sredevops01's comments

sredevops01 | 1 year ago | on: Ask HN: Azure Ran Out of Capacity?

Exactly, that's how business works. You calculate the cost it will take to deploy in the new region, and tell them, in order for your business to move there, instead of using AWS or GCP or any competitor, we need 3-years at this rate. And they will do it.

sredevops01 | 1 year ago | on: Ask HN: Azure Ran Out of Capacity?

This is when you ask for a discount

sredevops01 | 2 years ago | on: Single alerts API for all monitoring tools

One of the things I am working on is moving all our monitoring to grab and store into Azure Log Analytics.

This tool is rather smart, if it can hook into all the services then let me funnel it to Log Analytics that would be cool.

Not sure the value for others but using multiple platforms, our logs are everywhere. Would be nice to connect them all to Microsoft LAW then slowly replace each integration when possible.

sredevops01 | 2 years ago | on: Ask HN: How to survive indefinite DDoS attack?

Yeah essentially this. Then have something crawl your database and find IP's that are crawling your dummy pages, and block those. Most of it is EC2/GCP instances and Azure VMs that people spin up with stolen cards, so you have to block a lot of 3rd party vendors. OVH and some others came up often. Lot's of crawling companies were using end user VPNs, so those are harder to block.

The best thing I found was dummy pages to block IPs of bad actors. Also, serving different urls with JS enabled versus disabled, but showing your page as something that works without JS.

Unfortunately, as good as CloudFlare is, their layer-7 isn't going to help you if someone is targeting you.

sredevops01 | 2 years ago | on: Ask HN: Are there good Cloudflare alternatives? e.g., edge cache, firewall

Btw if you are thinking of doing this, how I have done it with other vendors, is use Terraform to export their config, then convert the TF data to my intended system. Rather than writing code to import based on their API because the APIs change and the Terraform modules are updated pretty fast to export the required data with SaaS vendors

sredevops01 | 2 years ago | on: Ask HN: Are there good Cloudflare alternatives? e.g., edge cache, firewall

I love Verizon's Edgecast cache feature. It just works so well.

sredevops01 | 2 years ago | on: Ask HN: Are there good Cloudflare alternatives? e.g., edge cache, firewall

Make it extremely easy, like with the addition of an API key, to swap over to your service during a failover/outage.

sredevops01 | 2 years ago | on: The OpenTF Manifesto

Terraform is terrible as it is. Good riddance. We need real tools instead of messing around with text files with ridiculous formatting.

sredevops01 | 2 years ago | on: Ask HN: Would you load balance traffic without CDN

True, spinning up nginx and setting that up is the cheapest option I have come across with the best enterprise support. It's also available in Microsoft to deploy instead of using their tools. However, some people like being cloud native.

sredevops01 | 2 years ago | on: Ask HN: Would you load balance traffic without CDN

Currently, how are your clients setup? What are their www and root records pointed to?

For load balancing, all you need to do is CNAME your customer to your firewall/load balancer. So you aren't using A records for this. For example, in Azure, if you spin up a traffic manager, you would get an cname like "mytrafficmanager.trafficmanager.com" and your CNAMe for www.mysite.com would point to mytrafficmanager.trafficmanager.com.

However, in this case, you would also want your customers to point to something like customer.mysite.com so that if you move from GCP/Azure to something else, you can handle that record and migrate them during a failover, incident, or any other reason.

Edit: And have customer.mysite.com point to the "mytrafficmanager.trafficmanager.com"