DevOps

Update s3-hosted lambda function code without cloudformation

You need to do 2 things: Copy your code to S3 bucket. Don’t need a new object key in the bucket. Just use the existing one Invoke aws-cli’s “aws lambda update-function-code”, by putting s3 bucket /s3 key in the command line Then the function will be updated. You have to do 2nd step because “s3 …

Update s3-hosted lambda function code without cloudformation Read More »

Use git flow (avh) + npm version together

Feature -> Release Action Branches and their versions (before) CLI commands Branches and their versions (after) More details Start a feature develop: 1.0.0-SNAPSHOT.0master: 1.0.0-SNAPSHOT.0 git flow feature start xxxgit flow feature publish xxx feature/xxx: 1.0.0-SNAPSHOT.0develop: 1.0.0-SNAPSHOT.0master: 1.0.0-SNAPSHOT.0 Or just branch from develop Finish a feature feature/xxx: 1.0.0-SNAPSHOT.0develop: 1.0.0-SNAPSHOT.0master: 1.0.0-SNAPSHOT.0 git flow feature finish xxx develop: …

Use git flow (avh) + npm version together Read More »

Always have a “.dockerignore” and always have “.git” in it

Without “.dockerignore” the whole directory where Dockerfile is in will be sent to docker daemon, which may be huge And always create a “.git” entry in the file, because this directory can be very big. P.S. Failling to do this may lead to the hanging of “docker-compose up”. It will show the following message: You …

Always have a “.dockerignore” and always have “.git” in it Read More »

Enable https for your nginx-hosted website with a CA-signed certificate

1. Exchange a Certificate Signing Request for certificate files openssl req -new -newkey rsa:2048 -nodes -keyout private.key -out my.csr Then submit my.csr file to your CA. You will then get certificate files from it.   * The private.key will be used for decryption during SSL/TLS session establishment between a server and a client. 2. Combine …

Enable https for your nginx-hosted website with a CA-signed certificate Read More »

Enable https for your apache-httpd-hosted website with a self-signed certificate

Generate a self-signed https certificate Java’s KeyTool is kind of heavy due to its “keystore” concept. I prefer openssl: openssl req -x509 -nodes -newkey rsa:2048 -keyout cjx_private.key -out cjx_cert.pem -days 36500 #”-nodes” means no password to access the certificate file # You will be prompted set up your information. This one is important: Common Name …

Enable https for your apache-httpd-hosted website with a self-signed certificate Read More »

ec2中搭建服务后要编辑一下security group才能让外网访问

在aws ec2中搭建apache httpd或tomcat后,发现使用ec2 instance的public ip在浏览器里访问相关服务时失败。 这是因为防火墙未设置。对ec2来说,security group就相当于防火墙。 设置办法: 进入instance列表,在security group列中找到对应的group, 点击它,然后Actions => Edit Inbound Rules, 加入http, 即可允许80端口访问。 如果要打开8080的http端口,新增一个custom tcp rule.

J2EE应用服务器版本选择

是否支持servlet 3.0?  是否必须用jdk 7? jetty: http://www.eclipse.org/jetty/documentation/current/what-jetty-version.html tomcat: http://tomcat.apache.org/whichversion.html