Turns out that WAF costs $5 per acl and $5 per rule per month. And that $10 protection I had in place for a simple geo block against China and a few other countries I was getting probing attacks from wasn’t included in the AWS credit I’ve got so I’ve turned it off.
Done some playing around with ALBs and fail2ban including setting up a custom filter for script attacks but need to do some further refinement with x forwarded for headers and what not.
Hopefully i’ll get some more time to have a fiddle with it over the weekend.
Since I’ve got $300 of AWS credit to use up before December 2019 and my t3 micro instance isn’t really doing a good job of that, I decided I might as well throw up a load balancer, get the certificate assigned to it and set up route53 properly to that alias.
So far so good. Green padlocks are fun.
So I passed my AWS solutions architect associate exam on the 27th September. I think I ended up with about 87%
Pretty happy with that. Now trying to decide if I’m going to go for the systems administrator exam and developer exam or if I’m going to concentrate on solutions architecture.
I’m also eyeing up an open university degree in computing. I say I’m eyeing it up, I’ve registered and I’m waiting to see if I get approved for a part time student loan.
BSc (Honours) Computing and IT
Sounds impressive doesn’t it?
From a career perspective, it won’t give me much more in terms of experience and career usable knowledge – especially in an ever changing cloud landscape.
What it will give me, is a revisit to solid maths for the first time in over 20 years and a grounding in programming that I felt has always been missing from my repertoire.
I feel a deeper understanding of the maths side of things along with some hardcore software development will help with both my python and bash scripting.
I can read most code (even badly commented code) and tell you what it does. What I struggle with is writing something from scratch. Hoping this will help. Plus there’s some cool modules like robotics which I’ve always had an interest in.
If I decided to go for the networking speciality there’s always the option to revisit the CCNA too. We’ll see.
Next few months promise to be exciting regardless.
Picked up the October Mickey Mouse memories edition from the Disney store this week.
Wasn’t sure about it when I first saw it but after looking at it for a few minutes and realising it’s the same terminal colour scheme as I use on SecureCRT for my Mac, and it’s full of binary, I absolutely love it.
Pretty sure the binary will say something. Haven’t worked it out it googled it yet.
There’s a mug and a pin set too. I haven’t picked those up. Yet.
I’ve put together a skill as part of a tutorial from acloudguru and I’ve had this published by amazon.
If you’re studying for your AWS solutions architect associate exam and you’d like to stream exam tips and tidbits of information to your Alexa – have a look at it here.
I’m 3/4 of the way through my acloudguru AWS training course for solutions architect associate and decided that now I’ve done most of the VPC chapter and my understanding of the subject is helped infinitely by my experience, it was time to use the practice exam voucher on the AWS.training site to see how far off I am with less than 2 weeks to go until i sit it.
The questions were tough and certainly very similar – if you didn’t know for certain what a particular service is called or what a service does then you’re in trouble.
I scored 84%
Looks like the thing I need to focus on the most over the next week or so is security.
Also just need to firm up on a couple of bits of terminology that almost caught me out. The main thing is making sure I read the question all the way through and that I apply logic to the answers that ‘could’ be correct.
Studying is going well. Still enjoying the subject matter. Going all in on AWS.
This is absolutely crazy.
Look at the price difference between a t3 micro and a t3 small running spot.
It’s well under half the price.
Much cheaper running it this way than having apache on a t2 small and a seperate RDS instance.
S3 backups running well – or they are now that I’ve sorted out the cron job. Had a little issue with a misplaced * instead of a 0 which meant I got 60 backups between 1am and 2am rather than just one backup at 1am 😉
So less than a week after returning to school, Harry has brought a cold home.
More importantly than that, he’s shared it with me, and now i have the cold.
Luckily, this appears to be a cold that is paying attention to Day Nurse, so I’m at least getting a clear head once the tablets have kicked in.
Lots of stuff going on recently, passed my AWS certification exam, got another one at the start of October, so that’s going to be good.
Played a load of two point hospital, its really good fun.
Also started watching Greys Anatomy – which I’m really enjoying!
So the RDS instance has been terminated now.
I’ve got S3 backed mysql backups running nightly, so I’m saving myself an absolute fortune.
Still some tuning to do and I’m not sure if I’m going to stick at spot pricing or look into reserved pricing. I need to get some tuning in place first with regards to apache and mysql and make sure with Trusted Advisor that I’m running at the right sort of level.
If I can get it running properly on a t2.nano or a t3.nano I could probably save a small fortune paying just $70ish over the course of three years rather than the on-demand pricing.
Spot is okay, but now my database is running on the same ec2 instance, I risk data loss if Amazon were to terminate my instance.
It’s only the 12th of the month – look at the state of the costs:
We’d be looking at easy $13 a month just for RDS – probably more like $16 a month. Just too expensive for what I need – and lets be honest, RDS backed mysql is a little overkill for a couple of wordpress blogs.
In terms of EC2 cost:
The biggest cost here is obviously the gaming instance I threw up for a work demo last week – even though I’ve only done 9 hours with it, the cost is $2.48.
In comparison, the spot instance running my web server at the moment (a t3 small) has cost me just $1.22 for 178 hours.
Whilst it was fun to play around with RDS and the security groups governing rules in and out, it’s just not required for my use case.
We’ll see how the next few weeks go 🙂
Turns out that running an RDS database is quite pricey – moving this over to the EC2 instance whilst I re-evaluate my architectural decisions. Spot pricing looks to be the best way forward still, but I need to make sure I’m getting backups – will have to set up a nightly mysql backup to s3 I think, probably the best way to do it.
Test post to make sure the database is working as it should be.