/tcp, network/udp

   [ permalink ]

   • https://docs.nginx.com/nginx/admin-guide/load-balancer/tcp-udp-load-balancer/
4. Enhanced SSL Load Balancing with Server Name Indication (SNI) TLS Extension - HAProxy Technologies 2020-12-11

   tags: network/dns, network/http-server/haproxy, network/reverse-proxy, network/server-name-indication, network/tcp, network/transport-layer-security

   [ permalink ]

   • https://discourse.haproxy.org/t/req-ssl-sni-and-ssl-termination/2139/3
   • com/@olivier.ragain/haproxy-https-load-balancing-on-sni-207c17398d19
5. What is "AWS Security Scanner" in my server logs? 2020-07-31

   tags: cloud/aws, network, security

   [ permalink ]

   • https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/configuring-instance-metadata-service.html
   • https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html
   • https://docs.aws.amazon.com/cli/latest/reference/ec2/modify-instance-metadata-options.html
   • https://aws.amazon.com/blogs/security/defense-in-depth-open-firewalls-reverse-proxies-ssrf-vulnerabilities-ec2-instance-metadata-service/
   • https://aws.amazon.com/blogs/aws/new-host-based-routing-support-for-aws-application-load-balancers/
   • https://aws.amazon.com/about-aws/whats-new/2018/07/elastic-load-balancing-announces-support-for-redirects-and-fixed-responses-for-application-load-balancer/
   • https://www.reddit.com/r/aws/comments/e18e5n/botexploit_what_is_this_trying_to_do_and_how
   • https://www.reddit.com/r/aws/comments/e18e5n/botexploit_what_is_this_trying_to_do_and_how/f8qympp/
   • https://forums.aws.amazon.com/thread.jspa?threadID=316889
   • https://owasp.org/www-community/attacks/Server_Side_Request_Forgery
   • https://www.wired.com/story/capital-one-paige-thompson-case-hacking-spree/
   • https://krebsonsecurity.com/2019/08/what-we-can-learn-from-the-capital-one-hack/
   • https://krebsonsecurity.com/2019/07/capital-one-data-theft-impacts-106m-people/
   • http://www.thecloudavenue.com/2019/08/how-capital-one-hack-was-achieved-in-aws.html
   • http://www.thecloudavenue.com/2019/11/changes-to-aws-ec2-instance-metadata-service.html
6. GitHub Load Balancer Director and supporting tooling 2019-12-31

   tags: high-availability, load-balancing, network, network/http, network/http-server/haproxy, network/tcp, source-code-management/github

   [ permalink ]

   • https://github.com/github/glb-director
   • https://github.blog/2018-06-20-mysql-high-availability-at-github/
7. broot: An interactive tree view, a fuzzy search, a balanced BFS descent and customizable commands. 2019-02-18

   tags: command-line, directory, programming/shell, tree

   [ permalink ]
8. dhcplb - Facebook's implementation of a load balancer for DHCP. 2019-01-03

   tags: address, distributed, network, network/dhcp

   [ permalink ]

   • https://www.usenix.org/conference/srecon15europe/program/presentation/failla
9. Load balancing and scaling Docker containers with Træfik 2018-07-18

   tags: linux/container/docker, network, network/http, network/proxy

   [ permalink ]

   Træfik options:

   • https://docs.traefik.io/configuration/backends/docker/
   • https://docs.traefik.io/configuration/commons/

   Relevant backend labels:

   • traefik.port
   • traefik.docker.network
   • traefik.backend.loadbalancer.method
   • traefik.backend.loadbalancer.stickiness

   Examples:

   • https://www.katacoda.com/courses/traefik/deploy-load-balancer

   Gateway timeout and overlay network setup:

   • https://github.com/containous/traefik/issues/979
   • https://github.com/containous/traefik/issues/1254
   • https://github.com/containous/traefik/issues/3599
10. OpenResty - a dynamic web platform based on NGINX and LuaJIT 2018-07-17

    tags: network/http, network/http-server/nginx, performance, programming/api, programming/lua, server

    [ permalink ]

    • https://openresty.org/en/linux-packages.html
    • https://opm.openresty.org/
    • https://github.com/openresty
    • https://github.com/openresty/openresty
    • https://www.reddit.com/r/lua/comments/209l92/openresty_with_others_language/
    • https://www.reddit.com/r/devops/comments/6tv1yc/dynamic_layer_4_load_balancing/
11. Programmers who only code at work 2018-02-19

    tags: balance, code, development, leisure, life

    [ permalink ]

    • https://dev.to/ben/its-perfectly-fine-to-only-code-at-work-dont-let-anyone-tell-you-otherwise--25i3
12. Distributed environments and database migrations 2017-11-29

    tags: data, database, database/migration, distributed, framework/django, linux/container/docker

    [ permalink ]

    Actors:

    • database server / cluster
    • load-balanced application servers relying on a database schema with migrations
    • reverse proxy

    Issue:

    • managing database schema migrations

    Possible sequence:

    • create the database
    • run a service that executes database schema migrations
    • start application servers
    • start the load-balancer / reverse-proxy

    Resources:

    • https://www.reddit.com/r/docker/comments/2t2pnf/what_are_best_strategies_to_migrate_relational/
    • https://softwareengineering.stackexchange.com/questions/357929/db-migration-strategy-for-docker-containers-in-aws-ecs
    • https://stackoverflow.com/questions/41592091/run-a-database-migration-command-when-deploying-a-docker-container-to-aws
    • https://ltd-keeper.lsst.io/gke-migrations.html
    • https://stackoverflow.com/questions/31715239/docker-compose-database-migrations-and-other-pre-post-scripts
    • https://stackoverflow.com/questions/38089999/docker-compose-rails-best-practice-to-migrate
    • https://stackoverflow.com/questions/37058812/how-best-to-run-one-off-migration-tasks-in-a-kubernetes-cluster
13. Efficient SMTP relay infrastructure with Postfix and load-balancers | HAProxy Technologies Blog 2017-04-25

    tags: email, email/postfix, load-balancing, network/http-server/haproxy, network/smtp, network/tcp

    [ permalink ]
14. Configure HAProxy to Load Balance Sites With SSL 2017-04-04

    tags: network, network/http, network/http-server/haproxy, network/proxy, network/tcp, network/transport-layer-security

    [ permalink ]
15. Træfɪk - HTTP reverse proxy and load balancer made to deploy microservices with ease 2017-01-09

    tags: etcd, linux/container, linux/container/docker, network/http, network/reverse-proxy, sysadmin

    [ permalink ]
16. Howto write apache ProxyPass* rules in HAProxy | HAProxy Technologies – Aloha Load Balancer 2016-12-06

    tags: content, network/http-server/haproxy, network/reverse-proxy, network/url, response, rewrite, sysadmin

    [ permalink ]
17. Building a Shop with Sub-Second Page Loads: Lessons Learned 2016-10-24

    tags: load-balancing, memory/cache, network, performance, web

    [ permalink ]
18. HAProxy - The Reliable, High Performance TCP/HTTP Load Balancer 2014-05-16

    tags: network/http-server/haproxy, network/proxy, redirection, sysadmin, web

    [ permalink ]

    https://en.wikipedia.org/wiki/HAProxy