Wednesday, December 3, 2014

Streaming encrypted hls using Amazon cloudfront with signed urls


Most of the sites today will have one or more videos in their web pages. Streaming media content via web is very popular these days. This popularity increased the importance of content delivery networks(cdn) also. With the cdn like Amazon cloudfront, streaming videos have become easier as you can configure everything with a few clicks.

HLS is one of the commonly used streaming method nowadays. Amazon cloudfront supports hls streaming also.

Wednesday, November 19, 2014

How to restrict Amazon s3 bucket access permissions for a user


Amazon simple storage or s3 is one of the commonly used cloud storage technology. In Amazon s3 we can create buckets as storage locations. Inside each bucket we can create directories or folders and store objects(files,videos etc). In a normal amazon aws account we can create at most 100 buckets. Also we can set permissions for each bucket. We can create IAM users and restrict bucket access to each users. Such as some users will have access to all the buckets, some will have access to only a few buckets, some will have only read or write or both permissions on buckets. We will see how to do it.

Saturday, October 25, 2014

Logstash central log server with redis, elasticsearch and kibana


As a Linux system administrator we see a lot of logs daily. Whenever we a get problem, first thing we will check will be for the corresponding application/system logs. Its fine when we have a couple of servers and applications. What if we have 10s of servers and many applications on them? Then its better to have a centralized log server. A central syslog server?

Well with a central syslog server you get all the logs in a single server. But how you will keep track of logs? or how you will check for a particular log? You will grep or  awk? Its time consuming and not easy.

Sunday, October 12, 2014

creating ppk key from pem


For the people who use Amazon Web Services and EC2 or those who use ssh keys to log in to the Linux or UNIX systems using putty will have to convert .pem keys to ppk (putty private key). To create pem from ppk check here.

Here is how we do it in Windows platform:
We need to use a software called PuttyGen. Download it from here.

PuTTY Download Page

Double click on the downloaded puttygen. Its binary executable. We dont need to install it.

Friday, March 14, 2014

How to restrict Amazon s3 bucket access permissions for a user


This article explains how to install CentOS Linux on HP ProLiant ML10 and also installing the Linux drivers for Smart Array B110i SATA with RAID 1. We will be installing Centos 5.7 in this example. As the driver for the storage controller is not there in Centos by default, We need to create usbkey with required drivers and specify the path while the installation starts. Well. Its not that complicated.

Monday, March 10, 2014

changing timezone in linux systems using tzselect


In an older post, we have seen how to change the timezone in Linux systems by changing the "/etc/localtime" file. But its not easy. How to change the timezone in Linux systems easily? using the command tzselect we can do it very easily. Here we are changing the timezone of a Centos Linux System using the command tzselect. We will change the timezone to IST(Indian Standard Time). This command can be used in other Unix systems also.

Monday, February 24, 2014

Serving Private content using Amazon Cloudfront


A lot of people are using Amazon Cloudfront as Content Delivery Platform(CDN) nowadays. It is very easy. If you want to stream any videos, upload them to Amazon s3 bucket, create a cloudfront distribution, associate the distribution with the s3 bucket. That's it. You can now stream the videos with cloudfront url.

But, is this secure? What if a third party came to know about your urls? can they access it? Of course they can! What if you got the videos from a Production house and you have signed privacy agreements? Can you still serve you content unprotected? They will sue you.

Wednesday, February 19, 2014

Error redirection pages in Apache Tomcat


Errors are part of any application. Broken links and exceptions can be found in any systems. But its bad when some broken links shows 404 page not found  with the default Apache / Tomcat error pages. Revealing information about your webservers. Also its not that great to see a Normal text like Apache error notification when you were browsing a nice website.

So its better to create your own error redirection pages. You can specify link has removed or not found. Also you can provide links to the home page or provide a search box to search things in your website.

In this post we will see how to add custom error redirection pages in Apache tomcat. The version I used is apache-tomcat-6.0.37. On Centos 5.4.

Sunday, February 16, 2014

Adding SPF records


SPF is sender policy framework. It is an email validation system to prevent spamming and spoofing. It verifies the the hosts sending the mails has authority to send mails from corresponding domain. Adding spf record to your domain increases your score. So chances of your mails landing in the spam/junk folders are very less. For this to work, system administrators to add the allowed hosts which can send mails for the corresponding domain in the DNS records. SPF records can be added as TXT records in DNS zone files. In this post we will see how to create and add SPF records, how to verify its working etc.