AWS – Microsoft AD setup with terraform

by Sanjeev on April 25, 2017

Goal – To setup Microsoft Active Directory in AWS

Assumptions:

  • Create DHCP option set

  • Associate it with the VPC

  • Create an IAM role for the instance to use

  • Create SSM document. You can create a template file, but currently terraform doesn’t support list substitution.

  • Spin up an EC2 instance and associate the instance with the SSM document

  • Login to a machine that’s spun up and test out if the machine is connect to the domain you have created.
  • You will have to install Active directory management tools on the machine that’ connected to the domain

{ 1 comment }

Assumptions:

  • You have an EC2 machine setup in a private subnet.
  • Bastion host setup in a public subnet.
  • Security groups setup to allow required access.
  • You have access to private keys for both the machines

Below is the setup for ansible to use bastion host in order to run playbooks against a private instance

Bastion instance IP – 204.26.25.206 Private instance IP – 192.1.4.248

Test out traditional SSH setup

SSH to the private machine

Ansible setup

Test out

{ 0 comments }

Terraform – Mount EBS volume as part of user_data on an linux EC2 machine

February 19, 2017

Assumptions : You have an EC2 machine running with an attached EBS volume. Goal : To learn how to manually/automatically mount the volume Below is the terraform excerpt to add an ebs volume ec2.tf

Manual: Login to EC2 machine and mount the EBS Volume

Automatic: Mount the disk as part of user data […]

Read the full article →

Download speed : vagrant init vs wget vs aria2

February 15, 2017

Downloading a large box file is not fun. After trying to download the it multiple times, waiting for more than couple hours, I gave up on the belief that I will ever have a successful download via vagrant Below are couple different ways to achive that and how long it took for me. Each person […]

Read the full article →

Managing multiple ssh keys for git repositories

October 4, 2016

In order to manage multiple ssh keys and identities between different git repos, below is the list of steps to follow Create a new ssh key in the folder of your choice.

Update ~/.ssh/config with the below contents

Copy the public key to your profile. For bitbucket go to settings->SSH Keys-> Add key […]

Read the full article →

Install nvm to manage node versions

February 23, 2016

I have installed node in a traditional way and run into multiple issues – one of them being running commands as sudo. Not able to easily change the version of node I want to use. Below is a script that would remove previously install node, nvm etc and install a node version that’s needed https://gist.github.com/snandam/b8f235819a94011791d1 […]

Read the full article →

Vagrant proxy configurations – access internet behind a firewall

February 23, 2016

If you are behind a corporate firewall and want your vagrant machine to access internet Install vagrant plugin vagrant-proxyconf Find your company proxy settings. ** For Mac – you can find it in System Preferences -> Network -> Wired/Wifi -> Advanced -> Proxies -> Automatic Proxy Configuration -> url ** For Windows – you can […]

Read the full article →

99h1b.com

December 20, 2015

History of 99h1b.com I have known about the public LCA data several years before when I first heard about it. I was easily able to write sql like query with the data using logparser. Soon it became a go to place when I wanted to know if a particular company has previously sponsored H1B and […]

Read the full article →

Logstash: Convert zipcode/postal code to geo_point (latitude/longitude)

November 29, 2015

One of the most Powerful things about ELK stack is to be able to visualize data, slice and dice them in whatever way that is most meaningful. I ended up having to analyze huge dataset that contained zipcode/state/city/address but were missing latitude/longitude data. elasticsearch index should contain geo location field to be able to visualize […]

Read the full article →

Docker troubleshooting : ca.pem: no such file or directory

November 24, 2015

Issue : ca.pem: no such file or directory

Reason : This seem to happen when I use VPN to connect to work or switch between work and home network Unfortunately there doesn’t seem to be an easy way to get docker working while connected to VPN – https://github.com/boot2docker/boot2docker/issues/628 Solution: Disconnect from VPN Try ‘docker-machine […]

Read the full article →