Pull to refresh

Admin

Show first
Rating limit
Level of difficulty

Hashicorp Vault — gcs + gcpckms

Reading time5 min
Views175

Secret Management and Why It’s Important

Hi! My name is Evgeny, and I work as a Lead DevOps at Exante. In this article, I will discuss the practical experience of setting up a high-availability HashiCorp Vault with a GCP storage backend and auto unseal in Kubernetes (K8s).

Our infrastructure used to consist of thousands of virtual and physical machines hosting our legacy services. Configuration files, including plain-text secrets, were distributed across these machines, both manually and with the help of Chef.

We decided to change the company’s strategy for several reasons: to accelerate code delivery processes, ensure continuous delivery, securely store secrets, and speed up the deployment of new applications and environments.

We decided to transition our product to a cloud-native model, which required us to change our approach to development and infrastructure. This involved refactoring our legacy services, adopting a microservices architecture, deploying services in cloud-based Kubernetes (K8s), and utilizing managed resources like Redis and PostgreSQL.

In our situation, everything needed to change—from applications and infrastructure to how we distribute configs and secrets. We chose Google as our cloud provider and HashiCorp Vault for secret storage. We've since made significant progress on this journey.

Why HashiCorp Vault?

There were several reasons:

Read more
Total votes 2: ↑2 and ↓0+4
Comments0

CacheBrowser experiment: bypassing the Chinese firewall without a proxy by caching content

Level of difficultyMedium
Reading time7 min
Views724

Today, a significant portion of all content on the Internet is distributed with the use of CDNs (Content Delivery Networks). At the same time, there is no research on how various censors extend their influence on such networks. Scientists from the University of Massachusetts analyzed possible methods of blocking CDN content using the example of the practices of the Chinese authorities, and also developed a tool to bypass such blocks.

We (specialists from proxy service) have prepared an overview material with the main conclusions and results of this experiment (translate of this material).

Read more
Total votes 1: ↑1 and ↓0+3
Comments0

Dual Reliability Requests

Level of difficultyMedium
Reading time9 min
Views632

We are requesting 20,000,000 euro to place 900 orders on the exchange. What could go wrong?

Today, I will explain how to avoid losing billions in client money when executing large transactions on the exchange. This discussion focuses on an often overlooked and largely invisible problem that arises when handling large requests, particularly HTTP requests, which may not be fully executed. It's surprising how little attention is given to this issue and how few tools there are to address it.

Our task was to implement large-scale management of exchange orders, not just within a single exchange but globally, and to ensure it operates reliably. In this story, you'll encounter clients, servers, and cats. Stories are always more enjoyable with cats.

Read more
Total votes 1: ↑1 and ↓0+3
Comments2

Optimizing IT Services: The Case for Reducing 24/7 Operations in B2B Services

Level of difficultyEasy
Reading time5 min
Views361

In the world of IT services, the idea that operations must run 24/7 is often taken for granted. However, for business-to-business (B2B) services, this assumption needs to be rethought. By reconsidering the need for around-the-clock processing services, companies can achieve significant benefits in efficiency, security, and sustainability.

Read more
Total votes 1: ↑1 and ↓0+2
Comments2

The Salmon Project: how to counter Internet censorship effectively using proxies with user trust levels

Level of difficultyMedium
Reading time5 min
Views464

Governments in many countries restrict citizens' access to information and services on the Internet in one way or another. Combating such censorship is an important and difficult task. Usually simple solutions cannot boast about high reliability or long-term efficiency. More complex methods of overcoming blocks have disadvantages in terms of usability, low performance, or they do not allow you to maintain the quality of Internet use at the proper level.

A group of American scientists from the University of Illinois has developed a new method of overcoming blocks, which is based on the use of proxy technology, as well as segmenting users by trust level to effectively identify agents working for censors. We present you with the main theses of this work.

Description of the approach

Scientists have developed the Salmon tool, a system of proxy servers operated by volunteers from countries without restrictions on Internet use. In order to protect these servers from blocking by censors, the system uses a special algorithm for assigning a level of trust to users.

The method involves exposing potential censor agents that pose as ordinary users in order to find out the IP address of the proxy server and block it. In addition, countering Sybil attacks is carried out through the requirements to provide a link to a valid social network account when registering in the system or to receive a recommendation from a user with a high level of trust.

How it works

It is assumed that the censor is a state–controlled body that has the ability to take control of any router within the country. It is also assumed that the task of the censor is to block access to certain resources, and not to identify users for further arrests. The system cannot prevent such a course of events in any way – the state has plenty of opportunities to find out what services citizens use. One of them is the use of honeypot servers to intercept communications.

It is also assumed that the state has significant resources, including human ones. The censor can solve tasks that require hundreds and thousands of full-time employees.

A few more basic theses:

Read more
Total votes 1: ↑1 and ↓0+3
Comments0

Utilizing Wearable Digital Health Technologies for Cardiovascular Monitoring

Level of difficultyMedium
Reading time17 min
Views398

Wearable Digital Health Technologies for Monitoring in Cardiovascular Medicine

This review article presents a three-part true-life clinical vignette that illustrates how digital health technology can aid providers caring for patients with cardiovascular disease. Specific information that would identify real patients has been removed or altered. Each vignette is followed by a discussion of how these methods were used in the care of the patient.

Read more
Total votes 6: ↑3 and ↓3+2
Comments0

How to choose a proxy network for business: 3 practical tips

Level of difficultyEasy
Reading time2 min
Views504

Masking an IP address with a use of a proxy is necessary not only to circumvent censorship on the Internet and watch TV series. In recent years, proxies have been increasingly used to solve corporate objectives from application testing under load to competitive intelligence. Habr has a good overview of the various options for using proxies in the business sector.

