Skip to content

Instantly share code, notes, and snippets.

View hrmsk66's full-sized avatar

Hiromasa Kakehashi hrmsk66

3 followers · 0 following
  • Fastly
  • Tokyo
View GitHub Profile
@hrmsk66
hrmsk66 / tfpatterns.md
Created July 17, 2024 00:35

Patterns for Writing Environment-Specific TF Configurations

Here are some patterns for writing environment-specific settings within TF modules used across all environments.

Pattern-A: Applying Snippet Only in Specific Environments

This is an example of creating a VCL snippet only when var.isProd is true. The number 1 in var.isProd ? [1] : [] has no specific meaning. The key point is passing a list with one element to for_each when true.

dynamic "snippet" {
    for_each = var.isProd ? [1] : []
@hrmsk66
hrmsk66 / manage_acl.md
Last active July 12, 2024 05:05
ACL を Terraform で管理する

既存の Fastly VCL サービスの ACL を Terraform で管理するための手順を記載します。

前提条件

  • 環境変数 FASTLY_API_KEY に対象サービスへの変更権限をもつ API トークンがセットされていること
  • terraform バイナリのバージョンが 1.5 以降であること

1. Fastly API で ACL の ID を確認する

@hrmsk66
hrmsk66 / note.md
Created January 20, 2024 08:29
Templating VCL in Terraform to Avoid Embedding Secrets

Templating VCL in Terraform to Avoid Embedding Secrets

1. Define Terraform Variables

We'll use AWS credentials in this example.

variables.tf

variable "aws_access_key" {
  description = "AWS Access Key"
@hrmsk66
hrmsk66 / note.md
Created January 10, 2024 12:10
Importing a TLS Subscription

Importing a TLS Subscription

1. Find the ID of the Target TLS Subscription

curl -s https://api.fastly.com/tls/subscriptions -Hfastly-key:<api-key> | jq '.data[] | select(.type == "tls_subscription" and any(.relationships.tls_domains.data[]; .id == "certtest1.hkakehas.tokyo")).id'

2. Create TF Files

@hrmsk66
hrmsk66 / node.md
Last active January 19, 2024 09:38
Running C Code on Fastly Compute

Running C on Fastly Compute

1. Download the WASI SDK

curl -O -sSL https://github.com/WebAssembly/wasi-sdk/releases/download/wasi-sdk-21/wasi-sdk-21.0-macos.tar.gz
tar xf wasi-sdk-21.0-macos.tar.gz

This step is based on the documentation from Fermyon:

@hrmsk66
hrmsk66 / note.md
Last active January 8, 2024 07:01
criterion / flamegraph
@hrmsk66
hrmsk66 / send_trace.md
Last active August 29, 2023 09:37

Sending Tracing Data to Fastly Logging Endpoint

This gist outlines the steps for sending data collected with the tracing crate, a Rust crate for application-level tracing, to a Fastly log endpoint. For simplicity, I will use the Subscriber and Layer implementations included in the tracing_subscriber crate. However, you can write your own custom implementations to modify the collected data and its format.

Step 1. Add Dependencies

Add the required dependencies to your Cargo.toml file.

tracing = "0.1.37"
@hrmsk66
hrmsk66 / ecp_tracing.md
Last active August 29, 2023 23:57

Using tracing-tree for Instrumenting Compute@Edge Apps

This gist shows how to instrument a C@E app using the tracing-tree crate.

This is an example of what the output will look like. It works in a local environment as well. tracing_tree_output

tracing-tree works out-of-the-box on Compute@Edge. However, to enhance the format of the output shown in the image above, I used a modified, forked version.

Preparations

@hrmsk66
hrmsk66 / issuing_client_certs.md
Last active June 29, 2023 05:47

Testing mTLS

1. Issuing Client Certificate

1-1. Create a Certificate Authority (CA)

The command below generates a 2048-bit RSA private key and a corresponding CA certificate:

openssl req -new -x509 -nodes -days 365 -subj '/O=MyCorp/CN=MyCorp Internal CA' -keyout clientca.key -out clientca.crt
@hrmsk66
hrmsk66 / logging.md
Last active May 16, 2023 03:39

Collect and log client information

sequenceDiagram
    participant Client
    participant C@E
    participant WeatherAPI
    participant LogService
    Client->>C@E: Beacon
    C@E->>Client: 204
    Note over C@E: Check Geo and User-Agent