Andrew Johnstone ajohnstone

## index.js
'use strict';

console.log('Loading event');

var logGroupName = 'vpc-flow-logs',
    region = 'eu-west-1';

var AWS = require('aws-sdk'),
    Promise = require('bluebird'),
    async = require('async'),

## create-elbs.sh
ELBS="`aws elb describe-load-balancers`";

echo "$ELBS" | jq -c '.LoadBalancerDescriptions[] | select(.LoadBalancerName|contains("production-services"))'  | tr -d '^J' | while read line; do
    NAME=$(echo $line | jq -r '.LoadBalancerName')
    echo $NAME | grep tmp$ && continue;
    LISTENERS=$(echo $line | jq -c '.ListenerDescriptions[].Listener'| tr -d '^J' | tr '\n' ',' | sed 's/^/\[/g;s/,$/]/g');
    SCHEME=$(echo $line | jq -r '.Scheme')
    aws elb create-load-balancer --load-balancer-name "${NAME}tmp" --listeners "${LISTENERS}" --scheme "${SCHEME}" --security-groups sg-3c7df658 --subnets subnet-f598ee9d
done;

## event.json
{
    "Records": [
        {
            "awsRegion": "eu-west-1",
            "eventID": "0ed50878-9f42-4e73-a361-2d19ee0a61d7",
            "eventName": "LookupEvents",
            "eventSource": "cloudtrail.amazonaws.com",
            "eventTime": "2015-11-22T12:26:22Z",
            "eventType": "AwsApiCall",
            "eventVersion": "1.04",

## update-elb-policy.sh
#!/usr/bin/env bash

UPDATE_ELB_POLICY=${UPDATE_ELB_POLICY:-0};

TMPFILE=`mktemp -t example.XXXXXXXXXX` && {
    printf "Region|Status|Current security policy|Expected security policy|ELB|Action\n" >> "${TMPFILE}";

    aws ec2 describe-regions |awk -F'"' '/RegionName/ {print $4}' | while read region; do

        LATEST_PREDEFINED_SECURITY_GROUP=$(aws --region=$region elb describe-load-balancer-policies | grep -i PolicyName | awk -F '"' '{print $4}' | head -n1 | sed 's/[ \r\n]//g');

## test.sh
#!/usr/bin/env bash

LATEST_PREDEFINED_SECURITY_GROUP=$(aws elb describe-load-balancer-policies | grep -i PolicyName | awk -F '"' '{print $4}' | head -n1);

aws  elb describe-load-balancers | awk -F '"' '/LoadBalancerName/ {print $4}' | while read lb; do
    CURRENT_SECURITY_POLICY=$(aws elb describe-load-balancer-policies --load-balancer-name $lb | egrep ELBSecurityPolicy | awk -F'"' '/PolicyName/ {print $4}');
    if [ "${LATEST_PREDEFINED_SECURITY_GROUP}" != "${CURRENT_SECURITY_POLICY}" ]; then
        echo "Load balancer security policy out of date: '${lb}' - '${CURRENT_SECURITY_POLICY}' expected '${LATEST_PREDEFINED_SECURITY_GROUP}'";
    fi


## gist:3829cb02e983d6102c3e
--- app.js      2015-04-12 16:31:48.433430728 +0100
+++ app.js      2015-04-12 16:31:48.433430728 +0100
@@ -19,6 +19,12 @@
 app.set('view engine', 'jade');
 app.set('x-powered-by', false);

+var sessions = require("client-sessions")
+var c_auth = require('./lib/google-oauth')
+var config_security = require('./config/security')
+app.use(sessions({ cookieName: 'session', secret: config_security.cookie_secret }))

## upstart-kibana.conf
# Upstart Kibana

stop on shutdown

setuid kibana
setgid kibana

respawn

chdir /opt/kibana/

## gist:755ae607e70c8335ceec
andrew@andrew-laptop:~/Downloads/kibana-4.0.2/src/server/bin$ dmsesg
...
[78982.842191] https[12107]: segfault at 69 ip 000000000040ac8b sp 00007fffb6749b40 error 4 in https[400000+11000]
[79011.850704] https[12147]: segfault at 69 ip 000000000040ac8b sp 00007fffbfe7b270 error 4 in https[400000+11000]
[79136.983464] https[12301]: segfault at 69 ip 000000000040ac8b sp 00007fffd0b51d10 error 4 in https[400000+11000]
[79293.960252] https[12461]: segfault at 69 ip 000000000040ac8b sp 00007fff831e6000 error 4 in https[400000+11000]
[79457.281094] https[12723]: segfault at 69 ip 000000000040ac8b sp 00007fffcceae8d0 error 4 in https[400000+11000]

## quorum.rb
require 'pp'
require 'typhoeus'

ENV['QUORUM']      ||= '3'
ENV['CONCURRENCY'] ||= '2'
ENV['TIMEOUT']     ||= '0.001'
ENV['VERBOSE']     ||= '0'

urls = {
    'www.example.com/1'  => {},

## gist:e3a666e58b71c14f35a7
docker is easily broken, e.g. its process management becomes easily out of sync.
I.e create container, kill process 1, then exit.

