GCP Cloud Functions have taken a step forward with the 2nd generation release. One of the biggest architectural differences is that now multiple request can run concurrently on a single instance, enabling large traffic loads. In this article, I will show you how to deploy a simple Python Flask web server as a 2nd gen … GCP: Deploying a 2nd gen Python Cloud Function and exposing from an HTTPS LB
As opposed to public GKE clusters which have their IP addresses exposed, private GKE clusters use private internal IP addresses. This provides an enhanced security stance, but also means we need a solution such as Anthos Service Mesh to explicitly expose our services. In our previous article, we built a private GKE cluster using Terraform. … GCP: Private GKE Cluster with Anthos Service Mesh exposing services
In a single Ansible playbook, you may wish to apply some roles to all hosts, while limiting other roles to only certain groups. While it is certainly possible to apply a role to all hosts and then use a ‘when’ to filter down to the desired group like below: – hosts: all gather_facts: yes roles: … Ansible: applying roles to certain groups in a single playbook
One of the features of the ‘lineinfile‘ regexp parameter is the ability to use regular expression capture groups in the line output. That allows you to extract values on a found line when constructing the output line. Specifically, that can mean pulling information such as hostname/port, file path, or preserving the yaml indentation of an … Ansible: regex capture groups with lineinfile to preserve yaml indentation
sed is a powerful utility for transforming text. One of the nice tricks with sed is the ability to reuse capture groups from the source string in the replacement value you are constructing. For example, if you have have the following kernel parameters in “/etc/default/grub” $ grep GRUB_CMDLINE_LINUX_DEFAULT /etc/default/grub GRUB_CMDLINE_LINUX_DEFAULT=”quiet splash” And wanted to append … Bash: Appending to existing values using sed capture group
The =~ binary operator provides the ability to compare a string to a POSIX extended regular expression in the shell. Take note, the right-hand side regex cannot be surrounded by quotes or it will be treated as a regular string, it cannot contain spaces, and must conform to POSIX regex rules and use character classes … Bash: Using BASH_REMATCH to pull capture groups from a regex
If you currently store sensitive credentials in plaintext to automate scripting or integration to other systems, you should consider an extra layer of security by storing them encrypted using GPG. There is no fullproof way to hide sensitive information for a service that also needs to decrypt them as part of normal operations (think DVD … Linux: Using GPG encrypted credentials for enhanced security