…serverspec that sets it apart from Aruba is it can test things locally and remotely via SSH.
This is useful when testing automation that creates servers somewhere: run the tool, connect to the server created, verify conditions are met.
But what happens when we want to test the behaviour of tools that create things both locally and remotely? For local testing Aruba is awesome. For remote testing, serverspec is a great fit.
NO ENCRYPTION MySQL+SSL SSH tunnel ( AES256-CBC) SSH tunnel ( AES256-CTR) 1001.33 (59.26) 22.23 (0.1392) 476.52 (11.87) 482.02 (13.42)
Or, for those of you who like graphics, I think the chart speaks for itself.
Obviously, not using encryption is still the fastest game in town, but connection throughput over an SSH tunnel doesn't obliterate performance to anywhere near the same level as using MySQL's native SSL capability. Going from 1000 cps to 22 cps is potentially …
MUltihost SSH Wrapper: A shell script wrapper around SSH that allows you to execute the same command across multiple hosts either in sequence or parallel.
…the backup. This can take a while, so let's open a screen session so that we can terminate the SSH session and check back later. sudo apt-get install screen screen
Initiate the backup: sudo duply test backup
Press Esc-D to detach the screen session.
Check back a few hours later. Login to your server and reattach your screen session: screen -x
You should see something like this, which means that the backup succeeded. Congratulations! --------------[ Backup Statistics ]-------------- …
Deploying to Nginx
Deploying an app is a matter of adding a virtual host entry in your web server, and telling the web server that it's a Phusion Passenger-served app.
Note that the document root must point to the public directory of the app! Suppose the app is located in /webapps/leaderboard , then: …
Patrick: SSH is a simple tool to use when you need shell access to a remote server. Everyone is familiar with the most basic usage: $ ssh production.host
options give you control over more options such as the user and private key file that you use to authenticate: $ ssh -l www-data -i /Users/preagan/.ssh/viget production.host
However, managing these options with the command-line is tedious if you use different private keys for work-related and personal …
…VPN with hardware crypto would be the fastest approach, but even something as simple as an SSH tunnel or OpenVPN *might* be faster than SSL within MySQL. I'll be exploring some of these solutions in a follow-up post.
And finally... when in doubt, run your own benchmarks. I don't have an explanation for why the yaSSL numbers are so different from these (maybe yaSSL is a faster SSL library than openSSL, or maybe they used a different cipher - if you're curious, the original …
Yay! Now, we can SSH to GitHub (note, this is fake GitHub for example purposes). ubuntu@os-2790002246935003:~$ su - vaultuser Password: chef-vault vaultuser@os-2790002246935003:~$ ssh -i .ssh/id_rsa firstname.lastname@example.org $ hostname os-945926465950316 $ id uid=1002(github) gid=1002(github) groups=1002(github)
Updating a Secret
What happens if we need to update a secret? For example, if an administrator leaves the organization, we will want to change the vaultuser password (and SSH private …
…your app. You can also use it to manage all information about your Heroku account - from SSH keys to past invoices. In this post, we take a quick tour through Dashboard and some of its recent new features, including production check and notifications.
Everything About Your Apps
The first thing you'll see when you log in to Dashboard is the Apps page. Here, you can see a full list of all the apps you own or are a collaborator on - whether you have just one app or a whole portfolio …
… Host *^* ProxyCommand ssh-chain %h %p
Now, you can use that host to hop to other machines over SSH, by just giving a "path" (think UUCP ;)) of immediate hosts (which all need ssh-chain installed): ssh faraway^hop3^hop2^hop1
Since ssh is so central to many tools, this syntax also works for scp , rsync , git , and many others. Really useful if you work with non-trivial network topologies.