CID=$(docker run -it -d ubuntu:latest bash);
docker exec -i -t $CID kill 1;
docker ps
docker rm -f $CID;

Error response from daemon: Could not kill running container, cannot remove - no such process
FATA[0000] Error: failed to remove one or more containers
	'use strict';

	console.log('Loading event');

	var logGroupName = 'vpc-flow-logs',
	region = 'eu-west-1';

	var AWS = require('aws-sdk'),
	Promise = require('bluebird'),
	async = require('async'),
	ELBS="`aws elb describe-load-balancers`";

	echo "$ELBS" \| jq -c '.LoadBalancerDescriptions[] \| select(.LoadBalancerName\|contains("production-services"))' \| tr -d '^J' \| while read line; do
	NAME=$(echo $line \| jq -r '.LoadBalancerName')
	echo $NAME \| grep tmp$ && continue;
	LISTENERS=$(echo $line \| jq -c '.ListenerDescriptions[].Listener'\| tr -d '^J' \| tr '\n' ',' \| sed 's/^/\[/g;s/,$/]/g');
	SCHEME=$(echo $line \| jq -r '.Scheme')
	aws elb create-load-balancer --load-balancer-name "${NAME}tmp" --listeners "${LISTENERS}" --scheme "${SCHEME}" --security-groups sg-3c7df658 --subnets subnet-f598ee9d
	done;
	{
	"Records": [
	{
	"awsRegion": "eu-west-1",
	"eventID": "0ed50878-9f42-4e73-a361-2d19ee0a61d7",
	"eventName": "LookupEvents",
	"eventSource": "cloudtrail.amazonaws.com",
	"eventTime": "2015-11-22T12:26:22Z",
	"eventType": "AwsApiCall",
	"eventVersion": "1.04",
	#!/usr/bin/env bash

	UPDATE_ELB_POLICY=${UPDATE_ELB_POLICY:-0};

	TMPFILE=`mktemp -t example.XXXXXXXXXX` && {
	printf "Region\|Status\|Current security policy\|Expected security policy\|ELB\|Action\n" >> "${TMPFILE}";

	aws ec2 describe-regions \|awk -F'"' '/RegionName/ {print $4}' \| while read region; do

	LATEST_PREDEFINED_SECURITY_GROUP=$(aws --region=$region elb describe-load-balancer-policies \| grep -i PolicyName \| awk -F '"' '{print $4}' \| head -n1 \| sed 's/[ \r\n]//g');
	#!/usr/bin/env bash

	LATEST_PREDEFINED_SECURITY_GROUP=$(aws elb describe-load-balancer-policies \| grep -i PolicyName \| awk -F '"' '{print $4}' \| head -n1);

	aws elb describe-load-balancers \| awk -F '"' '/LoadBalancerName/ {print $4}' \| while read lb; do
	CURRENT_SECURITY_POLICY=$(aws elb describe-load-balancer-policies --load-balancer-name $lb \| egrep ELBSecurityPolicy \| awk -F'"' '/PolicyName/ {print $4}');
	if [ "${LATEST_PREDEFINED_SECURITY_GROUP}" != "${CURRENT_SECURITY_POLICY}" ]; then
	echo "Load balancer security policy out of date: '${lb}' - '${CURRENT_SECURITY_POLICY}' expected '${LATEST_PREDEFINED_SECURITY_GROUP}'";
	fi
	--- app.js 2015-04-12 16:31:48.433430728 +0100
	+++ app.js 2015-04-12 16:31:48.433430728 +0100
	@@ -19,6 +19,12 @@
	app.set('view engine', 'jade');
	app.set('x-powered-by', false);

	+var sessions = require("client-sessions")
	+var c_auth = require('./lib/google-oauth')
	+var config_security = require('./config/security')
	+app.use(sessions({ cookieName: 'session', secret: config_security.cookie_secret }))
	# Upstart Kibana

	stop on shutdown

	setuid kibana
	setgid kibana

	respawn

	chdir /opt/kibana/
	andrew@andrew-laptop:~/Downloads/kibana-4.0.2/src/server/bin$ dmsesg
	...
	[78982.842191] https[12107]: segfault at 69 ip 000000000040ac8b sp 00007fffb6749b40 error 4 in https[400000+11000]
	[79011.850704] https[12147]: segfault at 69 ip 000000000040ac8b sp 00007fffbfe7b270 error 4 in https[400000+11000]
	[79136.983464] https[12301]: segfault at 69 ip 000000000040ac8b sp 00007fffd0b51d10 error 4 in https[400000+11000]
	[79293.960252] https[12461]: segfault at 69 ip 000000000040ac8b sp 00007fff831e6000 error 4 in https[400000+11000]
	[79457.281094] https[12723]: segfault at 69 ip 000000000040ac8b sp 00007fffcceae8d0 error 4 in https[400000+11000]
	require 'pp'
	require 'typhoeus'

	ENV['QUORUM'] \|\|= '3'
	ENV['CONCURRENCY'] \|\|= '2'
	ENV['TIMEOUT'] \|\|= '0.001'
	ENV['VERBOSE'] \|\|= '0'

	urls = {
	'www.example.com/1' => {},
	docker is easily broken, e.g. its process management becomes easily out of sync.
	I.e create container, kill process 1, then exit.

	CID=$(docker run -it -d ubuntu:latest bash);
	docker exec -i -t $CID kill 1;
	docker ps
	docker rm -f $CID;

	Error response from daemon: Could not kill running container, cannot remove - no such process
	FATA[0000] Error: failed to remove one or more containers