the Geeklab Linux and Open Source blog

Manage Univention DNS with Terraform

Using Terraform is a great way to manage infrastructure as code. To map all the different types of resources in a deployment, Terraform uses plugins. Plugins are executable binaries written in Go that communicate with Terraform Core via an RPC interface. Each plugin provides an implementation for a specific service. Sometimes there is no specific plugin for a service, but if the service provides a REST API, the generic REST API provider can be helpful.
Read full post gblog_arrow_right

Store Terraform State on Backblaze S3

Terraform is an open source infrastructure-as-code tool for creating, modifying, and extending infrastructure in a secure and predictable way. Terraform needs to store a state about the managed infrastructure and configuration. This state is used by Terraform to map real-world resources to your configuration and track metadata. By default, this state is stored in a local file, but it can also be stored remotely. Terraform supports multiple remote backend provider including S3.
Read full post gblog_arrow_right

How to (not) migrate Graylog to Opensearch

Graylog is a centralized log management solution to capture, store and analyze log files in real-time. Starting with the latest minor release 4.3 Graylog announced to no longer support Elasticsearch (ES) due to licensing and structural changes Elastic introduced in v7.11. For this reason, the last supported ES version is 7.10, which has already reached EOL on May 11, 2022.

Read full post gblog_arrow_right

Collect JSON metrics with Telegraf

Telegraf is a powerful, plugin based metrics collector that also provides Prometheus compatible outputs. For various purposes, there are a number of input plugins that can collect metrics from various sources. Even more powerful are the processor plugins that allow metrics to be processed and manipulated as they pass through, and immediately output results based on the values they process. In this short blog post I’ll explain how to fetch JSON metrics from the Docker registry API to track some data of a DockerHub Repository.

Read full post gblog_arrow_right

SSL certificate monitoring pitfalls

Certificates are a fundamental part of the Internet’s security. At least since Let’s Encrypt, a free and automated Certificate Authority, has started its service, SSL is nearly used everywhere. To avoid Certificate issues and possible service outages, it’s a good idea to monitor the SSL certificates used by your services, especially as Let’s Encrypt certificates have a short lease time of 90 days. I’m using Prometheus to monitor my infrastructure, and for Prometheus there are multiple ways to get started.
Read full post gblog_arrow_right