Today we will talk about what to pay attention to when choosing a proxy network for solving such corporate objectives.

Read more
Total votes 1: ↑1 and ↓0+3
Comments0

Overview: Six ways to use residential proxies for solving corporate objectives

Level of difficultyEasy
Reading time5 min
Views649

IP address masking may be required for various tasks – from accessing blocked content to bypassing anti-bot systems of search engines and other online resources. We found an interesting post about how this technology can be used to solve corporate objectives.

There are several options of implementing a proxy:

Read more
Total votes 1: ↑1 and ↓0+3
Comments0

How to increase capacity of drive from 32 to 256 GB for Asus E200H laptop

Level of difficultyEasy
Reading time5 min
Views1.1K

Hi Everyone.

Recently I got Asus E200H laptop, which I would like to use as a portable computer to work with a high-precision equipment.

Within the scope of the article we will perform the experiment about the upgrade of the default 32 GB eMMC capacitor to 256 GB and will test it.

Have a nice reading!

Read more
Total votes 4: ↑4 and ↓0+6
Comments0

Experiment: How to disguise the use of Tor to bypass blocking

Level of difficultyMedium
Reading time4 min
Views1.1K

Internet censorship is becoming an increasingly important issue worldwide. This leads to increasing of the "race of armaments" – in different countries government agencies and private corporations try to block various content and fight against the ways of circumventing of such restrictions. At the same time developers and researchers strive to create effective tools to combat censorship.

Scientists from Carnegie Mellon University, Stanford University, and SRI International conducted an experiment in which they developed a special service for masking the use of Tor – one of the most popular tools for bypassing blocking. Here is the story about the work done by the researchers.

Read more
Total votes 3: ↑3 and ↓0+4
Comments0

Structure of Linux driver for single-board computer

Level of difficultyEasy
Reading time5 min
Views969

Hello my name is Dmitry. Recently I wrote article "Building firmware for Orange PI i96 (Orange PI 2g-iot) from scratch" . If you haven't read it yat, I highly recommend. And there I noticed that in order to build firware on current kernel, I have to rewrite drivers wirh new archetecture "Device tree". In this article I have revelate how I do it.

Read more
Total votes 2: ↑1 and ↓1+2
Comments0

Gatsby and its Greatness

Level of difficultyEasy
Reading time6 min
Views573

In the internet’s early days, blogging was straightforward. A server with PHP and MySQL allowed you to share your thoughts globally. Even FTP access with an index.html file sufficed.

However, as the web evolved, so did blogging requirements. Non-programmers needed user-friendly web interfaces, faster loading times, and seamless daily publishing. Platforms like Reddit, WordPress, and Tumblr emerged, but they faced a common issue: website ownership.

Read more
Total votes 2: ↑2 and ↓0+2
Comments0

User-defined aggregation functions in Spark

Level of difficultyMedium
Reading time6 min
Views497

Below, we will discuss user-defined aggregation functions (UDAF) using org.apache.spark.sql.expressions.Aggregator, which can be used for aggregating groups of elements in a DataSet into a single value in any user-defined way.

Let’s start by examining an example from the official documentation that implements a simple aggregation

Read more
Total votes 1: ↑1 and ↓0+1
Comments0

Building firmware for Orange PI i96 (Orange PI 2g-iot) from scratch

Level of difficultyEasy
Reading time14 min
Views1K

Hellow my name is Dmitry. Once I bought "Orange PI i96", but unfortunately producer not update it firmvere very long. Last firmwere kernel version is 3.10.62 but kernel current at time this article writing (russian version) is 6.5.1. And so I decide build my own firmware from scratch, and do it from sourse completely.

Read more
Total votes 6: ↑4 and ↓2+5
Comments6

Сервис опросов

Reading time12 min
Views752

Опросы – это не просто инструмент сбора мнений; они являются мостом между компаниями и их аудиторией, позволяя не только узнать мнение клиентов, но и вовлечь их в процесс создания и улучшения продуктов и услуг.

Сервис опросов Тестограф предоставляет широкие возможности для создания опросов, тестов и голосований, обладая функционалом, который позволяет не только собирать данные, но и анализировать их, делая выводы и принимая обоснованные решения на их основе.

Эта статья будет интересна широкому кругу читателей: от HR-менеджеров, стремящихся оптимизировать процесс подбора и оценки персонала, до маркетологов, ищущих пути повышения эффективности своих кампаний через глубокое понимание целевой аудитории. Она также окажется полезной для специалистов по UX/UI, стремящихся улучшить пользовательский опыт на основе реальных отзывов, и для организаторов голосований, желающих обеспечить прозрачность и достоверность результатов.

Read more
Total votes 7: ↑6 and ↓1+7
Comments0

Argo CD vs Flux CD

Level of difficultyEasy
Reading time7 min
Views5.2K

За последнее время я вижу всё больше споров на тему двух популярных GitOps инструментов: Argo CD и Flux CD.

На самом деле я считаю такие споры необоснованными, потому что глубоко убеждён что внимания заслуживают оба инструмента и каждый из них хорош для решения своего круга задач.

В своей профессиональной деятельности я активно использую и тот и другой. Я хочу поделиться с вами своим мнением и кейсами использования. Надеюсь эта статья поможет вам выбрать наиболее подходящий инструмент под ваши нужды.

Read more
Total votes 12: ↑12 and ↓0+12
Comments14
1
23 ...